Merge "Add service parameter to control pod pids limit"
This commit is contained in:
commit
3e3ac96bb7
|
@ -1122,6 +1122,14 @@ DEFAULT_REGISTRIES_INFO = {
|
|||
}
|
||||
|
||||
# kubernetes parameters
|
||||
SERVICE_PARAM_SECTION_KUBERNETES_CONFIG = 'config'
|
||||
SERVICE_PARAM_NAME_KUBERNETES_POD_MAX_PIDS = 'pod_max_pids'
|
||||
# Platform pods use under 20 in steady state, but allow extra room.
|
||||
SERVICE_PARAM_KUBERNETES_POD_MAX_PIDS_MIN = 100
|
||||
# Some openstack pods reach ~450 in steady state, allow 2/3 extra to be safe.
|
||||
SERVICE_PARAM_KUBERNETES_POD_MAX_PIDS_DEFAULT = 750
|
||||
SERVICE_PARAM_KUBERNETES_POD_MAX_PIDS_MAX = 65535
|
||||
|
||||
SERVICE_PARAM_SECTION_KUBERNETES_CERTIFICATES = 'certificates'
|
||||
SERVICE_PARAM_NAME_KUBERNETES_API_SAN_LIST = 'apiserver_certsan'
|
||||
|
||||
|
|
|
@ -389,6 +389,13 @@ def _validate_admission_plugins(name, value):
|
|||
"Invalid admission plugin: '%s'" % plugin))
|
||||
|
||||
|
||||
def _validate_pod_max_pids(name, value):
|
||||
"""Check if specified value is supported"""
|
||||
_validate_range(name, value,
|
||||
constants.SERVICE_PARAM_KUBERNETES_POD_MAX_PIDS_MIN,
|
||||
constants.SERVICE_PARAM_KUBERNETES_POD_MAX_PIDS_MAX)
|
||||
|
||||
|
||||
PLATFORM_CONFIG_PARAMETER_OPTIONAL = [
|
||||
constants.SERVICE_PARAM_NAME_PLAT_CONFIG_VIRTUAL,
|
||||
]
|
||||
|
@ -630,6 +637,19 @@ KUBERNETES_CERTIFICATES_PARAMETER_DATA_FORMAT = {
|
|||
constants.SERVICE_PARAM_NAME_KUBERNETES_API_SAN_LIST: SERVICE_PARAMETER_DATA_FORMAT_ARRAY,
|
||||
}
|
||||
|
||||
KUBERNETES_CONFIG_PARAMETER_OPTIONAL = [
|
||||
constants.SERVICE_PARAM_NAME_KUBERNETES_POD_MAX_PIDS,
|
||||
]
|
||||
|
||||
KUBERNETES_CONFIG_PARAMETER_VALIDATOR = {
|
||||
constants.SERVICE_PARAM_NAME_KUBERNETES_POD_MAX_PIDS: _validate_pod_max_pids,
|
||||
}
|
||||
|
||||
KUBERNETES_CONFIG_PARAMETER_RESOURCE = {
|
||||
constants.SERVICE_PARAM_NAME_KUBERNETES_POD_MAX_PIDS:
|
||||
'platform::kubernetes::params::k8s_pod_max_pids',
|
||||
}
|
||||
|
||||
KUBERNETES_APISERVER_PARAMETER_OPTIONAL = [
|
||||
constants.SERVICE_PARAM_NAME_OIDC_ISSUER_URL,
|
||||
constants.SERVICE_PARAM_NAME_OIDC_CLIENT_ID,
|
||||
|
@ -805,6 +825,11 @@ SERVICE_PARAMETER_SCHEMA = {
|
|||
SERVICE_PARAM_VALIDATOR: KUBERNETES_APISERVER_PARAMETER_VALIDATOR,
|
||||
SERVICE_PARAM_RESOURCE: KUBERNETES_APISERVER_PARAMETER_RESOURCE,
|
||||
},
|
||||
constants.SERVICE_PARAM_SECTION_KUBERNETES_CONFIG: {
|
||||
SERVICE_PARAM_OPTIONAL: KUBERNETES_CONFIG_PARAMETER_OPTIONAL,
|
||||
SERVICE_PARAM_VALIDATOR: KUBERNETES_CONFIG_PARAMETER_VALIDATOR,
|
||||
SERVICE_PARAM_RESOURCE: KUBERNETES_CONFIG_PARAMETER_RESOURCE,
|
||||
},
|
||||
},
|
||||
constants.SERVICE_TYPE_PTP: {
|
||||
constants.SERVICE_PARAM_SECTION_PTP_GLOBAL: {
|
||||
|
|
|
@ -8583,6 +8583,14 @@ class ConductorManager(service.PeriodicService):
|
|||
config_uuid = self._config_update_hosts(context,
|
||||
[constants.CONTROLLER],
|
||||
reboot=True)
|
||||
elif service == constants.SERVICE_TYPE_KUBERNETES:
|
||||
# The KUBERNETES_POD_MAX_PIDS affects workers.
|
||||
# A smarter way would be for update_service_config to receive the
|
||||
# diff list or dict, to only target required personalities.
|
||||
config_uuid = self._config_update_hosts(context,
|
||||
[constants.CONTROLLER,
|
||||
constants.WORKER],
|
||||
reboot=True)
|
||||
else:
|
||||
# All other services
|
||||
personalities = [constants.CONTROLLER]
|
||||
|
|
Loading…
Reference in New Issue