vigneshragupathy
/ bootstrap-kubeconfig.yaml
Created Nov 30, 2019
View bootstrap-kubeconfig.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: v1 | |
| kind: Config | |
| clusters: | |
| - cluster: | |
| certificate-authority: /var/lib/kubernetes/ca.crt | |
| server: https://10.0.0.1:6443 | |
| name: bootstrap | |
| contexts: | |
| - context: | |
| cluster: bootstrap |
vigneshragupathy
/ autorize-autorenew.yaml
Created Nov 30, 2019
View autorize-autorenew.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Approve renewal CSRs for the group "system:nodes" | |
| apiVersion: rbac.authorization.k8s.io/v1 | |
| kind: ClusterRoleBinding | |
| metadata: | |
| name: auto-approve-renewals-for-nodes | |
| subjects: | |
| - kind: Group | |
| name: system:nodes | |
| apiGroup: rbac.authorization.k8s.io | |
| roleRef: |
vigneshragupathy
/ autorize-approve-csr.yaml
Created Nov 30, 2019
View autorize-approve-csr.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: rbac.authorization.k8s.io/v1 | |
| kind: ClusterRoleBinding | |
| metadata: | |
| name: auto-approve-csrs-for-group | |
| subjects: | |
| - kind: Group | |
| name: system:bootstrappers | |
| apiGroup: rbac.authorization.k8s.io | |
| roleRef: | |
| kind: ClusterRole |
vigneshragupathy
/ autorize-create-csr.yaml
Created Nov 30, 2019
View autorize-create-csr.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # enable bootstrapping nodes to create CSR | |
| apiVersion: rbac.authorization.k8s.io/v1 | |
| kind: ClusterRoleBinding | |
| metadata: | |
| name: create-csrs-for-bootstrapping | |
| subjects: | |
| - kind: Group | |
| name: system:bootstrappers | |
| apiGroup: rbac.authorization.k8s.io | |
| roleRef: |
vigneshragupathy
/ bootstrap-token.yaml
Created Nov 30, 2019
View bootstrap-token.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: v1 | |
| kind: Secret | |
| metadata: | |
| # Name MUST be of form "bootstrap-token-<token id>" | |
| name: bootstrap-token-07401b | |
| namespace: kube-system | |
| # Type MUST be 'bootstrap.kubernetes.io/token' | |
| type: bootstrap.kubernetes.io/token | |
| stringData: |
vigneshragupathy
/ kube-proxy.service
Created Nov 30, 2019
View kube-proxy.service
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [Unit] | |
| Description=Kubernetes Kube Proxy | |
| Documentation=https://github.com/kubernetes/kubernetes | |
| [Service] | |
| ExecStart=/usr/local/bin/kube-proxy \ | |
| --config=/var/lib/kube-proxy/kube-proxy-config.yaml | |
| Restart=on-failure | |
| RestartSec=5 |
vigneshragupathy
/ kube-proxy-config.yaml
Created Nov 30, 2019
View kube-proxy-config.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| kind: KubeProxyConfiguration | |
| apiVersion: kubeproxy.config.k8s.io/v1alpha1 | |
| clientConnection: | |
| kubeconfig: "/var/lib/kube-proxy/kubeconfig" | |
| mode: "iptables" | |
| clusterCIDR: "192.168.5.0/24" |
vigneshragupathy
/ kubelet.service
Created Nov 30, 2019
View kubelet.service
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [Unit] | |
| Description=Kubernetes Kubelet | |
| Documentation=https://github.com/kubernetes/kubernetes | |
| After=docker.service | |
| Requires=docker.service | |
| [Service] | |
| ExecStart=/usr/local/bin/kubelet \ | |
| --config=/var/lib/kubelet/kubelet-config.yaml \ | |
| --image-pull-progress-deadline=2m \ |
vigneshragupathy
/ kubelet-config.yaml
Created Nov 30, 2019
View kubelet-config.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| kind: KubeletConfiguration | |
| apiVersion: kubelet.config.k8s.io/v1beta1 | |
| authentication: | |
| anonymous: | |
| enabled: false | |
| webhook: | |
| enabled: true | |
| x509: | |
| clientCAFile: "/var/lib/kubernetes/ca.crt" | |
| authorization: |
vigneshragupathy
/ kubernetes2.conf
Created Nov 30, 2019
View kubernetes2.conf
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [req] | |
| req_extensions = req_ext | |
| distinguished_name = dn | |
| [dn] | |
| [ req_ext ] | |
| basicConstraints = CA:FALSE | |
| keyUsage = nonRepudiation, digitalSignature, keyEncipherment | |
| subjectAltName = @alt_names |
NewerOlder