f3ad42960a
This patchset provides the manifests supporting CAPZ v0.5.2. It requires CAPI v1alpha4 (v0.4.2) manifests and clusterctl v0.4.2 binary to work properly. Depends-on: https://review.opendev.org/c/airship/airshipctl/+/804834 Relates-to: #600 Change-Id: Icccaf84d8765c75fb19bb2be352086cc33647f30
22 lines
663 B
YAML
22 lines
663 B
YAML
# This patch inject a sidecar container which is a HTTP proxy for the controller manager,
|
|
# it performs RBAC authorization against the Kubernetes API using SubjectAccessReviews.
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: controller-manager
|
|
namespace: system
|
|
spec:
|
|
template:
|
|
spec:
|
|
containers:
|
|
- name: kube-rbac-proxy
|
|
image: gcr.io/kubebuilder/kube-rbac-proxy:v0.8.0
|
|
args:
|
|
- "--secure-listen-address=0.0.0.0:8443"
|
|
- "--upstream=http://127.0.0.1:8080/"
|
|
- "--logtostderr=true"
|
|
- "--v=10"
|
|
ports:
|
|
- containerPort: 8443
|
|
name: https
|