From c98e1d1b5b1ba4da15ba5b06640992d0544acdb7 Mon Sep 17 00:00:00 2001
From: Kay Yan <yankay@users.noreply.github.com>
Date: Tue, 18 Apr 2023 09:54:58 +0800
Subject: [PATCH] add-kube-profile-to-scheduler (#9993)

---
 docs/hardening.md                                               | 2 --
 .../control-plane/templates/kubeadm-config.v1beta3.yaml.j2      | 1 +
 tests/files/packet_ubuntu20-calico-aio-hardening.yml            | 2 --
 3 files changed, 1 insertion(+), 4 deletions(-)

diff --git a/docs/hardening.md b/docs/hardening.md
index 5aa8fcfb0..521e7d8c0 100644
--- a/docs/hardening.md
+++ b/docs/hardening.md
@@ -76,8 +76,6 @@ kube_controller_feature_gates: ["RotateKubeletServerCertificate=true"]
 
 ## kube-scheduler
 kube_scheduler_bind_address: 127.0.0.1
-kube_kubeadm_scheduler_extra_args:
-  profiling: false
 # AppArmor-based OS
 # kube_scheduler_feature_gates: ["AppArmor=true"]
 
diff --git a/roles/kubernetes/control-plane/templates/kubeadm-config.v1beta3.yaml.j2 b/roles/kubernetes/control-plane/templates/kubeadm-config.v1beta3.yaml.j2
index 3a84ad694..e2d41fbe0 100644
--- a/roles/kubernetes/control-plane/templates/kubeadm-config.v1beta3.yaml.j2
+++ b/roles/kubernetes/control-plane/templates/kubeadm-config.v1beta3.yaml.j2
@@ -351,6 +351,7 @@ scheduler:
 {% if kube_scheduler_feature_gates or kube_feature_gates %}
     feature-gates: "{{ kube_scheduler_feature_gates | default(kube_feature_gates, true) | join(',') }}"
 {% endif %}
+    profiling: "{{ kube_profiling }}"
 {% if kube_kubeadm_scheduler_extra_args|length > 0 %}
 {% for key in kube_kubeadm_scheduler_extra_args %}
     {{ key }}: "{{ kube_kubeadm_scheduler_extra_args[key] }}"
diff --git a/tests/files/packet_ubuntu20-calico-aio-hardening.yml b/tests/files/packet_ubuntu20-calico-aio-hardening.yml
index 76340d873..940c1fd8d 100644
--- a/tests/files/packet_ubuntu20-calico-aio-hardening.yml
+++ b/tests/files/packet_ubuntu20-calico-aio-hardening.yml
@@ -70,8 +70,6 @@ kube_controller_feature_gates: ["RotateKubeletServerCertificate=true", "AppArmor
 
 ## kube-scheduler
 kube_scheduler_bind_address: 127.0.0.1
-kube_kubeadm_scheduler_extra_args:
-  profiling: false
 # AppArmor-based OS
 kube_scheduler_feature_gates: ["AppArmor=true"]
 
-- 
GitLab