External-Mirrors/kubespray
2
0
Fork 0
mirror of https://github.com/kubernetes-sigs/kubespray.git synced 2026-05-17 06:17:38 -02:30
Code Issues Packages Projects Releases Wiki Activity

add support for EventRateLimit plugin configuration (#8711)

Browse Source 
* feat: add support for EventRateLimit admission plugin

* docs: add documentation about admission_control_config_file and EventRateLimit configuration
This commit is contained in:
Alessio Greggi
2022-05-02 20:03:15 +02:00
committed by GitHub
parent 56cf163a23
commit fa1d222eee
7 changed files with 110 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
roles/kubernetes/control-plane/templates/admission-controls.v1beta2.yaml.j2 Normal file
View File

@@ -0,0 +1,9 @@
apiVersion: apiserver.config.k8s.io/v1
kind: AdmissionConfiguration
plugins:
{% for plugin in kube_apiserver_enable_admission_plugins[0].split(',') %}
{% if plugin in kube_apiserver_admission_plugins_needs_configuration %}
- name: {{ plugin }}
path: {{ kube_config_dir }}/{{ plugin|lower }}.yaml
{% endif %}
{% endfor %}

11
roles/kubernetes/control-plane/templates/eventratelimit.v1beta2.yaml.j2 Normal file
View File

@@ -0,0 +1,11 @@
apiVersion: eventratelimit.admission.k8s.io/v1alpha1
kind: Configuration
limits:
{% for limit in kube_apiserver_admission_event_rate_limits.values() %}
- type: {{ limit.type }}
qps: {{ limit.qps }}
burst: {{ limit.burst }}
{% if limit.cache_size is defined %}
cacheSize: {{ limit.cache_size }}
{% endif %}
{% endfor %}

10
roles/kubernetes/control-plane/templates/kubeadm-config.v1beta2.yaml.j2
View File

@@ -126,6 +126,9 @@ apiServer:
{% if kube_apiserver_enable_admission_plugins|length > 0 %}
enable-admission-plugins: {{ kube_apiserver_enable_admission_plugins | join(',') }}
{% endif %}
{% if kube_apiserver_admission_control_config_file %}
admission-control-config-file: {{ kube_config_dir }}/admission-controls.yaml
{% endif %}
{% if kube_apiserver_disable_admission_plugins|length > 0 %}
disable-admission-plugins: {{ kube_apiserver_disable_admission_plugins | join(',') }}
{% endif %}
@@ -249,6 +252,13 @@ apiServer:
readOnly: false
{% endif %}
{% endif %}
{% if kube_apiserver_admission_control_config_file %}
- name: admission-control-configs
hostPath: {{ kube_config_dir }}/admission-controls
mountPath: {{ kube_config_dir }}
readOnly: false
pathType: DirectoryOrCreate
{% endif %}
{% for volume in apiserver_extra_volumes %}
- name: {{ volume.name }}
hostPath: {{ volume.hostPath }}