From c866ea2e524a92c5a30701bcfc2e55ce0b734bf9 Mon Sep 17 00:00:00 2001 From: Hayden B Date: Wed, 21 Aug 2024 12:56:34 -0700 Subject: [PATCH] Add default kubelet config for node config for pools and clusters (#1234) * Add default kubelet config for node config for pools and clusters Needed by GCP now, setting to the default values. Signed-off-by: Hayden Blauzvern * add missing cpu manager policy Signed-off-by: Hayden Blauzvern --------- Signed-off-by: Hayden Blauzvern --- terraform/gcp/modules/gke_cluster/cluster.tf | 5 +++++ terraform/gcp/modules/gke_cluster/node_pool.tf | 6 ++++++ 2 files changed, 11 insertions(+) diff --git a/terraform/gcp/modules/gke_cluster/cluster.tf b/terraform/gcp/modules/gke_cluster/cluster.tf index ef927ee21..86a541e85 100644 --- a/terraform/gcp/modules/gke_cluster/cluster.tf +++ b/terraform/gcp/modules/gke_cluster/cluster.tf @@ -67,6 +67,11 @@ resource "google_container_cluster" "cluster" { tags = [local.cluster_network_tag] service_account = google_service_account.gke-sa.email oauth_scopes = var.oauth_scopes + kubelet_config { + cpu_cfs_quota = false + pod_pids_limit = 0 + cpu_manager_policy = "none" + } } resource_labels = { diff --git a/terraform/gcp/modules/gke_cluster/node_pool.tf b/terraform/gcp/modules/gke_cluster/node_pool.tf index cdc29fcef..19a8aeb8f 100644 --- a/terraform/gcp/modules/gke_cluster/node_pool.tf +++ b/terraform/gcp/modules/gke_cluster/node_pool.tf @@ -65,6 +65,12 @@ resource "google_container_node_pool" "cluster_nodes" { service_account = google_service_account.gke-sa.email oauth_scopes = ["https://www.googleapis.com/auth/cloud-platform"] + kubelet_config { + cpu_cfs_quota = false + pod_pids_limit = 0 + cpu_manager_policy = "none" + } + // Protect node metadata and enable Workload Identity // for this node pool. "SECURE" just protects the metadata. // "EXPOSE" or not set allows for cluster takeover.