kubernetes/cmd/kubernetes-discovery/artifacts/local-cluster-up/kubernetes-discover-pod.yaml

kind: ReplicationController
apiVersion: v1
metadata:
  name: kubernetes-discovery
  labels:
    kubernetes-discovery: "true"
spec:
  replicas: 1
  selector:
    kubernetes-discovery: "true"
  template:
    metadata:
      labels:
        kubernetes-discovery: "true"
    spec:
      containers:
      - name: kubernetes-discovery
        image: kubernetes-discovery:latest
        imagePullPolicy: Never
        livenessProbe:
          failureThreshold: 3
          httpGet:
            path: /version
            port: 443
            scheme: HTTPS
          periodSeconds: 10
          successThreshold: 1
          timeoutSeconds: 1
        readinessProbe:
          failureThreshold: 3
          httpGet:
            path: /version
            port: 443
            scheme: HTTPS
          periodSeconds: 10
          successThreshold: 1
          timeoutSeconds: 1
        args:
        - "--proxy-client-cert-file=/var/run/auth-proxy-client/tls.crt"
        - "--proxy-client-key-file=/var/run/auth-proxy-client/tls.key"
        - "--tls-cert-file=/var/run/serving-cert/tls.crt"
        - "--tls-private-key-file=/var/run/serving-cert/tls.key"
        - "--tls-ca-file=/var/run/serving-ca/ca.crt"
        - "--client-ca-file=/var/run/client-ca/ca.crt"
        - "--requestheader-username-headers=X-Remote-User"
        - "--requestheader-group-headers=X-Remote-Group"
        - "--requestheader-extra-headers-prefix=X-Remote-Extra-"
        - "--requestheader-client-ca-file=/var/run/request-header-ca/ca.crt"
        - "--etcd-servers=https://etcd.kube-public.svc:4001"
        - "--etcd-certfile=/var/run/etcd-client-cert/tls.crt"
        - "--etcd-keyfile=/var/run/etcd-client-cert/tls.key"
        - "--etcd-cafile=/var/run/etcd-ca/ca.crt"
        ports:
        - containerPort: 443
        volumeMounts:
        - mountPath: /var/run/request-header-ca
          name: volume-request-header-ca
        - mountPath: /var/run/client-ca
          name: volume-client-ca
        - mountPath: /var/run/auth-proxy-client
          name: volume-auth-proxy-client
        - mountPath: /var/run/etcd-client-cert
          name: volume-etcd-client-cert
        - mountPath: /var/run/serving-ca
          name: volume-serving-ca
        - mountPath: /var/run/serving-cert
          name: volume-serving-cert
        - mountPath: /var/run/etcd-ca
          name: volume-etcd-ca
      serviceAccountName: kubernetes-discovery
      volumes:
      - configMap:
          defaultMode: 420
          name: request-header-ca
        name: volume-request-header-ca
      - configMap:
          defaultMode: 420
          name: client-ca
        name: volume-client-ca
      - name: volume-auth-proxy-client
        secret:
          defaultMode: 420
          secretName: auth-proxy-client
      - name: volume-etcd-client-cert
        secret:
          defaultMode: 420
          secretName: discovery-etcd
      - name: volume-serving-cert
        secret:
          defaultMode: 420
          secretName: serving-discovery
      - configMap:
          defaultMode: 420
          name: discovery-ca
        name: volume-serving-ca
      - configMap:
          defaultMode: 420
          name: etcd-ca
        name: volume-etcd-ca