mirror of
https://github.com/kata-containers/kata-containers.git
synced 2026-07-01 14:38:33 +00:00
runtime-rs: use SE-specific overhead_memory for qemu-se config
The IBM SEL runtime requires a larger overhead_memory budget than other TEE runtimes (SNP, TDX) because the kernel command line baked into the SE image sets: swiotlb=262144 (262144 × 2 KiB slots = 512 MiB) This buffer is pre-allocated at boot from the guest's physical RAM before any workload runs. With static_sandbox_resource_mgmt = true the VM gets: vm_memory = overhead_memory + container_limit In k8s-limit-range.bats, DEFOVERHEADMEMSZ_TEE (128 MiB) resulted in a 256 MiB VM when a container with a 128 MiB memory limit was scheduled — far too small to even fit the swiotlb allocation, causing boot failure. In a similar way, the failure is also observed for k8s-oom.bats. Introduce DEFOVERHEADMEMSZ_TEE_SE := 768 MiB, sized to cover: - 512 MiB swiotlb bounce buffer (fixed by sealed kernel cmdline) - ~128 MiB SE kernel + initrd + agent baseline - ~128 MiB headroom for other stuff Signed-off-by: Hyounggyu Choi <Hyounggyu.Choi@ibm.com>
This commit is contained in:
@@ -177,6 +177,8 @@ DEFOVERHEADMEMSZ_DB := 32
|
||||
DEFOVERHEADVCPUS_TEE := 0.4
|
||||
##VAR DEFOVERHEADMEMSZ_TEE=<number> Memory overhead (MiB) for SNP/TDX runtimes
|
||||
DEFOVERHEADMEMSZ_TEE := 128
|
||||
##VAR DEFOVERHEADMEMSZ_TEE_SE=<number> Memory overhead (MiB) for IBM SE runtimes (includes 512 MiB swiotlb bounce buffer)
|
||||
DEFOVERHEADMEMSZ_TEE_SE := 768
|
||||
##VAR DEFMEMSLOTS=<number> Default memory slots
|
||||
# Cases to consider :
|
||||
# - nvdimm rootfs image
|
||||
@@ -697,6 +699,7 @@ USER_VARS += DEFOVERHEADVCPUS_TEE
|
||||
USER_VARS += DEFOVERHEADVCPUS_DB
|
||||
USER_VARS += DEFOVERHEADMEMSZ_DB
|
||||
USER_VARS += DEFOVERHEADMEMSZ_TEE
|
||||
USER_VARS += DEFOVERHEADMEMSZ_TEE_SE
|
||||
USER_VARS += DEFMAXVCPUS
|
||||
USER_VARS += DEFMAXVCPUS_DB
|
||||
USER_VARS += DEFMAXVCPUS_QEMU
|
||||
|
||||
@@ -143,7 +143,7 @@ default_memory = @DEFMEMSZ@
|
||||
# missing, requested_memory is treated as 0, so vm_memory equals overhead_memory.
|
||||
# When no workload limits are present, default_memory is used instead.
|
||||
# See docs/how-to/how-to-size-sandbox-overhead-runtime-rs.md
|
||||
overhead_memory = @DEFOVERHEADMEMSZ_TEE@
|
||||
overhead_memory = @DEFOVERHEADMEMSZ_TEE_SE@
|
||||
#
|
||||
# Default memory slots per SB/VM.
|
||||
# If unspecified then it will be set @DEFMEMSLOTS@.
|
||||
|
||||
Reference in New Issue
Block a user