Bug 1581863 - [3.6] Limit ranges are being applied with cpu-cfs-quota set to false
Summary: [3.6] Limit ranges are being applied with cpu-cfs-quota set to false
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Node
Version: 3.7.0
Hardware: Unspecified
OS: Linux
unspecified
urgent
Target Milestone: ---
: 3.6.z
Assignee: Seth Jennings
QA Contact: DeShuai Ma
URL:
Whiteboard:
: 1582487 (view as bug list)
Depends On: 1581409 1582486 1582487
Blocks: 1581860 1581861 1581862
TreeView+ depends on / blocked
 
Reported: 2018-05-23 19:41 UTC by Seth Jennings
Modified: 2018-08-29 12:10 UTC (History)
7 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Fixes an issue where cfs_quota might still be set on a pod even when cpu-cfs-quota is set to false on the node
Clone Of: 1581409
Environment:
Last Closed: 2018-08-29 12:10:02 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2018:2545 0 None None None 2018-08-29 12:10:18 UTC

Comment 2 Seth Jennings 2018-05-25 15:03:00 UTC 
*** Bug 1582487 has been marked as a duplicate of this bug. ***
Comment 4 Weinan Liu 2018-08-23 06:16:45 UTC 
[root@host-8-246-170 ~]# rpm -qa|grep openshift
atomic-openshift-excluder-3.6.173.0.129-1.git.0.95ef3c2.el7.noarch
atomic-openshift-docker-excluder-3.6.173.0.129-1.git.0.95ef3c2.el7.noarch
atomic-openshift-clients-3.6.173.0.129-1.git.0.95ef3c2.el7.x86_64
tuned-profiles-atomic-openshift-node-3.6.173.0.129-1.git.0.95ef3c2.el7.x86_64
atomic-openshift-node-3.6.173.0.129-1.git.0.95ef3c2.el7.x86_64
atomic-openshift-sdn-ovs-3.6.173.0.129-1.git.0.95ef3c2.el7.x86_64
atomic-openshift-3.6.173.0.129-1.git.0.95ef3c2.el7.x86_64

[root@host-8-246-170 ~]# oc version
oc v3.6.173.0.129
kubernetes v1.6.1+5115d708d7
features: Basic-Auth GSSAPI Kerberos SPNEGO


Verify steps (referring 1581409 comment 9):
//Scenario A cpu-cfs-quota=false
kubeletArguments:
  cpu-cfs-quota:
  - 'false'

1. Create a burstable pod 
[root@ip-172-18-12-225 ~]# oc create -f pod.yaml 
pod "burstable-vqpsr" created
[root@ip-172-18-12-225 ~]# 
[root@ip-172-18-12-225 ~]# oc get po -o yaml|grep -i uid
      openshift.io/scc: anyuid
    uid: 5a2dea60-6031-11e8-89e2-0eb7f09c6860

2. On node the pod located to check the cpu.cfs_quota_us in pod level cgroup.
[root@ip-172-18-5-70 test]# cat /sys/fs/cgroup/cpu/kubepods.slice/kubepods-burstable.slice/kubepods-burstable-pod5a2dea60_6031_11e8_89e2_0eb7f09c6860.slice/cpu.cfs_quota_us
-1

//Scenario B cpu-cfs-quota=true
kubeletArguments:
  cpu-cfs-quota:
  - 'true'
1. Create a burstable pod 
[root@ip-172-18-12-225 ~]# oc create -f pod.yaml 
pod "burstable-8tmdv" created
[root@ip-172-18-12-225 ~]# oc get po -o yaml|grep uid
      openshift.io/scc: anyuid
    uid: 9ec90ce2-6031-11e8-89e2-0eb7f09c6860
[root@ip-172-18-12-225 ~]# oc get po
NAME              READY     STATUS    RESTARTS   AGE
burstable-8tmdv   1/1       Running   0          22s

2. On node the pod located to check the cpu.cfs_quota_us in pod level cgroup.
[root@ip-172-18-5-70 test]# cat /sys/fs/cgroup/cpu/kubepods.slice/kubepods-burstable.slice/kubepods-burstable-pod9ec90ce2_6031_11e8_89e2_0eb7f09c6860.slice/cpu.cfs_quota_us
100000

//pod.yaml
apiVersion: v1
kind: Pod
metadata:
  generateName: burstable-
spec:
  containers:
  - image: busybox
    name: busybox
    command:
    - sleep
    - "3600"
    resources:
      requests:
        memory: 1500Mi
        cpu: 300m
      limits:
        cpu: 1
        memory: 3Gi
  restartPolicy: Always
  terminationGracePeriodSeconds: 0
Comment 6 errata-xmlrpc 2018-08-29 12:10:02 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2018:2545
Note You need to log in before you can comment on or make changes to this bug.