Changing CRI-O container settings
Important: IBM Cloud Pak® for Data
Version 4.7 will reach end of support (EOS) on 31 July, 2025. For more information, see the Discontinuance of service announcement for IBM Cloud Pak for Data Version 4.X.
Upgrade to IBM Software Hub Version 5.1 before IBM Cloud Pak for Data Version 4.7 reaches end of support. For more information, see Upgrading IBM Software Hub in the IBM Software Hub Version 5.1 documentation.
To ensure that some services can run correctly, you might need to change the pids_limit setting for the CRI-O container runtime on the OpenShift® Container Platform.
- Installation phase
Setting up a client workstation- Setting up a cluster
- Collecting required information
- Preparing to run installs from a private container registry
Preparing the cluster for Cloud Pak for Data- Preparing to install an instance of Cloud Pak for Data
- Installing an instance of Cloud Pak for Data
- Who needs to complete this task?
- A cluster administrator must complete this task.
- When do you need to complete this task?
- When you plan to install certain services, you must change node settings to configure your cluster so those services run properly.
Before you begin
Best practice: You can run the commands in
this task exactly as written if you set up environment variables. For instructions, see Setting up installation environment variables.
Ensure that you source the environment variables before you run the commands in this task.
About this task
Whether you need to change pids_limit value and how you change it depend on
your environment. If you plan to install one or more of the following services, you might need to
adjust the pids_limit:
- Cognos® Analytics
- Db2®
- Db2 Big SQL
- Db2 Warehouse
- Watson Discovery
- Watson Knowledge Catalog
- Watson Query
- Watson Studio
- Watson Machine Learning Accelerator
Procedure
Complete the appropriate task for your environment, as specified in the following table:
| Deployment environment | Managed | Self-managed |
|---|---|---|
| On-premises | If you install Cloud Pak for Data on IBM® Cloud Satellite™, the CRI-O container settings are automatically applied to your cluster as part of the installation. You do not need to change the CRI-O settings. |
|
| IBM Cloud | If you install Cloud Pak for Data on IBM Cloud, the CRI-O container settings are automatically applied to your cluster as part of the installation. You do not need to change the CRI-O settings. | If you install Cloud Pak for Data on IBM Cloud, the CRI-O container settings are automatically applied to your cluster as part of the installation. You do not need to change the CRI-O settings. |
| AWS |
|
|
| Microsoft Azure |
|
|
| Google Cloud | Not applicable |
|
Setting the pids_limit by using the cpd-cli manage apply-crio command
Run the cpd-cli
manage
apply-crio command to apply the Container Runtime Interface
(CRI-O) settings to your cluster nodes.
Restriction: This command applies only to Red Hat OpenShift Container Platform
Version 4.10. If you are running Version 4.12, see Setting the process IDs limit by creating a KubeletConfig.
Important: This command performs a rolling restart of the worker nodes on the
cluster.
When you run cpd-cli
manage
apply-crio command, the pids_limit is set to
16384.
To set the CRI-O
pids_limit to 16384 by using the cpd-cli
manage
apply-crio command, complete the following steps:
- Run the
cpd-cli manage login-to-ocpcommand to log in to the cluster as a user with sufficient permissions to complete this task. For example:cpd-cli manage login-to-ocp \ --username=${OCP_USERNAME} \ --password=${OCP_PASSWORD} \ --server=${OCP_URL} - Run the following command to apply the CRI-O
settings:
cpd-cli manage apply-crio \ --openshift_type=${OPENSHIFT_TYPE}
Setting the process IDs limit by creating a KubeletConfig
In Red Hat OpenShift Container Platform Version 4.12, the
process IDs limit is set in a kubeletConfig.
-
Log in to Red Hat OpenShift Container Platform as a user with sufficient permissions to complete the task.
oc login ${OCP_URL} - Run the following command to create the
KubeletConfigthat defines thepodPidsLimit:oc apply -f - << EOF apiVersion: machineconfiguration.openshift.io/v1 kind: KubeletConfig metadata: name: cpd-pidslimit-kubeletconfig spec: kubeletConfig: podPidsLimit: 16384 machineConfigPoolSelector: matchExpressions: - key: pools.operator.machineconfiguration.openshift.io/worker operator: Exists EOF
Setting the process IDs limit by creating a ContainerRuntimeConfig
To set the pids_limit value to 16384 in Microsoft Azure managed and self-managed environments run
OpenShift
Version 4.10, complete the following
steps:
- Create a ContainerRuntimeConfig file with the following
contents:
apiVersion: machineconfiguration.openshift.io/v1 kind: ContainerRuntimeConfig metadata: name: new-large-pidlimit spec: containerRuntimeConfig: pidsLimit: 16384 machineConfigPoolSelector: matchExpressions: - key: pools.operator.machineconfiguration.openshift.io/worker operator: Exists EOF - Run the following command to apply the config
file:
oc create -f <ContainerRuntimeConfig file name> - Run one of the following commands to verify the settings:
-
oc debug <workernode> chroot /host crio-status config | grep pids_limit -
oc get no -o name | grep compute | awk '{system("oc debug " $1 " -- bash -lc \"chroot /host sudo crio-status config | grep pids_limit\" ")}'
-