1apiVersion: piraeus.io/v1
2kind: LinstorSatelliteConfiguration
3metadata:
4 name: satellite-containers
5spec:
6 podTemplate:
7 metadata:
8 annotations:
9 config.linkerd.io/skip-inbound-ports: 7000-7999
10 spec:
11 priorityClassName: edge-p3-workload-services
12 initContainers:
13 - name: drbd-module-loader
14 image: bzl://third_party/k8s/piraeus-distributed-storage:drbd9noble_container_push
15 securityContext:
16 allowPrivilegeEscalation: false
17 capabilities:
18 add:
19 - SYS_MODULE
20 drop:
21 - ALL
22 privileged: false
23 readOnlyRootFilesystem: true
24 - name: drbd-shutdown-guard
25 image: bzl://third_party/k8s/piraeus-distributed-storage:drbdshutdownguard_container_push
26 securityContext:
27 capabilities:
28 drop:
29 - ALL
30 privileged: true
31 readOnlyRootFilesystem: true
32 containers:
33 - name: drbd-reactor
34 image: bzl://third_party/k8s/piraeus-distributed-storage:drbdreactor_container_push
35 resources:
36 limits:
37 cpu: "5m"
38 memory: 10Mi
39 securityContext:
40 allowPrivilegeEscalation: false
41 capabilities:
42 drop:
43 - ALL
44 privileged: false
45 readOnlyRootFilesystem: true
46 - name: linstor-satellite
47 image: bzl://third_party/k8s/piraeus-distributed-storage:piraeusserver_container_push
48 resources:
49 limits:
50 cpu: "200m"
51 memory: 250Mi
52 securityContext:
53 capabilities:
54 add:
55 - NET_ADMIN
56 - SYS_ADMIN
57 drop:
58 - ALL
59 privileged: true
60 readOnlyRootFilesystem: true
View as plain text