Last active
May 8, 2018 15:16
-
-
Save rphillips/94fd8d70ea678a446543a54b09ee9d2c to your computer and use it in GitHub Desktop.
Revisions
-
rphillips revised this gist
May 8, 2018 . 1 changed file with 4 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -15,4 +15,7 @@ cleanup() { } trap cleanup EXIT sudo ENABLE_SELFHOSTED_API=${ENABLE_SELFHOSTED_API} \ BOOTSTRAP_CHECKPOINT_PATH=${BOOTSTRAP_CHECKPOINT_PATH} \ PATH="$PWD:$PATH" \ hack/local-up-cluster.sh -
May 8, 2018 . 1 changed file with 1 addition and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -7,6 +7,7 @@ export BOOTSTRAP_CHECKPOINT_PATH=$(mktemp -d) echo "Enable Self Hosted API Server: ${ENABLE_SELFHOSTED_API}" echo "Bootstrap Checkpoint Path: ${BOOTSTRAP_CHECKPOINT_PATH}" echo cleanup() { sudo rm -rf ${BOOTSTRAP_CHECKPOINT_PATH} -
May 8, 2018 . 1 changed file with 4 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -2,7 +2,10 @@ set -eou pipefail export ENABLE_SELFHOSTED_API="true" export BOOTSTRAP_CHECKPOINT_PATH=$(mktemp -d) echo "Enable Self Hosted API Server: ${ENABLE_SELFHOSTED_API}" echo "Bootstrap Checkpoint Path: ${BOOTSTRAP_CHECKPOINT_PATH}" cleanup() { @@ -11,4 +14,4 @@ cleanup() { } trap cleanup EXIT sudo -E PATH="$PWD:$PATH" hack/local-up-cluster.sh -
May 8, 2018 . 1 changed file with 73 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,73 @@ apiVersion: apps/v1 kind: DaemonSet metadata: name: kube-apiserver namespace: kube-system labels: tier: control-plane k8s-app: kube-apiserver spec: selector: matchLabels: tier: control-plane k8s-app: kube-apiserver template: metadata: labels: tier: control-plane k8s-app: kube-apiserver annotations: checkpointer.alpha.coreos.com/checkpoint: "true" node.kubernetes.io/bootstrap-checkpoint: "true" spec: containers: - name: kube-apiserver image: k8s.gcr.io/hyperkube:v1.10.2 command: - /hyperkube - apiserver - --enable-admission-plugins=NamespaceLifecycle,LimitRanger,ServiceAccount,DefaultTolerationSeconds,DefaultStorageClass,MutatingAdmissionWebhook,ValidatingAdmissionWebhook,ResourceQuota,NodeRestriction - --advertise-address=$(POD_IP) - --allow-privileged=true - --anonymous-auth=false - --authorization-mode=Node,RBAC - --bind-address=0.0.0.0 - --client-ca-file=/etc/kubernetes/secrets/ca.crt - --cloud-provider= - --enable-bootstrap-token-auth=true - --etcd-servers=http://127.0.0.1:2379 - --insecure-port=0 - --kubelet-client-certificate=/etc/kubernetes/secrets/apiserver.crt - --kubelet-client-key=/etc/kubernetes/secrets/apiserver.key - --secure-port=7443 - --storage-backend=etcd3 - --tls-ca-file=/etc/kubernetes/secrets/ca.crt - --tls-cert-file=/etc/kubernetes/secrets/apiserver.crt - --tls-private-key-file=/etc/kubernetes/secrets/apiserver.key env: - name: POD_IP valueFrom: fieldRef: fieldPath: status.podIP volumeMounts: - mountPath: /etc/ssl/certs name: ssl-certs-host readOnly: true - mountPath: /etc/kubernetes/secrets name: secrets readOnly: true hostNetwork: true volumes: - name: ssl-certs-host hostPath: path: /usr/share/ca-certificates - name: secrets secret: secretName: kube-apiserver securityContext: runAsNonRoot: true runAsUser: 65534 updateStrategy: rollingUpdate: maxUnavailable: 1 type: RollingUpdate -
May 4, 2018 . 1 changed file with 1 addition and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -7,6 +7,7 @@ echo "Bootstrap Checkpoint Path: ${BOOTSTRAP_CHECKPOINT_PATH}" cleanup() { sudo rm -rf ${BOOTSTRAP_CHECKPOINT_PATH} sudo rm -rf /tmp/kube-*.log } trap cleanup EXIT -
May 4, 2018 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,13 @@ #!/usr/bin/env bash set -eou pipefail export BOOTSTRAP_CHECKPOINT_PATH=$(mktemp -d) echo "Bootstrap Checkpoint Path: ${BOOTSTRAP_CHECKPOINT_PATH}" cleanup() { sudo rm -rf ${BOOTSTRAP_CHECKPOINT_PATH} } trap cleanup EXIT sudo BOOTSTRAP_CHECKPOINT_PATH=${BOOTSTRAP_CHECKPOINT_PATH} PATH="$PWD:$PATH" hack/local-up-cluster.sh