k8s.io/kubernetes@v1.31.0-alpha.0.0.20240520171757-56147500dadc/pkg/kubelet/apis/config/v1beta1/defaults_test.go (about) 1 /* 2 Copyright 2021 The Kubernetes Authors. 3 4 Licensed under the Apache License, Version 2.0 (the "License"); 5 you may not use this file except in compliance with the License. 6 You may obtain a copy of the License at 7 8 http://www.apache.org/licenses/LICENSE-2.0 9 10 Unless required by applicable law or agreed to in writing, software 11 distributed under the License is distributed on an "AS IS" BASIS, 12 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 See the License for the specific language governing permissions and 14 limitations under the License. 15 */ 16 17 package v1beta1 18 19 import ( 20 "testing" 21 "time" 22 23 "github.com/google/go-cmp/cmp" 24 25 v1 "k8s.io/api/core/v1" 26 "k8s.io/apimachinery/pkg/api/resource" 27 metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" 28 logsapi "k8s.io/component-base/logs/api/v1" 29 "k8s.io/kubelet/config/v1beta1" 30 "k8s.io/kubernetes/pkg/cluster/ports" 31 "k8s.io/kubernetes/pkg/kubelet/qos" 32 kubetypes "k8s.io/kubernetes/pkg/kubelet/types" 33 utilpointer "k8s.io/utils/pointer" 34 ) 35 36 func TestSetDefaultsKubeletConfiguration(t *testing.T) { 37 38 tests := []struct { 39 name string 40 config *v1beta1.KubeletConfiguration 41 expected *v1beta1.KubeletConfiguration 42 }{ 43 { 44 "empty config", 45 &v1beta1.KubeletConfiguration{}, 46 &v1beta1.KubeletConfiguration{ 47 EnableServer: utilpointer.Bool(true), 48 SyncFrequency: metav1.Duration{Duration: 1 * time.Minute}, 49 FileCheckFrequency: metav1.Duration{Duration: 20 * time.Second}, 50 HTTPCheckFrequency: metav1.Duration{Duration: 20 * time.Second}, 51 Address: "0.0.0.0", 52 Port: ports.KubeletPort, 53 Authentication: v1beta1.KubeletAuthentication{ 54 Anonymous: v1beta1.KubeletAnonymousAuthentication{Enabled: utilpointer.Bool(false)}, 55 Webhook: v1beta1.KubeletWebhookAuthentication{ 56 Enabled: utilpointer.Bool(true), 57 CacheTTL: metav1.Duration{Duration: 2 * time.Minute}, 58 }, 59 }, 60 Authorization: v1beta1.KubeletAuthorization{ 61 Mode: v1beta1.KubeletAuthorizationModeWebhook, 62 Webhook: v1beta1.KubeletWebhookAuthorization{ 63 CacheAuthorizedTTL: metav1.Duration{Duration: 5 * time.Minute}, 64 CacheUnauthorizedTTL: metav1.Duration{Duration: 30 * time.Second}, 65 }, 66 }, 67 RegistryPullQPS: utilpointer.Int32(5), 68 RegistryBurst: 10, 69 EventRecordQPS: utilpointer.Int32(50), 70 EventBurst: 100, 71 EnableDebuggingHandlers: utilpointer.Bool(true), 72 HealthzPort: utilpointer.Int32(10248), 73 HealthzBindAddress: "127.0.0.1", 74 OOMScoreAdj: utilpointer.Int32(int32(qos.KubeletOOMScoreAdj)), 75 StreamingConnectionIdleTimeout: metav1.Duration{Duration: 4 * time.Hour}, 76 NodeStatusUpdateFrequency: metav1.Duration{Duration: 10 * time.Second}, 77 NodeStatusReportFrequency: metav1.Duration{Duration: 5 * time.Minute}, 78 NodeLeaseDurationSeconds: 40, 79 ImageMinimumGCAge: metav1.Duration{Duration: 2 * time.Minute}, 80 ImageMaximumGCAge: metav1.Duration{}, 81 ImageGCHighThresholdPercent: utilpointer.Int32(85), 82 ImageGCLowThresholdPercent: utilpointer.Int32(80), 83 ContainerRuntimeEndpoint: "unix:///run/containerd/containerd.sock", 84 VolumeStatsAggPeriod: metav1.Duration{Duration: time.Minute}, 85 CgroupsPerQOS: utilpointer.Bool(true), 86 CgroupDriver: "cgroupfs", 87 CPUManagerPolicy: "none", 88 CPUManagerReconcilePeriod: metav1.Duration{Duration: 10 * time.Second}, 89 MemoryManagerPolicy: v1beta1.NoneMemoryManagerPolicy, 90 TopologyManagerPolicy: v1beta1.NoneTopologyManagerPolicy, 91 TopologyManagerScope: v1beta1.ContainerTopologyManagerScope, 92 RuntimeRequestTimeout: metav1.Duration{Duration: 2 * time.Minute}, 93 HairpinMode: v1beta1.PromiscuousBridge, 94 MaxPods: 110, 95 PodPidsLimit: utilpointer.Int64(-1), 96 ResolverConfig: utilpointer.String(kubetypes.ResolvConfDefault), 97 CPUCFSQuota: utilpointer.Bool(true), 98 CPUCFSQuotaPeriod: &metav1.Duration{Duration: 100 * time.Millisecond}, 99 NodeStatusMaxImages: utilpointer.Int32(50), 100 MaxOpenFiles: 1000000, 101 ContentType: "application/vnd.kubernetes.protobuf", 102 KubeAPIQPS: utilpointer.Int32(50), 103 KubeAPIBurst: 100, 104 SerializeImagePulls: utilpointer.Bool(true), 105 MaxParallelImagePulls: nil, 106 EvictionHard: nil, 107 EvictionPressureTransitionPeriod: metav1.Duration{Duration: 5 * time.Minute}, 108 EnableControllerAttachDetach: utilpointer.Bool(true), 109 MakeIPTablesUtilChains: utilpointer.Bool(true), 110 IPTablesMasqueradeBit: utilpointer.Int32(DefaultIPTablesMasqueradeBit), 111 IPTablesDropBit: utilpointer.Int32(DefaultIPTablesDropBit), 112 FailSwapOn: utilpointer.Bool(true), 113 ContainerLogMaxSize: "10Mi", 114 ContainerLogMaxFiles: utilpointer.Int32(5), 115 ContainerLogMaxWorkers: utilpointer.Int32(1), 116 ContainerLogMonitorInterval: &metav1.Duration{Duration: 10 * time.Second}, 117 ConfigMapAndSecretChangeDetectionStrategy: v1beta1.WatchChangeDetectionStrategy, 118 EnforceNodeAllocatable: DefaultNodeAllocatableEnforcement, 119 VolumePluginDir: DefaultVolumePluginDir, 120 Logging: logsapi.LoggingConfiguration{ 121 Format: "text", 122 FlushFrequency: logsapi.TimeOrMetaDuration{Duration: metav1.Duration{Duration: 5 * time.Second}, SerializeAsString: true}, 123 }, 124 EnableSystemLogHandler: utilpointer.Bool(true), 125 EnableProfilingHandler: utilpointer.Bool(true), 126 EnableDebugFlagsHandler: utilpointer.Bool(true), 127 SeccompDefault: utilpointer.Bool(false), 128 MemoryThrottlingFactor: utilpointer.Float64(DefaultMemoryThrottlingFactor), 129 RegisterNode: utilpointer.Bool(true), 130 LocalStorageCapacityIsolation: utilpointer.Bool(true), 131 PodLogsDir: DefaultPodLogsDir, 132 }, 133 }, 134 { 135 "all negative", 136 &v1beta1.KubeletConfiguration{ 137 EnableServer: utilpointer.Bool(false), 138 StaticPodPath: "", 139 SyncFrequency: zeroDuration, 140 FileCheckFrequency: zeroDuration, 141 HTTPCheckFrequency: zeroDuration, 142 StaticPodURL: "", 143 StaticPodURLHeader: map[string][]string{}, 144 Address: "", 145 Port: 0, 146 ReadOnlyPort: 0, 147 TLSCertFile: "", 148 TLSPrivateKeyFile: "", 149 TLSCipherSuites: []string{}, 150 TLSMinVersion: "", 151 RotateCertificates: false, 152 ServerTLSBootstrap: false, 153 Authentication: v1beta1.KubeletAuthentication{ 154 X509: v1beta1.KubeletX509Authentication{ClientCAFile: ""}, 155 Webhook: v1beta1.KubeletWebhookAuthentication{ 156 Enabled: utilpointer.Bool(false), 157 CacheTTL: zeroDuration, 158 }, 159 Anonymous: v1beta1.KubeletAnonymousAuthentication{Enabled: utilpointer.Bool(false)}, 160 }, 161 Authorization: v1beta1.KubeletAuthorization{ 162 Mode: v1beta1.KubeletAuthorizationModeWebhook, 163 Webhook: v1beta1.KubeletWebhookAuthorization{ 164 CacheAuthorizedTTL: zeroDuration, 165 CacheUnauthorizedTTL: zeroDuration, 166 }, 167 }, 168 RegistryPullQPS: utilpointer.Int32(0), 169 RegistryBurst: 0, 170 EventRecordQPS: utilpointer.Int32(0), 171 EventBurst: 0, 172 EnableDebuggingHandlers: utilpointer.Bool(false), 173 EnableContentionProfiling: false, 174 HealthzPort: utilpointer.Int32(0), 175 HealthzBindAddress: "", 176 OOMScoreAdj: utilpointer.Int32(0), 177 ClusterDomain: "", 178 ClusterDNS: []string{}, 179 StreamingConnectionIdleTimeout: zeroDuration, 180 NodeStatusUpdateFrequency: zeroDuration, 181 NodeStatusReportFrequency: zeroDuration, 182 NodeLeaseDurationSeconds: 0, 183 ContainerRuntimeEndpoint: "unix:///run/containerd/containerd.sock", 184 ImageMinimumGCAge: zeroDuration, 185 ImageGCHighThresholdPercent: utilpointer.Int32(0), 186 ImageGCLowThresholdPercent: utilpointer.Int32(0), 187 VolumeStatsAggPeriod: zeroDuration, 188 KubeletCgroups: "", 189 SystemCgroups: "", 190 CgroupRoot: "", 191 CgroupsPerQOS: utilpointer.Bool(false), 192 CgroupDriver: "", 193 CPUManagerPolicy: "", 194 CPUManagerPolicyOptions: map[string]string{}, 195 CPUManagerReconcilePeriod: zeroDuration, 196 MemoryManagerPolicy: "", 197 TopologyManagerPolicy: "", 198 TopologyManagerScope: "", 199 QOSReserved: map[string]string{}, 200 RuntimeRequestTimeout: zeroDuration, 201 HairpinMode: "", 202 MaxPods: 0, 203 PodCIDR: "", 204 PodPidsLimit: utilpointer.Int64(0), 205 ResolverConfig: utilpointer.String(""), 206 RunOnce: false, 207 CPUCFSQuota: utilpointer.Bool(false), 208 CPUCFSQuotaPeriod: &zeroDuration, 209 NodeStatusMaxImages: utilpointer.Int32(0), 210 MaxOpenFiles: 0, 211 ContentType: "", 212 KubeAPIQPS: utilpointer.Int32(0), 213 KubeAPIBurst: 0, 214 SerializeImagePulls: utilpointer.Bool(false), 215 MaxParallelImagePulls: nil, 216 EvictionHard: map[string]string{}, 217 EvictionSoft: map[string]string{}, 218 EvictionSoftGracePeriod: map[string]string{}, 219 EvictionPressureTransitionPeriod: zeroDuration, 220 EvictionMaxPodGracePeriod: 0, 221 EvictionMinimumReclaim: map[string]string{}, 222 PodsPerCore: 0, 223 EnableControllerAttachDetach: utilpointer.Bool(false), 224 ProtectKernelDefaults: false, 225 MakeIPTablesUtilChains: utilpointer.Bool(false), 226 IPTablesMasqueradeBit: utilpointer.Int32(0), 227 IPTablesDropBit: utilpointer.Int32(0), 228 FeatureGates: map[string]bool{}, 229 FailSwapOn: utilpointer.Bool(false), 230 MemorySwap: v1beta1.MemorySwapConfiguration{SwapBehavior: ""}, 231 ContainerLogMaxSize: "", 232 ContainerLogMaxFiles: utilpointer.Int32(0), 233 ContainerLogMaxWorkers: utilpointer.Int32(1), 234 ContainerLogMonitorInterval: &metav1.Duration{Duration: 10 * time.Second}, 235 ConfigMapAndSecretChangeDetectionStrategy: v1beta1.WatchChangeDetectionStrategy, 236 SystemReserved: map[string]string{}, 237 KubeReserved: map[string]string{}, 238 ReservedSystemCPUs: "", 239 ShowHiddenMetricsForVersion: "", 240 SystemReservedCgroup: "", 241 KubeReservedCgroup: "", 242 EnforceNodeAllocatable: []string{}, 243 AllowedUnsafeSysctls: []string{}, 244 VolumePluginDir: "", 245 ProviderID: "", 246 KernelMemcgNotification: false, 247 Logging: logsapi.LoggingConfiguration{ 248 Format: "", 249 FlushFrequency: logsapi.TimeOrMetaDuration{Duration: metav1.Duration{Duration: 5 * time.Second}, SerializeAsString: true}, 250 }, 251 EnableSystemLogHandler: utilpointer.Bool(false), 252 ShutdownGracePeriod: zeroDuration, 253 ShutdownGracePeriodCriticalPods: zeroDuration, 254 ReservedMemory: []v1beta1.MemoryReservation{}, 255 EnableProfilingHandler: utilpointer.Bool(false), 256 EnableDebugFlagsHandler: utilpointer.Bool(false), 257 SeccompDefault: utilpointer.Bool(false), 258 MemoryThrottlingFactor: utilpointer.Float64(0), 259 RegisterNode: utilpointer.Bool(false), 260 