Layer-by-Layer Cgroup in Kubernetes
Explore the implementation details about Cgroup
Those who are well up in Cloud development would easily recognize that the Linux cgroup laid the foundation for container technology like Docker and Kubernetes.
Kubernetes is a tool that manages and orchestrates a large number of containers. And when configuring or deploying a pod, users can allocate resources to the single container via resource’s request and limit. While it is thought-provoking when the pod fails and the status is “OOMKilled”. What are the logics hidden behind it? And which Kubernetes component is actually taking effect here?
That is Kubelet, which runs on the worker nodes in the Kubernetes cluster, manages the pod lifecycle, connects to runtime interfaces like CRI, CNI, CSI, etc., providing resources to the Pod through cgroup in line with the configuration, and expelling or OOMKilled pods when the usage exceeds.
Cgroup In Brief
Cgroups, short for Control Groups, is provided by the Linux kernel. It is applied to restrict, record, and isolate the physical resources (CPU, memory, i/o) used by process groups.
Cgroups can respectively form a tree structure composed of multiple sub cgroups, according to different resource types, so as to uniformly control…
