mirror of
https://github.com/arangodb/kube-arangodb.git
synced 2024-12-14 11:57:37 +00:00
592 lines
19 KiB
YAML
592 lines
19 KiB
YAML
---
|
|
# Source: kube-arangodb/templates/service-account.yaml
|
|
apiVersion: v1
|
|
kind: ServiceAccount
|
|
metadata:
|
|
name: arango-all-operator
|
|
namespace: default
|
|
labels:
|
|
app.kubernetes.io/name: kube-arangodb
|
|
helm.sh/chart: kube-arangodb-1.1.8
|
|
app.kubernetes.io/managed-by: Tiller
|
|
app.kubernetes.io/instance: all
|
|
release: all
|
|
---
|
|
# Source: kube-arangodb/templates/storage-operator/crd.yaml
|
|
apiVersion: apiextensions.k8s.io/v1beta1
|
|
kind: CustomResourceDefinition
|
|
metadata:
|
|
name: arangolocalstorages.storage.arangodb.com
|
|
labels:
|
|
app.kubernetes.io/name: kube-arangodb
|
|
helm.sh/chart: kube-arangodb-1.1.8
|
|
app.kubernetes.io/managed-by: Tiller
|
|
app.kubernetes.io/instance: all
|
|
release: all
|
|
spec:
|
|
group: storage.arangodb.com
|
|
names:
|
|
kind: ArangoLocalStorage
|
|
listKind: ArangoLocalStorageList
|
|
plural: arangolocalstorages
|
|
shortNames:
|
|
- arangostorage
|
|
singular: arangolocalstorage
|
|
scope: Cluster
|
|
version: v1alpha
|
|
---
|
|
# Source: kube-arangodb/templates/backup-operator/cluster-role.yaml
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: ClusterRole
|
|
metadata:
|
|
name: arango-all-operator-rbac-backup
|
|
labels:
|
|
app.kubernetes.io/name: kube-arangodb
|
|
helm.sh/chart: kube-arangodb-1.1.8
|
|
app.kubernetes.io/managed-by: Tiller
|
|
app.kubernetes.io/instance: all
|
|
release: all
|
|
rules:
|
|
- apiGroups: ["apiextensions.k8s.io"]
|
|
resources: ["customresourcedefinitions"]
|
|
verbs: ["get", "list", "watch"]
|
|
---
|
|
# Source: kube-arangodb/templates/deployment-operator/cluster-role.yaml
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: ClusterRole
|
|
metadata:
|
|
name: arango-all-operator-rbac-deployment
|
|
labels:
|
|
app.kubernetes.io/name: kube-arangodb
|
|
helm.sh/chart: kube-arangodb-1.1.8
|
|
app.kubernetes.io/managed-by: Tiller
|
|
app.kubernetes.io/instance: all
|
|
release: all
|
|
rules:
|
|
- apiGroups: ["apiextensions.k8s.io"]
|
|
resources: ["customresourcedefinitions"]
|
|
verbs: ["get", "list", "watch"]
|
|
- apiGroups: [""]
|
|
resources: ["namespaces", "nodes", "persistentvolumes"]
|
|
verbs: ["get", "list"]
|
|
---
|
|
# Source: kube-arangodb/templates/deployment-replications-operator/cluster-role.yaml
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: ClusterRole
|
|
metadata:
|
|
name: arango-all-operator-rbac-deployment-replication
|
|
labels:
|
|
app.kubernetes.io/name: kube-arangodb
|
|
helm.sh/chart: kube-arangodb-1.1.8
|
|
app.kubernetes.io/managed-by: Tiller
|
|
app.kubernetes.io/instance: all
|
|
release: all
|
|
rules:
|
|
- apiGroups: ["apiextensions.k8s.io"]
|
|
resources: ["customresourcedefinitions"]
|
|
verbs: ["get", "list", "watch"]
|
|
- apiGroups: [""]
|
|
resources: ["namespaces", "nodes"]
