[MediaWiki-commits] [Gerrit] operations/puppet[production]: kubernetes: Add a few recommended admission controllers

Thu, 31 Aug 2017 03:40:43 -0700 

Alexandros Kosiaris has uploaded a new change for review. ( 
https://gerrit.wikimedia.org/r/374974 )

Change subject: kubernetes: Add a few recommended admission controllers
......................................................................

kubernetes: Add a few recommended admission controllers

Add ServiceAccount, PersistentVolumeLabel and DefaultTolerationSeconds.
These are for production only, toollabs are not touched.
Those are the recommended admission controllers for version 1.7 of
kubernetes which is what we are running

Bug: T170119
Change-Id: I7ddb79fb7fa2ed70703fe8adf5d9f52433cc2ca3
---
M hieradata/role/common/kubernetes/master.yaml
M hieradata/role/common/kubernetes/staging/master.yaml
2 files changed, 6 insertions(+), 0 deletions(-)


  git pull ssh://gerrit.wikimedia.org:29418/operations/puppet 
refs/changes/74/374974/1

diff --git a/hieradata/role/common/kubernetes/master.yaml 
b/hieradata/role/common/kubernetes/master.yaml
index d4b9233..2912535 100644
--- a/hieradata/role/common/kubernetes/master.yaml
+++ b/hieradata/role/common/kubernetes/master.yaml
@@ -7,8 +7,11 @@
 profile::kubernetes::master::admission_controllers:
   NamespaceLifecycle: ''
   LimitRanger: ''
+  ServiceAccount: ''
+  PersistentVolumeLabel: ''
   DefaultStorageClass: ''
   ResourceQuota: ''
+  DefaultTolerationSeconds: ''
 profile::kubernetes::master::expose_puppet_certs: true
 profile::kubernetes::master::service_cert: "kubemaster.svc.%{::site}.wmnet"
 profile::kubernetes::master::ssl_cert_path: 
"/etc/ssl/localcerts/kubemaster.svc.%{::site}.wmnet.crt"
diff --git a/hieradata/role/common/kubernetes/staging/master.yaml 
b/hieradata/role/common/kubernetes/staging/master.yaml
index 3d4cab6..aee4145 100644
--- a/hieradata/role/common/kubernetes/staging/master.yaml
+++ b/hieradata/role/common/kubernetes/staging/master.yaml
@@ -9,8 +9,11 @@
 profile::kubernetes::master::admission_controllers:
   NamespaceLifecycle: ''
   LimitRanger: ''
+  ServiceAccount: ''
+  PersistentVolumeLabel: ''
   DefaultStorageClass: ''
   ResourceQuota: ''
+  DefaultTolerationSeconds: ''
 profile::kubernetes::master::expose_puppet_certs: true
 profile::kubernetes::master::ssl_cert_path: "/etc/kubernetes/ssl/cert.pem"
 profile::kubernetes::master::ssl_key_path: "/etc/kubernetes/ssl/server.key"

-- 
To view, visit https://gerrit.wikimedia.org/r/374974
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: I7ddb79fb7fa2ed70703fe8adf5d9f52433cc2ca3
Gerrit-PatchSet: 1
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Alexandros Kosiaris <[email protected]>

_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

Reply via email to