1apiVersion: piraeus.io/v1
2kind: LinstorCluster
3metadata:
4 name: linstorcluster
5spec:
6 controller:
7 podTemplate:
8 metadata:
9 annotations:
10 config.linkerd.io/skip-inbound-ports: "3370"
11 spec:
12 priorityClassName: edge-p3-workload-services
13 initContainers:
14 - name: run-migration
15 image: bzl://third_party/k8s/piraeus-distributed-storage:piraeusserver_container_push
16 securityContext:
17 allowPrivilegeEscalation: false
18 capabilities:
19 drop:
20 - ALL
21 privileged: false
22 readOnlyRootFilesystem: true
23 containers:
24 - name: linstor-controller
25 image: bzl://third_party/k8s/piraeus-distributed-storage:piraeusserver_container_push
26 resources:
27 limits:
28 cpu: "225m"
29 memory: 520Mi
30 securityContext:
31 allowPrivilegeEscalation: false
32 capabilities:
33 drop:
34 - ALL
35 privileged: false
36 readOnlyRootFilesystem: true
37 csiController:
38 podTemplate:
39 spec:
40 priorityClassName: edge-p3-workload-services
41 initContainers:
42 - name: linstor-wait-api-online
43 image: bzl://third_party/k8s/piraeus-distributed-storage:piraeuscsi_container_push
44 securityContext:
45 allowPrivilegeEscalation: false
46 capabilities:
47 drop:
48 - ALL
49 privileged: false
50 readOnlyRootFilesystem: true
51 containers:
52 - name: csi-attacher
53 image: bzl://third_party/k8s/piraeus-distributed-storage:csiattacher_container_push
54 resources:
55 limits:
56 cpu: "15m"
57 memory: 30Mi
58 securityContext:
59 allowPrivilegeEscalation: false
60 capabilities:
61 drop:
62 - ALL
63 privileged: false
64 readOnlyRootFilesystem: true
65 - name: csi-health-monitor
66 image: bzl://third_party/k8s/piraeus-distributed-storage:csiexternalhealthmonitorcontroller_container_push
67 resources:
68 limits:
69 cpu: "20m"
70 memory: 60Mi
71 securityContext:
72 allowPrivilegeEscalation: false
73 capabilities:
74 drop:
75 - ALL
76 privileged: false
77 readOnlyRootFilesystem: true
78 - name: csi-livenessprobe
79 image: bzl://third_party/k8s/piraeus-distributed-storage:livenessprobe_container_push
80 resources:
81 limits:
82 cpu: "15m"
83 memory: 30Mi
84 securityContext:
85 allowPrivilegeEscalation: false
86 capabilities:
87 drop:
88 - ALL
89 privileged: false
90 readOnlyRootFilesystem: true
91 - name: csi-provisioner
92 image: bzl://third_party/k8s/piraeus-distributed-storage:csiprovisioner_container_push
93 resources:
94 limits:
95 cpu: "15m"
96 memory: 35Mi
97 securityContext:
98 allowPrivilegeEscalation: false
99 capabilities:
100 drop:
101 - ALL
102 privileged: false
103 readOnlyRootFilesystem: true
104 - name: csi-resizer
105 image: bzl://third_party/k8s/piraeus-distributed-storage:csiresizer_container_push
106 resources:
107 limits:
108 cpu: "15m"
109 memory: 35Mi
110 securityContext:
111 allowPrivilegeEscalation: false
112 capabilities:
113 drop:
114 - ALL
115 privileged: false
116 readOnlyRootFilesystem: true
117 - name: csi-snapshotter
118 image: bzl://third_party/k8s/piraeus-distributed-storage:csisnapshotter_container_push
119 resources:
120 limits:
121 cpu: "10m"
122 memory: 30Mi
123 securityContext:
124 allowPrivilegeEscalation: false
125 capabilities:
126 drop:
127 - ALL
128 privileged: false
129 readOnlyRootFilesystem: true
130 - name: linstor-csi
131 image: bzl://third_party/k8s/piraeus-distributed-storage:piraeuscsi_container_push
132 resources:
133 limits:
134 cpu: "15m"
135 memory: 40Mi
136 securityContext:
137 allowPrivilegeEscalation: false
138 capabilities:
139 drop:
140 - ALL
141 privileged: false
142 readOnlyRootFilesystem: true
143 csiNode:
144 podTemplate:
145 spec:
146 priorityClassName: edge-p3-workload-services
147 initContainers:
148 - name: linstor-wait-node-online
149 image: bzl://third_party/k8s/piraeus-distributed-storage:piraeuscsi_container_push
150 securityContext:
151 allowPrivilegeEscalation: false
152 capabilities:
153 drop:
154 - ALL
155 privileged: false
156 readOnlyRootFilesystem: true
157 containers:
158 - name: csi-livenessprobe
159 image: bzl://third_party/k8s/piraeus-distributed-storage:livenessprobe_container_push
160 resources:
161 limits:
162 cpu: "5m"
163 memory: 25Mi
164 securityContext:
165 allowPrivilegeEscalation: false
166 capabilities:
167 drop:
168 - ALL
169 privileged: false
170 readOnlyRootFilesystem: true
171 - name: csi-node-driver-registrar
172 image: bzl://third_party/k8s/piraeus-distributed-storage:csinodedriverregistrar_container_push
173 resources:
174 limits:
175 cpu: "5m"
176 memory: 20Mi
177 securityContext:
178 allowPrivilegeEscalation: false
179 capabilities:
180 drop:
181 - ALL
182 privileged: false
183 readOnlyRootFilesystem: true
184 - name: linstor-csi
185 image: bzl://third_party/k8s/piraeus-distributed-storage:piraeuscsi_container_push
186 resources:
187 limits:
188 cpu: "10m"
189 memory: 30Mi
190 securityContext:
191 capabilities:
192 add:
193 - SYS_ADMIN
194 drop:
195 - ALL
196 privileged: true
197 readOnlyRootFilesystem: true
198 highAvailabilityController:
199 podTemplate:
200 spec:
201 priorityClassName: edge-p3-workload-services
202 containers:
203 - name: ha-controller
204 image: bzl://third_party/k8s/piraeus-distributed-storage:piraeushacontroller_container_push
205 args:
206 - /agent
207 - --v=1
208 - --disable-node-taints
209 resources:
210 limits:
211 cpu: "40m"
212 memory: 40Mi
213 securityContext:
214 allowPrivilegeEscalation: false
215 capabilities:
216 drop:
217 - ALL
218 privileged: false
219 readOnlyRootFilesystem: true
220 nodeAffinity:
221 nodeSelectorTerms:
222 - matchExpressions:
223 - key: distributed.storage/schedulable
224 operator: Exists
225 properties:
226 - name: TcpPortAutoRange
227 value: "7000-7999"
View as plain text