forked from merbridge/merbridge
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathall-in-one-kuma.yaml
130 lines (130 loc) · 2.82 KB
/
all-in-one-kuma.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
---
# Source: merbridge/templates/serviceaccount.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: merbridge
namespace: kuma-system
labels:
app: merbridge
---
# Source: merbridge/templates/clusterrole.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: merbridge
labels:
app: merbridge
rules:
- apiGroups:
- ""
resources:
- pods
verbs:
- list
- get
- watch
---
# Source: merbridge/templates/clusterrolebinding.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: merbridge
labels:
app: merbridge
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: merbridge
subjects:
- kind: ServiceAccount
name: merbridge
namespace: kuma-system
---
# Source: merbridge/templates/daemonset.yaml
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: merbridge
namespace: kuma-system
labels:
app: merbridge
spec:
revisionHistoryLimit: 10
selector:
matchLabels:
app: merbridge
template:
metadata:
labels:
app: merbridge
spec:
hostNetwork: true
containers:
- image: "ghcr.io/merbridge/merbridge:latest"
imagePullPolicy: Always
name: merbridge
args:
- /app/mbctl
- -m
- kuma
- --use-reconnect=true
- --cni-mode=false
env:
- name: WATCH_LEVEL
value: '0'
lifecycle:
preStop:
exec:
command:
- make
- -k
- clean
resources:
requests:
cpu: 100m
memory: 200Mi
limits:
cpu: 300m
memory: 200Mi
securityContext:
privileged: true
volumeMounts:
- mountPath: /sys/fs/cgroup
name: sys-fs-cgroup
- mountPath: /host/opt/cni/bin
name: cni-bin-dir
- mountPath: /host/etc/cni/net.d
name: cni-config-dir
- mountPath: /host/proc
name: host-proc
- mountPath: /host/var/run
name: host-var-run
mountPropagation: Bidirectional
dnsPolicy: ClusterFirst
nodeSelector:
kubernetes.io/os: linux
priorityClassName: system-node-critical
restartPolicy: Always
serviceAccount: merbridge
serviceAccountName: merbridge
tolerations:
- key: CriticalAddonsOnly
operator: Exists
- operator: Exists
volumes:
- hostPath:
path: /sys/fs/cgroup
name: sys-fs-cgroup
- hostPath:
path: /proc
name: host-proc
- hostPath:
path: /opt/cni/bin
name: cni-bin-dir
- hostPath:
path: /etc/cni/net.d
name: cni-config-dir
- hostPath:
path: /var/run
name: host-var-run