From 4369c706e2432151211bd33aa18a8ea7d53aaa11 Mon Sep 17 00:00:00 2001 From: Dalton Hubble Date: Sun, 8 Dec 2019 22:37:36 -0800 Subject: [PATCH] Restore kube-controller-manager settings lost in static pod migration * Migration from a self-hosted to a static pod control plane dropped a few kube-controller-manager customizations * Reduce kube-controller-manager --pod-eviction-timeout from 5m to 1m to move pods more quickly when nodes are preempted * Fix flex-volume-plugin-dir since the Kubernetes default points to a read-only filesystem on Container Linux / Fedora CoreOS Related: * https://github.com/poseidon/terraform-render-bootstrap/pull/148 * https://github.com/poseidon/terraform-render-bootstrap/commit/7b06557b7afe33b7d6e676f5d9aaefda6c3599d3 --- resources/static-manifests/kube-controller-manager.yaml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/resources/static-manifests/kube-controller-manager.yaml b/resources/static-manifests/kube-controller-manager.yaml index f339e46..f318f86 100644 --- a/resources/static-manifests/kube-controller-manager.yaml +++ b/resources/static-manifests/kube-controller-manager.yaml @@ -21,16 +21,18 @@ spec: - /hyperkube - kube-controller-manager - --allocate-node-cidrs=true - - --cluster-cidr=${pod_cidr} - - --service-cluster-ip-range=${service_cidr} - --cloud-provider=${cloud_provider} + - --cluster-cidr=${pod_cidr} - --cluster-signing-cert-file=/etc/kubernetes/secrets/ca.crt - --cluster-signing-key-file=/etc/kubernetes/secrets/ca.key - --configure-cloud-routes=false + - --flex-volume-plugin-dir=/var/lib/kubelet/volumeplugins - --kubeconfig=/etc/kubernetes/secrets/kubeconfig - --leader-elect=true + - --pod-eviction-timeout=1m - --root-ca-file=/etc/kubernetes/secrets/ca.crt - --service-account-private-key-file=/etc/kubernetes/secrets/service-account.key + - --service-cluster-ip-range=${service_cidr} livenessProbe: httpGet: scheme: HTTPS