Due to the restructuring of OCP for 3.10, the patch that enabled XFS quota to limit the size of emptydirs and emptydir-based volumes like secrets and configmaps is no longer in effect. https://github.com/openshift/origin/commit/1ae5b25eaf86357306ce9f0c2fca4bba7e81a6da Need to find some way to apply this to openshift/kubernetes so that the kubelet build from that source can have equivalent functionality.
origin PR: https://github.com/openshift/origin/pull/19533
We are going to need documentation for this.
1.The new config file path is /var/lib/origin/openshift.local.volumes/volume-config.yaml apiVersion: kubelet.config.openshift.io/v1 kind: VolumeConfig localQuota: perFSGroupInGiB: 1 2.systemctl restart atomic-openshift-node.service 3.Create a pod https://raw.githubusercontent.com/openshift-qe/v3-testfiles/master/persistent-volumes/emptydir/emptydir_pod_selinux_test.json 4.xfs_quota -x -c 'report -n -L 123450 -U 123460' /var/lib/origin/openshift.local.volumes/ Group quota on /var/lib/origin/openshift.local.volumes (/dev/xvdf) Blocks Group ID Used Soft Hard Warn/Grace ---------- -------------------------------------------------- #123456 0 1048576 1048576 00 [--------]
If I'm reading this correctly, the configuration has been removed from a section in the /etc/origin/node-config.yaml to /var/lib/origin/openshift.local.volumes/volume-config.yaml. In 3.10, the config files for the node are now being set in the master as a config map, then sync'd to nodes. I would like to understand the reasoning for this change. As a sysadmin, I have issues with this approach. 1) We were used to finding this setting in one location, the node-config.yaml. Now it isn't set there. 2) The new paradigm appears to be setting configuration for the node on the master, and then having it be sync'd down to the node. This new configuration change does not follow this paradigm. There may be technical reasons this change was made, and I may not understand them. But as a sysadmin, this is extremely confusing to know which node settings go in the config map on the master and what settings need to be placed in config files on the node. This is also hard when using immutable infrastructure. Having to build different images with this setting based on what I want, or devise a way to update this setting when a node is started outside of the standard openshift (config map) setting isn't optimal as well.
One other comment. The config living in /var/lib/origin also seems to be bad practice. I would never look for a config file to live in /var.
another question about this change. We were doing 512Mi as our default. Do . (decimals) work in the new format. For example: apiVersion: kubelet.config.openshift.io/v1 kind: VolumeConfig localQuota: perFSGroupInGiB: .5 Is this valid?
I think we may want to re-evaluate how this was configured in favor of a configmap based solution so all node config is delivered dynamically out of openshift-node project.
New method being tracked here https://bugzilla.redhat.com/show_bug.cgi?id=1579305 QE can drop this. Duping to 1579305. *** This bug has been marked as a duplicate of bug 1579305 ***