253 lines
6.6 KiB
YAML
253 lines
6.6 KiB
YAML
# Default values for descheduler.
|
|
# This is a YAML-formatted file.
|
|
# Declare variables to be passed into your templates.
|
|
|
|
# CronJob or Deployment
|
|
kind: CronJob
|
|
|
|
image:
|
|
repository: registry.k8s.io/descheduler/descheduler
|
|
# Overrides the image tag whose default is the chart version
|
|
tag: ""
|
|
pullPolicy: IfNotPresent
|
|
|
|
imagePullSecrets:
|
|
# - name: container-registry-secret
|
|
|
|
resources:
|
|
requests:
|
|
cpu: 500m
|
|
memory: 256Mi
|
|
limits:
|
|
cpu: 500m
|
|
memory: 256Mi
|
|
|
|
ports:
|
|
- containerPort: 10258
|
|
protocol: TCP
|
|
|
|
securityContext:
|
|
allowPrivilegeEscalation: false
|
|
capabilities:
|
|
drop:
|
|
- ALL
|
|
privileged: false
|
|
readOnlyRootFilesystem: true
|
|
runAsNonRoot: true
|
|
runAsUser: 1000
|
|
|
|
# podSecurityContext -- [Security context for pod](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/)
|
|
podSecurityContext: {}
|
|
# fsGroup: 1000
|
|
|
|
nameOverride: ""
|
|
fullnameOverride: ""
|
|
|
|
# -- Override the deployment namespace; defaults to .Release.Namespace
|
|
namespaceOverride: ""
|
|
|
|
# labels that'll be applied to all resources
|
|
commonLabels: {}
|
|
|
|
cronJobApiVersion: "batch/v1"
|
|
schedule: "*/2 * * * *"
|
|
suspend: false
|
|
# startingDeadlineSeconds: 200
|
|
# successfulJobsHistoryLimit: 3
|
|
# failedJobsHistoryLimit: 1
|
|
# ttlSecondsAfterFinished 600
|
|
# timeZone: Etc/UTC
|
|
|
|
# Required when running as a Deployment
|
|
deschedulingInterval: 5m
|
|
|
|
# Specifies the replica count for Deployment
|
|
# Set leaderElection if you want to use more than 1 replica
|
|
# Set affinity.podAntiAffinity rule if you want to schedule onto a node
|
|
# only if that node is in the same zone as at least one already-running descheduler
|
|
replicas: 1
|
|
|
|
# Specifies whether Leader Election resources should be created
|
|
# Required when running as a Deployment
|
|
# NOTE: Leader election can't be activated if DryRun enabled
|
|
leaderElection: {}
|
|
# enabled: true
|
|
# leaseDuration: 15s
|
|
# renewDeadline: 10s
|
|
# retryPeriod: 2s
|
|
# resourceLock: "leases"
|
|
# resourceName: "descheduler"
|
|
# resourceNamespace: "kube-system"
|
|
|
|
command:
|
|
- "/bin/descheduler"
|
|
|
|
cmdOptions:
|
|
v: 3
|
|
|
|
# Recommended to use the latest Policy API version supported by the Descheduler app version
|
|
deschedulerPolicyAPIVersion: "descheduler/v1alpha2"
|
|
|
|
# deschedulerPolicy contains the policies the descheduler will execute.
|
|
# To use policies stored in an existing configMap use:
|
|
# NOTE: The name of the cm should comply to {{ template "descheduler.fullname" . }}
|
|
# deschedulerPolicy: {}
|
|
deschedulerPolicy:
|
|
# nodeSelector: "key1=value1,key2=value2"
|
|
# maxNoOfPodsToEvictPerNode: 10
|
|
# maxNoOfPodsToEvictPerNamespace: 10
|
|
# metricsCollector:
|
|
# enabled: true
|
|
# ignorePvcPods: true
|
|
# evictLocalStoragePods: true
|
|
# evictDaemonSetPods: true
|
|
# tracing:
|
|
# collectorEndpoint: otel-collector.observability.svc.cluster.local:4317
|
|
# transportCert: ""
|
|
# serviceName: ""
|
|
# serviceNamespace: ""
|
|
# sampleRate: 1.0
|
|
# fallbackToNoOpProviderOnError: true
|
|
profiles:
|
|
- name: default
|
|
pluginConfig:
|
|
- name: DefaultEvictor
|
|
args:
|
|
ignorePvcPods: true
|
|
evictLocalStoragePods: true
|
|
- name: RemoveDuplicates
|
|
- name: RemovePodsHavingTooManyRestarts
|
|
args:
|
|
