kubespray/roles/kubernetes/node/templates/kubelet-config.v1beta1.yaml.j2

apiVersion: kubelet.config.k8s.io/v1beta1
kind: KubeletConfiguration
nodeStatusUpdateFrequency: "{{ kubelet_status_update_frequency }}"
failSwapOn: {{ kubelet_fail_swap_on }}
authentication:
  anonymous:
    enabled: false
  webhook:
    enabled: {{ kubelet_authentication_token_webhook }}
  x509:
    clientCAFile: {{ kube_cert_dir }}/ca.crt
authorization:
{% if kubelet_authorization_mode_webhook %}
  mode: Webhook
{% else %}
  mode: AlwaysAllow
{% endif %}
{% if kubelet_enforce_node_allocatable is defined and kubelet_enforce_node_allocatable != "\"\"" %}
{% set kubelet_enforce_node_allocatable_list = kubelet_enforce_node_allocatable.split(",") %}
enforceNodeAllocatable:
{% for item in kubelet_enforce_node_allocatable_list %}
- {{ item }}
{% endfor %}
{% endif %}
staticPodPath: {{ kube_manifest_dir }}
cgroupDriver: {{ kubelet_cgroup_driver | default('systemd') }}
containerLogMaxFiles: {{ kubelet_logfiles_max_nr }}
containerLogMaxSize: {{ kubelet_logfiles_max_size }}
containerRuntimeEndpoint : {{ cri_socket }}
maxPods: {{ kubelet_max_pods }}
podPidsLimit: {{ kubelet_pod_pids_limit }}
address: {{ kubelet_bind_address }}
readOnlyPort: {{ kube_read_only_port }}
healthzPort: {{ kubelet_healthz_port }}
healthzBindAddress: {{ kubelet_healthz_bind_address }}
kubeletCgroups: {{ kubelet_kubelet_cgroups }}
clusterDomain: {{ dns_domain }}
{% if kubelet_protect_kernel_defaults | bool %}
protectKernelDefaults: true
{% endif %}
{% if kubelet_rotate_certificates | bool %}
rotateCertificates: true
{% endif %}
{% if kubelet_rotate_server_certificates | bool %}
serverTLSBootstrap: true
{% endif %}
{# DNS settings for kubelet #}
{% if enable_nodelocaldns %}
{% set kubelet_cluster_dns = [nodelocaldns_ip] %}
{% elif dns_mode in ['coredns'] %}
{% set kubelet_cluster_dns = [skydns_server] %}
{% elif dns_mode == 'coredns_dual' %}
{% set kubelet_cluster_dns = [skydns_server,skydns_server_secondary] %}
{% elif dns_mode == 'manual' %}
{% set kubelet_cluster_dns = [manual_dns_server] %}
{% else %}
{% set kubelet_cluster_dns = [] %}
{% endif %}
clusterDNS:
{% for dns_address in kubelet_cluster_dns %}
- {{ dns_address }}
{% endfor %}
{# Node reserved CPU/memory #}
{% if kube_reserved | bool %}
kubeReservedCgroup: {{ kube_reserved_cgroups }}
{% endif %}
kubeReserved:
{% if 'kube_control_plane' in group_names %}
  cpu: "{{ kube_master_cpu_reserved }}"
  memory: {{ kube_master_memory_reserved }}
{% if kube_master_ephemeral_storage_reserved is defined %}
  ephemeral-storage: {{ kube_master_ephemeral_storage_reserved }}
{% endif %}
{% if kube_master_pid_reserved is defined %}
  pid: "{{ kube_master_pid_reserved }}"
{% endif %}
{% else %}
  cpu: "{{ kube_cpu_reserved }}"
  memory: {{ kube_memory_reserved }}
{% if kube_ephemeral_storage_reserved is defined %}
  ephemeral-storage: {{ kube_ephemeral_storage_reserved }}
{% endif %}
{% if kube_pid_reserved is defined %}
  pid: "{{ kube_pid_reserved }}"
{% endif %}
{% endif %}
{% if system_reserved | bool %}
systemReservedCgroup: {{ system_reserved_cgroups }}
systemReserved:
{% if 'kube_control_plane' in group_names %}
  cpu: "{{ system_master_cpu_reserved }}"
  memory: {{ system_master_memory_reserved }}
{% if system_master_ephemeral_storage_reserved is defined %}
