Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / salt-formulas / kubernetes / 6ec903331d80e7e122f7a7939ea7eb905f491151 / . / kubernetes / files / kube-addons / virtlet / virtlet-ds.yml
blob: a222703feefb66df7af7674f37526f23fd888e02 [file] [log] [blame]
Sergii Golovatiuk707f7d82017-08-07 15:49:23 +0200[diff] [blame]1{%- from "kubernetes/map.jinja" import common with context -%}
2{%- from "kubernetes/map.jinja" import master with context -%}
Victor Ryzhenkin23b58b62018-02-14 19:38:46 +0400[diff] [blame]3{%- from "kubernetes/map.jinja" import version %}
Jakub Pavlikc1d11e52017-06-23 11:09:20 +0200[diff] [blame]4---
5apiVersion: extensions/v1beta1
6kind: DaemonSet
7metadata:
Andrey Shestakov83499f72018-05-16 17:07:35 +0300[diff] [blame]8 creationTimestamp: null
Jakub Pavlikc1d11e52017-06-23 11:09:20 +0200[diff] [blame]9 name: virtlet
Sergii Golovatiuk707f7d82017-08-07 15:49:23 +0200[diff] [blame]10 namespace: {{ common.addons.virtlet.namespace }}
Matthew Mosesohn85203d62017-08-17 13:52:31 +0300[diff] [blame]11 labels:
12 addonmanager.kubernetes.io/mode: Reconcile
Jakub Pavlikc1d11e52017-06-23 11:09:20 +0200[diff] [blame]13spec:
14 template:
15 metadata:
Andrey Shestakov83499f72018-05-16 17:07:35 +0300[diff] [blame]16 creationTimestamp: null
Jakub Pavlikc1d11e52017-06-23 11:09:20 +0200[diff] [blame]17 labels:
18 runtime: virtlet
Andrey Shestakovf26f0a52018-04-17 12:43:11 +0300[diff] [blame]19 name: virtlet
Jakub Pavlikc1d11e52017-06-23 11:09:20 +0200[diff] [blame]20 spec:
Jakub Pavlikc1d11e52017-06-23 11:09:20 +0200[diff] [blame]21 affinity:
22 nodeAffinity:
23 requiredDuringSchedulingIgnoredDuringExecution:
24 nodeSelectorTerms:
25 - matchExpressions:
26 - key: extraRuntime
27 operator: In
28 values:
29 - virtlet
Andrey Shestakovf26f0a52018-04-17 12:43:11 +0300[diff] [blame]30 containers:
31 - command:
32 - /libvirt.sh
Victor Ryzhenkind2423792018-02-21 19:55:40 +0400[diff] [blame]33 env:
Andrey Shestakov83499f72018-05-16 17:07:35 +0300[diff] [blame]34 - name: VIRTLET_SRIOV_SUPPORT
35 valueFrom:
36 configMapKeyRef:
37 key: sriov_support
38 name: virtlet-config
39 optional: true
Victor Ryzhenkind2423792018-02-21 19:55:40 +0400[diff] [blame]40 - name: VIRTLET_DISABLE_KVM
41 valueFrom:
42 configMapKeyRef:
Victor Ryzhenkind2423792018-02-21 19:55:40 +0400[diff] [blame]43 key: disable_kvm
Andrey Shestakovf26f0a52018-04-17 12:43:11 +0300[diff] [blame]44 name: virtlet-config
Victor Ryzhenkind2423792018-02-21 19:55:40 +0400[diff] [blame]45 optional: true
Sergii Golovatiuk707f7d82017-08-07 15:49:23 +0200[diff] [blame]46 image: {{ common.addons.virtlet.image }}
Jakub Pavlikc1d11e52017-06-23 11:09:20 +0200[diff] [blame]47 imagePullPolicy: IfNotPresent
Andrey Shestakovf26f0a52018-04-17 12:43:11 +0300[diff] [blame]48 name: libvirt
49 readinessProbe:
50 exec:
51 command:
52 - /bin/sh
53 - -c
54 - socat - UNIX:/var/run/libvirt/libvirt-sock-ro </dev/null
55 resources: {}
56 securityContext:
57 privileged: true
Jakub Pavlikc1d11e52017-06-23 11:09:20 +0200[diff] [blame]58 volumeMounts:
59 - mountPath: /sys/fs/cgroup
60 name: cgroup
61 - mountPath: /lib/modules
62 name: modules
63 readOnly: true
64 - mountPath: /boot
65 name: boot
66 readOnly: true
67 - mountPath: /run
Victor Ryzhenkin23b58b62018-02-14 19:38:46 +0400[diff] [blame]68 mountPropagation: Bidirectional
