From cdb4aec93a9043a6d4a0ed5dc66b179895cce0e1 Mon Sep 17 00:00:00 2001 From: Lantao Liu Date: Wed, 28 Mar 2018 00:28:05 +0000 Subject: [PATCH] Use systemd service cgroup and oom score adj. Signed-off-by: Lantao Liu --- contrib/gce/cloud-init/master.yaml | 7 +------ contrib/gce/cloud-init/node.yaml | 7 +------ contrib/gce/env | 2 +- 3 files changed, 3 insertions(+), 13 deletions(-) diff --git a/contrib/gce/cloud-init/master.yaml b/contrib/gce/cloud-init/master.yaml index c2a2c9704..63d2ebcd0 100644 --- a/contrib/gce/cloud-init/master.yaml +++ b/contrib/gce/cloud-init/master.yaml @@ -30,12 +30,6 @@ write_files: permissions: 0644 owner: root content: | - # installed by cloud-init - oom_score = -999 - - [cgroup] - path = "/runtime" - [plugins.linux] shim = "/home/containerd/usr/local/bin/containerd-shim" runtime = "/home/containerd/usr/local/sbin/runc" @@ -61,6 +55,7 @@ write_files: RestartSec=5 Delegate=yes KillMode=process + OOMScoreAdjust=-999 LimitNOFILE=1048576 # Having non-zero Limit*s causes performance problems due to accounting overhead # in the kernel. We recommend using cgroups to do container-local accounting. diff --git a/contrib/gce/cloud-init/node.yaml b/contrib/gce/cloud-init/node.yaml index 6504861fd..61c8143d8 100644 --- a/contrib/gce/cloud-init/node.yaml +++ b/contrib/gce/cloud-init/node.yaml @@ -28,12 +28,6 @@ write_files: permissions: 0644 owner: root content: | - # installed by cloud-init - oom_score = -999 - - [cgroup] - path = "/runtime" - [plugins.linux] shim = "/home/containerd/usr/local/bin/containerd-shim" runtime = "/home/containerd/usr/local/sbin/runc" @@ -59,6 +53,7 @@ write_files: RestartSec=5 Delegate=yes KillMode=process + OOMScoreAdjust=-999 LimitNOFILE=1048576 # Having non-zero Limit*s causes performance problems due to accounting overhead # in the kernel. We recommend using cgroups to do container-local accounting. diff --git a/contrib/gce/env b/contrib/gce/env index 5c7c40428..3d197933a 100644 --- a/contrib/gce/env +++ b/contrib/gce/env @@ -15,5 +15,5 @@ export KUBE_CONTAINER_RUNTIME_ENDPOINT="/run/containerd/containerd.sock" export KUBE_LOAD_IMAGE_COMMAND="/home/containerd/usr/local/bin/ctr cri load" export NETWORK_POLICY_PROVIDER="calico" export NON_MASQUERADE_CIDR="0.0.0.0/0" -export KUBE_KUBELET_EXTRA_ARGS="--runtime-cgroups=/runtime" +export KUBE_KUBELET_EXTRA_ARGS="--runtime-cgroups=/system.slice/containerd.service" export KUBE_FEATURE_GATES="ExperimentalCriticalPodAnnotation=true,CRIContainerLogRotation=true"