kubelet配置详解及简单实例
<p><strong>kubelet配置详解及简单实例</strong></p>
<p>
摘要: 这两天试着重新去理解kubelet的每一个配置,并整理出我们最有可能要配置的项作为我们上生产的要考虑的kubelet最佳配置。</p>
<p>
author: garnett.wang@gmail.com</p>
<p>
kubernetes version: 1.6.2</p>
<p>
Kubelet Configurations We Should Care About</p>
<p>
下面是我梳理的,我认为必须关注的flag。</p>
<p>
</p>
<table>
<thead><tr>
<th>
flag</th>
<th>
value</th>
</tr></thead>
<tbody>
<tr>
<td>
--address</td>
<td>
0.0.0.0</td>
</tr>
<tr>
<td>
--allow-privileged</td>
<td>
false</td>
</tr>
<tr>
<td>
--cadvisor-port int32</td>
<td>
4194</td>
</tr>
<tr>
<td>
--cgroup-driver string</td>
<td>
cgroupfs</td>
</tr>
<tr>
<td>
--cluster-dns stringSlice</td>
<td>
10.0.0.10 //todo</td>
</tr>
<tr>
<td>
--cluster-domain string</td>
<td>
caas.vivo.com</td>
</tr>
<tr>
<td>
--cni-bin-dir string</td>
<td>
/opt/cni/bin</td>
</tr>
<tr>
<td>
--cni-conf-dir string</td>
<td>
/etc/cni/net.d</td>
</tr>
<tr>
<td>
--docker-endpoint string</td>
<td>
unix:///var/run/docker.sock</td>
</tr>
<tr>
<td>
--eviction-hard string</td>
<td>
memory.available<4Gi,<br/> nodefs.available<20Gi,<br/> imagefs.available<5Gi</td>
</tr>
<tr>
<td>
--eviction-max-pod-grace-period int32</td>
<td>
30</td>
</tr>
<tr>
<td>
--eviction-minimum-reclaim string</td>
<td>
memory.available=500Mi,<br/> nodefs.available=2Gi,,<br/> imagefs.available=2Gi</td>
</tr>
<tr>
<td>
--eviction-pressure-transition-periodduration</td>
<td>
5m0s</td>
</tr>
<tr>
<td>
--eviction-soft string</td>
<td>
memory.available<8Gi,<br/> nodefs.available<100Gi,<br/> imagefs.available<20Gi</td>
</tr>
<tr>
<td>
--eviction-soft-grace-period string</td>
<td>
memory.available=30s,<br/> nodefs.available=2m,<br/> imagefs.available=2m</td>
</tr>
<tr>
<td>
--experimental-fail-swap-on</td>
<td>
+</td>
</tr>
<tr>
<td>
--experimental-kernel-memcg-notification</td>
<td>
+</td>
</tr>
<tr>
<td>
--feature-gates string</td>
<td>
AllAlpha=false</td>
</tr>
<tr>
<td>
--file-check-frequency duration</td>
<td>
20s</td>
</tr>
<tr>
<td>
--hairpin-mode string</td>
<td>
promiscuous-bridge</td>
</tr>
<tr>
<td>
--healthz-port int32</td>
<td>
10248</td>
</tr>
<tr>
<td>
--image-gc-high-threshold int32</td>
<td>
60</td>
</tr>
<tr>
<td>
--image-gc-low-threshold int32</td>
<td>
40</td>
</tr>
<tr>
<td>
--image-pull-progress-deadline duration</td>
<td>
2m0s</td>
</tr>
<tr>
<td>
--kube-api-qps int32</td>
<td>
5</td>
</tr>
<tr>
<td>
--kube-reserved mapStringString</td>
<td>
cpu=200m,memory=16G</td>
</tr>
<tr>
<td>
--kubeconfig string</td>
<td>
/var/lib/kubelet/kubeconfig</td>
</tr>
<tr>
<td>
--max-pods int32</td>
<td>
50</td>
</tr>
<tr>
<td>
--minimum-image-ttl-duration duration</td>
<td>
1h</td>
</tr>
<tr>
<td>
--network-plugin string</td>
<td>
cni</td>
</tr>
<tr>
<td>
--pod-infra-container-image string</td>
<td>
vivo.registry.com/google_containers/pause-amd64:3.0</td>
</tr>
<tr>
<td>
--pod-manifest-path string</td>
<td>
/var/lib/kubelet/pod_manifest</td>
</tr>
<tr>
<td>
--port int32</td>
<td>
10250</td>
</tr>
<tr>
<td>
--protect-kernel-defaults</td>
<td>
+</td>
</tr>
<tr>
<td>
--read-only-port int32</td>
<td>
10255</td>
</tr>
<tr>
<td>
--require-kubeconfig</td>
<td>
+</td>
</tr>
<tr>
<td>
--root-dir string</td>
<td>
/var/lib/kubelet</td>
</tr>
<tr>
<td>
--runtime-request-timeout duration</td>
<td>
2m0s</td>
</tr>
<tr>
<td>
--serialize-image-pulls</td>
<td>
false</td>
</tr>
<tr>
<td>
--sync-frequency duration</td>
<td>
1m0s</td>
</tr>
<tr>
<td>
--system-reserved mapStringString</td>
<td>
cpu=100m,memory=32G</td>
</tr>
<tr>
<td>
--volume-plugin-dir string</td>
<td>
/usr/libexec/kubernetes/kubelet-plugins/volume/exec/</td>
</tr>
<tr>
<td>
--volume-stats-agg-period duration</td>
<td>
1m0s</td>
</tr>
</tbody>
</table>
<p>
</p>
<p>
</p>
<p>
下面是我最终梳理的,认为需要真正显示设置的flag,如下:</p>
<div class="jb51code">
<div>
<div class="syntaxhighlighterbash" id="highlighter_967444">
<div class="toolbar">
<span>?</span>
</div>
<table border="0" cellpadding="0" cellspacing="0"><tbody><tr>
<td class="gutter">
<div class="line number1 index0 alt2">
1</div>
<div class="line number2 index1 alt1">
2</div>
<div class="line number3 index2 alt2">
3</div>
<div class="line number4 index3 alt1">
4</div>
<div class="line number5 index4 alt2">
5</div>
<div class="line number6 index5 alt1">
6</div>
<div class="line number7 index6 alt2">
7</div>
<div class="line number8 index7 alt1">
8</div>
<div class="line number9 index8 alt2">
9</div>
<div class="line number10 index9 alt1">
10</div>
<div class="line number11 index10 alt2">
11</div>
