Skip to content

Instantly share code, notes, and snippets.

@gpproton

gpproton/get K8s kubeadmin init to run.md

Forked from OlegGorj/get K8s kubeadmin init to run.md
Created November 2, 2020 19:23
Show Gist options
  • Save gpproton/4fcea5d4f2606b2e3de82074e736eb0d to your computer and use it in GitHub Desktop.
Save gpproton/4fcea5d4f2606b2e3de82074e736eb0d to your computer and use it in GitHub Desktop.
Download ZIP
Raw
get K8s kubeadmin init to run.md

It's true that swapoff -a is a silver bullet in most cases, however, certain k8s setups may really require swap. For instance, I've got a very small and cheap VM with just 1GB RAM, which I use for a personal GitLab Runner that rarely handles short CI/CD tasks. If I increase the size of the machine, I'll be paying more for a resource that's 99% idle. If I disable swap, npm install and other scripts inside the buid pods may hang because they require quite a lot of memory, although for short periods of time. Thus, a single-node kubeadm cluster with gitlab runner chart and swap is what suits me best.

Here is how I could get my mini-cluster up and running:

kubeadm reset 

## ↓ see explanation below
sed -i '9s/^/Environment="KUBELET_EXTRA_ARGS=--fail-swap-on=false"\n/' /etc/systemd/system/kubelet.service.d/10-kubeadm.conf

systemctl daemon-reload
systemctl restart kubelet

echo "
kind: MasterConfiguration
apiVersion: kubeadm.k8s.io/v1alpha1
api:
  bindPort: ${K8S_API_PORT}
apiServerCertSANs: ${K8S_API_EXTRA_HOSTS}
" > /tmp/config.yaml

kubeadm init --config /tmp/config.yaml --ignore-preflight-errors Swap

## make possible to run workload on master
kubectl taint nodes --all node-role.kubernetes.io/master-

The reason why I used sed -i '9s/^/... instead of echo 'Environment="..."' >> ... as mentioned by @cjdcordeiro is because in the latter case the lines in 10-kubeadm.conf stacked in the wrong order:

...
Environment="KUBELET_CERTIFICATE_ARGS=--rotate-certificates=true --cert-dir=/var/lib/kubelet/pki"
ExecStart=
ExecStart=/usr/bin/kubelet $KUBELET_KUBECONFIG_ARGS $KUBELET_SYSTEM_PODS_ARGS $KUBELET_NETWORK_ARGS $KUBELET_DNS_ARGS $KUBELET_AUTHZ$
Environment="KUBELET_EXTRA_ARGS=--fail-swap-on=false"
Because KUBELET_EXTRA_ARGS appeared after ExecStart, it looked like it was not picking up. With sed -i '9s/^/..., file /etc/systemd/system/kubelet.service.d/10-kubeadm.conf ends up like so and works:

...
Environment="KUBELET_CERTIFICATE_ARGS=--rotate-certificates=true --cert-dir=/var/lib/kubelet/pki"
Environment="KUBELET_EXTRA_ARGS=--fail-swap-on=false"
ExecStart=
ExecStart=/usr/bin/kubelet $KUBELET_KUBECONFIG_ARGS $KUBELET_SYSTEM_PODS_ARGS $KUBELET_NETWORK_ARGS $KUBELET_DNS_ARGS $KUBELET_AUTHZ$

It'd be great if enabling swap in kubeadm was easier than now – this would save people across the world tones of hours. Making my mini-cluster work after upgrading to 1.8 was a real pain because I'm quite inexperienced in Linux administration and I think it'd be great if others did not have to take the same path. The ideal solution would look like this IMO:

echo "
kind: MasterConfiguration
apiVersion: kubeadm.k8s.io/v1alpha1
kubeletConfiguration:
  allowSwap: true
" > /tmp/config.yaml

kubeadm init --config /tmp/config.yaml

Of course, enabling swap should remain an edge case because it may bite in lots of circumstances. However, it'd be great if kubeadm users had a choice. Until then, it'd be great if there was an opened issue about enabling swap.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment