Derek Carr derekwaynecarr

## gist:3dd461be62213fa9c62edb5244b841d5
# put authentication operator into managed state
# this will not be required once https://github.com/openshift/cluster-authentication-operator/pull/59 merges
oc patch authentication.operator cluster --type=merge -p "{\"spec\":{\"managementState\": \"Managed\"}}"

# create a secret with htpasswd file data for user 'test' with password 'test'
# note: you can change the user listing using htpasswd on your host
# example:
# $ htpasswd -b -c htpasswd.out test test
# $ htpasswd -b htpasswd.out derek derek
# $ cat htpasswd.out

## cluster-autoscaler.yaml
apiVersion: clusterautoscaling.openshift.io/v1beta1
kind: ClusterAutoscaler
metadata:
  name: autoscale-gpu-workers
  namespace: openshift-cluster-api
spec:
  ## the machine set we want to target (used to build --nodes=argument)
  scaleTargetRef:
    apiVersion: <machineSet>
    kind: MachineSet

## gist:cf00c6ada0dd197dcdefac2a09686aa3
Control group /:
-.slice
├─kubepods.slice
│ └─kubepods-burstable.slice
│   ├─kubepods-burstable-poddbe7938e_bb8d_11e8_8b8e_c85b76cda386.slice
│   │ ├─docker-98ad47ee82609565db9d109342692e47b4896fa64b61984a7af2862f4dc7a52c.scope
│   │ │ └─24574 /dashboard --insecure-bind-address=0.0.0.0 --bind-address=0.0.0.0 --auto-generate-certificates
│   │ └─docker-9712c0d827d35d14ae4d9c18f8e841532f73a83f9bd8f042bf0ff8253aa78360.scope
│   │   └─24422 /pause
│   └─kubepods-burstable-poddbe78a13_bb8d_11e8_8b8e_c85b76cda386.slice

## 1.9-topics
Apps
----------------
Workloads API GA
- apps/v1 Workloads API (DaemonSet, Deployment, ReplicaSet and StatefulSet)
- batch Workloads API has a separate path to GA

API Machinery
----------------
Admission Control
* admission webhooks are now in beta

## gist:acd34face6a3d756772b9e08b27aa2f9
before this time, when can we get drops of cat per sprint in origin
  to update installer
  update rbac stuff
  verify if we should really stick more in the same etcd

Sept 6
  cat feature freeze?
   API moves to beta
   security shit done
   no pod preset in API

## gist:35a74a6f0f15c06f5864178e18b01cb1
$ kubectl create -f https://raw.githubusercontent.com/openshift-qe/v3-testfiles/master/pods/tc533910/readiness-probe-exec.yaml

cat /tmp/kubelet.log
I0522 16:21:05.941271   12546 prober.go:106] Readiness probe for "hello-pod_default(231fd935-3f2c-11e7-bc2e-c85b76cda386):hello-pod" failed (failure): rpc error: code = 13 desc = invalid header field value "oci runtime error: exec failed: container_linux.go:247: starting container process caused \"exec: \\\"/bin/hello\\\": stat /bin/hello: no such file or directory\"\n"
E0522 16:21:05.941351   12546 event.go:260] Could not construct reference to: '&v1.ObjectReference{Kind:"Pod", Namespace:"default", Name:"hello-pod", UID:"231fd935-3f2c-11e7-bc2e-c85b76cda386", APIVersion:"v1", ResourceVersion:"234", FieldPath:"spec.containers{hello-pod}"}' due to: 'object does not implement the List interfaces'. Will not report event: 'Warning' 'Unhealthy' 'Readiness probe failed: rpc error: code = 13 desc = invalid header field value "oci runtime error: exec failed: container_li

## cpu-affinity-numa-awarness.md

      
              1 file
            
          
              0 forks
            
          
              2 comments
            
          
              3 stars
            
          
                derekwaynecarr
                / cpu-affinity-numa-awarness.md
            
            
              Last active
              April 6, 2020 17:02
            
              
                CPU Affinity and NUMA Toplogy Awareness
              
          
    Author: Derek Carr
Last Updated: 04/17/2017
Status: Pending Review
CPU Affinity and NUMA Topology Awareness

This proposal describes a mechanism to extend Kubernetes via a
custom node isolator and scheduler to support containers that

  
## gist:8e18eefbe3aa16acbb00f1ac9310cca3
#!/bin/bash
#!/usr/bin/env bash

# This script reproduces what kubelet/cAdvisor does
# to calculate memory.available relative to root cgroup.
# The major change is that it excludes total_inactive_file memory.

# current memory usage
memory_capacity_in_kb=$(cat /proc/meminfo | grep MemTotal | awk '{print $2}')
memory_capacity_in_bytes=$((memory_capacity_in_kb * 1024))

## gist:61ad887d5c25d1128e7f33ff92dff7c2
fatal error: unexpected signal during runtime execution
[signal 0xb code=0x1 addr=0x63 pc=0x7f65a3da067d]

runtime stack:
runtime.throw(0xfdcb80, 0x2a)
	/usr/lib/golang/src/runtime/panic.go:547 +0x90
runtime.sigpanic()
	/usr/lib/golang/src/runtime/sigpanic_unix.go:12 +0x5a

goroutine 15 [syscall, locked to thread]:

## gist:241676a78ab9c6f6ceb17525e14a2f93
INSIDE CONTAINER

# df -i
Filesystem               Inodes  IUsed   IFree IUse% Mounted on
overlay                 3276800 714758 2562042   22% /
tmpfs                   1498577     18 1498559    1% /dev
tmpfs                   1498577     16 1498561    1% /sys/fs/cgroup
/dev/mapper/fedora-root 3276800 714758 2562042   22% /etc/hosts
shm                     1498577      1 1498576    1% /dev/shm
tmpfs                   1498577      9 1498568    1% /run/secrets/kubernetes.io/serviceaccount
	# put authentication operator into managed state
	# this will not be required once https://github.com/openshift/cluster-authentication-operator/pull/59 merges
	oc patch authentication.operator cluster --type=merge -p "{\"spec\":{\"managementState\": \"Managed\"}}"

	# create a secret with htpasswd file data for user 'test' with password 'test'
	# note: you can change the user listing using htpasswd on your host
	# example:
	# $ htpasswd -b -c htpasswd.out test test
	# $ htpasswd -b htpasswd.out derek derek
	# $ cat htpasswd.out
	apiVersion: clusterautoscaling.openshift.io/v1beta1
	kind: ClusterAutoscaler
	metadata:
	name: autoscale-gpu-workers
	namespace: openshift-cluster-api
	spec:
	## the machine set we want to target (used to build --nodes=argument)
	scaleTargetRef:
	apiVersion: <machineSet>
	kind: MachineSet
	Control group /:
	-.slice
	├─kubepods.slice
	│ └─kubepods-burstable.slice
	│ ├─kubepods-burstable-poddbe7938e_bb8d_11e8_8b8e_c85b76cda386.slice
	│ │ ├─docker-98ad47ee82609565db9d109342692e47b4896fa64b61984a7af2862f4dc7a52c.scope
	│ │ │ └─24574 /dashboard --insecure-bind-address=0.0.0.0 --bind-address=0.0.0.0 --auto-generate-certificates
	│ │ └─docker-9712c0d827d35d14ae4d9c18f8e841532f73a83f9bd8f042bf0ff8253aa78360.scope
	│ │ └─24422 /pause
	│ └─kubepods-burstable-poddbe78a13_bb8d_11e8_8b8e_c85b76cda386.slice
	Apps
	----------------
	Workloads API GA
	- apps/v1 Workloads API (DaemonSet, Deployment, ReplicaSet and StatefulSet)
	- batch Workloads API has a separate path to GA

	API Machinery
	----------------
	Admission Control
	* admission webhooks are now in beta
	before this time, when can we get drops of cat per sprint in origin
	to update installer
	update rbac stuff
	verify if we should really stick more in the same etcd

	Sept 6
	cat feature freeze?
	API moves to beta
	security shit done
	no pod preset in API
	$ kubectl create -f https://raw.githubusercontent.com/openshift-qe/v3-testfiles/master/pods/tc533910/readiness-probe-exec.yaml

	cat /tmp/kubelet.log
	I0522 16:21:05.941271 12546 prober.go:106] Readiness probe for "hello-pod_default(231fd935-3f2c-11e7-bc2e-c85b76cda386):hello-pod" failed (failure): rpc error: code = 13 desc = invalid header field value "oci runtime error: exec failed: container_linux.go:247: starting container process caused \"exec: \\\"/bin/hello\\\": stat /bin/hello: no such file or directory\"\n"
	E0522 16:21:05.941351 12546 event.go:260] Could not construct reference to: '&v1.ObjectReference{Kind:"Pod", Namespace:"default", Name:"hello-pod", UID:"231fd935-3f2c-11e7-bc2e-c85b76cda386", APIVersion:"v1", ResourceVersion:"234", FieldPath:"spec.containers{hello-pod}"}' due to: 'object does not implement the List interfaces'. Will not report event: 'Warning' 'Unhealthy' 'Readiness probe failed: rpc error: code = 13 desc = invalid header field value "oci runtime error: exec failed: container_li
	#!/bin/bash
	#!/usr/bin/env bash

	# This script reproduces what kubelet/cAdvisor does
	# to calculate memory.available relative to root cgroup.
	# The major change is that it excludes total_inactive_file memory.

	# current memory usage
	memory_capacity_in_kb=$(cat /proc/meminfo \| grep MemTotal \| awk '{print $2}')
	memory_capacity_in_bytes=$((memory_capacity_in_kb * 1024))
	fatal error: unexpected signal during runtime execution
	[signal 0xb code=0x1 addr=0x63 pc=0x7f65a3da067d]

	runtime stack:
	runtime.throw(0xfdcb80, 0x2a)
	/usr/lib/golang/src/runtime/panic.go:547 +0x90
	runtime.sigpanic()
	/usr/lib/golang/src/runtime/sigpanic_unix.go:12 +0x5a

	goroutine 15 [syscall, locked to thread]:
	INSIDE CONTAINER

	# df -i
	Filesystem Inodes IUsed IFree IUse% Mounted on
	overlay 3276800 714758 2562042 22% /
	tmpfs 1498577 18 1498559 1% /dev
	tmpfs 1498577 16 1498561 1% /sys/fs/cgroup
	/dev/mapper/fedora-root 3276800 714758 2562042 22% /etc/hosts
	shm 1498577 1 1498576 1% /dev/shm
	tmpfs 1498577 9 1498568 1% /run/secrets/kubernetes.io/serviceaccount