Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Pid Limiting #757

Closed
derekwaynecarr opened this issue Jan 29, 2019 · 52 comments
Closed

Pid Limiting #757

derekwaynecarr opened this issue Jan 29, 2019 · 52 comments
Assignees
Labels
kind/feature Categorizes issue or PR as related to a new feature. sig/node Categorizes an issue or PR as relevant to SIG Node. stage/stable Denotes an issue tracking an enhancement targeted for Stable/GA status
Milestone

Comments

@derekwaynecarr
Copy link
Member

derekwaynecarr commented Jan 29, 2019

Enhancement Description

@k8s-ci-robot k8s-ci-robot added the needs-sig Indicates an issue or PR lacks a `sig/foo` label and requires one. label Jan 29, 2019
@derekwaynecarr
Copy link
Member Author

/sig node

@k8s-ci-robot k8s-ci-robot added sig/node Categorizes an issue or PR as relevant to SIG Node. and removed needs-sig Indicates an issue or PR lacks a `sig/foo` label and requires one. labels Jan 29, 2019
@derekwaynecarr derekwaynecarr added this to the v1.14 milestone Jan 29, 2019
@derekwaynecarr
Copy link
Member Author

/assign @dashpole @dchen1107

@liggitt liggitt added the stage/beta Denotes an issue tracking an enhancement targeted for Beta status label Feb 5, 2019
@ameukam
Copy link
Member

ameukam commented Feb 6, 2019

/kind feature

@k8s-ci-robot k8s-ci-robot added the kind/feature Categorizes issue or PR as related to a new feature. label Feb 6, 2019
@claurence claurence added the tracked/yes Denotes an enhancement issue is actively being tracked by the Release Team label Feb 7, 2019
@ameukam
Copy link
Member

ameukam commented Feb 27, 2019

Hello @derekwaynecarr, 1.14 enhancement shadow here. Code Freeze is March 7th and all PRs must be merged by then to your issue to make the 1.14 release. What open K/K PRs do you still have that need to merge? Thanks

@simplytunde
Copy link

Hey @derekwaynecarr. Just a friendly reminder we're looking for a PR against k/website (branch dev-1.14) due by Friday, March 1. It would be great if it's the start of the full documentation, but even a placeholder PR is acceptable. Let me know if you have any questions!

@sjenning
Copy link
Contributor

sjenning commented Mar 1, 2019

kubernetes/kubernetes#73651 implements node-to-pid isolation for 1.14.
@RobertKrawitz could you open a PR against kubernetes/website for documenting this. Doesn't have to be the full thing yet. I think @simplytunde just needs the PR for release tracking atm.

@RobertKrawitz
Copy link
Contributor

kubernetes/website#12932 is a placeholder.

@RobertKrawitz
Copy link
Contributor

Above PR is complete and waiting for review/approval.

@derekwaynecarr
Copy link
Member Author

kubernetes/website#13006 as well

@kacole2
Copy link

kacole2 commented Apr 11, 2019

Hello @derekwaynecarr, I'm the Enhancement Lead for 1.15. Is this feature going to be graduating alpha/beta/stable stages in 1.15? Please let me know so it can be tracked properly and added to the spreadsheet.

/milestone clear
/tracked no

@k8s-ci-robot k8s-ci-robot removed this from the v1.14 milestone Apr 11, 2019
@kacole2 kacole2 added tracked/no Denotes an enhancement issue is NOT actively being tracked by the Release Team and removed tracked/yes Denotes an enhancement issue is actively being tracked by the Release Team labels Apr 11, 2019
@derekwaynecarr
Copy link
Member Author

we are graduating the node to pod pid isolation to beta for 1.15 per the kep.

/milestone 1.15

@k8s-ci-robot
Copy link
Contributor

@derekwaynecarr: The provided milestone is not valid for this repository. Milestones in this repository: [keps-beta, keps-ga, v1.15, v1.16]

Use /milestone clear to clear the milestone.

In response to this:

we are graduating the node to pod pid isolation to beta for 1.15 per the kep.

/milestone 1.15

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@derekwaynecarr
Copy link
Member Author

/milestone v1.15

@k8s-ci-robot k8s-ci-robot added this to the v1.15 milestone Apr 30, 2019
@kacole2 kacole2 added tracked/yes Denotes an enhancement issue is actively being tracked by the Release Team and removed tracked/no Denotes an enhancement issue is NOT actively being tracked by the Release Team labels Apr 30, 2019
@k8s-ci-robot k8s-ci-robot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Aug 18, 2020
@palnabarun
Copy link
Member

/remove-lifecycle stale

@k8s-ci-robot k8s-ci-robot removed the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Sep 1, 2020
@kikisdeliveryservice
Copy link
Member

Hi @derekwaynecarr @RobertKrawitz

Enhancements Lead here. Are there any plans for this 1.20?

