From db316a566d1829c2175d1b6f99c7222ba0b52d18 Mon Sep 17 00:00:00 2001 From: Serge Hartmann Date: Wed, 26 Jun 2024 11:30:34 +0200 Subject: [PATCH] dependencies for kubelet.service (#11297) Signed-off-by: serge Hartmann --- docs/ansible/vars.md | 4 ++++ roles/kubernetes/node/defaults/main.yml | 3 +++ roles/kubernetes/node/templates/kubelet.service.j2 | 5 +++++ 3 files changed, 12 insertions(+) diff --git a/docs/ansible/vars.md b/docs/ansible/vars.md index 7af04c9e7..b172f4ada 100644 --- a/docs/ansible/vars.md +++ b/docs/ansible/vars.md @@ -245,6 +245,10 @@ kubelet_cpu_manager_policy_options: By default the `kubelet_secure_addresses` is set with the `10.0.0.110` the ansible control host uses `eth0` to connect to the machine. In case you want to use `eth1` as the outgoing interface on which `kube-apiserver` connects to the `kubelet`s, you should override the variable in this way: `kubelet_secure_addresses: "192.168.1.110"`. +* *kubelet_systemd_wants_dependencies* - List of kubelet service dependencies, other than container runtime. + + If you use nfs dynamically mounted volumes, sometimes rpc-statd does not start within the kubelet. You can fix it with this parameter : `kubelet_systemd_wants_dependencies: ["rpc-statd.service"]` This will add `Wants=rpc-statd.service` in `[Unit]` section of /etc/systemd/system/kubelet.service + * *node_labels* - Labels applied to nodes via `kubectl label node`. For example, labels can be set in the inventory as variables or more widely in group_vars. *node_labels* can only be defined as a dict: diff --git a/roles/kubernetes/node/defaults/main.yml b/roles/kubernetes/node/defaults/main.yml index 35b52a676..7c2078a4b 100644 --- a/roles/kubernetes/node/defaults/main.yml +++ b/roles/kubernetes/node/defaults/main.yml @@ -23,6 +23,9 @@ kubelet_kubelet_cgroups_cgroupfs: "/system.slice/kubelet.service" # Set systemd service hardening features kubelet_systemd_hardening: false +# Kubelet service dependencies other than container runtime +kubelet_systemd_wants_dependencies: [] + # List of secure IPs for kubelet kube_node_addresses: >- {%- for host in (groups['kube_control_plane'] + groups['kube_node'] + groups['etcd']) | unique -%} diff --git a/roles/kubernetes/node/templates/kubelet.service.j2 b/roles/kubernetes/node/templates/kubelet.service.j2 index 9df98e09e..7b072bbe4 100644 --- a/roles/kubernetes/node/templates/kubelet.service.j2 +++ b/roles/kubernetes/node/templates/kubelet.service.j2 @@ -7,6 +7,11 @@ Wants=docker.socket {% else %} Wants={{ container_manager }}.service {% endif %} +{% for kubelet_dependency in kubelet_systemd_wants_dependencies|default([]) %} +{% if kubelet_dependency|length > 0 %} +Wants={{ kubelet_dependency }} +{% endif %} +{% endfor %} [Service] EnvironmentFile=-{{ kube_config_dir }}/kubelet.env