kubelet/userns: Use kubelet maxPods

We don't have the alpha limitation anymore, let's just use the kubelet maxPods instead of our hardcoded 1024 max. Signed-off-by: Rodrigo Campos <rodrigoca@microsoft.com>
2025-08-07 11:13:48 +00:00 · 2024-03-01 13:26:57 -03:00 · 2024-03-01 13:26:57 -03:00 · 0b69c2bc81
commit 0b69c2bc81
parent 39c6815676
3 changed files with 18 additions and 7 deletions
--- a/pkg/kubelet/kubelet_getters.go
+++ b/pkg/kubelet/kubelet_getters.go
@ -128,6 +128,10 @@ func (kl *Kubelet) GetKubeletMappings() (uint32, uint32, error) {
 	return kl.getKubeletMappings()
 }

+func (kl *Kubelet) GetMaxPods() int {
+	return kl.maxPods
+}
+
 // getPodDir returns the full path to the per-pod directory for the pod with
 // the given UID.
 func (kl *Kubelet) getPodDir(podUID types.UID) string {
--- a/pkg/kubelet/userns/userns_manager.go
+++ b/pkg/kubelet/userns/userns_manager.go
@ -39,10 +39,6 @@ import (
 // length for the user namespace to create (65536).
 const userNsLength = (1 << 16)

-// Limit the total number of pods using userns in this node to this value.
-// This is an alpha limitation that will probably be lifted later.
-const maxPods = 1024
-
 // Create a new map when we removed enough pods to avoid memory leaks
 // since Go maps never free memory.
 const mapReInitializeThreshold = 1000
@ -52,6 +48,7 @@ type userNsPodsManager interface {
 	GetPodDir(podUID types.UID) string
 	ListPodsFromDisk() ([]types.UID, error)
 	GetKubeletMappings() (uint32, uint32, error)
+	GetMaxPods() int
 }

 type UsernsManager struct {
@ -148,8 +145,8 @@ func MakeUserNsManager(kl userNsPodsManager) (*UsernsManager, error) {
 	if kubeletMappingLen%userNsLength != 0 {
 		return nil, fmt.Errorf("kubelet user assigned IDs length %v is not a multiple of %v", kubeletMappingLen, userNsLength)
 	}
-	if kubeletMappingLen/userNsLength < maxPods {
-		return nil, fmt.Errorf("kubelet user assigned IDs are not enough to support %v pods", maxPods)
+	if kubeletMappingLen/userNsLength < uint32(kl.GetMaxPods()) {
+		return nil, fmt.Errorf("kubelet user assigned IDs are not enough to support %v pods", kl.GetMaxPods())
 	}
 	off := int(kubeletMappingID / userNsLength)
 	len := int(kubeletMappingLen / userNsLength)
--- a/pkg/kubelet/userns/userns_manager_test.go
+++ b/pkg/kubelet/userns/userns_manager_test.go
@ -38,13 +38,15 @@ const (
 	// skip the first block
 	minimumMappingUID = userNsLength
 	// allocate enough space for 2000 user namespaces
-	mappingLen = userNsLength * 2000
+	mappingLen  = userNsLength * 2000
+	testMaxPods = 110
 )

 type testUserNsPodsManager struct {
 	podDir  string
 	podList []types.UID
 	userns  bool
+	maxPods int
 }

 func (m *testUserNsPodsManager) GetPodDir(podUID types.UID) string {
@ -72,6 +74,14 @@ func (m *testUserNsPodsManager) GetKubeletMappings() (uint32, uint32, error) {
 	return minimumMappingUID, mappingLen, nil
 }

+func (m *testUserNsPodsManager) GetMaxPods() int {
+	if m.maxPods != 0 {
+		return m.maxPods
+	}
+
+	return testMaxPods
+}
+
 func TestUserNsManagerAllocate(t *testing.T) {
 	defer featuregatetesting.SetFeatureGateDuringTest(t, utilfeature.DefaultFeatureGate, pkgfeatures.UserNamespacesSupport, true)()