From 639835a7b5e1a4e578cc084a1ebfd671f4a6a7fe Mon Sep 17 00:00:00 2001 From: Krisztian Litkey Date: Fri, 17 May 2024 11:53:29 +0300 Subject: [PATCH 1/4] config-manager: allow configuring NRI timeouts. Allow setting NRI plugin registration and request timeouts in the CRI-O or containerd configuration files. Require neither or both timeouts to be given. If both are given, verify that registration timeout is larger than the request timeout. Signed-off-by: Krisztian Litkey --- cmd/config-manager/main.go | 106 ++++++++++++++++++++++++++++++++++--- 1 file changed, 98 insertions(+), 8 deletions(-) diff --git a/cmd/config-manager/main.go b/cmd/config-manager/main.go index 1227f93fc..0632b6996 100644 --- a/cmd/config-manager/main.go +++ b/cmd/config-manager/main.go @@ -20,6 +20,7 @@ import ( "bufio" "bytes" "context" + "flag" "fmt" "os" "time" @@ -43,7 +44,26 @@ var ( log = logrus.StandardLogger() ) +type nriConfig struct { + registrationTimeout string + requestTimeout string +} + func main() { + var cfg nriConfig + + flag.StringVar(&cfg.requestTimeout, + "nri-plugin-request-timeout", "", "NRI plugin request timeout to patch, as time.Duration") + flag.StringVar(&cfg.registrationTimeout, + "nri-plugin-registration-timeout", "", "NRI plugin registration timeout to patch, as time.Duration") + + flag.Parse() + + err := cfg.check() + if err != nil { + log.Fatalf("invalid NRI configuration requested: %v", err) + } + unit, conn, err := detectRuntime() if err != nil { log.Fatalf("failed to autodetect container runtime: %v", err) @@ -52,9 +72,9 @@ func main() { switch unit { case containerdUnit: - err = enableNriForContainerd() + err = configureNriForContainerd(&cfg) case crioUnit: - err = enableNriForCrio() + err = configureNriForCrio(&cfg) default: log.Fatalf("unknown container runtime %q", unit) } @@ -83,14 +103,14 @@ func main() { log.Println("enabled NRI for", unit) } -func enableNriForContainerd() error { - log.Infof("enabling NRI in containerd configuration...") +func configureNriForContainerd(cfg *nriConfig) error { + log.Infof("configuring NRI for containerd...") tomlMap, err := readConfig(containerdConfigFile) if err != nil { return fmt.Errorf("error reading TOML file: %w", err) } - updatedTomlMap := updateContainerdConfig(tomlMap) + updatedTomlMap := updateContainerdConfig(tomlMap, cfg) err = writeToContainerdConfig(containerdConfigFile, updatedTomlMap) if err != nil { @@ -99,8 +119,8 @@ func enableNriForContainerd() error { return nil } -func enableNriForCrio() error { - log.Infof("enabling NRI in CRI-O configuration...") +func configureNriForCrio(cfg *nriConfig) error { + log.Infof("configuring NRI for CRI-O...") f, err := os.Create(crioConfigFile) if err != nil { return fmt.Errorf("error creating a drop-in file for CRI-O: %w", err) @@ -111,6 +131,12 @@ func enableNriForCrio() error { if err != nil { return fmt.Errorf("error writing a drop-in file for CRI-O: %w", err) } + + err = cfg.writeCrioConfig(f) + if err != nil { + return fmt.Errorf("error writing NRI configuration for CRI-O: %w", err) + } + return nil } @@ -149,7 +175,7 @@ func readConfig(file string) (map[string]interface{}, error) { return tomlMap, nil } -func updateContainerdConfig(config map[string]interface{}) map[string]interface{} { +func updateContainerdConfig(config map[string]interface{}, cfg *nriConfig) map[string]interface{} { plugins, exists := config["plugins"].(map[string]interface{}) if !exists { log.Println("top level plugins section not found, adding it to enable NRI...") @@ -165,9 +191,73 @@ func updateContainerdConfig(config map[string]interface{}) map[string]interface{ } nri["disable"] = false + + cfg.updateContainerdConfig(config) + return config } +func (cfg *nriConfig) check() error { + switch { + case cfg.registrationTimeout == "" && cfg.requestTimeout == "": + return nil + case cfg.registrationTimeout != "" && cfg.requestTimeout == "": + return fmt.Errorf("NRI plugin registration timeout set without request timeout") + case cfg.registrationTimeout == "" && cfg.requestTimeout != "": + return fmt.Errorf("NRI plugin request timeout set without registration timeout") + } + + register, err := time.ParseDuration(cfg.registrationTimeout) + if err != nil { + return fmt.Errorf("invalid plugin registration timeout: %w", err) + } + request, err := time.ParseDuration(cfg.requestTimeout) + if err != nil { + return fmt.Errorf("invalid plugin request timeout: %w", err) + } + + if register <= request { + return fmt.Errorf("NRI plugin registration timeout (%s) must be > request timeout (%s)", + register, request) + } + + return nil +} + +func (cfg *nriConfig) writeCrioConfig(f *os.File) error { + const ( + registrationTimeout = "nri_plugin_registration_timeout" + requestTimeout = "nri_plugin_request_timeout" + ) + if cfg.registrationTimeout != "" { + key, value := registrationTimeout, "\""+cfg.registrationTimeout+"\"" + if _, err := f.WriteString(key + " = " + value + "\n"); err != nil { + return err + } + } + if cfg.requestTimeout != "" { + key, value := requestTimeout, "\""+cfg.requestTimeout+"\"" + if _, err := f.WriteString(key + " = " + value + "\n"); err != nil { + return err + } + } + return nil +} + +func (cfg *nriConfig) updateContainerdConfig(tomlCfg map[string]interface{}) { + const ( + registrationTimeout = "plugin_registration_timeout" + requestTimeout = "plugin_request_timeout" + ) + + if cfg.registrationTimeout != "" { + tomlCfg[registrationTimeout] = cfg.registrationTimeout + } + if cfg.requestTimeout != "" { + tomlCfg[requestTimeout] = cfg.requestTimeout + } +} + func detectRuntime() (string, *dbus.Conn, error) { log.Infof("setting up D-Bus connection...") conn, err := dbus.NewSystemConnectionContext(context.Background()) From 590107dcfc5004748b155e76cf3a37f19ee967c1 Mon Sep 17 00:00:00 2001 From: Krisztian Litkey Date: Fri, 17 May 2024 14:43:54 +0300 Subject: [PATCH 2/4] helm: update charts to allow patching NRI timeouts. Update all plugin Helm charts, to allow the config-manager to patch plugin registration and request timeouts in the runtime configuration. Aiming for more consistent value structure by switching from these NRI-related bits: nri: patchRuntimeConfig: false pluginIndex: 90 to these new ones: nri: plugin: index: 90 runtime: patchConfig: false config: pluginRegistrationTimeout: 5s pluginRequestTimeout: 2s There would be room for further later improvements by moving the bits for enabling plugin test APIs to nri.plugin, too... Signed-off-by: