k8s.io/kubernetes@v1.29.3/pkg/kubelet/apis/config/v1beta1/defaults.go (about) 1 /* 2 Copyright 2015 The Kubernetes Authors. 3 4 Licensed under the Apache License, Version 2.0 (the "License"); 5 you may not use this file except in compliance with the License. 6 You may obtain a copy of the License at 7 8 http://www.apache.org/licenses/LICENSE-2.0 9 10 Unless required by applicable law or agreed to in writing, software 11 distributed under the License is distributed on an "AS IS" BASIS, 12 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 See the License for the specific language governing permissions and 14 limitations under the License. 15 */ 16 17 package v1beta1 18 19 import ( 20 "time" 21 22 metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" 23 kruntime "k8s.io/apimachinery/pkg/runtime" 24 kubeletconfigv1beta1 "k8s.io/kubelet/config/v1beta1" 25 26 // TODO: Cut references to k8s.io/kubernetes, eventually there should be none from this package 27 logsapi "k8s.io/component-base/logs/api/v1" 28 "k8s.io/kubernetes/pkg/cluster/ports" 29 "k8s.io/kubernetes/pkg/kubelet/qos" 30 kubetypes "k8s.io/kubernetes/pkg/kubelet/types" 31 utilpointer "k8s.io/utils/pointer" 32 ) 33 34 const ( 35 // TODO: Move these constants to k8s.io/kubelet/config/v1beta1 instead? 36 DefaultIPTablesMasqueradeBit = 14 37 DefaultIPTablesDropBit = 15 38 DefaultVolumePluginDir = "/usr/libexec/kubernetes/kubelet-plugins/volume/exec/" 39 40 // See https://github.com/kubernetes/enhancements/tree/master/keps/sig-node/2570-memory-qos 41 DefaultMemoryThrottlingFactor = 0.9 42 ) 43 44 var ( 45 zeroDuration = metav1.Duration{} 46 // TODO: Move these constants to k8s.io/kubelet/config/v1beta1 instead? 47 // Refer to [Node Allocatable](https://kubernetes.io/docs/tasks/administer-cluster/reserve-compute-resources/#node-allocatable) doc for more information. 48 DefaultNodeAllocatableEnforcement = []string{"pods"} 49 ) 50 51 func addDefaultingFuncs(scheme *kruntime.Scheme) error { 52 return RegisterDefaults(scheme) 53 } 54 55 func SetDefaults_KubeletConfiguration(obj *kubeletconfigv1beta1.KubeletConfiguration) { 56 if obj.EnableServer == nil { 57 obj.EnableServer = utilpointer.Bool(true) 58 } 59 if obj.SyncFrequency == zeroDuration { 60 obj.SyncFrequency = metav1.Duration{Duration: 1 * time.Minute} 61 } 62 if obj.FileCheckFrequency == zeroDuration { 63 obj.FileCheckFrequency = metav1.Duration{Duration: 20 * time.Second} 64 } 65 if obj.HTTPCheckFrequency == zeroDuration { 66 obj.HTTPCheckFrequency = metav1.Duration{Duration: 20 * time.Second} 67 } 68 if obj.Address == "" { 69 obj.Address = "0.0.0.0" 70 } 71 if obj.Port == 0 { 72 obj.Port = ports.KubeletPort 73 } 74 if obj.Authentication.Anonymous.Enabled == nil { 75 obj.Authentication.Anonymous.Enabled = utilpointer.Bool(false) 76 } 77 if obj.Authentication.Webhook.Enabled == nil { 78 obj.Authentication.Webhook.Enabled = utilpointer.Bool(true) 79 } 80 if obj.Authentication.Webhook.CacheTTL == zeroDuration { 81 obj.Authentication.Webhook.CacheTTL = metav1.Duration{Duration: 2 * time.Minute} 82 } 83 if obj.Authorization.Mode == "" { 84 obj.Authorization.Mode = kubeletconfigv1beta1.KubeletAuthorizationModeWebhook 85 } 86 if obj.Authorization.Webhook.CacheAuthorizedTTL == zeroDuration { 87 obj.Authorization.Webhook.CacheAuthorizedTTL = metav1.Duration{Duration: 5 * time.Minute} 88 } 89 if obj.Authorization.Webhook.CacheUnauthorizedTTL == zeroDuration { 90 