apiVersion: v1 kind: Namespace metadata: name: kured labels: platform.edge.ncr.com/component: kured annotations: pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z" pallet.edge.ncr.com/name: kured pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/sds' pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a --- apiVersion: v1 kind: ServiceAccount metadata: name: kured namespace: kured labels: configmanagement.gke.io/cluster-selector: dsds-cluster platform.edge.ncr.com/component: kured annotations: pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z" pallet.edge.ncr.com/name: kured pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/sds' pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a --- apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: kured namespace: kured labels: configmanagement.gke.io/cluster-selector: dsds-cluster platform.edge.ncr.com/component: kured annotations: pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z" pallet.edge.ncr.com/name: kured pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/sds' pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a rules: - resources: ["daemonsets"] apiGroups: ["apps"] resourceNames: ["kured"] verbs: ["update"] --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: kured labels: configmanagement.gke.io/cluster-selector: dsds-cluster platform.edge.ncr.com/component: kured annotations: pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z" pallet.edge.ncr.com/name: kured pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/sds' pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a rules: - resources: ["nodes"] apiGroups: [""] verbs: ["get", "patch"] - resources: ["pods"] apiGroups: [""] verbs: ["list", "delete", "get"] - resources: ["daemonsets"] apiGroups: ["apps"] verbs: ["get"] - resources: ["pods/eviction"] apiGroups: [""] verbs: ["create"] --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: kured namespace: kured labels: configmanagement.gke.io/cluster-selector: dsds-cluster platform.edge.ncr.com/component: kured annotations: pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z" pallet.edge.ncr.com/name: kured pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/sds' pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a roleRef: name: kured kind: Role apiGroup: rbac.authorization.k8s.io subjects: - name: kured namespace: kured kind: ServiceAccount --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: kured labels: configmanagement.gke.io/cluster-selector: dsds-cluster platform.edge.ncr.com/component: kured annotations: pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z" pallet.edge.ncr.com/name: kured pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/sds' pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a roleRef: name: kured kind: ClusterRole apiGroup: rbac.authorization.k8s.io subjects: - name: kured namespace: kured kind: ServiceAccount --- apiVersion: v1 kind: ConfigMap metadata: name: reboot-config-2c797bc9h8 namespace: kured labels: platform.edge.ncr.com/component: kured annotations: pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z" pallet.edge.ncr.com/name: kured pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/sds' pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a data: reboot.sh: "#!/bin/bash\nset -e\n\nif grep -qs poweroff /var/run/reboot-required;\nthen \n action=poweroff;\nelse\n action=reboot;\nfi\n\necho \"Action: $action\";\n\necho \"Stopping kubelet\"\n/bin/systemctl stop kubelet\n\necho \"Stopping containers\"\nkured_id=$(crictl ps --name kured -q)\necho -e \"$(crictl ps -q | grep -v $kured_id)\\n$kured_id\" | xargs -L1 -P 8 crictl stop -t 2 ||:\n\necho \"Stopping containerd\"\n/bin/systemctl stop containerd\n\nif [ -f /usr/lib/systemd/scripts/zynstra-pre-reboot-upgrade.sh ];\nthen\n /usr/lib/systemd/scripts/zynstra-pre-reboot-upgrade.sh ||:\nfi\n\necho \"$action node\"\n/bin/systemctl $action" --- apiVersion: apps/v1 kind: DaemonSet metadata: name: kured namespace: kured labels: configmanagement.gke.io/cluster-selector: dsds-cluster platform.edge.ncr.com/component: kured annotations: pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z" pallet.edge.ncr.com/name: kured pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/sds' pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a spec: selector: matchLabels: name: kured configmanagement.gke.io/cluster-selector: dsds-cluster platform.edge.ncr.com/component: kured template: metadata: labels: name: kured configmanagement.gke.io/cluster-selector: dsds-cluster platform.edge.ncr.com/component: kured annotations: pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z" pallet.edge.ncr.com/name: kured pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/sds' pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a spec: restartPolicy: Always serviceAccountName: kured hostPID: true containers: - name: kured image: us-east1-docker.pkg.dev/ret-edge-pltf-infra/thirdparty/ghcr.io/kubereboot/kured@sha256:112fca6f2f3f11ac567b71f4f4a4c2c64f68e8d88ced3afed821e8c4c28ff40c command: - /usr/bin/kured - --ds-namespace=kured - --force-reboot=true - --period=1m - --drain-timeout=10m - --drain-grace-period=-1 - --reboot-command=sh -c "systemd-run --unit=reboot.sh /usr/local/kured/reboot.sh;journalctl -u reboot.sh -f" ports: - name: metrics containerPort: 8080 env: - name: KURED_NODE_ID valueFrom: fieldRef: fieldPath: spec.nodeName imagePullPolicy: IfNotPresent securityContext: privileged: true tolerations: - effect: NoSchedule key: node-role.kubernetes.io/control-plane - effect: NoSchedule key: node-role.kubernetes.io/master initContainers: - name: reboot-script image: busybox command: ["cp", "-af", "/script/reboot.sh", "/usr/local/kured"] volumeMounts: - name: script-volume mountPath: /usr/local/kured - name: config-volume mountPath: /script/reboot.sh subPath: reboot.sh imagePullPolicy: IfNotPresent volumes: - name: config-volume configMap: name: reboot-config-2c797bc9h8 defaultMode: 493 #755 - name: script-volume hostPath: type: DirectoryOrCreate path: /usr/local/kured updateStrategy: type: RollingUpdate