Krisztian Litkey --- deployment/helm/balloons/README.md | 23 +++++---- .../helm/balloons/templates/daemonset.yaml | 13 +++-- deployment/helm/balloons/values.schema.json | 51 ++++++++++++++++--- deployment/helm/balloons/values.yaml | 9 +++- deployment/helm/memory-qos/README.md | 23 +++++---- .../helm/memory-qos/templates/daemonset.yaml | 13 +++-- deployment/helm/memory-qos/values.schema.json | 51 ++++++++++++++++--- deployment/helm/memory-qos/values.yaml | 9 +++- deployment/helm/memtierd/README.md | 23 +++++---- .../helm/memtierd/templates/daemonset.yaml | 13 +++-- deployment/helm/memtierd/values.schema.json | 51 ++++++++++++++++--- deployment/helm/memtierd/values.yaml | 9 +++- deployment/helm/sgx-epc/README.md | 23 +++++---- .../helm/sgx-epc/templates/daemonset.yaml | 13 +++-- deployment/helm/sgx-epc/values.schema.json | 51 ++++++++++++++++--- deployment/helm/sgx-epc/values.yaml | 9 +++- deployment/helm/template/README.md | 23 +++++---- .../helm/template/templates/daemonset.yaml | 13 +++-- deployment/helm/template/values.schema.json | 51 ++++++++++++++++--- deployment/helm/template/values.yaml | 9 +++- deployment/helm/topology-aware/README.md | 23 +++++---- .../topology-aware/templates/daemonset.yaml | 13 +++-- .../helm/topology-aware/values.schema.json | 51 ++++++++++++++++--- deployment/helm/topology-aware/values.yaml | 9 +++- 24 files changed, 444 insertions(+), 132 deletions(-) diff --git a/deployment/helm/balloons/README.md b/deployment/helm/balloons/README.md index 068b05534..bd23ca88e 100644 --- a/deployment/helm/balloons/README.md +++ b/deployment/helm/balloons/README.md @@ -17,13 +17,13 @@ are disjoint CPU pools. [these](https://github.com/containerd/containerd/blob/main/docs/NRI.md#enabling-nri-support-in-containerd) detailed instructions. You can optionally enable the NRI in containerd using the Helm chart during the chart installation simply by setting the - `nri.patchRuntimeConfig` parameter. For instance, + `nri.runtime.patchConfig` parameter. For instance, ```sh - helm install my-balloons nri-plugins/nri-resource-policy-balloons --set nri.patchRuntimeConfig=true --namespace kube-system + helm install my-balloons nri-plugins/nri-resource-policy-balloons --set nri.runtime.patchConfig=true --namespace kube-system ``` - Enabling `nri.patchRuntimeConfig` creates an init container to turn on + Enabling `nri.runtime.patchConfig` creates an init container to turn on NRI feature in containerd and only after that proceed the plugin installation. @@ -34,10 +34,10 @@ are disjoint CPU pools. [these](https://github.com/cri-o/cri-o/blob/main/docs/crio.conf.5.md#crionri-table) detailed instructions. You can optionally enable the NRI in CRI-O using the Helm chart during the chart installation simply by setting the - `nri.patchRuntimeConfig` parameter. For instance, + `nri.runtime.patchConfig` parameter. For instance, ```sh - helm install my-balloons nri-plugins/nri-resource-policy-balloons --namespace kube-system --set nri.patchRuntimeConfig=true + helm install my-balloons nri-plugins/nri-resource-policy-balloons --namespace kube-system --set nri.runtime.patchConfig=true ``` ## Installing the Chart @@ -57,14 +57,17 @@ values.yaml file and provide it using the `-f` flag. For example: ```sh # Install the balloons plugin with custom values provided using the --set option -helm install my-balloons nri-plugins/nri-resource-policy-balloons --namespace kube-system --set nri.patchRuntimeConfig=true +helm install my-balloons nri-plugins/nri-resource-policy-balloons --namespace kube-system --set nri.runtime.patchConfig=true ``` ```sh # Install the balloons plugin with custom values specified in a custom values.yaml file cat < myPath/values.yaml nri: - patchRuntimeConfig: true + runtime: + patchConfig: true + plugin: + index: 10 tolerations: - key: "node-role.kubernetes.io/control-plane" @@ -99,8 +102,10 @@ customize with their own values, along with the default values. | `hostPort` | 8891 | metrics port to expose on the host | | `config` | see [helm chart values](tree:/deployment/helm/balloons/values.yaml) for the default configuration | plugin configuration data | | `configGroupLabel` | config.nri/group | node label for grouping configuration | -| `nri.patchRuntimeConfig` | false | enable NRI in containerd or CRI-O | -| `nri.pluginIndex` | 90 | NRI plugin index to register with | +| `nri.runtime.config.pluginRegistrationTimeout` | "" | set NRI plugin registration timeout in NRI config of containerd or CRI-O | +| `nri.runtime.config.pluginRequestTimeout` | "" | set NRI plugin request timeout in NRI config of containerd or CRI-O | +| `nri.runtime.patchConfig` | false | patch NRI configuration in containerd or CRI-O | +| `nri.plugin.index` | 90 | NRI plugin index to register with | `initImage.name` | [ghcr.io/containers/nri-plugins/config-manager](https://ghcr.io/containers/nri-plugins/config-manager) | init container image name | | `initImage.tag` | unstable | init container image tag | | `initImage.pullPolicy` | Always | init container image pull policy | diff --git a/deployment/helm/balloons/templates/daemonset.yaml b/deployment/helm/balloons/templates/daemonset.yaml index 6f98e5de4..567aac344 100644 --- a/deployment/helm/balloons/templates/daemonset.yaml +++ b/deployment/helm/balloons/templates/daemonset.yaml @@ -28,9 +28,16 @@ spec: {{- with .Values.nodeSelector }} {{- toYaml . | nindent 8 }} {{- end }} - {{- if .Values.nri.patchRuntimeConfig }} + {{- if .Values.nri.runtime.patchConfig }} initContainers: - name: patch-runtime + {{- if (not (or (eq .Values.nri.runtime.config nil) (eq .Values.nri.runtime.config.pluginRegistrationTimeout ""))) }} + args: + - -nri-plugin-registration-timeout + - {{ .Values.nri.runtime.config.pluginRegistrationTimeout }} + - -nri-plugin-request-timeout + - {{ .Values.nri.runtime.config.pluginRequestTimeout }} + {{- end }} image: {{ .Values.initContainerImage.name }}:{{ .Values.initContainerImage.tag | default .Chart.AppVersion }} imagePullPolicy: {{ .Values.initContainerImage.pullPolicy }} volumeMounts: @@ -55,7 +62,7 @@ spec: - -metrics-interval - 5s - --nri-plugin-index - - "{{ .Values.nri.pluginIndex | int | printf "%02d" }}" + - "{{ .Values.nri.plugin.index | int | printf "%02d" }}" {{- if .Values.configGroupLabel }} - --config-group-label - {{ .Values.configGroupLabel }} @@ -116,7 +123,7 @@ spec: hostPath: path: /var/run/nri type: DirectoryOrCreate - {{- if .Values.nri.patchRuntimeConfig }} + {{- if .Values.nri.runtime.patchConfig }} - name: containerd-config hostPath: path: /etc/containerd/ diff --git a/deployment/helm/balloons/values.schema.json b/deployment/helm/balloons/values.schema.json index 6ca62bb25..f2a0e68b6 100644 --- a/deployment/helm/balloons/values.schema.json +++ b/deployment/helm/balloons/values.schema.json @@ -65,17 +65,52 @@ "nri": { "type": "object", "required": [ - "patchRuntimeConfig", - "pluginIndex" + "plugin", + "runtime" ], "properties": { - "patchRuntimeConfig": { - "type": "boolean" + "plugin": { + "type": "object", + "required": [ + "index" + ], + "properties": { + "index": { + "type": "integer", + "minimum": 0, + "maximum": 99 + } + } }, - "pluginIndex": { - "type": "integer", - "minimum": 0, - "maximum": 99 + "runtime": { + "type": "object", + "required": [ + "patchConfig" + ], + "properties": { + "patchConfig": { + "type": "boolean" + }, + "config": { + "type": "object", + "required": [ + "pluginRegistrationTimeout", + "pluginRequestTimeout" + ], + "properties": { + "pluginRegistrationTimeout": { + "type": "string", + "$comment": "allowed range is 5-30s", + "pattern": "^(([5-9])|([1-2][0-9])|(30))s$" + }, + "pluginRequestTimeout": { + "type": "string", + "$comment": "allowed range is 2-30s", + "pattern": "^(([2-9])|([1-2][0-9])|(30))s$" + } + } + } + } } } }, diff --git a/deployment/helm/balloons/values.yaml b/deployment/helm/balloons/values.yaml index 1ca06946f..922211ddd 100644 --- a/deployment/helm/balloons/values.yaml +++ b/deployment/helm/balloons/values.yaml @@ -48,8 +48,13 @@ resources: memory: 512Mi nri: - patchRuntimeConfig: false - pluginIndex: 90 + plugin: + index: 90 + runtime: + patchConfig: false +# config: +# pluginRegistrationTimeout: 5s +# pluginRequestTimeout: 2s initContainerImage: name: ghcr.io/containers/nri-plugins/nri-config-manager diff --git a/deployment/helm/memory-qos/README.md b/deployment/helm/memory-qos/README.md index 86e254aeb..18236f4f3 100644 --- a/deployment/helm/memory-qos/README.md +++ b/deployment/helm/memory-qos/README.md @@ -17,13 +17,13 @@ parameters: QoS class and direct memory annotations. [these](https://github.com/containerd/containerd/blob/main/docs/NRI.md#enabling-nri-support-in-containerd) detailed instructions. You can optionally enable the NRI in containerd using the Helm chart during the chart installation simply by setting the - `nri.patchRuntimeConfig` parameter. For instance, + `nri.runtime.patchConfig` parameter. For instance, ```sh - helm install my-memory-qos nri-plugins/nri-memory-qos --set nri.patchRuntimeConfig=true --namespace kube-system + helm install my-memory-qos nri-plugins/nri-memory-qos --set nri.runtime.patchConfig=true --namespace kube-system ``` - Enabling `nri.patchRuntimeConfig` creates an init container to turn on + Enabling `nri.runtime.patchConfig` creates an init container to turn on NRI feature in containerd and only after that proceed the plugin installation. @@ -34,10 +34,10 @@ parameters: QoS class and direct memory annotations. [these](https://github.com/cri-o/cri-o/blob/main/docs/crio.conf.5.md#crionri-table) detailed instructions. You can optionally enable the NRI in CRI-O using the Helm chart during the chart installation simply by setting the - `nri.patchRuntimeConfig` parameter. For instance, + `nri.runtime.patchConfig` parameter. For instance, ```sh - helm install my-memory-qos nri-plugins/nri-memory-qos --namespace kube-system --set nri.patchRuntimeConfig=true + helm install my-memory-qos nri-plugins/nri-memory-qos --namespace kube-system --set nri.runtime.patchConfig=true ``` ## Installing the Chart @@ -57,14 +57,17 @@ values.yaml file and provide it using the `-f` flag. For example: ```sh # Install the memory-qos plugin with custom values provided using the --set option -helm install my-memory-qos nri-plugins/nri-memory-qos --namespace kube-system --set nri.patchRuntimeConfig=true +helm install my-memory-qos nri-plugins/nri-memory-qos --namespace kube-system --set nri.runtime.patchConfig=true ``` ```sh # Install the memory-qos plugin with custom values specified in a custom values.yaml file cat < myPath/values.yaml nri: - patchRuntimeConfig: true + runtime: + patchConfig: true + plugin: + index: 10 tolerations: - key: "node-role.kubernetes.io/control-plane" @@ -95,8 +98,10 @@ customize with their own values, along with the default values. | `image.pullPolicy` | Always | image pull policy | | `resources.cpu` | 10m | cpu resources for the Pod | | `resources.memory` | 100Mi | memory qouta for the Pod | -| `nri.patchRuntimeConfig` | false | enable NRI in containerd or CRI-O | -| `nri.pluginIndex` | 40 | NRI plugin index to register with | +| `nri.runtime.config.pluginRegistrationTimeout` | "" | set NRI plugin registration timeout in NRI config of containerd or CRI-O | +| `nri.runtime.config.pluginRequestTimeout` | "" | set NRI plugin request timeout in NRI config of containerd or CRI-O | +| `nri.runtime.patchConfig` | false | patch NRI configuration in containerd or CRI-O | +| `nri.plugin.index` | 90 | NRI plugin index to register with | `initImage.name` | [ghcr.io/containers/nri-plugins/config-manager](https://ghcr.io/containers/nri-plugins/config-manager) | init container image name | | `initImage.tag` | unstable | init container image tag | | `initImage.pullPolicy` | Always | init container image pull policy | diff --git a/deployment/helm/memory-qos/templates/daemonset.yaml b/deployment/helm/memory-qos/templates/daemonset.yaml index 473452312..01a460c78 100644 --- a/deployment/helm/memory-qos/templates/daemonset.yaml +++ b/deployment/helm/memory-qos/templates/daemonset.yaml @@ -27,9 +27,16 @@ spec: {{- with .Values.nodeSelector }} {{- toYaml . | nindent 8 }} {{- end }} - {{- if .Values.nri.patchRuntimeConfig }} + {{- if .Values.nri.runtime.patchConfig }} initContainers: - name: patch-runtime + {{- if (not (or (eq .Values.nri.runtime.config nil) (eq .Values.nri.runtime.config.pluginRegistrationTimeout ""))) }} + args: + - -nri-plugin-registration-timeout + - {{ .Values.nri.runtime.config.pluginRegistrationTimeout }} + - -nri-plugin-request-timeout + - {{ .Values.nri.runtime.config.pluginRequestTimeout }} + {{- end }} image: {{ .Values.initContainerImage.name }}:{{ .Values.initContainerImage.tag | default .Chart.AppVersion }} imagePullPolicy: {{ .Values.initContainerImage.pullPolicy }} volumeMounts: @@ -47,7 +54,7 @@ spec: command: - nri-memory-qos - --idx - - "{{ .Values.nri.pluginIndex | int | printf "%02d" }}" + - "{{ .Values.nri.plugin.index | int | printf "%02d" }}" - --config - /etc/nri/memory-qos/config.yaml - -v @@ -73,7 +80,7 @@ spec: hostPath: path: /var/run/nri type: DirectoryOrCreate - {{- if .Values.nri.patchRuntimeConfig }} + {{- if .Values.nri.runtime.patchConfig }} - name: containerd-config hostPath: path: /etc/containerd/ diff --git a/deployment/helm/memory-qos/values.schema.json b/deployment/helm/memory-qos/values.schema.json index 421966e27..4f67dae62 100644 --- a/deployment/helm/memory-qos/values.schema.json +++ b/deployment/helm/memory-qos/values.schema.json @@ -61,17 +61,52 @@ "nri": { "type": "object", "required": [ - "patchRuntimeConfig", - "pluginIndex" + "plugin", + "runtime" ], "properties": { - "patchRuntimeConfig": { - "type": "boolean" + "plugin": { + "type": "object", + "required": [ + "index" + ], + "properties": { + "index": { + "type": "integer", + "minimum": 0, + "maximum": 99 + } + } }, - "pluginIndex": { - "type": "integer", - "minimum": 0, - "maximum": 99 + "runtime": { + "type": "object", + "required": [ + "patchConfig" + ], + "properties": { + "patchConfig": { + "type": "boolean" + }, + "config": { + "type": "object", + "required": [ + "pluginRegistrationTimeout", + "pluginRequestTimeout" + ], + "properties": { + "pluginRegistrationTimeout": { + "type": "string", + "$comment": "allowed range is 5-30s", + "pattern": "^(([5-9])|([1-2][0-9])|(30))s$" + }, + "pluginRequestTimeout": { + "type": "string", + "$comment": "allowed range is 2-30s", + "pattern": "^(([2-9])|([1-2][0-9])|(30))s$" + } + } + } + } } } }, diff --git a/deployment/helm/memory-qos/values.yaml b/deployment/helm/memory-qos/values.yaml index b70361af6..fb207856d 100644 --- a/deployment/helm/memory-qos/values.yaml +++ b/deployment/helm/memory-qos/values.yaml @@ -13,8 +13,13 @@ resources: memory: 100Mi nri: - patchRuntimeConfig: false - pluginIndex: 40 + plugin: + index: 90 + runtime: + patchConfig: false +# config: +# pluginRegistrationTimeout: 5s +# pluginRequestTimeout: 2s initContainerImage: name: ghcr.io/containers/nri-plugins/nri-config-manager diff --git a/deployment/helm/memtierd/README.md b/deployment/helm/memtierd/README.md index d91847148..3eea7c804 100644 --- a/deployment/helm/memtierd/README.md +++ b/deployment/helm/memtierd/README.md @@ -16,13 +16,13 @@ NRI plugin enables managing workloads with Memtierd in Kubernetes. [these](https://github.com/containerd/containerd/blob/main/docs/NRI.md#enabling-nri-support-in-containerd) detailed instructions. You can optionally enable the NRI in containerd using the Helm chart during the chart installation simply by setting the - `nri.patchRuntimeConfig` parameter. For instance, + `nri.runtime.patchConfig` parameter. For instance, ```sh - helm install my-memtierd nri-plugins/nri-memtierd --set nri.patchRuntimeConfig=true --namespace kube-system + helm install my-memtierd nri-plugins/nri-memtierd --set nri.runtime.patchConfig=true --namespace kube-system ``` - Enabling `nri.patchRuntimeConfig` creates an init container to turn on + Enabling `nri.runtime.patchConfig` creates an init container to turn on NRI feature in containerd and only after that proceed the plugin installation. @@ -33,10 +33,10 @@ NRI plugin enables managing workloads with Memtierd in Kubernetes. [these](https://github.com/cri-o/cri-o/blob/main/docs/crio.conf.5.md#crionri-table) detailed instructions. You can optionally enable the NRI in CRI-O using the Helm chart during the chart installation simply by setting the - `nri.patchRuntimeConfig` parameter. For instance, + `nri.runtime.patchConfig` parameter. For instance, ```sh - helm install my-memtierd nri-plugins/nri-memtierd --namespace kube-system --set nri.patchRuntimeConfig=true + helm install my-memtierd nri-plugins/nri-memtierd --namespace kube-system --set nri.runtime.patchConfig=true ``` ## Installing the Chart @@ -56,14 +56,17 @@ values.yaml file and provide it using the `-f` flag. For example: ```sh # Install the memtierd plugin with custom values provided using the --set option -helm install my-memtierd nri-plugins/nri-memtierd --namespace kube-system --set nri.patchRuntimeConfig=true +helm install my-memtierd nri-plugins/nri-memtierd --namespace kube-system --set nri.runtime.patchConfig=true ``` ```sh # Install the nri-memtierd plugin with custom values specified in a custom values.yaml file cat < myPath/values.yaml nri: - patchRuntimeConfig: true + runtime: + patchConfig: true + plugin: + index: 10 tolerations: - key: "node-role.kubernetes.io/control-plane" @@ -95,8 +98,10 @@ customize with their own values, along with the default values. | `resources.cpu` | 250m | cpu resources for the Pod | | `resources.memory` | 100Mi | memory qouta for the Pod | | `outputDir` | empty string | host directory for memtierd.output files | -| `nri.patchRuntimeConfig` | false | enable NRI in containerd or CRI-O | -| `nri.pluginIndex` | 45 | NRI plugin index to register with | +| `nri.runtime.config.pluginRegistrationTimeout` | "" | set NRI plugin registration timeout in NRI config of containerd or CRI-O | +| `nri.runtime.config.pluginRequestTimeout` | "" | set NRI plugin request timeout in NRI config of containerd or CRI-O | +| `nri.runtime.patchConfig` | false | patch NRI configuration in containerd or CRI-O | +| `nri.plugin.index` | 90 | NRI plugin index to register with | `initImage.name` | [ghcr.io/containers/nri-plugins/config-manager](https://ghcr.io/containers/nri-plugins/config-manager) | init container image name | | `initImage.tag` | unstable | init container image tag | | `initImage.pullPolicy` | Always | init container image pull policy | diff --git a/deployment/helm/memtierd/templates/daemonset.yaml b/deployment/helm/memtierd/templates/daemonset.yaml index 51e7e7ae5..661632b0e 100644 --- a/deployment/helm/memtierd/templates/daemonset.yaml +++ b/deployment/helm/memtierd/templates/daemonset.yaml @@ -28,9 +28,16 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} hostPID: true - {{- if .Values.nri.patchRuntimeConfig }} + {{- if .Values.nri.runtime.patchConfig }} initContainers: - name: patch-runtime + {{- if (not (or (eq .Values.nri.runtime.config nil) (eq .Values.nri.runtime.config.pluginRegistrationTimeout ""))) }} + args: + - -nri-plugin-registration-timeout + - {{ .Values.nri.runtime.config.pluginRegistrationTimeout }} + - -nri-plugin-request-timeout + - {{ .Values.nri.runtime.config.pluginRequestTimeout }} + {{- end }} image: {{ .Values.initContainerImage.name }}:{{ .Values.initContainerImage.tag | default .Chart.AppVersion }} imagePullPolicy: {{ .Values.initContainerImage.pullPolicy }} volumeMounts: @@ -48,7 +55,7 @@ spec: command: - nri-memtierd - --idx - - "{{ .Values.nri.pluginIndex | int | printf "%02d" }}" + - "{{ .Values.nri.plugin.index | int | printf "%02d" }}" - --config - /etc/nri/memtierd/config.yaml {{- if .Values.outputDir }} @@ -104,7 +111,7 @@ spec: path: {{ .Values.outputDir }} type: DirectoryOrCreate {{- end }} - {{- if .Values.nri.patchRuntimeConfig }} + {{- if .Values.nri.runtime.patchConfig }} - name: containerd-config hostPath: path: /etc/containerd/ diff --git a/deployment/helm/memtierd/values.schema.json b/deployment/helm/memtierd/values.schema.json index 421966e27..4f67dae62 100644 --- a/deployment/helm/memtierd/values.schema.json +++ b/deployment/helm/memtierd/values.schema.json @@ -61,17 +61,52 @@ "nri": { "type": "object", "required": [ - "patchRuntimeConfig", - "pluginIndex" + "plugin", + "runtime" ], "properties": { - "patchRuntimeConfig": { - "type": "boolean" + "plugin": { + "type": "object", + "required": [ + "index" + ], + "properties": { + "index": { + "type": "integer", + "minimum": 0, + "maximum": 99 + } + } }, - "pluginIndex": { - "type": "integer", - "minimum": 0, - "maximum": 99 + "runtime": { + "type": "object", + "required": [ + "patchConfig" + ], + "properties": { + "patchConfig": { + "type": "boolean" + }, + "config": { + "type": "object", + "required": [ + "pluginRegistrationTimeout", + "pluginRequestTimeout" + ], + "properties": { + "pluginRegistrationTimeout": { + "type": "string", + "$comment": "allowed range is 5-30s", + "pattern": "^(([5-9])|([1-2][0-9])|(30))s$" + }, + "pluginRequestTimeout": { + "type": "string", + "$comment": "allowed range is 2-30s", + "pattern": "^(([2-9])|([1-2][0-9])|(30))s$" + } + } + } + } } } }, diff --git a/deployment/helm/memtierd/values.yaml b/deployment/helm/memtierd/values.yaml index 049639e2a..7860de56a 100644 --- a/deployment/helm/memtierd/values.yaml +++ b/deployment/helm/memtierd/values.yaml @@ -15,8 +15,13 @@ resources: outputDir: "" nri: - patchRuntimeConfig: false - pluginIndex: 45 + plugin: + index: 90 + runtime: + patchConfig: false +# config: +# pluginRegistrationTimeout: 5s +# pluginRequestTimeout: 2s initContainerImage: name: ghcr.io/containers/nri-plugins/nri-config-manager diff --git a/deployment/helm/sgx-epc/README.md b/deployment/helm/sgx-epc/README.md index 982ab1fb8..6f7052889 100644 --- a/deployment/helm/sgx-epc/README.md +++ b/deployment/helm/sgx-epc/README.md @@ -17,13 +17,13 @@ annotations and (a yet to be merged pull request to) the cgroup v2 misc controll [these](https://github.com/containerd/containerd/blob/main/docs/NRI.md#enabling-nri-support-in-containerd) detailed instructions. You can optionally enable the NRI in containerd using the Helm chart during the chart installation simply by setting the - `nri.patchRuntimeConfig` parameter. For instance, + `nri.runtime.patchConfig` parameter. For instance, ```sh - helm install my-sgx-epc nri-plugins/nri-sgx-epc --set nri.patchRuntimeConfig=true --namespace kube-system + helm install my-sgx-epc nri-plugins/nri-sgx-epc --set nri.runtime.patchConfig=true --namespace kube-system ``` - Enabling `nri.patchRuntimeConfig` creates an init container to turn on + Enabling `nri.runtime.patchConfig` creates an init container to turn on NRI feature in containerd and only after that proceed the plugin installation. @@ -34,10 +34,10 @@ annotations and (a yet to be merged pull request to) the cgroup v2 misc controll [these](https://github.com/cri-o/cri-o/blob/main/docs/crio.conf.5.md#crionri-table) detailed instructions. You can optionally enable the NRI in CRI-O using the Helm chart during the chart installation simply by setting the - `nri.patchRuntimeConfig` parameter. For instance, + `nri.runtime.patchConfig` parameter. For instance, ```sh - helm install my-sgx-epc nri-plugins/nri-sgx-epc --namespace kube-system --set nri.patchRuntimeConfig=true + helm install my-sgx-epc nri-plugins/nri-sgx-epc --namespace kube-system --set nri.runtime.patchConfig=true ``` ## Installing the Chart @@ -57,14 +57,17 @@ values.yaml file and provide it using the `-f` flag. For example: ```sh # Install the sgx-epc plugin with custom values provided using the --set option -helm install my-sgx-epc nri-plugins/nri-sgx-epc --namespace kube-system --set nri.patchRuntimeConfig=true +helm install my-sgx-epc nri-plugins/nri-sgx-epc --namespace kube-system --set nri.runtime.patchConfig=true ``` ```sh # Install the sgx-epc plugin with custom values specified in a custom values.yaml file cat < myPath/values.yaml nri: - patchRuntimeConfig: true + runtime: + patchConfig: true + plugin: + index: 10 tolerations: - key: "node-role.kubernetes.io/control-plane" @@ -95,8 +98,10 @@ customize with their own values, along with the default values. | `image.pullPolicy` | Always | image pull policy | | `resources.cpu` | 25m | cpu resources for the Pod | | `resources.memory` | 100Mi | memory qouta for the Pod | -| `nri.patchRuntimeConfig` | false | enable NRI in containerd or CRI-O | -| `nri.pluginIndex` | 40 | NRI plugin index to register with | +| `nri.runtime.config.pluginRegistrationTimeout` | "" | set NRI plugin registration timeout in NRI config of containerd or CRI-O | +| `nri.runtime.config.pluginRequestTimeout` | "" | set NRI plugin request timeout in NRI config of containerd or CRI-O | +| `nri.runtime.patchConfig` | false | patch NRI configuration in containerd or CRI-O | +| `nri.plugin.index` | 90 | NRI plugin index to register with | `initImage.name` | [ghcr.io/containers/nri-plugins/config-manager](https://ghcr.io/containers/nri-plugins/config-manager) | init container image name | | `initImage.tag` | unstable | init container image tag | | `initImage.pullPolicy` | Always | init container image pull policy | diff --git a/deployment/helm/sgx-epc/templates/daemonset.yaml b/deployment/helm/sgx-epc/templates/daemonset.yaml index ed21bc779..b7653d72a 100644 --- a/deployment/helm/sgx-epc/templates/daemonset.yaml +++ b/deployment/helm/sgx-epc/templates/daemonset.yaml @@ -28,9 +28,16 @@ spec: {{- with .Values.nodeSelector }} {{- toYaml . | nindent 8 }} {{- end }} - {{- if .Values.nri.patchRuntimeConfig }} + {{- if .Values.nri.runtime.patchConfig }} initContainers: - name: patch-runtime + {{- if (not (or (eq .Values.nri.runtime.config