1apiVersion: v1
2kind: Namespace
3metadata:
4 name: resilience-manager
5 labels:
6 workload.edge.ncr.com: platform
7 annotations:
8 pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
9 pallet.edge.ncr.com/name: resilience-manager
10 pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
11 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
12 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/sds'
13 pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
14---
15apiVersion: v1
16kind: ServiceAccount
17metadata:
18 name: resilience-manager
19 namespace: resilience-manager
20 labels:
21 platform.edge.ncr.com/component: resilience-manager
22 annotations:
23 pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
24 pallet.edge.ncr.com/name: resilience-manager
25 pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
26 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
27 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/sds'
28 pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
29---
30apiVersion: rbac.authorization.k8s.io/v1
31kind: Role
32metadata:
33 name: secret-role
34 namespace: resilience-manager
35 annotations:
36 pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
37 pallet.edge.ncr.com/name: resilience-manager
38 pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
39 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
40 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/sds'
41 pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
42 labels: {}
43rules:
44- resources: ["secrets"]
45 apiGroups: ["*"]
46 verbs: ["*"]
47---
48apiVersion: rbac.authorization.k8s.io/v1
49kind: ClusterRole
50metadata:
51 name: resilience-manager-clusterrole
52 annotations:
53 pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
54 pallet.edge.ncr.com/name: resilience-manager
55 pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
56 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
57 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/sds'
58 pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
59 labels: {}
60rules:
61- resources: ["nodes", "secrets"]
62 apiGroups: ["*"]
63 verbs: ["*"]
64---
65apiVersion: rbac.authorization.k8s.io/v1
66kind: RoleBinding
67metadata:
68 name: secret-rolebinding
69 namespace: resilience-manager
70 annotations:
71 pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
72 pallet.edge.ncr.com/name: resilience-manager
73 pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
74 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
75 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/sds'
76 pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
77 labels: {}
78roleRef:
79 name: secret-role
80 kind: Role
81 apiGroup: rbac.authorization.k8s.io
82subjects:
83- name: system:serviceaccounts:resilience-manager
84 kind: Group
85 apiGroup: rbac.authorization.k8s.io
86---
87apiVersion: rbac.authorization.k8s.io/v1
88kind: ClusterRoleBinding
89metadata:
90 name: resilience-manager-crb
91 annotations:
92 pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
93 pallet.edge.ncr.com/name: resilience-manager
94 pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
95 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
96 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/sds'
97 pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
98 labels: {}
99roleRef:
100 name: resilience-manager-clusterrole
101 kind: ClusterRole
102 apiGroup: rbac.authorization.k8s.io
103subjects:
104- name: resilience-manager
105 namespace: resilience-manager
106 kind: ServiceAccount
107---
108apiVersion: v1
109kind: ConfigMap
110metadata:
111 name: etcd-manager
112 namespace: resilience-manager
113 annotations:
114 pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
115 pallet.edge.ncr.com/name: resilience-manager
116 pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
117 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
118 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/sds'
119 pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
120 labels: {}
121data:
122 etcd-manager.yaml: |
123 apiVersion: v1
124 kind: Pod
125 metadata:
126 name: etcd-manager
127 namespace: kube-system
128 spec:
129 hostNetwork: true
130 containers:
131 - name: etcd-manager
132 image: IMAGE-PLACEHOLDER
133 args:
134 - run
135 - --kubeconfig=/etc/kubernetes/admin.conf
136 - --controlplane-etcd-host=127.0.0.1
137 - --controlplane-etcd-port=2379
138 - --kube-client-timeout=2s
139 - --kube-client-retry-interval=2s
140 - --kube-client-retry-duration=2s
141 - --blocking-kube-client-timeout=15s
142 - --blocking-kube-client-retry-interval=15s
143 - --blocking-kube-client-retry-duration=5m
144 - --etcd-client-timeout=2s
145 - --etcd-client-retry-interval=2s
146 - --etcd-client-retry-duration=2s
147 - --etcd-cluster-max-unhealthy-time=10m
148 - --etcd-member-max-unhealthy-time=10m
149 volumeMounts:
150 - name: kubernetes
151 mountPath: /etc/kubernetes
152 - name: run-containerd
153 mountPath: /run/containerd
154 - name: run-systemd
155 mountPath: /run/systemd
