You are viewing version 2.22 of the documentation, which is no longer maintained. For up-to-date documentation, see the latest version.

Plugin Configuration Options

How to configure the Agent plugin for Clouddriver
Setting Type Default Description
kubesvc.cluster string none Type of clustering.
local: don’t try to coordinate with other Clouddriver instances
redis: use Redis to coordinate via pubsub
kubesvc.loadBalancer string none Pick a different account load balancing algorithm. Only implementation so far is the “MN algorithm” that does hides Agent connections from other clouddriver instances and assigns account to the least busy connected Clouddriver while never unassigning an account from a still connected instance unless it dies or stops being connected to that account.
kubesvc.cache.cacheStreamingPoolCoreSize
kubesvc.cache.cacheStreamingPoolMaxSize
integer 10/100 Thread pool sizing to write to cache. Each thread handles events for a single account at a time. It doesn’t need to be greater than the number of agents. More threads means faster response. If Kubernetes accounts are very busy, you can set max size to number of Kubernetes accounts / number of Clouddriver instances.
kubesvc.cache.onDemandQuickWaitMs integer 10000 How long to wait for a recache operation.
kubesvc.cache.eventsCleanupFrequencySeconds integer 7200 (2h) How long to keep Kubernetes events cached for.
kubesvc.cache.accountCleanupFrequencySeconds integer 600 (10m) How long to keep accounts that are no longer connected to any Agent
kubesvc.cache.cleanDataWithUnusedAccounts boolean true When cleaning an old account, also clean its associated data
kubesvc.disableV2Provider boolean false If you don’t need the V2 provider account, set that to true to speed up caching deserialization.
kubesvc.runtime.defaults.onlySpinnakerManaged boolean false Same meaning as V2 provider. Should Spinnaker cache manifests that are not deployed by Spinnaker?
kubesvc.runtime.defaults.customResources[].kubernetesKind
kubesvc.runtime.defaults.customResources[].spinnakerKind
kubesvc.runtime.defaults.customResources[].deployPriority
kubesvc.runtime.defaults.customResources[].versioned
kubesvc.runtime.defaults.customResources[].namespaced
string
string
number as string (“100”)
boolean
boolean
none
none
“100”
false
false
Same meaning as V2 provider. Customize behavior of Spinnaker for an unknown (to Spinnaker) resource.

- kubernetesKind in the format <kind>.<api group>
- spinnakerKind is one of the Spinnaker kinds
- deployPriority will determine in which order Spinnaker will deploy a resource if multiple manifests are to be deployed in an operation.
- versioned should Spinnaker version new resource or just update them?
- namespaced is barely used with kubesvc. TODO: remove
kubesvc.runtime.accounts[string].onlySpinnakerManaged
kubesvc.runtime.accounts[string].customResources[]…
Same as above but per account. This takes priority over default runtime settings. Default values are used if not populated for the account.

Format is a map (account name → props), e.g.
kubesvc.runtime.accounts:
prod:
onlySpinnakerManaged: true
kubesvc.grpc.server.address string * Address to bind the gRPC server to
kubesvc.grpc.server.port int 9091 Port to bind the gRPC server to
kubesvc.grpc.server.healthServiceEnabled boolean true Enable gRPC healthcheck service
kubesvc.grpc.server.maxInboundMessageSize data size 4MB Maximum size of a gRPC message. It should be at least as big as the biggest Kubernetes object manifest you can expect.
kubesvc.grpc.server.security.enabled boolean false Enable transport level security
kubesvc.grpc.server.security.certificateChain string none Reference to the server’s certificate chain.
kubesvc.grpc.server.security.privateKey string none Reference to the private key of the server.
kubesvc.grpc.server.security.privateKeyPassword string none Reference to private key password if password protected. You can use secret management to store the password.
kubesvc.grpc.server.security.clientAuth string NONE NONE: no client certificate verification, OPTIONAL: verify client certificates if presented, REQUIRE: require client to present certificates and verify it
kubesvc.grpc.server.security.ciphers list(string) [] By default, use the systems default ciphers.
kubesvc.grpc.server.security.trustCertCollection string none By default, use the systems default truststore (cacerts). Otherwise, reference to a truststore to validate clients.
kubesvc.grpc.server.security.protocols string none By default, use the systems default protocols. Otherwise, list of protocols accepted (TLSv1.1, TLSv1.2, etc.
kubesvc.operations.retry.maxRetries
kubesvc.operations.retry.backoffMs
int
long
5
2000
When an operation is to be sent to an account, Clouddriver will attempt to find a connected agent. If it cannot (e.g. restart of an agent, re-balancing, network issue), the operation will be retried up to retry - 1 times with backoffMs wait time b/w each try.