Kuberetes Dashboard addon 1.8.2 -> 1.8.3
As shipped with k8s 1.10.3.
Also:
- updated the definition jsons as they are distributed in k8s.
- updated the image uris as they are renamed in k8s
- added imageDigest param as per 736848723e
This commit is contained in:
parent
55fa98dd76
commit
29fd05f3f5
@ -5,14 +5,14 @@ with lib;
|
|||||||
let
|
let
|
||||||
cfg = config.services.kubernetes.addons.dashboard;
|
cfg = config.services.kubernetes.addons.dashboard;
|
||||||
|
|
||||||
name = "gcr.io/google_containers/kubernetes-dashboard-amd64";
|
name = "k8s.gcr.io/kubernetes-dashboard-amd64";
|
||||||
version = "v1.8.2";
|
version = "v1.8.3";
|
||||||
|
|
||||||
image = pkgs.dockerTools.pullImage {
|
image = pkgs.dockerTools.pullImage {
|
||||||
imageName = name;
|
imageName = name;
|
||||||
|
imageDigest = "sha256:dc4026c1b595435ef5527ca598e1e9c4343076926d7d62b365c44831395adbd0";
|
||||||
finalImageTag = version;
|
finalImageTag = version;
|
||||||
sha256 = "11h0fz3wxp0f10fsyqaxjm7l2qg7xws50dv5iwlck5gb1fjmajad";
|
sha256 = "18ajcg0q1vignfjk2sm4xj4wzphfz8wah69ps8dklqfvv0164mc8";
|
||||||
imageDigest = "sha256:e7984d10351601080bbc146635d51f0cfbea31ca6f0df323cf7a58cf2f6a68df";
|
|
||||||
};
|
};
|
||||||
in {
|
in {
|
||||||
options.services.kubernetes.addons.dashboard = {
|
options.services.kubernetes.addons.dashboard = {
|
||||||
@ -31,7 +31,7 @@ in {
|
|||||||
services.kubernetes.addonManager.addons = {
|
services.kubernetes.addonManager.addons = {
|
||||||
kubernetes-dashboard-deployment = {
|
kubernetes-dashboard-deployment = {
|
||||||
kind = "Deployment";
|
kind = "Deployment";
|
||||||
apiVersion = "apps/v1beta1";
|
apiVersion = "apps/v1";
|
||||||
metadata = {
|
metadata = {
|
||||||
labels = {
|
labels = {
|
||||||
k8s-addon = "kubernetes-dashboard.addons.k8s.io";
|
k8s-addon = "kubernetes-dashboard.addons.k8s.io";
|
||||||
@ -57,40 +57,61 @@ in {
|
|||||||
};
|
};
|
||||||
annotations = {
|
annotations = {
|
||||||
"scheduler.alpha.kubernetes.io/critical-pod" = "";
|
"scheduler.alpha.kubernetes.io/critical-pod" = "";
|
||||||
#"scheduler.alpha.kubernetes.io/tolerations" = ''[{"key":"CriticalAddonsOnly", "operator":"Exists"}]'';
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
spec = {
|
spec = {
|
||||||
|
priorityClassName = "system-cluster-critical";
|
||||||
containers = [{
|
containers = [{
|
||||||
name = "kubernetes-dashboard";
|
name = "kubernetes-dashboard";
|
||||||
image = "${name}:${version}";
|
image = "${name}:${version}";
|
||||||
ports = [{
|
ports = [{
|
||||||
containerPort = 9090;
|
containerPort = 8443;
|
||||||
protocol = "TCP";
|
protocol = "TCP";
|
||||||
}];
|
}];
|
||||||
resources = {
|
resources = {
|
||||||
limits = {
|
limits = {
|
||||||
cpu = "100m";
|
cpu = "100m";
|
||||||
memory = "250Mi";
|
memory = "300Mi";
|
||||||
};
|
};
|
||||||
requests = {
|
requests = {
|
||||||
cpu = "100m";
|
cpu = "100m";
|
||||||
memory = "50Mi";
|
memory = "100Mi";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
args = ["--auto-generate-certificates"];
|
||||||
|
volumeMounts = [{
|
||||||
|
name = "tmp-volume";
|
||||||
|
mountPath = "/tmp";
|
||||||
|
} {
|
||||||
|
name = "kubernetes-dashboard-certs";
|
||||||
|
mountPath = "/certs";
|
||||||
|
}];
|
||||||
livenessProbe = {
|
livenessProbe = {
|
||||||
httpGet = {
|
httpGet = {
|
||||||
|
scheme = "HTTPS";
|
||||||
path = "/";
|
path = "/";
|
||||||
port = 9090;
|
port = 8443;
|
||||||
};
|
};
|
||||||
initialDelaySeconds = 30;
|
initialDelaySeconds = 30;
|
||||||
timeoutSeconds = 30;
|
timeoutSeconds = 30;
|
||||||
};
|
};
|
||||||
}];
|
}];
|
||||||
|
volumes = [{
|
||||||
|
name = "kubernetes-dashboard-certs";
|
||||||
|
secret = {
|
||||||
|
secretName = "kubernetes-dashboard-certs";
|
||||||
|
};
|
||||||
|
} {
|
||||||
|
name = "tmp-volume";
|
||||||
|
emptyDir = {};
|
||||||
|
}];
|
||||||
serviceAccountName = "kubernetes-dashboard";
|
serviceAccountName = "kubernetes-dashboard";
|
||||||
tolerations = [{
|
tolerations = [{
|
||||||
key = "node-role.kubernetes.io/master";
|
key = "node-role.kubernetes.io/master";
|
||||||
effect = "NoSchedule";
|
effect = "NoSchedule";
|
||||||
|
} {
|
||||||
|
key = "CriticalAddonsOnly";
|
||||||
|
operator = "Exists";
|
||||||
}];
|
}];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
@ -113,8 +134,8 @@ in {
|
|||||||
};
|
};
|
||||||
spec = {
|
spec = {
|
||||||
ports = [{
|
ports = [{
|
||||||
port = 80;
|
port = 443;
|
||||||
targetPort = 9090;
|
targetPort = 8443;
|
||||||
}];
|
}];
|
||||||
selector.k8s-app = "kubernetes-dashboard";
|
selector.k8s-app = "kubernetes-dashboard";
|
||||||
};
|
};
|
||||||
@ -127,15 +148,56 @@ in {
|
|||||||
labels = {
|
labels = {
|
||||||
k8s-app = "kubernetes-dashboard";
|
k8s-app = "kubernetes-dashboard";
|
||||||
k8s-addon = "kubernetes-dashboard.addons.k8s.io";
|
k8s-addon = "kubernetes-dashboard.addons.k8s.io";
|
||||||
"addonmanager.kubernetes.io/mode" = "Reconcile";
|
"addonmanager.kubernetes.io/mode" = "Reconcile";
|
||||||
};
|
};
|
||||||
name = "kubernetes-dashboard";
|
name = "kubernetes-dashboard";
|
||||||
namespace = "kube-system";
|
namespace = "kube-system";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
kubernetes-dashboard-sec-certs = {
|
||||||
|
apiVersion = "v1";
|
||||||
|
kind = "Secret";
|
||||||
|
metadata = {
|
||||||
|
labels = {
|
||||||
|
k8s-app = "kubernetes-dashboard";
|
||||||
|
# Allows editing resource and makes sure it is created first.
|
||||||
|
"addonmanager.kubernetes.io/mode" = "EnsureExists";
|
||||||
|
};
|
||||||
|
name = "kubernetes-dashboard-certs";
|
||||||
|
namespace = "kube-system";
|
||||||
|
};
|
||||||
|
type = "Opaque";
|
||||||
|
};
|
||||||
|
kubernetes-dashboard-sec-kholder = {
|
||||||
|
apiVersion = "v1";
|
||||||
|
kind = "Secret";
|
||||||
|
metadata = {
|
||||||
|
labels = {
|
||||||
|
k8s-app = "kubernetes-dashboard";
|
||||||
|
# Allows editing resource and makes sure it is created first.
|
||||||
|
"addonmanager.kubernetes.io/mode" = "EnsureExists";
|
||||||
|
};
|
||||||
|
name = "kubernetes-dashboard-key-holder";
|
||||||
|
namespace = "kube-system";
|
||||||
|
};
|
||||||
|
type = "Opaque";
|
||||||
|
};
|
||||||
|
kubernetes-dashboard-cm = {
|
||||||
|
apiVersion = "v1";
|
||||||
|
kind = "ConfigMap";
|
||||||
|
metadata = {
|
||||||
|
labels = {
|
||||||
|
k8s-app = "kubernetes-dashboard";
|
||||||
|
# Allows editing resource and makes sure it is created first.
|
||||||
|
"addonmanager.kubernetes.io/mode" = "EnsureExists";
|
||||||
|
};
|
||||||
|
name = "kubernetes-dashboard-settings";
|
||||||
|
namespace = "kube-system";
|
||||||
|
};
|
||||||
|
};
|
||||||
} // (optionalAttrs cfg.enableRBAC {
|
} // (optionalAttrs cfg.enableRBAC {
|
||||||
kubernetes-dashboard-crb = {
|
kubernetes-dashboard-crb = {
|
||||||
apiVersion = "rbac.authorization.k8s.io/v1beta1";
|
apiVersion = "rbac.authorization.k8s.io/v1";
|
||||||
kind = "ClusterRoleBinding";
|
kind = "ClusterRoleBinding";
|
||||||
metadata = {
|
metadata = {
|
||||||
name = "kubernetes-dashboard";
|
name = "kubernetes-dashboard";
|
||||||
|
Loading…
Reference in New Issue
Block a user