1
16
17 package v1beta1
18
19 import (
20 "testing"
21 "time"
22
23 "github.com/google/go-cmp/cmp"
24
25 v1 "k8s.io/api/core/v1"
26 "k8s.io/apimachinery/pkg/api/resource"
27 metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
28 logsapi "k8s.io/component-base/logs/api/v1"
29 "k8s.io/kubelet/config/v1beta1"
30 "k8s.io/kubernetes/pkg/cluster/ports"
31 "k8s.io/kubernetes/pkg/kubelet/qos"
32 kubetypes "k8s.io/kubernetes/pkg/kubelet/types"
33 utilpointer "k8s.io/utils/pointer"
34 )
35
36 func TestSetDefaultsKubeletConfiguration(t *testing.T) {
37
38 tests := []struct {
39 name string
40 config *v1beta1.KubeletConfiguration
41 expected *v1beta1.KubeletConfiguration
42 }{
43 {
44 "empty config",
45 &v1beta1.KubeletConfiguration{},
46 &v1beta1.KubeletConfiguration{
47 EnableServer: utilpointer.Bool(true),
48 SyncFrequency: metav1.Duration{Duration: 1 * time.Minute},
49 FileCheckFrequency: metav1.Duration{Duration: 20 * time.Second},
50 HTTPCheckFrequency: metav1.Duration{Duration: 20 * time.Second},
51 Address: "0.0.0.0",
52 Port: ports.KubeletPort,
53 Authentication: v1beta1.KubeletAuthentication{
54 Anonymous: v1beta1.KubeletAnonymousAuthentication{Enabled: utilpointer.Bool(false)},
55 Webhook: v1beta1.KubeletWebhookAuthentication{
56 Enabled: utilpointer.Bool(true),
57 CacheTTL: metav1.Duration{Duration: 2 * time.Minute},
58 },
59 },
60 Authorization: v1beta1.KubeletAuthorization{
61 Mode: v1beta1.KubeletAuthorizationModeWebhook,
62 Webhook: v1beta1.KubeletWebhookAuthorization{
63 CacheAuthorizedTTL: metav1.Duration{Duration: 5 * time.Minute},
64 CacheUnauthorizedTTL: metav1.Duration{Duration: 30 * time.Second},
65 },
66 },
67 RegistryPullQPS: utilpointer.Int32(5),
68 RegistryBurst: 10,
69 EventRecordQPS: utilpointer.Int32(50),
70 EventBurst: 100,
71 EnableDebuggingHandlers: utilpointer.Bool(true),
72 HealthzPort: utilpointer.Int32(10248),
73 HealthzBindAddress: "127.0.0.1",
74 OOMScoreAdj: utilpointer.Int32(int32(qos.KubeletOOMScoreAdj)),
75 StreamingConnectionIdleTimeout: metav1.Duration{Duration: 4 * time.Hour},
76 NodeStatusUpdateFrequency: metav1.Duration{Duration: 10 * time.Second},
77 NodeStatusReportFrequency: metav1.Duration{Duration: 5 * time.Minute},
78 NodeLeaseDurationSeconds: 40,
79 ImageMinimumGCAge: metav1.Duration{Duration: 2 * time.Minute},
80 ImageMaximumGCAge: metav1.Duration{},
81 ImageGCHighThresholdPercent: utilpointer.Int32(85),
82 ImageGCLowThresholdPercent: utilpointer.Int32(80),
83 ContainerRuntimeEndpoint: "unix:///run/containerd/containerd.sock",
84 VolumeStatsAggPeriod: metav1.Duration{Duration: time.Minute},
85 CgroupsPerQOS: utilpointer.Bool(true),
86 CgroupDriver: "cgroupfs",
87 CPUManagerPolicy: "none",
88 CPUManagerReconcilePeriod: metav1.Duration{Duration: 10 * time.Second},
89 MemoryManagerPolicy: v1beta1.NoneMemoryManagerPolicy,
90 TopologyManagerPolicy: v1beta1.NoneTopologyManagerPolicy,
91 TopologyManagerScope: v1beta1.ContainerTopologyManagerScope,
92 RuntimeRequestTimeout: metav1.Duration{Duration: 2 * time.Minute},
93 HairpinMode: v1beta1.PromiscuousBridge,
94 MaxPods: 110,
95 PodPidsLimit: utilpointer.Int64(-1),
96 ResolverConfig: utilpointer.String(kubetypes.ResolvConfDefault),
97 CPUCFSQuota: utilpointer.Bool(true),
98 CPUCFSQuotaPeriod: &metav1.Duration{Duration: 100 * time.Millisecond},
99 NodeStatusMaxImages: utilpointer.Int32(50),
100 MaxOpenFiles: 1000000,
101 ContentType: "application/vnd.kubernetes.protobuf",
102 KubeAPIQPS: utilpointer.Int32(50),
103 KubeAPIBurst: 100,
104 SerializeImagePulls: utilpointer.Bool(true),
105 MaxParallelImagePulls: nil,
106 EvictionHard: nil,
107 EvictionPressureTransitionPeriod: metav1.Duration{Duration: 5 * time.Minute},
108 EnableControllerAttachDetach: utilpointer.Bool(true),
109 MakeIPTablesUtilChains: utilpointer.Bool(true),
110 IPTablesMasqueradeBit: utilpointer.Int32(DefaultIPTablesMasqueradeBit),
111 IPTablesDropBit: utilpointer.Int32(DefaultIPTablesDropBit),
112 FailSwapOn: utilpointer.Bool(true),
113 ContainerLogMaxSize: "10Mi",
114 ContainerLogMaxFiles: utilpointer.Int32(5),
115 ContainerLogMaxWorkers: utilpointer.Int32(1),
116 ContainerLogMonitorInterval: &metav1.Duration{Duration: 10 * time.Second},
117 ConfigMapAndSecretChangeDetectionStrategy: v1beta1.WatchChangeDetectionStrategy,
118 EnforceNodeAllocatable: DefaultNodeAllocatableEnforcement,
119 VolumePluginDir: DefaultVolumePluginDir,
120 Logging: logsapi.LoggingConfiguration{
121 Format: "text",
122 FlushFrequency: logsapi.TimeOrMetaDuration{Duration: metav1.Duration{Duration: 5 * time.Second}, SerializeAsString: true},
123 },
124 EnableSystemLogHandler: utilpointer.Bool(true),
125 EnableProfilingHandler: utilpointer.Bool(true),
126 EnableDebugFlagsHandler: utilpointer.Bool(true),
127 SeccompDefault: utilpointer.Bool(false),
128 MemoryThrottlingFactor: utilpointer.Float64(DefaultMemoryThrottlingFactor),
129 RegisterNode: utilpointer.Bool(true),
130 LocalStorageCapacityIsolation: utilpointer.Bool(true),
131 PodLogsDir: DefaultPodLogsDir,
132 },
133 },
134 {
135 "all negative",
136 &v1beta1.KubeletConfiguration{
137 EnableServer: utilpointer.Bool(false),
138 StaticPodPath: "",
