From d1c5998d20ff26428fd36f5b3a8cc407e3259263 Mon Sep 17 00:00:00 2001 From: Benjamin Elder Date: Thu, 5 May 2022 18:08:56 -0700 Subject: [PATCH] setup /kubelet.slice cgroup for systemd driver TODO: just setup a real systemd slice? --- images/base/files/usr/local/bin/create-kubelet-cgroup-v2 | 3 +++ images/base/files/usr/local/bin/entrypoint | 2 ++ 2 files changed, 5 insertions(+) diff --git a/images/base/files/usr/local/bin/create-kubelet-cgroup-v2 b/images/base/files/usr/local/bin/create-kubelet-cgroup-v2 index 120f60f3b5..8d0d0be8b9 100755 --- a/images/base/files/usr/local/bin/create-kubelet-cgroup-v2 +++ b/images/base/files/usr/local/bin/create-kubelet-cgroup-v2 @@ -44,3 +44,6 @@ ensure_subtree_control() { ensure_subtree_control / mkdir -p /sys/fs/cgroup/kubelet ensure_subtree_control /kubelet +# again for kubelet.slice for systemd cgroup driver +mkdir -p /sys/fs/cgroup/kubelet.slice +ensure_subtree_control /kubelet.slice diff --git a/images/base/files/usr/local/bin/entrypoint b/images/base/files/usr/local/bin/entrypoint index 372535d36a..2fa469cf5f 100755 --- a/images/base/files/usr/local/bin/entrypoint +++ b/images/base/files/usr/local/bin/entrypoint @@ -289,10 +289,12 @@ fix_cgroup() { # "nesting" clusters, unless we instruct it to use a different cgroup root. # We do this, and when doing so we must fixup this alternative root # currently this is hardcoded to be /kubelet + # under systemd cgroup driver, kubelet appends .slice mount --make-rprivate /sys/fs/cgroup echo "${cgroup_subsystems}" | while IFS= read -r subsystem; do mount_kubelet_cgroup_root "/kubelet" "${subsystem}" + mount_kubelet_cgroup_root "/kubelet.slice" "${subsystem}" done }