richard
/
kubespray
mirror of https://github.com/kubernetes-sigs/kubespray.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4775 Commits
33 Branches
82 Tags
152 MiB
Tree: 26700e7882
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '26700e7882'
${ noResults }
kubespray/roles/network_plugin/cilium/templates/cilium-ds.yml.j2

251 lines
7.6 KiB
Raw Normal View History

cilium v1.1.2 Update all configs to current upstream state. Add more resources (unable to pass tests now)...
6 years ago
Added cilium support (#2236) * Added cilium support * Fix typo in debian test config * Remove empty lines * Changed cilium version from <latest> to <v1.0.0-rc3> * Add missing changes for cilium * Add cilium to CI pipeline * Fix wrong file name * Check kernel version for cilium * fixed ci error * fixed cilium-ds.j2 template * added waiting for cilium pods to run * Fixed missing EOF * Fixed trailing spaces * Fixed trailing spaces * Fixed trailing spaces * Fixed too many blank lines * Updated tolerations,annotations in cilium DS template * Set cilium_version to iptables-1.9 to see if bug is fixed in CI * Update cilium image tag to v1.0.0-rc4 * Update Cilium test case CI vars filenames * Add optional prometheus flag, adjust initial readiness delay * Update README.md with cilium info
7 years ago
Upgrade Cilium network plugin to v1.5.5. (#5014) * Needs an additional cilium-operator deployment. * Added option to enable hostPort mappings.
5 years ago
Added cilium support (#2236) * Added cilium support * Fix typo in debian test config * Remove empty lines * Changed cilium version from <latest> to <v1.0.0-rc3> * Add missing changes for cilium * Add cilium to CI pipeline * Fix wrong file name * Check kernel version for cilium * fixed ci error * fixed cilium-ds.j2 template * added waiting for cilium pods to run * Fixed missing EOF * Fixed trailing spaces * Fixed trailing spaces * Fixed trailing spaces * Fixed too many blank lines * Updated tolerations,annotations in cilium DS template * Set cilium_version to iptables-1.9 to see if bug is fixed in CI * Update cilium image tag to v1.0.0-rc4 * Update Cilium test case CI vars filenames * Add optional prometheus flag, adjust initial readiness delay * Update README.md with cilium info
7 years ago
Stop templating kube-system namespace and creating it (#2545) Kubernetes makes this namespace automatically, so there is no need for kubespray to manage it.
7 years ago
Added cilium support (#2236) * Added cilium support * Fix typo in debian test config * Remove empty lines * Changed cilium version from <latest> to <v1.0.0-rc3> * Add missing changes for cilium * Add cilium to CI pipeline * Fix wrong file name * Check kernel version for cilium * fixed ci error * fixed cilium-ds.j2 template * added waiting for cilium pods to run * Fixed missing EOF * Fixed trailing spaces * Fixed trailing spaces * Fixed trailing spaces * Fixed too many blank lines * Updated tolerations,annotations in cilium DS template * Set cilium_version to iptables-1.9 to see if bug is fixed in CI * Update cilium image tag to v1.0.0-rc4 * Update Cilium test case CI vars filenames * Add optional prometheus flag, adjust initial readiness delay * Update README.md with cilium info
7 years ago
cilium v1.1.2 Update all configs to current upstream state. Add more resources (unable to pass tests now)...
6 years ago
Added cilium support (#2236) * Added cilium support * Fix typo in debian test config * Remove empty lines * Changed cilium version from <latest> to <v1.0.0-rc3> * Add missing changes for cilium * Add cilium to CI pipeline * Fix wrong file name * Check kernel version for cilium * fixed ci error * fixed cilium-ds.j2 template * added waiting for cilium pods to run * Fixed missing EOF * Fixed trailing spaces * Fixed trailing spaces * Fixed trailing spaces * Fixed too many blank lines * Updated tolerations,annotations in cilium DS template * Set cilium_version to iptables-1.9 to see if bug is fixed in CI * Update cilium image tag to v1.0.0-rc4 * Update Cilium test case CI vars filenames * Add optional prometheus flag, adjust initial readiness delay * Update README.md with cilium info
7 years ago
Upgrade Cilium network plugin to v1.5.5. (#5014) * Needs an additional cilium-operator deployment. * Added option to enable hostPort mappings.
