118 lines
3.3 KiB
YAML
118 lines
3.3 KiB
YAML
{{- if eq .Values.installMode "agent" }}
|
|
{{- $name := include "karmada.name" . -}}
|
|
apiVersion: v1
|
|
kind: ServiceAccount
|
|
metadata:
|
|
name: {{ $name }}
|
|
namespace: {{ include "karmada.namespace" . }}
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: ClusterRole
|
|
metadata:
|
|
name: {{ $name }}
|
|
rules:
|
|
- apiGroups: ['*']
|
|
resources: ['*']
|
|
verbs: ["get", "watch", "list", "create", "update", "delete"]
|
|
- nonResourceURLs: ['*']
|
|
verbs: ["get"]
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: ClusterRoleBinding
|
|
metadata:
|
|
name: {{ $name }}
|
|
roleRef:
|
|
apiGroup: rbac.authorization.k8s.io
|
|
kind: ClusterRole
|
|
name: {{ $name }}
|
|
subjects:
|
|
- kind: ServiceAccount
|
|
name: {{ $name }}
|
|
namespace: {{ include "karmada.namespace" . }}
|
|
---
|
|
apiVersion: v1
|
|
kind: Secret
|
|
metadata:
|
|
name: {{ $name }}-kubeconfig
|
|
namespace: {{ include "karmada.namespace" . }}
|
|
stringData:
|
|
kubeconfig: |-
|
|
apiVersion: v1
|
|
kind: Config
|
|
clusters:
|
|
- cluster:
|
|
certificate-authority-data: {{ b64enc .Values.agent.kubeconfig.caCrt }}
|
|
insecure-skip-tls-verify: false
|
|
server: {{ .Values.agent.kubeconfig.server }}
|
|
name: {{ $name }}-apiserver
|
|
users:
|
|
- user:
|
|
client-certificate-data: {{ b64enc .Values.agent.kubeconfig.crt }}
|
|
client-key-data: {{ b64enc .Values.agent.kubeconfig.key }}
|
|
name: {{ $name }}-apiserver
|
|
contexts:
|
|
- context:
|
|
cluster: {{ $name }}-apiserver
|
|
user: {{ $name }}-apiserver
|
|
name: {{ $name }}-apiserver
|
|
current-context: {{ $name }}-apiserver
|
|
---
|
|
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: {{ $name }}
|
|
namespace: {{ include "karmada.namespace" . }}
|
|
labels:
|
|
{{- include "karmada.agent.labels" . | indent 4}}
|
|
spec:
|
|
replicas: {{ .Values.agent.replicaCount }}
|
|
selector:
|
|
matchLabels:
|
|
{{- include "karmada.agent.labels" . | indent 6}}
|
|
template:
|
|
metadata:
|
|
{{- with .Values.agent.podAnnotations}}
|
|
annotations:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
labels:
|
|
{{- include "karmada.agent.labels" . | indent 8}}
|
|
{{- include "karmada.agent.podLabels" . | indent 8}}
|
|
spec:
|
|
{{- with .Values.agent.imagePullSecrets }}
|
|
imagePullSecrets:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
{{- with .Values.agent.nodeSelector }}
|
|
nodeSelector:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
{{- with .Values.agent.affinity }}
|
|
affinity:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
{{- with .Values.agent.tolerations}}
|
|
tolerations:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
serviceAccountName: {{ $name }}
|
|
containers:
|
|
- name: {{ $name }}
|
|
image: {{ .Values.agent.image.repository}}:{{ .Values.agent.image.tag | default "latest" }}
|
|
imagePullPolicy: {{ .Values.agent.image.pullPolicy }}
|
|
command:
|
|
- /bin/karmada-agent
|
|
- --karmada-kubeconfig=/etc/kubeconfig/kubeconfig
|
|
- --cluster-name={{ .Values.agent.clusterName }}
|
|
- --cluster-status-update-frequency=10s
|
|
- --v=4
|
|
volumeMounts:
|
|
- name: kubeconfig
|
|
mountPath: /etc/kubeconfig
|
|
volumes:
|
|
- name: kubeconfig
|
|
secret:
|
|
secretName: {{ $name }}-kubeconfig
|
|
{{- end }}
|