From d97e3dc221e0143d7b0541f1012be994560b35f2 Mon Sep 17 00:00:00 2001 From: Ben Moss Date: Tue, 14 Jul 2020 19:07:41 +0000 Subject: [PATCH] Add sample deployment/service account manifest Based on https://notes.elmiko.dev/2020/05/22/kubernetes-autoscaler-capd.html --- .../cloudprovider/clusterapi/README.md | 12 ++ .../clusterapi/examples/deployment.yaml | 167 ++++++++++++++++++ 2 files changed, 179 insertions(+) create mode 100644 cluster-autoscaler/cloudprovider/clusterapi/examples/deployment.yaml diff --git a/cluster-autoscaler/cloudprovider/clusterapi/README.md b/cluster-autoscaler/cloudprovider/clusterapi/README.md index f797ae1cc2..6b2b1ec611 100644 --- a/cluster-autoscaler/cloudprovider/clusterapi/README.md +++ b/cluster-autoscaler/cloudprovider/clusterapi/README.md @@ -60,3 +60,15 @@ use the group `cluster.x-k8s.io`, with a dynamically acquired version. In some situations, such as testing or prototyping, you may wish to change this group variable. For these situations you may use the environment variable `CAPI_GROUP` to change the group that the provider will use. + +## Sample manifest + +A sample manifest that will create a deployment running the autoscaler is +available. It can be deployed by passing it through `envsubst`, providing +these environment variables to set the namespace to deploy into as well as the image and tag to use: + +``` +export AUTOSCALER_NS=kube-system +export AUTOSCALER_IMAGE=us.gcr.io/k8s-artifacts-prod/autoscaling/cluster-autoscaler:v1.18.1 +envsubst < examples/deployment.yaml | kubectl apply -f- +``` diff --git a/cluster-autoscaler/cloudprovider/clusterapi/examples/deployment.yaml b/cluster-autoscaler/cloudprovider/clusterapi/examples/deployment.yaml new file mode 100644 index 0000000000..1028dfd7c7 --- /dev/null +++ b/cluster-autoscaler/cloudprovider/clusterapi/examples/deployment.yaml @@ -0,0 +1,167 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: cluster-autoscaler + namespace: ${AUTOSCALER_NS} + labels: + app: cluster-autoscaler +spec: + selector: + matchLabels: + app: cluster-autoscaler + replicas: 1 + template: + metadata: + labels: + app: cluster-autoscaler + spec: + containers: + - image: ${AUTOSCALER_IMAGE} + name: cluster-autoscaler + command: + - /cluster-autoscaler + args: + - --cloud-provider=clusterapi + serviceAccountName: cluster-autoscaler + terminationGracePeriodSeconds: 10 + tolerations: + - effect: NoSchedule + key: node-role.kubernetes.io/master +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1beta1 +metadata: + name: cluster-autoscaler-workload +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cluster-autoscaler-workload +subjects: +- kind: ServiceAccount + name: cluster-autoscaler + namespace: ${AUTOSCALER_NS} +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1beta1 +metadata: + name: cluster-autoscaler-management +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cluster-autoscaler-management +subjects: +- kind: ServiceAccount + name: cluster-autoscaler + namespace: ${AUTOSCALER_NS} +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: cluster-autoscaler + namespace: ${AUTOSCALER_NS} +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1beta1 +metadata: + name: cluster-autoscaler-workload +rules: + - apiGroups: + - "" + resources: + - persistentvolumeclaims + - persistentvolumes + - pods + - replicationcontrollers + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - nodes + verbs: + - get + - list + - update + - watch + - apiGroups: + - "" + resources: + - pods/eviction + verbs: + - create + - apiGroups: + - policy + resources: + - poddisruptionbudgets + verbs: + - list + - watch + - apiGroups: + - storage.k8s.io + resources: + - csinodes + - storageclasses + verbs: + - get + - list + - watch + - apiGroups: + - batch + resources: + - jobs + verbs: + - list + - watch + - apiGroups: + - apps + resources: + - daemonsets + - replicasets + - statefulsets + verbs: + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - create + - patch + - apiGroups: + - "" + resources: + - configmaps + verbs: + - create + - delete + - get + - update + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - create + - get + - update +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1beta1 +metadata: + name: cluster-autoscaler-management +rules: + - apiGroups: + - cluster.x-k8s.io + resources: + - machinedeployments + - machines + - machinesets + verbs: + - get + - list + - update + - watch