kubernetes
/
website
mirror of https://github.com/kubernetes/website.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Clean up a task: kubelet-config-file

pull/46064/head
windsonsea 2024-04-29 15:42:08 +08:00 committed by Michael
parent e1ca4c8a46
commit 9647701853
1 changed files with 145 additions and 143 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

288
content/en/docs/tasks/administer-cluster/kubelet-config-file.md
View File

@ -38,6 +38,7 @@ The configuration file must be a JSON or YAML representation of the parameters
in this struct. Make sure the kubelet has read permissions on the file. in this struct. Make sure the kubelet has read permissions on the file.
Here is an example of what this file might look like: Here is an example of what this file might look like:
```yaml ```yaml
apiVersion: kubelet.config.k8s.io/v1beta1 apiVersion: kubelet.config.k8s.io/v1beta1
kind: KubeletConfiguration kind: KubeletConfiguration
@ -54,9 +55,10 @@ evictionHard:
In this example, the kubelet is configured with the following settings: In this example, the kubelet is configured with the following settings:
1. `address`: The kubelet will serve on IP address `192.168.0.8`. 1. `address`: The kubelet will serve on IP address `192.168.0.8`.
2. `port`: The kubelet will serve on port `20250`. 1. `port`: The kubelet will serve on port `20250`.
3. `serializeImagePulls`: Image pulls will be done in parallel. 1. `serializeImagePulls`: Image pulls will be done in parallel.
4. `evictionHard`: The kubelet will evict Pods under one of the following conditions: 1. `evictionHard`: The kubelet will evict Pods under one of the following conditions:
- When the node's available memory drops below 100MiB. - When the node's available memory drops below 100MiB.
- When the node's main filesystem's available space is less than 10%. - When the node's main filesystem's available space is less than 10%.
- When the image filesystem's available space is less than 15%. - When the image filesystem's available space is less than 15%.
@ -119,10 +121,9 @@ stored internally in the kubelet.
This offers you flexibility in how you manage and combine kubelet configuration that comes from different sources. This offers you flexibility in how you manage and combine kubelet configuration that comes from different sources.
However, it's important to note that the behavior varies based on the data type of the configuration fields. However, it's important to note that the behavior varies based on the data type of the configuration fields.
Different data types in the kubelet configuration structure merge differently. Different data types in the kubelet configuration structure merge differently. See the
See the [reference [reference document](/docs/reference/node/kubelet-config-directory-merging.md)
document](/docs/reference/node/kubelet-config-directory-merging.md) for more for more information.
information.
### Kubelet configuration merging order ### Kubelet configuration merging order
@ -135,8 +136,9 @@ On startup, the kubelet merges configuration from:
{{< note >}} {{< note >}}
The config drop-in dir mechanism for the kubelet is similar but different from how the `kubeadm` tool allows you to patch configuration. The config drop-in dir mechanism for the kubelet is similar but different from how the `kubeadm` tool allows you to patch configuration.
The `kubeadm` tool uses a specific [patching strategy](/docs/setup/production-environment/tools/kubeadm/control-plane-flags/#patches) for its configuration, The `kubeadm` tool uses a specific [patching strategy](/docs/setup/production-environment/tools/kubeadm/control-plane-flags/#patches)
whereas the only patch strategy for kubelet configuration drop-in files is `replace`. The kubelet determines the order of merges based on sorting the **suffixes** alphanumerically, for its configuration, whereas the only patch strategy for kubelet configuration drop-in files is `replace`.
The kubelet determines the order of merges based on sorting the **suffixes** alphanumerically,
and replaces every field present in a higher priority file. and replaces every field present in a higher priority file.
{{< /note >}} {{< /note >}}
@ -147,144 +149,144 @@ they can follow these steps to inspect the kubelet configuration:
1. Start a proxy server using [`kubectl proxy`](/docs/reference/kubectl/generated/kubectl-commands#proxy) in your terminal. 1. Start a proxy server using [`kubectl proxy`](/docs/reference/kubectl/generated/kubectl-commands#proxy) in your terminal.
```bash ```bash
kubectl proxy kubectl proxy
``` ```
Which gives output like: Which gives output like:
```bash ```none
Starting to serve on 127.0.0.1:8001 Starting to serve on 127.0.0.1:8001
```
``` 1. Open another terminal window and use `curl` to fetch the kubelet configuration.
2. Open another terminal window and use `curl` to fetch the kubelet configuration. Replace `<node-name>` with the actual name of your node:
Replace `<node-name>` with the actual name of your node:
```bash ```bash
curl -X GET http://127.0.0.1:8001/api/v1/nodes/<node-name>/proxy/configz | jq . curl -X GET http://127.0.0.1:8001/api/v1/nodes/<node-name>/proxy/configz | jq .
``` ```
```bash ```json
{ {
"kubeletconfig": { "kubeletconfig": {
"enableServer": true, "enableServer": true,
"staticPodPath": "/var/run/kubernetes/static-pods", "staticPodPath": "/var/run/kubernetes/static-pods",
"syncFrequency": "1m0s", "syncFrequency": "1m0s",
"fileCheckFrequency": "20s", "fileCheckFrequency": "20s",
"httpCheckFrequency": "20s", "httpCheckFrequency": "20s",
"address": "192.168.1.16", "address": "192.168.1.16",
"port": 10250, "port": 10250,
"readOnlyPort": 10255, "readOnlyPort": 10255,
"tlsCertFile": "/var/lib/kubelet/pki/kubelet.crt", "tlsCertFile": "/var/lib/kubelet/pki/kubelet.crt",
"tlsPrivateKeyFile": "/var/lib/kubelet/pki/kubelet.key", "tlsPrivateKeyFile": "/var/lib/kubelet/pki/kubelet.key",
"rotateCertificates": true, "rotateCertificates": true,
"authentication": { "authentication": {
"x509": { "x509": {
"clientCAFile": "/var/run/kubernetes/client-ca.crt" "clientCAFile": "/var/run/kubernetes/client-ca.crt"
}, },
"webhook": { "webhook": {
"enabled": true, "enabled": true,
"cacheTTL": "2m0s" "cacheTTL": "2m0s"
}, },
"anonymous": { "anonymous": {
"enabled": true "enabled": true
} }
}, },
"authorization": { "authorization": {
"mode": "AlwaysAllow", "mode": "AlwaysAllow",
"webhook": { "webhook": {
"cacheAuthorizedTTL": "5m0s", "cacheAuthorizedTTL": "5m0s",
"cacheUnauthorizedTTL": "30s" "cacheUnauthorizedTTL": "30s"
} }
}, },
"registryPullQPS": 5, "registryPullQPS": 5,
"registryBurst": 10, "registryBurst": 10,
"eventRecordQPS": 50, "eventRecordQPS": 50,
"eventBurst": 100, "eventBurst": 100,
"enableDebuggingHandlers": true, "enableDebuggingHandlers": true,
"healthzPort": 10248, "healthzPort": 10248,
"healthzBindAddress": "127.0.0.1", "healthzBindAddress": "127.0.0.1",
"oomScoreAdj": -999, "oomScoreAdj": -999,
"clusterDomain": "cluster.local", "clusterDomain": "cluster.local",
"clusterDNS": [ "clusterDNS": [
"10.0.0.10" "10.0.0.10"
], ],
"streamingConnectionIdleTimeout": "4h0m0s", "streamingConnectionIdleTimeout": "4h0m0s",
"nodeStatusUpdateFrequency": "10s", "nodeStatusUpdateFrequency": "10s",
"nodeStatusReportFrequency": "5m0s", "nodeStatusReportFrequency": "5m0s",
"nodeLeaseDurationSeconds": 40, "nodeLeaseDurationSeconds": 40,
"imageMinimumGCAge": "2m0s", "imageMinimumGCAge": "2m0s",
"imageMaximumGCAge": "0s", "imageMaximumGCAge": "0s",
"imageGCHighThresholdPercent": 85, "imageGCHighThresholdPercent": 85,
"imageGCLowThresholdPercent": 80, "imageGCLowThresholdPercent": 80,
"volumeStatsAggPeriod": "1m0s", "volumeStatsAggPeriod": "1m0s",
"cgroupsPerQOS": true, "cgroupsPerQOS": true,
"cgroupDriver": "systemd", "cgroupDriver": "systemd",
"cpuManagerPolicy": "none", "cpuManagerPolicy": "none",
"cpuManagerReconcilePeriod": "10s", "cpuManagerReconcilePeriod": "10s",
"memoryManagerPolicy": "None", "memoryManagerPolicy": "None",
"topologyManagerPolicy": "none", "topologyManagerPolicy": "none",
"topologyManagerScope": "container", "topologyManagerScope": "container",
"runtimeRequestTimeout": "2m0s", "runtimeRequestTimeout": "2m0s",
"hairpinMode": "promiscuous-bridge", "hairpinMode": "promiscuous-bridge",
