Merge pull request #101161 from rikatz/move-sysctl-util
Move node and networking related helpers from pkg/util to component helpers
This commit is contained in:
Kubernetes Prow Robot
@@ -48,6 +48,7 @@ import (
|
||||
"k8s.io/apimachinery/pkg/util/wait"
|
||||
utilfeature "k8s.io/apiserver/pkg/util/feature"
|
||||
"k8s.io/client-go/tools/record"
|
||||
utilsysctl "k8s.io/component-helpers/node/utils/sysctl"
|
||||
internalapi "k8s.io/cri-api/pkg/apis"
|
||||
podresourcesapi "k8s.io/kubelet/pkg/apis/podresources/v1"
|
||||
kubefeatures "k8s.io/kubernetes/pkg/features"
|
||||
@@ -70,7 +71,6 @@ import (
|
||||
schedulerframework "k8s.io/kubernetes/pkg/scheduler/framework"
|
||||
"k8s.io/kubernetes/pkg/util/oom"
|
||||
"k8s.io/kubernetes/pkg/util/procfs"
|
||||
utilsysctl "k8s.io/kubernetes/pkg/util/sysctl"
|
||||
)
|
||||
|
||||
const (
|
||||
|
||||
@@ -36,6 +36,7 @@ import (
|
||||
utilerrors "k8s.io/apimachinery/pkg/util/errors"
|
||||
utilnet "k8s.io/apimachinery/pkg/util/net"
|
||||
utilsets "k8s.io/apimachinery/pkg/util/sets"
|
||||
utilsysctl "k8s.io/component-helpers/node/utils/sysctl"
|
||||
"k8s.io/klog/v2"
|
||||
kubeletconfig "k8s.io/kubernetes/pkg/kubelet/apis/config"
|
||||
kubecontainer "k8s.io/kubernetes/pkg/kubelet/container"
|
||||
@@ -43,7 +44,6 @@ import (
|
||||
"k8s.io/kubernetes/pkg/kubelet/dockershim/network/hostport"
|
||||
"k8s.io/kubernetes/pkg/util/bandwidth"
|
||||
utiliptables "k8s.io/kubernetes/pkg/util/iptables"
|
||||
utilsysctl "k8s.io/kubernetes/pkg/util/sysctl"
|
||||
utilexec "k8s.io/utils/exec"
|
||||
utilebtables "k8s.io/utils/net/ebtables"
|
||||
|
||||
|
||||
@@ -31,6 +31,7 @@ import (
|
||||
"github.com/stretchr/testify/mock"
|
||||
|
||||
utilsets "k8s.io/apimachinery/pkg/util/sets"
|
||||
sysctltest "k8s.io/component-helpers/node/utils/sysctl/testing"
|
||||
kubeletconfig "k8s.io/kubernetes/pkg/kubelet/apis/config"
|
||||
kubecontainer "k8s.io/kubernetes/pkg/kubelet/container"
|
||||
"k8s.io/kubernetes/pkg/kubelet/dockershim/network"
|
||||
@@ -38,7 +39,6 @@ import (
|
||||
nettest "k8s.io/kubernetes/pkg/kubelet/dockershim/network/testing"
|
||||
"k8s.io/kubernetes/pkg/util/bandwidth"
|
||||
ipttest "k8s.io/kubernetes/pkg/util/iptables/testing"
|
||||
sysctltest "k8s.io/kubernetes/pkg/util/sysctl/testing"
|
||||
"k8s.io/utils/exec"
|
||||
fakeexec "k8s.io/utils/exec/testing"
|
||||
netutils "k8s.io/utils/net"
|
||||
|
||||
@@ -31,12 +31,12 @@ import (
|
||||
utilerrors "k8s.io/apimachinery/pkg/util/errors"
|
||||
utilsets "k8s.io/apimachinery/pkg/util/sets"
|
||||
"k8s.io/apimachinery/pkg/util/validation"
|
||||
utilsysctl "k8s.io/component-helpers/node/utils/sysctl"
|
||||
"k8s.io/klog/v2"
