@@ -30,16 +30,19 @@ spec:
3030 prometheus.io/scheme : " http"
3131 prometheus.io/scrape : " true"
3232 spec :
33- dnsPolicy : Default
3433 automountServiceAccountToken : true
3534 serviceAccountName : karpenter
3635 securityContext :
3736 fsGroup : 65532
37+ runAsNonRoot : false
38+ seccompProfile :
39+ type : RuntimeDefault
3840 priorityClassName : " {{ .Cluster.ConfigItems.system_priority_class }}"
3941 dnsPolicy : ClusterFirst
4042 containers :
4143 - name : controller
4244 securityContext :
45+ privileged : false
4346 runAsUser : 65532
4447 runAsGroup : 65532
4548 runAsNonRoot : true
@@ -50,11 +53,11 @@ spec:
5053 drop :
5154 - ALL
5255 readOnlyRootFilesystem : true
53- image : " container-registry.zalando.net/teapot/karpenter:1.4 .0-main-38 .patched"
56+ image : " container-registry.zalando.net/teapot/karpenter:1.5 .0-main-39 .patched"
5457 imagePullPolicy : IfNotPresent
5558 env :
5659 - name : KUBERNETES_MIN_VERSION
57- value : 1.22 .0-0
60+ value : 1.19 .0-0
5861 - name : AWS_REGION
5962 value : " {{ .Cluster.Region }}"
6063 - name : CLUSTER_ENDPOINT
@@ -88,13 +91,11 @@ spec:
8891 divisor : " 0"
8992 resource : limits.memory
9093 - name : FEATURE_GATES
91- value : " Drift =false,SpotToSpotConsolidation=true,NodeRepair=false"
94+ value : " ReservedCapacity =false,SpotToSpotConsolidation=true,NodeRepair=false"
9295 - name : BATCH_MAX_DURATION
9396 value : " 10s"
9497 - name : BATCH_IDLE_DURATION
9598 value : " 1s"
96- - name : ASSUME_ROLE_DURATION
97- value : " 15m"
9899 - name : PREFERENCE_POLICY
99100 value : " Respect"
100101 - name : CLUSTER_NAME
@@ -153,13 +154,6 @@ spec:
153154 matchLabels :
154155 deployment : karpenter
155156 topologyKey : kubernetes.io/hostname
156- # topologySpreadConstraints:
157- # - labelSelector:
158- # matchLabels:
159- # deployment: karpenter
160- # maxSkew: 1
161- # topologyKey: topology.kubernetes.io/zone
162- # whenUnsatisfiable: ScheduleAnyway
163157 tolerations :
164158 - key : CriticalAddonsOnly
165159 operator : Exists
0 commit comments