69 lines
1.9 KiB
YAML
69 lines
1.9 KiB
YAML
---
|
|
apiVersion: v1
|
|
kind: Pod
|
|
metadata:
|
|
name: kube-etcd
|
|
namespace: kube-system
|
|
labels:
|
|
tier: control-plane
|
|
component: kube-etcd
|
|
spec:
|
|
hostNetwork: true
|
|
containers:
|
|
- name: k8s-etcd
|
|
image: quay.io/coreos/etcd:v3.0.17
|
|
env:
|
|
- name: ETCD_NAME
|
|
valueFrom:
|
|
fieldRef:
|
|
fieldPath: spec.nodeName
|
|
- name: ETCD_CLIENT_CERT_AUTH
|
|
value: "true"
|
|
- name: ETCD_PEER_CLIENT_CERT_AUTH
|
|
value: "true"
|
|
- name: ETCD_DATA_DIR
|
|
value: /var/lib/kube-etcd
|
|
- name: ETCD_TRUSTED_CA_FILE
|
|
value: /etc/etcd-pki/cluster-ca.pem
|
|
- name: ETCD_CERT_FILE
|
|
value: /etc/etcd-pki/etcd.pem
|
|
- name: ETCD_KEY_FILE
|
|
value: /etc/etcd-pki/etcd-key.pem
|
|
- name: ETCD_PEER_TRUSTED_CA_FILE
|
|
value: /etc/etcd-pki/cluster-ca.pem
|
|
- name: ETCD_PEER_CERT_FILE
|
|
value: /etc/etcd-pki/etcd.pem
|
|
- name: ETCD_PEER_KEY_FILE
|
|
value: /etc/etcd-pki/etcd-key.pem
|
|
- name: ETCD_ADVERTISE_CLIENT_URLS
|
|
value: https://$(ETCD_NAME):2379
|
|
- name: ETCD_INITIAL_ADVERTISE_PEER_URLS
|
|
value: https://$(ETCD_NAME):2380
|
|
- name: ETCD_INITIAL_CLUSTER_TOKEN
|
|
value: promenade-kube-etcd-token
|
|
- name: ETCD_LISTEN_CLIENT_URLS
|
|
value: https://0.0.0.0:2379
|
|
- name: ETCD_LISTEN_PEER_URLS
|
|
value: https://0.0.0.0:2380
|
|
{%- for env_name, env_value in etcd['env'].items() %}
|
|
- name: {{ env_name }}
|
|
value: {{ env_value }}
|
|
{%- endfor %}
|
|
ports:
|
|
- name: client
|
|
containerPort: 2379
|
|
- name: peer
|
|
containerPort: 2380
|
|
volumeMounts:
|
|
- name: data
|
|
mountPath: /var/lib/kube-etcd
|
|
- name: pki
|
|
mountPath: /etc/etcd-pki
|
|
volumes:
|
|
- name: data
|
|
hostPath:
|
|
path: /var/lib/kube-etcd
|
|
- name: pki
|
|
hostPath:
|
|
path: /etc/kubernetes/etcd/pki
|