The latest articles on DEV Community by Radu Andra (@dummyandra). https://dev.to/dummyandra https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F385394%2Fe623dc9f-2ef1-4627-8457-e45a46645ae6.jpg https://dev.to/dummyandra en Radu Andra Fri, 12 Feb 2021 18:17:49 +0000 https://dev.to/dummyandra/another-method-to-access-aks-linux-nodes-2j1h https://dev.to/dummyandra/another-method-to-access-aks-linux-nodes-2j1h <h1> Deploy a demonset with privileged containers to access each node </h1> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>cat &lt;&lt;EOF &gt; sshNode.yaml apiVersion: apps/v1 kind: DaemonSet metadata: name: privileged spec: selector: matchLabels: name: privileged-container template: metadata: labels: name: privileged-container spec: containers: - name: busybox image: busybox resources: limits: cpu: 200m memory: 100Mi requests: cpu: 100m memory: 50Mi stdin: true securityContext: privileged: true volumeMounts: - name: host-root-volume mountPath: /host readOnly: false volumes: - name: host-root-volume hostPath: path: / hostNetwork: true hostPID: true restartPolicy: Always EOF </code></pre> </div> <p><a href="https://res.cloudinary.com/practicaldev/image/fetch/s--R6fz6Wd2--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_880/https://dev-to-uploads.s3.amazonaws.com/i/acy0kvf9697un8xw3ac5.png" class="article-body-image-wrapper"><img src="https://res.cloudinary.com/practicaldev/image/fetch/s--R6fz6Wd2--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_880/https://dev-to-uploads.s3.amazonaws.com/i/acy0kvf9697un8xw3ac5.png" alt="image" width="880" height="973"></a></p> <p>Bellow, I list the nodes and the pods, I see that I have 3 nodes and 3 privileged pods each one related to one specific node.<br> I exec into one created pod and I enter directly on the node from there I access the kubelet logs.<br> Exit the node by entering this command: exit<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>kubectl get nodes -owide kubectl get pods -owide kubectl exec -it privileged-dr5mf chroot /host </code></pre> </div> Radu Andra Fri, 12 Feb 2021 18:08:17 +0000 https://dev.to/dummyandra/configure-aks-node-pools-with-hugepage-support-3imb https://dev.to/dummyandra/configure-aks-node-pools-with-hugepage-support-3imb <p>In kubernetes to enable HugePages you add in kubelet <code>conf --feature-gates=HugePages=true</code></p> <p>In OpenShift you use node tunning operator </p> <p>But in AKS seems that there is no direct solution.</p> <p>The only official Azure Hugepage doc is about <code>transparentHugePage</code> and it's in preview (<a href="https://docs.microsoft.com/en-us/azure/aks/custom-node-configuration">https://docs.microsoft.com/en-us/azure/aks/custom-node-configuration</a>).<br> As far as I know, Transparent HugePages and HugePages are two different things.</p> <p>If you describe the node after you enabled the Transparent HugePages, by the way, on most Linux system it’s already enabled, the HugePages value is still 0, that means that even with Transparent activated the HugePages are still not enabled:<br> <a href="https://res.cloudinary.com/practicaldev/image/fetch/s--b79tFasc--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_880/https://dev-to-uploads.s3.amazonaws.com/i/7j9l0pa2edxsojeuwt7m.png" class="article-body-image-wrapper"><img src="https://res.cloudinary.com/practicaldev/image/fetch/s--b79tFasc--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_880/https://dev-to-uploads.s3.amazonaws.com/i/7j9l0pa2edxsojeuwt7m.png" alt="image"></a></p> <p>In this case if you will create a pod asking :<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code> <span class="na">resources</span><span class="pi">:</span> <span class="na">limits</span><span class="pi">:</span> <span class="na">hugepages-2Mi</span><span class="pi">:</span> <span class="s">100Mi</span> </code></pre> </div> <p>This pod will fail with Insufficient HugePages because we have hugepages 0 on the node (means not enabled)</p> <blockquote> <p><strong>Manual temporary workaround is to:</strong></p> </blockquote> <p><em>Please take note that this procedure will last as long as the node is kept in its original state. You also need to repeat this on all newly added nodes and after node update ore reimage</em></p> <p>Enter on the node, once inside the node I applied the fallowing commands:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nb">mkdir</span> <span class="nt">-p</span> /mnt/huge<span class="k">**</span> mount <span class="nt">-t</span> hugetlbfs nodev /mnt/huge <span class="nb">echo </span>1024 <span class="o">&gt;</span> /sys/devices/system/node/node0/hugepages/hugepages-2048kB/nr_hugepages <span class="nb">cat</span> /sys/devices/system/node/node0/hugepages/hugepages-2048kB/nr_hugepages </code></pre> </div> <p>Then you will have:<br> <a