|
||||
kubeletconfig "k8s.io/kubernetes/pkg/kubelet/apis/config"
|
||||
kubecontainer "k8s.io/kubernetes/pkg/kubelet/container"
|
||||
"k8s.io/kubernetes/pkg/kubelet/dockershim/network/hostport"
|
||||
"k8s.io/kubernetes/pkg/kubelet/dockershim/network/metrics"
|
||||
utilsysctl "k8s.io/kubernetes/pkg/util/sysctl"
|
||||
utilexec "k8s.io/utils/exec"
|
||||
netutils "k8s.io/utils/net"
|
||||
|
||||
|
||||
@@ -25,10 +25,10 @@ import (
|
||||
"testing"
|
||||
|
||||
utilsets "k8s.io/apimachinery/pkg/util/sets"
|
||||
sysctltest "k8s.io/component-helpers/node/utils/sysctl/testing"
|
||||
kubeletconfig "k8s.io/kubernetes/pkg/kubelet/apis/config"
|
||||
kubecontainer "k8s.io/kubernetes/pkg/kubelet/container"
|
||||
"k8s.io/kubernetes/pkg/kubelet/dockershim/network"
|
||||
sysctltest "k8s.io/kubernetes/pkg/util/sysctl/testing"
|
||||
netutils "k8s.io/utils/net"
|
||||
|
||||
"github.com/golang/mock/gomock"
|
||||
|
||||
@@ -25,6 +25,7 @@ import (
|
||||
clientset "k8s.io/client-go/kubernetes"
|
||||
v1core "k8s.io/client-go/kubernetes/typed/core/v1"
|
||||
"k8s.io/client-go/tools/events"
|
||||
utilsysctl "k8s.io/component-helpers/node/utils/sysctl"
|
||||
proxyapp "k8s.io/kubernetes/cmd/kube-proxy/app"
|
||||
"k8s.io/kubernetes/pkg/proxy"
|
||||
proxyconfig "k8s.io/kubernetes/pkg/proxy/config"
|
||||
@@ -32,7 +33,6 @@ import (
|
||||
proxyutiliptables "k8s.io/kubernetes/pkg/proxy/util/iptables"
|
||||
utiliptables "k8s.io/kubernetes/pkg/util/iptables"
|
||||
utilnode "k8s.io/kubernetes/pkg/util/node"
|
||||
utilsysctl "k8s.io/kubernetes/pkg/util/sysctl"
|
||||
utilexec "k8s.io/utils/exec"
|
||||
netutils "k8s.io/utils/net"
|
||||
utilpointer "k8s.io/utils/pointer"
|
||||
|
||||
@@ -40,6 +40,7 @@ import (
|
||||
"k8s.io/apimachinery/pkg/util/wait"
|
||||
utilfeature "k8s.io/apiserver/pkg/util/feature"
|
||||
"k8s.io/client-go/tools/events"
|
||||
utilsysctl "k8s.io/component-helpers/node/utils/sysctl"
|
||||
"k8s.io/klog/v2"
|
||||
"k8s.io/kubernetes/pkg/features"
|
||||
"k8s.io/kubernetes/pkg/proxy"
|
||||
@@ -51,7 +52,6 @@ import (
|
||||
"k8s.io/kubernetes/pkg/util/async"
|
||||
"k8s.io/kubernetes/pkg/util/conntrack"
|
||||
utiliptables "k8s.io/kubernetes/pkg/util/iptables"
|
||||
utilsysctl "k8s.io/kubernetes/pkg/util/sysctl"
|
||||
utilexec "k8s.io/utils/exec"
|
||||
netutils "k8s.io/utils/net"
|
||||
)
|
||||
|
||||
@@ -44,6 +44,7 @@ import (
|
||||
"k8s.io/apimachinery/pkg/util/wait"
|
||||
utilfeature "k8s.io/apiserver/pkg/util/feature"
|
||||
"k8s.io/client-go/tools/events"
|
||||
utilsysctl "k8s.io/component-helpers/node/utils/sysctl"
|
||||
"k8s.io/kubernetes/pkg/features"
|
||||
"k8s.io/kubernetes/pkg/proxy"
|
||||
"k8s.io/kubernetes/pkg/proxy/healthcheck"
|
||||
@@ -56,7 +57,6 @@ import (
|
||||
utilipset "k8s.io/kubernetes/pkg/util/ipset"
|
||||
utiliptables "k8s.io/kubernetes/pkg/util/iptables"
|
||||
utilipvs "k8s.io/kubernetes/pkg/util/ipvs"
|
||||
utilsysctl "k8s.io/kubernetes/pkg/util/sysctl"
|
||||
)
|
||||
|
||||
const (
|
||||
|
||||
@@ -30,8 +30,8 @@ import (
|
||||
utilrand "k8s.io/apimachinery/pkg/util/rand"
|
||||
"k8s.io/apimachinery/pkg/util/sets"
|
||||
"k8s.io/client-go/tools/events"
|
||||
utilsysctl "k8s.io/component-helpers/node/utils/sysctl"
|
||||
helper "k8s.io/kubernetes/pkg/apis/core/v1/helper"
|
||||
utilsysctl "k8s.io/kubernetes/pkg/util/sysctl"
|
||||
netutils "k8s.io/utils/net"
|
||||
|
||||
"k8s.io/klog/v2"
|
||||
|
||||
@@ -1,100 +0,0 @@
|
||||
/*
|
||||
Copyright 2015 The Kubernetes Authors.
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/
|
||||
|
||||
package sysctl
|
||||
|
||||
import (
|
||||
"io/ioutil"
|
||||
"path"
|
||||
"strconv"
|
||||
"strings"
|
||||
)
|
||||
|
||||
const (
|
||||
sysctlBase = "/proc/sys"
|
||||
// VMOvercommitMemory refers to the sysctl variable responsible for defining
|
||||
// the memory over-commit policy used by kernel.
|
||||
VMOvercommitMemory = "vm/overcommit_memory"
|
||||
// VMPanicOnOOM refers to the sysctl variable responsible for defining
|
||||
// the OOM behavior used by kernel.
|
||||
VMPanicOnOOM = "vm/panic_on_oom"
|
||||
// KernelPanic refers to the sysctl variable responsible for defining
|
||||
// the timeout after a panic for the kernel to reboot.
|
||||
KernelPanic = "kernel/panic"
|
||||
// KernelPanicOnOops refers to the sysctl variable responsible for defining
|
||||
// the kernel behavior when an oops or BUG is encountered.
|
||||
KernelPanicOnOops = "kernel/panic_on_oops"
|
||||
// RootMaxKeys refers to the sysctl variable responsible for defining
|
||||
// the maximum number of keys that the root user (UID 0 in the root user namespace) may own.
|
||||
RootMaxKeys = "kernel/keys/root_maxkeys"
|
||||
// RootMaxBytes refers to the sysctl variable responsible for defining
|
||||
// the maximum number of bytes of data that the root user (UID 0 in the root user namespace)
|
||||
// can hold in the payloads of the keys owned by root.
|
||||
RootMaxBytes = "kernel/keys/root_maxbytes"
|
||||
|
||||
// VMOvercommitMemoryAlways represents that kernel performs no memory over-commit handling.
|
||||
VMOvercommitMemoryAlways = 1
|
||||
// VMPanicOnOOMInvokeOOMKiller represents that kernel calls the oom_killer function when OOM occurs.
|
||||
VMPanicOnOOMInvokeOOMKiller = 0
|
||||
|
||||
// KernelPanicOnOopsAlways represents that kernel panics on kernel oops.
