How to modify K8S service parameters in Rancher

About the Author

Wang Hailong, Rancher China Community Technical Manager, is responsible for the maintenance and operation of Rancher China Technical Community. He has 7 years of experience in the field of cloud computing, and has experienced technological changes from OpenStack to Kubernetes. He has rich operation and maintenance and practical experience no matter the underlying operating system Linux, virtualized KVM or Docker container technology.

Preface

Recently, I can always receive questions about how to modify parameters such as kube-api and kubelet in the community. Regarding how to modify Kubernetes service parameters (kube-apiserver, kube-controller-manager, kubelet, kube-scheduler, kube- proxy, etcd), individual students may not be particularly familiar with it, so I wrote an article specifically to introduce how to modify the parameters of the Kubernetes services in the custom cluster in Rancher.

How to modify the parameters of the Kubernetes service in Rancher

The custom cluster created by Rancher is actually deploying a Kubernetes cluster through RKE, so whether it is a custom cluster created through the Rancher UI or a Kubernetes cluster started through RKE, you can refer to the cluster.yml file example to set the corresponding parameters . The cluster.yml file example contains some commonly used Kubernetes service configuration items, such as NodePort port range, Service IP CIDR, etc. If you want to modify these parameters, we only need to modify the corresponding values of the parameters:

kube-api:
  # IP range for any services created on Kubernetes
  # This must match the service_cluster_ip_range in kube-controller
  service_cluster_ip_range: 10.43.0.0/16
  # Expose a different port range for NodePort services
  service_node_port_range: 30000-32767
...
...

If the built-in parameter options do not include the Kubernetes service parameters you want to modify, we can add the corresponding Kubernetes parameter options under the extra_args: of each Kubernetes service, such as modifying the NodePort range of kube-apiserver and enabling RemoveSelfLink:

kube-api:
extra_args:

# extra_args 中的参数优先级高于rke默认的参数优先级，所以"service-node-port-range"会覆盖掉上层的"service_node_port_range"参数的值
service-node-port-range: 40000-42767
feature-gates: 'RemoveSelfLink=false'

So, how to modify the Kubernetes service parameters of a custom cluster in Rancher, we can select the cluster on the Rancher UI, click the upright... on the right, and then click Edit to enter the edit cluster page:

Then, click Edit as YAML:

Next, we can modify the configuration parameters of each Kubernetes service in rancher_kubernetes_engine_config.services:

Finally, click Save to save the modified parameter configuration. If the configuration format is correct, Rancher will automatically update the downstream Kubernetes cluster.

Principles of modifying Kubernetes service parameters in Rancher

The modification levels of all kubernetes services are under rancher_kubernetes_engine_config.services, for example:
Parameter level of kube-apiserver:

rancher_kubernetes_engine_config:
  services:
    kube-api: {}

Parameter level of kube-controller-manager:

rancher_kubernetes_engine_config:
  services:
    kube-controller: {}

The default parameter names in YAML are separated by -, while the parameters of the Kubernetes service are separated by _, for example:
When editing a cluster through YAML, the default parameter naming rules:

service-node-port-range: 40000-42767

The naming rules for the parameters of the Kubernetes service api:

service_node_port_range: 30000-32767

You can add additional Kubernetes service parameters in extra_args:, but you need to remove the - in front of each parameter. For example, the parameter to enable SelfLink in kube-apiserver is --feature-gates=RemoveSelfLink=false, and in Rancher YAML The format of the parameter added in should be:

rancher_kubernetes_engine_config:
  services:
    kube-api:
      extra_args:
        feature-gates: 'RemoveSelfLink=false'

The parameter priority in extra_args is higher than the RKE default parameter priority, so service-node-port-range will override the value of the upper-level service_node_port_range parameter.

rancher_kubernetes_engine_config:
  services:
    kube-api:
      service_node_port_range: 30000-32767
      extra_args:
        # extra_args 中的参数优先级高于rke默认的参数优先级，所以"service-node-port-range"会覆盖掉上层的"service_node_port_range"参数的值
        service-node-port-range: 40000-42767

How to confirm whether the parameter is valid

After the parameter is modified, if you can successfully save and update the cluster, it means that your parameter format is correct. So, how to confirm that the modified parameters have taken effect? We can log in to the corresponding node, and then view the Args of the corresponding Kubernetes service through docker inspect:

# docker inspect kube-apiserver
        ···
        "Args": [
            ···
            "--service-node-port-range=40000-42767",
            "--feature-gates=RemoveSelfLink=false",
            ···
        ],

refer to

• RKE
  Cluster parameters: http://docs.rancher.cn/docs/rancher2/cluster-provisioning/rke-clusters/options/_index/
• RKE cluster.yml
  File example: http://docs.rancher.cn/docs/rke/example-yamls/_index/