How to configure and resource control Kubelet with configuration file for v1.15.0

最新推荐文章于 2021-06-30 09:35:08 发布
最新推荐文章于 2021-06-30 09:35:08 发布
阅读量227 收藏
点赞数
分类专栏: Kubernetes
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/IamWilliamZhao/article/details/95945894
版权

Since Kubernetes v1.10, K8s considered to configure kubelet with configuration file, this has become a recommended approach because its simplifies node deployment and configuration management. in this article, I will describe how to use a configuration file to configure kubelet to do resource control.

how to pass a configuration file to kubelet

we need to use --config flag to set a path to a configure file to kubelet in kubelet service conf file, when system start kubelet, will pass this configuration to kubelet

在这里插入图片描述在这里插入图片描述when we initial Kubernetes cluster, this /var/lib/kubelet/config.yaml file will be generated by kubeadm tool with default value if we do not set any parameter for KubeletConfiguration in cluster configuration file. In below example, we give some parameters to enable resource management for K8s, all these parameters will write to config.yaml file

apiVersion: kubelet.config.k8s.io/v1beta1
kind: KubeletConfiguration
cgroupDriver: systemd
systemReserved:
  cpu: 1
  memory: 1Gi
  ephemeral-storage: 10Gi
systemReservedCgroup: /system.slice
kubeReserved:
  cpu: 1
  memory: 2Gi
  ephemeral-storage: 10Gi
kubeReservedCgroup: /system.slice/kubelet.service

enforceNodeAllocatable:
- pods
- kube-reserved
- system-reserved

evictionHard:
  imagefs.available: 15%
  memory.available: 500Mi
  nodefs.available: 10%
  nodefs.inodesFree: 5%

Since we use linux CGroup(control groups) in this example to manage resource for Kubernetes, so we need to create some new groups for Kubelet under cgroup before we initial K8s cluster, you can put all these steps into kubelet service configuration file

/etc/systemd/system/kubelet.service.d/10-kubeadm.conf
(redhat /usr/lib/systemd/system/kubelet.service.d/10-kubeadm.conf)
vi /etc/systemd/system/kubelet.service.d/10-kubeadm.conf
add following:
ExecStartPre=/bin/mkdir -p /sys/fs/cgroup/cpuset/system.slice/kubelet.service
ExecStartPre=/bin/mkdir -p /sys/fs/cgroup/pids/system.slice/kubelet.service
ExecStartPre=/bin/mkdir -p /sys/fs/cgroup/devices/system.slice/kubelet.service
ExecStartPre=/bin/mkdir -p /sys/fs/cgroup/memory/system.slice/kubelet.service
ExecStartPre=/bin/mkdir -p /sys/fs/cgroup/hugetlb/system.slice/kubelet.service
ExecStartPre=/bin/mkdir -p /sys/fs/cgroup/cpu,cpuacct/system.slice/kubelet.service
ExecStartPre=/bin/mkdir -p /sys/fs/cgroup/blkio/system.slice/kubelet.service
ExecStartPre=/bin/mkdir -p /sys/fs/cgroup/systemd/system.slice/kubelet.service
ExecStartPre=/bin/mkdir -p /sys/fs/cgroup/systemd/system.slice/docker.service

after we done above steps, then we can use below command to initize cluster:

kubeadm init --config=/etc/kubernetes/k8s-cluster-bi.yaml --upload-certs

the config.yaml will be generated:

address: 0.0.0.0

apiVersion: kubelet.config.k8s.io/v1beta1
authentication:
anonymous:
enabled: false
webhook:
cacheTTL: 2m0s
enabled: true
x509:
clientCAFile: /etc/kubernetes/pki/ca.crt
authorization:
mode: Webhook
webhook:
cacheAuthorizedTTL: 5m0s
cacheUnauthorizedTTL: 30s
cgroupDriver: cgroupfs
cgroupsPerQOS: true
clusterDNS:

