Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

KEP Pid Limiting #755

Merged
merged 1 commit into from
Feb 1, 2019
Merged

KEP Pid Limiting #755

merged 1 commit into from
Feb 1, 2019

Conversation

derekwaynecarr
Copy link
Member

The following captures what was discussed in SIG Node on Dec 18, 2018.

See:
https://github.com/kubernetes/community/blob/master/sig-node/archive/meeting-notes-2018.md#dec-18

The KEP is aligned with latest state of code, what is not yet implemented or merged is the NodeAllocatable enforcement that we would like to tackle time-permitting.

@k8s-ci-robot k8s-ci-robot added do-not-merge/blocked-paths Indicates that a PR should not merge because it touches files in blocked paths. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. labels Jan 29, 2019
@derekwaynecarr
Copy link
Member Author

/sig node

/cc @dashpole @dchen1107 @dims

@k8s-ci-robot k8s-ci-robot added kind/kep Categorizes KEP tracking issues and PRs modifying the KEP directory sig/architecture Categorizes an issue or PR as relevant to SIG Architecture. labels Jan 29, 2019
@k8s-ci-robot k8s-ci-robot added sig/node Categorizes an issue or PR as relevant to SIG Node. sig/pm size/L Denotes a PR that changes 100-499 lines, ignoring generated files. labels Jan 29, 2019
@derekwaynecarr derekwaynecarr mentioned this pull request Jan 29, 2019
Closed
@derekwaynecarr
Copy link
Member Author

this captures the output of the discussion here:
kubernetes/kubernetes#72076

@derekwaynecarr derekwaynecarr added this to the v1.14 milestone Jan 29, 2019
dashpole
dashpole approved these changes Jan 29, 2019
View reviewed changes
Copy link
Contributor

@dashpole dashpole left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Proposed changes and content look great. Adding a couple links to give more context to the proposal.
/lgtm

keps/sig-node/0034-20190129-pid-limiting.md Outdated
gate is proposed. If enabled, pid reservations may be supported at the node
allocatable and eviction manager subsystem configurations.

Node allocatable is a well-established feature concept in the kubelet that
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Link to https://kubernetes.io/docs/tasks/administer-cluster/reserve-compute-resources/ for node allocatable.

keps/sig-node/0034-20190129-pid-limiting.md Outdated
- basic support integrated via eviction manager and/or node allocatable level

Beta
- ensure proper node e2e testing coverage to ensure a pod is unable to fork-bomb
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You can link to the fork-bomb test I wrote here: https://github.com/kubernetes/kubernetes/blob/master/test/e2e_node/eviction_test.go#L397.
Although, we should ideally have separate tests for node-level thresholds and allocatable-level thresholds.

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Jan 29, 2019
@dchen1107
Copy link
Member

/lgtm

@dchen1107
Copy link
Member

/approve

@k8s-ci-robot k8s-ci-robot added sig/api-machinery Categorizes an issue or PR as relevant to SIG API Machinery. size/XL Denotes a PR that changes 500-999 lines, ignoring generated files. and removed lgtm "Looks good to me", indicates that a PR is ready to be merged. do-not-merge/blocked-paths Indicates that a PR should not merge because it touches files in blocked paths. size/L Denotes a PR that changes 100-499 lines, ignoring generated files. labels Feb 1, 2019
@derekwaynecarr
Copy link
Member Author

messed up rebase

/hold

@k8s-ci-robot k8s-ci-robot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Feb 1, 2019
@k8s-ci-robot k8s-ci-robot added approved Indicates a PR has been approved by an approver from all required OWNERS files. size/L Denotes a PR that changes 100-499 lines, ignoring generated files. and removed size/XL Denotes a PR that changes 500-999 lines, ignoring generated files. labels Feb 1, 2019
@derekwaynecarr
Copy link
Member Author

/hold cancel

@k8s-ci-robot k8s-ci-robot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Feb 1, 2019
@jbeda
Copy link
Contributor

jbeda commented Feb 1, 2019

Looks like y'all should be able to check this in as it is in the sig-node directory with OWNERS. If you need approval stuff or questions about the KEP process please reach out (I can answer and/or connect).

@derekwaynecarr
Copy link
Member Author

/lgtm

per #755 (comment)
(removed the kep number that caused issues)

@k8s-ci-robot
Copy link
Contributor

@derekwaynecarr: you cannot LGTM your own PR.

In response to this:

/lgtm

per #755 (comment)
(removed the kep number that caused issues)

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@dchen1107
Copy link
Member

/gtm

@bgrant0607
Copy link
Member

/lgtm

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Feb 1, 2019
@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: bgrant0607, dashpole, dchen1107, derekwaynecarr

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot merged commit 15c874d into kubernetes:master Feb 1, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dashpole dashpole dashpole approved these changes

@dchen1107 dchen1107 Awaiting requested review from dchen1107

@mattfarina mattfarina Awaiting requested review from mattfarina

@dims dims Awaiting requested review from dims

Assignees

@dashpole dashpole

@bgrant0607 bgrant0607

@dchen1107 dchen1107

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. kind/kep Categorizes KEP tracking issues and PRs modifying the KEP directory lgtm "Looks good to me", indicates that a PR is ready to be merged. sig/api-machinery Categorizes an issue or PR as relevant to SIG API Machinery. sig/architecture Categorizes an issue or PR as relevant to SIG Architecture. sig/node Categorizes an issue or PR as relevant to SIG Node. size/L Denotes a PR that changes 100-499 lines, ignoring generated files.
Projects
None yet
Milestone
v1.14
Development

Successfully merging this pull request may close these issues.
7 participants
@derekwaynecarr @dchen1107 @jbeda @k8s-ci-robot @bgrant0607 @dashpole @justaugustus