From 124de526cb7e3384bdfda40f931af755828a0f18 Mon Sep 17 00:00:00 2001 From: Odin Ugedal Date: Mon, 25 Jan 2021 14:20:37 +0100 Subject: [PATCH] Fix cgroup handling for systemd with cgroup v2 This fixes issues where kubelet enforces qos and nodeAllocatable on the worng hierarchy. Kublet will now create the files /sys/fs/cgroup/kubepods/{burstable,besteffort,}/pod-xyz when running with systemd as the driver, making it impossible to enforce the limits on nodeAllocatable. --- pkg/kubelet/cm/cgroup_manager_linux.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/kubelet/cm/cgroup_manager_linux.go b/pkg/kubelet/cm/cgroup_manager_linux.go index b99f20e870a..d5fd2e48973 100644 --- a/pkg/kubelet/cm/cgroup_manager_linux.go +++ b/pkg/kubelet/cm/cgroup_manager_linux.go @@ -577,7 +577,7 @@ func (m *cgroupManagerImpl) Update(cgroupConfig *CgroupConfig) error { unified := libcontainercgroups.IsCgroup2UnifiedMode() if unified { - libcontainerCgroupConfig.Path = cgroupConfig.Name.ToCgroupfs() + libcontainerCgroupConfig.Path = m.Name(cgroupConfig.Name) } else { libcontainerCgroupConfig.Paths = m.buildCgroupPaths(cgroupConfig.Name) }