Failed to reserve QoS requests: failed to set supported cgroup
subsystems for cgroup [kubepods burstable]: Failed to find subsystem
mount for required subsystem: pids
问题描述: k8s主节点和子节点均显示Ready,但是系统日志却有相关报错,详情信息如下:
[root@k8s-master ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
k8s-master Ready master 77m v1.14.0
k8s-node1.novalocal Ready <none> 56m v1.14.0
k8s-node2.novalocal Ready <none> 46m v1.14.0
[root@k8s-master ~]# journalctl -f
Sep 10 17:41:22 k8s-master kubelet[6392]: W0910 17:41:22.901307 6392 qos_container_manager_linux.go:139] [ContainerManager] Failed to reserve QoS requests: failed to set supported cgroup subsystems for cgroup [kubepods burstable]: Failed to find subsystem mount for required subsystem: pids
报错信息说,在执行k8s Qos操作上出错(QoS类似一种等级制度,当资源不够时,低等级容器的将被杀死),cgroup是控制资源(CPU、内存、进程)的管理组,报错信息在于不能挂载pid的子系统,通过添加启动文件ExecStart 添加参数–feature-gates 并设置SupportPodPidsLimit为fasle,取消该功能即可;同理k8s将不会对进程资源进行管控。查看内核是否支持cgroup命令:grep CGROUP /boot/config-uname -r
解决方案: 在ExecStart上添加 --feature-gates SupportPodPidsLimit=false --feature-gates SupportNodePidsLimit=false
[root@k8s-master ~]# vim /usr/lib/systemd/system/kubelet.service.d/10-kubeadm.conf
# Note: This dropin only works with kubeadm and kubelet v1.11+
[Service]
Environment="KUBELET_KUBECONFIG_ARGS=--bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf"
Environment="KUBELET_CONFIG_ARGS=--config=/var/lib/kubelet/config.yaml"
# This is a file that "kubeadm init" and "kubeadm join" generates at runtime, populating the KUBELET_KUBEADM_ARGS variable dynamically
EnvironmentFile=-/var/lib/kubelet/kubeadm-flags.env
# This is a file that the user can use for overrides of the kubelet args as a last resort. Preferably, the user should use
# the .NodeRegistration.KubeletExtraArgs object in the configuration files instead. KUBELET_EXTRA_ARGS should be sourced from this file.
EnvironmentFile=-/etc/sysconfig/kubelet
ExecStart=
ExecStart=/usr/bin/kubelet $KUBELET_KUBECONFIG_ARGS $KUBELET_CONFIG_ARGS $KUBELET_KUBEADM_ARGS $KUBELET_EXTRA_ARGS --feature-gates SupportPodPidsLimit=false --feature-gates SupportNodePidsLimit=false
[root@k8s-master ~]# reboot
其他节点均执行以上操作