apiVersion: v1 kind: Namespace metadata: name: portainer --- apiVersion: v1 kind: ServiceAccount metadata: name: portainer-sa-clusteradmin namespace: portainer labels: app.kubernetes.io/name: portainer app.kubernetes.io/instance: portainer app.kubernetes.io/version: "ce-latest-ee-2.14.2" --- # Source: portainer/templates/rbac.yaml apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: portainer labels: app.kubernetes.io/name: portainer app.kubernetes.io/instance: portainer app.kubernetes.io/version: "ce-latest-ee-2.14.2" roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: cluster-admin subjects: - kind: ServiceAccount namespace: portainer name: portainer-sa-clusteradmin --- # Source: portainer/templates/service.yaml apiVersion: v1 kind: Service metadata: name: portainer namespace: portainer labels: io.portainer.kubernetes.application.stack: portainer app.kubernetes.io/name: portainer app.kubernetes.io/instance: portainer app.kubernetes.io/version: "ce-latest-ee-2.14.2" spec: type: NodePort ports: - port: 9000 targetPort: 9000 protocol: TCP name: http nodePort: 30777 - port: 9443 targetPort: 9443 protocol: TCP name: https nodePort: 30779 - port: 30776 targetPort: 30776 protocol: TCP name: edge nodePort: 30776 selector: app.kubernetes.io/name: portainer app.kubernetes.io/instance: portainer --- # Source: portainer/templates/deployment.yaml apiVersion: apps/v1 kind: Deployment metadata: name: portainer namespace: portainer labels: io.portainer.kubernetes.application.stack: portainer app.kubernetes.io/name: portainer app.kubernetes.io/instance: portainer app.kubernetes.io/version: "ce-latest-ee-2.14.2" spec: replicas: 1 strategy: type: "Recreate" selector: matchLabels: app.kubernetes.io/name: portainer app.kubernetes.io/instance: portainer template: metadata: labels: app.kubernetes.io/name: portainer app.kubernetes.io/instance: portainer spec: nodeSelector: {} serviceAccountName: portainer-sa-clusteradmin volumes: - name: "data" persistentVolumeClaim: claimName: portainer-pvc containers: - name: portainer image: "portainer/portainer-ce:2.14.2" imagePullPolicy: Always args: - '--tunnel-port=30776' volumeMounts: - name: data mountPath: /data ports: - name: http containerPort: 9000 protocol: TCP - name: https containerPort: 9443 protocol: TCP - name: tcp-edge containerPort: 8000 protocol: TCP livenessProbe: httpGet: path: / port: 9443 scheme: HTTPS readinessProbe: httpGet: path: / port: 9443 scheme: HTTPS resources: {} --- apiVersion: traefik.io/v1alpha1 kind: IngressRoute metadata: name: portainer-http namespace: portainer spec: entryPoints: - web routes: - match: Host(`portainer-dev.allarddcs.nl`) kind: Rule services: - name: portainer port: 9000 --- apiVersion: traefik.io/v1alpha1 kind: IngressRoute metadata: name: portainer-tls namespace: portainer spec: entryPoints: - websecure routes: - match: Host(`portainer-dev.allarddcs.nl`) kind: Rule services: - name: portainer port: 9000 tls: certResolver: letsencrypt --- apiVersion: v1 kind: PersistentVolume metadata: name: portainer-pv spec: storageClassName: "" capacity: storage: 2Gi accessModes: - ReadWriteOnce persistentVolumeReclaimPolicy: Retain mountOptions: - hard - nfsvers=4.1 nfs: server: 192.168.2.110 path: /mnt/nfs_share/portainer readOnly: false --- kind: "PersistentVolumeClaim" apiVersion: "v1" metadata: name: portainer-pvc namespace: portainer spec: storageClassName: "" volumeName: portainer-pv accessModes: - ReadWriteOnce volumeMode: Filesystem resources: requests: storage: 2Gi