jonny/manual-k8s-ansible-deploy
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
694af68fb1
manual-k8s-ansible-deploy/k8s-deploy/templates/kube-apiserver.service.j2
Jonny Ervine 694af68fb1 new file: files/X-csr.json 
new file:   files/admin-csr.json
	new file:   files/ca-config.json
	new file:   files/ca-csr.json
	new file:   inventory
	new file:   inventory.orig
	new file:   k8s-deploy.yaml
	new file:   k8s-deploy/00-k8s-requirements.yaml
	new file:   k8s-deploy/01-k8s-certs-create.yaml
	new file:   k8s-deploy/02-k8s-certs-copy.yaml
	new file:   k8s-deploy/03-k8s-deploy-etcd.yaml
	new file:   k8s-deploy/04-k8s-controller-deploy.yaml
	new file:   k8s-deploy/05-k8s-nginx-deploy.yaml
	new file:   k8s-deploy/06-k8s-workers-certs-deploy.yaml
	new file:   k8s-deploy/07-k8s-worker-deploy.yaml
	new file:   k8s-deploy/08-rbac-clusterrole-create.yaml
	new file:   k8s-deploy/09-k8s-create-remote-admin.yaml
	new file:   k8s-deploy/README.md
	new file:   k8s-deploy/core-dns.yaml
	new file:   k8s-deploy/defaults/main.yml
	new file:   k8s-deploy/files/99_loopback.conf
	new file:   k8s-deploy/files/X-csr.json
	new file:   k8s-deploy/files/admin-csr.json
	new file:   k8s-deploy/files/arm/etcd
	new file:   k8s-deploy/files/arm/etcdctl
	new file:   k8s-deploy/files/ca-config.json
	new file:   k8s-deploy/files/ca-csr.json
	new file:   k8s-deploy/files/clusterrole-api-to-kubelet.yaml
	new file:   k8s-deploy/files/clusterrolebinding-api-to-kubelet.yaml
	new file:   k8s-deploy/files/config.toml
	new file:   k8s-deploy/files/containerd.service
	new file:   k8s-deploy/files/kube-controller-manager-csr.json
	new file:   k8s-deploy/files/kube-proxy-csr.json
	new file:   k8s-deploy/files/kube-proxy.service
	new file:   k8s-deploy/files/kube-scheduler-csr.json
	new file:   k8s-deploy/files/kubelet.service
	new file:   k8s-deploy/files/kubernetes-csr.json
	new file:   k8s-deploy/files/service-account-csr.json
	new file:   k8s-deploy/files/x86_64/etcd
	new file:   k8s-deploy/files/x86_64/etcdctl
	new file:   k8s-deploy/handlers/main.yml
	new file:   k8s-deploy/k8s-deploy.yaml
	new file:   k8s-deploy/k8s-uninstall.yaml
	new file:   k8s-deploy/meta/main.yml
	new file:   k8s-deploy/tasks/k8s-certs-create.yaml
	new file:   k8s-deploy/tasks/main.yml
	new file:   k8s-deploy/templates/10_bridge.conf.j2
	new file:   k8s-deploy/templates/encryption-config.j2
	new file:   k8s-deploy/templates/etcd.service-amd64.j2
	new file:   k8s-deploy/templates/etcd.service-arm.j2
	new file:   k8s-deploy/templates/kube-apiserver.service.j2
	new file:   k8s-deploy/templates/kube-controller-manager.service.j2
	new file:   k8s-deploy/templates/kube-proxy-config.yaml.j2
	new file:   k8s-deploy/templates/kube-scheduler.service.j2
	new file:   k8s-deploy/templates/kube-scheduler.yaml.j2
	new file:   k8s-deploy/templates/kubelet-config.yaml.j2
	new file:   k8s-deploy/templates/kubernetes.default.svc.cluster.local.j2
	new file:   k8s-deploy/templates/worker-csr_json.j2
	new file:   k8s-deploy/test.yaml
	new file:   k8s-deploy/tests/inventory
	new file:   k8s-deploy/tests/test.yml
	new file:   k8s-deploy/vars/main.yml
	new file:   rollback_k8s-deploy.yaml
Initial commit
2020-02-19 08:13:09 +00:00

41 lines
1.6 KiB
Django/Jinja
Raw Blame History

[Unit]
Description=Kubernetes API Server
Documentation=https://github.com/kubernetes/kubernetes
[Service]
ExecStart=/usr/local/bin/kube-apiserver \
--advertise-address={{ ansible_default_ipv4.address }} \
--allow-privileged=true \
--apiserver-count=3 \
--audit-log-maxage=30 \
--audit-log-maxbackup=3 \
--audit-log-maxsize=100 \
--audit-log-path=/var/log/audit.log \
--authorization-mode=Node,RBAC \
--bind-address=0.0.0.0 \
--client-ca-file=/var/lib/kubernetes/ca.pem \
--enable-admission-plugins=Initializers,NamespaceLifecycle,NodeRestriction,LimitRanger,ServiceAccount,DefaultStorageClass,ResourceQuota \
--enable-swagger-ui=true \
--etcd-cafile=/var/lib/kubernetes/ca.pem \
--etcd-certfile=/var/lib/kubernetes/kubernetes.pem \
--etcd-keyfile=/var/lib/kubernetes/kubernetes-key.pem \
--etcd-servers=https://{{ etcd_host1_ip }}:2379,https://{{ etcd_host2_ip }}:2379 \
--event-ttl=1h \
--experimental-encryption-provider-config=/var/lib/kubernetes/encryption-config.yaml \
--kubelet-certificate-authority=/var/lib/kubernetes/ca.pem \
--kubelet-client-certificate=/var/lib/kubernetes/kubernetes.pem \
--kubelet-client-key=/var/lib/kubernetes/kubernetes-key.pem \
--kubelet-https=true \
--runtime-config=api/all \
--service-account-key-file=/var/lib/kubernetes/service-account.pem \
--service-cluster-ip-range=10.32.0.0/24 \
--service-node-port-range=30000-32767 \
--tls-cert-file=/var/lib/kubernetes/kubernetes.pem \
--tls-private-key-file=/var/lib/kubernetes/kubernetes-key.pem \
--v=2
Restart=on-failure
RestartSec=5
[Install]
WantedBy=multi-user.target
Reference in New Issue View Git Blame Copy Permalink