|
|
verbs: ["get", "list"]
|
|
---
|
|
# Source: kube-arangodb/templates/storage-operator/cluster-role.yaml
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: ClusterRole
|
|
metadata:
|
|
name: arango-all-operator-rbac-storage
|
|
labels:
|
|
app.kubernetes.io/name: kube-arangodb
|
|
helm.sh/chart: kube-arangodb-1.1.8
|
|
app.kubernetes.io/managed-by: Tiller
|
|
app.kubernetes.io/instance: all
|
|
release: all
|
|
rules:
|
|
- apiGroups: [""]
|
|
resources: ["persistentvolumes", "persistentvolumeclaims", "endpoints", "events", "services"]
|
|
verbs: ["*"]
|
|
- apiGroups: ["apiextensions.k8s.io"]
|
|
resources: ["customresourcedefinitions"]
|
|
verbs: ["get", "list", "watch"]
|
|
- apiGroups: [""]
|
|
resources: ["namespaces", "nodes"]
|
|
verbs: ["get", "list"]
|
|
- apiGroups: ["storage.k8s.io"]
|
|
resources: ["storageclasses"]
|
|
verbs: ["*"]
|
|
- apiGroups: ["storage.arangodb.com"]
|
|
resources: ["arangolocalstorages"]
|
|
verbs: ["*"]
|
|
---
|
|
# Source: kube-arangodb/templates/backup-operator/cluster-role-binding.yaml
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: ClusterRoleBinding
|
|
metadata:
|
|
name: arango-all-operator-rbac-backup
|
|
labels:
|
|
app.kubernetes.io/name: kube-arangodb
|
|
helm.sh/chart: kube-arangodb-1.1.8
|
|
app.kubernetes.io/managed-by: Tiller
|
|
app.kubernetes.io/instance: all
|
|
release: all
|
|
roleRef:
|
|
apiGroup: rbac.authorization.k8s.io
|
|
kind: ClusterRole
|
|
name: arango-all-operator-rbac-backup
|
|
subjects:
|
|
- kind: ServiceAccount
|
|
name: arango-all-operator
|
|
namespace: default
|
|
---
|
|
# Source: kube-arangodb/templates/deployment-operator/cluster-role-binding.yaml
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: ClusterRoleBinding
|
|
metadata:
|
|
name: arango-all-operator-rbac-deployment
|
|
labels:
|
|
app.kubernetes.io/name: kube-arangodb
|
|
helm.sh/chart: kube-arangodb-1.1.8
|
|
app.kubernetes.io/managed-by: Tiller
|
|
app.kubernetes.io/instance: all
|
|
release: all
|
|
roleRef:
|
|
apiGroup: rbac.authorization.k8s.io
|
|
kind: ClusterRole
|
|
name: arango-all-operator-rbac-deployment
|
|
subjects:
|
|
- kind: ServiceAccount
|
|
name: arango-all-operator
|
|
namespace: default
|
|
---
|
|
# Source: kube-arangodb/templates/deployment-replications-operator/cluster-role-binding.yaml
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: ClusterRoleBinding
|
|
metadata:
|
|
name: arango-all-operator-rbac-deployment-replication
|
|
labels:
|
|
app.kubernetes.io/name: kube-arangodb
|
|
helm.sh/chart: kube-arangodb-1.1.8
|
|
app.kubernetes.io/managed-by: Tiller
|
|
app.kubernetes.io/instance: all
|
|
release: all
|
|
roleRef:
|
|
apiGroup: rbac.authorization.k8s.io
|
|
kind: ClusterRole
|
|
name: arango-all-operator-rbac-deployment-replication
|
|
subjects:
|
|
- kind: ServiceAccount
|
|
name: arango-all-operator
|
|
namespace: default
|
|
---
|
|
