diff --git a/cluster/gce/trusty/master.yaml b/cluster/gce/trusty/master.yaml index 0cfe0d30aaf..46238e9beff 100644 --- a/cluster/gce/trusty/master.yaml +++ b/cluster/gce/trusty/master.yaml @@ -153,9 +153,9 @@ script --cluster-domain=${DNS_DOMAIN} \ --configure-cbr0=${ALLOCATE_NODE_CIDRS} \ --cgroup-root=/ \ - --system-container=/system \ - --runtime-container=/docker-daemon \ - --resource-container=/kubelet \ + --system-cgroups=/system \ + --runtime-cgroups=/docker-daemon \ + --kubelet-cgroups=/kubelet \ --nosystemd=true \ ${ARGS} end script diff --git a/cluster/gce/trusty/node.yaml b/cluster/gce/trusty/node.yaml index 2cc301b3cc2..149ec561b1c 100644 --- a/cluster/gce/trusty/node.yaml +++ b/cluster/gce/trusty/node.yaml @@ -138,9 +138,9 @@ script --cluster-domain=${DNS_DOMAIN} \ --configure-cbr0=true \ --cgroup-root=/ \ - --system-container=/system \ - --runtime-container=/docker-daemon \ - --resource-container=/kubelet \ + --system-cgroups=/system \ + --runtime-cgroups=/docker-daemon \ + --kubelet-cgroups=/kubelet \ --nosystemd=true \ ${ARGS} end script diff --git a/cluster/saltbase/salt/kubelet/default b/cluster/saltbase/salt/kubelet/default index 50b8802b932..e92a31a0f9c 100644 --- a/cluster/saltbase/salt/kubelet/default +++ b/cluster/saltbase/salt/kubelet/default @@ -112,9 +112,9 @@ {% set cgroup_root = "--cgroup-root=docker" -%} {% else %} {% set cgroup_root = "--cgroup-root=/" -%} - {% set system_container = "--system-container=/system" -%} - {% set runtime_container = "--runtime-container=/docker-daemon" -%} - {% set kubelet_container= "--resource-container=/kubelet" -%} + {% set system_container = "--system-cgroups=/system" -%} + {% set runtime_container = "--runtime-cgroups=/docker-daemon" -%} + {% set kubelet_container= "--kubelet-cgroups=/kubelet" -%} {% endif %} {% endif -%} {% if grains['oscodename'] == 'vivid' -%} diff --git a/docs/admin/kubelet.md b/docs/admin/kubelet.md index 5dedc2dadc8..9d46c25a72b 100644 --- a/docs/admin/kubelet.md +++ b/docs/admin/kubelet.md @@ -104,6 +104,7 @@ kubelet --kube-api-qps=5: QPS to use while talking with kubernetes apiserver --kube-reserved=: A set of ResourceName=ResourceQuantity (e.g. cpu=200m,memory=150G) pairs that describe resources reserved for kubernetes system components. Currently only cpu and memory are supported. See http://releases.k8s.io/HEAD/docs/user-guide/compute-resources.html for more detail. [default=none] --kubeconfig="/var/lib/kubelet/kubeconfig": Path to a kubeconfig file, specifying how to authenticate to API server (the master location is set by the api-servers flag). + --kubelet-cgroups="": Optional absolute name of cgroups to create and run the Kubelet in. --lock-file="/var/run/lock/kubelet.lock": The path to file for kubelet to use as a lock file. --log-flush-frequency=5s: Maximum number of seconds between log flushes --low-diskspace-threshold-mb=256: The absolute free disk space, in MB, to maintain. When disk space falls below this threshold, new pods would be rejected. Default: 256 @@ -134,16 +135,15 @@ kubelet --registry-burst=10: Maximum size of a bursty pulls, temporarily allows pulls to burst to this number, while still not exceeding registry-qps. Only used if --registry-qps > 0 --registry-qps=5: If > 0, limit registry pull QPS to this value. If 0, unlimited. [default=5.0] --resolv-conf="/etc/resolv.conf": Resolver configuration file used as the basis for the container DNS resolution configuration. - --resource-container="": Optional absolute name of the resource-only container to create and run the Kubelet in. --rkt-path="": Path of rkt binary. Leave empty to use the first rkt in $PATH. Only used if --container-runtime='rkt' --rkt-stage1-image="": image to use as stage1. Local paths and http/https URLs are supported. If empty, the 'stage1.aci' in the same directory as '--rkt-path' will be used --root-dir="/var/lib/kubelet": Directory path for managing kubelet files (volume mounts,etc). --runonce[=false]: If true, exit after spawning pods from local manifests or remote urls. Exclusive with --api-servers, and --enable-server - --runtime-container="": Optional absolute name of the cgroups to create and run the runtime in. + --runtime-cgroups="": Optional absolute name of cgroups to create and run the runtime in. --serialize-image-pulls[=true]: Pull images one at a time. We recommend *not* changing the default value on nodes that run docker daemon with version < 1.9 or an Aufs storage backend. Issue #10959 has more details. [default=true] --streaming-connection-idle-timeout=4h0m0s: Maximum time a streaming connection can be idle before the connection is automatically closed. 0 indicates no timeout. Example: '5m' --sync-frequency=1m0s: Max period between synchronizing running containers and config - --system-container="": Optional resource-only container in which to place all non-kernel processes that are not already in a container. Empty for no container. Rolling back the flag requires a reboot. (Default: ""). + --system-cgroups="": Optional absolute name of cgroups in which to place all non-kernel processes that are not already inside a cgroup under `/`. Empty for no container. Rolling back the flag requires a reboot. (Default: ""). --system-reserved=: A set of ResourceName=ResourceQuantity (e.g. cpu=200m,memory=150G) pairs that describe resources reserved for non-kubernetes components. Currently only cpu and memory are supported. See http://releases.k8s.io/HEAD/docs/user-guide/compute-resources.html for more detail. [default=none] --tls-cert-file="": File containing x509 Certificate for HTTPS. (CA cert, if any, concatenated after server cert). If --tls-cert-file and --tls-private-key-file are not provided, a self-signed certificate and key are generated for the public address and saved to the directory passed to --cert-dir. --tls-private-key-file="": File containing x509 private key matching --tls-cert-file.