代码拉取完成,页面将自动刷新
package systemtemplate
var templateSource = `
---
apiVersion: v1
kind: Namespace
metadata:
name: cattle-system
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: cattle
namespace: cattle-system
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
name: cattle-admin-binding
namespace: cattle-system
labels:
cattle.io/creator: "norman"
subjects:
- kind: ServiceAccount
name: cattle
namespace: cattle-system
roleRef:
kind: ClusterRole
name: cattle-admin
apiGroup: rbac.authorization.k8s.io
---
apiVersion: v1
kind: Secret
metadata:
name: cattle-credentials-{{.TokenKey}}
namespace: cattle-system
type: Opaque
data:
url: "{{.URL}}"
token: "{{.Token}}"
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: cattle-admin
labels:
cattle.io/creator: "norman"
rules:
- apiGroups:
- '*'
resources:
- '*'
verbs:
- '*'
- nonResourceURLs:
- '*'
verbs:
- '*'
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: cattle-cluster-agent
namespace: cattle-system
spec:
selector:
matchLabels:
app: cattle-cluster-agent
template:
metadata:
labels:
app: cattle-cluster-agent
spec:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: beta.kubernetes.io/os
operator: NotIn
values:
- windows
serviceAccountName: cattle
containers:
- name: cluster-register
imagePullPolicy: IfNotPresent
env:
- name: CATTLE_SERVER
value: "{{.URLPlain}}"
- name: CATTLE_CA_CHECKSUM
value: "{{.CAChecksum}}"
- name: CATTLE_CLUSTER
value: "true"
- name: CATTLE_K8S_MANAGED
value: "true"
image: {{.AgentImage}}
volumeMounts:
- name: cattle-credentials
mountPath: /cattle-credentials
readOnly: true
volumes:
- name: cattle-credentials
secret:
secretName: cattle-credentials-{{.TokenKey}}
---
apiVersion: extensions/v1beta1
kind: DaemonSet
metadata:
name: cattle-node-agent
namespace: cattle-system
spec:
selector:
matchLabels:
app: cattle-agent
template:
metadata:
labels:
app: cattle-agent
spec:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: beta.kubernetes.io/os
operator: NotIn
values:
- windows
hostNetwork: true
serviceAccountName: cattle
tolerations:
- effect: NoExecute
key: "node-role.kubernetes.io/etcd"
value: "true"
- effect: NoSchedule
key: "node-role.kubernetes.io/controlplane"
value: "true"
containers:
- name: agent
image: {{.AgentImage}}
imagePullPolicy: IfNotPresent
env:
- name: CATTLE_NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
- name: CATTLE_SERVER
value: "{{.URLPlain}}"
- name: CATTLE_CA_CHECKSUM
value: "{{.CAChecksum}}"
- name: CATTLE_CLUSTER
value: "false"
- name: CATTLE_K8S_MANAGED
value: "true"
- name: CATTLE_AGENT_CONNECT
value: "true"
volumeMounts:
- name: cattle-credentials
mountPath: /cattle-credentials
readOnly: true
- name: k8s-ssl
mountPath: /etc/kubernetes
- name: var-run
mountPath: /var/run
- name: run
mountPath: /run
securityContext:
privileged: true
volumes:
- name: k8s-ssl
hostPath:
path: /etc/kubernetes
type: DirectoryOrCreate
- name: var-run
hostPath:
path: /var/run
type: DirectoryOrCreate
- name: run
hostPath:
path: /run
type: DirectoryOrCreate
- name: cattle-credentials
secret:
secretName: cattle-credentials-{{.TokenKey}}
updateStrategy:
type: RollingUpdate
{{- if .AuthImage}}
---
apiVersion: extensions/v1beta1
kind: DaemonSet
metadata:
name: kube-api-auth
namespace: cattle-system
spec:
selector:
matchLabels:
app: kube-api-auth
template:
metadata:
labels:
app: kube-api-auth
spec:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: beta.kubernetes.io/os
operator: NotIn
values:
- windows
hostNetwork: true
serviceAccountName: cattle
tolerations:
- effect: NoExecute
key: "node-role.kubernetes.io/etcd"
value: "true"
- effect: NoSchedule
key: "node-role.kubernetes.io/controlplane"
value: "true"
containers:
- name: kube-api-auth
image: {{.AuthImage}}
imagePullPolicy: IfNotPresent
volumeMounts:
- name: k8s-ssl
mountPath: /etc/kubernetes
securityContext:
privileged: true
volumes:
- name: k8s-ssl
hostPath:
path: /etc/kubernetes
type: DirectoryOrCreate
updateStrategy:
type: RollingUpdate
{{- end }}
`
var AuthDaemonSet = `
apiVersion: extensions/v1beta1
kind: DaemonSet
metadata:
name: kube-api-auth
namespace: cattle-system
`
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。