# Source: kube-arangodb/templates/storage-operator/cluster-role-binding.yaml
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: ClusterRoleBinding
|
|
metadata:
|
|
name: arango-all-operator-rbac-storage
|
|
labels:
|
|
app.kubernetes.io/name: kube-arangodb
|
|
helm.sh/chart: kube-arangodb-1.1.8
|
|
app.kubernetes.io/managed-by: Tiller
|
|
app.kubernetes.io/instance: all
|
|
release: all
|
|
roleRef:
|
|
apiGroup: rbac.authorization.k8s.io
|
|
kind: ClusterRole
|
|
name: arango-all-operator-rbac-storage
|
|
subjects:
|
|
- kind: ServiceAccount
|
|
name: arango-all-operator
|
|
namespace: default
|
|
---
|
|
# Source: kube-arangodb/templates/backup-operator/role.yaml
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: Role
|
|
metadata:
|
|
name: arango-all-operator-rbac-backup
|
|
namespace: default
|
|
labels:
|
|
app.kubernetes.io/name: kube-arangodb
|
|
helm.sh/chart: kube-arangodb-1.1.8
|
|
app.kubernetes.io/managed-by: Tiller
|
|
app.kubernetes.io/instance: all
|
|
release: all
|
|
rules:
|
|
- apiGroups: [""]
|
|
resources: ["pods", "services", "endpoints"]
|
|
verbs: ["get", "update"]
|
|
- apiGroups: [""]
|
|
resources: ["events"]
|
|
verbs: ["*"]
|
|
- apiGroups: [""]
|
|
resources: ["secrets"]
|
|
verbs: ["get"]
|
|
- apiGroups: ["apps"]
|
|
resources: ["deployments", "replicasets"]
|
|
verbs: ["get"]
|
|
- apiGroups: ["backup.arangodb.com"]
|
|
resources: ["arangobackuppolicies", "arangobackuppolicies/status", "arangobackups", "arangobackups/status"]
|
|
verbs: ["*"]
|
|
- apiGroups: ["database.arangodb.com"]
|
|
resources: ["arangodeployments"]
|
|
verbs: ["get", "list", "watch"]
|
|
---
|
|
# Source: kube-arangodb/templates/deployment-operator/default-role.yaml
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: Role
|
|
metadata:
|
|
name: arango-all-operator-rbac-default
|
|
namespace: default
|
|
labels:
|
|
app.kubernetes.io/name: kube-arangodb
|
|
helm.sh/chart: kube-arangodb-1.1.8
|
|
app.kubernetes.io/managed-by: Tiller
|
|
app.kubernetes.io/instance: all
|
|
release: all
|
|
rules:
|
|
- apiGroups: [""]
|
|
resources: ["pods"]
|
|
verbs: ["get"]
|
|
---
|
|
# Source: kube-arangodb/templates/deployment-operator/role.yaml
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: Role
|
|
metadata:
|
|
name: arango-all-operator-rbac-deployment
|
|
namespace: default
|
|
labels:
|
|
app.kubernetes.io/name: kube-arangodb
|
|
helm.sh/chart: kube-arangodb-1.1.8
|
|
app.kubernetes.io/managed-by: Tiller
|
|
app.kubernetes.io/instance: all
|
|
release: all
|
|
rules:
|
|
- apiGroups: ["database.arangodb.com"]
|
|
resources: ["arangodeployments", "arangodeployments/status","arangomembers", "arangomembers/status"]
|
|
verbs: ["*"]
|
|
- apiGroups: [""]
|
|
resources: ["pods", "services", "endpoints", "persistentvolumeclaims", "events", "secrets", "serviceaccounts"]
|
|
verbs: ["*"]
|
|
- apiGroups: ["apps"]
|
|
resources: ["deployments", "replicasets"]
|
|
verbs: ["get"]
|
|
- apiGroups: ["policy"]
|
|
