k8s.io/kubernetes@v1.31.0-alpha.0.0.20240520171757-56147500dadc/cmd/kubeadm/app/phases/addons/proxy/manifests.go (about)

     1  /*
     2  Copyright 2017 The Kubernetes Authors.
     3  
     4  Licensed under the Apache License, Version 2.0 (the "License");
     5  you may not use this file except in compliance with the License.
     6  You may obtain a copy of the License at
     7  
     8      http://www.apache.org/licenses/LICENSE-2.0
     9  
    10  Unless required by applicable law or agreed to in writing, software
    11  distributed under the License is distributed on an "AS IS" BASIS,
    12  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    13  See the License for the specific language governing permissions and
    14  limitations under the License.
    15  */
    16  
    17  package proxy
    18  
    19  const (
    20  	// KubeProxyConfigMap19 is the proxy ConfigMap manifest for Kubernetes 1.9 and above
    21  	KubeProxyConfigMap19 = `
    22  kind: ConfigMap
    23  apiVersion: v1
    24  metadata:
    25    name: {{ .ProxyConfigMap }}
    26    namespace: kube-system
    27    labels:
    28      app: kube-proxy
    29  data:
    30    kubeconfig.conf: |-
    31      apiVersion: v1
    32      kind: Config
    33      clusters:
    34      - cluster:
    35          certificate-authority: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
    36          server: {{ .ControlPlaneEndpoint }}
    37        name: default
    38      contexts:
    39      - context:
    40          cluster: default
    41          namespace: default
    42          user: default
    43        name: default
    44      current-context: default
    45      users:
    46      - name: default
    47        user:
    48          tokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
    49    {{ .ProxyConfigMapKey }}: |-
    50  {{ .ProxyConfig}}
    51  `
    52  
    53  	// KubeProxyDaemonSet19 is the proxy DaemonSet manifest for Kubernetes 1.9 and above
    54  	KubeProxyDaemonSet19 = `
    55  apiVersion: apps/v1
    56  kind: DaemonSet
    57  metadata:
    58    labels:
    59      k8s-app: kube-proxy
    60    name: kube-proxy
    61    namespace: kube-system
    62  spec:
    63    selector:
    64      matchLabels:
    65        k8s-app: kube-proxy
    66    updateStrategy:
    67      type: RollingUpdate
    68    template:
    69      metadata:
    70        labels:
    71          k8s-app: kube-proxy
    72      spec:
    73        priorityClassName: system-node-critical
    74        containers:
    75        - name: kube-proxy
    76          image: {{ .Image }}
    77          imagePullPolicy: IfNotPresent
    78          command:
    79          - /usr/local/bin/kube-proxy
    80          - --config=/var/lib/kube-proxy/{{ .ProxyConfigMapKey }}
    81          - --hostname-override=$(NODE_NAME)
    82          securityContext:
    83            privileged: true
    84          volumeMounts:
    85          - mountPath: /var/lib/kube-proxy
    86            name: kube-proxy
    87          - mountPath: /run/xtables.lock
    88            name: xtables-lock
    89            readOnly: false
    90          - mountPath: /lib/modules
    91            name: lib-modules
    92            readOnly: true
    93          env:
    94            - name: NODE_NAME
    95              valueFrom:
    96                fieldRef:
    97                  fieldPath: spec.nodeName
    98        hostNetwork: true
    99        serviceAccountName: kube-proxy
   100        volumes:
   101        - name: kube-proxy
   102          configMap:
   103            name: {{ .ProxyConfigMap }}
   104        - name: xtables-lock
   105          hostPath:
   106            path: /run/xtables.lock
   107            type: FileOrCreate
   108        - name: lib-modules
   109          hostPath:
   110            path: /lib/modules
   111        tolerations:
   112        - operator: Exists
   113        nodeSelector:
   114          kubernetes.io/os: linux
   115  `
   116  )