5 years ago
Added cilium support (#2236) * Added cilium support * Fix typo in debian test config * Remove empty lines * Changed cilium version from <latest> to <v1.0.0-rc3> * Add missing changes for cilium * Add cilium to CI pipeline * Fix wrong file name * Check kernel version for cilium * fixed ci error * fixed cilium-ds.j2 template * added waiting for cilium pods to run * Fixed missing EOF * Fixed trailing spaces * Fixed trailing spaces * Fixed trailing spaces * Fixed too many blank lines * Updated tolerations,annotations in cilium DS template * Set cilium_version to iptables-1.9 to see if bug is fixed in CI * Update cilium image tag to v1.0.0-rc4 * Update Cilium test case CI vars filenames * Add optional prometheus flag, adjust initial readiness delay * Update README.md with cilium info
7 years ago
Upgrade Cilium network plugin to v1.5.5. (#5014) * Needs an additional cilium-operator deployment. * Added option to enable hostPort mappings.
5 years ago
Added cilium support (#2236) * Added cilium support * Fix typo in debian test config * Remove empty lines * Changed cilium version from <latest> to <v1.0.0-rc3> * Add missing changes for cilium * Add cilium to CI pipeline * Fix wrong file name * Check kernel version for cilium * fixed ci error * fixed cilium-ds.j2 template * added waiting for cilium pods to run * Fixed missing EOF * Fixed trailing spaces * Fixed trailing spaces * Fixed trailing spaces * Fixed too many blank lines * Updated tolerations,annotations in cilium DS template * Set cilium_version to iptables-1.9 to see if bug is fixed in CI * Update cilium image tag to v1.0.0-rc4 * Update Cilium test case CI vars filenames * Add optional prometheus flag, adjust initial readiness delay * Update README.md with cilium info
7 years ago
Upgrade Cilium network plugin to v1.5.5. (#5014) * Needs an additional cilium-operator deployment. * Added option to enable hostPort mappings.
5 years ago
Added cilium support (#2236) * Added cilium support * Fix typo in debian test config * Remove empty lines * Changed cilium version from <latest> to <v1.0.0-rc3> * Add missing changes for cilium * Add cilium to CI pipeline * Fix wrong file name * Check kernel version for cilium * fixed ci error * fixed cilium-ds.j2 template * added waiting for cilium pods to run * Fixed missing EOF * Fixed trailing spaces * Fixed trailing spaces * Fixed trailing spaces * Fixed too many blank lines * Updated tolerations,annotations in cilium DS template * Set cilium_version to iptables-1.9 to see if bug is fixed in CI * Update cilium image tag to v1.0.0-rc4 * Update Cilium test case CI vars filenames * Add optional prometheus flag, adjust initial readiness delay * Update README.md with cilium info
7 years ago
Upgrade Cilium network plugin to v1.5.5. (#5014) * Needs an additional cilium-operator deployment. * Added option to enable hostPort mappings.
5 years ago
Added cilium support (#2236) * Added cilium support * Fix typo in debian test config * Remove empty lines * Changed cilium version from <latest> to <v1.0.0-rc3> * Add missing changes for cilium * Add cilium to CI pipeline * Fix wrong file name * Check kernel version for cilium * fixed ci error * fixed cilium-ds.j2 template * added waiting for cilium pods to run * Fixed missing EOF * Fixed trailing spaces * Fixed trailing spaces * Fixed trailing spaces * Fixed too many blank lines * Updated tolerations,annotations in cilium DS template * Set cilium_version to iptables-1.9 to see if bug is fixed in CI * Update cilium image tag to v1.0.0-rc4 * Update Cilium test case CI vars filenames * Add optional prometheus flag, adjust initial readiness delay * Update README.md with cilium info
7 years ago
Upgrade Cilium network plugin to v1.5.5. (#5014) * Needs an additional cilium-operator deployment. * Added option to enable hostPort mappings.
5 years ago
Added cilium support (#2236) * Added cilium support * Fix typo in debian test config * Remove empty lines * Changed cilium version from <latest> to <v1.0.0-rc3> * Add missing changes for cilium * Add cilium to CI pipeline * Fix wrong file name * Check kernel version for cilium * fixed ci error * fixed cilium-ds.j2 template * added waiting for cilium pods to run * Fixed missing EOF * Fixed trailing spaces * Fixed trailing spaces * Fixed trailing spaces * Fixed too many blank lines * Updated tolerations,annotations in cilium DS template * Set cilium_version to iptables-1.9 to see if bug is fixed in CI * Update cilium image tag to v1.0.0-rc4 * Update Cilium test case CI vars filenames * Add optional prometheus flag, adjust initial readiness delay * Update README.md with cilium info
7 years ago
Upgrade Cilium network plugin to v1.5.5. (#5014) * Needs an additional cilium-operator deployment. * Added option to enable hostPort mappings.
5 years ago
containerd support (#4664) * Add limited containerd support Containerd support for Ubuntu + Calico * Added CRI-O support for ubuntu * containerd support. * Reset containerd support. * fix lint. * implemented feedback * Change task name cri xx instead of cri-o in reset task and timeout condition. * set crictl to fixed version * Use docker-ce's container.io package for containerd. * Add check containerd is installable or not. * Avoid stop docker when use containerd and optimize retry for reset. * Add config.toml. * Fixed containerd for kubelet.env. * Merge PR #4629 * Remove unused ubuntu variable for containerd * Polish code for containerd and cri-o * Refactoring cri socket configuration. * Configurable conmon. * Remove unused crictl/runc download * Now crictl and runc is downloaded by common crictl.yml. * fixed yamllint error * Fixed brokenfiles by conflict. * Remove commented line in config.toml * Remove readded v1.12.x version * Fixed broken set_docker_image_facts * Fix yamllint errors. * Remove unused apt source * Fix crictl could not be installed * Add containerd config from skolekonov's PR #4601
5 years ago
Upgrade Cilium network plugin to v1.5.5. (#5014) * Needs an additional cilium-operator deployment. * Added option to enable hostPort mappings.
5 years ago
containerd support (#4664) * Add limited containerd support Containerd support for Ubuntu + Calico * Added CRI-O support for ubuntu * containerd support. * Reset containerd support. * fix lint. * implemented feedback * Change task name cri xx instead of cri-o in reset task and timeout condition. * set crictl to fixed version * Use docker-ce's container.io package for containerd. * Add check containerd is installable or not. * Avoid stop docker when use containerd and optimize retry for reset. * Add config.toml. * Fixed containerd for kubelet.env. * Merge PR #4629 * Remove unused ubuntu variable for containerd * Polish code for containerd and cri-o * Refactoring cri socket configuration. * Configurable conmon. * Remove unused crictl/runc download * Now crictl and runc is downloaded by common crictl.yml. * fixed yamllint error * Fixed brokenfiles by conflict. * Remove commented line in config.toml * Remove readded v1.12.x version * Fixed broken set_docker_image_facts * Fix yamllint errors. * Remove unused apt source * Fix crictl could not be installed * Add containerd config from skolekonov's PR #4601
5 years ago
Fix indentation in cilium-ds.yml template (#5305)
5 years ago
Add volume and volumeMount for crio-socket This commit fixes #3295
6 years ago
Upgrade Cilium network plugin to v1.5.5. (#5014) * Needs an additional cilium-operator deployment. * Added option to enable hostPort mappings.
5 years ago
Set dnsPolicy to ClusterFirstWithHostNet when hostNetwork is true (#4843)
5 years ago
Upgrade Cilium network plugin to v1.5.5. (#5014) * Needs an additional cilium-operator deployment. * Added option to enable hostPort mappings.
5 years ago
Added cilium support (#2236) * Added cilium support * Fix typo in debian test config * Remove empty lines * Changed cilium version from <latest> to <v1.0.0-rc3> * Add missing changes for cilium * Add cilium to CI pipeline * Fix wrong file name * Check kernel version for cilium * fixed ci error * fixed cilium-ds.j2 template * added waiting for cilium pods to run * Fixed missing EOF * Fixed trailing spaces * Fixed trailing spaces * Fixed trailing spaces * Fixed too many blank lines * Updated tolerations,annotations in cilium DS template * Set cilium_version to iptables-1.9 to see if bug is fixed in CI * Update cilium image tag to v1.0.0-rc4 * Update Cilium test case CI vars filenames * Add optional prometheus flag, adjust initial readiness delay * Update README.md with cilium info
7 years ago
cilium v1.1.2 Update all configs to current upstream state. Add more resources (unable to pass tests now)...
