summaryrefslogtreecommitdiff
path: root/roles/kubernetes/addons
diff options
context:
space:
mode:
authorChristian Pointner <equinox@spreadspace.org>2022-05-07 22:45:49 +0200
committerChristian Pointner <equinox@spreadspace.org>2022-05-07 23:53:19 +0200
commitc09b07327b688a6a47f523a15c1a5c29d4f476d0 (patch)
tree6c243d60a3fb142c582761f1baab1c00f7081342 /roles/kubernetes/addons
parentcosmetic changes (diff)
k8s: rename masters to control-plane nodes
Diffstat (limited to 'roles/kubernetes/addons')
-rw-r--r--roles/kubernetes/addons/metrics-server/templates/components.0.3.6.yml.j2156
-rw-r--r--roles/kubernetes/addons/metrics-server/templates/components.0.3.7.yml.j2155
2 files changed, 0 insertions, 311 deletions
diff --git a/roles/kubernetes/addons/metrics-server/templates/components.0.3.6.yml.j2 b/roles/kubernetes/addons/metrics-server/templates/components.0.3.6.yml.j2
deleted file mode 100644
index 1e3789bb..00000000
--- a/roles/kubernetes/addons/metrics-server/templates/components.0.3.6.yml.j2
+++ /dev/null
@@ -1,156 +0,0 @@
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: system:aggregated-metrics-reader
- labels:
- rbac.authorization.k8s.io/aggregate-to-view: "true"
- rbac.authorization.k8s.io/aggregate-to-edit: "true"
- rbac.authorization.k8s.io/aggregate-to-admin: "true"
-rules:
-- apiGroups: ["metrics.k8s.io"]
- resources: ["pods", "nodes"]
- verbs: ["get", "list", "watch"]
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- name: metrics-server:system:auth-delegator
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: system:auth-delegator
-subjects:
-- kind: ServiceAccount
- name: metrics-server
- namespace: kube-system
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
- name: metrics-server-auth-reader
- namespace: kube-system
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: Role
- name: extension-apiserver-authentication-reader
-subjects:
-- kind: ServiceAccount
- name: metrics-server
- namespace: kube-system
----
-apiVersion: apiregistration.k8s.io/v1beta1
-kind: APIService
-metadata:
- name: v1beta1.metrics.k8s.io
-spec:
- service:
- name: metrics-server
- namespace: kube-system
- group: metrics.k8s.io
- version: v1beta1
- insecureSkipTLSVerify: true
- groupPriorityMinimum: 100
- versionPriority: 100
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: metrics-server
- namespace: kube-system
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: metrics-server
- namespace: kube-system
- labels:
- k8s-app: metrics-server
-spec:
- selector:
- matchLabels:
- k8s-app: metrics-server
- template:
- metadata:
- name: metrics-server
- labels:
- k8s-app: metrics-server
- spec:
- serviceAccountName: metrics-server
- volumes:
- # mount in tmp so we can safely use from-scratch images and/or read-only containers
- - name: tmp-dir
- emptyDir: {}
- containers:
- - name: metrics-server
- image: k8s.gcr.io/metrics-server-amd64:v0.3.6
- imagePullPolicy: IfNotPresent
- args:
- - --cert-dir=/tmp
- - --secure-port=4443
- - --kubelet-insecure-tls
- - --kubelet-preferred-address-types=InternalIP,ExternalIP
- ports:
- - name: main-port
- containerPort: 4443
- protocol: TCP
- securityContext:
- readOnlyRootFilesystem: true
- runAsNonRoot: true
- runAsUser: 1000
- volumeMounts:
- - name: tmp-dir
- mountPath: /tmp
- nodeSelector:
- kubernetes.io/os: linux
- kubernetes.io/arch: "amd64"
- tolerations:
- - effect: NoSchedule
- key: node-role.kubernetes.io/master
----
-apiVersion: v1
-kind: Service
-metadata:
- name: metrics-server
- namespace: kube-system
- labels:
- kubernetes.io/name: "Metrics-server"
- kubernetes.io/cluster-service: "true"
-spec:
- selector:
- k8s-app: metrics-server
- ports:
- - port: 443
- protocol: TCP
- targetPort: main-port
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: system:metrics-server
-rules:
-- apiGroups:
