Skip to content

Commit

Permalink
feat: Allow to configure resource requirements of individual containe…
Browse files Browse the repository at this point in the history
…rs (#708)

Allow to configure [resource
requirements](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/)
for each of individuals containers deployed by network-operator.
Each state might deploy one or more containers, user needs to specify
the name of the specific container to set its resource requirements.
By default, requirements are not applied or set to previously set
defaults.
  • Loading branch information
almaslennikov authored Dec 20, 2023
2 parents ad48cf1 + bd43ffb commit 011c546
Show file tree
Hide file tree
Showing 28 changed files with 1,119 additions and 31 deletions.
19 changes: 18 additions & 1 deletion api/v1alpha1/nicclusterpolicy_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,8 @@ type ImageSpec struct {
Version string `json:"version"`
// +optional
// +kubebuilder:default:={}
ImagePullSecrets []string `json:"imagePullSecrets"`
ImagePullSecrets []string `json:"imagePullSecrets"`
ContainerResources []ResourceRequirements `json:"containerResources,omitempty"`
}

// ImageSpecWithConfig Contains ImageSpec and optional configuration
Expand Down Expand Up @@ -184,6 +185,22 @@ type SecondaryNetworkSpec struct {
IpamPlugin *ImageSpec `json:"ipamPlugin,omitempty"`
}

// ResourceRequirements describes the compute resource requirements.
type ResourceRequirements struct {
// Name of the container the requirements are set for
Name string `json:"name"`
// Limits describes the maximum amount of compute resources allowed.
// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
// +optional
Limits v1.ResourceList `json:"limits,omitempty"`
// Requests describes the minimum amount of compute resources required.
// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
// otherwise to an implementation-defined value. Requests cannot exceed Limits.
// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
// +optional
Requests v1.ResourceList `json:"requests,omitempty"`
}

// IBKubernetesSpec describes configuration options for ib-kubernetes
type IBKubernetesSpec struct {
// Image information for ib-kubernetes
Expand Down
36 changes: 36 additions & 0 deletions api/v1alpha1/zz_generated.deepcopy.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

360 changes: 360 additions & 0 deletions config/crd/bases/mellanox.com_nicclusterpolicies.yaml

Large diffs are not rendered by default.

360 changes: 360 additions & 0 deletions deployment/network-operator/crds/mellanox.com_nicclusterpolicies.yaml

Large diffs are not rendered by default.

