135 lines
4.2 KiB
Handlebars
135 lines
4.2 KiB
Handlebars
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/component: kubevirt
|
|
app.kubernetes.io/managed-by: virt-operator
|
|
app.kubernetes.io/name: virt-controller
|
|
app.kubernetes.io/version: v1.0.1
|
|
kubevirt.io: virt-controller
|
|
name: virt-controller
|
|
namespace: "{{ namespace }}"
|
|
spec:
|
|
progressDeadlineSeconds: 600
|
|
replicas: 2
|
|
revisionHistoryLimit: 10
|
|
selector:
|
|
matchLabels:
|
|
kubevirt.io: virt-controller
|
|
strategy:
|
|
rollingUpdate:
|
|
maxSurge: 25%
|
|
maxUnavailable: 25%
|
|
type: RollingUpdate
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/component: kubevirt
|
|
app.kubernetes.io/managed-by: virt-operator
|
|
app.kubernetes.io/version: v1.0.1
|
|
kubevirt.io: virt-controller
|
|
prometheus.kubevirt.io: "true"
|
|
name: virt-controller
|
|
spec:
|
|
affinity:
|
|
podAntiAffinity:
|
|
preferredDuringSchedulingIgnoredDuringExecution:
|
|
- podAffinityTerm:
|
|
labelSelector:
|
|
matchExpressions:
|
|
- key: kubevirt.io
|
|
operator: In
|
|
values:
|
|
- virt-controller
|
|
topologyKey: kubernetes.io/hostname
|
|
weight: 1
|
|
containers:
|
|
- args:
|
|
- --launcher-image
|
|
- quay.io/kubevirt/virt-launcher@sha256:4c5fce3de2e2589197de72fb0c9436490ea318aca952c05a622c43e067023f35
|
|
- --exporter-image
|
|
- quay.io/kubevirt/virt-exportserver@sha256:73311f79a9c71007f8572b3cc40cd6f6da404c7ef0a9c6509fb717d979546582
|
|
- --port
|
|
- "8443"
|
|
- -v
|
|
- "2"
|
|
command:
|
|
- virt-controller
|
|
image: quay.io/kubevirt/virt-controller@sha256:0789fafed2913b35a771e3db882748502b3250be04ece86d97f30201779b4e54
|
|
imagePullPolicy: IfNotPresent
|
|
livenessProbe:
|
|
failureThreshold: 8
|
|
httpGet:
|
|
path: /healthz
|
|
port: 8443
|
|
scheme: HTTPS
|
|
initialDelaySeconds: 15
|
|
periodSeconds: 10
|
|
successThreshold: 1
|
|
timeoutSeconds: 10
|
|
name: virt-controller
|
|
ports:
|
|
- containerPort: 8443
|
|
name: metrics
|
|
protocol: TCP
|
|
readinessProbe:
|
|
failureThreshold: 3
|
|
httpGet:
|
|
path: /leader
|
|
port: 8443
|
|
scheme: HTTPS
|
|
initialDelaySeconds: 15
|
|
periodSeconds: 10
|
|
successThreshold: 1
|
|
timeoutSeconds: 10
|
|
resources:
|
|
requests:
|
|
cpu: 10m
|
|
memory: 275Mi
|
|
securityContext:
|
|
allowPrivilegeEscalation: false
|
|
capabilities:
|
|
drop:
|
|
- ALL
|
|
seccompProfile:
|
|
type: RuntimeDefault
|
|
terminationMessagePath: /dev/termination-log
|
|
terminationMessagePolicy: File
|
|
volumeMounts:
|
|
- mountPath: /etc/virt-controller/certificates
|
|
name: kubevirt-controller-certs
|
|
readOnly: true
|
|
- mountPath: /etc/virt-controller/exportca
|
|
name: kubevirt-export-ca
|
|
readOnly: true
|
|
- mountPath: /profile-data
|
|
name: profile-data
|
|
dnsPolicy: ClusterFirst
|
|
nodeSelector:
|
|
kubernetes.io/os: linux
|
|
priorityClassName: kubevirt-cluster-critical
|
|
restartPolicy: Always
|
|
schedulerName: default-scheduler
|
|
securityContext:
|
|
runAsNonRoot: true
|
|
seccompProfile:
|
|
type: RuntimeDefault
|
|
serviceAccount: kubevirt-controller
|
|
serviceAccountName: kubevirt-controller
|
|
terminationGracePeriodSeconds: 30
|
|
tolerations:
|
|
- key: CriticalAddonsOnly
|
|
operator: Exists
|
|
volumes:
|
|
- name: kubevirt-controller-certs
|
|
secret:
|
|
defaultMode: 420
|
|
optional: true
|
|
secretName: kubevirt-controller-certs
|
|
- name: kubevirt-export-ca
|
|
secret:
|
|
defaultMode: 420
|
|
optional: true
|
|
secretName: kubevirt-export-ca
|
|
- emptyDir: {}
|
|
name: profile-data |