6 years ago
Upgrade Cilium network plugin to v1.5.5. (#5014) * Needs an additional cilium-operator deployment. * Added option to enable hostPort mappings.
5 years ago
containerd support (#4664) * Add limited containerd support Containerd support for Ubuntu + Calico * Added CRI-O support for ubuntu * containerd support. * Reset containerd support. * fix lint. * implemented feedback * Change task name cri xx instead of cri-o in reset task and timeout condition. * set crictl to fixed version * Use docker-ce's container.io package for containerd. * Add check containerd is installable or not. * Avoid stop docker when use containerd and optimize retry for reset. * Add config.toml. * Fixed containerd for kubelet.env. * Merge PR #4629 * Remove unused ubuntu variable for containerd * Polish code for containerd and cri-o * Refactoring cri socket configuration. * Configurable conmon. * Remove unused crictl/runc download * Now crictl and runc is downloaded by common crictl.yml. * fixed yamllint error * Fixed brokenfiles by conflict. * Remove commented line in config.toml * Remove readded v1.12.x version * Fixed broken set_docker_image_facts * Fix yamllint errors. * Remove unused apt source * Fix crictl could not be installed * Add containerd config from skolekonov's PR #4601
5 years ago
cilium v1.1.2 Update all configs to current upstream state. Add more resources (unable to pass tests now)...
6 years ago
Upgrade Cilium network plugin to v1.5.5. (#5014) * Needs an additional cilium-operator deployment. * Added option to enable hostPort mappings.
5 years ago
containerd support (#4664) * Add limited containerd support Containerd support for Ubuntu + Calico * Added CRI-O support for ubuntu * containerd support. * Reset containerd support. * fix lint. * implemented feedback * Change task name cri xx instead of cri-o in reset task and timeout condition. * set crictl to fixed version * Use docker-ce's container.io package for containerd. * Add check containerd is installable or not. * Avoid stop docker when use containerd and optimize retry for reset. * Add config.toml. * Fixed containerd for kubelet.env. * Merge PR #4629 * Remove unused ubuntu variable for containerd * Polish code for containerd and cri-o * Refactoring cri socket configuration. * Configurable conmon. * Remove unused crictl/runc download * Now crictl and runc is downloaded by common crictl.yml. * fixed yamllint error * Fixed brokenfiles by conflict. * Remove commented line in config.toml * Remove readded v1.12.x version * Fixed broken set_docker_image_facts * Fix yamllint errors. * Remove unused apt source * Fix crictl could not be installed * Add containerd config from skolekonov's PR #4601
5 years ago
Upgrade Cilium network plugin to v1.5.5. (#5014) * Needs an additional cilium-operator deployment. * Added option to enable hostPort mappings.
5 years ago
Add volume and volumeMount for crio-socket This commit fixes #3295
6 years ago
cilium v1.1.2 Update all configs to current upstream state. Add more resources (unable to pass tests now)...
6 years ago
Upgrade Cilium network plugin to v1.5.5. (#5014) * Needs an additional cilium-operator deployment. * Added option to enable hostPort mappings.
5 years ago
cilium v1.1.2 Update all configs to current upstream state. Add more resources (unable to pass tests now)...
6 years ago
Upgrade Cilium network plugin to v1.5.5. (#5014) * Needs an additional cilium-operator deployment. * Added option to enable hostPort mappings.
5 years ago
cilium v1.1.2 Update all configs to current upstream state. Add more resources (unable to pass tests now)...
6 years ago
Upgrade Cilium network plugin to v1.5.5. (#5014) * Needs an additional cilium-operator deployment. * Added option to enable hostPort mappings.
5 years ago
cilium v1.1.2 Update all configs to current upstream state. Add more resources (unable to pass tests now)...
6 years ago
Upgrade Cilium network plugin to v1.5.5. (#5014) * Needs an additional cilium-operator deployment. * Added option to enable hostPort mappings.
