Motofans
/
Charmed-Kubernetes
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 3 Wiki Activity
Charmed-Kubernetes/kubernetes-worker/config.yaml

223 lines
10 KiB
YAML
Raw Permalink Blame History

"options":
"extra_packages":
"description": >
Space separated list of extra deb packages to install.
"type": "string"
"default": ""
"package_status":
"default": "install"
"type": "string"
"description": >
The status of service-affecting packages will be set to this
value in the dpkg database. Valid values are "install" and "hold".
"install_sources":
"description": >
List of extra apt sources, per charm-helpers standard
format (a yaml list of strings encoded as a string). Each source
may be either a line that can be added directly to
sources.list(5), or in the form ppa:<user>/<ppa-name> for adding
Personal Package Archives, or a distribution component to enable.
"type": "string"
"default": ""
"install_keys":
"description": >
List of signing keys for install_sources package sources, per
charmhelpers standard format (a yaml list of strings encoded as
a string). The keys should be the full ASCII armoured GPG public
keys. While GPG key ids are also supported and looked up on a
keyserver, operators should be aware that this mechanism is
insecure. null can be used if a standard package signing key is
used that will already be installed on the machine, and for PPA
sources where the package signing key is securely retrieved from
Launchpad.
"type": "string"
"default": ""
"snapd_refresh":
"default": "max"
"type": "string"
"description": |
How often snapd handles updates for installed snaps. Setting an empty
string will check 4x per day. Set to "max" to delay the refresh as long
as possible. You may also set a custom string as described in the
'refresh.timer' section here:
https://forum.snapcraft.io/t/system-options/87
"nagios_context":
"default": "juju"
"type": "string"
"description": |
Used by the nrpe subordinate charms.
A string that will be prepended to instance name to set the host name
in nagios. So for instance the hostname would be something like:
juju-myservice-0
If you're running multiple environments with the same services in them
this allows you to differentiate between them.
"nagios_servicegroups":
"default": ""
"type": "string"
"description": |
A comma-separated list of nagios servicegroups.
If left empty, the nagios_context will be used as the servicegroup
"sysctl":
"type": "string"
"default": "{net.ipv4.conf.all.forwarding: 1, net.ipv4.conf.all.rp_filter: 1,\
\ net.ipv4.neigh.default.gc_thresh1: 128, net.ipv4.neigh.default.gc_thresh2:\
\ 28672, net.ipv4.neigh.default.gc_thresh3: 32768, net.ipv6.neigh.default.gc_thresh1:\
\ 128, net.ipv6.neigh.default.gc_thresh2: 28672, net.ipv6.neigh.default.gc_thresh3:\
\ 32768, fs.inotify.max_user_instances: 8192, fs.inotify.max_user_watches: 1048576,\
\ kernel.panic: 10, kernel.panic_on_oops: 1, vm.overcommit_memory: 1}"
"description": |
YAML formatted associative array of sysctl values, e.g.:
'{kernel.pid_max: 4194303}'. Note that kube-proxy handles
the conntrack settings. The proper way to alter them is to
use the proxy-extra-args config to set them, e.g.:
juju config kubernetes-control-plane proxy-extra-args="conntrack-min=1000000 conntrack-max-per-core=250000"
juju config kubernetes-worker proxy-extra-args="conntrack-min=1000000 conntrack-max-per-core=250000"
The proxy-extra-args conntrack-min and conntrack-max-per-core can be set to 0 to ignore
kube-proxy's settings and use the sysctl settings instead. Note the fundamental difference between
the setting of conntrack-max-per-core vs nf_conntrack_max.
"proxy-extra-args":
"type": "string"
"default": ""
"description": |
Space separated list of flags and key=value pairs that will be passed as arguments to
kube-proxy. For example a value like this:
runtime-config=batch/v2alpha1=true profiling=true
will result in kube-apiserver being run with the following options:
--runtime-config=batch/v2alpha1=true --profiling=true
"kubelet-extra-args":
"type": "string"
"default": ""
"description": |
Space separated list of flags and key=value pairs that will be passed as arguments to
kubelet. For example a value like this:
runtime-config=batch/v2alpha1=true profiling=true
will result in kubelet being run with the following options:
--runtime-config=batch/v2alpha1=true --profiling=true
Note: As of Kubernetes 1.10.x, many of Kubelet's args have been deprecated, and can
be set with kubelet-extra-config instead.
"kubelet-extra-config":
"default": "{}"
"type": "string"
"description": |
Extra configuration to be passed to kubelet. Any values specified in this
config will be merged into a KubeletConfiguration file that is passed to
the kubelet service via the --config flag. This can be used to override
values provided by the charm.
