Disable apiserver in the bootstrap daemonset
Change-Id: I49010ddf3166e2612dd173338a0ec50073fcabd8 Signed-off-by: Ruslan Aliev <raliev@mirantis.com>
This commit is contained in:
Ruslan Aliev
@@ -143,31 +143,6 @@ spec:
|
|||||||
{{ if $mounts_monitor_bootstrap.volumeMounts }}
|
{{ if $mounts_monitor_bootstrap.volumeMounts }}
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
{{ toYaml $mounts_monitor_bootstrap.volumeMounts | indent 8 }}
|
{{ toYaml $mounts_monitor_bootstrap.volumeMounts | indent 8 }}
|
||||||
{{ end }}
|
|
||||||
- command:
|
|
||||||
{{- range .Values.bootstrap_apiserver.command_prefix }}
|
|
||||||
- {{ . }}
|
|
||||||
{{- end }}
|
|
||||||
{{- range .Values.bootstrap_apiserver.genesis_arguments }}
|
|
||||||
- {{ . }}
|
|
||||||
{{- end }}
|
|
||||||
{{- range .Values.bootstrap_apiserver.arguments }}
|
|
||||||
- {{ . }}
|
|
||||||
{{- end }}
|
|
||||||
{{- if .Values.pod.env.apiserver_bootstrap }}
|
|
||||||
env:
|
|
||||||
{{- range .Values.pod.env.apiserver_bootstrap }}
|
|
||||||
- name: {{ .name | quote }}
|
|
||||||
value: {{ .value | quote }}
|
|
||||||
{{- end }}
|
|
||||||
{{- end }}
|
|
||||||
{{ tuple $envAll "apiserver" | include "helm-toolkit.snippets.image" | indent 8 }}
|
|
||||||
name: kubectl-apiserver
|
|
||||||
{{ tuple $envAll $envAll.Values.pod.resources.apiserver_bootstrap | include "helm-toolkit.snippets.kubernetes_resources" | indent 8 }}
|
|
||||||
{{ dict "envAll" $envAll "application" "armada" "container" "manager" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 8 }}
|
|
||||||
{{ if $mounts_apiserver_bootstrap.volumeMounts }}
|
|
||||||
volumeMounts:
|
|
||||||
{{ toYaml $mounts_apiserver_bootstrap.volumeMounts | indent 8 }}
|
|
||||||
{{ end }}
|
{{ end }}
|
||||||
dnsPolicy: Default
|
dnsPolicy: Default
|
||||||
hostNetwork: true
|
hostNetwork: true
|
||||||
@@ -183,5 +158,4 @@ spec:
|
|||||||
volumes:
|
volumes:
|
||||||
{{ toYaml $mounts_armada_bootstrap.volumes | indent 8 }}
|
{{ toYaml $mounts_armada_bootstrap.volumes | indent 8 }}
|
||||||
{{ end }}
|
{{ end }}
|
||||||
|
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|||||||
@@ -46,31 +46,6 @@ images:
|
|||||||
- dep_check
|
- dep_check
|
||||||
- image_repo_sync
|
- image_repo_sync
|
||||||
|
|
||||||
bootstrap_apiserver:
|
|
||||||
command_prefix:
|
|
||||||
- kube-apiserver
|
|
||||||
- --advertise-address=$(ADVERTISE_ADDRESS)
|
|
||||||
- --allow-privileged=true
|
|
||||||
- --anonymous-auth=false
|
|
||||||
- --bind-address=0.0.0.0
|
|
||||||
- --client-ca-file=/etc/kubernetes/apiserver/pki/cluster-ca.pem
|
|
||||||
- --etcd-cafile=/etc/kubernetes/apiserver/pki/etcd-client-ca.pem
|
|
||||||
- --etcd-certfile=/etc/kubernetes/apiserver/pki/etcd-client.pem
|
|
||||||
- --etcd-keyfile=/etc/kubernetes/apiserver/pki/etcd-client-key.pem
|
|
||||||
- --kubelet-certificate-authority=/etc/kubernetes/apiserver/pki/kubelet-client-ca.pem
|
|
||||||
- --kubelet-client-certificate=/etc/kubernetes/apiserver/pki/kubelet-client.pem
|
|
||||||
- --kubelet-client-key=/etc/kubernetes/apiserver/pki/kubelet-client-key.pem
|
|
||||||
- --kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname
|
|
||||||
- --service-account-issuer=https://kubernetes.default.svc.cluster.local
|
|
||||||
- --service-account-key-file=/etc/kubernetes/apiserver/pki/service-account.pub
|
|
||||||
- --service-account-signing-key-file=/etc/kubernetes/apiserver/pki/service-account.key
|
|
||||||
- --tls-cert-file=/etc/kubernetes/apiserver/pki/apiserver.pem
|
|
||||||
- --tls-private-key-file=/etc/kubernetes/apiserver/pki/apiserver-key.pem
|
|
||||||
genesis_arguments: []
|
|
||||||
arguments:
|
|
||||||
- --etcd-servers=https://localhost:12379
|
|
||||||
- --secure-port=6444
|
|
||||||
- --endpoint-reconciler-type=none
|
|
||||||
|
|
||||||
network:
|
network:
|
||||||
api:
|
api:
|
||||||
@@ -296,9 +271,6 @@ pod:
|
|||||||
value: /tmp/log/bootstrap-armada-operator.log
|
value: /tmp/log/bootstrap-armada-operator.log
|
||||||
- name: KUBECONFIG
|
- name: KUBECONFIG
|
||||||
value: /root/.kube/config
|
value: /root/.kube/config
|
||||||
apiserver_bootstrap:
|
|
||||||
- name: KUBECONFIG
|
|
||||||
value: /etc/kubernetes/admin/config
|
|
||||||
# NOTE(@drewwalters96): These configuration values change the Armada API's
|
# NOTE(@drewwalters96): These configuration values change the Armada API's
|
||||||
# uWSGI configuration.
|
# uWSGI configuration.
|
||||||
armada_api:
|
armada_api:
|
||||||
@@ -371,13 +343,6 @@ pod:
|
|||||||
name: ipc
|
name: ipc
|
||||||
- mountPath: /etc/kubernetes/manifests
|
- mountPath: /etc/kubernetes/manifests
|
||||||
name: manifest
|
name: manifest
|
||||||
apiserver:
|
|
||||||
volumeMounts:
|
|
||||||
- name: auth
|
|
||||||
mountPath: /etc/kubernetes/admin
|
|
||||||
- name: config
|
|
||||||
mountPath: /etc/kubernetes/apiserver
|
|
||||||
readOnly: true
|
|
||||||
armada_api:
|
armada_api:
|
||||||
init_container: null
|
init_container: null
|
||||||
armada_api:
|
armada_api:
|
||||||
@@ -429,13 +394,6 @@ pod:
|
|||||||
requests:
|
requests:
|
||||||
cpu: "100m"
|
cpu: "100m"
|
||||||
memory: "128Mi"
|
memory: "128Mi"
|
||||||
apiserver_bootstrap:
|
|
||||||
limits:
|
|
||||||
cpu: "8"
|
|
||||||
memory: "8Gi"
|
|
||||||
requests:
|
|
||||||
cpu: "100m"
|
|
||||||
memory: "128Mi"
|
|
||||||
api:
|
api:
|
||||||
limits:
|
limits:
|
||||||
memory: "128Mi"
|
memory: "128Mi"
|
||||||
|
|||||||
Reference in New Issue
Block a user