/* Copyright 2023 The Karmada Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. */ package controlplane const ( // KubeControllerManagerDeployment is KubeControllerManage deployment manifest KubeControllerManagerDeployment = ` apiVersion: apps/v1 kind: Deployment metadata: name: {{ .DeploymentName }} namespace: {{ .Namespace }} labels: karmada-app: kube-controller-manager app.kubernetes.io/managed-by: karmada-operator spec: replicas: {{ .Replicas }} selector: matchLabels: karmada-app: kube-controller-manager template: metadata: labels: karmada-app: kube-controller-manager spec: automountServiceAccountToken: false priorityClassName: system-node-critical affinity: podAntiAffinity: requiredDuringSchedulingIgnoredDuringExecution: - labelSelector: matchExpressions: - key: karmada-app operator: In values: ["kube-controller-manager"] topologyKey: kubernetes.io/hostname containers: - name: kube-controller-manager image: {{ .Image }} imagePullPolicy: {{ .ImagePullPolicy }} command: - kube-controller-manager - --allocate-node-cidrs=true - --kubeconfig=/etc/karmada/kubeconfig - --authentication-kubeconfig=/etc/karmada/kubeconfig - --authorization-kubeconfig=/etc/karmada/kubeconfig - --bind-address=0.0.0.0 - --client-ca-file=/etc/karmada/pki/ca.crt - --cluster-cidr=10.244.0.0/16 - --cluster-name=karmada - --cluster-signing-cert-file=/etc/karmada/pki/ca.crt - --cluster-signing-key-file=/etc/karmada/pki/ca.key - --controllers=namespace,garbagecollector,serviceaccount-token,ttl-after-finished,bootstrapsigner,csrapproving,csrcleaner,csrsigning,clusterrole-aggregation - --leader-elect=true - --node-cidr-mask-size=24 - --root-ca-file=/etc/karmada/pki/ca.crt - --service-account-private-key-file=/etc/karmada/pki/karmada.key - --service-cluster-ip-range=10.96.0.0/12 - --use-service-account-credentials=true - --v=4 livenessProbe: failureThreshold: 8 httpGet: path: /healthz port: 10257 scheme: HTTPS initialDelaySeconds: 10 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 15 volumeMounts: - name: karmada-certs mountPath: /etc/karmada/pki readOnly: true - name: kubeconfig mountPath: /etc/karmada/kubeconfig subPath: kubeconfig volumes: - name: karmada-certs secret: secretName: {{ .KarmadaCertsSecret }} - name: kubeconfig secret: secretName: {{ .KubeconfigSecret }} ` // KamradaControllerManagerDeployment is karmada controllerManager Deployment manifest KamradaControllerManagerDeployment = ` apiVersion: apps/v1 kind: Deployment metadata: name: {{ .DeploymentName }} namespace: {{ .Namespace }} labels: karmada-app: karmada-controller-manager app.kubernetes.io/managed-by: karmada-operator spec: replicas: {{ .Replicas }} selector: matchLabels: karmada-app: karmada-controller-manager template: metadata: labels: karmada-app: karmada-controller-manager spec: automountServiceAccountToken: false tolerations: - key: node-role.kubernetes.io/master operator: Exists containers: - name: karmada-controller-manager image: {{ .Image }} imagePullPolicy: {{ .ImagePullPolicy }} command: - /bin/karmada-controller-manager - --kubeconfig=/etc/karmada/kubeconfig - --metrics-bind-address=:8080 - --cluster-status-update-frequency=10s - --failover-eviction-timeout=30s - --leader-elect-resource-namespace={{ .SystemNamespace }} - --health-probe-bind-address=0.0.0.0:10357 - --v=4 livenessProbe: httpGet: path: /healthz port: 10357 scheme: HTTP failureThreshold: 3 initialDelaySeconds: 