-
Notifications
You must be signed in to change notification settings - Fork 14.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add an explanation of how the kubeadm kubelet dropin file works and a note about cAdvisor #4229
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Some minor grammar changes for consistency and markdown formatting issues.
docs/admin/kubeadm.md
Outdated
@@ -525,6 +525,57 @@ Here `v1.7.x` means the "latest patch release of the v1.7 branch". | |||
|
|||
`${ARCH}` can be one of: `amd64`, `arm`, `arm64`, `ppc64le` or `s390x`. | |||
|
|||
## Managing the kubeadm dropin file for the kubelet |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
change all occurrences of "dropin" to "drop-in"
docs/admin/kubeadm.md
Outdated
``` | ||
|
||
A breakdown of what/why: | ||
- `--kubeconfig=/etc/kubernetes/kubelet.conf` point to the kubeconfig file that |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
"point" -> "points"
docs/admin/kubeadm.md
Outdated
started until `kubeadm init` is run. | ||
- `--pod-manifest-path=/etc/kubernetes/manifests` specifies from where to read | ||
Static Pod manifests used for spinning up the control plane | ||
- `--allow-privileged=true` allow this kubelet to run privileged Pods |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
"allow" -> "allows"
docs/admin/kubeadm.md
Outdated
- `--pod-manifest-path=/etc/kubernetes/manifests` specifies from where to read | ||
Static Pod manifests used for spinning up the control plane | ||
- `--allow-privileged=true` allow this kubelet to run privileged Pods | ||
- `--network-plugin=cni` use CNI networking |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
"use" -> "uses"
docs/admin/kubeadm.md
Outdated
Static Pod manifests used for spinning up the control plane | ||
- `--allow-privileged=true` allow this kubelet to run privileged Pods | ||
- `--network-plugin=cni` use CNI networking | ||
- `--cni-conf-dir=/etc/cni/net.d` where to look for the |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
add "specifies": "--cni-conf-dir=/etc/cni/net.d
specifies where to look..."
docs/admin/kubeadm.md
Outdated
`search` entries in Pods' `/etc/resolv.conf` | ||
- `--client-ca-file=/etc/kubernetes/pki/ca.crt` authenticate requests to the Kubelet | ||
API using this CA certificate. | ||
- `--authorization-mode=Webhook` authorize requests to the Kubelet API by `POST`-ing |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
"authorize" -> "authorizes"
docs/admin/kubeadm.md
Outdated
API using this CA certificate. | ||
- `--authorization-mode=Webhook` authorize requests to the Kubelet API by `POST`-ing | ||
a `SubjectAccessReview` to the API Server | ||
- `--cadvisor-port=0` disable that cAdvisor listens to `0.0.0.0:4194` by default. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
suggested edit: "--cadvisor-port=0
disables cAdvisor from listening to 0.0.0.0:4194
by default."
docs/admin/kubeadm.md
Outdated
a `SubjectAccessReview` to the API Server | ||
- `--cadvisor-port=0` disable that cAdvisor listens to `0.0.0.0:4194` by default. | ||
cAdvisor will still be run inside of the kubelet and its API can be accessed at | ||
`https://{node-ip}:10250/stats/`. If you want to enable that cAdvisor listens on |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
suggested edit: "If you want to enable cAdvisor to listen on a wide-open port, run:"
ExecStart=/usr/bin/kubelet $KUBELET_KUBECONFIG_ARGS $KUBELET_SYSTEM_PODS_ARGS $KUBELET_NETWORK_ARGS $KUBELET_DNS_ARGS $KUBELET_AUTHZ_ARGS $KUBELET_CADVISOR_ARGS $KUBELET_EXTRA_ARGS | ||
``` | ||
|
||
A breakdown of what/why: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You should change these into an unordered (bulleted) list. Markdown is currently rendering them as a single paragraph, see preview: https://deploy-preview-4229--kubernetes-io-master-staging.netlify.com/docs/admin/kubeadm/
docs/admin/kubeadm.md
Outdated
cAdvisor will still be run inside of the kubelet and its API can be accessed at | ||
`https://{node-ip}:10250/stats/`. If you want to enable that cAdvisor listens on | ||
a wide-open port, run: | ||
``` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Add a newline above this line so that the shell snippet is rendered in a separate block on its own line, see preview: https://deploy-preview-4229--kubernetes-io-master-staging.netlify.com/docs/admin/kubeadm/
@luxas Can you rebase this onto |
1ec1f02
to
b49eb31
Compare
@chenopis Done! |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
unordered list still not rendering correctly; might need a newline before it
docs/admin/kubeadm.md
Outdated
``` | ||
|
||
A breakdown of what/why: | ||
* `--kubeconfig=/etc/kubernetes/kubelet.conf` points to the kubeconfig file that |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think you need a newline before this line. It's currently not rendering the unordered list correctly. See the preview: https://deploy-preview-4229--kubernetes-io-master-staging.netlify.com/docs/admin/kubeadm/#managing-the-kubeadm-drop-in-file-for-the-kubelet
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Argh. Let's try again.
… note about cAdvisor
b49eb31
to
df25909
Compare
@luxas I'm going to merge this. Any additional changes can be done in a follow-up PR. |
/cc @roberthbailey @jbeda @chenopis @lukemarsden
FYI @dchen1107
This was discussed in kubernetes/release#356. I'm adding some context on how the dropin works and information about how the user might revert kubernetes/release#356 if they have to.
This change is