github.com/jlmeeker/kismatic@v1.10.1-0.20180612190640-57f9005a1f1a/ansible/roles/kube-controller-manager/templates/kube-controller-manager.yaml

github.com/jlmeeker/kismatic@v1.10.1-0.20180612190640-57f9005a1f1a/ansible/roles/kube-controller-manager/templates/kube-controller-manager.yaml (about)

     1  apiVersion: v1
     2  kind: Pod
     3  metadata:
     4    labels:
     5      tier: control-plane
     6      component: kube-controller-manager
     7      k8s-app: kube-controller-manager
     8      kismatic/host: {{ inventory_hostname }}
     9    annotations:
    10      version: "{{ official_images.kube_apiserver.version }}"
    11      kismatic/version: "{{ kismatic_short_version }}"
    12    name: kube-controller-manager
    13    namespace: kube-system
    14  spec:
    15    hostNetwork: true
    16    containers:
    17    - name: kube-controller-manager
    18      image: {{ images.kube_controller_manager }}
    19      imagePullPolicy: IfNotPresent
    20      command:
    21        - kube-controller-manager
    22  {% set combined_options = kube_controller_manager_option_defaults | combine(kube_controller_manager_option_overrides) -%}
    23  {% for option in combined_options | dictsort %}
    24  {% if option[1] is defined and option[1] | string | length > 0 %}
    25        - "--{{ option[0] }}={{ option[1] }}"
    26  {% endif %}
    27  {% endfor %}
    28      livenessProbe:
    29        httpGet:
    30          host: 127.0.0.1
    31          path: /healthz
    32          port: 10252
    33        initialDelaySeconds: 15
    34        timeoutSeconds: 15
    35        failureThreshold: 8
    36      volumeMounts:
    37      - mountPath: "{{ kubernetes_kubeconfig.controller_manager }}"
    38        name: "kubeconfig"
    39        readOnly: true
    40      - mountPath: /etc/kubernetes
    41        name: ssl-certs-kubernetes
    42        readOnly: true
    43      - mountPath: /etc/ssl/certs
    44        name: ssl-certs-host
    45        readOnly: true
    46      - name: usr-ca-certs-host
    47        mountPath: /usr/share/ca-certificates
    48        readOnly: true
    49      - mountPath: {{ flexvolume_plugin_dir }}
    50        name: flexvolume-mount
    51  {% if cloud_provider is defined and cloud_provider == 'aws' and ansible_os_family == 'RedHat' %}
    52      - mountPath: /etc/ssl/certs/ca-bundle.crt
    53        name: rhel-ca-bundle
    54        readOnly: true
    55  {% endif %}
    56    volumes:
    57    - name: "kubeconfig"
    58      hostPath:
    59        path: "{{ kubernetes_kubeconfig.controller_manager }}"
    60    - hostPath:
    61        path: /etc/kubernetes
    62      name: ssl-certs-kubernetes
    63    - hostPath:
    64        path: /etc/ssl/certs/
    65      name: ssl-certs-host
    66    - hostPath:
    67        path: /usr/share/ca-certificates
    68      name: usr-ca-certs-host
    69    - hostPath:
    70        path: {{ flexvolume_plugin_dir }}
    71      name: flexvolume-mount
    72  {% if cloud_provider is defined and cloud_provider == 'aws' and ansible_os_family == 'RedHat' %}
    73    - hostPath:
    74        path: /etc/ssl/certs/ca-bundle.crt
    75      name: rhel-ca-bundle
    76  {% endif %}