Original file line number Diff line number Diff line change
Expand Up @@ -55,13 +55,25 @@ spec:
imagePullPolicy: IfNotPresent
securityContext:
privileged: true
{{- with index .RuntimeSpec.ContainerResources "cni-plugins" }}
resources:
{{- if .Requests }}
requests:
{{ .Requests | yaml | nindent 14}}
{{- end }}
{{- if .Limits }}
limits:
{{ .Limits | yaml | nindent 14}}
{{- end }}
{{- else }}
resources:
requests:
cpu: "100m"
memory: "50Mi"
limits:
cpu: "100m"
memory: "50Mi"
{{- end }}
volumeMounts:
- name: cnibin
mountPath: /host/opt/cni/bin
Expand Down
12 changes: 12 additions & 0 deletions manifests/state-ib-kubernetes/0070-deployment.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -71,10 +71,22 @@ spec:
image: {{ .CrSpec.Repository }}/{{ .CrSpec.Image }}:{{ .CrSpec.Version }}
imagePullPolicy: IfNotPresent
command: ["/usr/bin/ib-kubernetes"]
{{- with index .RuntimeSpec.ContainerResources "ib-kubernetes" }}
resources:
{{- if .Requests }}
requests:
{{ .Requests | yaml | nindent 14}}
{{- end }}
{{- if .Limits }}
limits:
{{ .Limits | yaml | nindent 14}}
{{- end }}
{{- else }}
resources:
requests:
cpu: 100m
memory: 300Mi
{{- end }}
env:
- name: DAEMON_SM_PLUGIN
value: "ufm"
Expand Down
12 changes: 12 additions & 0 deletions manifests/state-ipoib-cni/0050-ipoib-cni-ds.yml
Original file line number Diff line number Diff line change
Expand Up @@ -59,13 +59,25 @@ spec:
containers:
- name: ipoib-cni
image: {{ .CrSpec.Repository }}/{{ .CrSpec.Image }}:{{ .CrSpec.Version }}
{{- with index .RuntimeSpec.ContainerResources "ipoib-cni" }}
resources:
{{- if .Requests }}
requests:
{{ .Requests | yaml | nindent 14}}
{{- end }}
{{- if .Limits }}
limits:
{{ .Limits | yaml | nindent 14}}
{{- end }}
{{- else }}
resources:
requests:
cpu: "100m"
memory: "50Mi"
limits:
cpu: "100m"
memory: "50Mi"
{{- end }}
securityContext:
privileged: true
volumeMounts:
Expand Down
12 changes: 12 additions & 0 deletions manifests/state-multus-cni/0050-multus-ds.yml
Original file line number Diff line number Diff line change
Expand Up @@ -55,13 +55,25 @@ spec:
preStop:
exec:
command: ["/bin/sh", "-c", "rm -f /host/etc/cni/net.d/00-multus.conf"]
{{- with index .RuntimeSpec.ContainerResources "kube-multus" }}
resources:
{{- if .Requests }}
requests:
{{ .Requests | yaml | nindent 14}}
{{- end }}
{{- if .Limits }}
limits:
{{ .Limits | yaml | nindent 14}}
{{- end }}
{{- else }}
resources:
requests:
cpu: "100m"
memory: "50Mi"
limits:
cpu: "100m"
memory: "50Mi"
{{- end }}
securityContext:
privileged: true
volumeMounts:
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -63,13 +63,25 @@ spec:
args:
- --v=0
- --logging-format=json
{{- with index .RuntimeSpec.ContainerResources "nic-feature-discovery" }}
resources:
{{- if .Requests }}
requests:
{{ .Requests | yaml | nindent 14}}
{{- end }}
{{- if .Limits }}
limits:
{{ .Limits | yaml | nindent 14}}
{{- end }}
{{- else }}
resources:
requests:
cpu: "100m"
memory: "50Mi"
limits:
cpu: "300m"
memory: "150Mi"
{{- end }}
securityContext:
privileged: true
volumeMounts:
Expand Down
16 changes: 14 additions & 2 deletions manifests/state-nv-ipam-cni/040-nv-ipam-controller.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -119,10 +119,22 @@ spec:
port: 8081
initialDelaySeconds: 5
periodSeconds: 10
{{- with index .RuntimeSpec.ContainerResources "nv-ipam-controller" }}
resources:
{{- if .Requests }}
requests:
cpu: 100m
memory: 300Mi
{{ .Requests | yaml | nindent 14}}
{{- end }}
{{- if .Limits }}
limits:
{{ .Limits | yaml | nindent 14}}
{{- end }}
{{- else }}
resources:
requests:
cpu: "100m"
memory: "300Mi"
{{- end }}
volumeMounts:
{{- if .CrSpec.EnableWebhook }}
- mountPath: /tmp/k8s-webhook-server/serving-certs
Expand Down
12 changes: 12 additions & 0 deletions manifests/state-nv-ipam-cni/040-nv-ipam-node.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -81,13 +81,25 @@ spec:
- --cni-log-file=/var/log/nv-ipam-cni.log
- --cni-log-level=info # log level for shim CNI
- --ippools-namespace=$(IPPOOLS_NAMESPACE)
{{- with index .RuntimeSpec.ContainerResources "nv-ipam-node" }}
resources:
{{- if .Requests }}
requests:
{{ .Requests | yaml | nindent 14}}
{{- end }}
{{- if .Limits }}
limits:
{{ .Limits | yaml | nindent 14}}
{{- end }}
{{- else }}
resources:
requests:
cpu: "100m"
memory: "50Mi"
limits:
cpu: "300m"
memory: "300Mi"
{{- end }}
securityContext:
privileged: true
volumeMounts:
Expand Down
11 changes: 11 additions & 0 deletions manifests/state-ofed-driver/0050_ofed-driver-ds.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -112,6 +112,17 @@ spec:
readOnly: {{ .ReadOnly }}
{{- end }}
{{- end }}
{{- with index .RuntimeSpec.ContainerResources "mofed-container" }}
resources:
{{- if .Requests }}
requests:
{{ .Requests | yaml | nindent 14}}
{{- end }}
{{- if .Limits }}
limits:
{{ .Limits | yaml | nindent 14}}
{{- end }}
{{- end }}
startupProbe:
exec:
command:
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -78,6 +78,17 @@ spec:
- name: host-config-volume
mountPath: /host/etc/pcidp/
{{- end }}
{{- with index .RuntimeSpec.ContainerResources "rdma-shared-dp" }}
resources:
{{- if .Requests }}
requests:
{{ .Requests | yaml | nindent 12}}
{{- end }}
{{- if .Limits }}
limits:
{{ .Limits | yaml | nindent 12}}
{{- end }}
{{- end }}
volumes:
- name: device-plugin
hostPath:
Expand Down
11 changes: 11 additions & 0 deletions manifests/state-sriov-device-plugin/0030-sriov-dp-daemonset.yml
Original file line number Diff line number Diff line change
Expand Up @@ -93,6 +93,17 @@ spec:
- name: host-config-volume
mountPath: /host/etc/pcidp/
{{- end}}
{{- with index .RuntimeSpec.ContainerResources "kube-sriovdp" }}
resources:
{{- if .Requests }}
requests:
{{ .Requests | yaml | nindent 12}}
{{- end }}
{{- if .Limits }}
limits:
{{ .Limits | yaml | nindent 12}}
{{- end }}
{{- end }}
volumes:
- name: devicesock
hostPath:
Expand Down
12 changes: 12 additions & 0 deletions manifests/state-whereabouts-cni/0050-whereabouts-ds.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -60,13 +60,25 @@ spec:
valueFrom:
fieldRef:
fieldPath: metadata.namespace
{{- with index .RuntimeSpec.ContainerResources "whereabouts" }}
resources:
{{- if .Requests }}
requests:
{{ .Requests | yaml | nindent 12}}
{{- end }}
{{- if .Limits }}
limits:
{{ .Limits | yaml | nindent 12}}
{{- end }}
{{- else }}
resources:
requests:
cpu: "100m"
memory: "100Mi"
limits:
cpu: "100m"
memory: "200Mi"
{{- end }}
securityContext:
privileged: true
volumeMounts:
Expand Down
30 changes: 30 additions & 0 deletions pkg/state/container_resources.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
/*
2023 NVIDIA CORPORATION & AFFILIATES
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/

