update README & gke-replicaset.yaml

kube-node · Dec 7, 2017 · f9892fb · f9892fb
1 parent 96c717e
commit f9892fb
Show file tree

Hide file tree

Showing 2 changed files with 19 additions and 6 deletions.
diff --git a/cmd/nodeset-controller/README.md b/cmd/nodeset-controller/README.md
@@ -31,10 +31,15 @@ Create the service account token as a secret:
 
 ``` shell
 $ gcloud iam service-accounts keys create secret.json --iam-account=nodeset@<PROJECT>.iam.gserviceaccount.com
-$ jq -r ".private_key" secret.json > private_key
-$ kubectl create secret generic nodeset-gcloud-service-account --from-file=private_key --namespace kube-system
+$ kubectl create secret generic nodeset-gcloud-service-account --from-file=SERVICE_ACCOUNT_FILE.json --namespace kube-system
 ```
 
+Update the specific values in the `gke-replicaset.yaml`
+
+* `gke-cluster-id`
+* `gke-project-id`
+* `gke-zone`
+
 Create the ReplicaSet:
 
 ``` shell

diff --git a/cmd/nodeset-controller/gke-replicaset.yaml b/cmd/nodeset-controller/gke-replicaset.yaml
@@ -11,23 +11,31 @@ spec:
         app: kube-node
         controller: nodeset
     spec:
+      volumes:
+      - name: gcp-account
+        secret:
+          secretName: nodeset-gcloud-service-account
       containers:
       - name: controller
         image: kubenode/nodeset-controller:latest
         command:
         - /nodeset-controller
         args:
         - --backend=gke
+        - --gke-cluster-id=CLUSTER
+        - --gke-project-id=PROJECT_ID
+        - --gke-zone=ZONE
         - --logtostderr
         - --v=5
         imagePullPolicy: Always
         resources:
           requests:
             cpu: 100m
             memory: 300Mi
+        volumeMounts:
+        - name: gcp-account
+          readOnly: true
+          mountPath: "/etc/gcp"
         env:
         - name: GOOGLE_APPLICATION_CREDENTIALS
-          valueFrom:
-            secretKeyRef:
-              name: nodeset-gcloud-service-account
-              key: private_key
+          value: "/etc/gcp/secret.json"