kubernetes/files/manifest/kube-proxy.manifest.pool - salt-formulas/kubernetes - Gitiles

 {%- from "kubernetes/map.jinja" import pool with context %}
 apiVersion: v1
 kind: Pod
 metadata:
   name: kube-proxy
   namespace: kube-system
 spec:
   hostNetwork: true
   containers:
   - name: kube-proxy
     image: {{ pool.registry.host }}/kube-pool:{{ pool.version }}
     resources:
       requests:
         cpu: 200m
     command:
     - /bin/sh
     - -c
     - kube-proxy
       --logtostderr=true
       --v=2
       --kubeconfig=/etc/kubernetes/proxy.kubeconfig
       --master={%- if pool.apiserver.insecure.enabled %}http://{{ pool.apiserver.host }}:8080{%- else %}https://{{ pool.apiserver.host }}{%- endif %}
       {%- if pool.network.engine == 'calico' %} --proxy-mode=iptables{% endif %}
       1>>/var/log/kube-proxy.log 2>&1
     securityContext:
       privileged: true
     volumeMounts:
     - mountPath: /etc/ssl/certs
       name: ssl-certs-host
       readOnly: true
     - mountPath: /var/log
       name: varlog
       readOnly: false
     - mountPath: /etc/kubernetes/proxy.kubeconfig
       name: kubeconfig
       readOnly: false
     - mountPath: /var/run/dbus/system_bus_socket
       name: dbus
       readOnly: false
   volumes:
   - hostPath:
       path: /etc/ssl/certs
     name: ssl-certs-host
   - hostPath:
       path: /etc/kubernetes/proxy.kubeconfig
     name: kubeconfig
   - hostPath:
       path: /var/log
     name: varlog
   - hostPath:
       path: /var/run/dbus/system_bus_socket
     name: dbus
	{%- from "kubernetes/map.jinja" import pool with context %}
	apiVersion: v1
	kind: Pod
	metadata:
	name: kube-proxy
	namespace: kube-system
	spec:
	hostNetwork: true
	containers:
	- name: kube-proxy
	image: {{ pool.registry.host }}/kube-pool:{{ pool.version }}
	resources:
	requests:
	cpu: 200m
	command:
	- /bin/sh
	- -c
	- kube-proxy
	--logtostderr=true
	--v=2
	--kubeconfig=/etc/kubernetes/proxy.kubeconfig
	--master={%- if pool.apiserver.insecure.enabled %}http://{{ pool.apiserver.host }}:8080{%- else %}https://{{ pool.apiserver.host }}{%- endif %}
	{%- if pool.network.engine == 'calico' %} --proxy-mode=iptables{% endif %}
	1>>/var/log/kube-proxy.log 2>&1
	securityContext:
	privileged: true
	volumeMounts:
	- mountPath: /etc/ssl/certs
	name: ssl-certs-host
	readOnly: true
	- mountPath: /var/log
	name: varlog
	readOnly: false
	- mountPath: /etc/kubernetes/proxy.kubeconfig
	name: kubeconfig
	readOnly: false
	- mountPath: /var/run/dbus/system_bus_socket
	name: dbus
	readOnly: false
	volumes:
	- hostPath:
	path: /etc/ssl/certs
	name: ssl-certs-host
	- hostPath:
	path: /etc/kubernetes/proxy.kubeconfig
	name: kubeconfig
	- hostPath:
	path: /var/log
	name: varlog
	- hostPath:
	path: /var/run/dbus/system_bus_socket
	name: dbus