airship
/
promenade
Code Issues Proposed changes

Add configMap to proxy chart 

Flags in kube-proxy other than --config, --write-config-to,
and --cleanup are deprecated.
Added configmap to remove deprecated warning

Change-Id: I325e3a459b1079c6d1902bf06a43e00021231716
This commit is contained in:
Thirunavukkarasu Palani 2021-06-04 15:32:44 -05:00
parent 9e90b4d68d
commit 9da1262c70
4 changed files with 99 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
charts/proxy/templates/configmap-etc.yaml Normal file
View File

@ -0,0 +1,12 @@
{{- if .Values.manifests.configmap_proxy }}
{{- $envAll := . }}
---
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ .Values.service.name }}-etc
data:
config.conf: |-
{{ tuple "etc/_proxy-config.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
{{- end }}

7
charts/proxy/templates/daemonset.yaml
View File

@ -67,6 +67,7 @@ spec:
{{- range .Values.command_prefix }}
- {{ . }}
{{- end }}
- --config=/var/lib/kube-proxy/config.conf
- --hostname-override=$(NODE_NAME)
{{- if .Values.proxy.logging.log_level }}
- --v={{ .Values.proxy.logging.log_level }}
@ -85,6 +86,8 @@ spec:
{{ dict "envAll" . "component" "proxy" "container" "proxy" "type" "liveness" "probeTemplate" (include "probeTemplate" . | fromYaml) | include "helm-toolkit.snippets.kubernetes_probe" | trim | indent 8 }}
{{ dict "envAll" . "component" "proxy" "container" "proxy" "type" "readiness" "probeTemplate" (include "probeTemplate" . | fromYaml) | include "helm-toolkit.snippets.kubernetes_probe" | trim | indent 8 }}
volumeMounts:
- mountPath: /var/lib/kube-proxy
name: kube-proxy
- mountPath: /run/xtables.lock
name: xtables-lock
readOnly: false
@ -93,6 +96,10 @@ spec:
readOnly: true
serviceAccountName: kube-proxy
volumes:
- configMap:
defaultMode: 420
name: {{ .Values.service.name }}-etc
name: kube-proxy
- name: xtables-lock
hostPath:
path: /run/xtables.lock

44
charts/proxy/templates/etc/_proxy-config.tpl Normal file
View File

@ -0,0 +1,44 @@
apiVersion: {{ .Values.config_conf.apiVersion | default "kubeproxy.config.k8s.io/v1alpha1" }}
bindAddress: {{ .Values.config_conf.bindAddress | default "0.0.0.0" }}
bindAddressHardFail: {{ .Values.config_conf.bindAddressHardFail | default "false" }}
clientConnection:
acceptContentTypes: {{ .Values.config_conf.clientConnection.acceptContentTypes | default "" |quote }}
burst: {{ .Values.config_conf.clientConnection.burst | default "10" }}
contentType: {{ .Values.config_conf.clientConnection.contentType | default "application/vnd.kubernetes.protobuf" }}
kubeconfig: {{ .Values.config_conf.clientConnection.kubeconfig | default "" |quote }}
qps: {{ .Values.config_conf.clientConnection.qps | default "5" }}
clusterCIDR: {{ .Values.config_conf.clusterCIDR | default "" |quote }}
configSyncPeriod: {{ .Values.config_conf.configSyncPeriod | default "15m0s" }}
conntrack:
{{- range $key, $val := .Values.config_conf.conntrack }}
{{ $key }}: {{ $val }}
{{- end }}
detectLocalMode: {{ .Values.config_conf.detectLocalMode | default "" |quote }}
enableProfiling: {{ .Values.config_conf.enableProfiling | default "false" }}
healthzBindAddress: {{ .Values.config_conf.healthzBindAddress | default "0.0.0.0:10256" }}
hostnameOverride: {{ .Values.config_conf.hostnameOverride | default ""|quote }}
iptables:
{{- range $key, $val := .Values.config_conf.iptables }}
{{ $key }}: {{ $val }}
{{- end }}
ipvs:
excludeCIDRs: {{ .Values.config_conf.ipvs.excludeCIDRs | default "null" }}
minSyncPeriod: {{ .Values.config_conf.ipvs.minSyncPeriod | default "0s" }}
scheduler: {{ .Values.config_conf.ipvs.scheduler | default "" |quote }}
strictARP: {{ .Values.config_conf.ipvs.strictARP | default "false" }}
syncPeriod: {{ .Values.config_conf.ipvs.syncPeriod | default "30s" }}
tcpFinTimeout: {{ .Values.config_conf.ipvs.tcpFinTimeout | default "0s" }}
tcpTimeout: {{ .Values.config_conf.ipvs.tcpTimeout | default "0s" }}
udpTimeout: {{ .Values.config_conf.ipvs.udpTimeout | default "0s" }}
kind: {{ .Values.config_conf.kind | default "KubeProxyConfiguration" }}
metricsBindAddress: {{ .Values.config_conf.metricsBindAddress | default "127.0.0.1:10249" }}
mode: {{ .Values.config_conf.mode | default "iptables" }}
nodePortAddresses: {{ .Values.config_conf.nodePortAddresses | default "null" }}
oomScoreAdj: {{ .Values.config_conf.oomScoreAdj | default "-999" }}
portRange: {{ .Values.config_conf.portRange | default "" |quote }}
showHiddenMetricsForVersion: {{ .Values.config_conf.showHiddenMetricsForVersion | default "" |quote }}
udpIdleTimeout: {{ .Values.config_conf.udpIdleTimeout | default "250ms" }}
winkernel:
enableDSR: {{ .Values.config_conf.winkernel.enableDSR | default "false" }}
networkName: {{ .Values.config_conf.winkernel.networkName | default "" |quote }}
sourceVip: {{ .Values.config_conf.winkernel.sourceVip | default "" |quote }}

38
charts/proxy/values.yaml
View File

@ -14,6 +14,7 @@
# limitations under the License.
manifests:
configmap_proxy: true
daemonset_proxy: true
rbac: true
@ -79,8 +80,9 @@ proxy:
command_prefix:
- kube-proxy
- --proxy-mode=iptables
- --cluster-cidr=10.97.0.0/16
service:
name: kube-proxy
network:
kubernetes_netloc: 10.96.0.1
@ -88,3 +90,35 @@ network:
kube_service:
host: 127.0.0.1
port: 6553
config_conf:
clusterCIDR: 10.97.0.0/16
clientConnection:
acceptContentTypes: ""
burst: 10
contentType: application/vnd.kubernetes.protobuf
kubeconfig: ""
qps: 5
conntrack:
maxPerCore: 32768
min: 131072
tcpCloseWaitTimeout: 1h0m0s
tcpEstablishedTimeout: 24h0m0s
iptables:
masqueradeAll: false
masqueradeBit: 14
minSyncPeriod: 1s
syncPeriod: 30s
ipvs:
excludeCIDRs: "null"
minSyncPeriod: 0s
scheduler: ""
strictARP: false
syncPeriod: 30s
tcpFinTimeout: 0s
tcpTimeout: 0s
udpTimeout: 0s
winkernel:
enableDSR: false
networkName: ""
sourceVip: ""