From 6fd6e46e9f8b50da6cc5757b0c24507f5eade5e7 Mon Sep 17 00:00:00 2001 From: Radim Hrazdil Date: Thu, 3 Nov 2022 15:29:31 +0100 Subject: [PATCH 1/2] network,passt: consider overhead when binding all ports When VMI uses Passt interface and doesn't specify ports, all the ports are forwarded by Passt process. Opening all the sockets for forwarding causes kernel to consume considerable amount of memory. At the moment, Passt binding can only be used on primary interface, but since we need to loop over the VMI interfaces anyway, there's no reason not to be generic and account for each Passt binding with no specified Ports. Signed-off-by: Radim Hrazdil --- pkg/virt-controller/services/renderresources.go | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/pkg/virt-controller/services/renderresources.go b/pkg/virt-controller/services/renderresources.go index 117108a87431..a01885045028 100644 --- a/pkg/virt-controller/services/renderresources.go +++ b/pkg/virt-controller/services/renderresources.go @@ -357,6 +357,14 @@ func GetMemoryOverhead(vmi *v1.VirtualMachineInstance, cpuArch string) *resource overhead.Add(resource.MustParse("53Mi")) } + // Additional overhead for each interface with Passt binding, that forwards all ports. + // More information can be found here: https://bugs.passt.top/show_bug.cgi?id=20 + for _, net := range vmi.Spec.Domain.Devices.Interfaces { + if net.Passt != nil && len(net.Ports) == 0 { + overhead.Add(resource.MustParse("800Mi")) + } + } + return overhead } From 8c427ec7010a375a00dc2a965ef76a9f00aa0d85 Mon Sep 17 00:00:00 2001 From: Radim Hrazdil Date: Fri, 4 Nov 2022 13:42:55 +0100 Subject: [PATCH 2/2] e2e,passt: Don't add additional memory for passt VM After calculating the overhead for VM with Passt binding, it shouldn't be neccessary for a user to add extra memory to the VM when the Passt binding is configured to forward all ports. Signed-off-by: Radim Hrazdil --- tests/network/vmi_istio.go | 1 - tests/network/vmi_passt.go | 10 ---------- 2 files changed, 11 deletions(-) diff --git a/tests/network/vmi_istio.go b/tests/network/vmi_istio.go index 14eb17b0980d..41c34c56af38 100644 --- a/tests/network/vmi_istio.go +++ b/tests/network/vmi_istio.go @@ -511,7 +511,6 @@ func createPasstVm(ports []v1.Port) *v1.VirtualMachineInstance { libvmi.WithInterface(libvmi.InterfaceDeviceWithPasstBinding(ports...)), libvmi.WithLabel(vmiAppSelectorKey, vmiAppSelectorValue), libvmi.WithAnnotation(istio.ISTIO_INJECT_ANNOTATION, "true"), - withPasstExtendedResourceMemory(ports...), ) return vmi } diff --git a/tests/network/vmi_passt.go b/tests/network/vmi_passt.go index 3bc478e148ea..089a23bd694e 100644 --- a/tests/network/vmi_passt.go +++ b/tests/network/vmi_passt.go @@ -80,7 +80,6 @@ var _ = SIGDescribe("[Serial] Passt", func() { serverVMI = libvmi.NewAlpineWithTestTooling( libvmi.WithInterface(libvmi.InterfaceDeviceWithPasstBinding(ports...)), libvmi.WithNetwork(v1.DefaultPodNetwork()), - withPasstExtendedResourceMemory(ports...), ) serverVMI, err = virtClient.VirtualMachineInstance(util.NamespaceTestDefault).Create(serverVMI) @@ -214,7 +213,6 @@ EOL`, inetSuffix, serverIP, serverPort) clientVMI = libvmi.NewAlpineWithTestTooling( libvmi.WithInterface(libvmi.InterfaceDeviceWithPasstBinding()), libvmi.WithNetwork(v1.DefaultPodNetwork()), - withPasstExtendedResourceMemory(), ) clientVMI, err = virtClient.VirtualMachineInstance(util.NamespaceTestDefault).Create(clientVMI) Expect(err).ToNot(HaveOccurred()) @@ -288,11 +286,3 @@ EOL`, inetSuffix, serverIP, serverPort) }) }) }) - -func withPasstExtendedResourceMemory(ports ...v1.Port) libvmi.Option { - if len(ports) == 0 { - return libvmi.WithResourceMemory("2048M") - } - return func(vmi *v1.VirtualMachineInstance) { - } -}