...

Text file src/edge-infra.dev/third_party/k8s/spegel/base/manifests.yaml

Documentation: edge-infra.dev/third_party/k8s/spegel/base

     1---
     2# Source: spegel/templates/rbac.yaml
     3apiVersion: v1
     4kind: ServiceAccount
     5metadata:
     6  name: spegel
     7  namespace: spegel
     8  labels:
     9    helm.sh/chart: spegel-v0.0.1
    10    app.kubernetes.io/name: spegel
    11    app.kubernetes.io/instance: spegel
    12    app.kubernetes.io/version: "v0.0.1"
    13    app.kubernetes.io/managed-by: Helm
    14---
    15# Source: spegel/templates/rbac.yaml
    16apiVersion: rbac.authorization.k8s.io/v1
    17kind: Role
    18metadata:
    19  name: spegel
    20  namespace: spegel
    21  labels:
    22    helm.sh/chart: spegel-v0.0.1
    23    app.kubernetes.io/name: spegel
    24    app.kubernetes.io/instance: spegel
    25    app.kubernetes.io/version: "v0.0.1"
    26    app.kubernetes.io/managed-by: Helm
    27rules:
    28  - apiGroups: ["coordination.k8s.io"]
    29    resources: ["leases"]
    30    verbs: ["get", "list", "watch", "create", "update"]
    31---
    32# Source: spegel/templates/rbac.yaml
    33apiVersion: rbac.authorization.k8s.io/v1
    34kind: RoleBinding
    35metadata:
    36  name: spegel
    37  namespace: spegel
    38  labels:
    39    helm.sh/chart: spegel-v0.0.1
    40    app.kubernetes.io/name: spegel
    41    app.kubernetes.io/instance: spegel
    42    app.kubernetes.io/version: "v0.0.1"
    43    app.kubernetes.io/managed-by: Helm
    44roleRef:
    45  apiGroup: rbac.authorization.k8s.io
    46  kind: Role
    47  name: spegel
    48subjects:
    49  - kind: ServiceAccount
    50    name: spegel
    51    namespace: spegel
    52---
    53# Source: spegel/templates/service.yaml
    54apiVersion: v1
    55kind: Service
    56metadata:
    57  name: spegel
    58  namespace: spegel
    59  labels:
    60    app.kubernetes.io/component: metrics
    61    helm.sh/chart: spegel-v0.0.1
    62    app.kubernetes.io/name: spegel
    63    app.kubernetes.io/instance: spegel
    64    app.kubernetes.io/version: "v0.0.1"
    65    app.kubernetes.io/managed-by: Helm
    66spec:
    67  selector:
    68    app.kubernetes.io/name: spegel
    69    app.kubernetes.io/instance: spegel
    70  ports:
    71    - name: metrics
    72      port: 9090
    73      targetPort: metrics
    74      protocol: TCP
    75---
    76# Source: spegel/templates/service.yaml
    77apiVersion: v1
    78kind: Service
    79metadata:
    80  name: spegel-registry
    81  namespace: spegel
    82  labels:
    83    helm.sh/chart: spegel-v0.0.1
    84    app.kubernetes.io/name: spegel
    85    app.kubernetes.io/instance: spegel
    86    app.kubernetes.io/version: "v0.0.1"
    87    app.kubernetes.io/managed-by: Helm
    88  annotations:
    89    service.kubernetes.io/topology-aware-hints: auto
    90spec:
    91  type: NodePort
    92  selector:
    93    app.kubernetes.io/name: spegel
    94    app.kubernetes.io/instance: spegel
    95  ports:
    96    - name: registry
    97      port: 5000
    98      targetPort: registry
    99      nodePort: 30021
   100      protocol: TCP
   101---
   102# Source: spegel/templates/daemonset.yaml
   103apiVersion: apps/v1
   104kind: DaemonSet
   105metadata:
   106  name: spegel
   107  namespace: spegel
   108  labels:
   109    helm.sh/chart: spegel-v0.0.1
   110    app.kubernetes.io/name: spegel
   111    app.kubernetes.io/instance: spegel
   112    app.kubernetes.io/version: "v0.0.1"
   113    app.kubernetes.io/managed-by: Helm
   114spec:
   115  revisionHistoryLimit: 10
   116  updateStrategy:
   117    {}
   118  selector:
   119    matchLabels:
   120      app.kubernetes.io/name: spegel
   121      app.kubernetes.io/instance: spegel
   122  template:
   123    metadata:
   124      labels:
   125        app.kubernetes.io/name: spegel
   126        app.kubernetes.io/instance: spegel
   127    spec:
   128      serviceAccountName: spegel
   129      securityContext:
   130        {}
   131      priorityClassName: system-node-critical
   132      initContainers:
   133      - name: configuration
   134        image: "ghcr.io/spegel-org/spegel:v0.0.1"
   135        imagePullPolicy: IfNotPresent
   136        securityContext:
   137            {}
   138        args:
   139          - configuration
   140          - --log-level=INFO
   141          - --containerd-registry-config-path=/etc/containerd/certs.d
   142          - --registries
   143          - "https://cgr.dev"
   144          - "https://docker.io"
   145          - "https://ghcr.io"
   146          - "https://quay.io"
   147          - "https://mcr.microsoft.com"
   148          - "https://public.ecr.aws"
   149          - "https://gcr.io"
   150          - "https://registry.k8s.io"
   151          - "https://k8s.gcr.io"
   152          - "https://lscr.io"
   153          - --mirror-registries
   154          - http://$(NODE_IP):30020
   155          - http://$(NODE_IP):30021
   156          - --resolve-tags=true
   157          - --append-mirrors=false
   158        env:
   159        - name: NODE_IP
   160          valueFrom:
   161            fieldRef:
   162              fieldPath: status.hostIP
   163        resources:
   164          {}
   165        volumeMounts:
   166          - name: containerd-config
   167            mountPath: /etc/containerd/certs.d
   168      containers:
   169      - name: registry
   170        image: "ghcr.io/spegel-org/spegel:v0.0.1"
   171        imagePullPolicy: IfNotPresent
   172        securityContext:
   173            {}
   174        args:
   175          - registry
   176          - --log-level=INFO
   177          - --mirror-resolve-retries=3
   178          - --mirror-resolve-timeout=20ms
   179          - --registry-addr=:5000
   180          - --router-addr=:5001
   181          - --metrics-addr=:9090
   182          - --registries
   183          - "https://cgr.dev"
   184          - "https://docker.io"
   185          - "https://ghcr.io"
   186          - "https://quay.io"
   187          - "https://mcr.microsoft.com"
   188          - "https://public.ecr.aws"
   189          - "https://gcr.io"
   190          - "https://registry.k8s.io"
   191          - "https://k8s.gcr.io"
   192          - "https://lscr.io"
   193          - --containerd-sock=/run/containerd/containerd.sock
   194          - --containerd-namespace=k8s.io
   195          - --containerd-registry-config-path=/etc/containerd/certs.d
   196          - --bootstrap-kind=kubernetes
   197          - --leader-election-namespace=spegel
   198          - --leader-election-name=spegel-leader-election
   199          - --resolve-latest-tag=true
   200          - --local-addr=$(NODE_IP):30020
   201          - --containerd-content-path=/var/lib/containerd/io.containerd.content.v1.content
   202        env:
   203        - name: NODE_IP
   204          valueFrom:
   205            fieldRef:
   206              fieldPath: status.hostIP
   207        ports:
   208          - name: registry
   209            containerPort: 5000
   210            hostPort: 30020
   211            protocol: TCP
   212          - name: router
   213            containerPort: 5001
   214            protocol: TCP
   215          - name: metrics
   216            containerPort: 9090
   217            protocol: TCP
   218        # Startup may take a bit longer on bootsrap as Pods need to find each other.
   219        # This is why the startup proben is a bit more forgiving, while hitting the endpoint more often.
   220        startupProbe:
   221          periodSeconds: 3
   222          failureThreshold: 60
   223          httpGet:
   224            path: /healthz
   225            port: registry
   226        readinessProbe:
   227          httpGet:
   228            path: /healthz
   229            port: registry
   230        volumeMounts:
   231          - name: containerd-sock
   232            mountPath: /run/containerd/containerd.sock
   233          - name: containerd-content
   234            mountPath: /var/lib/containerd/io.containerd.content.v1.content
   235            readOnly: true
   236        resources:
   237          {}
   238      volumes:
   239        - name: containerd-sock
   240          hostPath:
   241            path: /run/containerd/containerd.sock
   242            type: Socket
   243        - name: containerd-content
   244          hostPath:
   245            path: /var/lib/containerd/io.containerd.content.v1.content
   246            type: Directory
   247        - name: containerd-config
   248          hostPath:
   249            path: /etc/containerd/certs.d
   250            type: DirectoryOrCreate
   251      nodeSelector:
   252        kubernetes.io/os: linux
   253      tolerations:
   254        - key: CriticalAddonsOnly
   255          operator: Exists
   256        - effect: NoExecute
   257          operator: Exists
   258        - effect: NoSchedule
   259          operator: Exists

View as plain text