Merge pull request #1519 from AkihiroSuda/config-fix-toml-tag

config: TolerateMissingHugePagesCgroupController -> TolerateMissingHugetlbController
2020-07-02 02:53:46 -05:00 · 2020-07-02 02:53:46 -05:00 · 1bc5ba3f48
commit 1bc5ba3f48
parent 8e0b789c9a fe6833a9a4
6 changed files with 20 additions and 15 deletions
--- a/docs/config.md
+++ b/docs/config.md
@ -45,6 +45,11 @@ version = 2
  # It generates a self-sign certificate unless the following x509_key_pair_streaming are both set.
  enable_tls_streaming = false

+  # tolerate_missing_hugetlb_controller if set to false will error out on create/update
+  # container requests with huge page limits if the cgroup controller for hugepages is not present.
+  # This helps with supporting Kubernetes <=1.18 out of the box. (default is `true`)
+  tolerate_missing_hugetlb_controller = true
+
  # ignore_image_defined_volumes ignores volumes defined by the image. Useful for better resource
 	# isolation, security and early detection of issues in the mount configuration when using
 	# ReadOnlyRootFilesystem since containers won't silently mount a temporary volume.
--- a/pkg/config/config.go
+++ b/pkg/config/config.go
@ -232,10 +232,10 @@ type PluginConfig struct {
 	// UnsetSeccompProfile is the profile containerd/cri will use If the provided seccomp profile is
 	// unset (`""`) for a container (default is `unconfined`)
 	UnsetSeccompProfile string `toml:"unset_seccomp_profile" json:"unsetSeccompProfile"`
-	// TolerateMissingHugePagesCgroupController if set to false will error out on create/update
+	// TolerateMissingHugetlbController if set to false will error out on create/update
 	// container requests with huge page limits if the cgroup controller for hugepages is not present.
 	// This helps with supporting Kubernetes <=1.18 out of the box. (default is `true`)
-	TolerateMissingHugePagesCgroupController bool `toml:"tolerate_missing_hugepages_controller" json:"tolerateMissingHugePagesCgroupController"`
+	TolerateMissingHugetlbController bool `toml:"tolerate_missing_hugetlb_controller" json:"tolerateMissingHugetlbController"`
 	// IgnoreImageDefinedVolumes ignores volumes defined by the image. Useful for better resource
 	// isolation, security and early detection of issues in the mount configuration when using
 	// ReadOnlyRootFilesystem since containers won't silently mount a temporary volume.
--- a/pkg/config/config_unix.go
+++ b/pkg/config/config_unix.go
@ -63,9 +63,9 @@ func DefaultConfig() PluginConfig {
 				},
 			},
 		},
-		MaxConcurrentDownloads:                   3,
-		DisableProcMount:                         false,
-		TolerateMissingHugePagesCgroupController: true,
-		IgnoreImageDefinedVolumes:                false,
+		MaxConcurrentDownloads:           3,
+		DisableProcMount:                 false,
+		TolerateMissingHugetlbController: true,
+		IgnoreImageDefinedVolumes:        false,
 	}
 }
--- a/pkg/containerd/opts/spec_unix.go
+++ b/pkg/containerd/opts/spec_unix.go
@ -408,7 +408,7 @@ func WithSelinuxLabels(process, mount string) oci.SpecOpts {
 }

