0

我正在运行 Kubernetes 1.17 集群,Calico CNI 在 containerd 上运行。我的服务器正在运行 CentOS 8,我的所有节点都收到此日志消息。如何阻止这些消息?

Mar  8 21:15:48 node03 systemd[1]: Removed slice libcontainer_14289_systemd_test_default.slice.
Mar  8 21:15:48 node03 containerd[1400]: time="2020-03-08T21:15:48.641993033-04:00" level=info msg="ExecSync for "a5e553ee2fd117b0724f56fd9606031f187f4ca0aa468c31f90690f305f49a89" returns with exit code 0"
Mar  8 21:15:50 node03 containerd[1400]: time="2020-03-08T21:15:50.606510411-04:00" level=info msg="ExecSync for "a5e553ee2fd117b0724f56fd9606031f187f4ca0aa468c31f90690f305f49a89" with command [/bin/calico-node -felix-live -bird-live] and timeout 1 (s)"
Mar  8 21:15:50 node03 systemd[1]: libcontainer-14399-systemd-test-default-dependencies.scope: Scope has no PIDs. Refusing.
Mar  8 21:15:50 node03 systemd[1]: libcontainer-14399-systemd-test-default-dependencies.scope: Scope has no PIDs. Refusing.
Mar  8 21:15:50 node03 systemd[1]: Created slice libcontainer_14399_systemd_test_default.slice.
Mar  8 21:15:50 node03 systemd[1]: Removed slice libcontainer_14399_systemd_test_default.slice.
Mar  8 21:15:50 node03 systemd[1]: libcontainer-14405-systemd-test-default-dependencies.scope: Scope has no PIDs. Refusing.
Mar  8 21:15:50 node03 systemd[1]: libcontainer-14405-systemd-test-default-dependencies.scope: Scope has no PIDs. Refusing.
Mar  8 21:15:50 node03 systemd[1]: Created slice libcontainer_14405_systemd_test_default.slice.
Mar  8 21:15:50 node03 systemd[1]: Removed slice libcontainer_14405_systemd_test_default.slice.
Mar  8 21:15:50 node03 systemd[1]: libcontainer-14411-systemd-test-default-dependencies.scope: Scope has no PIDs. Refusing.
Mar  8 21:15:50 node03 systemd[1]: libcontainer-14411-systemd-test-default-dependencies.scope: Scope has no PIDs. Refusing.
Mar  8 21:15:50 node03 systemd[1]: Created slice libcontainer_14411_systemd_test_default.slice.
Mar  8 21:15:50 node03 systemd[1]: Removed slice libcontainer_14411_systemd_test_default.slice.
Mar  8 21:15:50 node03 systemd[1]: libcontainer-14417-systemd-test-default-dependencies.scope: Scope has no PIDs. Refusing.
Mar  8 21:15:50 node03 systemd[1]: libcontainer-14417-systemd-test-default-dependencies.scope: Scope has no PIDs. Refusing.
Mar  8 21:15:50 node03 systemd[1]: Created slice libcontainer_14417_systemd_test_default.slice.
Mar  8 21:15:50 node03 systemd[1]: Removed slice libcontainer_14417_systemd_test_default.slice.
Mar  8 21:15:50 node03 systemd[1]: libcontainer-14437-systemd-test-default-dependencies.scope: Scope has no PIDs. Refusing.
Mar  8 21:15:50 node03 systemd[1]: libcontainer-14437-systemd-test-default-dependencies.scope: Scope has no PIDs. Refusing.
Mar  8 21:15:50 node03 systemd[1]: Created slice libcontainer_14437_systemd_test_default.slice.
Mar  8 21:15:50 node03 systemd[1]: Removed slice libcontainer_14437_systemd_test_default.slice.
Mar  8 21:15:50 node03 containerd[1400]: time="2020-03-08T21:15:50.775530563-04:00" level=info msg="Exec process "1f990c60ac0163d4a69c3ac6d2c1c2c53458d872e3d7e950cb89bcf2365c4601" exits with exit code 0 and error <nil>"
Mar  8 21:15:50 node03 containerd[1400]: time="2020-03-08T21:15:50.775615176-04:00" level=info msg="Finish piping "stdout" of container exec "1f990c60ac0163d4a69c3ac6d2c1c2c53458d872e3d7e950cb89bcf2365c4601""
4

1 回答 1

1

Github 上已经有公开的 issue,更多细节可以在这里找到。

这个问题与cgroup-driver. 在最新的 Kubernetes 版本中,设置为systemd而不是cgroupfs.

一种解决方法是配置rsyslog. 步骤在此站点上得到了很好的描述。以下简短版本:

$ cd /etc/rsyslog.d

创建一个ignore-systemd-session-slice.conf包含内容的文件:

if ($programname == "systemd") and ($msg contains "_systemd_test_default.slice" or $msg contains "systemd-test-default-dependencies.scope") then {
  stop
}

之后必须重新启动服务 rsyslog。

$ service rsyslog restart

另一种方法是使用cgroupfsas cgroup-driver。这也在这个 Github 线程上进行了讨论。

添加这些以忽略日志

cat /etc/rsyslog.d/ignore-systemd-session-slice.conf文件

if ($programname == "systemd") and ($msg contains "_systemd_test_default.slice" or $msg contains "systemd-test-default-dependencies.scope" or $msg contains " Failed to get system container stats for") then {
  stop
}
if ($programname == "kubelet") and ($msg contains " Failed to get system container stats for" or $msg contains "test_default.slice") then {
  stop
}

if ($programname == "systemd") and ($msg contains "Starting Session" or $msg contains "Started Session" or $msg contains "Created slice" or $msg contains "Starting user-" or $msg contains "Starting User Slice of" or $msg contains "Removed session" or $msg contains "Removed slice User Slice of" or $msg contains "Stopping User Slice of") then {
        stop
}
if ($programname == "containerd") and ($msg regex "Exec process.*with exit code 0" or $msg regex "ExecSync for.*with exit code 0" or $msg contains "Finish piping") then {
  stop
}
于 2020-03-09T16:09:54.223 回答