|
|
|
@ -140,7 +140,7 @@ spec: |
|
|
|
labels: |
|
|
|
k8s-app: kubernetes-dashboard |
|
|
|
spec: |
|
|
|
{% if not dashboard_use_custom_certs %} |
|
|
|
{% if dashboard_use_custom_certs %} |
|
|
|
initContainers: |
|
|
|
- name: kubernetes-dashboard-init |
|
|
|
image: {{ dashboard_init_image_repo }}:{{ dashboard_init_image_tag }} |
|
|
|
@ -163,23 +163,20 @@ spec: |
|
|
|
- containerPort: 8443 |
|
|
|
protocol: TCP |
|
|
|
args: |
|
|
|
{% if not dashboard_use_custom_certs %} |
|
|
|
- --tls-key-file=/certs/{{ dashboard_tls_key_file }} |
|
|
|
- --tls-cert-file=/certs/{{ dashboard_tls_cert_file }} |
|
|
|
{% if dashboard_use_custom_certs %} |
|
|
|
- --tls-key-file={{ dashboard_tls_key_file }} |
|
|
|
- --tls-cert-file={{ dashboard_tls_cert_file }} |
|
|
|
- --authentication-mode=token{% if kube_basic_auth|default(false) %},basic{% endif %} |
|
|
|
{% else %} |
|
|
|
- --auto-generate-certificates |
|
|
|
{% endif %} |
|
|
|
{% endif %} |
|
|
|
# Uncomment the following line to manually specify Kubernetes API server Host |
|
|
|
# If not specified, Dashboard will attempt to auto discover the API server and connect |
|
|
|
# to it. Uncomment only if the default does not work. |
|
|
|
# - --apiserver-host=http://my-address:port |
|
|
|
volumeMounts: |
|
|
|
{% if not dashboard_use_custom_certs %} |
|
|
|
- name: kubernetes-dashboard-certs |
|
|
|
mountPath: /certs |
|
|
|
{% endif %} |
|
|
|
# Create on-disk volume to store exec logs |
|
|
|
- mountPath: /tmp |
|
|
|
name: tmp-volume |
|
|
|
@ -191,11 +188,9 @@ spec: |
|
|
|
initialDelaySeconds: 30 |
|
|
|
timeoutSeconds: 30 |
|
|
|
volumes: |
|
|
|
{% if not dashboard_use_custom_certs %} |
|
|
|
- name: kubernetes-dashboard-certs |
|
|
|
secret: |
|
|
|
secretName: kubernetes-dashboard-certs |
|
|
|
{% endif %} |
|
|
|
secretName: {{ dashboard_certs_secret_name }} |
|
|
|
- name: tmp-volume |
|
|
|
emptyDir: {} |
|
|
|
serviceAccountName: kubernetes-dashboard |
|
|
|
|
rong.zhang
7 years ago