infra/nixos/hosts/silver/services/k8s.nix

31 lines
776 B
Nix

{pkgs, ...}: let
kMasterIp = "10.13.0.1";
kMasterHostname = "silver";
kMasterApiServerPort = 6443;
in {
networking.extraHosts = "${kMasterIp} ${kMasterHostname}";
systemd.services.etcd.preStart = ''${pkgs.writeShellScript "etcd-wait" ''
while [ ! -f /var/lib/kubernetes/secrets/etcd.pem ]; do sleep 1; done
''}'';
services.kubernetes = {
roles = ["master" "node"];
masterAddress = kMasterHostname;
apiserverAddress = "https://${kMasterHostname}:${toString kMasterApiServerPort}";
apiserver = {
securePort = kMasterApiServerPort;
advertiseAddress = kMasterIp;
};
easyCerts = true;
# use coredns
addons.dns.enable = true;
# needed if you use swap
kubelet.extraOpts = "--fail-swap-on=false";
};
}