Simplify kubelet-config template

Remove system|kube_master_<resource>_reserved variables.
Those variables are unnecessary because users can simply use the
variables in group_vars if they which to differentiate control plane
nodes from other nodes.

Set conservative defaults for ephemeral-storage and pids for both kube
and system reserved resources.

roles/kubernetes/node/defaults/main.yml

@@ -38,29 +38,19 @@ kubelet_secure_addresses: "localhost link-local {{ kube_pods_subnet }} {{ kube_n
 kube_reserved: false
 kube_reserved_cgroups_for_service_slice: kube.slice
 kube_reserved_cgroups: "/{{ kube_reserved_cgroups_for_service_slice }}"
-kube_memory_reserved: 256Mi
-kube_cpu_reserved: 100m
-# kube_ephemeral_storage_reserved: 2Gi
-# kube_pid_reserved: "1000"
-# Reservation for master hosts
-kube_master_memory_reserved: 512Mi
-kube_master_cpu_reserved: 200m
-# kube_master_ephemeral_storage_reserved: 2Gi
-# kube_master_pid_reserved: "1000"
+kube_memory_reserved: "256Mi"
+kube_cpu_reserved: "100m"
+kube_ephemeral_storage_reserved: "500Mi"
+kube_pid_reserved: "1000"
 
 # Set to true to reserve resources for system daemons
 system_reserved: false
 system_reserved_cgroups_for_service_slice: system.slice
 system_reserved_cgroups: "/{{ system_reserved_cgroups_for_service_slice }}"
-system_memory_reserved: 512Mi
-system_cpu_reserved: 500m
-# system_ephemeral_storage_reserved: 2Gi
-# system_pid_reserved: "1000"
-# Reservation for master hosts
-system_master_memory_reserved: 256Mi
-system_master_cpu_reserved: 250m
-# system_master_ephemeral_storage_reserved: 2Gi
-# system_master_pid_reserved: "1000"
+system_memory_reserved: "512Mi"
+system_cpu_reserved: "500m"
+system_ephemeral_storage_reserved: "500Mi"
+system_pid_reserved: 1000
 
 ## Eviction Thresholds to avoid system OOMs
 # https://kubernetes.io/docs/tasks/administer-cluster/reserve-compute-resources/#eviction-thresholds

roles/kubernetes/node/templates/kubelet-config.v1beta1.yaml.j2

@@ -60,56 +60,16 @@ clusterDNS:
 - {{ dns_address }}
 {% endfor %}
 {# Node reserved CPU/memory #}
-{% if kube_reserved | bool %}
-kubeReservedCgroup: {{ kube_reserved_cgroups }}
+{% for scope in "kube", "system" %}
+{% if lookup('ansible.builtin.vars', scope + "_reserved") | bool %}
+{{ scope }}ReservedCgroup: {{ lookup('ansible.builtin.vars', scope + '_reserved_cgroup') }}
 {% endif %}
-kubeReserved:
-{% if is_kube_master | bool %}
-  cpu: "{{ kube_master_cpu_reserved }}"
-  memory: {{ kube_master_memory_reserved }}
-{% if kube_master_ephemeral_storage_reserved is defined %}
-  ephemeral-storage: {{ kube_master_ephemeral_storage_reserved }}
-{% endif %}
-{% if kube_master_pid_reserved is defined %}
-  pid: "{{ kube_master_pid_reserved }}"
-{% endif %}
-{% else %}
-  cpu: "{{ kube_cpu_reserved }}"
-  memory: {{ kube_memory_reserved }}
-{% if kube_ephemeral_storage_reserved is defined %}
-  ephemeral-storage: {{ kube_ephemeral_storage_reserved }}
-{% endif %}
-{% if kube_pid_reserved is defined %}
-  pid: "{{ kube_pid_reserved }}"
-{% endif %}
-{% endif %}
-{% if system_reserved | bool %}
-systemReservedCgroup: {{ system_reserved_cgroups }}
-systemReserved:
-{% if is_kube_master | bool %}
-  cpu: "{{ system_master_cpu_reserved }}"
-  memory: {{ system_master_memory_reserved }}
-{% if system_master_ephemeral_storage_reserved is defined %}
-  ephemeral-storage: {{ system_master_ephemeral_storage_reserved }}
-{% endif %}
-{% if system_master_pid_reserved is defined %}
-  pid: "{{ system_master_pid_reserved }}"
-{% endif %}
-{% else %}
-  cpu: "{{ system_cpu_reserved }}"
-  memory: {{ system_memory_reserved }}
-{% if system_ephemeral_storage_reserved is defined %}
-  ephemeral-storage: {{ system_ephemeral_storage_reserved }}
-{% endif %}
-{% if system_pid_reserved is defined %}
-  pid: "{{ system_pid_reserved }}"
-{% endif %}
-{% endif %}
-{% endif %}
-{% if is_kube_master | bool and eviction_hard_control_plane is defined and eviction_hard_control_plane %}
-evictionHard:
-  {{ eviction_hard_control_plane | to_nice_yaml(indent=2) | indent(2) }}
-{% elif not is_kube_master | bool and eviction_hard is defined and eviction_hard %}
+{{ scope }}Reserved:
+{% for resource in "cpu", "memory", "ephemeral-storage", "pid" %}
+  {{ resource }}: "{{ lookup('ansible.builtin.vars', scope + '_' ~ (resource | replace('-', '_')) + '_reserved') }}"
+{% endfor %}
+{% endfor %}
+{% if eviction_hard is defined and eviction_hard %}
 evictionHard:
   {{ eviction_hard | to_nice_yaml(indent=2) | indent(2) }}
 {% endif %}