Andrey Shestakovf26f0a52018-04-17 12:43:11 +0300[diff] [blame]69 name: run
Jakub Pavlikc1d11e52017-06-23 11:09:20 +0200[diff] [blame]70 - mountPath: /var/lib/virtlet
71 name: virtlet
72 - mountPath: /var/lib/libvirt
73 name: libvirt
vrovachev3b141982017-10-06 16:52:40 +0400[diff] [blame]74 - mountPath: /var/run/libvirt
75 name: libvirt-sockets
Andrey Shestakovf26f0a52018-04-17 12:43:11 +0300[diff] [blame]76 - mountPath: /var/log/vms
77 name: vms-log
78 - mountPath: /var/log/libvirt
79 name: libvirt-log
80 - mountPath: /dev
81 name: dev
82 - env:
vrovachev3b141982017-10-06 16:52:40 +0400[diff] [blame]83 - name: VIRTLET_DISABLE_KVM
84 valueFrom:
85 configMapKeyRef:
vrovachev3b141982017-10-06 16:52:40 +0400[diff] [blame]86 key: disable_kvm
Andrey Shestakovf26f0a52018-04-17 12:43:11 +0300[diff] [blame]87 name: virtlet-config
vrovachev3b141982017-10-06 16:52:40 +0400[diff] [blame]88 optional: true
Andrey Shestakovf26f0a52018-04-17 12:43:11 +0300[diff] [blame]89 - name: VIRTLET_DOWNLOAD_PROTOCOL
90 valueFrom:
91 configMapKeyRef:
92 key: download_protocol
93 name: virtlet-config
94 optional: true
95 - name: VIRTLET_LOGLEVEL
96 valueFrom:
97 configMapKeyRef:
98 key: loglevel
99 name: virtlet-config
100 optional: true
101 - name: VIRTLET_CALICO_SUBNET
102 valueFrom:
103 configMapKeyRef:
104 key: calico-subnet
105 name: virtlet-config
106 optional: true
107 - name: IMAGE_REGEXP_TRANSLATION
108 valueFrom:
109 configMapKeyRef:
110 key: image_regexp_translation
111 name: virtlet-config
112 optional: true
113 - name: VIRTLET_DISABLE_LOGGING
114 valueFrom:
115 configMapKeyRef:
116 key: disable_logging
117 name: virtlet-config
118 optional: true
119 - name: VIRTLET_SRIOV_SUPPORT
120 valueFrom:
121 configMapKeyRef:
122 key: sriov_support
123 name: virtlet-config
124 optional: true
125 - name: VIRTLET_RAW_DEVICES
126 valueFrom:
127 configMapKeyRef:
128 key: raw_devices
129 name: virtlet-config
130 optional: true
131 - name: IMAGE_TRANSLATIONS_DIR
132 value: /etc/virtlet/images
133 - name: KUBERNETES_POD_LOGS
134 value: /kubernetes-log
vrovachev3b141982017-10-06 16:52:40 +0400[diff] [blame]135 image: {{ common.addons.virtlet.image }}
vrovachev3b141982017-10-06 16:52:40 +0400[diff] [blame]136 imagePullPolicy: IfNotPresent
Andrey Shestakovf26f0a52018-04-17 12:43:11 +0300[diff] [blame]137 name: virtlet
138 readinessProbe:
139 exec:
140 command:
141 - /bin/sh
142 - -c
143 - socat - UNIX:/run/virtlet.sock </dev/null
144 resources: {}
145 securityContext:
146 privileged: true
vrovachev3b141982017-10-06 16:52:40 +0400[diff] [blame]147 volumeMounts:
vrovachev3b141982017-10-06 16:52:40 +0400[diff] [blame]148 - mountPath: /run
Victor Ryzhenkin23b58b62018-02-14 19:38:46 +0400[diff] [blame]149 mountPropagation: Bidirectional
Andrey Shestakovf26f0a52018-04-17 12:43:11 +0300[diff] [blame]150 name: run
vrovachev3b141982017-10-06 16:52:40 +0400[diff] [blame]151 - mountPath: /lib/modules
152 name: modules
153 readOnly: true
154 - mountPath: /boot
155 name: boot
156 readOnly: true
157 - mountPath: /var/lib/virtlet
158 name: virtlet
159 - mountPath: /var/lib/libvirt
160 name: libvirt
vrovachev3b141982017-10-06 16:52:40 +0400[diff] [blame]161 - mountPath: /var/run/libvirt
162 name: libvirt-sockets
Jakub Pavlikc1d11e52017-06-23 11:09:20 +0200[diff] [blame]163 - mountPath: /usr/libexec/kubernetes/kubelet-plugins/volume/exec
164 name: k8s-flexvolume-plugins-dir
