Created
March 20, 2020 13:38
-
-
Save stgleb/7d9177b156eba54ea047e57b921938f6 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # SOURCE: https://install.portworx.com/?mc=false&kbver=1.14.8&b=true&c=px-cluster-ef900bc3-4cd3-4f2d-aa7e-173cf076ce00&stork=true&lh=true&st=k8s&e=REGISTRY_USER%3Dpwxbuild%2CREGISTRY_PASS%3Dfridaydemos | |
| --- | |
| kind: Service | |
| apiVersion: v1 | |
| metadata: | |
| name: portworx-service | |
| namespace: kube-system | |
| labels: | |
| name: portworx | |
| spec: | |
| selector: | |
| name: portworx | |
| type: ClusterIP | |
| ports: | |
| - name: px-api | |
| protocol: TCP | |
| port: 9001 | |
| targetPort: 9001 | |
| - name: px-kvdb | |
| protocol: TCP | |
| port: 9019 | |
| targetPort: 9019 | |
| - name: px-sdk | |
| protocol: TCP | |
| port: 9020 | |
| targetPort: 9020 | |
| - name: px-rest-gateway | |
| protocol: TCP | |
| port: 9021 | |
| targetPort: 9021 | |
| --- | |
| apiVersion: apiextensions.k8s.io/v1beta1 | |
| kind: CustomResourceDefinition | |
| metadata: | |
| name: volumeplacementstrategies.portworx.io | |
| spec: | |
| group: portworx.io | |
| versions: | |
| - name: v1beta2 | |
| served: true | |
| storage: true | |
| - name: v1beta1 | |
| served: false | |
| storage: false | |
| scope: Cluster | |
| names: | |
| plural: volumeplacementstrategies | |
| singular: volumeplacementstrategy | |
| kind: VolumePlacementStrategy | |
| shortNames: | |
| - vps | |
| - vp | |
| validation: | |
| openAPIV3Schema: | |
| type: object | |
| required: | |
| - spec | |
| properties: | |
| spec: | |
| type: object | |
| description: The desired spec of the volume placement strategy | |
| properties: | |
| replicaAffinity: | |
| type: array | |
| description: Allows you to specify a rule which creates an affinity for replicas within a volume | |
| items: | |
| type: object | |
| properties: | |
| enforcement: | |
| type: string | |
| enum: | |
| - required | |
| - preferred | |
| description: Specifies if the given rule is required (hard) or preferred (soft) | |
| topologyKey: | |
| type: string | |
| minLength: 1 | |
| description: Key for the node label that the system uses to denote a topology domain. The key can be for any node label that is present on the Kubernetes node. | |
| matchExpressions: | |
| description: Expression to use for the replica affinity rule | |
| type: array | |
| items: | |
| type: object | |
| properties: | |
| key: | |
| type: string | |
| minLength: 1 | |
| operator: | |
| type: string | |
| enum: | |
| - In | |
| - NotIn | |
| - Exists | |
| - DoesNotExist | |
| - Lt | |
| - Gt | |
| description: The logical operator to use for comparing the key and values in the match expression | |
| values: | |
| type: array | |
| items: | |
| type: string | |
| required: | |
| - key | |
| - operator | |
| replicaAntiAffinity: | |
| type: array | |
| description: Allows you to specify a rule that creates an anti-affinity for replicas within a volume | |
| items: | |
| type: object | |
| properties: | |
| enforcement: | |
| type: string | |
| enum: | |
| - required | |
| - preferred | |
| description: Specifies if the given rule is required (hard) or preferred (soft) | |
| topologyKey: | |
| type: string | |
| minLength: 1 | |
| description: Key for the node label that the system uses to denote a topology domain. The key can be for any node label that is present on the Kubernetes node. | |
| required: | |
| - topologyKey | |
| volumeAffinity: | |
| type: array | |
| description: Allows you to colocate volumes by specifying rules that place replicas of a volume together with those of another volume for which the specified labels match | |
| items: | |
| type: object | |
| properties: | |
| enforcement: | |
| type: string | |
| enum: | |
| - required | |
| - preferred | |
| description: Specifies if the given rule is required (hard) or preferred (soft) | |
| topologyKey: | |
| type: string | |
| minLength: 1 | |
| description: Key for the node label that the system uses to denote a topology domain. The key can be for any node label that is present on the Kubernetes node. | |
| matchExpressions: | |
| description: Expression to use for the volume affinity rule | |
| type: array | |
| items: | |
| type: object | |
| properties: | |
| key: | |
| type: string | |
| minLength: 1 | |
| operator: | |
| type: string | |
| enum: | |
| - In | |
| - NotIn | |
| - Exists | |
| - DoesNotExist | |
| - Lt | |
| - Gt | |
| description: The logical operator to use for comparing the key and values in the match expression | |
| values: | |
| type: array | |
| items: | |
| type: string | |
| required: | |
| - key | |
| - operator | |
| required: | |
| - matchExpressions | |
| volumeAntiAffinity: | |
| type: array | |
| description: Allows you to specify dissociation rules between 2 or more volumes that match the given labels | |
| items: | |
| type: object | |
| properties: | |
| enforcement: | |
| type: string | |
| enum: | |
| - required | |
| - preferred | |
| description: Specifies if the given rule is required (hard) or preferred (soft) | |
| topologyKey: | |
| type: string | |
| minLength: 1 | |
| description: Key for the node label that the system uses to denote a topology domain. The key can be for any node label that is present on the Kubernetes node. | |
| matchExpressions: | |
| description: Expression to use for the volume anti affinity rule | |
| type: array | |
| items: | |
| type: object | |
| properties: | |
| key: | |
| type: string | |
| minLength: 1 | |
| operator: | |
| type: string | |
| enum: | |
| - In | |
| - NotIn | |
| - Exists | |
| - DoesNotExist | |
| - Lt | |
| - Gt | |
| description: The logical operator to use for comparing the key and values in the match expression | |
| values: | |
| type: array | |
| items: | |
| type: string | |
| required: | |
| - key | |
| - operator | |
| required: | |
| - matchExpressions | |
| --- | |
| apiVersion: v1 | |
| kind: ServiceAccount | |
| metadata: | |
| name: px-account | |
| namespace: kube-system | |
| --- | |
| kind: ClusterRole | |
| apiVersion: rbac.authorization.k8s.io/v1 | |
| metadata: | |
| name: node-get-put-list-role | |
| rules: | |
| - apiGroups: [""] | |
| resources: ["secrets"] | |
| verbs: ["get", "list"] | |
| - apiGroups: [""] | |
| resources: ["nodes"] | |
| verbs: ["watch", "get", "update", "list"] | |
| - apiGroups: [""] | |
| resources: ["pods"] | |
| verbs: ["delete", "get", "list", "watch", "update"] | |
| - apiGroups: [""] | |
| resources: ["persistentvolumeclaims", "persistentvolumes"] | |
