diff --git a/contrib/network-storage/heketi/roles/provision/templates/glusterfs-daemonset.json.j2 b/contrib/network-storage/heketi/roles/provision/templates/glusterfs-daemonset.json.j2
index eddd57eb8176d2d32406aab45d8dc71c0bd6dc5d..74c031ffedde46da3e8aeb6c03c7c867c684dcc6 100644
--- a/contrib/network-storage/heketi/roles/provision/templates/glusterfs-daemonset.json.j2
+++ b/contrib/network-storage/heketi/roles/provision/templates/glusterfs-daemonset.json.j2
@@ -69,7 +69,7 @@
},
"readinessProbe": {
"timeoutSeconds": 3,
- "initialDelaySeconds": 60,
+ "initialDelaySeconds": 3,
"exec": {
"command": [
"/bin/bash",
@@ -80,7 +80,7 @@
},
"livenessProbe": {
"timeoutSeconds": 3,
- "initialDelaySeconds": 60,
+ "initialDelaySeconds": 10,
"exec": {
"command": [
"/bin/bash",
diff --git a/contrib/network-storage/heketi/roles/provision/templates/heketi-bootstrap.json.j2 b/contrib/network-storage/heketi/roles/provision/templates/heketi-bootstrap.json.j2
index bdcf3e9588f38fc816b7de49fc26f1f7da61fa86..43048c6b679cad83abef3ab5fc14429c805dcd34 100644
--- a/contrib/network-storage/heketi/roles/provision/templates/heketi-bootstrap.json.j2
+++ b/contrib/network-storage/heketi/roles/provision/templates/heketi-bootstrap.json.j2
@@ -106,7 +106,7 @@
},
"livenessProbe": {
"timeoutSeconds": 3,
- "initialDelaySeconds": 30,
+ "initialDelaySeconds": 10,
"httpGet": {
"path": "/hello",
"port": 8080
diff --git a/contrib/network-storage/heketi/roles/provision/templates/heketi-deployment.json.j2 b/contrib/network-storage/heketi/roles/provision/templates/heketi-deployment.json.j2
index 5eb71718cc9b5ac4b1e32eec005f6890b6c871e7..247f1fd9dcffda51383d13977b00553097f1c06f 100644
--- a/contrib/network-storage/heketi/roles/provision/templates/heketi-deployment.json.j2
+++ b/contrib/network-storage/heketi/roles/provision/templates/heketi-deployment.json.j2
@@ -122,7 +122,7 @@
},
"livenessProbe": {
"timeoutSeconds": 3,
- "initialDelaySeconds": 30,
+ "initialDelaySeconds": 10,
"httpGet": {
"path": "/hello",
"port": 8080
diff --git a/roles/kubernetes-apps/ansible/templates/coredns-deployment.yml.j2 b/roles/kubernetes-apps/ansible/templates/coredns-deployment.yml.j2
index fd7bfc9fa90802c572a31afe170f38249c956fbe..c20e6cf16b5d94e4f46a83477a861fe06dd239a4 100644
--- a/roles/kubernetes-apps/ansible/templates/coredns-deployment.yml.j2
+++ b/roles/kubernetes-apps/ansible/templates/coredns-deployment.yml.j2
@@ -91,19 +91,17 @@ spec:
path: /health
port: 8080
scheme: HTTP
- initialDelaySeconds: 60
timeoutSeconds: 5
successThreshold: 1
- failureThreshold: 5
+ failureThreshold: 10
readinessProbe:
httpGet:
path: /health
port: 8080
scheme: HTTP
- initialDelaySeconds: 60
timeoutSeconds: 5
successThreshold: 1
- failureThreshold: 5
+ failureThreshold: 10
dnsPolicy: Default
volumes:
- name: config-volume
diff --git a/roles/kubernetes-apps/ansible/templates/dashboard.yml.j2 b/roles/kubernetes-apps/ansible/templates/dashboard.yml.j2
index f079bf1224e34a0a0f19847f2a934988a6ffd135..c14d65af142fb7ccc29efb808ab82e51808cf6f0 100644
--- a/roles/kubernetes-apps/ansible/templates/dashboard.yml.j2
+++ b/roles/kubernetes-apps/ansible/templates/dashboard.yml.j2
@@ -184,8 +184,6 @@ spec:
scheme: HTTPS
path: /
port: 8443
- initialDelaySeconds: 30
- timeoutSeconds: 30
volumes:
- name: kubernetes-dashboard-certs
secret:
diff --git a/roles/kubernetes-apps/ansible/templates/nodelocaldns-daemonset.yml.j2 b/roles/kubernetes-apps/ansible/templates/nodelocaldns-daemonset.yml.j2
index 204a2838b00c951548452ab919aaeda6bd27890a..96e404edcf2519fe3ae4ee5b4ff3cc64aecf0af1 100644
--- a/roles/kubernetes-apps/ansible/templates/nodelocaldns-daemonset.yml.j2
+++ b/roles/kubernetes-apps/ansible/templates/nodelocaldns-daemonset.yml.j2
@@ -60,10 +60,18 @@ spec:
path: /health
port: 8080
scheme: HTTP
- initialDelaySeconds: 60
timeoutSeconds: 5
successThreshold: 1
- failureThreshold: 3
+ failureThreshold: 10
+ readinessProbe:
+ httpGet:
+ host: {{ nodelocaldns_ip }}
+ path: /health
+ port: 8080
+ scheme: HTTP
+ timeoutSeconds: 5
+ successThreshold: 1
+ failureThreshold: 10
volumeMounts:
- name: config-volume
mountPath: /etc/coredns
diff --git a/roles/kubernetes-apps/ingress_controller/ingress_nginx/templates/ds-ingress-nginx-controller.yml.j2 b/roles/kubernetes-apps/ingress_controller/ingress_nginx/templates/ds-ingress-nginx-controller.yml.j2
index 792a3f55c96ff91de8d01422308435c912617f3d..06a9a9018bf01081f3f35a4d5229186ec47038d3 100644
--- a/roles/kubernetes-apps/ingress_controller/ingress_nginx/templates/ds-ingress-nginx-controller.yml.j2
+++ b/roles/kubernetes-apps/ingress_controller/ingress_nginx/templates/ds-ingress-nginx-controller.yml.j2
@@ -76,16 +76,16 @@ spec:
path: /healthz
port: 10254
scheme: HTTP
- initialDelaySeconds: 10
- periodSeconds: 10
+ initialDelaySeconds: 5
+ timeoutSeconds: 5
successThreshold: 1
- timeoutSeconds: 1
+ failureThreshold: 10
readinessProbe:
failureThreshold: 3
httpGet:
path: /healthz
port: 10254
scheme: HTTP
- periodSeconds: 10
+ timeoutSeconds: 5
successThreshold: 1
- timeoutSeconds: 1
+ failureThreshold: 10
diff --git a/roles/kubernetes-apps/metrics_server/templates/metrics-server-deployment.yaml.j2 b/roles/kubernetes-apps/metrics_server/templates/metrics-server-deployment.yaml.j2
index aa54bd373b9b1b484c783b9e3212cb58e789d76a..69bb0f7ab1e9008e675979abe4a20247951119d9 100644
--- a/roles/kubernetes-apps/metrics_server/templates/metrics-server-deployment.yaml.j2
+++ b/roles/kubernetes-apps/metrics_server/templates/metrics-server-deployment.yaml.j2
@@ -44,24 +44,22 @@ spec:
name: https
protocol: TCP
livenessProbe:
- failureThreshold: 3
httpGet:
path: /healthz
port: https
scheme: HTTPS
- initialDelaySeconds: 30
- periodSeconds: 30
successThreshold: 1
+ initialDelaySeconds: 20
+ failureThreshold: 3
timeoutSeconds: 10
readinessProbe:
- failureThreshold: 3
httpGet:
path: /healthz
port: 443
scheme: HTTPS
- initialDelaySeconds: 30
- periodSeconds: 30
successThreshold: 1
+ initialDelaySeconds: 20
+ failureThreshold: 3
timeoutSeconds: 10
securityContext:
# Currently non root is not supported:
diff --git a/roles/network_plugin/calico/templates/calico-node.yml.j2 b/roles/network_plugin/calico/templates/calico-node.yml.j2
index f851d393099f196722dbbdba1353bbcbd8586394..d8ea78a4486b17076718428d309a2188ccc6821b 100644
--- a/roles/network_plugin/calico/templates/calico-node.yml.j2
+++ b/roles/network_plugin/calico/templates/calico-node.yml.j2
@@ -218,10 +218,10 @@ spec:
host: 127.0.0.1
path: /liveness
port: 9099
