Deploying lxcfs on a k8s cluster

Home   »   Deploying lxcfs on a k8s cluster

# STEP 1 - Deploy lxcfs as a daemonset. Following yaml should be used for deployment. It deploys lxcfs in kube-system namespace
# This yaml doesn't have the master node toleration, so lxcfs will not be deployed on master

apiVersion: apps/v1
kind: DaemonSet
metadata:
  name: lxcfs
  namespace: kube-system
  labels:
    app: lxcfs
spec:
  selector:
    matchLabels:
      app: lxcfs
  template:
    metadata:
      labels:
        app: lxcfs
    spec:
      hostPID: true
      #tolerations:
      #- key: node-role.kubernetes.io/master
      #  effect: NoSchedule
      containers:
      - name: lxcfs
        image: bluedata/lxcfs:4.0.8
        imagePullPolicy: Always
        #imagePullPolicy: IfNotPresent
        args:
          - "--enable-cfs"
          - "/lxcfs"
        securityContext:
          privileged: true
        volumeMounts:
        - name: lxcfs
          mountPath: /lxcfs
          mountPropagation: "Bidirectional"
      volumes:
      - name: lxcfs
        hostPath:
          path: /var/lib/lxcfs

# Wait for lxcfs to be running and verify on each host /var/lib/lxcfs has directories populated like
# drwxr-xr-x. 2 root root 0 May  4 07:43 cgroup
# dr-xr-xr-x. 2 root root 0 May  4 07:43 proc
# dr-xr-xr-x. 2 root root 0 May  4 07:43 sys

# STEP 2 - deploy workload with cpu and memory limits. Following deployment brings up two nginx pods
# with volumes mounts necessary to surface 

apiVersion: apps/v1
kind: Deployment
metadata:
  name: web
  labels:
    my-app: nginx
spec:
  replicas: 2
  selector:
    matchLabels:
      my-app: nginx
  template:
    metadata:
      labels:
        my-app: nginx
    spec:
      volumes:
      - name: lxcfs-cpuinfo
        hostPath:
          path: /var/lib/lxcfs/proc/cpuinfo
      - name: lxcfs-diskstats
        hostPath:
          path: /var/lib/lxcfs/proc/diskstats
      - name: lxcfs-loadavg
        hostPath:
          path: /var/lib/lxcfs/proc/loadavg
      - name: lxcfs-meminfo
        hostPath:
          path: /var/lib/lxcfs/proc/meminfo
      - name: lxcfs-stat
        hostPath:
          path: /var/lib/lxcfs/proc/stat
      - name: lxcfs-swaps
        hostPath:
          path: /var/lib/lxcfs/proc/swaps
      - name: lxcfs-uptime
        hostPath:
          path: /var/lib/lxcfs/proc/uptime
      containers:
      - name: nginx
        image: k8s.gcr.io/nginx-slim:0.8
        resources:
          requests:
            memory: 256Mi
            cpu: 250m
          limits:
            memory: 256Mi
            cpu: 250m
        ports:
        - containerPort: 80
          name: web
        volumeMounts:
        - name: lxcfs-cpuinfo
          mountPath: /proc/cpuinfo
        - name: lxcfs-diskstats
          mountPath: /proc/diskstats
        - name: lxcfs-loadavg
          mountPath: /proc/loadavg
        - name: lxcfs-meminfo
          mountPath: /proc/meminfo
        - name: lxcfs-stat
          mountPath: /proc/stat
        - name: lxcfs-swaps
          mountPath: /proc/swaps
        - name: lxcfs-uptime
          mountPath: /proc/uptime

# STEP 3, exec into the pod and run cat /proc/cpuinfo, /proc/meminfo to verify that it is showing cgroup values

Leave a Reply

Your email address will not be published. Required fields are marked *