185 lines
4.7 KiB
Markdown
185 lines
4.7 KiB
Markdown
**vim /usr/lib/systemd/system/kubelet.service**
|
||
|
||
````
|
||
[Unit]
|
||
Description=Kubernetes Kubelet
|
||
Documentation=https://github.com/kubernetes/kubernetes
|
||
After=docker.service
|
||
Requires=docker.service
|
||
|
||
[Service]
|
||
ExecStart=/usr/local/bin/kubelet
|
||
|
||
Restart=always
|
||
StartLimitInterval=0
|
||
RestartSec=10
|
||
|
||
[Install]
|
||
WantedBy=multi-user.target
|
||
````
|
||
|
||
**vim /etc/systemd/system/kubelet.service.d/10-kubelet.conf**
|
||
|
||
````
|
||
[Service]
|
||
Environment="KUBELET_KUBECONFIG_ARGS=--bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.kubeconfig --kubeconfig=/etc/kubernetes/kubelet.kubeconfig"
|
||
Environment="KUBELET_SYSTEM_ARGS=--network-plugin=cni --cni-conf-dir=/etc/cni/net.d --cni-bin-dir=/opt/cni/bin --container-runtime=remote --runtime-request-timeout=15m --container-runtime-endpoint=unix:///run/containerd/containerd.sock --cgroup-driver=systemd"
|
||
Environment="KUBELET_CONFIG_ARGS=--config=/etc/kubernetes/kubelet-conf.yml"
|
||
Environment="KUBELET_EXTRA_ARGS=--node-labels=node.kubernetes.io/node='' "
|
||
ExecStart=
|
||
ExecStart=/usr/local/bin/kubelet $KUBELET_KUBECONFIG_ARGS $KUBELET_CONFIG_ARGS $KUBELET_SYSTEM_ARGS $KUBELET_EXTRA_ARGS
|
||
````
|
||
|
||
**Runtime为Docker,请使用如下Kubelet的配置**
|
||
|
||
**vim /etc/systemd/system/kubelet.service.d/10-kubelet.conf**
|
||
|
||
````
|
||
[Service]
|
||
Environment="KUBELET_KUBECONFIG_ARGS=--bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.kubeconfig --kubeconfig=/etc/kubernetes/kubelet.kubeconfig"
|
||
Environment="KUBELET_SYSTEM_ARGS=--network-plugin=cni --cni-conf-dir=/etc/cni/net.d --cni-bin-dir=/opt/cni/bin"
|
||
Environment="KUBELET_CONFIG_ARGS=--config=/etc/kubernetes/kubelet-conf.yml --pod-infra-container-image=registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.5"
|
||
Environment="KUBELET_EXTRA_ARGS=--node-labels=node.kubernetes.io/node='' "
|
||
ExecStart=
|
||
ExecStart=/usr/local/bin/kubelet $KUBELET_KUBECONFIG_ARGS $KUBELET_CONFIG_ARGS $KUBELET_SYSTEM_ARGS $KUBELET_EXTRA_ARGS
|
||
````
|
||
|
||
**vim /etc/kubernetes/kubelet-conf.yml**
|
||
|
||
````
|
||
apiVersion: kubelet.config.k8s.io/v1beta1
|
||
kind: KubeletConfiguration
|
||
address: 0.0.0.0
|
||
port: 10250
|
||
readOnlyPort: 10255
|
||
authentication:
|
||
anonymous:
|
||
enabled: false
|
||
webhook:
|
||
cacheTTL: 2m0s
|
||
enabled: true
|
||
x509:
|
||
clientCAFile: /etc/kubernetes/pki/ca.pem
|
||
authorization:
|
||
mode: Webhook
|
||
webhook:
|
||
cacheAuthorizedTTL: 5m0s
|
||
cacheUnauthorizedTTL: 30s
|
||
cgroupDriver: systemd
|
||
cgroupsPerQOS: true
|
||
clusterDNS:
|
||
- 192.168.0.10
|
||
clusterDomain: cluster.local
|
||
containerLogMaxFiles: 5
|
||
containerLogMaxSize: 10Mi
|
||
