1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
|
From 1b13d0eed569dc0e14efac3a9cb31ce64667d03a Mon Sep 17 00:00:00 2001
From: Ivan Shapovalov <intelfx@intelfx.name>
Date: Sat, 23 Dec 2023 02:10:11 +0100
Subject: [PATCH 5/6] *.service: update systemd service files
---
k3s-agent-rootless.service | 47 ++++++++++++++++++++++++++++++++++++++
k3s-agent.service | 27 ++++++++++++++++++++++
k3s-rootless.service | 26 +++++++++++----------
k3s.service | 12 +++++-----
4 files changed, 94 insertions(+), 18 deletions(-)
create mode 100644 k3s-agent-rootless.service
create mode 100644 k3s-agent.service
diff --git a/k3s-agent-rootless.service b/k3s-agent-rootless.service
new file mode 100644
index 0000000000..68e049b2d1
--- /dev/null
+++ b/k3s-agent-rootless.service
@@ -0,0 +1,47 @@
+# systemd unit file for k3s (rootless)
+#
+# Usage:
+# - [Optional] Enable cgroup v2 delegation, see https://rootlesscontaine.rs/getting-started/common/cgroup2/ .
+# This step is optional, but highly recommended for enabling CPU and memory resource limtitation.
+#
+# - Copy this file as `~/.config/systemd/user/k3s-rootless.service`.
+# Installing this file as a system-wide service (`/etc/systemd/...`) is not supported.
+# Depending on the path of `k3s` binary, you might need to modify the `ExecStart=/usr/local/bin/k3s ...` line of this file.
+#
+# - Run `systemctl --user daemon-reload`
+#
+# - Run `systemctl --user enable --now k3s-rootless`
+#
+# - Run `KUBECONFIG=~/.kube/k3s.yaml kubectl get pods -A`, and make sure the pods are running.
+#
+# Troubleshooting:
+# - See `systemctl --user status k3s-rootless` to check the daemon status
+# - See `journalctl --user -f -u k3s-rootless` to see the daemon log
+# - See also https://rootlesscontaine.rs/
+
+[Unit]
+Description=Lightweight Kubernetes (agent, rootless)
+Documentation=https://k3s.io
+Documentation=https://rootlesscontaine.rs/
+After=network.target network-online.target
+Wants=network.target network-online.target
+
+[Service]
+Type=notify
+EnvironmentFile=-%E/systemd/system/%n.env
+# NOTE: Don't try to run `k3s server --rootless` on a terminal, as it doesn't enable cgroup v2 delegation.
+# If you really need to try it on a terminal, prepend `systemd-run --user -p Delegate=yes --tty` to create a systemd scope.
+ExecStart=/usr/bin/k3s agent --rootless --snapshotter=fuse-overlayfs $K3S_EXEC
+ExecReload=/bin/kill -s HUP $MAINPID
+KillMode=mixed
+Delegate=yes
+LimitNOFILE=1048576
+LimitNPROC=infinity
+LimitCORE=infinity
+TasksMax=infinity
+TimeoutStartSec=0
+Restart=always
+RestartSec=5s
+
+[Install]
+WantedBy=default.target
diff --git a/k3s-agent.service b/k3s-agent.service
new file mode 100644
index 0000000000..9e8974c972
--- /dev/null
+++ b/k3s-agent.service
@@ -0,0 +1,27 @@
+[Unit]
+Description=Lightweight Kubernetes (agent)
+Documentation=https://k3s.io
+After=network.target network-online.target
+Wants=network.target network-online.target
+
+[Service]
+Type=notify
+EnvironmentFile=-/etc/default/%N
+EnvironmentFile=-/etc/sysconfig/%N
+EnvironmentFile=-/etc/systemd/system/%n.env
+ExecStart=/usr/bin/k3s agent $K3S_EXEC
+ExecReload=/bin/kill -s HUP $MAINPID
+KillMode=process
+Delegate=yes
+# Having non-zero Limit*s causes performance problems due to accounting overhead
+# in the kernel. We recommend using cgroups to do container-local accounting.
+LimitNOFILE=1048576
+LimitNPROC=infinity
+LimitCORE=infinity
+TasksMax=infinity
+TimeoutStartSec=0
+Restart=always
+RestartSec=5s
+
+[Install]
+WantedBy=multi-user.target
diff --git a/k3s-rootless.service b/k3s-rootless.service
index 5879e2f8f2..916af05c6d 100644
--- a/k3s-rootless.service
+++ b/k3s-rootless.service
@@ -20,26 +20,28 @@
# - See also https://rootlesscontaine.rs/
[Unit]
-Description=k3s (Rootless)
+Description=Lightweight Kubernetes (server, rootless)
+Documentation=https://k3s.io
+Documentation=https://rootlesscontaine.rs/
+After=network.target network-online.target
+Wants=network.target network-online.target
[Service]
-Environment=PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+Type=notify
+EnvironmentFile=-%E/systemd/system/%n.env
# NOTE: Don't try to run `k3s server --rootless` on a terminal, as it doesn't enable cgroup v2 delegation.
# If you really need to try it on a terminal, prepend `systemd-run --user -p Delegate=yes --tty` to create a systemd scope.
-ExecStart=/usr/local/bin/k3s server --rootless --snapshotter=fuse-overlayfs
+ExecStart=/usr/bin/k3s server --rootless --snapshotter=fuse-overlayfs $K3S_EXEC
ExecReload=/bin/kill -s HUP $MAINPID
-TimeoutSec=0
-RestartSec=2
-Restart=always
-StartLimitBurst=3
-StartLimitInterval=60s
-LimitNOFILE=infinity
+KillMode=mixed
+Delegate=yes
+LimitNOFILE=1048576
LimitNPROC=infinity
LimitCORE=infinity
TasksMax=infinity
-Delegate=yes
-Type=simple
-KillMode=mixed
+TimeoutStartSec=0
+Restart=always
+RestartSec=5s
[Install]
WantedBy=default.target
diff --git a/k3s.service b/k3s.service
index 70ce10c1aa..c786114ce0 100644
--- a/k3s.service
+++ b/k3s.service
@@ -1,16 +1,16 @@
[Unit]
-Description=Lightweight Kubernetes
+Description=Lightweight Kubernetes (server)
Documentation=https://k3s.io
-After=network-online.target
-Wants=network-online.target
+After=network.target network-online.target
+Wants=network.target network-online.target
[Service]
Type=notify
EnvironmentFile=-/etc/default/%N
EnvironmentFile=-/etc/sysconfig/%N
-EnvironmentFile=-/etc/systemd/system/k3s.service.env
-ExecStartPre=/bin/sh -xc '! /usr/bin/systemctl is-enabled --quiet nm-cloud-setup.service 2>/dev/null'
-ExecStart=/usr/local/bin/k3s server
+EnvironmentFile=-/etc/systemd/system/%n.env
+ExecStart=/usr/bin/k3s server $K3S_EXEC
+ExecReload=/bin/kill -s HUP $MAINPID
KillMode=process
Delegate=yes
# Having non-zero Limit*s causes performance problems due to accounting overhead
--
2.43.1
|