K8s调整节点kubelet硬驱逐策略:修订间差异
来自三线的随记
小无编辑摘要 |
小无编辑摘要 |
||
| 第10行: | 第10行: | ||
https://kubernetes.io/docs/concepts/architecture/garbage-collection/ | https://kubernetes.io/docs/concepts/architecture/garbage-collection/ | ||
PS2: 通过请求kubelet接口,可以获知当前配置具体值 | |||
curl {apiserver}/api/v1/nodes/wcn-gzu-ytjdc1/proxy/configz | |||
{ | |||
"kubeletconfig": { | |||
"staticPodPath": "/etc/kubernetes/kubelet/manifests", | |||
"syncFrequency": "1m0s", | |||
"fileCheckFrequency": "20s", | |||
"httpCheckFrequency": "20s", | |||
"address": "0.0.0.0", | |||
"port": 10250, | |||
"readOnlyPort": 10255, | |||
"tlsCertFile": "/var/lib/kubelet/pki/kubelet.crt", | |||
"tlsPrivateKeyFile": "/var/lib/kubelet/pki/kubelet.key", | |||
"rotateCertificates": true, | |||
"authentication": { | |||
"x509": { | |||
"clientCAFile": "/etc/kubernetes/certs/ca.crt" | |||
}, | |||
"webhook": { | |||
"enabled": true, | |||
"cacheTTL": "2m0s" | |||
}, | |||
"anonymous": { | |||
"enabled": false | |||
} | |||
}, | |||
"authorization": { | |||
"mode": "Webhook", | |||
"webhook": { | |||
"cacheAuthorizedTTL": "5m0s", | |||
"cacheUnauthorizedTTL": "30s" | |||
} | |||
}, | |||
"registryPullQPS": 5, | |||
"registryBurst": 10, | |||
"eventRecordQPS": 5, | |||
"eventBurst": 10, | |||
"enableDebuggingHandlers": true, | |||
"healthzPort": 10248, | |||
"healthzBindAddress": "127.0.0.1", | |||
"oomScoreAdj": -999, | |||
"clusterDomain": "cluster.local", | |||
"clusterDNS": [ | |||
"172.31.0.10" | |||
], | |||
"streamingConnectionIdleTimeout": "4h0m0s", | |||
"nodeStatusUpdateFrequency": "10s", | |||
"nodeStatusReportFrequency": "10s", | |||
"nodeLeaseDurationSeconds": 40, | |||
"imageMinimumGCAge": "2m0s", | |||
"imageGCHighThresholdPercent": 85, | |||
"imageGCLowThresholdPercent": 80, | |||
"volumeStatsAggPeriod": "1m0s", | |||
"cgroupsPerQOS": true, | |||
"cgroupDriver": "cgroupfs", | |||
"cpuManagerPolicy": "none", | |||
"cpuManagerReconcilePeriod": "10s", | |||
"topologyManagerPolicy": "none", | |||
"runtimeRequestTimeout": "2m0s", | |||
"hairpinMode": "promiscuous-bridge", | |||
"maxPods": 250, | |||
"podPidsLimit": 8192, | |||
"resolvConf": "/etc/resolv.conf", | |||
"cpuCFSQuota": true, | |||
"cpuCFSQuotaPeriod": "100ms", | |||
"maxOpenFiles": 1000000, | |||
"contentType": "application/vnd.kubernetes.protobuf", | |||
"kubeAPIQPS": 5, | |||
"kubeAPIBurst": 10, | |||
"serializeImagePulls": true, | |||
"evictionHard": { | |||
"imagefs.available": "15%", | |||
"memory.available": "100Mi", | |||
"nodefs.available": "10%", | |||
"nodefs.inodesFree": "5%" | |||
}, | |||
"evictionPressureTransitionPeriod": "5m0s", | |||
"enableControllerAttachDetach": true, | |||
"makeIPTablesUtilChains": true, | |||
"iptablesMasqueradeBit": 14, | |||
"iptablesDropBit": 15, | |||
"featureGates": { | |||
"CSIMigration": false, | |||
"EphemeralContainers": true | |||
}, | |||
"failSwapOn": true, | |||
"containerLogMaxSize": "10Mi", | |||
"containerLogMaxFiles": 5, | |||
"configMapAndSecretChangeDetectionStrategy": "Watch", | |||