package state

import "github.com/Mellanox/network-operator/api/v1alpha1"

type ContainerResourcesMap map[string]v1alpha1.ResourceRequirements

func createContainerResourcesMap(resources []v1alpha1.ResourceRequirements) ContainerResourcesMap {
containerResources := ContainerResourcesMap{}
for _, val := range resources {
containerResources[val.Name] = val
}

return containerResources
}
6 changes: 4 additions & 2 deletions pkg/state/state_cni_plugins.go
Original file line number Diff line number Diff line change
Expand Up @@ -131,6 +131,7 @@ func (s *stateCNIPlugins) GetWatchSources() map[string]client.Object {
return wr
}

//nolint:dupl
func (s *stateCNIPlugins) getManifestObjects(
cr *mellanoxv1alpha1.NicClusterPolicy, staticConfig staticconfig.Provider,
reqLogger logr.Logger) ([]*unstructured.Unstructured, error) {
Expand All @@ -139,8 +140,9 @@ func (s *stateCNIPlugins) getManifestObjects(
Tolerations: cr.Spec.Tolerations,
NodeAffinity: cr.Spec.NodeAffinity,
RuntimeSpec: &cniRuntimeSpec{
runtimeSpec: runtimeSpec{config.FromEnv().State.NetworkOperatorResourceNamespace},
CniBinDirectory: utils.GetCniBinDirectory(staticConfig, nil),
runtimeSpec: runtimeSpec{config.FromEnv().State.NetworkOperatorResourceNamespace},
CniBinDirectory: utils.GetCniBinDirectory(staticConfig, nil),
ContainerResources: createContainerResourcesMap(cr.Spec.SecondaryNetwork.CniPlugins.ContainerResources),
},
}
// render objects
Expand Down
Loading

0 comments on commit 011c546

Please sign in to comment.