joejulian/clusterapi.yaml

## clusterapi.yaml
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
  labels:
    app: etcd
  name: etcd-clusterapi
spec:
  podManagementPolicy: OrderedReady
  replicas: 1
  revisionHistoryLimit: 10
  selector:
    matchLabels:
      app: etcd
  serviceName: etcd
  template:
    metadata:
      labels:
        app: etcd
    spec:
      containers:
      - command:
        - /usr/local/bin/etcd
        - --listen-client-urls
        - http://0.0.0.0:2379
        - --advertise-client-urls
        - http://localhost:2379
        env:
        - name: ETCD_DATA_DIR
          value: /etcd-data-dir
        image: k8s.gcr.io/etcd:3.1.12
        imagePullPolicy: IfNotPresent
        livenessProbe:
          failureThreshold: 3
          httpGet:
            path: /health
            port: 2379
            scheme: HTTP
          initialDelaySeconds: 10
          periodSeconds: 10
          successThreshold: 1
          timeoutSeconds: 2
        name: etcd
        ports:
        - containerPort: 2379
          protocol: TCP
        readinessProbe:
          failureThreshold: 1
          httpGet:
            path: /health
            port: 2379
            scheme: HTTP
          initialDelaySeconds: 10
          periodSeconds: 10
          successThreshold: 1
          timeoutSeconds: 2
        resources:
          limits:
            cpu: 200m
            memory: 300Mi
          requests:
            cpu: 100m
            memory: 50Mi
        volumeMounts:
        - mountPath: /etcd-data-dir
          name: etcd-data-dir
      tolerations:
      - effect: NoSchedule
        key: node-role.kubernetes.io/master
      - key: CriticalAddonsOnly
        operator: Exists
      - effect: NoExecute
        key: node.alpha.kubernetes.io/notReady
        operator: Exists
      - effect: NoExecute
        key: node.alpha.kubernetes.io/unreachable
        operator: Exists
      volumes:
      - hostPath:
          path: /var/lib/etcd2
          type: DirectoryOrCreate
        name: etcd-data-dir
  updateStrategy:
    type: OnDelete
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  labels:
    api: clusterapi
    apiserver: "true"
  name: clusterapi-apiserver
spec:
  progressDeadlineSeconds: 600
  replicas: 1
  selector:
    matchLabels:
      api: clusterapi
      apiserver: "true"
  template:
    metadata:
      labels:
        api: clusterapi
        apiserver: "true"
    spec:
      containers:
      - args:
        - --etcd-servers=http://etcd-clusterapi-svc:2379
        - --tls-cert-file=/apiserver.local.config/certificates/tls.crt
        - --tls-private-key-file=/apiserver.local.config/certificates/tls.key
        - --audit-log-path=-
        - --audit-log-maxage=0
        - --audit-log-maxbackup=0
        - --authorization-kubeconfig=/etc/kubernetes/admin.conf
        - --kubeconfig=/etc/kubernetes/admin.conf
        command:
        - ./apiserver
        image: gcr.io/k8s-cluster-api/cluster-apiserver:0.0.5
        imagePullPolicy: IfNotPresent
        name: apiserver
        resources:
          limits:
            cpu: 300m
            memory: 200Mi
          requests:
            cpu: 100m
            memory: 50Mi
        volumeMounts:
        - mountPath: /apiserver.local.config/certificates
          name: cluster-apiserver-certs
          readOnly: true
        - mountPath: /etc/kubernetes
          name: config
        - mountPath: /etc/ssl/certs
          name: certs
      nodeSelector:
        node-role.kubernetes.io/master: ""
      tolerations:
      - effect: NoSchedule
        key: node-role.kubernetes.io/master
      - key: CriticalAddonsOnly
