allowDisabledDocker: false
apiVersion: v1
{% if openshift.common.version_gte_3_6 %}
dnsBindAddress: 127.0.0.1:53
dnsRecursiveResolvConf: /etc/origin/node/resolv.conf
{% endif %}
dnsDomain: {{ openshift.common.dns_domain }}
dnsIP: {{ openshift_dns_ip }}
dockerConfig:
  execHandlerName: ""
iptablesSyncPeriod: "{{ openshift_node_iptables_sync_period }}"
imageConfig:
  format: {{ oreg_url_node }}
  latest: {{ openshift_node_image_config_latest }}
kind: NodeConfig
kubeletArguments: {{  l2_openshift_node_kubelet_args  | default(None) | lib_utils_to_padded_yaml(level=1) }}
{% if openshift_use_crio | bool %}
  container-runtime:
  - remote
  container-runtime-endpoint:
  - /var/run/crio/crio.sock
  image-service-endpoint:
  - /var/run/crio/crio.sock
  node-labels:
  - router=true
  - registry=true
  runtime-request-timeout:
  - 10m
{% endif %}
masterClientConnectionOverrides:
  acceptContentTypes: application/vnd.kubernetes.protobuf,application/json
  contentType: application/vnd.kubernetes.protobuf
  burst: 200
  qps: 100
masterKubeConfig: system:node:{{ openshift.common.hostname | lower }}.kubeconfig
{% if openshift_node_use_openshift_sdn | bool %}
networkPluginName: {{ openshift_node_sdn_network_plugin_name }}
{% endif %}
# networkConfig struct introduced in origin 1.0.6 and OSE 3.0.2 which
# deprecates networkPluginName above. The two should match.
networkConfig:
   mtu: {{ openshift.node.sdn_mtu }}
{% if openshift_node_use_openshift_sdn | bool or openshift_node_use_nuage | bool or openshift_node_use_contiv | bool or openshift_node_use_kuryr | bool or openshift_node_sdn_network_plugin_name == 'cni' %}
   networkPluginName: {{ openshift_node_sdn_network_plugin_name }}
{% endif %}
{% if openshift_set_node_ip | bool %}
nodeIP: {{ openshift.common.ip }}
{% endif %}
nodeName: {{ openshift.node.nodename }}
podManifestConfig:
servingInfo:
  bindAddress: 0.0.0.0:10250
  certFile: server.crt
  clientCA: ca.crt
  keyFile: server.key
{% if openshift_node_min_tls_version is defined %}
  minTLSVersion: {{ openshift_node_min_tls_version }}
{% endif %}
{% if openshift_node_cipher_suites is defined %}
  cipherSuites:
{% for cipher_suite in openshift_node_cipher_suites %}
  - {{ cipher_suite }}
{% endfor %}
{% endif %}
volumeDirectory: {{ openshift_node_data_dir }}/openshift.local.volumes
{% if not (openshift_node_use_kuryr | default(False)) | bool %}
proxyArguments:
  proxy-mode:
     - {{ openshift_node_proxy_mode }}
{% endif %}
volumeConfig:
  localQuota:
    perFSGroup: {{ openshift_node_local_quota_per_fsgroup }}