systemd 中的 Drop-In文件 覆盖或新增服务选项
官网:https://wiki.archlinux.org/title/Systemd#Drop-in_files
要为服务 /etc/systemd/system/unit 创建 drop-in 文件的方法是:
1.创建 /etc/systemd/system/unit.d/ 目录
2.在下面放置 .conf 结尾的文件
drop-in 文件的目的是:覆盖或新增服务选项
示例:
/etc/systemd/system/kubelet.service 服务有一个 drop-in 文件
/etc/systemd/system/kubelet.service.d/10-kubeadm.conf
[root@iZuf6aaotfxhxg1it7ohr3Z kubelet]# systemctl status kubelet ● kubelet.service - kubelet: The Kubernetes Node Agent Loaded: loaded (/etc/systemd/system/kubelet.service; enabled; vendor preset: disabled) Drop-In: /etc/systemd/system/kubelet.service.d └─10-kubeadm.conf
/etc/systemd/system/kubelet.service
[root@iZuf6aaotfxhxg1it7ohr3Z kubelet]# cat /etc/systemd/system/kubelet.service [Unit] Description=kubelet: The Kubernetes Node Agent Documentation=http://kubernetes.io/docs/ After=docker.service containerd.service [Service] ExecStart=/usr/bin/kubelet Restart=always Environment="GODEBUG=madvdontneed=1" StartLimitInterval=0 RestartSec=10 [Install] WantedBy=multi-user.target
/etc/systemd/system/kubelet.service.d/10-kubeadm.conf
[root@iZuf6aaotfxhxg1it7ohr3Z kubelet]# cat /etc/systemd/system/kubelet.service.d/10-kubeadm.conf [Service] EnvironmentFile=-/etc/kubernetes/kubelet-customized-args.conf Environment="KUBELET_KUBECONFIG_ARGS=--bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf" Environment="KUBELET_SYSTEM_PODS_ARGS=--max-pods 23 --pod-manifest-path=/etc/kubernetes/manifests" Environment="KUBELET_NETWORK_ARGS=--network-plugin=cni --cni-conf-dir=/etc/cni/net.d --cni-bin-dir=/opt/cni/bin --dynamic-config-dir=/etc/kubernetes/kubelet-config --v=3" Environment="KUBELET_DNS_ARGS=--enable-controller-attach-detach=false --cluster-dns=172.31.0.10 --pod-infra-container-image=registry-vpc.cn-shanghai.aliyuncs.com/acs/pause:3.2 --enable-load-reader --cluster-domain=cluster.local --cloud-provider=external --hostname-override=cn-shanghai.10.0.199.201 --provider-id=cn-shanghai.i-uf6aaotfxhxg1it7ohr3" Environment="KUBELET_AUTHZ_ARGS=--authorization-mode=Webhook --authentication-token-webhook=true --anonymous-auth=false --client-ca-file=/etc/kubernetes/pki/ca.crt" Environment="KUBELET_CGROUP_ARGS=--cgroup-driver=systemd" Environment="KUBELET_CERTIFICATE_ARGS=--tls-cipher-suites=TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_128_GCM_SHA256 --tls-cert-file=/var/lib/kubelet/pki/kubelet.crt --tls-private-key-file=/var/lib/kubelet/pki/kubelet.key --rotate-certificates=true --cert-dir=/var/lib/kubelet/pki" ExecStart= ExecStart=/usr/bin/kubelet $KUBELET_KUBECONFIG_ARGS $KUBELET_SYSTEM_PODS_ARGS $KUBELET_NETWORK_ARGS $KUBELET_DNS_ARGS $KUBELET_AUTHZ_ARGS $KUBELET_CGROUP_ARGS $KUBELET_CERTIFICATE_ARGS $KUBELET_EXTRA_ARGS $KUBELET_CUSTOMIZED_ARGS
/etc/systemd/system/kubelet.service.d/10-kubeadm.conf 中的 service 下相同项目(例如 ExecStart)会覆盖 /etc/systemd/system/kubelet.service 中的 ExecStart
0顶
0 踩
共 0 条评论