Code Review / ta / caas-kubernetes.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
Added seed code for caas-kubernetes.
[ta/caas-kubernetes.git] / ansible / roles / kube_master / templates / apiserver.yml
1 {#
2 Copyright 2019 Nokia
3
4 Licensed under the Apache License, Version 2.0 (the "License");
5 you may not use this file except in compliance with the License.
6 You may obtain a copy of the License at
7
8     http://www.apache.org/licenses/LICENSE-2.0
9
10 Unless required by applicable law or agreed to in writing, software
11 distributed under the License is distributed on an "AS IS" BASIS,
12 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 See the License for the specific language governing permissions and
14 limitations under the License.
15 #}
16 ---
17 apiVersion: v1
18 kind: Pod
19 metadata:
20   name: kube-apiserver
21   namespace: kube-system
22 spec:
23   hostNetwork: true
24   containers:
25     - name: kube-apiserver
26       image: {{ container_image_names | select('search', '/hyperkube') | list | last }}
27       securityContext:
28         runAsUser: {{ caas.uid.kube }}
29       command:
30         - "/kube-apiserver"
31         {{ apiserver_params | to_nice_yaml | indent(8) }}
32       volumeMounts:
33         - name: secret-kubernetes
34           mountPath: /etc/kubernetes/ssl
35           readOnly: true
36         - name: secret-root-ca
37           mountPath: /etc/openssl/ca.pem
38           readOnly: true
39         - name: secret-etcd
40           mountPath: /etc/etcd/ssl
41           readOnly: true
42         - name: audit-kube-apiserver
43           mountPath: /var/log/audit/kube_apiserver/
44           readOnly: false
45         - name: audit-policy-dir
46           mountPath: {{ caas.caas_policy_directory }}
47           readOnly: true
48   volumes:
49     - name: secret-kubernetes
50       hostPath:
51         path: /etc/kubernetes/ssl
52     - name: secret-root-ca
53       hostPath:
54         path: /etc/openssl/ca.pem
55     - name: secret-etcd
56       hostPath:
57         path: /etc/etcd/ssl
58     - name: audit-kube-apiserver
59       hostPath:
60         path: /var/log/audit/kube_apiserver/
61     - name: audit-policy-dir
62       hostPath:
63         path: {{ caas.caas_policy_directory }}
packages, configures, and integrates the major components of the Kubernetes management plane (https://github.com/kubernetes/kubernetes ). Includes the code related to deploying the API server, scheduler, controller-manager, kube-proxy, and kubelet components.