system-validators icon indicating copy to clipboard operation
system-validators copied to clipboard

Published 20 hours ago verified publisher icon kubernetes

kernel version can be 4.4 & 4.19+; recommend version 5.8 for cgroup v2

Open pacoxu opened this issue 1 year ago • 3 comments
trafficstars

For kernel long term support, see https://wiki.linuxfoundation.org/civilinfrastructureplatform/start and https://endoflife.date/linux

  • 4.4 & 4.19 are selected as kernel Super Long Term Support (SLTS), and the Civil Infrastructure Platform will provide support until at least 2026.
  • For cgroup v2, Kubernetes recommends to use 5.8 and later, and in runc docs, the minimal version is 4.15 and 5.2+ is recommended.

Other comments that may be related:

In Kubernetes 1.31, cgroup v1 is moved to maintenance mode and 4.14 LTS EOF in Jan 2024 (linux, LTS) , besides, centos 7 is EOL in June 30, 2024. I chosen 4.15 as runc.

  • for kernel minimal version, choosing 4.15 as runc + cgroup v2 https://github.com/opencontainers/runc/blob/3778ae603c706494fd1e2c2faf83b406e38d687d/docs/cgroup-v2.md?plain=1#L24
    • kernel >= 4.15 with CONFIG_CGROUP_DEVICE and CONFIG_CGROUP_BPF is required. From https://github.com/containerd/containerd/pull/3799#issuecomment-555740694.
    • cpu (since Linux 4.15)
  • cgroup v2: Kubernetes recommended kernel version https://kubernetes.io/docs/concepts/architecture/cgroups/

More details can be found in https://github.com/kubernetes/kubernetes/issues/116799.

The v1.31 KEP https://github.com/kubernetes/enhancements/issues/4569

  • https://github.com/kubernetes/enhancements/blob/master/keps/sig-node/4569-cgroup-v1-maintenance-mode/README.md KEP-4569: Moving cgroup v1 support into maintenance mode

Other minimal kernel version candidates

  • kernel 4.5 announced that cgroup v2 is not experimental anymore, as it supports io/pids/memory.
  • runc recommends 5.2+ as 5.2 supports freezer.

pacoxu avatar Jul 24 '24 09:07 pacoxu

/assign @neolit123 @SataQiu

pacoxu avatar Jul 24 '24 09:07 pacoxu

Updated.

pacoxu avatar Jul 25 '24 21:07 pacoxu

/hold drop the hold if needed.

neolit123 avatar Jul 31 '24 06:07 neolit123

should we create a release after this PR merges?

Yes.

/hold drop the hold if needed.

We may wait for another week or two in case SIG-Node owners have some inputs.

pacoxu avatar Jul 31 '24 07:07 pacoxu

should we create a release after this PR merges?

Yes.

/hold drop the hold if needed.

We may wait for another week or two in case SIG-Node owners have some inputs.

you should probably give them a ping on slack, or they will miss this.

neolit123 avatar Jul 31 '24 08:07 neolit123

According to some discussions in https://github.com/endoflife-date/endoflife.date/pull/5608#issuecomment-2268591430, the CIP seems to be not in https://www.kernel.org/category/releases.html and maintained in a different place(gitlab) than torvalds/linux.

I prefer to remove the 4.4.* here.

pacoxu avatar Aug 06 '24 07:08 pacoxu

According to some discussions in endoflife-date/endoflife.date#5608 (comment), the CIP seems to be not in https://www.kernel.org/category/releases.html and maintained in a different place(gitlab) than torvalds/linux.

I prefer to remove the 4.4.* here.

+1 to keep only official lts

neolit123 avatar Aug 06 '24 07:08 neolit123

Updated in commit: update according to kernel official active kernel releases.

pacoxu avatar Aug 06 '24 08:08 pacoxu

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: neolit123, pacoxu, SataQiu

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:
  • ~~OWNERS~~ [SataQiu,neolit123]

Approvers can indicate their approval by writing /approve in a comment Approvers can cancel approval by writing /approve cancel in a comment

k8s-ci-robot avatar Aug 06 '24 08:08 k8s-ci-robot

/unhold @neolit123 Could you trigger a release after v1.31.0 is released this week?

pacoxu avatar Aug 12 '24 02:08 pacoxu