kubernetes-sigs
/
kubespray
mirror of https://github.com/kubernetes-sigs/kubespray.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fix kube_reserved so it only controls kubeReservedCgroup (#11367)

pull/11401/head
R. P. Taylor 2024-07-26 01:39:20 -07:00 committed by GitHub
parent 2299e49e0e
commit 468c5641b2
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
4 changed files with 7 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
docs/operations/cgroups.md
View File

@ -1,6 +1,6 @@
# cgroups
To avoid the rivals for resources between containers or the impact on the host in Kubernetes, the kubelet components will rely on cgroups to limit the containers resources usage.
To avoid resource contention between containers and host daemons in Kubernetes, the kubelet components can use cgroups to limit resource usage.
## Enforcing Node Allocatable
@ -20,8 +20,9 @@ Here is an example:
```yaml
kubelet_enforce_node_allocatable: "pods,kube-reserved,system-reserved"
# Reserve this space for kube resources
# Set to true to reserve resources for kube daemons
# Set kube_reserved to true to run kubelet and container-engine daemons in a dedicated cgroup.
# This is required if you want to enforce limits on the resource usage of these daemons.
# It is not required if you just want to make resource reservations (kube_memory_reserved, kube_cpu_reserved, etc.)
kube_reserved: true
kube_reserved_cgroups_for_service_slice: kube.slice
kube_reserved_cgroups: "/{{ kube_reserved_cgroups_for_service_slice }}"

2
inventory/sample/group_vars/k8s_cluster/k8s-cluster.yml
View File

@ -262,7 +262,7 @@ default_kubelet_config_dir: "{{ kube_config_dir }}/dynamic_kubelet_dir"
# kubelet_runtime_cgroups_cgroupfs: "/system.slice/{{ container_manager }}.service"
# kubelet_kubelet_cgroups_cgroupfs: "/system.slice/kubelet.service"
# Optionally reserve this space for kube daemons.
# Whether to run kubelet and container-engine daemons in a dedicated cgroup.
# kube_reserved: false
## Uncomment to override default values
## The following two items need to be set when kube_reserved is true

2
roles/kubernetes/node/defaults/main.yml
View File

@ -34,7 +34,7 @@ kube_node_addresses: >-
kubelet_secure_addresses: "localhost link-local {{ kube_pods_subnet }} {{ kube_node_addresses }}"
# Reserve this space for kube resources
# Set to true to reserve resources for kube daemons
# Whether to run kubelet and container-engine daemons in a dedicated cgroup. (Not required for resource reservations).
kube_reserved: false
kube_reserved_cgroups_for_service_slice: kube.slice
kube_reserved_cgroups: "/{{ kube_reserved_cgroups_for_service_slice }}"

2
roles/kubernetes/node/templates/kubelet-config.v1beta1.yaml.j2
View File

@ -62,6 +62,7 @@ clusterDNS:
{# Node reserved CPU/memory #}
{% if kube_reserved | bool %}
kubeReservedCgroup: {{ kube_reserved_cgroups }}
{% endif %}
kubeReserved:
{% if is_kube_master | bool %}
cpu: "{{ kube_master_cpu_reserved }}"
@ -82,7 +83,6 @@ kubeReserved:
pid: "{{ kube_pid_reserved }}"
{% endif %}
{% endif %}
{% endif %}
{% if system_reserved | bool %}
systemReservedCgroup: {{ system_reserved_cgroups }}
systemReserved: