|
|
@ -1,22 +1,20 @@ |
|
|
|
ETCD_DATA_DIR={{ etcd_data_dir }} |
|
|
|
ETCD_ADVERTISE_CLIENT_URLS={{ etcd_client_url }} |
|
|
|
ETCD_INITIAL_ADVERTISE_PEER_URLS={{ etcd_peer_url }} |
|
|
|
ETCD_INITIAL_CLUSTER_STATE={% if etcd_cluster_is_healthy.rc != 0 | bool %}new{% else %}existing{% endif %} |
|
|
|
|
|
|
|
ETCD_LISTEN_CLIENT_URLS=https://{{ etcd_address }}:2379,https://127.0.0.1:2379 |
|
|
|
ETCD_ELECTION_TIMEOUT={{ etcd_election_timeout }} |
|
|
|
ETCD_HEARTBEAT_INTERVAL={{ etcd_heartbeat_interval }} |
|
|
|
ETCD_INITIAL_CLUSTER_TOKEN=k8s_etcd |
|
|
|
ETCD_LISTEN_PEER_URLS=https://{{ etcd_address }}:2380 |
|
|
|
ETCD_NAME={{ etcd_member_name }} |
|
|
|
ETCD_PROXY=off |
|
|
|
ETCD_INITIAL_CLUSTER={{ etcd_peer_addresses }} |
|
|
|
|
|
|
|
# TLS settings |
|
|
|
ETCD_TRUSTED_CA_FILE={{ etcd_cert_dir }}/ca.pem |
|
|
|
ETCD_CERT_FILE={{ etcd_cert_dir }}/member-{{ inventory_hostname }}.pem |
|
|
|
ETCD_KEY_FILE={{ etcd_cert_dir }}/member-{{ inventory_hostname }}-key.pem |
|
|
|
ETCD_PEER_TRUSTED_CA_FILE={{ etcd_cert_dir }}/ca.pem |
|
|
|
ETCD_PEER_CERT_FILE={{ etcd_cert_dir }}/member-{{ inventory_hostname }}.pem |
|
|
|
ETCD_PEER_KEY_FILE={{ etcd_cert_dir }}/member-{{ inventory_hostname }}-key.pem |
|
|
|
ETCD_PEER_CLIENT_CERT_AUTH=true |
|
|
|
#!/bin/bash |
|
|
|
{{ docker_bin_dir }}/docker run \ |
|
|
|
--restart=on-failure:5 \ |
|
|
|
--env-file=/etc/etcd.env \ |
|
|
|
--net=host \ |
|
|
|
-v /etc/ssl/certs:/etc/ssl/certs:ro \ |
|
|
|
-v {{ etcd_cert_dir }}:{{ etcd_cert_dir }}:ro \ |
|
|
|
-v {{ etcd_data_dir }}:/var/lib/etcd:rw \ |
|
|
|
{% if etcd_memory_limit is defined %} |
|
|
|
--memory={{ etcd_memory_limit|regex_replace('Mi', 'M') }} \ |
|
|
|
{% endif %} |
|
|
|
{% if etcd_cpu_limit is defined %} |
|
|
|
--cpu-shares={{ etcd_cpu_limit|regex_replace('m', '') }} \ |
|
|
|
{% endif %} |
|
|
|
--name={{ etcd_member_name | default("etcd") }} \ |
|
|
|
{{ etcd_image_repo }}:{{ etcd_image_tag }} \ |
|
|
|
{% if etcd_after_v3 %} |
|
|
|
{{ etcd_container_bin_dir }}etcd \ |
|
|
|
{% endif %} |
|
|
|
"$@" |