修改kubeadm默认配置

Others 2021-11-24 23:52:34 views: null 
func getAPIServerCommand(cfg *kubeadmapi.ClusterConfiguration, localAPIEndpoint *kubeadmapi.APIEndpoint) []string {
        defaultArguments := map[string]string{
                "audit-log-path":                  "/var/log/apiserver.log",
                "audit-log-maxage":                "30",
                "audit-log-maxbackup":             "10",
                "audit-log-maxsize":               "100",
                "profiling":                       "false",
                "advertise-address":               localAPIEndpoint.AdvertiseAddress,
                "insecure-port":                   "0",
                "enable-admission-plugins":        "NodeRestriction",
                "service-cluster-ip-range":        cfg.Networking.ServiceSubnet,
                "service-account-key-file":        filepath.Join(cfg.CertificatesDir, kubeadmconstants.ServiceAccountPublicKeyName),
                "client-ca-file":                  filepath.Join(cfg.CertificatesDir, kubeadmconstants.CACertName),
                "tls-cert-file":                   filepath.Join(cfg.CertificatesDir, kubeadmconstants.APIServerCertName),
                "tls-private-key-file":            filepath.Join(cfg.CertificatesDir, kubeadmconstants.APIServerKeyName),
                "kubelet-client-certificate":      filepath.Join(cfg.CertificatesDir, kubeadmconstants.APIServerKubeletClientCertName),
                "kubelet-client-key":              filepath.Join(cfg.CertificatesDir, kubeadmconstants.APIServerKubeletClientKeyName),
                "enable-bootstrap-token-auth":     "true",
                "secure-port":                     fmt.Sprintf("%d", localAPIEndpoint.BindPort),
                "allow-privileged":                "true",
                "kubelet-preferred-address-types": "InternalIP,ExternalIP,Hostname",
                // add options to configure the front proxy.  Without the generated client cert, this will never be useable
                // so add it unconditionally with recommended values
                "requestheader-username-headers":     "X-Remote-User",
                "requestheader-group-headers":        "X-Remote-Group",
                "requestheader-extra-headers-prefix": "X-Remote-Extra-",
                "requestheader-client-ca-file":       filepath.Join(cfg.CertificatesDir, kubeadmconstants.FrontProxyCACertName),
                "requestheader-allowed-names":        "front-proxy-client",
                "proxy-client-cert-file":             filepath.Join(cfg.CertificatesDir, kubeadmconstants.FrontProxyClientCertName),
                "proxy-client-key-file":              filepath.Join(cfg.CertificatesDir, kubeadmconstants.FrontProxyClientKeyName),
        }

文件路径:

kubernetes/cmd/kubeadm/app/phases/controlplane/manifests.go

默认配置函数:

getAPIServerCommand

getControllerManagerCommand

getSchedulerCommand

Guess you like

Origin blog.csdn.net/lyj22/article/details/121401475
Recommended
"U.S. Threats and Damage to Global Cyberspace Security and Development" report released
Ranking
[DP] expected [UVA1498] Activation
What is the ABAP Dynpro program
记录一下halcon例程报错和两个视觉库感兴趣区域绘制
characterReplacement-the longest repeated character after replacement
Target element by id somewhere within an element targeted by id
Test classification
NOI 8780 interceptor missile linear dp
Equipment inspection management wants to fine, light streams Weapon children
sql packet takes the value of the most
Computer java project recommendation SSM (Spring+SpringMVC+MyBatis) takeaway ordering management system
Daily
More
2024-04-29(5)
2024-04-28(12)
2024-04-27(29)
2024-04-26(22)
2024-04-25(32)
2024-04-24(30)
2024-04-23(30)
2024-04-22(5)
2024-04-21(0)
2024-04-20(6)

Code World

© 2018 codetd.com