c12s-kubespray/roles/kubernetes/node/defaults/main.yml

# Valid options: docker (default), rkt, or host
kubelet_deployment_type: docker

# change to 0.0.0.0 to enable insecure access from anywhere (not recommended)
kube_apiserver_insecure_bind_address: 127.0.0.1

# resolv.conf to base dns config
kube_resolv_conf: "/etc/resolv.conf"

kube_proxy_mode: iptables

# If using the pure iptables proxy, SNAT everything. Note that it breaks any
# policy engine.
kube_proxy_masquerade_all: false

# These options reflect limitations of running kubelet in a container.
# Modify at your own risk
kubelet_enable_cri: false
kubelet_cgroups_per_qos: false
# Set to empty to avoid cgroup creation
kubelet_enforce_node_allocatable: ""


# Limits for kube components and nginx load balancer app
kubelet_memory_limit: 512M
kubelet_cpu_limit: 100m
kubelet_status_update_frequency: 10s
kube_proxy_memory_limit: 2000M
kube_proxy_cpu_limit: 500m
kube_proxy_memory_requests: 64M
kube_proxy_cpu_requests: 150m
nginx_memory_limit: 512M
nginx_cpu_limit: 300m
nginx_memory_requests: 32M
nginx_cpu_requests: 25m

# kube_api_runtime_config:
#   - extensions/v1beta1/daemonsets=true
#   - extensions/v1beta1/deployments=true

nginx_image_repo: nginx
nginx_image_tag: 1.11.4-alpine

etcd_config_dir: /etc/ssl/etcd

# A port range to reserve for services with NodePort visibility.
# Inclusive at both ends of the range.
kube_apiserver_node_port_range: "30000-32767"

kubelet_load_modules: false

##Support custom flags to be passed to kubelet
kubelet_custom_flags: []

# This setting is used for rkt based kubelet for deploying hyperkube
# from a docker based registry ( controls --insecure and docker:// )
## Empty vaule for quay.io containers
## docker for docker registry containers
kube_hyperkube_image_repo: ""