Add docker resource constraints for CPU and Memory #28
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -63,17 +63,81 @@ func (d *DockerDriver) Fingerprint(cfg *config.Config, node *structs.Node) (bool | |
| return true, nil | ||
| } | ||
|
|
||
| // containerOptionsForTask initializes a strcut needed to call | ||
| // docker.client.CreateContainer() | ||
| func containerOptionsForTask(task *structs.Task, logger *log.Logger) docker.CreateContainerOptions { | ||
| if task.Resources == nil { | ||
|
There was a problem hiding this comment. maybe also check that There was a problem hiding this comment. I added a check for this, though I think this needs to be validated in the job config. I don't know how something would be scheduled without a resource constraint specified. Technically There was a problem hiding this comment. Ah, didn't know There was a problem hiding this comment. Yeah it's not obvious. I had to dig into the docker source to see that. |
||
| panic("boom") | ||
| } | ||
|
|
||
| containerConfig := &docker.HostConfig{ | ||
| // Convert MB to bytes. This is an absolute value. | ||
| // | ||
| // This value represents the total amount of memory a process can use. | ||
| // Swap is added to total memory and is managed by the OS, not docker. | ||
| // Since this may cause other processes to swap and cause system | ||
| // instability, we will simply not use swap. | ||
| // | ||
| // See: https://www.kernel.org/doc/Documentation/cgroups/memory.txt | ||
| Memory: int64(task.Resources.MemoryMB) * 1024 * 1024, | ||
| MemorySwap: -1, | ||
| // Convert Mhz to shares. This is a relative value. | ||
| // | ||
| // There are two types of CPU limiters available: Shares and Quotas. A | ||
| // Share allows a particular process to have a proportion of CPU time | ||
| // relative to other processes; 1024 by default. A CPU Quota is enforced | ||
| // over a Period of time and is a HARD limit on the amount of CPU time a | ||
| // process can use. Processes with quotas cannot burst, while processes | ||
| // with shares can, so we'll use shares. | ||
| // | ||
| // The simplest scale is 1 share to 1 MHz so 1024 = 1GHz. This means any | ||
| // given process will have at least that amount of resources, but likely | ||
| // more since it is (probably) rare that the machine will run at 100% | ||
| // CPU. This scale will cease to work if a node is overprovisioned. | ||
| // | ||
| // See: | ||
| // - https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt | ||
| // - https://www.kernel.org/doc/Documentation/scheduler/sched-design-CFS.txt | ||
| // | ||
| // TODO push CPU share up to the task group level. We can retain the | ||
| // docker-specific implementation for very fine-grained control but the | ||
| // usage semantics will change once we have this capability in task | ||
| // groups. | ||
| CPUShares: int64(task.Resources.CPU), | ||
| } | ||
|
|
||
| log.Printf("[DEBUG] driver.docker using %d bytes memory for %s", containerConfig.Memory, task.Config["image"]) | ||
|
There was a problem hiding this comment. Is this the convention for logging in nomad? In our other projects we usually add a There was a problem hiding this comment. Also, should this log use the There was a problem hiding this comment. @catsby Oops, good catch. There was a problem hiding this comment.
