152 lines
4.0 KiB
HCL
152 lines
4.0 KiB
HCL
# Longhorn
|
|
module "longhorn" {
|
|
source = "../../longhorn"
|
|
|
|
namespace = "longhorn-system"
|
|
k8s_config_yaml = var.k8s_config_yaml
|
|
wait_on = var.wait_on
|
|
}
|
|
|
|
resource "helm_release" "descheduler" {
|
|
name = "descheduler"
|
|
repository = "https://kubernetes-sigs.github.io/descheduler/"
|
|
chart = "descheduler"
|
|
namespace = "kube-system"
|
|
version = "0.33.0"
|
|
|
|
values = [
|
|
yamlencode({
|
|
deschedulerPolicy = {
|
|
# Only evict pods older than 5 minutes
|
|
maxPodLifeTimeSeconds = 300
|
|
|
|
# Respect PodDisruptionBudgets
|
|
evictLocalStoragePods = false
|
|
ignorePvcPods = true
|
|
|
|
strategies = {
|
|
LowNodeUtilization = {
|
|
enabled = true
|
|
params = {
|
|
nodeResourceUtilizationThresholds = {
|
|
thresholds = {
|
|
cpu = 30
|
|
memory = 30
|
|
}
|
|
targetThresholds = {
|
|
cpu = 50
|
|
memory = 50
|
|
}
|
|
}
|
|
evictableNamespaces = {
|
|
exclude = ["kube-system", "longhorn-system"]
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
# Additional settings
|
|
schedule = "*/10 * * * *" # Run every 10 minutes
|
|
|
|
# Don't run on control plane nodes
|
|
nodeSelector = {
|
|
"node-role.kubernetes.io/control-plane" = null
|
|
}
|
|
|
|
# Resource limits for the descheduler pod itself
|
|
resources = {
|
|
requests = {
|
|
cpu = "100m"
|
|
memory = "100Mi"
|
|
}
|
|
limits = {
|
|
cpu = "500m"
|
|
memory = "256Mi"
|
|
}
|
|
}
|
|
})
|
|
]
|
|
}
|
|
|
|
# resource "kubernetes_config_map" "scheduler_config" {
|
|
# metadata {
|
|
# name = "scheduler-config"
|
|
# namespace = "kube-system"
|
|
# }
|
|
#
|
|
# data = {
|
|
# "config.yaml" = yamlencode({
|
|
# apiVersion = "kubescheduler.config.k8s.io/v1beta3"
|
|
# kind = "KubeSchedulerConfiguration"
|
|
# profiles = [{
|
|
# schedulerName = "default-scheduler"
|
|
# plugins = {
|
|
# score = {
|
|
# enabled = [
|
|
# { name = "NodeResourcesFit", weight = 100 },
|
|
# { name = "NodeResourcesBalancedAllocation", weight = 100 },
|
|
# { name = "NodeAffinity", weight = 50 },
|
|
# { name = "InterPodAffinity", weight = 50 },
|
|
# { name = "NodePreferAvoidPods", weight = 10000 },
|
|
# { name = "TaintToleration", weight = 100 }
|
|
# ]
|
|
# }
|
|
# }
|
|
# pluginConfig = [{
|
|
# name = "NodeResourcesBalancedAllocation"
|
|
# args = {
|
|
# resources = [
|
|
# { name = "cpu", weight = 100 },
|
|
# { name = "memory", weight = 100 }
|
|
# ]
|
|
# }
|
|
# }]
|
|
# }]
|
|
# })
|
|
# }
|
|
# }
|
|
|
|
# Configure ingress to allow forwarded headers
|
|
resource "kubernetes_manifest" "rke2-ingress-nginx-config" {
|
|
manifest = {
|
|
apiVersion = "helm.cattle.io/v1"
|
|
kind = "HelmChartConfig"
|
|
metadata = {
|
|
name = "rke2-ingress-nginx"
|
|
namespace = "kube-system"
|
|
}
|
|
spec = {
|
|
valuesContent = <<-EOT
|
|
controller:
|
|
config:
|
|
use-forwarded-headers: "true"
|
|
|
|
# Buffer settings to prevent "upstream sent too big header" errors
|
|
proxy-buffer-size: "16k"
|
|
proxy-buffers: "8 16k"
|
|
proxy-busy-buffers-size: "32k"
|
|
large-client-header-buffers: "4 16k"
|
|
client-header-buffer-size: "16k"
|
|
client-body-buffer-size: "16k"
|
|
|
|
# File upload settings for production
|
|
client-max-body-size: "100m"
|
|
proxy-body-size: "100m"
|
|
proxy-request-buffering: "off"
|
|
|
|
# Additional production timeouts
|
|
proxy-connect-timeout: "600"
|
|
proxy-send-timeout: "600"
|
|
proxy-read-timeout: "600"
|
|
client-body-timeout: "600"
|
|
EOT
|
|
}
|
|
}
|
|
}
|
|
|
|
output "installed" {
|
|
value = true
|
|
depends_on = [module.longhorn.installed, kubernetes_manifest.rke2-ingress-nginx-config]
|
|
}
|