diff --git a/kubernetes/kubernetes-1.24.4/debian/deb_folder/patches/kubelet-cpumanager-infra-pods-use-system-reserved-CP.patch b/kubernetes/kubernetes-1.24.4/debian/deb_folder/patches/kubelet-cpumanager-infra-pods-use-system-reserved-CP.patch index 6d4575939..6bac8a07d 100644 --- a/kubernetes/kubernetes-1.24.4/debian/deb_folder/patches/kubelet-cpumanager-infra-pods-use-system-reserved-CP.patch +++ b/kubernetes/kubernetes-1.24.4/debian/deb_folder/patches/kubelet-cpumanager-infra-pods-use-system-reserved-CP.patch @@ -1,4 +1,4 @@ -From 225ee21e2925a9f0a4495c1257dd9f4ccb9306f2 Mon Sep 17 00:00:00 2001 +From d4515b56b7b0e625de279b7094123199004b23be Mon Sep 17 00:00:00 2001 From: Gleb Aronsky Date: Thu, 20 Jul 2023 11:56:02 -0300 Subject: [PATCH] kubelet cpumanager infra pods use system reserved CPUs @@ -8,8 +8,8 @@ to isolate them from the shared pool of CPUs. Infrastructure pods include any pods that belong to the kube-system, armada, cert-manager, vault, platform-deployment-manager, portieris, -notification, flux-helm, metrics-server or node-feature-discovery -namespaces. +notification, flux-helm, metrics-server, node-feature-discovery, +intel-power or power-metrics namespaces. The implementation is a bit simplistic, it is assumed that the "reserved" cpuset is large enough to handle all infrastructure pods @@ -22,6 +22,7 @@ Signed-off-by: Gleb Aronsky Signed-off-by: Thiago Miranda Signed-off-by: Kaustubh Dhokte Signed-off-by: Marcos Silva +Signed-off-by: Alyson Deives Pereira --- pkg/kubelet/cm/cpumanager/policy_static.go | 47 +++++++++++++++++-- @@ -29,16 +30,16 @@ Signed-off-by: Marcos Silva 2 files changed, 61 insertions(+), 5 deletions(-) diff --git a/pkg/kubelet/cm/cpumanager/policy_static.go b/pkg/kubelet/cm/cpumanager/policy_static.go -index 09e0fc0ea0e..8f7ffd136f2 100644 +index 09e0fc0ea0e..7324c336bd3 100644 --- a/pkg/kubelet/cm/cpumanager/policy_static.go +++ b/pkg/kubelet/cm/cpumanager/policy_static.go @@ -53,6 +53,11 @@ func (e SMTAlignmentError) Type() string { return ErrorSMTAlignment } - + +// Define namespaces used by platform infrastructure pods +var infraNamespaces = [...]string{ -+ "kube-system", "armada", "cert-manager", "platform-deployment-manager", "portieris", "vault", "notification", "flux-helm", "metrics-server", "node-feature-discovery", ++ "kube-system", "armada", "cert-manager", "platform-deployment-manager", "portieris", "vault", "notification", "flux-helm", "metrics-server", "node-feature-discovery", "intel-power", "power-metrics", +} + // staticPolicy is a CPU manager policy that does not change CPU @@ -46,7 +47,7 @@ index 09e0fc0ea0e..8f7ffd136f2 100644 // container process starts. @@ -121,10 +126,11 @@ func NewStaticPolicy(topology *topology.CPUTopology, numReservedCPUs int, reserv klog.InfoS("Static policy created with configuration", "options", opts) - + policy := &staticPolicy{ - topology: topology, - affinity: affinity, @@ -58,11 +59,11 @@ index 09e0fc0ea0e..8f7ffd136f2 100644 + cpusToReuse: make(map[string]cpuset.CPUSet), + options: opts, } - + allCPUs := topology.CPUDetails.CPUs() @@ -263,6 +269,25 @@ func (p *staticPolicy) updateCPUsToReuse(pod *v1.Pod, container *v1.Container, c } - + func (p *staticPolicy) Allocate(s state.State, pod *v1.Pod, container *v1.Container) error { + // Process infra pods before guaranteed pods + if isKubeInfra(pod) { @@ -98,7 +99,7 @@ index 09e0fc0ea0e..8f7ffd136f2 100644 // Per the language spec, `int` is guaranteed to be at least 32 bits wide. // https://golang.org/ref/spec#Numeric_types @@ -595,3 +624,13 @@ func (p *staticPolicy) generateCPUTopologyHints(availableCPUs cpuset.CPUSet, reu - + return hints } + @@ -117,7 +118,7 @@ index edfb40d880e..7938f787a57 100644 +++ b/pkg/kubelet/cm/cpumanager/policy_static_test.go @@ -886,7 +886,8 @@ func TestStaticPolicyStartWithResvList(t *testing.T) { } - + func TestStaticPolicyAddWithResvList(t *testing.T) { - + infraPod := makePod("fakePod", "fakeContainer2", "200m", "200m") @@ -146,8 +147,8 @@ index edfb40d880e..7938f787a57 100644 + expCSet: cpuset.NewCPUSet(0, 1), + }, } - + testExcl := true --- +-- 2.25.1 diff --git a/kubernetes/kubernetes-1.25.3/debian/deb_folder/patches/kubelet-cpumanager-infra-pods-use-system-reserved-CP.patch b/kubernetes/kubernetes-1.25.3/debian/deb_folder/patches/kubelet-cpumanager-infra-pods-use-system-reserved-CP.patch index a7fff61a2..c5715f84c 100644 --- a/kubernetes/kubernetes-1.25.3/debian/deb_folder/patches/kubelet-cpumanager-infra-pods-use-system-reserved-CP.patch +++ b/kubernetes/kubernetes-1.25.3/debian/deb_folder/patches/kubelet-cpumanager-infra-pods-use-system-reserved-CP.patch @@ -1,4 +1,4 @@ -From 0b816203bf49236c9e5393a540af22da42130be2 Mon Sep 17 00:00:00 2001 +From caca0eeed178fbde75d8b99db611f9c63af6b904 Mon Sep 17 00:00:00 2001 From: Ramesh Kumar Sivanandam Date: Thu, 20 Jul 2023 19:04:07 -0300 Subject: [PATCH] kubelet cpumanager infra pods use system reserved CPUs @@ -8,8 +8,8 @@ to isolate them from the shared pool of CPUs. Infrastructure pods include any pods that belong to the kube-system, armada, cert-manager, vault, platform-deployment-manager, portieris, -notification, flux-helm, metrics-server or node-feature-discovery -namespaces. +notification, flux-helm, metrics-server, node-feature-discovery, +intel-power or power-metrics namespaces. The implementation is a bit simplistic, it is assumed that the "reserved" cpuset is large enough to handle all infrastructure pods @@ -23,6 +23,7 @@ Signed-off-by: Thiago Miranda Signed-off-by: Kaustubh Dhokte Signed-off-by: Ramesh Kumar Sivanandam Signed-off-by: Marcos Silva +Signed-off-by: Alyson Deives Pereira --- pkg/kubelet/cm/cpumanager/policy_static.go | 38 +++++++++++++++++++ @@ -30,16 +31,16 @@ Signed-off-by: Marcos Silva 2 files changed, 56 insertions(+), 1 deletion(-) diff --git a/pkg/kubelet/cm/cpumanager/policy_static.go b/pkg/kubelet/cm/cpumanager/policy_static.go -index 14a6e7af9be..a7df20bc704 100644 +index 14a6e7af9be..64bf2832bf3 100644 --- a/pkg/kubelet/cm/cpumanager/policy_static.go +++ b/pkg/kubelet/cm/cpumanager/policy_static.go @@ -53,6 +53,11 @@ func (e SMTAlignmentError) Type() string { return ErrorSMTAlignment } - + +// Define namespaces used by platform infrastructure pods +var infraNamespaces = [...]string{ -+ "kube-system", "armada", "cert-manager", "platform-deployment-manager", "portieris", "vault", "notification", "flux-helm", "metrics-server", "node-feature-discovery", ++ "kube-system", "armada", "cert-manager", "platform-deployment-manager", "portieris", "vault", "notification", "flux-helm", "metrics-server", "node-feature-discovery", "intel-power", "power-metrics", +} + // staticPolicy is a CPU manager policy that does not change CPU @@ -47,7 +48,7 @@ index 14a6e7af9be..a7df20bc704 100644 // container process starts. @@ -268,6 +273,25 @@ func (p *staticPolicy) updateCPUsToReuse(pod *v1.Pod, container *v1.Container, c } - + func (p *staticPolicy) Allocate(s state.State, pod *v1.Pod, container *v1.Container) error { + // Process infra pods before guaranteed pods + if isKubeInfra(pod) { @@ -85,7 +86,7 @@ index 14a6e7af9be..a7df20bc704 100644 @@ -602,6 +630,16 @@ func (p *staticPolicy) generateCPUTopologyHints(availableCPUs cpuset.CPUSet, reu return hints } - + +// check if a given pod is in a platform infrastructure namespace +func isKubeInfra(pod *v1.Pod) bool { + for _, namespace := range infraNamespaces { @@ -105,7 +106,7 @@ index 80a0c5a9e70..414e5ce144c 100644 +++ b/pkg/kubelet/cm/cpumanager/policy_static_test.go @@ -939,7 +939,8 @@ func TestStaticPolicyStartWithResvList(t *testing.T) { } - + func TestStaticPolicyAddWithResvList(t *testing.T) { - + infraPod := makePod("fakePod", "fakeContainer2", "200m", "200m") @@ -134,8 +135,8 @@ index 80a0c5a9e70..414e5ce144c 100644 + expCSet: cpuset.NewCPUSet(0, 1), + }, } - + testExcl := true --- +-- 2.25.1 diff --git a/kubernetes/kubernetes-1.26.1/debian/deb_folder/patches/kubelet-cpumanager-infra-pods-use-system-reserved-CP.patch b/kubernetes/kubernetes-1.26.1/debian/deb_folder/patches/kubelet-cpumanager-infra-pods-use-system-reserved-CP.patch index 65927c50a..b3d19f5ea 100644 --- a/kubernetes/kubernetes-1.26.1/debian/deb_folder/patches/kubelet-cpumanager-infra-pods-use-system-reserved-CP.patch +++ b/kubernetes/kubernetes-1.26.1/debian/deb_folder/patches/kubelet-cpumanager-infra-pods-use-system-reserved-CP.patch @@ -1,4 +1,4 @@ -From 318e3760511a6cba2a8233ba29173ad6b00f9d1e Mon Sep 17 00:00:00 2001 +From 32a8a49d7cd66262d6fc88337b5ee828f8f51af8 Mon Sep 17 00:00:00 2001 From: Ramesh Kumar Sivanandam Date: Thu, 20 Jul 2023 19:54:11 -0300 Subject: [PATCH 07/10] kubelet cpumanager infra pods use system reserved CPUs @@ -8,8 +8,8 @@ to isolate them from the shared pool of CPUs. Infrastructure pods include any pods that belong to the kube-system, armada, cert-manager, vault, platform-deployment-manager, portieris, -notification, flux-helm, metrics-server or node-feature-discovery -namespaces. +notification, flux-helm, metrics-server, node-feature-discovery, +intel-power or power-metrics namespaces. The implementation is a bit simplistic, it is assumed that the "reserved" cpuset is large enough to handle all infrastructure pods @@ -24,23 +24,23 @@ Signed-off-by: Kaustubh Dhokte Signed-off-by: Ramesh Kumar Sivanandam Signed-off-by: Sachin Gopala Krishna Signed-off-by: Marcos Silva - +Signed-off-by: Alyson Deives Pereira --- pkg/kubelet/cm/cpumanager/policy_static.go | 50 ++++++++++++++++--- .../cm/cpumanager/policy_static_test.go | 19 ++++++- 2 files changed, 62 insertions(+), 7 deletions(-) diff --git a/pkg/kubelet/cm/cpumanager/policy_static.go b/pkg/kubelet/cm/cpumanager/policy_static.go -index 4c4164a9099..c1066913bd9 100644 +index 4c4164a9099..f685a9a4d2b 100644 --- a/pkg/kubelet/cm/cpumanager/policy_static.go +++ b/pkg/kubelet/cm/cpumanager/policy_static.go @@ -56,6 +56,11 @@ func (e SMTAlignmentError) Type() string { return ErrorSMTAlignment } - + +// Define namespaces used by platform infrastructure pods +var infraNamespaces = [...]string{ -+ "kube-system", "armada", "cert-manager", "platform-deployment-manager", "portieris", "vault", "notification", "flux-helm", "metrics-server", "node-feature-discovery", ++ "kube-system", "armada", "cert-manager", "platform-deployment-manager", "portieris", "vault", "notification", "flux-helm", "metrics-server", "node-feature-discovery", "intel-power", "power-metrics", +} + // staticPolicy is a CPU manager policy that does not change CPU @@ -48,7 +48,7 @@ index 4c4164a9099..c1066913bd9 100644 // container process starts. @@ -128,11 +133,11 @@ func NewStaticPolicy(topology *topology.CPUTopology, numReservedCPUs int, reserv klog.InfoS("Static policy created with configuration", "options", opts) - + policy := &staticPolicy{ - topology: topology, - affinity: affinity, @@ -60,7 +60,7 @@ index 4c4164a9099..c1066913bd9 100644 + cpusToReuse: make(map[string]cpuset.CPUSet), + options: opts, } - + allCPUs := topology.CPUDetails.CPUs() @@ -200,8 +205,8 @@ func (p *staticPolicy) validateState(s state.State) error { // - user tampered with file @@ -75,7 +75,7 @@ index 4c4164a9099..c1066913bd9 100644 // 2. Check if state for static policy is consistent @@ -276,6 +281,25 @@ func (p *staticPolicy) updateCPUsToReuse(pod *v1.Pod, container *v1.Container, c } - + func (p *staticPolicy) Allocate(s state.State, pod *v1.Pod, container *v1.Container) (rerr error) { + // Process infra pods before guaranteed pods + if isKubeInfra(pod) { @@ -113,7 +113,7 @@ index 4c4164a9099..c1066913bd9 100644 @@ -619,6 +647,16 @@ func (p *staticPolicy) generateCPUTopologyHints(availableCPUs cpuset.CPUSet, reu return hints } - + +// check if a given pod is in a platform infrastructure namespace +func isKubeInfra(pod *v1.Pod) bool { + for _, namespace := range infraNamespaces { @@ -133,7 +133,7 @@ index 80a0c5a9e70..414e5ce144c 100644 +++ b/pkg/kubelet/cm/cpumanager/policy_static_test.go @@ -939,7 +939,8 @@ func TestStaticPolicyStartWithResvList(t *testing.T) { } - + func TestStaticPolicyAddWithResvList(t *testing.T) { - + infraPod := makePod("fakePod", "fakeContainer2", "200m", "200m") @@ -162,8 +162,8 @@ index 80a0c5a9e70..414e5ce144c 100644 + expCSet: cpuset.NewCPUSet(0, 1), + }, } - + testExcl := true --- +-- 2.25.1