pyrox.dev / nixpkgs
lol
fork atom

Kuberetes Dashboard addon 1.8.2 -> 1.8.3

As shipped with k8s 1.10.3.

Also:
- updated the definition jsons as they are distributed in k8s.
- updated the image uris as they are renamed in k8s
- added imageDigest param as per 736848723e5aefa5d24396c58dc6de603399efde

Alberto Berti 29fd05f3 55fa98dd

options
unified split
Changed files
+76 -14
nixos
modules
services
cluster
kubernetes
dashboard.nix
+76 -14
nixos/modules/services/cluster/kubernetes/dashboard.nix 
···

       
5

       
5

       
 

       
let


     

       
6

       
6

       
 

       
  cfg = config.services.kubernetes.addons.dashboard;


     

       
7

       
7

       
 

       



     

       
8

       

       
-

       
  name = "gcr.io/google_containers/kubernetes-dashboard-amd64";


     

       
9

       

       
-

       
	version = "v1.8.2";


     

       

       
8

       
+

       
  name = "k8s.gcr.io/kubernetes-dashboard-amd64";


     

       

       
9

       
+

       
  version = "v1.8.3";


     

       
10

       
10

       
 

       



     

       
11

       
11

       
 

       
  image = pkgs.dockerTools.pullImage {


     

       
12

       
12

       
 

       
    imageName = name;


     

       

       
13

       
+

       
    imageDigest = "sha256:dc4026c1b595435ef5527ca598e1e9c4343076926d7d62b365c44831395adbd0";


     

       
13

       
14

       
 

       
    finalImageTag = version;


     

       
14

       

       
-

       
    sha256 = "11h0fz3wxp0f10fsyqaxjm7l2qg7xws50dv5iwlck5gb1fjmajad";


     

       
15

       

       
-

       
    imageDigest = "sha256:e7984d10351601080bbc146635d51f0cfbea31ca6f0df323cf7a58cf2f6a68df";


     

       

       
15

       
+

       
    sha256 = "18ajcg0q1vignfjk2sm4xj4wzphfz8wah69ps8dklqfvv0164mc8";


     

       
16

       
16

       
 

       
  };


     

       
17

       
17

       
 

       
in {


     

       
18

       
18

       
 

       
  options.services.kubernetes.addons.dashboard = {


     
···

       
31

       
31

       
 

       
    services.kubernetes.addonManager.addons = {


     

       
32

       
32

       
 

       
      kubernetes-dashboard-deployment = {


     

       
33

       
33

       
 

       
        kind = "Deployment";


     

       
34

       

       
-

       
        apiVersion = "apps/v1beta1";


     

       

       
34

       
+

       
        apiVersion = "apps/v1";


     

       
35

       
35

       
 

       
        metadata = {


     

       
36

       
36

       
 

       
          labels = {


     

       
37

       
37

       
 

       
            k8s-addon = "kubernetes-dashboard.addons.k8s.io";


     
···

       
57

       
57

       
 

       
              };


     

       
58

       
58

       
 

       
              annotations = {


     

       
59

       
59

       
 

       
                "scheduler.alpha.kubernetes.io/critical-pod" = "";


     

       
60

       

       
-

       
                #"scheduler.alpha.kubernetes.io/tolerations" = ''[{"key":"CriticalAddonsOnly", "operator":"Exists"}]'';


     

       
61

       
60

       
 

       
              };


     

       
62

       
61

       
 

       
            };


     

       
63

       
62

       
 

       
            spec = {


     

       

       
63

       
+

       
              priorityClassName = "system-cluster-critical";


     

       
64

       
64

       
 

       
              containers = [{


     

       
65

       
65

       
 

       
                name = "kubernetes-dashboard";


     

       
66

       
66

       
 

       
                image = "${name}:${version}";


     

       
67

       
67

       
 

       
                ports = [{


     

       
68

       

       
-

       
                  containerPort = 9090;


     

       

       
68

       
+

       
                  containerPort = 8443;


     

       
69

       
69

       
 

       
                  protocol = "TCP";


     

       
70

       
70

       
 

       
                }];


     

       
71

       
71

       
 

       
                resources = {


     

       
72

       
72

       
 

       
                  limits = {


     

       
73

       
73

       
 

       
                    cpu = "100m";


     

       
74

       

       
-

       
                    memory = "250Mi";


     

       

       
74

       
+

       
                    memory = "300Mi";


     

       
75

       
75

       
 

       
                  };


     

       
76

       
76

       
 

       
                  requests = {


     

       
77

       
77

       
 

       
                    cpu = "100m";


     

       
78

       

       
-

       
                    memory = "50Mi";


     

       

       
78

       
+

       
                    memory = "100Mi";


     

       
79

       
79

       
 

       
                  };


     

       
80

       
80

       
 

       
                };


     

       

       
81

       
+

       
                args = ["--auto-generate-certificates"];


     

       

       
82

       
+

       
                volumeMounts = [{


     

       

       
83

       
+

       
                  name = "tmp-volume";


     

       

       
84

       
+

       
                  mountPath = "/tmp";


     

       

       
85

       
+

       
                } {


     

       

       
86

       
+

       
                  name = "kubernetes-dashboard-certs";


     

       

       
87

       
+

       
                  mountPath = "/certs";


     

       

       
88

       
+

       
                }];


     

       
81

       
89

       
 

       
                livenessProbe = {


     

       
82

       
90

       
 

       
                  httpGet = {


     

       

       
91

       
+

       
                    scheme = "HTTPS";


     

       
83

       
92

       
 

       
                    path = "/";


     

       
84

       

       
-

       
                    port = 9090;


     

       

       
93

       
+

       
                    port = 8443;


     

       
85

       
94

       
 

       
                  };


     

       
86

       
95

       
 

       
                  initialDelaySeconds = 30;


     

       
87

       
96

       
 

       
                  timeoutSeconds = 30;


     

       
88

       
97

       
 

       
                };


     

       
89

       
98

       
 

       
              }];


     

       

       
99

       
+

       
              volumes = [{


     

       

       
100

       
+

       
                name = "kubernetes-dashboard-certs";


     

       

       
101

       
+

       
                secret = {


     

       

       
102

       
+

       
                  secretName = "kubernetes-dashboard-certs";


     

       

       
103

       
+

       
                };


     

       

       
104

       
+

       
              } {


     

       

       
105

       
+

       
                name = "tmp-volume";


     

       

       
106

       
+

       
                emptyDir = {};


     

       

       
107

       
+

       
              }];


     

       
90

       
108

       
 

       
              serviceAccountName = "kubernetes-dashboard";


     

       
91

       
109

       
 

       
              tolerations = [{


     

       
92

       
110

       
 

       
                key = "node-role.kubernetes.io/master";


     

       
93

       
111

       
 

       
                effect = "NoSchedule";


     

       

       
112

       
+

       
              } {


     

       

       
113

       
+

       
                key = "CriticalAddonsOnly";


     

       

       
114

       
+

       
                operator = "Exists";


     

       
94

       
115

       
 

       
              }];


     

       
95

       
116

       
 

       
            };


     

       
96

       
117

       
 

       
          };


     
···

       
113

       
134

       
 

       
        };


     

       
114

       
135

       
 

       
        spec = {


     

       
115

       
136

       
 

       
          ports = [{


     

       
116

       

       
-

       
            port = 80;


     

       
117

       

       
-

       
            targetPort = 9090;


     

       

       
137

       
+

       
            port = 443;


     

       

       
138

       
+

       
            targetPort = 8443;


     

       
118

       
139

       
 

       
          }];


     

       
119

       
140

       
 

       
          selector.k8s-app = "kubernetes-dashboard";


     

       
120

       
141

       
 

       
        };


     
···

       
127

       
148

       
 

       
          labels = {


     

       
128

       
149

       
 

       
            k8s-app = "kubernetes-dashboard";


