github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-09-15 06:01:50 +00:00
Code Issues Projects Releases Wiki Activity

Separate network proxy flag for apiserver egress and starting pods

Browse Source
This commit is contained in:
Jefftree
2020-06-30 14:16:33 -07:00
parent ededd08ba1
commit 7820b05467
4 changed files with 24 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
cluster/gce/util.sh
View File

@@ -1506,9 +1506,14 @@ EOF
MAX_PODS_PER_NODE: $(yaml-quote "${MAX_PODS_PER_NODE}")
EOF
fi
if [[ "${ENABLE_EGRESS_VIA_KONNECTIVITY_SERVICE:-false}" == "true" ]]; then
cat >>"$file" <<EOF
ENABLE_EGRESS_VIA_KONNECTIVITY_SERVICE: $(yaml-quote "${ENABLE_EGRESS_VIA_KONNECTIVITY_SERVICE}")
if [[ "${EGRESS_VIA_KONNECTIVITY_SERVICE:-false}" == "true" ]]; then
cat >>$file <<EOF
EGRESS_VIA_KONNECTIVITY_SERVICE: $(yaml-quote "${EGRESS_VIA_KONNECTIVITY_SERVICE}")
EOF
fi
if [[ "${RUN_KONNECTIVITY_SERVICE_PODS:-false}" == "true" ]]; then
cat >>$file <<EOF
RUN_KONNECTIVITY_SERVICE_PODS: $(yaml-quote "${RUN_KONNECTIVITY_SERVICE_PODS}"")
EOF
fi
if [[ -n "${KONNECTIVITY_SERVICE_PROXY_PROTOCOL_MODE:-}" ]]; then
@@ -2573,7 +2578,7 @@ function create-master() {
--allow tcp:443 &
echo "Configuring firewall for apiserver konnectivity server"
if [[ "${ENABLE_EGRESS_VIA_KONNECTIVITY_SERVICE:-false}" == "true" ]]; then
if [[ "${EGRESS_VIA_KONNECTIVITY_SERVICE:-false}" == "true" ]]; then
gcloud compute firewall-rules create "${MASTER_NAME}-konnectivity-server" \
--project "${NETWORK_PROJECT}" \
--network "${NETWORK}" \