Skip to content
This repository was archived by the owner on Sep 20, 2019. It is now read-only.

Commit 5702cba

Browse files
joschi36joschi36
committed
update deployment to be conformant with normal kubernetes installation
1 parent 3d5a27d commit 5702cba

File tree

1 file changed

+105
-30
lines changed

1 file changed

+105
-30
lines changed

deployment.yaml

Lines changed: 105 additions & 30 deletions
Original file line numberDiff line numberDiff line change
@@ -5,32 +5,104 @@ metadata:
55
name: cloud-controller-manager
66
namespace: kube-system
77
---
8+
apiVersion: rbac.authorization.k8s.io/v1
9+
kind: ClusterRole
10+
metadata:
11+
name: system:cloud-controller-manager
12+
annotations:
13+
rbac.authorization.kubernetes.io/autoupdate: "true"
14+
labels:
15+
k8s-app: cloud-controller-manager
16+
rules:
17+
- apiGroups:
18+
- ""
19+
resources:
20+
- events
21+
verbs:
22+
- create
23+
- patch
24+
- update
25+
- apiGroups:
26+
- ""
27+
resources:
28+
- nodes
29+
verbs:
30+
- '*'
31+
- apiGroups:
32+
- ""
33+
resources:
34+
- nodes/status
35+
verbs:
36+
- patch
37+
- apiGroups:
38+
- ""
39+
resources:
40+
- services
41+
verbs:
42+
- list
43+
- patch
44+
- update
45+
- watch
46+
- apiGroups:
47+
- ""
48+
resources:
49+
- services/status
50+
verbs:
51+
- list
52+
- patch
53+
- update
54+
- watch
55+
- apiGroups:
56+
- ""
57+
resources:
58+
- serviceaccounts
59+
verbs:
60+
- create
61+
- apiGroups:
62+
- ""
63+
resources:
64+
- endpoints
65+
verbs:
66+
- create
67+
- get
68+
- list
69+
- watch
70+
- update
71+
- apiGroups:
72+
- ""
73+
resources:
74+
- persistentvolumes
75+
verbs:
76+
- list
77+
- watch
78+
- patch
79+
---
880
kind: ClusterRoleBinding
981
apiVersion: rbac.authorization.k8s.io/v1
1082
metadata:
1183
name: system:cloud-controller-manager
1284
roleRef:
1385
apiGroup: rbac.authorization.k8s.io
1486
kind: ClusterRole
15-
name: cluster-admin
87+
name: system:cloud-controller-manager
1688
subjects:
1789
- kind: ServiceAccount
1890
name: cloud-controller-manager
1991
namespace: kube-system
2092
---
21-
apiVersion: v1
22-
kind: ConfigMap
93+
apiVersion: rbac.authorization.k8s.io/v1
94+
kind: RoleBinding
2395
metadata:
24-
name: cloud-controller-manager-config
96+
name: system:cloud-controller-manager:extension-apiserver-authentication-reader
97+
namespace: kube-system
98+
roleRef:
99+
apiGroup: rbac.authorization.k8s.io
100+
kind: Role
101+
name: extension-apiserver-authentication-reader
102+
subjects:
103+
- kind: ServiceAccount
104+
name: cloud-controller-manager
25105
namespace: kube-system
26-
data:
27-
cloud-config: |
28-
[Global]
29-
api-url = #(CLOUDSTACK API URL)#
30-
api-key = #(CLOUDSTACK API KEY)#
31-
secret-key = #(CLOUDSTACK API SECRET)#
32-
project-id = #(CLOUDSTACK PROJECT UUID optional)#
33-
zone = #(CLOUDSTACK ZONE NAME)#
34106
---
35107
apiVersion: apps/v1
36108
kind: Deployment
@@ -40,40 +112,43 @@ metadata:
40112
name: cloud-controller-manager
41113
namespace: kube-system
42114
spec:
115+
replicas: 3
43116
selector:
44117
matchLabels:
45118
k8s-app: cloud-controller-manager
119+
strategy:
120+
rollingUpdate:
121+
maxSurge: 25%
122+
maxUnavailable: 25%
123+
type: RollingUpdate
46124
template:
47125
metadata:
48126
labels:
49127
k8s-app: cloud-controller-manager
50128
spec:
51-
serviceAccountName: cloud-controller-manager
52129
containers:
53130
- name: cloud-controller-manager
54-
image: swisstxt/cloudstack-cloud-controller-manager:v0.0.1
55-
# Command line arguments: https://kubernetes.io/docs/reference/command-line-tools-reference/cloud-controller-manager/
131+
image: swisstxt/cloudstack-cloud-controller-manager:master
132+
imagePullPolicy: IfNotPresent
56133
command:
57134
- /root/cloudstack-ccm
135+
- --leader-elect=true
58136
- --cloud-provider=external-cloudstack
59137
- --cloud-config=/config/cloud-config
60-
- --kubeconfig=/var/lib/kubelet/kubeconfig # Connection Params
61-
- --v=4
138+
resources:
139+
limits:
140+
cpu: 50m
141+
memory: 120Mi
142+
requests:
143+
cpu: 10m
144+
memory: 60Mi
62145
volumeMounts:
63146
- name: config-volume
64147
mountPath: /config
65-
- name: kubeconfig-volume
66-
mountPath: /var/lib/kubelet/kubeconfig
67-
- name: kubernetes-config-volume
68-
mountPath: /var/lib/kubernetes
148+
restartPolicy: Always
149+
serviceAccountName: cloud-controller-manager
150+
terminationGracePeriodSeconds: 30
69151
volumes:
70152
- name: config-volume
71-
configMap:
72-
name: cloud-controller-manager-config
73-
- name: kubeconfig-volume
74-
hostPath:
75-
path: /var/lib/kubelet/kubeconfig
76-
- name: kubernetes-config-volume
77-
hostPath:
78-
path: /var/lib/kubernetes
79-
153+
secret:
154+
secretName: cloudstack-secret

0 commit comments

Comments
 (0)