Workload partitioning

Workload partitioning is a Technology Preview feature only. Technology Preview features are not supported with Red Hat production service level agreements (SLAs) and might not be functionally complete. Red Hat does not recommend using them in production. These features provide early access to upcoming product features, enabling customers to test functionality and provide feedback during the development process.

For more information about the support scope of Red Hat Technology Preview features, see Technology Preview Features Support Scope.

In resource-constrained environments, you can use workload partitioning to isolate OKD services, cluster management workloads, and infrastructure pods to run on a reserved set of CPUs.

The minimum number of reserved CPUs required for the cluster management is four CPU Hyper-Threads (HTs). With workload partitioning, you annotate the set of cluster management pods and a set of typical add-on Operators for inclusion in the cluster management workload partition. These pods operate normally within the minimum size CPU configuration. Additional Operators or workloads outside of the set of minimum cluster management pods require additional CPUs to be added to the workload partition.

Workload partitioning isolates user workloads from platform workloads using standard Kubernetes scheduling capabilities.

The following changes are required for workload partitioning:

  1. In the install-config.yaml file, add the additional field: cpuPartitioningMode.

    1. apiVersion: v1
    2. baseDomain: devcluster.openshift.com
    3. cpuPartitioningMode: AllNodes (1)
    4. compute:
    5.   - architecture: amd64
    6.     hyperthreading: Enabled
    7.     name: worker
    8.     platform: {}
    9.     replicas: 3
    10. controlPlane:
    11.   architecture: amd64
    12.   hyperthreading: Enabled
    13.   name: master
    14.   platform: {}
    15.   replicas: 3
    1Sets up a cluster for CPU partitioning at install time. The default value is None.

    Workload partitioning can only be enabled during cluster installation. You cannot disable workload partitioning post-installation.

  2. In the performance profile, specify the isolated and reserved CPUs.

    1. apiVersion: performance.openshift.io/v2
    2. kind: PerformanceProfile
    3. metadata:
    4.   name: openshift-node-workload-partitioning-worker
    5. spec:
    6.   cpu:
    7.     isolated: 0,1 (1)
    8.     reserved: "2-3" (2)
    9.   machineConfigPoolSelector:
    10.     pools.operator.machineconfiguration.openshift.io/worker: ""
    11.   nodeSelector:
    12.     node-role.kubernetes.io/worker: ""
    1Sets the isolated CPUs. Ensure all of the Hyper-Threading pairs match.
    2Specifies the CPU set to pin the workloads and the OKD infrastructure pods to. When workload partitioning is enabled, platform containers and platform services such as systemd, CRI-O, and Kubelet are restricted to these CPUs. All CPUs that are not isolated should be reserved.

Workload partitioning introduces an extended management.workload.openshift.io/cores resource type for platform pods. Kubelet advertises the resources and CPU requests by pods allocated to the pool within the corresponding resource. When workload partitioning is enabled, the management.workload.openshift.io/cores resource allows the scheduler to correctly assign pods based on the cpushares capacity of the host, not just the default cpuset.

Additional resources

  • For the recommended workload partitioning configuration for single-node OpenShift clusters, see Workload partitioning.