Merge pull request #13192 from jiangyaoguo/rate-limit-events-in-kubelet

Auto commit by PR queue bot
This commit is contained in:
k8s-merge-robot 2015-09-09 14:58:28 -07:00
commit c993cf6509
4 changed files with 294 additions and 270 deletions

View File

@ -84,6 +84,8 @@ type KubeletServer struct {
HostNetworkSources string HostNetworkSources string
RegistryPullQPS float64 RegistryPullQPS float64
RegistryBurst int RegistryBurst int
EventRecordQPS float32
EventBurst int
RunOnce bool RunOnce bool
EnableDebuggingHandlers bool EnableDebuggingHandlers bool
MinimumGCAge time.Duration MinimumGCAge time.Duration
@ -220,6 +222,8 @@ func (s *KubeletServer) AddFlags(fs *pflag.FlagSet) {
fs.StringVar(&s.HostNetworkSources, "host-network-sources", s.HostNetworkSources, "Comma-separated list of sources from which the Kubelet allows pods to use of host network. For all sources use \"*\" [default=\"file\"]") fs.StringVar(&s.HostNetworkSources, "host-network-sources", s.HostNetworkSources, "Comma-separated list of sources from which the Kubelet allows pods to use of host network. For all sources use \"*\" [default=\"file\"]")
fs.Float64Var(&s.RegistryPullQPS, "registry-qps", s.RegistryPullQPS, "If > 0, limit registry pull QPS to this value. If 0, unlimited. [default=0.0]") fs.Float64Var(&s.RegistryPullQPS, "registry-qps", s.RegistryPullQPS, "If > 0, limit registry pull QPS to this value. If 0, unlimited. [default=0.0]")
fs.IntVar(&s.RegistryBurst, "registry-burst", s.RegistryBurst, "Maximum size of a bursty pulls, temporarily allows pulls to burst to this number, while still not exceeding registry-qps. Only used if --registry-qps > 0") fs.IntVar(&s.RegistryBurst, "registry-burst", s.RegistryBurst, "Maximum size of a bursty pulls, temporarily allows pulls to burst to this number, while still not exceeding registry-qps. Only used if --registry-qps > 0")
fs.Float32Var(&s.EventRecordQPS, "event-qps", s.EventRecordQPS, "If > 0, limit event creations per second to this value. If 0, unlimited. [default=0.0]")
fs.IntVar(&s.EventBurst, "event-burst", s.EventBurst, "Maximum size of a bursty event records, temporarily allows event records to burst to this number, while still not exceeding event-qps. Only used if --event-qps > 0")
fs.BoolVar(&s.RunOnce, "runonce", s.RunOnce, "If true, exit after spawning pods from local manifests or remote urls. Exclusive with --api-servers, and --enable-server") fs.BoolVar(&s.RunOnce, "runonce", s.RunOnce, "If true, exit after spawning pods from local manifests or remote urls. Exclusive with --api-servers, and --enable-server")
