grdnrio · March 17, 2020 16:59
diff --git a/lighthouse.yaml b/lighthouse.yaml
 apiVersion: v1
 kind: ServiceAccount
 metadata:
  name: px-lh-account
  namespace: kube-system
 ---
 kind: ClusterRole
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
  name: px-lh-role
  namespace: kube-system
 rules:
  - apiGroups: [""]
    resources: ["pods"]
    verbs: ["list", "get"]
  - apiGroups:
        - extensions
        - apps
    resources:
        - deployments
    verbs: ["get", "list"]
  - apiGroups: [""]
    resources: ["secrets"]
    verbs: ["get", "create", "update"]
  - apiGroups: [""]
    resources: ["configmaps"]
    verbs: ["get", "create", "update"]
  - apiGroups: [""]
    resources: ["nodes"]
    verbs: ["get", "list", "watch"]
  - apiGroups: [""]
    resources: ["services"]
    verbs: ["create", "get", "list", "watch"]
  - apiGroups: ["stork.libopenstorage.org"]
    resources: ["clusterpairs","migrations","groupvolumesnapshots"]
    verbs: ["get", "list", "create", "update", "delete"]
  - apiGroups: ["monitoring.coreos.com"]
    resources:
      - alertmanagers
      - prometheuses
      - prometheuses/finalizers
      - servicemonitors
    verbs: ["*"]
 ---
 kind: ClusterRoleBinding
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
  name: px-lh-role-binding
  namespace: kube-system
 subjects:
  - kind: ServiceAccount
    name: px-lh-account
    namespace: kube-system
 roleRef:
  kind: ClusterRole
  name: px-lh-role
  apiGroup: rbac.authorization.k8s.io
 ---
 apiVersion: v1
 kind: Service
 metadata:
  name: px-lighthouse
  namespace: kube-system
  labels:
    tier: px-web-console
 spec:
  type: NodePort
  ports:
    - name: http
      port: 80
    - name: https
      port: 443
  selector:
    tier: px-web-console
 ---
 apiVersion: apps/v1
 kind: Deployment
 metadata:
  name: px-lighthouse
  namespace: kube-system
  labels:
    tier: px-web-console
 spec:
  selector:
    matchLabels:
      tier: px-web-console
  strategy:
    rollingUpdate:
      maxSurge: 1
      maxUnavailable: 1
    type: RollingUpdate
  selector:
    matchLabels:
      tier: px-web-console
  replicas: 1
  template:
    metadata:
      labels:
        tier: px-web-console
    spec:
      initContainers:
      - name: config-init
        image: harbor.pks.migros.local/portworx/lh-config-sync:2.0.6
        imagePullPolicy: Always
        args:
        - "init"
        volumeMounts:
        - name: config
          mountPath: /config/lh
      containers:
      - name: px-lighthouse
        image: harbor.pks.migros.local/portworx/px-lighthouse:2.0.6
        imagePullPolicy: Always
        args: [ "-kubernetes", "true" ]
        ports:
        - containerPort: 80
        - containerPort: 443
        volumeMounts:
        - name: config
          mountPath: /config/lh
      - name: config-sync
        image: harbor.pks.migros.local/portworx/lh-config-sync:2.0.6
        imagePullPolicy: Always
        args:
        - "sync"
        volumeMounts:
        - name: config
          mountPath: /config/lh
      - name: stork-connector
        image: harbor.pks.migros.local/portworx/lh-stork-connector:2.0.6
        imagePullPolicy: Always
      serviceAccountName: px-lh-account
      volumes:
      - name: config
        emptyDir: {}
	apiVersion: v1
	kind: ServiceAccount
	metadata:
	name: px-lh-account
	namespace: kube-system
	---
	kind: ClusterRole
	apiVersion: rbac.authorization.k8s.io/v1
	metadata:
	name: px-lh-role
	namespace: kube-system
	rules:
	- apiGroups: [""]
	resources: ["pods"]
	verbs: ["list", "get"]
	- apiGroups:
	- extensions
	- apps
	resources:
	- deployments
	verbs: ["get", "list"]
	- apiGroups: [""]
	resources: ["secrets"]
	verbs: ["get", "create", "update"]
	- apiGroups: [""]
	resources: ["configmaps"]
	verbs: ["get", "create", "update"]
	- apiGroups: [""]
	resources: ["nodes"]
	verbs: ["get", "list", "watch"]
	- apiGroups: [""]
	resources: ["services"]
	verbs: ["create", "get", "list", "watch"]
	- apiGroups: ["stork.libopenstorage.org"]
	resources: ["clusterpairs","migrations","groupvolumesnapshots"]
	verbs: ["get", "list", "create", "update", "delete"]
	- apiGroups: ["monitoring.coreos.com"]
	resources:
	- alertmanagers
	- prometheuses
	- prometheuses/finalizers
	- servicemonitors
	verbs: ["*"]
	---
	kind: ClusterRoleBinding
	apiVersion: rbac.authorization.k8s.io/v1
	metadata:
	name: px-lh-role-binding
	namespace: kube-system
	subjects:
	- kind: ServiceAccount
	name: px-lh-account
	namespace: kube-system
	roleRef:
	kind: ClusterRole
	name: px-lh-role
	apiGroup: rbac.authorization.k8s.io
	---
	apiVersion: v1
	kind: Service
	metadata:
	name: px-lighthouse
	namespace: kube-system
	labels:
	tier: px-web-console
	spec:
	type: NodePort
	ports:
	- name: http
	port: 80
	- name: https
	port: 443
	selector:
	tier: px-web-console
	---
	apiVersion: apps/v1
	kind: Deployment
	metadata:
	name: px-lighthouse
	namespace: kube-system
	labels:
	tier: px-web-console
	spec:
	selector:
	matchLabels:
	tier: px-web-console
	strategy:
	rollingUpdate:
	maxSurge: 1
	maxUnavailable: 1
	type: RollingUpdate
	selector:
	matchLabels:
	tier: px-web-console
	replicas: 1
	template:
	metadata:
	labels:
	tier: px-web-console
	spec:
	initContainers:
	- name: config-init
	image: harbor.pks.migros.local/portworx/lh-config-sync:2.0.6
	imagePullPolicy: Always
	args:
	- "init"
	volumeMounts:
	- name: config
	mountPath: /config/lh
	containers:
	- name: px-lighthouse
	image: harbor.pks.migros.local/portworx/px-lighthouse:2.0.6
	imagePullPolicy: Always
	args: [ "-kubernetes", "true" ]
	ports:
	- containerPort: 80
	- containerPort: 443
	volumeMounts:
	- name: config
	mountPath: /config/lh
	- name: config-sync
	image: harbor.pks.migros.local/portworx/lh-config-sync:2.0.6
	imagePullPolicy: Always
	args:
	- "sync"
	volumeMounts:
	- name: config
	mountPath: /config/lh
	- name: stork-connector
	image: harbor.pks.migros.local/portworx/lh-stork-connector:2.0.6
	imagePullPolicy: Always
	serviceAccountName: px-lh-account
	volumes:
	- name: config
	emptyDir: {}