49 lines
1.3 KiB
YAML
49 lines
1.3 KiB
YAML
# changes are rolled out manually with most $ kubeadm upgrade commands
|
|
apiVersion: v1
|
|
kind: ConfigMap
|
|
metadata:
|
|
name: kubeadm-config
|
|
namespace: kube-system
|
|
data:
|
|
ClusterConfiguration: |
|
|
apiServer:
|
|
certSANs:
|
|
- master.kube.k-space.ee
|
|
extraArgs:
|
|
- name: authorization-mode
|
|
value: Node,RBAC
|
|
- name: oidc-client-id
|
|
value: passmower.kubelogin
|
|
- name: oidc-groups-claim
|
|
value: groups
|
|
- name: oidc-issuer-url
|
|
value: https://auth.k-space.ee/
|
|
- name: oidc-username-claim
|
|
value: sub
|
|
apiVersion: kubeadm.k8s.io/v1beta4
|
|
caCertificateValidityPeriod: 87600h0m0s
|
|
certificateValidityPeriod: 8760h0m0s
|
|
certificatesDir: /etc/kubernetes/pki
|
|
clusterName: kubernetes
|
|
controlPlaneEndpoint: master.kube.k-space.ee:6443
|
|
controllerManager:
|
|
extraArgs:
|
|
- name: node-cidr-mask-size-ipv4
|
|
value: "20"
|
|
- name: node-cidr-mask-size-ipv6
|
|
value: "96"
|
|
dns: {}
|
|
encryptionAlgorithm: RSA-2048
|
|
etcd:
|
|
local:
|
|
dataDir: /var/lib/etcd
|
|
imageRepository: registry.k8s.io
|
|
kind: ClusterConfiguration
|
|
kubernetesVersion: v1.34.3
|
|
networking:
|
|
dnsDomain: cluster.local
|
|
podSubnet: 10.244.0.0/16,2001:bb8:4008:21:244::/80
|
|
serviceSubnet: 10.96.0.0/12
|
|
proxy: {}
|
|
scheduler: {}
|