  • 172.17.0.10
    clusterDomain: cluster.local
    configMapAndSecretChangeDetectionStrategy: Watch
    containerLogMaxFiles: 5
    containerLogMaxSize: 10Mi
    contentType: application/vnd.kubernetes.protobuf
    cpuCFSQuota: true
    cpuCFSQuotaPeriod: 100ms
    cpuManagerPolicy: none
    cpuManagerReconcilePeriod: 10s
    enableControllerAttachDetach: true
    enableDebuggingHandlers: true
    enforceNodeAllocatable:
  • pods
  • kube-reserved
  • system-reserved
    eventBurst: 10
    eventRecordQPS: 5
    evictionHard:
    imagefs.available: 15%
    memory.available: 500Mi
    nodefs.available: 10%
    nodefs.inodesFree: 5%
    evictionPressureTransitionPeriod: 5m0s
    failSwapOn: true
    fileCheckFrequency: 20s
    hairpinMode: promiscuous-bridge
    healthzBindAddress: 127.0.0.1
    healthzPort: 10248
    httpCheckFrequency: 20s
    imageGCHighThresholdPercent: 85
    imageGCLowThresholdPercent: 80
    imageMinimumGCAge: 2m0s
    iptablesDropBit: 15
    iptablesMasqueradeBit: 14
    kind: KubeletConfiguration
    kubeAPIBurst: 10
    kubeAPIQPS: 5
    kubeReserved:
    cpu: 1000m
    ephemeral-storage: 10Gi
    memory: 2Gi
    kubeReservedCgroup: /system.slice/kubelet.service
    makeIPTablesUtilChains: true
    maxOpenFiles: 1000000
    maxPods: 110
    nodeLeaseDurationSeconds: 40
    nodeStatusReportFrequency: 1m0s
    nodeStatusUpdateFrequency: 10s
    oomScoreAdj: -999
    podPidsLimit: -1
    port: 10250
    registryBurst: 10
    registryPullQPS: 5
    resolvConf: /etc/resolv.conf
    rotateCertificates: true
    runtimeRequestTimeout: 2m0s
    serializeImagePulls: true
    staticPodPath: /etc/kubernetes/manifests
    streamingConnectionIdleTimeout: 4h0m0s
    syncFrequency: 1m0s
    systemReserved:
    cpu: 1000m
    ephemeral-storage: 10Gi
    memory: 1Gi
    systemReservedCgroup: /system.slice
    volumeStatsAggPeriod: 1m0s

