forked from kubernetes/kubernetes
-
Notifications
You must be signed in to change notification settings - Fork 0
/
federation-apiserver-deployment.yaml
60 lines (60 loc) · 1.88 KB
/
federation-apiserver-deployment.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: {{.FEDERATION_APISERVER_DEPLOYMENT_NAME}}
namespace: {{.FEDERATION_NAMESPACE}}
labels:
app: federated-cluster
spec:
template:
metadata:
name: federation-apiserver
labels:
app: federated-cluster
module: federation-apiserver
spec:
containers:
- name: apiserver
image: {{.FEDERATION_APISERVER_IMAGE_REPO}}:{{.FEDERATION_APISERVER_IMAGE_TAG}}
command:
- /hyperkube
- federation-apiserver
- --bind-address=0.0.0.0
- --etcd-servers=http://localhost:2379
- --secure-port=443
{{if eq .IS_DNS_NAME "false"}}
- --advertise-address={{.FEDERATION_API_HOST}}
{{end}}
- --client-ca-file=/srv/kubernetes/ca.crt
- --basic-auth-file=/srv/kubernetes/basic-auth.csv
- --tls-cert-file=/srv/kubernetes/server.cert
- --tls-private-key-file=/srv/kubernetes/server.key
- --admission-control={{.FEDERATION_ADMISSION_CONTROL}}
- --token-auth-file=/srv/kubernetes/known-tokens.csv
- --anonymous-auth=false
- --storage-backend=etcd2
ports:
- containerPort: 443
name: https
- containerPort: 8080
name: local
volumeMounts:
- name: federation-apiserver-secrets
mountPath: /srv/kubernetes/
readOnly: true
- name: etcd
image: gcr.io/google_containers/etcd:3.0.17
command:
- /usr/local/bin/etcd
- --data-dir
- /var/etcd/data
volumeMounts:
- mountPath: /var/etcd
name: varetcd
volumes:
- name: federation-apiserver-secrets
secret:
secretName: federation-apiserver-secrets
- name: varetcd
persistentVolumeClaim:
claimName: {{.FEDERATION_APISERVER_DEPLOYMENT_NAME}}-etcd-claim