5c25b57989
* Ability to define options for DNS upstream servers * Doc and sample inventory vars
93 lines
2.9 KiB
YAML
93 lines
2.9 KiB
YAML
---
|
|
# Limits for coredns
|
|
dns_memory_limit: 300Mi
|
|
dns_cpu_requests: 100m
|
|
dns_memory_requests: 70Mi
|
|
dns_min_replicas: "{{ [ 2, groups['k8s_cluster'] | length ] | min }}"
|
|
dns_nodes_per_replica: 16
|
|
dns_cores_per_replica: 256
|
|
dns_prevent_single_point_failure: "{{ 'true' if dns_min_replicas|int > 1 else 'false' }}"
|
|
enable_coredns_reverse_dns_lookups: true
|
|
coredns_ordinal_suffix: ""
|
|
# dns_extra_tolerations: [{effect: NoSchedule, operator: "Exists"}]
|
|
coredns_deployment_nodeselector: "kubernetes.io/os: linux"
|
|
coredns_default_zone_cache_block: |
|
|
cache 30
|
|
|
|
# dns_upstream_forward_extra_opts apply to coredns forward section as well as nodelocaldns upstream target forward section
|
|
# dns_upstream_forward_extra_opts:
|
|
# policy: sequential
|
|
|
|
# nodelocaldns
|
|
nodelocaldns_cpu_requests: 100m
|
|
nodelocaldns_memory_limit: 200Mi
|
|
nodelocaldns_memory_requests: 70Mi
|
|
nodelocaldns_ds_nodeselector: "kubernetes.io/os: linux"
|
|
nodelocaldns_prometheus_port: 9253
|
|
nodelocaldns_secondary_prometheus_port: 9255
|
|
|
|
# Limits for dns-autoscaler
|
|
dns_autoscaler_cpu_requests: 20m
|
|
dns_autoscaler_memory_requests: 10Mi
|
|
dns_autoscaler_deployment_nodeselector: "kubernetes.io/os: linux"
|
|
# dns_autoscaler_extra_tolerations: [{effect: NoSchedule, operator: "Exists"}]
|
|
|
|
# etcd metrics
|
|
# etcd_metrics_service_labels:
|
|
# k8s-app: etcd
|
|
# app.kubernetes.io/managed-by: Kubespray
|
|
# app: kube-prometheus-stack-kube-etcd
|
|
# release: prometheus-stack
|
|
|
|
# Netchecker
|
|
deploy_netchecker: false
|
|
netchecker_port: 31081
|
|
agent_report_interval: 15
|
|
netcheck_namespace: default
|
|
|
|
# Limits for netchecker apps
|
|
netchecker_agent_cpu_limit: 30m
|
|
netchecker_agent_memory_limit: 100M
|
|
netchecker_agent_cpu_requests: 15m
|
|
netchecker_agent_memory_requests: 64M
|
|
netchecker_server_cpu_limit: 100m
|
|
netchecker_server_memory_limit: 256M
|
|
netchecker_server_cpu_requests: 50m
|
|
netchecker_server_memory_requests: 64M
|
|
netchecker_etcd_cpu_limit: 200m
|
|
netchecker_etcd_memory_limit: 256M
|
|
netchecker_etcd_cpu_requests: 100m
|
|
netchecker_etcd_memory_requests: 128M
|
|
|
|
# SecurityContext when PodSecurityPolicy is enabled
|
|
netchecker_agent_user: 1000
|
|
netchecker_server_user: 1000
|
|
netchecker_agent_group: 1000
|
|
netchecker_server_group: 1000
|
|
|
|
# Dashboard
|
|
dashboard_replicas: 1
|
|
|
|
# Namespace for dashboard
|
|
dashboard_namespace: kube-system
|
|
|
|
# Limits for dashboard
|
|
dashboard_cpu_limit: 100m
|
|
dashboard_memory_limit: 256M
|
|
dashboard_cpu_requests: 50m
|
|
dashboard_memory_requests: 64M
|
|
|
|
# Set dashboard_use_custom_certs to true if overriding dashboard_certs_secret_name with a secret that
|
|
# contains dashboard_tls_key_file and dashboard_tls_cert_file instead of using the initContainer provisioned certs
|
|
dashboard_use_custom_certs: false
|
|
dashboard_certs_secret_name: kubernetes-dashboard-certs
|
|
dashboard_tls_key_file: dashboard.key
|
|
dashboard_tls_cert_file: dashboard.crt
|
|
dashboard_master_toleration: true
|
|
|
|
# Override dashboard default settings
|
|
dashboard_token_ttl: 900
|
|
dashboard_skip_login: false
|
|
|
|
# Policy Controllers
|
|
# policy_controller_extra_tolerations: [{effect: NoSchedule, operator: "Exists"}]
|