File: konnectivity-agent.yaml

package info (click to toggle)
golang-k8s-sigs-apiserver-network-proxy 0.33.0%2Bds1-1
  • links: PTS, VCS
  • area: main
  • in suites: sid
  • size: 1,068 kB
  • sloc: makefile: 220; sh: 118
file content (57 lines) | stat: -rw-r--r-- 1,466 bytes parent folder | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
apiVersion: v1
kind: ServiceAccount
metadata:
  name: konnectivity-agent
  namespace: kube-system
---
apiVersion: v1
kind: Pod
metadata:
  name: konnectivity-agent
  namespace: kube-system
  annotations:
    scheduler.alpha.kubernetes.io/critical-pod: ''
    seccomp.security.alpha.kubernetes.io/pod: 'docker/default'
spec:
  hostNetwork: true
  containers:
  - name: konnectivity-agent-container
    image: ${AGENT_IMAGE}:${TAG}
    resources:
      requests:
        cpu: 50m
      limits:
        memory: 30Mi
    command: [ "/proxy-agent"]
    args: [
      "--logtostderr=true",
      "--ca-cert=/var/run/secrets/kubernetes.io/serviceaccount/ca.crt",
      "--proxy-server-host=${CLUSTER_IP}",
      "--proxy-server-port=8091",
      "--service-account-token-path=/var/run/secrets/tokens/konnectivity-agent-token",
      ]
    livenessProbe:
      httpGet:
        scheme: HTTP
        port: 8093
        path: /healthz
      initialDelaySeconds: 15
      timeoutSeconds: 15
    readinessProbe:
      httpGet:
        scheme: HTTP
        port: 8093
        path: /readyz
      initialDelaySeconds: 15
      timeoutSeconds: 15
    volumeMounts:
      - mountPath: /var/run/secrets/tokens
        name: konnectivity-agent-token
  serviceAccountName: konnectivity-agent
  volumes:
  - name: konnectivity-agent-token
    projected:
      sources:
      - serviceAccountToken:
          path: konnectivity-agent-token
          audience: system:konnectivity-server