mirror of https://github.com/k3s-io/k3s
159 lines
4.8 KiB
Plaintext
159 lines
4.8 KiB
Plaintext
{% set cluster_name = "" -%}
|
|
{% set cluster_cidr = "" -%}
|
|
{% set allocate_node_cidrs = "" -%}
|
|
{% set enable_experimental = "" -%}
|
|
|
|
{% if pillar['instance_prefix'] is defined -%}
|
|
{% set cluster_name = "--cluster-name=" + pillar['instance_prefix'] -%}
|
|
{% endif -%}
|
|
{% if pillar['cluster_cidr'] is defined and pillar['cluster_cidr'] != "" -%}
|
|
{% set cluster_cidr = "--cluster-cidr=" + pillar['cluster_cidr'] -%}
|
|
{% endif -%}
|
|
{% if pillar['allocate_node_cidrs'] is defined -%}
|
|
{% set allocate_node_cidrs = "--allocate-node-cidrs=" + pillar['allocate_node_cidrs'] -%}
|
|
{% endif -%}
|
|
{% if pillar['enable_experimental_api'] is defined -%}
|
|
{% set enable_experimental = "--enable-experimental=" + pillar['enable_experimental_api'] -%}
|
|
{% endif -%}
|
|
|
|
{% set cloud_provider = "" -%}
|
|
{% set cloud_config = "" -%}
|
|
{% set cloud_config_mount = "" -%}
|
|
{% set cloud_config_volume = "" -%}
|
|
|
|
{% if grains.cloud is defined -%}
|
|
{% set cloud_provider = "--cloud-provider=" + grains.cloud -%}
|
|
{% set service_account_key = " --service-account-private-key-file=/srv/kubernetes/server.key " -%}
|
|
|
|
{% if grains.cloud in [ 'aws', 'gce' ] and grains.cloud_config is defined -%}
|
|
{% set cloud_config = "--cloud-config=" + grains.cloud_config -%}
|
|
{% set cloud_config_mount = "{\"name\": \"cloudconfigmount\",\"mountPath\": \"" + grains.cloud_config + "\", \"readOnly\": true}," -%}
|
|
{% set cloud_config_volume = "{\"name\": \"cloudconfigmount\",\"hostPath\": {\"path\": \"" + grains.cloud_config + "\"}}," -%}
|
|
{% endif -%}
|
|
{% endif -%}
|
|
|
|
{% set root_ca_file = "" -%}
|
|
|
|
{% if grains['cloud'] is defined and grains.cloud in [ 'aws', 'gce', 'vagrant' ] %}
|
|
{% set root_ca_file = "--root-ca-file=/srv/kubernetes/ca.crt" -%}
|
|
{% endif -%}
|
|
|
|
{% set params = "--master=127.0.0.1:8080" + " " + cluster_name + " " + cluster_cidr + " " + allocate_node_cidrs + " " + enable_experimental + " " + cloud_provider + " " + cloud_config + service_account_key + pillar['log_level'] + " " + root_ca_file -%}
|
|
|
|
# test_args has to be kept at the end, so they'll overwrite any prior configuration
|
|
{% if pillar['controller_manager_test_args'] is defined -%}
|
|
{% set params = params + " " + pillar['controller_manager_test_args'] -%}
|
|
{% endif -%}
|
|
|
|
{
|
|
"apiVersion": "v1",
|
|
"kind": "Pod",
|
|
"metadata": {
|
|
"name":"kube-controller-manager",
|
|
"namespace": "kube-system"
|
|
},
|
|
"spec":{
|
|
"hostNetwork": true,
|
|
"containers":[
|
|
{
|
|
"name": "kube-controller-manager",
|
|
"image": "gcr.io/google_containers/kube-controller-manager:{{pillar['kube-controller-manager_docker_tag']}}",
|
|
"resources": {
|
|
"limits": {
|
|
"cpu": "200m"
|
|
}
|
|
},
|
|
"command": [
|
|
"/bin/sh",
|
|
"-c",
|
|
"/usr/local/bin/kube-controller-manager {{params}} 1>>/var/log/kube-controller-manager.log 2>&1"
|
|
],
|
|
"livenessProbe": {
|
|
"httpGet": {
|
|
"host": "127.0.0.1",
|
|
"port": 10252,
|
|
"path": "/healthz"
|
|
},
|
|
"initialDelaySeconds": 15,
|
|
"timeoutSeconds": 15
|
|
},
|
|
"volumeMounts": [
|
|
{{cloud_config_mount}}
|
|
{ "name": "srvkube",
|
|
"mountPath": "/srv/kubernetes",
|
|
"readOnly": true},
|
|
{ "name": "logfile",
|
|
"mountPath": "/var/log/kube-controller-manager.log",
|
|
"readOnly": false},
|
|
{ "name": "etcssl",
|
|
"mountPath": "/etc/ssl",
|
|
"readOnly": true},
|
|
{ "name": "usrsharessl",
|
|
"mountPath": "/usr/share/ssl",
|
|
"readOnly": true},
|
|
{ "name": "varssl",
|
|
"mountPath": "/var/ssl",
|
|
"readOnly": true},
|
|
{ "name": "usrssl",
|
|
"mountPath": "/usr/ssl",
|
|
"readOnly": true},
|
|
{ "name": "usrlibssl",
|
|
"mountPath": "/usr/lib/ssl",
|
|
"readOnly": true},
|
|
{ "name": "usrlocalopenssl",
|
|
"mountPath": "/usr/local/openssl",
|
|
"readOnly": true},
|
|
{ "name": "etcopenssl",
|
|
"mountPath": "/etc/openssl",
|
|
"readOnly": true},
|
|
{ "name": "etcpkitls",
|
|
"mountPath": "/etc/pki/tls",
|
|
"readOnly": true}
|
|
]
|
|
}
|
|
],
|
|
"volumes":[
|
|
{{cloud_config_volume}}
|
|
{ "name": "srvkube",
|
|
"hostPath": {
|
|
"path": "/srv/kubernetes"}
|
|
},
|
|
{ "name": "logfile",
|
|
"hostPath": {
|
|
"path": "/var/log/kube-controller-manager.log"}
|
|
},
|
|
{ "name": "etcssl",
|
|
"hostPath": {
|
|
"path": "/etc/ssl"}
|
|
},
|
|
{ "name": "usrsharessl",
|
|
"hostPath": {
|
|
"path": "/usr/share/ssl"}
|
|
},
|
|
{ "name": "varssl",
|
|
"hostPath": {
|
|
"path": "/var/ssl"}
|
|
},
|
|
{ "name": "usrssl",
|
|
"hostPath": {
|
|
"path": "/usr/ssl"}
|
|
},
|
|
{ "name": "usrlibssl",
|
|
"hostPath": {
|
|
"path": "/usr/lib/ssl"}
|
|
},
|
|
{ "name": "usrlocalopenssl",
|
|
"hostPath": {
|
|
"path": "/usr/local/openssl"}
|
|
},
|
|
{ "name": "etcopenssl",
|
|
"hostPath": {
|
|
"path": "/etc/openssl"}
|
|
},
|
|
{ "name": "etcpkitls",
|
|
"hostPath": {
|
|
"path": "/etc/pki/tls"}
|
|
}
|
|
]
|
|
}}
|