ca3050ec3d
Change kubelet deploy mode to host Enable cri and qos per cgroup for kubelet Update CoreOS images Add upgrade hook for switching from kubelet deployment from docker to host. Bump machine type for ubuntu-rkt-sep
63 lines
1.8 KiB
YAML
63 lines
1.8 KiB
YAML
# Valid options: docker (default), rkt, or host
|
|
kubelet_deployment_type: host
|
|
|
|
# change to 0.0.0.0 to enable insecure access from anywhere (not recommended)
|
|
kube_apiserver_insecure_bind_address: 127.0.0.1
|
|
|
|
# resolv.conf to base dns config
|
|
kube_resolv_conf: "/etc/resolv.conf"
|
|
|
|
kube_proxy_mode: iptables
|
|
|
|
# If using the pure iptables proxy, SNAT everything. Note that it breaks any
|
|
# policy engine.
|
|
kube_proxy_masquerade_all: false
|
|
|
|
# These options reflect limitations of running kubelet in a container.
|
|
# Modify at your own risk
|
|
kubelet_enable_cri: true
|
|
kubelet_cgroups_per_qos: true
|
|
# Set to empty to avoid cgroup creation
|
|
kubelet_enforce_node_allocatable: "\"\""
|
|
|
|
|
|
# Limits for kube components and nginx load balancer app
|
|
kubelet_memory_limit: 512M
|
|
kubelet_cpu_limit: 100m
|
|
kubelet_status_update_frequency: 10s
|
|
kube_proxy_memory_limit: 2000M
|
|
kube_proxy_cpu_limit: 500m
|
|
kube_proxy_memory_requests: 64M
|
|
kube_proxy_cpu_requests: 150m
|
|
nginx_memory_limit: 512M
|
|
nginx_cpu_limit: 300m
|
|
nginx_memory_requests: 32M
|
|
nginx_cpu_requests: 25m
|
|
|
|
# kube_api_runtime_config:
|
|
# - extensions/v1beta1/daemonsets=true
|
|
# - extensions/v1beta1/deployments=true
|
|
|
|
nginx_image_repo: nginx
|
|
nginx_image_tag: 1.11.4-alpine
|
|
|
|
etcd_config_dir: /etc/ssl/etcd
|
|
|
|
# A port range to reserve for services with NodePort visibility.
|
|
# Inclusive at both ends of the range.
|
|
kube_apiserver_node_port_range: "30000-32767"
|
|
|
|
kubelet_load_modules: false
|
|
|
|
##Support custom flags to be passed to kubelet
|
|
kubelet_custom_flags: []
|
|
|
|
# This setting is used for rkt based kubelet for deploying hyperkube
|
|
# from a docker based registry ( controls --insecure and docker:// )
|
|
## Empty vaule for quay.io containers
|
|
## docker for docker registry containers
|
|
kube_hyperkube_image_repo: ""
|
|
|
|
# If non-empty, will use this string as identification instead of the actual hostname
|
|
kube_override_hostname: "{{ ansible_hostname }}"
|