mirror of
https://github.com/auricom/home-cluster.git
synced 2025-09-17 18:24:14 +02:00
99 lines
2.7 KiB
YAML
99 lines
2.7 KiB
YAML
---
|
|
apiVersion: v1
|
|
kind: ServiceAccount
|
|
metadata:
|
|
name: system-upgrade
|
|
namespace: system-upgrade
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: ClusterRoleBinding
|
|
metadata:
|
|
name: system-upgrade
|
|
roleRef:
|
|
apiGroup: rbac.authorization.k8s.io
|
|
kind: ClusterRole
|
|
name: cluster-admin
|
|
subjects:
|
|
- kind: ServiceAccount
|
|
name: system-upgrade
|
|
namespace: system-upgrade
|
|
---
|
|
apiVersion: v1
|
|
kind: ConfigMap
|
|
metadata:
|
|
name: default-controller-env
|
|
namespace: system-upgrade
|
|
data:
|
|
SYSTEM_UPGRADE_CONTROLLER_DEBUG: "false"
|
|
SYSTEM_UPGRADE_CONTROLLER_THREADS: "2"
|
|
SYSTEM_UPGRADE_JOB_ACTIVE_DEADLINE_SECONDS: "900"
|
|
SYSTEM_UPGRADE_JOB_BACKOFF_LIMIT: "99"
|
|
SYSTEM_UPGRADE_JOB_IMAGE_PULL_POLICY: "Always"
|
|
SYSTEM_UPGRADE_JOB_KUBECTL_IMAGE: "rancher/kubectl:v1.19.7"
|
|
SYSTEM_UPGRADE_JOB_PRIVILEGED: "true"
|
|
SYSTEM_UPGRADE_JOB_TTL_SECONDS_AFTER_FINISH: "900"
|
|
SYSTEM_UPGRADE_PLAN_POLLING_INTERVAL: "15m"
|
|
---
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: system-upgrade-controller
|
|
namespace: system-upgrade
|
|
spec:
|
|
selector:
|
|
matchLabels:
|
|
upgrade.cattle.io/controller: system-upgrade-controller
|
|
template:
|
|
metadata:
|
|
labels:
|
|
upgrade.cattle.io/controller: system-upgrade-controller
|
|
spec:
|
|
affinity:
|
|
nodeAffinity:
|
|
requiredDuringSchedulingIgnoredDuringExecution:
|
|
nodeSelectorTerms:
|
|
- matchExpressions:
|
|
- key: "node-role.kubernetes.io/master"
|
|
operator: In
|
|
values:
|
|
- "true"
|
|
serviceAccountName: system-upgrade
|
|
tolerations:
|
|
- key: "CriticalAddonsOnly"
|
|
operator: "Exists"
|
|
- key: "node-role.kubernetes.io/master"
|
|
operator: "Exists"
|
|
effect: "NoSchedule"
|
|
- effect: NoExecute
|
|
operator: Exists
|
|
- effect: NoSchedule
|
|
operator: Exists
|
|
containers:
|
|
- name: system-upgrade-controller
|
|
image: rancher/system-upgrade-controller:v0.6.2
|
|
imagePullPolicy: IfNotPresent
|
|
envFrom:
|
|
- configMapRef:
|
|
name: default-controller-env
|
|
env:
|
|
- name: SYSTEM_UPGRADE_CONTROLLER_NAME
|
|
valueFrom:
|
|
fieldRef:
|
|
fieldPath: metadata.labels['upgrade.cattle.io/controller']
|
|
- name: SYSTEM_UPGRADE_CONTROLLER_NAMESPACE
|
|
valueFrom:
|
|
fieldRef:
|
|
fieldPath: metadata.namespace
|
|
volumeMounts:
|
|
- name: etc-ssl
|
|
mountPath: /etc/ssl
|
|
- name: tmp
|
|
mountPath: /tmp
|
|
volumes:
|
|
- name: etc-ssl
|
|
hostPath:
|
|
path: /etc/ssl
|
|
type: Directory
|
|
- name: tmp
|
|
emptyDir: {}
|