--- schema: armada/Chart/v1 metadata: schema: metadata/Document/v1 name: kubernetes-apiserver labels: name: kubernetes-apiserver-global layeringDefinition: abstract: false layer: global storagePolicy: cleartext substitutions: # Chart source - src: schema: pegleg/SoftwareVersions/v1 name: software-versions path: .charts.kubernetes.apiserver dest: path: .source # Images - src: schema: pegleg/SoftwareVersions/v1 name: software-versions path: .images.kubernetes.apiserver dest: path: .values.images.tags # IP addresses - src: schema: pegleg/CommonAddresses/v1 name: common-addresses path: .kubernetes.api_service_ip dest: path: .values.network.kubernetes_service_ip - src: schema: pegleg/CommonAddresses/v1 name: common-addresses path: .kubernetes.pod_cidr dest: path: .values.network.pod_cidr - src: schema: pegleg/CommonAddresses/v1 name: common-addresses path: .kubernetes.service_cidr dest: path: .values.command_prefix[1] pattern: SERVICE_CIDR # Kubernetes Port Range - src: schema: pegleg/CommonAddresses/v1 name: common-addresses path: .kubernetes.service_node_port_range dest: path: .values.command_prefix[2] pattern: SERVICE_NODE_PORT_RANGE # CA - src: schema: deckhand/CertificateAuthority/v1 name: kubernetes path: . dest: path: .values.secrets.tls.ca # Certificates - src: schema: deckhand/Certificate/v1 name: apiserver path: . dest: path: .values.secrets.tls.cert - src: schema: deckhand/CertificateKey/v1 name: apiserver path: . dest: path: .values.secrets.tls.key - src: schema: deckhand/CertificateAuthority/v1 name: kubernetes-etcd path: . dest: path: .values.secrets.etcd.tls.ca - src: schema: deckhand/Certificate/v1 name: apiserver-etcd path: . dest: path: .values.secrets.etcd.tls.cert - src: schema: deckhand/CertificateKey/v1 name: apiserver-etcd path: . dest: path: .values.secrets.etcd.tls.key - src: schema: deckhand/PublicKey/v1 name: service-account path: . dest: path: .values.secrets.service_account.public_key data: chart_name: apiserver release: kubernetes-apiserver namespace: kube-system protected: continue_processing: true wait: timeout: 600 labels: release_group: airship-kubernetes-apiserver upgrade: no_hooks: false pre: delete: - type: job labels: release_group: airship-kubernetes-apiserver values: apiserver: etcd: endpoints: https://127.0.0.1:2378 command_prefix: - /apiserver - --service-cluster-ip-range=SERVICE_CIDR - --service-node-port-range=SERVICE_NODE_PORT_RANGE - --authorization-mode=Node,RBAC - --admission-control=NamespaceLifecycle,LimitRanger,ServiceAccount,PersistentVolumeLabel,DefaultStorageClass,ResourceQuota,DefaultTolerationSeconds - --endpoint-reconciler-type=lease - --feature-gates=PodShareProcessNamespace=true dependencies: - kubernetes-apiserver-htk --- schema: armada/Chart/v1 metadata: schema: metadata/Document/v1 name: kubernetes-apiserver-htk layeringDefinition: abstract: false layer: global storagePolicy: cleartext substitutions: - src: schema: pegleg/SoftwareVersions/v1 name: software-versions path: .charts.kubernetes.apiserver-htk dest: path: .source data: chart_name: kubernetes-apiserver-htk release: kubernetes-apiserver-htk namespace: kubernetes-apiserver-htk values: {} dependencies: [] ...