Add api runtime config option, review kubernetes handlers

2026-05-19 14:57:43 -02:30 · 2015-11-27 12:32:31 +01:00
parent f74c195d47
commit 97c4edc028
7 changed files with 61 additions and 16 deletions
--- a/roles/kubernetes/master/templates/apiserver.j2
+++ b/roles/kubernetes/master/templates/apiserver.j2
@@ -21,5 +21,8 @@ KUBE_ETCD_SERVERS="--etcd_servers={% for node in groups['etcd'] %}http://{{ node
 # default admission control policies
 KUBE_ADMISSION_CONTROL="--admission_control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota"

+# RUNTIME API CONFIGURATION (e.g. enable extensions)
+KUBE_RUNTIME_CONFIG="{% if kube_api_runtime_config is defined %}{% for conf in kube_api_runtime_config %}--runtime-config={{ conf }} {% endfor %}{% endif %}"
+
 # Add you own!
 KUBE_API_ARGS="--tls_cert_file={{ kube_cert_dir }}/server.crt --tls_private_key_file={{ kube_cert_dir }}/server.key --client_ca_file={{ kube_cert_dir }}/ca.crt --token_auth_file={{ kube_token_dir }}/known_tokens.csv --basic-auth-file={{ kube_users_dir }}/known_users.csv --service_account_key_file={{ kube_cert_dir }}/server.crt"
--- a/roles/kubernetes/master/templates/systemd-init/kube-apiserver.service.j2
+++ b/roles/kubernetes/master/templates/systemd-init/kube-apiserver.service.j2
@@ -19,6 +19,7 @@ ExecStart={{ bin_dir }}/kube-apiserver \
 	    $KUBE_ALLOW_PRIV \
 	    $KUBE_SERVICE_ADDRESSES \
 	    $KUBE_ADMISSION_CONTROL \
+	    $KUBE_RUNTIME_CONFIG \
 	    $KUBE_API_ARGS
 Restart=on-failure
 Type=notify