Merge pull request #27960 from zhiguo-lu/zh-trans-task-configure-cgroup-driver

k8s-ci-robot · web-flow · commit 923b19e533d4 · 2021-05-17T18:23:30.000-07:00
[zh] translate Tasks/Configuring a cgroup driver
diff --git a/content/zh/docs/tasks/administer-cluster/kubeadm/configure-cgroup-driver.md b/content/zh/docs/tasks/administer-cluster/kubeadm/configure-cgroup-driver.md
@@ -0,0 +1,240 @@
+---
+title: 配置 cgroup 驱动
+content_type: task
+weight: 10
+---
+<!-- 
+---
+title: Configuring a cgroup driver
+content_type: task
+weight: 10
+---
+-->
+
+<!-- overview -->
+
+<!-- 
+This page explains how to configure the kubelet cgroup driver to match the container
+runtime cgroup driver for kubeadm clusters.
+-->
+本页阐述如何配置 kubelet 的 cgroup 驱动以匹配 kubeadm 集群中的容器运行时的 cgroup 驱动。
+
+## {{% heading "prerequisites" %}}
+
+<!-- 
+You should be familiar with the Kubernetes
+[container runtime requirements](/docs/setup/production-environment/container-runtimes).
+-->
+你应该熟悉 Kubernetes 的[容器运行时需求](/zh/docs/setup/production-environment/container-runtimes)。
+<!-- steps -->
+
+<!-- 
+## Configuring the container runtime cgroup driver
+-->
+## 配置容器运行时 cgroup 驱动 {#configuring-the-container-runtime-cgroup-driver}
+
+<!-- 
+The [Container runtimes](/docs/setup/production-environment/container-runtimes) page
+explains that the `systemd` driver is recommended for kubeadm based setups instead
+of the `cgroupfs` driver, because kubeadm manages the kubelet as a systemd service.
+-->
+[容器运行时](/zh/docs/setup/production-environment/container-runtimes)页面提到：
+由于 kubeadm 把 kubelet 视为一个系统服务来管理，所以对基于 kubeadm 的安装，
+我们推荐使用 `systemd` 驱动，不推荐 `cgroupfs` 驱动。
+
+<!-- 
+The page also provides details on how to setup a number of different container runtimes with the
+`systemd` driver by default.
+-->
+此页还详述了如何安装若干不同的容器运行时，并将 `systemd` 设为其默认驱动。
+
+<!-- 
+## Configuring the kubelet cgroup driver
+-->
+## 配置 kubelet 的 cgroup 驱动
+
+<!-- 
+kubeadm allows you to pass a `KubeletConfiguration` structure during `kubeadm init`.
+This `KubeletConfiguration` can include the `cgroupDriver` field which controls the cgroup
+driver of the kubelet.
+-->
+kubeadm 支持在执行 `kubeadm init` 时，传递一个 `KubeletConfiguration` 结构体。
+`KubeletConfiguration` 包含 `cgroupDriver` 字段，可用于控制 kubelet 的 cgroup 驱动。
+
+<!-- 
+If the user is not setting the `cgroupDriver` field under `KubeletConfiguration`,
+`kubeadm init` will default it to `systemd`.
+-->
+
+{{< feature-state for_k8s_version="v1.21" state="stable" >}}
+
+{{< note >}}
+如果用户没有在 `KubeletConfiguration` 中设置 `cgroupDriver` 字段，
+`kubeadm init` 会将它设置为默认值 `systemd`。
+{{< /note >}}
+
+<!-- 
+A minimal example of configuring the field explicitly:
+-->
+这是一个最小化的示例，其中显式的配置了此字段：
+
+```yaml
+# kubeadm-config.yaml
+kind: ClusterConfiguration
+apiVersion: kubeadm.k8s.io/v1beta2
+kubernetesVersion: v1.21.0
+---
+kind: KubeletConfiguration
+apiVersion: kubelet.config.k8s.io/v1beta1
+cgroupDriver: systemd
+```
+
+<!-- 
+Such a configuration file can then be passed to the kubeadm command:
+-->
+这样一个配置文件就可以传递给 kubeadm 命令了：
+
+```shell
+kubeadm init --config kubeadm-config.yaml
+```
+
+<!-- 
+Kubeadm uses the same `KubeletConfiguration` for all nodes in the cluster.
+The `KubeletConfiguration` is stored in a [ConfigMap](/docs/concepts/configuration/configmap)
+object under the `kube-system` namespace.
+
+Executing the sub commands `init`, `join` and `upgrade` would result in kubeadm
+writing the `KubeletConfiguration` as a file under `/var/lib/kubelet/config.yaml`
+and passing it to the local node kubelet.
+-->
+{{< note >}}
+Kubeadm 对集群所有的节点，使用相同的 `KubeletConfiguration`。
+`KubeletConfiguration` 存放于 `kube-system` 命名空间下的某个 
+[ConfigMap](/zh/docs/concepts/configuration/configmap) 对象中。
+
+执行 `init`、`join` 和 `upgrade` 等子命令会促使 kubeadm 
+将 `KubeletConfiguration` 写入到文件 `/var/lib/kubelet/config.yaml` 中，
+继而把它传递给本地节点的 kubelet。
+
+{{< /note >}}
+
+<!-- 
+## Using the `cgroupfs` driver
+-->
+# 使用 `cgroupfs` 驱动
+
+<!-- 
+As this guide explains using the `cgroupfs` driver with kubeadm is not recommended.
+
+To continue using `cgroupfs` and to prevent `kubeadm upgrade` from modifying the
+`KubeletConfiguration` cgroup driver on existing setups, you must be explicit
+about its value. This applies to a case where you do not wish future versions
+of kubeadm to apply the `systemd` driver by default.
+-->
+正如本指南阐述的：不推荐与 kubeadm 一起使用 `cgroupfs` 驱动。
+
+如仍需使用 `cgroupfs`，
+且要防止 `kubeadm upgrade` 修改现有系统中 `KubeletConfiguration` 的 cgroup 驱动，
+你必须显式声明它的值。
+此方法应对的场景为：在将来某个版本的 kubeadm 中，你不想使用默认的 `systemd` 驱动。
+
+<!-- 
+See the below section on "Modify the kubelet ConfigMap" for details on
+how to be explicit about the value.
+
+If you wish to configure a container runtime to use the `cgroupfs` driver,
+you must refer to the documentation of the container runtime of your choice.
+-->
+参阅以下章节“修改 kubelet 的 ConfigMap”，了解显式设置该值的方法。
+
+如果你希望配置容器运行时来使用 `cgroupfs` 驱动，
+则必须参考所选容器运行时的文档。
+
+<!-- 
+## Migrating to the `systemd` driver
+-->
+## 迁移到 `systemd` 驱动
+
+<!-- 
+To change the cgroup driver of an existing kubeadm cluster to `systemd` in-place,
+a similar procedure to a kubelet upgrade is required. This must include both
+steps outlined below.
+-->
+要将现有 kubeadm 集群的 cgroup 驱动就地升级为 `systemd`，
+需要执行一个与 kubelet 升级类似的过程。
+该过程必须包含下面两个步骤：
+
+<!-- 
+Alternatively, it is possible to replace the old nodes in the cluster with new ones
+that use the `systemd` driver. This requires executing only the first step below
+before joining the new nodes and ensuring the workloads can safely move to the new
+nodes before deleting the old nodes.
+-->
+{{< note >}}
+还有一种方法，可以用已配置了 `systemd` 的新节点替换掉集群中的老节点。
+按这种方法，在加入新节点、确保工作负载可以安全迁移到新节点、及至删除旧节点这一系列操作之前，
+只需执行以下第一个步骤。
+{{< /note >}}
+
+<!-- 
+### Modify the kubelet ConfigMap
+-->
+### 修改 kubelet 的 ConfigMap
+
+<!-- 
+- Find the kubelet ConfigMap name using `kubectl get cm -n kube-system | grep kubelet-config`.
+- Call `kubectl edit cm kubelet-config-x.yy -n kube-system` (replace `x.yy` with
+the Kubernetes version).
+- Either modify the existing `cgroupDriver` value or add a new field that looks like this:
+-->
+- 用命令 `kubectl get cm -n kube-system | grep kubelet-config` 找到 kubelet 的 ConfigMap 名称。
+- 运行 `kubectl edit cm kubelet-config-x.yy -n kube-system` （把 `x.yy` 替换为 Kubernetes 版本）。
+- 修改现有 `cgroupDriver` 的值，或者新增如下式样的字段：
+
+  ```yaml
+  cgroupDriver: systemd
+  ```
+  <!-- 
+  This field must be present under the `kubelet:` section of the ConfigMap.
+  -->
+  该字段必须出现在 ConfigMap 的 `kubelet:` 小节下。
+
+<!-- 
+### Update the cgroup driver on all nodes
+-->
+### 更新所有节点的 cgroup 驱动
+
+<!-- 
+For each node in the cluster:
+
+- [Drain the node](/docs/tasks/administer-cluster/safely-drain-node) using `kubectl drain <node-name> --ignore-daemonsets`
+- Stop the kubelet using `systemctl stop kubelet`
+- Stop the container runtime
+- Modify the container runtime cgroup driver to `systemd`
+- Set `cgroupDriver: systemd` in `/var/lib/kubelet/config.yaml`
+- Start the container runtime
+- Start the kubelet using `systemctl start kubelet`
+- [Uncordon the node](/docs/tasks/administer-cluster/safely-drain-node) using `kubectl uncordon <node-name>`
+-->
+对于集群中的每一个节点：
+
+- 执行命令 `kubectl drain <node-name> --ignore-daemonsets`，以
+  [腾空节点](/zh/docs/tasks/administer-cluster/safely-drain-node)
+- 执行命令 `systemctl stop kubelet`，以停止 kubelet
+- 停止容器运行时
+- 修改容器运行时 cgroup 驱动为 `systemd`
+- 在文件 `/var/lib/kubelet/config.yaml` 中添加设置 `cgroupDriver: systemd`
+- 启动容器运行时
+- 执行命令 `systemctl start kubelet`，以启动 kubelet
+- 执行命令 `kubectl uncordon <node-name>`，以
+  [取消节点隔离](/zh/docs/tasks/administer-cluster/safely-drain-node)
+
+<!-- 
+Execute these steps on nodes one at a time to ensure workloads
+have sufficient time to schedule on different nodes.
+
+Once the process is complete ensure that all nodes and workloads are healthy.
+-->
+在节点上依次执行上述步骤，确保工作负载有充足的时间被调度到其他节点。
+
+流程完成后，确认所有节点和工作负载均健康如常。