href="https://res.cloudinary.com/practicaldev/image/fetch/s--x1tnueAG--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_880/https://dev-to-uploads.s3.amazonaws.com/i/10ghui7q6qkdmjzsl7sy.png" class="article-body-image-wrapper"><img src="https://res.cloudinary.com/practicaldev/image/fetch/s--x1tnueAG--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_880/https://dev-to-uploads.s3.amazonaws.com/i/10ghui7q6qkdmjzsl7sy.png" alt="image"></a></p> <p>Or add below value in <code>/etc/sysctl.conf</code> and reload configuration by issuing <code>sysctl -p</code> command</p> <blockquote> <p><strong>To automate things and not worry about node scaling or node updates use daemonsets:</strong><br> </p> </blockquote> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="s">cat &lt;&lt;EOF &gt; sshNode.yaml</span> <span class="na">apiVersion</span><span class="pi">:</span> <span class="s">apps/v1</span> <span class="na">kind</span><span class="pi">:</span> <span class="s">DaemonSet</span> <span class="na">metadata</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">privileged</span> <span class="na">spec</span><span class="pi">:</span> <span class="na">selector</span><span class="pi">:</span> <span class="na">matchLabels</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">privileged-container</span> <span class="na">template</span><span class="pi">:</span> <span class="na">metadata</span><span class="pi">:</span> <span class="na">labels</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">privileged-container</span> <span class="na">spec</span><span class="pi">:</span> <span class="na">containers</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">busybox</span> <span class="na">image</span><span class="pi">:</span> <span class="s">busybox</span> <span class="na">command</span><span class="pi">:</span> <span class="pi">[</span><span class="s2">"</span><span class="s">/bin/sh"</span><span class="pi">,</span><span class="s2">"</span><span class="s">-c"</span><span class="pi">]</span> <span class="na">args</span><span class="pi">:</span> <span class="pi">[</span><span class="s2">"</span><span class="s">mkdir</span><span class="nv"> </span><span class="s">-p</span><span class="nv"> </span><span class="s">host/mnt/huge;</span><span class="nv"> </span><span class="s">mount</span><span class="nv"> </span><span class="s">-t</span><span class="nv"> </span><span class="s">hugetlbfs</span><span class="nv"> </span><span class="s">nodev</span><span class="nv"> </span><span class="s">host/mnt/huge;</span><span class="nv"> </span><span class="s">echo</span><span class="nv"> </span><span class="s">1024</span><span class="nv"> </span><span class="s">&gt;</span><span class="nv"> </span><span class="s">/sys/devices/system/node/node0/hugepages/hugepages-2048kB/nr_hugepages"</span><span class="pi">]</span> <span class="na">resources</span><span class="pi">:</span> <span class="na">limits</span><span class="pi">:</span> <span class="na">cpu</span><span class="pi">:</span> <span class="s">200m</span> <span class="na">memory</span><span class="pi">:</span> <span class="s">100Mi</span> <span class="na">requests</span><span class="pi">:</span> <span class="na">cpu</span><span class="pi">:</span> <span class="s">100m</span> <span class="na">memory</span><span class="pi">:</span> <span class="s">50Mi</span> <span class="na">stdin</span><span class="pi">:</span> <span class="no">true</span> <span class="na">securityContext</span><span class="pi">:</span> <span class="na">privileged</span><span class="pi">:</span> <span class="no">true</span> <span class="na">volumeMounts</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">host-root-volume</span> <span class="na">mountPath</span><span class="pi">:</span> <span class="s">/host</span> <span class="na">readOnly</span><span class="pi">:</span> <span class="no">false</span> <span class="na">volumes</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">host-root-volume</span> <span class="na">hostPath</span><span class="pi">:</span> <span class="na">path</span><span class="pi">:</span> <span class="s">/</span> <span class="na">hostNetwork</span><span class="pi">:</span> <span class="no">true</span> <span class="na">hostPID</span><span class="pi">:</span> <span class="no">true</span> <span class="na">restartPolicy</span><span class="pi">:</span> <span class="s">Always</span> <span class="s">EOF</span> </code></pre> </div> <p>To finally enable the HugePages on the nodes enter on each node and do:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>systemctl daemon-reload systemctl restart kubelet </code></pre> </div> <p>You need to restart the nodes via CLI or from the portal, for the HugePages to be enabled on the nodes.</p> <blockquote> <p><strong>Inspiration Articles:</strong></p> <p><a href="https://dev.to/dannypsnl/hugepages-on-kubernetes-5e7p">HugePages on Kubernetes - DEV Community 👩‍💻👨‍💻</a></p> </blockquote>