[k8s] Run kubelet using --containerized (or maybe not)
This commit is contained in:
parent
2a12c17948
commit
6f6c4f974e
|
@ -9,11 +9,11 @@ resource "docker_container" "render" {
|
||||||
}
|
}
|
||||||
|
|
||||||
command = [
|
command = [
|
||||||
"bootkube",
|
"/bootkube",
|
||||||
"render",
|
"render",
|
||||||
"--etcd-servers=https://${var.host_ip}:2379",
|
"--etcd-servers=https://${var.host_ip}:2379",
|
||||||
"--asset-dir=/home/.bootkube",
|
"--asset-dir=/home/.bootkube",
|
||||||
"--api-servers=https://kubernetes.default:${var.host_port},https://${var.k8s_host}:${var.host_port},https://${var.host_ip}:${var.host_port}",
|
"--api-servers=https://${var.k8s_host}:${var.host_port},https://${var.host_ip}:${var.host_port}",
|
||||||
"--pod-cidr=${var.pod_cidr}",
|
"--pod-cidr=${var.pod_cidr}",
|
||||||
"--network-provider=${var.network_provider}",
|
"--network-provider=${var.network_provider}",
|
||||||
]
|
]
|
||||||
|
@ -42,7 +42,7 @@ resource "docker_container" "start" {
|
||||||
# "There is no war within the container. Here we are safe. Here we are free."
|
# "There is no war within the container. Here we are safe. Here we are free."
|
||||||
# - Docker Li agent brainwashing Nemo
|
# - Docker Li agent brainwashing Nemo
|
||||||
command = [
|
command = [
|
||||||
"bootkube",
|
"/bootkube",
|
||||||
"start",
|
"start",
|
||||||
"--asset-dir=/home/.bootkube",
|
"--asset-dir=/home/.bootkube",
|
||||||
]
|
]
|
||||||
|
|
|
@ -73,6 +73,13 @@ resource "docker_container" "kubelet" {
|
||||||
read_only = true
|
read_only = true
|
||||||
}
|
}
|
||||||
|
|
||||||
|
volumes {
|
||||||
|
container_path = "/rootfs"
|
||||||
|
host_path = "/"
|
||||||
|
read_only = true
|
||||||
|
read_only = true
|
||||||
|
}
|
||||||
|
|
||||||
// Deviates from kubelet-wrapper
|
// Deviates from kubelet-wrapper
|
||||||
|
|
||||||
volumes {
|
volumes {
|
||||||
|
@ -88,7 +95,11 @@ resource "docker_container" "kubelet" {
|
||||||
"--cert-dir=/var/lib/kubelet/pki",
|
"--cert-dir=/var/lib/kubelet/pki",
|
||||||
"--client-ca-file=/etc/kubernetes/ca.crt",
|
"--client-ca-file=/etc/kubernetes/ca.crt",
|
||||||
"--cluster_dns=${var.dns_ip}",
|
"--cluster_dns=${var.dns_ip}",
|
||||||
|
"--cluster_domain=${var.k8s_host}",
|
||||||
|
|
||||||
|
# "--containerized",
|
||||||
"--exit-on-lock-contention=true",
|
"--exit-on-lock-contention=true",
|
||||||
|
|
||||||
"--hostname-override=${var.host_ip}",
|
"--hostname-override=${var.host_ip}",
|
||||||
"--kubeconfig=/etc/kubernetes/kubeconfig",
|
"--kubeconfig=/etc/kubernetes/kubeconfig",
|
||||||
"--lock-file=/var/run/lock/kubelet.lock",
|
"--lock-file=/var/run/lock/kubelet.lock",
|
||||||
|
@ -98,12 +109,7 @@ resource "docker_container" "kubelet" {
|
||||||
"--pod-manifest-path=/etc/kubernetes/manifests",
|
"--pod-manifest-path=/etc/kubernetes/manifests",
|
||||||
"--read-only-port=0",
|
"--read-only-port=0",
|
||||||
"--rotate-certificates",
|
"--rotate-certificates",
|
||||||
"--cluster_domain=${var.k8s_host}",
|
|
||||||
]
|
]
|
||||||
host {
|
|
||||||
host = "kubernetes.default"
|
|
||||||
ip = "${var.host_ip}"
|
|
||||||
}
|
|
||||||
host {
|
host {
|
||||||
host = "${var.k8s_host}"
|
host = "${var.k8s_host}"
|
||||||
ip = "${var.host_ip}"
|
ip = "${var.host_ip}"
|
||||||
|
|
Loading…
Reference in New Issue