From ee882fa462d2f2ec97b3b009908df8e94a798f1d Mon Sep 17 00:00:00 2001
From: Cristian Calin <6627509+cristicalin@users.noreply.github.com>
Date: Tue, 30 Nov 2021 10:52:56 +0200
Subject: [PATCH] Add capability to use swap, requires Kube 1.22 (#8241)
* Alpha-NodeSwap: allow nodes to use swap
* CI: Add Fedora 35 with experimental swap job
---
.gitlab-ci/packet.yml | 5 +++++
docs/ci.md | 2 +-
.../node/templates/kubelet-config.v1beta1.yaml.j2 | 4 ++++
.../kubernetes/preinstall/tasks/0010-swapoff.yml | 10 ++++++++--
.../files/packet_fedora35-calico-swap-selinux.yml | 15 +++++++++++++++
5 files changed, 33 insertions(+), 3 deletions(-)
create mode 100644 tests/files/packet_fedora35-calico-swap-selinux.yml
diff --git a/.gitlab-ci/packet.yml b/.gitlab-ci/packet.yml
index 9dc7b5713..c502a805c 100644
--- a/.gitlab-ci/packet.yml
+++ b/.gitlab-ci/packet.yml
@@ -229,6 +229,11 @@ packet_fedora34-calico-selinux:
extends: .packet_periodic
when: on_success
+packet_fedora35-calico-swap-selinux:
+ stage: deploy-part2
+ extends: .packet_pr
+ when: manual
+
packet_amazon-linux-2-aio:
stage: deploy-part2
extends: .packet_pr
diff --git a/docs/ci.md b/docs/ci.md
index 46309339f..39b05f990 100644
--- a/docs/ci.md
+++ b/docs/ci.md
@@ -14,7 +14,7 @@ debian11 | :white_check_mark: | :x: | :x: | :x: | :x: | :x: | :x: | :x: | :x: |
debian9 | :x: | :x: | :x: | :x: | :x: | :x: | :white_check_mark: | :x: | :x: |
fedora33 | :white_check_mark: | :x: | :x: | :x: | :x: | :x: | :x: | :x: | :x: |
fedora34 | :white_check_mark: | :x: | :x: | :x: | :white_check_mark: | :x: | :x: | :x: | :x: |
-fedora35 | :x: | :x: | :x: | :x: | :x: | :white_check_mark: | :x: | :x: | :x: |
+fedora35 | :white_check_mark: | :x: | :x: | :x: | :x: | :white_check_mark: | :x: | :x: | :x: |
opensuse | :x: | :white_check_mark: | :x: | :x: | :x: | :x: | :x: | :x: | :x: |
oracle7 | :x: | :white_check_mark: | :x: | :x: | :x: | :x: | :x: | :x: | :x: |
ubuntu16 | :x: | :white_check_mark: | :x: | :white_check_mark: | :x: | :white_check_mark: | :x: | :x: | :x: |
diff --git a/roles/kubernetes/node/templates/kubelet-config.v1beta1.yaml.j2 b/roles/kubernetes/node/templates/kubelet-config.v1beta1.yaml.j2
index 13ed5f4c4..83e5a7176 100644
--- a/roles/kubernetes/node/templates/kubelet-config.v1beta1.yaml.j2
+++ b/roles/kubernetes/node/templates/kubelet-config.v1beta1.yaml.j2
@@ -106,3 +106,7 @@ eventRecordQPS: {{ kubelet_event_record_qps }}
shutdownGracePeriod: {{ kubelet_shutdown_grace_period }}
shutdownGracePeriodCriticalPods: {{ kubelet_shutdown_grace_period_critical_pods }}
{% endif %}
+{% if not kubelet_fail_swap_on|default(true) %}
+memorySwap:
+ swapBehavior: {{ kubelet_swap_behavior|default("LimitedSwap") }}
+{% endif %}
diff --git a/roles/kubernetes/preinstall/tasks/0010-swapoff.yml b/roles/kubernetes/preinstall/tasks/0010-swapoff.yml
index 3efc99b8c..4ea91d83e 100644
--- a/roles/kubernetes/preinstall/tasks/0010-swapoff.yml
+++ b/roles/kubernetes/preinstall/tasks/0010-swapoff.yml
@@ -13,11 +13,17 @@
command: /sbin/swapon -s
register: swapon
changed_when: no
+
- name: Disable swap
command: /sbin/swapoff -a
- when: swapon.stdout
+ when:
+ - swapon.stdout
+ - kubelet_fail_swap_on | default(True)
ignore_errors: "{{ ansible_check_mode }}" # noqa ignore-errors
- name: Disable swapOnZram for Fedora
command: touch /etc/systemd/zram-generator.conf
- when: swapon.stdout and ansible_distribution in ['Fedora']
+ when:
+ - swapon.stdout
+ - ansible_distribution in ['Fedora']
+ - kubelet_fail_swap_on | default(True)
diff --git a/tests/files/packet_fedora35-calico-swap-selinux.yml b/tests/files/packet_fedora35-calico-swap-selinux.yml
new file mode 100644
index 000000000..ba6d58a59
--- /dev/null
+++ b/tests/files/packet_fedora35-calico-swap-selinux.yml
@@ -0,0 +1,15 @@
+---
+# Instance settings
+cloud_image: fedora-35
+mode: default
+
+# Kubespray settings
+auto_renew_certificates: true
+
+# Test with SELinux in enforcing mode
+preinstall_selinux_state: enforcing
+
+# Test Alpha swap feature by leveraging zswap default config in Fedora 35
+kubelet_fail_swap_on: False
+kube_feature_gates:
+ - "NodeSwap=True"
--
GitLab