-
Notifications
You must be signed in to change notification settings - Fork 4.1k
/
Copy pathcluster-autoscaler-secret.yaml
74 lines (69 loc) · 7.88 KB
/
cluster-autoscaler-secret.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
---
apiVersion: v1
data:
#base64 encode the API key and use it for the value of authtoken
authtoken: YOUR_EQUINIX_METAL_API_TOKEN
kind: Secret
metadata:
name: cluster-autoscaler-equinixmetal
namespace: kube-system
type: Opaque
---
apiVersion: v1
kind: Secret
metadata:
name: cluster-autoscaler-cloud-config
namespace: kube-system
type: Opaque
stringData:
# kubeadm, kubelet, kubectl are pinned to version 1.28.1
# The version can be altered by decoding the cloudinit and updating it to
# the desired version
# In the cloud-config you must always have a valid default nodegroup
cloud-config: |-
[nodegroupdef "default"]
project-id=YOUR_EQUINIX_METAL_PROJECT_ID
api-server-endpoint=YOUR_KUBERNETES_API_IP_ADDRESS:YOUR_KUBERNETES_API_PORT
metro=sv
os=ubuntu_22_04
plan=c3.small.x86
billing=hourly
cloudinit=IyEvYmluL2Jhc2gKc2xlZXAgMTAKc2VkIC1yaSAnL1xzc3dhcFxzL3MvXiM/LyMvJyAvZXRjL2ZzdGFiCnN3YXBvZmYgLWEKbW91bnQgLWEKbW9kcHJvYmUgb3ZlcmxheQptb2Rwcm9iZSBicl9uZXRmaWx0ZXIKc3lzY3RsIC0tc3lzdGVtCmV4cG9ydCBERUJJQU5fRlJPTlRFTkQ9bm9uaW50ZXJhY3RpdmUKYXB0LWdldCB1cGRhdGUKYXB0LWdldCByZW1vdmUgZG9ja2VyIGRvY2tlci1lbmdpbmUgY29udGFpbmVyZCBydW5jIC15CmFwdC1nZXQgaW5zdGFsbCBhcHQtdHJhbnNwb3J0LWh0dHBzIGNhLWNlcnRpZmljYXRlcyBjdXJsIGdudXBnIGxzYi1yZWxlYXNlIGpxIGt1YmV0YWlsIC15Cm1rZGlyIC1tIDA3NTUgLXAgL2V0Yy9hcHQva2V5cmluZ3MKY3VybCAtZnNTTCBodHRwczovL2RsLms4cy5pby9hcHQvZG9jL2FwdC1rZXkuZ3BnIHwgc3VkbyBncGcgLS1kZWFybW9yIC1vIC9ldGMvYXB0L2tleXJpbmdzL2t1YmVybmV0ZXMtYXJjaGl2ZS1rZXlyaW5nLmdwZwplY2hvICJkZWIgW3NpZ25lZC1ieT0vZXRjL2FwdC9rZXlyaW5ncy9rdWJlcm5ldGVzLWFyY2hpdmUta2V5cmluZy5ncGddIGh0dHBzOi8vYXB0Lmt1YmVybmV0ZXMuaW8vIGt1YmVybmV0ZXMteGVuaWFsIG1haW4iIHwgc3VkbyB0ZWUgL2V0Yy9hcHQvc291cmNlcy5saXN0LmQva3ViZXJuZXRlcy5saXN0CmN1cmwgLWZzU0wgaHR0cHM6Ly9kb3dubG9hZC5kb2NrZXIuY29tL2xpbnV4L3VidW50dS9ncGcgfCBzdWRvIGdwZyAtLWRlYXJtb3IgLW8gL2V0Yy9hcHQva2V5cmluZ3MvZG9ja2VyLmdwZwplY2hvICJkZWIgW2FyY2g9JChkcGtnIC0tcHJpbnQtYXJjaGl0ZWN0dXJlKSBzaWduZWQtYnk9L2V0Yy9hcHQva2V5cmluZ3MvZG9ja2VyLmdwZ10gaHR0cHM6Ly9kb3dubG9hZC5kb2NrZXIuY29tL2xpbnV4L3VidW50dSAkKGxzYl9yZWxlYXNlIC1jcykgc3RhYmxlIiB8IHN1ZG8gdGVlIC9ldGMvYXB0L3NvdXJjZXMubGlzdC5kL2RvY2tlci5saXN0ID4gL2Rldi9udWxsCmFwdC1nZXQgdXBkYXRlCmFwdC1nZXQgaW5zdGFsbCAteSBjb250YWluZXJkLmlvIGt1YmVsZXQ9MS4yNy41LTAwIGt1YmVhZG09MS4yNy41LTAwIGt1YmVjdGw9MS4yNy41LTAwCmFwdC1tYXJrIGhvbGQga3ViZWxldCBrdWJlYWRtIGt1YmVjdGwKY29udGFpbmVyZCBjb25maWcgZGVmYXVsdCA+IC9ldGMvY29udGFpbmVyZC9jb25maWcudG9tbApzZWQgLWkgJ3MvU3lzdGVtZENncm91cCA9IGZhbHNlL1N5c3RlbWRDZ3JvdXAgPSB0cnVlLycgL2V0Yy9jb250YWluZXJkL2NvbmZpZy50b21sCnNlZCAtaSAicyxzYW5kYm94X2ltYWdlLiokLHNhbmRib3hfaW1hZ2UgPSBcIiQoa3ViZWFkbSBjb25maWcgaW1hZ2VzIGxpc3QgfCBncmVwIHBhdXNlIHwgc29ydCAtciB8IGhlYWQgLW4xKVwiLCIgL2V0Yy9jb250YWluZXJkL2NvbmZpZy50b21sCnN5c3RlbWN0bCByZXN0YXJ0IGNvbnRhaW5lcmQKc3lzdGVtY3RsIGVuYWJsZSBrdWJlbGV0LnNlcnZpY2UKa3ViZWFkbSBpbml0IC0tY29uZmlnPS9yb290L2t1YmVhZG0uaW5pdC55YW1sIC0tdXBsb2FkLWNlcnRzCm1rZGlyIC1wIC9yb290Ly5rdWJlICYmIGNwIC1mIC9ldGMva3ViZXJuZXRlcy9hZG1pbi5jb25mIC9yb290Ly5rdWJlL2NvbmZpZwpjcCAvZXRjL2t1YmVybmV0ZXMvYWRtaW4uY29uZiAvcm9vdC8ua3ViZS9jb25maWcKZWNobyAic291cmNlIDwoa3ViZWN0bCBjb21wbGV0aW9uIGJhc2gpIiA+PiAvcm9vdC8uYmFzaHJjCmVjaG8gImFsaWFzIGs9a3ViZWN0bCIgPj4gL3Jvb3QvLmJhc2hyYwplY2hvICJjb21wbGV0ZSAtbyBkZWZhdWx0IC1GIF9fc3RhcnRfa3ViZWN0bCBrIiA+PiAvcm9vdC8uYmFzaHJjCmNhdCA8PEVPRiB8IHRlZSAvZXRjL2RlZmF1bHQva3ViZWxldApLVUJFTEVUX0VYVFJBX0FSR1M9LS1jbG91ZC1wcm92aWRlcj1leHRlcm5hbApFT0YKa3ViZWFkbSBqb2luIC0tZGlzY292ZXJ5LXRva2VuLXVuc2FmZS1za2lwLWNhLXZlcmlmaWNhdGlvbiAtLXRva2VuIHt7LkJvb3RzdHJhcFRva2VuSUR9fS57ey5Cb290c3RyYXBUb2tlblNlY3JldH19IHt7LkFQSVNlcnZlckVuZHBvaW50fX0K
reservation=prefer
hostname-pattern=k8s-{{.ClusterName}}-{{.NodeGroup}}-{{.RandString8}}
[nodegroupdef "pool2"]
project-id=YOUR_EQUINIX_METAL_PROJECT_ID
api-server-endpoint=YOUR_KUBERNETES_API_IP_ADDRESS:YOUR_KUBERNETES_API_PORT
metro=sv
os=ubuntu_22_04
plan=c3.small.x86
billing=hourly
