mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-09-01 01:08:55 +00:00
Moving Kubelet kernel-memgc-notification to configuration file
This commit is contained in:
Amim Knabben
@@ -117,9 +117,6 @@ type KubeletFlags struct {
|
||||
RemoteImageEndpoint string
|
||||
// experimentalMounterPath is the path of mounter binary. Leave empty to use the default mount path
|
||||
ExperimentalMounterPath string
|
||||
// If enabled, the kubelet will integrate with the kernel memcg notification to determine if memory eviction thresholds are crossed rather than polling.
|
||||
// +optional
|
||||
ExperimentalKernelMemcgNotification bool
|
||||
// This flag, if set, enables a check prior to mount operations to verify that the required components
|
||||
// (binaries, etc.) to mount the volume are available on the underlying node. If the check is enabled
|
||||
// and fails the mount operation fails.
|
||||
@@ -180,20 +177,19 @@ func NewKubeletFlags() *KubeletFlags {
|
||||
}
|
||||
|
||||
return &KubeletFlags{
|
||||
ContainerRuntimeOptions: *NewContainerRuntimeOptions(),
|
||||
CertDirectory: "/var/lib/kubelet/pki",
|
||||
RootDirectory: defaultRootDir,
|
||||
MasterServiceNamespace: metav1.NamespaceDefault,
|
||||
MaxContainerCount: -1,
|
||||
MaxPerPodContainerCount: 1,
|
||||
MinimumGCAge: metav1.Duration{Duration: 0},
|
||||
NonMasqueradeCIDR: "10.0.0.0/8",
|
||||
RegisterSchedulable: true,
|
||||
ExperimentalKernelMemcgNotification: false,
|
||||
RemoteRuntimeEndpoint: remoteRuntimeEndpoint,
|
||||
NodeLabels: make(map[string]string),
|
||||
RegisterNode: true,
|
||||
SeccompProfileRoot: filepath.Join(defaultRootDir, "seccomp"),
|
||||
ContainerRuntimeOptions: *NewContainerRuntimeOptions(),
|
||||
CertDirectory: "/var/lib/kubelet/pki",
|
||||
RootDirectory: defaultRootDir,
|
||||
MasterServiceNamespace: metav1.NamespaceDefault,
|
||||
MaxContainerCount: -1,
|
||||
MaxPerPodContainerCount: 1,
|
||||
MinimumGCAge: metav1.Duration{Duration: 0},
|
||||
NonMasqueradeCIDR: "10.0.0.0/8",
|
||||
RegisterSchedulable: true,
|
||||
RemoteRuntimeEndpoint: remoteRuntimeEndpoint,
|
||||
NodeLabels: make(map[string]string),
|
||||
RegisterNode: true,
|
||||
SeccompProfileRoot: filepath.Join(defaultRootDir, "seccomp"),
|
||||
// prior to the introduction of this flag, there was a hardcoded cap of 50 images
|
||||
EnableCAdvisorJSONEndpoints: false,
|
||||
}
|
||||
@@ -345,7 +341,6 @@ func (f *KubeletFlags) AddFlags(mainfs *pflag.FlagSet) {
|
||||
fs.Var(utiltaints.NewTaintsVar(&f.RegisterWithTaints), "register-with-taints", "Register the node with the given list of taints (comma separated \"<key>=<value>:<effect>\"). No-op if register-node is false.")
|
||||
|
||||
// EXPERIMENTAL FLAGS
|
||||
fs.BoolVar(&f.ExperimentalKernelMemcgNotification, "experimental-kernel-memcg-notification", f.ExperimentalKernelMemcgNotification, "If enabled, the kubelet will integrate with the kernel memcg notification to determine if memory eviction thresholds are crossed rather than polling.")
|
||||
fs.StringVar(&f.RemoteRuntimeEndpoint, "container-runtime-endpoint", f.RemoteRuntimeEndpoint, "[Experimental] The endpoint of remote runtime service. Currently unix socket endpoint is supported on Linux, while npipe and tcp endpoints are supported on windows. Examples:'unix:///var/run/dockershim.sock', 'npipe:////./pipe/dockershim'")
|
||||
fs.StringVar(&f.RemoteImageEndpoint, "image-service-endpoint", f.RemoteImageEndpoint, "[Experimental] The endpoint of remote image service. If not specified, it will be the same with container-runtime-endpoint by default. Currently unix socket endpoint is supported on Linux, while npipe and tcp endpoints are supported on windows. Examples:'unix:///var/run/dockershim.sock', 'npipe:////./pipe/dockershim'")
|
||||
fs.BoolVar(&f.ExperimentalNodeAllocatableIgnoreEvictionThreshold, "experimental-allocatable-ignore-eviction", f.ExperimentalNodeAllocatableIgnoreEvictionThreshold, "When set to 'true', Hard Eviction Thresholds will be ignored while calculating Node Allocatable. See https://kubernetes.io/docs/tasks/administer-cluster/reserve-compute-resources/ for more details. [default=false]")
|
||||
@@ -519,6 +514,7 @@ func AddKubeletConfigFlags(mainfs *pflag.FlagSet, c *kubeletconfig.KubeletConfig
|
||||
fs.StringSliceVar(&c.AllowedUnsafeSysctls, "allowed-unsafe-sysctls", c.AllowedUnsafeSysctls, "Comma-separated whitelist of unsafe sysctls or unsafe sysctl patterns (ending in *). Use these at your own risk.")
