-
Notifications
You must be signed in to change notification settings - Fork 14.5k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
de0efc1
commit bb28e69
Showing
2 changed files
with
116 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,114 @@ | ||
| --- | ||
| content_type: "reference" | ||
| title: Files written and read by the kubelet | ||
| weight: 40 | ||
| --- | ||
|
|
||
| The {{< glossary_tooltip text="kubelet" term_id="kubelet" >}} is mostly a stateless | ||
| process running on a Kubernetes {{< glossary_tooltip text="node" term_id="node" >}}. | ||
| This document outlines files that kubelet reads and writes. | ||
|
|
||
| Kubelet uses the {{< glossary_tooltip text="control plane" term_id="control-plane" >}} as | ||
| the source of truth on what needs to run on the Node, and the | ||
| {{<glossary_tooltip text="container runtime" term_id="container-runtime">}} to retrieve | ||
| the current state of containers. Kubelet also relies on reading | ||
| cgroups and various system files to collect metrics. However, there are still a few other files | ||
| that are used by the kubelet. | ||
|
|
||
| ## Files | ||
|
|
||
| ### Configuration | ||
|
|
||
| #### Kubelet configuration files | ||
|
|
||
| The path to the kubelet configuration file can be configured | ||
| using the command line argument `--config`. kubelet also supports | ||
| [drop-in configuration files](/docs/tasks/administer-cluster/kubelet-config-file/#kubelet-conf-d) | ||
| to enhance configuration. | ||
|
|
||
| #### Certificates | ||
|
|
||
| Certificates are typically located at `/var/lib/kubelet/pki`, | ||
| but can be configured using the `--cert-dir` kubelet command line argument. | ||
| Names of certificate files are also configurable. | ||
|
|
||
| #### Systemd unit settings | ||
|
|
||
| When kubelet is running as a systemd unit, some kubelet configuration may be declared | ||
| in systemd unit settings file. Typically it includes: | ||
|
|
||
| - command line arguments to [run kubelet](/docs/reference/command-line-tools-reference/kubelet/) | ||
| - environment variables, used by kubelet or [configuring golang runtime](https://pkg.go.dev/runtime#hdr-Environment_Variables) | ||
|
|
||
| ### State | ||
|
|
||
| #### Manifests | ||
|
|
||
| Manifests for static pods are typically located in `/etc/kubernetes/manifests`. | ||
| Location can be configured using the `staticPodPath` kubelet configuration option. | ||
|
|
||
| #### Checkpoint files | ||
|
|
||
| All resource managers keep the mapping of Pods to allocated resources in state files. | ||
| State files located in the kubelet's root directory, | ||
| typically `/var/lib/kubelet`. Kubelet root directory can be configured | ||
| using the kubelet command line argument `--root-dir`. | ||
|
|
||
| Names of files: | ||
|
|
||
| - `memory_manager_state` for the Memory Manager | ||
| - `cpu_manager_state` for the CPU Manager | ||
| - `kubelet_internal_checkpoint` for Device Manager | ||
| - `dra_manager_state` for DRA | ||
|
|
||
| #### Pod Status checkpoint | ||
|
|
||
| {{< feature-state feature_gate_name="InPlacePodVerticalScaling" >}} | ||
|
|
||
| The pod status is being checkpointed to implement the Pod resize feature. | ||
| The file name is `pod_status_manager_state` in kubelet root directory | ||
| (`/var/lib/kubelet` or configure using `--root-dir`). | ||
|
|
||
| ### Sockets | ||
|
|
||
| Kubelet opens a few sockets as well as reading some other sockets. | ||
|
|
||
| #### Container runtime | ||
|
|
||
| Kubelet communicates with the container runtime using socket configured via the | ||
| configuration parameters: | ||
|
|
||
| - `containerRuntimeEndpoint` for runtime operations | ||
| - `imageServiceEndpoint` for image management operations | ||
|
|
||
| The actual values of those endpoints depend on the container runtime being used. | ||
|
|
||
| #### Device plugins | ||
|
|
||
| Kubelet exposes socket `/var/lib/kubelet/device-plugins/kubelet.sock` for | ||
| various [Device Plugins to register](/docs/concepts/extend-kubernetes/compute-storage-net/device-plugins/#device-plugin-implementation). | ||
|
|
||
| When a device plugin registers itself, it provides its socket path for the kubelet to connect. | ||
|
|
||
| The device plugin socket should be in the directory `/var/lib/kubelet/device-plugins`. | ||
|
|
||
| #### Pod Resources API | ||
|
|
||
| [Pod Resources API](/docs/concepts/extend-kubernetes/compute-storage-net/device-plugins/#monitoring-device-plugin-resources) | ||
| will be exposed at the address `/var/lib/kubelet/pod-resources`. | ||
|
|
||
| #### DRA and CSI plugins | ||
|
|
||
| DRA and CSI plugins are located in `plugins_registry` in kubelet's root directory | ||
| (typically `/var/lib/kubelet/plugins_registry`). | ||
|
|
||
| ### Utility | ||
|
|
||
| Kubelet lock file, typically `/var/run/kubelet.lock`, | ||
| can be configured using the `--lock-file` kubelet command line argument. | ||
|
|
||
|
|
||
| ## {{% heading "whatsnext" %}} | ||
|
|
||
| - Kubelet [command line arguments](/docs/reference/command-line-tools-reference/kubelet/). | ||
| - Review the [Kubelet Configuration (v1beta1) reference](/docs/reference/config-api/kubelet-config.v1beta1/) |