Pod-aware container creation, resource defaults, and lifecycle tracking enhancements #2585
+380
−18
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Harsh Rawat <harshrawat@microsoft.com>
Presently, during the cleanup workflow, we were skipping the cleanup of image layers for pause container. This was because the cleanup happened automatically since the UVM was terminated. With multi-pod feature, that is not true and hence we are performing pause image cleanup in all cases. Signed-off-by: Harsh Rawat <harshrawat@microsoft.com>
rawahars
changed the title
For LCOW containers, if the CPU Period and Quota are not set in the Linux Resource Limits, then we set the default values for the same. This commit adds the change. Signed-off-by: Harsh Rawat <harshrawat@microsoft.com>
…ot directories For LCOWs, Prior to this change, the container root directory path was of the format- '<Root Dir>/c/<CONTAINER_ID>' We are changing it now to- '<Root Dir>/pods/<SANDBOX_ID>/<CONTAINER_ID>' For WCOWs, the only directory which is of our interest is 'C:\\SandboxMounts'. After our change, it would be of format- 'C:\\SandboxMounts\\<SANDBOX_ID>' Signed-off-by: Harsh Rawat <harshrawat@microsoft.com>
rawahars
force-pushed
the
sandbox_api_pr_3
branch
from
4b12c7d to
7f125d4
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This pull request introduces several changes to improve container and pod management, especially around resource allocation, mount paths, and lifecycle tracking. The most significant updates involve passing the pod (sandbox) ID throughout the container creation process, updating root and mount paths to be pod-aware, and adding lifecycle tracking methods for compute systems and utility VMs.
Pod-aware container creation and resource management:
The
sandboxID(pod ID) is now passed through the container and task creation stack (newHcsTask,createContainer, etc.), and included in theCreateOptionsstruct. Mount and root paths for both LCOW and WCOW containers are updated to include thesandboxID, ensuring container filesystems and sandbox mounts are properly namespaced and isolated within their respective pods.For LCOWs, Prior to this change, the container root directory path was of the format-
/run/gcs/c/<CONTAINER_ID>We are changing it now to-
/run/gcs/pods/<SANDBOX_ID>/<CONTAINER_ID>For WCOWs, the only directory which is of our interest is
C:\\SandboxMounts. After our change, it would be of format-C:\\SandboxMounts\\<SANDBOX_ID>Lifecycle tracking and utility methods:
stopTimefield and methods (Stopped,StartTime,StopTime) to theSystemstruct, and corresponding methods toUtilityVM, to track and expose start/stop times and stopped state for compute systems and utility VMs. This aids in lifecycle management. These will be used in follow-up PRs for sandbox api implementation.Resource allocation and defaults:
Set default CPU period and quota for LCOW containers if not specified, ensuring containers have CPU resource defaults as specified in https://docs.kernel.org/scheduler/sched-bwc.html .
Adjusted logic in
allocateLinuxResourcesto always set layers and scratch paths, improving resource cleanup and allocation.Earlier, during the cleanup workflow, we were skipping the cleanup of image layers for pause container. This was because the cleanup happened automatically since the UVM was terminated. With multi-pod feature, that is not true and hence we are performing pause image cleanup in all cases.