resources: ["poddisruptionbudgets"]
|
|
verbs: ["*"]
|
|
- apiGroups: ["backup.arangodb.com"]
|
|
resources: ["arangobackuppolicies", "arangobackups"]
|
|
verbs: ["get", "list", "watch"]
|
|
- apiGroups: ["monitoring.coreos.com"]
|
|
resources: ["servicemonitors"]
|
|
verbs: ["get", "create", "delete", "update", "list", "watch", "patch"]
|
|
---
|
|
# Source: kube-arangodb/templates/deployment-replications-operator/role.yaml
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: Role
|
|
metadata:
|
|
name: arango-all-operator-rbac-deployment-replication
|
|
namespace: default
|
|
labels:
|
|
app.kubernetes.io/name: kube-arangodb
|
|
helm.sh/chart: kube-arangodb-1.1.8
|
|
app.kubernetes.io/managed-by: Tiller
|
|
app.kubernetes.io/instance: all
|
|
release: all
|
|
rules:
|
|
- apiGroups: ["replication.database.arangodb.com"]
|
|
resources: ["arangodeploymentreplications", "arangodeploymentreplications/status"]
|
|
verbs: ["*"]
|
|
- apiGroups: ["database.arangodb.com"]
|
|
resources: ["arangodeployments"]
|
|
verbs: ["get"]
|
|
- apiGroups: [""]
|
|
resources: ["pods", "services", "endpoints", "persistentvolumeclaims", "events", "secrets"]
|
|
verbs: ["*"]
|
|
- apiGroups: ["apps"]
|
|
resources: ["deployments", "replicasets"]
|
|
verbs: ["get"]
|
|
---
|
|
# Source: kube-arangodb/templates/storage-operator/role.yaml
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: Role
|
|
metadata:
|
|
name: arango-all-operator-rbac-storage
|
|
namespace: default
|
|
labels:
|
|
app.kubernetes.io/name: kube-arangodb
|
|
helm.sh/chart: kube-arangodb-1.1.8
|
|
app.kubernetes.io/managed-by: Tiller
|
|
app.kubernetes.io/instance: all
|
|
release: all
|
|
rules:
|
|
- apiGroups: [""]
|
|
resources: ["pods"]
|
|
verbs: ["get", "update"]
|
|
- apiGroups: [""]
|
|
resources: ["secrets"]
|
|
verbs: ["get"]
|
|
- apiGroups: ["apps"]
|
|
resources: ["daemonsets"]
|
|
verbs: ["*"]
|
|
- apiGroups: ["apps"]
|
|
resources: ["deployments", "replicasets"]
|
|
verbs: ["get"]
|
|
---
|
|
# Source: kube-arangodb/templates/backup-operator/role-binding.yaml
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: RoleBinding
|
|
metadata:
|
|
name: arango-all-operator-rbac-backup
|
|
namespace: default
|
|
labels:
|
|
app.kubernetes.io/name: kube-arangodb
|
|
helm.sh/chart: kube-arangodb-1.1.8
|
|
app.kubernetes.io/managed-by: Tiller
|
|
app.kubernetes.io/instance: all
|
|
release: all
|
|
roleRef:
|
|
apiGroup: rbac.authorization.k8s.io
|
|
kind: Role
|
|
name: arango-all-operator-rbac-backup
|
|
subjects:
|
|
- kind: ServiceAccount
|
|
name: arango-all-operator
|
|
namespace: default
|
|
---
|
|
# Source: kube-arangodb/templates/deployment-operator/default-role-binding.yaml
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: RoleBinding
|
|
metadata:
|
|
name: arango-all-operator-rbac-default
|
|
namespace: default
|
|
labels:
|
|
app.kubernetes.io/name: kube-arangodb
|
|
helm.sh/chart: kube-arangodb-1.1.8
|
|
