Last active
May 23, 2023 03:39
-
-
Save niusmallnan/71cb266f5124703ce507bc179a519807 to your computer and use it in GitHub Desktop.
setup minik3s for the single host
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| cat > /etc/default/k3s <<EOF | |
| GOGC=10 | |
| EOF | |
| chmod 600 /etc/default/k3s | |
| K3S_CHANNEL=v1.26 | |
| # --disable-helm-controller | |
| curl -sfL https://get.k3s.io | \ | |
| INSTALL_K3S_CHANNEL=${K3S_CHANNEL} \ | |
| K3S_TOKEN=SUSERancherGC \ | |
| sh -s - server \ | |
| --disable-cloud-controller \ | |
| --disable-network-policy | |
| # k3s process RSS memory | |
| ps eo user,pid,vsz,rss,%cpu,%mem $(pgrep k3s) | tail -1 | awk '{$4=int($4/1024)"M";}{ print $4;}' | |
| ps eo user,pid,vsz,rss,%cpu,%mem $(pgrep -f k3s) | tail -n +2 | awk '{$4=int($4/1024)"M";}{ print $4;}' | |
| # k3s cgroups memory | |
| systemd-cgls --no-pager /system.slice/k3s.service | |
| systemd-cgtop -m -n 3 /system.slice/k3s.service | tail -1 | awk -F ' ' '{print $4}' | |
| # kube-pods cgroups memory | |
| systemd-cgls --no-pager /kubepods.slice | |
| systemd-cgtop -m -n 3 /kubepods.slice | head -1 | awk -F ' ' '{print $4}' | |
| # drop cgroup page cache | |
| echo 1 > /proc/sys/vm/drop_caches | |
| # check cgroup version | |
| # for cgroup v2, the output is cgroup2fs | |
| # fcgroup v1, the output is tmpfs | |
| stat -fc %T /sys/fs/cgroup/ | |
| # Process VmRSS(RSS) = Process RssAnon + Process RssFile + Process RssShmem | |
| cat /proc/$(pgrep metrics-server)/status | grep VmRSS | awk '{$2=int($2/1024)"M";}{ print $2;}M' | |
| cat /proc/$(pgrep metrics-server)/status | grep RssAnon | awk '{$2=int($2/1024)"M";}{ print $2;}M' | |
| cat /proc/$(pgrep metrics-server)/status | grep RssFile | awk '{$2=int($2/1024)"M";}{ print $2;}M' | |
| # ubuntu 22.04, kernel 5.19.0-1025-aws, cgroupv2 | |
| # cgroupv2 memory: https://docs.kernel.org/admin-guide/cgroup-v2.html#memory | |
| cat /sys/fs/cgroup/$(cat /proc/$(pgrep metrics-server)/cgroup | awk -F ':' '{print $3}')/memory.current | awk '{$1=int($1/1024/1024)"M";}{ print $1;}' | |
| # sle micro 5.3, kernel 5.14.21-150400.24.41-default, cgroupv1 | |
| # cgroupv1 memory: https://docs.kernel.org/admin-guide/cgroup-v1/memory.html#accounting-details | |
| # check https://docs.kernel.org/admin-guide/cgroup-v1/memory.html#usage-in-bytes | |
| cat /sys/fs/cgroup/memory/$(cat /proc/$(pgrep metrics-server)/cgroup | grep memory | awk -F ':' '{print $3}')/memory.usage_in_bytes | awk '{$1=int($1/1024/1024)"M";}{ print $1;}' | |
| # check https://docs.kernel.org/admin-guide/cgroup-v1/memory.html#stat-file | |
| cat /sys/fs/cgroup/memory/$(cat /proc/$(pgrep metrics-server)/cgroup | grep memory | awk -F ':' '{print $3}')/memory.stat | grep "^rss " | awk '{$2=int($2/1024/1024)"M";}{ print $2;}' |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # | |
| # test with v1.19.5+k3s1 | |
| # | |
| mkdir -p /opt/cni/bin | |
| curl -L https://github.com/containernetworking/plugins/releases/download/v0.9.0/cni-plugins-linux-amd64-v0.9.0.tgz | tar xvz -C /opt/cni/bin/ | |
| mkdir -p /etc/cni/net.d | |
| cat >/etc/cni/net.d/10-mynet.conf <<EOF | |
| { | |
| "cniVersion": "0.3.1", | |
| "name": "mynet", | |
| "type": "bridge", | |
| "bridge": "mynet0", | |
| "isDefaultGateway": true, | |
| "forceAddress": false, | |
| "ipMasq": true, | |
| "hairpinMode": true, | |
| "ipam": { | |
| "type": "host-local", | |
| "subnet": "10.42.0.0/24" | |
| } | |
| } | |
| EOF | |
| cat >/etc/cni/net.d/99-loopback.conf <<EOF | |
| { | |
| "cniVersion": "0.3.1", | |
| "name": "lo", | |
| "type": "loopback" | |
| } | |
| EOF | |
| #--disable-scheduler \ | |
| ./k3s server \ | |
| --disable servicelb,traefik,local-storage,metrics-server,coredns \ | |
| --disable-cloud-controller \ | |
| --disable-network-policy \ | |
| --flannel-backend none \ | |
| --disable-kube-proxy \ | |
| --kube-apiserver-arg profiling=false \ | |
| --kube-apiserver-arg default-watch-cache-size=10 \ | |
| --kube-apiserver-arg enable-priority-and-fairness=false \ | |
| --kube-controller-manager-arg controllers=*,-cronjob,-daemonset,-statefulset,-job,-horizontalpodautoscaling \ | |
| --kube-controller-manager-arg concurrent-deployment-syncs=1 \ | |
| --kube-controller-manager-arg concurrent-endpoint-syncs=1 \ | |
| --kube-controller-manager-arg concurrent-gc-syncs=2 \ | |
| --kube-controller-manager-arg concurrent-resource-quota-syncs=1 \ | |
| --kube-controller-manager-arg concurrent-namespace-syncs=2 \ | |
| --kube-controller-manager-arg concurrent-replicaset-syncs=1 \ | |
| --kube-controller-manager-arg concurrent-service-endpoint-syncs=1 \ | |
| --kube-controller-manager-arg concurrent-service-syncs=1 \ | |
| --kube-controller-manager-arg concurrent-serviceaccount-token-syncs=1 \ | |
| --kube-controller-manager-arg concurrent-statefulset-syncs=1 \ | |
| --kube-controller-manager-arg concurrent-ttl-after-finished-syncs=1 \ | |
| --kube-controller-manager-arg concurrent_rc_syncs=1 \ | |
| --kube-controller-manager-arg enable-taint-manager=false \ | |
| --kube-controller-manager-arg profiling=false \ | |
| --kube-controller-manager-arg leader-elect=false \ | |
| --kubelet-arg enable-server=false |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment