1---
2# Source: spegel/templates/rbac.yaml
3apiVersion: v1
4kind: ServiceAccount
5metadata:
6 name: spegel
7 namespace: spegel
8 labels:
9 helm.sh/chart: spegel-v0.0.1
10 app.kubernetes.io/name: spegel
11 app.kubernetes.io/instance: spegel
12 app.kubernetes.io/version: "v0.0.1"
13 app.kubernetes.io/managed-by: Helm
14---
15# Source: spegel/templates/rbac.yaml
16apiVersion: rbac.authorization.k8s.io/v1
17kind: Role
18metadata:
19 name: spegel
20 namespace: spegel
21 labels:
22 helm.sh/chart: spegel-v0.0.1
23 app.kubernetes.io/name: spegel
24 app.kubernetes.io/instance: spegel
25 app.kubernetes.io/version: "v0.0.1"
26 app.kubernetes.io/managed-by: Helm
27rules:
28 - apiGroups: ["coordination.k8s.io"]
29 resources: ["leases"]
30 verbs: ["get", "list", "watch", "create", "update"]
31---
32# Source: spegel/templates/rbac.yaml
33apiVersion: rbac.authorization.k8s.io/v1
34kind: RoleBinding
35metadata:
36 name: spegel
37 namespace: spegel
38 labels:
39 helm.sh/chart: spegel-v0.0.1
40 app.kubernetes.io/name: spegel
41 app.kubernetes.io/instance: spegel
42 app.kubernetes.io/version: "v0.0.1"
43 app.kubernetes.io/managed-by: Helm
44roleRef:
45 apiGroup: rbac.authorization.k8s.io
46 kind: Role
47 name: spegel
48subjects:
49 - kind: ServiceAccount
50 name: spegel
51 namespace: spegel
52---
53# Source: spegel/templates/service.yaml
54apiVersion: v1
55kind: Service
56metadata:
57 name: spegel
58 namespace: spegel
59 labels:
60 app.kubernetes.io/component: metrics
61 helm.sh/chart: spegel-v0.0.1
62 app.kubernetes.io/name: spegel
63 app.kubernetes.io/instance: spegel
64 app.kubernetes.io/version: "v0.0.1"
65 app.kubernetes.io/managed-by: Helm
66spec:
67 selector:
68 app.kubernetes.io/name: spegel
69 app.kubernetes.io/instance: spegel
70 ports:
71 - name: metrics
72 port: 9090
73 targetPort: metrics
74 protocol: TCP
75---
76# Source: spegel/templates/service.yaml
77apiVersion: v1
78kind: Service
79metadata:
80 name: spegel-registry
81 namespace: spegel
82 labels:
83 helm.sh/chart: spegel-v0.0.1
84 app.kubernetes.io/name: spegel
85 app.kubernetes.io/instance: spegel
86 app.kubernetes.io/version: "v0.0.1"
87 app.kubernetes.io/managed-by: Helm
88 annotations:
89 service.kubernetes.io/topology-aware-hints: auto
90spec:
91 type: NodePort
92 selector:
93 app.kubernetes.io/name: spegel
94 app.kubernetes.io/instance: spegel
95 ports:
96 - name: registry
97 port: 5000
98 targetPort: registry
99 nodePort: 30021
100 protocol: TCP
101---
102# Source: spegel/templates/daemonset.yaml
103apiVersion: apps/v1
104kind: DaemonSet
105metadata:
106 name: spegel
107 namespace: spegel
108 labels:
109 helm.sh/chart: spegel-v0.0.1
110 app.kubernetes.io/name: spegel
111 app.kubernetes.io/instance: spegel
112 app.kubernetes.io/version: "v0.0.1"
113 app.kubernetes.io/managed-by: Helm
114spec:
115 revisionHistoryLimit: 10
116 updateStrategy:
117 {}
118 selector:
119 matchLabels:
120 app.kubernetes.io/name: spegel
121 app.kubernetes.io/instance: spegel
122 template:
123 metadata:
124 labels:
125 app.kubernetes.io/name: spegel
126 app.kubernetes.io/instance: spegel
127 spec:
128 serviceAccountName: spegel
129 securityContext:
130 {}
131 priorityClassName: system-node-critical
132 initContainers:
133 - name: configuration
134 image: "ghcr.io/spegel-org/spegel:v0.0.1"
135 imagePullPolicy: IfNotPresent
136 securityContext:
137 {}
138 args:
139 - configuration
140 - --log-level=INFO
141 - --containerd-registry-config-path=/etc/containerd/certs.d
142 - --registries
143 - "https://cgr.dev"
144 - "https://docker.io"
145 - "https://ghcr.io"
146 - "https://quay.io"
147 - "https://mcr.microsoft.com"
148 - "https://public.ecr.aws"
149 - "https://gcr.io"
150 - "https://registry.k8s.io"
151 - "https://k8s.gcr.io"
152 - "https://lscr.io"
153 - --mirror-registries
154 - http://$(NODE_IP):30020
155 - http://$(NODE_IP):30021
156 - --resolve-tags=true
157 - --append-mirrors=false
158 env:
159 - name: NODE_IP
160 valueFrom:
161 fieldRef:
162 fieldPath: status.hostIP
163 resources:
164 {}
165 volumeMounts:
166 - name: containerd-config
167 mountPath: /etc/containerd/certs.d
168 containers:
169 - name: registry
170 image: "ghcr.io/spegel-org/spegel:v0.0.1"
171 imagePullPolicy: IfNotPresent
172 securityContext:
173 {}
174 args:
175 - registry
176 - --log-level=INFO
177 - --mirror-resolve-retries=3
178 - --mirror-resolve-timeout=20ms
179 - --registry-addr=:5000
180 - --router-addr=:5001
181 - --metrics-addr=:9090
182 - --registries
183 - "https://cgr.dev"
184 - "https://docker.io"
185 - "https://ghcr.io"
186 - "https://quay.io"
187 - "https://mcr.microsoft.com"
188 - "https://public.ecr.aws"
189 - "https://gcr.io"
190 - "https://registry.k8s.io"
191 - "https://k8s.gcr.io"
192 - "https://lscr.io"
193 - --containerd-sock=/run/containerd/containerd.sock
194 - --containerd-namespace=k8s.io
195 - --containerd-registry-config-path=/etc/containerd/certs.d
196 - --bootstrap-kind=kubernetes
197 - --leader-election-namespace=spegel
198 - --leader-election-name=spegel-leader-election
199 - --resolve-latest-tag=true
200 - --local-addr=$(NODE_IP):30020
201 - --containerd-content-path=/var/lib/containerd/io.containerd.content.v1.content
202 env:
203 - name: NODE_IP
204 valueFrom:
205 fieldRef:
206 fieldPath: status.hostIP
207 ports:
208 - name: registry
209 containerPort: 5000
210 hostPort: 30020
211 protocol: TCP
212 - name: router
213 containerPort: 5001
214 protocol: TCP
215 - name: metrics
216 containerPort: 9090
217 protocol: TCP
218 # Startup may take a bit longer on bootsrap as Pods need to find each other.
219 # This is why the startup proben is a bit more forgiving, while hitting the endpoint more often.
220 startupProbe:
221 periodSeconds: 3
222 failureThreshold: 60
223 httpGet:
224 path: /healthz
225 port: registry
226 readinessProbe:
227 httpGet:
228 path: /healthz
229 port: registry
230 volumeMounts:
231 - name: containerd-sock
232 mountPath: /run/containerd/containerd.sock
233 - name: containerd-content
234 mountPath: /var/lib/containerd/io.containerd.content.v1.content
235 readOnly: true
236 resources:
237 {}
238 volumes:
239 - name: containerd-sock
240 hostPath:
241 path: /run/containerd/containerd.sock
242 type: Socket
243 - name: containerd-content
244 hostPath:
245 path: /var/lib/containerd/io.containerd.content.v1.content
246 type: Directory
247 - name: containerd-config
248 hostPath:
249 path: /etc/containerd/certs.d
250 type: DirectoryOrCreate
251 nodeSelector:
252 kubernetes.io/os: linux
253 tolerations:
254 - key: CriticalAddonsOnly
255 operator: Exists
256 - effect: NoExecute
257 operator: Exists
258 - effect: NoSchedule
259 operator: Exists
View as plain text