Configure Kubelet cgroup-driver for Flatcar Linux Edge

* For Container Linux or Flatcar Linux alpha/beta/stable,
continue using the `cgroupfs` driver
* For Fedora Atomic, continue using the `systemd` driver
* For Flatcar Linux Edge, use the `systemd` driver
This commit is contained in:
Dalton Hubble 2019-06-11 23:24:01 -07:00
parent 5c4486f57b
commit 79d910821d
8 changed files with 15 additions and 3 deletions

View File

@ -63,6 +63,7 @@ systemd:
--volume var-log,kind=host,source=/var/log \ --volume var-log,kind=host,source=/var/log \
--mount volume=var-log,target=/var/log \ --mount volume=var-log,target=/var/log \
--insecure-options=image" --insecure-options=image"
Environment=KUBELET_CGROUP_DRIVER=${cgroup_driver}
ExecStartPre=/bin/mkdir -p /opt/cni/bin ExecStartPre=/bin/mkdir -p /opt/cni/bin
ExecStartPre=/bin/mkdir -p /etc/kubernetes/manifests ExecStartPre=/bin/mkdir -p /etc/kubernetes/manifests
ExecStartPre=/bin/mkdir -p /etc/kubernetes/cni/net.d ExecStartPre=/bin/mkdir -p /etc/kubernetes/cni/net.d
@ -77,6 +78,7 @@ systemd:
--anonymous-auth=false \ --anonymous-auth=false \
--authentication-token-webhook \ --authentication-token-webhook \
--authorization-mode=Webhook \ --authorization-mode=Webhook \
--cgroup-driver=$${KUBELET_CGROUP_DRIVER} \
--client-ca-file=/etc/kubernetes/ca.crt \ --client-ca-file=/etc/kubernetes/ca.crt \
--cluster_dns=${cluster_dns_service_ip} \ --cluster_dns=${cluster_dns_service_ip} \
--cluster_domain=${cluster_domain_suffix} \ --cluster_domain=${cluster_domain_suffix} \

View File

@ -69,6 +69,7 @@ data "template_file" "controller-configs" {
etcd_domain = "${var.cluster_name}-etcd${count.index}.${var.dns_zone}" etcd_domain = "${var.cluster_name}-etcd${count.index}.${var.dns_zone}"
# etcd0=https://cluster-etcd0.example.com,etcd1=https://cluster-etcd1.example.com,... # etcd0=https://cluster-etcd0.example.com,etcd1=https://cluster-etcd1.example.com,...
etcd_initial_cluster = join(",", data.template_file.etcds.*.rendered) etcd_initial_cluster = join(",", data.template_file.etcds.*.rendered)
cgroup_driver = local.flavor == "flatcar" && local.channel == "edge" ? "systemd" : "cgroupfs"
kubeconfig = indent(10, module.bootkube.kubeconfig-kubelet) kubeconfig = indent(10, module.bootkube.kubeconfig-kubelet)
ssh_authorized_key = var.ssh_authorized_key ssh_authorized_key = var.ssh_authorized_key
cluster_dns_service_ip = cidrhost(var.service_cidr, 10) cluster_dns_service_ip = cidrhost(var.service_cidr, 10)

View File

@ -38,6 +38,7 @@ systemd:
--volume var-log,kind=host,source=/var/log \ --volume var-log,kind=host,source=/var/log \
--mount volume=var-log,target=/var/log \ --mount volume=var-log,target=/var/log \
--insecure-options=image" --insecure-options=image"
Environment=KUBELET_CGROUP_DRIVER=${cgroup_driver}
ExecStartPre=/bin/mkdir -p /opt/cni/bin ExecStartPre=/bin/mkdir -p /opt/cni/bin
ExecStartPre=/bin/mkdir -p /etc/kubernetes/manifests ExecStartPre=/bin/mkdir -p /etc/kubernetes/manifests
ExecStartPre=/bin/mkdir -p /etc/kubernetes/cni/net.d ExecStartPre=/bin/mkdir -p /etc/kubernetes/cni/net.d
@ -50,6 +51,7 @@ systemd:
--anonymous-auth=false \ --anonymous-auth=false \
--authentication-token-webhook \ --authentication-token-webhook \
--authorization-mode=Webhook \ --authorization-mode=Webhook \
--cgroup-driver=$${KUBELET_CGROUP_DRIVER} \
--client-ca-file=/etc/kubernetes/ca.crt \ --client-ca-file=/etc/kubernetes/ca.crt \
--cluster_dns=${cluster_dns_service_ip} \ --cluster_dns=${cluster_dns_service_ip} \
--cluster_domain=${cluster_domain_suffix} \ --cluster_domain=${cluster_domain_suffix} \

View File

@ -84,6 +84,7 @@ data "template_file" "worker-config" {
ssh_authorized_key = var.ssh_authorized_key ssh_authorized_key = var.ssh_authorized_key
cluster_dns_service_ip = cidrhost(var.service_cidr, 10) cluster_dns_service_ip = cidrhost(var.service_cidr, 10)
cluster_domain_suffix = var.cluster_domain_suffix cluster_domain_suffix = var.cluster_domain_suffix
cgroup_driver = local.flavor == "flatcar" && local.channel == "edge" ? "systemd" : "cgroupfs"
} }
} }

