Skip to content

Commit c310671

Browse files
smirashanduur
smira
authored and
shanduur
committed
fix: disable swap for system services
If system services including kubelet/CRI start using swap, it might lead to extreme performance degradation. Disable swap for all system services except for dashboard (which is not critical). ``` NAME SwapCurrent SwapPeak SwapHigh SwapMax ZswapCurrent ZswapMax ZswapWriteback . unset unset unset unset unset unset 1 ├──init 0 B 0 B max 0 B 0 B max 1 ├──podruntime 0 B 0 B max max 0 B max 1 │ ├──etcd 0 B 0 B max 0 B 0 B max 1 │ ├──kubelet 0 B 0 B max 0 B 0 B max 1 │ └──runtime 0 B 0 B max 0 B 0 B max 1 └──system 0 B 0 B max max 0 B max 1 ├──apid 0 B 0 B max 0 B 0 B max 1 ├──dashboard 0 B 0 B max max 0 B max 1 ├──runtime 0 B 0 B max 0 B 0 B max 1 ├──trustd 0 B 0 B max 0 B 0 B max 1 ``` Refactor etcd cgroup to use same common pattern while keeping same settings (but limit swap). Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com> (cherry picked from commit 1549521)
1 parent a7e8426 commit c310671

File tree

3 files changed

+25
-33
lines changed

3 files changed

+25
-33
lines changed

internal/app/machined/pkg/system/runner/runner.go

Lines changed: 0 additions & 20 deletions
Original file line numberDiff line numberDiff line change
@@ -6,18 +6,15 @@
66
package runner
77

88
import (
9-
"context"
109
"fmt"
1110
"io"
1211
"time"
1312

1413
containerd "github.com/containerd/containerd/v2/client"
15-
ocicontainers "github.com/containerd/containerd/v2/core/containers"
1614
"github.com/containerd/containerd/v2/pkg/oci"
1715
"github.com/opencontainers/runtime-spec/specs-go"
1816
"github.com/siderolabs/gen/maps"
1917
"github.com/siderolabs/gen/optional"
20-
"github.com/siderolabs/go-pointer"
2118

2219
"github.com/siderolabs/talos/internal/app/machined/pkg/runtime"
2320
"github.com/siderolabs/talos/internal/app/machined/pkg/runtime/logging"
@@ -245,23 +242,6 @@ func WithUID(uid uint32) Option {
245242
}
246243
}
247244

248-
// WithMemoryReservation sets the memory reservation limit as on OCI spec.
249-
func WithMemoryReservation(limit uint64) oci.SpecOpts {
250-
return func(_ context.Context, _ oci.Client, _ *ocicontainers.Container, s *oci.Spec) error {
251-
if s.Linux.Resources == nil {
252-
s.Linux.Resources = &specs.LinuxResources{}
253-
}
254-
255-
if s.Linux.Resources.Memory == nil {
256-
s.Linux.Resources.Memory = &specs.LinuxMemory{}
257-
}
258-
259-
s.Linux.Resources.Memory.Reservation = pointer.To(int64(limit))
260-
261-
return nil
262-
}
263-
}
264-
265245
// WithPriority sets the priority of the process.
266246
func WithPriority(priority int) Option {
267247
return func(args *Options) {

internal/app/machined/pkg/system/services/etcd.go

Lines changed: 0 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -36,7 +36,6 @@ import (
3636
"github.com/siderolabs/talos/internal/app/machined/pkg/system/runner"
3737
"github.com/siderolabs/talos/internal/app/machined/pkg/system/runner/containerd"
3838
"github.com/siderolabs/talos/internal/app/machined/pkg/system/runner/restart"
39-
"github.com/siderolabs/talos/internal/pkg/cgroup"
4039
"github.com/siderolabs/talos/internal/pkg/containers/image"
4140
"github.com/siderolabs/talos/internal/pkg/environment"
4241
"github.com/siderolabs/talos/internal/pkg/etcd"
@@ -221,8 +220,6 @@ func (e *Etcd) Runner(r runtime.Runtime) (runner.Runner, error) {
221220
oci.WithHostNamespace(specs.NetworkNamespace),
222221
oci.WithMounts(mounts),
223222
oci.WithUser(fmt.Sprintf("%d:%d", constants.EtcdUserID, constants.EtcdUserID)),
224-
runner.WithMemoryReservation(constants.CgroupEtcdReservedMemory),
225-
oci.WithCPUShares(uint64(cgroup.MilliCoresToShares(constants.CgroupEtcdMillicores))),
226223
),
227224
runner.WithOOMScoreAdj(-998),
228225
),

