Epic Goal

Develop and implement a mechanism to allow the CNV team to set the swapBehavior to LimitedSwap.

• This task requires the implementation of a separate, hidden configuration that is not exposed to the general openshift users. The goal is to provide a specific exception for CNV (in future other teams) without compromising the overall "no swap" policy for external users.

• This work should be done in collaboration with the CNV team to ensure the solution meets their specific needs and doesn't create any new support challenges.

High level Design

• The Node Team will enable config-dir (TODO:dir-name), a directory on the worker node. If this optional directory is not present, there will be no error or log.

• The CNV team will use a drop-in file to populate a kubelet config file. The file will be named 99-kubelet-limited-swap.conf and will have the following content:
  YAML
   
  apiVersion: kubelet.config.k8s.io/v1beta1
  kind: KubeletConfiguration
  memorySwap:
  swapDesired: LimitedSwap
• Kubelet will use the config file on the next restart
• When a drop-in file is placed on a control plane node, it will have no impact, as config-dir is not configured for it.

Exclusions

• No validation will be performed on the file format.
• If failSwapOn or other parameters are set by the drop-in, they will override the existing KubeletConfiguration without any validation to prevent it.
• There will be no option to change the drop-in directory itself.

Why is this important?

• Its important for CNV folks to use swap memory for their usecases. TODO add some use cases

  Scenarios

  Scenario: Testing by Node Team - LimitedSwap Enabled

• Given: A worker node is being provisioned with a config-dir directory.

• And: A drop-in file named 99-kubelet-limited-swap.conf with the LimitedSwap content is placed in that directory before the node is created.

• When: The kubelet service starts on the node.

• Then: The kubelet should correctly load the drop-in configuration and enable LimitedSwap which can be verified by looking at the Kubelet logs.

Scenario: Testing by Node Team - Revert to NoSwap

• Given: A worker node is running with swapDesired set to LimitedSwap due to the 99-kubelet-limited-swap.conf drop-in file.

• When: The drop-in file is removed from the config-dir, and the kubelet service is restarted.

• Then: The kubelet should revert to its default configuration, and the swapDesired value should be set to NoSwap.

Scenario: Testing by CNV Team for swap usage

• Given: A worker node has swap enabled at the kernel level (e.g., using the swapon command).

• And: The 99-kubelet-limited-swap.conf drop-in file with memorySwap: { swapDesired: LimitedSwap }}} is placed in the {{{}config-dir.

• When: The kubelet service starts or is restarted.

• Then: The kubelet should be able to recognize and utilize the swap memory, confirming that the LimitedSwap configuration is correctly applied and functional.

Acceptance Criteria

• CI - MUST be running successfully with tests automated
• Release Technical Enablement - Provide necessary release enablement details and documents.
• ...

Dependencies (internal and external)

1. CNV team
2. MCO Team
3. OpenShift API Team

Previous Work (Optional):

1. …

Open questions:

1. Discuss with the team on the config-dir location.
2. Get a final go-ahead from CNV and Node team on the design.

Done Checklist

• CI - CI is running, tests are automated and merged.
• Release Enablement <link to Feature Enablement Presentation>
• DEV - Upstream code and tests merged: <link to meaningful PR or GitHub Issue>
• DEV - Upstream documentation merged: <link to meaningful PR or GitHub Issue>
• DEV - Downstream build attached to advisory: <link to errata>
• QE - Test plans in Polarion: <link or reference to Polarion>
• QE - Automated tests merged: <link or reference to automated tests>
• DOC - Downstream documentation merged: <link to meaningful PR>