# Longhorn module "longhorn" { source = "../../longhorn" namespace = "longhorn-system" k8s_config_yaml = var.k8s_config_yaml wait_on = var.wait_on } resource "helm_release" "descheduler" { name = "descheduler" repository = "https://kubernetes-sigs.github.io/descheduler/" chart = "descheduler" namespace = "kube-system" version = "0.33.0" values = [ yamlencode({ deschedulerPolicy = { # Only evict pods older than 5 minutes maxPodLifeTimeSeconds = 300 # Respect PodDisruptionBudgets evictLocalStoragePods = false ignorePvcPods = true strategies = { LowNodeUtilization = { enabled = true params = { nodeResourceUtilizationThresholds = { thresholds = { cpu = 30 memory = 30 } targetThresholds = { cpu = 50 memory = 50 } } evictableNamespaces = { exclude = ["kube-system", "longhorn-system"] } } } } } # Additional settings schedule = "*/10 * * * *" # Run every 10 minutes # Don't run on control plane nodes nodeSelector = { "node-role.kubernetes.io/control-plane" = null } # Resource limits for the descheduler pod itself resources = { requests = { cpu = "100m" memory = "100Mi" } limits = { cpu = "500m" memory = "256Mi" } } }) ] } # resource "kubernetes_config_map" "scheduler_config" { # metadata { # name = "scheduler-config" # namespace = "kube-system" # } # # data = { # "config.yaml" = yamlencode({ # apiVersion = "kubescheduler.config.k8s.io/v1beta3" # kind = "KubeSchedulerConfiguration" # profiles = [{ # schedulerName = "default-scheduler" # plugins = { # score = { # enabled = [ # { name = "NodeResourcesFit", weight = 100 }, # { name = "NodeResourcesBalancedAllocation", weight = 100 }, # { name = "NodeAffinity", weight = 50 }, # { name = "InterPodAffinity", weight = 50 }, # { name = "NodePreferAvoidPods", weight = 10000 }, # { name = "TaintToleration", weight = 100 } # ] # } # } # pluginConfig = [{ # name = "NodeResourcesBalancedAllocation" # args = { # resources = [ # { name = "cpu", weight = 100 }, # { name = "memory", weight = 100 } # ] # } # }] # }] # }) # } # } # Configure ingress to allow forwarded headers resource "kubernetes_manifest" "rke2-ingress-nginx-config" { manifest = { apiVersion = "helm.cattle.io/v1" kind = "HelmChartConfig" metadata = { name = "rke2-ingress-nginx" namespace = "kube-system" } spec = { valuesContent = <<-EOT controller: config: use-forwarded-headers: "true" # Buffer settings to prevent "upstream sent too big header" errors proxy-buffer-size: "16k" proxy-buffers: "8 16k" proxy-busy-buffers-size: "32k" large-client-header-buffers: "4 16k" client-header-buffer-size: "16k" client-body-buffer-size: "16k" # File upload settings for production client-max-body-size: "100m" proxy-body-size: "100m" proxy-request-buffering: "off" # Additional production timeouts proxy-connect-timeout: "600" proxy-send-timeout: "600" proxy-read-timeout: "600" client-body-timeout: "600" EOT } } } output "installed" { value = true depends_on = [module.longhorn.installed, kubernetes_manifest.rke2-ingress-nginx-config] }