Changing CRI-O container settings
- Installation phase
- Setting up a client workstation
- Who needs to complete this task?
- A cluster administrator must complete this task.
- When do you need to complete this task?
- When you plan to install certain services, you must change node settings to configure your cluster so those services run properly.
Before you begin
Ensure that you source the environment variables before you run the commands in this task.
About this task
- Cognos® Analytics
- Db2®
- Db2 Big SQL
- Db2 Warehouse
- Watson™ Discovery
- Watson Knowledge Catalog
- Watson Query
- Watson Studio
- Watson Machine Learning Accelerator
Procedure
Complete the appropriate task for your environment, as specified in the following table:
Deployment environment | Managed | Self-managed |
---|---|---|
On-premises | If you install Cloud Pak for Data on IBM® Cloud Satellite, the CRI-O container settings are automatically applied to your cluster as part of the installation. You do not need to change the CRI-O settings. |
|
IBM Cloud | If you install Cloud Pak for Data on IBM Cloud, the CRI-O container settings are automatically applied to your cluster as part of the installation. You do not need to change the CRI-O settings. | If you install Cloud Pak for Data on IBM Cloud, the CRI-O container settings are automatically applied to your cluster as part of the installation. You do not need to change the CRI-O settings. |
AWS |
|
|
Microsoft Azure |
|
|
Google Cloud | Not applicable |
|
Setting the pids_limit by using the cpd-cli manage apply-crio command
Run the cpd-cli
manage
apply-crio
command to apply the Container Runtime Interface
(CRI-O) settings to your cluster nodes.
When you run cpd-cli
manage
apply-crio
command, the pids_limit is set to
16384
.
To set the CRI-O
pids_limit
to 16384
by using the cpd-cli
manage
apply-crio
command, complete the following steps:
- Run the
cpd-cli manage login-to-ocp
command to log in to the cluster as a user with sufficient permissions to complete this task. For example:cpd-cli manage login-to-ocp \ --username=${OCP_USERNAME} \ --password=${OCP_PASSWORD} \ --server=${OCP_URL}
- Run the following command to apply the CRI-O
settings:
cpd-cli manage apply-crio \ --openshift_type=${OPENSHIFT_TYPE}
Setting the process IDs limit by creating a KubeletConfig
In Red Hat
OpenShift Container Platform Version 4.12, the
process IDs limit is set in a kubeletConfig
.
-
Log in to Red Hat OpenShift Container Platform as a user with sufficient permissions to complete the task:
oc login ${OCP_URL}
- Run the following command to create the
KubeletConfig
that defines thepodPidsLimit
:oc apply -f - << EOF apiVersion: machineconfiguration.openshift.io/v1 kind: KubeletConfig metadata: name: cpd-pidslimit-kubeletconfig spec: kubeletConfig: podPidsLimit: 16384 machineConfigPoolSelector: matchExpressions: - key: pools.operator.machineconfiguration.openshift.io/worker operator: Exists EOF
Setting the process IDs limit by creating a ContainerRuntimeConfig
To set the pids_limit
value to 16384
in Microsoft
Azure managed and self-managed environments on
OpenShift Version 4.8 and Version 4.10,
complete the following steps:
- Create a ContainerRuntimeConfig file with the following
contents:
apiVersion: machineconfiguration.openshift.io/v1 kind: ContainerRuntimeConfig metadata: name: new-large-pidlimit spec: containerRuntimeConfig: pidsLimit: 16384 machineConfigPoolSelector: matchExpressions: - key: pools.operator.machineconfiguration.openshift.io/worker operator: Exists EOF
- Run the following command to apply the config
file:
oc create -f <ContainerRuntimeConfig file name>
- Run one of the following commands to verify the settings:
-
oc debug <workernode> chroot /host crio-status config | grep pids_limit
-
oc get no -o name | grep compute | awk '{system("oc debug " $1 " -- bash -lc \"chroot /host sudo crio-status config | grep pids_limit\" ")}'
-