139 SyncFrequency: zeroDuration,
140 FileCheckFrequency: zeroDuration,
141 HTTPCheckFrequency: zeroDuration,
142 StaticPodURL: "",
143 StaticPodURLHeader: map[string][]string{},
144 Address: "",
145 Port: 0,
146 ReadOnlyPort: 0,
147 TLSCertFile: "",
148 TLSPrivateKeyFile: "",
149 TLSCipherSuites: []string{},
150 TLSMinVersion: "",
151 RotateCertificates: false,
152 ServerTLSBootstrap: false,
153 Authentication: v1beta1.KubeletAuthentication{
154 X509: v1beta1.KubeletX509Authentication{ClientCAFile: ""},
155 Webhook: v1beta1.KubeletWebhookAuthentication{
156 Enabled: utilpointer.Bool(false),
157 CacheTTL: zeroDuration,
158 },
159 Anonymous: v1beta1.KubeletAnonymousAuthentication{Enabled: utilpointer.Bool(false)},
160 },
161 Authorization: v1beta1.KubeletAuthorization{
162 Mode: v1beta1.KubeletAuthorizationModeWebhook,
163 Webhook: v1beta1.KubeletWebhookAuthorization{
164 CacheAuthorizedTTL: zeroDuration,
165 CacheUnauthorizedTTL: zeroDuration,
166 },
167 },
168 RegistryPullQPS: utilpointer.Int32(0),
169 RegistryBurst: 0,
170 EventRecordQPS: utilpointer.Int32(0),
171 EventBurst: 0,
172 EnableDebuggingHandlers: utilpointer.Bool(false),
173 EnableContentionProfiling: false,
174 HealthzPort: utilpointer.Int32(0),
175 HealthzBindAddress: "",
176 OOMScoreAdj: utilpointer.Int32(0),
177 ClusterDomain: "",
178 ClusterDNS: []string{},
179 StreamingConnectionIdleTimeout: zeroDuration,
180 NodeStatusUpdateFrequency: zeroDuration,
181 NodeStatusReportFrequency: zeroDuration,
182 NodeLeaseDurationSeconds: 0,
183 ContainerRuntimeEndpoint: "unix:///run/containerd/containerd.sock",
184 ImageMinimumGCAge: zeroDuration,
185 ImageGCHighThresholdPercent: utilpointer.Int32(0),
186 ImageGCLowThresholdPercent: utilpointer.Int32(0),
187 VolumeStatsAggPeriod: zeroDuration,
188 KubeletCgroups: "",
189 SystemCgroups: "",
190 CgroupRoot: "",
191 CgroupsPerQOS: utilpointer.Bool(false),
192 CgroupDriver: "",
193 CPUManagerPolicy: "",
194 CPUManagerPolicyOptions: map[string]string{},
195 CPUManagerReconcilePeriod: zeroDuration,
196 MemoryManagerPolicy: "",
197 TopologyManagerPolicy: "",
198 TopologyManagerScope: "",
199 QOSReserved: map[string]string{},
200 RuntimeRequestTimeout: zeroDuration,
201 HairpinMode: "",
202 MaxPods: 0,
203 PodCIDR: "",
204 PodPidsLimit: utilpointer.Int64(0),
205 ResolverConfig: utilpointer.String(""),
206 RunOnce: false,
207 CPUCFSQuota: utilpointer.Bool(false),
208 CPUCFSQuotaPeriod: &zeroDuration,
209 NodeStatusMaxImages: utilpointer.Int32(0),
210 MaxOpenFiles: 0,
211 ContentType: "",
212 KubeAPIQPS: utilpointer.Int32(0),
213 KubeAPIBurst: 0,
214 SerializeImagePulls: utilpointer.Bool(false),
215 MaxParallelImagePulls: nil,
216 EvictionHard: map[string]string{},
217 EvictionSoft: map[string]string{},
218 EvictionSoftGracePeriod: map[string]string{},
219 EvictionPressureTransitionPeriod: zeroDuration,
220 EvictionMaxPodGracePeriod: 0,
221 EvictionMinimumReclaim: map[string]string{},
222 PodsPerCore: 0,
223 EnableControllerAttachDetach: utilpointer.Bool(false),
224 ProtectKernelDefaults: false,
225 MakeIPTablesUtilChains: utilpointer.Bool(false),
226 IPTablesMasqueradeBit: utilpointer.Int32(0),
227 IPTablesDropBit: utilpointer.Int32(0),
228 FeatureGates: map[string]bool{},
229 FailSwapOn: utilpointer.Bool(false),
230 MemorySwap: v1beta1.MemorySwapConfiguration{SwapBehavior: ""},
231 ContainerLogMaxSize: "",
232 ContainerLogMaxFiles: utilpointer.Int32(0),
233 ContainerLogMaxWorkers: utilpointer.Int32(1),
234 ContainerLogMonitorInterval: &metav1.Duration{Duration: 10 * time.Second},
235 ConfigMapAndSecretChangeDetectionStrategy: v1beta1.WatchChangeDetectionStrategy,
236 SystemReserved: map[string]string{},
237 KubeReserved: map[string]string{},
238 ReservedSystemCPUs: "",
239 ShowHiddenMetricsForVersion: "",
240 SystemReservedCgroup: "",
241 KubeReservedCgroup: "",
242 EnforceNodeAllocatable: []string{},
243 AllowedUnsafeSysctls: []string{},
244 VolumePluginDir: "",
245 ProviderID: "",
246 KernelMemcgNotification: false,
247 Logging: logsapi.LoggingConfiguration{
248 Format: "",
249 FlushFrequency: logsapi.TimeOrMetaDuration{Duration: metav1.Duration{Duration: 5 * time.Second}, SerializeAsString: true},
250 },
251 EnableSystemLogHandler: utilpointer.Bool(false),
252 ShutdownGracePeriod: zeroDuration,
253 ShutdownGracePeriodCriticalPods: zeroDuration,
254 ReservedMemory: []v1beta1.MemoryReservation{},
255 EnableProfilingHandler: utilpointer.Bool(false),
256 EnableDebugFlagsHandler: utilpointer.Bool(false),
257 SeccompDefault: utilpointer.Bool(false),
258 MemoryThrottlingFactor: utilpointer.Float64(0),
259 RegisterNode: utilpointer.Bool(false),
260 LocalStorageCapacityIsolation: utilpointer.Bool(false),
261 PodLogsDir: "",
262 },
263 &v1beta1.KubeletConfiguration{
264 EnableServer: utilpointer.Bool(false),
265 SyncFrequency: metav1.Duration{Duration: 1 * time.Minute},
266 FileCheckFrequency: metav1.Duration{Duration: 20 * time.Second},
267 HTTPCheckFrequency: metav1.Duration{Duration: 20 * time.Second},
268 StaticPodURLHeader: map[string][]string{},
269 Address: "0.0.0.0",
270 Port: 10250,
271 TLSCipherSuites: []string{},
272 Authentication: v1beta1.KubeletAuthentication{
273 X509: v1beta1.KubeletX509Authentication{ClientCAFile: ""},
274 Webhook: v1beta1.KubeletWebhookAuthentication{
275 Enabled: utilpointer.Bool(false),
276 CacheTTL: metav1.Duration{Duration: 2 * time.Minute},
277 },
278 Anonymous: v1beta1.KubeletAnonymousAuthentication{Enabled: utilpointer.Bool(false)},
279 },
280 Authorization: v1beta1.KubeletAuthorization{
281 Mode: v1beta1.KubeletAuthorizationModeWebhook,
282 Webhook: v1beta1.KubeletWebhookAuthorization{
283 CacheAuthorizedTTL: metav1.Duration{Duration: 5 * time.Minute},
284 CacheUnauthorizedTTL: metav1.Duration{Duration: 30 * time.Second},
285 },
286 },
287 RegistryPullQPS: utilpointer.Int32(0),
288 RegistryBurst: 10,
289 EventRecordQPS: utilpointer.Int32(0),
290 EventBurst: 100,
291 EnableDebuggingHandlers: utilpointer.Bool(false),
292 HealthzPort: utilpointer.Int32(0),
293 HealthzBindAddress: "127.0.0.1",
294 OOMScoreAdj: utilpointer.Int32(0),
295 ClusterDNS: []string{},
296 StreamingConnectionIdleTimeout: metav1.Duration{Duration: 4 * time.Hour},
297 NodeStatusUpdateFrequency: metav1.Duration{Duration: 10 * time.Second},
298 NodeStatusReportFrequency: metav1.Duration{Duration: 5 * time.Minute},
299 NodeLeaseDurationSeconds: 40,
300 ContainerRuntimeEndpoint: "unix:///run/containerd/containerd.sock",
301 ImageMinimumGCAge: metav1.Duration{Duration: 2 * time.Minute},
302 ImageGCHighThresholdPercent: utilpointer.Int32(0),
303 ImageGCLowThresholdPercent: utilpointer.Int32(0),
304 VolumeStatsAggPeriod: metav1.Duration{Duration: time.Minute},
305 CgroupsPerQOS: utilpointer.Bool(false),
306 CgroupDriver: "cgroupfs",
307 CPUManagerPolicy: "none",
308 CPUManagerPolicyOptions: map[string]string{},
309 CPUManagerReconcilePeriod: metav1.Duration{Duration: 10 * time.Second},
310 MemoryManagerPolicy: v1beta1.NoneMemoryManagerPolicy,
311 TopologyManagerPolicy: v1beta1.NoneTopologyManagerPolicy,
312 TopologyManagerScope: v1beta1.ContainerTopologyManagerScope,
313 QOSReserved: map[string]string{},
314 RuntimeRequestTimeout: metav1.Duration{Duration: 2 * time.Minute},
315 HairpinMode: v1beta1.PromiscuousBridge,
316 MaxPods: 110,
317 PodPidsLimit: utilpointer.Int64(0),
318 ResolverConfig: utilpointer.String(""),
319 CPUCFSQuota: utilpointer.Bool(false),
320 CPUCFSQuotaPeriod: &zeroDuration,
321 NodeStatusMaxImages: utilpointer.Int32(0),
322 MaxOpenFiles: 1000000,
323 ContentType: "application/vnd.kubernetes.protobuf",
324 KubeAPIQPS: utilpointer.Int32(0),
325 KubeAPIBurst: 100,
326 SerializeImagePulls: utilpointer.Bool(false),
327 MaxParallelImagePulls: nil,
328 EvictionHard: map[string]string{},
329 EvictionSoft: map[string]string{},
330 EvictionSoftGracePeriod: map[string]string{},
331 EvictionPressureTransitionPeriod: metav1.Duration{Duration: 5 * time.Minute},
332 EvictionMinimumReclaim: map[string]string{},
333 EnableControllerAttachDetach: utilpointer.Bool(false),
334 MakeIPTablesUtilChains: utilpointer.Bool(false),
335 IPTablesMasqueradeBit: utilpointer.Int32(0),
336 IPTablesDropBit: utilpointer.Int32(0),
337 FeatureGates: map[string]bool{},
338 FailSwapOn: utilpointer.Bool(false),
339 MemorySwap: v1beta1.MemorySwapConfiguration{SwapBehavior: ""},
340 ContainerLogMaxSize: "10Mi",
341 ContainerLogMaxFiles: utilpointer.Int32(0),
342 ContainerLogMaxWorkers: utilpointer.Int32(1),
343 ContainerLogMonitorInterval: &metav1.Duration{Duration: 10 * time.Second},
344 ConfigMapAndSecretChangeDetectionStrategy: v1beta1.WatchChangeDetectionStrategy,
345 SystemReserved: map[string]string{},
346 KubeReserved: map[string]string{},
347 EnforceNodeAllocatable: []string{},
348 AllowedUnsafeSysctls: []string{},
349 VolumePluginDir: DefaultVolumePluginDir,
350 Logging: logsapi.LoggingConfiguration{
351 Format: "text",
352 FlushFrequency: logsapi.TimeOrMetaDuration{Duration: metav1.Duration{Duration: 5 * time.Second}, SerializeAsString: true},
353 },
354 EnableSystemLogHandler: utilpointer.Bool(false),
355 ReservedMemory: []v1beta1.MemoryReservation{},
356 EnableProfilingHandler: utilpointer.Bool(false),
357 EnableDebugFlagsHandler: utilpointer.Bool(false),
358 SeccompDefault: utilpointer.Bool(false),
359 MemoryThrottlingFactor: utilpointer.Float64(0),
360 RegisterNode: utilpointer.Bool(false),
361 LocalStorageCapacityIsolation: utilpointer.Bool(false),
362 PodLogsDir: DefaultPodLogsDir,
363 },
364 },
365 {
366 "all positive",
367 &v1beta1.KubeletConfiguration{
368 EnableServer: utilpointer.Bool(true),
369 StaticPodPath: "static/pod/path",
370 SyncFrequency: metav1.Duration{Duration: 60 * time.Second},
371 FileCheckFrequency: metav1.Duration{Duration: 60 * time.Second},
372 HTTPCheckFrequency: metav1.Duration{Duration: 60 * time.Second},
373 StaticPodURL: "static-pod-url",
374 StaticPodURLHeader: map[string][]string{"Static-Pod-URL-Header": {"true"}},
375 Address: "192.168.1.2",
376 Port: 10250,
377 ReadOnlyPort: 10251,
378 TLSCertFile: "tls-cert-file",
379 TLSPrivateKeyFile: "tls-private-key-file",
380 TLSCipherSuites: []string{"TLS_AES_128_GCM_SHA256"},
381 TLSMinVersion: "1.3",
382 RotateCertificates: true,
383 ServerTLSBootstrap: true,
384 Authentication: v1beta1.KubeletAuthentication{
385 X509: v1beta1.KubeletX509Authentication{ClientCAFile: "client-ca-file"},
386 Webhook: v1beta1.KubeletWebhookAuthentication{
387 Enabled: utilpointer.Bool(true),
388 CacheTTL: metav1.Duration{Duration: 60 * time.Second},
389 },
390 Anonymous: v1beta1.KubeletAnonymousAuthentication{Enabled: utilpointer.Bool(true)},
391 },
392 Authorization: v1beta1.KubeletAuthorization{
393 Mode: v1beta1.KubeletAuthorizationModeAlwaysAllow,
394 Webhook: v1beta1.KubeletWebhookAuthorization{
395 CacheAuthorizedTTL: metav1.Duration{Duration: 60 * time.Second},
396 CacheUnauthorizedTTL: metav1.Duration{Duration: 60 * time.Second},
397 },
398 },
399 RegistryPullQPS: utilpointer.Int32(1),
400 RegistryBurst: 1,
401 EventRecordQPS: utilpointer.Int32(1),
402 EventBurst: 1,
403 EnableDebuggingHandlers: utilpointer.Bool(true),
404 EnableContentionProfiling: true,
405 HealthzPort: utilpointer.Int32(1),
406 HealthzBindAddress: "127.0.0.2",
407 OOMScoreAdj: utilpointer.Int32(1),
408 ClusterDomain: "cluster-domain",
409 ClusterDNS: []string{"192.168.1.3"},
410 StreamingConnectionIdleTimeout: metav1.Duration{Duration: 60 * time.Second},
411 NodeStatusUpdateFrequency: metav1.Duration{Duration: 60 * time.Second},
412 NodeStatusReportFrequency: metav1.Duration{Duration: 60 * time.Second},
413 NodeLeaseDurationSeconds: 1,
414 ContainerRuntimeEndpoint: "unix:///run/containerd/containerd.sock",
415 ImageMinimumGCAge: metav1.Duration{Duration: 60 * time.Second},
416 ImageGCHighThresholdPercent: utilpointer.Int32(1),
417 ImageGCLowThresholdPercent: utilpointer.Int32(1),
418 VolumeStatsAggPeriod: metav1.Duration{Duration: 60 * time.Second},
419 KubeletCgroups: "kubelet-cgroup",
420 SystemCgroups: "system-cgroup",
421 CgroupRoot: "root-cgroup",
422 CgroupsPerQOS: utilpointer.Bool(true),
423 CgroupDriver: "systemd",
424 CPUManagerPolicy: "cpu-manager-policy",
425 CPUManagerPolicyOptions: map[string]string{"key": "value"},
426 CPUManagerReconcilePeriod: metav1.Duration{Duration: 60 * time.Second},
427 MemoryManagerPolicy: v1beta1.StaticMemoryManagerPolicy,
428 TopologyManagerPolicy: v1beta1.RestrictedTopologyManagerPolicy,
429 TopologyManagerScope: v1beta1.PodTopologyManagerScope,
430 QOSReserved: map[string]string{"memory": "10%"},
431 RuntimeRequestTimeout: metav1.Duration{Duration: 60 * time.Second},
432 HairpinMode: v1beta1.HairpinVeth,
433 MaxPods: 1,
434 PodCIDR: "192.168.1.0/24",
435 PodPidsLimit: utilpointer.Int64(1),
436 ResolverConfig: utilpointer.String("resolver-config"),
437 RunOnce: true,
438 CPUCFSQuota: utilpointer.Bool(true),
439 CPUCFSQuotaPeriod: &metav1.Duration{Duration: 60 * time.Second},
440 NodeStatusMaxImages: utilpointer.Int32(1),
441 MaxOpenFiles: 1,
442 ContentType: "application/protobuf",
443 KubeAPIQPS: utilpointer.Int32(1),
444 KubeAPIBurst: 1,
445 SerializeImagePulls: utilpointer.Bool(true),
446 MaxParallelImagePulls: utilpointer.Int32(5),
447 EvictionHard: map[string]string{
448 "memory.available": "1Mi",
449 "nodefs.available": "1%",
450 "imagefs.available": "1%",
451 },
452 EvictionSoft: map[string]string{
453 "memory.available": "2Mi",
454 "nodefs.available": "2%",
455 "imagefs.available": "2%",
456 },
457 EvictionSoftGracePeriod: map[string]string{
458 "memory.available": "60s",
459 "nodefs.available": "60s",
460 "imagefs.available": "60s",
461 },
462 EvictionPressureTransitionPeriod: metav1.Duration{Duration: 60 * time.Second},
463 EvictionMaxPodGracePeriod: 1,
464 EvictionMinimumReclaim: map[string]string{
465 "imagefs.available": "1Gi",
466 },
467 PodsPerCore: 1,
468 EnableControllerAttachDetach: utilpointer.Bool(true),
469 ProtectKernelDefaults: true,
470 MakeIPTablesUtilChains: utilpointer.Bool(true),
471 IPTablesMasqueradeBit: utilpointer.Int32(1),
472 IPTablesDropBit: utilpointer.Int32(1),
473 FailSwapOn: utilpointer.Bool(true),
474 MemorySwap: v1beta1.MemorySwapConfiguration{SwapBehavior: "NoSwap"},
475 ContainerLogMaxSize: "1Mi",
476 ContainerLogMaxFiles: utilpointer.Int32(1),
477 ContainerLogMaxWorkers: utilpointer.Int32(1),
478 ContainerLogMonitorInterval: &metav1.Duration{Duration: 10 * time.Second},
479 ConfigMapAndSecretChangeDetectionStrategy: v1beta1.TTLCacheChangeDetectionStrategy,
480 SystemReserved: map[string]string{
481 "memory": "1Gi",
482 },
483 KubeReserved: map[string]string{
484 "memory": "1Gi",
485 },
486 ReservedSystemCPUs: "0,1",
487 ShowHiddenMetricsForVersion: "1.16",
488 SystemReservedCgroup: "system-reserved-cgroup",
489 KubeReservedCgroup: "kube-reserved-cgroup",
490 EnforceNodeAllocatable: []string{"system-reserved"},
491 AllowedUnsafeSysctls: []string{"kernel.msg*"},
492 VolumePluginDir: "volume-plugin-dir",
493 ProviderID: "provider-id",
494 KernelMemcgNotification: true,
495 Logging: logsapi.LoggingConfiguration{
496 Format: "json",
497 FlushFrequency: logsapi.TimeOrMetaDuration{Duration: metav1.Duration{Duration: 5 * time.Second}, SerializeAsString: true},
498 },
499 EnableSystemLogHandler: utilpointer.Bool(true),
500 ShutdownGracePeriod: metav1.Duration{Duration: 60 * time.Second},
501 ShutdownGracePeriodCriticalPods: metav1.Duration{Duration: 60 * time.Second},
502 ReservedMemory: []v1beta1.MemoryReservation{
503 {
504 NumaNode: 1,
505 Limits: v1.ResourceList{v1.ResourceMemory: resource.MustParse("1Gi")},
506 },
507 },
508 EnableProfilingHandler: utilpointer.Bool(true),
509 EnableDebugFlagsHandler: utilpointer.Bool(true),
510 SeccompDefault: utilpointer.Bool(true),
511 MemoryThrottlingFactor: utilpointer.Float64(1),
512 RegisterNode: utilpointer.Bool(true),
513 LocalStorageCapacityIsolation: utilpointer.Bool(true),
514 PodLogsDir: "/custom/path",
515 },
516 &v1beta1.KubeletConfiguration{
517 EnableServer: utilpointer.Bool(true),
518 StaticPodPath: "static/pod/path",
519 SyncFrequency: metav1.Duration{Duration: 60 * time.Second},
520 FileCheckFrequency: metav1.Duration{Duration: 60 * time.Second},
521 HTTPCheckFrequency: metav1.Duration{Duration: 60 * time.Second},
522 StaticPodURL: "static-pod-url",
523 StaticPodURLHeader: map[string][]string{"Static-Pod-URL-Header": {"true"}},
524 Address: "192.168.1.2",
525 Port: 10250,
526 ReadOnlyPort: 10251,
527 TLSCertFile: "tls-cert-file",
528 TLSPrivateKeyFile: "tls-private-key-file",
529 TLSCipherSuites: []string{"TLS_AES_128_GCM_SHA256"},
530 TLSMinVersion: "1.3",
531 RotateCertificates: true,
532 ServerTLSBootstrap: true,
533 Authentication: v1beta1.KubeletAuthentication{
534 X509: v1beta1.KubeletX509Authentication{ClientCAFile: "client-ca-file"},
535 Webhook: v1beta1.KubeletWebhookAuthentication{
536 Enabled: utilpointer.Bool(true),
537 CacheTTL: metav1.Duration{Duration: 60 * time.Second},
538 },
539 Anonymous: v1beta1.KubeletAnonymousAuthentication{Enabled: utilpointer.Bool(true)},
540 },
541 Authorization: v1beta1.KubeletAuthorization{
542 Mode: v1beta1.KubeletAuthorizationModeAlwaysAllow,
543 Webhook: v1beta1.KubeletWebhookAuthorization{
544 CacheAuthorizedTTL: metav1.Duration{Duration: 60 * time.Second},
545 CacheUnauthorizedTTL: metav1.Duration{Duration: 60 * time.Second},
546 },
547 },
548 RegistryPullQPS: utilpointer.Int32(1),
549 RegistryBurst: 1,
550 EventRecordQPS: utilpointer.Int32(1),
551 EventBurst: 1,
552 EnableDebuggingHandlers: utilpointer.Bool(true),
553 EnableContentionProfiling: true,
554 HealthzPort: utilpointer.Int32(1),
555 HealthzBindAddress: "127.0.0.2",
556 OOMScoreAdj: utilpointer.Int32(1),
557 ClusterDomain: "cluster-domain",
558 ClusterDNS: []string{"192.168.1.3"},
559 StreamingConnectionIdleTimeout: metav1.Duration{Duration: 60 * time.Second},
560 NodeStatusUpdateFrequency: metav1.Duration{Duration: 60 * time.Second},
561 NodeStatusReportFrequency: metav1.Duration{Duration: 60 * time.Second},
562 NodeLeaseDurationSeconds: 1,
563 ContainerRuntimeEndpoint: "unix:///run/containerd/containerd.sock",
564 ImageMinimumGCAge: metav1.Duration{Duration: 60 * time.Second},
565 ImageGCHighThresholdPercent: utilpointer.Int32(1),
566 ImageGCLowThresholdPercent: utilpointer.Int32(1),
567 VolumeStatsAggPeriod: metav1.Duration{Duration: 60 * time.Second},
568 KubeletCgroups: "kubelet-cgroup",
569 SystemCgroups: "system-cgroup",
570 CgroupRoot: "root-cgroup",
571 CgroupsPerQOS: utilpointer.Bool(true),
572 CgroupDriver: "systemd",
573 CPUManagerPolicy: "cpu-manager-policy",
574 CPUManagerPolicyOptions: map[string]string{"key": "value"},
575 CPUManagerReconcilePeriod: metav1.Duration{Duration: 60 * time.Second},
576 MemoryManagerPolicy: v1beta1.StaticMemoryManagerPolicy,
577 TopologyManagerPolicy: v1beta1.RestrictedTopologyManagerPolicy,
578 TopologyManagerScope: v1beta1.PodTopologyManagerScope,
579 QOSReserved: map[string]string{"memory": "10%"},
580 RuntimeRequestTimeout: metav1.Duration{Duration: 60 * time.Second},
581 HairpinMode: v1beta1.HairpinVeth,
582 MaxPods: 1,
583 PodCIDR: "192.168.1.0/24",
584 PodPidsLimit: utilpointer.Int64(1),
585 ResolverConfig: utilpointer.String("resolver-config"),
586 RunOnce: true,
587 CPUCFSQuota: utilpointer.Bool(true),
588 CPUCFSQuotaPeriod: &metav1.Duration{Duration: 60 * time.Second},
589 NodeStatusMaxImages: utilpointer.Int32(1),
590 MaxOpenFiles: 1,
591 ContentType: "application/protobuf",
592 KubeAPIQPS: utilpointer.Int32(1),
593 KubeAPIBurst: 1,
594 SerializeImagePulls: utilpointer.Bool(true),
595 MaxParallelImagePulls: utilpointer.Int32Ptr(5),
596 EvictionHard: map[string]string{
597 "memory.available": "1Mi",
598 "nodefs.available": "1%",
599 "imagefs.available": "1%",
600 },
601 EvictionSoft: map[string]string{
602 "memory.available": "2Mi",
603 "nodefs.available": "2%",
604 "imagefs.available": "2%",
605 },
606 EvictionSoftGracePeriod: map[string]string{
607 "memory.available": "60s",
608 "nodefs.available": "60s",
609 "imagefs.available": "60s",
610 },
611 EvictionPressureTransitionPeriod: metav1.Duration{Duration: 60 * time.Second},
612 EvictionMaxPodGracePeriod: 1,
613 EvictionMinimumReclaim: map[string]string{
614 "imagefs.available": "1Gi",
615 },
616 PodsPerCore: 1,
617 EnableControllerAttachDetach: utilpointer.Bool(true),
618 ProtectKernelDefaults: true,
619 MakeIPTablesUtilChains: utilpointer.Bool(true),
620 IPTablesMasqueradeBit: utilpointer.Int32(1),
621 IPTablesDropBit: utilpointer.Int32(1),
622 FailSwapOn: utilpointer.Bool(true),
623 MemorySwap: v1beta1.MemorySwapConfiguration{SwapBehavior: "NoSwap"},
624 ContainerLogMaxSize: "1Mi",
625 ContainerLogMaxFiles: utilpointer.Int32(1),
626 ContainerLogMaxWorkers: utilpointer.Int32(1),
627 ContainerLogMonitorInterval: &metav1.Duration{Duration: 10 * time.Second},
628 ConfigMapAndSecretChangeDetectionStrategy: v1beta1.TTLCacheChangeDetectionStrategy,
629 SystemReserved: map[string]string{
630 "memory": "1Gi",
631 },
632 KubeReserved: map[string]string{
633 "memory": "1Gi",
634 },
635 ReservedSystemCPUs: "0,1",
636 ShowHiddenMetricsForVersion: "1.16",
637 SystemReservedCgroup: "system-reserved-cgroup",
638 KubeReservedCgroup: "kube-reserved-cgroup",
639 EnforceNodeAllocatable: []string{"system-reserved"},
640 AllowedUnsafeSysctls: []string{"kernel.msg*"},
641 VolumePluginDir: "volume-plugin-dir",
642 ProviderID: "provider-id",
643 KernelMemcgNotification: true,
644 Logging: logsapi.LoggingConfiguration{
645 Format: "json",
646 FlushFrequency: logsapi.TimeOrMetaDuration{Duration: metav1.Duration{Duration: 5 * time.Second}, SerializeAsString: true},
647 },
648 EnableSystemLogHandler: utilpointer.Bool(true),
649 ShutdownGracePeriod: metav1.Duration{Duration: 60 * time.Second},
650 ShutdownGracePeriodCriticalPods: metav1.Duration{Duration: 60 * time.Second},
651 ReservedMemory: []v1beta1.MemoryReservation{
652 {
653 NumaNode: 1,
654 Limits: v1.ResourceList{v1.ResourceMemory: resource.MustParse("1Gi")},
655 },
656 },
657 EnableProfilingHandler: utilpointer.Bool(true),
658 EnableDebugFlagsHandler: utilpointer.Bool(true),
659 SeccompDefault: utilpointer.Bool(true),
660 MemoryThrottlingFactor: utilpointer.Float64(1),
661 RegisterNode: utilpointer.Bool(true),
662 LocalStorageCapacityIsolation: utilpointer.Bool(true),
663 PodLogsDir: "/custom/path",
664 },
665 },
666 {
667 "NodeStatusUpdateFrequency is not zero",
668 &v1beta1.KubeletConfiguration{
669 NodeStatusUpdateFrequency: metav1.Duration{Duration: 1 * time.Minute},
670 },
671 &v1beta1.KubeletConfiguration{
672 EnableServer: utilpointer.Bool(true),
673 SyncFrequency: metav1.Duration{Duration: 1 * time.Minute},
674 FileCheckFrequency: metav1.Duration{Duration: 20 * time.Second},
675 HTTPCheckFrequency: metav1.Duration{Duration: 20 * time.Second},
676 Address: "0.0.0.0",
677 Port: ports.KubeletPort,
678 Authentication: v1beta1.KubeletAuthentication{
679 Anonymous: v1beta1.KubeletAnonymousAuthentication{Enabled: utilpointer.Bool(false)},
680 Webhook: v1beta1.KubeletWebhookAuthentication{
681 Enabled: utilpointer.Bool(true),
682 CacheTTL: metav1.Duration{Duration: 2 * time.Minute},
683 },
684 },
685 Authorization: v1beta1.KubeletAuthorization{
686 Mode: v1beta1.KubeletAuthorizationModeWebhook,
687 Webhook: v1beta1.KubeletWebhookAuthorization{
688 CacheAuthorizedTTL: metav1.Duration{Duration: 5 * time.Minute},
689 CacheUnauthorizedTTL: metav1.Duration{Duration: 30 * time.Second},
690 },
691 },
692 RegistryPullQPS: utilpointer.Int32(5),
693 RegistryBurst: 10,
694 EventRecordQPS: utilpointer.Int32(50),
695 EventBurst: 100,
696 EnableDebuggingHandlers: utilpointer.Bool(true),
697 HealthzPort: utilpointer.Int32(10248),
698 HealthzBindAddress: "127.0.0.1",
699 OOMScoreAdj: utilpointer.Int32(int32(qos.KubeletOOMScoreAdj)),
700 StreamingConnectionIdleTimeout: metav1.Duration{Duration: 4 * time.Hour},
701 NodeStatusUpdateFrequency: metav1.Duration{Duration: 1 * time.Minute},
702 NodeStatusReportFrequency: metav1.Duration{Duration: 1 * time.Minute},
703 NodeLeaseDurationSeconds: 40,
704 ContainerRuntimeEndpoint: "unix:///run/containerd/containerd.sock",
705 ImageMinimumGCAge: metav1.Duration{Duration: 2 * time.Minute},
706 ImageGCHighThresholdPercent: utilpointer.Int32(85),
707 ImageGCLowThresholdPercent: utilpointer.Int32(80),
708 VolumeStatsAggPeriod: metav1.Duration{Duration: time.Minute},
709 CgroupsPerQOS: utilpointer.Bool(true),
710 CgroupDriver: "cgroupfs",
711 CPUManagerPolicy: "none",
712 CPUManagerReconcilePeriod: metav1.Duration{Duration: 10 * time.Second},
713 MemoryManagerPolicy: v1beta1.NoneMemoryManagerPolicy,
714 TopologyManagerPolicy: v1beta1.NoneTopologyManagerPolicy,
715 TopologyManagerScope: v1beta1.ContainerTopologyManagerScope,
716 RuntimeRequestTimeout: metav1.Duration{Duration: 2 * time.Minute},
717 HairpinMode: v1beta1.PromiscuousBridge,
718 MaxPods: 110,
719 PodPidsLimit: utilpointer.Int64(-1),
720 ResolverConfig: utilpointer.String(kubetypes.ResolvConfDefault),
721 CPUCFSQuota: utilpointer.Bool(true),
722 CPUCFSQuotaPeriod: &metav1.Duration{Duration: 100 * time.Millisecond},
723 NodeStatusMaxImages: utilpointer.Int32(50),
724 MaxOpenFiles: 1000000,
725 ContentType: "application/vnd.kubernetes.protobuf",
726 KubeAPIQPS: utilpointer.Int32(50),
727 KubeAPIBurst: 100,
728 SerializeImagePulls: utilpointer.Bool(true),
729 MaxParallelImagePulls: nil,
730 EvictionHard: nil,
731 EvictionPressureTransitionPeriod: metav1.Duration{Duration: 5 * time.Minute},
732 EnableControllerAttachDetach: utilpointer.Bool(true),
733 MakeIPTablesUtilChains: utilpointer.Bool(true),
734 IPTablesMasqueradeBit: utilpointer.Int32Ptr(DefaultIPTablesMasqueradeBit),
735 IPTablesDropBit: utilpointer.Int32Ptr(DefaultIPTablesDropBit),
736 FailSwapOn: utilpointer.Bool(true),
737 ContainerLogMaxSize: "10Mi",
