Add CoreOS/K8s recommended defaults to kube-proxy
The cluster-cidr fix asymetric routing in specific use case. Adding dbus removes iptables error message for kube-proxy and adding ${HOST_CERT_PATH} is just common practice. Change-Id: I8912091ebcb5c1ef940f43e5195a849f8fa6370e Partially-Implements: bp coreos-best-pratice
This commit is contained in:
parent
1a36735599
commit
a18724b612
|
@ -38,8 +38,23 @@ write_files:
|
|||
- /hyperkube
|
||||
- proxy
|
||||
- --master=http://127.0.0.1:8080
|
||||
- --cluster-cidr=${FLANNEL_NETWORK_CIDR}
|
||||
- --logtostderr=true
|
||||
- --v=0
|
||||
securityContext:
|
||||
privileged: true
|
||||
volumeMounts:
|
||||
- mountPath: /etc/ssl/certs
|
||||
name: ssl-certs-host
|
||||
readOnly: true
|
||||
- mountPath: /var/run/dbus
|
||||
name: dbus
|
||||
readOnly: false
|
||||
volumes:
|
||||
- hostPath:
|
||||
path: ${HOST_CERTS_PATH}
|
||||
name: ssl-certs-host
|
||||
- hostPath:
|
||||
path: /var/run/dbus
|
||||
name: dbus
|
||||
EOF
|
||||
|
|
|
@ -48,6 +48,7 @@ write_files:
|
|||
- proxy
|
||||
- --master=${KUBE_MASTER_URI}
|
||||
- --kubeconfig=${KUBE_CONFIG}
|
||||
- --cluster-cidr=${FLANNEL_NETWORK_CIDR}
|
||||
- --logtostderr=true
|
||||
- --v=0
|
||||
securityContext:
|
||||
|
@ -59,6 +60,12 @@ write_files:
|
|||
- mountPath: ${KUBE_CERTS_PATH}
|
||||
name: ssl-certs-kubernetes
|
||||
readOnly: true
|
||||
- mountPath: /etc/ssl/certs
|
||||
name: ssl-certs-host
|
||||
readOnly: true
|
||||
- mountPath: /var/run/dbus
|
||||
name: dbus
|
||||
readOnly: false
|
||||
volumes:
|
||||
- name: kubeconfig
|
||||
hostPath:
|
||||
|
@ -66,4 +73,10 @@ write_files:
|
|||
- name: ssl-certs-kubernetes
|
||||
hostPath:
|
||||
path: ${KUBE_CERTS_PATH}
|
||||
- hostPath:
|
||||
path: ${HOST_CERTS_PATH}
|
||||
name: ssl-certs-host
|
||||
- hostPath:
|
||||
path: /var/run/dbus
|
||||
name: dbus
|
||||
EOF
|
||||
|
|
Loading…
Reference in New Issue