Closed LarssonOliver closed 10 months ago
It would have been nice if there was some way of configuring these without creating a custom config.toml.tmpl, but rather having this integrated into the default template.
We've not seen anyone ask for this yet, or open a PR to add support for it. Probably due to it not being used by Kubernetes yet.
We're reluctant to add any additional CLI flags, so this would probably look a lot like our Nvidia container runtime support - we can check for existence of user-provided config files in a predefined location, and if found, add the path to the appropriate section of the config.
I think checking for files in predefined locations would be sufficient. It is always possible to provide a custom config.toml.tmpl
if other file locations are desired.
I would have use of this and could work on an implementation. Do you have any suggestions of what would be appropriate locations? I'm not too familiar with the k3s config structure, but my initial idea would be somewhere in /var/lib/rancher/k3s/agent/etc/...
In the same directory as the containerd config file would be my suggestion
hey! @LarssonOliver i am testing it but even though i am creating an empty file and its being loaded on the config
cat /var/lib/rancher/k3s/agent/etc/containerd/config.toml
# File generated by k3s. DO NOT EDIT. Use config.toml.tmpl instead.
version = 2
[plugins."io.containerd.internal.v1.opt"]
path = "/var/lib/rancher/k3s/agent/containerd"
[plugins."io.containerd.grpc.v1.cri"]
stream_server_address = "127.0.0.1"
stream_server_port = "10010"
enable_selinux = false
enable_unprivileged_ports = true
enable_unprivileged_icmp = true
sandbox_image = "rancher/mirrored-pause:3.6"
[plugins."io.containerd.grpc.v1.cri".containerd]
snapshotter = "overlayfs"
disable_snapshot_annotations = true
[plugins."io.containerd.grpc.v1.cri".cni]
bin_dir = "/var/lib/rancher/k3s/data/267e6f7f3c53e8144faf1646c85ab5d30a21262ebd4ae4b963ed4c7a6358bdfa/bin"
conf_dir = "/var/lib/rancher/k3s/agent/etc/cni/net.d"
[plugins."io.containerd.service.v1.tasks-service"]
rdt_config_file = "/var/lib/rancher/k3s/agent/etc/containerd/rdt_config.yaml"
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc]
runtime_type = "io.containerd.runc.v2"
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options]
SystemdCgroup = true
i can restart normally
sudo systemctl restart k3s
sudo systemctl status k3s
● k3s.service - Lightweight Kubernetes
Loaded: loaded (/etc/systemd/system/k3s.service; enabled; vendor preset: enabled)
Active: active (running) since Thu 2023-11-16 21:27:13 UTC; 6min ago
Docs: https://k3s.io
any suggestion here ?
@fmoral2 even though i am creating an empty file and its being loaded on the config i can restart normally
were you expecting an error when the file is empty? As per the docs I don't see that an empty file would constitute an error, I suspect you just won't get any new partitions or classes, as you haven't defined any...
Hi,
This happens when running on a system without hardware support for QoS-class resource management. I just tested it, and contained spits out this line:
$ sudo less /var/lib/rancher/k3s/agent/containerd/containerd.log
...
time="2023-11-17T07:20:46.136084780+01:00" level=error msg="RDT initialization failed" error="RDT not enabled: failed to detect resctrl mount point: resctrl not found in /proc/mounts"
...
At which point it just ignores the specified config and continues normally.
I'm not sure if there is a need for any logic on k3s' side here. We're just passing the config to containerd after all...
@brandond were you expecting an error when the file is empty? As per the docs I don't see that an empty file would constitute an error, I suspect you just won't get any new partitions or classes, as you haven't defined any...
Yes, I also mentioned it in the PR (#8726) but containerd exits with an error if the config file is invalid, which an empty one is considered to be.
-$ k3s version v1.28.3+k3s-fa4c1806 (fa4c1806)
Infrastructure Cloud EC2 instance
Node(s) CPU architecture, OS, and Version: PRETTY_NAME="Ubuntu 22.04.1 LTS" NAME="Ubuntu" VERSION_ID="22.04"
Cluster Configuration: 1 node server
i feel that we should have added unit test for this on the PR, since this is a separated method called in get()
could be easily tested only on this layer
3 points:
whats your thoughts @brandond ?
I don't think this needs a ton of testing. It is not complicated logic; it is just checking for the presence of files, and if they exist, adding a line to the config to point containerd at them. We don't need to validate that any of the containerd support for this feature works, all we need to do is confirm that the config is added if the files exist.
Maybe just a basic test like we have for nvidia, that uses a mock filesystem and confirms that the correct config struct is generated?
I don't think this needs a ton of testing. It is not complicated logic; it is just checking for the presence of files, and if they exist, adding a line to the config to point containerd at them. We don't need to validate that any of the containerd support for this feature works, all we need to do is confirm that the config is added if the files exist.
Maybe just a basic test like we have for nvidia, that uses a mock filesystem and confirms that the correct config struct is generated?
I can take care of this within a few days if you'd like!
Is your feature request related to a problem? Please describe.
Recent versions of containerd (and cri-o) support QoS-class resource control through container annotations and config files.
The config files are specified in the containerd config.toml file as such:
(see https://github.com/containerd/containerd/blob/main/docs/man/containerd-config.toml.5.md)
The config files specified follow the formats specified by https://github.com/intel/goresctrl.
Describe the solution you'd like
It would have been nice if there was some way of configuring these without creating a custom
config.toml.tmpl
, but rather having this integrated into the default template.Describe alternatives you've considered
Writing a custom
config.toml.tmpl
file.Additional context
KEP 3008 describes the planned Kubernetes integration. Meanwhile, this is controlled through pod annotations.