richard
/
kubespray
mirror of https://github.com/kubernetes-sigs/kubespray.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
5763 Commits
33 Branches
82 Tags
153 MiB
Tree: ae3a1d7c01
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'ae3a1d7c01'
${ noResults }
kubespray/roles/kubernetes/node/templates/kubelet-config.v1beta1.yaml.j2

98 lines
3.1 KiB
Raw Normal View History

Add Kubelet config, remove deprecated flags and fix minor bugs (#4724) * Add kubelet config * Change kubelet_authorization_mode_webhook to true * Fix lint * Sync env file * Refactor the kubernetes node folder * Remove deprecated flag and fix lint
5 years ago
Allow configuring container log limits for Kubelet (#6933)
4 years ago
Add Kubelet config, remove deprecated flags and fix minor bugs (#4724) * Add kubelet config * Change kubelet_authorization_mode_webhook to true * Fix lint * Sync env file * Refactor the kubernetes node folder * Remove deprecated flag and fix lint
5 years ago
Allow customizing kubelet healthz port and bind addr (#5403) Change-Id: I1634ba2d2d3337243ffcdea86750003a559f2576
5 years ago
Add Kubelet config, remove deprecated flags and fix minor bugs (#4724) * Add kubelet config * Change kubelet_authorization_mode_webhook to true * Fix lint * Sync env file * Refactor the kubernetes node folder * Remove deprecated flag and fix lint
5 years ago
Add protectKernelDefaults option (default true) to kubelet config file (#6611)
4 years ago
Add RotateCertificates to kubelet config if kubelet_rotate_certificates is set. (#5152) Signed-off-by: Robin Elfrink <robin.elfrink@eu.equinix.com>
5 years ago
Rotate kubelet server certificate. (#6453) * Rotate kubelet server certificate. * CI test kubelet server cert rotation * Approve kubelet serving certificates in tests.
4 years ago
Add Kubelet config, remove deprecated flags and fix minor bugs (#4724) * Add kubelet config * Change kubelet_authorization_mode_webhook to true * Fix lint * Sync env file * Refactor the kubernetes node folder * Remove deprecated flag and fix lint
5 years ago
Fix reserved memory unit in kubelet configuration (#6725) * Fix reserved memory unit in kubelet configuration Signed-off-by: Wang Zhen <lazybetrayer@gmail.com> * Move systemReserved default values from template Signed-off-by: Wang Zhen <lazybetrayer@gmail.com>
4 years ago
Add Kubelet config, remove deprecated flags and fix minor bugs (#4724) * Add kubelet config * Change kubelet_authorization_mode_webhook to true * Fix lint * Sync env file * Refactor the kubernetes node folder * Remove deprecated flag and fix lint
5 years ago
Fix reserved memory unit in kubelet configuration (#6725) * Fix reserved memory unit in kubelet configuration Signed-off-by: Wang Zhen <lazybetrayer@gmail.com> * Move systemReserved default values from template Signed-off-by: Wang Zhen <lazybetrayer@gmail.com>
4 years ago
Add Kubelet config, remove deprecated flags and fix minor bugs (#4724) * Add kubelet config * Change kubelet_authorization_mode_webhook to true * Fix lint * Sync env file * Refactor the kubernetes node folder * Remove deprecated flag and fix lint
5 years ago
Add an option to reserve resources for OS system daemons (#5007)
5 years ago
Fix reserved memory unit in kubelet configuration (#6725) * Fix reserved memory unit in kubelet configuration Signed-off-by: Wang Zhen <lazybetrayer@gmail.com> * Move systemReserved default values from template Signed-off-by: Wang Zhen <lazybetrayer@gmail.com>
4 years ago
Add an option to reserve resources for OS system daemons (#5007)
5 years ago
Fix reserved memory unit in kubelet configuration (#6725) * Fix reserved memory unit in kubelet configuration Signed-off-by: Wang Zhen <lazybetrayer@gmail.com> * Move systemReserved default values from template Signed-off-by: Wang Zhen <lazybetrayer@gmail.com>
4 years ago
Add an option to reserve resources for OS system daemons (#5007)
5 years ago
kubelet_config_extra_args and kubelet_node_config_extra_args (#5623) * Introduce kubelet_config_extra_args and kubelet_node_config_extra_args to pass params to kubelet via YAML config * kubelet_config_extra_args is not the alternative
5 years ago
tlsminversion and tlsciphersuites kubelet (#6490)
4 years ago
Allow the eventRecordQPS setting to be set. (#6880) * Allow the eventRecordQPS setting to be set. The eventRecordQPS parameter controls rate limiting for event recording. When zero, unlimited events can cause denial-of-service situations. For my situation, I don't need more than a setting of "5". This change allows me to configure the setting before creating the cluster. * Allow the eventRecordQPS setting to be set. The default settings (see types.go) is five. So, this change does not affect the cluster provisioning. However, it does allow for the setting to be changed.