Victor Ryzhenkin23b58b62018-02-14 19:38:46 +0400[diff] [blame]165 - mountPath: /var/lib/kubelet/pods
Victor Ryzhenkin23b58b62018-02-14 19:38:46 +0400[diff] [blame]166 mountPropagation: Bidirectional
Andrey Shestakovf26f0a52018-04-17 12:43:11 +0300[diff] [blame]167 name: k8s-pods-dir
168 - mountPath: /var/log/vms
169 name: vms-log
vrovachev3b141982017-10-06 16:52:40 +0400[diff] [blame]170 - mountPath: /etc/virtlet/images
171 name: image-name-translations
Andrey Shestakovf26f0a52018-04-17 12:43:11 +0300[diff] [blame]172 - mountPath: /kubernetes-log
173 name: pods-log
174 - command:
175 - /vms.sh
Sergii Golovatiuk707f7d82017-08-07 15:49:23 +0200[diff] [blame]176 image: {{ common.addons.virtlet.image }}
Jakub Pavlikc1d11e52017-06-23 11:09:20 +0200[diff] [blame]177 imagePullPolicy: IfNotPresent
Andrey Shestakovf26f0a52018-04-17 12:43:11 +0300[diff] [blame]178 name: vms
179 resources: {}
Jakub Pavlikc1d11e52017-06-23 11:09:20 +0200[diff] [blame]180 volumeMounts:
vrovachev3b141982017-10-06 16:52:40 +0400[diff] [blame]181 - mountPath: /var/lib/virtlet
182 name: virtlet
183 - mountPath: /var/lib/libvirt
184 name: libvirt
Andrey Shestakovf26f0a52018-04-17 12:43:11 +0300[diff] [blame]185 - mountPath: /var/log/vms
186 name: vms-log
187 - mountPath: /dev
188 name: dev
189 - mountPath: /lib/modules
190 name: modules
Andrey Shestakovf26f0a52018-04-17 12:43:11 +0300[diff] [blame]191 dnsPolicy: ClusterFirstWithHostNet
Andrey Shestakovf26f0a52018-04-17 12:43:11 +0300[diff] [blame]192 hostNetwork: true
193 hostPID: true
194 initContainers:
195 - command:
196 - /prepare-node.sh
197 env:
198 - name: VIRTLET_DISABLE_KVM
199 valueFrom:
200 configMapKeyRef:
201 key: disable_kvm
202 name: virtlet-config
203 optional: true
204 image: {{ common.addons.virtlet.image }}
205 imagePullPolicy: IfNotPresent
206 name: prepare-node
207 resources: {}
208 securityContext:
209 privileged: true
210 volumeMounts:
211 - mountPath: /kubelet-volume-plugins
212 name: k8s-flexvolume-plugins-dir
213 - mountPath: /run
214 mountPropagation: Bidirectional
215 name: run
216 - mountPath: /var/run/docker.sock
217 name: dockersock
218 - mountPath: /hostlog
219 name: log
220 - mountPath: /host-var-lib
221 name: var-lib
222 - mountPath: /dev
223 name: dev
224 serviceAccountName: virtlet
Jakub Pavlikc1d11e52017-06-23 11:09:20 +0200[diff] [blame]225 volumes:
vrovachev3b141982017-10-06 16:52:40 +0400[diff] [blame]226 - hostPath:
227 path: /dev
228 name: dev
229 - hostPath:
Jakub Pavlikc1d11e52017-06-23 11:09:20 +0200[diff] [blame]230 path: /sys/fs/cgroup
231 name: cgroup
232 - hostPath:
233 path: /lib/modules
234 name: modules
235 - hostPath:
236 path: /boot
237 name: boot
238 - hostPath:
239 path: /run
240 name: run
Jakub Pavlikc1d11e52017-06-23 11:09:20 +0200[diff] [blame]241 - hostPath:
242 path: /var/run/docker.sock
243 name: dockersock
244 - hostPath:
245 path: /var/lib/virtlet
246 name: virtlet
247 - hostPath:
248 path: /var/lib/libvirt
249 name: libvirt
250 - hostPath:
Jakub Pavlikc1d11e52017-06-23 11:09:20 +0200[diff] [blame]251 path: /var/log
252 name: log
253 - hostPath:
254 path: /usr/libexec/kubernetes/kubelet-plugins/volume/exec
255 name: k8s-flexvolume-plugins-dir
256 - hostPath:
257 path: /var/lib/kubelet/pods
258 name: k8s-pods-dir
259 - hostPath:
260 path: /var/lib
261 name: var-lib
262 - hostPath:
263 path: /var/log/virtlet/vms
264 name: vms-log
265 - hostPath:
Andrey Shestakovf26f0a52018-04-17 12:43:11 +0300[diff] [blame]266 path: /var/log/libvirt
267 name: libvirt-log
268 - hostPath:
vrovachev3b141982017-10-06 16:52:40 +0400[diff] [blame]269 path: /var/run/libvirt
270 name: libvirt-sockets
271 - hostPath:
Jakub Pavlikc1d11e52017-06-23 11:09:20 +0200[diff] [blame]272 path: /var/log/pods
273 name: pods-log
Victor Ryzhenkin23b58b62018-02-14 19:38:46 +0400[diff] [blame]274 - hostPath:
275 path: /var/run/netns
276 name: netns-dir
vrovachev3b141982017-10-06 16:52:40 +0400[diff] [blame]277 - configMap:
278 name: virtlet-image-translations
279 name: image-name-translations
Andrey Shestakovf26f0a52018-04-17 12:43:11 +0300[diff] [blame]280 updateStrategy: {}
281status:
282 currentNumberScheduled: 0
283 desiredNumberScheduled: 0
284 numberMisscheduled: 0
285 numberReady: 0
286
287---
288apiVersion: rbac.authorization.k8s.io/v1beta1
289kind: ClusterRoleBinding
290metadata:
Andrey Shestakov83499f72018-05-16 17:07:35 +0300[diff] [blame]291 creationTimestamp: null
Andrey Shestakovf26f0a52018-04-17 12:43:11 +0300[diff] [blame]292 name: virtlet
293 labels:
294 addonmanager.kubernetes.io/mode: Reconcile
295roleRef:
296 apiGroup: rbac.authorization.k8s.io
297 kind: ClusterRole
298 name: virtlet
299subjects:
300- kind: ServiceAccount
301 name: virtlet
302 namespace: {{ common.addons.virtlet.namespace }}
303
304---
305apiVersion: rbac.authorization.k8s.io/v1beta1
306kind: ClusterRole
307metadata:
Andrey Shestakov83499f72018-05-16 17:07:35 +0300[diff] [blame]308 creationTimestamp: null
Andrey Shestakovf26f0a52018-04-17 12:43:11 +0300[diff] [blame]309 name: virtlet
310 namespace: {{ common.addons.virtlet.namespace }}
311 labels:
312 addonmanager.kubernetes.io/mode: Reconcile
313rules:
314- apiGroups:
315 - ""
316 resources:
317 - configmaps
318 verbs:
319 - create
320
Jakub Pavlikc1d11e52017-06-23 11:09:20 +0200[diff] [blame]321---
322apiVersion: rbac.authorization.k8s.io/v1beta1
vrovachev3b141982017-10-06 16:52:40 +0400[diff] [blame]323kind: ClusterRole
324metadata:
Andrey Shestakov83499f72018-05-16 17:07:35 +0300[diff] [blame]325 creationTimestamp: null
vrovachev3b141982017-10-06 16:52:40 +0400[diff] [blame]326 name: configmap-reader
vrovachev3b141982017-10-06 16:52:40 +0400[diff] [blame]327 labels:
328 addonmanager.kubernetes.io/mode: Reconcile
329rules:
330- apiGroups:
331 - ""
332 resources:
333 - configmaps
334 verbs:
335 - get
336 - list
337 - watch
Andrey Shestakovf26f0a52018-04-17 12:43:11 +0300[diff] [blame]338
339---
340apiVersion: rbac.authorization.k8s.io/v1beta1
341kind: ClusterRole
342metadata:
Andrey Shestakov83499f72018-05-16 17:07:35 +0300[diff] [blame]343 creationTimestamp: null
Andrey Shestakovf26f0a52018-04-17 12:43:11 +0300[diff] [blame]344 name: virtlet-userdata-reader
345 labels:
346 addonmanager.kubernetes.io/mode: Reconcile
347rules:
348- apiGroups:
349 - ""
350 resources:
351 - configmaps
352 - secrets
353 verbs:
354 - get
355
vrovachev3b141982017-10-06 16:52:40 +0400[diff] [blame]356---
357apiVersion: rbac.authorization.k8s.io/v1beta1
Jakub Pavlikc1d11e52017-06-23 11:09:20 +0200[diff] [blame]358kind: ClusterRoleBinding
359metadata:
Andrey Shestakov83499f72018-05-16 17:07:35 +0300[diff] [blame]360 creationTimestamp: null
vrovachev3b141982017-10-06 16:52:40 +0400[diff] [blame]361 name: kubelet-node-binding
