k8s.io/kubernetes@v1.29.3/pkg/kubelet/apis/config/v1beta1/defaults_test.go (about) 1 /* 2 Copyright 2021 The Kubernetes Authors. 3 4 Licensed under the Apache License, Version 2.0 (the "License"); 5 you may not use this file except in compliance with the License. 6 You may obtain a copy of the License at 7 8 http://www.apache.org/licenses/LICENSE-2.0 9 10 Unless required by applicable law or agreed to in writing, software 11 distributed under the License is distributed on an "AS IS" BASIS, 12 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 See the License for the specific language governing permissions and 14 limitations under the License. 15 */ 16 17 package v1beta1 18 19 import ( 20 "testing" 21 "time" 22 23 "github.com/google/go-cmp/cmp" 24 25 v1 "k8s.io/api/core/v1" 26 "k8s.io/apimachinery/pkg/api/resource" 27 metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" 28 logsapi "k8s.io/component-base/logs/api/v1" 29 "k8s.io/kubelet/config/v1beta1" 30 "k8s.io/kubernetes/pkg/cluster/ports" 31 "k8s.io/kubernetes/pkg/kubelet/qos" 32 kubetypes "k8s.io/kubernetes/pkg/kubelet/types" 33 utilpointer "k8s.io/utils/pointer" 34 ) 35 36 func TestSetDefaultsKubeletConfiguration(t *testing.T) { 37 38 tests := []struct { 39 name string 40 config *v1beta1.KubeletConfiguration 41 expected *v1beta1.KubeletConfiguration 42 }{ 43 { 44 "empty config", 45 &v1beta1.KubeletConfiguration{}, 46 &v1beta1.KubeletConfiguration{ 47 EnableServer: utilpointer.Bool(true), 48 SyncFrequency: metav1.Duration{Duration: 1 * time.Minute}, 49 FileCheckFrequency: metav1.Duration{Duration: 20 * time.Second}, 50 HTTPCheckFrequency: metav1.Duration{Duration: 20 * time.Second}, 51 Address: "0.0.0.0", 52 Port: ports.KubeletPort, 53 Authentication: v1beta1.KubeletAuthentication{ 54 Anonymous: v1beta1.KubeletAnonymousAuthentication{Enabled: utilpointer.Bool(false)}, 55 Webhook: v1beta1.KubeletWebhookAuthentication{ 56 Enabled: utilpointer.Bool(true), 57 CacheTTL: metav1.Duration{Duration: 2 * time.Minute}, 58 }, 59 }, 60 Authorization: v1beta1.KubeletAuthorization{ 61 Mode: v1beta1.KubeletAuthorizationModeWebhook, 62 Webhook: v1beta1.KubeletWebhookAuthorization{ 63 CacheAuthorizedTTL: metav1.Duration{Duration: 5 * time.Minute}, 64 CacheUnauthorizedTTL: metav1.Duration{Duration: 30 * time.Second}, 65 }, 66 }, 67 RegistryPullQPS: utilpointer.Int32(5), 68 RegistryBurst: 10, 69 EventRecordQPS: utilpointer.Int32(50), 70 EventBurst: 100, 71 EnableDebuggingHandlers: utilpointer.Bool(true), 72 HealthzPort: utilpointer.Int32(10248), 73 HealthzBindAddress: "127.0.0.1", 74 OOMScoreAdj: utilpointer.Int32(int32(qos.KubeletOOMScoreAdj)), 75 StreamingConnectionIdleTimeout: metav1.Duration{Duration: 4 * time.Hour}, 76 NodeStatusUpdateFrequency: metav1.Duration{Duration: 10 * time.Second}, 77 NodeStatusReportFrequency: metav1.Duration{Duration: 5 * time.Minute}, 78 NodeLeaseDurationSeconds: 40, 79 ImageMinimumGCAge: metav1.Duration{Duration: 2 * time.Minute}, 80 ImageMaximumGCAge: metav1.Duration{}, 81 ImageGCHighThresholdPercent: utilpointer.Int32(85), 82 ImageGCLowThresholdPercent: utilpointer.Int32(80), 83 ContainerRuntimeEndpoint: "unix:///run/containerd/containerd.sock", 84 VolumeStatsAggPeriod: metav1.Duration{Duration: time.Minute}, 85 CgroupsPerQOS: utilpointer.Bool(true), 86 CgroupDriver: "cgroupfs", 87 CPUManagerPolicy: "none", 88 CPUManagerReconcilePeriod: metav1.Duration{Duration: 10 * time.Second}, 89 MemoryManagerPolicy: v1beta1.NoneMemoryManagerPolicy, 90 TopologyManagerPolicy: v1beta1.NoneTopologyManagerPolicy, 91 TopologyManagerScope: v1beta1.ContainerTopologyManagerScope, 92 RuntimeRequestTimeout: metav1.Duration{Duration: 2 * time.Minute}, 93 HairpinMode: v1beta1.PromiscuousBridge, 94 MaxPods: 110, 95 PodPidsLimit: utilpointer.Int64(-1), 96 ResolverConfig: utilpointer.String(kubetypes.ResolvConfDefault), 97 CPUCFSQuota: utilpointer.Bool(true), 98 CPUCFSQuotaPeriod: &metav1.Duration{Duration: 100 * time.Millisecond}, 99 NodeStatusMaxImages: utilpointer.Int32(50), 100 MaxOpenFiles: 1000000, 101 ContentType: "application/vnd.kubernetes.protobuf", 102 KubeAPIQPS: utilpointer.Int32(50), 103 KubeAPIBurst: 100, 104 SerializeImagePulls: utilpointer.Bool(true), 105 MaxParallelImagePulls: nil, 106 EvictionHard: nil, 107 EvictionPressureTransitionPeriod: metav1.Duration{Duration: 5 * time.Minute}, 108 EnableControllerAttachDetach: utilpointer.Bool(true), 109 MakeIPTablesUtilChains: utilpointer.Bool(true), 110 IPTablesMasqueradeBit: utilpointer.Int32(DefaultIPTablesMasqueradeBit), 111 IPTablesDropBit: utilpointer.Int32(DefaultIPTablesDropBit), 112 FailSwapOn: utilpointer.Bool(true), 113 ContainerLogMaxSize: "10Mi", 114 ContainerLogMaxFiles: utilpointer.Int32(5), 115 ConfigMapAndSecretChangeDetectionStrategy: v1beta1.WatchChangeDetectionStrategy, 116 EnforceNodeAllocatable: DefaultNodeAllocatableEnforcement, 117 VolumePluginDir: DefaultVolumePluginDir, 118 Logging: logsapi.LoggingConfiguration{ 119 Format: "text", 120 FlushFrequency: logsapi.TimeOrMetaDuration{Duration: metav1.Duration{Duration: 5 * time.Second}, SerializeAsString: true}, 121 }, 122 EnableSystemLogHandler: utilpointer.Bool(true), 123 EnableProfilingHandler: utilpointer.Bool(true), 124 EnableDebugFlagsHandler: utilpointer.Bool(true), 125 SeccompDefault: utilpointer.Bool(false), 126 MemoryThrottlingFactor: utilpointer.Float64(DefaultMemoryThrottlingFactor), 127 RegisterNode: utilpointer.Bool(true), 128 LocalStorageCapacityIsolation: utilpointer.Bool(true), 129 }, 130 }, 131 { 132 "all negative", 133 &v1beta1.KubeletConfiguration{ 134 EnableServer: utilpointer.Bool(false), 135 StaticPodPath: "", 136 SyncFrequency: zeroDuration, 137 FileCheckFrequency: zeroDuration, 138 HTTPCheckFrequency: zeroDuration, 139 StaticPodURL: "", 140 StaticPodURLHeader: map[string][]string{}, 141 Address: "", 142 Port: 0, 143 ReadOnlyPort: 0, 144 TLSCertFile: "", 145 TLSPrivateKeyFile: "", 146 TLSCipherSuites: []string{}, 147 TLSMinVersion: "", 148 RotateCertificates: false, 149 ServerTLSBootstrap: false, 150 Authentication: v1beta1.KubeletAuthentication{ 151 X509: v1beta1.KubeletX509Authentication{ClientCAFile: ""}, 152 Webhook: v1beta1.KubeletWebhookAuthentication{ 153 Enabled: utilpointer.Bool(false), 154 CacheTTL: zeroDuration, 155 }, 156 Anonymous: v1beta1.KubeletAnonymousAuthentication{Enabled: utilpointer.Bool(false)}, 157 }, 158 Authorization: v1beta1.KubeletAuthorization{ 159 Mode: v1beta1.KubeletAuthorizationModeWebhook, 160 Webhook: v1beta1.KubeletWebhookAuthorization{ 161 CacheAuthorizedTTL: zeroDuration, 162 CacheUnauthorizedTTL: zeroDuration, 163 }, 164 }, 165 RegistryPullQPS: utilpointer.Int32(0), 166 RegistryBurst: 0, 167 EventRecordQPS: utilpointer.Int32(0), 168 EventBurst: 0, 169 EnableDebuggingHandlers: utilpointer.Bool(false), 170 EnableContentionProfiling: false, 171 HealthzPort: utilpointer.Int32(0), 172 HealthzBindAddress: "", 173 OOMScoreAdj: utilpointer.Int32(0), 174 ClusterDomain: "", 175 ClusterDNS: []string{}, 176 StreamingConnectionIdleTimeout: zeroDuration, 177 NodeStatusUpdateFrequency: zeroDuration, 178 NodeStatusReportFrequency: zeroDuration, 179 NodeLeaseDurationSeconds: 0, 180 ContainerRuntimeEndpoint: "unix:///run/containerd/containerd.sock", 181 ImageMinimumGCAge: zeroDuration, 182 ImageGCHighThresholdPercent: utilpointer.Int32(0), 183 ImageGCLowThresholdPercent: utilpointer.Int32(0), 184 VolumeStatsAggPeriod: zeroDuration, 185 KubeletCgroups: "", 186 SystemCgroups: "", 187 CgroupRoot: "", 188 CgroupsPerQOS: utilpointer.Bool(false), 189 CgroupDriver: "", 190 CPUManagerPolicy: "", 191 CPUManagerPolicyOptions: map[string]string{}, 192 CPUManagerReconcilePeriod: zeroDuration, 193 MemoryManagerPolicy: "", 194 TopologyManagerPolicy: "", 195 TopologyManagerScope: "", 196 QOSReserved: map[string]string{}, 197 RuntimeRequestTimeout: zeroDuration, 198 HairpinMode: "", 199 MaxPods: 0, 200 PodCIDR: "", 201 PodPidsLimit: utilpointer.Int64(0), 202 ResolverConfig: utilpointer.String(""), 203 RunOnce: false, 204 CPUCFSQuota: utilpointer.Bool(false), 205 CPUCFSQuotaPeriod: &zeroDuration, 206 NodeStatusMaxImages: utilpointer.Int32(0), 207 MaxOpenFiles: 0, 208 ContentType: "", 209 KubeAPIQPS: utilpointer.Int32(0), 210 KubeAPIBurst: 0, 211 SerializeImagePulls: utilpointer.Bool(false), 212 MaxParallelImagePulls: nil, 213 EvictionHard: map[string]string{}, 214 EvictionSoft: map[string]string{}, 215 EvictionSoftGracePeriod: map[string]string{}, 216 EvictionPressureTransitionPeriod: zeroDuration, 217 EvictionMaxPodGracePeriod: 0, 218 EvictionMinimumReclaim: map[string]string{}, 219 PodsPerCore: 0, 220 EnableControllerAttachDetach: utilpointer.Bool(false), 221 ProtectKernelDefaults: false, 222 MakeIPTablesUtilChains: utilpointer.Bool(false), 223 IPTablesMasqueradeBit: utilpointer.Int32(0), 224 IPTablesDropBit: utilpointer.Int32(0), 225 FeatureGates: map[string]bool{}, 226 FailSwapOn: utilpointer.Bool(false), 227 MemorySwap: v1beta1.MemorySwapConfiguration{SwapBehavior: ""}, 228 ContainerLogMaxSize: "", 229 ContainerLogMaxFiles: utilpointer.Int32(0), 230 ConfigMapAndSecretChangeDetectionStrategy: v1beta1.WatchChangeDetectionStrategy, 231 SystemReserved: map[string]string{}, 232 KubeReserved: map[string]string{}, 233 ReservedSystemCPUs: "", 234 ShowHiddenMetricsForVersion: "", 235 SystemReservedCgroup: "", 236 KubeReservedCgroup: "", 237 EnforceNodeAllocatable: []string{}, 238 AllowedUnsafeSysctls: []string{}, 239 VolumePluginDir: "", 240 ProviderID: "", 241 KernelMemcgNotification: false, 242 Logging: logsapi.LoggingConfiguration{ 243 Format: "", 244 FlushFrequency: logsapi.TimeOrMetaDuration{Duration: metav1.Duration{Duration: 5 * time.Second}, SerializeAsString: true}, 245 }, 246 EnableSystemLogHandler: utilpointer.Bool(false), 247 ShutdownGracePeriod: zeroDuration, 248 ShutdownGracePeriodCriticalPods: zeroDuration, 249 ReservedMemory: []v1beta1.MemoryReservation{}, 250 EnableProfilingHandler: utilpointer.Bool(false), 251 EnableDebugFlagsHandler: utilpointer.Bool(false), 252 SeccompDefault: utilpointer.Bool(false), 253 MemoryThrottlingFactor: utilpointer.Float64(0), 254 RegisterNode: utilpointer.Bool(false), 255 