richard
/
kubespray
mirror of https://github.com/kubernetes-sigs/kubespray.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
7851 Commits
34 Branches
82 Tags
155 MiB
Tree: ebdc599b05
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'ebdc599b05'
${ noResults }
kubespray/roles/kubernetes/control-plane/defaults/main/kube-proxy.yml

114 lines
4.5 KiB
Raw Normal View History

Fix kube-proxy configuration for kubeadm (#3958) - Creates and defaults an ansible variable for every configuration option in the `kubeproxy.config.k8s.io/v1alpha1` type spec - Fixes vars that were orphaned by removing non-kubeadm - Fixes previously harcoded kubeadm values - Introduces a `main` directory for role default files per component (requires ansible 2.6.0+) - Split out just `kube-proxy.yml` in this first effort - Removes the kube-proxy server field patch task We should continue to pull out other components from `main.yml` into their own defaults files as I did here for `defaults/main/kube-proxy.yml`. I hope for and will need others to join me in this refactoring across the project until each component config template has a matching role defaults file, with shared defaults in `kubespray-defaults` or `downloads`
6 years ago
Repair kube_proxy_exclude_cidrs (#4909)
5 years ago
Fix kube-proxy configuration for kubeadm (#3958) - Creates and defaults an ansible variable for every configuration option in the `kubeproxy.config.k8s.io/v1alpha1` type spec - Fixes vars that were orphaned by removing non-kubeadm - Fixes previously harcoded kubeadm values - Introduces a `main` directory for role default files per component (requires ansible 2.6.0+) - Split out just `kube-proxy.yml` in this first effort - Removes the kube-proxy server field patch task We should continue to pull out other components from `main.yml` into their own defaults files as I did here for `defaults/main/kube-proxy.yml`. I hope for and will need others to join me in this refactoring across the project until each component config template has a matching role defaults file, with shared defaults in `kubespray-defaults` or `downloads`
6 years ago
MetalLB: fail if kube_proxy_strict_arp is false (#5180) When using IPVS, kube_proxy_strict_arp = true is required https://github.com/danderson/metallb/issues/153#issuecomment-518651132 Add kube_proxy_strict_arp to inventory/sample
5 years ago
kube-vip shoud fail if kube_proxy_strict_arp is false in arp mod (#9223) * fix-kube-vip-strict-arp * fix-kube-vip-strict-arp
2 years ago
Allow to configure strict ARP on kube-proxy (#5092)
5 years ago
Add option to configure IPVS timeouts in kube-proxy configration manifest. (#6396)
4 years ago
Fix kube-proxy configuration for kubeadm (#3958) - Creates and defaults an ansible variable for every configuration option in the `kubeproxy.config.k8s.io/v1alpha1` type spec - Fixes vars that were orphaned by removing non-kubeadm - Fixes previously harcoded kubeadm values - Introduces a `main` directory for role default files per component (requires ansible 2.6.0+) - Split out just `kube-proxy.yml` in this first effort - Removes the kube-proxy server field patch task We should continue to pull out other components from `main.yml` into their own defaults files as I did here for `defaults/main/kube-proxy.yml`. I hope for and will need others to join me in this refactoring across the project until each component config template has a matching role defaults file, with shared defaults in `kubespray-defaults` or `downloads`
6 years ago
keep compatibility as it was before (#4268)
6 years ago
Fix kube-proxy configuration for kubeadm (#3958) - Creates and defaults an ansible variable for every configuration option in the `kubeproxy.config.k8s.io/v1alpha1` type spec - Fixes vars that were orphaned by removing non-kubeadm - Fixes previously harcoded kubeadm values - Introduces a `main` directory for role default files per component (requires ansible 2.6.0+) - Split out just `kube-proxy.yml` in this first effort - Removes the kube-proxy server field patch task We should continue to pull out other components from `main.yml` into their own defaults files as I did here for `defaults/main/kube-proxy.yml`. I hope for and will need others to join me in this refactoring across the project until each component config template has a matching role defaults file, with shared defaults in `kubespray-defaults` or `downloads`
6 years ago
project: fix var-spacing ansible rule (#10266) * project: fix var-spacing ansible rule Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: fix spacing on the beginning/end of jinja template Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: fix spacing of default filter Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: fix spacing between filter arguments Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: fix double space at beginning/end of jinja Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: fix remaining jinja[spacing] ansible-lint warning Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> --------- Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
1 year ago
  1. ---
  2. # bind address for kube-proxy
  3. kube_proxy_bind_address: '0.0.0.0'
  5. # acceptContentTypes defines the Accept header sent by clients when connecting to a server, overriding the
  6. # default value of 'application/json'. This field will control all connections to the server used by a particular
  7. # client.
  8. kube_proxy_client_accept_content_types: ''
  10. # burst allows extra queries to accumulate when a client is exceeding its rate.
  11. kube_proxy_client_burst: 10
  13. # contentType is the content type used when sending data to the server from this client.