nil) (eq .Values.nri.runtime.config.pluginRegistrationTimeout ""))) }} + args: + - -nri-plugin-registration-timeout + - {{ .Values.nri.runtime.config.pluginRegistrationTimeout }} + - -nri-plugin-request-timeout + - {{ .Values.nri.runtime.config.pluginRequestTimeout }} + {{- end }} image: {{ .Values.initContainerImage.name }}:{{ .Values.initContainerImage.tag | default .Chart.AppVersion }} imagePullPolicy: {{ .Values.initContainerImage.pullPolicy }} volumeMounts: @@ -48,7 +55,7 @@ spec: command: - nri-sgx-epc - --idx - - "{{ .Values.nri.pluginIndex | int | printf "%02d" }}" + - "{{ .Values.nri.plugin.index | int | printf "%02d" }}" image: {{ .Values.image.name }}:{{ .Values.image.tag | default .Chart.AppVersion }} imagePullPolicy: {{ .Values.image.pullPolicy }} resources: @@ -66,7 +73,7 @@ spec: hostPath: path: /var/run/nri type: DirectoryOrCreate - {{- if .Values.nri.patchRuntimeConfig }} + {{- if .Values.nri.runtime.patchConfig }} - name: containerd-config hostPath: path: /etc/containerd/ diff --git a/deployment/helm/sgx-epc/values.schema.json b/deployment/helm/sgx-epc/values.schema.json index 421966e27..4f67dae62 100644 --- a/deployment/helm/sgx-epc/values.schema.json +++ b/deployment/helm/sgx-epc/values.schema.json @@ -61,17 +61,52 @@ "nri": { "type": "object", "required": [ - "patchRuntimeConfig", - "pluginIndex" + "plugin", + "runtime" ], "properties": { - "patchRuntimeConfig": { - "type": "boolean" + "plugin": { + "type": "object", + "required": [ + "index" + ], + "properties": { + "index": { + "type": "integer", + "minimum": 0, + "maximum": 99 + } + } }, - "pluginIndex": { - "type": "integer", - "minimum": 0, - "maximum": 99 + "runtime": { + "type": "object", + "required": [ + "patchConfig" + ], + "properties": { + "patchConfig": { + "type": "boolean" + }, + "config": { + "type": "object", + "required": [ + "pluginRegistrationTimeout", + "pluginRequestTimeout" + ], + "properties": { + "pluginRegistrationTimeout": { + "type": "string", + "$comment": "allowed range is 5-30s", + "pattern": "^(([5-9])|([1-2][0-9])|(30))s$" + }, + "pluginRequestTimeout": { + "type": "string", + "$comment": "allowed range is 2-30s", + "pattern": "^(([2-9])|([1-2][0-9])|(30))s$" + } + } + } + } } } }, diff --git a/deployment/helm/sgx-epc/values.yaml b/deployment/helm/sgx-epc/values.yaml index f1ec9f0f2..6331b155e 100644 --- a/deployment/helm/sgx-epc/values.yaml +++ b/deployment/helm/sgx-epc/values.yaml @@ -13,8 +13,13 @@ resources: memory: 100Mi nri: - patchRuntimeConfig: false - pluginIndex: 40 + plugin: + index: 90 + runtime: + patchConfig: false +# config: +# pluginRegistrationTimeout: 5s +# pluginRequestTimeout: 2s initContainerImage: name: ghcr.io/containers/nri-plugins/nri-config-manager diff --git a/deployment/helm/template/README.md b/deployment/helm/template/README.md index 90c369e57..8f46b1088 100644 --- a/deployment/helm/template/README.md +++ b/deployment/helm/template/README.md @@ -17,13 +17,13 @@ logic. It serves as a template for creating new policy implementations. [these](https://github.com/containerd/containerd/blob/main/docs/NRI.md#enabling-nri-support-in-containerd) detailed instructions. You can optionally enable the NRI in containerd using the Helm chart during the chart installation simply by setting the - `nri.patchRuntimeConfig` parameter. For instance, + `nri.runtime.patchConfig` parameter. For instance, ```sh - helm install my-template nri-plugins/nri-resource-policy-template --set nri.patchRuntimeConfig=true --namespace kube-system + helm install my-template nri-plugins/nri-resource-policy-template --set nri.runtime.patchConfig=true --namespace kube-system ``` - Enabling `nri.patchRuntimeConfig` creates an init container to turn on + Enabling `nri.runtime.patchConfig` creates an init container to turn on NRI feature in containerd and only after that proceed the plugin installation. @@ -34,10 +34,10 @@ logic. It serves as a template for creating new policy implementations. [these](https://github.com/cri-o/cri-o/blob/main/docs/crio.conf.5.md#crionri-table) detailed instructions. You can optionally enable the NRI in CRI-O using the Helm chart during the chart installation simply by setting the - `nri.patchRuntimeConfig` parameter. For instance, + `nri.runtime.patchConfig` parameter. For instance, ```sh - helm install my-template nri-plugins/nri-resource-policy-template --namespace kube-system --set nri.patchRuntimeConfig=true + helm install my-template nri-plugins/nri-resource-policy-template --namespace kube-system --set nri.runtime.patchConfig=true ``` ## Installing the Chart @@ -57,14 +57,17 @@ values.yaml file and provide it using the `-f` flag. For example: ```sh # Install the template plugin with custom values provided using the --set option -helm install my-template nri-plugins/nri-resource-policy-template --namespace kube-system --set nri.patchRuntimeConfig=true +helm install my-template nri-plugins/nri-resource-policy-template --namespace kube-system --set nri.runtime.patchConfig=true ``` ```sh # Install the template plugin with custom values specified in a custom values.yaml file cat < myPath/values.yaml nri: - patchRuntimeConfig: true + runtime: + patchConfig: true + plugin: + index: 10 tolerations: - key: "node-role.kubernetes.io/control-plane" @@ -99,8 +102,10 @@ customize with their own values, along with the default values. | `hostPort` | 8891 | metrics port to expose on the host | | `config` | see [helm chart values](tree:/deployment/helm/template/values.yaml) for the default configuration | plugin configuration data | | `configGroupLabel` | config.nri/group | node label for grouping configuration | -| `nri.patchRuntimeConfig` | false | enable NRI in containerd or CRI-O | -| `nri.pluginIndex` | 90 | NRI plugin index to register with | +| `nri.runtime.config.pluginRegistrationTimeout` | "" | set NRI plugin registration timeout in NRI config of containerd or CRI-O | +| `nri.runtime.config.pluginRequestTimeout` | "" | set NRI plugin request timeout in NRI config of containerd or CRI-O | +| `nri.runtime.patchConfig` | false | patch NRI configuration in containerd or CRI-O | +| `nri.plugin.index` | 90 | NRI plugin index to register with | `initImage.name` | [ghcr.io/containers/nri-plugins/config-manager](https://ghcr.io/containers/nri-plugins/config-manager) | init container image name | | `initImage.tag` | unstable | init container image tag | | `initImage.pullPolicy` | Always | init container image pull