# Default values for descheduler. # This is a YAML-formatted file. # Declare variables to be passed into your templates. # CronJob or Deployment kind: CronJob image: repository: registry.k8s.io/descheduler/descheduler # Overrides the image tag whose default is the chart version tag: "" pullPolicy: IfNotPresent imagePullSecrets: # - name: container-registry-secret resources: requests: cpu: 500m memory: 256Mi limits: cpu: 500m memory: 256Mi ports: - containerPort: 10258 protocol: TCP securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL privileged: false readOnlyRootFilesystem: true runAsNonRoot: true runAsUser: 1000 # podSecurityContext -- [Security context for pod](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/) podSecurityContext: {} # fsGroup: 1000 nameOverride: "" fullnameOverride: "" # -- Override the deployment namespace; defaults to .Release.Namespace namespaceOverride: "" # labels that'll be applied to all resources commonLabels: {} cronJobApiVersion: "batch/v1" schedule: "*/2 * * * *" suspend: false # startingDeadlineSeconds: 200 # successfulJobsHistoryLimit: 3 # failedJobsHistoryLimit: 1 # ttlSecondsAfterFinished 600 # timeZone: Etc/UTC # Required when running as a Deployment deschedulingInterval: 5m # Specifies the replica count for Deployment # Set leaderElection if you want to use more than 1 replica # Set affinity.podAntiAffinity rule if you want to schedule onto a node # only if that node is in the same zone as at least one already-running descheduler replicas: 1 # Specifies whether Leader Election resources should be created # Required when running as a Deployment # NOTE: Leader election can't be activated if DryRun enabled leaderElection: {} # enabled: true # leaseDuration: 15s # renewDeadline: 10s # retryPeriod: 2s # resourceLock: "leases" # resourceName: "descheduler" # resourceNamespace: "kube-system" command: - "/bin/descheduler" cmdOptions: v: 3 # Recommended to use the latest Policy API version supported by the Descheduler app version deschedulerPolicyAPIVersion: "descheduler/v1alpha2" # deschedulerPolicy contains the policies the descheduler will execute. # To use policies stored in an existing configMap use: # NOTE: The name of the cm should comply to {{ template "descheduler.fullname" . }} # deschedulerPolicy: {} deschedulerPolicy: # nodeSelector: "key1=value1,key2=value2" # maxNoOfPodsToEvictPerNode: 10 # maxNoOfPodsToEvictPerNamespace: 10 # metricsCollector: # enabled: true # ignorePvcPods: true # evictLocalStoragePods: true # evictDaemonSetPods: true # tracing: # collectorEndpoint: otel-collector.observability.svc.cluster.local:4317 # transportCert: "" # serviceName: "" # serviceNamespace: "" # sampleRate: 1.0 # fallbackToNoOpProviderOnError: true profiles: - name: default pluginConfig: - name: DefaultEvictor args: ignorePvcPods: true evictLocalStoragePods: true - name: RemoveDuplicates - name: RemovePodsHavingTooManyRestarts args: podRestartThreshold: 100 includingInitContainers: true - name: RemovePodsViolatingNodeAffinity args: nodeAffinityType: - requiredDuringSchedulingIgnoredDuringExecution - name: RemovePodsViolatingNodeTaints - name: RemovePodsViolatingInterPodAntiAffinity - name: RemovePodsViolatingTopologySpreadConstraint - name: LowNodeUtilization args: thresholds: cpu: 20 memory: 20 pods: 20 targetThresholds: cpu: 65 memory: 65 pods: 50 plugins: balance: enabled: - RemoveDuplicates - RemovePodsViolatingTopologySpreadConstraint - LowNodeUtilization deschedule: enabled: - RemovePodsHavingTooManyRestarts - RemovePodsViolatingNodeTaints - RemovePodsViolatingNodeAffinity - RemovePodsViolatingInterPodAntiAffinity priorityClassName: system-cluster-critical nodeSelector: {} # foo: bar affinity: {} # nodeAffinity: # requiredDuringSchedulingIgnoredDuringExecution: # nodeSelectorTerms: # - matchExpressions: # - key: kubernetes.io/e2e-az-name # operator: In # values: # - e2e-az1 # - e2e-az2 # podAntiAffinity: # requiredDuringSchedulingIgnoredDuringExecution: # - labelSelector: # matchExpressions: # - key: app.kubernetes.io/name # operator: In # values: # - descheduler # topologyKey: "kubernetes.io/hostname" topologySpreadConstraints: [] # - maxSkew: 1 # topologyKey: kubernetes.io/hostname # whenUnsatisfiable: DoNotSchedule # labelSelector: # matchLabels: # app.kubernetes.io/name: descheduler tolerations: [] # - key: 'management' # operator: 'Equal' # value: 'tool' # effect: 'NoSchedule' rbac: # Specifies whether RBAC resources should be created create: true serviceAccount: # Specifies whether a ServiceAccount should be created create: true # The name of the ServiceAccount to use. # If not set and create is true, a name is generated using the fullname template name: # Specifies custom annotations for the serviceAccount annotations: {} podAnnotations: {} podLabels: {} dnsConfig: {} livenessProbe: failureThreshold: 3 httpGet: path: /healthz port: 10258 scheme: HTTPS initialDelaySeconds: 3 periodSeconds: 10 service: enabled: false # @param service.ipFamilyPolicy [string], support SingleStack, PreferDualStack and RequireDualStack # ipFamilyPolicy: "" # @param service.ipFamilies [array] List of IP families (e.g. IPv4, IPv6) assigned to the service. # Ref: https://kubernetes.io/docs/concepts/services-networking/dual-stack/ # E.g. # ipFamilies: # - IPv6 # - IPv4 ipFamilies: [] serviceMonitor: enabled: false # The namespace where Prometheus expects to find service monitors. # namespace: "" # Add custom labels to the ServiceMonitor resource additionalLabels: {} # prometheus: kube-prometheus-stack interval: "" # honorLabels: true insecureSkipVerify: true serverName: null metricRelabelings: [] # - action: keep # regex: 'descheduler_(build_info|pods_evicted)' # sourceLabels: [__name__] relabelings: [] # - sourceLabels: [__meta_kubernetes_pod_node_name] # separator: ; # regex: ^(.*)$ # targetLabel: nodename # replacement: $1 # action: replace