### Upstream source https://github.com/kubernetes/release/blob/master/debian/xenial/kubeadm/channel/stable/etc/systemd/system/kubelet.service.d/10-kubeadm.conf ### All upstream values should be present in this file # logging to stderr means we get it in the systemd journal KUBE_LOGTOSTDERR="--logtostderr=true" KUBE_LOG_LEVEL="--v={{ kube_log_level }}" # The address for the info server to serve on (set to 0.0.0.0 or "" for all interfaces) KUBELET_ADDRESS="--address={{ kubelet_bind_address }} --node-ip={{ kubelet_address }}" # The port for the info server to serve on # KUBELET_PORT="--port=10250" # You may leave this blank to use the actual hostname {% if kube_override_hostname %} KUBELET_HOSTNAME="--hostname-override={{ kube_override_hostname }}" {% endif %} {# Base kubelet args #} {% set kubelet_args_base -%} {# start kubeadm specific settings #} --bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf \ --kubeconfig={{ kube_config_dir }}/kubelet.conf \ --require-kubeconfig \ --authorization-mode=Webhook \ --client-ca-file={{ kube_cert_dir }}/ca.crt \ --pod-manifest-path={{ kube_manifest_dir }} \ --cadvisor-port={{ kube_cadvisor_port }} \ {# end kubeadm specific settings #} --pod-infra-container-image={{ pod_infra_image_repo }}:{{ pod_infra_image_tag }} \ --kube-reserved cpu={{ kubelet_cpu_limit }},memory={{ kubelet_memory_limit|regex_replace('Mi', 'M') }} \ --node-status-update-frequency={{ kubelet_status_update_frequency }} \ --cgroup-driver={{ kubelet_cgroup_driver|default(kubelet_cgroup_driver_detected) }} \ --docker-disable-shared-pid={{ kubelet_disable_shared_pid }} \ --anonymous-auth=false \ {% if kube_version | version_compare('v1.8', '<') %} --experimental-fail-swap-on={{ kubelet_fail_swap_on|default(true)}} \ {% else %} --fail-swap-on={{ kubelet_fail_swap_on|default(true)}} \ {% endif %} {% endset %} {# Node reserved CPU/memory #} {% if is_kube_master|bool %} {% set kubelet_reserve %}--kube-reserved cpu={{ kubelet_master_cpu_limit }},memory={{ kubelet_master_memory_limit|regex_replace('Mi', 'M') }}{% endset %} {% else %} {% set kubelet_reserve %}--kube-reserved cpu={{ kubelet_cpu_limit }},memory={{ kubelet_memory_limit|regex_replace('Mi', 'M') }}{% endset %} {% endif %} {# DNS settings for kubelet #} {% if dns_mode == 'kubedns' %} {% set kubelet_args_cluster_dns %}--cluster-dns={{ skydns_server }}{% endset %} {% elif dns_mode == 'dnsmasq_kubedns' %} {% set kubelet_args_cluster_dns %}--cluster-dns={{ dnsmasq_dns_server }}{% endset %} {% else %} {% set kubelet_args_cluster_dns %}{% endset %} {% endif %} {% set kubelet_args_dns %}{{ kubelet_args_cluster_dns }} --cluster-domain={{ dns_domain }} --resolv-conf={{ kube_resolv_conf }}{% endset %} KUBELET_ARGS="{{ kubelet_args_base }} {{ kubelet_args_dns }} {{ kubelet_reserve }}" {% if kube_network_plugin is defined and kube_network_plugin in ["calico", "canal", "flannel", "weave"] %} KUBELET_NETWORK_PLUGIN="--network-plugin=cni --network-plugin-dir=/etc/cni/net.d --cni-bin-dir=/opt/cni/bin" {% elif kube_network_plugin is defined and kube_network_plugin == "cloud" %} KUBELET_NETWORK_PLUGIN="--hairpin-mode=promiscuous-bridge --network-plugin=kubenet" {% endif %} # Should this cluster be allowed to run privileged docker containers KUBE_ALLOW_PRIV="--allow-privileged=true" {% if cloud_provider is defined and cloud_provider in ["openstack", "azure", "vsphere"] %} KUBELET_CLOUDPROVIDER="--cloud-provider={{ cloud_provider }} --cloud-config={{ kube_config_dir }}/cloud_config" {% elif cloud_provider is defined and cloud_provider == "aws" %} KUBELET_CLOUDPROVIDER="--cloud-provider={{ cloud_provider }}" {% else %} KUBELET_CLOUDPROVIDER="" {% endif %} PATH={{ bin_dir }}:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin