Cluster Add-on Configuration Arguments
Find out about the configuration arguments that you can pass to cluster add-ons.
When you enable a cluster add-on, you can specify one or more key/value pairs to pass as arguments to the cluster add-on.
kube-proxy add-on configuration arguments
When you enable the kube-proxy cluster add-on, you can pass the following key/value pairs as arguments:
| Key (API and CLI) | Key's Display Name (Console) | Description | Required/Optional | Default | Example |
|---|---|---|---|---|---|
| affinity | affinity | A group of affinity scheduling rules (JSON format in plain text or BASE64 encoded). | Optional | null | null |
| customizeKubeProxyConfigMap | customize kube-proxy configMap |
If you want Oracle to manage Kube-proxy for you automatically, set customizeKubeProxyConfigMap to If you want to customize Kube-proxy behavior, set customizeKubeProxyConfigMap to |
Required | false |
true |
| nodeSelectors | node selectors |
You can use node selectors and node labels to control the worker nodes on which add-on pods run. For a pod to run on a node, the pod's node selector must have the same key/value as the node's label. Set nodeSelectors to a key/value pair that matches both the pod's node selector, and the worker node's label. |
Optional | null | {"foo":"bar", "foo2": "bar2"}The pod will only run on nodes that have the |
| rollingUpdate | rollingUpdate | Controls the desired behavior of rolling update by maxSurge and maxUnavailable (JSON format in plain text or BASE64 encoded.). | Optional | null | null |
| tolerations | tolerations |
You can use taints and tolerations to control the worker nodes on which add-on pods run. For a pod to run on a node that has a taint, the pod must have a corresponding toleration. Set tolerations to a key/value pair that matches both the pod's toleration, and the worker node's taint. |
Optional | null | [{"key":"tolerationKeyFoo", "value":"tolerationValBar", "effect":"noSchedule", "operator":"exists"}]Only pods that have this toleration can run on worker nodes that have the |
| topologySpreadConstraints | topologySpreadConstraints | How to spread matching pods among the given topology (JSON format in plain text or BASE64 encoded.). | Optional | null | null |
CoreDNS add-on configuration arguments
When you enable the CoreDNS cluster add-on, you can pass the following key/value pairs as arguments:
| Key (API and CLI) | Key's Display Name (Console) | Description | Required/Optional | Default | Example |
|---|---|---|---|---|---|
| affinity | affinity | A group of affinity scheduling rules (JSON format in plain text or BASE64 encoded). | Optional | null | null |
| coreDnsContainerResources | CoreDNS container resources | You can specify the resource quantities that CoreDNS containers request, and set resource usage limits that CoreDNS containers cannot exceed. | Optional | null | {"limits": {"cpu": "500m", "memory": "200Mi" }, "requests": {"cpu": "100m", "memory": "100Mi"}}Create CoreDNS containers that request 100 milllicores of CPU, and 100 mebibytes of memory. Limit CoreDNS containers to 500 milllicores of CPU, and 200 mebibytes of memory. |
| customizeCoreDNSConfigMap | customize CoreDNS configMap |
If you want Oracle to manage CoreDNS for you automatically, set customizeCoreDNSConfigMap to If you want to customize CoreDNS behavior, set customizeCoreDNSConfigMap to |
Required | false |
true |
| minReplica | min replica |
The minimum number of replicas of the CoreDNS deployment. |
Required | 1Creates a total of one pod in the cluster. |
2Creates a total of two pods in the cluster. |
| nodeSelectors | node selectors |
You can use node selectors and node labels to control the worker nodes on which add-on pods run. For a pod to run on a node, the pod's node selector must have the same key/value as the node's label. Set nodeSelectors to a key/value pair that matches both the pod's node selector, and the worker node's label. |
Optional | null | {"foo":"bar", "foo2": "bar2"}The pod will only run on nodes that have the |
| nodesPerReplica | nodes per replica |
The number of CoreDNS replicas per cluster node. |
Required | 1Creates a replica on every node. |
2Creates a replica on every second node. |
| rollingUpdate | rollingUpdate | Controls the desired behavior of rolling update by maxSurge and maxUnavailable (JSON format in plain text or BASE64 encoded.). | Optional | null | null |
| tolerations | tolerations |
You can use taints and tolerations to control the worker nodes on which add-on pods run. For a pod to run on a node that has a taint, the pod must have a corresponding toleration. Set tolerations to a key/value pair that matches both the pod's toleration, and the worker node's taint. |
Optional | null | [{"key":"tolerationKeyFoo", "value":"tolerationValBar", "effect":"noSchedule", "operator":"exists"}]Only pods that have this toleration can run on worker nodes that have the |
| topologySpreadConstraints | topologySpreadConstraints | How to spread matching pods among the given topology (JSON format in plain text or BASE64 encoded.). | Optional | null | null |
OCI VCN-Native Pod Networking CNI plugin add-on configuration arguments
When you enable the OCI VCN-Native Pod Networking CNI plugin cluster add-on, you can pass the following key/value pairs as arguments:
| Key (API and CLI) | Key's Display Name (Console) | Description | Required/Optional | Default | Example |
|---|---|---|---|---|---|
| affinity | affinity | A group of affinity scheduling rules (JSON format in plain text or BASE64 encoded). | Optional | null | null |
| nodeSelectors | node selectors |
You can use node selectors and node labels to control the worker nodes on which add-on pods run. For a pod to run on a node, the pod's node selector must have the same key/value as the node's label. Set nodeSelectors to a key/value pair that matches both the pod's node selector, and the worker node's label. |
Optional | null | {"foo":"bar", "foo2": "bar2"}The pod will only run on nodes that have the |
| rollingUpdate | rollingUpdate | Controls the desired behavior of rolling update by maxSurge and maxUnavailable (JSON format in plain text or BASE64 encoded.). | Optional | null | null |
| tolerations | tolerations |
You can use taints and tolerations to control the worker nodes on which add-on pods run. For a pod to run on a node that has a taint, the pod must have a corresponding toleration. Set tolerations to a key/value pair that matches both the pod's toleration, and the worker node's taint. |
Optional | null | [{"key":"tolerationKeyFoo", "value":"tolerationValBar", "effect":"noSchedule", "operator":"exists"}]Only pods that have this toleration can run on worker nodes that have the |
| topologySpreadConstraints | topologySpreadConstraints | How to spread matching pods among the given topology (JSON format in plain text or BASE64 encoded.). | Optional | null | null |
flannel add-on configuration arguments
When you enable the flannel CNI plugin cluster add-on, you can pass the following key/value pairs as arguments:
| Key (API and CLI) | Key's Display Name (Console) | Description | Required/Optional | Default | Example |
|---|---|---|---|---|---|
| affinity | affinity | A group of affinity scheduling rules (JSON format in plain text or BASE64 encoded). | Optional | null | null |
| nodeSelectors | node selectors |
You can use node selectors and node labels to control the worker nodes on which add-on pods run. For a pod to run on a node, the pod's node selector must have the same key/value as the node's label. Set nodeSelectors to a key/value pair that matches both the pod's node selector, and the worker node's label. |
Optional | null | {"foo":"bar", "foo2": "bar2"}The pod will only run on nodes that have the |
| rollingUpdate | rollingUpdate | Controls the desired behavior of rolling update by maxSurge and maxUnavailable (JSON format in plain text or BASE64 encoded.). | Optional | null | null |
| tolerations | tolerations |
You can use taints and tolerations to control the worker nodes on which add-on pods run. For a pod to run on a node that has a taint, the pod must have a corresponding toleration. Set tolerations to a key/value pair that matches both the pod's toleration, and the worker node's taint. |
Optional | null | [{"key":"tolerationKeyFoo", "value":"tolerationValBar", "effect":"noSchedule", "operator":"exists"}]Only pods that have this toleration can run on worker nodes that have the |
| topologySpreadConstraints | topologySpreadConstraints | How to spread matching pods among the given topology (JSON format in plain text or BASE64 encoded.). | Optional | null | null |
Kubernetes Dashboard add-on configuration arguments
When you enable the Kubernetes Dashboard cluster add-on, you can pass the following key/value pairs as arguments:
| Key (API and CLI) | Key's Display Name (Console) | Description | Required/Optional | Default | Example |
|---|---|---|---|---|---|
| affinity | affinity | A group of affinity scheduling rules (JSON format in plain text or BASE64 encoded). | Optional | null | null |
| nodeSelectors | node selectors |
You can use node selectors and node labels to control the worker nodes on which pods run. For a pod to run on a node, the pod's node selector must have the same key/value as the node's label. Set nodeSelectors to a key/value pair that matches both the pod's node selector, and the worker node's label. |
Optional | null | {"foo":"bar", "foo2": "bar2"}The pod will only run on nodes that have the |
| numOfReplicas | numOfReplicas | The number of replicas of the Kubernetes Dashboard deployment. | Required | 1Creates one replica of the add-on deployment per cluster. |
2Creates two replicas of the add-on deployment per cluster. |
| rollingUpdate | rollingUpdate | Controls the desired behavior of rolling update by maxSurge and maxUnavailable (JSON format in plain text or BASE64 encoded.). | Optional | null | null |
| tolerations | tolerations |
You can use taints and tolerations to control the worker nodes on which pods run. For a pod to run on a node that has a taint, the pod must have a corresponding toleration. Set tolerations to a key/value pair that matches both the pod's toleration, and the worker node's taint. |
Optional | null | [{"key":"tolerationKeyFoo", "value":"tolerationValBar", "effect":"noSchedule", "operator":"exists"}]Only pods that have this toleration can run on worker nodes that have the |
| topologySpreadConstraints | topologySpreadConstraints | How to spread matching pods among the given topology (JSON format in plain text or BASE64 encoded.). | Optional | null | null |
Tiller add-on configuration arguments (not recommended)
When you enable the Tiller cluster add-on, you can pass the following key/value pairs as arguments.
Note that Tiller was removed from Helm in version 3 (and later versions) due to known security risks. Because of those security risks, we strongly recommend that you do not deploy Tiller on production clusters. For the same reason, the Tiller add-on is not shown in the Console. If you decide that you do want to deploy the Tiller add-on despite the security risks, use the OCI CLI or API.
| Key (API and CLI) | Key's Display Name (Console) | Description | Required/Optional | Default | Example |
|---|---|---|---|---|---|
| affinity | affinity | A group of affinity scheduling rules (JSON format in plain text or BASE64 encoded). | Optional | null | null |
| nodeSelectors | node selectors |
You can use node selectors and node labels to control the worker nodes on which pods run. For a pod to run on a node, the pod's node selector must have the same key/value as the node's label. Set nodeSelectors to a key/value pair that matches both the pod's node selector, and the worker node's label. |
Optional | null | {"foo":"bar", "foo2": "bar2"}The pod will only run on nodes that have the |
| rollingUpdate | rollingUpdate | Controls the desired behavior of rolling update by maxSurge and maxUnavailable (JSON format in plain text or BASE64 encoded.). | Optional | null | null |
| tolerations | tolerations |
You can use taints and tolerations to control the worker nodes on which pods run. For a pod to run on a node that has a taint, the pod must have a corresponding toleration. Set tolerations to a key/value pair that matches both the pod's toleration, and the worker node's taint. |
Optional | null | [{"key":"tolerationKeyFoo", "value":"tolerationValBar", "effect":"noSchedule", "operator":"exists"}]Only pods that have this toleration can run on worker nodes that have the |
| topologySpreadConstraints | topologySpreadConstraints | How to spread matching pods among the given topology (JSON format in plain text or BASE64 encoded.). | Optional | null | null |
Oracle Database Operator for Kubernetes add-on configuration arguments
When you enable the Oracle Database Operator for Kubernetes cluster add-on, you can pass the following key/value pairs as arguments:
| Key (API and CLI) | Key's Display Name (Console) | Description | Required/Optional | Default | Example |
|---|---|---|---|---|---|
| affinity | affinity | A group of affinity scheduling rules (JSON format in plain text or BASE64 encoded). | Optional | null | null |
| nodeSelectors | node selectors |
You can use node selectors and node labels to control the worker nodes on which pods run. For a pod to run on a node, the pod's node selector must have the same key/value as the node's label. Set nodeSelectors to a key/value pair that matches both the pod's node selector, and the worker node's label. |
Optional | null | {"foo":"bar", "foo2": "bar2"}The pod will only run on nodes that have the |
| numOfReplicas | numOfReplicas | The number of replicas of the Database Operator deployment. | Required | 1Creates one replica of the add-on deployment per cluster. |
2Creates two replicas of the add-on deployment per cluster. |
| rollingUpdate | rollingUpdate | Controls the desired behavior of rolling update by maxSurge and maxUnavailable (JSON format in plain text or BASE64 encoded.). | Optional | null | null |
| tolerations | tolerations |
You can use taints and tolerations to control the worker nodes on which pods run. For a pod to run on a node that has a taint, the pod must have a corresponding toleration. Set tolerations to a key/value pair that matches both the pod's toleration, and the worker node's taint. |
Optional | null | [{"key":"tolerationKeyFoo", "value":"tolerationValBar", "effect":"noSchedule", "operator":"exists"}]Only pods that have this toleration can run on worker nodes that have the |
| topologySpreadConstraints | topologySpreadConstraints | How to spread matching pods among the given topology (JSON format in plain text or BASE64 encoded.). | Optional | null | null |
WebLogic Kubernetes Operator add-on configuration arguments
When you enable the WebLogic Kubernetes Operator cluster add-on, you can pass the following key/value pairs as arguments:
| Key (API and CLI) | Key's Display Name (Console) | Description | Required/Optional | Default | Example |
|---|---|---|---|---|---|
| affinity | affinity | A group of affinity scheduling rules (JSON format in plain text or BASE64 encoded). | Optional | null | null |
| nodeSelectors | node selectors |
You can use node selectors and node labels to control the worker nodes on which pods run. For a pod to run on a node, the pod's node selector must have the same key/value as the node's label. Set nodeSelectors to a key/value pair that matches both the pod's node selector, and the worker node's label. |
Optional | null | {"foo":"bar", "foo2": "bar2"}The pod will only run on nodes that have the |
| numOfReplicas | numOfReplicas | The number of replicas of the Weblogic Operator deployment. | Required | 1Creates one replica of the add-on deployment per cluster. |
2Creates two replicas of the add-on deployment per cluster. |
| rollingUpdate | rollingUpdate | Controls the desired behavior of rolling update by maxSurge and maxUnavailable (JSON format in plain text or BASE64 encoded.). | Optional | null | null |
| tolerations | tolerations |
You can use taints and tolerations to control the worker nodes on which pods run. For a pod to run on a node that has a taint, the pod must have a corresponding toleration. Set tolerations to a key/value pair that matches both the pod's toleration, and the worker node's taint. |
Optional | null | [{"key":"tolerationKeyFoo", "value":"tolerationValBar", "effect":"noSchedule", "operator":"exists"}]Only pods that have this toleration can run on worker nodes that have the |
| topologySpreadConstraints | topologySpreadConstraints | How to spread matching pods among the given topology (JSON format in plain text or BASE64 encoded.). | Optional | null | null |
Certificate Manager add-on configuration arguments
When you enable the Certificate Manager cluster add-on, you can pass the following key/value pairs as arguments:
| Key (API and CLI) | Key's Display Name (Console) | Description | Required/Optional | Default | Example |
|---|---|---|---|---|---|
| affinity | affinity | A group of affinity scheduling rules (JSON format in plain text or BASE64 encoded). | Optional | null | null |
| nodeSelectors | node selectors |
You can use node selectors and node labels to control the worker nodes on which pods run. For a pod to run on a node, the pod's node selector must have the same key/value as the node's label. Set nodeSelectors to a key/value pair that matches both the pod's node selector, and the worker node's label. |
Optional | null | {"foo":"bar", "foo2": "bar2"}The pod will only run on nodes that have the |
| numOfReplicas | numOfReplicas | The number of replicas of the Certificate Manager deployment. | Required | 1Creates one replica of the add-on deployment per cluster. |
2Creates two replicas of the add-on deployment per cluster. |
| rollingUpdate | rollingUpdate | Controls the desired behavior of rolling update by maxSurge and maxUnavailable (JSON format in plain text or BASE64 encoded.). | Optional | null | null |
| tolerations | tolerations |
You can use taints and tolerations to control the worker nodes on which pods run. For a pod to run on a node that has a taint, the pod must have a corresponding toleration. Set tolerations to a key/value pair that matches both the pod's toleration, and the worker node's taint. |
Optional | null | [{"key":"tolerationKeyFoo", "value":"tolerationValBar", "effect":"noSchedule", "operator":"exists"}]Only pods that have this toleration can run on worker nodes that have the |
| topologySpreadConstraints | topologySpreadConstraints | How to spread matching pods among the given topology (JSON format in plain text or BASE64 encoded.). | Optional | null | null |
Cluster Autoscaler add-on add-on configuration arguments
When you enable the Cluster Autoscaler add-on, you can pass the following key/value pairs as arguments:
Commonly used configuration arguments
| Key (API and CLI) | Key's Display Name (Console) | Description | Required/Optional | Default | Example |
|---|---|---|---|---|---|
| affinity | affinity | A group of affinity scheduling rules (JSON format in plain text or BASE64 encoded). | Optional | null | null |
| numOfReplicas | numOfReplicas | The number of replicas of the Cluster Autoscaler add-on deployment. | Required | 1Creates one replica of the add-on deployment per cluster. |
2Creates two replicas of the add-on deployment per cluster. |
| nodeSelectors | node selectors |
You can use node selectors and node labels to control the worker nodes on which pods run. For a pod to run on a node, the pod's node selector must have the same key/value as the node's label. Set nodeSelectors to a key/value pair that matches both the pod's node selector, and the worker node's label. |
Optional | null | {"foo":"bar", "foo2": "bar2"}The pod will only run on nodes that have the |
| rollingUpdate | rollingUpdate | Controls the desired behavior of rolling update by maxSurge and maxUnavailable (JSON format in plain text or BASE64 encoded.). | Optional | null | null |
| tolerations | tolerations |
You can use taints and tolerations to control the worker nodes on which pods run. For a pod to run on a node that has a taint, the pod must have a corresponding toleration. Set tolerations to a key/value pair that matches both the pod's toleration, and the worker node's taint. |
Optional | null | [{"key":"tolerationKeyFoo", "value":"tolerationValBar", "effect":"noSchedule", "operator":"exists"}]Only pods that have this toleration can run on worker nodes that have the |
| topologySpreadConstraints | topologySpreadConstraints | How to spread matching pods among the given topology (JSON format in plain text or BASE64 encoded.). | Optional | null | null |
Other configuration arguments
| Key (API and CLI) | Key's Display Name (Console) | Description | Required/Optional | Default |
|---|---|---|---|---|