     

       
129

       
150

       
 

       
            k8s-addon = "kubernetes-dashboard.addons.k8s.io";


     

       
130

       

       
-

       
						"addonmanager.kubernetes.io/mode" = "Reconcile";


     

       

       
151

       
+

       
            "addonmanager.kubernetes.io/mode" = "Reconcile";


     

       
131

       
152

       
 

       
          };


     

       
132

       
153

       
 

       
          name = "kubernetes-dashboard";


     

       
133

       
154

       
 

       
          namespace = "kube-system";


     

       
134

       
155

       
 

       
        };


     

       
135

       
156

       
 

       
      };


     

       

       
157

       
+

       
      kubernetes-dashboard-sec-certs = {


     

       

       
158

       
+

       
        apiVersion = "v1";


     

       

       
159

       
+

       
        kind = "Secret";


     

       

       
160

       
+

       
        metadata = {


     

       

       
161

       
+

       
          labels = {


     

       

       
162

       
+

       
            k8s-app = "kubernetes-dashboard";


     

       

       
163

       
+

       
            # Allows editing resource and makes sure it is created first.


     

       

       
164

       
+

       
            "addonmanager.kubernetes.io/mode" = "EnsureExists";


     

       

       
165

       
+

       
          };


     

       

       
166

       
+

       
          name = "kubernetes-dashboard-certs";


     

       

       
167

       
+

       
          namespace = "kube-system";


     

       

       
168

       
+

       
        };


     

       

       
169

       
+

       
        type = "Opaque";


     

       

       
170

       
+

       
      };


     

       

       
171

       
+

       
      kubernetes-dashboard-sec-kholder = {


     

       

       
172

       
+

       
        apiVersion = "v1";


     

       

       
173

       
+

       
        kind = "Secret";


     

       

       
174

       
+

       
        metadata = {


     

       

       
175

       
+

       
          labels = {


     

       

       
176

       
+

       
            k8s-app = "kubernetes-dashboard";


     

       

       
177

       
+

       
            # Allows editing resource and makes sure it is created first.


     

       

       
178

       
+

       
            "addonmanager.kubernetes.io/mode" = "EnsureExists";


     

       

       
179

       
+

       
          };


     

       

       
180

       
+

       
          name = "kubernetes-dashboard-key-holder";


     

       

       
181

       
+

       
          namespace = "kube-system";


     

       

       
182

       
+

       
        };


     

       

       
183

       
+

       
        type = "Opaque";


     

       

       
184

       
+

       
      };


     

       

       
185

       
+

       
      kubernetes-dashboard-cm = {


     

       

       
186

       
+

       
        apiVersion = "v1";


     

       

       
187

       
+

       
        kind = "ConfigMap";


     

       

       
188

       
+

       
        metadata = {


     

       

       
189

       
+

       
          labels = {


     

       

       
190

       
+

       
            k8s-app = "kubernetes-dashboard";


     

       

       
191

       
+

       
            # Allows editing resource and makes sure it is created first.


     

       

       
192

       
+

       
            "addonmanager.kubernetes.io/mode" = "EnsureExists";


     

       

       
193

       
+

       
          };


     

       

       
194

       
+

       
          name = "kubernetes-dashboard-settings";


     

       

       
195

       
+

       
          namespace = "kube-system";


     

       

       
196

       
+

       
        };


     

       

       
197

       
+

       
      };


     

       
136

       
198

       
 

       
    } // (optionalAttrs cfg.enableRBAC {


     

       
137

       
199

       
 

       
      kubernetes-dashboard-crb = {


     

       
138

       

       
-

       
        apiVersion = "rbac.authorization.k8s.io/v1beta1";


     

       

       
200

       
+

       
        apiVersion = "rbac.authorization.k8s.io/v1";


     

       
139

       
201

       
 

       
        kind = "ClusterRoleBinding";


     

       
140

       
202

       
 

       
        metadata = {


     

       
141

       
203

       
 

       
          name = "kubernetes-dashboard";