Configuring a cgroup driver

    You should be familiar with the Kubernetes .

    The page explains that the systemd driver is recommended for kubeadm based setups instead of the cgroupfs driver, because kubeadm manages the kubelet as a systemd service.

    The page also provides details on how to set up a number of different container runtimes with the systemd driver by default.

    kubeadm allows you to pass a KubeletConfiguration structure during kubeadm init. This KubeletConfiguration can include the cgroupDriver field which controls the cgroup driver of the kubelet.

    Note: In v1.22, if the user is not setting the cgroupDriver field under KubeletConfiguration, kubeadm will default it to systemd.

    A minimal example of configuring the field explicitly:

    Note:

    Kubeadm uses the same for all nodes in the cluster. The KubeletConfiguration is stored in a object under the kube-system namespace.

    Executing the sub commands init, join and upgrade would result in kubeadm writing the KubeletConfiguration as a file under /var/lib/kubelet/config.yaml and passing it to the local node kubelet.

    To use cgroupfs and to prevent kubeadm upgrade from modifying the KubeletConfiguration cgroup driver on existing setups, you must be explicit about its value. This applies to a case where you do not wish future versions of kubeadm to apply the systemd driver by default.

    See the below section on ““ for details on how to be explicit about the value.

    If you wish to configure a container runtime to use the driver, you must refer to the documentation of the container runtime of your choice.

    Note: Alternatively, it is possible to replace the old nodes in the cluster with new ones that use the systemd driver. This requires executing only the first step below before joining the new nodes and ensuring the workloads can safely move to the new nodes before deleting the old nodes.

    • Call kubectl edit cm kubelet-config -n kube-system.

    • Either modify the existing cgroupDriver value or add a new field that looks like this:

      This field must be present under the kubelet: section of the ConfigMap.

    Update the cgroup driver on all nodes

    For each node in the cluster:

    • using kubectl drain <node-name> --ignore-daemonsets
    • Stop the kubelet using systemctl stop kubelet
    • Modify the container runtime cgroup driver to systemd
    • Set cgroupDriver: systemd in /var/lib/kubelet/config.yaml
    • Start the container runtime
    • Start the kubelet using systemctl start kubelet
    • Uncordon the node using

    Execute these steps on nodes one at a time to ensure workloads have sufficient time to schedule on different nodes.