{{- define "kubelet-config" -}}
apiVersion: {{ include "kubeletcomponentconfigversion" . }}
kind: KubeletConfiguration
authentication:
  x509:
    clientCAFile: /var/lib/kubelet/ca.crt
  webhook:
    enabled: true
    cacheTTL: 2m0s
  anonymous:
    enabled: false
authorization:
  mode: Webhook
  webhook:
    cacheAuthorizedTTL: 5m0s
    cacheUnauthorizedTTL: 30s
cgroupRoot: "/"
cgroupsPerQOS: true
cgroupDriver: cgroupfs
clusterDomain: {{ required "kubernetes.domain is required" .Values.kubernetes.domain }}
clusterDNS:
- {{ required "kubernetes.clusterDNS is required" .Values.kubernetes.clusterDNS }}
configTrialDuration: 10m0s
cpuCFSQuota: {{ .Values.worker.kubelet.cpuCFSQuota }}
cpuManagerPolicy: {{ .Values.worker.kubelet.cpuManagerPolicy }}
cpuManagerReconcilePeriod: 10s
enableControllerAttachDetach: true
enableDebuggingHandlers: true
enableServer: true
enforceNodeAllocatable:
- pods
eventRecordQPS: 50
eventBurst: 50
evictionHard:
  memory.available: {{ .Values.worker.kubelet.evictionHard.memoryAvailable }}
  imagefs.available: {{ .Values.worker.kubelet.evictionHard.imageFSAvailable }}
  imagefs.inodesFree: {{ .Values.worker.kubelet.evictionHard.imageFSInodesFree }}
  nodefs.available: {{ .Values.worker.kubelet.evictionHard.nodeFSAvailable }}
  nodefs.inodesFree: {{ .Values.worker.kubelet.evictionHard.nodeFSInodesFree }}
evictionSoft:
  memory.available: {{ .Values.worker.kubelet.evictionSoft.memoryAvailable }}
  imagefs.available: {{ .Values.worker.kubelet.evictionSoft.imageFSAvailable }}
  imagefs.inodesFree: {{ .Values.worker.kubelet.evictionSoft.imageFSInodesFree }}
  nodefs.available: {{ .Values.worker.kubelet.evictionSoft.nodeFSAvailable }}
  nodefs.inodesFree: {{ .Values.worker.kubelet.evictionSoft.nodeFSInodesFree }}
evictionSoftGracePeriod:
  memory.available: {{ .Values.worker.kubelet.evictionSoftGracePeriod.memoryAvailable }}
  imagefs.available: {{ .Values.worker.kubelet.evictionSoftGracePeriod.imageFSAvailable }}
  imagefs.inodesFree: {{ .Values.worker.kubelet.evictionSoftGracePeriod.imageFSInodesFree }}
  nodefs.available: {{ .Values.worker.kubelet.evictionSoftGracePeriod.nodeFSAvailable }}
  nodefs.inodesFree: {{ .Values.worker.kubelet.evictionSoftGracePeriod.nodeFSInodesFree }}
evictionMinimumReclaim:
  memory.available: {{ .Values.worker.kubelet.evictionMinimumReclaim.memoryAvailable }}
  imagefs.available: {{ .Values.worker.kubelet.evictionMinimumReclaim.imageFSAvailable }}
  imagefs.inodesFree: {{ .Values.worker.kubelet.evictionMinimumReclaim.imageFSInodesFree }}
  nodefs.available: {{ .Values.worker.kubelet.evictionMinimumReclaim.nodeFSAvailable }}
  nodefs.inodesFree: {{ .Values.worker.kubelet.evictionMinimumReclaim.nodeFSInodesFree }}
evictionPressureTransitionPeriod: {{ .Values.worker.kubelet.evictionPressureTransitionPeriod }}
evictionMaxPodGracePeriod: {{ .Values.worker.kubelet.evictionMaxPodGracePeriod }}
failSwapOn: {{ .Values.worker.kubelet.failSwapOn }}
{{- if .Values.worker.kubelet.featureGates }}
featureGates:
{{ toYaml .Values.worker.kubelet.featureGates | indent 6 }}
{{- end }}
fileCheckFrequency: 20s
imageMinimumGCAge: 2m0s
imageGCHighThresholdPercent: 50
imageGCLowThresholdPercent: 40
kubeAPIBurst: 50
kubeAPIQPS: 50
{{- if .Values.worker.kubelet.kubeReserved }}
kubeReserved:
{{- range $key, $value := .Values.worker.kubelet.kubeReserved }}
  {{ $key }}: {{ $value | quote }}
{{- end }}
{{- end }}
{{- if .Values.worker.kubelet.systemReserved }}
systemReserved:
{{- range $key, $value := .Values.worker.kubelet.systemReserved }}
  {{ $key }}: {{ $value | quote }}
{{- end }}
{{- end }}
hairpinMode: promiscuous-bridge
{{- if semverCompare "< 1.15" .Values.kubernetes.version }}
hostNetworkSources:
- "*"
hostPIDSources:
- "*"
hostIPCSources:
- "*"
{{- end }}
httpCheckFrequency: 20s
maxOpenFiles: 1000000
{{- if .Values.worker.kubelet.maxPods }}
maxPods: {{ .Values.worker.kubelet.maxPods }}
{{- end }}
nodeStatusUpdateFrequency: 10s
podsPerCore: 0
{{- if .Values.worker.kubelet.podPIDsLimit }}
podPidsLimit: {{ .Values.worker.kubelet.podPIDsLimit }}
{{- end }}
readOnlyPort: 0
registryPullQPS: 5
registryBurst: 10
resolvConf: /etc/resolv.conf
{{- if semverCompare ">= 1.11" .Values.kubernetes.version }}
rotateCertificates: true
{{- end }}
runtimeRequestTimeout: 2m0s
serializeImagePulls: true
syncFrequency: 1m0s
{{- if semverCompare ">= 1.19" .Values.kubernetes.version }}
VolumePluginDir: /var/lib/kubelet/volumeplugins
{{- end }}
volumeStatsAggPeriod: 1m0s
{{- end -}}