internal/pkg/cgroup/cgroup.go

Lines changed: 25 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -88,8 +88,9 @@ func getCgroupV2Resources(name string) *cgroup2.Resources {
8888
case constants.CgroupInit:
8989
return &cgroup2.Resources{
9090
Memory: &cgroup2.Memory{
91-
Min: pointer.To[int64](constants.CgroupInitReservedMemory),
92-
Low: pointer.To[int64](constants.CgroupInitReservedMemory * 2),
91+
Min: pointer.To[int64](constants.CgroupInitReservedMemory),
92+
Low: pointer.To[int64](constants.CgroupInitReservedMemory * 2),
93+
Swap: pointer.To[int64](0),
9394
},
9495
CPU: &cgroup2.CPU{
9596
Weight: pointer.To[uint64](MillicoresToCPUWeight(MilliCores(constants.CgroupInitMillicores))),
@@ -108,8 +109,9 @@ func getCgroupV2Resources(name string) *cgroup2.Resources {
108109
case constants.CgroupSystemRuntime:
109110
return &cgroup2.Resources{
110111
Memory: &cgroup2.Memory{
111-
Min: pointer.To[int64](constants.CgroupSystemRuntimeReservedMemory),
112-
Low: pointer.To[int64](constants.CgroupSystemRuntimeReservedMemory * 2),
112+
Min: pointer.To[int64](constants.CgroupSystemRuntimeReservedMemory),
113+
Low: pointer.To[int64](constants.CgroupSystemRuntimeReservedMemory * 2),
114+
Swap: pointer.To[int64](0),
113115
},
114116
CPU: &cgroup2.CPU{
115117
Weight: pointer.To[uint64](MillicoresToCPUWeight(MilliCores(constants.CgroupSystemRuntimeMillicores))),
@@ -118,8 +120,9 @@ func getCgroupV2Resources(name string) *cgroup2.Resources {
118120
case constants.CgroupUdevd:
119121
return &cgroup2.Resources{
120122
Memory: &cgroup2.Memory{
121-
Min: pointer.To[int64](constants.CgroupUdevdReservedMemory),
122-
Low: pointer.To[int64](constants.CgroupUdevdReservedMemory * 2),
123+
Min: pointer.To[int64](constants.CgroupUdevdReservedMemory),
124+
Low: pointer.To[int64](constants.CgroupUdevdReservedMemory * 2),
125+
Swap: pointer.To[int64](0),
123126
},
124127
CPU: &cgroup2.CPU{
125128
Weight: pointer.To[uint64](MillicoresToCPUWeight(MilliCores(constants.CgroupUdevdMillicores))),
@@ -134,8 +137,9 @@ func getCgroupV2Resources(name string) *cgroup2.Resources {
134137
case constants.CgroupPodRuntime:
135138
return &cgroup2.Resources{
136139
Memory: &cgroup2.Memory{
137-
Min: pointer.To[int64](constants.CgroupPodRuntimeReservedMemory),
138-
Low: pointer.To[int64](constants.CgroupPodRuntimeReservedMemory * 2),
140+
Min: pointer.To[int64](constants.CgroupPodRuntimeReservedMemory),
141+
Low: pointer.To[int64](constants.CgroupPodRuntimeReservedMemory * 2),
142+
Swap: pointer.To[int64](0),
139143
},
140144
CPU: &cgroup2.CPU{
141145
Weight: pointer.To[uint64](MillicoresToCPUWeight(MilliCores(constants.CgroupPodRuntimeMillicores))),
@@ -144,13 +148,24 @@ func getCgroupV2Resources(name string) *cgroup2.Resources {
144148
case constants.CgroupKubelet:
145149
return &cgroup2.Resources{
146150
Memory: &cgroup2.Memory{
147-
Min: pointer.To[int64](constants.CgroupKubeletReservedMemory),
148-
Low: pointer.To[int64](constants.CgroupKubeletReservedMemory * 2),
151+
Min: pointer.To[int64](constants.CgroupKubeletReservedMemory),
152+
Low: pointer.To[int64](constants.CgroupKubeletReservedMemory * 2),
153+
Swap: pointer.To[int64](0),
149154
},
150155
CPU: &cgroup2.CPU{
151156
Weight: pointer.To[uint64](MillicoresToCPUWeight(MilliCores(constants.CgroupKubeletMillicores))),
152157
},
153158
}
159+
case constants.CgroupEtcd:
160+
return &cgroup2.Resources{
161+
Memory: &cgroup2.Memory{
162+
Low: pointer.To[int64](constants.CgroupEtcdReservedMemory),
163+
Swap: pointer.To[int64](0),
164+
},
165+
CPU: &cgroup2.CPU{
166+
Weight: pointer.To[uint64](MillicoresToCPUWeight(MilliCores(constants.CgroupEtcdMillicores))),
167+
},
168+
}
154169
case constants.CgroupDashboard:
155170
return &cgroup2.Resources{
156171
Memory: &cgroup2.Memory{

0 commit comments

Comments
 (0)