From cc9f3ea938693faf42196de4963bbcdb49d68e6e Mon Sep 17 00:00:00 2001
From: nico <nico.marcq@gmail.com>
Date: Wed, 19 Jul 2017 16:57:36 +0200
Subject: [PATCH] Fix enforce-node-allocatable option

Closes #1228
pods is default enforcement

see https://kubernetes.io/docs/tasks/administer-cluster/reserve-compute-resources/
add

update
---
 inventory/group_vars/k8s-cluster.yml       | 12 ++++++++++++
 roles/kubernetes/node/defaults/main.yml    |  2 +-
 roles/kubernetes/node/templates/kubelet.j2 |  2 +-
 3 files changed, 14 insertions(+), 2 deletions(-)

diff --git a/inventory/group_vars/k8s-cluster.yml b/inventory/group_vars/k8s-cluster.yml
index eebb9abd0..f0c3304c1 100644
--- a/inventory/group_vars/k8s-cluster.yml
+++ b/inventory/group_vars/k8s-cluster.yml
@@ -152,3 +152,15 @@ efk_enabled: false
 
 # Helm deployment
 helm_enabled: false
+
+# dnsmasq
+# dnsmasq_upstream_dns_servers:
+#  - /resolvethiszone.with/10.0.4.250
+#  - 8.8.8.8
+
+#  Enable creation of QoS cgroup hierarchy, if true top level QoS and pod cgroups are created. (default true)
+# kubelet_cgroups_per_qos: true
+
+# A comma separated list of levels of node allocatable enforcement to be enforced by kubelet.
+# Acceptible options are 'pods', 'system-reserved', 'kube-reserved' and ''. Default is "".
+# kubelet_enforce_node_allocatable: pods
diff --git a/roles/kubernetes/node/defaults/main.yml b/roles/kubernetes/node/defaults/main.yml
index 4e34dcc99..2527abd69 100644
--- a/roles/kubernetes/node/defaults/main.yml
+++ b/roles/kubernetes/node/defaults/main.yml
@@ -18,7 +18,7 @@ kube_proxy_masquerade_all: false
 kubelet_enable_cri: false
 kubelet_cgroups_per_qos: false
 # Set to empty to avoid cgroup creation
-kubelet_enforce_node_allocatable: ""
+kubelet_enforce_node_allocatable: "\"\""
 
 
 # Limits for kube components and nginx load balancer app
diff --git a/roles/kubernetes/node/templates/kubelet.j2 b/roles/kubernetes/node/templates/kubelet.j2
index 8c0ea94b5..e858022e2 100644
--- a/roles/kubernetes/node/templates/kubelet.j2
+++ b/roles/kubernetes/node/templates/kubelet.j2
@@ -19,7 +19,7 @@ KUBELET_HOSTNAME="--hostname-override={{ ansible_hostname }}"
 --enable-cri={{ kubelet_enable_cri }} \
 {% endif %}
 --cgroups-per-qos={{ kubelet_cgroups_per_qos }} \
---enforce-node-allocatable='{{ kubelet_enforce_node_allocatable }}' {% endif %}{% endset %}
+--enforce-node-allocatable={{ kubelet_enforce_node_allocatable }} {% endif %}{% endset %}
 
 {# DNS settings for kubelet #}
 {% if dns_mode == 'kubedns' %}