mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-07-25 04:33:26 +00:00
Merge pull request #13192 from jiangyaoguo/rate-limit-events-in-kubelet
Auto commit by PR queue bot
This commit is contained in:
commit
c993cf6509
@ -84,6 +84,8 @@ type KubeletServer struct {
|
|||||||
HostNetworkSources string
|
HostNetworkSources string
|
||||||
RegistryPullQPS float64
|
RegistryPullQPS float64
|
||||||
RegistryBurst int
|
RegistryBurst int
|
||||||
|
EventRecordQPS float32
|
||||||
|
EventBurst int
|
||||||
RunOnce bool
|
RunOnce bool
|
||||||
EnableDebuggingHandlers bool
|
EnableDebuggingHandlers bool
|
||||||
MinimumGCAge time.Duration
|
MinimumGCAge time.Duration
|
||||||
@ -220,6 +222,8 @@ func (s *KubeletServer) AddFlags(fs *pflag.FlagSet) {
|
|||||||
fs.StringVar(&s.HostNetworkSources, "host-network-sources", s.HostNetworkSources, "Comma-separated list of sources from which the Kubelet allows pods to use of host network. For all sources use \"*\" [default=\"file\"]")
|
fs.StringVar(&s.HostNetworkSources, "host-network-sources", s.HostNetworkSources, "Comma-separated list of sources from which the Kubelet allows pods to use of host network. For all sources use \"*\" [default=\"file\"]")
|
||||||
fs.Float64Var(&s.RegistryPullQPS, "registry-qps", s.RegistryPullQPS, "If > 0, limit registry pull QPS to this value. If 0, unlimited. [default=0.0]")
|
fs.Float64Var(&s.RegistryPullQPS, "registry-qps", s.RegistryPullQPS, "If > 0, limit registry pull QPS to this value. If 0, unlimited. [default=0.0]")
|
||||||
fs.IntVar(&s.RegistryBurst, "registry-burst", s.RegistryBurst, "Maximum size of a bursty pulls, temporarily allows pulls to burst to this number, while still not exceeding registry-qps. Only used if --registry-qps > 0")
|
fs.IntVar(&s.RegistryBurst, "registry-burst", s.RegistryBurst, "Maximum size of a bursty pulls, temporarily allows pulls to burst to this number, while still not exceeding registry-qps. Only used if --registry-qps > 0")
|
||||||
|
fs.Float32Var(&s.EventRecordQPS, "event-qps", s.EventRecordQPS, "If > 0, limit event creations per second to this value. If 0, unlimited. [default=0.0]")
|
||||||
|
fs.IntVar(&s.EventBurst, "event-burst", s.EventBurst, "Maximum size of a bursty event records, temporarily allows event records to burst to this number, while still not exceeding event-qps. Only used if --event-qps > 0")
|
||||||
fs.BoolVar(&s.RunOnce, "runonce", s.RunOnce, "If true, exit after spawning pods from local manifests or remote urls. Exclusive with --api-servers, and --enable-server")
|
fs.BoolVar(&s.RunOnce, "runonce", s.RunOnce, "If true, exit after spawning pods from local manifests or remote urls. Exclusive with --api-servers, and --enable-server")
|
||||||
fs.BoolVar(&s.EnableDebuggingHandlers, "enable-debugging-handlers", s.EnableDebuggingHandlers, "Enables server endpoints for log collection and local running of containers and commands")
|
fs.BoolVar(&s.EnableDebuggingHandlers, "enable-debugging-handlers", s.EnableDebuggingHandlers, "Enables server endpoints for log collection and local running of containers and commands")
|
||||||
fs.DurationVar(&s.MinimumGCAge, "minimum-container-ttl-duration", s.MinimumGCAge, "Minimum age for a finished container before it is garbage collected. Examples: '300ms', '10s' or '2h45m'")
