From bfb3a3cfd80ee6004784b365be325c0ce728b860 Mon Sep 17 00:00:00 2001 From: killianmuldoon Date: Wed, 5 Oct 2022 11:26:48 +0100 Subject: [PATCH] Set nofile ulimit for loadbalancer container --- test/go.mod | 2 +- test/infrastructure/container/docker.go | 1 + test/infrastructure/container/interface.go | 4 ++++ .../docker/internal/docker/kind_manager.go | 20 +++++++++++++++++-- 4 files changed, 24 insertions(+), 3 deletions(-) diff --git a/test/go.mod b/test/go.mod index 45a19777c28c..308c299a9756 100644 --- a/test/go.mod +++ b/test/go.mod @@ -8,6 +8,7 @@ require ( github.com/blang/semver v3.5.1+incompatible github.com/docker/docker v20.10.17+incompatible github.com/docker/go-connections v0.4.0 + github.com/docker/go-units v0.4.0 github.com/flatcar/ignition v0.36.2 github.com/go-logr/logr v1.2.3 github.com/onsi/ginkgo/v2 v2.2.0 @@ -49,7 +50,6 @@ require ( github.com/coreos/go-systemd v0.0.0-20191104093116-d3cd4ed1dbcf // indirect github.com/davecgh/go-spew v1.1.1 // indirect github.com/docker/distribution v2.8.1+incompatible // indirect - github.com/docker/go-units v0.4.0 // indirect github.com/drone/envsubst/v2 v2.0.0-20210730161058-179042472c46 // indirect github.com/emicklei/go-restful/v3 v3.9.0 // indirect github.com/evanphx/json-patch v4.12.0+incompatible // indirect diff --git a/test/infrastructure/container/docker.go b/test/infrastructure/container/docker.go index 9d8eeaa2e2d0..54ace87879e1 100644 --- a/test/infrastructure/container/docker.go +++ b/test/infrastructure/container/docker.go @@ -384,6 +384,7 @@ func (d *dockerRuntime) RunContainer(ctx context.Context, runConfig *RunContaine Tmpfs: runConfig.Tmpfs, PortBindings: nat.PortMap{}, RestartPolicy: dockercontainer.RestartPolicy{Name: "unless-stopped"}, + Resources: runConfig.Resources, } networkConfig := network.NetworkingConfig{} diff --git a/test/infrastructure/container/interface.go b/test/infrastructure/container/interface.go index 67393897486e..ea30c71fd25f 100644 --- a/test/infrastructure/container/interface.go +++ b/test/infrastructure/container/interface.go @@ -21,6 +21,8 @@ import ( "fmt" "io" + dockercontainer "github.com/docker/docker/api/types/container" + clusterv1 "sigs.k8s.io/cluster-api/api/v1beta1" ) @@ -95,6 +97,8 @@ type RunContainerInput struct { PortMappings []PortMapping // IPFamily is the IP version to use. IPFamily clusterv1.ClusterIPFamily + // Resource limits and settings for the container. + Resources dockercontainer.Resources } // ExecContainerInput contains values for running exec on a container. diff --git a/test/infrastructure/docker/internal/docker/kind_manager.go b/test/infrastructure/docker/internal/docker/kind_manager.go index 1b86711d8b60..9cd9e82072df 100644 --- a/test/infrastructure/docker/internal/docker/kind_manager.go +++ b/test/infrastructure/docker/internal/docker/kind_manager.go @@ -21,6 +21,8 @@ import ( "fmt" "net" + dockercontainer "github.com/docker/docker/api/types/container" + "github.com/docker/go-units" "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" "sigs.k8s.io/kind/pkg/apis/config/v1alpha4" @@ -52,6 +54,7 @@ type nodeCreateOpts struct { PortMappings []v1alpha4.PortMapping Labels map[string]string IPFamily clusterv1.ClusterIPFamily + Resources dockercontainer.Resources } // CreateControlPlaneNode will create a new control plane container. @@ -116,7 +119,6 @@ func (m *Manager) CreateExternalLoadBalancerNode(ctx context.Context, name, imag } port = p } - // load balancer port mapping portMappings := []v1alpha4.PortMapping{{ ListenAddress: listenAddress, @@ -124,12 +126,25 @@ func (m *Manager) CreateExternalLoadBalancerNode(ctx context.Context, name, imag ContainerPort: ControlPlanePort, Protocol: v1alpha4.PortMappingProtocolTCP, }} + + // load balancer resource limits + resources := dockercontainer.Resources{ + Ulimits: []*units.Ulimit{ + { + Name: "nofile", + Soft: 65536, + Hard: 65536, + }, + }, + } + createOpts := &nodeCreateOpts{ Name: name, Image: image, ClusterName: clusterName, Role: constants.ExternalLoadBalancerNodeRoleValue, PortMappings: portMappings, + Resources: resources, } node, err := createNode(ctx, createOpts) if err != nil { @@ -168,7 +183,8 @@ func createNode(ctx context.Context, opts *nodeCreateOpts) (*types.Node, error) "/tmp": "", // various things depend on working /tmp "/run": "", // systemd wants a writable /run }, - IPFamily: opts.IPFamily, + Resources: opts.Resources, + IPFamily: opts.IPFamily, } log.V(6).Info("Container run options: %+v", runOptions)