5 years ago
  1. apiVersion: apps/v1
  2. kind: DaemonSet
  3. metadata:
  4. labels:
  5. k8s-app: cilium
  6. kubernetes.io/cluster-service: "true"
  7. name: cilium
  8. namespace: kube-system
  9. spec:
  10. selector:
  11. matchLabels:
  12. k8s-app: cilium
  13. kubernetes.io/cluster-service: "true"
  14. template:
  15. metadata:
  16. annotations:
  17. {% if cilium_enable_prometheus %}
  18. prometheus.io/port: "9090"
  19. prometheus.io/scrape: "true"
  20. {% endif %}
  21. # This annotation plus the CriticalAddonsOnly toleration makes
  22. # cilium to be a critical pod in the cluster, which ensures cilium
  23. # gets priority scheduling.
  24. # https://kubernetes.io/docs/tasks/administer-cluster/guaranteed-scheduling-critical-addon-pods/
  25. scheduler.alpha.kubernetes.io/critical-pod: ""
  26. scheduler.alpha.kubernetes.io/tolerations: '[{"key":"dedicated","operator":"Equal","value":"master","effect":"NoSchedule"}]'
  27. labels:
  28. k8s-app: cilium
  29. kubernetes.io/cluster-service: "true"
  30. spec:
  31. containers:
  32. - args:
  33. - --kvstore=etcd
  34. - --kvstore-opt=etcd.config=/var/lib/etcd-config/etcd.config
  35. - --config-dir=/tmp/cilium/config-map
  36. command:
  37. - cilium-agent
  38. env:
  39. - name: K8S_NODE_NAME
  40. valueFrom:
  41. fieldRef:
  42. apiVersion: v1
  43. fieldPath: spec.nodeName
  44. - name: CILIUM_K8S_NAMESPACE
  45. valueFrom:
  46. fieldRef:
  47. apiVersion: v1
  48. fieldPath: metadata.namespace
  49. - name: CILIUM_CLUSTERMESH_CONFIG
  50. value: /var/lib/cilium/clustermesh/
  51. image: "{{cilium_image_repo}}:{{cilium_image_tag}}"
  52. imagePullPolicy: IfNotPresent
  53. resources:
  54. limits:
  55. cpu: {{ cilium_cpu_limit }}
  56. memory: {{ cilium_memory_limit }}
  57. requests:
  58. cpu: {{ cilium_cpu_requests }}
  59. memory: {{ cilium_memory_requests }}
  60. lifecycle:
  61. postStart:
  62. exec:
  63. command:
  64. - /cni-install.sh
  65. preStop:
  66. exec:
  67. command:
  68. - /cni-uninstall.sh
  69. livenessProbe:
  70. exec:
  71. command:
  72. - cilium
  73. - status
  74. - --brief
  75. failureThreshold: 10
  76. # The initial delay for the liveness probe is intentionally large to
  77. # avoid an endless kill & restart cycle if in the event that the initial
  78. # bootstrapping takes longer than expected.
  79. initialDelaySeconds: 120
  80. periodSeconds: 30
  81. successThreshold: 1
  82. timeoutSeconds: 5
  83. name: cilium-agent
  84. {% if cilium_enable_prometheus %}
  85. ports:
  86. - containerPort: 9090
  87. hostPort: 9090
  88. name: prometheus
  89. protocol: TCP
  90. {% endif %}
  91. readinessProbe:
  92. exec:
  93. command:
  94. - cilium
  95. - status
  96. - --brief
  97. failureThreshold: 3
  98. initialDelaySeconds: 5
  99. periodSeconds: 30
  100. successThreshold: 1
  101. timeoutSeconds: 5
  102. securityContext:
  103. capabilities:
  104. add:
  105. - NET_ADMIN
  106. - SYS_MODULE
  107. privileged: true
  108. volumeMounts:
  109. - mountPath: /sys/fs/bpf
  110. name: bpf-maps
  111. - mountPath: /var/run/cilium
  112. name: cilium-run
  113. - mountPath: /host/opt/cni/bin
  114. name: cni-path
  115. - mountPath: /host/etc/cni/net.d
  116. name: etc-cni-netd
  117. {% if container_manager == 'docker' %}
  118. - mountPath: /var/run/docker.sock
  119. name: docker-socket
  120. readOnly: true
  121. {% else %}
  122. - name: "{{ container_manager }}-socket"
  123. mountPath: {{ cri_socket }}
  124. readOnly: true
  125. {% endif %}
  126. - mountPath: /var/lib/etcd-config
  127. name: etcd-config-path
  128. readOnly: true
  129. - mountPath: "{{cilium_cert_dir}}"