156 - name: run-etcdmanager
157 mountPath: /run/etcdmanager
158 volumes:
159 - name: kubernetes
160 hostPath:
161 type: Directory
162 path: /etc/kubernetes
163 - name: run-containerd
164 hostPath:
165 type: Directory
166 path: /run/containerd
167 - name: run-etcdmanager
168 hostPath:
169 type: DirectoryOrCreate
170 path: /run/etcdmanager
171 - name: run-systemd
172 hostPath:
173 type: Directory
174 path: /run/systemd
175 image: us-east1-docker.pkg.dev/ret-edge-pltf-infra/workloads/etcdmanager@sha256:58e51ae7fedc70d2a98d755ed7ac71df3ab9bcf9e93a5a4a82bef8ecad8dd3f8
176---
177apiVersion: v1
178kind: ConfigMap
179metadata:
180 name: resilience-manager
181 namespace: resilience-manager
182 annotations:
183 pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
184 pallet.edge.ncr.com/name: resilience-manager
185 pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
186 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
187 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/sds'
188 pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
189 labels: {}
190data:
191 CONTAINER_VERSIONS_FILENAME: "container-versions.yaml"
192 CONTAINER_VERSIONS_PATH: "/etc/kubernetes"
193 ETCD_DATA_DIR: "/var/lib/etcd/member"
194 ETCD_MANIFEST_FILENAME: "etcd.yaml"
195 ETCD_SDS_YAML_FILENAME: "etcd_sds.yaml"
196 ETCD_SDS_YAML_PATH: "/zynstra/config"
197 K8S_CONFIG_PATH: "/etc/kubernetes"
198 STATIC_MANIFESTS_PATH: "/etc/kubernetes/manifests"
199---
200apiVersion: apps/v1
201kind: DaemonSet
202metadata:
203 name: resilience-manager
204 namespace: resilience-manager
205 annotations:
206 pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
207 pallet.edge.ncr.com/name: resilience-manager
208 pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
209 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
210 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/sds'
211 pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
212 labels: {}
213spec:
214 selector:
215 matchLabels:
216 platform.edge.ncr.com/component: resilience-manager
217 template:
218 metadata:
219 labels:
220 name: resilience-manager
221 platform.edge.ncr.com/component: resilience-manager
222 annotations:
223 node.kubernetes.io/bootstrap-checkpoint: "true"
224 pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
225 pallet.edge.ncr.com/name: resilience-manager
226 pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
227 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
228 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/sds'
229 pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
230 spec:
231 serviceAccountName: resilience-manager
232 hostname: resilience-manager
233 initContainers:
234 - name: etcd-manager-image-init
235 image: us-east1-docker.pkg.dev/ret-edge-pltf-infra/workloads/etcdmanager@sha256:58e51ae7fedc70d2a98d755ed7ac71df3ab9bcf9e93a5a4a82bef8ecad8dd3f8
236 args: ['version']
237 - name: etcd-manager-manifest-init
238 image: us-east1-docker.pkg.dev/ret-edge-pltf-infra/thirdparty/library/alpine@sha256:bf5deac5ac639c5a6ac818f57196ff92f2b9364f65496f6bd5b780c47d3c400a
239 command: ['sh', '-c', 'if [ -f /etc/kubernetes/manifests/kube-scheduler.yaml ]; then cp /etc/config/etcd-manager.yaml /etc/kubernetes/manifests/etcd-manager.yaml; sed -i "s~IMAGE-PLACEHOLDER~$ETCD_MANAGER_IMAGE~g" /etc/kubernetes/manifests/etcd-manager.yaml; fi']
240 env:
241 - name: ETCD_MANAGER_IMAGE
242 valueFrom:
243 configMapKeyRef:
244 name: etcd-manager
245 key: image
246 volumeMounts:
247 - name: etcd-manager-config
248 mountPath: /etc/config
249 - name: kubernetes-manifests
250 mountPath: /etc/kubernetes/manifests
251 containers:
252 - name: resilience-manager
253 image: us-east1-docker.pkg.dev/ret-edge-pltf-infra/workloads/resiliencemanager@sha256:32bb761388f7ed1aa370ffdb1fca12530479a5e262b91046b7eecffd254f016f
254 envFrom:
255 - configMapRef:
256 name: resilience-manager
257 env:
258 - name: NODE_NAME
259 valueFrom:
260 fieldRef:
261 fieldPath: spec.nodeName
262 - name: HOSTIP
263 valueFrom:
264 fieldRef:
265 fieldPath: status.hostIP
266 resources:
267 limits:
268 cpu: "100m"
269 memory: 150Mi
270 requests:
271 cpu: 10m
272 memory: 15Mi
273 volumeMounts:
274 - name: etc-kubernetes
275 mountPath: /etc/kubernetes
276 - name: installation-config
277 mountPath: /zynstra/config/
278 - name: etcd-data
279 mountPath: /var/lib/etcd
280 - name: run-systemd
281 mountPath: /run/systemd
282 imagePullPolicy: IfNotPresent
283 volumes:
284 - name: etc-kubernetes
285 hostPath:
286 type: Directory
287 path: /etc/kubernetes
288 - name: etcd-data
289 hostPath:
290 type: DirectoryOrCreate
291 path: /var/lib/etcd
292 - name: etcd-manager-config
293 configMap:
294 name: etcd-manager
295 - name: installation-config
296 hostPath:
297 type: Directory
298 path: /zynstra/config/
299 - name: kubernetes-manifests
300 hostPath:
301 type: Directory
302 path: /etc/kubernetes/manifests
303 - name: run-systemd
304 hostPath:
305 type: Directory
306 path: /run/systemd
307 imagePullSecrets:
308 - name: edge-docker-pull-secret
View as plain text