|
||||
|
||||
fs.Int32Var(&c.NodeStatusMaxImages, "node-status-max-images", c.NodeStatusMaxImages, "The maximum number of images to report in Node.Status.Images. If -1 is specified, no cap will be applied.")
|
||||
fs.BoolVar(&c.KernelMemcgNotification, "kernel-memcg-notification", c.KernelMemcgNotification, "If enabled, the kubelet will integrate with the kernel memcg notification to determine if memory eviction thresholds are crossed rather than polling.")
|
||||
|
||||
// Flags intended for testing, not recommended used in production environments.
|
||||
fs.Int64Var(&c.MaxOpenFiles, "max-open-files", c.MaxOpenFiles, "Number of files that can be opened by Kubelet process.")
|
||||
@@ -543,4 +539,7 @@ func AddKubeletConfigFlags(mainfs *pflag.FlagSet, c *kubeletconfig.KubeletConfig
|
||||
fs.StringSliceVar(&c.EnforceNodeAllocatable, "enforce-node-allocatable", c.EnforceNodeAllocatable, "A comma separated list of levels of node allocatable enforcement to be enforced by kubelet. Acceptable options are 'none', 'pods', 'system-reserved', and 'kube-reserved'. If the latter two options are specified, '--system-reserved-cgroup' and '--kube-reserved-cgroup' must also be set, respectively. If 'none' is specified, no additional options should be set. See https://kubernetes.io/docs/tasks/administer-cluster/reserve-compute-resources/ for more details.")
|
||||
fs.StringVar(&c.SystemReservedCgroup, "system-reserved-cgroup", c.SystemReservedCgroup, "Absolute name of the top level cgroup that is used to manage non-kubernetes components for which compute resources were reserved via '--system-reserved' flag. Ex. '/system-reserved'. [default='']")
|
||||
fs.StringVar(&c.KubeReservedCgroup, "kube-reserved-cgroup", c.KubeReservedCgroup, "Absolute name of the top level cgroup that is used to manage kubernetes components for which compute resources were reserved via '--kube-reserved' flag. Ex. '/kube-reserved'. [default='']")
|
||||
|
||||
// Graduated experimental flags, kept for backward compatibility
|
||||
fs.BoolVar(&c.KernelMemcgNotification, "experimental-kernel-memcg-notification", c.KernelMemcgNotification, "Use kernelMemcgNotification configuration, this flag will be removed in 1.23.")
|
||||
}
|
||||
|
||||
@@ -1109,7 +1109,7 @@ func RunKubelet(kubeServer *options.KubeletServer, kubeDeps *kubelet.Dependencie
|
||||
kubeServer.RegisterWithTaints,
|
||||
kubeServer.AllowedUnsafeSysctls,
|
||||
kubeServer.ExperimentalMounterPath,
|
||||
kubeServer.ExperimentalKernelMemcgNotification,
|
||||
kubeServer.KernelMemcgNotification,
|
||||
kubeServer.ExperimentalCheckNodeCapabilitiesBeforeMount,
|
||||
kubeServer.ExperimentalNodeAllocatableIgnoreEvictionThreshold,
|
||||
kubeServer.MinimumGCAge,
|
||||
@@ -1183,7 +1183,7 @@ func createAndInitKubelet(kubeCfg *kubeletconfiginternal.KubeletConfiguration,
|
||||
registerWithTaints []api.Taint,
|
||||
allowedUnsafeSysctls []string,
|
||||
experimentalMounterPath string,
|
||||
experimentalKernelMemcgNotification bool,
|
||||
kernelMemcgNotification bool,
|
||||
experimentalCheckNodeCapabilitiesBeforeMount bool,
|
||||
experimentalNodeAllocatableIgnoreEvictionThreshold bool,
|
||||
minimumGCAge metav1.Duration,
|
||||
@@ -1215,7 +1215,7 @@ func createAndInitKubelet(kubeCfg *kubeletconfiginternal.KubeletConfiguration,
|
||||
registerWithTaints,
|
||||
allowedUnsafeSysctls,
|
||||
experimentalMounterPath,
|
||||
experimentalKernelMemcgNotification,
|
||||
kernelMemcgNotification,
|
||||
experimentalCheckNodeCapabilitiesBeforeMount,
|
||||
experimentalNodeAllocatableIgnoreEvictionThreshold,
|
||||
minimumGCAge,
|
||||
|
||||
Reference in New Issue
Block a user