2017-11-11 19:14:21 +08:00
|
|
|
[Unit]
|
|
|
|
|
Description=Kubernetes Kubelet
|
|
|
|
|
Documentation=https://github.com/GoogleCloudPlatform/kubernetes
|
|
|
|
|
|
|
|
|
|
[Service]
|
|
|
|
|
WorkingDirectory=/var/lib/kubelet
|
2019-06-25 22:55:29 +08:00
|
|
|
{% if KUBE_RESERVED_ENABLED == "yes" or SYS_RESERVED_ENABLED == "yes" %}
|
2019-04-10 23:49:49 +08:00
|
|
|
ExecStartPre=/bin/mkdir -p /sys/fs/cgroup/cpuset/system.slice/kubelet.service
|
|
|
|
|
ExecStartPre=/bin/mkdir -p /sys/fs/cgroup/hugetlb/system.slice/kubelet.service
|
|
|
|
|
ExecStartPre=/bin/mkdir -p /sys/fs/cgroup/memory/system.slice/kubelet.service
|
|
|
|
|
ExecStartPre=/bin/mkdir -p /sys/fs/cgroup/pids/system.slice/kubelet.service
|
2019-05-22 00:06:21 +08:00
|
|
|
{% endif %}
|
2017-11-11 19:14:21 +08:00
|
|
|
ExecStart={{ bin_dir }}/kubelet \
|
2018-06-09 22:19:20 +08:00
|
|
|
--address={{ inventory_hostname }} \
|
2019-06-30 21:23:38 +08:00
|
|
|
{% if KUBE_VER|float < 1.15 %}
|
2018-09-11 20:46:46 +08:00
|
|
|
--allow-privileged=true \
|
2019-06-30 21:23:38 +08:00
|
|
|
{% endif %}
|
2018-09-11 20:46:46 +08:00
|
|
|
--anonymous-auth=false \
|
2018-10-06 10:21:04 +08:00
|
|
|
--authentication-token-webhook \
|
|
|
|
|
--authorization-mode=Webhook \
|
2018-05-17 22:51:15 +08:00
|
|
|
--client-ca-file={{ ca_dir }}/ca.pem \
|
2017-11-11 19:14:21 +08:00
|
|
|
--cluster-dns={{ CLUSTER_DNS_SVC_IP }} \
|
|
|
|
|
--cluster-domain={{ CLUSTER_DNS_DOMAIN }} \
|
2018-09-11 20:46:46 +08:00
|
|
|
--cni-bin-dir={{ bin_dir }} \
|
|
|
|
|
--cni-conf-dir=/etc/cni/net.d \
|
2019-05-18 16:48:58 +08:00
|
|
|
{% if CONTAINER_RUNTIME == "containerd" %}
|
|
|
|
|
--container-runtime=remote \
|
|
|
|
|
--container-runtime-endpoint=unix:///run/containerd/containerd.sock \
|
|
|
|
|
{% endif %}
|
2017-11-21 11:27:06 +08:00
|
|
|
--fail-swap-on=false \
|
2018-09-11 20:46:46 +08:00
|
|
|
--hairpin-mode hairpin-veth \
|
|
|
|
|
--hostname-override={{ inventory_hostname }} \
|
|
|
|
|
--kubeconfig=/etc/kubernetes/kubelet.kubeconfig \
|
|
|
|
|
--max-pods={{ MAX_PODS }} \
|
|
|
|
|
--network-plugin=cni \
|
2019-01-10 23:51:50 +08:00
|
|
|
--pod-infra-container-image={{ SANDBOX_IMAGE }} \
|
2018-09-11 20:46:46 +08:00
|
|
|
--register-node=true \
|
2018-08-29 22:16:50 +08:00
|
|
|
--root-dir={{ KUBELET_ROOT_DIR }} \
|
2018-09-11 20:46:46 +08:00
|
|
|
--tls-cert-file={{ ca_dir }}/kubelet.pem \
|
|
|
|
|
--tls-private-key-file={{ ca_dir }}/kubelet-key.pem \
|
2019-04-10 23:49:49 +08:00
|
|
|
--cgroups-per-qos=true \
|
|
|
|
|
--cgroup-driver=cgroupfs \
|
2019-06-25 22:55:29 +08:00
|
|
|
--enforce-node-allocatable=pods{% if KUBE_RESERVED_ENABLED == "yes" %},kube-reserved{% endif %}{% if SYS_RESERVED_ENABLED == "yes" %},system-reserved{% endif %} \
|
2019-05-22 00:06:21 +08:00
|
|
|
{% if KUBE_RESERVED_ENABLED == "yes" %}
|
2019-04-10 23:49:49 +08:00
|
|
|
--kube-reserved={{ KUBE_RESERVED }} \
|
|
|
|
|
--kube-reserved-cgroup=/system.slice/kubelet.service \
|
2019-06-25 22:55:29 +08:00
|
|
|
{% endif %}
|
|
|
|
|
{% if SYS_RESERVED_ENABLED == "yes" %}
|
2019-06-12 21:31:06 +08:00
|
|
|
--system-reserved={{ SYS_RESERVED }} \
|
|
|
|
|
--system-reserved-cgroup=/system.slice \
|
2019-05-22 00:06:21 +08:00
|
|
|
{% endif %}
|
2019-04-10 23:49:49 +08:00
|
|
|
--eviction-hard={{ HARD_EVICTION }} \
|
2017-11-11 19:14:21 +08:00
|
|
|
--v=2
|
|
|
|
|
Restart=on-failure
|
|
|
|
|
RestartSec=5
|
|
|
|
|
|
|
|
|
|
[Install]
|
|
|
|
|
WantedBy=multi-user.target
|