  130. name: etcd-secrets
  131. readOnly: true
  132. - mountPath: /var/lib/cilium/clustermesh
  133. name: clustermesh-secrets
  134. readOnly: true
  135. - mountPath: /tmp/cilium/config-map
  136. name: cilium-config-path
  137. readOnly: true
  138. # Needed to be able to load kernel modules
  139. - mountPath: /lib/modules
  140. name: lib-modules
  141. readOnly: true
  142. dnsPolicy: ClusterFirstWithHostNet
  143. hostNetwork: true
  144. hostPID: false
  145. initContainers:
  146. - command:
  147. - /init-container.sh
  148. env:
  149. - name: CLEAN_CILIUM_STATE
  150. valueFrom:
  151. configMapKeyRef:
  152. key: clean-cilium-state
  153. name: cilium-config
  154. optional: true
  155. - name: CLEAN_CILIUM_BPF_STATE
  156. valueFrom:
  157. configMapKeyRef:
  158. key: clean-cilium-bpf-state
  159. name: cilium-config
  160. optional: true
  161. - name: CILIUM_WAIT_BPF_MOUNT
  162. valueFrom:
  163. configMapKeyRef:
  164. key: wait-bpf-mount
  165. name: cilium-config
  166. optional: true
  167. image: "{{cilium_init_image_repo}}:{{cilium_init_image_tag}}"
  168. imagePullPolicy: IfNotPresent
  169. name: clean-cilium-state
  170. securityContext:
  171. capabilities:
  172. add:
  173. - NET_ADMIN
  174. privileged: true
  175. volumeMounts:
  176. - mountPath: /sys/fs/bpf
  177. name: bpf-maps
  178. - mountPath: /var/run/cilium
  179. name: cilium-run
  180. priorityClassName: system-node-critical
  181. restartPolicy: Always
  182. serviceAccount: cilium
  183. serviceAccountName: cilium
  184. terminationGracePeriodSeconds: 1
  185. tolerations:
  186. - operator: Exists
  187. volumes:
  188. # To keep state between restarts / upgrades
  189. - hostPath:
  190. path: /var/run/cilium
  191. type: DirectoryOrCreate
  192. name: cilium-run
  193. # To keep state between restarts / upgrades for bpf maps
  194. - hostPath:
  195. path: /sys/fs/bpf
  196. type: DirectoryOrCreate
  197. name: bpf-maps
  198. {% if container_manager == 'docker' %}
  199. # To read docker events from the node
  200. - hostPath:
  201. path: /var/run/docker.sock
  202. type: Socket
  203. name: docker-socket
  204. {% else %}
  205. # To read crio events from the node
  206. - hostPath:
  207. path: {{ cri_socket }}
  208. type: Socket
  209. name: {{ container_manager }}-socket
  210. {% endif %}
  211. # To install cilium cni plugin in the host
  212. - hostPath:
  213. path: /opt/cni/bin
  214. type: DirectoryOrCreate
  215. name: cni-path
  216. # To install cilium cni configuration in the host
  217. - hostPath:
  218. path: /etc/cni/net.d
  219. type: DirectoryOrCreate
  220. name: etc-cni-netd
  221. # To be able to load kernel modules
  222. - hostPath:
  223. path: /lib/modules
  224. name: lib-modules
  225. # To read the etcd config stored in config maps
  226. - configMap:
  227. defaultMode: 420
  228. items:
  229. - key: etcd-config
  230. path: etcd.config
  231. name: cilium-config
  232. name: etcd-config-path
  233. # To read the k8s etcd secrets in case the user might want to use TLS
  234. - name: etcd-secrets
  235. hostPath:
  236. path: "{{cilium_cert_dir}}"
  237. # To read the clustermesh configuration
  238. - name: clustermesh-secrets
  239. secret:
  240. defaultMode: 420
  241. optional: true
  242. secretName: cilium-clustermesh
  243. # To read the configuration from the config map
  244. - configMap:
  245. name: cilium-config
  246. name: cilium-config-path
  247. updateStrategy:
  248. rollingUpdate:
  249. # Specifies the maximum number of Pods that can be unavailable during the update process.
  250. maxUnavailable: 2
  251. type: RollingUpdate