From 0fd9c050727af8d5c38426a069471a98ace9babd Mon Sep 17 00:00:00 2001 From: Charlie Egan Date: Thu, 5 Apr 2018 15:22:26 +0100 Subject: [PATCH 1/2] Set kubelet eviction-hard based on total memory PR originally opened here: https://github.com/jetstack/tarmak/pull/150/files --- .../functions/five_percent_of_total_ram.rb | 16 ++++++++++++++++ manifests/kubelet.pp | 2 ++ spec/classes/kubelet_spec.rb | 1 + spec/spec_helper.rb | 5 +++++ templates/kubelet.service.erb | 1 + 5 files changed, 25 insertions(+) create mode 100644 lib/puppet/functions/five_percent_of_total_ram.rb diff --git a/lib/puppet/functions/five_percent_of_total_ram.rb b/lib/puppet/functions/five_percent_of_total_ram.rb new file mode 100644 index 0000000..9cc7c92 --- /dev/null +++ b/lib/puppet/functions/five_percent_of_total_ram.rb @@ -0,0 +1,16 @@ +Puppet::Functions.create_function(:five_percent_of_total_ram) do + dispatch :five_percent_of_total_ram do + param 'Integer', :total_bytes + end + + def five_percent_of_total_ram(total_bytes) + five_percent = (total_bytes * 0.05 / 1024**2).round + default = 100 + + if five_percent < default + '100Mi' + else + five_percent.to_s + 'Mi' + end + end +end diff --git a/manifests/kubelet.pp b/manifests/kubelet.pp index 2ae8b00..756fb14 100644 --- a/manifests/kubelet.pp +++ b/manifests/kubelet.pp @@ -10,6 +10,8 @@ String $role = 'worker', String $container_runtime = 'docker', String $kubelet_dir = '/var/lib/kubelet', + String $hard_eviction_memory_threshold = + five_percent_of_total_ram(dig44($facts, ['memory', 'system', 'total_bytes'], 1)), Optional[String] $network_plugin = undef, Integer $network_plugin_mtu = 1460, Boolean $allow_privileged = true, diff --git a/spec/classes/kubelet_spec.rb b/spec/classes/kubelet_spec.rb index 74469e1..e101ac8 100644 --- a/spec/classes/kubelet_spec.rb +++ b/spec/classes/kubelet_spec.rb @@ -20,6 +20,7 @@ should_not contain_file(service_file).with_content(/--network-plugin/) should contain_file(service_file).with_content(/--container-runtime=docker/) should contain_file(service_file).with_content(%r{--kubeconfig=/etc/kubernetes/kubeconfig-kubelet}) + should contain_file(service_file).with_content(%r{--eviction-hard="memory.available<191Mi"}) end end diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 26eeef0..4c666e9 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -5,5 +5,10 @@ :path => '/bin:/sbin:/usr/bin:/usr/sbin:/opt/bin', :osfamily => 'RedHat', :kernelversion => '3.11.1', + :memory => { + :system => { + :total_bytes => 4_000_000_000, + } + } } end diff --git a/templates/kubelet.service.erb b/templates/kubelet.service.erb index d32b2e8..1a46276 100644 --- a/templates/kubelet.service.erb +++ b/templates/kubelet.service.erb @@ -103,6 +103,7 @@ ExecStart=<%= scope['kubernetes::_dest_dir'] %>/kubelet \ "--tls-cert-file=<%= @cert_file %>" \ "--tls-private-key-file=<%= @key_file %>" \ <% end -%> + --eviction-hard="memory.available<<%= @hard_eviction_memory_threshold %>" --logtostderr=true Restart=on-failure From b1d06d46b55ca1c9345eba26736ed8a0c997e3f3 Mon Sep 17 00:00:00 2001 From: Charlie Egan Date: Fri, 6 Apr 2018 14:41:18 +0100 Subject: [PATCH 2/2] Format command correctly with backslash --- templates/kubelet.service.erb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/kubelet.service.erb b/templates/kubelet.service.erb index 1a46276..09dc088 100644 --- a/templates/kubelet.service.erb +++ b/templates/kubelet.service.erb @@ -103,7 +103,7 @@ ExecStart=<%= scope['kubernetes::_dest_dir'] %>/kubelet \ "--tls-cert-file=<%= @cert_file %>" \ "--tls-private-key-file=<%= @key_file %>" \ <% end -%> - --eviction-hard="memory.available<<%= @hard_eviction_memory_threshold %>" + --eviction-hard="memory.available<<%= @hard_eviction_memory_threshold %>" \ --logtostderr=true Restart=on-failure