- - ""
- resources:
- - pods
- - nodes
- - nodes/stats
- - namespaces
- - configmaps
- verbs:
- - get
- - list
- - watch
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- name: system:metrics-server
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: system:metrics-server
-subjects:
-- kind: ServiceAccount
- name: metrics-server
- namespace: kube-system
diff --git a/roles/kubernetes/addons/metrics-server/templates/components.0.3.7.yml.j2 b/roles/kubernetes/addons/metrics-server/templates/components.0.3.7.yml.j2
deleted file mode 100644
index fc8d287b..00000000
--- a/roles/kubernetes/addons/metrics-server/templates/components.0.3.7.yml.j2
+++ /dev/null
@@ -1,155 +0,0 @@
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: system:aggregated-metrics-reader
- labels:
- rbac.authorization.k8s.io/aggregate-to-view: "true"
- rbac.authorization.k8s.io/aggregate-to-edit: "true"
- rbac.authorization.k8s.io/aggregate-to-admin: "true"
-rules:
-- apiGroups: ["metrics.k8s.io"]
- resources: ["pods", "nodes"]
- verbs: ["get", "list", "watch"]
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- name: metrics-server:system:auth-delegator
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: system:auth-delegator
-subjects:
-- kind: ServiceAccount
- name: metrics-server
- namespace: kube-system
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
- name: metrics-server-auth-reader
- namespace: kube-system
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: Role
- name: extension-apiserver-authentication-reader
-subjects:
-- kind: ServiceAccount
- name: metrics-server
- namespace: kube-system
----
-apiVersion: apiregistration.k8s.io/v1beta1
-kind: APIService
-metadata:
- name: v1beta1.metrics.k8s.io
-spec:
- service:
- name: metrics-server
- namespace: kube-system
- group: metrics.k8s.io
- version: v1beta1
- insecureSkipTLSVerify: true
- groupPriorityMinimum: 100
- versionPriority: 100
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: metrics-server
- namespace: kube-system
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: metrics-server
- namespace: kube-system
- labels:
- k8s-app: metrics-server
-spec:
- selector:
- matchLabels:
- k8s-app: metrics-server
- template:
- metadata:
- name: metrics-server
- labels:
- k8s-app: metrics-server
- spec:
- serviceAccountName: metrics-server
- volumes:
- # mount in tmp so we can safely use from-scratch images and/or read-only containers
- - name: tmp-dir
- emptyDir: {}
- containers:
- - name: metrics-server
- image: k8s.gcr.io/metrics-server/metrics-server:v0.3.7
- imagePullPolicy: IfNotPresent
- args:
- - --cert-dir=/tmp
- - --secure-port=4443
- - --kubelet-insecure-tls
- - --kubelet-preferred-address-types=InternalIP,ExternalIP
- ports:
- - name: main-port
- containerPort: 4443
- protocol: TCP
- securityContext:
- readOnlyRootFilesystem: true
- runAsNonRoot: true
- runAsUser: 1000
- volumeMounts:
- - name: tmp-dir
- mountPath: /tmp
- nodeSelector:
- kubernetes.io/os: linux
- tolerations:
- - effect: NoSchedule
- key: node-role.kubernetes.io/master
----
-apiVersion: v1
-kind: Service
-metadata:
- name: metrics-server
- namespace: kube-system
- labels:
- kubernetes.io/name: "Metrics-server"
- kubernetes.io/cluster-service: "true"
-spec:
- selector:
- k8s-app: metrics-server
- ports:
- - port: 443
- protocol: TCP
- targetPort: main-port
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: system:metrics-server
-rules:
-- apiGroups:
- - ""
- resources:
- - pods
- - nodes
- - nodes/stats
- - namespaces
- - configmaps
- verbs:
- - get
- - list
- - watch
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- name: system:metrics-server
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: system:metrics-server
-subjects:
-- kind: ServiceAccount
- name: metrics-server
- namespace: kube-system