Kubelet is the core component of kubernetes, which needs to be installed in each node, and is also the first service started by kubernetes cluster. Kubelet's parameters are stored in multiple directories. If they are not complete during modification, various errors will be caused. Let's explore the location and configuration method of kubelet's parameters.

On Ubuntu 18.04, kubelet is started by using the system D of the host. At present, kubernetes 1.12.3 has not yet containerized it.

The configuration parameters of kubelet are stored in three different directories:

• /etc/kubernetes, the main directory of kubenetes, where kubelet.conf includes the apserver connection parameters and connection certificates.
• /lib/systemd/system/kubelet.service, the configuration file of kubelet service.
• /var/lib/kubelet, the data directory of kubelet.

kubelet main data directory parameter

/var/lib/kubelet

supermap@podc01:/var/lib/kubelet$ tree
.
├── config.yaml
├── cpu_manager_state
├── device-plugins
│   ├── DEPRECATION
│   ├── kubelet_internal_checkpoint
│   └── kubelet.sock
├── kubeadm-flags.env
├── pki
│   ├── kubelet-client-2018-11-23-10-08-12.pem
│   ├── kubelet-client-2018-11-23-10-08-38.pem
│   ├── kubelet-client-current.pem -> /var/lib/kubelet/pki/kubelet-client-2018-11-23-10-08-38.pem
│   ├── kubelet.crt
│   └── kubelet.key
├── plugin-containers [error opening dir]
├── plugins [error opening dir]
├── plugins_registry [error opening dir]
├── pod-resources [error opening dir]
└── pods [error opening dir]

7 directories, 11 files

The content of config.yaml is as follows:

address: 10.1.1.201
apiVersion: kubelet.config.k8s.io/v1beta1
authentication:
  anonymous:
    enabled: false
  webhook:
    cacheTTL: 2m0s
    enabled: true
  x509:
    clientCAFile: /etc/kubernetes/pki/ca.crt
authorization:
  mode: Webhook
  webhook:
    cacheAuthorizedTTL: 5m0s
    cacheUnauthorizedTTL: 30s
cgroupDriver: cgroupfs
cgroupsPerQOS: true
clusterDNS:
- 10.96.0.10
clusterDomain: cluster.local
configMapAndSecretChangeDetectionStrategy: Watch
containerLogMaxFiles: 5
containerLogMaxSize: 10Mi
contentType: application/vnd.kubernetes.protobuf
cpuCFSQuota: true
cpuCFSQuotaPeriod: 100ms
cpuManagerPolicy: none
cpuManagerReconcilePeriod: 10s
enableControllerAttachDetach: true
enableDebuggingHandlers: true
enforceNodeAllocatable:
- pods
eventBurst: 10
eventRecordQPS: 5
evictionHard:
  imagefs.available: 15%
  memory.available: 100Mi
  nodefs.available: 10%
  nodefs.inodesFree: 5%
evictionPressureTransitionPeriod: 5m0s
failSwapOn: true
fileCheckFrequency: 20s
hairpinMode: promiscuous-bridge
healthzBindAddress: 127.0.0.1
healthzPort: 10248
httpCheckFrequency: 20s
imageGCHighThresholdPercent: 85
imageGCLowThresholdPercent: 80
imageMinimumGCAge: 2m0s
iptablesDropBit: 15
iptablesMasqueradeBit: 14
kind: KubeletConfiguration
kubeAPIBurst: 10
kubeAPIQPS: 5
makeIPTablesUtilChains: true
maxOpenFiles: 1000000
maxPods: 110
nodeLeaseDurationSeconds: 40
nodeStatusUpdateFrequency: 10s
oomScoreAdj: -999
podPidsLimit: -1
port: 10250
registryBurst: 10
registryPullQPS: 5
resolvConf: /etc/resolv.conf
rotateCertificates: true
runtimeRequestTimeout: 2m0s
serializeImagePulls: true
staticPodPath: /etc/kubernetes/manifests
streamingConnectionIdleTimeout: 4h0m0s
syncFrequency: 1m0s
volumeStatsAggPeriod: 1m0s

Note that address: 10.1.1.201, originally address: 0.0.0.0, can listen to all addresses.