78 lines
2.3 KiB
YAML
78 lines
2.3 KiB
YAML
---
|
|
apiVersion: extensions/v1beta1
|
|
kind: Deployment
|
|
metadata:
|
|
name: kube-controller-manager
|
|
namespace: kube-system
|
|
labels:
|
|
tier: control-plane
|
|
component: kube-controller-manager
|
|
spec:
|
|
replicas: 2
|
|
template:
|
|
metadata:
|
|
labels:
|
|
tier: control-plane
|
|
component: kube-controller-manager
|
|
annotations:
|
|
scheduler.alpha.kubernetes.io/critical-pod: ''
|
|
spec:
|
|
affinity:
|
|
podAntiAffinity:
|
|
preferredDuringSchedulingIgnoredDuringExecution:
|
|
- weight: 100
|
|
podAffinityTerm:
|
|
labelSelector:
|
|
matchExpressions:
|
|
- key: tier
|
|
operator: In
|
|
values:
|
|
- control-plane
|
|
- key: component
|
|
operator: In
|
|
values:
|
|
- kube-contoller-manager
|
|
topologyKey: kubernetes.io/hostname
|
|
containers:
|
|
- name: kube-controller-manager
|
|
image: quay.io/coreos/hyperkube:v1.6.2_coreos.0
|
|
command:
|
|
- ./hyperkube
|
|
- controller-manager
|
|
- --allocate-node-cidrs=true
|
|
- --cloud-provider=
|
|
- --cluster-cidr=10.2.0.0/16
|
|
- --configure-cloud-routes=false
|
|
- --leader-elect=true
|
|
- --root-ca-file=/etc/kubernetes/secrets/ca.crt
|
|
- --service-account-private-key-file=/etc/kubernetes/secrets/service-account.key
|
|
livenessProbe:
|
|
httpGet:
|
|
path: /healthz
|
|
port: 10252 # Note: Using default port. Update if --port option is set differently.
|
|
initialDelaySeconds: 15
|
|
timeoutSeconds: 15
|
|
volumeMounts:
|
|
- name: secrets
|
|
mountPath: /etc/kubernetes/secrets
|
|
readOnly: true
|
|
- name: ssl-host
|
|
mountPath: /etc/ssl/certs
|
|
readOnly: true
|
|
nodeSelector:
|
|
node-role.kubernetes.io/master: ""
|
|
tolerations:
|
|
- key: CriticalAddonsOnly
|
|
operator: Exists
|
|
- key: node-role.kubernetes.io/master
|
|
operator: Exists
|
|
effect: NoSchedule
|
|
volumes:
|
|
- name: secrets
|
|
secret:
|
|
secretName: kube-controller-manager
|
|
- name: ssl-host
|
|
hostPath:
|
|
path: /usr/share/ca-certificates
|
|
dnsPolicy: Default # Don't use cluster DNS.
|