fs.BoolVar(&s.EnableDebuggingHandlers, "enable-debugging-handlers", s.EnableDebuggingHandlers, "Enables server endpoints for log collection and local running of containers and commands") fs.BoolVar(&s.EnableDebuggingHandlers, "enable-debugging-handlers", s.EnableDebuggingHandlers, "Enables server endpoints for log collection and local running of containers and commands")
fs.DurationVar(&s.MinimumGCAge, "minimum-container-ttl-duration", s.MinimumGCAge, "Minimum age for a finished container before it is garbage collected. Examples: '300ms', '10s' or '2h45m'") fs.DurationVar(&s.MinimumGCAge, "minimum-container-ttl-duration", s.MinimumGCAge, "Minimum age for a finished container before it is garbage collected. Examples: '300ms', '10s' or '2h45m'")
@ -327,6 +331,8 @@ func (s *KubeletServer) KubeletConfig() (*KubeletConfig, error) {
SyncFrequency: s.SyncFrequency, SyncFrequency: s.SyncFrequency,
RegistryPullQPS: s.RegistryPullQPS, RegistryPullQPS: s.RegistryPullQPS,
RegistryBurst: s.RegistryBurst, RegistryBurst: s.RegistryBurst,
EventRecordQPS: s.EventRecordQPS,
EventBurst: s.EventBurst,
MinimumGCAge: s.MinimumGCAge, MinimumGCAge: s.MinimumGCAge,
MaxPerPodContainerCount: s.MaxPerPodContainerCount, MaxPerPodContainerCount: s.MaxPerPodContainerCount,
MaxContainerCount: s.MaxContainerCount, MaxContainerCount: s.MaxContainerCount,
@ -646,7 +652,13 @@ func RunKubelet(kcfg *KubeletConfig, builder KubeletBuilder) error {
eventBroadcaster.StartLogging(glog.V(3).Infof) eventBroadcaster.StartLogging(glog.V(3).Infof)
if kcfg.KubeClient != nil { if kcfg.KubeClient != nil {
glog.V(4).Infof("Sending events to api server.") glog.V(4).Infof("Sending events to api server.")
eventBroadcaster.StartRecordingToSink(kcfg.KubeClient.Events("")) if kcfg.EventRecordQPS == 0.0 {
eventBroadcaster.StartRecordingToSink(kcfg.KubeClient.Events(""))
} else {
eventClient := *kcfg.KubeClient
eventClient.Throttle = util.NewTokenBucketRateLimiter(kcfg.EventRecordQPS, kcfg.EventBurst)
eventBroadcaster.StartRecordingToSink(eventClient.Events(""))
}
} else { } else {
glog.Warning("No api server defined - no events will be sent to API server.") glog.Warning("No api server defined - no events will be sent to API server.")
} }
@ -742,6 +754,8 @@ type KubeletConfig struct {
SyncFrequency time.Duration SyncFrequency time.Duration
RegistryPullQPS float64 RegistryPullQPS float64
RegistryBurst int RegistryBurst int
EventRecordQPS float32
EventBurst int
MinimumGCAge time.Duration MinimumGCAge time.Duration
MaxPerPodContainerCount int MaxPerPodContainerCount int
MaxContainerCount int MaxContainerCount int
@ -809,6 +823,8 @@ func createAndInitKubelet(kc *KubeletConfig) (k KubeletBootstrap, pc *config.Pod
kc.SyncFrequency, kc.SyncFrequency,
float32(kc.RegistryPullQPS), float32(kc.RegistryPullQPS),
kc.RegistryBurst, kc.RegistryBurst,
kc.EventRecordQPS,
kc.EventBurst,
gcPolicy, gcPolicy,
pc.SeenAllSources, pc.SeenAllSources,
kc.RegisterNode, kc.RegisterNode,