@ryanuber I updated this. I think there was a very fuzzy convention before. |
||
| log.Printf("[DEBUG] driver.docker using %d cpu shares for %s", containerConfig.CPUShares, task.Config["image"]) | ||
|
|
||
| return docker.CreateContainerOptions{ | ||
| Config: &docker.Config{ | ||
| Image: task.Config["image"], | ||
| }, | ||
| HostConfig: containerConfig, | ||
| } | ||
| } | ||
|
|
||
| func (d *DockerDriver) Start(ctx *ExecContext, task *structs.Task) (DriverHandle, error) { | ||
| // Get the image from config | ||
| image, ok := task.Config["image"] | ||
| if !ok || image == "" { | ||
| return nil, fmt.Errorf("Image not specified") | ||
| } | ||
| if task.Resources == nil { | ||
| return nil, fmt.Errorf("Resources are not specified") | ||
| } | ||
|
|
||
| // Initialize docker API client | ||
| dockerEndpoint := d.config.ReadDefault("docker.endpoint", "unix:///var/run/docker.sock") | ||
| client, err := docker.NewClient(dockerEndpoint) | ||
| if err != nil { | ||
| return nil, fmt.Errorf("Failed to connect to docker.endpoint (%s): %s", dockerEndpoint, err) | ||
| } | ||
|
|
||
| // Download the image | ||
| pull, err := exec.Command("docker", "pull", image).CombinedOutput() | ||
| if err != nil { | ||
| d.logger.Printf("[ERROR] driver.docker pulling container %s", pull) | ||
| return nil, fmt.Errorf("Failed to pull `%s`: %s", image, err) | ||
| } | ||
| d.logger.Printf("[DEBUG] driver.docker docker pull %s:\n%s", image, pull) | ||
|
|
@@ -83,7 +147,7 @@ func (d *DockerDriver) Start(ctx *ExecContext, task *structs.Task) (DriverHandle | |
| imageIDBytes, err := exec.Command("docker", "images", "-q", "--no-trunc", image).CombinedOutput() | ||
| imageID := strings.TrimSpace(string(imageIDBytes)) | ||
| if err != nil || imageID == "" { | ||
| d.logger.Printf("[ERROR] driver.docker getting image id %s", imageID) | ||
| return nil, fmt.Errorf("Failed to determine image id for `%s`: %s", image, err) | ||
| } | ||
| if !reDockerSha.MatchString(imageID) { | ||
|
|
@@ -93,43 +157,28 @@ func (d *DockerDriver) Start(ctx *ExecContext, task *structs.Task) (DriverHandle | |
| d.logger.Printf("[INFO] driver.docker downloaded image %s as %s", image, imageID) | ||
|
|
||
| // Create a container | ||
| container, err := client.CreateContainer(containerOptionsForTask(task, d.logger)) | ||
| if err != nil { | ||
| d.logger.Printf("[ERROR] driver.docker %s", err) | ||
| return nil, fmt.Errorf("Failed to create container from image %s", image) | ||
| } | ||
| if !reDockerSha.MatchString(container.ID) { | ||
| return nil, fmt.Errorf("Container id not in expected format (sha256); found %s", container.ID) | ||
| } | ||
| d.logger.Printf("[INFO] driver.docker created container %s", container.ID) | ||
|
|
||
| // Start the container | ||
| startBytes, err := exec.Command("docker", "start", container.ID).CombinedOutput() | ||
| if err != nil { | ||
| d.logger.Printf("[ERROR] driver.docker starting container %s", strings.TrimSpace(string(startBytes))) | ||
| return nil, fmt.Errorf("Failed to start container %s", container.ID) | ||
| } | ||
| d.logger.Printf("[INFO] driver.docker started container %s", container.ID) | ||
|
|
||
| // Return a driver handle | ||
| h := &dockerHandle{ | ||
| imageID: imageID, | ||
| containerID: container.ID, | ||
| doneCh: make(chan struct{}), | ||
| waitCh: make(chan error, 1), | ||
| } | ||
|
|
@@ -145,7 +194,7 @@ func (d *DockerDriver) Open(ctx *ExecContext, handleID string) (DriverHandle, er | |
| if err != nil { | ||
| return nil, fmt.Errorf("Failed to parse handle '%s': %v", handleID, err) | ||
| } | ||
| log.Printf("[INFO] driver.docker re-attaching to docker process: %s", handleID) | ||
|
|
||
| // Look for a running container with this ID | ||
| // docker ps does not return an exit code if there are no matching processes | ||
|
|
@@ -197,15 +246,15 @@ func (h *dockerHandle) Kill() error { | |
| // Stop the container | ||
| stop, err := exec.Command("docker", "stop", "-t", "5", h.containerID).CombinedOutput() | ||
| if err != nil { | ||
| log.Printf("[ERROR] driver.docker stopping container %s", stop) | ||
| return fmt.Errorf("Failed to stop container %s: %s", h.containerID, err) | ||
| } | ||
| log.Printf("[INFO] driver.docker stopped container %s", h.containerID) | ||
|
|
||
| // Cleanup container | ||
| rmContainer, err := exec.Command("docker", "rm", h.containerID).CombinedOutput() | ||
| if err != nil { | ||
| log.Printf("[ERROR] driver.docker removing container %s", rmContainer) | ||
| return fmt.Errorf("Failed to remove container %s: %s", h.containerID, err) | ||
| } | ||
| log.Printf("[INFO] driver.docker removed container %s", h.containerID) | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
typo "strcut" ?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks, should be "struct".