Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- {
- RetryTimes: 3,
- RetryInterval: 60,
- Name: "tke-tool",
- Args: []string{
- "kubernetes",
- "master",
- "up",
- // apiserver
- fmt.Sprintf("--kube-apiserver-extra-dirs=%s", service.CLUSTER_CONFIG_DIR),
- fmt.Sprintf("--kube-apiserver-cluster-ca=%s", service.CLUSTER_ETCD_CA_CRT_PATH),
- fmt.Sprintf("--kube-apiserver-enable-api-aggregation=true"),
- fmt.Sprintf("--kube-apiserver-etcd-ca=%s", service.CLUSTER_ETCD_CA_CRT_PATH),
- fmt.Sprintf("--kube-apiserver-etcd-cert=%s", service.CLUSTER_ETCD_CLIENT_CRT_PATH),
- fmt.Sprintf("--kube-apiserver-etcd-key=%s", service.CLUSTER_ETCD_CLIENT_KEY_PATH),
- fmt.Sprintf("--kube-apiserver-etcd-servers=%s", etcdEndpPoints),
- fmt.Sprintf("--kube-apiserver-kubelet-ca=%s", service.CLUSTER_ETCD_CA_CRT_PATH),
- fmt.Sprintf("--kube-apiserver-kubelet-client-cert=%s", service.CLUSTER_APISERVER_CLIENT_CRT_PATH),
- fmt.Sprintf("--kube-apiserver-kubelet-client-key=%s", service.CLUSTER_APISERVER_CLIENT_KEY_PATH),
- fmt.Sprintf("--kube-apiserver-proxy-client-cert=%s", service.CLUSTER_APISERVER_CLIENT_CRT_PATH),
- fmt.Sprintf("--kube-apiserver-proxy-client-key=%s", service.CLUSTER_APISERVER_CLIENT_KEY_PATH),
- fmt.Sprintf("--kube-apiserver-requestheader-client-ca=%s", service.CLUSTER_ETCD_CA_CRT_PATH),
- fmt.Sprintf("--kube-apiserver-requestheader-extra-header-prefix=%s", "X-Remote-Extra-"),
- fmt.Sprintf("--kube-apiserver-requestheader-group-headers=%s", "X-Remote-Group"),
- fmt.Sprintf("--kube-apiserver-requestheader-username-headers=%s", "X-Remote-User"),
- fmt.Sprintf("--kube-apiserver-sa-key=%s", service.CLUSTER_SERVICE_ACCOUNT_PEM),
- fmt.Sprintf("--kube-apiserver-secure-bind-address=%s", "0.0.0.0"),
- fmt.Sprintf("--kube-apiserver-secure-bind-port=%d", component.DEFAULT_MASTER_SECURE_PORT),
- fmt.Sprintf("--kube-apiserver-serve-tls-cert=%s", service.CLUSTER_SERVER_CRT_PATH),
- fmt.Sprintf("--kube-apiserver-serve-tls-key=%s", service.CLUSTER_SERVER_KEY_PATH),
- fmt.Sprintf("--kube-apiserver-service-ip-range=%s", info.ServiceCIDR),
- // apiserver override
- fmt.Sprintf("--kube-apiserver-override-parameters=advertise-address=%s", masterLb),
- fmt.Sprintf("--kube-apiserver-override-parameters=cloud-provider=%s", "qcloud"),
- fmt.Sprintf("--kube-apiserver-override-parameters=basic-auth-file=%s", service.CLUSTER_BASIC_AUTH_PATH),
- fmt.Sprintf("--kube-apiserver-override-parameters=cloud-config=%s", service.CLUSTER_CLOUD_CONFIG_PATH),
- fmt.Sprintf("--kube-apiserver-override-parameters=token-auth-file=%s", service.CLUSTER_KNOWN_TOKEND_PATH),
- fmt.Sprintf("--kube-apiserver-override-parameters=etcd-prefix=%s", certAndKey.ClsID),
- fmt.Sprintf("--kube-apiserver-override-parameters=authorization-mode=%s", "ABAC,RBAC,Node"),
- fmt.Sprintf("--kube-apiserver-override-parameters=enable-admission-plugins=%s", service.ADMISSION_CONTROLE_K8S_17x),
- fmt.Sprintf("--kube-apiserver-override-parameters=authorization-policy-file=%s", service.DEFAULT_AUTHORIZATION_POLICY_PATH),
- fmt.Sprintf("--kube-apiserver-override-parameters=external-hostname=%s.ccs.tencent-cloud.com", curNode.ClusterInstanceId),
- fmt.Sprintf("--kube-apiserver-override-parameters=insecure-bind-address=%s", *curNode.LanIp),
