| kind: ReplicationController |
| apiVersion: v1 |
| metadata: |
| name: etcd |
| labels: |
| etcd: "true" |
| spec: |
| replicas: 1 |
| selector: |
| etcd: "true" |
| template: |
| metadata: |
| labels: |
| etcd: "true" |
| spec: |
| containers: |
| - name: etcd |
| image: quay.io/coreos/etcd:v3.0.15 |
| command: |
| - "etcd" |
| - "--listen-client-urls=https://0.0.0.0:4001" |
| - "--advertise-client-urls=https://etcd.kube-public.svc:4001" |
| - "--trusted-ca-file=/var/run/serving-ca/ca.crt" |
| - "--cert-file=/var/run/serving-cert/tls.crt" |
| - "--key-file=/var/run/serving-cert/tls.key" |
| - "--client-cert-auth=true" |
| - "--listen-peer-urls=https://0.0.0.0:7001" |
| - "--initial-advertise-peer-urls=https://etcd.kube-public.svc:7001" |
| - "--peer-trusted-ca-file=/var/run/serving-ca/ca.crt" |
| - "--peer-cert-file=/var/run/serving-cert/tls.crt" |
| - "--peer-key-file=/var/run/serving-cert/tls.key" |
| - "--peer-client-cert-auth=true" |
| - "--initial-cluster=default=https://etcd.kube-public.svc:7001" |
| ports: |
| - containerPort: 4001 |
| volumeMounts: |
| - mountPath: /var/run/serving-cert |
| name: volume-serving-cert |
| - mountPath: /var/run/serving-ca |
| name: volume-etcd-ca |
| volumes: |
| - secret: |
| defaultMode: 420 |
| secretName: serving-etcd |
| name: volume-serving-cert |
| - configMap: |
| defaultMode: 420 |
| name: etcd-ca |
| name: volume-etcd-ca |
| |