diff --git a/roles/kube-node/defaults/main.yml b/roles/kube-node/defaults/main.yml
index b18ec42..cfadfb6 100644
--- a/roles/kube-node/defaults/main.yml
+++ b/roles/kube-node/defaults/main.yml
@@ -14,6 +14,7 @@ MAX_PODS: 110
 # 配置为kube组件（kubelet,kube-proxy,dockerd等）预留的资源量
 KUBE_RESERVED_ENABLED: "yes"
 KUBE_RESERVED: "cpu=200m,memory=500Mi,ephemeral-storage=1Gi"
+SYS_RESERVED: "cpu=200m,memory=500Mi,ephemeral-storage=1Gi"
 
 # 配置kubelet的hard eviction条件
-HARD_EVICTION: "memory.available<200Mi,nodefs.available<10%"
+HARD_EVICTION: "memory.available<500Mi,nodefs.available<10%"
diff --git a/roles/kube-node/templates/kubelet.service.j2 b/roles/kube-node/templates/kubelet.service.j2
index 47c8424..451a5f8 100644
--- a/roles/kube-node/templates/kubelet.service.j2
+++ b/roles/kube-node/templates/kubelet.service.j2
@@ -39,9 +39,11 @@ ExecStart={{ bin_dir }}/kubelet \
   --cgroups-per-qos=true \
   --cgroup-driver=cgroupfs \
 {% if KUBE_RESERVED_ENABLED == "yes" %}
-  --enforce-node-allocatable=pods,kube-reserved \
+  --enforce-node-allocatable=pods,kube-reserved,system-reserved \
   --kube-reserved={{ KUBE_RESERVED }} \
   --kube-reserved-cgroup=/system.slice/kubelet.service \
+  --system-reserved={{ SYS_RESERVED }} \
+  --system-reserved-cgroup=/system.slice \
 {% endif %}
   --eviction-hard={{ HARD_EVICTION }} \
   --v=2