94 lines
3.5 KiB
YAML
94 lines
3.5 KiB
YAML
- name: etcd-{{ etcd_name }}
|
|
image: {{ config['Genesis:images.kubernetes.etcd'] }}
|
|
env:
|
|
- name: ETCD_NAME
|
|
value: {{ etcd_name }}
|
|
- name: POD_IP
|
|
valueFrom:
|
|
fieldRef:
|
|
fieldPath: status.podIP
|
|
- name: ETCD_CLIENT_CERT_AUTH
|
|
value: "true"
|
|
- name: ETCD_PEER_CLIENT_CERT_AUTH
|
|
value: "true"
|
|
- name: ETCD_DATA_DIR
|
|
value: /var/lib/etcd
|
|
- name: ETCD_TRUSTED_CA_FILE
|
|
value: /etc/etcd/pki/client-ca.pem
|
|
- name: ETCD_CERT_FILE
|
|
value: /etc/etcd/pki/etcd-client.pem
|
|
- name: ETCD_STRICT_RECONFIG_CHECK
|
|
value: "true"
|
|
- name: ETCD_KEY_FILE
|
|
value: /etc/etcd/pki/etcd-client-key.pem
|
|
- name: ETCD_PEER_TRUSTED_CA_FILE
|
|
value: /etc/etcd/pki/peer-ca.pem
|
|
- name: ETCD_PEER_CERT_FILE
|
|
value: /etc/etcd/pki/etcd-peer.pem
|
|
- name: ETCD_PEER_KEY_FILE
|
|
value: /etc/etcd/pki/etcd-peer-key.pem
|
|
- name: ETCD_ADVERTISE_CLIENT_URLS
|
|
value: https://$(POD_IP):{{ client_port }}
|
|
- name: ETCD_INITIAL_ADVERTISE_PEER_URLS
|
|
value: https://$(POD_IP):{{ peer_port }}
|
|
- name: ETCD_INITIAL_CLUSTER_TOKEN
|
|
value: promenade-kube-etcd-token
|
|
- name: ETCD_LISTEN_CLIENT_URLS
|
|
value: https://0.0.0.0:{{ client_port }}
|
|
- name: ETCD_LISTEN_PEER_URLS
|
|
value: https://0.0.0.0:{{ peer_port }}
|
|
- name: ETCD_INITIAL_CLUSTER_STATE
|
|
value: new
|
|
- name: ETCD_INITIAL_CLUSTER
|
|
value: {{ config['Genesis:hostname'] }}=https://{{ config['Genesis:ip'] }}:2380,auxiliary-0=https://{{ config['Genesis:ip'] }}:12380,auxiliary-1=https://{{ config['Genesis:ip'] }}:22380
|
|
- name: ETCDCTL_API
|
|
value: '3'
|
|
- name: ETCDCTL_DIAL_TIMEOUT
|
|
value: 3s
|
|
- name: ETCDCTL_ENDPOINTS
|
|
value: https://$(POD_IP):{{ client_port }},https://127.0.0.1:{{ client_port }}
|
|
- name: ETCDCTL_CACERT
|
|
value: $(ETCD_TRUSTED_CA_FILE)
|
|
- name: ETCDCTL_CERT
|
|
value: $(ETCD_CERT_FILE)
|
|
- name: ETCDCTL_KEY
|
|
value: $(ETCD_KEY_FILE)
|
|
{%- if config['Genesis:etcd.heartbeat_interval'] is defined %}
|
|
- name: ETCD_HEARTBEAT_INTERVAL
|
|
value: "{{ config['Genesis:etcd.heartbeat_interval'] }}"
|
|
{%- endif %}
|
|
{%- if config['Genesis:etcd.election_timeout'] is defined %}
|
|
- name: ETCD_ELECTION_TIMEOUT
|
|
value: "{{ config['Genesis:etcd.election_timeout'] }}"
|
|
{%- endif %}
|
|
{%- if config['Genesis:etcd.snapshot_count'] is defined %}
|
|
- name: ETCD_SNAPSHOT_COUNT
|
|
value: "{{ config['Genesis:etcd.snapshot_count'] }}"
|
|
{%- endif %}
|
|
{%- if config['Genesis:etcd.cipher_suites'] is defined %}
|
|
- name: ETCD_CIPHER_SUITES
|
|
value: "{{ config['Genesis:etcd.cipher_suites'] }}"
|
|
{%- endif %}
|
|
{%- if config['Genesis:etcd.gomaxprocs'] is defined %}
|
|
- name: GOMAXPROCS
|
|
value: "{{ config['Genesis:etcd.gomaxprocs'] }}"
|
|
{%- endif %}
|
|
ports:
|
|
- name: client
|
|
containerPort: {{ client_port }}
|
|
- name: peer
|
|
containerPort: {{ peer_port }}
|
|
livenessProbe:
|
|
grpc:
|
|
port: {{ client_port }}
|
|
initialDelaySeconds: 15
|
|
timeoutSeconds: 10
|
|
periodSeconds: 30
|
|
successThreshold: 1
|
|
failureThreshold: 10
|
|
volumeMounts:
|
|
- name: data-{{ etcd_name }}
|
|
mountPath: /var/lib/etcd
|
|
- name: pki-{{ etcd_name }}
|
|
mountPath: /etc/etcd/pki
|