Cleanup pki: kubelet

This commit is contained in:
Christian Albrecht 2019-03-11 10:58:57 +01:00
parent ea6985ffc1
commit 73657b7fcf
No known key found for this signature in database
GPG Key ID: 866AF4B25DF7EB00
2 changed files with 23 additions and 19 deletions

View File

@ -241,7 +241,18 @@ in
###### implementation
config = mkMerge [
(mkIf cfg.enable {
(let
kubeletPaths = filter (a: a != null) [
cfg.kubeconfig.caFile
cfg.kubeconfig.certFile
cfg.kubeconfig.keyFile
cfg.clientCaFile
cfg.tlsCertFile
cfg.tlsKeyFile
];
in mkIf cfg.enable {
services.kubernetes.kubelet.seedDockerImages = [infraContainer];
systemd.services.kubelet = {
@ -304,6 +315,15 @@ in
'';
WorkingDirectory = top.dataDir;
};
unitConfig.ConditionPathExists = kubeletPaths;
};
systemd.paths.kubelet = {
wantedBy = [ "kubelet.service" ];
pathConfig = {
PathExists = kubeletPaths;
PathChanged = kubeletPaths;
};
};
systemd.services.docker.before = [ "kubelet.service" ];
@ -321,6 +341,7 @@ in
'';
script = "echo Ok";
serviceConfig.Type = "oneshot";
serviceConfig.RemainAfterExit = true;
serviceConfig.Slice = "kubernetes.slice";
};
@ -337,7 +358,7 @@ in
flannel-date = "stat --print=%Y ${docker-env}";
docker-date = "systemctl show --property=ActiveEnterTimestamp --value docker";
in ''
while ! test -f ${docker-env} ; do sleep 1 ; done
until test -f ${docker-env} ; do sleep 1 ; done
while test `${flannel-date}` -gt `date +%s --date="$(${docker-date})"` ; do
sleep 1
done

View File

@ -132,11 +132,6 @@ in
cfg.certs.schedulerClient.cert
cfg.certs.schedulerClient.key
];
kubeletPaths = [
top.kubelet.clientCaFile
top.kubelet.tlsCertFile
top.kubelet.tlsKeyFile
];
in
{
@ -376,18 +371,6 @@ in
unitConfig.ConditionPathExists = proxyPaths;
};
systemd.services.kubelet = mkIf top.kubelet.enable {
unitConfig.ConditionPathExists = kubeletPaths;
};
systemd.paths.kubelet = mkIf top.kubelet.enable {
wantedBy = [ "kubelet.service" ];
pathConfig = {
PathExists = kubeletPaths;
PathChanged = kubeletPaths;
};
};
systemd.paths.kube-proxy = mkIf top.proxy.enable {
wantedBy = [ "kube-proxy.service" ];
pathConfig = {