feat: Updating kubelet/kube-proxy to run with as high priority processes (#4073)

* feat: Updating kubelet/kube-proxy to run with as high priority processes * fixup! feat: Updating kubelet/kube-proxy to run with as high priority processes * load runprocess.dll if it is exists because it is signed
2020-12-16 11:16:43 -08:00 · 2020-12-16 11:16:43 -08:00 · d8807cb67c
--- a/staging/provisioning/windows/kubeletstart.ps1
+++ b/staging/provisioning/windows/kubeletstart.ps1
@ -197,9 +197,8 @@ if ($global:NetworkPlugin -eq "azure") {
    # This was fixed in 1.15, workaround still needed for 1.14 https://github.com/kubernetes/kubernetes/pull/78612
    Restart-Service Kubeproxy

-    # startup the service
+    # Set env file for Azure Stack
    $env:AZURE_ENVIRONMENT_FILEPATH = "c:\k\azurestackcloud.json"
-    Invoke-Expression $KubeletCommandLine
 }

 if ($global:NetworkPlugin -eq "kubenet") {
@ -247,12 +246,21 @@ if ($global:NetworkPlugin -eq "kubenet") {
            # Add route to all other POD networks
            Update-CNIConfigKubenetDocker $podCIDR $masterSubnetGW
        }
-
-        # startup the service
-        Invoke-Expression $KubeletCommandLine
    }
    catch {
        Write-Error $_
    }
-
 }
+
+# Start the kubelet
+# Use run-process.cs to set process priority class as 'AboveNormal'
+# Load a signed version of runprocess.dll if it exists for Azure SysLock compliance
+# otherwise load class from cs file (for CI/testing)
+if (Test-Path "$global:KubeDir\runprocess.dll") {
+    [System.Reflection.Assembly]::LoadFrom("$global:KubeDir\runprocess.dll")
+} else {
+    Add-Type -Path "$global:KubeDir\run-process.cs"
+}
+$exe = "$global:KubeDir\kubelet.exe"
+$args = ($KubeletArgList -join " ")
+[RunProcess.exec]::RunProcess($exe, $args, [System.Diagnostics.ProcessPriorityClass]::AboveNormal)
--- a/staging/provisioning/windows/kubeproxystart.ps1
+++ b/staging/provisioning/windows/kubeproxystart.ps1
@ -31,5 +31,14 @@ Import-Module $global:HNSModule
 # and https://github.com/kubernetes/kubernetes/pull/78612 for <= 1.15
 Get-HnsPolicyList | Remove-HnsPolicyList

-$KubeproxyCmdline = "$global:KubeDir\kube-proxy.exe "+ ($global:KubeproxyArgList -join " ")
-Invoke-Expression $KubeproxyCmdline
+# Use run-process.cs to set process priority class as 'AboveNormal'
+# Load a signed version of runprocess.dll if it exists for Azure SysLock compliance
+# otherwise load class from cs file (for CI/testing)
+if (Test-Path "$global:KubeDir\runprocess.dll") {
+    [System.Reflection.Assembly]::LoadFrom("$global:KubeDir\runprocess.dll")
+} else {
+    Add-Type -Path "$global:KubeDir\run-process.cs"
+}
+$exe = "$global:KubeDir\kube-proxy.exe"
+$args = ($global:KubeproxyArgList -join " ")
+[RunProcess.exec]::RunProcess($exe, $args, [System.Diagnostics.ProcessPriorityClass]::AboveNormal)
--- a/staging/provisioning/windows/run-process.cs
+++ b/staging/provisioning/windows/run-process.cs
@ -0,0 +1,48 @@
+using System;
+using System.Diagnostics;
+using System.IO;
+using System.Threading;
+
+namespace RunProcess
+{
+    public static class exec
+    {
+        public static void StdOutHandler(object sender, DataReceivedEventArgs e) {
+            Console.WriteLine(e.Data);
+        }
+
+        public static void StdErrHandler(object sender, DataReceivedEventArgs e) {
+            Console.Error.WriteLine(e.Data);
+        }
+        
+        // RunProcess starts a process, sets the priority class of that process to 'High'
+        // and redirects all standard output / error for logging.
+        public static int RunProcess(string executable, string args = "", ProcessPriorityClass priorityClass = ProcessPriorityClass.Normal) {
+            Process p = new Process();
+            p.StartInfo.FileName = executable;
+            p.StartInfo.WorkingDirectory = Path.GetDirectoryName(executable);
+            p.StartInfo.UseShellExecute = false;
+            p.StartInfo.CreateNoWindow = true;
+            p.StartInfo.RedirectStandardOutput = true;
+            p.StartInfo.RedirectStandardError = true;
+
+            if (!String.IsNullOrEmpty(args)) {
+                p.StartInfo.Arguments = args;
+            }
+
+            p.OutputDataReceived += new DataReceivedEventHandler(StdOutHandler);
+            p.ErrorDataReceived += new DataReceivedEventHandler(StdErrHandler);
+
+            p.Start();
+            p.BeginOutputReadLine();
+            p.BeginErrorReadLine();
+
+            // I don't know why this sleep is needed but it is :-/
+            Thread.Sleep(2000);
+            p.PriorityClass = priorityClass;
+            p.WaitForExit();
+
+            return p.ExitCode;
+        }
+    }
+}