Thanks!
Kirsten

@sjenning
Copy link
Contributor

This is going GA for 1.20 kubernetes/kubernetes#94140

@kikisdeliveryservice
Copy link
Member

/milestone v1.20

@k8s-ci-robot k8s-ci-robot added this to the v1.20 milestone Sep 14, 2020
@kikisdeliveryservice kikisdeliveryservice added tracked/yes Denotes an enhancement issue is actively being tracked by the Release Team stage/stable Denotes an issue tracking an enhancement targeted for Stable/GA status and removed tracked/no Denotes an enhancement issue is NOT actively being tracked by the Release Team stage/beta Denotes an issue tracking an enhancement targeted for Beta status labels Sep 14, 2020
@sftim
Copy link
Contributor

sftim commented Sep 15, 2020

As per #757 (reference) I also recommend documenting the feature.

@kikisdeliveryservice
Copy link
Member

Documentation PR already open: kubernetes/website#23929

@MorrisLaw
Copy link
Member

Hey @derekwaynecarr @RobertKrawitz - 1.20 Enhancements Shadow here 👋

Just a friendly reminder that the Enhancements Freeze deadline is October 6th.

@MorrisLaw
Copy link
Member

Hi @derekwaynecarr,

Since your Enhancement is scheduled to be in 1.20, please keep in mind the important upcoming dates:
Friday, Nov 6th: Week 8 - Docs Placeholder PR deadline
Thursday, Nov 12th: Week 9 - Code Freeze

As a reminder, please link all of your k/k PR as well as docs PR to this issue so we can track them.

Regards,
Jeremy

@kikisdeliveryservice
Copy link
Member

Hey @derekwaynecarr @sjenning

Is kubernetes/kubernetes#94140 the only k/k pr required to move this to GA? Is all work done? Code freeze is tomorrow.

Thanks
Kirsten

@kikisdeliveryservice
Copy link
Member

Confirmed with both Derek and Seth that this is completed. 👍

@hh
Copy link
Member

hh commented Nov 13, 2020

Just a quick check that in the process of promoting this feature to GA, was there any change to the API surface area?

Particularly swagger.json?

We have a process for detecting new GA API operations, but it currently looks primarily at the generated OpenAPI spec.

@hh
Copy link
Member

hh commented Nov 13, 2020

it tests only GA, non-optional features or APIs (e.g., no alpha or beta endpoints, no feature flags required, no deprecated features)

^ From: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/conformance-tests.md#conformance-test-requirements

@dims Can I get your check-in on this? It doesn't seem to touch the OpenAPI spec, but if looks non-optional:

https://github.com/kubernetes/kubernetes/pull/94140/files#diff-71e3b98f9a6bbf5b8421e26a7ba0c079f397cd8d49abacdad943c66a4f44f03dR685-R686

+ SupportPodPidsLimit: {Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // remove in 1.21
+ SupportNodePidsLimit:{Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // remove in 1.21

@derekwaynecarr
Copy link
Member Author

There is no end user api change in the promotion. The feature has been on by default via kubelet Config for multiple releases.

@hh
Copy link
Member

hh commented Nov 13, 2020

Thanks @derekwaynecarr !

@SergeyKanzhelev
Copy link
Member

@derekwaynecarr I wonder if the pid limit test should have been promoted to conformance as part of the GA process? It seems to be satisfying all requirements. I understand now there is a validation for the APIs to be conformance tested. I also see conformance tests for things like config maps. I wonder whether graduation criteria in general should include promoting a test to conformance whenever possible.

On KEP I see the graduation criteria that doesn't say anything about conformance tests:

GA

  • assuming no negative user feedback, promote after 1 release at beta.

The only note on desire to increase coverage of conformance tests I found here:

NB: This should be viewed as a living document in a few key areas:

The desired set of conformant behaviors is not adequately expressed by the current set of e2e tests, as such this document is currently intended to guide us in the addition of new e2e tests than can fill this gap

@annajung annajung removed the tracked/yes Denotes an enhancement issue is actively being tracked by the Release Team label Jan 7, 2021
@annajung
Copy link
Contributor

annajung commented Jan 7, 2021

Hi @SergeyKanzhelev @derekwaynecarr, 1.21 Enhancement Lead here.
Does this issue need to be kept open?

@SergeyKanzhelev
Copy link
Member

This is GA'd. I don't see the reason to keep it open. @annajung can you please fix the link to KEP text in this issue description?

@annajung
Copy link
Contributor

annajung commented Jan 7, 2021

Great, it's been fixed.
With it being GA and KEP updated to implemented, I'm closing this issue.

@annajung annajung closed this as completed Jan 7, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
kind/feature Categorizes issue or PR as related to a new feature. sig/node Categorizes an issue or PR as relevant to SIG Node. stage/stable Denotes an issue tracking an enhancement targeted for Stable/GA status
Projects
None yet
Development

No branches or pull requests