Collect container and Sandbox stats through libctr cgroup managers #7658
Conversation
|
/ok-to-test LGTM |
openshift-ci
bot
added
ok-to-test
|
/retest |
1 similar comment
|
/retest |
|
@Mo-Fatah do you mind pasting the stats o/p with this change? I just wanted to see the actual stats. |
openshift-ci
bot
added
the
dco-signoff: yes
|
Sure! @sohankunkerkar stats from the current changes: doing the same steps with the main branch: Notable changes in this PR:
|
|
@Mo-Fatah Thanks for the information. The changes LGTM |
|
@Mo-Fatah, this value (an excerpt from your example): "availableBytes": {
"value": "18446744073441218560"
},That is about 18 Exabytes. if I am not mistaken 😄 How does this sort of value work with metrics? Update: I suppose, we are outputting this value via a metric per: However, we will now be going from this large value to the following: "availableBytes": {
"value": "265420800"
},Would this be the same metric? Admittedly, I haven't checked how libcontainer collects these values. Were you able to compare these metrics with what |
Codecov Report
Additional details and impacted files@@ Coverage Diff @@
## main #7658 +/- ##
=======================================
Coverage ? 47.83%
=======================================
Files ? 145
Lines ? 16247
Branches ? 0
=======================================
Hits ? 7772
Misses ? 7532
Partials ? 943 |
|
@kwilczynski I am not sure how this huge number is generated 😅 . However, the which is currently miscalculated on the main branch in cri-o cri-o calculates it the opposite order, and usually the memory limit > usage. So, this is my guess why we get this huge number. |
whoops, this probably was me a couple of years ago. I wonder if this causes #6747 as well |
I guess so, will have a look at it tomorrow. |
|
/retest |
|
/test ci-cgroupv2-integration |
1 similar comment
|
/test ci-cgroupv2-integration |
|
I couldn't reproduce the failures on my machine. They also seem to be persistently failing, don't think it's a flakiness issue |
|
/retest |
|
@littlejawa can you PTAL? |
With kata, the error seems to come from : As I understand it, libcontainer tries to access the cgroup information from the host, but with kata the container's cgroup information is within a VM, not accessible to the host. The way we do it today is through the call to It allows a different behaviour between runtimes: for regular (oci) runtimes, it is conlcuded by a call to PopulateContainerCgroupStats. I'm wondering if we could keep this indirection: keep calling ss.Runtime().ContainerStats(), and modify the oci part to call cgroupStats() and return the stats in cgroup format? The rest of you code (converting from cgroup to CRI) wouldn't change. I would need to change the kata-specific part to return cgroup data too. Do you think that would work, or do you have other suggestions? |
|
Aside from the bug that we had for a while, and which @Mo-Fatah, fixed (thank you!). We need to make sure that these new metrics hold water. @Mo-Fatah, were you able to compare these metrics with what For instance, from your example, both of these values are the same: "availableBytes": {
"value": "265420800"
},"swapAvailableBytes": {
"value": "265420800"
},A problem here or merely a happy coincidence? 😄 If there is no swap, does it show as a value of Basically, everything looks very good, and it's solid work, but we need to make some sanity checks to see if things are what they say they are and that values also make sense for certain metrics. Generally, these metrics are such that process, a CRI-O process, I suppose, metrics are stored alongside what seems to be system-wide metrics. "memory": {
"timestamp": "1704727367994867370",
"workingSetBytes": {
"value": "839680"
},
"availableBytes": {
"value": "265420800"
},
"usageBytes": {
"value": "3014656"
},
"rssBytes": {
"value": "98304"
},
"pageFaults": {
"value": "2561"
},
"majorPageFaults": {
"value": "17"
}
},For example, within the above, we don't have virtual address space allocated for the CRI-O process, which is also useful to track, even though we have So, basically, verify some things, make sure that everything looks reasonable, check the Prometheus labels, etc. |
|
Thanks for the details! @littlejawa . Your approach seems reasonable to me.
the conversion to CRI finally will be remain in the stats server. (correct me if i lost my way) |
Not a coincidence. The reason why
will have a look again at the numbers and verify them
Can you elaborate that part? I mean, those stats are part of the cri-api |
yeah unfortunately for now we can't fuss with the metrics too much. We basically need 1:1 metrics coverage between what currently exists and what cri-o will collect. In the future we can investigate adding additional ones that better reflect the state of the processes also note: these are for pods and containers, so the address space of cri-o itself is not relevant here |
|
Hey @Mo-Fatah once you mark this PR ready for review, could you also squash the redundant commits and place them in the meaningful ones? |
openshift-ci
bot
added
dco-signoff: no
|
/retest |
Mo-Fatah
force-pushed
the
libctr-based-statsserver
branch
from
9fa70b9
to
48fbe60
Compare
openshift-ci
bot
added
dco-signoff: yes
Mo-Fatah
force-pushed
the
libctr-based-statsserver
branch
2 times, most recently
from
4987e25
to
f212c33
Compare
|
/retest |
| @@ -1,91 +0,0 @@ | |||
| package cgmgr_test | |||
There was a problem hiding this comment.
This file just tests UpdateWithMemoryStatsFromFile function which is deleted and no longer used
| @@ -40,11 +47,12 @@ func (ss *StatsServer) updateSandbox(sb *sandbox.Sandbox) *types.PodSandboxStats | |||
| if c.StateNoLock().Status == oci.ContainerStateStopped { | |||
| continue | |||
| } | |||
| cStats, err := ss.Runtime().ContainerStats(context.TODO(), c, sb.CgroupParent()) | |||
| cgstats, err := ss.Runtime().ContainerStats(context.TODO(), c, sb.CgroupParent()) | |||
There was a problem hiding this comment.
There is a problem here: you're expecting ContainerStats() to return a CgroupStats structure, but you're modifying ContainerStats only in the next commit.
Your first commit then doesn't build - you get an error when you try to use cgstats as a parameter to containerCRIStats()
internal/lib/stats/stats_server_linux.go:55:31: cannot use cgstats (variable of type *"k8s.io/cri-api/pkg/apis/runtime/v1".ContainerStats) as *cgmgr.CgroupStats value in argument to containerCRIStats
If you don't want to merge the two commits (which would make it pretty big), maybe you could introduce that function code changes only in the second commit?
Not sure what option is best, but I think we need to have independently buildable commits
There was a problem hiding this comment.
I would go with merging the two commits if no problem with that. it will be a big commit but I guess all changes are relevant. ( will make the commit message a bit meaningful)
| // CgroupStats is a structure used to augment libctr.Stats object, because | ||
| // it does not have all of the information required for all of the stats we're | ||
| // interested in. | ||
| // This is a universal stats object to be used across different runtime implementations. |
There was a problem hiding this comment.
I find myself worried about the translation here. there is already high cpu usage on stats collection from golang object GC (each tiny object is created and destroyed quite quickly). I think I am okay with this for now but it's possible we may want to find a different way. For instance, having the statsserver run linux only for now
There was a problem hiding this comment.
If you'd rather do that as a follow up (or not deal with that and have someone else do it) @Mo-Fatah let me know
There was a problem hiding this comment.
I personally wanted to go the way Sohan did before here to just use the , but due to the newly-added FreeBSD build workflow, apparently any inclusion of libcontainer in runtime_vm.go (through importing libcontainer or adding a type that uses a libcontainer type internally) will lead to FreeBSD build failure (at least this what I noticed from multiple CI failures).
I would prefer to solve this in a separate PR if it's Ok.
There was a problem hiding this comment.
I would prefer to solve this in a separate PR if it's Ok.
That sounds good!
- Collect container and Sandbox stats through libctr cgroup managers - Move stats collection from statsserver to cgmgr - Use the generic CgroupStats type for all stats functions - Convert all stats collected into CgroupStats - Add new stats types for unsupported Signed-off-by: mohamed <mohamedabdelfatah2027@gmail.com>
Signed-off-by: mohamed <mohamedabdelfatah2027@gmail.com>
Signed-off-by: mohamed <mohamedabdelfatah2027@gmail.com>
Mo-Fatah
force-pushed
the
libctr-based-statsserver
branch
from
f212c33
to
5118771
Compare
|
/retest |
openshift-ci
bot
added
release-note
|
/lgtm |
openshift-ci
bot
added
do-not-merge/hold
|
/hold cancel well done @Mo-Fatah ! |
openshift-ci
bot
removed
the
do-not-merge/hold
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: haircommander, Mo-Fatah The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
What type of PR is this?
/kind feature
What this PR does / why we need it:
stats server currently manually collects stats through the
Populate**functions in cgmgr package which doesn't report correct stats. This PR bases the stats collection on libcontainer cgroup managers.Which issue(s) this PR fixes:
Special notes for your reviewer:
Does this PR introduce a user-facing change?