| verbs: ["get", "list"] | |
| - apiGroups: [""] | |
| resources: ["configmaps"] | |
| verbs: ["get", "list", "update", "create"] | |
| - apiGroups: ["extensions"] | |
| resources: ["podsecuritypolicies"] | |
| resourceNames: ["privileged"] | |
| verbs: ["use"] | |
| - apiGroups: ["portworx.io"] | |
| resources: ["volumeplacementstrategies"] | |
| verbs: ["get", "list"] | |
| - apiGroups: ["stork.libopenstorage.org"] | |
| resources: ["backuplocations"] | |
| verbs: ["get", "list"] | |
| - apiGroups: [""] | |
| resources: ["events"] | |
| verbs: ["create"] | |
| --- | |
| kind: ClusterRoleBinding | |
| apiVersion: rbac.authorization.k8s.io/v1 | |
| metadata: | |
| name: node-role-binding | |
| subjects: | |
| - kind: ServiceAccount | |
| name: px-account | |
| namespace: kube-system | |
| roleRef: | |
| kind: ClusterRole | |
| name: node-get-put-list-role | |
| apiGroup: rbac.authorization.k8s.io | |
| --- | |
| apiVersion: v1 | |
| kind: Namespace | |
| metadata: | |
| name: portworx | |
| --- | |
| kind: Role | |
| apiVersion: rbac.authorization.k8s.io/v1 | |
| metadata: | |
| name: px-role | |
| namespace: portworx | |
| rules: | |
| - apiGroups: [""] | |
| resources: ["secrets"] | |
| verbs: ["get", "list", "create", "update", "patch"] | |
| --- | |
| kind: RoleBinding | |
| apiVersion: rbac.authorization.k8s.io/v1 | |
| metadata: | |
| name: px-role-binding | |
| namespace: portworx | |
| subjects: | |
| - kind: ServiceAccount | |
| name: px-account | |
| namespace: kube-system | |
| roleRef: | |
| kind: Role | |
| name: px-role | |
| apiGroup: rbac.authorization.k8s.io | |
| --- | |
| apiVersion: apps/v1 | |
| kind: DaemonSet | |
| metadata: | |
| name: portworx | |
| namespace: kube-system | |
| labels: | |
| name: portworx | |
| annotations: | |
| portworx.com/install-source: "https://install.portworx.com/?mc=false&kbver=1.14.8&b=true&c=px-cluster-ef900bc3-4cd3-4f2d-aa7e-173cf076ce00&stork=true&lh=true&st=k8s&e=REGISTRY_USER%3Dpwxbuild%2CREGISTRY_PASS%3Dfridaydemos" | |
| spec: | |
| selector: | |
| matchLabels: | |
| name: portworx | |
| minReadySeconds: 0 | |
| updateStrategy: | |
| type: RollingUpdate | |
| rollingUpdate: | |
| maxUnavailable: 1 | |
| template: | |
| metadata: | |
| labels: | |
| name: portworx | |
| spec: | |
| affinity: | |
| nodeAffinity: | |
| requiredDuringSchedulingIgnoredDuringExecution: | |
| nodeSelectorTerms: | |
| - matchExpressions: | |
| - key: px/enabled | |
| operator: NotIn | |
| values: | |
| - "false" | |
| - key: node-role.kubernetes.io/master | |
| operator: DoesNotExist | |
| hostNetwork: true | |
| hostPID: false | |
| containers: | |
| - name: portworx | |
| image: portworx/oci-monitor:2.4.0 | |
| imagePullPolicy: Always | |
| args: | |
| ["-c", "px-cluster-ef900bc3-4cd3-4f2d-aa7e-173cf076ce00", "-a", "-secret_type", "k8s", "-b", | |
| "-x", "kubernetes"] | |
| env: | |
| - name: "AUTO_NODE_RECOVERY_TIMEOUT_IN_SECS" | |
| value: "1500" | |
| - name: "PX_TEMPLATE_VERSION" | |
| value: "v4" | |
| - name: "REGISTRY_USER" | |
| value: "pwxbuild" | |
| - name: "REGISTRY_PASS" | |
| value: "fridaydemos" | |
| livenessProbe: | |
| periodSeconds: 30 | |
| initialDelaySeconds: 840 # allow image pull in slow networks | |
| httpGet: | |
