K
Q

Howto change kubelet configuration via kubeadm

9/8/2019

I'm fairly new to Kubernetes and trying to wrap my head around how to manage ComponentConfigs in already running clusters.

For example: Recently I initialized a kubeadm cluster in a test environment running Ubuntu. When I did that, I found CoreDNS to be in a CrashLoopBackoff which turned out to be the case because Ubuntu was configured to use systemd-resolved and so the resolv.conf had a loopback resolver configured. After reading the docs for coredns, I found out that a solution for that would be to change the resolvConf parameter for kubelet - either via commandline arguments or in the config.

So how would one do this properly in a kubeadm-managed cluster?

Reading [this page in the documentation][1] I didn't really get a clue, because it seems to be tailored to the case of initializing a new cluster or joining new nodes.

Of course, in this particular situation I could just use "Kubeadm reset" and initialize it again with a --config parameter but that doesn't seem to be the right solution for a running cluster.

So after digging a bit deeper I found several infos:

  1. I could change the /var/lib/kubelet/kubeadm-flags.env on the node directly, but AFAICT this only makes sense for node-specific changes.
  2. There is a ConfigMap in the kube-system namespace named kubelet-config-1.14. This seems promising for upcoming nodes joining the cluster to get the right configuration - but would changing that CM affect the already running Kubelet?
  3. There is a marshalled version of the running config in /var/lib/config/kubelet.yaml that I could change, but AFAIU this would be overriden by kubelet itself periodically (?) or at least during a kubeadm upgrade.
  4. There seems to be an option to specify a configmap in the node object, to let kubelet dynamically load the configuration from there, but given that there is already an existing configmap it seems more sensible to change that one.

I seemingly had success by some combination of changing aforementioned CM, running kubeadm upgrade something afterwards and rebooting the machine (since restarting the kubelet did not fix the CoreDNS issue ... but maybe I was to impatient).

So I am now asking:

  1. What is the recommended way to carry out changes to the kubelet configuration (or any other configuration I could affect via kubeadm-config.yaml) that works and is upgrade-safe for cases where the configuration is not node-specific?
  2. And if this involves running kubeadm ... config --config - how do I extract the existing Kubeadm-config in a way that I can feed it back to to kubeadm?

I am entirely happy with pointers to the right documentation, I just didn't find the right clues myself.

TIA

-- Patrick Schönfeld
kubeadm
kubernetes

Similar Questions

My question is how to deploy a hyperledger fabric blockchain to kubernetes?
kubeadm init issue - cannot execute 'docker info'
Best practice for starting a service using docker images in Kubernetes cluster
Istio envoy 504 gateway timeouts after 15 seconds for outbound connections

1 Answer

9/11/2019

What you are looking for is well described in official documentation.

The basic workflow for configuring a Kubelet is as follows:

  • Write a YAML or JSON configuration file containing the Kubelet’s configuration.
  • Wrap this file in a ConfigMap and save it to the Kubernetes control plane. Update the Kubelet’s corresponding Node object to use this ConfigMap.

In addition there is DynamicKubeletConfig Feature Gate is enabled by default starting from Kubernetes v1.11, but you need some additional steps to activate it. You need to remember about, that Kubelet’s --dynamic-config-dir flag must be set to a writable directory on the Node.

-- muscat
Source: StackOverflow