From 52bedaf4169444d167be26488e9ed73201a55265 Mon Sep 17 00:00:00 2001 From: "Timothy St. Clair" Date: Fri, 27 Jan 2017 13:34:11 -0600 Subject: [PATCH] Decrease Daemonset burst replicas due to DoS conditions. --- pkg/controller/daemon/daemoncontroller.go | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/pkg/controller/daemon/daemoncontroller.go b/pkg/controller/daemon/daemoncontroller.go index 3bda180d06..cef491a999 100644 --- a/pkg/controller/daemon/daemoncontroller.go +++ b/pkg/controller/daemon/daemoncontroller.go @@ -51,9 +51,8 @@ const ( // Daemon sets will periodically check that their daemon pods are running as expected. FullDaemonSetResyncPeriod = 30 * time.Second // TODO: Figure out if this time seems reasonable. - // Realistic value of the burstReplica field for the replication manager based off - // performance requirements for kubernetes 1.0. - BurstReplicas = 500 + // The value of 250 is chosen b/c values that are too high can cause registry DoS issues + BurstReplicas = 250 // If sending a status upate to API server fails, we retry a finite number of times. StatusUpdateRetries = 1