Matthew Mosesohn85203d62017-08-17 13:52:31 +0300[diff] [blame]362 labels:
363 addonmanager.kubernetes.io/mode: Reconcile
Jakub Pavlikc1d11e52017-06-23 11:09:20 +0200[diff] [blame]364roleRef:
365 apiGroup: rbac.authorization.k8s.io
366 kind: ClusterRole
vrovachev3b141982017-10-06 16:52:40 +0400[diff] [blame]367 name: configmap-reader
Jakub Pavlikc1d11e52017-06-23 11:09:20 +0200[diff] [blame]368subjects:
vrovachev3b141982017-10-06 16:52:40 +0400[diff] [blame]369- apiGroup: rbac.authorization.k8s.io
370 kind: Group
371 name: system:nodes
Andrey Shestakovf26f0a52018-04-17 12:43:11 +0300[diff] [blame]372
Victor Ryzhenkin23b58b62018-02-14 19:38:46 +0400[diff] [blame]373---
374apiVersion: rbac.authorization.k8s.io/v1beta1
375kind: ClusterRoleBinding
376metadata:
Andrey Shestakov83499f72018-05-16 17:07:35 +0300[diff] [blame]377 creationTimestamp: null
Victor Ryzhenkin23b58b62018-02-14 19:38:46 +0400[diff] [blame]378 name: vm-userdata-binding
379 labels:
380 addonmanager.kubernetes.io/mode: Reconcile
381roleRef:
382 apiGroup: rbac.authorization.k8s.io
383 kind: ClusterRole
384 name: virtlet-userdata-reader
385subjects:
386- kind: ServiceAccount
387 name: virtlet
388 namespace: {{ common.addons.virtlet.namespace }}
Andrey Shestakovf26f0a52018-04-17 12:43:11 +0300[diff] [blame]389
390---
391apiVersion: rbac.authorization.k8s.io/v1beta1
392kind: ClusterRole
393metadata:
Andrey Shestakov83499f72018-05-16 17:07:35 +0300[diff] [blame]394 creationTimestamp: null
Andrey Shestakovf26f0a52018-04-17 12:43:11 +0300[diff] [blame]395 name: virtlet-crd
396 labels:
397 addonmanager.kubernetes.io/mode: Reconcile
398rules:
399- apiGroups:
400 - apiextensions.k8s.io
401 resources:
402 - customresourcedefinitions
403 verbs:
404 - create
405- apiGroups:
406 - virtlet.k8s
407 resources:
408 - virtletimagemappings
409 verbs:
410 - list
411 - get
412
413---
414apiVersion: rbac.authorization.k8s.io/v1beta1
415kind: ClusterRoleBinding
416metadata:
Andrey Shestakov83499f72018-05-16 17:07:35 +0300[diff] [blame]417 creationTimestamp: null
Andrey Shestakovf26f0a52018-04-17 12:43:11 +0300[diff] [blame]418 name: virtlet-crd
419 labels:
420 addonmanager.kubernetes.io/mode: Reconcile
421roleRef:
422 apiGroup: rbac.authorization.k8s.io
423 kind: ClusterRole
424 name: virtlet-crd
425subjects:
426- kind: ServiceAccount
427 name: virtlet
428 namespace: {{ common.addons.virtlet.namespace }}
429
430---
431apiVersion: v1
432kind: ServiceAccount
433metadata:
Andrey Shestakov83499f72018-05-16 17:07:35 +0300[diff] [blame]434 creationTimestamp: null
Andrey Shestakovf26f0a52018-04-17 12:43:11 +0300[diff] [blame]435 name: virtlet
436 namespace: {{ common.addons.virtlet.namespace }}
Victor Ryzhenkin23b58b62018-02-14 19:38:46 +0400[diff] [blame]437---
vrovachev3b141982017-10-06 16:52:40 +0400[diff] [blame]438apiVersion: v1
439data:
440 images.yml: |
441 translations:
442 - name: cirros
Victor Ryzhenkin23b58b62018-02-14 19:38:46 +0400[diff] [blame]443 url: https://github.com/mirantis/virtlet/releases/download/v0.9.3/cirros.img
vrovachev3b141982017-10-06 16:52:40 +0400[diff] [blame]444kind: ConfigMap
445metadata:
446 name: virtlet-image-translations
447 namespace: {{ common.addons.virtlet.namespace }}
448 labels:
ashestakov263ee602018-03-06 15:33:16 +0000[diff] [blame]449 addonmanager.kubernetes.io/mode: Reconcile