View File

@ -301,6 +301,8 @@ func (ks *KubeletExecutorServer) createAndInitKubelet(
kc.SyncFrequency, kc.SyncFrequency,
float32(kc.RegistryPullQPS), float32(kc.RegistryPullQPS),
kc.RegistryBurst, kc.RegistryBurst,
kc.EventRecordQPS,
kc.EventBurst,
gcPolicy, gcPolicy,
pc.SeenAllSources, pc.SeenAllSources,
kc.RegisterNode, kc.RegisterNode,

View File

@ -1,269 +1,273 @@
accept-hosts accept-hosts
accept-paths accept-paths
account-for-pod-resources account-for-pod-resources
admission-control admission-control
admission-control-config-file admission-control-config-file
advertise-address advertise-address
advertised-address advertised-address
algorithm-provider algorithm-provider
all-namespaces all-namespaces
allocate-node-cidrs allocate-node-cidrs
allow-privileged allow-privileged
api-prefix api-burst
api-servers api-prefix
api-token api-rate
api-version api-servers
authorization-mode api-token
authorization-policy-file api-version
auth-path authorization-mode
basic-auth-file authorization-policy-file
bench-pods auth-path
bench-quiet basic-auth-file
bench-tasks bench-pods
bench-workers bench-quiet
bind-address bench-tasks
bind-pods-burst bench-workers
bind-pods-qps bind-address
cadvisor-port bind-pods-burst
cert-dir bind-pods-qps
certificate-authority cadvisor-port
cgroup-root cert-dir
chaos-chance certificate-authority
cleanup-iptables cgroup-root
client-ca-file chaos-chance
client-certificate cleanup-iptables
client-key client-ca-file
cloud-config client-certificate
cloud-provider client-key
cluster-cidr cloud-config
cluster-dns cloud-provider
cluster-domain cluster-cidr
cluster-name cluster-dns
cluster-tag cluster-domain
concurrent-endpoint-syncs cluster-name
configure-cbr0 cluster-tag
contain-pod-resources concurrent-endpoint-syncs
container-port configure-cbr0
container-runtime contain-pod-resources
cors-allowed-origins container-port
create-external-load-balancer container-runtime
current-release-pr cors-allowed-origins
current-replicas create-external-load-balancer
default-container-cpu-limit current-release-pr
default-container-mem-limit current-replicas
delay-shutdown default-container-cpu-limit
deleting-pods-burst default-container-mem-limit
deleting-pods-qps delay-shutdown
deployment-label-key deleting-pods-burst
dest-file deleting-pods-qps
disable-filter deployment-label-key
docker-endpoint dest-file
docker-exec-handler disable-filter
dockercfg-path docker-endpoint
driver-port docker-exec-handler
dry-run dockercfg-path
duration-sec driver-port
e2e-output-dir dry-run
enable-debugging-handlers duration-sec
enable-horizontal-pod-autoscaler e2e-output-dir
enable-server enable-debugging-handlers
etcd-config enable-horizontal-pod-autoscaler
etcd-prefix enable-server
etcd-server etcd-config
etcd-servers etcd-prefix
event-ttl etcd-server
executor-bindall etcd-servers
executor-logv event-burst
executor-path event-qps
executor-suicide-timeout event-ttl
experimental-keystone-url executor-bindall
experimental-prefix executor-logv
external-hostname executor-path
external-ip executor-suicide-timeout
failover-timeout experimental-keystone-url
file-check-frequency experimental-prefix
file-suffix external-hostname
forward-services external-ip
framework-name failover-timeout
framework-weburi file-check-frequency
func-dest file-suffix
fuzz-iters forward-services
gce-project framework-name
gce-zone framework-weburi
gke-cluster func-dest
google-json-key fuzz-iters
grace-period gce-project
ha-domain gce-zone
healthz-bind-address gke-cluster
healthz-port google-json-key
horizontal-pod-autoscaler-sync-period grace-period
hostname-override ha-domain
host-network-sources healthz-bind-address
http-check-frequency healthz-port
http-port horizontal-pod-autoscaler-sync-period
ignore-not-found hostname-override
image-gc-high-threshold host-network-sources
image-gc-low-threshold http-check-frequency
insecure-bind-address http-port
insecure-port ignore-not-found
insecure-skip-tls-verify image-gc-high-threshold
iptables-sync-period image-gc-low-threshold
ir-data-source insecure-bind-address
ir-dbname insecure-port
ir-influxdb-host insecure-skip-tls-verify
ir-password iptables-sync-period
ir-user ir-data-source
jenkins-host ir-dbname
jenkins-jobs ir-influxdb-host
km-path ir-password
kubectl-path ir-user
kubelet-cadvisor-port jenkins-host
kubelet-certificate-authority jenkins-jobs
kubelet-client-certificate km-path
kubelet-client-key kubectl-path
kubelet-docker-endpoint kubelet-cadvisor-port
kubelet-host-network-sources kubelet-certificate-authority
kubelet-https kubelet-client-certificate
kubelet-network-plugin kubelet-client-key
kubelet-pod-infra-container-image kubelet-docker-endpoint
kubelet-port kubelet-host-network-sources
kubelet-root-dir kubelet-https
kubelet-sync-frequency kubelet-network-plugin
kubelet-timeout kubelet-pod-infra-container-image
kube-master kubelet-port
label-columns kubelet-root-dir
last-release-pr kubelet-sync-frequency
legacy-userspace-proxy kubelet-timeout
log-flush-frequency kube-master
long-running-request-regexp label-columns