|
||||
KernelPanicOnOopsAlways = 1
|
||||
// KernelPanicRebootTimeout is the timeout seconds after a panic for the kernel to reboot.
|
||||
KernelPanicRebootTimeout = 10
|
||||
|
||||
// RootMaxKeysSetting is the maximum number of keys that the root user (UID 0 in the root user namespace) may own.
|
||||
// Needed since docker creates a new key per container.
|
||||
RootMaxKeysSetting = 1000000
|
||||
// RootMaxBytesSetting is the maximum number of bytes of data that the root user (UID 0 in the root user namespace)
|
||||
// can hold in the payloads of the keys owned by root.
|
||||
// Allocate 25 bytes per key * number of MaxKeys.
|
||||
RootMaxBytesSetting = RootMaxKeysSetting * 25
|
||||
)
|
||||
|
||||
// Interface is an injectable interface for running sysctl commands.
|
||||
type Interface interface {
|
||||
// GetSysctl returns the value for the specified sysctl setting
|
||||
GetSysctl(sysctl string) (int, error)
|
||||
// SetSysctl modifies the specified sysctl flag to the new value
|
||||
SetSysctl(sysctl string, newVal int) error
|
||||
}
|
||||
|
||||
// New returns a new Interface for accessing sysctl
|
||||
func New() Interface {
|
||||
return &procSysctl{}
|
||||
}
|
||||
|
||||
// procSysctl implements Interface by reading and writing files under /proc/sys
|
||||
type procSysctl struct {
|
||||
}
|
||||
|
||||
// GetSysctl returns the value for the specified sysctl setting
|
||||
func (*procSysctl) GetSysctl(sysctl string) (int, error) {
|
||||
data, err := ioutil.ReadFile(path.Join(sysctlBase, sysctl))
|
||||
if err != nil {
|
||||
return -1, err
|
||||
}
|
||||
val, err := strconv.Atoi(strings.Trim(string(data), " \n"))
|
||||
if err != nil {
|
||||
return -1, err
|
||||
}
|
||||
return val, nil
|
||||
}
|
||||
|
||||
// SetSysctl modifies the specified sysctl flag to the new value
|
||||
func (*procSysctl) SetSysctl(sysctl string, newVal int) error {
|
||||
return ioutil.WriteFile(path.Join(sysctlBase, sysctl), []byte(strconv.Itoa(newVal)), 0640)
|
||||
}
|
||||
@@ -1,52 +0,0 @@
|
||||
/*
|
||||
Copyright 2015 The Kubernetes Authors.
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/
|
||||
|
||||
package testing
|
||||
|
||||
import (
|
||||
"os"
|
||||
|
||||
"k8s.io/kubernetes/pkg/util/sysctl"
|
||||
)
|
||||
|
||||
// Fake is a map-backed implementation of sysctl.Interface, for testing/mocking.
|
||||
type Fake struct {
|
||||
Settings map[string]int
|
||||
}
|
||||
|
||||
// NewFake creates a fake sysctl implementation.
|
||||
func NewFake() *Fake {
|
||||
return &Fake{
|
||||
Settings: make(map[string]int),
|
||||
}
|
||||
}
|
||||
|
||||
// GetSysctl returns the value for the specified sysctl setting.
|
||||
func (m *Fake) GetSysctl(sysctl string) (int, error) {
|
||||
v, found := m.Settings[sysctl]
|
||||
if !found {
|
||||
return -1, os.ErrNotExist
|
||||
}
|
||||
return v, nil
|
||||
}
|
||||
|
||||
// SetSysctl modifies the specified sysctl flag to the new value.
|
||||
func (m *Fake) SetSysctl(sysctl string, newVal int) error {
|
||||
m.Settings[sysctl] = newVal
|
||||
return nil
|
||||
}
|
||||
|
||||
var _ = sysctl.Interface(&Fake{})
|
||||
Reference in New Issue
Block a user