Bug 1985908 - Tuned affining containers to house keeping cpus
Summary: Tuned affining containers to house keeping cpus
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Node Tuning Operator
Version: 4.8
Hardware: x86_64
OS: All
medium
high
Target Milestone: ---
: 4.8.z
Assignee: Jiří Mencák
QA Contact: Simon
URL:
Whiteboard:
Depends On: 1979352
Blocks:
TreeView+ depends on / blocked
 
Reported: 2021-07-26 08:27 UTC by OpenShift BugZilla Robot
Modified: 2021-08-16 18:32 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: No Doc Update
Doc Text:
Clone Of:
Environment:
Last Closed: 2021-08-16 18:32:12 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github openshift cluster-node-tuning-operator pull 254 0 None None None 2021-08-03 07:42:58 UTC
Red Hat Product Errata RHBA-2021:3121 0 None None None 2021-08-16 18:32:22 UTC

Comment 1 Jiří Mencák 2021-07-26 09:01:27 UTC
Upstream PR: https://github.com/openshift/cluster-node-tuning-operator/pull/254

Comment 4 Simon 2021-08-12 17:02:29 UTC
$ oc get clusterversion
NAME      VERSION                             AVAILABLE   PROGRESSING   SINCE   STATUS
version   4.8.0-0.nightly-2021-08-09-135211   True        False         44m     Cluster version is 4.8.0-0.nightly-2021-08-09-135211

$ oc get nodes | grep worker
ip-10-0-130-136.us-east-2.compute.internal   Ready    worker   4h16m   v1.21.1+9807387
ip-10-0-185-40.us-east-2.compute.internal    Ready    worker   4h16m   v1.21.1+9807387
ip-10-0-196-55.us-east-2.compute.internal    Ready    worker   4h16m   v1.21.1+9807387

$ node=ip-10-0-130-136.us-east-2.compute.internal

$ oc project openshift-cluster-node-tuning-operator 
Now using project "openshift-cluster-node-tuning-operator" on server "https://api.skordas812a.qe.devcluster.openshift.com:6443".

$ oc get pods | grep $node

$ oc get pods -o wide | grep $node
tuned-gn7mh                                     1/1     Running   0          4h16m   10.0.130.136   ip-10-0-130-136.us-east-2.compute.internal   <none>           <none>

$ pod=tuned-gn7mh

$ oc rsh $pod
sh-4.4# grep cgroup_ps_bla /usr/lib/python3.6/site-packages/tuned/plugins/plugin_scheduler.py
                self._cgroup_ps_blacklist_re = ""
                        "cgroup_ps_blacklist": None,
        @command_custom("cgroup_ps_blacklist", per_device = False)
        def _cgroup_ps_blacklist(self, enabling, value, verify, ignore_missing):
                        self._cgroup_ps_blacklist_re = "|".join(["(%s)" % v for v in re.split(r"(?<!\\);", str(value))])
                if self._cgroup_ps_blacklist_re != "":
                        psl = [v for v in psl if re.search(self._cgroup_ps_blacklist_re,

$ oc label node $node tuned-scheduler-node=
node/ip-10-0-130-136.us-east-2.compute.internal labeled

$ cat scheduler-tuned.yaml 
apiVersion: tuned.openshift.io/v1
kind: Tuned
metadata:
  name: ocp-scheduler-profile
  namespace: openshift-cluster-node-tuning-operator
spec:
  profile:
  - data: |
      [main]
      summary=Custom OpenShift profile
      include=openshift-node
      [scheduler]
      isolated_cores=1
      cgroup_ps_blacklist=/kubepods\.slice/
    name: ocp-scheduler-profile
  recommend:
  - match:
    - label:  tuned-scheduler-node
    priority: 20
    profile: ocp-scheduler-profile
    operand:
      debug: true


$ oc rsh $pod
sh-4.4# grep ^Cpus_allowed_list /proc/`pgrep openshift-tuned`/status
Cpus_allowed_list:      0-1
sh-4.4# grep Cpus_allowed_list /proc/`pidof chronyd`/status
Cpus_allowed_list:      0-1
sh-4.4# grep . /proc/`pidof chronyd`/cgroup 
12:freezer:/
11:memory:/system.slice/chronyd.service
10:perf_event:/
9:hugetlb:/
8:pids:/system.slice/chronyd.service
7:blkio:/system.slice/chronyd.service
6:devices:/system.slice/chronyd.service
5:rdma:/
4:cpu,cpuacct:/system.slice/chronyd.service
3:cpuset:/
2:net_cls,net_prio:/
1:name=systemd:/system.slice/chronyd.service
sh-4.4# exit
exit

$ oc create -f scheduler-tuned.yaml 
tuned.tuned.openshift.io/ocp-scheduler-profile created

$ oc get profiles
NAME                                         TUNED                     APPLIED   DEGRADED   AGE
ip-10-0-130-136.us-east-2.compute.internal   ocp-scheduler-profile     True      False      4h21m
ip-10-0-147-151.us-east-2.compute.internal   openshift-control-plane   True      False      4h26m
ip-10-0-173-212.us-east-2.compute.internal   openshift-control-plane   True      False      4h26m
ip-10-0-185-40.us-east-2.compute.internal    openshift-node            True      False      4h21m
ip-10-0-196-55.us-east-2.compute.internal    openshift-node            True      False      4h21m
ip-10-0-223-189.us-east-2.compute.internal   openshift-control-plane   True      False      4h26m

$ oc rsh $pod
sh-4.4# grep ^Cpus_allowed_list /proc/`pgrep openshift-tuned`/status
Cpus_allowed_list:      0-1
sh-4.4# grep Cpus_allowed_list /proc/`pidof chronyd`/status
Cpus_allowed_list:      0
sh-4.4# grep . /proc/`pidof chronyd`/cgroup 
12:freezer:/
11:memory:/system.slice/chronyd.service
10:perf_event:/
9:hugetlb:/
8:pids:/system.slice/chronyd.service
7:blkio:/system.slice/chronyd.service
6:devices:/system.slice/chronyd.service
5:rdma:/
4:cpu,cpuacct:/system.slice/chronyd.service
3:cpuset:/
2:net_cls,net_prio:/
1:name=systemd:/system.slice/chronyd.service
sh-4.4# exit
exit

Comment 6 errata-xmlrpc 2021-08-16 18:32:12 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (OpenShift Container Platform 4.8.5 security update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2021:3121


Note You need to log in before you can comment on or make changes to this bug.