Merge branch 'master' of github.com:cristifalcas/puppet-kubernetes

cristifalcas · Apr 4, 2016 · e3847dd · e3847dd
2 parents 936006f + 74e3529
commit e3847dd
Show file tree

Hide file tree

Showing 12 changed files with 456 additions and 35 deletions.
diff --git a/manifests/master/apiserver.pp b/manifests/master/apiserver.pp
@@ -196,6 +196,30 @@
 #   Enable watch caching in the apiserver
 #   Default true
 #
+# [*watch_cache_sizes*]
+#   List of watch cache sizes for every resource (pods, nodes, etc.), comma separated. The individual override format: resource#size, where size is a number. It takes effect when watch-cache is enabled.
+#   Default undef
+#
+# [*repair_malformed_updates*]
+#   If true, server will do its best to fix the update request to pass the validation, e.g., setting empty UID in update request to its existing value. This flag can be turned off after we fix all the clients that send malformed updates.
+#   Default true
+#
+# [*delete_collection_workers*]
+#   Number of workers spawned for DeleteCollection call. These are used to speed up namespace cleanup.
+#   Default 1
+#
+# [*kubernetes_service_node_port*]
+#   If non-zero, the Kubernetes master service (which apiserver creates/maintains) will be of type NodePort, using this as the value of the port. If zero, the Kubernetes master service will be of type ClusterIP.
+#   Default 0
+#
+# [*authorization_webhook_config*]
+#   File with webhook configuration in kubeconfig format, used with --authorization-mode=Webhook. The API server will query the remote service to determine access on the API server's secure port.
+#   Default undef
+#
+# [*ir_hawkular*]
+#   Hawkular configuration URL
+#   Default undef
+#
 # [*minimum_version*]
 #   Minimum supported Kubernetes version. Don't enable new features when
 #   incompatbile with that version.
@@ -247,6 +271,12 @@
   $watch_cache                   = $kubernetes::master::params::kube_api_watch_cache,
   $extra_args                    = $kubernetes::master::params::kube_api_extra_args,
   $minimum_version               = $kubernetes::master::params::kube_api_minimum_version,
+  $watch_cache_sizes             = $kubernetes::master::params::kube_api_watch_cache_sizes,
+  $repair_malformed_updates      = $kubernetes::master::params::kube_api_repair_malformed_updates,
+  $delete_collection_workers     = $kubernetes::master::params::kube_api_delete_collection_workers,
+  $kubernetes_service_node_port  = $kubernetes::master::params::kube_api_kubernetes_service_node_port,
+  $authorization_webhook_config  = $kubernetes::master::params::kube_api_authorization_webhook_config,
+  $ir_hawkular                   = $kubernetes::master::params::kube_api_ir_hawkular,
 ) inherits kubernetes::master::params {
   include ::kubernetes::master
 

diff --git a/manifests/master/controller_manager.pp b/manifests/master/controller_manager.pp
@@ -125,6 +125,54 @@
 #      deleting terminated pods. If <= 0, the terminated pod garbage collector is disabled.
 #   Defaults to 0
 #
+# [*concurrent_deployment_syncs*]
+#   The number of deployment objects that are allowed to sync concurrently. Larger number = more responsive deployments, but more CPU (and network) load
+#   Default 5
+#
+# [*concurrent_namespace_syncs*]
+#   The number of namespace objects that are allowed to sync concurrently. Larger number = more responsive namespace termination, but more CPU (and network) load
+#   Default 2
+#
+# [*concurrent_replicaset_syncs*]
+#   The number of replica sets that are allowed to sync concurrently. Larger number = more responsive replica management, but more CPU (and network) load
+#   Default 5
+#
+# [*concurrent_resource_quota_syncs*]
+#   The number of resource quotas that are allowed to sync concurrently. Larger number = more responsive quota management, but more CPU (and network) load
+#   Default 5
+#
+# [*daemonset_lookup_cache_size*]
+#   The the size of lookup cache for daemonsets. Larger number = more responsive daemonsets, but more MEM load.