LocalStorageCapacityIsolation: utilpointer.Bool(false), 261 PodLogsDir: "", 262 }, 263 &v1beta1.KubeletConfiguration{ 264 EnableServer: utilpointer.Bool(false), 265 SyncFrequency: metav1.Duration{Duration: 1 * time.Minute}, 266 FileCheckFrequency: metav1.Duration{Duration: 20 * time.Second}, 267 HTTPCheckFrequency: metav1.Duration{Duration: 20 * time.Second}, 268 StaticPodURLHeader: map[string][]string{}, 269 Address: "0.0.0.0", 270 Port: 10250, 271 TLSCipherSuites: []string{}, 272 Authentication: v1beta1.KubeletAuthentication{ 273 X509: v1beta1.KubeletX509Authentication{ClientCAFile: ""}, 274 Webhook: v1beta1.KubeletWebhookAuthentication{ 275 Enabled: utilpointer.Bool(false), 276 CacheTTL: metav1.Duration{Duration: 2 * time.Minute}, 277 }, 278 Anonymous: v1beta1.KubeletAnonymousAuthentication{Enabled: utilpointer.Bool(false)}, 279 }, 280 Authorization: v1beta1.KubeletAuthorization{ 281 Mode: v1beta1.KubeletAuthorizationModeWebhook, 282 Webhook: v1beta1.KubeletWebhookAuthorization{ 283 CacheAuthorizedTTL: metav1.Duration{Duration: 5 * time.Minute}, 284 CacheUnauthorizedTTL: metav1.Duration{Duration: 30 * time.Second}, 285 }, 286 }, 287 RegistryPullQPS: utilpointer.Int32(0), 288 RegistryBurst: 10, 289 EventRecordQPS: utilpointer.Int32(0), 290 EventBurst: 100, 291 EnableDebuggingHandlers: utilpointer.Bool(false), 292 HealthzPort: utilpointer.Int32(0), 293 HealthzBindAddress: "127.0.0.1", 294 OOMScoreAdj: utilpointer.Int32(0), 295 ClusterDNS: []string{}, 296 StreamingConnectionIdleTimeout: metav1.Duration{Duration: 4 * time.Hour}, 297 NodeStatusUpdateFrequency: metav1.Duration{Duration: 10 * time.Second}, 298 NodeStatusReportFrequency: metav1.Duration{Duration: 5 * time.Minute}, 299 NodeLeaseDurationSeconds: 40, 300 ContainerRuntimeEndpoint: "unix:///run/containerd/containerd.sock", 301 ImageMinimumGCAge: metav1.Duration{Duration: 2 * time.Minute}, 302 ImageGCHighThresholdPercent: utilpointer.Int32(0), 303 ImageGCLowThresholdPercent: utilpointer.Int32(0), 304 VolumeStatsAggPeriod: metav1.Duration{Duration: time.Minute}, 305 CgroupsPerQOS: utilpointer.Bool(false), 306 CgroupDriver: "cgroupfs", 307 CPUManagerPolicy: "none", 308 CPUManagerPolicyOptions: map[string]string{}, 309 CPUManagerReconcilePeriod: metav1.Duration{Duration: 10 * time.Second}, 310 MemoryManagerPolicy: v1beta1.NoneMemoryManagerPolicy, 311 TopologyManagerPolicy: v1beta1.NoneTopologyManagerPolicy, 312 TopologyManagerScope: v1beta1.ContainerTopologyManagerScope, 313 QOSReserved: map[string]string{}, 314 RuntimeRequestTimeout: metav1.Duration{Duration: 2 * time.Minute}, 315 HairpinMode: v1beta1.PromiscuousBridge, 316 MaxPods: 110, 317 PodPidsLimit: utilpointer.Int64(0), 318 ResolverConfig: utilpointer.String(""), 319 CPUCFSQuota: utilpointer.Bool(false), 320 CPUCFSQuotaPeriod: &zeroDuration, 321 NodeStatusMaxImages: utilpointer.Int32(0), 322 MaxOpenFiles: 1000000, 323 ContentType: "application/vnd.kubernetes.protobuf", 324 KubeAPIQPS: utilpointer.Int32(0), 325 KubeAPIBurst: 100, 326 SerializeImagePulls: utilpointer.Bool(false), 327 MaxParallelImagePulls: nil, 328 EvictionHard: map[string]string{}, 329 EvictionSoft: map[string]string{}, 330 EvictionSoftGracePeriod: map[string]string{}, 331 EvictionPressureTransitionPeriod: metav1.Duration{Duration: 5 * time.Minute}, 332 EvictionMinimumReclaim: map[string]string{}, 333 EnableControllerAttachDetach: utilpointer.Bool(false), 334 MakeIPTablesUtilChains: utilpointer.Bool(false), 335 IPTablesMasqueradeBit: utilpointer.Int32(0), 336 IPTablesDropBit: utilpointer.Int32(0), 337 FeatureGates: map[string]bool{}, 338 FailSwapOn: utilpointer.Bool(false), 339 MemorySwap: v1beta1.MemorySwapConfiguration{SwapBehavior: ""}, 340 ContainerLogMaxSize: "10Mi", 341 ContainerLogMaxFiles: utilpointer.Int32(0), 342 ContainerLogMaxWorkers: utilpointer.Int32(1), 343 ContainerLogMonitorInterval: &metav1.Duration{Duration: 10 * time.Second}, 344 ConfigMapAndSecretChangeDetectionStrategy: v1beta1.WatchChangeDetectionStrategy, 345 SystemReserved: map[string]string{}, 346 KubeReserved: map[string]string{}, 347 EnforceNodeAllocatable: []string{}, 348 AllowedUnsafeSysctls: []string{}, 349 VolumePluginDir: DefaultVolumePluginDir, 350 Logging: logsapi.LoggingConfiguration{ 351 Format: "text", 352 FlushFrequency: logsapi.TimeOrMetaDuration{Duration: metav1.Duration{Duration: 5 * time.Second}, SerializeAsString: true}, 353 }, 354 EnableSystemLogHandler: utilpointer.Bool(false), 355 ReservedMemory: []v1beta1.MemoryReservation{}, 356 EnableProfilingHandler: utilpointer.Bool(false), 357 EnableDebugFlagsHandler: utilpointer.Bool(false), 358 SeccompDefault: utilpointer.Bool(false), 359 MemoryThrottlingFactor: utilpointer.Float64(0), 360 RegisterNode: utilpointer.Bool(false), 361 LocalStorageCapacityIsolation: utilpointer.Bool(false), 362 PodLogsDir: DefaultPodLogsDir, 363 }, 364 }, 365 { 366 "all positive", 367 &v1beta1.KubeletConfiguration{ 368 EnableServer: utilpointer.Bool(true), 369 StaticPodPath: "static/pod/path", 370 SyncFrequency: metav1.Duration{Duration: 60 * time.Second}, 371 FileCheckFrequency: metav1.Duration{Duration: 60 * time.Second}, 372 HTTPCheckFrequency: metav1.Duration{Duration: 60 * time.Second}, 373 StaticPodURL: "static-pod-url", 374 StaticPodURLHeader: map[string][]string{"Static-Pod-URL-Header": {"true"}}, 375 Address: "192.168.1.2", 376 Port: 10250, 377 ReadOnlyPort: 10251, 378 TLSCertFile: "tls-cert-file", 379 TLSPrivateKeyFile: "tls-private-key-file", 380 TLSCipherSuites: []string{"TLS_AES_128_GCM_SHA256"}, 381 TLSMinVersion: "1.3", 382 RotateCertificates: true, 383 ServerTLSBootstrap: true, 384 Authentication: v1beta1.KubeletAuthentication{ 385 X509: v1beta1.KubeletX509Authentication{ClientCAFile: "client-ca-file"}, 386 Webhook: v1beta1.KubeletWebhookAuthentication{ 387 Enabled: utilpointer.Bool(true), 388 CacheTTL: metav1.Duration{Duration: 60 * time.Second}, 389 }, 390 Anonymous: v1beta1.KubeletAnonymousAuthentication{Enabled: utilpointer.Bool(true)}, 391 }, 392 Authorization: v1beta1.KubeletAuthorization{ 393 Mode: v1beta1.KubeletAuthorizationModeAlwaysAllow, 394 Webhook: v1beta1.KubeletWebhookAuthorization{ 395 CacheAuthorizedTTL: metav1.Duration{Duration: 60 * time.Second}, 396 CacheUnauthorizedTTL: metav1.Duration{Duration: 60 * time.Second}, 397 }, 398 }, 399 RegistryPullQPS: utilpointer.Int32(1), 400 RegistryBurst: 1, 401 EventRecordQPS: utilpointer.Int32(1), 402 EventBurst: 1, 403 EnableDebuggingHandlers: utilpointer.Bool(true), 404 EnableContentionProfiling: true, 405 HealthzPort: utilpointer.Int32(1), 406 HealthzBindAddress: "127.0.0.2", 407 OOMScoreAdj: utilpointer.Int32(1), 408 ClusterDomain: "cluster-domain", 409 ClusterDNS: []string{"192.168.1.3"}, 410 StreamingConnectionIdleTimeout: metav1.Duration{Duration: 60 * time.Second}, 411 NodeStatusUpdateFrequency: metav1.Duration{Duration: 60 * time.Second}, 412 NodeStatusReportFrequency: metav1.Duration{Duration: 60 * time.Second}, 413 NodeLeaseDurationSeconds: 1, 414 ContainerRuntimeEndpoint: "unix:///run/containerd/containerd.sock", 415 ImageMinimumGCAge: metav1.Duration{Duration: 60 * time.Second}, 416 ImageGCHighThresholdPercent: utilpointer.Int32(1), 417 ImageGCLowThresholdPercent: utilpointer.Int32(1), 418 VolumeStatsAggPeriod: metav1.Duration{Duration: 60 * time.Second}, 419 KubeletCgroups: "kubelet-cgroup", 420 SystemCgroups: "system-cgroup", 421 CgroupRoot: "root-cgroup", 422 CgroupsPerQOS: utilpointer.Bool(true), 423 CgroupDriver: "systemd", 424 CPUManagerPolicy: "cpu-manager-policy", 425 CPUManagerPolicyOptions: map[string]string{"key": "value"}, 426 CPUManagerReconcilePeriod: metav1.Duration{Duration: 60 * time.Second}, 427 MemoryManagerPolicy: v1beta1.StaticMemoryManagerPolicy, 428 TopologyManagerPolicy: v1beta1.RestrictedTopologyManagerPolicy, 429 TopologyManagerScope: v1beta1.PodTopologyManagerScope, 430 QOSReserved: map[string]string{"memory": "10%"}, 431 RuntimeRequestTimeout: metav1.Duration{Duration: 60 * time.Second}, 432 HairpinMode: v1beta1.HairpinVeth, 433 MaxPods: 1, 434 PodCIDR: "192.168.1.0/24", 435 PodPidsLimit: utilpointer.Int64(1), 436 ResolverConfig: utilpointer.String("resolver-config"), 437 RunOnce: true, 438 CPUCFSQuota: utilpointer.Bool(true), 439 CPUCFSQuotaPeriod: &metav1.Duration{Duration: 60 * time.Second}, 440 NodeStatusMaxImages: utilpointer.Int32(1), 441 MaxOpenFiles: 1, 442 ContentType: "application/protobuf", 443 KubeAPIQPS: utilpointer.Int32(1), 444 KubeAPIBurst: 1, 445 SerializeImagePulls: utilpointer.Bool(true), 446 MaxParallelImagePulls: utilpointer.Int32(5), 447 EvictionHard: map[string]string{ 448 "memory.available": "1Mi", 449 "nodefs.available": "1%", 450 "imagefs.available": "1%", 451 }, 452 EvictionSoft: map[string]string{ 453 "memory.available": "2Mi", 454 "nodefs.available": "2%", 455 "imagefs.available": "2%", 456 }, 457 EvictionSoftGracePeriod: map[string]string{ 458 "memory.available": "60s", 459 "nodefs.available": "60s", 460 "imagefs.available": "60s", 461 }, 462 EvictionPressureTransitionPeriod: metav1.Duration{Duration: 60 * time.Second}, 463 EvictionMaxPodGracePeriod: 1, 464 EvictionMinimumReclaim: map[string]string{ 465 "imagefs.available": "1Gi", 466 }, 467 PodsPerCore: 1, 468 EnableControllerAttachDetach: utilpointer.Bool(true), 469 ProtectKernelDefaults: true, 470 MakeIPTablesUtilChains: utilpointer.Bool(true), 471 IPTablesMasqueradeBit: utilpointer.Int32(1), 472 IPTablesDropBit: utilpointer.Int32(1), 473 FailSwapOn: utilpointer.Bool(true), 474 MemorySwap: v1beta1.MemorySwapConfiguration{SwapBehavior: "NoSwap"}, 475 ContainerLogMaxSize: "1Mi", 476 ContainerLogMaxFiles: utilpointer.Int32(1), 477 ContainerLogMaxWorkers: utilpointer.Int32(1), 478 ContainerLogMonitorInterval: &metav1.Duration{Duration: 10 * time.Second}, 479 ConfigMapAndSecretChangeDetectionStrategy: v1beta1.TTLCacheChangeDetectionStrategy, 480 SystemReserved: map[string]string{ 481 "memory": "1Gi", 482 }, 483 KubeReserved: map[string]string{ 484 "memory": "1Gi", 485 }, 486 ReservedSystemCPUs: "0,1", 487 ShowHiddenMetricsForVersion: "1.16", 488 SystemReservedCgroup: "system-reserved-cgroup", 489 KubeReservedCgroup: "kube-reserved-cgroup", 490 EnforceNodeAllocatable: []string{"system-reserved"}, 491 AllowedUnsafeSysctls: []string{"kernel.msg*"}, 492 VolumePluginDir: "volume-plugin-dir", 493 ProviderID: "provider-id", 494 KernelMemcgNotification: true, 495 Logging: logsapi.LoggingConfiguration{ 496 Format: "json", 497 FlushFrequency: logsapi.TimeOrMetaDuration{Duration: metav1.Duration{Duration: 5 * time.Second}, SerializeAsString: true}, 498 }, 499 EnableSystemLogHandler: utilpointer.Bool(true), 500 ShutdownGracePeriod: metav1.Duration{Duration: 60 * time.Second}, 501 ShutdownGracePeriodCriticalPods: metav1.Duration{Duration: 60 * time.Second}, 502 ReservedMemory: []v1beta1.MemoryReservation{ 503 { 504 NumaNode: 1, 505 Limits: v1.ResourceList{v1.ResourceMemory: resource.MustParse("1Gi")}, 506 }, 507 }, 508 EnableProfilingHandler: utilpointer.Bool(true), 509 EnableDebugFlagsHandler: utilpointer.Bool(true), 510 SeccompDefault: utilpointer.Bool(true), 511 MemoryThrottlingFactor: utilpointer.Float64(1), 512 RegisterNode: utilpointer.Bool(true), 513 LocalStorageCapacityIsolation: utilpointer.Bool(true), 514 PodLogsDir: "/custom/path", 515 }, 516 &v1beta1.KubeletConfiguration{ 517 EnableServer: utilpointer.Bool(true), 518 StaticPodPath: "static/pod/path", 519 SyncFrequency: metav1.Duration{Duration: 60 * time.Second}, 520 FileCheckFrequency: metav1.Duration{Duration: 60 * time.Second}, 521 HTTPCheckFrequency: metav1.Duration{Duration: 60 * time.Second}, 522 StaticPodURL: "static-pod-url", 523 StaticPodURLHeader: map[string][]string{"Static-Pod-URL-Header": {"true"}}, 524 Address: "192.168.1.2", 525 Port: 10250, 526 ReadOnlyPort: 10251, 527 TLSCertFile: "tls-cert-file", 528 TLSPrivateKeyFile: "tls-private-key-file", 529 TLSCipherSuites: []string{"TLS_AES_128_GCM_SHA256"}, 530 TLSMinVersion: "1.3", 531 RotateCertificates: true, 532 ServerTLSBootstrap: true, 533 Authentication: v1beta1.KubeletAuthentication{ 534 X509: v1beta1.KubeletX509Authentication{ClientCAFile: "client-ca-file"}, 535 Webhook: v1beta1.KubeletWebhookAuthentication{ 536 Enabled: utilpointer.Bool(true), 537 CacheTTL: metav1.Duration{Duration: 60 * time.Second}, 538 }, 539 Anonymous: v1beta1.KubeletAnonymousAuthentication{Enabled: utilpointer.Bool(true)}, 540 }, 541 Authorization: v1beta1.KubeletAuthorization{ 542 Mode: v1beta1.KubeletAuthorizationModeAlwaysAllow, 543 Webhook: v1beta1.KubeletWebhookAuthorization{ 544 CacheAuthorizedTTL: metav1.Duration{Duration: 60 * time.Second}, 545 CacheUnauthorizedTTL: metav1.Duration{Duration: 60 * time.Second}, 546 }, 547 }, 548 RegistryPullQPS: utilpointer.Int32(1), 549 RegistryBurst: 1, 550 EventRecordQPS: utilpointer.Int32(1), 551 EventBurst: 1, 552 EnableDebuggingHandlers: utilpointer.Bool(true), 553 EnableContentionProfiling: true, 554 HealthzPort: utilpointer.Int32(1), 555 HealthzBindAddress: "127.0.0.2", 556 OOMScoreAdj: utilpointer.Int32(1), 557 ClusterDomain: "cluster-domain", 558 ClusterDNS: []string{"192.168.1.3"}, 559 StreamingConnectionIdleTimeout: metav1.Duration{Duration: 60 * time.Second}, 560 NodeStatusUpdateFrequency: metav1.Duration{Duration: 60 * time.Second}, 561 NodeStatusReportFrequency: metav1.Duration{Duration: 60 * time.Second}, 562 NodeLeaseDurationSeconds: 1, 563 ContainerRuntimeEndpoint: "unix:///run/containerd/containerd.sock", 564 ImageMinimumGCAge: metav1.Duration{Duration: 60 * time.Second}, 565 ImageGCHighThresholdPercent: utilpointer.Int32(1), 566 ImageGCLowThresholdPercent: utilpointer.Int32(1), 567 VolumeStatsAggPeriod: metav1.Duration{Duration: 60 * time.Second}, 568 KubeletCgroups: "kubelet-cgroup", 569 SystemCgroups: "system-cgroup", 570 CgroupRoot: "root-cgroup", 571 CgroupsPerQOS: utilpointer.Bool(true), 572 CgroupDriver: "systemd", 573 CPUManagerPolicy: "cpu-manager-policy", 574 CPUManagerPolicyOptions: map[string]string{"key": "value"}, 575 CPUManagerReconcilePeriod: metav1.Duration{Duration: 60 * time.Second}, 576 MemoryManagerPolicy: v1beta1.StaticMemoryManagerPolicy, 577 TopologyManagerPolicy: v1beta1.RestrictedTopologyManagerPolicy, 578 TopologyManagerScope: v1beta1.PodTopologyManagerScope, 579 QOSReserved: map[string]string{"memory": "10%"}, 580 RuntimeRequestTimeout: metav1.Duration{Duration: 60 * time.Second}, 581 HairpinMode: v1beta1.HairpinVeth, 582 MaxPods: 1, 583 PodCIDR: "192.168.1.0/24", 584 PodPidsLimit: utilpointer.Int64(1), 585 ResolverConfig: utilpointer.String("resolver-config"), 586 RunOnce: true, 587 CPUCFSQuota: utilpointer.Bool(true), 588 CPUCFSQuotaPeriod: &metav1.Duration{Duration: 60 * time.Second}, 589 NodeStatusMaxImages: utilpointer.Int32(1), 590 MaxOpenFiles: 1, 591 ContentType: "application/protobuf", 592 KubeAPIQPS: utilpointer.Int32(1), 593 KubeAPIBurst: 1, 594 SerializeImagePulls: utilpointer.Bool(true), 595 MaxParallelImagePulls: utilpointer.Int32Ptr(5), 596 EvictionHard: map[string]string{ 597 "memory.available": "1Mi", 598 "nodefs.available": "1%", 599 "imagefs.available": "1%", 600 }, 601 EvictionSoft: map[string]string{ 602 "memory.available": "2Mi", 603 "nodefs.available": "2%", 604 "imagefs.available": "2%", 605 }, 606 EvictionSoftGracePeriod: map[string]string{ 607 "memory.available": "60s", 608 "nodefs.available": "60s", 609 "imagefs.available": "60s", 610 }, 611 EvictionPressureTransitionPeriod: metav1.Duration{Duration: 60 * time.Second}, 612 EvictionMaxPodGracePeriod: 1, 613 EvictionMinimumReclaim: map[string]string{ 614 "imagefs.available": "1Gi", 615 }, 616 PodsPerCore: 1, 617 EnableControllerAttachDetach: utilpointer.Bool(true), 618 ProtectKernelDefaults: true, 619 MakeIPTablesUtilChains: utilpointer.Bool(true), 620 IPTablesMasqueradeBit: utilpointer.Int32(1), 621 IPTablesDropBit: utilpointer.Int32(1), 622 FailSwapOn: utilpointer.Bool(true), 623 MemorySwap: v1beta1.MemorySwapConfiguration{SwapBehavior: "NoSwap"}, 624 ContainerLogMaxSize: "1Mi", 625 ContainerLogMaxFiles: utilpointer.Int32(1), 626 ContainerLogMaxWorkers: utilpointer.Int32(1), 627 ContainerLogMonitorInterval: &metav1.Duration{Duration: 10 * time.Second}, 628 ConfigMapAndSecretChangeDetectionStrategy: v1beta1.TTLCacheChangeDetectionStrategy, 629 SystemReserved: map[string]string{ 630 "memory": "1Gi", 631 }, 632 KubeReserved: map[string]string{ 633 "memory": "1Gi", 634 }, 635 ReservedSystemCPUs: "0,1", 636 ShowHiddenMetricsForVersion: "1.16", 637 SystemReservedCgroup: "system-reserved-cgroup", 638 KubeReservedCgroup: "kube-reserved-cgroup", 639 EnforceNodeAllocatable: []string{"system-reserved"}, 640 AllowedUnsafeSysctls: []string{"kernel.msg*"}, 641 VolumePluginDir: "volume-plugin-dir", 642 ProviderID: "provider-id", 643 KernelMemcgNotification: true, 644 Logging: logsapi.LoggingConfiguration{ 645 Format: "json", 646 FlushFrequency: logsapi.TimeOrMetaDuration{Duration: metav1.Duration{Duration: 5 * time.Second}, SerializeAsString: true}, 647 }, 648 EnableSystemLogHandler: utilpointer.Bool(true), 649 ShutdownGracePeriod: metav1.Duration{Duration: 60 * time.Second}, 650 ShutdownGracePeriodCriticalPods: metav1.Duration{Duration: 60 * time.Second}, 651 ReservedMemory: []v1beta1.MemoryReservation{ 652 { 653 NumaNode: 1, 654 Limits: v1.ResourceList{v1.ResourceMemory: resource.MustParse("1Gi")}, 655 }, 656 }, 657 EnableProfilingHandler: utilpointer.Bool(true), 658 EnableDebugFlagsHandler: utilpointer.Bool(true), 659 SeccompDefault: utilpointer.Bool(true), 660 MemoryThrottlingFactor: utilpointer.Float64(1), 661 RegisterNode: utilpointer.Bool(true), 662 LocalStorageCapacityIsolation: utilpointer.Bool(true), 663 PodLogsDir: "/custom/path", 664 }, 665 }, 666 { 667 "NodeStatusUpdateFrequency is not zero", 668 &v1beta1.KubeletConfiguration{ 669 NodeStatusUpdateFrequency: metav1.Duration{Duration: 1 * time.Minute}, 670 }, 671 &v1beta1.KubeletConfiguration{ 672 EnableServer: utilpointer.Bool(true), 673 SyncFrequency: metav1.Duration{Duration: 1 * time.Minute}, 674 FileCheckFrequency: metav1.Duration{Duration: 20 * time.Second}, 675 HTTPCheckFrequency: metav1.Duration{Duration: 20 * time.Second}, 676 Address: "0.0.0.0", 677 Port: ports.KubeletPort, 678 Authentication: v1beta1.KubeletAuthentication{ 679 Anonymous: v1beta1.KubeletAnonymousAuthentication{Enabled: utilpointer.Bool(false)}, 680 Webhook: v1beta1.KubeletWebhookAuthentication{ 681 Enabled: utilpointer.Bool(true), 682 CacheTTL: metav1.Duration{Duration: 2 * time.Minute}, 683 }, 684 }, 685 Authorization: v1beta1.KubeletAuthorization{ 686 Mode: v1beta1.KubeletAuthorizationModeWebhook, 687 Webhook: v1beta1.KubeletWebhookAuthorization{ 688 CacheAuthorizedTTL: metav1.Duration{Duration: 5 * time.Minute}, 689 CacheUnauthorizedTTL: metav1.Duration{Duration: 30 * time.Second}, 690 }, 691 }, 692 RegistryPullQPS: utilpointer.Int32(5), 693 RegistryBurst: 10, 694 EventRecordQPS: utilpointer.Int32(50), 695 EventBurst: 100, 696 EnableDebuggingHandlers: utilpointer.Bool(true), 697 HealthzPort: utilpointer.Int32(10248), 698 HealthzBindAddress: "127.0.0.1", 699 OOMScoreAdj: utilpointer.Int32(int32(qos.KubeletOOMScoreAdj)), 700 StreamingConnectionIdleTimeout: metav1.Duration{Duration: 4 * time.Hour}, 701 NodeStatusUpdateFrequency: metav1.Duration{Duration: 1 * time.Minute}, 702 NodeStatusReportFrequency: metav1.Duration{Duration: 1 * time.Minute}, 703 NodeLeaseDurationSeconds: 40, 704 ContainerRuntimeEndpoint: "unix:///run/containerd/containerd.sock", 705 ImageMinimumGCAge: metav1.Duration{Duration: 2 * time.Minute}, 706 ImageGCHighThresholdPercent: utilpointer.Int32(85), 707 ImageGCLowThresholdPercent: utilpointer.Int32(80), 708 VolumeStatsAggPeriod: metav1.Duration{Duration: time.Minute}, 709 CgroupsPerQOS: utilpointer.Bool(true), 710 CgroupDriver: "cgroupfs", 711 CPUManagerPolicy: "none", 712 CPUManagerReconcilePeriod: metav1.Duration{Duration: 10 * time.Second}, 713 MemoryManagerPolicy: v1beta1.NoneMemoryManagerPolicy, 714 TopologyManagerPolicy: v1beta1.NoneTopologyManagerPolicy, 715 TopologyManagerScope: v1beta1.ContainerTopologyManagerScope, 716 RuntimeRequestTimeout: metav1.Duration{Duration: 2 * time.Minute}, 717 HairpinMode: v1beta1.PromiscuousBridge, 718 MaxPods: 110, 719 PodPidsLimit: utilpointer.Int64(-1), 720 ResolverConfig: utilpointer.String(kubetypes.ResolvConfDefault), 721 CPUCFSQuota: utilpointer.Bool(true), 722 CPUCFSQuotaPeriod: &metav1.Duration{Duration: 100 * time.Millisecond}, 723 NodeStatusMaxImages: utilpointer.Int32(50), 724 MaxOpenFiles: 1000000, 725 ContentType: "application/vnd.kubernetes.protobuf", 726 KubeAPIQPS: utilpointer.Int32(50), 727 KubeAPIBurst: 100, 728 SerializeImagePulls: utilpointer.Bool(true), 729 MaxParallelImagePulls: nil, 730 EvictionHard: nil, 731 EvictionPressureTransitionPeriod: metav1.Duration{Duration: 5 * time.Minute}, 732 EnableControllerAttachDetach: utilpointer.Bool(true), 733 MakeIPTablesUtilChains: utilpointer.Bool(true), 734 IPTablesMasqueradeBit: utilpointer.Int32Ptr(DefaultIPTablesMasqueradeBit), 735 IPTablesDropBit: utilpointer.Int32Ptr(DefaultIPTablesDropBit), 736 FailSwapOn: utilpointer.Bool(true), 737 ContainerLogMaxSize: "10Mi", 738 ContainerLogMaxFiles: utilpointer.Int32(5), 739 ContainerLogMaxWorkers: utilpointer.Int32(1), 740 ContainerLogMonitorInterval: &metav1.Duration{Duration: 10 * time.Second}, 741 ConfigMapAndSecretChangeDetectionStrategy: v1beta1.WatchChangeDetectionStrategy, 742 EnforceNodeAllocatable: DefaultNodeAllocatableEnforcement, 743 VolumePluginDir: DefaultVolumePluginDir, 744 Logging: logsapi.LoggingConfiguration{ 745 Format: "text", 746 FlushFrequency: logsapi.TimeOrMetaDuration{Duration: metav1.Duration{Duration: 5 * time.Second}, SerializeAsString: true}, 747 }, 748 EnableSystemLogHandler: utilpointer.Bool(true), 749 EnableProfilingHandler: utilpointer.Bool(true), 750 EnableDebugFlagsHandler: utilpointer.Bool(true), 751 SeccompDefault: utilpointer.Bool(false), 752 MemoryThrottlingFactor: utilpointer.Float64Ptr(DefaultMemoryThrottlingFactor), 753 RegisterNode: utilpointer.Bool(true), 754 LocalStorageCapacityIsolation: utilpointer.Bool(true), 755 PodLogsDir: DefaultPodLogsDir, 756 }, 757 }, 758 { 759 "SerializeImagePull defaults to false when MaxParallelImagePulls is larger than 1", 760 &v1beta1.KubeletConfiguration{ 761 MaxParallelImagePulls: utilpointer.Int32(5), 762 }, 763 &v1beta1.KubeletConfiguration{ 764 EnableServer: utilpointer.Bool(true), 765 SyncFrequency: metav1.Duration{Duration: 1 * time.Minute}, 766 FileCheckFrequency: metav1.Duration{Duration: 20 * time.Second}, 767 HTTPCheckFrequency: metav1.Duration{Duration: 20 * time.Second}, 768 Address: "0.0.0.0", 769 Port: ports.KubeletPort, 770 Authentication: v1beta1.KubeletAuthentication{ 771 Anonymous: v1beta1.KubeletAnonymousAuthentication{Enabled: utilpointer.Bool(false)}, 772 Webhook: v1beta1.KubeletWebhookAuthentication{ 773 Enabled: utilpointer.Bool(true), 774 CacheTTL: metav1.Duration{Duration: 2 * time.Minute}, 775 }, 776 }, 777 Authorization: v1beta1.KubeletAuthorization{ 778 Mode: v1beta1.KubeletAuthorizationModeWebhook, 779 Webhook: v1beta1.KubeletWebhookAuthorization{ 780 CacheAuthorizedTTL: metav1.Duration{Duration: 5 * time.Minute}, 781 CacheUnauthorizedTTL: metav1.Duration{Duration: 30 * time.Second}, 782 }, 783 }, 784 RegistryPullQPS: utilpointer.Int32Ptr(5), 785 RegistryBurst: 10, 786 EventRecordQPS: utilpointer.Int32Ptr(50), 787 EventBurst: 100, 788 EnableDebuggingHandlers: utilpointer.Bool(true), 789 HealthzPort: utilpointer.Int32Ptr(10248), 790 HealthzBindAddress: "127.0.0.1", 791 OOMScoreAdj: utilpointer.Int32Ptr(int32(qos.KubeletOOMScoreAdj)), 792 StreamingConnectionIdleTimeout: metav1.Duration{Duration: 4 * time.Hour}, 793 NodeStatusUpdateFrequency: metav1.Duration{Duration: 10 * time.Second}, 794 NodeStatusReportFrequency: metav1.Duration{Duration: 5 * time.Minute}, 795 NodeLeaseDurationSeconds: 40, 796 ContainerRuntimeEndpoint: "unix:///run/containerd/containerd.sock", 797 ImageMinimumGCAge: metav1.Duration{Duration: 2 * time.Minute}, 798 ImageGCHighThresholdPercent: utilpointer.Int32Ptr(85), 799 ImageGCLowThresholdPercent: utilpointer.Int32Ptr(80), 800 VolumeStatsAggPeriod: metav1.Duration{Duration: time.Minute}, 801 CgroupsPerQOS: utilpointer.Bool(true), 802 CgroupDriver: "cgroupfs", 803 CPUManagerPolicy: "none", 804 CPUManagerReconcilePeriod: metav1.Duration{Duration: 10 * time.Second}, 805 MemoryManagerPolicy: v1beta1.NoneMemoryManagerPolicy, 806 TopologyManagerPolicy: v1beta1.NoneTopologyManagerPolicy, 807 TopologyManagerScope: v1beta1.ContainerTopologyManagerScope, 808 RuntimeRequestTimeout: metav1.Duration{Duration: 2 * time.Minute}, 809 HairpinMode: v1beta1.PromiscuousBridge, 810 MaxPods: 110, 811 PodPidsLimit: utilpointer.Int64(-1), 812 ResolverConfig: utilpointer.String(kubetypes.ResolvConfDefault), 813 CPUCFSQuota: utilpointer.Bool(true), 814 CPUCFSQuotaPeriod: &metav1.Duration{Duration: 100 * time.Millisecond}, 815 NodeStatusMaxImages: utilpointer.Int32Ptr(50), 816 MaxOpenFiles: 1000000, 817 ContentType: "application/vnd.kubernetes.protobuf", 818 KubeAPIQPS: utilpointer.Int32Ptr(50), 819 KubeAPIBurst: 100, 820 SerializeImagePulls: utilpointer.Bool(false), 821 MaxParallelImagePulls: utilpointer.Int32(5), 822 EvictionHard: nil, 823 EvictionPressureTransitionPeriod: metav1.Duration{Duration: 5 * time.Minute}, 824 EnableControllerAttachDetach: utilpointer.Bool(true), 825 MakeIPTablesUtilChains: utilpointer.Bool(true), 826 IPTablesMasqueradeBit: utilpointer.Int32Ptr(DefaultIPTablesMasqueradeBit), 827 IPTablesDropBit: utilpointer.Int32Ptr(DefaultIPTablesDropBit), 828 FailSwapOn: utilpointer.Bool(true), 829 ContainerLogMaxSize: "10Mi", 830 ContainerLogMaxFiles: utilpointer.Int32(5), 831 ContainerLogMaxWorkers: utilpointer.Int32(1), 832 ContainerLogMonitorInterval: &metav1.Duration{Duration: 10 * time.Second}, 833 ConfigMapAndSecretChangeDetectionStrategy: v1beta1.WatchChangeDetectionStrategy, 834 EnforceNodeAllocatable: DefaultNodeAllocatableEnforcement, 835 VolumePluginDir: DefaultVolumePluginDir, 836 Logging: logsapi.LoggingConfiguration{ 837 Format: "text", 838 FlushFrequency: logsapi.TimeOrMetaDuration{Duration: metav1.Duration{Duration: 5 * time.Second}, SerializeAsString: true}, 839 }, 840 EnableSystemLogHandler: utilpointer.Bool(true), 841 EnableProfilingHandler: utilpointer.Bool(true), 842 EnableDebugFlagsHandler: utilpointer.Bool(true), 843 SeccompDefault: utilpointer.Bool(false), 844 MemoryThrottlingFactor: utilpointer.Float64Ptr(DefaultMemoryThrottlingFactor), 845 RegisterNode: utilpointer.Bool(true), 846 LocalStorageCapacityIsolation: utilpointer.Bool(true), 847 PodLogsDir: DefaultPodLogsDir, 848 }, 849 }, 850 { 851 "SerializeImagePull defaults to true when MaxParallelImagePulls is set to 1", 852 &v1beta1.KubeletConfiguration{ 853 MaxParallelImagePulls: utilpointer.Int32(1), 854 }, 855 &v1beta1.KubeletConfiguration{ 856 EnableServer: utilpointer.Bool(true), 857 SyncFrequency: metav1.Duration{Duration: 1 * time.Minute}, 858 FileCheckFrequency: metav1.Duration{Duration: 20 * time.Second}, 859 HTTPCheckFrequency: metav1.Duration{Duration: 20 * time.Second}, 860 Address: "0.0.0.0", 861 Port: ports.KubeletPort, 862 Authentication: v1beta1.KubeletAuthentication{ 863 Anonymous: v1beta1.KubeletAnonymousAuthentication{Enabled: utilpointer.Bool(false)}, 864 Webhook: v1beta1.KubeletWebhookAuthentication{ 865 Enabled: utilpointer.Bool(true), 866 CacheTTL: metav1.Duration{Duration: 2 * time.Minute}, 867 }, 868 }, 869 Authorization: v1beta1.KubeletAuthorization{ 870 Mode: v1beta1.KubeletAuthorizationModeWebhook, 871 Webhook: v1beta1.KubeletWebhookAuthorization{ 872 CacheAuthorizedTTL: metav1.Duration{Duration: 5 * time.Minute}, 873 CacheUnauthorizedTTL: metav1.Duration{Duration: 30 * time.Second}, 874 }, 875 }, 876 RegistryPullQPS: utilpointer.Int32Ptr(5), 877 RegistryBurst: 10, 878 EventRecordQPS: utilpointer.Int32Ptr(50), 879 EventBurst: 100, 880 EnableDebuggingHandlers: utilpointer.Bool(true), 881 HealthzPort: utilpointer.Int32Ptr(10248), 882 HealthzBindAddress: "127.0.0.1", 883 OOMScoreAdj: utilpointer.Int32Ptr(int32(qos.KubeletOOMScoreAdj)), 884 StreamingConnectionIdleTimeout: metav1.Duration{Duration: 4 * time.Hour}, 885 NodeStatusUpdateFrequency: metav1.Duration{Duration: 10 * time.Second}, 886 NodeStatusReportFrequency: metav1.Duration{Duration: 5 * time.Minute}, 887 NodeLeaseDurationSeconds: 40, 888 ContainerRuntimeEndpoint: "unix:///run/containerd/containerd.sock", 889 ImageMinimumGCAge: metav1.Duration{Duration: 2 * time.Minute}, 890 ImageGCHighThresholdPercent: utilpointer.Int32Ptr(85), 891 ImageGCLowThresholdPercent: utilpointer.Int32Ptr(80), 892 VolumeStatsAggPeriod: metav1.Duration{Duration: time.Minute}, 893 CgroupsPerQOS: utilpointer.Bool(true), 894 CgroupDriver: "cgroupfs", 895 CPUManagerPolicy: "none", 896 CPUManagerReconcilePeriod: metav1.Duration{Duration: 10 * time.Second}, 897 MemoryManagerPolicy: v1beta1.NoneMemoryManagerPolicy, 898 TopologyManagerPolicy: v1beta1.NoneTopologyManagerPolicy, 899 TopologyManagerScope: v1beta1.ContainerTopologyManagerScope, 900 RuntimeRequestTimeout: metav1.Duration{Duration: 2 * time.Minute}, 901 HairpinMode: v1beta1.PromiscuousBridge, 902 MaxPods: 110, 903 PodPidsLimit: utilpointer.Int64(-1), 904 ResolverConfig: utilpointer.String(kubetypes.ResolvConfDefault), 905 CPUCFSQuota: utilpointer.Bool(true), 906 CPUCFSQuotaPeriod: &metav1.Duration{Duration: 100 * time.Millisecond}, 907 NodeStatusMaxImages: utilpointer.Int32Ptr(50), 908 MaxOpenFiles: 1000000, 909 ContentType: "application/vnd.kubernetes.protobuf", 910 KubeAPIQPS: utilpointer.Int32Ptr(50), 911 KubeAPIBurst: 100, 912 SerializeImagePulls: utilpointer.Bool(true), 913 MaxParallelImagePulls: utilpointer.Int32(1), 914 EvictionHard: nil, 915 EvictionPressureTransitionPeriod: metav1.Duration{Duration: 5 * time.Minute}, 916 EnableControllerAttachDetach: utilpointer.Bool(true), 917 MakeIPTablesUtilChains: utilpointer.Bool(true), 918 IPTablesMasqueradeBit: utilpointer.Int32(DefaultIPTablesMasqueradeBit), 919 IPTablesDropBit: utilpointer.Int32(DefaultIPTablesDropBit), 920 FailSwapOn: utilpointer.Bool(true), 921 ContainerLogMaxSize: "10Mi", 922 ContainerLogMaxFiles: utilpointer.Int32(5), 923 ContainerLogMaxWorkers: utilpointer.Int32(1), 924 ContainerLogMonitorInterval: &metav1.Duration{Duration: 10 * time.Second}, 925 ConfigMapAndSecretChangeDetectionStrategy: v1beta1.WatchChangeDetectionStrategy, 926 EnforceNodeAllocatable: DefaultNodeAllocatableEnforcement, 927 VolumePluginDir: DefaultVolumePluginDir, 928 Logging: logsapi.LoggingConfiguration{ 929 Format: "text", 930 FlushFrequency: logsapi.TimeOrMetaDuration{Duration: metav1.Duration{Duration: 5 * time.Second}, SerializeAsString: true}, 931 }, 932 EnableSystemLogHandler: utilpointer.Bool(true), 933 EnableProfilingHandler: utilpointer.Bool(true), 934 EnableDebugFlagsHandler: utilpointer.Bool(true), 935 SeccompDefault: utilpointer.Bool(false), 936 MemoryThrottlingFactor: utilpointer.Float64(DefaultMemoryThrottlingFactor), 937 RegisterNode: utilpointer.Bool(true), 938 LocalStorageCapacityIsolation: utilpointer.Bool(true), 939 PodLogsDir: DefaultPodLogsDir, 940 }, 941 }, 942 } 943 944 for _, tc := range tests { 945 t.Run(tc.name, func(t *testing.T) { 946 SetDefaults_KubeletConfiguration(tc.config) 947 if diff := cmp.Diff(tc.expected, tc.config); diff != "" { 948 t.Errorf("Got unexpected defaults (-want, +got):\n%s", diff) 949 } 950 }) 951 } 952 }