159 lines
3.8 KiB
Django/Jinja
159 lines
3.8 KiB
Django/Jinja
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
labels:
|
|
control-plane: controller
|
|
name: helm-controller
|
|
namespace: flux-helm
|
|
spec:
|
|
replicas: 1
|
|
selector:
|
|
matchLabels:
|
|
app: helm-controller
|
|
template:
|
|
metadata:
|
|
annotations:
|
|
prometheus.io/port: "8080"
|
|
prometheus.io/scrape: "true"
|
|
labels:
|
|
app: helm-controller
|
|
spec:
|
|
containers:
|
|
- args:
|
|
- --watch-all-namespaces
|
|
- --log-level=info
|
|
- --log-encoding=json
|
|
- --enable-leader-election
|
|
env:
|
|
- name: RUNTIME_NAMESPACE
|
|
valueFrom:
|
|
fieldRef:
|
|
fieldPath: metadata.namespace
|
|
image: "{{ local_registry }}/{{ flux_helm_controller_img }}"
|
|
imagePullPolicy: IfNotPresent
|
|
livenessProbe:
|
|
httpGet:
|
|
path: /healthz
|
|
port: healthz
|
|
name: manager
|
|
ports:
|
|
- containerPort: 8080
|
|
name: http-prom
|
|
- containerPort: 9440
|
|
name: healthz
|
|
protocol: TCP
|
|
readinessProbe:
|
|
httpGet:
|
|
path: /readyz
|
|
port: healthz
|
|
resources:
|
|
limits:
|
|
cpu: 1000m
|
|
memory: 1Gi
|
|
requests:
|
|
cpu: 0
|
|
memory: 64Mi
|
|
securityContext:
|
|
allowPrivilegeEscalation: false
|
|
readOnlyRootFilesystem: true
|
|
volumeMounts:
|
|
- mountPath: /tmp
|
|
name: temp
|
|
imagePullSecrets:
|
|
- name: default-registry-key
|
|
nodeSelector:
|
|
node-role.kubernetes.io/master: ""
|
|
tolerations:
|
|
- key: "node-role.kubernetes.io/master"
|
|
operator: "Exists"
|
|
effect: "NoSchedule"
|
|
terminationGracePeriodSeconds: 600
|
|
volumes:
|
|
- emptyDir: {}
|
|
name: temp
|
|
---
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
labels:
|
|
control-plane: controller
|
|
name: source-controller
|
|
namespace: flux-helm
|
|
spec:
|
|
replicas: 1
|
|
selector:
|
|
matchLabels:
|
|
app: source-controller
|
|
strategy:
|
|
type: Recreate
|
|
template:
|
|
metadata:
|
|
annotations:
|
|
prometheus.io/port: "8080"
|
|
prometheus.io/scrape: "true"
|
|
labels:
|
|
app: source-controller
|
|
spec:
|
|
containers:
|
|
- args:
|
|
- --watch-all-namespaces
|
|
- --log-level=info
|
|
- --log-encoding=json
|
|
- --enable-leader-election
|
|
- --storage-path=/data
|
|
- --storage-adv-addr=source-controller.$(RUNTIME_NAMESPACE).svc.cluster.local.
|
|
env:
|
|
- name: RUNTIME_NAMESPACE
|
|
valueFrom:
|
|
fieldRef:
|
|
fieldPath: metadata.namespace
|
|
image: "{{ local_registry }}/{{ flux_source_controller_img }}"
|
|
imagePullPolicy: IfNotPresent
|
|
livenessProbe:
|
|
httpGet:
|
|
path: /healthz
|
|
port: healthz
|
|
name: manager
|
|
ports:
|
|
- containerPort: 9090
|
|
name: http
|
|
- containerPort: 8080
|
|
name: http-prom
|
|
- containerPort: 9440
|
|
name: healthz
|
|
readinessProbe:
|
|
httpGet:
|
|
path: /
|
|
port: http
|
|
resources:
|
|
limits:
|
|
cpu: 1000m
|
|
memory: 1Gi
|
|
requests:
|
|
cpu: 0
|
|
memory: 64Mi
|
|
securityContext:
|
|
allowPrivilegeEscalation: false
|
|
readOnlyRootFilesystem: true
|
|
volumeMounts:
|
|
- mountPath: /data
|
|
name: data
|
|
- mountPath: /tmp
|
|
name: tmp
|
|
imagePullSecrets:
|
|
- name: default-registry-key
|
|
nodeSelector:
|
|
node-role.kubernetes.io/master: ""
|
|
tolerations:
|
|
- key: "node-role.kubernetes.io/master"
|
|
operator: "Exists"
|
|
effect: "NoSchedule"
|
|
securityContext:
|
|
fsGroup: 1337
|
|
terminationGracePeriodSeconds: 10
|
|
volumes:
|
|
- emptyDir: {}
|
|
name: data
|
|
- emptyDir: {}
|
|
name: tmp
|