167 lines
4.0 KiB
HCL
167 lines
4.0 KiB
HCL
resource "kubernetes_daemonset" "this" {
|
|
metadata {
|
|
name = var.daemonset_name
|
|
namespace = var.namespace
|
|
labels = {
|
|
app = var.daemonset_name
|
|
"k8s-app" = "cni"
|
|
}
|
|
}
|
|
spec {
|
|
selector {
|
|
match_labels = {
|
|
app = var.daemonset_name
|
|
"k8s-app" = "cni"
|
|
}
|
|
}
|
|
|
|
template {
|
|
metadata {
|
|
labels = {
|
|
app = var.daemonset_name
|
|
"k8s-app" = "cni"
|
|
}
|
|
}
|
|
spec {
|
|
affinity {
|
|
node_affinity {
|
|
required_during_scheduling_ignored_during_execution {
|
|
node_selector_term {
|
|
match_expressions {
|
|
key = "kubernetes.io/os"
|
|
operator = "In"
|
|
values = var.node_selector_os
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
host_network = true
|
|
priority_class_name = "system-node-critical"
|
|
|
|
toleration {
|
|
operator = "Exists"
|
|
effect = "NoSchedule"
|
|
}
|
|
|
|
service_account_name = kubernetes_service_account.this.metadata.0.name
|
|
|
|
init_container {
|
|
name = "install-cni-plugin"
|
|
image = var.flannel_cni_plugin_image
|
|
command = ["cp"]
|
|
args = ["-f", "/flannel", "/opt/cni/bin/flannel"]
|
|
volume_mount {
|
|
name = "cni-plugin"
|
|
mount_path = "/opt/cni/bin"
|
|
}
|
|
}
|
|
|
|
init_container {
|
|
name = "install-cni"
|
|
image = var.flannel_image
|
|
command = ["cp"]
|
|
args = ["-f", "/etc/kube-flannel/cni-conf.json", "/etc/cni/net.d/10-flannel.conflist"]
|
|
volume_mount {
|
|
name = "cni"
|
|
mount_path = "/etc/cni/net.d"
|
|
}
|
|
volume_mount {
|
|
name = "flannel-cfg"
|
|
mount_path = "/etc/kube-flannel/"
|
|
}
|
|
}
|
|
|
|
container {
|
|
name = "kube-flannel"
|
|
image = var.flannel_image
|
|
command = ["/opt/bin/flanneld"]
|
|
args = ["--ip-masq", "--kube-subnet-mgr"]
|
|
resources {
|
|
requests = {
|
|
cpu = "100m"
|
|
memory = "50Mi"
|
|
}
|
|
limits = {
|
|
cpu = "100m"
|
|
memory = "50Mi"
|
|
}
|
|
}
|
|
security_context {
|
|
privileged = false
|
|
capabilities {
|
|
add = ["NET_ADMIN", "NET_RAW"]
|
|
}
|
|
}
|
|
|
|
env {
|
|
name = "POD_NAME"
|
|
value_from {
|
|
field_ref {
|
|
field_path = "metadata.name"
|
|
}
|
|
}
|
|
}
|
|
|
|
env {
|
|
name = "POD_NAMESPACE"
|
|
value_from {
|
|
field_ref {
|
|
field_path = "metadata.namespace"
|
|
}
|
|
}
|
|
}
|
|
env {
|
|
name = "EVENT_QUEUE_DEPTH"
|
|
value = "5000"
|
|
}
|
|
volume_mount {
|
|
name = "run"
|
|
mount_path = "/run/flannel"
|
|
}
|
|
volume_mount {
|
|
name = "flannel-cfg"
|
|
mount_path = "/etc/kube-flannel/"
|
|
}
|
|
volume_mount {
|
|
name = "xtables-lock"
|
|
mount_path = "/run/xtables.lock"
|
|
}
|
|
}
|
|
|
|
volume {
|
|
name = "run"
|
|
host_path {
|
|
path = "/run/flannel"
|
|
}
|
|
}
|
|
volume {
|
|
name = "cni-plugin"
|
|
host_path {
|
|
path = "/opt/cni/bin"
|
|
}
|
|
}
|
|
volume {
|
|
name = "cni"
|
|
host_path {
|
|
path = "/etc/cni/net.d"
|
|
}
|
|
}
|
|
volume {
|
|
name = "flannel-cfg"
|
|
config_map {
|
|
name = kubernetes_config_map.this.metadata.0.name
|
|
}
|
|
}
|
|
volume {
|
|
name = "xtables-lock"
|
|
host_path {
|
|
path = "/run/xtables.lock"
|
|
type = "FileOrCreate"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
} |