Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- - path: "/etc/kubernetes/manifests/kube-apiserver.yaml"
- content: |
- apiVersion: v1
- kind: Pod
- metadata:
- name: kube-apiserver
- namespace: kube-system
- spec:
- hostNetwork: true
- containers:
- - name: kube-apiserver
- image: quay.io/coreos/hyperkube:v1.3.7_coreos.0
- command:
- - /hyperkube
- - apiserver
- - --bind-address=0.0.0.0
- - --etcd-servers=https://coreos-2.tux-in.com:2379
- - --allow-privileged=true
- - --service-cluster-ip-range=10.1.0.0/16
- - --secure-port=443
- - --advertise-address=10.79.218.2
- - --admission-control=NamespaceLifecycle,LimitRanger,ServiceAccount,ResourceQuota
- - --etcd-cafile="/etc/ssl/etcd/ca.pem"
- - --tls-cert-file=/etc/kubernetes/ssl/apiserver.pem
- - --tls-private-key-file=/etc/kubernetes/ssl/apiserver-key.pem
- - --client-ca-file=/etc/kubernetes/ssl/ca.pem
- - --service-account-key-file=/etc/kubernetes/ssl/apiserver-key.pem
- - --runtime-config=extensions/v1beta1=true,extensions/v1beta1/networkpolicies=true
- ports:
- - containerPort: 443
- hostPort: 443
- name: https
- - containerPort: 8080
- hostPort: 8080
- name: local
- volumeMounts:
- - mountPath: /etc/kubernetes/ssl
- name: ssl-certs-kubernetes
- readOnly: true
- - mountPath: /etc/ssl/certs
- name: ssl-certs-host
- readOnly: true
- - mountPath: /etc/ssl/etcd
- name: etcd-tls-certs
- readOnly: true
- volumes:
- - hostPath:
- path: /etc/ssl/etcd
- name: etcd-tls-certs
- - hostPath:
- path: /etc/kubernetes/ssl
- name: ssl-certs-kubernetes
- - hostPath:
- path: /usr/share/ca-certificates
- name: ssl-certs-host
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