|
fs.DurationVar(&s.MinimumGCAge, "minimum-container-ttl-duration", s.MinimumGCAge, "Minimum age for a finished container before it is garbage collected. Examples: '300ms', '10s' or '2h45m'")
|
||||||
@ -327,6 +331,8 @@ func (s *KubeletServer) KubeletConfig() (*KubeletConfig, error) {
|
|||||||
SyncFrequency: s.SyncFrequency,
|
SyncFrequency: s.SyncFrequency,
|
||||||
RegistryPullQPS: s.RegistryPullQPS,
|
RegistryPullQPS: s.RegistryPullQPS,
|
||||||
RegistryBurst: s.RegistryBurst,
|
RegistryBurst: s.RegistryBurst,
|
||||||
|
EventRecordQPS: s.EventRecordQPS,
|
||||||
|
EventBurst: s.EventBurst,
|
||||||
MinimumGCAge: s.MinimumGCAge,
|
MinimumGCAge: s.MinimumGCAge,
|
||||||
MaxPerPodContainerCount: s.MaxPerPodContainerCount,
|
MaxPerPodContainerCount: s.MaxPerPodContainerCount,
|
||||||
MaxContainerCount: s.MaxContainerCount,
|
MaxContainerCount: s.MaxContainerCount,
|
||||||
@ -646,7 +652,13 @@ func RunKubelet(kcfg *KubeletConfig, builder KubeletBuilder) error {
|
|||||||
eventBroadcaster.StartLogging(glog.V(3).Infof)
|
eventBroadcaster.StartLogging(glog.V(3).Infof)
|
||||||
if kcfg.KubeClient != nil {
|
if kcfg.KubeClient != nil {
|
||||||
glog.V(4).Infof("Sending events to api server.")
|
glog.V(4).Infof("Sending events to api server.")
|
||||||
eventBroadcaster.StartRecordingToSink(kcfg.KubeClient.Events(""))
|
if kcfg.EventRecordQPS == 0.0 {
|
||||||
|
eventBroadcaster.StartRecordingToSink(kcfg.KubeClient.Events(""))
|
||||||
|
} else {
|
||||||
|
eventClient := *kcfg.KubeClient
|
||||||
|
eventClient.Throttle = util.NewTokenBucketRateLimiter(kcfg.EventRecordQPS, kcfg.EventBurst)
|
||||||
|
eventBroadcaster.StartRecordingToSink(eventClient.Events(""))
|
||||||
|
}
|
||||||
} else {
|
} else {
|
||||||
glog.Warning("No api server defined - no events will be sent to API server.")
|
glog.Warning("No api server defined - no events will be sent to API server.")
|
||||||
}
|
}
|
||||||
@ -742,6 +754,8 @@ type KubeletConfig struct {
|
|||||||
SyncFrequency time.Duration
|
SyncFrequency time.Duration
|
||||||
RegistryPullQPS float64
|
RegistryPullQPS float64
|
||||||
RegistryBurst int
|
RegistryBurst int
|
||||||
|
EventRecordQPS float32
|
||||||
|
EventBurst int
|
||||||
MinimumGCAge time.Duration
|
MinimumGCAge time.Duration
|
||||||
MaxPerPodContainerCount int
|
MaxPerPodContainerCount int
|
||||||
MaxContainerCount int
|
MaxContainerCount int
|
||||||
@ -809,6 +823,8 @@ func createAndInitKubelet(kc *KubeletConfig) (k KubeletBootstrap, pc *config.Pod
|
|||||||
kc.SyncFrequency,
|
kc.SyncFrequency,
|
||||||
float32(kc.RegistryPullQPS),
|
float32(kc.RegistryPullQPS),
|
||||||
kc.RegistryBurst,
|
kc.RegistryBurst,
|
||||||
|
kc.EventRecordQPS,
|
||||||
|
kc.EventBurst,
|
||||||
gcPolicy,
|
gcPolicy,
|
||||||
pc.SeenAllSources,
|
pc.SeenAllSources,
|
||||||
kc.RegisterNode,
|
kc.RegisterNode,
|
||||||
|
@ -301,6 +301,8 @@ func (ks *KubeletExecutorServer) createAndInitKubelet(
|
|||||||
kc.SyncFrequency,
|
kc.SyncFrequency,
|
||||||
float32(kc.RegistryPullQPS),
|
float32(kc.RegistryPullQPS),
|
||||||
kc.RegistryBurst,
|
kc.RegistryBurst,
|
||||||
|
kc.EventRecordQPS,
|
||||||
|
kc.EventBurst,
|
||||||
gcPolicy,
|
gcPolicy,
|
