[Unit]
Description=Kubernetes API Server
Documentation=https://github.com/GoogleCloudPlatform/kubernetes
Requires=fleet.service docker.service flanneld.service
After=fleet.service docker.service flanneld.service
[Service]
EnvironmentFile=/etc/environment
ExecStartPre=-/bin/sh -c "etcdctl get /deis/scheduler/k8s/master >/dev/null 2>&1 || etcdctl mk /deis/scheduler/k8s/master"
ExecStartPre=/bin/sh -c "etcdctl set /deis/scheduler/k8s/master $COREOS_PRIVATE_IPV4"
ExecStartPre=/bin/bash -c "/opt/bin/download-k8s-binary kube-apiserver"
ExecStartPre=/bin/bash -c "if etcdctl get /kube-serviceaccount >/dev/null 2>&1; then etcdctl get /kube-serviceaccount > /opt/bin/kube-serviceaccount.key; else /bin/openssl genrsa -out /opt/bin/kube-serviceaccount.key 2048 2>/dev/null; etcdctl set /kube-serviceaccount < /opt/bin/kube-serviceaccount.key; fi"
ExecStart=/bin/bash -c "/opt/bin/kube-apiserver \
  --service_account_key_file=/opt/bin/kube-serviceaccount.key \
  --service_account_lookup=false \
  --admission_control=NamespaceLifecycle,NamespaceAutoProvision,LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota \
  --allow_privileged=true \
  --insecure_bind_address=0.0.0.0 \
  --insecure_port=8080 \
  --kubelet_https=true \
  --secure_port=6443 \
  --service-cluster-ip-range=10.100.0.0/16 \
  --etcd_servers=$(curl -s 127.0.0.1:4001/v2/machines | sed 's/ //g') \
  --public_address_override=${COREOS_PRIVATE_IPV4} \
  --logtostderr=true \
  --runtime_config=api/v1"
ExecStartPost=/bin/bash -c "fleetctl stop deis-kube-scheduler deis-kube-controller-manager deis-kube-kubelet deis-kube-proxy; sleep 2; fleetctl start deis-kube-scheduler deis-kube-controller-manager deis-kube-kubelet deis-kube-proxy"
Restart=always
RestartSec=10
[Install]
WantedBy=multi-user.target