C12s/c12s-kubespray
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
c12s-kubespray/roles/kubernetes-apps/ansible/defaults/main.yml
Thomas Nys 3e3ee0aeb1 Add support for running a nodelocal dns cache (#3861) 
* Add support for running a nodelocal dns cache

After encountering dns issues in a cluster I was recently working on I
noticed Kubernetes 1.13 introduced support for running a nodelocal dns
cache.

I believe this can usefull for more people.

73b548db06
https://github.com/kubernetes/enhancements/blob/master/keps/sig-network/0030-nodelocal-dns-cache.md

* Add requested changes

* Add additional requested changes + documentation

* Add requested changes after review

* Replace incorrect variable
2018-12-10 17:28:03 -08:00

56 lines
1.6 KiB
YAML
Raw Blame History

---
# Limits for dnsmasq/kubedns apps
dns_memory_limit: 170Mi
dns_cpu_requests: 100m
dns_memory_requests: 70Mi
dns_min_replicas: 2
dns_nodes_per_replica: 10
dns_cores_per_replica: 20
dns_prevent_single_point_failure: "{{ 'true' if dns_min_replicas|int > 1 else 'false' }}"
# nodelocaldns
nodelocaldns_cpu_requests: 100m
nodelocaldns_ip: 169.254.25.10
nodelocaldns_memory_limit: 170Mi
nodelocaldnsdns_memory_requests: 70Mi
# Netchecker
deploy_netchecker: false
netchecker_port: 31081
agent_report_interval: 15
netcheck_namespace: default
# Limits for netchecker apps
netchecker_agent_cpu_limit: 30m
netchecker_agent_memory_limit: 100M
netchecker_agent_cpu_requests: 15m
netchecker_agent_memory_requests: 64M
netchecker_server_cpu_limit: 100m
netchecker_server_memory_limit: 256M
netchecker_server_cpu_requests: 50m
netchecker_server_memory_requests: 64M
# SecurityContext when PodSecurityPolicy is enabled
netchecker_agent_user: 1000
netchecker_server_user: 1000
netchecker_agent_group: 1000
netchecker_server_group: 1000
# Dashboard
dashboard_enabled: true
# Limits for dashboard
dashboard_cpu_limit: 100m
dashboard_memory_limit: 256M
dashboard_cpu_requests: 50m
dashboard_memory_requests: 64M
# Set dashboard_use_custom_certs to true if overriding dashboard_certs_secret_name with a secret that
# contains dashboard_tls_key_file and dashboard_tls_cert_file instead of using the initContainer provisioned certs
dashboard_use_custom_certs: false
dashboard_certs_secret_name: kubernetes-dashboard-certs
dashboard_tls_key_file: dashboard.key
dashboard_tls_cert_file: dashboard.crt
# Override dashboard default settings
dashboard_token_ttl: 900
Reference in a new issue View git blame Copy permalink