Add support for cri-resource-manager project #232
Conversation
obedmr
force-pushed
the
cri-resource-manager
branch
6 times, most recently
from
623b4b4
to
a466723
Compare
obedmr
force-pushed
the
cri-resource-manager
branch
from
a466723
to
757df25
Compare
There was a problem hiding this comment.
Hi @obedmr . Left a bunch of comments - half just stylistic markdown stuff, but some queries about a couple of bits of code, and then asking if we can do this without tying to a user account/repo... please :-)
| @@ -0,0 +1,55 @@ | |||
| CRI Resource Manager | |||
| ==================== | |||
| CRI_RESMGR_POLICY_OPTIONS=${CRI_RESMGR_POLICY_OPTIONS:-"-dump='reset,full:.*' -dump-file=/tmp/cri.dump"} | ||
| CRI_RESMGR_DEBUG_OPTIONS=${CRI_RESMGR_DEBUG_OPTIONS:-""} | ||
|
|
||
| curl https://raw.githubusercontent.com/obedmr/cri-resource-manager/master/godownloader.sh | bash |
There was a problem hiding this comment.
Ah, I'm going to struggle to ack a script that curls down a binary from a user account and installs it...
Can we try and make this something from either the official CRI-RM repo (or release, if they are maybe released on docker hub for instance), or a 'pull and build from official sources' script?
There was a problem hiding this comment.
and, curl | bash is generally just seen as a big security hole.... ;-)
There was a problem hiding this comment.
well, CRI-Resource-Manager project's plans for releasing binaries is still on definition, we need something to continue, we may use this and later update when official container images or binaries are released.
There was a problem hiding this comment.
I'd like to hold off until CRI-RM gets their binary release method sorted out. I see you have the in-flight intel/cri-resource-manager#55 which creates a deployment style method, which is great. That will require a formal process of pushing a pre-built deployment container image somwhere for CRI-RM.
It would be good to hear if there is some general timeline for CRI-RM binary releases planned - can we ask the CRI-RM team?
| | `RUNNER` | Default Container Runtime | `containerd` | | ||
| | `CRI_RESMGR_POLICY` | CRI Resource Manager Policy type | `null` | | ||
| | `CRI_RESMGR_POLICY_OPTIONS` | CRI Resource Manager extra policy options | `-dump='reset,full:.*' -dump-file=/tmp/cri.dump` | | ||
| | `CRI_RESMGR_DEBUG_OPTIONS` | CRI Resource Manager debugging options | | |
There was a problem hiding this comment.
No default value for this last row? - if none, then can we make it say <none> or N/A or similar pls :-)
| | `CRI_RESMGR_DEBUG_OPTIONS` | CRI Resource Manager debugging options | | | ||
|
|
||
| ``` | ||
| RUNNER=containerd ./install.sh |
There was a problem hiding this comment.
Looks like you have an example here - can you add an 'example:' text to make that clear etc.
also, maybe make it a ```bash block, and add a $ to the front of the command line to make that clear.
There was a problem hiding this comment.
And.... do we say anywhere where to run these scripts? Are they on the master node, or every node, or just workers? It's not clear to me how this is meant to be invoked. Does that need clarification?
There was a problem hiding this comment.
Added a comment for installing/configuring in all nodes where it's wanted to have the cri-resmgr service
| ``` | ||
|
|
||
| - Install verification | ||
| - Verify that the cri-resource-manager service is actually running. |
There was a problem hiding this comment.
probably don't need this line as a bullet
There was a problem hiding this comment.
agree, removed as bullet.
| ``` | ||
|
|
||
| - Setup verification | ||
| - Kubelet service should be restarted and now using `cri-resource-manager` as its container runtime |
There was a problem hiding this comment.
is there any sort of kubectl command etc. you can use to verify it is in place? extracting some JSON or something etc.?
There was a problem hiding this comment.
Tried with the following ones, but they're still showing the botton final container runtime (i.e. containerd, crio or dockershim)
kubectl cluster-info dump
kubectl get nodes -o wide
|
|
||
| More kubernetes native approach (experimental) | ||
| ---------------------------------------------- | ||
| In case that you're interested in a more Kubernetes native way of deploying the CRI Resource manager, take a look on: https://github.com/obedmr/cri-resource-manager/blob/k8s-native/cmd/cri-resmgr/deployment.yaml |
There was a problem hiding this comment.
can/will this end up in the main CRI-RM repo - maybe you can add a wiki page or a PR or Issue there? preferable to referencing a user acct...
There was a problem hiding this comment.
yes, changing it to my current PR
obedmr
force-pushed
the
cri-resource-manager
branch
from
757df25
to
afa35be
Compare
|
@grahamwhaley thanks for the feedback, I updated my PR. :) |
obedmr
force-pushed
the
cri-resource-manager
branch
from
afa35be
to
b2b0991
Compare
There was a problem hiding this comment.
I'm going to NACK this for now, mostly on the grounds of the informal binary releases being referenced for CRI-RM - and, given it looks like there is WIP to get a more formal binary release and install method for CRI-RM in the works.
But, I'd also like to hear input from the clr-k8s-examples owners on the additon of CRI-RM to the stack, and how they'd like to see it etc. /cc @jascott1
| CRI_RESMGR_POLICY_OPTIONS=${CRI_RESMGR_POLICY_OPTIONS:-"-dump='reset,full:.*' -dump-file=/tmp/cri.dump"} | ||
| CRI_RESMGR_DEBUG_OPTIONS=${CRI_RESMGR_DEBUG_OPTIONS:-""} | ||
|
|
||
| curl https://raw.githubusercontent.com/obedmr/cri-resource-manager/master/godownloader.sh | bash |
There was a problem hiding this comment.
I'd like to hold off until CRI-RM gets their binary release method sorted out. I see you have the in-flight intel/cri-resource-manager#55 which creates a deployment style method, which is great. That will require a formal process of pushing a pre-built deployment container image somwhere for CRI-RM.
It would be good to hear if there is some general timeline for CRI-RM binary releases planned - can we ask the CRI-RM team?
This commit adds support for installing and configuring the [cri-resource-manager](https://github.com/intel/cri-resource-manager) project as an systemd-based service. It also adds the automation to configure `kubelet` service to consume it as a remote container runtime. Finally, it's providing the automation for cleaning up the `kubelet` service configuration to its original state without `cri-resource-manager`. Binary installation will be temporally consumed from a personal fork that is currently hosting `cri-resource-manager` binaries in the meantime that `cri-resource-manager` generates its packaging strategy. Signed-off-by: Obed N Munoz <obed.n.munoz@intel.com>
obedmr
force-pushed
the
cri-resource-manager
branch
from
b2b0991
to
063b6ea
Compare
This commit adds support for installing and configuring the
cri-resource-manager project as an systemd-based service.
It also adds the automation to configure
kubeletservice to consumeit as a remote container runtime. Finally, it's providing the automation
for cleaning up the
kubeletservice configuration to its original statewithout
cri-resource-manager.Binary installation will be temporally consumed from a personal fork that
is currently hosting
cri-resource-managerbinaries in the meantime thatcri-resource-managergenerates its packaging strategy.Signed-off-by: Obed N Munoz obed.n.munoz@intel.com