||||||
pc.SeenAllSources,
|
pc.SeenAllSources,
|
||||||
kc.RegisterNode,
|
kc.RegisterNode,
|
||||||
|
@ -1,269 +1,273 @@
|
|||||||
accept-hosts
|
accept-hosts
|
||||||
accept-paths
|
accept-paths
|
||||||
account-for-pod-resources
|
account-for-pod-resources
|
||||||
admission-control
|
admission-control
|
||||||
admission-control-config-file
|
admission-control-config-file
|
||||||
advertise-address
|
advertise-address
|
||||||
advertised-address
|
advertised-address
|
||||||
algorithm-provider
|
algorithm-provider
|
||||||
all-namespaces
|
all-namespaces
|
||||||
allocate-node-cidrs
|
allocate-node-cidrs
|
||||||
allow-privileged
|
allow-privileged
|
||||||
api-prefix
|
api-burst
|
||||||
api-servers
|
api-prefix
|
||||||
api-token
|
api-rate
|
||||||
api-version
|
api-servers
|
||||||
authorization-mode
|
api-token
|
||||||
authorization-policy-file
|
api-version
|
||||||
auth-path
|
authorization-mode
|
||||||
basic-auth-file
|
authorization-policy-file
|
||||||
bench-pods
|
auth-path
|
||||||
bench-quiet
|
basic-auth-file
|
||||||
bench-tasks
|
bench-pods
|
||||||
bench-workers
|
bench-quiet
|
||||||
bind-address
|
bench-tasks
|
||||||
bind-pods-burst
|
bench-workers
|
||||||
bind-pods-qps
|
bind-address
|
||||||
cadvisor-port
|
bind-pods-burst
|
||||||
cert-dir
|
bind-pods-qps
|
||||||
certificate-authority
|
cadvisor-port
|
||||||
cgroup-root
|
cert-dir
|
||||||
chaos-chance
|
certificate-authority
|
||||||
cleanup-iptables
|
cgroup-root
|
||||||
client-ca-file
|
chaos-chance
|
||||||
client-certificate
|
cleanup-iptables
|
||||||
client-key
|
client-ca-file
|
||||||
cloud-config
|
client-certificate
|
||||||
cloud-provider
|
client-key
|
||||||
cluster-cidr
|
cloud-config
|
||||||
cluster-dns
|
cloud-provider
|
||||||
cluster-domain
|
cluster-cidr
|
||||||
cluster-name
|
cluster-dns
|
||||||
cluster-tag
|
cluster-domain
|
||||||
concurrent-endpoint-syncs
|
cluster-name
|
||||||
configure-cbr0
|
cluster-tag
|
||||||
contain-pod-resources
|
concurrent-endpoint-syncs
|
||||||
container-port
|
configure-cbr0
|
||||||
container-runtime
|
contain-pod-resources
|
||||||
cors-allowed-origins
|
container-port
|
||||||
create-external-load-balancer
|
container-runtime
|
||||||
current-release-pr
|
cors-allowed-origins
|
||||||
current-replicas
|
create-external-load-balancer
|
||||||
default-container-cpu-limit
|
current-release-pr
|
||||||
default-container-mem-limit
|
current-replicas
|
||||||
delay-shutdown
|
default-container-cpu-limit
|
||||||
deleting-pods-burst
|
default-container-mem-limit
|
||||||
deleting-pods-qps
|
delay-shutdown
|
||||||
deployment-label-key
|
deleting-pods-burst
|
||||||
dest-file
|
deleting-pods-qps
|
||||||
disable-filter
|
deployment-label-key
|
||||||
docker-endpoint
|
dest-file
|
||||||
docker-exec-handler
|
disable-filter
|
||||||
dockercfg-path
|
docker-endpoint
|
||||||
driver-port
|
docker-exec-handler
|
||||||
dry-run
|
dockercfg-path
|
||||||
duration-sec
|
driver-port
|
||||||
e2e-output-dir
|
dry-run
|
||||||
enable-debugging-handlers
|
duration-sec
|
||||||
enable-horizontal-pod-autoscaler
|
e2e-output-dir
|
||||||
enable-server
|
enable-debugging-handlers
|
||||||
etcd-config
|
enable-horizontal-pod-autoscaler
|
||||||
etcd-prefix
|