738 ContainerLogMaxFiles: utilpointer.Int32(5),
739 ContainerLogMaxWorkers: utilpointer.Int32(1),
740 ContainerLogMonitorInterval: &metav1.Duration{Duration: 10 * time.Second},
741 ConfigMapAndSecretChangeDetectionStrategy: v1beta1.WatchChangeDetectionStrategy,
742 EnforceNodeAllocatable: DefaultNodeAllocatableEnforcement,
743 VolumePluginDir: DefaultVolumePluginDir,
744 Logging: logsapi.LoggingConfiguration{
745 Format: "text",
746 FlushFrequency: logsapi.TimeOrMetaDuration{Duration: metav1.Duration{Duration: 5 * time.Second}, SerializeAsString: true},
747 },
748 EnableSystemLogHandler: utilpointer.Bool(true),
749 EnableProfilingHandler: utilpointer.Bool(true),
750 EnableDebugFlagsHandler: utilpointer.Bool(true),
751 SeccompDefault: utilpointer.Bool(false),
752 MemoryThrottlingFactor: utilpointer.Float64Ptr(DefaultMemoryThrottlingFactor),
753 RegisterNode: utilpointer.Bool(true),
754 LocalStorageCapacityIsolation: utilpointer.Bool(true),
755 PodLogsDir: DefaultPodLogsDir,
756 },
757 },
758 {
759 "SerializeImagePull defaults to false when MaxParallelImagePulls is larger than 1",
760 &v1beta1.KubeletConfiguration{
761 MaxParallelImagePulls: utilpointer.Int32(5),
762 },
763 &v1beta1.KubeletConfiguration{
764 EnableServer: utilpointer.Bool(true),
765 SyncFrequency: metav1.Duration{Duration: 1 * time.Minute},
766 FileCheckFrequency: metav1.Duration{Duration: 20 * time.Second},
767 HTTPCheckFrequency: metav1.Duration{Duration: 20 * time.Second},
768 Address: "0.0.0.0",
769 Port: ports.KubeletPort,
770 Authentication: v1beta1.KubeletAuthentication{
771 Anonymous: v1beta1.KubeletAnonymousAuthentication{Enabled: utilpointer.Bool(false)},
772 Webhook: v1beta1.KubeletWebhookAuthentication{
773 Enabled: utilpointer.Bool(true),
774 CacheTTL: metav1.Duration{Duration: 2 * time.Minute},
775 },
776 },
777 Authorization: v1beta1.KubeletAuthorization{
778 Mode: v1beta1.KubeletAuthorizationModeWebhook,
779 Webhook: v1beta1.KubeletWebhookAuthorization{
780 CacheAuthorizedTTL: metav1.Duration{Duration: 5 * time.Minute},
781 CacheUnauthorizedTTL: metav1.Duration{Duration: 30 * time.Second},
782 },
783 },
784 RegistryPullQPS: utilpointer.Int32Ptr(5),
785 RegistryBurst: 10,
786 EventRecordQPS: utilpointer.Int32Ptr(50),
787 EventBurst: 100,
788 EnableDebuggingHandlers: utilpointer.Bool(true),
789 HealthzPort: utilpointer.Int32Ptr(10248),
790 HealthzBindAddress: "127.0.0.1",
791 OOMScoreAdj: utilpointer.Int32Ptr(int32(qos.KubeletOOMScoreAdj)),
792 StreamingConnectionIdleTimeout: metav1.Duration{Duration: 4 * time.Hour},
793 NodeStatusUpdateFrequency: metav1.Duration{Duration: 10 * time.Second},
794 NodeStatusReportFrequency: metav1.Duration{Duration: 5 * time.Minute},
795 NodeLeaseDurationSeconds: 40,
796 ContainerRuntimeEndpoint: "unix:///run/containerd/containerd.sock",
797 ImageMinimumGCAge: metav1.Duration{Duration: 2 * time.Minute},
798 ImageGCHighThresholdPercent: utilpointer.Int32Ptr(85),
799 ImageGCLowThresholdPercent: utilpointer.Int32Ptr(80),
800 VolumeStatsAggPeriod: metav1.Duration{Duration: time.Minute},
801 CgroupsPerQOS: utilpointer.Bool(true),
802 CgroupDriver: "cgroupfs",
803 CPUManagerPolicy: "none",
804 CPUManagerReconcilePeriod: metav1.Duration{Duration: 10 * time.Second},
805 MemoryManagerPolicy: v1beta1.NoneMemoryManagerPolicy,
806 TopologyManagerPolicy: v1beta1.NoneTopologyManagerPolicy,
807 TopologyManagerScope: v1beta1.ContainerTopologyManagerScope,
808 RuntimeRequestTimeout: metav1.Duration{Duration: 2 * time.Minute},
809 HairpinMode: v1beta1.PromiscuousBridge,
810 MaxPods: 110,
811 PodPidsLimit: utilpointer.Int64(-1),
812 ResolverConfig: utilpointer.String(kubetypes.ResolvConfDefault),
813 CPUCFSQuota: utilpointer.Bool(true),
814 CPUCFSQuotaPeriod: &metav1.Duration{Duration: 100 * time.Millisecond},
815 NodeStatusMaxImages: utilpointer.Int32Ptr(50),
816 MaxOpenFiles: 1000000,
817 ContentType: "application/vnd.kubernetes.protobuf",
818 KubeAPIQPS: utilpointer.Int32Ptr(50),
819 KubeAPIBurst: 100,
820 SerializeImagePulls: utilpointer.Bool(false),
821 MaxParallelImagePulls: utilpointer.Int32(5),
822 EvictionHard: nil,
823 EvictionPressureTransitionPeriod: metav1.Duration{Duration: 5 * time.Minute},
824 EnableControllerAttachDetach: utilpointer.Bool(true),
825 MakeIPTablesUtilChains: utilpointer.Bool(true),
826 IPTablesMasqueradeBit: utilpointer.Int32Ptr(DefaultIPTablesMasqueradeBit),
827 IPTablesDropBit: utilpointer.Int32Ptr(DefaultIPTablesDropBit),
828 FailSwapOn: utilpointer.Bool(true),
829 ContainerLogMaxSize: "10Mi",
830 ContainerLogMaxFiles: utilpointer.Int32(5),
831 ContainerLogMaxWorkers: utilpointer.Int32(1),
832 ContainerLogMonitorInterval: &metav1.Duration{Duration: 10 * time.Second},
833 ConfigMapAndSecretChangeDetectionStrategy: v1beta1.WatchChangeDetectionStrategy,
834 EnforceNodeAllocatable: DefaultNodeAllocatableEnforcement,
835 VolumePluginDir: DefaultVolumePluginDir,
836 Logging: logsapi.LoggingConfiguration{
837 Format: "text",
838 FlushFrequency: logsapi.TimeOrMetaDuration{Duration: metav1.Duration{Duration: 5 * time.Second}, SerializeAsString: true},
839 },
840 EnableSystemLogHandler: utilpointer.Bool(true),
841 EnableProfilingHandler: utilpointer.Bool(true),