LocalStorageCapacityIsolation: utilpointer.Bool(false), 256 }, 257 &v1beta1.KubeletConfiguration{ 258 EnableServer: utilpointer.Bool(false), 259 SyncFrequency: metav1.Duration{Duration: 1 * time.Minute}, 260 FileCheckFrequency: metav1.Duration{Duration: 20 * time.Second}, 261 HTTPCheckFrequency: metav1.Duration{Duration: 20 * time.Second}, 262 StaticPodURLHeader: map[string][]string{}, 263 Address: "0.0.0.0", 264 Port: 10250, 265 TLSCipherSuites: []string{}, 266 Authentication: v1beta1.KubeletAuthentication{ 267 X509: v1beta1.KubeletX509Authentication{ClientCAFile: ""}, 268 Webhook: v1beta1.KubeletWebhookAuthentication{ 269 Enabled: utilpointer.Bool(false), 270 CacheTTL: metav1.Duration{Duration: 2 * time.Minute}, 271 }, 272 Anonymous: v1beta1.KubeletAnonymousAuthentication{Enabled: utilpointer.Bool(false)}, 273 }, 274 Authorization: v1beta1.KubeletAuthorization{ 275 Mode: v1beta1.KubeletAuthorizationModeWebhook, 276 Webhook: v1beta1.KubeletWebhookAuthorization{ 277 CacheAuthorizedTTL: metav1.Duration{Duration: 5 * time.Minute}, 278 CacheUnauthorizedTTL: metav1.Duration{Duration: 30 * time.Second}, 279 }, 280 }, 281 RegistryPullQPS: utilpointer.Int32(0), 282 RegistryBurst: 10, 283 EventRecordQPS: utilpointer.Int32(0), 284 EventBurst: 100, 285 EnableDebuggingHandlers: utilpointer.Bool(false), 286 HealthzPort: utilpointer.Int32(0), 287 HealthzBindAddress: "127.0.0.1", 288 OOMScoreAdj: utilpointer.Int32(0), 289 ClusterDNS: []string{}, 290 StreamingConnectionIdleTimeout: metav1.Duration{Duration: 4 * time.Hour}, 291 NodeStatusUpdateFrequency: metav1.Duration{Duration: 10 * time.Second}, 292 NodeStatusReportFrequency: metav1.Duration{Duration: 5 * time.Minute}, 293 NodeLeaseDurationSeconds: 40, 294 ContainerRuntimeEndpoint: "unix:///run/containerd/containerd.sock", 295 ImageMinimumGCAge: metav1.Duration{Duration: 2 * time.Minute}, 296 ImageGCHighThresholdPercent: utilpointer.Int32(0), 297 ImageGCLowThresholdPercent: utilpointer.Int32(0), 298 VolumeStatsAggPeriod: metav1.Duration{Duration: time.Minute}, 299 CgroupsPerQOS: utilpointer.Bool(false), 300 CgroupDriver: "cgroupfs", 301 CPUManagerPolicy: "none", 302 CPUManagerPolicyOptions: map[string]string{}, 303 CPUManagerReconcilePeriod: metav1.Duration{Duration: 10 * time.Second}, 304 MemoryManagerPolicy: v1beta1.NoneMemoryManagerPolicy, 305 TopologyManagerPolicy: v1beta1.NoneTopologyManagerPolicy, 306 TopologyManagerScope: v1beta1.ContainerTopologyManagerScope, 307 QOSReserved: map[string]string{}, 308 RuntimeRequestTimeout: metav1.Duration{Duration: 2 * time.Minute}, 309 HairpinMode: v1beta1.PromiscuousBridge, 310 MaxPods: 110, 311 PodPidsLimit: utilpointer.Int64(0), 312 ResolverConfig: utilpointer.String(""), 313 CPUCFSQuota: utilpointer.Bool(false), 314 CPUCFSQuotaPeriod: &zeroDuration, 315 NodeStatusMaxImages: utilpointer.Int32(0), 316 MaxOpenFiles: 1000000, 317 ContentType: "application/vnd.kubernetes.protobuf", 318 KubeAPIQPS: utilpointer.Int32(0), 319 KubeAPIBurst: 100, 320 SerializeImagePulls: utilpointer.Bool(false), 321 MaxParallelImagePulls: nil, 322 EvictionHard: map[string]string{}, 323 EvictionSoft: map[string]string{}, 324 EvictionSoftGracePeriod: map[string]string{}, 325 EvictionPressureTransitionPeriod: metav1.Duration{Duration: 5 * time.Minute}, 326 EvictionMinimumReclaim: map[string]string{}, 327 EnableControllerAttachDetach: utilpointer.Bool(false), 328 MakeIPTablesUtilChains: utilpointer.Bool(false), 329 IPTablesMasqueradeBit: utilpointer.Int32(0), 330 IPTablesDropBit: utilpointer.Int32(0), 331 FeatureGates: map[string]bool{}, 332 FailSwapOn: utilpointer.Bool(false), 333 MemorySwap: v1beta1.MemorySwapConfiguration{SwapBehavior: ""}, 334 ContainerLogMaxSize: "10Mi", 335 ContainerLogMaxFiles: utilpointer.Int32(0), 336 ConfigMapAndSecretChangeDetectionStrategy: v1beta1.WatchChangeDetectionStrategy, 337 SystemReserved: map[string]string{}, 338 KubeReserved: map[string]string{}, 339 EnforceNodeAllocatable: []string{}, 340 AllowedUnsafeSysctls: []string{}, 341 VolumePluginDir: DefaultVolumePluginDir, 342 Logging: logsapi.LoggingConfiguration{ 343 Format: "text", 344 FlushFrequency: logsapi.TimeOrMetaDuration{Duration: metav1.Duration{Duration: 5 * time.Second}, SerializeAsString: true}, 345 }, 346 EnableSystemLogHandler: utilpointer.Bool(false), 347 ReservedMemory: []v1beta1.MemoryReservation{}, 348 EnableProfilingHandler: utilpointer.Bool(false), 349 EnableDebugFlagsHandler: utilpointer.Bool(false), 350 SeccompDefault: utilpointer.Bool(false), 351 MemoryThrottlingFactor: utilpointer.Float64(0), 352 RegisterNode: utilpointer.Bool(false), 353 LocalStorageCapacityIsolation: utilpointer.Bool(false), 354 }, 355 }, 356 { 357 "all positive", 358 &v1beta1.KubeletConfiguration{ 359 EnableServer: utilpointer.Bool(true), 360 StaticPodPath: "static/pod/path", 361 SyncFrequency: metav1.Duration{Duration: 60 * time.Second}, 362 FileCheckFrequency: metav1.Duration{Duration: 60 * time.Second}, 363 HTTPCheckFrequency: metav1.Duration{Duration: 60 * time.Second}, 364 StaticPodURL: "static-pod-url", 365 StaticPodURLHeader: map[string][]string{"Static-Pod-URL-Header": {"true"}}, 366 Address: "192.168.1.2", 367 Port: 10250, 368 ReadOnlyPort: 10251, 369 TLSCertFile: "tls-cert-file", 370 TLSPrivateKeyFile: "tls-private-key-file", 371 TLSCipherSuites: []string{"TLS_AES_128_GCM_SHA256"}, 372 TLSMinVersion: "1.3", 373 RotateCertificates: true, 374 ServerTLSBootstrap: true, 375 Authentication: v1beta1.KubeletAuthentication{ 376 X509: v1beta1.KubeletX509Authentication{ClientCAFile: "client-ca-file"}, 377 Webhook: v1beta1.KubeletWebhookAuthentication{ 378 Enabled: utilpointer.Bool(true), 379 CacheTTL: metav1.Duration{Duration: 60 * time.Second}, 380 }, 381 Anonymous: v1beta1.KubeletAnonymousAuthentication{Enabled: utilpointer.Bool(true)}, 382 }, 383 Authorization: v1beta1.KubeletAuthorization{ 384 Mode: v1beta1.KubeletAuthorizationModeAlwaysAllow, 385 Webhook: v1beta1.KubeletWebhookAuthorization{ 386 CacheAuthorizedTTL: metav1.Duration{Duration: 60 * time.Second}, 387 CacheUnauthorizedTTL: metav1.Duration{Duration: 60 * time.Second}, 388 }, 389 }, 390 RegistryPullQPS: utilpointer.Int32(1), 391 RegistryBurst: 1, 392 EventRecordQPS: utilpointer.Int32(1), 393 EventBurst: 1, 394 EnableDebuggingHandlers: utilpointer.Bool(true), 395 EnableContentionProfiling: true, 396 HealthzPort: utilpointer.Int32(1), 397 HealthzBindAddress: "127.0.0.2", 398 OOMScoreAdj: utilpointer.Int32(1), 399 ClusterDomain: "cluster-domain", 400 ClusterDNS: []string{"192.168.1.3"}, 401 StreamingConnectionIdleTimeout: metav1.Duration{Duration: 60 * time.Second}, 402 NodeStatusUpdateFrequency: metav1.Duration{Duration: 60 * time.Second}, 403 NodeStatusReportFrequency: metav1.Duration{Duration: 60 * time.Second}, 404 NodeLeaseDurationSeconds: 1, 405 ContainerRuntimeEndpoint: "unix:///run/containerd/containerd.sock", 406 ImageMinimumGCAge: metav1.Duration{Duration: 60 * time.Second}, 407 ImageGCHighThresholdPercent: utilpointer.Int32(1), 408 ImageGCLowThresholdPercent: utilpointer.Int32(1), 409 VolumeStatsAggPeriod: metav1.Duration{Duration: 60 * time.Second}, 410 KubeletCgroups: "kubelet-cgroup", 411 SystemCgroups: "system-cgroup", 412 CgroupRoot: "root-cgroup", 413 CgroupsPerQOS: utilpointer.Bool(true), 414 CgroupDriver: "systemd", 415 CPUManagerPolicy: "cpu-manager-policy", 416 CPUManagerPolicyOptions: map[string]string{"key": "value"}, 417 CPUManagerReconcilePeriod: metav1.Duration{Duration: 60 * time.Second}, 418 MemoryManagerPolicy: v1beta1.StaticMemoryManagerPolicy, 419 TopologyManagerPolicy: v1beta1.RestrictedTopologyManagerPolicy, 420 TopologyManagerScope: v1beta1.PodTopologyManagerScope, 421 QOSReserved: map[string]string{"memory": "10%"}, 422 RuntimeRequestTimeout: metav1.Duration{Duration: 60 * time.Second}, 423 HairpinMode: v1beta1.HairpinVeth, 424 MaxPods: 1, 425 PodCIDR: "192.168.1.0/24", 426 PodPidsLimit: utilpointer.Int64(1), 427 ResolverConfig: utilpointer.String("resolver-config"), 428 RunOnce: true, 429 CPUCFSQuota: utilpointer.Bool(true), 430 CPUCFSQuotaPeriod: &metav1.Duration{Duration: 60 * time.Second}, 431 NodeStatusMaxImages: utilpointer.Int32(1), 432 MaxOpenFiles: 1, 433 ContentType: "application/protobuf", 434 KubeAPIQPS: utilpointer.Int32(1), 435 KubeAPIBurst: 1, 436 SerializeImagePulls: utilpointer.Bool(true), 437 MaxParallelImagePulls: utilpointer.Int32(5), 438 EvictionHard: map[string]string{ 439 "memory.available": "1Mi", 440 "nodefs.available": "1%", 441 "imagefs.available": "1%", 442 }, 443 EvictionSoft: map[string]string{ 444 "memory.available": "2Mi", 445 "nodefs.available": "2%", 446 "imagefs.available": "2%", 447 }, 448 EvictionSoftGracePeriod: map[string]string{ 449 "memory.available": "60s", 450 "nodefs.available": "60s", 451 "imagefs.available": "60s", 452 }, 453 EvictionPressureTransitionPeriod: metav1.Duration{Duration: 60 * time.Second}, 454 EvictionMaxPodGracePeriod: 1, 455 EvictionMinimumReclaim: map[string]string{ 456 "imagefs.available": "1Gi", 457 }, 458 PodsPerCore: 1, 459 EnableControllerAttachDetach: utilpointer.Bool(true), 460 ProtectKernelDefaults: true, 461 MakeIPTablesUtilChains: utilpointer.Bool(true), 462 IPTablesMasqueradeBit: utilpointer.Int32(1), 463 IPTablesDropBit: utilpointer.Int32(1), 464 FailSwapOn: utilpointer.Bool(true), 465 MemorySwap: v1beta1.MemorySwapConfiguration{SwapBehavior: "UnlimitedSwap"}, 466 ContainerLogMaxSize: "1Mi", 467 ContainerLogMaxFiles: utilpointer.Int32(1), 468 ConfigMapAndSecretChangeDetectionStrategy: v1beta1.TTLCacheChangeDetectionStrategy, 469 SystemReserved: map[string]string{ 470 "memory": "1Gi", 471 }, 472 KubeReserved: map[string]string{ 473 "memory": "1Gi", 474 }, 475 ReservedSystemCPUs: "0,1", 476 ShowHiddenMetricsForVersion: "1.16", 477 SystemReservedCgroup: "system-reserved-cgroup", 478 KubeReservedCgroup: "kube-reserved-cgroup", 479 EnforceNodeAllocatable: []string{"system-reserved"}, 480 AllowedUnsafeSysctls: []string{"kernel.msg*"}, 481 VolumePluginDir: "volume-plugin-dir", 482 ProviderID: "provider-id", 483 KernelMemcgNotification: true, 484 Logging: logsapi.LoggingConfiguration{ 485 Format: "json", 486 FlushFrequency: logsapi.TimeOrMetaDuration{Duration: metav1.Duration{Duration: 5 * time.Second}, SerializeAsString: true}, 487 }, 488 EnableSystemLogHandler: utilpointer.Bool(true), 489 ShutdownGracePeriod: metav1.Duration{Duration: 60 * time.Second}, 490 ShutdownGracePeriodCriticalPods: metav1.Duration{Duration: 60 * time.Second}, 491 ReservedMemory: []v1beta1.MemoryReservation{ 492 { 493 NumaNode: 1, 494 Limits: v1.ResourceList{v1.ResourceMemory: resource.MustParse("1Gi")}, 495 }, 496 }, 497 EnableProfilingHandler: utilpointer.Bool(true), 498 EnableDebugFlagsHandler: utilpointer.Bool(true), 499 SeccompDefault: utilpointer.Bool(true), 500 MemoryThrottlingFactor: utilpointer.Float64(1), 501 RegisterNode: utilpointer.Bool(true), 502 LocalStorageCapacityIsolation: utilpointer.Bool(true), 503 }, 504 &v1beta1.KubeletConfiguration{ 505 EnableServer: utilpointer.Bool(true), 506 StaticPodPath: "static/pod/path", 507 SyncFrequency: metav1.Duration{Duration: 60 * time.Second}, 508 FileCheckFrequency: metav1.Duration{Duration: 60 * time.Second}, 509 HTTPCheckFrequency: metav1.Duration{Duration: 60 * time.Second}, 510 StaticPodURL: "static-pod-url", 511 StaticPodURLHeader: map[string][]string{"Static-Pod-URL-Header": {"true"}}, 512 Address: "192.168.1.2", 513 Port: 10250, 514 ReadOnlyPort: 10251, 515 TLSCertFile: "tls-cert-file", 516 TLSPrivateKeyFile: "tls-private-key-file", 517 TLSCipherSuites: []string{"TLS_AES_128_GCM_SHA256"}, 518 TLSMinVersion: "1.3", 519 RotateCertificates: true, 520 ServerTLSBootstrap: true, 521 Authentication: v1beta1.KubeletAuthentication{ 522 X509: v1beta1.KubeletX509Authentication{ClientCAFile: "client-ca-file"}, 523 Webhook: v1beta1.KubeletWebhookAuthentication{ 524 Enabled: utilpointer.Bool(true), 525 CacheTTL: metav1.Duration{Duration: 60 * time.Second}, 526 }, 527 Anonymous: v1beta1.KubeletAnonymousAuthentication{Enabled: utilpointer.Bool(true)}, 528 }, 529 Authorization: v1beta1.KubeletAuthorization{ 530 Mode: v1beta1.KubeletAuthorizationModeAlwaysAllow, 531 Webhook: v1beta1.KubeletWebhookAuthorization{ 532 CacheAuthorizedTTL: metav1.Duration{Duration: 60 * time.Second}, 533 CacheUnauthorizedTTL: metav1.Duration{Duration: 60 * time.Second}, 534 }, 535 }, 536 RegistryPullQPS: utilpointer.Int32(1), 537 RegistryBurst: 1, 538 EventRecordQPS: utilpointer.Int32(1), 539 EventBurst: 1, 540 EnableDebuggingHandlers: utilpointer.Bool(true), 541 EnableContentionProfiling: true, 542 HealthzPort: utilpointer.Int32(1), 543 HealthzBindAddress: "127.0.0.2", 544 OOMScoreAdj: utilpointer.Int32(1), 545 ClusterDomain: "cluster-domain", 546 ClusterDNS: []string{"192.168.1.3"}, 547 StreamingConnectionIdleTimeout: metav1.Duration{Duration: 60 * time.Second}, 548 NodeStatusUpdateFrequency: metav1.Duration{Duration: 60 * time.Second}, 549 NodeStatusReportFrequency: metav1.Duration{Duration: 60 * time.Second}, 550 NodeLeaseDurationSeconds: 1, 551 ContainerRuntimeEndpoint: "unix:///run/containerd/containerd.sock", 552 ImageMinimumGCAge: metav1.Duration{Duration: 60 * time.Second}, 553 ImageGCHighThresholdPercent: utilpointer.Int32(1), 554 ImageGCLowThresholdPercent: utilpointer.Int32(1), 555 VolumeStatsAggPeriod: metav1.Duration{Duration: 60 * time.Second}, 556 KubeletCgroups: "kubelet-cgroup", 557 SystemCgroups: "system-cgroup", 558 CgroupRoot: "root-cgroup", 559 CgroupsPerQOS: utilpointer.Bool(true), 560 CgroupDriver: "systemd", 561 CPUManagerPolicy: "cpu-manager-policy", 562 CPUManagerPolicyOptions: map[string]string{"key": "value"}, 563 CPUManagerReconcilePeriod: metav1.Duration{Duration: 60 * time.Second}, 564 MemoryManagerPolicy: v1beta1.StaticMemoryManagerPolicy, 565 TopologyManagerPolicy: v1beta1.RestrictedTopologyManagerPolicy, 566 TopologyManagerScope: v1beta1.PodTopologyManagerScope, 567 QOSReserved: map[string]string{"memory": "10%"}, 568 RuntimeRequestTimeout: metav1.Duration{Duration: 60 * time.Second}, 569 HairpinMode: v1beta1.HairpinVeth, 570 MaxPods: 1, 571 PodCIDR: "192.168.1.0/24", 572 PodPidsLimit: utilpointer.Int64(1), 573 ResolverConfig: utilpointer.String("resolver-config"), 574 RunOnce: true, 575 CPUCFSQuota: utilpointer.Bool(true), 576 CPUCFSQuotaPeriod: &metav1.Duration{Duration: 60 * time.Second}, 577 NodeStatusMaxImages: utilpointer.Int32(1), 578 MaxOpenFiles: 1, 579 ContentType: "application/protobuf", 580 KubeAPIQPS: utilpointer.Int32(1), 581 KubeAPIBurst: 1, 582 SerializeImagePulls: utilpointer.Bool(true), 583 MaxParallelImagePulls: utilpointer.Int32Ptr(5), 584 EvictionHard: map[string]string{ 585 "memory.available": "1Mi", 586 "nodefs.available": "1%", 587 "imagefs.available": "1%", 588 }, 589 EvictionSoft: map[string]string{ 590 "memory.available": "2Mi", 591 "nodefs.available": "2%", 592 "imagefs.available": "2%", 593 }, 594 EvictionSoftGracePeriod: map[string]string{ 595 "memory.available": "60s", 596 "nodefs.available": "60s", 597 "imagefs.available": "60s", 598 }, 599 EvictionPressureTransitionPeriod: metav1.Duration{Duration: 60 * time.Second}, 600 EvictionMaxPodGracePeriod: 1, 601 EvictionMinimumReclaim: map[string]string{ 602 "imagefs.available": "1Gi", 