时间戳

首页 > 解决方案 > Kubernetes kube-controller-manager。如何应用标志?

kubernetes - Kubernetes kube-controller-manager。如何应用标志?

问题描述

文档中,我发现应该应用以下标志kube-controller-manager来解决我的问题:

--horizontal-pod-autoscaler-use-rest-clients=1m0s

但是我怎样才能应用这个标志kube-controller-manager呢?我不明白,因为它不是基于 YAML 的设置,而且我在本地机器上唯一拥有的是kubectl& ocCLI 工具。

标签: kubernetesopenshift

解决方案

在您的kube-controller-managerK8s 控制平面中运行。因此,您必须在运行控制平面的服务器上添加该标志。通常,这是一个奇数的服务器(一个是主服务器)3 或 5,因为它是推荐的法定人数。(使用 kubeadm 的示例)。

因此,通常配置位于您的主人kube-controller-manager之下/etc/kubernetes/manifests。文件名通常是kube-controller-manager.yaml,内容可以更改为:

apiVersion: v1
kind: Pod
metadata:
  creationTimestamp: null
  labels:
    component: kube-controller-manager
    tier: control-plane
  name: kube-controller-manager
  namespace: kube-system
spec:
  containers:
  - command:
    - kube-controller-manager
    - --authentication-kubeconfig=/etc/kubernetes/controller-manager.conf
    - --authorization-kubeconfig=/etc/kubernetes/controller-manager.conf
    - --bind-address=127.0.0.1
    - --client-ca-file=/var/lib/minikube/certs/ca.crt
    - --cluster-signing-cert-file=/var/lib/minikube/certs/ca.crt
    - --cluster-signing-key-file=/var/lib/minikube/certs/ca.key
    - --controllers=*,bootstrapsigner,tokencleaner
    - --kubeconfig=/etc/kubernetes/controller-manager.conf
    - --leader-elect=true
    - --requestheader-client-ca-file=/var/lib/minikube/certs/front-proxy-ca.crt
    - --root-ca-file=/var/lib/minikube/certs/ca.crt
    - --service-account-private-key-file=/var/lib/minikube/certs/sa.key
    - --use-service-account-credentials=true
    - --horizontal-pod-autoscaler-use-rest-clients=1m0s  <== add this line
    image: k8s.gcr.io/kube-controller-manager:v1.16.2
    imagePullPolicy: IfNotPresent
    livenessProbe:
      failureThreshold: 8
      httpGet:
        host: 127.0.0.1
        path: /healthz
        port: 10252
        scheme: HTTP
      initialDelaySeconds: 15
      timeoutSeconds: 15
    name: kube-controller-manager
    resources:
      requests:
        cpu: 200m
    volumeMounts:
    - mountPath: /etc/ssl/certs
      name: ca-certs
      readOnly: true
    - mountPath: /var/lib/minikube/certs
      name: k8s-certs
      readOnly: true
    - mountPath: /etc/kubernetes/controller-manager.conf
      name: kubeconfig
      readOnly: true
    - mountPath: /usr/share/ca-certificates
      name: usr-share-ca-certificates
      readOnly: true
  hostNetwork: true
  priorityClassName: system-cluster-critical
  volumes:
  - hostPath:
      path: /etc/ssl/certs
      type: DirectoryOrCreate
    name: ca-certs
  - hostPath:
      path: /var/lib/minikube/certs
      type: DirectoryOrCreate
    name: k8s-certs
  - hostPath:
      path: /etc/kubernetes/controller-manager.conf
      type: FileOrCreate
    name: kubeconfig
  - hostPath:
      path: /usr/share/ca-certificates
      type: DirectoryOrCreate
    name: usr-share-ca-certificates
status: {}

然后你需要重启你的 kube-controller-manager。

这可能会根据您在 master 中运行的内容而有所不同。如果您可以使用 docker 之类的东西,sudo systemctl restart docker或者如果您使用它而不是 docker,则可能需要重新启动 containerdsystemctl restart containerd

或者,如果您只想开始,kube-controller-manager您可以执行docker restart kube-controller-mamnagercrictl stop kube-controller-manager; crictl start kube-controller-manager

推荐阅读