| annotations | annotations | Annotations to pass to the Cluster Autoscaler deployment in JSON string format. For example, |
Optional | "" |
| authType | authType | The authentication type the Cluster Autoscaler uses while making requests, as one of:
|
Required | instance |
| balanceSimilarNodeGroups | balanceSimilarNodeGroups | Detect similar node groups and balance the number of nodes between them. | Optional | false |
| balancingIgnoreLabel | balancingIgnoreLabel | Define a node label that should be ignored when considering node group similarity. One label per flag occurrence. The format is label1, label2. |
Optional | "" |
| balancingLabel | balancingLabel | Define a node label to use when comparing node group similarity. If set, all other comparison logic is disabled, and only labels are considered when comparing groups. One label per flag occurrence. The format is label1, label2. |
Optional | "" |
| cordonNodeBeforeTerminating | (Not shown in Console) | Should CA cordon nodes before terminating during downscale process. | Optional | false |
| coresTotal | (Not shown in Console) | Minimum and maximum number of cores in cluster, in the format <min>:<max>. Cluster autoscaler will not scale the cluster beyond these numbers. | Optional | 0:320000 |
| daemonsetEvictionForEmptyNodes | (Not shown in Console) | Whether DaemonSet pods will be gracefully terminated from empty nodes. | Optional | false |
| daemonsetEvictionForOccupiedNodes | (Not shown in Console) | Whether DaemonSet pods will be gracefully terminated from non-empty nodes. | Optional | true |
| debuggingSnapshotEnabled | (Not shown in Console) | Whether the debugging snapshot of cluster autoscaler feature is enabled. | Optional | false |
| emitPerNodegroupMetrics | (Not shown in Console) | If true, emit per node group metrics. | Optional | false |
| enforceNodeGroupMinSize | (Not shown in Console) | Should CA scale up the node group to the configured min size if needed. | Optional | false |
| estimator | (Not shown in Console) | Type of resource estimator to be used in scale up. | Optional | binpacking |
| expander | expander | Type of node group expander to be used in scale up. Note that |
Optional | random |
| expendablePodsPriorityCutoff | (Not shown in Console) | Pods with priority below cutoff will be expendable. They can be killed without any consideration during scale down and they don't cause scale up. Pods with null priority (PodPriority disabled) are non-expendable. | Optional | -10 |
| ignoreDaemonsetsUtilization | (Not shown in Console) | Whether DaemonSet pods will be ignored when calculating resource utilization for scaling down. | Optional | false |
| ignoreMirrorPodsUtilization | (Not shown in Console) | Whether Mirror pods will be ignored when calculating resource utilization for scaling down. | Optional | false |
| leaderElect | (Not shown in Console) | Start a leader election client and gain leadership before executing the main loop. Enable this when running replicated components for high availability. | Optional | true |
| leaderElectLeaseDuration | (Not shown in Console) | The duration that non-leader candidates will wait after observing a leadership renewal until attempting to acquire leadership of a led but un-renewed leader slot. This is effectively the maximum duration that a leader can be stopped before it is replaced by another candidate. This is only applicable if leader election is enabled. | Optional | 15s |
| leaderElectRenewDeadline | (Not shown in Console) | The interval between attempts by the active cluster autoscaler to renew a leadership slot before it stops leading. This must be less than or equal to the lease duration. This is only applicable if leader election is enabled. | Optional | 10s |
| leaderElectResourceLock | (Not shown in Console) | The type of resource object that is used for locking during leader election. Supported options are leases (default), endpoints, endpointsleases, configmaps, and configmapsleases. |
Optional | leases |
| leaderElectRetryPeriod | (Not shown in Console) | The duration the clients should wait between attempting acquisition and renewal of a leadership. This is only applicable if leader election is enabled. | Optional | 2s |
