protectKernelDefaults如何起作用

最新推荐文章于 2023-03-03 22:14:22 发布

王伯爵

最新推荐文章于 2023-03-03 22:14:22 发布

阅读量410

点赞数 1

分类专栏： kubernetes 文章标签： kubernetes

本文链接：https://blog.csdn.net/weixin_41020960/article/details/116001559

版权

本文探讨了kubelet配置中的protectKernelDefaults参数如何影响系统行为，特别是涉及containerManagerImpl私有方法setupNode的过程。同时，解释了CGroup和CFS在Linux内核中的角色，CGroup用于限制和隔离进程资源，而CFS负责实现CPU的公平调度。

摘要由CSDN通过智能技术生成

protectKernelDefaults如何起作用

1. kubelet配置中的一个参数

//该结构体位于：kubernetes/staging/src/k8s.io/kubelet/config/v1beta1/types.go
type KubeletConfiguration struct {
   
	metav1.TypeMeta `json:",inline"`
	// protectKernelDefaults, if true, causes the Kubelet to error if kernel
	// flags are not as it expects. Otherwise the Kubelet will attempt to modify
	// kernel flags to match its expectation.
	// Dynamic Kubelet Config (beta): If dynamically updating this field, consider that
	// enabling it may cause the Kubelet to crash-loop if the Kernel is not configured as
	// Kubelet expects.
	// Default: false
	// +optional
	ProtectKernelDefaults bool `json:"protectKernelDefaults,omitempty"`
	}

2. containerManagerImpl

//该结构体位于：kubernetes/pkg/kubelet/cm/container_manager_linux.go

type containerManagerImpl struct {
   
	sync.RWMutex
	cadvisorInterface cadvisor.Interface
	mountUtil         mount.Interface
	NodeConfig    //包含ProtectKernelDefaults配置
	status Status
	// External containers being managed.
	systemContainers []*systemContainer
	// Tasks that are run periodically
	periodicTasks []func()
	// Holds all the mounted cgroup subsystems
	subsystems *CgroupSubsystems
	nodeInfo   *v1.Node
	// Interface for cgroup management
	cgroupManager CgroupManager
	// Capacity of this node.
	capacity v1.ResourceList
	// Capacity of this node, including internal resources.
	internalCapacity v1.ResourceList
	// Absolute cgroupfs path to a cgroup that Kubelet needs to place all pods under.
	// This path include a top level container for enforcing Node Allocatable.
	cgroupRoot CgroupName
	// Event recorder interface.
	recorder record.EventRecorder
	// Interface for QoS cgroup management  k8s根据Requests和Limits划分Pod Qos
	qosContainerManager QOSContainerManager
	// Interface for exporting and allocating devices reported by device plugins.
	deviceManager devicemanager.Manager
	// Interface for CPU affinity management.
	cpuManager cpumanager.Manager
	// Interface for Topology resource co-ordination
	topologyManager topologymanager.Manager
}

//该结构体位于 kubernetes/pkg/kubelet/cm/container_manager.go
type NodeConfig struct {
   
	RuntimeCgroupsName