b77c6fe637
Upgrade Hyperkube to v1.16.2 Change-Id: I3f17ac007e3704c1f4ae2f79e0c41704074c2010
89 lines
2.2 KiB
YAML
89 lines
2.2 KiB
YAML
# Copyright 2017 AT&T Intellectual Property. All other rights reserved.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
# limitations under the License.
|
|
|
|
manifests:
|
|
daemonset_proxy: true
|
|
rbac: true
|
|
|
|
pod:
|
|
security_context:
|
|
proxy:
|
|
pod:
|
|
runAsUser: 65534
|
|
container:
|
|
proxy:
|
|
runAsUser: 0
|
|
privileged: true
|
|
readOnlyRootFilesystem: false
|
|
lifecycle:
|
|
upgrades:
|
|
daemonsets:
|
|
pod_replacement_strategy: RollingUpdate
|
|
proxy:
|
|
enabled: true
|
|
min_ready_seconds: 0
|
|
max_unavailable: 1
|
|
termination_grace_period:
|
|
proxy:
|
|
timeout: 30
|
|
resources:
|
|
enabled: false
|
|
proxy:
|
|
requests:
|
|
memory: "128Mi"
|
|
cpu: "100m"
|
|
limits:
|
|
memory: "1024Mi"
|
|
cpu: "2000m"
|
|
|
|
images:
|
|
tags:
|
|
proxy: gcr.io/google_containers/hyperkube-amd64:v1.16.2
|
|
pull_policy: "IfNotPresent"
|
|
|
|
proxy:
|
|
logging:
|
|
# Which messages to log.
|
|
# Valid values include any number from 0 to 9.
|
|
# Default 5(Trace level verbosity).
|
|
log_level: 5
|
|
|
|
command_prefix:
|
|
- /hyperkube
|
|
- kube-proxy
|
|
- --proxy-mode=iptables
|
|
- --cluster-cidr=10.97.0.0/16
|
|
|
|
network:
|
|
kubernetes_netloc: 10.96.0.1
|
|
|
|
kube_service:
|
|
host: 127.0.0.1
|
|
port: 6553
|
|
|
|
livenessProbe:
|
|
config:
|
|
# NOTE(mark-burnett): To avoid cascading failure modes, it is
|
|
# important that these values are configured to avoid the possibility
|
|
# of CrashLoopBackoff for this pod. Otherwise, a small non-impacting
|
|
# issue could disable kube-proxy for the entire site.
|
|
failureThreshold: 10
|
|
initialDelaySeconds: 15
|
|
periodSeconds: 35
|
|
successThreshold: 1
|
|
timeoutSeconds: 10
|
|
whitelist:
|
|
# - postgres
|