15308555518/ kubekey
1
0
Fork 0
mirror of https://github.com/kubesphere/kubekey.git synced 2025-12-31 08:22:50 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
kubekey/manifests/deploy.yaml
pixiake cbc0edd3fb update kube-rbac-proxy image 
Signed-off-by: pixiake <guofeng@yunify.com>
2020-11-03 15:56:12 +08:00

647 lines
14 KiB
YAML
Raw Blame History

apiVersion: v1
kind: Namespace
metadata:
labels:
control-plane: controller-manager
name: kubekey-system
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.3.0
creationTimestamp: null
name: clusters.kubekey.kubesphere.io
spec:
group: kubekey.kubesphere.io
names:
kind: Cluster
listKind: ClusterList
plural: clusters
singular: cluster
scope: Cluster
subresources:
status: {}
validation:
openAPIV3Schema:
description: Cluster is the Schema for the clusters API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: ClusterSpec defines the desired state of Cluster
properties:
addons:
items:
properties:
delay:
type: integer
name:
type: string
namespace:
type: string
retries:
type: integer
sources:
properties:
chart:
properties:
name:
type: string
path:
type: string
repo:
type: string
values:
items:
type: string
type: array
valuesFile:
type: string
version:
type: string
type: object
yaml:
properties:
path:
items:
type: string
type: array
type: object
type: object
type: object
type: array
controlPlaneEndpoint:
properties:
address:
type: string
domain:
type: string
port:
type: integer
type: object
hosts:
description: Foo is an example field of Cluster. Edit Cluster_types.go
to remove/update
items:
properties:
address:
type: string
arch:
type: string
internalAddress:
type: string
name:
type: string
password:
type: string
port:
type: integer
privateKey:
type: string
privateKeyPath:
type: string
user:
type: string
type: object
type: array
kubernetes:
properties:
apiserverCertExtraSans:
items:
type: string
type: array
clusterName:
type: string
etcdBackupDir:
type: string
etcdBackupPeriod:
type: integer
etcdBackupScript:
type: string
imageRepo:
type: string
keepBackupNumber:
type: integer
masqueradeAll:
type: boolean
maxPods:
type: integer
nodeCidrMaskSize:
type: integer
proxyMode:
type: string
version:
type: string
type: object
kubesphere:
properties:
configurations:
type: string
enabled:
type: boolean
version:
type: string
type: object
network:
properties:
calico:
properties:
ipipMode:
type: string
vethMTU:
type: integer
vxlanMode:
type: string
type: object
flannel:
properties:
backendMode:
type: string
type: object
kubePodsCIDR:
type: string
kubeServiceCIDR:
type: string
plugin:
type: string
type: object
registry:
properties:
insecureRegistries:
items:
type: string
type: array
privateRegistry:
type: string
registryMirrors:
items:
type: string
type: array
type: object
roleGroups:
properties:
etcd:
items:
type: string
type: array
master:
items:
type: string
type: array
worker:
items:
type: string
type: array
type: object
type: object
status:
description: ClusterStatus defines the observed state of Cluster
properties:
Conditions:
items:
properties:
endTime:
format: date-time
type: string
startTime:
format: date-time
type: string
status:
type: boolean
step:
type: string
type: object
type: array
etcdCount:
type: integer
jobInfo:
properties:
name:
type: string
namespace:
type: string
pods:
items:
properties:
containers:
items:
properties:
name:
type: string
type: object
type: array
name:
type: string
type: object
type: array
type: object
masterCount:
type: integer
networkPlugin:
type: string
nodes:
items:
properties:
hostname:
type: string
internalIP:
type: string
roles:
additionalProperties:
type: boolean
type: object
type: object
type: array
nodesCount:
type: integer
version:
type: string
workerCount:
type: integer
type: object
type: object
version: v1alpha1
versions:
- name: v1alpha1
served: true
storage: true
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: kubekey-leader-election-role
namespace: kubekey-system
rules:
- apiGroups:
- ""
resources:
- configmaps
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- ""
resources:
- configmaps/status
verbs:
- get
- update
- patch
- apiGroups:
- ""
resources:
- events
verbs:
- create
- patch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
creationTimestamp: null