  ephemeral-storage: {{ system_master_ephemeral_storage_reserved }}
{% endif %}
{% if system_master_pid_reserved is defined %}
  pid: "{{ system_master_pid_reserved }}"
{% endif %}
{% else %}
  cpu: "{{ system_cpu_reserved }}"
  memory: {{ system_memory_reserved }}
{% if system_ephemeral_storage_reserved is defined %}
  ephemeral-storage: {{ system_ephemeral_storage_reserved }}
{% endif %}
{% if system_pid_reserved is defined %}
  pid: "{{ system_pid_reserved }}"
{% endif %}
{% endif %}
{% endif %}
{% if ('kube_control_plane' in group_names) and (eviction_hard_control_plane is defined) and eviction_hard_control_plane %}
evictionHard:
  {{ eviction_hard_control_plane | to_nice_yaml(indent=2) | indent(2) }}
{% elif ('kube_control_plane' not in group_names) and (eviction_hard is defined) and eviction_hard %}
evictionHard:
  {{ eviction_hard | to_nice_yaml(indent=2) | indent(2) }}
{% endif %}
resolvConf: "{{ kube_resolv_conf }}"
{% if kubelet_config_extra_args %}
{{ kubelet_config_extra_args | to_nice_yaml(indent=2) }}
{% endif %}
{% if inventory_hostname in groups['kube_node'] and kubelet_node_config_extra_args %}
{{ kubelet_node_config_extra_args | to_nice_yaml(indent=2) }}
{% endif %}
{% if kubelet_feature_gates or kube_feature_gates %}
featureGates:
{% for feature in (kubelet_feature_gates | default(kube_feature_gates, true)) %}
  {{ feature | replace("=", ": ") }}
{% endfor %}
{% endif %}
{% if tls_min_version is defined %}
tlsMinVersion: {{ tls_min_version }}
{% endif %}
{% if tls_cipher_suites is defined %}
tlsCipherSuites:
{% for tls in tls_cipher_suites %}
- {{ tls }}
{% endfor %}
{% endif %}
eventRecordQPS: {{ kubelet_event_record_qps }}
shutdownGracePeriod: {{ kubelet_shutdown_grace_period }}
shutdownGracePeriodCriticalPods: {{ kubelet_shutdown_grace_period_critical_pods }}
{% if not kubelet_fail_swap_on %}
memorySwap:
  swapBehavior: {{ kubelet_swap_behavior }}
{% endif %}
{% if kubelet_streaming_connection_idle_timeout is defined %}
streamingConnectionIdleTimeout: {{ kubelet_streaming_connection_idle_timeout }}
{% endif %}
{% if kubelet_image_gc_high_threshold is defined %}
imageGCHighThresholdPercent: {{ kubelet_image_gc_high_threshold }}
{% endif %}
{% if kubelet_image_gc_low_threshold is defined %}
imageGCLowThresholdPercent: {{ kubelet_image_gc_low_threshold }}
{% endif %}
{% if kubelet_make_iptables_util_chains is defined %}
makeIPTablesUtilChains: {{ kubelet_make_iptables_util_chains | bool }}
{% endif %}
{% if kubelet_seccomp_default is defined %}
seccompDefault: {{ kubelet_seccomp_default | bool }}
{% endif %}
{% if kubelet_cpu_manager_policy is defined %}
cpuManagerPolicy: {{ kubelet_cpu_manager_policy }}
{% endif %}
{% if kubelet_cpu_manager_policy_options is defined %}
cpuManagerPolicyOptions:
  {{ kubelet_cpu_manager_policy_options | to_nice_yaml(indent=2) }}
{% endif %}
{% if kubelet_topology_manager_policy is defined %}
topologyManagerPolicy: {{ kubelet_topology_manager_policy }}
{% endif %}
{% if kubelet_topology_manager_scope is defined %}
topologyManagerScope: {{ kubelet_topology_manager_scope }}
{% endif %}
{% if kubelet_tracing %}
tracing:
  endpoint: {{ kubelet_tracing_endpoint }}
  samplingRatePerMillion: {{ kubelet_tracing_sampling_rate_per_million }}
{% endif %}
maxParallelImagePulls: {{ kubelet_max_parallel_image_pulls }}