app.kubernetes.io/managed-by: Tiller
|
|
app.kubernetes.io/instance: all
|
|
release: all
|
|
roleRef:
|
|
apiGroup: rbac.authorization.k8s.io
|
|
kind: Role
|
|
name: arango-all-operator-rbac-default
|
|
subjects:
|
|
- kind: ServiceAccount
|
|
name: default
|
|
namespace: default
|
|
---
|
|
# Source: kube-arangodb/templates/deployment-operator/role-binding.yaml
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: RoleBinding
|
|
metadata:
|
|
name: arango-all-operator-rbac-deployment
|
|
namespace: default
|
|
labels:
|
|
app.kubernetes.io/name: kube-arangodb
|
|
helm.sh/chart: kube-arangodb-1.1.8
|
|
app.kubernetes.io/managed-by: Tiller
|
|
app.kubernetes.io/instance: all
|
|
release: all
|
|
roleRef:
|
|
apiGroup: rbac.authorization.k8s.io
|
|
kind: Role
|
|
name: arango-all-operator-rbac-deployment
|
|
subjects:
|
|
- kind: ServiceAccount
|
|
name: arango-all-operator
|
|
namespace: default
|
|
---
|
|
# Source: kube-arangodb/templates/deployment-replications-operator/role-binding.yaml
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: RoleBinding
|
|
metadata:
|
|
name: arango-all-operator-rbac-deployment-replication
|
|
namespace: default
|
|
labels:
|
|
app.kubernetes.io/name: kube-arangodb
|
|
helm.sh/chart: kube-arangodb-1.1.8
|
|
app.kubernetes.io/managed-by: Tiller
|
|
app.kubernetes.io/instance: all
|
|
release: all
|
|
roleRef:
|
|
apiGroup: rbac.authorization.k8s.io
|
|
kind: Role
|
|
name: arango-all-operator-rbac-deployment-replication
|
|
subjects:
|
|
- kind: ServiceAccount
|
|
name: arango-all-operator
|
|
namespace: default
|
|
---
|
|
# Source: kube-arangodb/templates/storage-operator/role-binding.yaml
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: RoleBinding
|
|
metadata:
|
|
name: arango-all-operator-rbac-storage
|
|
namespace: default
|
|
labels:
|
|
app.kubernetes.io/name: kube-arangodb
|
|
helm.sh/chart: kube-arangodb-1.1.8
|
|
app.kubernetes.io/managed-by: Tiller
|
|
app.kubernetes.io/instance: all
|
|
release: all
|
|
roleRef:
|
|
apiGroup: rbac.authorization.k8s.io
|
|
kind: Role
|
|
name: arango-all-operator-rbac-storage
|
|
subjects:
|
|
- kind: ServiceAccount
|
|
name: arango-all-operator
|
|
namespace: default
|
|
---
|
|
# Source: kube-arangodb/templates/service.yaml
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
name: arango-all-operator
|
|
namespace: default
|
|
labels:
|
|
app.kubernetes.io/name: kube-arangodb
|
|
helm.sh/chart: kube-arangodb-1.1.8
|
|
app.kubernetes.io/managed-by: Tiller
|
|
app.kubernetes.io/instance: all
|
|
release: all
|
|
spec:
|
|
ports:
|
|
- name: server
|
|
port: 8528
|
|
protocol: TCP
|
|
targetPort: 8528
|
|
selector:
|
|
app.kubernetes.io/name: kube-arangodb
|
|
app.kubernetes.io/managed-by: Tiller
|
|
app.kubernetes.io/instance: all
|
|
release: all
|
|
role: leader
|
|
type: ClusterIP
|
|
---
|
|
# Source: kube-arangodb/templates/deployment.yaml
|
|