podRestartThreshold: 100
|
|
includingInitContainers: true
|
|
- name: RemovePodsViolatingNodeAffinity
|
|
args:
|
|
nodeAffinityType:
|
|
- requiredDuringSchedulingIgnoredDuringExecution
|
|
- name: RemovePodsViolatingNodeTaints
|
|
- name: RemovePodsViolatingInterPodAntiAffinity
|
|
- name: RemovePodsViolatingTopologySpreadConstraint
|
|
- name: LowNodeUtilization
|
|
args:
|
|
thresholds:
|
|
cpu: 20
|
|
memory: 20
|
|
pods: 20
|
|
targetThresholds:
|
|
cpu: 65
|
|
memory: 65
|
|
pods: 50
|
|
plugins:
|
|
balance:
|
|
enabled:
|
|
- RemoveDuplicates
|
|
- RemovePodsViolatingTopologySpreadConstraint
|
|
- LowNodeUtilization
|
|
deschedule:
|
|
enabled:
|
|
- RemovePodsHavingTooManyRestarts
|
|
- RemovePodsViolatingNodeTaints
|
|
- RemovePodsViolatingNodeAffinity
|
|
- RemovePodsViolatingInterPodAntiAffinity
|
|
|
|
priorityClassName: system-cluster-critical
|
|
|
|
nodeSelector: {}
|
|
# foo: bar
|
|
|
|
affinity: {}
|
|
# nodeAffinity:
|
|
# requiredDuringSchedulingIgnoredDuringExecution:
|
|
# nodeSelectorTerms:
|
|
# - matchExpressions:
|
|
# - key: kubernetes.io/e2e-az-name
|
|
# operator: In
|
|
# values:
|
|
# - e2e-az1
|
|
# - e2e-az2
|
|
# podAntiAffinity:
|
|
# requiredDuringSchedulingIgnoredDuringExecution:
|
|
# - labelSelector:
|
|
# matchExpressions:
|
|
# - key: app.kubernetes.io/name
|
|
# operator: In
|
|
# values:
|
|
# - descheduler
|
|
# topologyKey: "kubernetes.io/hostname"
|
|
topologySpreadConstraints: []
|
|
# - maxSkew: 1
|
|
# topologyKey: kubernetes.io/hostname
|
|
# whenUnsatisfiable: DoNotSchedule
|
|
# labelSelector:
|
|
# matchLabels:
|
|
# app.kubernetes.io/name: descheduler
|
|
tolerations: []
|
|
# - key: 'management'
|
|
# operator: 'Equal'
|
|
# value: 'tool'
|
|
# effect: 'NoSchedule'
|
|
|
|
rbac:
|
|
# Specifies whether RBAC resources should be created
|
|
create: true
|
|
|
|
serviceAccount:
|
|
# Specifies whether a ServiceAccount should be created
|
|
create: true
|
|
# The name of the ServiceAccount to use.
|
|
# If not set and create is true, a name is generated using the fullname template
|
|
name:
|
|
# Specifies custom annotations for the serviceAccount
|
|
annotations: {}
|
|
|
|
podAnnotations: {}
|
|
|
|
podLabels: {}
|
|
|
|
dnsConfig: {}
|
|
|
|
livenessProbe:
|
|
failureThreshold: 3
|
|
httpGet:
|
|
path: /healthz
|
|
port: 10258
|
|
scheme: HTTPS
|
|
initialDelaySeconds: 3
|
|
periodSeconds: 10
|
|
|
|
service:
|
|
enabled: false
|
|
# @param service.ipFamilyPolicy [string], support SingleStack, PreferDualStack and RequireDualStack
|
|
#
|
|
ipFamilyPolicy: ""
|
|
# @param service.ipFamilies [array] List of IP families (e.g. IPv4, IPv6) assigned to the service.
|
|
# Ref: https://kubernetes.io/docs/concepts/services-networking/dual-stack/
|
|
# E.g.
|
|
# ipFamilies:
|
|
# - IPv6
|
|
# - IPv4
|
|
ipFamilies: []
|
|
|
|
serviceMonitor:
|
|
enabled: false
|
|
# The namespace where Prometheus expects to find service monitors.
|
|
# namespace: ""
|
|
# Add custom labels to the ServiceMonitor resource
|
|
additionalLabels: {}
|
|
# prometheus: kube-prometheus-stack
|
|
interval: ""
|
|
# honorLabels: true
|
|
insecureSkipVerify: true
|
|
serverName: null
|
|
metricRelabelings: []
|
|
# - action: keep
|
|
# regex: 'descheduler_(build_info|pods_evicted)'
|
|
# sourceLabels: [__name__]
|
|
relabelings: []
|
|
# - sourceLabels: [__meta_kubernetes_pod_node_name]
|
|
# separator: ;
|
|
# regex: ^(.*)$
|
|
# targetLabel: nodename
|
|
# replacement: $1
|
|
# action: replace
|