 // WithResources sets the provided resource restrictions
-func WithResources(resources *runtime.LinuxContainerResources, tolerateMissingHugePagesCgroupController bool) oci.SpecOpts {
+func WithResources(resources *runtime.LinuxContainerResources, tolerateMissingHugetlbController bool) oci.SpecOpts {
 	return func(ctx context.Context, client oci.Client, c *containers.Container, s *runtimespec.Spec) (err error) {
 		if resources == nil {
 			return nil
@ -451,7 +451,7 @@ func WithResources(resources *runtime.LinuxContainerResources, tolerateMissingHu
 		if limit != 0 {
 			s.Linux.Resources.Memory.Limit = &limit
 		}
-		if isHugePagesControllerPresent() {
+		if isHugetlbControllerPresent() {
 			for _, limit := range hugepages {
 				s.Linux.Resources.HugepageLimits = append(s.Linux.Resources.HugepageLimits, runtimespec.LinuxHugepageLimit{
 					Pagesize: limit.PageSize,
@ -459,9 +459,9 @@ func WithResources(resources *runtime.LinuxContainerResources, tolerateMissingHu
 				})
 			}
 		} else {
-			if !tolerateMissingHugePagesCgroupController {
+			if !tolerateMissingHugetlbController {
 				return errors.Errorf("huge pages limits are specified but hugetlb cgroup controller is missing. " +
-					"Please set tolerate_missing_hugepages_controller to `true` to ignore this error")
+					"Please set tolerate_missing_hugetlb_controller to `true` to ignore this error")
 			}
 			logrus.Warn("hugetlb cgroup controller is absent. skipping huge pages limits")
 		}
@ -474,7 +474,7 @@ var (
 	supportsHugetlb     bool
 )

-func isHugePagesControllerPresent() bool {
+func isHugetlbControllerPresent() bool {
 	supportsHugetlbOnce.Do(func() {
 		supportsHugetlb = false
 		if IsCgroup2UnifiedMode() {
--- a/pkg/server/container_create_unix.go
+++ b/pkg/server/container_create_unix.go
@ -225,7 +225,7 @@ func (c *criService) containerSpec(id string, sandboxID string, sandboxPid uint3
 	if c.config.DisableCgroup {
 		specOpts = append(specOpts, customopts.WithDisabledCgroups)
 	} else {
-		specOpts = append(specOpts, customopts.WithResources(config.GetLinux().GetResources(), c.config.TolerateMissingHugePagesCgroupController))
+		specOpts = append(specOpts, customopts.WithResources(config.GetLinux().GetResources(), c.config.TolerateMissingHugetlbController))
 		if sandboxConfig.GetLinux().GetCgroupParent() != "" {
 			cgroupsPath := getCgroupsPath(sandboxConfig.GetLinux().GetCgroupParent(), id)
 			specOpts = append(specOpts, oci.WithCgroup(cgroupsPath))
--- a/pkg/server/container_update_resources_unix.go
+++ b/pkg/server/container_update_resources_unix.go
@ -73,7 +73,7 @@ func (c *criService) updateContainerResources(ctx context.Context,
 		return errors.Wrap(err, "failed to get container spec")
 	}
 	newSpec, err := updateOCILinuxResource(ctx, oldSpec, resources,
-		c.config.TolerateMissingHugePagesCgroupController)
+		c.config.TolerateMissingHugetlbController)
 	if err != nil {
 		return errors.Wrap(err, "failed to update resource in spec")
 	}
@ -134,7 +134,7 @@ func updateContainerSpec(ctx context.Context, cntr containerd.Container, spec *r

 // updateOCILinuxResource updates container resource limit.
 func updateOCILinuxResource(ctx context.Context, spec *runtimespec.Spec, new *runtime.LinuxContainerResources,
-	tolerateMissingHugePagesCgroupController bool) (*runtimespec.Spec, error) {
+	tolerateMissingHugetlbController bool) (*runtimespec.Spec, error) {
 	// Copy to make sure old spec is not changed.
 	var cloned runtimespec.Spec
 	if err := util.DeepCopy(&cloned, spec); err != nil {
@ -143,7 +143,7 @@ func updateOCILinuxResource(ctx context.Context, spec *runtimespec.Spec, new *ru
 	if cloned.Linux == nil {
 		cloned.Linux = &runtimespec.Linux{}
 	}
-	if err := opts.WithResources(new, tolerateMissingHugePagesCgroupController)(ctx, nil, nil, &cloned); err != nil {
+	if err := opts.WithResources(new, tolerateMissingHugetlbController)(ctx, nil, nil, &cloned); err != nil {
 		return nil, errors.Wrap(err, "unable to set linux container resources")
 	}
 	return &cloned, nil