feat: first stab at Kubernetes 1.20 kubeadm config
This commit is contained in:
parent
882165cc58
commit
adb54b7663
@ -42,6 +42,7 @@ apiServer:
|
||||
audit-log-maxage: "7"
|
||||
audit-log-maxsize: "100"
|
||||
audit-log-maxbackup: "3"
|
||||
audit-log-compress: "true"
|
||||
tls-cipher-suites: "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384"
|
||||
admission-control-config-file: /etc/kubernetes/apiserver/admission-configuration.yaml
|
||||
{{- if eq .Values.platform "aws" }}
|
||||
|
@ -1,3 +1,4 @@
|
||||
# https://kubernetes.io/docs/reference/config-api/kubelet-config.v1beta1/
|
||||
apiVersion: kubelet.config.k8s.io/v1beta1
|
||||
kind: KubeletConfiguration
|
||||
metadata:
|
||||
@ -22,14 +23,15 @@ featureGates: {{ include "kubeadm.featuregates" ( dict "return" "map" "platform"
|
||||
podsPerCore: 20
|
||||
# cpuCFSQuotaPeriod: 10ms
|
||||
# Basic OS on Ubuntu 20.04 incl. crio
|
||||
#systemReserved:
|
||||
# memory: 256Mi
|
||||
# This should be dynamic based on number of maxpods and available cores
|
||||
# https://cloud.google.com/kubernetes-engine/docs/concepts/cluster-architecture#memory_cpu
|
||||
# Below are default minimal for 2 cores and minimum kubelet
|
||||
systemReserved:
|
||||
memory: 256Mi
|
||||
ephemeral-storage: "2Gi"
|
||||
# kubelet memory should be static as runc,conmon are added to each pod's cgroup
|
||||
kubeReserved:
|
||||
cpu: 70m
|
||||
# memory: 128Mi
|
||||
memory: 128Mi
|
||||
# Lets use below to reserve memory for system processes as kubeReserved/sytemReserved doesnt go well with systemd it seems
|
||||
evictionHard:
|
||||
memory.available: "484Mi"
|
||||
#evictionHard:
|
||||
# memory.available: "484Mi"
|
||||
imageGCLowThresholdPercent: 70
|
||||
kernelMemcgNotification: true
|
||||
|
@ -2,17 +2,14 @@
|
||||
Feature gates for all control plane components
|
||||
*/ -}}
|
||||
{{- define "kubeadm.featuregates" -}}
|
||||
{{- $gates := dict "DefaultPodTopologySpread" "true" "CustomCPUCFSQuotaPeriod" "true" "GenericEphemeralVolume" "true" }}
|
||||
{{- if eq .platform "aws" }}
|
||||
{{- $gates = merge $gates ( dict "CSIMigrationAWS" "true" "CSIMigrationAWSComplete" "true") }}
|
||||
{{- end }}
|
||||
{{- $gates := list "CustomCPUCFSQuotaPeriod" "GenericEphemeralVolume" "CSIMigrationAWSComplete" "CSIMigrationAzureDiskComplete" "CSIMigrationAzureFileComplete" "CSIMigrationGCEComplete" "CSIMigrationOpenStackComplete" "CSIMigrationvSphereComplete" }}
|
||||
{{- if eq .return "csv" }}
|
||||
{{- range $key, $val := $gates }}
|
||||
{{- $key }}={{- $val }},
|
||||
{{- range $key := $gates }}
|
||||
{{- $key }}=true,
|
||||
{{- end }}
|
||||
{{- else }}
|
||||
{{- range $key, $val := $gates }}
|
||||
{{ $key }}: {{ $val }}
|
||||
{{- range $key := $gates }}
|
||||
{{ $key }}: true
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end -}}
|
||||
|
@ -3,5 +3,5 @@ spec:
|
||||
- name: etcd
|
||||
resources:
|
||||
requests:
|
||||
cpu: 250m
|
||||
cpu: 200m
|
||||
memory: 192Mi
|
||||
|
@ -3,5 +3,5 @@ spec:
|
||||
- name: kube-apiserver
|
||||
resources:
|
||||
requests:
|
||||
cpu: 250m
|
||||
cpu: 200m
|
||||
memory: 1Gi
|
||||
|
@ -3,5 +3,5 @@ spec:
|
||||
- name: kube-controller-manager
|
||||
resources:
|
||||
requests:
|
||||
cpu: 200m
|
||||
cpu: 100m
|
||||
memory: 128Mi
|
||||
|
Loading…
Reference in New Issue
Block a user