Puppet Class: kubeinstall::kubeadm::join_config

Defined in:
manifests/kubeadm/join_config.pp

Summary

Kubernetes kubeadm join command configuration

Overview

Kubernetes kubeadm join command configuration

Examples:

include kubeinstall::kubeadm::join_config

Parameters:

  • apiserver_advertise_address (Kubeinstall::Address) (defaults to: $kubeinstall::apiserver_advertise_address)

    If the node should host a new control plane instance, the IP address the API Server will advertise it’s listening on

  • apiserver_bind_port (Integer) (defaults to: $kubeinstall::apiserver_bind_port)

    If the node should host a new control plane instance, the port for the API Server to bind to.

  • control_plane (Boolean) (defaults to: $kubeinstall::join_control_plane)

    Whether to create a new control plane instance on this node

  • token (Kubeinstall::Token)
  • ca_cert_hash (Kubeinstall::CACertHash)
  • apiserver_address (Kubeinstall::Address)
  • apiserver_port (Integer) (defaults to: $kubeinstall::join_apiserver_port)
  • cri_socket (Stdlib::Unixpath) (defaults to: $kubeinstall::cri_socket)
  • node_name (Stdlib::Fqdn) (defaults to: $kubeinstall::node_name)
  • cgroup_driver (Kubeinstall::CgroupDriver) (defaults to: $kubeinstall::cgroup_driver) 


19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
 
# File 'manifests/kubeadm/join_config.pp', line 19

class kubeinstall::kubeadm::join_config (
  Kubeinstall::Token
          $token,
  Kubeinstall::CACertHash
          $ca_cert_hash,
  Kubeinstall::Address
          $apiserver_address,
  Integer $apiserver_port              = $kubeinstall::join_apiserver_port,
  Kubeinstall::Address
          $apiserver_advertise_address = $kubeinstall::apiserver_advertise_address,
  Integer $apiserver_bind_port         = $kubeinstall::apiserver_bind_port,
  Stdlib::Unixpath
          $cri_socket                  = $kubeinstall::cri_socket,
  Stdlib::Fqdn
          $node_name                   = $kubeinstall::node_name,
  Boolean $control_plane               = $kubeinstall::join_control_plane,
  Kubeinstall::CgroupDriver
          $cgroup_driver               = $kubeinstall::cgroup_driver,
){
  # https://godoc.org/k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm/v1beta2#JoinConfiguration
  # kubeadm config print join-defaults
  $join_header  = {
    'apiVersion' => 'kubeadm.k8s.io/v1beta2',
    'kind' => 'JoinConfiguration'
  }

  # https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/install-kubeadm/#configure-cgroup-driver-used-by-kubelet-on-control-plane-node
  $kubelet_extra_args = {
    'cgroup-driver' => $cgroup_driver,
  }

  $join_base = {
    'caCertPath' => '/etc/kubernetes/pki/ca.crt',
    'nodeRegistration' => {
      'criSocket'        => $cri_socket,
      'name'             => $node_name,
      'taints'           => [],
      'kubeletExtraArgs' => $kubelet_extra_args,
    }
  }

  if $control_plane {
    $join_control_plane = {
      'controlPlane' => {
        'localAPIEndpoint' => {
          'advertiseAddress' => $apiserver_advertise_address,
          'bindPort'         => $apiserver_bind_port,
        }
      }
    }
  }
  else {
    $join_control_plane = {}
  }

  $join_discovery = {
    'discovery' => {
      'bootstrapToken'    => {
        'apiServerEndpoint'        => "${apiserver_address}:${apiserver_port}",
        'token'                    => $token,
        'unsafeSkipCAVerification' => false,
        'caCertHashes'             => [$ca_cert_hash],
      },
      'timeout'           => '5m0s',
      'tlsBootstrapToken' => $token,
    }
  }

  $join_configuration = to_yaml($join_header + $join_base + $join_discovery + $join_control_plane)

  file { '/etc/kubernetes/kubeadm-join.conf':
    ensure  => file,
    content => $join_configuration,
    mode    => '0600',
  }
}