# Deployment for the node-pool-controller apiVersion: apps/v1 kind: Deployment metadata: name: node-pool-controller namespace: kube-system spec: replicas: 1 selector: matchLabels: app: node-pool-controller template: metadata: labels: app: node-pool-controller spec: nodeSelector: node.kubernetes.io/microk8s-controlplane: microk8s-controlplane serviceAccountName: node-pool-controller containers: - name: node-pool-controller image: allardkrings/node-pool-controller:2.1 imagePullPolicy: Always env: - name: NODE_POOL_FILE_NAME value: /mnt/nfs/node-pool.yaml - name: NODE_SSH_USER valueFrom: secretKeyRef: name: node-ssh-secret key: username - name: NODE_SSH_PASS valueFrom: secretKeyRef: name: node-ssh-secret key: password - name: MIN_CPU value: "40" - name: MAX_CPU value: "80" - name: MIN_MEM value: "60" - name: MAX_MEM value: "80" - name: DEACTIVATE_WAIT_SEC value: "180" - name: DESIRED_CONTROL_PLANES value: "3" - name: CLUSTER_NAME value: PROD volumeMounts: - name: nodes-nfs mountPath: /mnt/nfs volumes: - name: nodes-nfs persistentVolumeClaim: claimName: node-pool-controller-pvc --- # Secret containing the SSH credentials for all nodes apiVersion: v1 kind: Secret metadata: name: node-ssh-secret namespace: kube-system type: Opaque stringData: username: ubuntu password: Heleen0515 --- # Serviceaccount to add and remove nodes apiVersion: v1 kind: ServiceAccount metadata: name: node-pool-controller namespace: kube-system --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: node-pool-controller rules: - apiGroups: [""] resources: ["nodes", "pods"] verbs: ["get", "list", "watch", "update", "patch", "delete"] - apiGroups: ["metrics.k8s.io"] resources: ["nodes"] verbs: ["get", "list", "watch"] --- # Binding or role to account apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: node-pool-controller subjects: - kind: ServiceAccount name: node-pool-controller namespace: kube-system roleRef: kind: ClusterRole name: node-pool-controller apiGroup: rbac.authorization.k8s.io --- apiVersion: v1 kind: Service metadata: name: node-pool-controller namespace: kube-system labels: app: node-pool-controller spec: ports: - port: 8080 protocol: TCP selector: app: node-pool-controller type: ClusterIP --- apiVersion: traefik.io/v1alpha1 kind: IngressRoute metadata: name: node-pool-controller-tls namespace: kube-system spec: entryPoints: - websecure routes: - match: Host(`nodepool-prod.allarddcs.nl`) && PathPrefix(`/`) kind: Rule services: - name: node-pool-controller port: 8080 tls: certResolver: letsencrypt --- # PersistentVolume for the NFS node list apiVersion: v1 kind: PersistentVolume metadata: name: node-pool-controller-pv spec: capacity: storage: 1Gi accessModes: - ReadWriteMany persistentVolumeReclaimPolicy: Retain storageClassName: "" mountOptions: - hard - nfsvers=4.1 nfs: server: 192.168.2.111 path: /mnt/nfs_share/prod/node-pool readOnly: false --- # PersistentVolumeClaim to mount into the controller apiVersion: v1 kind: PersistentVolumeClaim metadata: name: node-pool-controller-pvc namespace: kube-system spec: accessModes: - ReadWriteMany resources: requests: storage: 1Gi storageClassName: "" volumeName: node-pool-controller-pv