enable-server
|
||||||
etcd-server
|
etcd-config
|
||||||
etcd-servers
|
etcd-prefix
|
||||||
event-ttl
|
etcd-server
|
||||||
executor-bindall
|
etcd-servers
|
||||||
executor-logv
|
event-burst
|
||||||
executor-path
|
event-qps
|
||||||
executor-suicide-timeout
|
event-ttl
|
||||||
experimental-keystone-url
|
executor-bindall
|
||||||
experimental-prefix
|
executor-logv
|
||||||
external-hostname
|
executor-path
|
||||||
external-ip
|
executor-suicide-timeout
|
||||||
failover-timeout
|
experimental-keystone-url
|
||||||
file-check-frequency
|
experimental-prefix
|
||||||
file-suffix
|
external-hostname
|
||||||
forward-services
|
external-ip
|
||||||
framework-name
|
failover-timeout
|
||||||
framework-weburi
|
file-check-frequency
|
||||||
func-dest
|
file-suffix
|
||||||
fuzz-iters
|
forward-services
|
||||||
gce-project
|
framework-name
|
||||||
gce-zone
|
framework-weburi
|
||||||
gke-cluster
|
func-dest
|
||||||
google-json-key
|
fuzz-iters
|
||||||
grace-period
|
gce-project
|
||||||
ha-domain
|
gce-zone
|
||||||
healthz-bind-address
|
gke-cluster
|
||||||
healthz-port
|
google-json-key
|
||||||
horizontal-pod-autoscaler-sync-period
|
grace-period
|
||||||
hostname-override
|
ha-domain
|
||||||
host-network-sources
|
healthz-bind-address
|
||||||
http-check-frequency
|
healthz-port
|
||||||
http-port
|
horizontal-pod-autoscaler-sync-period
|
||||||
ignore-not-found
|
hostname-override
|
||||||
image-gc-high-threshold
|
host-network-sources
|
||||||
image-gc-low-threshold
|
http-check-frequency
|
||||||
insecure-bind-address
|
http-port
|
||||||
insecure-port
|
ignore-not-found
|
||||||
insecure-skip-tls-verify
|
image-gc-high-threshold
|
||||||
iptables-sync-period
|
image-gc-low-threshold
|
||||||
ir-data-source
|
insecure-bind-address
|
||||||
ir-dbname
|
insecure-port
|
||||||
ir-influxdb-host
|
insecure-skip-tls-verify
|
||||||
ir-password
|
iptables-sync-period
|
||||||
ir-user
|
ir-data-source
|
||||||
jenkins-host
|
ir-dbname
|
||||||
jenkins-jobs
|
ir-influxdb-host
|
||||||
km-path
|
ir-password
|
||||||
kubectl-path
|
ir-user
|
||||||
kubelet-cadvisor-port
|
jenkins-host
|
||||||
kubelet-certificate-authority
|
jenkins-jobs
|
||||||
kubelet-client-certificate
|
km-path
|
||||||
kubelet-client-key
|
kubectl-path
|
||||||
kubelet-docker-endpoint
|
kubelet-cadvisor-port
|
||||||
kubelet-host-network-sources
|
kubelet-certificate-authority
|
||||||
kubelet-https
|
kubelet-client-certificate
|
||||||
kubelet-network-plugin
|
kubelet-client-key
|
||||||
kubelet-pod-infra-container-image
|
kubelet-docker-endpoint
|
||||||
kubelet-port
|
kubelet-host-network-sources
|
||||||
kubelet-root-dir
|
kubelet-https
|
||||||
kubelet-sync-frequency
|
kubelet-network-plugin
|
||||||
kubelet-timeout
|
kubelet-pod-infra-container-image
|
||||||
kube-master
|
kubelet-port
|
||||||
label-columns
|
kubelet-root-dir
|
||||||
last-release-pr
|
kubelet-sync-frequency
|
||||||
legacy-userspace-proxy
|
kubelet-timeout
|
||||||
log-flush-frequency
|
kube-master
|
||||||
long-running-request-regexp
|
label-columns
|
||||||
low-diskspace-threshold-mb
|
last-release-pr
|
||||||
manifest-url
|
legacy-userspace-proxy
|
||||||
manifest-url-header
|
log-flush-frequency
|
||||||
masquerade-all
|
