You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
|
|
apiVersion: kubeadm.k8s.io/v1alpha1kind: MasterConfigurationapi: advertiseAddress: {{ ip | default(ansible_default_ipv4.address) }} bindPort: {{ kube_apiserver_port }}etcd: endpoints:{% for endpoint in etcd_access_addresses.split(',') %} - {{ endpoint }}{% endfor %} caFile: {{ kube_config_dir }}/ssl/etcd/ca.pem certFile: {{ kube_config_dir }}/ssl/etcd/node-{{ inventory_hostname }}.pem keyFile: {{ kube_config_dir }}/ssl/etcd/node-{{ inventory_hostname }}-key.pemnetworking: dnsDomain: {{ dns_domain }} serviceSubnet: {{ kube_service_addresses }} podSubnet: {{ kube_pods_subnet }}kubernetesVersion: {{ kube_version }}{% if cloud_provider is defined and cloud_provider != "gce" %}cloudProvider: {{ cloud_provider }}{% endif %}{% if kube_proxy_mode == 'ipvs' and kube_version | version_compare('v1.10', '<') %}kubeProxy: config: featureGates: SupportIPVSProxyMode=true mode: ipvs{% endif %}authorizationModes:{% for mode in authorization_modes %}- {{ mode }}{% endfor %}selfHosted: falseapiServerExtraArgs: bind-address: {{ kube_apiserver_bind_address }} insecure-bind-address: {{ kube_apiserver_insecure_bind_address }} insecure-port: "{{ kube_apiserver_insecure_port }}" admission-control: {{ kube_apiserver_admission_control | join(',') }} apiserver-count: "{{ kube_apiserver_count }}"{% if kube_version | version_compare('v1.9', '>=') %} endpoint-reconciler-type: lease{% endif %}{% if etcd_events_cluster_enabled %} etcd-servers-overrides: "/events#{{ etcd_events_access_addresses }}"{% endif %} service-node-port-range: {{ kube_apiserver_node_port_range }} kubelet-preferred-address-types: "{{ kubelet_preferred_address_types }}"{% if kube_basic_auth|default(true) %} basic-auth-file: {{ kube_users_dir }}/known_users.csv{% endif %}{% if kube_oidc_auth|default(false) and kube_oidc_url is defined and kube_oidc_client_id is defined %} oidc-issuer-url: {{ kube_oidc_url }} oidc-client-id: {{ kube_oidc_client_id }}{% if kube_oidc_ca_file is defined %} oidc-ca-file: {{ kube_oidc_ca_file }}{% endif %}{% if kube_oidc_username_claim is defined %} oidc-username-claim: {{ kube_oidc_username_claim }}{% endif %}{% if kube_oidc_groups_claim is defined %} oidc-groups-claim: {{ kube_oidc_groups_claim }}{% endif %}{% endif %}{% if kube_encrypt_secret_data %} experimental-encryption-provider-config: {{ kube_config_dir }}/ssl/secrets_encryption.yaml{% endif %} storage-backend: {{ kube_apiserver_storage_backend }}{% if kube_api_runtime_config is defined %} runtime-config: {{ kube_api_runtime_config | join(',') }}{% endif %} allow-privileged: "true"{% for key in kube_kubeadm_apiserver_extra_args %} {{ key }}: "{{ kube_kubeadm_apiserver_extra_args[key] }}"{% endfor %}controllerManagerExtraArgs: node-monitor-grace-period: {{ kube_controller_node_monitor_grace_period }} node-monitor-period: {{ kube_controller_node_monitor_period }} pod-eviction-timeout: {{ kube_controller_pod_eviction_timeout }}{% if kube_feature_gates %} feature-gates: {{ kube_feature_gates|join(',') }}{% endif %}{% for key in kube_kubeadm_controller_extra_args %} {{ key }}: "{{ kube_kubeadm_controller_extra_args[key] }}"{% endfor %}{% if kube_kubeadm_scheduler_extra_args|length > 0 %}schedulerExtraArgs:{% for key in kube_kubeadm_scheduler_extra_args %} {{ key }}: "{{ kube_kubeadm_scheduler_extra_args[key] }}"{% endfor %}{% endif %}apiServerCertSANs:{% for san in apiserver_sans.split(' ') | unique %} - {{ san }}{% endfor %}certificatesDir: {{ kube_config_dir }}/sslunifiedControlPlaneImage: "{{ hyperkube_image_repo }}:{{ hyperkube_image_tag }}"{% if kube_override_hostname|default('') %}nodeName: {{ kube_override_hostname }}{% endif %}
|
