-
Notifications
You must be signed in to change notification settings - Fork 1
/
node-kubelet-conf.yaml
38 lines (37 loc) · 1.1 KB
/
node-kubelet-conf.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/kubelet/config/v1beta1/types.go
kind: KubeletConfiguration
apiVersion: kubelet.config.k8s.io/v1beta1
authentication:
anonymous:
enabled: false
webhook:
enabled: true
x509:
clientCAFile: "/etc/kubernetes/ssl/ca.pem"
authorization:
mode: AlwaysAllow
%{ if (kubelet_cgroup_v2_runtime_enabled || use_deprecated_docker_runtime)}
cgroupDriver: systemd
%{ endif ~}
clusterDNS:${cluster_dns}
clusterDomain: "cluster.local"
${feature_gates == "" ? "" : "featureGates:\n ${feature_gates}"}
serializeImagePulls: false
staticPodPath: "/etc/kubernetes/manifests"
tlsCertFile: "/etc/kubernetes/ssl/kubelet.pem"
tlsPrivateKeyFile: "/etc/kubernetes/ssl/kubelet-key.pem"
# Resource allocation
cpuManagerPolicy: "static"
systemReserved:
cpu: "${system_reserved_cpu}"
memory: "${system_reserved_memory}"
evictionHard:
memory.available: "1Gi"
nodefs.available: "2Gi"
evictionSoft:
memory.available: "2Gi"
nodefs.available: "4Gi"
evictionSoftGracePeriod:
memory.available: "1m"
nodefs.available: "1m"
evictionMaxPodGracePeriod: 30