Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

docs: Update the kind documentation with cgroup requirements #18269

Merged
merged 1 commit into from
Jan 5, 2022
Merged

docs: Update the kind documentation with cgroup requirements #18269

merged 1 commit into from
Jan 5, 2022

Conversation

aditighag
Copy link
Member

@aditighag aditighag commented Dec 15, 2021
edited

For kube-proxy replacement (specifically, socket-based load-balancing)
to work correctly in KIND clusters, the BPF cgroup programs need to be
attached at the correct cgroup hierarchy. For this to happen, the KIND
nodes need to have their own separate cgroup namespace.
More details in PR - #16259.

While cgroup namespaces are supported across both cgroup v1 and v2 modes,
container runtimes like Docker enable private cgroup namespace mode
by default only with cgroup v2 [1]. With cgroup v1, the default is host
cgroup namespace, whereby KIND node containers (and also cilium agent pods)
are created in the same cgroup namespace as the underlying host.

[1] https://docs.docker.com/config/containers/runmetrics/#running-docker-on-cgroup-v2

Signed-off-by: Aditi Ghag aditi@cilium.io

@aditighag aditighag added the release-note/misc This PR makes changes that have no direct user impact. label Dec 15, 2021
@aditighag aditighag requested a review from a team as a code owner December 15, 2021 18:12
qmonnet
qmonnet reviewed Dec 15, 2021
View reviewed changes
Copy link
Member

@qmonnet qmonnet left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Change looks good. I have some minor, nitpick-level suggestions, but you may chose to ignore them.

Second sentence in your commit description is missing a verb.

Documentation/gettingstarted/kind.rst Outdated Show resolved Hide resolved
Documentation/gettingstarted/kind.rst Outdated Show resolved Hide resolved
Documentation/gettingstarted/kind.rst Outdated Show resolved Hide resolved
Documentation/gettingstarted/kind.rst Outdated Show resolved Hide resolved
Documentation/gettingstarted/kind.rst Outdated Show resolved Hide resolved
Documentation/gettingstarted/kind.rst Outdated Show resolved Hide resolved
@aditighag aditighag force-pushed the pr/aditighag/extend-kind-cgroup-doc branch from 5525097 to ef4ad24 Compare December 16, 2021 20:46
@aditighag
docs: Update the kind documentation with cgroup requirements
af07440 
For kube-proxy replacement (specifically, socket-based load-balancing)
to work correctly in KIND clusters, the BPF cgroup programs need to be
attached at the correct cgroup hierarchy. For this to happen, the KIND
nodes need to have their own separate cgroup namespace.
More details in PR - cilium#16259.

While cgroup namespaces are supported across both cgroup v1 and v2 modes,
container runtimes like Docker enable private cgroup namespace mode
by default only with cgroup v2 [1]. With cgroup v1, the default is host
cgroup namespace, whereby KIND node containers (and also cilium agent pods)
are created in the same cgroup namespace as the underlying host.

[1] https://docs.docker.com/config/containers/runmetrics/#running-docker-on-cgroup-v2

Signed-off-by: Aditi Ghag <aditi@cilium.io>
@aditighag aditighag force-pushed the pr/aditighag/extend-kind-cgroup-doc branch from c046af4 to af07440 Compare January 3, 2022 23:41
@aditighag aditighag added ready-to-merge This PR has passed all tests and received consensus from code owners to merge. needs-backport/1.10 labels Jan 3, 2022
@maintainer-s-little-helper maintainer-s-little-helper bot added this to Needs backport from master in 1.10.7 Jan 3, 2022
@maintainer-s-little-helper maintainer-s-little-helper bot removed this from Needs backport from master in 1.10.7 Jan 3, 2022
@christarazi christarazi merged commit 635ba6c into cilium:master Jan 5, 2022
@pchaigno pchaigno mentioned this pull request Jan 10, 2022
Merged
@joestringer joestringer added backport-done/1.11 The backport for Cilium 1.11.x for this PR is done. and removed backport-pending/1.11 labels Jan 18, 2022
@joestringer joestringer mentioned this pull request Jan 18, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@qmonnet qmonnet qmonnet approved these changes

Assignees
No one assigned
Labels
backport-done/1.11 The backport for Cilium 1.11.x for this PR is done. ready-to-merge This PR has passed all tests and received consensus from code owners to merge. release-note/misc This PR makes changes that have no direct user impact.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@aditighag @qmonnet @joestringer @pchaigno @christarazi