603 }, 604 PodsPerCore: 1, 605 EnableControllerAttachDetach: utilpointer.Bool(true), 606 ProtectKernelDefaults: true, 607 MakeIPTablesUtilChains: utilpointer.Bool(true), 608 IPTablesMasqueradeBit: utilpointer.Int32(1), 609 IPTablesDropBit: utilpointer.Int32(1), 610 FailSwapOn: utilpointer.Bool(true), 611 MemorySwap: v1beta1.MemorySwapConfiguration{SwapBehavior: "UnlimitedSwap"}, 612 ContainerLogMaxSize: "1Mi", 613 ContainerLogMaxFiles: utilpointer.Int32(1), 614 ConfigMapAndSecretChangeDetectionStrategy: v1beta1.TTLCacheChangeDetectionStrategy, 615 SystemReserved: map[string]string{ 616 "memory": "1Gi", 617 }, 618 KubeReserved: map[string]string{ 619 "memory": "1Gi", 620 }, 621 ReservedSystemCPUs: "0,1", 622 ShowHiddenMetricsForVersion: "1.16", 623 SystemReservedCgroup: "system-reserved-cgroup", 624 KubeReservedCgroup: "kube-reserved-cgroup", 625 EnforceNodeAllocatable: []string{"system-reserved"}, 626 AllowedUnsafeSysctls: []string{"kernel.msg*"}, 627 VolumePluginDir: "volume-plugin-dir", 628 ProviderID: "provider-id", 629 KernelMemcgNotification: true, 630 Logging: logsapi.LoggingConfiguration{ 631 Format: "json", 632 FlushFrequency: logsapi.TimeOrMetaDuration{Duration: metav1.Duration{Duration: 5 * time.Second}, SerializeAsString: true}, 633 }, 634 EnableSystemLogHandler: utilpointer.Bool(true), 635 ShutdownGracePeriod: metav1.Duration{Duration: 60 * time.Second}, 636 ShutdownGracePeriodCriticalPods: metav1.Duration{Duration: 60 * time.Second}, 637 ReservedMemory: []v1beta1.MemoryReservation{ 638 { 639 NumaNode: 1, 640 Limits: v1.ResourceList{v1.ResourceMemory: resource.MustParse("1Gi")}, 641 }, 642 }, 643 EnableProfilingHandler: utilpointer.Bool(true), 644 EnableDebugFlagsHandler: utilpointer.Bool(true), 645 SeccompDefault: utilpointer.Bool(true), 646 MemoryThrottlingFactor: utilpointer.Float64(1), 647 RegisterNode: utilpointer.Bool(true), 648 LocalStorageCapacityIsolation: utilpointer.Bool(true), 649 }, 650 }, 651 { 652 "NodeStatusUpdateFrequency is not zero", 653 &v1beta1.KubeletConfiguration{ 654 NodeStatusUpdateFrequency: metav1.Duration{Duration: 1 * time.Minute}, 655 }, 656 &v1beta1.KubeletConfiguration{ 657 EnableServer: utilpointer.Bool(true), 658 SyncFrequency: metav1.Duration{Duration: 1 * time.Minute}, 659 FileCheckFrequency: metav1.Duration{Duration: 20 * time.Second}, 660 HTTPCheckFrequency: metav1.Duration{Duration: 20 * time.Second}, 661 Address: "0.0.0.0", 662 Port: ports.KubeletPort, 663 Authentication: v1beta1.KubeletAuthentication{ 664 Anonymous: v1beta1.KubeletAnonymousAuthentication{Enabled: utilpointer.Bool(false)}, 665 Webhook: v1beta1.KubeletWebhookAuthentication{ 666 Enabled: utilpointer.Bool(true), 667 CacheTTL: metav1.Duration{Duration: 2 * time.Minute}, 668 }, 669 }, 670 Authorization: v1beta1.KubeletAuthorization{ 671 Mode: v1beta1.KubeletAuthorizationModeWebhook, 672 Webhook: v1beta1.KubeletWebhookAuthorization{ 673 CacheAuthorizedTTL: metav1.Duration{Duration: 5 * time.Minute}, 674 CacheUnauthorizedTTL: metav1.Duration{Duration: 30 * time.Second}, 675 }, 676 }, 677 RegistryPullQPS: utilpointer.Int32(5), 678 RegistryBurst: 10, 679 EventRecordQPS: utilpointer.Int32(50), 680 EventBurst: 100, 681 EnableDebuggingHandlers: utilpointer.Bool(true), 682 HealthzPort: utilpointer.Int32(10248), 683 HealthzBindAddress: "127.0.0.1", 684 OOMScoreAdj: utilpointer.Int32(int32(qos.KubeletOOMScoreAdj)), 685 StreamingConnectionIdleTimeout: metav1.Duration{Duration: 4 * time.Hour}, 686 NodeStatusUpdateFrequency: metav1.Duration{Duration: 1 * time.Minute}, 687 NodeStatusReportFrequency: metav1.Duration{Duration: 1 * time.Minute}, 688 NodeLeaseDurationSeconds: 40, 689 ContainerRuntimeEndpoint: "unix:///run/containerd/containerd.sock", 690 ImageMinimumGCAge: metav1.Duration{Duration: 2 * time.Minute}, 691 ImageGCHighThresholdPercent: utilpointer.Int32(85), 692 ImageGCLowThresholdPercent: utilpointer.Int32(80), 693 VolumeStatsAggPeriod: metav1.Duration{Duration: time.Minute}, 694 CgroupsPerQOS: utilpointer.Bool(true), 695 CgroupDriver: "cgroupfs", 696 CPUManagerPolicy: "none", 697 CPUManagerReconcilePeriod: metav1.Duration{Duration: 10 * time.Second}, 698 MemoryManagerPolicy: v1beta1.NoneMemoryManagerPolicy, 699 TopologyManagerPolicy: v1beta1.NoneTopologyManagerPolicy, 700 TopologyManagerScope: v1beta1.ContainerTopologyManagerScope, 701 RuntimeRequestTimeout: metav1.Duration{Duration: 2 * time.Minute}, 702 HairpinMode: v1beta1.PromiscuousBridge, 703 MaxPods: 110, 704 PodPidsLimit: utilpointer.Int64(-1), 705 ResolverConfig: utilpointer.String(kubetypes.ResolvConfDefault), 706 CPUCFSQuota: utilpointer.Bool(true), 707 CPUCFSQuotaPeriod: &metav1.Duration{Duration: 100 * time.Millisecond}, 708 NodeStatusMaxImages: utilpointer.Int32(50), 709 MaxOpenFiles: 1000000, 710 ContentType: "application/vnd.kubernetes.protobuf", 711 KubeAPIQPS: utilpointer.Int32(50), 712 KubeAPIBurst: 100, 713 SerializeImagePulls: utilpointer.Bool(true), 714 MaxParallelImagePulls: nil, 715 EvictionHard: nil, 716 EvictionPressureTransitionPeriod: metav1.Duration{Duration: 5 * time.Minute}, 717 EnableControllerAttachDetach: utilpointer.Bool(true), 718 MakeIPTablesUtilChains: utilpointer.Bool(true), 719 IPTablesMasqueradeBit: utilpointer.Int32Ptr(DefaultIPTablesMasqueradeBit), 720 IPTablesDropBit: utilpointer.Int32Ptr(DefaultIPTablesDropBit), 721 FailSwapOn: utilpointer.Bool(true), 722 ContainerLogMaxSize: "10Mi", 723 ContainerLogMaxFiles: utilpointer.Int32Ptr(5), 724 ConfigMapAndSecretChangeDetectionStrategy: v1beta1.WatchChangeDetectionStrategy, 725 EnforceNodeAllocatable: DefaultNodeAllocatableEnforcement, 726 VolumePluginDir: DefaultVolumePluginDir, 727 Logging: logsapi.LoggingConfiguration{ 728 Format: "text", 729 FlushFrequency: logsapi.TimeOrMetaDuration{Duration: metav1.Duration{Duration: 5 * time.Second}, SerializeAsString: true}, 730 }, 731 EnableSystemLogHandler: utilpointer.Bool(true), 732 EnableProfilingHandler: utilpointer.Bool(true), 733 EnableDebugFlagsHandler: utilpointer.Bool(true), 734 SeccompDefault: utilpointer.Bool(false), 735 MemoryThrottlingFactor: utilpointer.Float64Ptr(DefaultMemoryThrottlingFactor), 736 RegisterNode: utilpointer.Bool(true), 737 LocalStorageCapacityIsolation: utilpointer.Bool(true), 738 }, 739 }, 740 { 741 "SerializeImagePull defaults to false when MaxParallelImagePulls is larger than 1", 742 &v1beta1.KubeletConfiguration{ 743 MaxParallelImagePulls: utilpointer.Int32(5), 744 }, 745 &v1beta1.KubeletConfiguration{ 746 EnableServer: utilpointer.Bool(true), 747 SyncFrequency: metav1.Duration{Duration: 1 * time.Minute}, 748 FileCheckFrequency: metav1.Duration{Duration: 20 * time.Second}, 749 HTTPCheckFrequency: metav1.Duration{Duration: 20 * time.Second}, 750 Address: "0.0.0.0", 751 Port: ports.KubeletPort, 752 Authentication: v1beta1.KubeletAuthentication{ 753 Anonymous: v1beta1.KubeletAnonymousAuthentication{Enabled: utilpointer.Bool(false)}, 754 Webhook: v1beta1.KubeletWebhookAuthentication{ 755 Enabled: utilpointer.Bool(true), 756 CacheTTL: metav1.Duration{Duration: 2 * time.Minute}, 757 }, 758 }, 759 Authorization: v1beta1.KubeletAuthorization{ 760 Mode: v1beta1.KubeletAuthorizationModeWebhook, 761 Webhook: v1beta1.KubeletWebhookAuthorization{ 762 CacheAuthorizedTTL: metav1.Duration{Duration: 5 * time.Minute}, 763 CacheUnauthorizedTTL: metav1.Duration{Duration: 30 * time.Second}, 764 }, 765 }, 766 RegistryPullQPS: utilpointer.Int32Ptr(5), 767 RegistryBurst: 10, 768 EventRecordQPS: utilpointer.Int32Ptr(50), 769 EventBurst: 100, 770 EnableDebuggingHandlers: utilpointer.Bool(true), 771 HealthzPort: utilpointer.Int32Ptr(10248), 772 HealthzBindAddress: "127.0.0.1", 773 OOMScoreAdj: utilpointer.Int32Ptr(int32(qos.KubeletOOMScoreAdj)), 774 StreamingConnectionIdleTimeout: metav1.Duration{Duration: 4 * time.Hour}, 775 NodeStatusUpdateFrequency: metav1.Duration{Duration: 10 * time.Second}, 776 NodeStatusReportFrequency: metav1.Duration{Duration: 5 * time.Minute}, 777 NodeLeaseDurationSeconds: 40, 778 ContainerRuntimeEndpoint: "unix:///run/containerd/containerd.sock", 779 ImageMinimumGCAge: metav1.Duration{Duration: 2 * time.Minute}, 780 ImageGCHighThresholdPercent: utilpointer.Int32Ptr(85), 781 ImageGCLowThresholdPercent: utilpointer.Int32Ptr(80), 782 VolumeStatsAggPeriod: metav1.Duration{Duration: time.Minute}, 783 CgroupsPerQOS: utilpointer.Bool(true), 784 CgroupDriver: "cgroupfs", 785 CPUManagerPolicy: "none", 786 CPUManagerReconcilePeriod: metav1.Duration{Duration: 10 * time.Second}, 787 MemoryManagerPolicy: v1beta1.NoneMemoryManagerPolicy, 788 TopologyManagerPolicy: v1beta1.NoneTopologyManagerPolicy, 789 TopologyManagerScope: v1beta1.ContainerTopologyManagerScope, 790 RuntimeRequestTimeout: metav1.Duration{Duration: 2 * time.Minute}, 791 HairpinMode: v1beta1.PromiscuousBridge, 792 MaxPods: 110, 793 PodPidsLimit: utilpointer.Int64(-1), 794 ResolverConfig: utilpointer.String(kubetypes.ResolvConfDefault), 795 CPUCFSQuota: utilpointer.Bool(true), 796 CPUCFSQuotaPeriod: &metav1.Duration{Duration: 100 * time.Millisecond}, 797 NodeStatusMaxImages: utilpointer.Int32Ptr(50), 798 MaxOpenFiles: 1000000, 799 ContentType: "application/vnd.kubernetes.protobuf", 800 KubeAPIQPS: utilpointer.Int32Ptr(50), 801 KubeAPIBurst: 100, 802 SerializeImagePulls: utilpointer.Bool(false), 803 MaxParallelImagePulls: utilpointer.Int32(5), 804 EvictionHard: nil, 805 EvictionPressureTransitionPeriod: metav1.Duration{Duration: 5 * time.Minute}, 806 EnableControllerAttachDetach: utilpointer.Bool(true), 807 MakeIPTablesUtilChains: utilpointer.Bool(true), 808 IPTablesMasqueradeBit: utilpointer.Int32Ptr(DefaultIPTablesMasqueradeBit), 809 IPTablesDropBit: utilpointer.Int32Ptr(DefaultIPTablesDropBit), 810 FailSwapOn: utilpointer.Bool(true), 811 ContainerLogMaxSize: "10Mi", 812 ContainerLogMaxFiles: utilpointer.Int32Ptr(5), 813 ConfigMapAndSecretChangeDetectionStrategy: v1beta1.WatchChangeDetectionStrategy, 814 EnforceNodeAllocatable: DefaultNodeAllocatableEnforcement, 815 VolumePluginDir: DefaultVolumePluginDir, 816 Logging: logsapi.LoggingConfiguration{ 817 Format: "text", 818 FlushFrequency: logsapi.TimeOrMetaDuration{Duration: metav1.Duration{Duration: 5 * time.Second}, SerializeAsString: true}, 819 }, 820 EnableSystemLogHandler: utilpointer.Bool(true), 821 EnableProfilingHandler: utilpointer.Bool(true), 822 EnableDebugFlagsHandler: utilpointer.Bool(true), 823 SeccompDefault: utilpointer.Bool(false), 824 MemoryThrottlingFactor: utilpointer.Float64Ptr(DefaultMemoryThrottlingFactor), 825 RegisterNode: utilpointer.Bool(true), 826 LocalStorageCapacityIsolation: utilpointer.Bool(true), 827 }, 828 }, 829 { 830 "SerializeImagePull defaults to true when MaxParallelImagePulls is set to 1", 831 &v1beta1.KubeletConfiguration{ 832 MaxParallelImagePulls: utilpointer.Int32(1), 833 }, 834 &v1beta1.KubeletConfiguration{ 835 EnableServer: utilpointer.Bool(true), 836 SyncFrequency: metav1.Duration{Duration: 1 * time.Minute}, 837 FileCheckFrequency: metav1.Duration{Duration: 20 * time.Second}, 838 HTTPCheckFrequency: metav1.Duration{Duration: 20 * time.Second}, 839 Address: "0.0.0.0", 840 Port: ports.KubeletPort, 841 Authentication: v1beta1.KubeletAuthentication{ 842 Anonymous: v1beta1.KubeletAnonymousAuthentication{Enabled: utilpointer.Bool(false)}, 843 Webhook: v1beta1.KubeletWebhookAuthentication{ 844 Enabled: utilpointer.Bool(true), 845 CacheTTL: metav1.Duration{Duration: 2 * time.Minute}, 846 }, 847 }, 848 Authorization: v1beta1.KubeletAuthorization{ 849 Mode: v1beta1.KubeletAuthorizationModeWebhook, 850 Webhook: v1beta1.KubeletWebhookAuthorization{ 851 CacheAuthorizedTTL: metav1.Duration{Duration: 5 * time.Minute}, 852 CacheUnauthorizedTTL: metav1.Duration{Duration: 30 * time.Second}, 853 }, 854 }, 855 RegistryPullQPS: utilpointer.Int32Ptr(5), 856 RegistryBurst: 10, 857 EventRecordQPS: utilpointer.Int32Ptr(50), 858 EventBurst: 100, 859 EnableDebuggingHandlers: utilpointer.Bool(true), 860 HealthzPort: utilpointer.Int32Ptr(10248), 861 HealthzBindAddress: "127.0.0.1", 862 OOMScoreAdj: utilpointer.Int32Ptr(int32(qos.KubeletOOMScoreAdj)), 863 StreamingConnectionIdleTimeout: metav1.Duration{Duration: 4 * time.Hour}, 864 NodeStatusUpdateFrequency: metav1.Duration{Duration: 10 * time.Second}, 865 NodeStatusReportFrequency: metav1.Duration{Duration: 5 * time.Minute}, 866 NodeLeaseDurationSeconds: 40, 867 ContainerRuntimeEndpoint: "unix:///run/containerd/containerd.sock", 868 ImageMinimumGCAge: metav1.Duration{Duration: 2 * time.Minute}, 869 ImageGCHighThresholdPercent: utilpointer.Int32Ptr(85), 870 ImageGCLowThresholdPercent: utilpointer.Int32Ptr(80), 871 VolumeStatsAggPeriod: metav1.Duration{Duration: time.Minute}, 872 CgroupsPerQOS: utilpointer.Bool(true), 873 CgroupDriver: "cgroupfs", 874 CPUManagerPolicy: "none", 875 CPUManagerReconcilePeriod: metav1.Duration{Duration: 10 * time.Second}, 876 MemoryManagerPolicy: v1beta1.NoneMemoryManagerPolicy, 877 TopologyManagerPolicy: v1beta1.NoneTopologyManagerPolicy, 878 TopologyManagerScope: v1beta1.ContainerTopologyManagerScope, 879 RuntimeRequestTimeout: metav1.Duration{Duration: 2 * time.Minute}, 880 HairpinMode: v1beta1.PromiscuousBridge, 881 MaxPods: 110, 882 PodPidsLimit: utilpointer.Int64(-1), 883 ResolverConfig: utilpointer.String(kubetypes.ResolvConfDefault), 884 CPUCFSQuota: utilpointer.Bool(true), 885 CPUCFSQuotaPeriod: &metav1.Duration{Duration: 100 * time.Millisecond}, 886 NodeStatusMaxImages: utilpointer.Int32Ptr(50), 887 MaxOpenFiles: 1000000, 888 ContentType: "application/vnd.kubernetes.protobuf", 889 KubeAPIQPS: utilpointer.Int32Ptr(50), 890 KubeAPIBurst: 100, 891 SerializeImagePulls: utilpointer.Bool(true), 892 MaxParallelImagePulls: utilpointer.Int32(1), 893 EvictionHard: nil, 894 EvictionPressureTransitionPeriod: metav1.Duration{Duration: 5 * time.Minute}, 895 EnableControllerAttachDetach: utilpointer.Bool(true), 896 MakeIPTablesUtilChains: utilpointer.Bool(true), 897 IPTablesMasqueradeBit: utilpointer.Int32(DefaultIPTablesMasqueradeBit), 898 IPTablesDropBit: utilpointer.Int32(DefaultIPTablesDropBit), 899 FailSwapOn: utilpointer.Bool(true), 900 ContainerLogMaxSize: "10Mi", 901 ContainerLogMaxFiles: utilpointer.Int32(5), 902 ConfigMapAndSecretChangeDetectionStrategy: v1beta1.WatchChangeDetectionStrategy, 903 EnforceNodeAllocatable: DefaultNodeAllocatableEnforcement, 904 VolumePluginDir: DefaultVolumePluginDir, 905 Logging: logsapi.LoggingConfiguration{ 906 Format: "text", 907 FlushFrequency: logsapi.TimeOrMetaDuration{Duration: metav1.Duration{Duration: 5 * time.Second}, SerializeAsString: true}, 908 }, 909 EnableSystemLogHandler: utilpointer.Bool(true), 910 EnableProfilingHandler: utilpointer.Bool(true), 911 EnableDebugFlagsHandler: utilpointer.Bool(true), 912 SeccompDefault: utilpointer.Bool(false), 913 MemoryThrottlingFactor: utilpointer.Float64(DefaultMemoryThrottlingFactor), 914 RegisterNode: utilpointer.Bool(true), 915 LocalStorageCapacityIsolation: utilpointer.Bool(true), 916 }, 917 }, 918 } 919 920 for _, tc := range tests { 921 t.Run(tc.name, func(t *testing.T) { 922 SetDefaults_KubeletConfiguration(tc.config) 923 if diff := cmp.Diff(tc.expected, tc.config); diff != "" { 924 t.Errorf("Got unexpected defaults (-want, +got):\n%s", diff) 925 } 926 }) 927 } 928 }