Bump production cluster's default max pods per node to 200
The first commit allows configuration parametrization of the max pods per node for each cluster.
The second commit lifts it to increase some cluster configurations:
- production: 110 to 200 pods per node [1]
- staging: 100 to 120 pods per node [2] (it matches the test-staging-rke2 [3])
Cluster admin is not changed but the parametrization is possible too.
[1] archive-production-rke2 change to 200 pods per node
terraform plan -target=rancher2_cluster_v2.archive-production-rke2
rancher2_cluster_v2.archive-production-rke2: Refreshing state... [id=fleet-default/archive-production-rke2]
Note: Objects have changed outside of Terraform
Terraform detected the following changes made outside of Terraform since the last "terraform apply" which
may have affected this plan:
# rancher2_cluster_v2.archive-production-rke2 has changed
~ resource "rancher2_cluster_v2" "archive-production-rke2" {
id = "fleet-default/archive-production-rke2"
~ kube_config = (sensitive value)
name = "archive-production-rke2"
# (8 unchanged attributes hidden)
# (1 unchanged block hidden)
}
Unless you have made equivalent changes to your configuration, or ignored the relevant attributes using
ignore_changes, the following plan may include actions to undo or respond to these changes.
─────────────────────────────────────────────────────────────────────────────────────────────────────────
Terraform used the selected providers to generate the following execution plan. Resource actions are
indicated with the following symbols:
~ update in-place
Terraform will perform the following actions:
# rancher2_cluster_v2.archive-production-rke2 will be updated in-place
~ resource "rancher2_cluster_v2" "archive-production-rke2" {
id = "fleet-default/archive-production-rke2"
name = "archive-production-rke2"
# (9 unchanged attributes hidden)
~ rke_config {
~ machine_global_config = <<-EOT
cni: calico
disable:
- rke2-ingress-nginx
kubelet-arg:
- --image-gc-high-threshold=70
- --image-gc-low-threshold=50
- --runtime-request-timeout=60m
- --allowed-unsafe-sysctls=net.ipv4.tcp_dsack
+ - --max-pods=200
EOT
# (1 unchanged attribute hidden)
# (1 unchanged block hidden)
}
}
Plan: 0 to add, 1 to change, 0 to destroy.
Changes to Outputs:
~ rancher2_cluster_archive_production_rke2_summary = (sensitive value)
╷
│ Warning: Resource targeting is in effect
│
│ You are creating a plan with the -target option, which means that the result of this plan may not
│ represent all of the changes requested by the current configuration.
│
│ The -target option is not for routine use, and is provided only for exceptional situations such as
│ recovering from errors or mistakes, or when Terraform specifically suggests to use it as part of an
│ error message.
╵
─────────────────────────────────────────────────────────────────────────────────────────────────────────
Note: You didn't use the -out option to save this plan, so Terraform can't guarantee to take exactly
these actions if you run "terraform apply" now.
[2] archive-staging-rke2 bump to 120
terraform plan -target=rancher2_cluster_v2.archive-staging-rke2
rancher2_cluster_v2.archive-staging-rke2: Refreshing state... [id=fleet-default/archive-staging-rke2]
Note: Objects have changed outside of Terraform
Terraform detected the following changes made outside of Terraform since the last "terraform apply" which
may have affected this plan:
# rancher2_cluster_v2.archive-staging-rke2 has changed
~ resource "rancher2_cluster_v2" "archive-staging-rke2" {
id = "fleet-default/archive-staging-rke2"
~ kube_config = (sensitive value)
name = "archive-staging-rke2"
# (8 unchanged attributes hidden)
# (1 unchanged block hidden)
}
Unless you have made equivalent changes to your configuration, or ignored the relevant attributes using
ignore_changes, the following plan may include actions to undo or respond to these changes.
─────────────────────────────────────────────────────────────────────────────────────────────────────────
Terraform used the selected providers to generate the following execution plan. Resource actions are
indicated with the following symbols:
~ update in-place
Terraform will perform the following actions:
# rancher2_cluster_v2.archive-staging-rke2 will be updated in-place
~ resource "rancher2_cluster_v2" "archive-staging-rke2" {
id = "fleet-default/archive-staging-rke2"
name = "archive-staging-rke2"
# (9 unchanged attributes hidden)
~ rke_config {
~ machine_global_config = <<-EOT
cni: calico
disable:
- rke2-ingress-nginx
kubelet-arg:
- --image-gc-high-threshold=70
- --image-gc-low-threshold=50
- --runtime-request-timeout=60m
+ - --max-pods=120
EOT
# (1 unchanged attribute hidden)
# (2 unchanged blocks hidden)
}
}
Plan: 0 to add, 1 to change, 0 to destroy.
Changes to Outputs:
~ rancher2_cluster_archive_staging_rke2_summary = (sensitive value)
╷
│ Warning: Resource targeting is in effect
│
│ You are creating a plan with the -target option, which means that the result of this plan may not
│ represent all of the changes requested by the current configuration.
│
│ The -target option is not for routine use, and is provided only for exceptional situations such as
│ recovering from errors or mistakes, or when Terraform specifically suggests to use it as part of an
│ error message.
╵
─────────────────────────────────────────────────────────────────────────────────────────────────────────
Note: You didn't use the -out option to save this plan, so Terraform can't guarantee to take exactly
these actions if you run "terraform apply" now.
[3] test-staging-rke2 no change (already 120 as per yesterday's test)
terraform plan -target=rancher2_cluster_v2.test-staging-rke2
rancher2_cluster_v2.test-staging-rke2: Refreshing state... [id=fleet-default/test-staging-rke2]
No changes. Your infrastructure matches the configuration.
Terraform has compared your real infrastructure against your configuration and found no differences, so
no changes are needed.
Refs. sysadm-environment#5217
Edited by Antoine R. Dumont