From 2a7b50a016a2b4653f89d10d619fbfd079289681 Mon Sep 17 00:00:00 2001 From: Max Gautier Date: Thu, 23 Jan 2025 04:24:36 +0100 Subject: [PATCH] calico: don't set calico-node cpu limits by default (#11914) Upstream calico isn't doing that, and: - this can cause throttling - the cpu needed by calico is very cluster / workload dependent - missing cpu limits will not starve other pods (unlike missing memory requests), because the kernel scheduler will still gives priority to other process in pods not exceeding their requests --- roles/network_plugin/calico/templates/calico-node.yml.j2 | 2 ++ roles/network_plugin/calico_defaults/defaults/main.yml | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/roles/network_plugin/calico/templates/calico-node.yml.j2 b/roles/network_plugin/calico/templates/calico-node.yml.j2 index 10151cdb6..cce777280 100644 --- a/roles/network_plugin/calico/templates/calico-node.yml.j2 +++ b/roles/network_plugin/calico/templates/calico-node.yml.j2 @@ -352,7 +352,9 @@ spec: privileged: true resources: limits: +{% if calico_node_cpu_limit != "0" %} cpu: {{ calico_node_cpu_limit }} +{% endif %} memory: {{ calico_node_memory_limit }} requests: cpu: {{ calico_node_cpu_requests }} diff --git a/roles/network_plugin/calico_defaults/defaults/main.yml b/roles/network_plugin/calico_defaults/defaults/main.yml index 8b909f021..a9567e886 100644 --- a/roles/network_plugin/calico_defaults/defaults/main.yml +++ b/roles/network_plugin/calico_defaults/defaults/main.yml @@ -58,7 +58,7 @@ calico_felix_floating_ips: Disabled # Limits for apps calico_node_memory_limit: 500M -calico_node_cpu_limit: 300m +calico_node_cpu_limit: "0" calico_node_memory_requests: 64M calico_node_cpu_requests: 150m calico_felix_chaininsertmode: Insert