From 82837ab07c451ab8b0ab2761efdfbcea2a60fcb1 Mon Sep 17 00:00:00 2001 From: Jimmi Dyson Date: Wed, 1 Mar 2023 19:39:39 +0000 Subject: [PATCH] Set nofile ulimit for loadbalancer container (#16) Co-authored-by: killianmuldoon --- test/go.mod | 2 +- test/infrastructure/container/docker.go | 1 + test/infrastructure/container/interface.go | 4 ++++ .../docker/internal/docker/kind_manager.go | 20 +++++++++++++++++-- 4 files changed, 24 insertions(+), 3 deletions(-) diff --git a/test/go.mod b/test/go.mod index 406a5544f2fd..4e04beea1bae 100644 --- a/test/go.mod +++ b/test/go.mod @@ -8,6 +8,7 @@ require ( github.com/blang/semver v3.5.1+incompatible github.com/docker/docker v20.10.21+incompatible github.com/docker/go-connections v0.4.0 + github.com/docker/go-units v0.4.0 github.com/flatcar/ignition v0.36.2 github.com/go-logr/logr v1.2.3 github.com/onsi/ginkgo/v2 v2.6.0 @@ -48,7 +49,6 @@ require ( github.com/coreos/go-systemd v0.0.0-20191104093116-d3cd4ed1dbcf // indirect github.com/davecgh/go-spew v1.1.1 // indirect github.com/docker/distribution v2.8.1+incompatible // indirect - github.com/docker/go-units v0.4.0 // indirect github.com/drone/envsubst/v2 v2.0.0-20210730161058-179042472c46 // indirect github.com/emicklei/go-restful/v3 v3.9.0 // indirect github.com/evanphx/json-patch v5.6.0+incompatible // indirect diff --git a/test/infrastructure/container/docker.go b/test/infrastructure/container/docker.go index 204ec75ee7a3..4c10ef8ed74f 100644 --- a/test/infrastructure/container/docker.go +++ b/test/infrastructure/container/docker.go @@ -389,6 +389,7 @@ func (d *dockerRuntime) RunContainer(ctx context.Context, runConfig *RunContaine Tmpfs: runConfig.Tmpfs, PortBindings: nat.PortMap{}, RestartPolicy: dockercontainer.RestartPolicy{Name: restartPolicy}, + Resources: runConfig.Resources, } networkConfig := network.NetworkingConfig{} diff --git a/test/infrastructure/container/interface.go b/test/infrastructure/container/interface.go index bbdfc121a4cb..676d7d9b491b 100644 --- a/test/infrastructure/container/interface.go +++ b/test/infrastructure/container/interface.go @@ -21,6 +21,8 @@ import ( "fmt" "io" + dockercontainer "github.com/docker/docker/api/types/container" + clusterv1 "sigs.k8s.io/cluster-api/api/v1beta1" ) @@ -98,6 +100,8 @@ type RunContainerInput struct { // RestartPolicy to use for the container. // If not set, defaults to "unless-stopped". RestartPolicy string + // Resource limits and settings for the container. + Resources dockercontainer.Resources } // ExecContainerInput contains values for running exec on a container. diff --git a/test/infrastructure/docker/internal/docker/kind_manager.go b/test/infrastructure/docker/internal/docker/kind_manager.go index 9d3cd01a1097..b208ad5dd0a7 100644 --- a/test/infrastructure/docker/internal/docker/kind_manager.go +++ b/test/infrastructure/docker/internal/docker/kind_manager.go @@ -21,6 +21,8 @@ import ( "fmt" "net" + dockercontainer "github.com/docker/docker/api/types/container" + "github.com/docker/go-units" "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" "sigs.k8s.io/kind/pkg/apis/config/v1alpha4" @@ -52,6 +54,7 @@ type nodeCreateOpts struct { PortMappings []v1alpha4.PortMapping Labels map[string]string IPFamily clusterv1.ClusterIPFamily + Resources dockercontainer.Resources } // CreateControlPlaneNode will create a new control plane container. @@ -116,7 +119,6 @@ func (m *Manager) CreateExternalLoadBalancerNode(ctx context.Context, name, imag } port = p } - // load balancer port mapping portMappings := []v1alpha4.PortMapping{{ ListenAddress: listenAddress, @@ -124,12 +126,25 @@ func (m *Manager) CreateExternalLoadBalancerNode(ctx context.Context, name, imag ContainerPort: ControlPlanePort, Protocol: v1alpha4.PortMappingProtocolTCP, }} + + // load balancer resource limits + resources := dockercontainer.Resources{ + Ulimits: []*units.Ulimit{ + { + Name: "nofile", + Soft: 65536, + Hard: 65536, + }, + }, + } + createOpts := &nodeCreateOpts{ Name: name, Image: image, ClusterName: clusterName, Role: constants.ExternalLoadBalancerNodeRoleValue, PortMappings: portMappings, + Resources: resources, } node, err := createNode(ctx, createOpts) if err != nil { @@ -168,7 +183,8 @@ func createNode(ctx context.Context, opts *nodeCreateOpts) (*types.Node, error) "/tmp": "", // various things depend on working /tmp "/run": "", // systemd wants a writable /run }, - IPFamily: opts.IPFamily, + Resources: opts.Resources, + IPFamily: opts.IPFamily, } log.V(6).Info("Container run options: %+v", runOptions)