mirror of
https://github.com/puppetmaster/typhoon.git
synced 2024-12-26 05:19:32 +01:00
29b16c3fc0
* seccomp graduated to GA in Kubernetes v1.19. Support for seccomp alpha annotations will be removed in v1.22 * Replace seccomp annotations with the GA seccompProfile field in the PodTemplate securityContext * Switch profile from `docker/default` to `runtime/default` (no effective change, since docker is the runtime) * Verify with docker inspect SecurityOpt. Without the profile, you'd see `seccomp=unconfined` Related: https://github.com/poseidon/terraform-render-bootstrap/pull/215
21 lines
761 B
HCL
21 lines
761 B
HCL
# Kubernetes assets (kubeconfig, manifests)
|
|
module "bootstrap" {
|
|
source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=f2dd897d6765ffb56598f8a523f21d984da3a352"
|
|
|
|
cluster_name = var.cluster_name
|
|
api_servers = [format("%s.%s", var.cluster_name, var.dns_zone)]
|
|
etcd_servers = google_dns_record_set.etcds.*.name
|
|
asset_dir = var.asset_dir
|
|
networking = var.networking
|
|
network_mtu = 1440
|
|
pod_cidr = var.pod_cidr
|
|
service_cidr = var.service_cidr
|
|
cluster_domain_suffix = var.cluster_domain_suffix
|
|
enable_reporting = var.enable_reporting
|
|
enable_aggregation = var.enable_aggregation
|
|
|
|
// temporary
|
|
external_apiserver_port = 443
|
|
}
|
|
|