<div class="line number12 index11 alt1">
12</div>
<div class="line number13 index12 alt2">
13</div>
<div class="line number14 index13 alt1">
14</div>
<div class="line number15 index14 alt2">
15</div>
<div class="line number16 index15 alt1">
16</div>
<div class="line number17 index16 alt2">
17</div>
<div class="line number18 index17 alt1">
18</div>
<div class="line number19 index18 alt2">
19</div>
<div class="line number20 index19 alt1">
20</div>
<div class="line number21 index20 alt2">
21</div>
<div class="line number22 index21 alt1">
22</div>
<div class="line number23 index22 alt2">
23</div>
<div class="line number24 index23 alt1">
24</div>
<div class="line number25 index24 alt2">
25</div>
<div class="line number26 index25 alt1">
26</div>
</td>
<td class="code">
<div class="container">
<div class="line number1 index0 alt2">
<code class="bash plain">/usr/bin/kubelet</code> <code class="bash plain">—address=0.0.0.0 </code>
</div>
<div class="line number2 index1 alt1">
<code class="bash plain">--port=10250 </code>
</div>
<div class="line number3 index2 alt2">
<code class="bash plain">--allow-privileged=</code><code class="bash functions">false</code>
</div>
<div class="line number4 index3 alt1">
<code class="bash plain">--cluster-dns=10.0.0.1 </code>
</div>
<div class="line number5 index4 alt2">
<code class="bash plain">--cluster-domain=caas.vivo.com</code>
</div>
<div class="line number6 index5 alt1">
<code class="bash plain">--max-pods=50 </code>
</div>
<div class="line number7 index6 alt2">
<code class="bash plain">--network-plugin=cni </code>
</div>
<div class="line number8 index7 alt1">
<code class="bash plain">--require-kubeconfig </code>
</div>
<div class="line number9 index8 alt2">
<code class="bash plain">--pod-manifest-path=</code><code class="bash plain">/etc/kubelet</code><code class="bash plain">.d/</code>
</div>
<div class="line number10 index9 alt1">
<code class="bash plain">--pod-infra-container-image=vivo.registry.com</code><code class="bash plain">/google_containers/pause-amd64</code><code class="bash plain">:3.0 </code>
</div>
<div class="line number11 index10 alt2">
<code class="bash plain">--eviction-hard=memory.available<4Gi,nodefs.available<20Gi,imagefs.available<5Gi </code>
</div>
<div class="line number12 index11 alt1">
<code class="bash plain">--eviction-max-pod-grace-period=30 </code>
</div>
<div class="line number13 index12 alt2">
<code class="bash plain">--eviction-minimum-reclaim=memory.available=500Mi,nodefs.available=2Gi,imagefs.available=2Gi </code>
</div>
<div class="line number14 index13 alt1">
<code class="bash plain">--eviction-pressure-transition-period=5m0s </code>
</div>
<div class="line number15 index14 alt2">
<code class="bash plain">--eviction-soft=memory.available<8Gi,nodefs.available<100Gi,imagefs.available<20Gi </code>
</div>
<div class="line number16 index15 alt1">
<code class="bash plain">--eviction-soft-grace-period=memory.available=30s,nodefs.available=2m,imagefs.available=2m </code>
</div>
<div class="line number17 index16 alt2">
<code class="bash plain">--experimental-kernel-memcg-notification </code>
</div>
<div class="line number18 index17 alt1">
<code class="bash plain">--experimental-fail-swap-on </code>
</div>
<div class="line number19 index18 alt2">
<code class="bash plain">--system-reserved=cpu=100m,memory=8G </code>
</div>
<div class="line number20 index19 alt1">
<code class="bash plain">--kube-reserved=cpu=200m,memory=16G</code>
</div>
<div class="line number21 index20 alt2">
<code class="bash plain">--hairpin-mode=promiscuous-bridge </code>
</div>
<div class="line number22 index21 alt1">
<code class="bash plain">--image-gc-high-threshold=60 </code>
</div>
<div class="line number23 index22 alt2">
<code class="bash plain">--image-gc-low-threshold=40 </code>
</div>
<div class="line number24 index23 alt1">
<code class="bash plain">--serialize-image-pulls=</code><code class="bash functions">false</code>
</div>
<div class="line number25 index24 alt2">
<code class="bash plain">--protect-kernel-defaults </code>
</div>
<div class="line number26 index25 alt1">
<code class="bash plain">--feature-gates=AllAlpha=</code><code class="bash functions">false</code>
</div>
</div>
</td>
</tr></tbody></table>
</div>
</div>
<div class="codetool" id="codetool">
<div class="code_n">
<textarea></textarea>
</div>
</div>
</div>
<p>
感谢阅读,希望能帮助到大家,谢谢大家对本站的支持!</p>
<p>
原文链接:https://my.oschina.net/jxcdwangtao/blog/891960</p>
頁:
[1]