From 9150e54352cd280c99197933784b5c2c9bd7fd4c Mon Sep 17 00:00:00 2001 From: gjmzj Date: Sat, 10 Jun 2023 21:18:19 +0800 Subject: [PATCH] fix: #1281 kebelet failed when systemReserved was enabled --- roles/kube-node/templates/kubelet-config.yaml.j2 | 5 +++-- roles/kube-node/templates/kubelet.service.j2 | 1 - tools/kubectl-node_shell | 1 + 3 files changed, 4 insertions(+), 3 deletions(-) diff --git a/roles/kube-node/templates/kubelet-config.yaml.j2 b/roles/kube-node/templates/kubelet-config.yaml.j2 index 3ddaad0..5cf61dd 100644 --- a/roles/kube-node/templates/kubelet-config.yaml.j2 +++ b/roles/kube-node/templates/kubelet-config.yaml.j2 @@ -26,6 +26,7 @@ clusterDomain: {{ CLUSTER_DNS_DOMAIN }} configMapAndSecretChangeDetectionStrategy: Watch containerLogMaxFiles: 3 containerLogMaxSize: 10Mi +containerRuntimeEndpoint: "unix:///run/containerd/containerd.sock" enforceNodeAllocatable: - pods {% if KUBE_RESERVED_ENABLED == "yes" %} @@ -56,7 +57,7 @@ kubeReservedCgroup: /podruntime.slice kubeReserved: cpu: 200m memory: 400Mi - pid: 1000 + pid: "1000" {% endif %} kubeAPIBurst: 100 kubeAPIQPS: 50 @@ -82,7 +83,7 @@ systemReservedCgroup: /system.slice systemReserved: cpu: 200m memory: 500Mi - pid: 5000 + pid: "5000" {% endif %} tlsCertFile: {{ ca_dir }}/kubelet.pem tlsPrivateKeyFile: {{ ca_dir }}/kubelet-key.pem diff --git a/roles/kube-node/templates/kubelet.service.j2 b/roles/kube-node/templates/kubelet.service.j2 index 2c84dd8..bbac68f 100644 --- a/roles/kube-node/templates/kubelet.service.j2 +++ b/roles/kube-node/templates/kubelet.service.j2 @@ -25,7 +25,6 @@ ExecStartPre=/bin/mkdir -p /sys/fs/cgroup/hugetlb/system.slice {% endif %} ExecStart={{ bin_dir }}/kubelet \ --config=/var/lib/kubelet/config.yaml \ - --container-runtime-endpoint=unix:///run/containerd/containerd.sock \ --hostname-override={{ K8S_NODENAME }} \ --kubeconfig=/etc/kubernetes/kubelet.kubeconfig \ --root-dir={{ KUBELET_ROOT_DIR }} \ diff --git a/tools/kubectl-node_shell b/tools/kubectl-node_shell index 95d23c9..03f82ac 100755 --- a/tools/kubectl-node_shell +++ b/tools/kubectl-node_shell @@ -10,6 +10,7 @@ node="" nodefaultctx=0 nodefaultns=0 cmd='[ "nsenter", "--target", "1", "--mount", "--uts", "--ipc", "--net", "--pid", "--"' +# If this has a terminal for STDIN if [ -t 0 ]; then tty=true else