c12s-kubespray/roles/network_plugin/flannel/templates/flannel-pod.yml
Matthew Mosesohn 6bb3463e7c Enable scheduling of critical pods and network plugins on master
Added toleration to DNS, netchecker, fluentd, canal, and
calico policy.

Also small fixes to make yamllint pass.
2017-08-24 10:41:17 +01:00

47 lines
1.5 KiB
YAML

---
kind: "Pod"
apiVersion: "v1"
metadata:
name: "flannel"
namespace: "{{system_namespace}}"
labels:
app: "flannel"
version: "v0.1"
spec:
tolerations:
- effect: NoSchedule
operator: Exists
volumes:
- name: "subnetenv"
hostPath:
path: "/run/flannel"
- name: "etcd-certs"
hostPath:
path: "{{ flannel_cert_dir }}"
containers:
- name: "flannel-container"
image: "{{ flannel_image_repo }}:{{ flannel_image_tag }}"
imagePullPolicy: {{ k8s_image_pull_policy }}
resources:
limits:
cpu: {{ flannel_cpu_limit }}
memory: {{ flannel_memory_limit }}
requests:
cpu: {{ flannel_cpu_requests }}
memory: {{ flannel_memory_requests }}
command:
- "/bin/sh"
- "-c"
- "/opt/bin/flanneld -etcd-endpoints {{ etcd_access_endpoint }} -etcd-prefix /{{ cluster_name }}/network -etcd-cafile {{ flannel_cert_dir }}/ca_cert.crt -etcd-certfile {{ flannel_cert_dir }}/cert.crt -etcd-keyfile {{ flannel_cert_dir }}/key.pem {% if flannel_interface is defined %}-iface {{ flannel_interface }}{% endif %} {% if flannel_public_ip is defined %}-public-ip {{ flannel_public_ip }}{% endif %}"
ports:
- hostPort: 10253
containerPort: 10253
volumeMounts:
- name: "subnetenv"
mountPath: "/run/flannel"
- name: "etcd-certs"
mountPath: "{{ flannel_cert_dir }}"
readOnly: true
securityContext:
privileged: true
hostNetwork: true