- periodSeconds: 10
- initialDelaySeconds: 10
+ initialDelaySeconds: 5
failureThreshold: 6
readinessProbe:
+ failureThreshold: 6
{% if calico_version is version('v3.3.0', '<') %}
httpGet:
host: 127.0.0.1
@@ -234,7 +234,6 @@ spec:
- -bird-ready
- -felix-ready
{% endif %}
- periodSeconds: 10
volumeMounts:
- mountPath: /lib/modules
name: lib-modules
diff --git a/roles/network_plugin/canal/templates/canal-node.yaml.j2 b/roles/network_plugin/canal/templates/canal-node.yaml.j2
index 7d9da1cf22d684e168ce26926aa4708b25c64fac..7b3cba83ea217610799f031e68ab0bbba2fc7ae4 100644
--- a/roles/network_plugin/canal/templates/canal-node.yaml.j2
+++ b/roles/network_plugin/canal/templates/canal-node.yaml.j2
@@ -253,7 +253,7 @@ spec:
path: /liveness
port: 9099
periodSeconds: 10
- initialDelaySeconds: 10
+ initialDelaySeconds: 5
failureThreshold: 6
readinessProbe:
{% if calico_version is version('v3.3.0', '<')%}
diff --git a/roles/network_plugin/cilium/templates/cilium-ds.yml.j2 b/roles/network_plugin/cilium/templates/cilium-ds.yml.j2
index 21b1677247a878681462619ec1bf3d974704aa1a..073da965dbf750614934a68937be59be822b35e4 100755
--- a/roles/network_plugin/cilium/templates/cilium-ds.yml.j2
+++ b/roles/network_plugin/cilium/templates/cilium-ds.yml.j2
@@ -132,10 +132,7 @@ spec:
command:
- cilium
- status
- # The initial delay for the liveness probe is intentionally large to
- # avoid an endless kill & restart cycle if in the event that the initial
- # bootstrapping takes longer than expected.
- initialDelaySeconds: 120
+ initialDelaySeconds: 15
failureThreshold: 10
periodSeconds: 10
readinessProbe:
diff --git a/roles/network_plugin/kube-router/templates/kube-router.yml.j2 b/roles/network_plugin/kube-router/templates/kube-router.yml.j2
index 2e50fd17144fcb9df8ecd0a2e1dc74f5d7bdad1a..52fd47ae17d3dbe48788fc71f770083546778639 100644
--- a/roles/network_plugin/kube-router/templates/kube-router.yml.j2
+++ b/roles/network_plugin/kube-router/templates/kube-router.yml.j2
@@ -104,7 +104,7 @@ spec:
httpGet:
path: /healthz
port: 20244
- initialDelaySeconds: 10
+ initialDelaySeconds: 5
periodSeconds: 3
resources:
requests:
diff --git a/tests/files/gce_centos7-flannel-addons.yml b/tests/files/gce_centos7-flannel-addons.yml
index d430d8436de5561969f3d9f668e5fc945e6f10a9..cf9fc5d7a740a6e74e3b636b0494e96c7a1fb775 100644
--- a/tests/files/gce_centos7-flannel-addons.yml
+++ b/tests/files/gce_centos7-flannel-addons.yml
@@ -22,6 +22,7 @@ kube_encrypt_secret_data: true
cert_manager_enabled: true
# Disabled temporarily
metrics_server_enabled: false
+metrics_server_kubelet_insecure_tls: true
kube_token_auth: true
kube_basic_auth: true
enable_nodelocaldns: false
diff --git a/tests/files/packet_centos7-flannel-addons.yml b/tests/files/packet_centos7-flannel-addons.yml
index 451f414e8ea1995c6f02920dbf8a90989499427d..2979e6b141b1ed187ad6e8b65dd5d86c286eeada 100644
--- a/tests/files/packet_centos7-flannel-addons.yml
+++ b/tests/files/packet_centos7-flannel-addons.yml
@@ -19,8 +19,7 @@ ingress_nginx_enabled: true
cert_manager_enabled: true
# Disabled temporarily
metrics_server_enabled: false
+metrics_server_kubelet_insecure_tls: true
kube_token_auth: true
kube_basic_auth: true
enable_nodelocaldns: false
-
-vm_memory: 6144Mi