low-diskspace-threshold-mb last-release-pr
manifest-url legacy-userspace-proxy
manifest-url-header log-flush-frequency
masquerade-all long-running-request-regexp
master-service-namespace low-diskspace-threshold-mb
max-concurrency manifest-url
max-connection-bytes-per-sec manifest-url-header
maximum-dead-containers masquerade-all
maximum-dead-containers-per-container master-service-namespace
max-log-age max-concurrency
max-log-backups max-connection-bytes-per-sec
max-log-size maximum-dead-containers
max-outgoing-burst maximum-dead-containers-per-container
max-outgoing-qps max-log-age
max-pods max-log-backups
max-requests-inflight max-log-size
mesos-authentication-principal max-outgoing-burst
mesos-authentication-provider max-outgoing-qps
mesos-authentication-secret-file max-pods
mesos-cgroup-prefix max-requests-inflight
mesos-executor-cpus mesos-authentication-principal
mesos-executor-mem mesos-authentication-provider
mesos-master mesos-authentication-secret-file
mesos-role mesos-cgroup-prefix
mesos-user mesos-executor-cpus
minimum-container-ttl-duration mesos-executor-mem
minion-max-log-age mesos-master
minion-max-log-backups mesos-role
minion-max-log-size mesos-user
minion-path-override minimum-container-ttl-duration
min-pr-number minion-max-log-age
min-request-timeout minion-max-log-backups
namespace-sync-period minion-max-log-size
network-plugin minion-path-override
network-plugin-dir min-pr-number
node-instance-group min-request-timeout
node-monitor-grace-period namespace-sync-period
node-monitor-period network-plugin
node-startup-grace-period network-plugin-dir
node-status-update-frequency node-instance-group
node-sync-period node-monitor-grace-period
no-headers node-monitor-period
num-nodes node-startup-grace-period
oidc-ca-file node-status-update-frequency
oidc-client-id node-sync-period
oidc-issuer-url no-headers
oidc-username-claim num-nodes
oom-score-adj oidc-ca-file
output-version oidc-client-id
out-version oidc-issuer-url
path-override oidc-username-claim
pod-cidr oom-score-adj
pod-eviction-timeout output-version
pod-infra-container-image out-version
policy-config-file path-override
poll-interval pod-cidr
portal-net pod-eviction-timeout
private-mountns pod-infra-container-image
prom-push-gateway policy-config-file
proxy-bindall poll-interval
proxy-logv portal-net
proxy-port-range private-mountns
public-address-override prom-push-gateway
pvclaimbinder-sync-period proxy-bindall
read-only-port proxy-logv
really-crash-for-testing proxy-port-range
reconcile-cooldown public-address-override
reconcile-interval pvclaimbinder-sync-period
register-node read-only-port
register-retry-count really-crash-for-testing
registry-burst reconcile-cooldown
registry-qps reconcile-interval
reject-methods register-node
reject-paths register-retry-count
repo-root registry-burst
report-dir registry-qps
required-contexts reject-methods
resolv-conf reject-paths
resource-container repo-root
resource-quota-sync-period report-dir
resource-version required-contexts
rkt-path resolv-conf
root-ca-file resource-container
root-dir resource-quota-sync-period
run-proxy resource-version
runtime-config rkt-path
scheduler-config root-ca-file
secure-port root-dir
service-account-key-file run-proxy
service-account-lookup runtime-config
service-account-private-key-file scheduler-config
service-address secure-port
service-cluster-ip-range service-account-key-file
service-node-port-range service-account-lookup
service-node-ports service-account-private-key-file
service-sync-period service-address
session-affinity service-cluster-ip-range
show-all service-node-port-range
shutdown-fd service-node-ports
shutdown-fifo service-sync-period
skip-munges session-affinity
sort-by show-all
source-file shutdown-fd
ssh-keyfile shutdown-fifo
ssh-user skip-munges
static-pods-config sort-by
stats-port source-file
storage-version ssh-keyfile
streaming-connection-idle-timeout ssh-user
suicide-timeout static-pods-config
sync-frequency stats-port
system-container storage-version
target-port streaming-connection-idle-timeout
tcp-services suicide-timeout
tls-cert-file sync-frequency
tls-private-key-file system-container
token-auth-file target-port
ttl-secs tcp-services
type-src tls-cert-file
unix-socket tls-private-key-file
update-period token-auth-file
upgrade-target ttl-secs
use-kubernetes-cluster-service type-src
user-whitelist unix-socket
watch-cache update-period
watch-only upgrade-target
whitelist-override-label use-kubernetes-cluster-service
www-prefix user-whitelist
retry_time watch-cache
file_content_in_loop watch-only
cpu-cfs-quota whitelist-override-label
www-prefix
retry_time
file_content_in_loop
cpu-cfs-quota

View File

@ -139,6 +139,8 @@ func NewMainKubelet(
resyncInterval time.Duration, resyncInterval time.Duration,
pullQPS float32, pullQPS float32,
pullBurst int, pullBurst int,
eventQPS float32,
eventBurst int,
containerGCPolicy ContainerGCPolicy, containerGCPolicy ContainerGCPolicy,
sourcesReady SourcesReadyFn, sourcesReady SourcesReadyFn,
registerNode bool, registerNode bool,