842 EnableDebugFlagsHandler: utilpointer.Bool(true),
843 SeccompDefault: utilpointer.Bool(false),
844 MemoryThrottlingFactor: utilpointer.Float64Ptr(DefaultMemoryThrottlingFactor),
845 RegisterNode: utilpointer.Bool(true),
846 LocalStorageCapacityIsolation: utilpointer.Bool(true),
847 PodLogsDir: DefaultPodLogsDir,
848 },
849 },
850 {
851 "SerializeImagePull defaults to true when MaxParallelImagePulls is set to 1",
852 &v1beta1.KubeletConfiguration{
853 MaxParallelImagePulls: utilpointer.Int32(1),
854 },
855 &v1beta1.KubeletConfiguration{
856 EnableServer: utilpointer.Bool(true),
857 SyncFrequency: metav1.Duration{Duration: 1 * time.Minute},
858 FileCheckFrequency: metav1.Duration{Duration: 20 * time.Second},
859 HTTPCheckFrequency: metav1.Duration{Duration: 20 * time.Second},
860 Address: "0.0.0.0",
861 Port: ports.KubeletPort,
862 Authentication: v1beta1.KubeletAuthentication{
863 Anonymous: v1beta1.KubeletAnonymousAuthentication{Enabled: utilpointer.Bool(false)},
864 Webhook: v1beta1.KubeletWebhookAuthentication{
865 Enabled: utilpointer.Bool(true),
866 CacheTTL: metav1.Duration{Duration: 2 * time.Minute},
867 },
868 },
869 Authorization: v1beta1.KubeletAuthorization{
870 Mode: v1beta1.KubeletAuthorizationModeWebhook,
871 Webhook: v1beta1.KubeletWebhookAuthorization{
872 CacheAuthorizedTTL: metav1.Duration{Duration: 5 * time.Minute},
873 CacheUnauthorizedTTL: metav1.Duration{Duration: 30 * time.Second},
874 },
875 },
876 RegistryPullQPS: utilpointer.Int32Ptr(5),
877 RegistryBurst: 10,
878 EventRecordQPS: utilpointer.Int32Ptr(50),
879 EventBurst: 100,
880 EnableDebuggingHandlers: utilpointer.Bool(true),
881 HealthzPort: utilpointer.Int32Ptr(10248),
882 HealthzBindAddress: "127.0.0.1",
883 OOMScoreAdj: utilpointer.Int32Ptr(int32(qos.KubeletOOMScoreAdj)),
884 StreamingConnectionIdleTimeout: metav1.Duration{Duration: 4 * time.Hour},
885 NodeStatusUpdateFrequency: metav1.Duration{Duration: 10 * time.Second},
886 NodeStatusReportFrequency: metav1.Duration{Duration: 5 * time.Minute},
887 NodeLeaseDurationSeconds: 40,
888 ContainerRuntimeEndpoint: "unix:///run/containerd/containerd.sock",
889 ImageMinimumGCAge: metav1.Duration{Duration: 2 * time.Minute},
890 ImageGCHighThresholdPercent: utilpointer.Int32Ptr(85),
891 ImageGCLowThresholdPercent: utilpointer.Int32Ptr(80),
892 VolumeStatsAggPeriod: metav1.Duration{Duration: time.Minute},
893 CgroupsPerQOS: utilpointer.Bool(true),
894 CgroupDriver: "cgroupfs",
895 CPUManagerPolicy: "none",
896 CPUManagerReconcilePeriod: metav1.Duration{Duration: 10 * time.Second},
897 MemoryManagerPolicy: v1beta1.NoneMemoryManagerPolicy,
898 TopologyManagerPolicy: v1beta1.NoneTopologyManagerPolicy,
899 TopologyManagerScope: v1beta1.ContainerTopologyManagerScope,
900 RuntimeRequestTimeout: metav1.Duration{Duration: 2 * time.Minute},
901 HairpinMode: v1beta1.PromiscuousBridge,
902 MaxPods: 110,
903 PodPidsLimit: utilpointer.Int64(-1),
904 ResolverConfig: utilpointer.String(kubetypes.ResolvConfDefault),
905 CPUCFSQuota: utilpointer.Bool(true),
906 CPUCFSQuotaPeriod: &metav1.Duration{Duration: 100 * time.Millisecond},
907 NodeStatusMaxImages: utilpointer.Int32Ptr(50),
908 MaxOpenFiles: 1000000,
909 ContentType: "application/vnd.kubernetes.protobuf",
910 KubeAPIQPS: utilpointer.Int32Ptr(50),
911 KubeAPIBurst: 100,
912 SerializeImagePulls: utilpointer.Bool(true),
913 MaxParallelImagePulls: utilpointer.Int32(1),
914 EvictionHard: nil,
915 EvictionPressureTransitionPeriod: metav1.Duration{Duration: 5 * time.Minute},
916 EnableControllerAttachDetach: utilpointer.Bool(true),
917 MakeIPTablesUtilChains: utilpointer.Bool(true),
918 IPTablesMasqueradeBit: utilpointer.Int32(DefaultIPTablesMasqueradeBit),
919 IPTablesDropBit: utilpointer.Int32(DefaultIPTablesDropBit),
920 FailSwapOn: utilpointer.Bool(true),
921 ContainerLogMaxSize: "10Mi",
922 ContainerLogMaxFiles: utilpointer.Int32(5),
923 ContainerLogMaxWorkers: utilpointer.Int32(1),
924 ContainerLogMonitorInterval: &metav1.Duration{Duration: 10 * time.Second},
925 ConfigMapAndSecretChangeDetectionStrategy: v1beta1.WatchChangeDetectionStrategy,
926 EnforceNodeAllocatable: DefaultNodeAllocatableEnforcement,
927 VolumePluginDir: DefaultVolumePluginDir,
928 Logging: logsapi.LoggingConfiguration{
929 Format: "text",
930 FlushFrequency: logsapi.TimeOrMetaDuration{Duration: metav1.Duration{Duration: 5 * time.Second}, SerializeAsString: true},
931 },
932 EnableSystemLogHandler: utilpointer.Bool(true),
933 EnableProfilingHandler: utilpointer.Bool(true),
934 EnableDebugFlagsHandler: utilpointer.Bool(true),
935 SeccompDefault: utilpointer.Bool(false),
936 MemoryThrottlingFactor: utilpointer.Float64(DefaultMemoryThrottlingFactor),
937 RegisterNode: utilpointer.Bool(true),
938 LocalStorageCapacityIsolation: utilpointer.Bool(true),
939 PodLogsDir: DefaultPodLogsDir,
940 },
941 },
942 }
943
944 for _, tc := range tests {
945 t.Run(tc.name, func(t *testing.T) {
946 SetDefaults_KubeletConfiguration(tc.config)
947 if diff := cmp.Diff(tc.expected, tc.config); diff != "" {
948 t.Errorf("Got unexpected defaults (-want, +got):\n%s", diff)
949 }
950 })
951 }
952 }
953
View as plain text