# Scope "legacy" selected
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: arango-all-operator
|
|
namespace: default
|
|
labels:
|
|
app.kubernetes.io/name: kube-arangodb
|
|
helm.sh/chart: kube-arangodb-1.1.8
|
|
app.kubernetes.io/managed-by: Tiller
|
|
app.kubernetes.io/instance: all
|
|
release: all
|
|
spec:
|
|
replicas: 2
|
|
strategy:
|
|
type: Recreate
|
|
|
|
selector:
|
|
matchLabels:
|
|
app.kubernetes.io/name: kube-arangodb
|
|
app.kubernetes.io/managed-by: Tiller
|
|
app.kubernetes.io/instance: all
|
|
release: all
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/name: kube-arangodb
|
|
helm.sh/chart: kube-arangodb-1.1.8
|
|
app.kubernetes.io/managed-by: Tiller
|
|
app.kubernetes.io/instance: all
|
|
release: all
|
|
spec:
|
|
serviceAccountName: arango-all-operator
|
|
affinity:
|
|
nodeAffinity:
|
|
requiredDuringSchedulingIgnoredDuringExecution:
|
|
nodeSelectorTerms:
|
|
- matchExpressions:
|
|
- key: beta.kubernetes.io/arch
|
|
operator: In
|
|
values:
|
|
- amd64
|
|
podAntiAffinity:
|
|
preferredDuringSchedulingIgnoredDuringExecution:
|
|
- weight: 100
|
|
podAffinityTerm:
|
|
topologyKey: "kubernetes.io/hostname"
|
|
labelSelector:
|
|
matchExpressions:
|
|
- key: app.kubernetes.io/name
|
|
operator: In
|
|
values:
|
|
- kube-arangodb
|
|
- key: app.kubernetes.io/instance
|
|
operator: In
|
|
values:
|
|
- all
|
|
hostNetwork: false
|
|
hostPID: false
|
|
hostIPC: false
|
|
securityContext:
|
|
runAsNonRoot: true
|
|
runAsUser: 1000
|
|
containers:
|
|
- name: operator
|
|
imagePullPolicy: Always
|
|
image: arangodb/kube-arangodb:1.1.8
|
|
args:
|
|
- --scope=legacy
|
|
- --operator.deployment
|
|
- --operator.deployment-replication
|
|
- --operator.storage
|
|
|
|
- --operator.backup
|
|
- --chaos.allowed=false
|
|
env:
|
|
- name: MY_POD_NAMESPACE
|
|
valueFrom:
|
|
fieldRef:
|
|
fieldPath: metadata.namespace
|
|
- name: MY_POD_NAME
|
|
valueFrom:
|
|
fieldRef:
|
|
fieldPath: metadata.name
|
|
- name: MY_POD_IP
|
|
valueFrom:
|
|
fieldRef:
|
|
fieldPath: status.podIP
|
|
- name: RELATED_IMAGE_UBI
|
|
value: "alpine:3.11"
|
|
- name: RELATED_IMAGE_METRICSEXPORTER
|
|
value: "arangodb/arangodb-exporter:0.1.7"
|
|
- name: RELATED_IMAGE_DATABASE
|
|
value: "arangodb/arangodb:latest"
|
|
ports:
|
|
- name: metrics
|
|
containerPort: 8528
|
|
securityContext:
|
|
privileged: false
|
|
allowPrivilegeEscalation: false
|
|
readOnlyRootFilesystem: true
|
|
capabilities:
|
|
drop:
|
|
- 'ALL'
|
|
livenessProbe:
|
|
httpGet:
|
|
path: /health
|
|
port: 8528
|
|
scheme: HTTPS
|
|
initialDelaySeconds: 5
|
|
periodSeconds: 10
|
|
readinessProbe:
|
|
httpGet:
|
|
path: /ready
|
|
port: 8528
|
|
scheme: HTTPS
|
|
initialDelaySeconds: 5
|
|
periodSeconds: 10
|
|
tolerations:
|
|
- key: "node.kubernetes.io/unreachable"
|
|
operator: "Exists"
|
|
effect: "NoExecute"
|
|
tolerationSeconds: 5
|
|
- key: "node.kubernetes.io/not-ready"
|
|
operator: "Exists"
|
|
effect: "NoExecute"
|
|
tolerationSeconds: 5
|
|
|