2018-06-19 09:07:50 +00:00
|
|
|
## deployment-replication/rbac.yaml
|
2018-09-07 12:57:32 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2018-06-19 09:07:50 +00:00
|
|
|
## Cluster role granting access to ArangoDeploymentReplication resources.
|
|
|
|
|
apiVersion: rbac.authorization.k8s.io/v1beta1
|
|
|
|
|
kind: ClusterRole
|
|
|
|
|
metadata:
|
|
|
|
|
name: arango-deployment-replications
|
|
|
|
|
rules:
|
|
|
|
|
- apiGroups: ["replication.database.arangodb.com"]
|
|
|
|
|
resources: ["arangodeploymentreplications"]
|
|
|
|
|
verbs: ["*"]
|
|
|
|
|
|
|
|
|
|
---
|
|
|
|
|
|
|
|
|
|
## Cluster role granting access to all resources needed by the ArangoDeploymentReplication operator.
|
|
|
|
|
apiVersion: rbac.authorization.k8s.io/v1beta1
|
|
|
|
|
kind: ClusterRole
|
|
|
|
|
metadata:
|
|
|
|
|
name: arango-deployment-replication-operator
|
|
|
|
|
rules:
|
|
|
|
|
- apiGroups: ["replication.database.arangodb.com"]
|
|
|
|
|
resources: ["arangodeploymentreplications"]
|
|
|
|
|
verbs: ["*"]
|
|
|
|
|
- apiGroups: ["database.arangodb.com"]
|
|
|
|
|
resources: ["arangodeployments"]
|
|
|
|
|
verbs: ["get"]
|
|
|
|
|
- apiGroups: ["apiextensions.k8s.io"]
|
|
|
|
|
resources: ["customresourcedefinitions"]
|
|
|
|
|
verbs: ["get"]
|
|
|
|
|
- apiGroups: [""]
|
|
|
|
|
resources: ["pods", "services", "endpoints", "persistentvolumeclaims", "events", "secrets"]
|
|
|
|
|
verbs: ["*"]
|
|
|
|
|
- apiGroups: [""]
|
2018-09-07 12:57:32 +00:00
|
|
|
resources: ["namespaces", "nodes"]
|
|
|
|
|
verbs: ["get", "list"]
|
2018-06-19 09:07:50 +00:00
|
|
|
- apiGroups: ["apps"]
|
2018-06-29 13:54:56 +00:00
|
|
|
resources: ["deployments", "replicasets"]
|
|
|
|
|
verbs: ["get"]
|
2018-06-19 09:07:50 +00:00
|
|
|
|
|
|
|
|
---
|
|
|
|
|
|
|
|
|
|
## Bind the cluster role granting access to ArangoDeploymentReplication resources
|
|
|
|
|
## to the default service account of the configured namespace.
|
|
|
|
|
apiVersion: rbac.authorization.k8s.io/v1beta1
|
|
|
|
|
kind: RoleBinding
|
|
|
|
|
metadata:
|
|
|
|
|
name: arango-deployment-replications
|
|
|
|
|
namespace: default
|
|
|
|
|
roleRef:
|
|
|
|
|
apiGroup: rbac.authorization.k8s.io
|
|
|
|
|
kind: ClusterRole
|
|
|
|
|
name: arango-deployment-replications
|
|
|
|
|
subjects:
|
|
|
|
|
- kind: ServiceAccount
|
|
|
|
|
name: default
|
|
|
|
|
namespace: default
|
|
|
|
|
|
|
|
|
|
---
|
|
|
|
|
|
|
|
|
|
## Bind the cluster role granting access to all resources needed by
|
|
|
|
|
## the ArangoDeploymentReplication operator to the default service account
|
|
|
|
|
## the is being used to run the operator deployment.
|
|
|
|
|
apiVersion: rbac.authorization.k8s.io/v1beta1
|
|
|
|
|
kind: ClusterRoleBinding
|
|
|
|
|
metadata:
|
|
|
|
|
name: arango-deployment-replication-operator-default
|
|
|
|
|
roleRef:
|
|
|
|
|
apiGroup: rbac.authorization.k8s.io
|
|
|
|
|
kind: ClusterRole
|
|
|
|
|
name: arango-deployment-replication-operator
|
|
|
|
|
subjects:
|
|
|
|
|
- kind: ServiceAccount
|
|
|
|
|
name: default
|
|
|
|
|
namespace: default
|
|
|
|
|
|
2018-09-07 12:57:32 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2018-06-19 09:07:50 +00:00
|
|
|
---
|
|
|
|
|
|
|
|
|
|
## deployment-replication/deployment-replication.yaml
|
|
|
|
|
|
2018-09-07 12:57:32 +00:00
|
|
|
|
2018-06-19 09:07:50 +00:00
|
|
|
apiVersion: extensions/v1beta1
|
|
|
|
|
kind: Deployment
|
|
|
|
|
metadata:
|
|
|
|
|
name: arango-deployment-replication-operator
|
|
|
|
|
namespace: default
|
|
|
|
|
spec:
|
|
|
|
|
replicas: 2
|
|
|
|
|
strategy:
|
|
|
|
|
type: Recreate
|
|
|
|
|
template:
|
|
|
|
|
metadata:
|
|
|
|
|
labels:
|
|
|
|
|
name: arango-deployment-replication-operator
|
|
|
|
|
app: arango-deployment-replication-operator
|
|
|
|
|
spec:
|
2018-09-07 12:57:32 +00:00
|
|
|
serviceAccountName: default
|
2018-06-19 09:07:50 +00:00
|
|
|
containers:
|
|
|
|
|
- name: operator
|
|
|
|
|
imagePullPolicy: IfNotPresent
|
2019-02-19 17:07:17 +00:00
|
|
|
image: arangodb/kube-arangodb@sha256:ab6187dc940fe35e9d4c61f051a0a0970d39c9e8271eb2d713828e8078f189ae
|
2018-06-19 09:07:50 +00:00
|
|
|
args:
|
|
|
|
|
- --operator.deployment-replication
|
|
|
|
|
env:
|
|
|
|
|
- name: MY_POD_NAMESPACE
|
|
|
|
|
valueFrom:
|
|
|
|
|
fieldRef:
|
|
|
|
|
fieldPath: metadata.namespace
|
|
|
|
|
- name: MY_POD_NAME
|
|
|
|
|
valueFrom:
|
|
|
|
|
fieldRef:
|
|
|
|
|
fieldPath: metadata.name
|
|
|
|
|
- name: MY_POD_IP
|
|
|
|
|
valueFrom:
|
|
|
|
|
fieldRef:
|
|
|
|
|
fieldPath: status.podIP
|
|
|
|
|
ports:
|
|
|
|
|
- name: metrics
|
|
|
|
|
containerPort: 8528
|
|
|
|
|
livenessProbe:
|
|
|
|
|
httpGet:
|
|
|
|
|
path: /health
|
|
|
|
|
port: 8528
|
|
|
|
|
scheme: HTTPS
|
|
|
|
|
initialDelaySeconds: 5
|
|
|
|
|
periodSeconds: 10
|
|
|
|
|
readinessProbe:
|
|
|
|
|
httpGet:
|
|
|
|
|
path: /ready/deployment-replication
|
|
|
|
|
port: 8528
|
|
|
|
|
scheme: HTTPS
|
|
|
|
|
initialDelaySeconds: 5
|
|
|
|
|
periodSeconds: 10
|
|
|
|
|
tolerations:
|
|
|
|
|
- key: "node.kubernetes.io/unreachable"
|
|
|
|
|
operator: "Exists"
|
|
|
|
|
effect: "NoExecute"
|
|
|
|
|
tolerationSeconds: 5
|
|
|
|
|
- key: "node.kubernetes.io/not-ready"
|
|
|
|
|
operator: "Exists"
|
|
|
|
|
effect: "NoExecute"
|
|
|
|
|
tolerationSeconds: 5
|
|
|
|
|
|
2018-09-07 12:57:32 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
---
|
|
|
|
|
|
|
|
|
|
## deployment-replication/service.yaml
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
apiVersion: v1
|
|
|
|
|
kind: Service
|
|
|
|
|
metadata:
|
|
|
|
|
name: arango-deployment-replication-operator
|
|
|
|
|
namespace: default
|
|
|
|
|
labels:
|
|
|
|
|
name: arango-deployment-replication-operator
|
|
|
|
|
app: arango-deployment-replication-operator
|
|
|
|
|
spec:
|
|
|
|
|
ports:
|
|
|
|
|
- name: server
|
|
|
|
|
port: 8528
|
|
|
|
|
protocol: TCP
|
|
|
|
|
targetPort: 8528
|
|
|
|
|
selector:
|
|
|
|
|
name: arango-deployment-replication-operator
|
|
|
|
|
app: arango-deployment-replication-operator
|
|
|
|
|
role: leader
|
|
|
|
|
type: ClusterIP
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