| maxAutoprovisionedNodeGroupCount | (Not shown in Console) | The maximum number of auto-provisioned groups in the cluster. | Optional | 15 |
| maxEmptyBulkDelete | maxEmptyBulkDelete | Maximum number of empty nodes that can be deleted at the same time. | Optional | 10 |
| maxFailingTime | (Not shown in Console) | Maximum time from last recorded successful autoscaler run before automatic restart. | Optional | 15m |
| maxGracefulTerminationSec | (Not shown in Console) | Maximum number of seconds CA waits for pod termination when trying to scale down a node. | Optional | 600 |
| maxInactivity | (Not shown in Console) | Maximum time from last recorded autoscaler activity before automatic restart. | Optional | 10m |
| maxNodeProvisionTime | maxNodeProvisionTime | Maximum time CA waits for node to be provisioned. | Optional | 15m |
| maxNodesTotal | (Not shown in Console) | Maximum number of nodes in all node pools. Cluster autoscaler will not grow the cluster beyond this number. | Optional | 0 |
| maxTotalUnreadyPercentage | (Not shown in Console) | Maximum percentage of unready nodes in the cluster. After this is exceeded, CA halts operations. | Optional | 45 |
| memoryTotal | (Not shown in Console) | Minimum and maximum number of gigabytes of memory in cluster, in the format <min>:<max>. Cluster autoscaler will not scale the cluster beyond these numbers. | Optional | 0:6400000 |
| minReplicaCount | (Not shown in Console) | Minimum number or replicas that a replica set or replication controller should have to allow their pods deletion in scale down. | Optional | 0 |
| nodes | nodes |
A JSON list of Minimum number of nodes, Maximum number of nodes and the OCID of the nodepool to be managed by cluster autoscaler. The format is |
Required | "" |
| okTotalUnreadyCount | (Not shown in Console) | Number of allowed unready nodes, irrespective of max-total-unready-percentage. | Optional | 3 |
| recordDuplicatedEvents | (Not shown in Console) | Enable the autoscaler to print duplicated events within a 5 minute window. | Optional | false |
| scaleDownCandidatesPoolMinCount | (Not shown in Console) |
Minimum number of nodes that are considered as additional non empty candidates for scale down when some candidates from previous iteration are no longer valid. When calculating the pool size for additional candidates we take. |
Required | 50 |
| scaleDownCandidatesPoolRatio | (Not shown in Console) | A ratio of nodes that are considered as additional non-empty candidates for scale down when some candidates from previous iteration are no longer valid. Lower value means better CA responsiveness but possible slower scale down latency. Higher value can affect CA performance with big clusters (hundreds of nodes). Set to 1.0 to turn this heuristics off - CA will take all nodes as additional candidates. | Required | 0.1 |
| scaleDownDelayAfterAdd | scaleDownDelayAfterAdd | How long after scale up that scale down evaluation resumes. | Required | 10m |
| scaleDownDelayAfterDelete | (Not shown in Console) | How long after node deletion that scale down evaluation resumes, defaults to scan-interval. | Required | 10s |
| scaleDownDelayAfterFailure | (Not shown in Console) | How long after scale down failure that scale down evaluation resumes. | Required | 3m |
| scaleDownEnabled | scaleDownEnabled | Should CA scale down the cluster. | Optional | true |
| scaleDownNonEmptyCandidatesCount | (Not shown in Console) | Maximum number of non empty nodes considered in one iteration as candidates for scale down with drain. Lower value means better CA responsiveness but possible slower scale down latency. Higher value can affect CA performance with big clusters (hundreds of nodes). Set to non positive value to turn this heuristic off - CA will not limit the number of nodes it considers. | Required | 30 |
| scaleDownUnneededTime | scaleDownUnneededTime | How long a node should be unneeded before it is eligible for scale down. | Required | 10m |
| scaleDownUnreadyTime | (Not shown in Console) | How long an unready node should be unneeded before it is eligible for scale down. | Required | 20m |
