nixos/modules/services/cluster/kubernetes/scheduler.nix

   1 {
   2   config,
   3   lib,
   4   options,
   5   pkgs,
   6   ...
   7 }:
   8 let
   9   top = config.services.kubernetes;
  10   otop = options.services.kubernetes;
  11   cfg = top.scheduler;
  12 in
  13 {
  14   ###### interface
  15   options.services.kubernetes.scheduler = with lib.types; {
  16
  17     address = lib.mkOption {
  18       description = "Kubernetes scheduler listening address.";
  19       default = "127.0.0.1";
  20       type = str;
  21     };
  22
  23     enable = lib.mkEnableOption "Kubernetes scheduler";
  24
  25     extraOpts = lib.mkOption {
  26       description = "Kubernetes scheduler extra command line options.";
  27       default = "";
  28       type = separatedString " ";
  29     };
  30
  31     featureGates = lib.mkOption {
  32       description = "Attribute set of feature gates.";
  33       default = top.featureGates;
  34       defaultText = lib.literalExpression "config.${otop.featureGates}";
  35       type = attrsOf bool;
  36     };
  37
  38     kubeconfig = top.lib.mkKubeConfigOptions "Kubernetes scheduler";
  39
  40     leaderElect = lib.mkOption {
  41       description = "Whether to start leader election before executing main loop.";
  42       type = bool;
  43       default = true;
  44     };
  45
  46     port = lib.mkOption {
  47       description = "Kubernetes scheduler listening port.";
  48       default = 10251;
  49       type = port;
  50     };
  51
  52     verbosity = lib.mkOption {
  53       description = ''
  54         Optional glog verbosity level for logging statements. See
  55         <https://github.com/kubernetes/community/blob/master/contributors/devel/logging.md>
  56       '';
  57       default = null;
  58       type = nullOr int;
  59     };
  60
  61   };
  62
  63   ###### implementation
  64   config = lib.mkIf cfg.enable {
  65     systemd.services.kube-scheduler = {
  66       description = "Kubernetes Scheduler Service";
  67       wantedBy = [ "kubernetes.target" ];
  68       after = [ "kube-apiserver.service" ];
  69       serviceConfig = {
  70         Slice = "kubernetes.slice";
  71         ExecStart = ''
  72           ${top.package}/bin/kube-scheduler \
  73                     --bind-address=${cfg.address} \
  74                     ${
  75                       lib.optionalString (cfg.featureGates != { })
  76                         "--feature-gates=${
  77                           lib.concatStringsSep "," (
  78                             builtins.attrValues (lib.mapAttrs (n: v: "${n}=${lib.trivial.boolToString v}") cfg.featureGates)
  79                           )
  80                         }"
  81                     } \
  82                     --kubeconfig=${top.lib.mkKubeConfig "kube-scheduler" cfg.kubeconfig} \
  83                     --leader-elect=${lib.boolToString cfg.leaderElect} \
  84                     --secure-port=${toString cfg.port} \
  85                     ${lib.optionalString (cfg.verbosity != null) "--v=${toString cfg.verbosity}"} \
  86                     ${cfg.extraOpts}
  87         '';
  88         WorkingDirectory = top.dataDir;
  89         User = "kubernetes";
  90         Group = "kubernetes";
  91         Restart = "on-failure";
  92         RestartSec = 5;
  93       };
  94       unitConfig = {
  95         StartLimitIntervalSec = 0;
  96       };
  97     };
  98
  99     services.kubernetes.pki.certs = {
 100       schedulerClient = top.lib.mkCert {
 101         name = "kube-scheduler-client";
 102         CN = "system:kube-scheduler";
 103         action = "systemctl restart kube-scheduler.service";
 104       };
 105     };
 106
 107     services.kubernetes.scheduler.kubeconfig.server = lib.mkDefault top.apiserverAddress;
 108   };
 109
 110   meta.buildDocsInSandbox = false;
 111 }