then you can use command to check other nodes resource allocatable number

kubectl describe node ppydalbik0101

Capacity:
 cpu:                16
 ephemeral-storage:  102821812Ki
 hugepages-1Gi:      0
 hugepages-2Mi:      0
 memory:             65943252Ki
 pods:               110
Allocatable:
 cpu:                14
 ephemeral-storage:  73285745303
 hugepages-1Gi:      0
 hugepages-2Mi:      0
 memory:             62285524Ki
 pods:               110
William-Zhao
关注
  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
kubelet最佳配置
weixin_33724659的博客
05-04 738
2019独角兽企业重金招聘Python工程师标准>>> ...
k8s基础理论
热门推荐
喀喀喀的博客
04-21 7万+
1.核心对象 NameSpaces 当集群有多个用户或一个用户有多个应用需要管理时,需要对被管理的对象进行隔离。不同的对象被划分到不同的namespaces后,可以通过权限控制来限制用户以何种权限访问namespaces的哪些对象,进而构建一个多租户,彼此隔离的通用集群。 namespaes,它提供一种内核级别的隔离方式,系统可以为进程分配不同的namespaces,并保证不同namespace资源独立分配,进程彼此隔离,即不同的namespace下的进程互不干扰。 namespace提供六项隔离:分别是
kubelet源码跟踪 release-1.15
韦远科的专栏
06-19 615
kubernetes中,kubelet进程负责对各节点进行管理,包括各节点资源的上报、落在该节点上的pod的声明周期管理以及其他的一些周期性任务,本文大致走查一下kubelet进程从启动到执行的整个流程,希望对大家有所帮助。 kubernetes中所有的可执行文件都在cmd目录下,kubelete也不例外。 #cmd/kubelet/kubelet.go:35 func main() { ...
Kubernetes探秘—kubelet的配置参数
weixin_33749131的博客
12-12 954
2019独角兽企业重金招聘Python工程师标准>>> ...
kubernetes源码阅读笔记——Kubelet(之一)
weixin_30740581的博客
03-04 226
KubeletKubernetes集群中node节点的核心组件之一,其作用是管理运行在Pod中的容器,使其处于正常运行状态。 Kubelet的启动函数代码位于cmd/kubelet/kubelet.go中,仍是通过cobra注册。 cmd/kubelet/kubelet.gofunc main() { rand.Seed(time.Now().UnixNano()) ...
How to Use Source Control in MATLAB with GitHub.zip
最新发布
08-11
在MATLAB中,选择“Source Control”->“Push”命令,输入GitHub仓库URL和凭证,然后提交你的更改。同样,你也可以通过“Pull”操作来获取远程仓库的最新更改。 协同工作时,经常需要合并其他人的更改。MATLAB提供...
How to Configure User Status in mySAP SRM.pdf
11-21
How to Configure User Status in mySAP SRM.pdf
How to configure OneFS to allow NFS mounts from unprivileged ports
12-04
How to configure OneFS to allow NFS mounts from unprivileged ports
modem-setting.zip_How To Network
09-19
how to configure or add a new modem to a workstation network, so we can use 2 line of connection
How to configure ODBC DSN to access local DB2 for Windows
10-25
This article introduces how to configure ODBC DSN in Server to access local DB2 for windows in detail. Then I give a sample how to access local DB2 database with ODBC by DB Query Analyzer expediently.
从一次集群雪崩看Kubelet资源预留的正确姿势
weixin_34148456的博客
03-04 523
2019独角兽企业重金招聘Python工程师标准>>> ...
自用
w182757427的博客
05-20 336
K8S-HA集群部署文档 节点规划 10.88.29.46 master etcd 10.88.29.47 master etcd 10.88.29.48 master etcd 10.88.31.27 node 10.88.31.28 node 10.88.31.30 node 1、cluster-ip 10.96.0.1/16 证书生成工具 wget https://pkg.cfssl.org/R1.2/cfssl_linux-amd64 chmod +x cfssl_linux-amd64 mv ..
Kubelet资源预留
weixin_33874713的博客
05-28 408
目录 Kubelet Node Allocatable 配置参数 配置示例 Kubelet Node Allocatable Kubelet Node Allocatable用来为Kube组件和System进程预留资源,从而保证当节点出现满负荷时也能保证Kube和System进程有...
kubectl config配置示例
zhangxiangui40542的专栏
08-14 2万+
kubectl config操作详解 kubectl config操作的是$HOME/.kube/config文件,eg:/root/.kube/config 1、查看config文件 [root@SZD-L0105331 kube-system-rbac]# kubectl config view apiVersion: v1 clusters: [] contexts: []...
Kubernetes 安装常见问题FAQ
锐意工作室
10-22 1393
Kubernetes 安装常见问题FAQ 前言 Linux 问题 Swap 问题 SELinux 问题 Firewalld 问题 重启后问题 端口问题 磁盘空间问题 内存问题 CPU问题 Docker问题 Docker版本问题 cgroup问题 科学上网问题 gcr.io 镜像拉取问题 网络问题 访问官方CentOS Yum源慢 访问官方Docker Yum慢或Docker镜像仓库...
kubernetes:kubelet cgroup driver: "systemd" is different from docker cgroup driver: "cgroupfs"
feiger的专栏
10-08 4334
背景: journalctl -u kubelet 查看kubectl日志发现报错如下 error: failed to run Kubelet: failed to create kubelet: misconfiguration: kubelet cgroup driver: "systemd" is different from docker cgroup driver: "cgroup...
如何为你的Kubernetes保驾护航?
乔克叔叔的博客
06-30 123
> 作者:乔克 公众号:运维开发故事 随着Kubernetes的不断发展,技术不断成熟,越来越多的公司选择把自家的应用部署到Kubernetes中。但是把应用部署到Kubernetes中就完事了吗?显然不是,应用容器化只是万里长征的第一步,如何让应用安心、稳定的运行才是后续的所有工作。 这里主要从一下几个方面来进行整理,对于大部分公司足够使用。 Node Node可以是物理主机,也可以是云主机,它是Kubernetes的载体。在很多时候我们并不太关心Node怎么样了,除非其异常。...
k8s集群搭建-个人学习使用
blissnmx的博客
12-17 727
1、准备工作 Docker 18.09.0 --- kubeadm-1.14.0-0 kubelet-1.14.0-0 kubectl-1.14.0-0 --- k8s.gcr.io/kube-apiserver:v1.14.0 k8s.gcr.io/kube-controller-manager:v1.14.0 k8s.gcr.io/kube-scheduler:v1.14....
kubeadm部署K8S-v1.18.x-详细篇(包含nginx及dashboard测试部署)
盲盒岛
08-17 3371
1 环境准备 1.1 环境要求 k8s支持的系统: Ubuntu 16.04+ Debian 9+ CentOS 7 Red Hat Enterprise Linux (RHEL) 7 Fedora 25+ HypriotOS v1.0.1+ Container Linux (tested with 1800.6.0) 内存:至少2GB及以上 CPU:至少2核及以上 [root@k8smaster170 ~]# cat /etc/redhat-release CentOS Linux release 7.
how to get a nginx for windows with stream_realip_module
04-01
Replace <path_to_nginx_config_file> with the path to your Nginx configuration file, and <path_to_stream_realip_module.so> with the path to the stream_realip_module.so file that you extracted in step ...

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值