Skip to content

Commit

Permalink
Clean up KubeletConfiguration and remove wrongly defaulted values (#411)
Browse files Browse the repository at this point in the history 
Signed-off-by: Waleed Malik <[email protected]>
  • Loading branch information
@ahmedwaleedmalik
ahmedwaleedmalik authored Aug 22, 2024
1 parent d21723f commit 0a60c8b
Show file tree
Hide file tree
Showing 24 changed files with 123 additions and 417 deletions.
27 changes: 4 additions & 23 deletions deploy/osps/default/osp-amzn2.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -699,15 +699,15 @@ spec:
anonymous:
enabled: false
webhook:
cacheTTL: 0s
cacheTTL: 2m
enabled: true
x509:
clientCAFile: /etc/kubernetes/pki/ca.crt
authorization:
mode: Webhook
webhook:
cacheAuthorizedTTL: 0s
cacheUnauthorizedTTL: 0s
cacheAuthorizedTTL: 5m0s
cacheUnauthorizedTTL: 30s
cgroupDriver: systemd
clusterDNS:
{{- range .ClusterDNSIPs }}
Expand All @@ -724,36 +724,17 @@ spec:
{{- else }}
containerLogMaxFiles: 5
{{- end }}
cpuManagerReconcilePeriod: 0s
evictionPressureTransitionPeriod: 0s
featureGates:
{{- if .KubeletFeatureGates -}}
{{ range $key, $val := .KubeletFeatureGates }}
{{ $key }}: {{ $val }}
{{- end -}}
{{- end }}
fileCheckFrequency: 0s
httpCheckFrequency: 0s
imageMinimumGCAge: 0s
logging:
flushFrequency: 0
options:
json:
infoBufferSize: "0"
verbosity: 0
memorySwap: {}
nodeStatusReportFrequency: 0s
nodeStatusUpdateFrequency: 0s
protectKernelDefaults: true
readOnlyPort: 0
rotateCertificates: true
runtimeRequestTimeout: 0s
serverTLSBootstrap: true
shutdownGracePeriod: 0s
shutdownGracePeriodCriticalPods: 0s
staticPodPath: /etc/kubernetes/manifests
streamingConnectionIdleTimeout: 0s
syncFrequency: 0s
# Enable parallel image pulling.
serializeImagePulls: false
# Set max parallel image pulls to 10.
Expand Down Expand Up @@ -803,7 +784,7 @@ spec:
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
volumePluginDir: /var/lib/kubelet/volumeplugins
volumeStatsAggPeriod: 0s
resolvConf: /run/systemd/resolve/resolv.conf
- path: /etc/systemd/system/kubelet-healthcheck.service
permissions: 644
Expand Down
27 changes: 4 additions & 23 deletions deploy/osps/default/osp-centos.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -734,15 +734,15 @@ spec:
anonymous:
enabled: false
webhook:
cacheTTL: 0s
cacheTTL: 2m
enabled: true
x509:
clientCAFile: /etc/kubernetes/pki/ca.crt
authorization:
mode: Webhook
webhook:
cacheAuthorizedTTL: 0s
cacheUnauthorizedTTL: 0s
cacheAuthorizedTTL: 5m0s
cacheUnauthorizedTTL: 30s
cgroupDriver: systemd
clusterDNS:
{{- range .ClusterDNSIPs }}
Expand All @@ -759,36 +759,17 @@ spec:
{{- else }}
containerLogMaxFiles: 5
{{- end }}
cpuManagerReconcilePeriod: 0s
evictionPressureTransitionPeriod: 0s
featureGates:
{{- if .KubeletFeatureGates -}}
{{ range $key, $val := .KubeletFeatureGates }}
{{ $key }}: {{ $val }}
{{- end -}}
{{- end }}
fileCheckFrequency: 0s
httpCheckFrequency: 0s
imageMinimumGCAge: 0s
logging:
flushFrequency: 0
options:
json:
infoBufferSize: "0"
