From 69c7670b6c6c7f0df386b48ce30b2f25c705d8b5 Mon Sep 17 00:00:00 2001 From: John Mulligan Date: Sat, 21 Oct 2023 11:41:15 -0400 Subject: [PATCH] cephadm: move option for setting unlimited pids into engine classes Move the option for setting unlimited pids for the container engine into the container engine classes. This continues the attempts to improve the locality of items specific to certain classes to be by making them part of the classes. Signed-off-by: John Mulligan --- src/cephadm/cephadm.py | 9 +-------- src/cephadm/cephadmlib/container_engine_base.py | 7 +++++++ src/cephadm/cephadmlib/container_engines.py | 10 ++++++++++ src/cephadm/tests/fixtures.py | 2 ++ 4 files changed, 20 insertions(+), 8 deletions(-) diff --git a/src/cephadm/cephadm.py b/src/cephadm/cephadm.py index 641b269c1324d..650e080843ede 100755 --- a/src/cephadm/cephadm.py +++ b/src/cephadm/cephadm.py @@ -70,7 +70,6 @@ from cephadmlib.constants import ( LOGROTATE_DIR, LOG_DIR, LOG_DIR_MODE, - PIDS_LIMIT_UNLIMITED_PODMAN_VERSION, SYSCTL_DIR, UNIT_DIR, ) @@ -2692,13 +2691,7 @@ def _update_pids_limit(ctx: CephadmContext, daemon_type: str, container_args: Li unlimited_daemons.add(NFSGanesha.daemon_type) if daemon_type not in unlimited_daemons: return - if ( - isinstance(ctx.container_engine, Podman) - and ctx.container_engine.version >= PIDS_LIMIT_UNLIMITED_PODMAN_VERSION - ): - container_args.append('--pids-limit=-1') - else: - container_args.append('--pids-limit=0') + container_args.append(ctx.container_engine.unlimited_pids_option) def get_container( diff --git a/src/cephadm/cephadmlib/container_engine_base.py b/src/cephadm/cephadmlib/container_engine_base.py index 135b2f4f32105..c8d4bfbcf2905 100644 --- a/src/cephadm/cephadmlib/container_engine_base.py +++ b/src/cephadm/cephadmlib/container_engine_base.py @@ -11,5 +11,12 @@ class ContainerEngine: def EXE(self) -> str: raise NotImplementedError() + @property + def unlimited_pids_option(self) -> str: + """The option to pass to the container engine for allowing unlimited + pids (processes). + """ + return '--pids-limit=0' + def __str__(self) -> str: return f'{self.EXE} ({self.path})' diff --git a/src/cephadm/cephadmlib/container_engines.py b/src/cephadm/cephadmlib/container_engines.py index 8ced8ab3ff4b4..98019fa820b3a 100644 --- a/src/cephadm/cephadmlib/container_engines.py +++ b/src/cephadm/cephadmlib/container_engines.py @@ -11,6 +11,7 @@ from .constants import ( CGROUPS_SPLIT_PODMAN_VERSION, DEFAULT_MODE, MIN_PODMAN_VERSION, + PIDS_LIMIT_UNLIMITED_PODMAN_VERSION, ) from .exceptions import Error @@ -45,6 +46,15 @@ class Podman(ContainerEngine): """Return true if this version of podman supports split cgroups.""" return self.version >= CGROUPS_SPLIT_PODMAN_VERSION + @property + def unlimited_pids_option(self) -> str: + """The option to pass to the container engine for allowing unlimited + pids (processes). + """ + if self.version >= PIDS_LIMIT_UNLIMITED_PODMAN_VERSION: + return '--pids-limit=-1' + return '--pids-limit=0' + def service_args( self, ctx: CephadmContext, service_name: str ) -> List[str]: diff --git a/src/cephadm/tests/fixtures.py b/src/cephadm/tests/fixtures.py index 86a8c6119ea8a..d25dffa9e3b44 100644 --- a/src/cephadm/tests/fixtures.py +++ b/src/cephadm/tests/fixtures.py @@ -21,6 +21,7 @@ def mock_docker(): docker = mock.Mock(Docker) docker.path = '/usr/bin/docker' + type(docker).unlimited_pids_option = Docker.unlimited_pids_option return docker @@ -37,6 +38,7 @@ def mock_podman(): # https://docs.python.org/3/library/unittest.mock.html#unittest.mock.Mock type(podman).supports_split_cgroups = Podman.supports_split_cgroups type(podman).service_args = Podman.service_args + type(podman).unlimited_pids_option = Podman.unlimited_pids_option return podman -- 2.39.5