"systemReserved": { | |||
"cpu": "500m", | |||
"memory": "512Mi", | |||
"pid": "100" | |||
}, | |||
"enforceNodeAllocatable": [ | |||
"pods" | |||
] | |||
} | |||
} | |||
[[分类:K8s]] | [[分类:K8s]] | ||
2023年12月22日 (五) 17:56的版本
--eviction-hard=nodefs.available<5Gi,imagefs.available<5Gi
添加到kubelet service environment就好(此配置方法在DEPRECATED阶段)
[Service] Environment="***"
ps: 驱逐相关的doc:
https://kubernetes.io/docs/concepts/scheduling-eviction/node-pressure-eviction/
https://blog.tianfeiyu.com/2020/02/06/kubelet_garbage_collect/ (部分内容过时)
https://kubernetes.io/docs/concepts/architecture/garbage-collection/
PS2: 通过请求kubelet接口,可以获知当前配置具体值
curl {apiserver}/api/v1/nodes/wcn-gzu-ytjdc1/proxy/configz
{
"kubeletconfig": {
"staticPodPath": "/etc/kubernetes/kubelet/manifests",
"syncFrequency": "1m0s",
"fileCheckFrequency": "20s",
"httpCheckFrequency": "20s",
"address": "0.0.0.0",
"port": 10250,
"readOnlyPort": 10255,
"tlsCertFile": "/var/lib/kubelet/pki/kubelet.crt",
"tlsPrivateKeyFile": "/var/lib/kubelet/pki/kubelet.key",
"rotateCertificates": true,
"authentication": {
"x509": {
"clientCAFile": "/etc/kubernetes/certs/ca.crt"
},
"webhook": {
"enabled": true,
"cacheTTL": "2m0s"
},
"anonymous": {
"enabled": false
}
},
"authorization": {
"mode": "Webhook",
"webhook": {
"cacheAuthorizedTTL": "5m0s",
"cacheUnauthorizedTTL": "30s"
}
},
"registryPullQPS": 5,
"registryBurst": 10,
"eventRecordQPS": 5,
"eventBurst": 10,
"enableDebuggingHandlers": true,
"healthzPort": 10248,
"healthzBindAddress": "127.0.0.1",
"oomScoreAdj": -999,
"clusterDomain": "cluster.local",
"clusterDNS": [
"172.31.0.10"
],
"streamingConnectionIdleTimeout": "4h0m0s",
"nodeStatusUpdateFrequency": "10s",
"nodeStatusReportFrequency": "10s",
"nodeLeaseDurationSeconds": 40,
"imageMinimumGCAge": "2m0s",
"imageGCHighThresholdPercent": 85,
"imageGCLowThresholdPercent": 80,
"volumeStatsAggPeriod": "1m0s",
"cgroupsPerQOS": true,
"cgroupDriver": "cgroupfs",
"cpuManagerPolicy": "none",
"cpuManagerReconcilePeriod": "10s",
"topologyManagerPolicy": "none",
"runtimeRequestTimeout": "2m0s",
"hairpinMode": "promiscuous-bridge",
"maxPods": 250,
"podPidsLimit": 8192,
"resolvConf": "/etc/resolv.conf",
"cpuCFSQuota": true,
"cpuCFSQuotaPeriod": "100ms",
"maxOpenFiles": 1000000,
"contentType": "application/vnd.kubernetes.protobuf",
"kubeAPIQPS": 5,
"kubeAPIBurst": 10,
"serializeImagePulls": true,
"evictionHard": {
"imagefs.available": "15%",
"memory.available": "100Mi",
"nodefs.available": "10%",
"nodefs.inodesFree": "5%"
},
"evictionPressureTransitionPeriod": "5m0s",
"enableControllerAttachDetach": true,
"makeIPTablesUtilChains": true,
"iptablesMasqueradeBit": 14,
"iptablesDropBit": 15,
"featureGates": {
"CSIMigration": false,
"EphemeralContainers": true
},
"failSwapOn": true,
"containerLogMaxSize": "10Mi",
"containerLogMaxFiles": 5,
"configMapAndSecretChangeDetectionStrategy": "Watch",
"systemReserved": {
"cpu": "500m",
"memory": "512Mi",
"pid": "100"
},
"enforceNodeAllocatable": [
"pods"
]
}
}
