diff --git a/inventory/sample/group_vars/etcd.yml b/inventory/sample/group_vars/etcd.yml index cc09942fc84d3e3115fb20d3f2d59e7f3e80d0ec..f07c7209cd16c39191d4de023b6b71517a97036d 100644 --- a/inventory/sample/group_vars/etcd.yml +++ b/inventory/sample/group_vars/etcd.yml @@ -7,13 +7,20 @@ ## Etcd is restricted by default to 512M on systems under 4GB RAM, 512MB is not enough for much more than testing. ## Set this if your etcd nodes have less than 4GB but you want more RAM for etcd. Set to 0 for unrestricted RAM. +## This value is only relevant when deploying etcd with `etcd_deployment_type: docker` # etcd_memory_limit: "512M" ## Etcd has a default of 2G for its space quota. If you put a value in etcd_memory_limit which is less than ## etcd_quota_backend_bytes, you may encounter out of memory terminations of the etcd cluster. Please check ## etcd documentation for more information. +# 8G is a suggested maximum size for normal environments and etcd warns at startup if the configured value exceeds it. # etcd_quota_backend_bytes: "2147483648" +# Maximum client request size in bytes the server will accept. +# etcd is designed to handle small key value pairs typical for metadata. +# Larger requests will work, but may increase the latency of other requests +# etcd_max_request_bytes: "1572864" + ### ETCD: disable peer client cert authentication. # This affects ETCD_PEER_CLIENT_CERT_AUTH variable # etcd_peer_client_auth: true diff --git a/roles/etcd/defaults/main.yml b/roles/etcd/defaults/main.yml index 2edb874b4286ee20d7f8b60cea1b056d77285cb4..32971bc71598c088e478000aff60b3dea8e8f472 100644 --- a/roles/etcd/defaults/main.yml +++ b/roles/etcd/defaults/main.yml @@ -46,10 +46,18 @@ etcd_extra_vars: {} # Limits # Limit memory only if <4GB memory on host. 0=unlimited +# This value is only relevant when deploying etcd with `etcd_deployment_type: docker` etcd_memory_limit: "{% if ansible_memtotal_mb < 4096 %}512M{% else %}0{% endif %}" +# The default storage size limit is 2G. +# 8G is a suggested maximum size for normal environments and etcd warns at startup if the configured value exceeds it. # etcd_quota_backend_bytes: "2147483648" +# Maximum client request size in bytes the server will accept. +# etcd is designed to handle small key value pairs typical for metadata. +# Larger requests will work, but may increase the latency of other requests +# etcd_max_request_bytes: "1572864" + # Uncomment to set CPU share for etcd # etcd_cpu_limit: 300m diff --git a/roles/etcd/templates/etcd-events.env.j2 b/roles/etcd/templates/etcd-events.env.j2 index 4be85c7b69b2af7a75b5d1b57b3acdf3e740992a..bcb0cc7487617bfb3fe037062f0f4ddffe5d21ba 100644 --- a/roles/etcd/templates/etcd-events.env.j2 +++ b/roles/etcd/templates/etcd-events.env.j2 @@ -19,6 +19,9 @@ ETCD_SNAPSHOT_COUNT={{ etcd_snapshot_count }} {% if etcd_quota_backend_bytes is defined %} ETCD_QUOTA_BACKEND_BYTES={{ etcd_quota_backend_bytes }} {% endif %} +{% if etcd_max_request_bytes is defined %} +ETCD_MAX_REQUEST_BYTES={{ etcd_max_request_bytes }} +{% endif %} # TLS settings ETCD_TRUSTED_CA_FILE={{ etcd_cert_dir }}/ca.pem diff --git a/roles/etcd/templates/etcd.env.j2 b/roles/etcd/templates/etcd.env.j2 index 145fd62882eae72bb5045c37180861302c00ce49..8b1b699fc133a6ed8a352353448f7ce5c647eb15 100644 --- a/roles/etcd/templates/etcd.env.j2 +++ b/roles/etcd/templates/etcd.env.j2 @@ -23,6 +23,9 @@ ETCD_SNAPSHOT_COUNT={{ etcd_snapshot_count }} {% if etcd_quota_backend_bytes is defined %} ETCD_QUOTA_BACKEND_BYTES={{ etcd_quota_backend_bytes }} {% endif %} +{% if etcd_max_request_bytes is defined %} +ETCD_MAX_REQUEST_BYTES={{ etcd_max_request_bytes }} +{% endif %} {% if etcd_log_package_levels is defined %} ETCD_LOG_PACKAGE_LEVELS={{ etcd_log_package_levels }} {% endif %} diff --git a/roles/kubernetes/control-plane/defaults/main/etcd.yml b/roles/kubernetes/control-plane/defaults/main/etcd.yml index 13983afefcf78c7cba237bce683459e6fee83e14..60e934bc2dda347b251626031503a2b49fa6dae0 100644 --- a/roles/kubernetes/control-plane/defaults/main/etcd.yml +++ b/roles/kubernetes/control-plane/defaults/main/etcd.yml @@ -23,5 +23,6 @@ etcd_metrics: "basic" etcd_extra_vars: {} # etcd_quota_backend_bytes: "2147483648" +# etcd_max_request_bytes: "1572864" etcd_compaction_retention: "8" diff --git a/roles/kubernetes/control-plane/templates/kubeadm-config.v1beta2.yaml.j2 b/roles/kubernetes/control-plane/templates/kubeadm-config.v1beta2.yaml.j2 index 9b2e473981d3881bc46fa96d4e89e07300e60585..ba1c5be394ac48a28e0fd763fa40927bddf9932f 100644 --- a/roles/kubernetes/control-plane/templates/kubeadm-config.v1beta2.yaml.j2 +++ b/roles/kubernetes/control-plane/templates/kubeadm-config.v1beta2.yaml.j2 @@ -58,6 +58,9 @@ etcd: {% if etcd_quota_backend_bytes is defined %} quota-backend-bytes: "{{ etcd_quota_backend_bytes }}" {% endif %} +{% if etcd_max_request_bytes is defined %} + max-request-bytes: "{{ etcd_max_request_bytes }}" +{% endif %} {% if etcd_log_package_levels is defined %} log-package-levels: "{{ etcd_log_package_levels }}" {% endif %} @@ -450,4 +453,3 @@ featureGates: {{ feature|replace("=", ": ") }} {% endfor %} {% endif %} -