| host: 127.0.0.1 | |
| path: /status | |
| port: 9001 | |
| readinessProbe: | |
| periodSeconds: 10 | |
| httpGet: | |
| host: 127.0.0.1 | |
| path: /health | |
| port: 9015 | |
| terminationMessagePath: "/tmp/px-termination-log" | |
| securityContext: | |
| privileged: true | |
| volumeMounts: | |
| - name: diagsdump | |
| mountPath: /var/cores | |
| - name: dockersock | |
| mountPath: /var/run/docker.sock | |
| - name: containerdsock | |
| mountPath: /run/containerd | |
| - name: criosock | |
| mountPath: /var/run/crio | |
| - name: crioconf | |
| mountPath: /etc/crictl.yaml | |
| - name: etcpwx | |
| mountPath: /etc/pwx | |
| - name: dev | |
| mountPath: /dev | |
| - name: optpwx | |
| mountPath: /opt/pwx | |
| - name: procmount | |
| mountPath: /host_proc | |
| - name: sysdmount | |
| mountPath: /etc/systemd/system | |
| - name: journalmount1 | |
| mountPath: /var/run/log | |
| readOnly: true | |
| - name: journalmount2 | |
| mountPath: /var/log | |
| readOnly: true | |
| - name: dbusmount | |
| mountPath: /var/run/dbus | |
| restartPolicy: Always | |
| serviceAccountName: px-account | |
| volumes: | |
| - name: diagsdump | |
| hostPath: | |
| path: /var/cores | |
| - name: dockersock | |
| hostPath: | |
| path: /var/run/docker.sock | |
| - name: containerdsock | |
| hostPath: | |
| path: /run/containerd | |
| - name: criosock | |
| hostPath: | |
| path: /var/run/crio | |
| - name: crioconf | |
| hostPath: | |
| path: /etc/crictl.yaml | |
| type: FileOrCreate | |
| - name: etcpwx | |
| hostPath: | |
| path: /etc/pwx | |
| - name: dev | |
| hostPath: | |
| path: /dev | |
| - name: optpwx | |
| hostPath: | |
| path: /opt/pwx | |
| - name: procmount | |
| hostPath: | |
| path: /proc | |
| - name: sysdmount | |
| hostPath: | |
| path: /etc/systemd/system | |
| - name: journalmount1 | |
| hostPath: | |
| path: /var/run/log | |
| - name: journalmount2 | |
| hostPath: | |
| path: /var/log | |
| - name: dbusmount | |
| hostPath: | |
| path: /var/run/dbus | |
| --- | |
| kind: Service | |
| apiVersion: v1 | |
| metadata: | |
| name: portworx-api | |
| namespace: kube-system | |
| labels: | |
| name: portworx-api | |
| spec: | |
| selector: | |
| name: portworx-api | |
| type: ClusterIP | |
| ports: | |
| - name: px-api | |
| protocol: TCP | |
| port: 9001 | |
| targetPort: 9001 | |
| - name: px-sdk | |
| protocol: TCP | |
| port: 9020 | |
| targetPort: 9020 | |
| - name: px-rest-gateway | |
| protocol: TCP | |
| port: 9021 | |
| targetPort: 9021 | |
| --- | |
| apiVersion: apps/v1 | |
| kind: DaemonSet | |
| metadata: | |
| name: portworx-api | |
| namespace: kube-system | |
| labels: | |
| name: portworx-api | |
| spec: | |
| selector: | |
| matchLabels: | |
| name: portworx-api | |
| minReadySeconds: 0 | |
| updateStrategy: | |
| type: RollingUpdate | |
| rollingUpdate: | |
| maxUnavailable: 100% | |
| template: | |
| metadata: | |
| labels: | |
| name: portworx-api | |
| spec: | |
| affinity: | |
| nodeAffinity: | |
| requiredDuringSchedulingIgnoredDuringExecution: | |
| nodeSelectorTerms: | |
| - matchExpressions: | |
| - key: px/enabled | |
| operator: NotIn | |
| values: | |
| - "false" | |
| - key: node-role.kubernetes.io/master | |
| operator: DoesNotExist | |
| hostNetwork: true | |
| hostPID: false | |
| containers: | |
| - name: portworx-api | |
| image: k8s.gcr.io/pause:3.1 | |
| imagePullPolicy: Always | |
| readinessProbe: | |
| periodSeconds: 10 | |
| httpGet: | |
| host: 127.0.0.1 | |
| path: /status | |
| port: 9001 | |
| restartPolicy: Always | |
| serviceAccountName: px-account | |
| --- | |
| apiVersion: v1 | |
| kind: ConfigMap | |
| metadata: | |
| name: stork-config | |
| namespace: kube-system | |
| data: | |
| policy.cfg: |- | |
| { | |
| "kind": "Policy", | |
| "apiVersion": "v1", | |
| "extenders": [ | |
| { | |
| "urlPrefix": "http://stork-service.kube-system:8099", | |
| "apiVersion": "v1beta1", | |
| "filterVerb": "filter", | |
| "prioritizeVerb": "prioritize", | |
| "weight": 5, | |
| "enableHttps": false, | |
| "nodeCacheCapable": false | |
| } | |
| ] | |
| } | |
| --- | |
| apiVersion: v1 | |
| kind: ServiceAccount | |
| metadata: | |
| name: stork-account | |
| namespace: kube-system | |
| --- | |
| kind: ClusterRole | |
| apiVersion: rbac.authorization.k8s.io/v1 | |
| metadata: | |
| name: stork-role | |
| rules: | |
| - apiGroups: ["*"] | |
| resources: ["*"] | |
| verbs: ["*"] | |
| --- | |
| kind: ClusterRoleBinding | |
| apiVersion: rbac.authorization.k8s.io/v1 | |
| metadata: | |
| name: stork-role-binding | |
| subjects: | |
| - kind: ServiceAccount | |
| name: stork-account | |
| namespace: kube-system | |
| roleRef: | |
| kind: ClusterRole | |
| name: stork-role | |
| apiGroup: rbac.authorization.k8s.io | |
| --- | |
| kind: Service | |
| apiVersion: v1 | |
| metadata: | |
| name: stork-service | |
| namespace: kube-system | |
| spec: | |
| selector: | |
| name: stork | |
| ports: | |
| - protocol: TCP | |
| port: 8099 | |
| targetPort: 8099 | |
| --- | |
| apiVersion: apps/v1 | |
| kind: Deployment | |
| metadata: | |
| annotations: | |
| scheduler.alpha.kubernetes.io/critical-pod: "" | |
| labels: | |
| tier: control-plane | |
| name: stork | |
| namespace: kube-system | |
| spec: | |
| selector: | |
| matchLabels: | |
| name: stork | |
| strategy: | |
| rollingUpdate: | |
| maxSurge: 1 | |
| maxUnavailable: 1 | |
| type: RollingUpdate | |
| replicas: 3 | |
| template: | |
| metadata: | |
| annotations: | |
| scheduler.alpha.kubernetes.io/critical-pod: "" | |
| labels: | |
| name: stork | |
| tier: control-plane | |
| spec: | |
| affinity: | |
| podAntiAffinity: | |
| requiredDuringSchedulingIgnoredDuringExecution: | |
| - labelSelector: | |
| matchExpressions: | |
| - key: "name" | |
| operator: In | |
| values: | |
| - stork | |
| topologyKey: "kubernetes.io/hostname" | |
| hostPID: false | |
| containers: | |
| - command: | |
| - /stork | |
| - --driver=pxd | |
| - --verbose | |
| - --leader-elect=true | |
| - --health-monitor-interval=120 | |
| image: openstorage/stork:master | |
| imagePullPolicy: Always | |
| env: | |
| - name: "PX_SERVICE_NAME" | |
| value: "portworx-api" | |
| resources: | |
| requests: | |
| cpu: '0.1' | |
| name: stork | |
| serviceAccountName: stork-account | |
| --- | |
| kind: StorageClass | |
| apiVersion: storage.k8s.io/v1 | |
| metadata: | |
| name: stork-snapshot-sc | |
| provisioner: stork-snapshot | |
| --- | |
| apiVersion: v1 | |
| kind: ServiceAccount | |
| metadata: | |
| name: stork-scheduler-account | |
| namespace: kube-system | |
| --- | |
| kind: ClusterRole | |
| apiVersion: rbac.authorization.k8s.io/v1 | |
| metadata: | |
| name: stork-scheduler-role | |
| rules: | |
| - apiGroups: [""] | |
| resources: ["endpoints"] | |
| verbs: ["get", "create", "update"] | |
| - apiGroups: [""] | |
| resources: ["configmaps"] | |
| verbs: ["get", "list", "watch"] | |
| - apiGroups: ["", "events.k8s.io"] | |
| resources: ["events"] | |
| verbs: ["create", "patch", "update"] | |
| - apiGroups: [""] | |
| resourceNames: ["kube-scheduler"] | |
| resources: ["endpoints"] | |
| verbs: ["delete", "get", "patch", "update"] | |
| - apiGroups: [""] | |
| resources: ["nodes"] | |
| verbs: ["get", "list", "watch"] | |
| - apiGroups: [""] | |
| resources: ["pods"] | |
| verbs: ["delete", "get", "list", "watch"] | |
| - apiGroups: [""] | |
| resources: ["bindings", "pods/binding"] | |
| verbs: ["create"] | |
| - apiGroups: [""] | |
| resources: ["pods/status"] | |
| verbs: ["patch", "update"] | |
| - apiGroups: [""] | |
| resources: ["replicationcontrollers", "services"] | |
| verbs: ["get", "list", "watch"] | |
| - apiGroups: ["apps", "extensions"] | |
| resources: ["replicasets"] | |
| verbs: ["get", "list", "watch"] | |
| - apiGroups: ["apps"] | |
| resources: ["statefulsets"] | |
| verbs: ["get", "list", "watch"] | |
| - apiGroups: ["policy"] | |
| resources: ["poddisruptionbudgets"] | |
| verbs: ["get", "list", "watch"] | |
| - apiGroups: [""] | |
| resources: ["persistentvolumeclaims", "persistentvolumes"] | |
| verbs: ["get", "list", "watch"] | |
| - apiGroups: ["storage.k8s.io"] | |
| resources: ["storageclasses", "csinodes"] | |
| verbs: ["get", "list", "watch"] | |
| - apiGroups: ["coordination.k8s.io"] | |
| resources: ["leases"] | |
| verbs: ["create", "update", "get", "list", "watch"] | |
| --- | |
| kind: ClusterRoleBinding | |
| apiVersion: rbac.authorization.k8s.io/v1 | |
| metadata: | |
| name: stork-scheduler-role-binding | |
| subjects: | |
| - kind: ServiceAccount | |
| name: stork-scheduler-account | |
| namespace: kube-system | |
| roleRef: | |
| kind: ClusterRole | |
| name: stork-scheduler-role | |
| apiGroup: rbac.authorization.k8s.io | |
| --- | |
| apiVersion: apps/v1 | |
| kind: Deployment | |
| metadata: | |
| labels: | |
| component: scheduler | |
| tier: control-plane | |
| name: stork-scheduler | |
| name: stork-scheduler | |
| namespace: kube-system | |
| spec: | |
| selector: | |
| matchLabels: | |
| name: stork-scheduler | |
| replicas: 3 | |
| template: | |
| metadata: | |
| labels: | |
| component: scheduler | |
| tier: control-plane | |
| name: stork-scheduler | |
| name: stork-scheduler | |
| spec: | |
| affinity: | |
| podAntiAffinity: | |
| requiredDuringSchedulingIgnoredDuringExecution: | |
| - labelSelector: | |
| matchExpressions: | |
| - key: "name" | |
| operator: In | |
| values: | |
| - stork-scheduler | |
| topologyKey: "kubernetes.io/hostname" | |
| hostPID: false | |
| containers: | |
| - command: | |
| - /usr/local/bin/kube-scheduler | |
| - --address=0.0.0.0 | |
| - --leader-elect=true | |
| - --scheduler-name=stork | |
| - --policy-configmap=stork-config | |
| - --policy-configmap-namespace=kube-system | |
| - --lock-object-name=stork-scheduler | |
| image: gcr.io/google_containers/kube-scheduler-amd64:v1.14.8 | |
| imagePullPolicy: Always | |
| livenessProbe: | |
| httpGet: | |
| path: /healthz | |
| port: 10251 | |
| initialDelaySeconds: 15 | |
| name: stork-scheduler | |
| readinessProbe: | |
| httpGet: | |
| path: /healthz | |
| port: 10251 | |
| resources: | |
| requests: | |
| cpu: '0.1' | |
| serviceAccountName: stork-scheduler-account | |
| --- | |
| apiVersion: v1 | |
| kind: ServiceAccount | |
| metadata: | |
| name: px-lh-account | |
| namespace: kube-system | |
| --- | |
| kind: ClusterRole | |
| apiVersion: rbac.authorization.k8s.io/v1 | |
| metadata: | |
| name: px-lh-role | |
| namespace: kube-system | |
| rules: | |
| - apiGroups: [""] | |
| resources: ["pods"] | |
| verbs: ["list", "get"] | |
| - apiGroups: | |
| - extensions | |
| - apps | |
| resources: | |
| - deployments | |
| verbs: ["get", "list"] | |
| - apiGroups: [""] | |
| resources: ["secrets"] | |
| verbs: ["get", "create", "update"] | |
| - apiGroups: [""] | |
| resources: ["configmaps"] | |
| verbs: ["get", "create", "update"] | |
| - apiGroups: [""] | |
| resources: ["nodes"] | |
| verbs: ["get", "list", "watch"] | |
| - apiGroups: [""] | |
| resources: ["services"] | |
| verbs: ["create", "get", "list", "watch"] | |
| - apiGroups: ["stork.libopenstorage.org"] | |
| resources: ["clusterpairs","migrations","groupvolumesnapshots"] | |
| verbs: ["get", "list", "create", "update", "delete"] | |
| - apiGroups: ["monitoring.coreos.com"] | |
| resources: | |
| - alertmanagers | |
| - prometheuses | |
| - prometheuses/finalizers | |
| - servicemonitors | |
| verbs: ["*"] | |
| --- | |
| kind: ClusterRoleBinding | |
| apiVersion: rbac.authorization.k8s.io/v1 | |
| metadata: | |
| name: px-lh-role-binding | |
| namespace: kube-system | |
| subjects: | |
| - kind: ServiceAccount | |
| name: px-lh-account | |
| namespace: kube-system | |
| roleRef: | |
| kind: ClusterRole | |
| name: px-lh-role | |
| apiGroup: rbac.authorization.k8s.io | |
| --- | |
| apiVersion: v1 | |
| kind: Service | |
| metadata: | |
| name: px-lighthouse | |
| namespace: kube-system | |
| labels: | |
| tier: px-web-console | |
| spec: | |
| type: NodePort | |
| ports: | |
| - name: http | |
| port: 80 | |
| - name: https | |
| port: 443 | |
| selector: | |
| tier: px-web-console | |
| --- | |
| apiVersion: apps/v1 | |
| kind: Deployment | |
| metadata: | |
| name: px-lighthouse | |
| namespace: kube-system | |
| labels: | |
| tier: px-web-console | |
| spec: | |
| selector: | |
| matchLabels: | |
| tier: px-web-console | |
| strategy: | |
| rollingUpdate: | |
| maxSurge: 1 | |
| maxUnavailable: 1 | |
| type: RollingUpdate | |
| selector: | |
| matchLabels: | |
| tier: px-web-console | |
| replicas: 1 | |
| template: | |
| metadata: | |
| labels: | |
| tier: px-web-console | |
| spec: | |
| initContainers: | |
| - name: config-init | |
| image: portworx/lh-config-sync:2.0.6 | |
| imagePullPolicy: Always | |
| args: | |
| - "init" | |
| volumeMounts: | |
| - name: config | |
| mountPath: /config/lh | |
| containers: | |
| - name: px-lighthouse | |
| image: portworx/px-lighthouse:2.0.6 | |
| imagePullPolicy: Always | |
| args: [ "-kubernetes", "true" ] | |
| ports: | |
| - containerPort: 80 | |
| - containerPort: 443 | |
| volumeMounts: | |
| - name: config | |
| mountPath: /config/lh | |
| - name: config-sync | |
| image: portworx/lh-config-sync:2.0.6 | |
| imagePullPolicy: Always | |
| args: | |
| - "sync" | |
| volumeMounts: | |
| - name: config | |
| mountPath: /config/lh | |
| - name: stork-connector | |
| image: portworx/lh-stork-connector:2.0.6 | |
| imagePullPolicy: Always | |
| serviceAccountName: px-lh-account | |
| volumes: | |
| - name: config | |
| emptyDir: {} | |
| --- | |
| apiVersion: v1 | |
| kind: ConfigMap | |
| metadata: | |
| name: autopilot-config | |
| namespace: kube-system | |
| data: | |
| config.yaml: |- | |
| providers: | |
| - name: default | |
| type: prometheus | |
| params: url=http://prometheus:9090 | |
| min_poll_interval: 2 | |
| --- | |
| apiVersion: v1 | |
| kind: ServiceAccount | |
| metadata: | |
| name: autopilot-account | |
| namespace: kube-system | |
| --- | |
| kind: ClusterRole | |
| apiVersion: rbac.authorization.k8s.io/v1 | |
| metadata: | |
| name: autopilot-role | |
| rules: | |
| - apiGroups: ["*"] | |
| resources: ["*"] | |
| verbs: ["*"] | |
| --- | |
| kind: ClusterRoleBinding | |
| apiVersion: rbac.authorization.k8s.io/v1 | |
| metadata: | |
| name: autopilot-role-binding | |
| subjects: | |
| - kind: ServiceAccount | |
| name: autopilot-account | |
| namespace: kube-system | |
| roleRef: | |
| kind: ClusterRole | |
| name: autopilot-role | |
| apiGroup: rbac.authorization.k8s.io | |
| --- | |
| apiVersion: apps/v1 | |
| kind: Deployment | |
| metadata: | |
| annotations: | |
| scheduler.alpha.kubernetes.io/critical-pod: "" | |
| labels: | |
| tier: control-plane | |
| name: autopilot | |
| namespace: kube-system | |
| spec: | |
| selector: | |
| matchLabels: | |
| name: autopilot | |
| strategy: | |
| rollingUpdate: | |
| maxSurge: 1 | |
| maxUnavailable: 1 | |
| type: RollingUpdate | |
| replicas: 1 | |
| template: | |
| metadata: | |
| annotations: | |
| scheduler.alpha.kubernetes.io/critical-pod: "" | |
| labels: | |
| name: autopilot | |
| tier: control-plane | |
| spec: | |
| affinity: | |
| podAntiAffinity: | |
| requiredDuringSchedulingIgnoredDuringExecution: | |
| - labelSelector: | |
| matchExpressions: | |
| - key: "name" | |
| operator: In | |
| values: | |
| - autopilot | |
| topologyKey: "kubernetes.io/hostname" | |
| hostPID: false | |
| containers: | |
| - command: | |
| - /autopilot | |
| - -f | |
| - ./etc/config/config.yaml | |
| - -log-level | |
| - debug | |
| imagePullPolicy: Always | |
| image: portworx/autopilot:1.1.0 | |
| resources: | |
| requests: | |
| cpu: '0.1' | |
| securityContext: | |
| privileged: false | |
| name: autopilot | |
| volumeMounts: | |
| - name: config-volume | |
| mountPath: /etc/config | |
| serviceAccountName: autopilot-account | |
| volumes: | |
| - name: config-volume | |
| configMap: | |
| name: autopilot-config | |
| items: | |
| - key: config.yaml | |
| path: config.yaml | |
| --- | |
| apiVersion: v1 | |
| kind: Service | |
| metadata: | |
| name: autopilot | |
| namespace: kube-system | |
| labels: | |
| name: autopilot-service | |
| spec: | |
| ports: | |
| - name: autopilot | |
| protocol: TCP | |
| port: 9628 | |
| selector: | |
| name: autopilot | |
| tier: control-plane |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment