promenade/promenade/templates/include/genesis-etcd/server-container.yaml

    - name: etcd-{{ etcd_name }}
      image: {{ config['Genesis:images.kubernetes.etcd'] }}
      env:
        - name: ETCD_NAME
          value: {{ etcd_name }}
        - name: POD_IP
          valueFrom:
            fieldRef:
              fieldPath: status.podIP
        - name: ETCD_CLIENT_CERT_AUTH
          value: "true"
        - name: ETCD_PEER_CLIENT_CERT_AUTH
          value: "true"
        - name: ETCD_DATA_DIR
          value: /var/lib/etcd
        - name: ETCD_TRUSTED_CA_FILE
          value: /etc/etcd/pki/client-ca.pem
        - name: ETCD_CERT_FILE
          value: /etc/etcd/pki/etcd-client.pem
        - name: ETCD_KEY_FILE
          value: /etc/etcd/pki/etcd-client-key.pem
        - name: ETCD_PEER_TRUSTED_CA_FILE
          value: /etc/etcd/pki/peer-ca.pem
        - name: ETCD_PEER_CERT_FILE
          value: /etc/etcd/pki/etcd-peer.pem
        - name: ETCD_PEER_KEY_FILE
          value: /etc/etcd/pki/etcd-peer-key.pem
        - name: ETCD_ADVERTISE_CLIENT_URLS
          value: https://$(POD_IP):{{ client_port }}
        - name: ETCD_INITIAL_ADVERTISE_PEER_URLS
          value: https://$(POD_IP):{{ peer_port }}
        - name: ETCD_INITIAL_CLUSTER_TOKEN
          value: promenade-kube-etcd-token
        - name: ETCD_LISTEN_CLIENT_URLS
          value: https://0.0.0.0:{{ client_port }}
        - name: ETCD_LISTEN_PEER_URLS
          value: https://0.0.0.0:{{ peer_port }}
        - name: ETCD_INITIAL_CLUSTER_STATE
          value: new
        - name: ETCD_INITIAL_CLUSTER
          value: {{ config['Genesis:hostname'] }}=https://{{ config['Genesis:ip'] }}:2380,auxiliary-0=https://{{ config['Genesis:ip'] }}:12380,auxiliary-1=https://{{ config['Genesis:ip'] }}:22380
        - name: ETCDCTL_API
          value: '3'
        - name: ETCDCTL_DIAL_TIMEOUT
          value: 3s
        - name: ETCDCTL_ENDPOINTS
          value: https://$(POD_IP):{{ client_port }},https://127.0.0.1:{{ client_port }}
        - name: ETCDCTL_CACERT
          value: $(ETCD_TRUSTED_CA_FILE)
        - name: ETCDCTL_CERT
          value: $(ETCD_CERT_FILE)
        - name: ETCDCTL_KEY
          value: $(ETCD_KEY_FILE)
      ports:
        - name: client
          containerPort: {{ client_port }}
        - name: peer
          containerPort: {{ peer_port }}
      volumeMounts:
        - name: data-{{ etcd_name }}
          mountPath: /var/lib/etcd
        - name: pki-{{ etcd_name }}
          mountPath: /etc/etcd/pki