{% set daemon_args = "$DAEMON_ARGS" -%}
{% if grains['os_family'] == 'RedHat' -%}
	{% set daemon_args = "" -%}
{% endif -%}

{% set cloud_provider = "" -%}
{% if grains.cloud_provider is defined -%}
  {% set cloud_provider = "-cloud_provider=" + grains.cloud_provider -%}
{% endif -%}

{% set address = "-address=127.0.0.1" -%}

{% set publicAddressOverride = "" -%}
{% if grains.publicAddressOverride is defined -%}
  {% set publicAddressOverride = "-public_address_override=" + grains.publicAddressOverride -%}
{% endif -%}


{% if grains.etcd_servers is defined -%}
  {% set etcd_servers = "-etcd_servers=http://" + grains.etcd_servers + ":4001" -%}
{% else -%}
  {% set ips = salt['mine.get']('roles:kubernetes-master', 'network.ip_addrs', 'grain').values() -%}
  {% set etcd_servers = "-etcd_servers=http://" + ips[0][0] + ":4001" -%}
{% endif -%}

{% if grains.cloud is defined -%}
{% if grains.cloud == 'gce' -%}
  {% set cloud_provider = "-cloud_provider=gce" -%}
{% endif -%}
{% endif -%}

{% if pillar['portal_net'] is defined -%}
  {% set portal_net = "-portal_net=" + pillar['portal_net'] -%}
{% endif -%}

{% set cert_file = "-tls_cert_file=/srv/kubernetes/server.cert" -%}
{% set key_file = "-tls_private_key_file=/srv/kubernetes/server.key" -%}

{% set secure_port = "-secure_port=6443" -%}
{% set token_auth_file = "-token_auth_file=/dev/null" -%}

{% if grains.cloud is defined -%}
{% if grains.cloud == 'gce' or grains.cloud == 'vagrant' -%}
    # TODO: generate and distribute tokens for other cloud providers.
    {% set token_auth_file = "-token_auth_file=/srv/kubernetes/known_tokens.csv" -%}
{% endif -%}
{% endif -%}

{% set admission_control = "" -%}
{% if grains.admission_control is defined -%}
 {% set admission_control = "-admission_control=" + grains.admission_control -%}
{% endif -%}

DAEMON_ARGS="{{daemon_args}} {{address}} {{etcd_servers}} {{ cloud_provider }} {{admission_control}} --allow_privileged={{pillar['allow_privileged']}} {{portal_net}} {{cert_file}} {{key_file}} {{secure_port}} {{token_auth_file}} {{publicAddressOverride}} {{pillar['log_level']}}"