karmada/charts/templates/karmada_controller_manager....

95 lines
2.9 KiB
YAML

{{- if eq .Values.installMode "host" }}
{{- $name := include "karmada.name" . -}}
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ $name }}-controller-manager
namespace: {{ include "karmada.namespace" . }}
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ $name }}-controller-manager
namespace: {{ include "karmada.namespace" . }}
labels:
{{- include "karmada.cm.labels" . | nindent 4}}
spec:
replicas: {{ .Values.controllerManager.replicaCount }}
selector:
matchLabels:
{{- include "karmada.cm.labels" . | nindent 6}}
{{- with .Values.controllerManager.strategy }}
strategy:
{{- toYaml . | nindent 8 }}
{{- end }}
template:
metadata:
{{- with .Values.controllerManager.podAnnotations }}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "karmada.cm.labels" . | nindent 8}}
{{- include "karmada.cm.podLabels" . | nindent 8}}
spec:
{{- with .Values.controllerManager.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ $name }}-controller-manager
{{- with .Values.controllerManager.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.controllerManager.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.controllerManager.tolerations}}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
volumes:
{{- include "karmada.kubeconfig.volume" . | nindent 8}}
containers:
- name: {{ $name }}-controller-manager
image: "{{ .Values.controllerManager.image.repository }}:{{ .Values.controllerManager.image.tag | default "latest" }}"
imagePullPolicy: {{ .Values.controllerManager.image.pullPolicy }}
command:
- /bin/karmada-controller-manager
- --kubeconfig=/etc/kubeconfig
- --bind-address=0.0.0.0
- --cluster-status-update-frequency=10s
- --secure-port=10357
- --v=2
volumeMounts:
{{- include "karmada.kubeconfig.volumeMount" . | nindent 12}}
resources:
{{- toYaml .Values.controllerManager.resources | nindent 12 }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: {{ $name }}-controller-manager
rules:
- apiGroups: ['*']
resources: ['*']
verbs: ["get", "watch", "list", "create", "patch", "update", "delete"]
- nonResourceURLs: ['*']
verbs: ["get"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: {{ $name }}-controller-manager
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: {{ $name }}-controller-manager
subjects:
- kind: ServiceAccount
name: {{ $name }}-controller-manager
namespace: {{ include "karmada.namespace" . }}
---
{{- end }}