kind: ReplicationController apiVersion: v1 metadata: name: kube-aggregator labels: kube-aggregator: "true" spec: replicas: 1 selector: kube-aggregator: "true" template: metadata: labels: kube-aggregator: "true" spec: containers: - name: kube-aggregator image: kube-aggregator:latest imagePullPolicy: Never livenessProbe: failureThreshold: 3 httpGet: path: /version port: 443 scheme: HTTPS periodSeconds: 10 successThreshold: 1 timeoutSeconds: 1 readinessProbe: failureThreshold: 3 httpGet: path: /version port: 443 scheme: HTTPS periodSeconds: 10 successThreshold: 1 timeoutSeconds: 1 args: - "--proxy-client-cert-file=/var/run/auth-proxy-client/tls.crt" - "--proxy-client-key-file=/var/run/auth-proxy-client/tls.key" - "--tls-cert-file=/var/run/serving-cert/tls.crt" - "--tls-private-key-file=/var/run/serving-cert/tls.key" - "--etcd-servers=https://etcd.kube-public.svc:4001" - "--etcd-certfile=/var/run/etcd-client-cert/tls.crt" - "--etcd-keyfile=/var/run/etcd-client-cert/tls.key" - "--etcd-cafile=/var/run/etcd-ca/ca.crt" ports: - containerPort: 443 volumeMounts: - mountPath: /var/run/request-header-ca name: volume-request-header-ca - mountPath: /var/run/client-ca name: volume-client-ca - mountPath: /var/run/auth-proxy-client name: volume-auth-proxy-client - mountPath: /var/run/etcd-client-cert name: volume-etcd-client-cert - mountPath: /var/run/serving-ca name: volume-serving-ca - mountPath: /var/run/serving-cert name: volume-serving-cert - mountPath: /var/run/etcd-ca name: volume-etcd-ca serviceAccountName: kube-aggregator volumes: - configMap: defaultMode: 420 name: request-header-ca name: volume-request-header-ca - configMap: defaultMode: 420 name: client-ca name: volume-client-ca - name: volume-auth-proxy-client secret: defaultMode: 420 secretName: auth-proxy-client - name: volume-etcd-client-cert secret: defaultMode: 420 secretName: kube-aggregator-etcd - name: volume-serving-cert secret: defaultMode: 420 secretName: serving-kube-aggregator - configMap: defaultMode: 420 name: kube-aggregator-ca name: volume-serving-ca - configMap: defaultMode: 420 name: etcd-ca name: volume-etcd-ca