It's true that swapoff -a is a silver bullet in most cases, however, certain k8s setups may really require swap. For instance, I've got a very small and cheap VM with just 1GB RAM, which I use for a personal GitLab Runner that rarely handles short CI/CD tasks. If I increase the size of the machine, I'll be paying more for a resource that's 99% idle. If I disable swap, npm install and other scripts inside the buid pods may hang because they require quite a lot of memory, although for short periods of time. Thus, a single-node kubeadm cluster with gitlab runner chart and swap is what suits me best.
Here is how I could get my mini-cluster up and running:
kubeadm reset
## ↓ see explanation below
sed -i '9s/^/Environment="KUBELET_EXTRA_ARGS=--fail-swap-on=false"\n/' /etc/systemd/system/kubelet.service.d/10-kubeadm.conf
systemctl daemon-reload
systemctl restart kubelet
echo "
kind: MasterConfiguration
apiVersion: kubeadm.k8s.io/v1alpha1
api:
bindPort: ${K8S_API_PORT}
apiServerCertSANs: ${K8S_API_EXTRA_HOSTS}
" > /tmp/config.yaml
kubeadm init --config /tmp/config.yaml --ignore-preflight-errors Swap
## make possible to run workload on master
kubectl taint nodes --all node-role.kubernetes.io/master-
The reason why I used sed -i '9s/^/... instead of echo 'Environment="..."' >> ... as mentioned by @cjdcordeiro is because in the latter case the lines in 10-kubeadm.conf stacked in the wrong order:
...
Environment="KUBELET_CERTIFICATE_ARGS=--rotate-certificates=true --cert-dir=/var/lib/kubelet/pki"
ExecStart=
ExecStart=/usr/bin/kubelet $KUBELET_KUBECONFIG_ARGS $KUBELET_SYSTEM_PODS_ARGS $KUBELET_NETWORK_ARGS $KUBELET_DNS_ARGS $KUBELET_AUTHZ$
Environment="KUBELET_EXTRA_ARGS=--fail-swap-on=false"
Because KUBELET_EXTRA_ARGS appeared after ExecStart, it looked like it was not picking up. With sed -i '9s/^/..., file /etc/systemd/system/kubelet.service.d/10-kubeadm.conf ends up like so and works:
...
Environment="KUBELET_CERTIFICATE_ARGS=--rotate-certificates=true --cert-dir=/var/lib/kubelet/pki"
Environment="KUBELET_EXTRA_ARGS=--fail-swap-on=false"
ExecStart=
ExecStart=/usr/bin/kubelet $KUBELET_KUBECONFIG_ARGS $KUBELET_SYSTEM_PODS_ARGS $KUBELET_NETWORK_ARGS $KUBELET_DNS_ARGS $KUBELET_AUTHZ$
It'd be great if enabling swap in kubeadm was easier than now – this would save people across the world tones of hours. Making my mini-cluster work after upgrading to 1.8 was a real pain because I'm quite inexperienced in Linux administration and I think it'd be great if others did not have to take the same path. The ideal solution would look like this IMO:
echo "
kind: MasterConfiguration
apiVersion: kubeadm.k8s.io/v1alpha1
kubeletConfiguration:
allowSwap: true
" > /tmp/config.yaml
kubeadm init --config /tmp/config.yaml
Of course, enabling swap should remain an edge case because it may bite in lots of circumstances. However, it'd be great if kubeadm users had a choice. Until then, it'd be great if there was an opened issue about enabling swap.