I want to forbid k8s pod is oom killed when memory is used totally, first I tried it by docker run, it works; but when I tried it by kubectl, it failed!
[docker run][docker run -ti -m 256M --oom-kill-disable myselfImage bash] docker set oom-kill-disable success
kubectl version
Client Version: version.Info{Major:"1", Minor:"13", GitVersion:"v1.13.5", GitCommit:"2166946f41b36dea2c4626f90a77706f426cdea2", GitTreeState:"archive", BuildDate:"2019-07-30T03:39:26Z", GoVersion:"go1.11.5", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"", Minor:"", GitVersion:"v0.0.0-master+2166946f41b36d", GitCommit:"2166946f41b36dea2c4626f90a77706f426cdea2", GitTreeState:"", BuildDate:"2019-08-21T08:42:24Z", GoVersion:"go1.11.5", Compiler:"gc", Platform:"linux/amd64"}
docker version = 19.03.7oom.yaml
apiVersion: v1
kind: Pod
metadata:
name: oom-test
spec:
nodeSelector:
kubernetes.io/hostname: "hostname"
containers:
- name: oom-test
securityContext:
capabilities:
add: ["SYS_ADMIN", "SYS_RESOURCE", "IPC_LOCK"]
image: myselfImage
volumeMounts:
- mountPath: /dev/shm
name: cache-volume
resources:
limits:
cpu: "4"
memory: "10Gi"
requests:
cpu: "4"
memory: "10Gi"
volumes:
- name: cache-volume
emptyDir:
medium: Memory
sizeLimit: "5Gi"
restartPolicy: Never1.echo 1 > /sys/fs/cgroup/memory/kubepods/memory.oom_control
2.kubectl create -f oom.yaml
3.kubectl exec -ti oom-test bash
>>stress --vm 1 --vm-bytes 10G #pod is oom killed
NAME READY STATUS RESTARTS AGE
devmachine-shm-test-02 0/1 OOMKilled 0 2m45sWhy pod is oom killed even if I set echo 1 > memory.oom_control
When I add --cgroup-driver=cgroupfs for kubelet config, it works! So I think this question maybe myself kubelet config problem.