+#   Default 1024
+#
+# [*kube_api_burst*]
+#   Burst to use while talking with kubernetes apiserver
+#   Default 30
+#
+# [*kube_api_qps*]
+#   QPS to use while talking with kubernetes apiserver
+#   Default 20
+#
+# [*leader_elect*]
+#   Start a leader election client and gain leadership before executing the main loop. Enable this when running replicated components for high availability.
+#   Default undef
+#
+# [*leader_elect_lease_duration*]
+#   The duration that non-leader candidates will wait after observing a leadership renewal until attempting to acquire leadership of a led but unrenewed leader slot. This is effectively the maximum duration that a leader can be stopped before it is replaced by another candidate. This is only applicable if leader election is enabled.
+#   Default '15s'
+#
+# [*leader_elect_renew_deadline*]
+#   The interval between attempts by the acting master to renew a leadership slot before it stops leading. This must be less than or equal to the lease duration. This is only applicable if leader election is enabled.
+#   Default '10s'
+#
+# [*leader_elect_retry_period*]
+#   The duration the clients should wait between attempting acquisition and renewal of a leadership. This is only applicable if leader election is enabled.
+#   Default '2s'
+#
+# [*replicaset_lookup_cache_size*]
+#   The the size of lookup cache for replicatsets. Larger number = more responsive replica management, but more MEM load.
+#   Default 4096
+#
 # [*minimum_version*]
 #   Minimum supported Kubernetes version. Don't enable new features when
 #   incompatbile with that version.
@@ -160,6 +208,18 @@
   $service_account_private_key_file      = $kubernetes::master::params::kube_controller_service_account_private_key_file,
   $service_sync_period                   = $kubernetes::master::params::kube_controller_service_sync_period,
   $terminated_pod_gc_threshold           = $kubernetes::master::params::kube_controller_terminated_pod_gc_threshold,
+  $concurrent_deployment_syncs           = $kubernetes::master::params::kube_controller_concurrent_deployment_syncs,
+  $concurrent_namespace_syncs            = $kubernetes::master::params::kube_controller_concurrent_namespace_syncs,
+  $concurrent_replicaset_syncs           = $kubernetes::master::params::kube_controller_concurrent_replicaset_syncs,
+  $concurrent_resource_quota_syncs       = $kubernetes::master::params::kube_controller_concurrent_resource_quota_syncs,
+  $daemonset_lookup_cache_size           = $kubernetes::master::params::kube_controller_daemonset_lookup_cache_size,
+  $kube_api_burst                        = $kubernetes::master::params::kube_controller_kube_api_burst,
+  $kube_api_qps                          = $kubernetes::master::params::kube_controller_kube_api_qps,
+  $leader_elect                          = $kubernetes::master::params::kube_controller_leader_elect,
+  $leader_elect_lease_duration           = $kubernetes::master::params::kube_controller_leader_elect_lease_duration,
+  $leader_elect_renew_deadline           = $kubernetes::master::params::kube_controller_leader_elect_renew_deadline,
+  $leader_elect_retry_period             = $kubernetes::master::params::kube_controller_leader_elect_retry_period,
+  $replicaset_lookup_cache_size          = $kubernetes::master::params::kube_controller_replicaset_lookup_cache_size,
   $extra_args                            = $kubernetes::master::params::kube_controller_args,
   $minimum_version                       = $kubernetes::master::params::kube_controller_minimum_version,
 ) inherits kubernetes::master::params {

diff --git a/manifests/master/params.pp b/manifests/master/params.pp
@@ -52,6 +52,12 @@
   $kube_api_tls_private_key_file = undef
   $kube_api_token_auth_file = undef
   $kube_api_watch_cache = true
+  $kube_api_watch_cache_sizes = undef
+  $kube_api_repair_malformed_updates = true
+  $kube_api_delete_collection_workers = 1
+  $kube_api_kubernetes_service_node_port = 0
+  $kube_api_authorization_webhook_config = undef
+  $kube_api_ir_hawkular = undef
   $kube_api_extra_args = ''
   $kube_api_minimum_version = 1.1
 
@@ -86,6 +92,18 @@
   $kube_controller_service_account_private_key_file = undef
   $kube_controller_service_sync_period = '5m0s'
   $kube_controller_terminated_pod_gc_threshold = 0
+  $kube_controller_concurrent_deployment_syncs = 5
+  $kube_controller_concurrent_namespace_syncs = 2
+  $kube_controller_concurrent_replicaset_syncs = 5
+  $kube_controller_concurrent_resource_quota_syncs = 5
+  $kube_controller_daemonset_lookup_cache_size = 1024
+  $kube_controller_kube_api_burst = 30
+  $kube_controller_kube_api_qps = 20
+  $kube_controller_leader_elect = undef
+  $kube_controller_leader_elect_lease_duration = '15s'
+  $kube_controller_leader_elect_renew_deadline = '10s'
+  $kube_controller_leader_elect_retry_period = '2s'
+  $kube_controller_replicaset_lookup_cache_size = 4096
   $kube_controller_args = ''
   $kube_controller_minimum_version = 1.1
 
@@ -101,6 +119,11 @@
   $kube_scheduler_log_flush_frequency = '5s'
   $kube_scheduler_master = 'http://127.0.0.1:8080'
   $kube_scheduler_port = 10251
+  $kube_scheduler_leader_elect = undef
+  $kube_scheduler_leader_elect_lease_duration = '15s'
+  $kube_scheduler_leader_elect_renew_deadline = '10s'
+  $kube_scheduler_leader_elect_retry_period = '2s'
+  $kube_scheduler_scheduler_name = undef
   $kube_scheduler_args = ''
   $kube_scheduler_minimum_version = 1.1
 }
diff --git a/manifests/master/scheduler.pp b/manifests/master/scheduler.pp
@@ -40,24 +40,49 @@
 #   The port that the scheduler's http service runs on
 #   Defaults to 10251
 #
+# [*leader_elect*]
+#   Start a leader election client and gain leadership before executing the main loop. Enable this when running replicated components for high availability.
+#   Defaults to undef
+#
+# [*leader_elect_lease_duration*]
+#   The duration that non-leader candidates will wait after observing a leadership renewal until attempting to acquire leadership of a led but unrenewed leader slot. This is effectively the maximum duration that a leader can be stopped before it is replaced by another candidate. This is only applicable if leader election is enabled.
+#   Defaults to '15s'
+#
+# [*leader_elect_renew_deadline*]
+#   The interval between attempts by the acting master to renew a leadership slot before it stops leading. This must be less than or equal to the lease duration. This is only applicable if leader election is enabled.
+#   Defaults to '10s'
+#
+# [*leader_elect_retry_period*]
+#   The duration the clients should wait between attempting acquisition and renewal of a leadership. This is only applicable if leader election is enabled.
+#   Defaults to '2s"
+#
+# [*scheduler_name*]
+#   Name of the scheduler, used to select which pods will be processed by this scheduler, based on pod's annotation with key 'scheduler.alpha.kubernetes.io/name'