- fmt.Sprintf("--kube-apiserver-override-parameters=insecure-port=%d", component.DEFAULT_MASTER_INSECURE_PORT),
- // controller manager
- fmt.Sprintf("--kube-controller-manager-extra-dirs=%s", service.CLUSTER_CONFIG_DIR),
- fmt.Sprintf("--kube-controller-manager-apiserver=https:%s:%d", masterLb, component.DEFAULT_MASTER_SECURE_PORT),
- fmt.Sprintf("--kube-controller-manager-apiserver-ca-cert=%s", service.CLUSTER_ETCD_CA_CRT_PATH),
- fmt.Sprintf("--kube-controller-manager-apiserver-client-cert=%s", service.CLUSTER_SERVER_CRT_PATH),
- fmt.Sprintf("--kube-controller-manager-apiserver-client-key=%s", service.CLUSTER_SERVER_KEY_PATH),
- fmt.Sprintf("--kube-controller-manager-cluster-cidr=%s", info.PodCIDR),
- fmt.Sprintf("--kube-controller-manager-cluster-sign-cert=%s", service.CLUSTER_SERVER_CRT_PATH),
- fmt.Sprintf("--kube-controller-manager-cluster-sign-key=%s", service.CLUSTER_SERVER_KEY_PATH),
- fmt.Sprintf("--kube-controller-manager-sa-private-key=%s", service.CLUSTER_SERVER_KEY_PATH),
- fmt.Sprintf("--kube-controller-manager-service-cidr=%s", info.ServiceCIDR),
- fmt.Sprintf("--kube-controller-manager-node-cidr-mask-size=%d", info.NodeMaskSize),
- // cm override
- fmt.Sprintf("--kube-controller-manager-override-parameters=cluster-name=%s", curNode.ClusterInstanceId),
- fmt.Sprintf("--kube-controller-manager-override-parameters=cloud-provider=%s", "qcloud"),
- fmt.Sprintf("--kube-controller-manager-override-parameters=horizontal-pod-autoscaler-use-rest-clients=%s", "true"),
- // scheduler
- fmt.Sprintf("--kube-scheduler-extra-dirs=%s", service.CLUSTER_CONFIG_DIR),
- fmt.Sprintf("--kube-scheduler-apiserver=https://%s:%d", masterLb, component.DEFAULT_MASTER_SECURE_PORT),
- fmt.Sprintf("--kube-scheduler-apiserver-ca-cert=%s", service.CLUSTER_ETCD_CA_CRT_PATH),
- fmt.Sprintf("--kube-scheduler-apiserver-client-cert=%s", service.CLUSTER_APISERVER_CLIENT_CRT_PATH),
- fmt.Sprintf("--kube-scheduler-apiserver-client-key=%s", service.CLUSTER_APISERVER_CLIENT_KEY_PATH),
- // kubelet
- fmt.Sprintf("--kubelet-hostname=%s", *curNode.LanIp),
- fmt.Sprintf("--kubelet-apiserver=https://%s:%d", masterLb, component.DEFAULT_MASTER_SECURE_PORT),
- fmt.Sprintf("--kubelet-apiserver-ca-cert=%s", service.CLUSTER_ETCD_CA_CRT_PATH),
- fmt.Sprintf("--kubelet-apiserver-client-cert=%s", service.CLUSTER_APISERVER_CLIENT_CRT_PATH),
- fmt.Sprintf("--kubelet-apiserver-client-key=%s", service.CLUSTER_APISERVER_CLIENT_KEY_PATH),
- fmt.Sprintf("--kubelet-secure-client-ca=%s", service.CLUSTER_SERVER_CRT_PATH),
- fmt.Sprintf("--kubelet-secure-serve-cert=%s", service.CLUSTER_SERVER_CRT_PATH),
- fmt.Sprintf("--kubelet-secure-serve-key=%s", service.CLUSTER_SERVER_KEY_PATH),
- // kubelet override
- fmt.Sprintf("--kubelet-override-parameters=%s=%s", "pod-infra-container-image", "ccr.ccs.tencentyun.com/library/pause:latest"),
- // url
- fmt.Sprintf("--kubelet-resource-url=http://%s", K8S_1_10_KUBELET_BINARY),
- fmt.Sprintf("--docker-resource-url=http://%s", DOCKER_BINARY),
- fmt.Sprintf("--kube-apiserver-resource-url=docker://%s", hyperKube),
- fmt.Sprintf("--kube-controller-manager-resource-url=docker://%s", hyperKube),
- fmt.Sprintf("--kube-scheduler-resource-url=docker://%s", hyperKube),
- fmt.Sprintf("--skip-docker-installation"),
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement