settings: Add container-runtime settings #2494
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
stmcginnis
force-pushed
the
cr-settings
branch
3 times, most recently
from
a95dd71
to
82257e6
Compare
webern
approved these changes
Oct 14, 2022
There was a problem hiding this comment.
LGTM pending testing (and passing builds). The only thought I had is whether we want to constrain the values to those that containerd accepts (e.g. -1 - 16384 for max_container_log_line_size, questionable whether 0 is allowable), but that seems like more trouble than its worth right now.
Yeah, good call. This has come up a couple times now. From what I understand, we don't have a good mechanism to handle extra validation for numeric values yet, so I do think we should get to that as a (hopefully soon) follow on. |
stmcginnis
force-pushed
the
cr-settings
branch
from
82257e6
to
efeca23
Compare
bcressey
approved these changes
Oct 15, 2022
This adds `settings.container-runtime.max-container-log-line-size` and `settings.container-runtime.max-concurrent-downloads` settings. The affect how containerd is configured. `max-container-log-line-size` controls how long a log line can be from a container before containerd breaks it into multiple separate lines. `max-concurrent-downloads` controls how many concurrent downloads will be done in parallel to download an image. Signed-off-by: Sean McGinnis <[email protected]>
stmcginnis
force-pushed
the
cr-settings
branch
from
efeca23
to
97b01f6
Compare
bcressey
approved these changes
Oct 15, 2022
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Issue number:
Closes #2292
Closes: #2466
Description of changes:
This adds
settings.container-runtimesettings. The affect how containerd is configured.max-container-log-line-sizecontrols how long a log line can be from a container before containerd breaks it into multiple separate lines.max-concurrent-downloadscontrols how many concurrent downloads will be done in parallel to download an image.settings.container-runtime.enable-unprivileged-icmp: Allow unprivileged containers to open ICMP echo sockets.settings.container-runtime.enable-unprivileged-ports: Allow unprivileged containers to bind to ports < 1024.Testing done:
Created EKS cluster with custom build, checked setting and retrieving settings via
apiclient get settings.container-runtime. Verified containerd service config would get updated and service restarted.Terms of contribution:
By submitting this pull request, I agree that this contribution is dual-licensed under the terms of both the Apache License, version 2.0, and the MIT license.