c12s-kubespray/roles/kubernetes-apps/policy_controller/calico/templates/calico-kube-controllers.yml.j2
Aivars Sterns 23fd3461bc calico upgrade to v3 (#3086)
* calico upgrade to v3

* update calico_rr version

* add missing file

* change contents of main.yml as it was left old version

* enable network policy by default

* remove unneeded task

* Fix kubelet calico settings

* fix when statement

* switch back to node-kubeconfig.yaml
2018-08-23 17:17:18 +03:00

59 lines
1.8 KiB
Django/Jinja

apiVersion: apps/v1beta2
kind: Deployment
metadata:
name: calico-kube-controllers
namespace: kube-system
labels:
k8s-app: calico-kube-controllers
kubernetes.io/cluster-service: "true"
annotations:
scheduler.alpha.kubernetes.io/critical-pod: ''
spec:
replicas: 1
strategy:
type: Recreate
selector:
matchLabels:
kubernetes.io/cluster-service: "true"
k8s-app: calico-kube-controllers
template:
metadata:
name: calico-kube-controllers
namespace: kube-system
labels:
kubernetes.io/cluster-service: "true"
k8s-app: calico-kube-controllers
spec:
hostNetwork: true
serviceAccountName: calico-kube-controllers
tolerations:
- effect: NoSchedule
operator: Exists
containers:
- name: calico-kube-controllers
image: {{ calico_policy_image_repo }}:{{ calico_policy_image_tag }}
imagePullPolicy: {{ k8s_image_pull_policy }}
resources:
limits:
cpu: {{ calico_policy_controller_cpu_limit }}
memory: {{ calico_policy_controller_memory_limit }}
requests:
cpu: {{ calico_policy_controller_cpu_requests }}
memory: {{ calico_policy_controller_memory_requests }}
env:
- name: ETCD_ENDPOINTS
value: "{{ etcd_access_addresses }}"
- name: ETCD_CA_CERT_FILE
value: "{{ calico_cert_dir }}/ca_cert.crt"
- name: ETCD_CERT_FILE
value: "{{ calico_cert_dir }}/cert.crt"
- name: ETCD_KEY_FILE
value: "{{ calico_cert_dir }}/key.pem"
volumeMounts:
- mountPath: {{ calico_cert_dir }}
name: etcd-certs
readOnly: true
volumes:
- hostPath:
path: {{ calico_cert_dir }}
name: etcd-certs