forked from bottlerocket-os/bottlerocket
-
Notifications
You must be signed in to change notification settings - Fork 0
/
kubelet-config
112 lines (112 loc) · 3.62 KB
/
kubelet-config
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
---
kind: KubeletConfiguration
apiVersion: kubelet.config.k8s.io/v1beta1
{{#if settings.kubernetes.standalone-mode}}
address: 127.0.0.1
authentication:
anonymous:
enabled: true
webhook:
enabled: false
authorization:
mode: AlwaysAllow
{{else}}
address: 0.0.0.0
authentication:
anonymous:
enabled: false
webhook:
cacheTTL: 2m0s
enabled: true
x509:
clientCAFile: "/etc/kubernetes/pki/ca.crt"
authorization:
mode: Webhook
webhook:
cacheAuthorizedTTL: 5m0s
cacheUnauthorizedTTL: 30s
{{/if}}
clusterDomain: {{settings.kubernetes.cluster-domain}}
{{#if settings.kubernetes.cluster-dns-ip}}
clusterDNS:
- {{settings.kubernetes.cluster-dns-ip}}
{{/if}}
{{#if settings.kubernetes.eviction-hard}}
evictionHard:
{{#each settings.kubernetes.eviction-hard}}
{{@key}}: "{{this}}"
{{/each}}
{{/if}}
{{#if settings.kubernetes.allowed-unsafe-sysctls}}
allowedUnsafeSysctls: {{settings.kubernetes.allowed-unsafe-sysctls}}
{{/if}}
{{#if settings.kubernetes.registry-qps includeZero=true}}
registryPullQPS: {{settings.kubernetes.registry-qps}}
{{/if}}
{{#if settings.kubernetes.registry-burst includeZero=true}}
registryBurst: {{settings.kubernetes.registry-burst}}
{{/if}}
{{#if settings.kubernetes.event-qps includeZero=true}}
eventRecordQPS: {{settings.kubernetes.event-qps}}
{{/if}}
{{#if settings.kubernetes.event-burst includeZero=true}}
eventBurst: {{settings.kubernetes.event-burst}}
{{/if}}
{{#if settings.kubernetes.kube-api-qps includeZero=true}}
kubeAPIQPS: {{settings.kubernetes.kube-api-qps}}
{{/if}}
{{#if settings.kubernetes.kube-api-burst includeZero=true}}
kubeAPIBurst: {{settings.kubernetes.kube-api-burst}}
{{/if}}
kubeReserved:
cpu: "{{kube_reserve_cpu settings.kubernetes.kube-reserved.cpu}}"
{{#if settings.kubernetes.kube-reserved.memory}}
memory: "{{settings.kubernetes.kube-reserved.memory}}"
{{else}}
{{#if settings.kubernetes.max-pods}}
memory: "{{kube_reserve_memory settings.kubernetes.max-pods settings.kubernetes.kube-reserved.memory}}"
{{/if}}
{{/if}}
ephemeral-storage: "{{default "1Gi" settings.kubernetes.kube-reserved.ephemeral-storage}}"
kubeReservedCgroup: "/runtime"
{{#if settings.kubernetes.system-reserved}}
systemReserved:
{{#each settings.kubernetes.system-reserved}}
{{@key}}: "{{this}}"
{{/each}}
systemReservedCgroup: "/system"
{{/if}}
cpuManagerPolicy: {{default "none" settings.kubernetes.cpu-manager-policy}}
{{#if settings.kubernetes.cpu-manager-reconcile-period}}
cpuManagerReconcilePeriod: {{settings.kubernetes.cpu-manager-reconcile-period}}
{{/if}}
{{#if settings.kubernetes.topology-manager-scope}}
topologyManagerScope: {{settings.kubernetes.topology-manager-scope}}
{{/if}}
{{#if settings.kubernetes.topology-manager-policy}}
topologyManagerPolicy: {{settings.kubernetes.topology-manager-policy}}
{{/if}}
resolvConf: "/etc/resolv.conf"
hairpinMode: hairpin-veth
readOnlyPort: 0
cgroupDriver: systemd
cgroupRoot: "/"
runtimeRequestTimeout: 15m
featureGates:
RotateKubeletServerCertificate: true
CSIMigration: false
protectKernelDefaults: true
serializeImagePulls: false
serverTLSBootstrap: {{settings.kubernetes.server-tls-bootstrap}}
configMapAndSecretChangeDetectionStrategy: Cache
tlsCipherSuites:
- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
volumePluginDir: "/var/lib/kubelet/plugins/volume/exec"
maxPods: {{default 110 settings.kubernetes.max-pods}}
staticPodPath: "/etc/kubernetes/static-pods/"
{{#if settings.kubernetes.container-log-max-size includeZero=true}}
containerLogMaxSize: {{settings.kubernetes.container-log-max-size}}
{{/if}}
{{#if settings.kubernetes.container-log-max-files includeZero=true}}
containerLogMaxFiles: {{settings.kubernetes.container-log-max-files}}
{{/if}}