richard
/
kubespray
mirror of https://github.com/kubernetes-sigs/kubespray.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
7839 Commits
34 Branches
82 Tags
155 MiB
Tree: 99c6a884a9
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '99c6a884a9'
${ noResults }
kubespray/roles/kubernetes/node/templates/kubelet.service.j2

57 lines
2.3 KiB
Raw Normal View History

Add host-based kubelet deployment Kubelet gets copied from hyperkube container and run locally.
7 years ago
Remove hard-coded dependance to docker.service in kubelet.service file (#5917)
4 years ago
Add host-based kubelet deployment Kubelet gets copied from hyperkube container and run locally.
7 years ago
Remove hard-coded dependance to docker.service in kubelet.service file (#5917)
4 years ago
dependencies for kubelet.service (#11297) Signed-off-by: serge Hartmann <serge.hartmann@gmail.com>
8 months ago
Add host-based kubelet deployment Kubelet gets copied from hyperkube container and run locally.
7 years ago
ansible-lint: add spaces around variables [E206] (#4699)
5 years ago
optimize cgroups settings for node reserved (#9209) * optimize cgroups settings for node reserved * fix * set cgroup slice for multi container engine * set cgroup slice for crio * add reserved cgroups variables to sample files * Compatible with cgroup path for different container managers * add cgroups doc * fix markdown
2 years ago
Add host-based kubelet deployment Kubelet gets copied from hyperkube container and run locally.
7 years ago
Add support for flex volumes plugins.
7 years ago
Add host-based kubelet deployment Kubelet gets copied from hyperkube container and run locally.
7 years ago
feat: add kubelet systemd service hardening option (#9194) * feat: add kubelet systemd service hardening option * refactor: move variable name to kubelet_secure_addresses Co-authored-by: Cristian Calin <6627509+cristicalin@users.noreply.github.com> * docs: add diagram about kubelet_secure_addresses variable Co-authored-by: Cristian Calin <6627509+cristicalin@users.noreply.github.com>
2 years ago
Add host-based kubelet deployment Kubelet gets copied from hyperkube container and run locally.
7 years ago
  1. [Unit]
  2. Description=Kubernetes Kubelet Server
  3. Documentation=https://github.com/GoogleCloudPlatform/kubernetes
  4. After={{ container_manager }}.service
  5. {% if container_manager == 'docker' %}
  6. Wants=docker.socket
  7. {% else %}
  8. Wants={{ container_manager }}.service
  9. {% endif %}
  10. {% for kubelet_dependency in kubelet_systemd_wants_dependencies|default([]) %}
  11. {% if kubelet_dependency|length > 0 %}
  12. Wants={{ kubelet_dependency }}
  13. {% endif %}
  14. {% endfor %}
  16. [Service]
  17. EnvironmentFile=-{{ kube_config_dir }}/kubelet.env
  18. {% if system_reserved|bool %}
  19. ExecStartPre=/bin/mkdir -p /sys/fs/cgroup/cpu/{{ system_reserved_cgroups_for_service_slice }}
  20. ExecStartPre=/bin/mkdir -p /sys/fs/cgroup/cpuacct/{{ system_reserved_cgroups_for_service_slice }}
  21. ExecStartPre=/bin/mkdir -p /sys/fs/cgroup/cpuset/{{ system_reserved_cgroups_for_service_slice }}
  22. ExecStartPre=/bin/mkdir -p /sys/fs/cgroup/hugetlb/{{ system_reserved_cgroups_for_service_slice }}
  23. ExecStartPre=/bin/mkdir -p /sys/fs/cgroup/memory/{{ system_reserved_cgroups_for_service_slice }}
  24. ExecStartPre=/bin/mkdir -p /sys/fs/cgroup/pids/{{ system_reserved_cgroups_for_service_slice }}
  25. ExecStartPre=/bin/mkdir -p /sys/fs/cgroup/systemd/{{ system_reserved_cgroups_for_service_slice }}
  26. {% endif %}
  27. {% if kube_reserved|bool %}
  28. ExecStartPre=/bin/mkdir -p /sys/fs/cgroup/cpu/{{ kube_reserved_cgroups_for_service_slice }}
  29. ExecStartPre=/bin/mkdir -p /sys/fs/cgroup/cpuacct/{{ kube_reserved_cgroups_for_service_slice }}
  30. ExecStartPre=/bin/mkdir -p /sys/fs/cgroup/cpuset/{{ kube_reserved_cgroups_for_service_slice }}
  31. ExecStartPre=/bin/mkdir -p /sys/fs/cgroup/hugetlb/{{ kube_reserved_cgroups_for_service_slice }}
  32. ExecStartPre=/bin/mkdir -p /sys/fs/cgroup/memory/{{ kube_reserved_cgroups_for_service_slice }}
  33. ExecStartPre=/bin/mkdir -p /sys/fs/cgroup/pids/{{ kube_reserved_cgroups_for_service_slice }}
  34. ExecStartPre=/bin/mkdir -p /sys/fs/cgroup/systemd/{{ kube_reserved_cgroups_for_service_slice }}
  35. {% endif %}
  36. ExecStart={{ bin_dir }}/kubelet \
  37. $KUBE_LOGTOSTDERR \
  38. $KUBE_LOG_LEVEL \
  39. $KUBELET_API_SERVER \
  40. $KUBELET_ADDRESS \
  41. $KUBELET_PORT \
  42. $KUBELET_HOSTNAME \
  43. $KUBELET_ARGS \
  44. $DOCKER_SOCKET \
  45. $KUBELET_NETWORK_PLUGIN \
  46. $KUBELET_VOLUME_PLUGIN \
  47. $KUBELET_CLOUDPROVIDER
  48. Restart=always
  49. RestartSec=10s
  50. {% if kubelet_systemd_hardening %}
  51. # Hardening setup
  52. IPAddressDeny=any
  53. IPAddressAllow={{ kubelet_secure_addresses }}
  54. {% endif %}
  56. [Install]
  57. WantedBy=multi-user.target