cloudinit=IyEvYmluL2Jhc2gKc2xlZXAgMTAKc2VkIC1yaSAnL1xzc3dhcFxzL3MvXiM/LyMvJyAvZXRjL2ZzdGFiCnN3YXBvZmYgLWEKbW91bnQgLWEKbW9kcHJvYmUgb3ZlcmxheQptb2Rwcm9iZSBicl9uZXRmaWx0ZXIKc3lzY3RsIC0tc3lzdGVtCmV4cG9ydCBERUJJQU5fRlJPTlRFTkQ9bm9uaW50ZXJhY3RpdmUKYXB0LWdldCB1cGRhdGUKYXB0LWdldCByZW1vdmUgZG9ja2VyIGRvY2tlci1lbmdpbmUgY29udGFpbmVyZCBydW5jIC15CmFwdC1nZXQgaW5zdGFsbCBhcHQtdHJhbnNwb3J0LWh0dHBzIGNhLWNlcnRpZmljYXRlcyBjdXJsIGdudXBnIGxzYi1yZWxlYXNlIGpxIGt1YmV0YWlsIC15Cm1rZGlyIC1tIDA3NTUgLXAgL2V0Yy9hcHQva2V5cmluZ3MKY3VybCAtZnNTTCBodHRwczovL2RsLms4cy5pby9hcHQvZG9jL2FwdC1rZXkuZ3BnIHwgc3VkbyBncGcgLS1kZWFybW9yIC1vIC9ldGMvYXB0L2tleXJpbmdzL2t1YmVybmV0ZXMtYXJjaGl2ZS1rZXlyaW5nLmdwZwplY2hvICJkZWIgW3NpZ25lZC1ieT0vZXRjL2FwdC9rZXlyaW5ncy9rdWJlcm5ldGVzLWFyY2hpdmUta2V5cmluZy5ncGddIGh0dHBzOi8vYXB0Lmt1YmVybmV0ZXMuaW8vIGt1YmVybmV0ZXMteGVuaWFsIG1haW4iIHwgc3VkbyB0ZWUgL2V0Yy9hcHQvc291cmNlcy5saXN0LmQva3ViZXJuZXRlcy5saXN0CmN1cmwgLWZzU0wgaHR0cHM6Ly9kb3dubG9hZC5kb2NrZXIuY29tL2xpbnV4L3VidW50dS9ncGcgfCBzdWRvIGdwZyAtLWRlYXJtb3IgLW8gL2V0Yy9hcHQva2V5cmluZ3MvZG9ja2VyLmdwZwplY2hvICJkZWIgW2FyY2g9JChkcGtnIC0tcHJpbnQtYXJjaGl0ZWN0dXJlKSBzaWduZWQtYnk9L2V0Yy9hcHQva2V5cmluZ3MvZG9ja2VyLmdwZ10gaHR0cHM6Ly9kb3dubG9hZC5kb2NrZXIuY29tL2xpbnV4L3VidW50dSAkKGxzYl9yZWxlYXNlIC1jcykgc3RhYmxlIiB8IHN1ZG8gdGVlIC9ldGMvYXB0L3NvdXJjZXMubGlzdC5kL2RvY2tlci5saXN0ID4gL2Rldi9udWxsCmFwdC1nZXQgdXBkYXRlCmFwdC1nZXQgaW5zdGFsbCAteSBjb250YWluZXJkLmlvIGt1YmVsZXQ9MS4yNy41LTAwIGt1YmVhZG09MS4yNy41LTAwIGt1YmVjdGw9MS4yNy41LTAwCmFwdC1tYXJrIGhvbGQga3ViZWxldCBrdWJlYWRtIGt1YmVjdGwKY29udGFpbmVyZCBjb25maWcgZGVmYXVsdCA+IC9ldGMvY29udGFpbmVyZC9jb25maWcudG9tbApzZWQgLWkgJ3MvU3lzdGVtZENncm91cCA9IGZhbHNlL1N5c3RlbWRDZ3JvdXAgPSB0cnVlLycgL2V0Yy9jb250YWluZXJkL2NvbmZpZy50b21sCnNlZCAtaSAicyxzYW5kYm94X2ltYWdlLiokLHNhbmRib3hfaW1hZ2UgPSBcIiQoa3ViZWFkbSBjb25maWcgaW1hZ2VzIGxpc3QgfCBncmVwIHBhdXNlIHwgc29ydCAtciB8IGhlYWQgLW4xKVwiLCIgL2V0Yy9jb250YWluZXJkL2NvbmZpZy50b21sCnN5c3RlbWN0bCByZXN0YXJ0IGNvbnRhaW5lcmQKc3lzdGVtY3RsIGVuYWJsZSBrdWJlbGV0LnNlcnZpY2UKa3ViZWFkbSBpbml0IC0tY29uZmlnPS9yb290L2t1YmVhZG0uaW5pdC55YW1sIC0tdXBsb2FkLWNlcnRzCm1rZGlyIC1wIC9yb290Ly5rdWJlICYmIGNwIC1mIC9ldGMva3ViZXJuZXRlcy9hZG1pbi5jb25mIC9yb290Ly5rdWJlL2NvbmZpZwpjcCAvZXRjL2t1YmVybmV0ZXMvYWRtaW4uY29uZiAvcm9vdC8ua3ViZS9jb25maWcKZWNobyAic291cmNlIDwoa3ViZWN0bCBjb21wbGV0aW9uIGJhc2gpIiA+PiAvcm9vdC8uYmFzaHJjCmVjaG8gImFsaWFzIGs9a3ViZWN0bCIgPj4gL3Jvb3QvLmJhc2hyYwplY2hvICJjb21wbGV0ZSAtbyBkZWZhdWx0IC1GIF9fc3RhcnRfa3ViZWN0bCBrIiA+PiAvcm9vdC8uYmFzaHJjCmNhdCA8PEVPRiB8IHRlZSAvZXRjL2RlZmF1bHQva3ViZWxldApLVUJFTEVUX0VYVFJBX0FSR1M9LS1jbG91ZC1wcm92aWRlcj1leHRlcm5hbApFT0YKa3ViZWFkbSBqb2luIC0tZGlzY292ZXJ5LXRva2VuLXVuc2FmZS1za2lwLWNhLXZlcmlmaWNhdGlvbiAtLXRva2VuIHt7LkJvb3RzdHJhcFRva2VuSUR9fS57ey5Cb290c3RyYXBUb2tlblNlY3JldH19IHt7LkFQSVNlcnZlckVuZHBvaW50fX0K
reservation=prefer
hostname-pattern=k8s-{{.ClusterName}}-{{.NodeGroup}}-{{.RandString8}}
---
# The following secret is only required when using bootstrap tokens in cloudinit
# like in the above example. For more info on bootstrap tokens check
# https://kubernetes.io/docs/reference/access-authn-authz/bootstrap-tokens/
# IMPORTANT: change the token-id & token-secret values below before applying
apiVersion: v1
kind: Secret
type: bootstrap.kubernetes.io/token
metadata:
name: bootstrap-token-cluster-autoscaler-equinixmetal
namespace: kube-system
stringData:
description: "The default bootstrap token used by cluster-autoscaler on Equinix Metal."
# Token ID and secret. Required if using bootstrap tokens in cloudinit (e.g. with kubeadm).
# More info on using kubeadm to create a token: https://kubernetes.io/docs/reference/setup-tools/kubeadm/kubeadm-token/
# token-id must match the regular expression [a-z0-9]{6}
token-id: YOUR_TOKEN_ID
# token-secret must match the regular expression [a-z0-9]{16}
token-secret: YOUR_TOKEN_SECRET
# Expiration. Optional.
# expiration: 2020-03-10T03:22:11Z
# Allowed usages.
usage-bootstrap-authentication: "true"
usage-bootstrap-signing: "true"
# Extra groups to authenticate the token as. Must start with "system:bootstrappers:"
auth-extra-groups: system:bootstrappers:kubeadm:default-node-token,system:bootstrappers:worker,system:bootstrappers:ingress