kube-reserved: cpu=200m,memory=512Mi
name: '{{ "{{" }} ds.meta_data.name {{ "}}" }}'
preKubeadmCommands:
+{{- if .Values.preKubeadmCommands }}
+{{ toYaml .Values.preKubeadmCommands | indent 4 }}
+{{- end }}
{{- if .Values.networks }}
# Without touching up /etc/hosts, kubeadm may pick the wrong
# (i.e. provisioning network) address for the node IP
- add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
- curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add -
- add-apt-repository "deb https://apt.kubernetes.io/ kubernetes-xenial main"
- - apt update -y
+ - apt-get update -y
- apt-get install -y ca-certificates
{{- if .Values.keepalived }}
- apt-get install -y keepalived
# ClusterResourceSet. However instead of apply, replace must be
# used to harden K8s.
- /usr/local/bin/harden_k8s.sh
+{{- if eq (int .Values.numWorkerMachines) 0 }}
+ # Allow scheduling Pods on the control plane when there are no
+ # workers.
+ - kubectl --kubeconfig=/etc/kubernetes/admin.conf taint nodes --all node-role.kubernetes.io/master-
+{{- end }}
# This must be done after kubeadm as the cabpk provider relies on
# files in /var/run, which won't persist after a reboot
- /usr/local/bin/set_kernel_cmdline.sh
permissions: '0777'
content: |
{{ $.Files.Get "resources/set_kernel_cmdline.sh" | indent 8 }}
+{{- if eq .Values.cni "calico" }}
+ - path: /etc/NetworkManager/conf.d/calico.conf
+ content: |
+{{ $.Files.Get "resources/calico.conf" | indent 8 }}
+{{- end }}
+{{- if .Values.userData }}
users:
- name: {{ .Values.userData.name }}
shell: /bin/bash
- name: root
sshAuthorizedKeys:
- {{ .Values.userData.sshAuthorizedKey }}
+{{- end }}
machineTemplate:
infrastructureRef:
apiVersion: infrastructure.cluster.x-k8s.io/v1alpha5
Code Review / icn.git / blobdiff