Merge pull request #34591 from windsonsea/docsite2
[zh] resync egress-selector-configuration.yamlpull/34620/head
Kubernetes Prow Robot
GitHub
commit
46eacd1134
|
|
@ -1,21 +1,20 @@
|
||||||
apiVersion: apiserver.k8s.io/v1beta1
|
apiVersion: apiserver.k8s.io/v1beta1
|
||||||
kind: EgressSelectorConfiguration
|
kind: EgressSelectorConfiguration
|
||||||
egressSelections:
|
egressSelections:
|
||||||
# Since we want to control the egress traffic to the cluster, we use the
|
# 由于我们要控制集群的出站流量,所以将 “cluster” 用作 name。
|
||||||
# "cluster" as the name. Other supported values are "etcd", and "master".
|
# 其他支持的值有 “etcd” 和 “master”。
|
||||||
- name: cluster
|
- name: cluster
|
||||||
connection:
|
connection:
|
||||||
# This controls the protocol between the API Server and the Konnectivity
|
# 这一属性将控制 API 服务器 Konnectivity 服务器之间的协议。
|
||||||
# server. Supported values are "GRPC" and "HTTPConnect". There is no
|
# 支持的值为 “GRPC” 和 “HTTPConnect”。
|
||||||
# end user visible difference between the two modes. You need to set the
|
# 最终用户不会察觉这两种模式之间的差异。
|
||||||
# Konnectivity server to work in the same mode.
|
# 你需要将 Konnectivity 服务器设为在相同模式下工作。
|
||||||
proxyProtocol: GRPC
|
proxyProtocol: GRPC
|
||||||
transport:
|
transport:
|
||||||
# This controls what transport the API Server uses to communicate with the
|
# 此属性控制 API 服务器使用哪种传输方式与 Konnectivity 服务器通信。
|
||||||
# Konnectivity server. UDS is recommended if the Konnectivity server
|
# 如果 Konnectivity 服务器与 API 服务器位于同一台机器上,建议使用 UDS。
|
||||||
# locates on the same machine as the API Server. You need to configure the
|
# 你需要将 Konnectivity 服务器配置为侦听同一个 UDS 套接字。
|
||||||
# Konnectivity server to listen on the same UDS socket.
|
# 另一个支持的传输方式是 “tcp”。
|
||||||
# The other supported transport is "tcp". You will need to set up TLS
|
# 你将需要设置 TLS config 以确保 TCP 传输的安全。
|
||||||
# config to secure the TCP transport.
|
|
||||||
uds:
|
uds:
|
||||||
udsName: /etc/kubernetes/konnectivity-server/konnectivity-server.socket
|
udsName: /etc/kubernetes/konnectivity-server/konnectivity-server.socket
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
apiVersion: apps/v1
|
apiVersion: apps/v1
|
||||||
# Alternatively, you can deploy the agents as Deployments. It is not necessary
|
# 作为另一种替代方案,你可以将代理部署为 Deployment。
|
||||||
# to have an agent on each node.
|
# 没有必要在每个节点上都有一个代理。
|
||||||
kind: DaemonSet
|
kind: DaemonSet
|
||||||
metadata:
|
metadata:
|
||||||
labels:
|
labels:
|
||||||
|
|
@ -28,8 +28,8 @@ spec:
|
||||||
args: [
|
args: [
|
||||||
"--logtostderr=true",
|
"--logtostderr=true",
|
||||||
"--ca-cert=/var/run/secrets/kubernetes.io/serviceaccount/ca.crt",
|
"--ca-cert=/var/run/secrets/kubernetes.io/serviceaccount/ca.crt",
|
||||||
# Since the konnectivity server runs with hostNetwork=true,
|
# 由于 konnectivity 服务器以 hostNetwork=true 运行,
|
||||||
# this is the IP address of the master machine.
|
# 所以这是控制面节点的 IP 地址。
|
||||||
"--proxy-server-host=35.225.206.7",
|
"--proxy-server-host=35.225.206.7",
|
||||||
"--proxy-server-port=8132",
|
"--proxy-server-port=8132",
|
||||||
"--admin-server-port=8133",
|
"--admin-server-port=8133",
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue