nixos/kubernetes: Address review: Move controller manager paths into pki
This commit is contained in:
parent
6e9037fed0
commit
52fe1d2e7a
@ -104,16 +104,7 @@ in
|
||||
};
|
||||
|
||||
###### implementation
|
||||
config = mkIf cfg.enable (let
|
||||
controllerManagerPaths = [
|
||||
cfg.rootCaFile
|
||||
cfg.tlsCertFile
|
||||
cfg.tlsKeyFile
|
||||
top.pki.certs.controllerManagerClient.cert
|
||||
top.pki.certs.controllerManagerClient.key
|
||||
];
|
||||
in {
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
systemd.services.kube-controller-manager = {
|
||||
description = "Kubernetes Controller Manager Service";
|
||||
wantedBy = [ "kube-control-plane-online.target" ];
|
||||
@ -160,15 +151,6 @@ in
|
||||
Group = "kubernetes";
|
||||
};
|
||||
path = top.path;
|
||||
unitConfig.ConditionPathExists = controllerManagerPaths;
|
||||
};
|
||||
|
||||
systemd.paths.kube-controller-manager = {
|
||||
wantedBy = [ "kube-controller-manager.service" ];
|
||||
pathConfig = {
|
||||
PathExists = controllerManagerPaths;
|
||||
PathChanged = controllerManagerPaths;
|
||||
};
|
||||
};
|
||||
|
||||
services.kubernetes.pki.certs = with top.lib; {
|
||||
@ -185,5 +167,5 @@ in
|
||||
};
|
||||
|
||||
services.kubernetes.controllerManager.kubeconfig.server = mkDefault top.apiserverAddress;
|
||||
});
|
||||
};
|
||||
}
|
||||
|
@ -143,6 +143,13 @@ in
|
||||
cfg.certs.schedulerClient.cert
|
||||
cfg.certs.schedulerClient.key
|
||||
];
|
||||
controllerManagerPaths = [
|
||||
top.controllerManager.rootCaFile
|
||||
top.controllerManager.tlsCertFile
|
||||
top.controllerManager.tlsKeyFile
|
||||
cfg.certs.controllerManagerClient.cert
|
||||
cfg.certs.controllerManagerClient.key
|
||||
];
|
||||
in
|
||||
{
|
||||
|
||||
@ -336,6 +343,18 @@ in
|
||||
};
|
||||
};
|
||||
|
||||
systemd.services.kube-controller-manager = mkIf top.controllerManager.enable {
|
||||
unitConfig.ConditionPathExists = controllerManagerPaths;
|
||||
};
|
||||
|
||||
systemd.paths.kube-controller-manager = mkIf top.controllerManager.enable {
|
||||
wantedBy = [ "kube-controller-manager.service" ];
|
||||
pathConfig = {
|
||||
PathExists = controllerManagerPaths;
|
||||
PathChanged = controllerManagerPaths;
|
||||
};
|
||||
};
|
||||
|
||||
environment.etc.${cfg.etcClusterAdminKubeconfig}.source = mkIf (!isNull cfg.etcClusterAdminKubeconfig)
|
||||
clusterAdminKubeconfig;
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user