refactor: Unifi feature-gate handling in kubeadm chart
This commit is contained in:
parent
c1a1aea29f
commit
9391958a3a
@ -23,12 +23,14 @@ controllerManager:
|
|||||||
terminated-pod-gc-threshold: "300"
|
terminated-pod-gc-threshold: "300"
|
||||||
leader-elect: {{ .Values.clusterHighAvailable | quote }}
|
leader-elect: {{ .Values.clusterHighAvailable | quote }}
|
||||||
logging-format: json
|
logging-format: json
|
||||||
|
feature-gates: "{{ include "kubeadm.featuregates" ( dict "return" "csv" "platform" .Values.platform ) | trimSuffix "," }}"
|
||||||
scheduler:
|
scheduler:
|
||||||
extraArgs:
|
extraArgs:
|
||||||
profiling: "false"
|
profiling: "false"
|
||||||
bind-address: {{ .Values.listenAddress }}
|
bind-address: {{ .Values.listenAddress }}
|
||||||
leader-elect: {{ .Values.clusterHighAvailable | quote }}
|
leader-elect: {{ .Values.clusterHighAvailable | quote }}
|
||||||
logging-format: json
|
logging-format: json
|
||||||
|
feature-gates: "{{ include "kubeadm.featuregates" ( dict "return" "csv" "platform" .Values.platform ) | trimSuffix "," }}"
|
||||||
apiServer:
|
apiServer:
|
||||||
certSANs:
|
certSANs:
|
||||||
- {{ regexSplit ":" .Values.apiEndpoint -1 | first }}
|
- {{ regexSplit ":" .Values.apiEndpoint -1 | first }}
|
||||||
@ -44,10 +46,8 @@ apiServer:
|
|||||||
admission-control-config-file: /etc/kubernetes/apiserver/admission-configuration.yaml
|
admission-control-config-file: /etc/kubernetes/apiserver/admission-configuration.yaml
|
||||||
{{- if eq .Values.platform "aws" }}
|
{{- if eq .Values.platform "aws" }}
|
||||||
authentication-token-webhook-config-file: /etc/kubernetes/apiserver/aws-iam-authenticator.yaml
|
authentication-token-webhook-config-file: /etc/kubernetes/apiserver/aws-iam-authenticator.yaml
|
||||||
feature-gates: "CSIMigrationAWS=true,CSIMigrationAWSComplete=true,DefaultPodTopologySpread=true"
|
|
||||||
{{- else }}
|
|
||||||
feature-gates: "DefaultPodTopologySpread=true"
|
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
feature-gates: "{{ include "kubeadm.featuregates" ( dict "return" "csv" "platform" .Values.platform ) | trimSuffix "," }}"
|
||||||
enable-admission-plugins: NodeRestriction,EventRateLimit
|
enable-admission-plugins: NodeRestriction,EventRateLimit
|
||||||
{{- if .Values.clusterHighAvailable }}
|
{{- if .Values.clusterHighAvailable }}
|
||||||
# goaway-chance: ".001"
|
# goaway-chance: ".001"
|
||||||
|
@ -17,12 +17,7 @@ eventRecordQPS: 0
|
|||||||
# tlsCertFile: /var/lib/kubelet/pki/kubelet.crt
|
# tlsCertFile: /var/lib/kubelet/pki/kubelet.crt
|
||||||
# tlsPrivateKeyFile: /var/lib/kubelet/pki/kubelet.key
|
# tlsPrivateKeyFile: /var/lib/kubelet/pki/kubelet.key
|
||||||
tlsCipherSuites: [TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_128_GCM_SHA256]
|
tlsCipherSuites: [TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_128_GCM_SHA256]
|
||||||
featureGates:
|
featureGates: {{ include "kubeadm.featuregates" ( dict "return" "map" "platform" .Values.platform ) }}
|
||||||
CustomCPUCFSQuotaPeriod: true
|
|
||||||
{{- if eq .Values.platform "aws" }}
|
|
||||||
CSIMigrationAWS: true
|
|
||||||
CSIMigrationAWSComplete: true
|
|
||||||
{{- end }}
|
|
||||||
# Minimal unit is 50m per pod
|
# Minimal unit is 50m per pod
|
||||||
podsPerCore: 20
|
podsPerCore: 20
|
||||||
# Basic OS on Ubuntu 20.04 incl. crio
|
# Basic OS on Ubuntu 20.04 incl. crio
|
||||||
|
18
charts/kubeadm/templates/_helpers.tpl
Normal file
18
charts/kubeadm/templates/_helpers.tpl
Normal file
@ -0,0 +1,18 @@
|
|||||||
|
{{- /*
|
||||||
|
Feature gates for all control plane components
|
||||||
|
*/ -}}
|
||||||
|
{{- define "kubeadm.featuregates" -}}
|
||||||
|
{{- $gates := dict "DefaultPodTopologySpread" "true" "CustomCPUCFSQuotaPeriod" "true" }}
|
||||||
|
{{- if eq .platform "aws" }}
|
||||||
|
{{- $gates = merge $gates ( dict "CSIMigrationAWS" "true" "CSIMigrationAWSComplete" "true") }}
|
||||||
|
{{- end }}
|
||||||
|
{{- if eq .return "csv" }}
|
||||||
|
{{- range $key, $val := $gates }}
|
||||||
|
{{- $key }}={{- $val }},
|
||||||
|
{{- end }}
|
||||||
|
{{- else }}
|
||||||
|
{{- range $key, $val := $gates }}
|
||||||
|
{{ $key }}: {{ $val }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end -}}
|
1
kubezero-repo.GFV/repo
Submodule
1
kubezero-repo.GFV/repo
Submodule
@ -0,0 +1 @@
|
|||||||
|
Subproject commit 25b8ebe3cc2af88643a4674a63e651e9c31245cb
|
@ -52,7 +52,7 @@ git status
|
|||||||
|
|
||||||
if [ "$GIT_PUSH" == "true" ]
|
if [ "$GIT_PUSH" == "true" ]
|
||||||
then
|
then
|
||||||
git add . && git commit -m "Publish charts" && git push ssh://git@git.zero-downtime.net:22000/ZeroDownTime/KubeZero.git gh-pages
|
git add . && git commit -m "ci: Publish charts" && git push ssh://git@git.zero-downtime.net:22000/ZeroDownTime/KubeZero.git gh-pages
|
||||||
fi
|
fi
|
||||||
|
|
||||||
cd -
|
cd -
|
||||||
|
Loading…
Reference in New Issue
Block a user