policy | diff --git a/deployment/helm/template/templates/daemonset.yaml b/deployment/helm/template/templates/daemonset.yaml index fa6ca3aa3..c7338ec06 100644 --- a/deployment/helm/template/templates/daemonset.yaml +++ b/deployment/helm/template/templates/daemonset.yaml @@ -21,9 +21,16 @@ spec: serviceAccount: nri-resource-policy-template nodeSelector: kubernetes.io/os: "linux" - {{- if .Values.nri.patchRuntimeConfig }} + {{- if .Values.nri.runtime.patchConfig }} initContainers: - name: patch-runtime + {{- if (not (or (eq .Values.nri.runtime.config nil) (eq .Values.nri.runtime.config.pluginRegistrationTimeout ""))) }} + args: + - -nri-plugin-registration-timeout + - {{ .Values.nri.runtime.config.pluginRegistrationTimeout }} + - -nri-plugin-request-timeout + - {{ .Values.nri.runtime.config.pluginRequestTimeout }} + {{- end }} image: {{ .Values.initContainerImage.name }}:{{ .Values.initContainerImage.tag | default .Chart.AppVersion }} imagePullPolicy: {{ .Values.initContainerImage.pullPolicy }} volumeMounts: @@ -48,7 +55,7 @@ spec: - -metrics-interval - 5s - --nri-plugin-index - - "{{ .Values.nri.pluginIndex | int | printf "%02d" }}" + - "{{ .Values.nri.plugin.index | int | printf "%02d" }}" {{- if .Values.configGroupLabel }} - --config-group-label - {{ .Values.configGroupLabel }} @@ -109,7 +116,7 @@ spec: hostPath: path: /var/run/nri type: DirectoryOrCreate - {{- if .Values.nri.patchRuntimeConfig }} + {{- if .Values.nri.runtime.patchConfig }} - name: containerd-config hostPath: path: /etc/containerd/ diff --git a/deployment/helm/template/values.schema.json b/deployment/helm/template/values.schema.json index 6ca62bb25..f2a0e68b6 100644 --- a/deployment/helm/template/values.schema.json +++ b/deployment/helm/template/values.schema.json @@ -65,17 +65,52 @@ "nri": { "type": "object", "required": [ - "patchRuntimeConfig", - "pluginIndex" + "plugin", + "runtime" ], "properties": { - "patchRuntimeConfig": { - "type": "boolean" + "plugin": { + "type": "object", + "required": [ + "index" + ], + "properties": { + "index": { + "type": "integer", + "minimum": 0, + "maximum": 99 + } + } }, - "pluginIndex": { - "type": "integer", - "minimum": 0, - "maximum": 99 + "runtime": { + "type": "object", + "required": [ + "patchConfig" + ], + "properties": { + "patchConfig": { + "type": "boolean" + }, + "config": { + "type": "object", + "required": [ + "pluginRegistrationTimeout", + "pluginRequestTimeout" + ], + "properties": { + "pluginRegistrationTimeout": { + "type": "string", + "$comment": "allowed range is 5-30s", + "pattern": "^(([5-9])|([1-2][0-9])|(30))s$" + }, + "pluginRequestTimeout": { + "type": "string", + "$comment": "allowed range is 2-30s", + "pattern": "^(([2-9])|([1-2][0-9])|(30))s$" + } + } + } + } } } }, diff --git a/deployment/helm/template/values.yaml b/deployment/helm/template/values.yaml index c7aef8b9d..57326312b 100644 --- a/deployment/helm/template/values.yaml +++ b/deployment/helm/template/values.yaml @@ -36,8 +36,13 @@ resources: memory: 512Mi nri: - patchRuntimeConfig: false - pluginIndex: 90 + plugin: + index: 90 + runtime: + patchConfig: false +# config: +# pluginRegistrationTimeout: 5s +# pluginRequestTimeout: 2s initContainerImage: name: ghcr.io/containers/nri-plugins/nri-config-manager diff --git a/deployment/helm/topology-aware/README.md b/deployment/helm/topology-aware/README.md index dfb9c1089..6999188fa 100644 --- a/deployment/helm/topology-aware/README.md +++ b/deployment/helm/topology-aware/README.md @@ -18,13 +18,13 @@ system. [these](https://github.com/containerd/containerd/blob/main/docs/NRI.md#enabling-nri-support-in-containerd) detailed instructions. You can optionally enable the NRI in containerd using the Helm chart during the chart installation simply by setting the - `nri.patchRuntimeConfig` parameter. For instance, + `nri.runtime.patchConfig` parameter. For instance, ```sh - helm install my-topology-aware nri-plugins/nri-resource-policy-topology-aware --set nri.patchRuntimeConfig=true --namespace kube-system + helm install my-topology-aware nri-plugins/nri-resource-policy-topology-aware --set nri.runtime.patchConfig=true --namespace kube-system ``` - Enabling `nri.patchRuntimeConfig` creates an init container to turn on + Enabling `nri.runtime.patchConfig` creates an init container to turn on NRI feature in containerd and only after that proceed the plugin installation. @@ -35,10 +35,10 @@ system. [these](https://github.com/cri-o/cri-o/blob/main/docs/crio.conf.5.md#crionri-table) detailed instructions. You can optionally enable the NRI in CRI-O using the Helm chart during the chart installation simply by setting the - `nri.patchRuntimeConfig` parameter. For instance, + `nri.runtime.patchConfig` parameter. For instance, ```sh - helm install my-topology-aware nri-plugins/nri-resource-policy-topology-aware --namespace kube-system --set nri.patchRuntimeConfig=true + helm install my-topology-aware nri-plugins/nri-resource-policy-topology-aware --namespace kube-system --set nri.runtime.patchConfig=true ``` ## Installing the Chart @@ -58,14 +58,17 @@ values.yaml file and provide it using the `-f` flag. For example: ```sh # Install the topology-aware plugin with custom values provided using the --set option -helm install my-topology-aware nri-plugins/nri-resource-policy-topology-aware --namespace kube-system --set nri.patchRuntimeConfig=true +helm install my-topology-aware nri-plugins/nri-resource-policy-topology-aware --namespace kube-system --set nri.runtime.patchConfig=true ``` ```sh # Install the topology-aware plugin with custom values specified in a custom values.yaml file cat < myPath/values.yaml nri: - patchRuntimeConfig: true + runtime: + patchConfig: true + plugin: + index: 10 tolerations: - key: "node-role.kubernetes.io/control-plane" @@ -100,8 +103,10 @@ customize with their own values, along with the default values. | `hostPort` | 8891 | metrics port to expose on the host | | `config` | see [helm chart values](tree:/deployment/helm/topology-aware/values.yaml) for the default configuration | plugin configuration data | | `configGroupLabel` | config.nri/group | node label for grouping configuration | -| `nri.patchRuntimeConfig` | false | enable NRI in containerd or CRI-O | -| `nri.pluginIndex` | 90 | NRI plugin index to register with | +| `nri.runtime.config.pluginRegistrationTimeout` | "" | set NRI plugin registration timeout in NRI config of containerd or CRI-O | +| `nri.runtime.config.pluginRequestTimeout` | "" | set NRI plugin request timeout in NRI config of containerd or CRI-O | +| `nri.runtime.patchConfig` | false | patch NRI configuration in containerd or CRI-O | +| `nri.plugin.index` | 90 | NRI plugin index to register with | | `initImage.name` | [ghcr.io/containers/nri-plugins/config-manager](https://ghcr.io/containers/nri-plugins/config-manager) | init container image name | | `initImage.tag` | unstable | init container image tag | | `initImage.pullPolicy` | Always | init container image pull policy | diff --git a/deployment/helm/topology-aware/templates/daemonset.yaml b/deployment/helm/topology-aware/templates/daemonset.yaml index ff876c136..480587d97 100644 --- a/deployment/helm/topology-aware/templates/daemonset.yaml +++ b/deployment/helm/topology-aware/templates/daemonset.yaml @@ -28,9 +28,16 @@ spec: {{- with .Values.nodeSelector }} {{- toYaml . | nindent 8 }} {{- end }} - {{- if .Values.nri.patchRuntimeConfig }} + {{- if .Values.nri.runtime.patchConfig }} initContainers: - name: patch-runtime + {{- if (not (or (eq .Values.nri.runtime.config nil) (eq .Values.nri.runtime.config.pluginRegistrationTimeout ""))) }} + args: + - -nri-plugin-registration-timeout + - {{ .Values.nri.runtime.config.pluginRegistrationTimeout }} + - -nri-plugin-request-timeout + - {{ .Values.nri.runtime.config.pluginRequestTimeout }} + {{- end }} image: {{ .Values.initContainerImage.name }}:{{ .Values.initContainerImage.tag | default .Chart.AppVersion }} imagePullPolicy: {{ .Values.initContainerImage.pullPolicy }} volumeMounts: @@ -55,7 +62,7 @@ spec: - -metrics-interval - 5s - --nri-plugin-index - - "{{ .Values.nri.pluginIndex | int | printf "%02d" }}" + - "{{ .Values.nri.plugin.index | int | printf "%02d" }}" {{- if .Values.configGroupLabel }} - --config-group-label - {{ .Values.configGroupLabel }} @@ -116,7 +123,7 @@ spec: hostPath: path: /var/run/nri type: DirectoryOrCreate - {{- if .Values.nri.patchRuntimeConfig }} + {{- if .Values.nri.runtime.patchConfig }} - name: containerd-config hostPath: path: /etc/containerd/ diff --git a/deployment/helm/topology-aware/values.schema.json b/deployment/helm/topology-aware/values.schema.json index 6ca62bb25..f2a0e68b6 100644 --- a/deployment/helm/topology-aware/values.schema.json +++ b/deployment/helm/topology-aware/values.schema.json @@ -65,17 +65,52 @@ "nri": { "type": "object", "required": [ - "patchRuntimeConfig", - "pluginIndex" + "plugin", + "runtime" ], "properties": { - "patchRuntimeConfig": { - "type": "boolean" + "plugin": { + "type": "object", + "required": [ + "index" + ], + "properties": { + "index": { + "type": "integer", + "minimum": 0, + "maximum": 99 + } + } }, - "pluginIndex": { - "type": "integer", - "minimum": 0, - "maximum": 99 + "runtime": { + "type": "object", + "required": [ + "patchConfig" + ], + "properties": { + "patchConfig": { + "type": "boolean" + }, + "config": { + "type": "object", + "required": [ + "pluginRegistrationTimeout", + "pluginRequestTimeout" + ], + "properties": { + "pluginRegistrationTimeout": { + "type": "string", + "$comment": "allowed range is 5-30s", + "pattern": "^(([5-9])|([1-2][0-9])|(30))s$" + }, + "pluginRequestTimeout": { + "type": "string", + "$comment": "allowed range is 2-30s", + "pattern": "^(([2-9])|([1-2][0-9])|(30))s$" + } + } + } + } } } }, diff --git a/deployment/helm/topology-aware/values.yaml b/deployment/helm/topology-aware/values.yaml index 7ccb10bfa..1df3d8775 100644 --- a/deployment/helm/topology-aware/values.yaml +++ b/deployment/helm/topology-aware/values.yaml @@ -36,8 +36,13 @@ resources: memory: 512Mi nri: - patchRuntimeConfig: false - pluginIndex: 90 + plugin: + index: 90 + runtime: + patchConfig: false +# config: +# pluginRegistrationTimeout: 5s +# pluginRequestTimeout: 2s initContainerImage: name: ghcr.io/containers/nri-plugins/nri-config-manager From 1e196f47c15b7dc4368f15ecd57c86d5624373ab Mon Sep 17 00:00:00 2001 From: Krisztian Litkey Date: Fri, 17 May 2024 15:19:52 +0300 Subject: [PATCH 3/4] config/crd/bases: update NriPluginDeployment. Update runtime config patching bits in CRD. Signed-off-by: Krisztian Litkey --- .../config.nri_nriplugindeployments.yaml | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) diff --git a/config/crd/bases/config.nri_nriplugindeployments.yaml b/config/crd/bases/config.nri_nriplugindeployments.yaml index ce9030c55..6611eceb1 100644 --- a/config/crd/bases/config.nri_nriplugindeployments.yaml +++ b/config/crd/bases/config.nri_nriplugindeployments.yaml @@ -69,8 +69,23 @@ spec: nri: type: object properties: - patchRuntimeConfig: - type: boolean + runtime: + type: object + properties: + patchConfig: + type: boolean + config: + type: object + required: + - pluginRegistrationTimeout + - pluginRequestTimeout + properties: + pluginRegistrationTimeout: + type: string + pattern: "^(([5-9])|([1-2][0-9])|(30))s$" + pluginRequestTimeout: + type: string + pattern: "^(([2-9])|([1-2][0-9])|(30))s$" image: type: object description: image defines Plugin DeamonSet image name and tag From d63bba351e5b4463da7cd0a0554b72dfec3d6d37 Mon Sep 17 00:00:00 2001 From: Krisztian Litkey Date: Fri, 17 May 2024 15:20:32 +0300 Subject: [PATCH 4/4] operator: update runtime config patching. Update to use updated Values.nri.runtime.patchConfig instead of Values.nri.patchRuntimeConfig. Signed-off-by: Krisztian Litkey --- deployment/operator/README.md | 8 +++++++- .../samples/config.nri_v1alpha1_nriplugindeployment.yaml | 4 ++-- 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/deployment/operator/README.md b/deployment/operator/README.md index 432b45d93..3a3b2e748 100644 --- a/deployment/operator/README.md +++ b/deployment/operator/README.md @@ -39,7 +39,13 @@ spec: state: present values: nri: - patchRuntimeConfig: true + plugin: + index: 90 + runtime: + patchConfig: true +# config: +# pluginRegistrationTimeout: 5s +# pluginRequestTimeout: 2s tolerations: - key: "node-role.kubernetes.io/control-plane" operator: "Exists" diff --git a/deployment/operator/config/samples/config.nri_v1alpha1_nriplugindeployment.yaml b/deployment/operator/config/samples/config.nri_v1alpha1_nriplugindeployment.yaml index fc60a1c6a..6889c4326 100644 --- a/deployment/operator/config/samples/config.nri_v1alpha1_nriplugindeployment.yaml +++ b/deployment/operator/config/samples/config.nri_v1alpha1_nriplugindeployment.yaml @@ -15,5 +15,5 @@ spec: state: present values: nri: - patchRuntimeConfig: true - + runtime: + patchConfig: true