Puppet Class: kubeinstall::system::kernel::cgroup2

Defined in:
manifests/system/kernel/cgroup2.pp

Summary

Enable Cgroup v2

Overview

Enable Cgroup v2 via kernel command line parameters lwn.net/Articles/671722/

Examples:

include kubeinstall::system::kernel::cgroup2


8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
 
# File 'manifests/system/kernel/cgroup2.pp', line 8

class kubeinstall::system::kernel::cgroup2 {
  # man cgroups(7)
  #   Because of the problems with the initial cgroups implementation
  #   (cgroups version 1), starting in Linux 3.10, work began on a new,
  #   orthogonal implementation to remedy these problems.  Initially
  #   marked experimental, and hidden behind the
  #   -o __DEVEL__sane_behavior mount option, the new version (cgroups
  #   version 2) was eventually made official with the release of Linux
  #   4.5.
  if versioncmp($facts['kernelversion'], '4.5') >= 0 {
    # temporary solution only for Ubuntu 20.04
    if $facts['os']['name'] == 'Ubuntu' and $facts['os']['release']['major'] == '20.04' {
      file { '/etc/default/grub.d/60-cgroup-v2.cfg':
        ensure  => file,
        content => @(EOF),
                    # Set the commandline
                    GRUB_CMDLINE_LINUX="$GRUB_CMDLINE_LINUX systemd.unified_cgroup_hierarchy=1 cgroup_enable=memory swapaccount=1"
                    | - EOF
        owner   => 'root',
        mode    => '0644',
        notify  => Exec['kubeinstall-update-grub'],
      }

      exec { 'kubeinstall-update-grub':
        command     => 'update-grub',
        path        => '/usr/sbin:/usr/bin:/sbin:/bin',
        refreshonly => true,
      }
    }

    # CHAPTER 5. CONFIGURING KERNEL COMMAND-LINE PARAMETERS
    # https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/managing_monitoring_and_updating_the_kernel/configuring-kernel-command-line-parameters_managing-monitoring-and-updating-the-kernel
    if $facts['os']['family'] == 'RedHat' and $facts['os']['release']['major'] in ['7', '8', '9'] {
      include kubeinstall::system::grubby

      $kernrel = $facts['kernelrelease']

      if $facts['kernelentries'] {
        $facts['kernelentries'].each |$entry| {
          $kernpath = $entry['kernel']
          # current kernel should  have
          if $kernrel in $kernpath {
            unless 'systemd.unified_cgroup_hierarchy=1' in $entry['args']
            and 'cgroup_enable=memory' in $entry['args']
            and 'swapaccount=1' in $entry['args'] {
              exec { 'kubeinstall-update-grub':
                command => "grubby --update-kernel=${kernpath} --args=\"systemd.unified_cgroup_hierarchy=1 cgroup_enable=memory swapaccount=1\"",
                onlyif  => "test -f ${kernpath}",
                path    => '/usr/sbin:/usr/bin:/sbin:/bin',
              }
            }
          }
        }
      }
    }
  }

  # TODO/TOREAD:
  # CHAPTER 26. WORKING WITH GRUB 2
  # https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/system_administrators_guide/ch-working_with_the_grub_2_boot_loader
  # CHAPTER 19. USING CGROUPS-V2 TO CONTROL DISTRIBUTION OF CPU TIME FOR APPLICATIONS
  # https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/managing_monitoring_and_updating_the_kernel/using-cgroups-v2-to-control-distribution-of-cpu-time-for-applications_managing-monitoring-and-updating-the-kernel
  # Your kernel does not support cgroup swap limit capabilities
  # https://docs.docker.com/engine/install/linux-postinstall/#your-kernel-does-not-support-cgroup-swap-limit-capabilities
}