contentType: application/vnd.kubernetes.protobuf
|
||
cpuCFSQuota: true
|
||
cpuManagerPolicy: none
|
||
cpuManagerReconcilePeriod: 10s
|
||
enableControllerAttachDetach: true
|
||
enableDebuggingHandlers: true
|
||
enforceNodeAllocatable:
|
||
- pods
|
||
eventBurst: 10
|
||
eventRecordQPS: 5
|
||
evictionHard:
|
||
imagefs.available: 15%
|
||
memory.available: 100Mi
|
||
nodefs.available: 10%
|
||
nodefs.inodesFree: 5%
|
||
evictionPressureTransitionPeriod: 5m0s
|
||
failSwapOn: true
|
||
fileCheckFrequency: 20s
|
||
hairpinMode: promiscuous-bridge
|
||
healthzBindAddress: 127.0.0.1
|
||
healthzPort: 10248
|
||
httpCheckFrequency: 20s
|
||
imageGCHighThresholdPercent: 85
|
||
imageGCLowThresholdPercent: 80
|
||
imageMinimumGCAge: 2m0s
|
||
iptablesDropBit: 15
|
||
iptablesMasqueradeBit: 14
|
||
kubeAPIBurst: 10
|
||
kubeAPIQPS: 5
|
||
makeIPTablesUtilChains: true
|
||
maxOpenFiles: 1000000
|
||
maxPods: 110
|
||
nodeStatusUpdateFrequency: 10s
|
||
oomScoreAdj: -999
|
||
podPidsLimit: -1
|
||
registryBurst: 10
|
||
registryPullQPS: 5
|
||
resolvConf: /etc/resolv.conf
|
||
rotateCertificates: true
|
||
runtimeRequestTimeout: 2m0s
|
||
serializeImagePulls: true
|
||
staticPodPath: /etc/kubernetes/manifests
|
||
streamingConnectionIdleTimeout: 4h0m0s
|
||
syncFrequency: 1m0s
|
||
volumeStatsAggPeriod: 1m0s
|
||
````
|
||
|
||
**vim /usr/lib/systemd/system/kube-proxy.service**
|
||
|
||
````
|
||
[Unit]
|
||
Description=Kubernetes Kube Proxy
|
||
Documentation=https://github.com/kubernetes/kubernetes
|
||
After=network.target
|
||
|
||
[Service]
|
||
ExecStart=/usr/local/bin/kube-proxy \
|
||
--config=/etc/kubernetes/kube-proxy.yaml \
|
||
--v=2
|
||
|
||
Restart=always
|
||
RestartSec=10s
|
||
|
||
[Install]
|
||
WantedBy=multi-user.target
|
||
|
||
````
|
||
|
||
**vim /etc/kubernetes/kube-proxy.yaml**
|
||
|
||
````
|
||
apiVersion: kubeproxy.config.k8s.io/v1alpha1
|
||
bindAddress: 0.0.0.0
|
||
clientConnection:
|
||
acceptContentTypes: ""
|
||
burst: 10
|
||
contentType: application/vnd.kubernetes.protobuf
|
||
kubeconfig: /etc/kubernetes/kube-proxy.kubeconfig
|
||
qps: 5
|
||
clusterCIDR: 172.16.0.0/12
|
||
configSyncPeriod: 15m0s
|
||
conntrack:
|
||
max: null
|
||
maxPerCore: 32768
|
||
min: 131072
|
||
tcpCloseWaitTimeout: 1h0m0s
|
||
tcpEstablishedTimeout: 24h0m0s
|
||
enableProfiling: false
|
||
healthzBindAddress: 0.0.0.0:10256
|
||
hostnameOverride: ""
|
||
iptables:
|
||
masqueradeAll: false
|
||
masqueradeBit: 14
|
||
minSyncPeriod: 0s
|
||
syncPeriod: 30s
|
||
ipvs:
|
||
masqueradeAll: true
|
||
minSyncPeriod: 5s
|
||
scheduler: "rr"
|
||
syncPeriod: 30s
|
||
kind: KubeProxyConfiguration
|
||
metricsBindAddress: 127.0.0.1:10249
|
||
mode: "ipvs"
|
||
nodePortAddresses: null
|
||
oomScoreAdj: -999
|
||
portRange: ""
|
||
udpIdleTimeout: 250ms
|
||
|
||
````
|
||
|