Skip to content

Commit

Permalink
Stop using --memory for cgroup v2.
Browse files Browse the repository at this point in the history
  • Loading branch information
hetong07 committed Feb 18, 2021
1 parent 369f93f commit 7b0bf57
Showing 1 changed file with 23 additions and 5 deletions.
28 changes: 23 additions & 5 deletions pkg/drivers/kic/oci/oci.go
Original file line number Diff line number Diff line change
Expand Up @@ -107,14 +107,27 @@ func PrepareContainerNode(p CreateParams) error {
return nil
}

func hasMemoryCgroup() bool {
memcg := true
if runtime.GOOS == "linux" {
var memory string
if cgroup2, err := IsCgroup2UnifiedMode(); err == nil && cgroup2 {
memory = "/sys/fs/cgroup/memory/memsw.limit_in_bytes"
}
if _, err := os.Stat(memory); os.IsNotExist(err) {
klog.Warning("Your kernel does not support memory limit capabilities or the cgroup is not mounted.")
memcg = false
}
}
return memcg
}

func hasMemorySwapCgroup() bool {
memcgSwap := true
if runtime.GOOS == "linux" {
var memoryswap string
if cgroup2, err := IsCgroup2UnifiedMode(); err == nil && cgroup2 {
memoryswap = "/sys/fs/cgroup/memory/memory.swap.max"
} else {
memoryswap = "/sys/fs/cgroup/memory/memsw.limit_in_bytes"
}
if _, err := os.Stat(memoryswap); os.IsNotExist(err) {
// requires CONFIG_MEMCG_SWAP_ENABLED or cgroup_enable=memory in grub
Expand Down Expand Up @@ -171,6 +184,7 @@ func CreateContainerNode(p CreateParams) error {
}

memcgSwap := hasMemorySwapCgroup()
memcg := hasMemoryCgroup()

// https://www.freedesktop.org/wiki/Software/systemd/ContainerInterface/
var virtualization string
Expand All @@ -179,19 +193,23 @@ func CreateContainerNode(p CreateParams) error {
runArgs = append(runArgs, "--volume", fmt.Sprintf("%s:/var:exec", p.Name))

if memcgSwap {
runArgs = append(runArgs, fmt.Sprintf("--memory=%s", p.Memory))
// Disable swap by setting the value to match
runArgs = append(runArgs, fmt.Sprintf("--memory-swap=%s", p.Memory))
}

if memcg {
runArgs = append(runArgs, fmt.Sprintf("--memory=%s", p.Memory))
}

virtualization = "podman" // VIRTUALIZATION_PODMAN
}
if p.OCIBinary == Docker {
runArgs = append(runArgs, "--volume", fmt.Sprintf("%s:/var", p.Name))
// ignore apparmore github actions docker: https://github.com/kubernetes/minikube/issues/7624
runArgs = append(runArgs, "--security-opt", "apparmor=unconfined")

runArgs = append(runArgs, fmt.Sprintf("--memory=%s", p.Memory))
if memcg {
runArgs = append(runArgs, fmt.Sprintf("--memory=%s", p.Memory))
}
if memcgSwap {
// Disable swap by setting the value to match
runArgs = append(runArgs, fmt.Sprintf("--memory-swap=%s", p.Memory))
Expand Down

0 comments on commit 7b0bf57

Please sign in to comment.