blob: e03ea6f68575a41f6d74493aed6ee6f9e188f2e9 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
|
{# https://godoc.org/k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm/v1beta1 #}
{# #}
apiVersion: kubeadm.k8s.io/v1beta1
kind: InitConfiguration
{# TODO: this is ugly but we want to create our own token so we can #}
{# better control it's lifetime #}
bootstrapTokens:
- ttl: "1s"
---
apiVersion: kubeadm.k8s.io/v1beta1
kind: ClusterConfiguration
kubernetesVersion: {{ kubernetes_version }}
clusterName: {{ kubernetes.cluster_name }}
imageRepository: k8s.gcr.io
controlPlaneEndpoint: "{{ kubernetes_kubelet_node_ip }}:6443"
networking:
dnsDomain: {{ kubernetes.dns_domain | default('cluster.local') }}
podSubnet: {{ kubernetes.pod_ip_range }}
serviceSubnet: {{ kubernetes.service_ip_range }}
apiServer:
extraArgs:
advertise-address: {{ kubernetes_kubelet_node_ip }}
# encryption-provider-config: /etc/kubernetes/encryption/config
# extraVolumes:
# - name: encryption-config
# hostPath: /etc/kubernetes/encryption
# mountPath: /etc/kubernetes/encryption
# readOnly: true
# pathType: Directory
{% if (kubernetes.api_extra_sans | default([]) | length) == 0 %}
certSANs: []
{% else %}
certSANs:
{{ kubernetes.api_extra_sans | to_nice_yaml | indent(width=2) }}
{% endif %}
controllerManager:
extraArgs:
node-cidr-mask-size: "{{ kubernetes.pod_ip_range_size }}"
scheduler: {}
dns:
type: CoreDNS
|
