1{ 2"apiVersion": "v1", 3"kind": "Pod", 4"metadata": { 5 "name":"etcd-server{{ suffix }}", 6 "namespace": "kube-system" 7}, 8"spec":{ 9"securityContext": { 10 "seccompProfile": { 11 "type": "RuntimeDefault" 12 } 13}, 14"priorityClassName": "system-node-critical", 15"priority": 2000001000, 16"hostNetwork": true, 17"containers":[ 18 { 19 "name": "etcd-container", 20 {{security_context}} 21 "image": "{{ pillar.get('etcd_docker_repository', 'k8s.gcr.io/etcd') }}:{{ pillar.get('etcd_docker_tag', '3.5.0-rc.0-0') }}", 22 "resources": { 23 "requests": { 24 "cpu": {{ cpulimit }} 25 } 26 }, 27 "command": [ 28 "/bin/sh", 29 "-c", 30 "if [ -e /usr/local/bin/migrate-if-needed.sh ]; then /usr/local/bin/migrate-if-needed.sh 1>>/var/log/etcd{{ suffix }}.log 2>&1; fi; exec /usr/local/bin/etcd --name etcd-{{ hostname }} --listen-peer-urls {{ etcd_protocol }}://{{ host_ip }}:{{ server_port }} --initial-advertise-peer-urls {{ etcd_protocol }}://{{ hostname }}:{{ server_port }} --advertise-client-urls {{ etcd_apiserver_protocol }}://127.0.0.1:{{ port }} --listen-client-urls {{ etcd_apiserver_protocol }}://{{ listen_client_ip }}:{{ port }} {{ quota_bytes }} --data-dir /var/etcd/data{{ suffix }} --initial-cluster-state {{ cluster_state }} --initial-cluster {{ etcd_cluster }} {{ etcd_creds }} {{ etcd_apiserver_creds }} {{ etcd_extra_args }} 1>>/var/log/etcd{{ suffix }}.log 2>&1" 31 ], 32 "env": [ 33 { "name": "TARGET_STORAGE", 34 "value": "{{ pillar.get('storage_backend', 'etcd3') }}" 35 }, 36 { "name": "TARGET_VERSION", 37 "value": "{{ pillar.get('etcd_version', '3.5.0-rc.0') }}" 38 }, 39 { 40 "name": "DO_NOT_MOVE_BINARIES", 41 "value": "true" 42 }, 43 { "name": "DATA_DIRECTORY", 44 "value": "/var/etcd/data{{ suffix }}" 45 }, 46 { "name": "INITIAL_CLUSTER", 47 "value": "{{ etcd_cluster }}" 48 }, 49 { "name": "LISTEN_PEER_URLS", 50 "value": "{{ etcd_protocol }}://{{ host_ip }}:{{ server_port }}" 51 }, 52 { "name": "INITIAL_ADVERTISE_PEER_URLS", 53 "value": "{{ etcd_protocol }}://{{ hostname }}:{{ server_port }}" 54 }, 55 { "name": "ETCD_CREDS", 56 "value": "{{ etcd_creds }}" 57 }, 58 { "name": "ETCD_APISERVER_CREDS", 59 "value": "{{ etcd_apiserver_creds }}" 60 }, 61 { "name": "ETCD_SNAPSHOT_COUNT", 62 "value": "10000" 63 }, 64 { "name": "ETCD_HOSTNAME", 65 "value": "{{ hostname }}" 66 }, 67 { 68 "name": "ETCDCTL_API", 69 "value": "3" 70 } 71 ], 72 "livenessProbe": { 73 "exec": { 74 "command": [ 75 "/bin/sh", 76 "-c", 77 "set -x; exec /usr/local/bin/etcdctl --endpoints=127.0.0.1:{{ port }} {{ etcdctl_certs }} --command-timeout=15s endpoint health" 78 ] 79 }, 80 "initialDelaySeconds": {{ liveness_probe_initial_delay }}, 81 "timeoutSeconds": 15, 82 "periodSeconds": 5, 83 "failureThreshold": 5 84 }, 85 "ports": [ 86 { "name": "serverport", 87 "containerPort": {{ server_port }}, 88 "hostPort": {{ server_port }} 89 }, 90 { "name": "clientport", 91 "containerPort": {{ port }}, 92 "hostPort": {{ port }} 93 } 94 ], 95 "volumeMounts": [ 96 { "name": "varetcd", 97 "mountPath": "/var/etcd", 98 "readOnly": false 99 }, 100 { "name": "varlogetcd", 101 "mountPath": "/var/log/etcd{{ suffix }}.log", 102 "readOnly": false 103 }, 104 { "name": "etc", 105 "mountPath": "/etc/srv/kubernetes", 106 "readOnly": false 107 } 108 ] 109 } 110], 111"volumes":[ 112 { "name": "varetcd", 113 "hostPath": { 114 "path": "/mnt/master-pd/var/etcd"} 115 }, 116 { "name": "varlogetcd", 117 "hostPath": { 118 "path": "/var/log/etcd{{ suffix }}.log", 119 "type": "FileOrCreate"} 120 }, 121 { "name": "etc", 122 "hostPath": { 123 "path": "/etc/srv/kubernetes"} 124 } 125] 126}} 127