obj.Authorization.Webhook.CacheUnauthorizedTTL = metav1.Duration{Duration: 30 * time.Second} 91 } 92 if obj.RegistryPullQPS == nil { 93 obj.RegistryPullQPS = utilpointer.Int32(5) 94 } 95 if obj.RegistryBurst == 0 { 96 obj.RegistryBurst = 10 97 } 98 if obj.EventRecordQPS == nil { 99 obj.EventRecordQPS = utilpointer.Int32(50) 100 } 101 if obj.EventBurst == 0 { 102 obj.EventBurst = 100 103 } 104 if obj.EnableDebuggingHandlers == nil { 105 obj.EnableDebuggingHandlers = utilpointer.Bool(true) 106 } 107 if obj.HealthzPort == nil { 108 obj.HealthzPort = utilpointer.Int32(10248) 109 } 110 if obj.HealthzBindAddress == "" { 111 obj.HealthzBindAddress = "127.0.0.1" 112 } 113 if obj.OOMScoreAdj == nil { 114 obj.OOMScoreAdj = utilpointer.Int32(int32(qos.KubeletOOMScoreAdj)) 115 } 116 if obj.StreamingConnectionIdleTimeout == zeroDuration { 117 obj.StreamingConnectionIdleTimeout = metav1.Duration{Duration: 4 * time.Hour} 118 } 119 if obj.NodeStatusReportFrequency == zeroDuration { 120 // For backward compatibility, NodeStatusReportFrequency's default value is 121 // set to NodeStatusUpdateFrequency if NodeStatusUpdateFrequency is set 122 // explicitly. 123 if obj.NodeStatusUpdateFrequency == zeroDuration { 124 obj.NodeStatusReportFrequency = metav1.Duration{Duration: 5 * time.Minute} 125 } else { 126 obj.NodeStatusReportFrequency = obj.NodeStatusUpdateFrequency 127 } 128 } 129 if obj.NodeStatusUpdateFrequency == zeroDuration { 130 obj.NodeStatusUpdateFrequency = metav1.Duration{Duration: 10 * time.Second} 131 } 132 if obj.NodeLeaseDurationSeconds == 0 { 133 obj.NodeLeaseDurationSeconds = 40 134 } 135 if obj.ImageMinimumGCAge == zeroDuration { 136 obj.ImageMinimumGCAge = metav1.Duration{Duration: 2 * time.Minute} 137 } 138 if obj.ImageGCHighThresholdPercent == nil { 139 // default is below docker's default dm.min_free_space of 90% 140 obj.ImageGCHighThresholdPercent = utilpointer.Int32(85) 141 } 142 if obj.ImageGCLowThresholdPercent == nil { 143 obj.ImageGCLowThresholdPercent = utilpointer.Int32(80) 144 } 145 if obj.VolumeStatsAggPeriod == zeroDuration { 146 obj.VolumeStatsAggPeriod = metav1.Duration{Duration: time.Minute} 147 } 148 if obj.CgroupsPerQOS == nil { 149 obj.CgroupsPerQOS = utilpointer.Bool(true) 150 } 151 if obj.CgroupDriver == "" { 152 obj.CgroupDriver = "cgroupfs" 153 } 154 if obj.CPUManagerPolicy == "" { 155 obj.CPUManagerPolicy = "none" 156 } 157 if obj.CPUManagerReconcilePeriod == zeroDuration { 158 // Keep the same as default NodeStatusUpdateFrequency 159 obj.CPUManagerReconcilePeriod = metav1.Duration{Duration: 10 * time.Second} 160 } 161 if obj.MemoryManagerPolicy == "" { 162 obj.MemoryManagerPolicy = kubeletconfigv1beta1.NoneMemoryManagerPolicy 163 } 164 if obj.TopologyManagerPolicy == "" { 165 obj.TopologyManagerPolicy = kubeletconfigv1beta1.NoneTopologyManagerPolicy 166 } 167 if obj.TopologyManagerScope == "" { 168 obj.TopologyManagerScope = kubeletconfigv1beta1.ContainerTopologyManagerScope 169 } 170 if obj.RuntimeRequestTimeout == zeroDuration { 171 obj.RuntimeRequestTimeout = metav1.Duration{Duration: 2 * time.Minute} 172 } 173 if obj.HairpinMode == "" { 174 obj.HairpinMode = kubeletconfigv1beta1.PromiscuousBridge 175 } 176 if obj.MaxPods == 0 { 177 obj.MaxPods = 110 178 } 179 // default nil or negative value to -1 (implies node allocatable pid limit) 180 if obj.PodPidsLimit == nil || *obj.PodPidsLimit < int64(0) { 181 obj.PodPidsLimit = utilpointer.Int64(-1) 182 } 183 184 if obj.ResolverConfig == nil { 185 obj.ResolverConfig = utilpointer.String(kubetypes.ResolvConfDefault) 186 } 187 if obj.CPUCFSQuota == nil { 188 obj.CPUCFSQuota = utilpointer.Bool(true) 189 } 190 if obj.CPUCFSQuotaPeriod == nil { 191 obj.CPUCFSQuotaPeriod = &metav1.Duration{Duration: 100 * time.Millisecond} 192 } 193 if obj.NodeStatusMaxImages == nil { 194 obj.NodeStatusMaxImages = utilpointer.Int32(50) 195 } 196 if obj.MaxOpenFiles == 0 { 197 obj.MaxOpenFiles = 1000000 198 } 199 if obj.ContentType == "" { 200 obj.ContentType = "application/vnd.kubernetes.protobuf" 201 } 202 if obj.KubeAPIQPS == nil { 203 obj.KubeAPIQPS = utilpointer.Int32(50) 204 } 205 if obj.KubeAPIBurst == 0 { 206 obj.KubeAPIBurst = 100 207 } 208 if obj.SerializeImagePulls == nil { 209 // SerializeImagePulls is default to true when MaxParallelImagePulls 210 // is not set, and false when MaxParallelImagePulls is set. 211 // This is to save users from having to set both configs. 212 if obj.MaxParallelImagePulls == nil || *obj.MaxParallelImagePulls < 2 { 213 obj.SerializeImagePulls = utilpointer.Bool(true) 214 } else { 215 obj.SerializeImagePulls = utilpointer.Bool(false) 216 } 217 } 218 if obj.EvictionPressureTransitionPeriod == zeroDuration { 219 obj.EvictionPressureTransitionPeriod = metav1.Duration{Duration: 5 * time.Minute} 220 } 221 if obj.EnableControllerAttachDetach == nil { 222 obj.EnableControllerAttachDetach = utilpointer.Bool(true) 223 } 224 if obj.MakeIPTablesUtilChains == nil { 225 obj.MakeIPTablesUtilChains = utilpointer.Bool(true) 226 } 227 if obj.IPTablesMasqueradeBit == nil { 228 obj.IPTablesMasqueradeBit = utilpointer.Int32(DefaultIPTablesMasqueradeBit) 229 } 230 if obj.IPTablesDropBit == nil { 231 obj.IPTablesDropBit = utilpointer.Int32(DefaultIPTablesDropBit) 232 } 233 if obj.FailSwapOn == nil { 234 obj.FailSwapOn = utilpointer.Bool(true) 235 } 236 if obj.ContainerLogMaxSize == "" { 237 obj.ContainerLogMaxSize = "10Mi" 238 } 239 if obj.ContainerLogMaxFiles == nil { 240 obj.ContainerLogMaxFiles = utilpointer.Int32(5) 241 } 242 if obj.ConfigMapAndSecretChangeDetectionStrategy == "" { 243 obj.ConfigMapAndSecretChangeDetectionStrategy = kubeletconfigv1beta1.WatchChangeDetectionStrategy 244 } 245 if obj.EnforceNodeAllocatable == nil { 246 obj.EnforceNodeAllocatable = DefaultNodeAllocatableEnforcement 247 } 248 if obj.VolumePluginDir == "" { 249 obj.VolumePluginDir = DefaultVolumePluginDir 250 } 251 // Use the Default LoggingConfiguration option 252 logsapi.SetRecommendedLoggingConfiguration(&obj.Logging) 253 if obj.EnableSystemLogHandler == nil { 254 obj.EnableSystemLogHandler = utilpointer.Bool(true) 255 } 256 if obj.EnableProfilingHandler == nil { 257 obj.EnableProfilingHandler = utilpointer.Bool(true) 258 } 259 if obj.EnableDebugFlagsHandler == nil { 260 obj.EnableDebugFlagsHandler = utilpointer.Bool(true) 261 } 262 if obj.SeccompDefault == nil { 263 obj.SeccompDefault = utilpointer.Bool(false) 264 } 265 if obj.MemoryThrottlingFactor == nil { 266 obj.MemoryThrottlingFactor = utilpointer.Float64(DefaultMemoryThrottlingFactor) 267 } 268 if obj.RegisterNode == nil { 269 obj.RegisterNode = utilpointer.Bool(true) 270 } 271 if obj.LocalStorageCapacityIsolation == nil { 272 obj.LocalStorageCapacityIsolation = utilpointer.Bool(true) 273 } 274 if obj.ContainerRuntimeEndpoint == "" { 275 obj.ContainerRuntimeEndpoint = "unix:///run/containerd/containerd.sock" 276 } 277 }