verbosity: 0
memorySwap: {}
nodeStatusReportFrequency: 0s
nodeStatusUpdateFrequency: 0s
protectKernelDefaults: true
readOnlyPort: 0
rotateCertificates: true
runtimeRequestTimeout: 0s
serverTLSBootstrap: true
shutdownGracePeriod: 0s
shutdownGracePeriodCriticalPods: 0s
staticPodPath: /etc/kubernetes/manifests
streamingConnectionIdleTimeout: 0s
syncFrequency: 0s
# Enable parallel image pulling.
serializeImagePulls: false
# Set max parallel image pulls to 10.
Expand Down Expand Up @@ -838,7 +819,7 @@ spec:
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
volumePluginDir: /var/lib/kubelet/volumeplugins
volumeStatsAggPeriod: 0s
resolvConf: /run/systemd/resolve/resolv.conf
- path: /etc/systemd/system/kubelet-healthcheck.service
permissions: 644
Expand Down
26 changes: 3 additions & 23 deletions deploy/osps/default/osp-flatcar-cloud-init.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -642,15 +642,15 @@ spec:
anonymous:
enabled: false
webhook:
cacheTTL: 0s
cacheTTL: 2m
enabled: true
x509:
clientCAFile: /etc/kubernetes/pki/ca.crt
authorization:
mode: Webhook
webhook:
cacheAuthorizedTTL: 0s
cacheUnauthorizedTTL: 0s
cacheAuthorizedTTL: 5m0s
cacheUnauthorizedTTL: 30s
cgroupDriver: systemd
clusterDNS:
{{- range .ClusterDNSIPs }}
Expand All @@ -667,36 +667,17 @@ spec:
{{- else }}
containerLogMaxFiles: 5
{{- end }}
cpuManagerReconcilePeriod: 0s
evictionPressureTransitionPeriod: 0s
featureGates:
{{- if .KubeletFeatureGates -}}
{{ range $key, $val := .KubeletFeatureGates }}
{{ $key }}: {{ $val }}
{{- end -}}
{{- end }}
fileCheckFrequency: 0s
httpCheckFrequency: 0s
imageMinimumGCAge: 0s
logging:
flushFrequency: 0
options:
json:
infoBufferSize: "0"
verbosity: 0
memorySwap: {}
nodeStatusReportFrequency: 0s
nodeStatusUpdateFrequency: 0s
protectKernelDefaults: true
readOnlyPort: 0
rotateCertificates: true
runtimeRequestTimeout: 0s
serverTLSBootstrap: true
shutdownGracePeriod: 0s
shutdownGracePeriodCriticalPods: 0s
staticPodPath: /etc/kubernetes/manifests
streamingConnectionIdleTimeout: 0s
syncFrequency: 0s
# Enable parallel image pulling.
serializeImagePulls: false
# Set max parallel image pulls to 10.
Expand Down Expand Up @@ -746,7 +727,6 @@ spec:
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
volumePluginDir: /var/lib/kubelet/volumeplugins
volumeStatsAggPeriod: 0s
resolvConf: /run/systemd/resolve/resolv.conf
- path: /etc/systemd/system/kubelet-healthcheck.service
Expand Down
26 changes: 3 additions & 23 deletions deploy/osps/default/osp-flatcar.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -732,15 +732,15 @@ spec:
anonymous:
enabled: false
webhook:
cacheTTL: 0s
cacheTTL: 2m
enabled: true
x509:
clientCAFile: /etc/kubernetes/pki/ca.crt
authorization:
mode: Webhook
webhook:
cacheAuthorizedTTL: 0s
cacheUnauthorizedTTL: 0s
cacheAuthorizedTTL: 5m0s
cacheUnauthorizedTTL: 30s
cgroupDriver: systemd
clusterDNS:
{{- range .ClusterDNSIPs }}
Expand All @@ -757,36 +757,17 @@ spec:
{{- else }}
containerLogMaxFiles: 5
{{- end }}
cpuManagerReconcilePeriod: 0s
evictionPressureTransitionPeriod: 0s
featureGates:
{{- if .KubeletFeatureGates -}}
{{ range $key, $val := .KubeletFeatureGates }}
{{ $key }}: {{ $val }}
{{- end -}}
{{- end }}
fileCheckFrequency: 0s
httpCheckFrequency: 0s
imageMinimumGCAge: 0s
logging:
flushFrequency: 0
options:
json:
infoBufferSize: "0"
