This repository has been archived by the owner on Nov 20, 2021. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 10
/
bootstrapserver.go
118 lines (109 loc) · 3.27 KB
/
bootstrapserver.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
package components
import (
"fmt"
"path/filepath"
"strconv"
corev1 "k8s.io/api/core/v1"
"k8s.io/apimachinery/pkg/api/resource"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/util/intstr"
"github.com/criticalstack/crit/internal/config"
computil "github.com/criticalstack/crit/pkg/cluster/components/util"
"github.com/criticalstack/crit/pkg/kubernetes/util/pointer"
)
func NewBootstrapServerStaticPod(cfg *config.ControlPlaneConfiguration) *corev1.Pod {
kubeconfigFile := filepath.Join(cfg.NodeConfiguration.KubeDir, "admin.conf")
certsDir := filepath.Join(cfg.NodeConfiguration.KubeDir, "pki")
serverPort := 8080
defaultArguments := map[string]string{
"cert-file": filepath.Join(certsDir, "apiserver.crt"),
"key-file": filepath.Join(certsDir, "apiserver.key"),
"kubeconfig": kubeconfigFile,
"provider": cfg.CritBootstrapServerConfiguration.CloudProvider,
}
if portStr, ok := cfg.CritBootstrapServerConfiguration.ExtraArgs["port"]; ok {
if port, err := strconv.Atoi(portStr); err == nil {
serverPort = port
}
}
command := []string{"/bootstrap-server"}
command = append(command, computil.BuildArgumentListFromMap(defaultArguments, cfg.CritBootstrapServerConfiguration.ExtraArgs)...)
p := &corev1.Pod{
TypeMeta: metav1.TypeMeta{
APIVersion: "v1",
Kind: "Pod",
},
ObjectMeta: metav1.ObjectMeta{
Name: "bootstrap-server",
Namespace: metav1.NamespaceSystem,
Labels: map[string]string{
"component": "bootstrap-server",
"tier": "control-plane",
},
},
Spec: corev1.PodSpec{
Containers: []corev1.Container{
{
Name: "bootstrap-server",
Image: fmt.Sprintf("docker.io/criticalstack/bootstrap-server:v%s", cfg.CritBootstrapServerConfiguration.Version),
ImagePullPolicy: corev1.PullIfNotPresent,
Command: command,
VolumeMounts: []corev1.VolumeMount{
{
Name: "k8s-certs",
MountPath: certsDir,
ReadOnly: true,
},
{
Name: "kubeconfig",
MountPath: kubeconfigFile,
ReadOnly: true,
},
},
LivenessProbe: &corev1.Probe{
Handler: corev1.Handler{
HTTPGet: &corev1.HTTPGetAction{
Host: cfg.NodeConfiguration.HostIPv4,
Path: "/healthz",
Port: intstr.FromInt(serverPort),
Scheme: corev1.URISchemeHTTPS,
},
},
InitialDelaySeconds: 15,
TimeoutSeconds: 15,
FailureThreshold: 8,
},
Resources: corev1.ResourceRequirements{
Requests: corev1.ResourceList{
corev1.ResourceName(corev1.ResourceCPU): resource.MustParse("250m"),
},
},
Env: computil.GetProxyEnvVars(),
},
},
PriorityClassName: "system-cluster-critical",
HostNetwork: true,
Volumes: []corev1.Volume{
{
Name: "k8s-certs",
VolumeSource: corev1.VolumeSource{
HostPath: &corev1.HostPathVolumeSource{
Path: certsDir,
Type: pointer.HostPathTypePtr(corev1.HostPathDirectoryOrCreate),
},
},
},
{
Name: "kubeconfig",
VolumeSource: corev1.VolumeSource{
HostPath: &corev1.HostPathVolumeSource{
Path: kubeconfigFile,
Type: pointer.HostPathTypePtr(corev1.HostPathFileOrCreate),
},
},
},
},
},
}
return p
}