View File

@ -75,6 +75,7 @@ systemd:
--volume iscsiadm,kind=host,source=/usr/sbin/iscsiadm \ --volume iscsiadm,kind=host,source=/usr/sbin/iscsiadm \
--mount volume=iscsiadm,target=/sbin/iscsiadm \ --mount volume=iscsiadm,target=/sbin/iscsiadm \
--insecure-options=image" --insecure-options=image"
Environment=KUBELET_CGROUP_DRIVER=${cgroup_driver}
ExecStartPre=/bin/mkdir -p /opt/cni/bin ExecStartPre=/bin/mkdir -p /opt/cni/bin
ExecStartPre=/bin/mkdir -p /etc/kubernetes/manifests ExecStartPre=/bin/mkdir -p /etc/kubernetes/manifests
ExecStartPre=/bin/mkdir -p /etc/kubernetes/cni/net.d ExecStartPre=/bin/mkdir -p /etc/kubernetes/cni/net.d
@ -89,6 +90,7 @@ systemd:
--anonymous-auth=false \ --anonymous-auth=false \
--authentication-token-webhook \ --authentication-token-webhook \
--authorization-mode=Webhook \ --authorization-mode=Webhook \
--cgroup-driver=$${KUBELET_CGROUP_DRIVER} \
--client-ca-file=/etc/kubernetes/ca.crt \ --client-ca-file=/etc/kubernetes/ca.crt \
--cluster_dns=${cluster_dns_service_ip} \ --cluster_dns=${cluster_dns_service_ip} \
--cluster_domain=${cluster_domain_suffix} \ --cluster_domain=${cluster_domain_suffix} \

View File

@ -50,6 +50,7 @@ systemd:
--volume iscsiadm,kind=host,source=/usr/sbin/iscsiadm \ --volume iscsiadm,kind=host,source=/usr/sbin/iscsiadm \
--mount volume=iscsiadm,target=/sbin/iscsiadm \ --mount volume=iscsiadm,target=/sbin/iscsiadm \
--insecure-options=image" --insecure-options=image"
Environment=KUBELET_CGROUP_DRIVER=${cgroup_driver}
ExecStartPre=/bin/mkdir -p /opt/cni/bin ExecStartPre=/bin/mkdir -p /opt/cni/bin
ExecStartPre=/bin/mkdir -p /etc/kubernetes/manifests ExecStartPre=/bin/mkdir -p /etc/kubernetes/manifests
ExecStartPre=/bin/mkdir -p /etc/kubernetes/cni/net.d ExecStartPre=/bin/mkdir -p /etc/kubernetes/cni/net.d
@ -62,6 +63,7 @@ systemd:
--anonymous-auth=false \ --anonymous-auth=false \
--authentication-token-webhook \ --authentication-token-webhook \
--authorization-mode=Webhook \ --authorization-mode=Webhook \
--cgroup-driver=$${KUBELET_CGROUP_DRIVER} \
--client-ca-file=/etc/kubernetes/ca.crt \ --client-ca-file=/etc/kubernetes/ca.crt \
--cluster_dns=${cluster_dns_service_ip} \ --cluster_dns=${cluster_dns_service_ip} \
--cluster_domain=${cluster_domain_suffix} \ --cluster_domain=${cluster_domain_suffix} \

View File

@ -159,6 +159,7 @@ data "template_file" "controller-configs" {
domain_name = element(var.controller_domains, count.index) domain_name = element(var.controller_domains, count.index)
etcd_name = element(var.controller_names, count.index) etcd_name = element(var.controller_names, count.index)
etcd_initial_cluster = join(",", formatlist("%s=https://%s:2380", var.controller_names, var.controller_domains)) etcd_initial_cluster = join(",", formatlist("%s=https://%s:2380", var.controller_names, var.controller_domains))
cgroup_driver = var.os_channel == "flatcar-edge" ? "systemd" : "cgroupfs"
cluster_dns_service_ip = module.bootkube.cluster_dns_service_ip cluster_dns_service_ip = module.bootkube.cluster_dns_service_ip
cluster_domain_suffix = var.cluster_domain_suffix cluster_domain_suffix = var.cluster_domain_suffix
ssh_authorized_key = var.ssh_authorized_key ssh_authorized_key = var.ssh_authorized_key
@ -186,6 +187,7 @@ data "template_file" "worker-configs" {
vars = { vars = {
domain_name = element(var.worker_domains, count.index) domain_name = element(var.worker_domains, count.index)
cgroup_driver = var.os_channel == "flatcar-edge" ? "systemd" : "cgroupfs"
cluster_dns_service_ip = module.bootkube.cluster_dns_service_ip cluster_dns_service_ip = module.bootkube.cluster_dns_service_ip
cluster_domain_suffix = var.cluster_domain_suffix cluster_domain_suffix = var.cluster_domain_suffix
ssh_authorized_key = var.ssh_authorized_key ssh_authorized_key = var.ssh_authorized_key

View File

@ -14,12 +14,12 @@ Together, they diversify Typhoon to support a range of container technologies.
## Host Properties ## Host Properties
| Property | Container Linux | Fedora Atomic | | Property | Container Linux / Flatcar Linux | Fedora Atomic |
|-------------------|-----------------|---------------| |-------------------|-----------------|---------------|---------------|
| host spec (bare-metal) | Container Linux Config | kickstart, cloud-init | | host spec (bare-metal) | Container Linux Config | kickstart, cloud-init |
| host spec (cloud) | Container Linux Config | cloud-init | | host spec (cloud) | Container Linux Config | cloud-init |
| container runtime | docker | docker (CRIO planned) | | container runtime | docker | docker (CRIO planned) |
| cgroup driver | cgroupfs | systemd | | cgroup driver | cgroupfs (except Flatcar edge) | systemd |
| logging driver | json-file | journald | | logging driver | json-file | journald |
| storage driver | overlay2 | overlay2 | | storage driver | overlay2 | overlay2 |