+#   Defaults to undef
+#
 # [*minimum_version*]
 #   Minimum supported Kubernetes version. Don't enable new features when
 #   incompatbile with that version.
 #   Default to 1.1.
 #
 class kubernetes::master::scheduler (
-  $ensure              = $kubernetes::master::params::kube_scheduler_service_ensure,
-  $enable              = $kubernetes::master::params::kube_scheduler_service_enable,
-  $address             = $kubernetes::master::params::kube_scheduler_address,
-  $bind_pods_burst     = $kubernetes::master::params::kube_scheduler_bind_pods_burst,
-  $bind_pods_qps       = $kubernetes::master::params::kube_scheduler_bind_pods_qps,
-  $google_json_key     = $kubernetes::master::params::kube_scheduler_google_json_key,
-  $kubeconfig          = $kubernetes::master::params::kube_scheduler_kubeconfig,
-  $log_flush_frequency = $kubernetes::master::params::kube_scheduler_log_flush_frequency,
-  $master              = $kubernetes::master::params::kube_scheduler_master,
-  $port                = $kubernetes::master::params::kube_scheduler_port,
-  $extra_args          = $kubernetes::master::params::kube_scheduler_args,
-  $minimum_version     = $kubernetes::master::params::kube_scheduler_minimum_version,
+  $ensure                      = $kubernetes::master::params::kube_scheduler_service_ensure,
+  $enable                      = $kubernetes::master::params::kube_scheduler_service_enable,
+  $address                     = $kubernetes::master::params::kube_scheduler_address,
+  $bind_pods_burst             = $kubernetes::master::params::kube_scheduler_bind_pods_burst,
+  $bind_pods_qps               = $kubernetes::master::params::kube_scheduler_bind_pods_qps,
+  $google_json_key             = $kubernetes::master::params::kube_scheduler_google_json_key,
+  $kubeconfig                  = $kubernetes::master::params::kube_scheduler_kubeconfig,
+  $log_flush_frequency         = $kubernetes::master::params::kube_scheduler_log_flush_frequency,
+  $master                      = $kubernetes::master::params::kube_scheduler_master,
+  $port                        = $kubernetes::master::params::kube_scheduler_port,
+  $leader_elect                = $kubernetes::master::params::kube_scheduler_leader_elect,
+  $leader_elect_lease_duration = $kubernetes::master::params::kube_scheduler_leader_elect_lease_duration,
+  $leader_elect_renew_deadline = $kubernetes::master::params::kube_scheduler_leader_elect_renew_deadline,
+  $leader_elect_retry_period   = $kubernetes::master::params::kube_scheduler_leader_elect_retry_period,
+  $scheduler_name              = $kubernetes::master::params::kube_scheduler_scheduler_name,
+  $extra_args                  = $kubernetes::master::params::kube_scheduler_args,
+  $minimum_version             = $kubernetes::master::params::kube_scheduler_minimum_version,
 ) inherits kubernetes::master::params {
   include ::kubernetes::master
 

diff --git a/manifests/node/kube_proxy.pp b/manifests/node/kube_proxy.pp
@@ -83,6 +83,30 @@
 #   Only applicable for proxy-mode=userspace
 #   Defaults to 250ms
 #
+# [*config_sync_period*]
+#   How often configuration from the apiserver is refreshed.
+#   Default undef
+#
+# [*conntrack_max*]
+#   Maximum number of NAT connections to track
+#   Default undef
+#
+# [*conntrack_tcp_timeout_established*]
+#   Idle timeout for established TCP connections
+#   Default undef
+#
+# [*iptables_masquerade_bit*]
+#   If using the pure iptables proxy, the bit of the fwmark space to mark packets requiring SNAT with.  Must be within the range [0, 31].
+#   Default undef
+#
+# [*kube_api_burst*]
+#   Burst to use while talking with kubernetes apiserver
+#   Default undef
+#
+# [*kube_api_qps*]
