diff options
Diffstat (limited to 'nixpkgs/nixos/modules/services/cluster/kubernetes')
4 files changed, 17 insertions, 5 deletions
diff --git a/nixpkgs/nixos/modules/services/cluster/kubernetes/addons/dns.nix b/nixpkgs/nixos/modules/services/cluster/kubernetes/addons/dns.nix index 8f3234bfc706..4368159ea6e3 100644 --- a/nixpkgs/nixos/modules/services/cluster/kubernetes/addons/dns.nix +++ b/nixpkgs/nixos/modules/services/cluster/kubernetes/addons/dns.nix @@ -38,6 +38,18 @@ in { type = types.int; }; + reconcileMode = mkOption { + description = '' + Controls the addon manager reconciliation mode for the DNS addon. + + Setting reconcile mode to EnsureExists makes it possible to tailor DNS behavior by editing the coredns ConfigMap. + + See: <link xlink:href="https://github.com/kubernetes/kubernetes/blob/master/cluster/addons/addon-manager/README.md"/>. + ''; + default = "Reconcile"; + type = types.enum [ "Reconcile" "EnsureExists" ]; + }; + coredns = mkOption { description = "Docker image to seed for the CoreDNS container."; type = types.attrs; @@ -131,7 +143,7 @@ in { kind = "ConfigMap"; metadata = { labels = { - "addonmanager.kubernetes.io/mode" = "Reconcile"; + "addonmanager.kubernetes.io/mode" = cfg.reconcileMode; "k8s-app" = "kube-dns"; "kubernetes.io/cluster-service" = "true"; }; @@ -162,7 +174,7 @@ in { kind = "Deployment"; metadata = { labels = { - "addonmanager.kubernetes.io/mode" = "Reconcile"; + "addonmanager.kubernetes.io/mode" = cfg.reconcileMode; "k8s-app" = "kube-dns"; "kubernetes.io/cluster-service" = "true"; "kubernetes.io/name" = "CoreDNS"; diff --git a/nixpkgs/nixos/modules/services/cluster/kubernetes/apiserver.nix b/nixpkgs/nixos/modules/services/cluster/kubernetes/apiserver.nix index 81e45b417de3..455d02396040 100644 --- a/nixpkgs/nixos/modules/services/cluster/kubernetes/apiserver.nix +++ b/nixpkgs/nixos/modules/services/cluster/kubernetes/apiserver.nix @@ -350,7 +350,7 @@ in listenPeerUrls = mkDefault ["https://0.0.0.0:2380"]; advertiseClientUrls = mkDefault ["https://${top.masterAddress}:2379"]; initialCluster = mkDefault ["${top.masterAddress}=https://${top.masterAddress}:2380"]; - name = top.masterAddress; + name = mkDefault top.masterAddress; initialAdvertisePeerUrls = mkDefault ["https://${top.masterAddress}:2380"]; }; diff --git a/nixpkgs/nixos/modules/services/cluster/kubernetes/controller-manager.nix b/nixpkgs/nixos/modules/services/cluster/kubernetes/controller-manager.nix index dff97f144d55..060fd9b78db6 100644 --- a/nixpkgs/nixos/modules/services/cluster/kubernetes/controller-manager.nix +++ b/nixpkgs/nixos/modules/services/cluster/kubernetes/controller-manager.nix @@ -131,7 +131,7 @@ in ${optionalString (cfg.tlsCertFile!=null) "--tls-cert-file=${cfg.tlsCertFile}"} \ ${optionalString (cfg.tlsKeyFile!=null) - "--tls-key-file=${cfg.tlsKeyFile}"} \ + "--tls-private-key-file=${cfg.tlsKeyFile}"} \ ${optionalString (elem "RBAC" top.apiserver.authorizationMode) "--use-service-account-credentials"} \ ${optionalString (cfg.verbosity != null) "--v=${toString cfg.verbosity}"} \ diff --git a/nixpkgs/nixos/modules/services/cluster/kubernetes/default.nix b/nixpkgs/nixos/modules/services/cluster/kubernetes/default.nix index 375e33e91b5a..3e53d18f8bbf 100644 --- a/nixpkgs/nixos/modules/services/cluster/kubernetes/default.nix +++ b/nixpkgs/nixos/modules/services/cluster/kubernetes/default.nix @@ -10,7 +10,7 @@ let kind = "Config"; clusters = [{ name = "local"; - cluster.certificate-authority = cfg.caFile; + cluster.certificate-authority = conf.caFile or cfg.caFile; cluster.server = conf.server; }]; users = [{ |