diff options
| author | Johan Thomsen <jth@dbc.dk> | 2019-08-24 12:52:32 +0200 |
|---|---|---|
| committer | Sarah Brofeldt <sbrofeldt@gmail.com> | 2019-09-04 17:37:02 +0200 |
| commit | 00975b5628a840b8452bf1d01fdc722cf3dad923 (patch) | |
| tree | 6b05417d21a888179a40cd848da330296cb214da /nixos/modules/services/cluster/kubernetes/proxy.nix | |
| parent | 432e55242e232b1872f77944933027b6d6dc2656 (diff) | |
| download | nixpkgs-00975b5628a840b8452bf1d01fdc722cf3dad923.tar nixpkgs-00975b5628a840b8452bf1d01fdc722cf3dad923.tar.gz nixpkgs-00975b5628a840b8452bf1d01fdc722cf3dad923.tar.bz2 nixpkgs-00975b5628a840b8452bf1d01fdc722cf3dad923.tar.lz nixpkgs-00975b5628a840b8452bf1d01fdc722cf3dad923.tar.xz nixpkgs-00975b5628a840b8452bf1d01fdc722cf3dad923.tar.zst nixpkgs-00975b5628a840b8452bf1d01fdc722cf3dad923.zip | |
Revert "Merge pull request #56789 from mayflower/upstream-k8s-refactor"
This reverts commit 7dc6e77bc2a03e660cab2c4cbf52f235bc52683e, reversing changes made to bce47ea9d5fa962736ddd4a254a27a5fd2cdee9a. Motivation for the revert in #67563
Diffstat (limited to 'nixos/modules/services/cluster/kubernetes/proxy.nix')
| -rw-r--r-- | nixos/modules/services/cluster/kubernetes/proxy.nix | 37 |
1 files changed, 6 insertions, 31 deletions
diff --git a/nixos/modules/services/cluster/kubernetes/proxy.nix b/nixos/modules/services/cluster/kubernetes/proxy.nix index 23f4d97b703..bd4bf04ea83 100644 --- a/nixos/modules/services/cluster/kubernetes/proxy.nix +++ b/nixos/modules/services/cluster/kubernetes/proxy.nix @@ -45,28 +45,12 @@ in }; ###### implementation - config = let - - proxyPaths = filter (a: a != null) [ - cfg.kubeconfig.caFile - cfg.kubeconfig.certFile - cfg.kubeconfig.keyFile - ]; - - in mkIf cfg.enable { - systemd.services.kube-proxy = rec { + config = mkIf cfg.enable { + systemd.services.kube-proxy = { description = "Kubernetes Proxy Service"; - wantedBy = [ "kube-node-online.target" ]; - after = [ "kubelet-online.service" ]; - before = [ "kube-node-online.target" ]; - environment.KUBECONFIG = top.lib.mkKubeConfig "kube-proxy" cfg.kubeconfig; - path = with pkgs; [ iptables conntrack_tools kubectl ]; - preStart = '' - until kubectl auth can-i get nodes/${top.kubelet.hostname} -q 2>/dev/null; do - echo kubectl auth can-i get nodes/${top.kubelet.hostname}: exit status $? - sleep 2 - done - ''; + wantedBy = [ "kubernetes.target" ]; + after = [ "kube-apiserver.service" ]; + path = with pkgs; [ iptables conntrack_tools ]; serviceConfig = { Slice = "kubernetes.slice"; ExecStart = ''${top.package}/bin/kube-proxy \ @@ -75,7 +59,7 @@ in "--cluster-cidr=${top.clusterCidr}"} \ ${optionalString (cfg.featureGates != []) "--feature-gates=${concatMapStringsSep "," (feature: "${feature}=true") cfg.featureGates}"} \ - --kubeconfig=${environment.KUBECONFIG} \ + --kubeconfig=${top.lib.mkKubeConfig "kube-proxy" cfg.kubeconfig} \ ${optionalString (cfg.verbosity != null) "--v=${toString cfg.verbosity}"} \ ${cfg.extraOpts} ''; @@ -83,15 +67,6 @@ in Restart = "on-failure"; RestartSec = 5; }; - unitConfig.ConditionPathExists = proxyPaths; - }; - - systemd.paths.kube-proxy = { - wantedBy = [ "kube-proxy.service" ]; - pathConfig = { - PathExists = proxyPaths; - PathChanged = proxyPaths; - }; }; services.kubernetes.pki.certs = { |