long-running-request-regexp
|
||||||
master-service-namespace
|
low-diskspace-threshold-mb
|
||||||
max-concurrency
|
manifest-url
|
||||||
max-connection-bytes-per-sec
|
manifest-url-header
|
||||||
maximum-dead-containers
|
masquerade-all
|
||||||
maximum-dead-containers-per-container
|
master-service-namespace
|
||||||
max-log-age
|
max-concurrency
|
||||||
max-log-backups
|
max-connection-bytes-per-sec
|
||||||
max-log-size
|
maximum-dead-containers
|
||||||
max-outgoing-burst
|
maximum-dead-containers-per-container
|
||||||
max-outgoing-qps
|
max-log-age
|
||||||
max-pods
|
max-log-backups
|
||||||
max-requests-inflight
|
max-log-size
|
||||||
mesos-authentication-principal
|
max-outgoing-burst
|
||||||
mesos-authentication-provider
|
max-outgoing-qps
|
||||||
mesos-authentication-secret-file
|
max-pods
|
||||||
mesos-cgroup-prefix
|
max-requests-inflight
|
||||||
mesos-executor-cpus
|
mesos-authentication-principal
|
||||||
mesos-executor-mem
|
mesos-authentication-provider
|
||||||
mesos-master
|
mesos-authentication-secret-file
|
||||||
mesos-role
|
mesos-cgroup-prefix
|
||||||
mesos-user
|
mesos-executor-cpus
|
||||||
minimum-container-ttl-duration
|
mesos-executor-mem
|
||||||
minion-max-log-age
|
mesos-master
|
||||||
minion-max-log-backups
|
mesos-role
|
||||||
minion-max-log-size
|
mesos-user
|
||||||
minion-path-override
|
minimum-container-ttl-duration
|
||||||
min-pr-number
|
minion-max-log-age
|
||||||
min-request-timeout
|
minion-max-log-backups
|
||||||
namespace-sync-period
|
minion-max-log-size
|
||||||
network-plugin
|
minion-path-override
|
||||||
network-plugin-dir
|
min-pr-number
|
||||||
node-instance-group
|
min-request-timeout
|
||||||
node-monitor-grace-period
|
namespace-sync-period
|
||||||
node-monitor-period
|
network-plugin
|
||||||
node-startup-grace-period
|
network-plugin-dir
|
||||||
node-status-update-frequency
|
node-instance-group
|
||||||
node-sync-period
|
node-monitor-grace-period
|
||||||
no-headers
|
node-monitor-period
|
||||||
num-nodes
|
node-startup-grace-period
|
||||||
oidc-ca-file
|
node-status-update-frequency
|
||||||
oidc-client-id
|
node-sync-period
|
||||||
oidc-issuer-url
|
no-headers
|
||||||
oidc-username-claim
|
num-nodes
|
||||||
oom-score-adj
|
oidc-ca-file
|
||||||
output-version
|
oidc-client-id
|
||||||
out-version
|
oidc-issuer-url
|
||||||
path-override
|
oidc-username-claim
|
||||||
pod-cidr
|
oom-score-adj
|
||||||
pod-eviction-timeout
|
output-version
|
||||||
pod-infra-container-image
|
out-version
|
||||||
policy-config-file
|
path-override
|
||||||
poll-interval
|
pod-cidr
|
||||||
portal-net
|
pod-eviction-timeout
|
||||||
private-mountns
|
pod-infra-container-image
|
||||||
prom-push-gateway
|
policy-config-file
|
||||||
proxy-bindall
|
poll-interval
|
||||||
proxy-logv
|
portal-net
|
||||||
proxy-port-range
|
private-mountns
|
||||||
public-address-override
|
prom-push-gateway
|
||||||
pvclaimbinder-sync-period
|
proxy-bindall
|
||||||
read-only-port
|
proxy-logv
|
||||||
really-crash-for-testing
|
proxy-port-range
|
||||||
reconcile-cooldown
|
public-address-override
|
||||||
reconcile-interval
|
pvclaimbinder-sync-period
|
||||||
register-node
|
read-only-port
|
||||||
register-retry-count
|
really-crash-for-testing
