-
Notifications
You must be signed in to change notification settings - Fork 14.5k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
de0efc1
commit 74ea814
Showing
2 changed files
with
97 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,95 @@ | ||
| --- | ||
| content_type: "reference" | ||
| title: Files written and read by the kubelet | ||
| weight: 40 | ||
| --- | ||
|
|
||
| {{< glossary_tooltip text="Kubelet" term_id="kubelet" >}} is mostly a stateless | ||
| process running on a Kubernetes {{< glossary_tooltip text="node" term_id="node" >}}. | ||
| This document outlines files that kubelet reads and writes. | ||
|
|
||
| Kubelet uses the {{< glossary_tooltip text="control plane" term_id="control-plane" >}} as | ||
| the source of truth on what needs to run on the Node, and the | ||
| {{<glossary_tooltip text="container runtime" term_id="container-runtime">}} to retrieve | ||
| the current state of containers. Kubelet also relies on reading | ||
| cgroups and various system files to collect metrics. However, there are still a few other files | ||
| that are used by the kubelet. | ||
|
|
||
| ## Files | ||
|
|
||
| ### Configuration | ||
|
|
||
| #### Kubelet configuration files | ||
|
|
||
| The path to the kubelet configuration file can be configured | ||
| using the command line argument `--config`. kubelet also supports | ||
| [drop-in configuration files](/docs/tasks/administer-cluster/kubelet-config-file/#kubelet-conf-d) | ||
| to enhance configuration. | ||
|
|
||
| #### Certificates | ||
|
|
||
| Certificates are typically located at `/var/lib/kubelet/pki`, | ||
| but can be configured using the `--cert-dir` kubelet command line argument. | ||
| Names of certificate files are also configurable. | ||
|
|
||
| #### Systemd unit settings | ||
|
|
||
| When kubelet is running as a systemd unit, some kubelet configuration may be declared | ||
| in systemd unit settings file. Typically it includes: | ||
|
|
||
| - command line arguments to [run kubelet](/docs/reference/command-line-tools-reference/kubelet/) | ||
| - environment variables, used by kubelet or [configuring golang runtime](https://pkg.go.dev/runtime#hdr-Environment_Variables) | ||
|
|
||
| ### State | ||
|
|
||
| #### Manifests | ||
|
|
||
| Manifests for static pods are typically located in `/etc/kubernetes/manifests`. | ||
| Location can be configured using the `staticPodPath` kubelet configuration option. | ||
|
|
||
| #### Checkpoint files | ||
|
|
||
| CPU managers and memory managers use state files to keep the mapping between | ||
| Pods and allocated resources. Files are named `memory_manager_state` | ||
| and `cpu_manager_state` and both located in the kubelet's root directory, | ||
| typically `/var/lib/kubelet`. Kubelet root directory can be configured | ||
| using the kubelet command line argument `--root-dir`. | ||
|
|
||
| ### Sockets | ||
|
|
||
| Kubelet opens a few sockets as well as reading some other sockets. | ||
|
|
||
| #### Container runtime | ||
|
|
||
| Kubelet communicates with the container runtime using socket configured via the | ||
| configuration parameters: | ||
|
|
||
| - `containerRuntimeEndpoint` for runtime operations | ||
| - `imageServiceEndpoint` for image management operations | ||
|
|
||
| The actual values of those endpoints depend on the container runtime being used. | ||
|
|
||
| #### Device plugins | ||
|
|
||
| Kubelet exposes socket `/var/lib/kubelet/device-plugins/kubelet.sock` for | ||
| various [Device Plugins to register](/docs/concepts/extend-kubernetes/compute-storage-net/device-plugins/#device-plugin-implementation). | ||
|
|
||
| When a device plugin registers itself, it provides its socket path for the kubelet to connect. | ||
|
|
||
| The device plugin socket should be in the directory `/var/lib/kubelet/device-plugins`. | ||
|
|
||
| #### Pod Resources API | ||
|
|
||
| [Pod Resources API](/docs/concepts/extend-kubernetes/compute-storage-net/device-plugins/#monitoring-device-plugin-resources) | ||
| will be exposed at the address `/var/lib/kubelet/pod-resources`. | ||
|
|
||
| ### Utility | ||
|
|
||
| Kubelet lock file, typically `/var/run/kubelet.lock`, | ||
| can be configured using the `--lock-file` kubelet command line argument. | ||
|
|
||
|
|
||
| ## {{% heading "whatsnext" %}} | ||
|
|
||
| - Kubelet [command line arguments](/docs/reference/command-line-tools-reference/kubelet/). | ||
| - Review the [Kubelet Configuration (v1beta1) reference](/docs/reference/config-api/kubelet-config.v1beta1/) |