2019-04-19 08:59:54 +02:00
|
|
|
---
|
2019-04-17 17:32:03 +02:00
|
|
|
# Instance settings
|
|
|
|
cloud_image: centos-7
|
|
|
|
mode: ha
|
|
|
|
|
|
|
|
# Kubespray settings
|
2019-04-20 15:21:40 +02:00
|
|
|
kubeadm_certificate_key: 3998c58db6497dd17d909394e62d515368c06ec617710d02edea31c06d741085
|
2019-04-29 09:36:19 +03:00
|
|
|
kube_proxy_mode: iptables
|
2019-04-17 17:32:03 +02:00
|
|
|
kube_network_plugin: flannel
|
2020-12-07 12:09:25 +03:00
|
|
|
download_localhost: false
|
|
|
|
download_run_once: true
|
2019-04-17 17:32:03 +02:00
|
|
|
helm_enabled: true
|
2021-05-03 22:16:03 +08:00
|
|
|
krew_enabled: true
|
2019-04-17 17:32:03 +02:00
|
|
|
kubernetes_audit: true
|
2019-07-11 09:46:54 +03:00
|
|
|
container_manager: containerd
|
2019-06-06 15:10:17 +01:00
|
|
|
etcd_events_cluster_enabled: true
|
2019-04-17 17:32:03 +02:00
|
|
|
local_volume_provisioner_enabled: true
|
|
|
|
etcd_deployment_type: host
|
|
|
|
deploy_netchecker: true
|
|
|
|
dns_min_replicas: 1
|
|
|
|
kube_encrypt_secret_data: true
|
|
|
|
ingress_nginx_enabled: true
|
|
|
|
cert_manager_enabled: true
|
2019-05-07 22:20:36 +02:00
|
|
|
# Disable as health checks are still unstable and slow to respond.
|
|
|
|
metrics_server_enabled: false
|
2019-04-23 23:46:02 +02:00
|
|
|
metrics_server_kubelet_insecure_tls: true
|
2019-04-17 17:32:03 +02:00
|
|
|
kube_token_auth: true
|
2019-04-20 15:21:40 +02:00
|
|
|
enable_nodelocaldns: false
|
2020-09-03 16:25:41 +02:00
|
|
|
kubelet_rotate_server_certificates: true
|
2019-12-05 14:40:32 +01:00
|
|
|
|
|
|
|
kube_oidc_url: https://accounts.google.com/.well-known/openid-configuration
|
|
|
|
kube_oidc_client_id: kubespray-example
|
2020-06-16 19:10:05 +08:00
|
|
|
|
|
|
|
tls_min_version: "VersionTLS12"
|
|
|
|
tls_cipher_suites:
|
|
|
|
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
|
2020-12-08 10:13:10 +08:00
|
|
|
|
|
|
|
# test etcd tls cipher suites
|
|
|
|
etcd_tls_cipher_suites:
|
|
|
|
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
|
|
|
|
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
|
2021-05-19 18:24:53 +03:00
|
|
|
|
|
|
|
# Containerd
|
|
|
|
containerd_storage_dir: /var/data/containerd
|
|
|
|
containerd_state_dir: /run/cri/containerd
|
|
|
|
containerd_oom_score: -999
|