|
||||||
registry-burst
|
reconcile-cooldown
|
||||||
registry-qps
|
reconcile-interval
|
||||||
reject-methods
|
register-node
|
||||||
reject-paths
|
register-retry-count
|
||||||
repo-root
|
registry-burst
|
||||||
report-dir
|
registry-qps
|
||||||
required-contexts
|
reject-methods
|
||||||
resolv-conf
|
reject-paths
|
||||||
resource-container
|
repo-root
|
||||||
resource-quota-sync-period
|
report-dir
|
||||||
resource-version
|
required-contexts
|
||||||
rkt-path
|
resolv-conf
|
||||||
root-ca-file
|
resource-container
|
||||||
root-dir
|
resource-quota-sync-period
|
||||||
run-proxy
|
resource-version
|
||||||
runtime-config
|
rkt-path
|
||||||
scheduler-config
|
root-ca-file
|
||||||
secure-port
|
root-dir
|
||||||
service-account-key-file
|
run-proxy
|
||||||
service-account-lookup
|
runtime-config
|
||||||
service-account-private-key-file
|
scheduler-config
|
||||||
service-address
|
secure-port
|
||||||
service-cluster-ip-range
|
service-account-key-file
|
||||||
service-node-port-range
|
service-account-lookup
|
||||||
service-node-ports
|
service-account-private-key-file
|
||||||
service-sync-period
|
service-address
|
||||||
session-affinity
|
service-cluster-ip-range
|
||||||
show-all
|
service-node-port-range
|
||||||
shutdown-fd
|
service-node-ports
|
||||||
shutdown-fifo
|
service-sync-period
|
||||||
skip-munges
|
session-affinity
|
||||||
sort-by
|
show-all
|
||||||
source-file
|
shutdown-fd
|
||||||
ssh-keyfile
|
shutdown-fifo
|
||||||
ssh-user
|
skip-munges
|
||||||
static-pods-config
|
sort-by
|
||||||
stats-port
|
source-file
|
||||||
storage-version
|
ssh-keyfile
|
||||||
streaming-connection-idle-timeout
|
ssh-user
|
||||||
suicide-timeout
|
static-pods-config
|
||||||
sync-frequency
|
stats-port
|
||||||
system-container
|
storage-version
|
||||||
target-port
|
streaming-connection-idle-timeout
|
||||||
tcp-services
|
suicide-timeout
|
||||||
tls-cert-file
|
sync-frequency
|
||||||
tls-private-key-file
|
system-container
|
||||||
token-auth-file
|
target-port
|
||||||
ttl-secs
|
tcp-services
|
||||||
type-src
|
tls-cert-file
|
||||||
unix-socket
|
tls-private-key-file
|
||||||
update-period
|
token-auth-file
|
||||||
upgrade-target
|
ttl-secs
|
||||||
use-kubernetes-cluster-service
|
type-src
|
||||||
user-whitelist
|
unix-socket
|
||||||
watch-cache
|
update-period
|
||||||
watch-only
|
upgrade-target
|
||||||
whitelist-override-label
|
use-kubernetes-cluster-service
|
||||||
www-prefix
|
user-whitelist
|
||||||
retry_time
|
watch-cache
|
||||||
file_content_in_loop
|
watch-only
|
||||||
cpu-cfs-quota
|
whitelist-override-label
|
||||||
|
www-prefix
|
||||||
|
retry_time
|
||||||
|
file_content_in_loop
|
||||||
|
cpu-cfs-quota
|
||||||
|
@ -139,6 +139,8 @@ func NewMainKubelet(
|
|||||||
resyncInterval time.Duration,
|
resyncInterval time.Duration,
|
||||||
pullQPS float32,
|
pullQPS float32,
|
||||||
pullBurst int,
|
pullBurst int,
|
||||||
|
eventQPS float32,
|
||||||
|
eventBurst int,
|
||||||
containerGCPolicy ContainerGCPolicy,
|
containerGCPolicy ContainerGCPolicy,
|
||||||
sourcesReady SourcesReadyFn,
|
sourcesReady SourcesReadyFn,
|
||||||
registerNode bool,
|
registerNode bool,
|
||||||
|
Loading…
Reference in New Issue
Block a user