github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
2d0fa393b5
kubernetes/docs/man/kubelet.md
Jan Chaloupka f7b6e7427e fix formatting of md documents
2015-06-30 15:49:52 +02:00

11 KiB
Raw Blame History

NAME

kubelet - Processes a container manifest so the containers are launched according to how they are described.

SYNOPSIS

kubelet [OPTIONS]

DESCRIPTION

The kubernetes kubelet runs on each node. The Kubelet works in terms of a container manifest. A container manifest is a YAML or JSON file that describes a pod. The Kubelet takes a set of manifests that are provided in various mechanisms and ensures that the containers described in those manifests are started and continue running.

There are 3 ways that a container manifest can be provided to the Kubelet.

File: Path passed as a flag on the command line. This file is rechecked every 20 seconds (configurable with a flag).

HTTP endpoint: HTTP endpoint passed as a parameter on the command line. This endpoint is checked every 20 seconds (also configurable with a flag).

HTTP server: The kubelet can also listen for HTTP and respond to a simple API (underspec'd currently) to submit a new manifest.

OPTIONS

  •   **--address=0.0.0.0**: The IP address for the Kubelet to serve on (set to 0.0.0.0 for all interfaces)

  •   **--allow-dynamic-housekeeping=true**: Whether to allow the housekeeping interval to be dynamic

  •   **--allow-privileged=false**: If true, allow containers to request privileged mode. [default=false]

  •   **--alsologtostderr=false**: log to standard error as well as files

  •   **--api-servers=[]**: List of Kubernetes API servers for publishing events, and reading pods and services. (ip:port), comma separated.

  •   **--boot-id-file=/proc/sys/kernel/random/boot_id**: Comma-separated list of files to check for boot-id. Use the first one that exists.

  •   **--cadvisor-port=4194**: The port of the localhost cAdvisor endpoint

  •   **--cert-dir="/var/run/kubernetes"**: The directory where the TLS certs are located (by default /var/run/kubernetes). If --tls_cert_file and --tls_private_key_file are provided, this flag will be ignored.

  •   **--cgroup-root=""**: Optional root cgroup to use for pods. This is handled by the container runtime on a best effort basis. Default: '', which means use the container runtime default.

  •   **--chaos-chance=0**: If > 0.0, introduce random client errors and latency. Intended for testing. [default=0.0]

  •   **--cloud-config=""**: The path to the cloud provider configuration file.  Empty string for no configuration file.

  •   **--cloud-provider=""**: The provider for cloud services.  Empty string for no provider.

  •   **--cluster-dns=<nil>**: IP address for a cluster DNS server.  If set, kubelet will configure all containers to use this for DNS resolution in addition to the host's DNS servers

  •   **--cluster-domain=""**: Domain for this cluster.  If set, kubelet will configure all containers to search this domain in addition to the host's search domains

  •   **--config=""**: Path to the config file or directory of files

  •   **--configure-cbr0=false**: If true, kubelet will configure cbr0 based on Node.Spec.PodCIDR.

  •   **--container-hints=/etc/cadvisor/container_hints.json**: location of the container hints file

  •   **--container-runtime="docker"**: The container runtime to use. Possible values: 'docker', 'rkt'. Default: 'docker'.

  •   **--containerized=false**: Experimental support for running kubelet in a container.  Intended for testing. [default=false]

  •   **--docker=unix:///var/run/docker.sock**: docker endpoint

  •   **--docker-endpoint=""**: If non-empty, use this for the docker endpoint to communicate with

  •   **--docker-exec-handler="native"**: Handler to use when executing a command in a container. Valid values are 'native' and 'nsenter'. Defaults to 'native'.

  •   **--docker-only=false**: Only report docker containers in addition to root stats

  •   **--docker-root=/var/lib/docker**: Absolute path to the Docker state root directory (default: /var/lib/docker)

  •   **--docker-run=/var/run/docker**: Absolute path to the Docker run directory (default: /var/run/docker)

  •   **--enable-debugging-handlers=true**: Enables server endpoints for log collection and local running of containers and commands

  •   **--enable-load-reader=false**: Whether to enable cpu load reader

  •   **--enable-server=true**: Enable the Kubelet's server

  •   **--event-storage-age-limit=default=24h**: Max length of time for which to store events (per type). Value is a comma separated list of key values, where the keys are event types (e.g.: creation, oom) or "default" and the value is a duration. Default is applied to all non-specified event types

  •   **--event-storage-event-limit=default=100000**: Max number of events to store (per type). Value is a comma separated list of key values, where the keys are event types (e.g.: creation, oom) or "default" and the value is an integer. Default is applied to all non-specified event types

  •   **--file-check-frequency=20s**: Duration between checking config files for new data

  •   **--global-housekeeping-interval=1m0s**: Interval between global housekeepings

  •   **--google-json-key=""**: The Google Cloud Platform Service Account JSON Key to use for authentication.

  •   **--healthz-bind-address=127.0.0.1**: The IP address for the healthz server to serve on, defaulting to 127.0.0.1 (set to 0.0.0.0 for all interfaces)

  •   **--healthz-port=10248**: The port of the localhost healthz endpoint

  •   **--host-network-sources="file"**: Comma-separated list of sources from which the Kubelet allows pods to use of host network. For all sources use "*" [default="file"]

  •   **--hostname-override=""**: If non-empty, will use this string as identification instead of the actual hostname.

  •   **--housekeeping-interval=1s**: Interval between container housekeepings

  •   **--http-check-frequency=20s**: Duration between checking http for new data

  •   **--httptest.serve=**: if non-empty, httptest.NewServer serves on this address and blocks

  •   **--image-gc-high-threshold=90**: The percent of disk usage after which image garbage collection is always run. Default: 90%%

  •   **--image-gc-low-threshold=80**: The percent of disk usage before which image garbage collection is never run. Lowest disk usage to garbage collect to. Default: 80%%

  •   **--kubeconfig=/var/lib/kubelet/kubeconfig**: Path to a kubeconfig file, specifying how to authenticate to API server (the master location is set by the api-servers flag).

  •   **--log-backtrace-at=:0**: when logging hits line file:N, emit a stack trace

  •   **--log-cadvisor-usage=false**: Whether to log the usage of the cAdvisor container

  •   **--log-dir=**: If non-empty, write log files in this directory

  •   **--log-flush-frequency=5s**: Maximum number of seconds between log flushes

  •   **--logtostderr=true**: log to standard error instead of files

  •   **--low-diskspace-threshold-mb=256**: The absolute free disk space, in MB, to maintain. When disk space falls below this threshold, new pods would be rejected. Default: 256

  •   **--machine-id-file=/etc/machine-id,/var/lib/dbus/machine-id**: Comma-separated list of files to check for machine-id. Use the first one that exists.

  •   **--manifest-url=""**: URL for accessing the container manifest

  •   **--master-service-namespace="default"**: The namespace from which the kubernetes master services should be injected into pods

  •   **--max-housekeeping-interval=1m0s**: Largest interval to allow between container housekeepings

  •   **--max-pods=100**: Number of Pods that can run on this Kubelet.

  •   **--maximum-dead-containers=100**: Maximum number of old instances of a containers to retain globally.  Each container takes up some disk space.  Default: 100.

  •   **--maximum-dead-containers-per-container=2**: Maximum number of old instances of a container to retain per container.  Each container takes up some disk space.  Default: 2.

  •   **--minimum-container-ttl-duration=1m0s**: Minimum age for a finished container before it is garbage collected.  Examples: '300ms', '10s' or '2h45m'

  •   **--network-plugin=""**: <Warning: Alpha feature> The name of the network plugin to be invoked for various events in kubelet/pod lifecycle

  •   **--node-status-update-frequency=10s**: Specifies how often kubelet posts node status to master. Note: be cautious when changing the constant, it must work with nodeMonitorGracePeriod in nodecontroller. Default: 10s

  •   **--oom-score-adj=-900**: The oom_score_adj value for kubelet process. Values must be within the range [-1000, 1000]

  •   **--pod-cidr=""**: The CIDR to use for pod IP addresses, only used in standalone mode.  In cluster mode, this is obtained from the master.

  •   **--pod-infra-container-image="gcr.io/google_containers/pause:0.8.0"**: The image whose network/ipc namespaces containers in each pod will use.

  •   **--port=10250**: The port for the Kubelet to serve on. Note that "kubectl logs" will not work if you set this flag.

  •   **--read-only-port=10255**: The read-only port for the Kubelet to serve on (set to 0 to disable)

  •   **--really-crash-for-testing=false**: If true, when panics occur crash. Intended for testing.

  •   **--register-node=true**: Register the node with the apiserver (defaults to true if --api-server is set)

  •   **--registry-burst=10**: Maximum size of a bursty pulls, temporarily allows pulls to burst to this number, while still not exceeding registry_qps.  Only used if --registry_qps > 0

  •   **--registry-qps=0**: If > 0, limit registry pull QPS to this value.  If 0, unlimited. [default=0.0]

  •   **--resource-container="/kubelet"**: Absolute name of the resource-only container to create and run the Kubelet in (Default: /kubelet).

  •   **--root-dir="/var/lib/kubelet"**: Directory path for managing kubelet files (volume mounts,etc).

  •   **--runonce=false**: If true, exit after spawning pods from local manifests or remote urls. Exclusive with --api_servers, and --enable-server

  •   **--stderrthreshold=2**: logs at or above this threshold go to stderr

  •   **--streaming-connection-idle-timeout=0**: Maximum time a streaming connection can be idle before the connection is automatically closed.  Example: '5m'

  •   **--sync-frequency=10s**: Max period between synchronizing running containers and config

  •   **--system-container=""**: Optional resource-only container in which to place all non-kernel processes that are not already in a container. Empty for no container. Rolling back the flag requires a reboot. (Default: "").

  •   **--tls-cert-file=""**: File containing x509 Certificate for HTTPS.  (CA cert, if any, concatenated after server cert). If --tls_cert_file and --tls_private_key_file are not provided, a self-signed certificate and key are generated for the public address and saved to the directory passed to --cert_dir.

  •   **--tls-private-key-file=""**: File containing x509 private key matching --tls_cert_file.

  •   **--v=0**: log level for V logs

  •   **--version=false**: Print version information and quit

  •   **--vmodule=**: comma-separated list of pattern=N settings for file-filtered logging

EXAMPLES

/usr/bin/kubelet --logtostderr=true --v=0 --api_servers=http://127.0.0.1:8080 --address=127.0.0.1 --port=10250 --hostname_override=127.0.0.1 --allow-privileged=false

Analytics