69 lines
2.1 KiB
YAML
69 lines
2.1 KiB
YAML
---
|
|
apiVersion: v1
|
|
kind: Pod
|
|
metadata:
|
|
name: kube-etcd
|
|
namespace: kube-system
|
|
labels:
|
|
tier: control-plane
|
|
component: kube-etcd
|
|
spec:
|
|
hostNetwork: true
|
|
containers:
|
|
- name: k8s-etcd
|
|
image: quay.io/coreos/etcd:v3.0.17
|
|
env:
|
|
- name: ETCD_NAME
|
|
valueFrom:
|
|
fieldRef:
|
|
fieldPath: spec.nodeName
|
|
- name: ETCD_CLIENT_CERT_AUTH
|
|
value: "true"
|
|
- name: ETCD_PEER_CLIENT_CERT_AUTH
|
|
value: "true"
|
|
- name: ETCD_DATA_DIR
|
|
value: /var/lib/kube-etcd
|
|
- name: ETCD_TRUSTED_CA_FILE
|
|
value: /etc/kubernetes/etcd/pki/client-ca.pem
|
|
- name: ETCD_CERT_FILE
|
|
value: /etc/kubernetes/etcd/pki/etcd-client.pem
|
|
- name: ETCD_KEY_FILE
|
|
value: /etc/kubernetes/etcd/pki/etcd-client-key.pem
|
|
- name: ETCD_PEER_TRUSTED_CA_FILE
|
|
value: /etc/kubernetes/etcd/pki/peer-ca.pem
|
|
- name: ETCD_PEER_CERT_FILE
|
|
value: /etc/kubernetes/etcd/pki/etcd-peer.pem
|
|
- name: ETCD_PEER_KEY_FILE
|
|
value: /etc/kubernetes/etcd/pki/etcd-peer-key.pem
|
|
- name: ETCD_ADVERTISE_CLIENT_URLS
|
|
value: https://$(ETCD_NAME):2379
|
|
- name: ETCD_INITIAL_ADVERTISE_PEER_URLS
|
|
value: https://$(ETCD_NAME):2380
|
|
- name: ETCD_INITIAL_CLUSTER_TOKEN
|
|
value: promenade-kube-etcd-token
|
|
- name: ETCD_LISTEN_CLIENT_URLS
|
|
value: https://0.0.0.0:2379
|
|
- name: ETCD_LISTEN_PEER_URLS
|
|
value: https://0.0.0.0:2380
|
|
- name: ETCD_INITIAL_CLUSTER_STATE
|
|
value: {{ config['Etcd']['initial_cluster_state'] }}
|
|
- name: ETCD_INITIAL_CLUSTER
|
|
value: {{ config['Etcd']['initial_cluster'] | join(',') }}
|
|
ports:
|
|
- name: client
|
|
containerPort: 2379
|
|
- name: peer
|
|
containerPort: 2380
|
|
volumeMounts:
|
|
- name: data
|
|
mountPath: /var/lib/kube-etcd
|
|
- name: pki
|
|
mountPath: /etc/kubernetes/etcd/pki
|
|
volumes:
|
|
- name: data
|
|
hostPath:
|
|
path: /var/lib/kube-etcd
|
|
- name: pki
|
|
hostPath:
|
|
path: /etc/kubernetes/etcd/pki
|