"maxPods": 110, "maxPods": 110,
"podPidsLimit": -1, "podPidsLimit": -1,
"resolvConf": "/run/systemd/resolve/resolv.conf", "resolvConf": "/run/systemd/resolve/resolv.conf",
"cpuCFSQuota": true, "cpuCFSQuota": true,
"cpuCFSQuotaPeriod": "100ms", "cpuCFSQuotaPeriod": "100ms",
"nodeStatusMaxImages": 50, "nodeStatusMaxImages": 50,
"maxOpenFiles": 1000000, "maxOpenFiles": 1000000,
"contentType": "application/vnd.kubernetes.protobuf", "contentType": "application/vnd.kubernetes.protobuf",
"kubeAPIQPS": 50, "kubeAPIQPS": 50,
"kubeAPIBurst": 100, "kubeAPIBurst": 100,
"serializeImagePulls": true, "serializeImagePulls": true,
"evictionHard": { "evictionHard": {
"imagefs.available": "15%", "imagefs.available": "15%",
"memory.available": "100Mi", "memory.available": "100Mi",
"nodefs.available": "10%", "nodefs.available": "10%",
"nodefs.inodesFree": "5%" "nodefs.inodesFree": "5%"
}, },
"evictionPressureTransitionPeriod": "1m0s", "evictionPressureTransitionPeriod": "1m0s",
"enableControllerAttachDetach": true, "enableControllerAttachDetach": true,
"makeIPTablesUtilChains": true, "makeIPTablesUtilChains": true,
"iptablesMasqueradeBit": 14, "iptablesMasqueradeBit": 14,
"iptablesDropBit": 15, "iptablesDropBit": 15,
"featureGates": { "featureGates": {
"AllAlpha": false "AllAlpha": false
}, },
"failSwapOn": false, "failSwapOn": false,
"memorySwap": {}, "memorySwap": {},
"containerLogMaxSize": "10Mi", "containerLogMaxSize": "10Mi",
"containerLogMaxFiles": 5, "containerLogMaxFiles": 5,
"configMapAndSecretChangeDetectionStrategy": "Watch", "configMapAndSecretChangeDetectionStrategy": "Watch",
"enforceNodeAllocatable": [ "enforceNodeAllocatable": [
"pods" "pods"
], ],
"volumePluginDir": "/usr/libexec/kubernetes/kubelet-plugins/volume/exec/", "volumePluginDir": "/usr/libexec/kubernetes/kubelet-plugins/volume/exec/",
"logging": { "logging": {
"format": "text", "format": "text",
"flushFrequency": "5s", "flushFrequency": "5s",
"verbosity": 3, "verbosity": 3,
"options": { "options": {
"json": { "json": {
"infoBufferSize": "0" "infoBufferSize": "0"
} }
} }
}, },
"enableSystemLogHandler": true, "enableSystemLogHandler": true,
"enableSystemLogQuery": false, "enableSystemLogQuery": false,
"shutdownGracePeriod": "0s", "shutdownGracePeriod": "0s",
"shutdownGracePeriodCriticalPods": "0s", "shutdownGracePeriodCriticalPods": "0s",
"enableProfilingHandler": true, "enableProfilingHandler": true,
"enableDebugFlagsHandler": true, "enableDebugFlagsHandler": true,
"seccompDefault": false, "seccompDefault": false,
"memoryThrottlingFactor": 0.9, "memoryThrottlingFactor": 0.9,
"registerNode": true, "registerNode": true,
"localStorageCapacityIsolation": true, "localStorageCapacityIsolation": true,
"containerRuntimeEndpoint": "unix:///var/run/crio/crio.sock" "containerRuntimeEndpoint": "unix:///var/run/crio/crio.sock"
} }
} }
``` ```
<!-- discussion --> <!-- discussion -->
@ -294,4 +296,4 @@ curl -X GET http://127.0.0.1:8001/api/v1/nodes/<node-name>/proxy/configz | jq .
[`KubeletConfiguration`](/docs/reference/config-api/kubelet-config.v1beta1/) [`KubeletConfiguration`](/docs/reference/config-api/kubelet-config.v1beta1/)
reference. reference.
- Learn more about kubelet configuration merging in the - Learn more about kubelet configuration merging in the
[reference document](/docs/reference/node/kubelet-config-directory-merging.md). [reference document](/docs/reference/node/kubelet-config-directory-merging.md).