porkadot 0.19.1 → 0.20.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/porkadot/assets/kubernetes.rb +1 -0
- data/lib/porkadot/assets/kubernetes/kubeconfig.yaml.erb +19 -0
- data/lib/porkadot/assets/kubernetes/manifests/flannel.yaml.erb +2 -2
- data/lib/porkadot/assets/kubernetes/manifests/kube-apiserver.secrets.yaml.erb +1 -0
- data/lib/porkadot/configs/kubernetes.rb +2 -0
- data/lib/porkadot/default.yaml +2 -2
- data/lib/porkadot/install/kubernetes.rb +2 -1
- data/lib/porkadot/version.rb +1 -1
- metadata +3 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: dab74c5a6f0fd112b9ec994a67fe85c2bbe02c478ab68c95dcf8c998d9ddb64f
|
4
|
+
data.tar.gz: 272069efcb1b5bea219c54b4a4b0ec432bc215352fa786adcfc7923fdf73ae75
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: eea11e276a5d6d95b231f3dce02b36eeb040533902c03202273b66ac1ad1d6dbe52349a0a5bfc6a69e0a5cf920dee49e871dcc2b8174c5e2ea3c8460fff4ec67
|
7
|
+
data.tar.gz: fa3c81ddc0dc1330ad4ea579b27557bd7316b3ccec0f1cd08c11a1cd107ecb4a2b472d71502811e88addd185a72f7b5b1fd0355ded8929a6a1de0299054d1778
|
@@ -40,6 +40,7 @@ module Porkadot; module Assets
|
|
40
40
|
render_secrets_erb "manifests/kube-controller-manager.secrets.yaml"
|
41
41
|
render_erb "manifests/kubelet-rubber-stamp.yaml"
|
42
42
|
render_erb "manifests/storage-version-migrator.yaml"
|
43
|
+
render_secrets_erb "kubeconfig.yaml"
|
43
44
|
render_erb 'install.sh'
|
44
45
|
end
|
45
46
|
|
@@ -0,0 +1,19 @@
|
|
1
|
+
apiVersion: v1
|
2
|
+
kind: Config
|
3
|
+
clusters:
|
4
|
+
- name: kubernetes
|
5
|
+
cluster:
|
6
|
+
certificate-authority-data: <%= certs.kubernetes.to_base64(:ca_cert) %>
|
7
|
+
server: https://127.0.0.1:<%= global_config.k8s.apiserver.bind_port %>
|
8
|
+
users:
|
9
|
+
- name: admin
|
10
|
+
user:
|
11
|
+
client-certificate-data: <%= certs.kubernetes.to_base64(:client_cert) %>
|
12
|
+
client-key-data: <%= certs.kubernetes.to_base64(:client_key) %>
|
13
|
+
contexts:
|
14
|
+
- context:
|
15
|
+
cluster: kubernetes
|
16
|
+
user: admin
|
17
|
+
name: admin-context
|
18
|
+
current-context: admin-context
|
19
|
+
|
@@ -166,7 +166,7 @@ spec:
|
|
166
166
|
serviceAccountName: flannel
|
167
167
|
initContainers:
|
168
168
|
- name: install-cni
|
169
|
-
image: quay.io/coreos/flannel:v0.
|
169
|
+
image: quay.io/coreos/flannel:v0.14.0
|
170
170
|
command:
|
171
171
|
- cp
|
172
172
|
args:
|
@@ -180,7 +180,7 @@ spec:
|
|
180
180
|
mountPath: /etc/kube-flannel/
|
181
181
|
containers:
|
182
182
|
- name: kube-flannel
|
183
|
-
image: quay.io/coreos/flannel:v0.
|
183
|
+
image: quay.io/coreos/flannel:v0.14.0
|
184
184
|
command:
|
185
185
|
- /opt/bin/flanneld
|
186
186
|
args:
|
@@ -11,6 +11,7 @@ data:
|
|
11
11
|
kubelet-client.crt: <%= certs.kubernetes.to_base64(:kubelet_client_cert) %>
|
12
12
|
kubelet-client.key: <%= certs.kubernetes.to_base64(:kubelet_client_key) %>
|
13
13
|
sa.pub: <%= certs.kubernetes.to_base64(:sa_public_key) %>
|
14
|
+
sa.key: <%= certs.kubernetes.to_base64(:sa_private_key) %>
|
14
15
|
kind: Secret
|
15
16
|
metadata:
|
16
17
|
name: kube-apiserver
|
@@ -128,7 +128,9 @@ module Porkadot; module Configs
|
|
128
128
|
--requestheader-group-headers=X-Remote-Group
|
129
129
|
--requestheader-username-headers=X-Remote-User
|
130
130
|
--secure-port=#{self.bind_port}
|
131
|
+
--service-account-issuer=https://kubernetes.default.svc#{self.config.k8s.networking.dns_domain}
|
131
132
|
--service-account-key-file=/etc/kubernetes/pki/kubernetes/sa.pub
|
133
|
+
--service-account-signing-key-file=/etc/kubernetes/pki/kubernetes/sa.key
|
132
134
|
--service-cluster-ip-range=#{config.k8s.networking.service_subnet}
|
133
135
|
--storage-backend=etcd3
|
134
136
|
--tls-cert-file=/etc/kubernetes/pki/kubernetes/apiserver.crt
|
data/lib/porkadot/default.yaml
CHANGED
@@ -27,11 +27,11 @@ lb:
|
|
27
27
|
|
28
28
|
etcd:
|
29
29
|
image_repository: gcr.io/etcd-development/etcd
|
30
|
-
image_tag: v3.4.
|
30
|
+
image_tag: v3.4.13
|
31
31
|
extra_env: []
|
32
32
|
|
33
33
|
kubernetes:
|
34
|
-
kubernetes_version: v1.
|
34
|
+
kubernetes_version: v1.20.3
|
35
35
|
image_repository: k8s.gcr.io
|
36
36
|
|
37
37
|
networking:
|
@@ -26,7 +26,8 @@ module Porkadot; module Install
|
|
26
26
|
upload! config.target_secrets_path, KUBE_SECRETS_TEMP, recursive: true
|
27
27
|
execute(:cp, '-r', KUBE_SECRETS_TEMP + '/*', KUBE_TEMP)
|
28
28
|
|
29
|
-
as user: 'root' do
|
29
|
+
# as user: 'root' do
|
30
|
+
with KUBECONFIG: File.join(KUBE_TEMP, 'kubeconfig.yaml') do
|
30
31
|
execute(:bash, File.join(KUBE_TEMP, 'install.sh'))
|
31
32
|
end
|
32
33
|
end
|
data/lib/porkadot/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: porkadot
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.20.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- OTSUKA, Yuanying
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2021-07-
|
11
|
+
date: 2021-07-25 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: thor
|
@@ -143,6 +143,7 @@ files:
|
|
143
143
|
- lib/porkadot/assets/kubelet/setup-containerd.sh.erb
|
144
144
|
- lib/porkadot/assets/kubernetes.rb
|
145
145
|
- lib/porkadot/assets/kubernetes/install.sh.erb
|
146
|
+
- lib/porkadot/assets/kubernetes/kubeconfig.yaml.erb
|
146
147
|
- lib/porkadot/assets/kubernetes/manifests/coredns.yaml.erb
|
147
148
|
- lib/porkadot/assets/kubernetes/manifests/dns-horizontal-autoscaler.yaml.erb
|
148
149
|
- lib/porkadot/assets/kubernetes/manifests/flannel.yaml.erb
|