diff options
author | Christian Pointner <equinox@spreadspace.org> | 2020-02-01 02:48:06 +0100 |
---|---|---|
committer | Christian Pointner <equinox@spreadspace.org> | 2020-02-01 02:48:06 +0100 |
commit | 844bc9826f652d6bebe55c66e44eb69bd89575bf (patch) | |
tree | 5c60fe1648e5a1db4b54c4ce02e72c4cf0bd8939 /roles/kubernetes/kubeadm/master/templates/kubeadm.config.j2 | |
parent | updated all nexcloud instances on sk-cloudia (diff) | |
parent | kubernetes standalone with docker (diff) |
Merge branch 'topic/kubernetes-ng'
Diffstat (limited to 'roles/kubernetes/kubeadm/master/templates/kubeadm.config.j2')
-rw-r--r-- | roles/kubernetes/kubeadm/master/templates/kubeadm.config.j2 | 45 |
1 files changed, 45 insertions, 0 deletions
diff --git a/roles/kubernetes/kubeadm/master/templates/kubeadm.config.j2 b/roles/kubernetes/kubeadm/master/templates/kubeadm.config.j2 new file mode 100644 index 00000000..f48a34f3 --- /dev/null +++ b/roles/kubernetes/kubeadm/master/templates/kubeadm.config.j2 @@ -0,0 +1,45 @@ +{# https://godoc.org/k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm/v1beta2 #} +{# #} +apiVersion: kubeadm.k8s.io/v1beta2 +kind: InitConfiguration +{# TODO: this is ugly but we want to create our own token so we can #} +{# better control it's lifetime #} +bootstrapTokens: +- ttl: "1s" +localAPIEndpoint: + bindPort: 6442 +{% if kubernetes_overlay_node_ip is defined %} + advertiseAddress: {{ kubernetes_overlay_node_ip }} +{% endif %} +--- +apiVersion: kubeadm.k8s.io/v1beta2 +kind: ClusterConfiguration +kubernetesVersion: {{ kubernetes_version }} +clusterName: {{ kubernetes.cluster_name }} +imageRepository: k8s.gcr.io +controlPlaneEndpoint: 127.0.0.1:6443 +networking: + dnsDomain: {{ kubernetes.dns_domain | default('cluster.local') }} + podSubnet: {{ kubernetes.pod_ip_range }} + serviceSubnet: {{ kubernetes.service_ip_range }} +apiServer: + # extraArgs: + # encryption-provider-config: /etc/kubernetes/encryption/config + # extraVolumes: + # - name: encryption-config + # hostPath: /etc/kubernetes/encryption + # mountPath: /etc/kubernetes/encryption + # readOnly: true + # pathType: Directory +{% if (kubernetes.api_extra_sans | default([]) | length) == 0 %} + certSANs: [] +{% else %} + certSANs: + {{ kubernetes.api_extra_sans | to_nice_yaml | indent(width=2) }} +{% endif %} +controllerManager: + extraArgs: + node-cidr-mask-size: "{{ kubernetes.pod_ip_range_size }}" +scheduler: {} +dns: + type: CoreDNS |