1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
|
##
## Copyright (c) 2020 Intel Corporation.
##
## Licensed under the Apache License, Version 2.0 (the "License");
## you may not use this file except in compliance with the License.
## You may obtain a copy of the License at
##
## http://www.apache.org/licenses/LICENSE-2.0
##
## Unless required by applicable law or agreed to in writing, software
## distributed under the License is distributed on an "AS IS" BASIS,
## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
## See the License for the specific language governing permissions and
## limitations under the License.
##
---
## BMRA primary playbook variables ##
# Kubernetes version
kubernetes: true
kube_version: v1.18.8
#kube_version: v1.17.11
#kube_version: v1.16.14
# Run system-wide package update (apt dist-upgrade, yum update, ...)
# Note: enabling this may lead to unexpected results
# Tip: you can set this per host using host_vars
update_all_packages: false
# Node Feature Discovery
nfd_enabled: {{ bmra.features.nfd }}
nfd_build_image_locally: false
nfd_namespace: kube-system
nfd_sleep_interval: 60s
# Intel CPU Manager for Kubernetes
cmk_enabled: {{ bmra.features.cmk.enable }}
cmk_namespace: kube-system
cmk_use_all_hosts: false # 'true' will deploy CMK on the controller nodes too
#cmk_hosts_list: node1,node2 # allows to control where CMK nodes will run, leave this option commented out to deploy on all K8s nodes
cmk_shared_num_cores: {{ bmra.features.cmk.num_shared_cores }} # number of CPU cores to be assigned to the "shared" pool on each of the nodes
cmk_exclusive_num_cores: {{ bmra.features.cmk.num_exclusive_cores }} # number of CPU cores to be assigned to the "exclusive" pool on each of the nodes
# cmk_shared_mode: packed # choose between: packed, spread, default: packed
# cmk_exclusive_mode: packed # choose between: packed, spread, default: packed
# Native CPU Manager (Kubernetes built-in)
# Note: Enabling CMK and built-in CPU Manager is not recommended.
# Setting this option as "true" enables the "static" policy, otherwise the default "none" policy is used.
native_cpu_manager_enabled: false
# Amount of CPU cores that will be reserved for the housekeeping (2000m = 2000 millicores = 2 cores)
native_cpu_manager_system_reserved_cpus: 2000m
# Amount of CPU cores that will be reserved for Kubelet
native_cpu_manager_kube_reserved_cpus: 1000m
# Explicit list of the CPUs reserved from pods scheduling.
# Note: Supported only with kube_version 1.17 and newer, overrides native_cpu_manager_system_reserved_cpus and native_cpu_manager_kube_reserved_cpus.
#native_cpu_manager_reserved_cpus: "0,1,2"
# Note: All reamining unreserved CPU cores will be consumed by the workloads.
# Enable Kubernetes built-in Topology Manager
topology_manager_enabled: {{ bmra.features.topology_manager.enable }}
# There are four supported policies: none, best-effort, restricted, single-numa-node.
topology_manager_policy: "{{ bmra.features.topology_manager.policy }}"
# Intel SRIOV Network Device Plugin
sriov_net_dp_enabled: {{ bmra.features.sriov_net_dp }}
sriov_net_dp_namespace: kube-system
# whether to build and store image locally or use one from public external registry
sriov_net_dp_build_image_locally: true
# SR-IOV network device plugin configuration.
# For more information on supported configuration refer to: https://github.com/intel/sriov-network-device-plugin#configurations
sriovdp_config_data: |
{
"resourceList": [{
"resourceName": "intel_sriov_netdevice",
"selectors": {
"vendors": ["8086"],
"devices": ["154c", "10ed", "1889"],
"drivers": ["iavf", "ixgbevf"]
}
},
{
"resourceName": "intel_sriov_dpdk_700_series",
"selectors": {
"vendors": ["8086"],
"devices": ["154c", "10ed"],
"drivers": ["vfio-pci"]
}
},
{
"resourceName": "intel_sriov_dpdk_800_series",
"selectors": {
"vendors": ["8086"],
"devices": ["1889"],
"drivers": ["vfio-pci"]
}
}
]
}
# Intel QAT Device Plugin for Kubernetes
qat_dp_enabled: false
qat_dp_namespace: kube-system
# Intel GPU Device Plugin for Kubernetes
gpu_dp_enabled: false
gpu_dp_namespace: kube-system
# Intel Telemetry Aware Scheduling
tas_enabled: {{ bmra.features.tas.enable }}
tas_namespace: monitoring
# create and enable TAS demonstration policy: [true, false]
tas_enable_demo_policy: {{ bmra.features.tas.demo_policy }}
# Create reference net-attach-def objects
example_net_attach_defs:
userspace_ovs_dpdk: false # Update to match host_vars CNI configuration
userspace_vpp: false # Update to match host_vars CNI configuration
sriov_net_dp: {{ bmra.features.sriov_net_dp }} # Update to match host_vars CNI configuration
## Proxy configuration ##
#http_proxy: "http://proxy.example.com:1080"
#https_proxy: "http://proxy.example.com:1080"
#additional_no_proxy: ".example.com"
# (Ubuntu only) disables DNS stub listener which may cause issues on Ubuntu
dns_disable_stub_listener: false
# Kubernetes cluster name, also will be used as DNS domain
cluster_name: cluster.local
## Kubespray variables ##
# default network plugins and kube-proxy configuration
kube_network_plugin_multus: true
multus_version: v3.4.2
kube_network_plugin: flannel
kube_pods_subnet: 10.244.0.0/16
kube_service_addresses: 10.233.0.0/18
kube_proxy_mode: iptables
# please leave it set to "true", otherwise Intel BMRA features deployed as Helm charts won't be installed
helm_enabled: true
# Docker registry running on the cluster allows us to store images not avaialble on Docker Hub, e.g. CMK
registry_local_address: "localhost:30500"
# Enable Pod Security Policy. This option enables PSP admission controller and creates minimal set of rules.
psp_enabled: {{ bmra.features.psp }}
# Set image pull policy to Always. Pulls images prior to starting containers. Valid credentials must be configured.
always_pull_enabled: true
# Telemetry configuration
collectd_scrap_interval: 30
|
