karmada/artifacts/deploy/karmada-scheduler.yaml

apiVersion: apps/v1
kind: Deployment
metadata:
  name: karmada-scheduler
  namespace: karmada-system
  labels:
    app: karmada-scheduler
spec:
  replicas: 2
  selector:
    matchLabels:
      app: karmada-scheduler
  template:
    metadata:
      labels:
        app: karmada-scheduler
    spec:
      automountServiceAccountToken: false
      tolerations:
        - key: node-role.kubernetes.io/master
          operator: Exists
      containers:
        - name: karmada-scheduler
          securityContext:
            allowPrivilegeEscalation: false
            privileged: false
          image: docker.io/karmada/karmada-scheduler:latest
          imagePullPolicy: IfNotPresent
          livenessProbe:
            httpGet:
              path: /healthz
              port: 10351
              scheme: HTTP
            failureThreshold: 3
            initialDelaySeconds: 15
            periodSeconds: 15
            timeoutSeconds: 5
          ports:
            - containerPort: 8080
              name: metrics
              protocol: TCP
          env:
            - name: POD_IP
              valueFrom:
                fieldRef:
                  fieldPath: status.podIP
          command:
            - /bin/karmada-scheduler
            - --kubeconfig=/etc/karmada/config/karmada.config
            - --metrics-bind-address=$(POD_IP):8080
            - --health-probe-bind-address=$(POD_IP):10351
            - --enable-scheduler-estimator=true
            - --scheduler-estimator-ca-file=/etc/karmada/pki/scheduler-estimator-client/ca.crt
            - --scheduler-estimator-cert-file=/etc/karmada/pki/scheduler-estimator-client/tls.crt
            - --scheduler-estimator-key-file=/etc/karmada/pki/scheduler-estimator-client/tls.key
            - --feature-gates=AllAlpha=true,AllBeta=true
            - --v=4
          volumeMounts:
            - name: karmada-config
              mountPath: /etc/karmada/config
            - name: scheduler-estimator-client-cert
              mountPath: /etc/karmada/pki/scheduler-estimator-client
              readOnly: true
      volumes:
        - name: karmada-config
          secret:
            secretName: karmada-scheduler-config
        - name: scheduler-estimator-client-cert
          secret:
            secretName: karmada-scheduler-scheduler-estimator-client-cert
      securityContext:
        seccompProfile:
          type: RuntimeDefault
      priorityClassName: system-node-critical