verbosity: 0
memorySwap: {}
nodeStatusReportFrequency: 0s
nodeStatusUpdateFrequency: 0s
protectKernelDefaults: true
readOnlyPort: 0
rotateCertificates: true
runtimeRequestTimeout: 0s
serverTLSBootstrap: true
shutdownGracePeriod: 0s
shutdownGracePeriodCriticalPods: 0s
staticPodPath: /etc/kubernetes/manifests
streamingConnectionIdleTimeout: 0s
syncFrequency: 0s
# Enable parallel image pulling.
serializeImagePulls: false
# Set max parallel image pulls to 10.
Expand Down Expand Up @@ -836,7 +817,6 @@ spec:
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
volumePluginDir: /var/lib/kubelet/volumeplugins
volumeStatsAggPeriod: 0s
resolvConf: /run/systemd/resolve/resolv.conf
- path: /etc/systemd/system/kubelet-healthcheck.service
Expand Down
27 changes: 4 additions & 23 deletions deploy/osps/default/osp-rhel.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -737,15 +737,15 @@ spec:
anonymous:
enabled: false
webhook:
cacheTTL: 0s
cacheTTL: 2m
enabled: true
x509:
clientCAFile: /etc/kubernetes/pki/ca.crt
authorization:
mode: Webhook
webhook:
cacheAuthorizedTTL: 0s
cacheUnauthorizedTTL: 0s
cacheAuthorizedTTL: 5m0s
cacheUnauthorizedTTL: 30s
cgroupDriver: systemd
clusterDNS:
{{- range .ClusterDNSIPs }}
Expand All @@ -762,36 +762,17 @@ spec:
{{- else }}
containerLogMaxFiles: 5
{{- end }}
cpuManagerReconcilePeriod: 0s
evictionPressureTransitionPeriod: 0s
featureGates:
{{- if .KubeletFeatureGates -}}
{{ range $key, $val := .KubeletFeatureGates }}
{{ $key }}: {{ $val }}
{{- end -}}
{{- end }}
fileCheckFrequency: 0s
httpCheckFrequency: 0s
imageMinimumGCAge: 0s
logging:
flushFrequency: 0
options:
json:
infoBufferSize: "0"
verbosity: 0
memorySwap: {}
nodeStatusReportFrequency: 0s
nodeStatusUpdateFrequency: 0s
protectKernelDefaults: true
readOnlyPort: 0
rotateCertificates: true
runtimeRequestTimeout: 0s
serverTLSBootstrap: true
shutdownGracePeriod: 0s
shutdownGracePeriodCriticalPods: 0s
staticPodPath: /etc/kubernetes/manifests
streamingConnectionIdleTimeout: 0s
syncFrequency: 0s
# Enable parallel image pulling.
serializeImagePulls: false
# Set max parallel image pulls to 10.
Expand Down Expand Up @@ -841,7 +822,7 @@ spec:
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
volumePluginDir: /var/lib/kubelet/volumeplugins
volumeStatsAggPeriod: 0s
resolvConf: /run/systemd/resolve/resolv.conf
- path: /etc/systemd/system/kubelet-healthcheck.service
permissions: 644
Expand Down
27 changes: 4 additions & 23 deletions deploy/osps/default/osp-rockylinux.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -741,15 +741,15 @@ spec:
anonymous:
enabled: false
webhook:
cacheTTL: 0s
cacheTTL: 2m
enabled: true
x509:
clientCAFile: /etc/kubernetes/pki/ca.crt
authorization:
mode: Webhook
webhook:
cacheAuthorizedTTL: 0s
cacheUnauthorizedTTL: 0s
cacheAuthorizedTTL: 5m0s
cacheUnauthorizedTTL: 30s
cgroupDriver: systemd
clusterDNS:
{{- range .ClusterDNSIPs }}
Expand All @@ -766,36 +766,17 @@ spec:
{{- else }}
containerLogMaxFiles: 5
{{- end }}
cpuManagerReconcilePeriod: 0s
evictionPressureTransitionPeriod: 0s
featureGates:
{{- if .KubeletFeatureGates -}}
{{ range $key, $val := .KubeletFeatureGates }}
{{ $key }}: {{ $val }}
{{- end -}}
{{- end }}
fileCheckFrequency: 0s
httpCheckFrequency: 0s
imageMinimumGCAge: 0s
logging:
flushFrequency: 0
options:
json:
infoBufferSize: "0"
verbosity: 0
memorySwap: {}
nodeStatusReportFrequency: 0s
nodeStatusUpdateFrequency: 0s
protectKernelDefaults: true
readOnlyPort: 0
rotateCertificates: true
runtimeRequestTimeout: 0s
serverTLSBootstrap: true
shutdownGracePeriod: 0s
shutdownGracePeriodCriticalPods: 0s
staticPodPath: /etc/kubernetes/manifests
streamingConnectionIdleTimeout: 0s
syncFrequency: 0s
# Enable parallel image pulling.
serializeImagePulls: false
# Set max parallel image pulls to 10.
Expand Down Expand Up @@ -845,7 +826,7 @@ spec:
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
volumePluginDir: /var/lib/kubelet/volumeplugins
volumeStatsAggPeriod: 0s
resolvConf: /run/systemd/resolve/resolv.conf
- path: /etc/systemd/system/kubelet-healthcheck.service
permissions: 644
Expand Down
Loading

0 comments on commit 0a60c8b

Please sign in to comment.