The value for this config must be a YAML mapping that can be safely
merged with a KubeletConfiguration file. For example:
{evictionHard: {memory.available: 200Mi}}
For more information about KubeletConfiguration, see upstream docs:
https://kubernetes.io/docs/tasks/administer-cluster/kubelet-config-file/
"proxy-extra-config":
"default": "{}"
"type": "string"
"description": |
Extra configuration to be passed to kube-proxy. Any values specified in
this config will be merged into a KubeProxyConfiguration file that is
passed to the kube-proxy service via the --config flag. This can be used
to override values provided by the charm.
The value for this config must be a YAML mapping that can be safely
merged with a KubeProxyConfiguration file. For example:
{mode: ipvs, ipvs: {strictARP: true}}
For more information about KubeProxyConfiguration, see upstream docs:
https://kubernetes.io/docs/reference/config-api/kube-proxy-config.v1alpha1/
"labels":
"type": "string"
"default": ""
"description": |
Labels can be used to organize and to select subsets of nodes in the
cluster. Declare node labels in key=value format, separated by spaces.
"ingress":
"type": "boolean"
"default": !!bool "true"
"description": |
Deploy the default http backend and ingress controller to handle
ingress requests.
Set to false if deploying an alternate ingress controller, and note
that you may need to manually open ports 80 and 443 on the nodes:
juju run --application kubernetes-worker -- open-port 80 && open-port 443
"channel":
"type": "string"
"default": "1.27/stable"
"description": |
Snap channel to install Kubernetes worker services from
"require-manual-upgrade":
"type": "boolean"
"default": !!bool "true"
"description": |
When true, worker services will not be upgraded until the user triggers
it manually by running the upgrade action.
"ingress-default-ssl-certificate":
"type": "string"
"default": ""
"description": |
SSL certificate to be used by the default HTTPS server. If one of the
flag ingress-default-ssl-certificate or ingress-default-ssl-key is not
provided ingress will use a self-signed certificate. This parameter is
specific to nginx-ingress-controller.
"ingress-default-ssl-key":
"type": "string"
"default": ""
"description": |
Private key to be used by the default HTTPS server. If one of the flag
ingress-default-ssl-certificate or ingress-default-ssl-key is not
provided ingress will use a self-signed certificate. This parameter is
specific to nginx-ingress-controller.
"ingress-ssl-passthrough":
"type": "boolean"
"default": !!bool "false"
"description": |
Enable ssl passthrough on ingress server. This allows passing the ssl
connection through to the workloads and not terminating it at the ingress
controller.
"ingress-ssl-chain-completion":
"type": "boolean"
"default": !!bool "false"
"description": |
Enable chain completion for TLS certificates used by the nginx ingress
controller. Set this to true if you would like the ingress controller
to attempt auto-retrieval of intermediate certificates. The default
(false) is recommended for all production kubernetes installations, and
any environment which does not have outbound Internet access.
"ingress-use-forwarded-headers":
"type": "boolean"
"default": !!bool "false"
"description": |
If true, NGINX passes the incoming X-Forwarded-* headers to upstreams. Use this
option when NGINX is behind another L7 proxy / load balancer that is setting
these headers.
If false, NGINX ignores incoming X-Forwarded-* headers, filling them with the
request information it sees. Use this option if NGINX is exposed directly to
the internet, or it's behind a L3/packet-based load balancer that doesn't alter
the source IP in the packets.
Reference: https://github.com/kubernetes/ingress-nginx/blob/a9c706be12a8be418c49ab1f60a02f52f9b14e55/
docs/user-guide/nginx-configuration/configmap.md#use-forwarded-headers.
"nginx-image":
"type": "string"
"default": "auto"
"description": |
Docker image to use for the nginx ingress controller. Using "auto" will select
an image based on architecture.
Example:
quay.io/kubernetes-ingress-controller/nginx-ingress-controller-amd64:0.32.0
"default-backend-image":
"type": "string"
"default": "auto"
"description": |
Docker image to use for the default backend. Auto will select an image
based on architecture.
"ignore-missing-cni":
"type": "boolean"
"default": !!bool "false"
"description": |
If ignore-missing-cni is set to true, the charm will not enter a blocked state if a CNI has not been configured/provided via relation.
If ignore-missing-cni is set to false, and a CNI has not been configured/provided via relation, then the charm will enter a blocked state with the message: "Missing CNI relation or config".
Reference in New Issue View Git Blame Copy Permalink