AllardDCS/kubernetes
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
ff21c258e07e4a87fb9340de2d8aab208bc0baf6
kubernetes/prod/node-pool-controller/node-pool-controller.yaml
T
allard ff21c258e0 eindelijk weer eens een push
2026-05-31 16:07:30 +02:00

169 lines
3.7 KiB
YAML
Raw Blame History

# Deployment for the node-pool-controller
apiVersion: apps/v1
kind: Deployment
metadata:
name: node-pool-controller
namespace: kube-system
spec:
replicas: 1
selector:
matchLabels:
app: node-pool-controller
template:
metadata:
labels:
app: node-pool-controller
spec:
nodeSelector:
node.kubernetes.io/microk8s-controlplane: microk8s-controlplane
serviceAccountName: node-pool-controller
containers:
- name: node-pool-controller
image: allardkrings/node-pool-controller:2.1
imagePullPolicy: Always
env:
- name: NODE_POOL_FILE_NAME
value: /mnt/nfs/node-pool.yaml
- name: NODE_SSH_USER
valueFrom:
secretKeyRef:
name: node-ssh-secret
key: username
- name: NODE_SSH_PASS
valueFrom:
secretKeyRef:
name: node-ssh-secret
key: password
- name: MIN_CPU
value: "40"
- name: MAX_CPU
value: "80"
- name: MIN_MEM
value: "60"
- name: MAX_MEM
value: "80"
- name: DEACTIVATE_WAIT_SEC
value: "180"
- name: DESIRED_CONTROL_PLANES
value: "3"
- name: CLUSTER_NAME
value: PROD
volumeMounts:
- name: nodes-nfs
mountPath: /mnt/nfs
volumes:
- name: nodes-nfs
persistentVolumeClaim:
claimName: node-pool-controller-pvc
---
# Secret containing the SSH credentials for all nodes
apiVersion: v1
kind: Secret
metadata:
name: node-ssh-secret
namespace: kube-system
type: Opaque
stringData:
username: ubuntu
password: Heleen0515
---
# Serviceaccount to add and remove nodes
apiVersion: v1
kind: ServiceAccount
metadata:
name: node-pool-controller
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: node-pool-controller
rules:
- apiGroups: [""]
resources: ["nodes", "pods"]
verbs: ["get", "list", "watch", "update", "patch", "delete"]
- apiGroups: ["metrics.k8s.io"]
resources: ["nodes"]
verbs: ["get", "list", "watch"]
---
# Binding or role to account
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: node-pool-controller
subjects:
- kind: ServiceAccount
name: node-pool-controller
namespace: kube-system
roleRef:
kind: ClusterRole
name: node-pool-controller
apiGroup: rbac.authorization.k8s.io
---
apiVersion: v1
kind: Service
metadata:
name: node-pool-controller
namespace: kube-system
labels:
app: node-pool-controller
spec:
ports:
- port: 8080
protocol: TCP
selector:
app: node-pool-controller
type: ClusterIP
---
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
name: node-pool-controller-tls
namespace: kube-system
spec:
entryPoints:
- websecure
routes:
- match: Host(`nodepool-prod.allarddcs.nl`) && PathPrefix(`/`)
kind: Rule
services:
- name: node-pool-controller
port: 8080
tls:
certResolver: letsencrypt
---
# PersistentVolume for the NFS node list
apiVersion: v1
kind: PersistentVolume
metadata:
name: node-pool-controller-pv
spec:
capacity:
storage: 1Gi
accessModes:
- ReadWriteMany
persistentVolumeReclaimPolicy: Retain
storageClassName: ""
mountOptions:
- hard
- nfsvers=4.1
nfs:
server: 192.168.2.111
path: /mnt/nfs_share/prod/node-pool
readOnly: false
---
# PersistentVolumeClaim to mount into the controller
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: node-pool-controller-pvc
namespace: kube-system
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 1Gi
storageClassName: ""
volumeName: node-pool-controller-pv
Reference in New Issue View Git Blame Copy Permalink