kubelet does not start due to garbled cpulist
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| StarlingX |
Fix Released
|
Medium
|
Jim Gauld | ||
Bug Description
Brief Description:
The kubelet --reserved-cpus configuration contains a cpulist string. If the value contains a comma (e.g., 0,20) then this gets interpreted as octal and becomes garbled and becomes integer 16. When the node comes up, the wrong cpus get used. For more complex values (e.g., 0,4,40,44), the resulting garbled integer is 18468, and in that case kubelet fails to start, resulting in node does not come up.
The likelihood of encountering this happens when hyperthreading enabled, and depending on the cpu enumeration pattern of BIOS. So we tend to see this more on AIO Dell Hardware, but it really is a generic issue. This can occur on first provisioning, and subsequently if number of platform cores are reconfigured and the result is a comma separate list instead of a range.
Root cause is that the underlying puppet hieara data requires special quoting of these values. That is done for most cases in the sysinv puppet code, but was missing for the new variables: platform:
Simple solution is to special quote these two variables, just like the other usages.
Severity:
Critical: System node will not come up.
Steps to Reproduce:
- Lock worker.
- Add platform cores.
- Unlock
Expected behaviour:
kubelet --reserved-cpus option contains proper cpulist. kubelet starts. node comes up.
Actual behaviour:
kubelet --reserved-cpus option is invalid. kubelet does not start. node does not come up.
Reproducibility:
100 percent, if result is a comma-separated cpulist or list of ranges
System configuration:
AIO-DX, hyperthreading enabled.
This can occur with all system types.
Test activity:
Evaluation.
Workaround:
This requires a source code change since these values get regenerated on unlock. Modify the source code that generates this puppet hieradata to surround cpusets with quotation marks, restart sysinv-conductor, lock/unlock affected host.
Eg, On both controllers, modify the two lines of code in /usr/lib64/
config.update(
{'platform:
"\"%s\"" % k8s_cpuset,
'platform:
"\"%s\"" % k8s_nodeset,
'platform:
"\"%s\"" % k8s_platform_
'platform:
"\"%s\"" % k8s_all_
'platform:
})
On the active controller, restart sysinv-conductor process to pick up the code change:
sudo /usr/local/
Lock/unlock the affected host.
To verify the change, on controller (note 192.168.204.3 has the change, 192.168.204.3 does not):
sudo grep -rs cpuset /opt/platform
/opt/platform/
/opt/platform/
/opt/platform/
/opt/platform/
/192.168.
/opt/platform/
/opt/platform/
| Ghada Khalil (gkhalil) wrote | #1 |
| Changed in starlingx: | |
| assignee: | nobody → Jim Gauld (jgauld) |
| importance: | Undecided → Medium |
| status: | New → Triaged |
| tags: | added: stx.5.0 stx.containers |
| Jim Gauld (jgauld) wrote | #2 |
| OpenStack Infra (hudson-openstack) wrote Fix proposed to config (master) | #3 |
| Changed in starlingx: | |
| status: | Triaged → In Progress |
| OpenStack Infra (hudson-openstack) wrote Fix merged to config (master) | #4 |
| Changed in starlingx: | |
| status: | In Progress → Fix Released |
| Ghada Khalil (gkhalil) wrote | #5 |
| tags: |
added: stx.4.0 removed: stx.5.0 |
stx.5.0 / medium priority - issue was reported on one h/w instance. Can consider back-porting in the future if this becomes a more widespread issue for the community.