github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-27 13:37:30 +00:00
Code Issues Projects Releases Wiki Activity

Added shared volume to the master-multi setup, so serviceAccounts also works for multi-host setups.

Browse Source
This commit is contained in:
Lucas Käldström 2016-01-06 09:50:16 +02:00
parent c8f1019c10
commit 10a70a6ffd
3 changed files with 49 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
cluster/images/hyperkube/master-multi.json
View File

@ -12,9 +12,16 @@
"/hyperkube", "/hyperkube",
"controller-manager", "controller-manager",
"--master=127.0.0.1:8080", "--master=127.0.0.1:8080",
"--terminated-pod-gc-threshold=100", "--service-account-private-key-file=/srv/kubernetes/server.key",
"--root-ca-file=/srv/kubernetes/ca.crt",
"--min-resync-period=3m", "--min-resync-period=3m",
"--v=2" "--v=2"
],
"volumeMounts": [
{
"name": "data",
"mountPath": "/srv/kubernetes"
}
] ]
}, },
{ {
@ -27,7 +34,20 @@
"--insecure-bind-address=0.0.0.0", "--insecure-bind-address=0.0.0.0",
"--etcd-servers=http://127.0.0.1:4001", "--etcd-servers=http://127.0.0.1:4001",
"--admission-control=NamespaceLifecycle,LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota", "--admission-control=NamespaceLifecycle,LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota",
"--v=2" "--client-ca-file=/srv/kubernetes/ca.crt",
"--basic-auth-file=/srv/kubernetes/basic_auth.csv",
"--min-request-timeout=300",
"--tls-cert-file=/srv/kubernetes/server.cert",
"--tls-private-key-file=/srv/kubernetes/server.key",
"--token-auth-file=/srv/kubernetes/known_tokens.csv",
"--allow-privileged=true",
"--v=4"
],
"volumeMounts": [
{
"name": "data",
"mountPath": "/srv/kubernetes"
}
] ]
}, },
{ {
@ -39,6 +59,25 @@
"--master=127.0.0.1:8080", "--master=127.0.0.1:8080",
"--v=2" "--v=2"
] ]
},
{
"name": "setup",
"image": "gcr.io/google_containers/hyperkube-ARCH:VERSION",
"command": [
"/setup-files.sh"
],
"volumeMounts": [
{
"name": "data",
"mountPath": "/data"
}
]
}
],
"volumes": [
{
"name": "data",
"emptyDir": {}
} }
] ]
} }

4
cluster/images/hyperkube/master.json
View File

@ -12,9 +12,9 @@
"/hyperkube", "/hyperkube",
"controller-manager", "controller-manager",
"--master=127.0.0.1:8080", "--master=127.0.0.1:8080",
"--min-resync-period=3m",
"--service-account-private-key-file=/srv/kubernetes/server.key", "--service-account-private-key-file=/srv/kubernetes/server.key",
"--root-ca-file=/srv/kubernetes/ca.crt", "--root-ca-file=/srv/kubernetes/ca.crt",
"--min-resync-period=3m",
"--v=2" "--v=2"
], ],
"volumeMounts": [ "volumeMounts": [
@ -33,7 +33,7 @@
"--service-cluster-ip-range=10.0.0.1/24", "--service-cluster-ip-range=10.0.0.1/24",
"--insecure-bind-address=127.0.0.1", "--insecure-bind-address=127.0.0.1",
"--etcd-servers=http://127.0.0.1:4001", "--etcd-servers=http://127.0.0.1:4001",
"--admission-control=NamespaceLifecycle,LimitRanger,ServiceAccount,SecurityContextDeny,ResourceQuota", "--admission-control=NamespaceLifecycle,LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota",
"--client-ca-file=/srv/kubernetes/ca.crt", "--client-ca-file=/srv/kubernetes/ca.crt",
"--basic-auth-file=/srv/kubernetes/basic_auth.csv", "--basic-auth-file=/srv/kubernetes/basic_auth.csv",
"--min-request-timeout=300", "--min-request-timeout=300",

2
cluster/images/hyperkube/turnup.sh
View File

@ -20,6 +20,8 @@ set -o errexit
set -o nounset set -o nounset
set -o pipefail set -o pipefail
K8S_VERSION=${K8S_VERSION:-"1.1.3"}
docker run \ docker run \
--volume=/:/rootfs:ro \ --volume=/:/rootfs:ro \
--volume=/sys:/sys:ro \ --volume=/sys:/sys:ro \