15 periodSeconds: 15 timeoutSeconds: 5 ports: - containerPort: 8080 name: metrics protocol: TCP volumeMounts: - name: kubeconfig subPath: kubeconfig mountPath: /etc/karmada/kubeconfig volumes: - name: kubeconfig secret: secretName: {{ .KubeconfigSecret }} ` // KarmadaSchedulerDeployment is KarmadaScheduler Deployment manifest KarmadaSchedulerDeployment = ` apiVersion: apps/v1 kind: Deployment metadata: name: {{ .DeploymentName }} namespace: {{ .Namespace }} labels: karmada-app: karmada-scheduler app.kubernetes.io/managed-by: karmada-operator spec: replicas: {{ .Replicas }} selector: matchLabels: karmada-app: karmada-scheduler template: metadata: labels: karmada-app: karmada-scheduler spec: automountServiceAccountToken: false tolerations: - key: node-role.kubernetes.io/master operator: Exists containers: - name: karmada-scheduler image: {{ .Image }} imagePullPolicy: {{ .ImagePullPolicy }} command: - /bin/karmada-scheduler - --kubeconfig=/etc/karmada/kubeconfig - --metrics-bind-address=0.0.0.0:10351 - --health-probe-bind-address=0.0.0.0:10351 - --enable-scheduler-estimator=true - --leader-elect-resource-namespace={{ .SystemNamespace }} - --scheduler-estimator-ca-file=/etc/karmada/pki/ca.crt - --scheduler-estimator-cert-file=/etc/karmada/pki/karmada.crt - --scheduler-estimator-key-file=/etc/karmada/pki/karmada.key - --v=4 livenessProbe: httpGet: path: /healthz port: 10351 scheme: HTTP failureThreshold: 3 initialDelaySeconds: 15 periodSeconds: 15 timeoutSeconds: 5 ports: - containerPort: 10351 name: metrics protocol: TCP volumeMounts: - name: karmada-certs mountPath: /etc/karmada/pki readOnly: true - name: kubeconfig subPath: kubeconfig mountPath: /etc/karmada/kubeconfig volumes: - name: karmada-certs secret: secretName: {{ .KarmadaCertsSecret }} - name: kubeconfig secret: secretName: {{ .KubeconfigSecret }} ` // KarmadaDeschedulerDeployment is KarmadaDescheduler Deployment manifest KarmadaDeschedulerDeployment = ` apiVersion: apps/v1 kind: Deployment metadata: name: {{ .DeploymentName }} namespace: {{ .Namespace }} labels: karmada-app: karmada-descheduler app.kubernetes.io/managed-by: karmada-operator spec: replicas: {{ .Replicas }} selector: matchLabels: karmada-app: karmada-descheduler template: metadata: labels: karmada-app: karmada-descheduler spec: automountServiceAccountToken: false tolerations: - key: node-role.kubernetes.io/master operator: Exists containers: - name: karmada-descheduler image: {{ .Image }} imagePullPolicy: {{ .ImagePullPolicy }} command: - /bin/karmada-descheduler - --kubeconfig=/etc/karmada/kubeconfig - --metrics-bind-address=0.0.0.0:10358 - --health-probe-bind-address=0.0.0.0:10358 - --leader-elect-resource-namespace={{ .SystemNamespace }} - --scheduler-estimator-ca-file=/etc/karmada/pki/ca.crt - --scheduler-estimator-cert-file=/etc/karmada/pki/karmada.crt - --scheduler-estimator-key-file=/etc/karmada/pki/karmada.key - --v=4 livenessProbe: httpGet: path: /healthz port: 10358 scheme: HTTP failureThreshold: 3 initialDelaySeconds: 15 periodSeconds: 15 timeoutSeconds: 5 ports: - containerPort: 10358 name: metrics protocol: TCP volumeMounts: - name: karmada-certs mountPath: /etc/karmada/pki readOnly: true - name: kubeconfig subPath: kubeconfig mountPath: /etc/karmada/kubeconfig volumes: - name: karmada-certs secret: secretName: {{ .KarmadaCertsSecret }} - name: kubeconfig secret: secretName: {{ .KubeconfigSecret }} ` )