        operator: Exists
      - effect: NoExecute
        key: node.alpha.kubernetes.io/notReady
        operator: Exists
      - effect: NoExecute
        key: node.alpha.kubernetes.io/unreachable
        operator: Exists
      volumes:
      - name: cluster-apiserver-certs
        secret:
          defaultMode: 420
          secretName: cluster-apiserver-certs
      - hostPath:
          path: /etc/kubernetes
        name: config
      - hostPath:
          path: /etc/ssl/certs
        name: certs
	---
	apiVersion: apps/v1
	kind: StatefulSet
	metadata:
	labels:
	app: etcd
	name: etcd-clusterapi
	spec:
	podManagementPolicy: OrderedReady
	replicas: 1
	revisionHistoryLimit: 10
	selector:
	matchLabels:
	app: etcd
	serviceName: etcd
	template:
	metadata:
	labels:
	app: etcd
	spec:
	containers:
	- command:
	- /usr/local/bin/etcd
	- --listen-client-urls
	- http://0.0.0.0:2379
	- --advertise-client-urls
	- http://localhost:2379
	env:
	- name: ETCD_DATA_DIR
	value: /etcd-data-dir
	image: k8s.gcr.io/etcd:3.1.12
	imagePullPolicy: IfNotPresent
	livenessProbe:
	failureThreshold: 3
	httpGet:
	path: /health
	port: 2379
	scheme: HTTP
	initialDelaySeconds: 10
	periodSeconds: 10
	successThreshold: 1
	timeoutSeconds: 2
	name: etcd
	ports:
	- containerPort: 2379
	protocol: TCP
	readinessProbe:
	failureThreshold: 1
	httpGet:
	path: /health
	port: 2379
	scheme: HTTP
	initialDelaySeconds: 10
	periodSeconds: 10
	successThreshold: 1
	timeoutSeconds: 2
	resources:
	limits:
	cpu: 200m
	memory: 300Mi
	requests:
	cpu: 100m
	memory: 50Mi
	volumeMounts:
	- mountPath: /etcd-data-dir
	name: etcd-data-dir
	tolerations:
	- effect: NoSchedule
	key: node-role.kubernetes.io/master
	- key: CriticalAddonsOnly
	operator: Exists
	- effect: NoExecute
	key: node.alpha.kubernetes.io/notReady
	operator: Exists
	- effect: NoExecute
	key: node.alpha.kubernetes.io/unreachable
	operator: Exists
	volumes:
	- hostPath:
	path: /var/lib/etcd2
	type: DirectoryOrCreate
	name: etcd-data-dir
	updateStrategy:
	type: OnDelete
	---
	apiVersion: extensions/v1beta1
	kind: Deployment
	metadata:
	labels:
	api: clusterapi
	apiserver: "true"
	name: clusterapi-apiserver
	spec:
	progressDeadlineSeconds: 600
	replicas: 1
	selector:
	matchLabels:
	api: clusterapi
	apiserver: "true"
	template:
	metadata:
	labels:
	api: clusterapi
	apiserver: "true"
	spec:
	containers:
	- args:
	- --etcd-servers=http://etcd-clusterapi-svc:2379
	- --tls-cert-file=/apiserver.local.config/certificates/tls.crt
	- --tls-private-key-file=/apiserver.local.config/certificates/tls.key
	- --audit-log-path=-
	- --audit-log-maxage=0
	- --audit-log-maxbackup=0
	- --authorization-kubeconfig=/etc/kubernetes/admin.conf
	- --kubeconfig=/etc/kubernetes/admin.conf
	command:
	- ./apiserver
	image: gcr.io/k8s-cluster-api/cluster-apiserver:0.0.5
	imagePullPolicy: IfNotPresent
	name: apiserver
	resources:
	limits:
	cpu: 300m
	memory: 200Mi
	requests:
	cpu: 100m
	memory: 50Mi
	volumeMounts:
	- mountPath: /apiserver.local.config/certificates
	name: cluster-apiserver-certs
	readOnly: true
	- mountPath: /etc/kubernetes
	name: config
	- mountPath: /etc/ssl/certs
	name: certs
	nodeSelector:
	node-role.kubernetes.io/master: ""
	tolerations:
	- effect: NoSchedule
	key: node-role.kubernetes.io/master
	- key: CriticalAddonsOnly
	operator: Exists
	- effect: NoExecute
	key: node.alpha.kubernetes.io/notReady
	operator: Exists
	- effect: NoExecute
	key: node.alpha.kubernetes.io/unreachable
	operator: Exists
	volumes:
	- name: cluster-apiserver-certs
	secret:
	defaultMode: 420
	secretName: cluster-apiserver-certs
	- hostPath:
	path: /etc/kubernetes
	name: config
	- hostPath:
	path: /etc/ssl/certs
	name: certs