1apiVersion: v1
2kind: Pod
3metadata:
4 name: kube-addon-manager
5 namespace: kube-system
6 labels:
7 component: kube-addon-manager
8spec:
9 securityContext:
10 seccompProfile:
11 type: RuntimeDefault
12 runAsUser: {{runAsUser}}
13 runAsGroup: {{runAsGroup}}
14 priorityClassName: system-node-critical
15 priority: 2000001000
16 hostNetwork: true
17 containers:
18 - name: kube-addon-manager
19 securityContext:
20 allowPrivilegeEscalation: false
21 capabilities:
22 drop:
23 - all
24 # When updating version also bump it in:
25 # - test/kubemark/resources/manifests/kube-addon-manager.yaml
26 image: registry.k8s.io/addon-manager/kube-addon-manager:v9.1.7
27 command:
28 - /bin/bash
29 - -c
30 - exec /opt/kube-addons-main.sh 1>>/var/log/kube-addon-manager.log 2>&1
31 resources:
32 requests:
33 cpu: 5m
34 memory: 50Mi
35 volumeMounts:
36 - mountPath: /etc/kubernetes/
37 name: addons
38 readOnly: true
39 - mountPath: /var/log
40 name: varlog
41 readOnly: false
42 - mountPath: /etc/srv/kubernetes/addon-manager/
43 name: srvkube
44 readOnly: true
45 env:
46 - name: KUBECTL_PRUNE_WHITELIST_OVERRIDE
47 value: {{kubectl_prune_whitelist_override}}
48 - name: KUBECTL_EXTRA_PRUNE_WHITELIST
49 value: {{kubectl_extra_prune_whitelist}}
50 - name: KUBECTL_OPTS
51 value: '--kubeconfig=/etc/srv/kubernetes/addon-manager/kubeconfig'
52 volumes:
53 - hostPath:
54 path: /etc/kubernetes/
55 name: addons
56 - hostPath:
57 path: /var/log
58 name: varlog
59 - hostPath:
60 path: /etc/srv/kubernetes/addon-manager/
61 name: srvkube
View as plain text