-
Notifications
You must be signed in to change notification settings - Fork 14.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add documentation for per pod cgroups #2841
Conversation
/cc @vishh PTAL |
docs/admin/node-allocatable.md
Outdated
`CPU` and `memory` are supported as of now. | ||
Support for `storage` is expected to be added in the future. | ||
`Allocatable` on a Kubernetes node is defined as the amount of compute resources | ||
that are available for pods. The scheduler does not over subscribe |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
over subscribe -> over-subscribe
docs/admin/node-allocatable.md
Outdated
Support for `storage` is expected to be added in the future. | ||
`Allocatable` on a Kubernetes node is defined as the amount of compute resources | ||
that are available for pods. The scheduler does not over subscribe | ||
`Allocatable`. `CPU` and `memory` are supported as of now. Support for `storage` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
"as of now" -> "as of Kubernetes version 1.x" (where 1.x is the relevant version).
"Kubernetes will add support for storage
in version 1.x." (where 1.x is the relevant version).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
the actual release version where storage will be added is not yet known. depends on a number of factors. we just know we will do more local storage management in the future.
docs/admin/node-allocatable.md
Outdated
|
||
Resources can be reserved for two categories of system daemons in the `kubelet`. | ||
|
||
### Enabling QoS and Pod level cgroups | ||
|
||
To properly enforce node allocatable constraints on the node, the operator must |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The operator is the reader, right? Just use "you must."
docs/admin/node-allocatable.md
Outdated
Since `v1.6`, `kubelet` enforces `Allocatable` on pods using control groups. | ||
To revert to the old behavior unset `--enforce-node-allocatable` kubelet flag. | ||
Note that unless `--kube-reserved`, or `--system-reserved` or `--eviction-hard` flags have non-default values, `Allocatable` enforcement does not affect existing deployments. | ||
Since `v1.2`, it has been possible to **optionally** specify `kube-reserved` and |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
"Since v1.2" -> "As of Kubernetes version 1.2"
Repeat for all version numbers below.
@devin-donnelly - thanks for the review, please take a look. |
fyi @mburke5678 |
Docs LGTM. Still needs a tech review. |
docs/admin/node-allocatable.md
Outdated
Reserving resources for user login sessions is also recommended (`user.slice` in systemd world). | ||
`system-reserved` is meant to capture resource reservation for OS system daemons | ||
like `sshd`, `udev`, etc. `system-reserved` should reserve `memory` for the | ||
`kernel` too since `kernel` memory is not accounted to pods (yet) in Kubernetes. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What do you mean by 'yet' here? Is this a future feature or something that will happen later in this process? Maybe clarify or remove to avoid confusion
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
yet in this context meant "it may be in the future". i clarified the text to just say kernel memory is not accounted to pods at this time.
docs/admin/node-allocatable.md
Outdated
For this reason, resources reserved for evictions are not available for pods. | ||
Memory pressure at the node level leads to System OOMs which affects the entire | ||
node and all pods running on it. Nodes can go offline temporarily until memory | ||
has been reclaimed. To avoid (or reduce the probability) system OOMs kubelet |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
s/To avoid (or reduce the probability) system OOMs kubelet.../To avoid (or reduce the probability of) system OOMs, kubelet...
@derekwaynecarr there is inconsistent use of case. Maybe not important for upstream. Some cases of inconsistencies between |
@mburke5678 -- we can fix the casing in a follow-on as this was the original content. |
@vishh -- can i get a tech review so this makes it out in time for 1.6? |
/lgtm |
Improved line wrapping from original source document.
Added text explaining how to enable the new cgroup topology required to enforce node allocatable.
This change is