enhancements: support real-time kernels #166
Conversation
openshift-ci-robot
added
the
size/L
darkmuggle
left a comment
darkmuggle
left a comment
There was a problem hiding this comment.
A few questions, but otherwise it looks good to me. The prose is clear and concise.
| If there are additional changes required across the OCP product to properly support | ||
| real-time kernel (i.e. container runtime, etc) which cannot be delivered at the | ||
| same time, the real-time kernel packages can still be included as part of the | ||
| `machine-os-content` image. Additionally, exposing the tunable in the MachineConfig |
There was a problem hiding this comment.
Mind clarifying this? The part about lacking full support pivots to removing the tunable.
There was a problem hiding this comment.
My logic was:
- we prep RT kernel support in RHCOS + MCO
- we discover there are other components that are not ready
- mitigation: keep the RT kernel in the
machine-os-contentand backout the MCO change, effectively hiding the knob from users
Does that help?
|
|
||
| 1. Include the `kernel-rt` packages in the `machine-os-content` image | ||
| 2. Provide tunable in MachineConfig that selects the type of kernel to use | ||
| 3. Do initial tuning of RHCOS node after real-time kernel is applied |
There was a problem hiding this comment.
I think we need to clarify what "tuning" is affected. For example, FIPS and encryption?
There was a problem hiding this comment.
I believe this falls into the bucket of tuned profiles. @cgwalters can you provide some details?
| - Test removal of `kernel-rt` packages on single RHCOS node | ||
| - Test `kernelType: realtime` on OCP cluster with RHCOS nodes using default kernel | ||
| - Test `kernelType: default` on OCP cluster with RHCOS nodes using default kernel | ||
| - Test `kernelType: default` on OCP cluster with RHCOS nodes already using real-time kernel |
There was a problem hiding this comment.
Specifying one MC with setting kerneType to realtime and another one to default can lead to uncertain behavior because rendered MC will pick one of them. Instead of creating another MC with kernelType: default, We might want to test here deleting MC which adds kernelType: realtime .
There was a problem hiding this comment.
Got it; will update that test case.
|
|
||
| ### Providing the Packages | ||
|
|
||
| The proposal is to include the `kernel-rt` packages in the `machine-os-content` |
There was a problem hiding this comment.
nit: In the standard machine-os-content. Basically denote it's not a special or different one.
|
|
||
| When the MCO parses a MachineConfig with `kernelType: default`, it shall instruct `rpm-ostree` | ||
| on the RHCOS node to remove any `kernel-rt` packages and use the default kernel. If the | ||
| `kernel-rt` packages are not present, it should be a no-op. |
There was a problem hiding this comment.
I wasn't going to get into those details, but no harm in calling it out explicitly.
ashcrow
left a comment
ashcrow
left a comment
There was a problem hiding this comment.
Added a couple minor items but it looks quite good!
| for things like nVidia GPUs will need to rebuild the kernel modules | ||
| to support the real-time kernel. | ||
|
|
||
| - Customers requiring FIPS support **SHOULD NOT** use the real-time kernel. |
There was a problem hiding this comment.
Can we handle this situation explicitly in the MCO? Like, the MCO can refuse to enable it (e.g. by setting the kerneltype=default on the rendered MC when fips=true)?
There was a problem hiding this comment.
yes should be possible. MCO can print some message saying Not supported when FIPS is already enabled.
This proposal covers adding support for real-time kernels to RHCOS and the ability to select those kernels with the MCO.
|
Finally got around to making the updates ⬆️ |
openshift-ci-robot
added
the
approved
|
Anyone object to merging? |
|
Can someone give a It's just a formality at this point; the |
|
/lgtm |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: ashcrow, cgwalters, miabbott, mike-nguyen, sdodson The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:
Approvers can indicate their approval by writing |
10 participants
This proposal covers adding support for real-time kernels to RHCOS and
the ability to select those kernels with the MCO.