apiVersion: apps/v1 kind: Deployment metadata: labels: app.kubernetes.io/component: kubevirt app.kubernetes.io/managed-by: virt-operator app.kubernetes.io/name: virt-controller app.kubernetes.io/version: v1.0.1 kubevirt.io: virt-controller name: virt-controller namespace: "{{ namespace }}" spec: progressDeadlineSeconds: 600 replicas: 2 revisionHistoryLimit: 10 selector: matchLabels: kubevirt.io: virt-controller strategy: rollingUpdate: maxSurge: 25% maxUnavailable: 25% type: RollingUpdate template: metadata: labels: app.kubernetes.io/component: kubevirt app.kubernetes.io/managed-by: virt-operator app.kubernetes.io/version: v1.0.1 kubevirt.io: virt-controller prometheus.kubevirt.io: "true" name: virt-controller spec: affinity: podAntiAffinity: preferredDuringSchedulingIgnoredDuringExecution: - podAffinityTerm: labelSelector: matchExpressions: - key: kubevirt.io operator: In values: - virt-controller topologyKey: kubernetes.io/hostname weight: 1 containers: - args: - --launcher-image - quay.io/kubevirt/virt-launcher@sha256:4c5fce3de2e2589197de72fb0c9436490ea318aca952c05a622c43e067023f35 - --exporter-image - quay.io/kubevirt/virt-exportserver@sha256:73311f79a9c71007f8572b3cc40cd6f6da404c7ef0a9c6509fb717d979546582 - --port - "8443" - -v - "2" command: - virt-controller image: quay.io/kubevirt/virt-controller@sha256:0789fafed2913b35a771e3db882748502b3250be04ece86d97f30201779b4e54 imagePullPolicy: IfNotPresent livenessProbe: failureThreshold: 8 httpGet: path: /healthz port: 8443 scheme: HTTPS initialDelaySeconds: 15 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 10 name: virt-controller ports: - containerPort: 8443 name: metrics protocol: TCP readinessProbe: failureThreshold: 3 httpGet: path: /leader port: 8443 scheme: HTTPS initialDelaySeconds: 15 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 10 resources: requests: cpu: 10m memory: 275Mi securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL seccompProfile: type: RuntimeDefault terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - mountPath: /etc/virt-controller/certificates name: kubevirt-controller-certs readOnly: true - mountPath: /etc/virt-controller/exportca name: kubevirt-export-ca readOnly: true - mountPath: /profile-data name: profile-data dnsPolicy: ClusterFirst nodeSelector: kubernetes.io/os: linux priorityClassName: kubevirt-cluster-critical restartPolicy: Always schedulerName: default-scheduler securityContext: runAsNonRoot: true seccompProfile: type: RuntimeDefault serviceAccount: kubevirt-controller serviceAccountName: kubevirt-controller terminationGracePeriodSeconds: 30 tolerations: - key: CriticalAddonsOnly operator: Exists volumes: - name: kubevirt-controller-certs secret: defaultMode: 420 optional: true secretName: kubevirt-controller-certs - name: kubevirt-export-ca secret: defaultMode: 420 optional: true secretName: kubevirt-export-ca - emptyDir: {} name: profile-data