+#   QPS to use while talking with kubernetes apiserver
+#   Default undef
+#
 # [*minimum_version*]
 #   Minimum supported Kubernetes version. Don't enable new features when
 #   incompatbile with that version.
@@ -92,25 +116,31 @@
 #   Add your own!
 #
 class kubernetes::node::kube_proxy (
-  $ensure               = $kubernetes::node::params::kube_proxy_service_ensure,
-  $enable               = $kubernetes::node::params::kube_proxy_service_enable,
-  $bind_address         = $kubernetes::node::params::kube_proxy_bind_address,
-  $cleanup_iptables     = $kubernetes::node::params::kube_proxy_cleanup_iptables,
-  $healthz_bind_address = $kubernetes::node::params::kube_proxy_healthz_bind_address,
-  $healthz_port         = $kubernetes::node::params::kube_proxy_healthz_port,
-  $hostname_override    = $kubernetes::node::params::kube_proxy_hostname_override,
-  $iptables_sync_period = $kubernetes::node::params::kube_proxy_iptables_sync_period,
-  $kubeconfig           = $kubernetes::node::params::kube_proxy_kubeconfig,
-  $log_flush_frequency  = $kubernetes::node::params::kube_proxy_log_flush_frequency,
-  $masquerade_all       = $kubernetes::node::params::kube_proxy_masquerade_all,
-  $master               = $kubernetes::node::params::kube_proxy_master,
-  $oom_score_adj        = $kubernetes::node::params::kube_proxy_oom_score_adj,
-  $proxy_mode           = $kubernetes::node::params::kube_proxy_proxy_mode,
-  $proxy_port_range     = $kubernetes::node::params::kube_proxy_proxy_port_range,
-  $resource_container   = $kubernetes::node::params::kube_proxy_resource_container,
-  $udp_timeout          = $kubernetes::node::params::kube_proxy_udp_timeout,
-  $minimum_version      = $kubernetes::node::params::kube_proxy_minimum_version,
-  $args                 = $kubernetes::node::params::kube_proxy_args,
+  $ensure                            = $kubernetes::node::params::kube_proxy_service_ensure,
+  $enable                            = $kubernetes::node::params::kube_proxy_service_enable,
+  $bind_address                      = $kubernetes::node::params::kube_proxy_bind_address,
+  $cleanup_iptables                  = $kubernetes::node::params::kube_proxy_cleanup_iptables,
+  $healthz_bind_address              = $kubernetes::node::params::kube_proxy_healthz_bind_address,
+  $healthz_port                      = $kubernetes::node::params::kube_proxy_healthz_port,
+  $hostname_override                 = $kubernetes::node::params::kube_proxy_hostname_override,
+  $iptables_sync_period              = $kubernetes::node::params::kube_proxy_iptables_sync_period,
+  $kubeconfig                        = $kubernetes::node::params::kube_proxy_kubeconfig,
+  $log_flush_frequency               = $kubernetes::node::params::kube_proxy_log_flush_frequency,
+  $masquerade_all                    = $kubernetes::node::params::kube_proxy_masquerade_all,
+  $master                            = $kubernetes::node::params::kube_proxy_master,
+  $oom_score_adj                     = $kubernetes::node::params::kube_proxy_oom_score_adj,
+  $proxy_mode                        = $kubernetes::node::params::kube_proxy_proxy_mode,
+  $proxy_port_range                  = $kubernetes::node::params::kube_proxy_proxy_port_range,
+  $resource_container                = $kubernetes::node::params::kube_proxy_resource_container,
+  $udp_timeout                       = $kubernetes::node::params::kube_proxy_udp_timeout,
+  $config_sync_period                = $kubernetes::node::params::kube_proxy_config_sync_period,
+  $conntrack_max                     = $kubernetes::node::params::kube_proxy_conntrack_max,
+  $conntrack_tcp_timeout_established = $kubernetes::node::params::kube_proxy_conntrack_tcp_timeout_established,
+  $iptables_masquerade_bit           = $kubernetes::node::params::kube_proxy_iptables_masquerade_bit,
+  $kube_api_burst                    = $kubernetes::node::params::kube_proxy_kube_api_burst,
+  $kube_api_qps                      = $kubernetes::node::params::kube_proxy_kube_api_qps,
+  $minimum_version                   = $kubernetes::node::params::kube_proxy_minimum_version,
+  $args                              = $kubernetes::node::params::kube_proxy_args,
 ) inherits kubernetes::node::params {
   include ::kubernetes::node