Add options for configuring control plane component extra volumes (#3779)

This takes care of a few arbitrary use cases that may require custom mounts
inside of apiserver, controller manager, or scheduler.
This commit is contained in:
Chad Swenson 2018-11-29 01:16:55 -06:00 committed by k8s-ci-robot
parent 5fcda86f8c
commit 487cfa5e6c
2 changed files with 34 additions and 2 deletions

View file

@ -129,6 +129,17 @@ kube_kubeadm_apiserver_extra_args: {}
kube_kubeadm_controller_extra_args: {} kube_kubeadm_controller_extra_args: {}
kube_kubeadm_scheduler_extra_args: {} kube_kubeadm_scheduler_extra_args: {}
## Extra control plane host volume mounts
## Example:
#apiserver_extra_volumes:
# - name: name
# hostPath: /host/path
# mountPath: /mount/path
# writable: false
apiserver_extra_volumes: {}
controller_manager_extra_volumes: {}
scheduler_extra_volumes: {}
## Encrypting Secret Data at Rest ## Encrypting Secret Data at Rest
kube_encrypt_secret_data: false kube_encrypt_secret_data: false
kube_encrypt_token: "{{ lookup('password', credentials_dir + '/kube_encrypt_token.creds length=32 chars=ascii_letters,digits') }}" kube_encrypt_token: "{{ lookup('password', credentials_dir + '/kube_encrypt_token.creds length=32 chars=ascii_letters,digits') }}"

View file

@ -147,7 +147,7 @@ schedulerExtraArgs:
{{ key }}: "{{ kube_kubeadm_scheduler_extra_args[key] }}" {{ key }}: "{{ kube_kubeadm_scheduler_extra_args[key] }}"
{% endfor %} {% endfor %}
{% endif %} {% endif %}
{% if kubernetes_audit or kube_basic_auth|default(true) or kube_token_auth|default(true) or ( cloud_provider is defined and cloud_provider in ["openstack", "azure", "vsphere", "aws"] ) %} {% if kubernetes_audit or kube_basic_auth|default(true) or kube_token_auth|default(true) or ( cloud_provider is defined and cloud_provider in ["openstack", "azure", "vsphere", "aws"] ) or apiserver_extra_volumes %}
apiServerExtraVolumes: apiServerExtraVolumes:
{% if cloud_provider is defined and cloud_provider in ["openstack", "azure", "vsphere", "aws", "external"] %} {% if cloud_provider is defined and cloud_provider in ["openstack", "azure", "vsphere", "aws", "external"] %}
- name: cloud-config - name: cloud-config
@ -175,8 +175,14 @@ apiServerExtraVolumes:
writable: true writable: true
{% endif %} {% endif %}
{% endif %} {% endif %}
{% for volume in apiserver_extra_volumes %}
- name: {{ volume.name }}
hostPath: {{ volume.hostPath }}
mountPath: {{ volume.mountPath }}
writable: {{ volume.writable | default(false)}}
{% endfor %}
{% endif %} {% endif %}
{% if cloud_provider is defined and cloud_provider in ["openstack", "azure", "vsphere", "aws", "external"] %} {% if cloud_provider is defined and cloud_provider in ["openstack", "azure", "vsphere", "aws", "external"] or controller_manager_extra_volumes %}
controllerManagerExtraVolumes: controllerManagerExtraVolumes:
{% if cloud_provider is defined and cloud_provider in ["openstack"] and openstack_cacert is defined %} {% if cloud_provider is defined and cloud_provider in ["openstack"] and openstack_cacert is defined %}
- name: openstackcacert - name: openstackcacert
@ -188,6 +194,21 @@ controllerManagerExtraVolumes:
hostPath: {{ kube_config_dir }}/cloud_config hostPath: {{ kube_config_dir }}/cloud_config
mountPath: {{ kube_config_dir }}/cloud_config mountPath: {{ kube_config_dir }}/cloud_config
{% endif %} {% endif %}
{% for volume in controller_manager_extra_volumes %}
- name: {{ volume.name }}
hostPath: {{ volume.hostPath }}
mountPath: {{ volume.mountPath }}
writable: {{ volume.writable | default(false)}}
{% endfor %}
{% endif %}
{% if scheduler_extra_volumes %}
schedulerExtraVolumes:
{% for volume in scheduler_extra_volumes %}
- name: {{ volume.name }}
hostPath: {{ volume.hostPath }}
mountPath: {{ volume.mountPath }}
writable: {{ volume.writable | default(false)}}
{% endfor %}
{% endif %} {% endif %}
--- ---
apiVersion: kubeproxy.config.k8s.io/v1alpha1 apiVersion: kubeproxy.config.k8s.io/v1alpha1