name: kubekey-manager-role
rules:
- apiGroups:
- admissionregistration.k8s.io
resources:
- '*'
verbs:
- '*'
- apiGroups:
- apiextensions.k8s.io
resources:
- customresourcedefinitions
verbs:
- '*'
- apiGroups:
- apiregistration.k8s.io
resources:
- '*'
verbs:
- '*'
- apiGroups:
- apps
resources:
- deployments
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- auditing.kubesphere.io
resources:
- '*'
verbs:
- '*'
- apiGroups:
- autoscaling
resources:
- '*'
verbs:
- '*'
- apiGroups:
- batch
resources:
- '*'
verbs:
- '*'
- apiGroups:
- certificates.k8s.io
resources:
- '*'
verbs:
- '*'
- apiGroups:
- cluster.kubesphere.io
resources:
- '*'
verbs:
- '*'
- apiGroups:
- config.istio.io
resources:
- '*'
verbs:
- '*'
- apiGroups:
- ""
resources:
- '*'
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- core.kubefed.io
resources:
- '*'
verbs:
- '*'
- apiGroups:
- devops.kubesphere.io
resources:
- '*'
verbs:
- '*'
- apiGroups:
- events.kubesphere.io
resources:
- '*'
verbs:
- '*'
- apiGroups:
- extensions
resources:
- '*'
verbs:
- '*'
- apiGroups:
- iam.kubesphere.io
resources:
- '*'
verbs:
- '*'
- apiGroups:
- installer.kubesphere.io
resources:
- clusterconfigurations
verbs:
- '*'
- apiGroups:
- jaegertracing.io
resources:
- '*'
verbs:
- '*'
- apiGroups:
- kubekey.kubesphere.io
resources:
- clusters
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- kubekey.kubesphere.io
resources:
- clusters/status
verbs:
- get
- patch
- update
- apiGroups:
- logging.kubesphere.io
resources:
- '*'
verbs:
- '*'
- apiGroups:
- monitoring.coreos.com
resources:
- '*'
verbs:
- '*'
- apiGroups:
- networking.istio.io
resources:
- '*'
verbs:
- '*'
- apiGroups:
- notification.kubesphere.io
resources:
- '*'
verbs:
- '*'
- apiGroups:
- policy
resources:
- '*'
verbs:
- '*'
- apiGroups:
- rbac.authorization.k8s.io
resources:
- '*'
verbs:
- '*'
- apiGroups:
- storage.k8s.io
resources:
- '*'
verbs:
- '*'
- apiGroups:
- storage.kubesphere.io
resources:
- '*'
verbs:
- '*'
- apiGroups:
- tenant.kubesphere.io
resources:
- '*'
verbs:
- '*'
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: kubekey-proxy-role
rules:
- apiGroups:
- authentication.k8s.io
resources:
- tokenreviews
verbs:
- create
- apiGroups:
- authorization.k8s.io
resources:
- subjectaccessreviews
verbs:
- create
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRole
metadata:
name: kubekey-metrics-reader
rules:
- nonResourceURLs:
- /metrics
verbs:
- get
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: kubekey-leader-election-rolebinding
namespace: kubekey-system
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: kubekey-leader-election-role
subjects:
- kind: ServiceAccount
name: default
namespace: kubekey-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: kubekey-manager-rolebinding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: kubekey-manager-role
subjects:
- kind: ServiceAccount
name: default
namespace: kubekey-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: kubekey-proxy-rolebinding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: kubekey-proxy-role
subjects:
- kind: ServiceAccount
name: default
namespace: kubekey-system
---
apiVersion: v1
kind: Service
metadata:
labels:
control-plane: controller-manager
name: kubekey-controller-manager-metrics-service
namespace: kubekey-system
spec:
ports:
- name: https
port: 8443
targetPort: https
selector:
control-plane: controller-manager
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
control-plane: controller-manager
name: kubekey-controller-manager
namespace: kubekey-system
spec:
replicas: 1
selector:
matchLabels:
control-plane: controller-manager
template:
metadata:
labels:
control-plane: controller-manager
spec:
containers:
- args:
- --secure-listen-address=0.0.0.0:8443
- --upstream=http://127.0.0.1:8080/
- --logtostderr=true
- --v=10
image: kubesphere/kube-rbac-proxy:v0.5.0
name: kube-rbac-proxy
ports:
- containerPort: 8443
name: https
- args:
- --metrics-addr=127.0.0.1:8080
- --enable-leader-election
command:
- /home/kubekey/manager
image: kubespheredev/kubekey:latest
name: manager
resources:
limits:
cpu: 300m
memory: 200Mi
requests:
cpu: 100m
memory: 20Mi
terminationGracePeriodSeconds: 10
Reference in New Issue View Git Blame Copy Permalink