Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
kubelet/cm: speed up cgroup creation
There's no need to call m.Update (which will create another instance of libcontainer cgroup manager, convert all the resources and then set them). All this is already done here, except for Set(). Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com> pkg/kubelet/cm: rm dup code Commit ecd6361 added setting PidsLimit to Create and Update. Commit bce9d5f added setting PidsLimit to m.toResources. Now, PidsLimit is assigned twice. Remove the duplicate. Fixes: bce9d5f Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com> pkg/kubelet/cm: ToSystemd: nit Remove the second condition as it can't ever be true (this was obviously written by a C programmer). Fixes: b230fb8 Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com> pkg/kubelet/cm/cgroup_manager: simplify setting hugetlb Commit 79be8be made hugetlb settings optional if cgroup v2 is used and hugetlb is not available, fixing issue 92933. Note at that time this was only needed for v2, because for v1 the resources were set one-by-one, and only for supported resources. Commit d312ef7 switched the code to using Set from runc/libcontainer cgroups manager, and expanded the check to cgroup v1 as well. Move this check earlier, to inside m.toResources, so instead of converting all hugetlb resources from ResourceConfig to libcontainers's Resources.HugetlbLimit, and then setting it to nil, we can skip the conversion entirely if hugetlb is not supported, thus not doing the work that is not needed. Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com> pkg/kubelet/cm: move common code to libctCgroupConfig Instead of doing (almost) the same thing from the three different methods (Create, Update, Destroy), move the functionality to libctCgroupConfig, replacing updateSystemdCgroupInfo. The needResources bool is needed because we do not need resources during Destroy, so we skip the unneeded resource conversion. Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com> pkg/kubelet/cm: simplify enforceExistingCgroup 1. Move the rl == nil check to before we dereference it. 2. Remove Exists check before Update, since it is complicated, and Update will return a meaningful error anyway in case the cgroup does not exist. Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com> deps: update runc to 1.1.0 This updates vendored runc/libcontainer to 1.1.0, and google/cadvisor to a version updated to runc 1.1.0-rc1 (google/cadvisor#3031). Changes in vendor are generated by (roughly): ./hack/pin-dependency.sh github.com/google/cadvisor a3b5f4f6c501d5a4ac67530bc973a05c1ebd7d8c ./hack/pin-dependency.sh github.com/opencontainers/runc v1.1.0 ./hack/update-vendor.sh ./hack/lint-dependencies.sh # And follow all its recommendations. ./hack/update-vendor.sh ./hack/update-internal-modules.sh ./hack/lint-dependencies.sh # Re-check everything again. The changes (mostly in pkg/kubelet/cm) are there to adopt changed runc 1.1 API, and simplify things a bit. In particular: 1. simplify cgroup manager instantiation, using a new, easier way of libcontainers/cgroups/manager.New; 2. replace libcontainerAdapter with a boolean variable (all it did was passing on whether systemd manager should be used); 3. trivial change due to removed cgroupfs.HugePageSizes and added cgroups.HugePageSizes(); 4. do not calculate cgroup paths in update / destroy, since libcontainer cgroup managers now calculate the paths upon creation (previously, they were doing that only in Apply, so using e.g. Set or Destroy right after creation was impossible without specifying paths). We currently still calculate cgroup paths in Exists -- this is to be addressed separately. Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
- Loading branch information
