X-Git-Url: https://gerrit.akraino.org/r/gitweb?a=blobdiff_plain;f=ansible%2Froles%2Fflannel%2Ftemplates%2Fflannel-ds.yaml;h=eb0c57131840f8df4975d3ce61934b5d1c07cfb6;hb=refs%2Fchanges%2F06%2F1206%2F7;hp=41e78a2f0da682965f64c0dafae78119975a0db5;hpb=97f61e99faf44df35648c23c9497f4c4248ca6a6;p=ta%2Fcaas-danm.git

diff --git a/ansible/roles/flannel/templates/flannel-ds.yaml b/ansible/roles/flannel/templates/flannel-ds.yaml
index 41e78a2..eb0c571 100644
--- a/ansible/roles/flannel/templates/flannel-ds.yaml
+++ b/ansible/roles/flannel/templates/flannel-ds.yaml
@@ -32,10 +32,10 @@ spec:
         tier: node
         {{ caas.kubernetes_component_label }}: flannel
     spec:
+      priorityClassName: "system-node-critical"
       hostNetwork: true
       dnsPolicy: ClusterFirstWithHostNet
-     # TODO: figure out why flannel needs to run with root to modify network settings on the host
-     # Some setcap calls might be missing on its binary?
+     # TODO: figure out why privileged mode is also not enough for flannel to modify network settings on the host (same problem as watcher)
      #securityContext:
      #     runAsUser: {{ caas.uid.flannel }}
       tolerations:
@@ -62,6 +62,9 @@ spec:
           valueFrom:
             fieldRef:
               fieldPath: metadata.namespace
+        resources:
+          requests:
+            cpu: "10m"
         volumeMounts:
         - name: time-mount
           mountPath: /etc/localtime