mirror of https://github.com/k3s-io/k3s
80 lines
3.3 KiB
Plaintext
80 lines
3.3 KiB
Plaintext
{% set daemon_args = "$DAEMON_ARGS" -%}
|
|
{% if grains['os_family'] == 'RedHat' -%}
|
|
{% set daemon_args = "" -%}
|
|
{% endif -%}
|
|
|
|
{% if grains.api_servers is defined -%}
|
|
{% set api_servers = "--api_servers=https://" + grains.api_servers -%}
|
|
{% elif grains.apiservers is defined -%} # TODO(remove after 0.16.0): Deprecated form
|
|
{% set api_servers = "--api_servers=https://" + grains.apiservers -%}
|
|
{% elif grains['roles'][0] == 'kubernetes-master' -%}
|
|
{% set master_ipv4 = salt['grains.get']('fqdn_ip4')[0] -%}
|
|
{% set api_servers = "--api_servers=https://" + master_ipv4 -%}
|
|
{% else -%}
|
|
{% set ips = salt['mine.get']('roles:kubernetes-master', 'network.ip_addrs', 'grain').values() -%}
|
|
{% set api_servers = "--api_servers=https://" + ips[0][0] -%}
|
|
{% endif -%}
|
|
|
|
# TODO: remove nginx for other cloud providers.
|
|
{% if grains['cloud'] is defined and grains.cloud in [ 'aws', 'gce' ] %}
|
|
{% set api_servers_with_port = api_servers -%}
|
|
{% else -%}
|
|
{% set api_servers_with_port = api_servers + ":6443" -%}
|
|
{% endif -%}
|
|
|
|
# Disable registration for the kubelet running on the master on GCE. Also disable
|
|
# the debugging handlers (/run and /exec) to prevent arbitrary code execution on
|
|
# the master.
|
|
# TODO(roberthbailey): Make this configurable via an env var in config-default.sh
|
|
|
|
{% set debugging_handlers = "--enable-debugging-handlers=true" -%}
|
|
{% if grains.cloud in ['gce', 'vagrant'] -%}
|
|
{% if grains['roles'][0] == 'kubernetes-master' -%}
|
|
{% set api_servers_with_port = "" -%}
|
|
{% set debugging_handlers = "--enable-debugging-handlers=false" -%}
|
|
{% endif -%}
|
|
{% endif -%}
|
|
|
|
{% set cloud_provider = "" -%}
|
|
{% if grains.cloud is defined -%}
|
|
{% set cloud_provider = "--cloud_provider=" + grains.cloud -%}
|
|
{% endif -%}
|
|
|
|
{% set config = "--config=/etc/kubernetes/manifests" -%}
|
|
{% set hostname_override = "" -%}
|
|
{% if grains.hostname_override is defined -%}
|
|
{% set hostname_override = " --hostname_override=" + grains.hostname_override -%}
|
|
{% endif -%}
|
|
|
|
{% set cluster_dns = "" %}
|
|
{% set cluster_domain = "" %}
|
|
{% if pillar.get('enable_cluster_dns', '').lower() == 'true' %}
|
|
{% set cluster_dns = "--cluster_dns=" + pillar['dns_server'] %}
|
|
{% set cluster_domain = "--cluster_domain=" + pillar['dns_domain'] %}
|
|
{% endif %}
|
|
|
|
{% set docker_root = "" -%}
|
|
{% if grains.docker_root is defined -%}
|
|
{% set docker_root = " --docker_root=" + grains.docker_root -%}
|
|
{% endif -%}
|
|
|
|
{% set kubelet_root = "" -%}
|
|
{% if grains.kubelet_root is defined -%}
|
|
{% set kubelet_root = " --root_dir=" + grains.kubelet_root -%}
|
|
{% endif -%}
|
|
|
|
{% set configure_cbr0 = "" -%}
|
|
{% if pillar['allocate_node_cidrs'] is defined -%}
|
|
{% set configure_cbr0 = "--configure-cbr0=" + pillar['allocate_node_cidrs'] -%}
|
|
{% endif -%}
|
|
|
|
# Run containers under the root cgroup and create a system container.
|
|
{% set system_container = "" -%}
|
|
{% set cgroup_root = "" -%}
|
|
{% if grains['os_family'] == 'Debian' -%}
|
|
{% set system_container = "--system-container=/system" -%}
|
|
{% set cgroup_root = "--cgroup_root=/" -%}
|
|
{% endif -%}
|
|
|
|
DAEMON_ARGS="{{daemon_args}} {{api_servers_with_port}} {{debugging_handlers}} {{hostname_override}} {{cloud_provider}} {{config}} --allow_privileged={{pillar['allow_privileged']}} {{pillar['log_level']}} {{cluster_dns}} {{cluster_domain}} {{docker_root}} {{kubelet_root}} {{configure_cbr0}} {{cgroup_root}} {{system_container}}"
|