4 years ago
  1. apiVersion: kubelet.config.k8s.io/v1beta1
  2. kind: KubeletConfiguration
  3. nodeStatusUpdateFrequency: "{{ kubelet_status_update_frequency }}"
  4. failSwapOn: {{ kubelet_fail_swap_on|default(true) }}
  5. authentication:
  6. anonymous:
  7. enabled: false
  8. webhook:
  9. enabled: {{ kubelet_authentication_token_webhook }}
  10. x509:
  11. clientCAFile: {{ kube_cert_dir }}/ca.crt
  12. authorization:
  13. {% if kubelet_authorization_mode_webhook %}
  14. mode: Webhook
  15. {% else %}
  16. mode: AlwaysAllow
  17. {% endif %}
  18. {% if kubelet_enforce_node_allocatable is defined and kubelet_enforce_node_allocatable != "\"\"" %}
  19. {% set kubelet_enforce_node_allocatable_list = kubelet_enforce_node_allocatable.split() %}
  20. enforceNodeAllocatable:
  21. {% for item in kubelet_enforce_node_allocatable_list %}
  22. - {{ item }}
  23. {% endfor %}
  24. {% endif %}
  25. staticPodPath: {{ kube_manifest_dir }}
  26. cgroupDriver: {{ kubelet_cgroup_driver|default(kubelet_cgroup_driver_detected) }}
  27. containerLogMaxFiles: {{ kubelet_logfiles_max_nr }}
  28. containerLogMaxSize: {{ kubelet_logfiles_max_size }}
  29. maxPods: {{ kubelet_max_pods }}
  30. address: {{ kubelet_bind_address }}
  31. readOnlyPort: {{ kube_read_only_port }}
  32. healthzPort: {{ kubelet_healthz_port }}
  33. healthzBindAddress: {{ kubelet_healthz_bind_address }}
  34. kubeletCgroups: {{ kubelet_kubelet_cgroups }}
  35. clusterDomain: {{ dns_domain }}
  36. {% if kubelet_protect_kernel_defaults|bool %}
  37. protectKernelDefaults: true
  38. {% endif %}
  39. {% if kubelet_rotate_certificates|bool %}
  40. rotateCertificates: true
  41. {% endif %}
  42. {% if kubelet_rotate_server_certificates|bool %}
  43. serverTLSBootstrap: true
  44. {% endif %}
  45. {# DNS settings for kubelet #}
  46. {% if enable_nodelocaldns %}
  47. {% set kubelet_cluster_dns = [nodelocaldns_ip] %}
  48. {% elif dns_mode in ['coredns'] %}
  49. {% set kubelet_cluster_dns = [skydns_server] %}
  50. {% elif dns_mode == 'coredns_dual' %}
  51. {% set kubelet_cluster_dns = [skydns_server,skydns_server_secondary] %}
  52. {% elif dns_mode == 'manual' %}
  53. {% set kubelet_cluster_dns = [manual_dns_server] %}
  54. {% else %}
  55. {% set kubelet_cluster_dns = [] %}
  56. {% endif %}
  57. clusterDNS:
  58. {% for dns_address in kubelet_cluster_dns %}
  59. - {{ dns_address }}
  60. {% endfor %}
  61. {# Node reserved CPU/memory #}
  62. kubeReserved:
  63. {% if is_kube_master|bool %}
  64. cpu: {{ kube_master_cpu_reserved }}
  65. memory: {{ kube_master_memory_reserved }}
  66. {% else %}
  67. cpu: {{ kube_cpu_reserved }}
  68. memory: {{ kube_memory_reserved }}
  69. {% endif %}
  70. {% if system_reserved is defined and system_reserved %}
  71. systemReserved:
  72. {% if is_kube_master|bool %}
  73. cpu: {{ system_master_cpu_reserved }}
  74. memory: {{ system_master_memory_reserved }}
  75. {% else %}
  76. cpu: {{ system_cpu_reserved }}
  77. memory: {{ system_memory_reserved }}
  78. {% endif %}
  79. {% endif %}
  80. resolvConf: "{{ kube_resolv_conf }}"
  81. {% if kubelet_config_extra_args %}
  82. {{ kubelet_config_extra_args | to_nice_yaml(indent=2) }}
  83. {% endif %}
  84. {% if inventory_hostname in groups['kube-node'] and kubelet_node_config_extra_args %}
  85. {{ kubelet_node_config_extra_args | to_nice_yaml(indent=2) }}
  86. {% endif %}
  87. {% if tls_min_version is defined %}
  88. tlsMinVersion: {{ tls_min_version }}
  89. {% endif %}
  90. {% if tls_cipher_suites is defined %}
  91. tlsCipherSuites:
  92. {% for tls in tls_cipher_suites %}
  93. - {{ tls }}
  94. {% endfor %}
  95. {% endif %}
  96. {% if kubelet_event_record_qps %}
  97. eventRecordQPS: {{ kubelet_event_record_qps }}
  98. {% endif %}