| scaleDownUtilizationThreshold | (Not shown in Console) | Node utilization level, defined as sum of requested resources divided by capacity, below which a node can be considered for scale down. | Required | 0.5 |
| scanInterval | scanInterval | How often cluster is re-evaluated for scale up or down. | Optional | 10s |
| skipNodesWithCustomControllerPods | (Not shown in Console) | If true, cluster autoscaler will never delete nodes with pods owned by custom controllers. | Optional | true |
| skipNodesWithLocalStorage | (Not shown in Console) | If true, cluster autoscaler will never delete nodes with pods with local storage, e.g. EmptyDir or HostPath. | Optional | true |
| skipNodesWithSystemPods | (Not shown in Console) | If true, cluster autoscaler will never delete nodes with pods from kube-system (except for DaemonSet or mirror pods). | Optional | true |
| statusConfigMapName | (Not shown in Console) | The name of the status ConfigMap that CA writes. | Optional | cluster-autoscaler-status |
| stderrthreshold | (Not shown in Console) | The log severity threshold, beyond which logs are sent to stderr. For example, if you set this to error, all logs with a severity higher than error are sent to stderr. |
Optional | info |
| unremovableNodeRecheckTimeout | unremovableNodeRecheckTimeout | The timeout before we check again a node that couldn't be removed before. | Required | 5m |
| v | (Not shown in Console) | The number for the verbosity of logging. | Optional | 0 |
| writeStatusConfigmap | (Not shown in Console) | Should CA write status information to a configmap. | Optional | true |
Istio add-on configuration arguments
When you enable the Istio cluster add-on, you can pass the following key/value pairs as arguments:
Commonly used configuration arguments
| Key (API and CLI) | Key's Display Name (Console) | Description | Required/Optional | Default | Example |
|---|---|---|---|---|---|
| affinity | affinity | A group of affinity scheduling rules (JSON format in plain text or BASE64 encoded). | Optional | null | null |
| nodeSelectors | node selectors |
You can use node selectors and node labels to control the worker nodes on which pods run. For a pod to run on a node, the pod's node selector must have the same key/value as the node's label. Set nodeSelectors to a key/value pair that matches both the pod's node selector, and the worker node's label. |
Optional | null | {"foo":"bar", "foo2": "bar2"}The pod will only run on nodes that have the |
| numOfReplicas | numOfReplicas | The number of replicas of the add-on deployment. | Required | 1Creates one replica of the add-on deployment per cluster. |
2Creates two replicas of the add-on deployment per cluster. |
| rollingUpdate | rollingUpdate | Controls the desired behavior of rolling update by maxSurge and maxUnavailable (JSON format in plain text or BASE64 encoded.). | Optional | null | null |
| tolerations | tolerations |
You can use taints and tolerations to control the worker nodes on which pods run. For a pod to run on a node that has a taint, the pod must have a corresponding toleration. Set tolerations to a key/value pair that matches both the pod's toleration, and the worker node's taint. |
Optional | null | [{"key":"tolerationKeyFoo", "value":"tolerationValBar", "effect":"noSchedule", "operator":"exists"}]Only pods that have this toleration can run on worker nodes that have the |
| topologySpreadConstraints | topologySpreadConstraints | How to spread matching pods among the given topology (JSON format in plain text or BASE64 encoded.). | Optional | null | null |
Other configuration arguments
| Key (API and CLI) | Key's Display Name (Console) | Description | Required/Optional | Default | Example |
|---|---|---|---|---|---|
| customizeConfigMap | customizeConfigMap |
If you want Oracle to manage Istio for you automatically, set customizeConfigMap to If you want to customize Istio using istioctl (or another tool supported by Istio) and you want to retain the customizations when Oracle updates the add-on, set |
Required | false |
true |
| enableIngressGateway | enableIngressGateway | Enable Istio ingress gateway | Required | false |
true |
| profile | profile | Istio installation profile | Required | "oke-default" |
"oke-default" |