Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 6 additions & 0 deletions addons/networking/cilium/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,12 @@
# AWS ENI mode
eni:
enabled: true
# Prefix delegation: allocate /28 prefixes per ENI instead of single secondary
# IPs, raising the per-node pod cap ~4x (m7g.large ~35 -> ~110). Without it a
# freshly vended spoke syncing the full catalog exhausts node IPs before
# Karpenter can scale out — pods stick in ContainerCreating with
# "cilium-cni: no IPs available", and Karpenter itself can lose DNS. (#82)
awsEnablePrefixDelegation: true
ipam:
mode: eni
egressMasqueradeInterfaces: eth0
Expand Down
10 changes: 8 additions & 2 deletions addons/operations/karpenter-resources/base/nodepool.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,10 @@ spec:
values: ["spot", "on-demand"]
- key: kubernetes.io/arch
operator: In
values: ["amd64"]
# Graviton/arm64 is the org default — the bootstrap nodes are m7g and
# the agent/sandbox images are arm64, so an amd64 node provisioned
# here would exec-format-crash the arm64 pods scheduled onto it.
values: ["arm64"]
- key: karpenter.k8s.aws/instance-category
operator: In
values: ["m", "c", "r"]
Expand Down Expand Up @@ -66,7 +69,10 @@ spec:
values: ["spot", "on-demand"]
- key: kubernetes.io/arch
operator: In
values: ["amd64"]
# Graviton/arm64 is the org default — the bootstrap nodes are m7g and
# the agent/sandbox images are arm64, so an amd64 node provisioned
# here would exec-format-crash the arm64 pods scheduled onto it.
values: ["arm64"]
- key: karpenter.k8s.aws/instance-category
operator: In
values: ["c", "m"]
Expand Down
6 changes: 6 additions & 0 deletions addons/operations/karpenter/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,12 @@

replicas: 2

# Karpenter is the only thing that can relieve a saturated cluster, so it must
# never be the pod that gets evicted or stranded. system-cluster-critical lets
# the scheduler preempt lower-priority pods to keep it running on a contended
# bootstrap node. (#82)
priorityClassName: system-cluster-critical

resources:
requests:
cpu: 100m
Expand Down