richard
/
kubespray
mirror of https://github.com/kubernetes-sigs/kubespray.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
7375 Commits
30 Branches
81 Tags
149 MiB
Tree: adb8ff14b9
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'adb8ff14b9'
${ noResults }
kubespray/docs/cgroups.md

72 lines
2.4 KiB
Raw Normal View History

optimize cgroups settings for node reserved (#9209) * optimize cgroups settings for node reserved * fix * set cgroup slice for multi container engine * set cgroup slice for crio * add reserved cgroups variables to sample files * Compatible with cgroup path for different container managers * add cgroups doc * fix markdown
1 year ago
  1. # cgroups
  3. To avoid the rivals for resources between containers or the impact on the host in Kubernetes, the kubelet components will rely on cgroups to limit the container’s resources usage.
  5. ## Enforcing Node Allocatable
  7. You can use `kubelet_enforce_node_allocatable` to set node allocatable enforcement.
  9. ```yaml
  10. # A comma separated list of levels of node allocatable enforcement to be enforced by kubelet.
  11. kubelet_enforce_node_allocatable: "pods"
  12. # kubelet_enforce_node_allocatable: "pods,kube-reserved"
  13. # kubelet_enforce_node_allocatable: "pods,kube-reserved,system-reserved"
  14. ```
  16. Note that to enforce kube-reserved or system-reserved, `kube_reserved_cgroups` or `system_reserved_cgroups` needs to be specified respectively.
  18. Here is an example:
  20. ```yaml
  21. kubelet_enforce_node_allocatable: "pods,kube-reserved,system-reserved"
  23. # Reserve this space for kube resources
  24. # Set to true to reserve resources for kube daemons
  25. kube_reserved: true
  26. kube_reserved_cgroups_for_service_slice: kube.slice
  27. kube_reserved_cgroups: "/{{ kube_reserved_cgroups_for_service_slice }}"
  28. kube_memory_reserved: 256Mi
  29. kube_cpu_reserved: 100m
  30. # kube_ephemeral_storage_reserved: 2Gi
  31. # kube_pid_reserved: "1000"
  32. # Reservation for master hosts
  33. kube_master_memory_reserved: 512Mi
  34. kube_master_cpu_reserved: 200m
  35. # kube_master_ephemeral_storage_reserved: 2Gi
  36. # kube_master_pid_reserved: "1000"
  38. # Set to true to reserve resources for system daemons
  39. system_reserved: true
  40. system_reserved_cgroups_for_service_slice: system.slice
  41. system_reserved_cgroups: "/{{ system_reserved_cgroups_for_service_slice }}"
  42. system_memory_reserved: 512Mi
  43. system_cpu_reserved: 500m
  44. # system_ephemeral_storage_reserved: 2Gi
  45. # system_pid_reserved: "1000"
  46. # Reservation for master hosts
  47. system_master_memory_reserved: 256Mi
  48. system_master_cpu_reserved: 250m
  49. # system_master_ephemeral_storage_reserved: 2Gi
  50. # system_master_pid_reserved: "1000"
  51. ```
  53. After the setup, the cgroups hierarchy is as follows:
  55. ```bash
  56. / (Cgroups Root)
  57. ├── kubepods.slice
  58. │ ├── ...
  59. │ ├── kubepods-besteffort.slice
  60. │ ├── kubepods-burstable.slice
  61. │ └── ...
  62. ├── kube.slice
  63. │ ├── ...
  64. │ ├── {{container_manager}}.service
  65. │ ├── kubelet.service
  66. │ └── ...
  67. ├── system.slice
  68. │ └── ...
  69. └── ...
  70. ```
  72. You can learn more in the [official kubernetes documentation](https://kubernetes.io/docs/tasks/administer-cluster/reserve-compute-resources/).