--- schema: promenade/Genesis/v1 metadata: schema: metadata/Document/v1 name: genesis layeringDefinition: abstract: false layer: site storagePolicy: cleartext data: hostname: n0 ip: 192.168.77.10 apiserver: arguments: - --authorization-mode=Node,RBAC - --enable-admission-plugins=NamespaceLifecycle,LimitRanger,ServiceAccount,DefaultStorageClass,ResourceQuota,DefaultTolerationSeconds,NodeRestriction,EventRateLimit - --service-cluster-ip-range=10.96.0.0/16 - --endpoint-reconciler-type=lease - --feature-gates=PodShareProcessNamespace=true # NOTE(mark-burnett): This flag is removed in Kubernetes 1.11 - --repair-malformed-updates=false - --admission-control-config-file=/etc/kubernetes/apiserver/acconfig.yaml - --v=3 armada: target_manifest: cluster-bootstrap labels: dynamic: - calico-etcd=enabled - coredns=enabled - kubernetes-apiserver=enabled - kubernetes-controller-manager=enabled - kubernetes-etcd=enabled - kubernetes-scheduler=enabled - promenade-genesis=enabled - ucp-control-plane=enabled images: armada: quay.io/airshipit/armada:master helm: tiller: gcr.io/kubernetes-helm/tiller:v2.13.1 kubernetes: apiserver: gcr.io/google_containers/hyperkube-amd64:v1.11.6 controller-manager: gcr.io/google_containers/hyperkube-amd64:v1.11.6 etcd: quay.io/coreos/etcd:v3.2.18 scheduler: gcr.io/google_containers/hyperkube-amd64:v1.11.6 files: - path: /var/lib/anchor/calico-etcd-bootstrap content: "# placeholder for triggering calico etcd bootstrapping" mode: 0644 # NOTE(mark-burnett): These are referenced by the apiserver arguments above. - path: /etc/genesis/apiserver/acconfig.yaml mode: 0444 content: | kind: AdmissionConfiguration apiVersion: apiserver.k8s.io/v1alpha1 plugins: - name: EventRateLimit path: eventconfig.yaml - path: /etc/genesis/apiserver/eventconfig.yaml mode: 0444 content: | kind: Configuration apiVersion: eventratelimit.admission.k8s.io/v1alpha1 limits: - type: Server qps: 1000 burst: 10000 ...