colonelpanic/dotfiles
1
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[NixOS] Kubelet->gke kind of works but not really

Browse Source
This commit is contained in:
Ivan Malison 2024-09-29 17:28:42 -06:00
parent cdd8ed60e9
commit 01361b7217
3 changed files with 27 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
nixos/kubelet-client.crt Normal file
View File

@ -0,0 +1,23 @@
-----BEGIN CERTIFICATE-----
MIIDyTCCAjGgAwIBAgIRAMQBZiVjA5BGSkDldScI9cMwDQYJKoZIhvcNAQELBQAw
LzEtMCsGA1UEAxMkM2I2N2M2NzgtNzI5My00YTIzLTg3ZWItY2NiMTZjYWFkMzFm
MB4XDTI0MDkyOTIwNTAzNloXDTI5MDkyODIwNTIzNlowOTEVMBMGA1UEChMMc3lz
dGVtOm5vZGVzMSAwHgYDVQQDExdzeXN0ZW06bm9kZTpyeXplbi1zaGluZTCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANIOfbq05IIdgX2jXYLaEt66rkXp
NlqPNfh6v9nL1Aw6PSM3DEIWXVko8AyduRF4kXNO6xc6l/Rzk03w3qSvJpWpALGD
JjslgRL4VJWUC6/QydsCO9io7SoUEmXFtDcsW6DftFejosr+56ZnVFrz5MMzfUAL
Ix6n83NJvXZ8f9oHSX8TFW34ZClLxDq2fprFIs+D2QlFRE50Jr/Q8gPI2OSQDUBW
DFdQrjt81bLs6doQipUqvHb4/Ms49agHek1ceWIMf+KZWoao5KNQTBe6XL2BUgA/
MS3ZvQppDDTygA0QkgdtOJyG2lsrAmd7LEXTr9ilsqLV3YQMMKhCifwINa0CAwEA
AaNWMFQwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMCMAwGA1Ud
EwEB/wQCMAAwHwYDVR0jBBgwFoAUjvcbOeZ4QIk53EkATOaOFiAZUq0wDQYJKoZI
hvcNAQELBQADggGBAELWgmdmg9TKjDDqmF6pYr1j43gZYclXW4sB509itSiIeltX
Isrvn5R5ok0W5Jcl+7QMhpntqIKJi26OqbcdBhqlaVURkBkbrx8aegkWJfPO+Fzz
NyyiIpk7KQzGy6N5//jfMPZtJfQEQZwMenW0cj7F0QHOdVZy90+JNr2P3uV3Ad7u
WZuYpbOFjOeQg1hJsX8wEU4KJyptn/kXhM+CqAnQ4S+k2wpjECD8KpWKAmpJWZg0
RaBPyHZSmWnbXqs4LU6ERaZJxZQG0ODuA18DmGfaAkUUUvE2J0ploc2Y8Xl4zUWW
Ivwslyx30YO3J9qI30d9tTQw/A0vHCoDNDbCg7lorZqP3TiTG9ANLndPqqg6inYU
yfj612//JrO8w/4qh7cxR03P35aK0paLC74FaKLtZ5CwPK3BAW/0Zhv5fH4io6hE
rfJmcjhbKD0Cwr9Dn6wVFz/a33H+0vMohHrVlDk4bSDIymbuJcZpYgR8n5WNQbGu
nwjiLXCnVxcVjkcj2w==
-----END CERTIFICATE-----

7
nixos/kubelet.nix
View File

@ -6,16 +6,17 @@ makeEnable config "myModules.kubelet" false {
kubeconfig = {
server = "https://34.31.205.230";
caFile = ./railbird-kubernetes.crt;
certFile = ./kubelet-client.crt;
keyFile = config.age.secrets."api_service_account_key.json.age".path;
};
registerNode = true;
cni = {
packages = [ pkgs.cni-plugins ];
packages = [ pkgs.cni-plugins pkgs.calico-cni-plugin ];
};
extraOpts = ''
--fail-swap-on=false
--container-runtime=remote
--container-runtime-endpoint=unix:///run/containerd/containerd.sock
# --container-runtime=remote
# --container-runtime-endpoint=unix:///run/containerd/containerd.sock
'';
};
}

BIN
nixos/secrets/api_service_account_key.json.age
View File

Binary file not shown.