Enable adjusting memory policy from NRI plugins

[askervin]

This PR implements

• container (default) Linux kernel memory policy adjustment
• container memory policies adjustment by annotation in the device-injector plugin

See set_mempolicy(2) for more details about Linux kernel memory policies.

This PR can be tested using

• this updated containerd branch pointing to this PR
• runc version recent enough to contain opencontainers/runc@3b75374
• the updated device-injector plugin from this PR
• and for instance this test pod

apiVersion: v1
kind: Pod
metadata:
  name: alpine-test
  annotations:
    memory-policy.noderesource.dev/container.c0: |
      mode: MPOL_PREFERRED
      nodes: "1,2"
      flags: [ MPOL_F_STATIC_NODES ]
    memory-policy.noderesource.dev/container.c1: |
      mode: MPOL_INTERLEAVE
      nodes: "0,3"
      flags: [ MPOL_F_STATIC_NODES ]
spec:
  containers:
  - name: c0
    image: alpine:latest
    imagePullPolicy: IfNotPresent
    command:
      - sh
      - -c
      - echo c0 $(sleep inf)
    resources:
      requests:
        cpu: 1
        memory: '100M'
      limits:
        cpu: 9
        memory: '100M'
  - name: c1
    image: alpine:latest
    imagePullPolicy: IfNotPresent
    command:
      - sh
      - -c
      - echo c1 $(sleep inf)
    resources:
      requests:
        cpu: 1
        memory: '100M'
      limits:
        cpu: 9
        memory: '100M'
  terminationGracePeriodSeconds: 1

with something like this

$ kubectl apply -f test-pod.yaml
$ kubectl exec -c c0 alpine-test -- /bin/sh -c "apk add numactl-tools; numactl -s"
...
policy: [32769]
preferred node: physcpubind: 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 
cpubind: 0 1 2 3 
nodebind: 0 1 2 3 
membind: 0 1 2 3 
preferred: 1 2
$ kubectl exec -c c1 alpine-test -- /bin/sh -c "apk add numactl-tools; numactl -s"
...
policy: [32771]
preferred node: physcpubind: 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 
cpubind: 0 1 2 3 
nodebind: 0 1 2 3 
membind: 0 1 2 3 
preferred: 0 3

Enable adjusting Linux memory policy from NRI plugins

[klihub]

@askervin We have now the necessary plumbing in place and tagged in runtime Spec and our NRI deps here updated accordingly. So in principle we could go forward with this PR, but I think it needs a bit more work/additions before we can seriously consider it for merging:

• pull the proposed opencontainers/runtime-tools additions locally to the pkg/runtime-tools/generate wrapper
• pkg/adaptation test case(s) for memory policy adjustment
• documentation updates to mention memory policy adjustment
• ideally, support for memory policy adjustment in the usual suspect, the device-injector sample plugin

[klihub]

@mikebrow @chrishenzie Could we give this a preliminary review, so if there is anything beside the ones already flagged we could try pointing them out and get them addressed in the same round ?

[klihub]

@mikebrow @chrishenzie Looks like all the review comments have been addressed. PTAL, could we get this approved ?

[mikebrow]

The device injector plugin readme is getting a bit long.. WDYT about links from the top.. to each of these plugin supported adjustment types?

TODO... this and a few of the other plugins are getting useful enough that they should probably be mentioned/linked in the main readme.

[klihub]

The device injector plugin readme is getting a bit long.. WDYT about links from the top.. to each of these plugin supported adjustment types?

@mikebrow Do you mean to add a link from each bullet list point at the top of plugins/device-injector/README.md to the related more detailed description chapter later in the same README.md ?

TODO... this and a few of the other plugins are getting useful enough that they should probably be mentioned/linked in the main readme.

👍

Yes, and another TODO is that I promised @samuelkarp to roll a PR for renaming device-injector to something more closely reflecting the current state of affairs, maybe calling it container-adjuster.

[klihub]

The device injector plugin readme is getting a bit long.. WDYT about links from the top.. to each of these plugin supported adjustment types?

@mikebrow Do you mean to add a link from each bullet list point at the top of plugins/device-injector/README.md to the related more detailed description chapter later in the same README.md ?

@mikebrow Assuming that's what you meant I went ahead and updated it accordingly.

[klihub]

@mikebrow @chrishenzie Is there anything else we'd need to address to get this going forward ?

[mikebrow]

LGTM