apiVersion: v1 kind: Namespace metadata: name: resilience-manager labels: workload.edge.ncr.com: platform annotations: pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z" pallet.edge.ncr.com/name: resilience-manager pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/sds' pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a --- apiVersion: v1 kind: ServiceAccount metadata: name: resilience-manager namespace: resilience-manager labels: platform.edge.ncr.com/component: resilience-manager annotations: pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z" pallet.edge.ncr.com/name: resilience-manager pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/sds' pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a --- apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: secret-role namespace: resilience-manager annotations: pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z" pallet.edge.ncr.com/name: resilience-manager pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/sds' pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a labels: {} rules: - resources: ["secrets"] apiGroups: ["*"] verbs: ["*"] --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: resilience-manager-clusterrole annotations: pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z" pallet.edge.ncr.com/name: resilience-manager pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/sds' pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a labels: {} rules: - resources: ["nodes", "secrets"] apiGroups: ["*"] verbs: ["*"] --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: secret-rolebinding namespace: resilience-manager annotations: pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z" pallet.edge.ncr.com/name: resilience-manager pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/sds' pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a labels: {} roleRef: name: secret-role kind: Role apiGroup: rbac.authorization.k8s.io subjects: - name: system:serviceaccounts:resilience-manager kind: Group apiGroup: rbac.authorization.k8s.io --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: resilience-manager-crb annotations: pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z" pallet.edge.ncr.com/name: resilience-manager pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/sds' pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a labels: {} roleRef: name: resilience-manager-clusterrole kind: ClusterRole apiGroup: rbac.authorization.k8s.io subjects: - name: resilience-manager namespace: resilience-manager kind: ServiceAccount --- apiVersion: v1 kind: ConfigMap metadata: name: etcd-manager namespace: resilience-manager annotations: pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z" pallet.edge.ncr.com/name: resilience-manager pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/sds' pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a labels: {} data: etcd-manager.yaml: | apiVersion: v1 kind: Pod metadata: name: etcd-manager namespace: kube-system spec: hostNetwork: true containers: - name: etcd-manager image: IMAGE-PLACEHOLDER args: - run - --kubeconfig=/etc/kubernetes/admin.conf - --controlplane-etcd-host=127.0.0.1 - --controlplane-etcd-port=2379 - --kube-client-timeout=2s - --kube-client-retry-interval=2s - --kube-client-retry-duration=2s - --blocking-kube-client-timeout=15s - --blocking-kube-client-retry-interval=15s - --blocking-kube-client-retry-duration=5m - --etcd-client-timeout=2s - --etcd-client-retry-interval=2s - --etcd-client-retry-duration=2s - --etcd-cluster-max-unhealthy-time=10m - --etcd-member-max-unhealthy-time=10m volumeMounts: - name: kubernetes mountPath: /etc/kubernetes - name: run-containerd mountPath: /run/containerd - name: run-systemd mountPath: /run/systemd - name: run-etcdmanager mountPath: /run/etcdmanager volumes: - name: kubernetes hostPath: type: Directory path: /etc/kubernetes - name: run-containerd hostPath: type: Directory path: /run/containerd - name: run-etcdmanager hostPath: type: DirectoryOrCreate path: /run/etcdmanager - name: run-systemd hostPath: type: Directory path: /run/systemd image: us-east1-docker.pkg.dev/ret-edge-pltf-infra/workloads/etcdmanager@sha256:58e51ae7fedc70d2a98d755ed7ac71df3ab9bcf9e93a5a4a82bef8ecad8dd3f8 --- apiVersion: v1 kind: ConfigMap metadata: name: resilience-manager namespace: resilience-manager annotations: pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z" pallet.edge.ncr.com/name: resilience-manager pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/sds' pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a labels: {} data: CONTAINER_VERSIONS_FILENAME: "container-versions.yaml" CONTAINER_VERSIONS_PATH: "/etc/kubernetes" ETCD_DATA_DIR: "/var/lib/etcd/member" ETCD_MANIFEST_FILENAME: "etcd.yaml" ETCD_SDS_YAML_FILENAME: "etcd_sds.yaml" ETCD_SDS_YAML_PATH: "/zynstra/config" K8S_CONFIG_PATH: "/etc/kubernetes" STATIC_MANIFESTS_PATH: "/etc/kubernetes/manifests" --- apiVersion: apps/v1 kind: DaemonSet metadata: name: resilience-manager namespace: resilience-manager annotations: pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z" pallet.edge.ncr.com/name: resilience-manager pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/sds' pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a labels: {} spec: selector: matchLabels: platform.edge.ncr.com/component: resilience-manager template: metadata: labels: name: resilience-manager platform.edge.ncr.com/component: resilience-manager annotations: node.kubernetes.io/bootstrap-checkpoint: "true" pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z" pallet.edge.ncr.com/name: resilience-manager pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/sds' pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a spec: serviceAccountName: resilience-manager hostname: resilience-manager initContainers: - name: etcd-manager-image-init image: us-east1-docker.pkg.dev/ret-edge-pltf-infra/workloads/etcdmanager@sha256:58e51ae7fedc70d2a98d755ed7ac71df3ab9bcf9e93a5a4a82bef8ecad8dd3f8 args: ['version'] - name: etcd-manager-manifest-init image: us-east1-docker.pkg.dev/ret-edge-pltf-infra/thirdparty/library/alpine@sha256:bf5deac5ac639c5a6ac818f57196ff92f2b9364f65496f6bd5b780c47d3c400a command: ['sh', '-c', 'if [ -f /etc/kubernetes/manifests/kube-scheduler.yaml ]; then cp /etc/config/etcd-manager.yaml /etc/kubernetes/manifests/etcd-manager.yaml; sed -i "s~IMAGE-PLACEHOLDER~$ETCD_MANAGER_IMAGE~g" /etc/kubernetes/manifests/etcd-manager.yaml; fi'] env: - name: ETCD_MANAGER_IMAGE valueFrom: configMapKeyRef: name: etcd-manager key: image volumeMounts: - name: etcd-manager-config mountPath: /etc/config - name: kubernetes-manifests mountPath: /etc/kubernetes/manifests containers: - name: resilience-manager image: us-east1-docker.pkg.dev/ret-edge-pltf-infra/workloads/resiliencemanager@sha256:32bb761388f7ed1aa370ffdb1fca12530479a5e262b91046b7eecffd254f016f envFrom: - configMapRef: name: resilience-manager env: - name: NODE_NAME valueFrom: fieldRef: fieldPath: spec.nodeName - name: HOSTIP valueFrom: fieldRef: fieldPath: status.hostIP resources: limits: cpu: "100m" memory: 150Mi requests: cpu: 10m memory: 15Mi volumeMounts: - name: etc-kubernetes mountPath: /etc/kubernetes - name: installation-config mountPath: /zynstra/config/ - name: etcd-data mountPath: /var/lib/etcd - name: run-systemd mountPath: /run/systemd imagePullPolicy: IfNotPresent volumes: - name: etc-kubernetes hostPath: type: Directory path: /etc/kubernetes - name: etcd-data hostPath: type: DirectoryOrCreate path: /var/lib/etcd - name: etcd-manager-config configMap: name: etcd-manager - name: installation-config hostPath: type: Directory path: /zynstra/config/ - name: kubernetes-manifests hostPath: type: Directory path: /etc/kubernetes/manifests - name: run-systemd hostPath: type: Directory path: /run/systemd imagePullSecrets: - name: edge-docker-pull-secret