Bug 2015819 - Conmon sandbox processes run on non-reserved CPUs with workload partitioning
Summary: Conmon sandbox processes run on non-reserved CPUs with workload partitioning
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Node
Version: 4.8
Hardware: Unspecified
OS: Unspecified
unspecified
medium
Target Milestone: ---
: 4.10.0
Assignee: Peter Hunt
QA Contact: Sunil Choudhary
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2021-10-20 07:50 UTC by Mario Vázquez
Modified: 2022-06-09 20:02 UTC (History)
11 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2022-03-10 16:21:06 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github cri-o cri-o pull 5414 0 None Merged oci: set conmon cpuset to infra_ctr_cpuset 2021-12-17 19:58:38 UTC
Red Hat Product Errata RHSA-2022:0056 0 None None None 2022-03-10 16:21:28 UTC

Description Mario Vázquez 2021-10-20 07:50:47 UTC 
Description of problem:
We are seeing conmon sandbox processes running on CPUs outside of the reserved CPUs configured by workload partitioning and PAO.



Version-Release number of selected component (if applicable):
4.8.14

How reproducible:
Always

Steps to Reproduce:
1. In a cluster with WP and PAO create some pods
2. Access the node and check conmon processes CPU allocation with something like: ps -eaF | grep conmon


Actual results:
Some conmon processes are running on CPUs outside the reserved CPU list.

Expected results:
All conmon processes are running on CPUS in the reserved CPU list.

Additional info:

There is a fix on CRI-O already: https://github.com/cri-o/cri-o/pull/5414

We will need this backported to 4.8.
Comment 17 Sunil Choudhary 2022-02-11 08:43:40 UTC 
Verified on 4.10.0-0.nightly-2022-02-10-161006
Comment 19 errata-xmlrpc 2022-03-10 16:21:06 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: OpenShift Container Platform 4.10.3 security update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2022:0056
Note You need to log in before you can comment on or make changes to this bug.