Metricbeat system hostfs will stuck the pod from terminating

wklken · March 23, 2018, 10:14am

hi:

We ran metricbeat as a daemonset in kubernetes.

I wonder has this issue been reported before. (I searched and found nothing)

And we found a lot of pods stucking in terminating step; We do a dig and it's the metricbeat mount case the pod from gc, (This will case all update operations in k8s will be stucked).

and sometimes the pod will be terminated normally.

$ grep -r e68c3f3b-2d9f-11 e8-bebd-00e081e67186 /proc/*/mounts 

/proc/82193/mounts:tmpfs /hostfs/data/kubernetes/var/lib/kubelet /pods/e68c3f3b-2d9f-11e8-bebd-00e081e67186/volumes/kubernetes.io~secret/defa ult-token-44tfx tmpfs rw,relatime 0 0

$ cat /proc/82193/cmdline
metricbeat -e -system.hostfs=/hostfs

the configmap (with system.yml)

apiVersion: v1
data:
  kubernetes.yml: |
    - module: kubernetes
      metricsets:
        - node
        - system
        - pod
        - container
        - volume
      period: 30s
      hosts: ["localhost:10255"]
  system.yml: |-
    - module: system
      metricsets:
        - cpu
        - load
        - memory
        - network
      interfaces: [eth0,cni0,flannel.1]
      enabled: true
      period: 30s
      processes: ['.*']
      processors:
    - module: system
      metricsets:
        - diskio
      enabled: true
      period: 30s
      processors:
      - drop_event.when.not.equals:
          system.diskio.name: 'xvda1'
    - module: system
      period: 1m
      metricsets:
        - filesystem
      filesystem.ignore_types: [proc,sysfs,tmpfs,binfmt_misc]
      processors:
      - drop_event.when.not.equals:
          system.filesystem.mount_point: '/hostfs'
kind: ConfigMap
metadata:
  creationTimestamp: null
  name: metricbeat-node-config

and the metricbeat run as daemonset, the command line

metricbeat -e -system.hostfs=/hostfs

the volume mount

      volumeMounts:
        - name: config-volume
          mountPath: /usr/share/metricbeat/modules.d
          readOnly: true
        - name: dockersock
          mountPath: /var/run/docker.sock
          readOnly: true
        - name: proc
          mountPath: /hostfs/proc
          readOnly: true
        - name: fscgroup
          mountPath: /hostfs/sys/fs/cgroup
          readOnly: true
        - name: hostfs
          mountPath: /hostfs
          readOnly: true
        securityContext:
          runAsUser: 0
      terminationGracePeriodSeconds: 30
      hostNetwork: true
      dnsPolicy: ClusterFirstWithHostNet
      volumes:
      - name: config-volume
        configMap:
          name:  metricbeat-node-config
      - name: hostfs
        hostPath:
          path: /
      - name: proc
        hostPath:
          path: /proc
      - name: fscgroup
        hostPath:
          path: /sys/fs/cgroup
      - name: dockersock
        hostPath:
          path: /var/run/docker.sock

Why metricbeat mount the pod's path? and when it release the mount?

The metricbeat do a great help in k8s, so we want to find some clues to solve the issue.

Thank you.

exekias · March 23, 2018, 9:44pm

Hi @wklken,

I noticed this:

Why do you mount your whole root filesystem under /hostfs? normally metricbeat only needs access to /proc and /sys/fs/cgroup

Best regards

wklken · March 24, 2018, 2:36am

Diff with the official config yaml: https://github.com/elastic/beats/blob/master/deploy/kubernetes/metricbeat/metricbeat-daemonset.yaml

I think that is the reason and I will test in a k8s cluster later.( still don't know why and when the mount be import to the config file and apply into the cluster >_<# )

thanks a lot! @exekias

system · April 21, 2018, 2:36am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.