  14. kube_proxy_client_content_type: application/vnd.kubernetes.protobuf
  16. # kubeconfig is the path to a KubeConfig file.
  17. # Leave as empty string to generate from other fields
  18. kube_proxy_client_kubeconfig: ''
  20. # qps controls the number of queries per second allowed for this connection.
  21. kube_proxy_client_qps: 5
  23. # How often configuration from the apiserver is refreshed. Must be greater than 0.
  24. kube_proxy_config_sync_period: 15m0s
  26. ### Conntrack
  27. # maxPerCore is the maximum number of NAT connections to track
  28. # per CPU core (0 to leave the limit as-is and ignore min).
  29. kube_proxy_conntrack_max_per_core: 32768
  31. # min is the minimum value of connect-tracking records to allocate,
  32. # regardless of conntrackMaxPerCore (set maxPerCore=0 to leave the limit as-is).
  33. kube_proxy_conntrack_min: 131072
  35. # tcpCloseWaitTimeout is how long an idle conntrack entry
  36. # in CLOSE_WAIT state will remain in the conntrack
  37. # table. (e.g. '60s'). Must be greater than 0 to set.
  38. kube_proxy_conntrack_tcp_close_wait_timeout: 1h0m0s
  40. # tcpEstablishedTimeout is how long an idle TCP connection will be kept open
  41. # (e.g. '2s'). Must be greater than 0 to set.
  42. kube_proxy_conntrack_tcp_established_timeout: 24h0m0s
  44. # Enables profiling via web interface on /debug/pprof handler.
  45. # Profiling handlers will be handled by metrics server.
  46. kube_proxy_enable_profiling: false
  48. # bind address for kube-proxy health check
  49. kube_proxy_healthz_bind_address: 0.0.0.0:10256
  51. # If using the pure iptables proxy, SNAT everything. Note that it breaks any
  52. # policy engine.
  53. kube_proxy_masquerade_all: false
  55. # If using the pure iptables proxy, the bit of the fwmark space to mark packets requiring SNAT with.
  56. # Must be within the range [0, 31].
  57. kube_proxy_masquerade_bit: 14
  59. # The minimum interval of how often the iptables or ipvs rules can be refreshed as
  60. # endpoints and services change (e.g. '5s', '1m', '2h22m').
  61. kube_proxy_min_sync_period: 0s
  63. # The maximum interval of how often iptables or ipvs rules are refreshed (e.g. '5s', '1m', '2h22m').
  64. # Must be greater than 0.
  65. kube_proxy_sync_period: 30s
  67. # A comma-separated list of CIDR's which the ipvs proxier should not touch when cleaning up IPVS rules.
  68. kube_proxy_exclude_cidrs: []
  70. # The ipvs scheduler type when proxy mode is ipvs
  71. # rr: round-robin
  72. # lc: least connection
  73. # dh: destination hashing
  74. # sh: source hashing
  75. # sed: shortest expected delay
  76. # nq: never queue
  77. kube_proxy_scheduler: rr
  79. # configure arp_ignore and arp_announce to avoid answering ARP queries from kube-ipvs0 interface
  80. # must be set to true for MetalLB, kube-vip(ARP enabled) to work
  81. kube_proxy_strict_arp: false
  83. # kube_proxy_tcp_timeout is the timeout value used for idle IPVS TCP sessions.
  84. # The default value is 0, which preserves the current timeout value on the system.
  85. kube_proxy_tcp_timeout: 0s
  87. # kube_proxy_tcp_fin_timeout is the timeout value used for IPVS TCP sessions after receiving a FIN.
  88. # The default value is 0, which preserves the current timeout value on the system.
  89. kube_proxy_tcp_fin_timeout: 0s
  91. # kube_proxy_udp_timeout is the timeout value used for IPVS UDP packets.
  92. # The default value is 0, which preserves the current timeout value on the system.
  93. kube_proxy_udp_timeout: 0s
  95. # The IP address and port for the metrics server to serve on
  96. # (set to 0.0.0.0 for all IPv4 interfaces and `::` for all IPv6 interfaces)
  97. kube_proxy_metrics_bind_address: 127.0.0.1:10249
  99. # A string slice of values which specify the addresses to use for NodePorts.
  100. # Values may be valid IP blocks (e.g. 1.2.3.0/24, 1.2.3.4/32).
  101. # The default empty string slice ([]) means to use all local addresses.
  102. kube_proxy_nodeport_addresses: >-
  103. {%- if kube_proxy_nodeport_addresses_cidr is defined -%}
  104. [{{ kube_proxy_nodeport_addresses_cidr }}]
  105. {%- else -%}
  106. []
  107. {%- endif -%}
  109. # oom-score-adj value for kube-proxy process. Values must be within the range [-1000, 1000]
  110. kube_proxy_oom_score_adj: -999
  112. # portRange is the range of host ports (beginPort-endPort, inclusive) that may be consumed
  113. # in order to proxy service traffic. If unspecified, 0, or (0-0) then ports will be randomly chosen.
  114. kube_proxy_port_range: ''