upup: include kope-routing, but only if _kope_routing is set

upup/models/cloudup/resources/config.yaml.template

@@ -37,6 +37,9 @@ Tokens:
   "system:logging": {{ GetOrCreateSecret "system:logging" }}
   "system:monitoring": {{ GetOrCreateSecret "system:monitoring" }}
   "system:dns": {{ GetOrCreateSecret "system:dns" }}
+{{ if HasTag "_kope_routing" }}
+  "kope-routing": {{ GetOrCreateSecret "kope-routing" }}
+{{ end }}
 
 Tags:
 {{ range $tag := Args }}

upup/models/nodeup/_kope_routing/files/etc/kubernetes/manifests/kope-routing.manifest.template

@@ -0,0 +1,47 @@
+# kope-routing podspec
+apiVersion: v1
+kind: Pod
+metadata:
+  name: kope-routing
+  namespace: kube-system
+spec:
+  hostNetwork: true
+  containers:
+  - name: kope-routing
+    image: kope/route-controller
+    #resources:
+    #  requests:
+    #    cpu: {{ .KubeProxy.CPURequest }}
+    command:
+    - /bin/sh
+    - -c
+#    - /usr/bin/route-controller --boot-id=/var/lib/kope-routing/boot-id --kubeconfig=/var/lib/kope-routing/kubeconfig --healthz-port=10247 1>>/var/log/kope-routing.log 2>&1
+    - /usr/bin/route-controller --provider=gre --boot-id=/var/lib/kope-routing/boot-id --kubeconfig=/var/lib/kope-routing/kubeconfig --healthz-port=10247
+    securityContext:
+      privileged: true
+    volumeMounts:
+    - mountPath: /etc/ssl/certs
+      name: ssl-certs-host
+      readOnly: true
+#    - mountPath: /var/log
+#      name: varlog
+#      readOnly: false
+    - mountPath: /var/lib/kope-routing/kubeconfig
+      name: kubeconfig
+      readOnly: true
+    - mountPath: /var/lib/kope-routing/boot-id
+      name: host-boot-id
+      readOnly: true
+  volumes:
+  - hostPath:
+      path: /usr/share/ca-certificates
+    name: ssl-certs-host
+  - hostPath:
+      path: /var/lib/kope-routing/kubeconfig
+    name: kubeconfig
+  - hostPath:
+      path: /proc/sys/kernel/random/boot_id
+    name: host-boot-id
+#  - hostPath:
+#      path: /var/log
+#    name: varlog

upup/models/nodeup/_kope_routing/files/var/lib/kope-routing/kubeconfig.template

@@ -0,0 +1,17 @@
+apiVersion: v1
+kind: Config
+users:
+- name: kope-routing
+  user:
+    token: {{ .GetToken "kope-routing" }}
+clusters:
+- name: local
+  cluster:
+    certificate-authority-data: {{ Base64Encode .CACertificate.AsString }}
+    server: https://{{ .MasterInternalName }}
+contexts:
+- context:
+    cluster: local
+    user: kope-routing
+  name: service-account-context
+current-context: service-account-context

upup/models/nodeup/_kope_routing/files/var/lib/kope-routing/kubeconfig.template.meta

@@ -0,0 +1,3 @@
+{
+  "mode": "0400"
+}

upup/models/nodeup/_kope_routing/files/var/log/kope-routing.log.meta

@@ -0,0 +1,3 @@
+{
+  "ifNotExists": true
+}

upup/pkg/fi/nodeup/config.go

@@ -120,10 +120,11 @@ type APIServerConfig struct {
 type KubeControllerManagerConfig struct {
 	CloudProvider string `flag:"cloud-provider"`
 
-	Master            string `flag:"master"`
-	ClusterName       string `flag:"cluster-name"`
-	ClusterCIDR       string `flag:"cluster-cidr"`
-	AllocateNodeCIDRs *bool  `flag:"allocate-node-cidrs"`
+	Master               string `flag:"master"`
+	ClusterName          string `flag:"cluster-name"`
+	ClusterCIDR          string `flag:"cluster-cidr"`
+	AllocateNodeCIDRs    *bool  `flag:"allocate-node-cidrs"`
+	ConfigureCloudRoutes *bool  `flag:"configure-cloud-routes"`
 	// TODO: Name verbosity or LogLevel
 	LogLevel    int   `flag:"v"`
 	LeaderElect *bool `flag:"leader-elect"`