add ccm

packages/apps/kubernetes/templates/kccm/config.yaml

@@ -0,0 +1,11 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: cluster1-cloud-config
+  namespace: tenant-foo
+data:
+  cloud-config: |
+    loadBalancer:
+      creationPollInterval: 5
+      creationPollTimeout: 60
+    namespace: tenant-foo

packages/apps/kubernetes/templates/kccm/kccm_role.yaml

@@ -0,0 +1,43 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  namespace: tenant-foo
+  name: kccm
+rules:
+- apiGroups: 
+  - kubevirt.io
+  resources: 
+  - virtualmachines
+  verbs: 
+  - get
+  - watch
+  - list
+- apiGroups: 
+  - kubevirt.io
+  resources: 
+  - virtualmachineinstances
+  verbs: 
+  - get
+  - watch
+  - list
+  - update
+- apiGroups:
+  - ""
+  resources:
+  - pods
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - ""
+  resources:
+  - services
+  verbs:
+  - "*"
+- apiGroups:
+  - ""
+  resources:
+  - nodes
+  verbs:
+  - get

packages/apps/kubernetes/templates/kccm/kccm_role_binding.yaml

@@ -0,0 +1,30 @@
+apiVersion: v1
+items:
+- apiVersion: rbac.authorization.k8s.io/v1
+  kind: RoleBinding
+  metadata: 
+    name: kccm
+    namespace: kube-system
+  roleRef:
+    apiGroup: rbac.authorization.k8s.io
+    kind: Role
+    name: extension-apiserver-authentication-reader
+  subjects:
+  - kind: ServiceAccount
+    name: cloud-controller-manager
+    namespace: tenant-foo
+- apiVersion: rbac.authorization.k8s.io/v1
+  kind: RoleBinding
+  metadata: 
+    name: kccm-sa
+    namespace: tenant-foo
+  roleRef:
+    apiGroup: rbac.authorization.k8s.io
+    kind: Role
+    name: kccm
+  subjects:
+  - kind: ServiceAccount
+    name: cloud-controller-manager
+    namespace: test
+kind: List
+metadata: {}

packages/apps/kubernetes/templates/kccm/manager.yaml

@@ -0,0 +1,50 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: kubevirt-cloud-controller-manager
+  namespace: tenant-foo
+  labels:
+    k8s-app: kubevirt-cloud-controller-manager
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      k8s-app: kubevirt-cloud-controller-manager
+  template:
+    metadata:
+      labels:
+        k8s-app: kubevirt-cloud-controller-manager
+    spec:
+      #hostNetwork: true
+      containers:
+      - name: kubevirt-cloud-controller-manager
+        args:
+        - --cloud-provider=kubevirt
+        - --cloud-config=/etc/cloud/cloud-config
+        - --kubeconfig=/etc/kubernetes/kubeconfig/value
+        command:
+        - /bin/kubevirt-cloud-controller-manager
+        image: ghcr.io/kvaps/test:kubevirt-cloud-provider
+        imagePullPolicy: Always
+        #securityContext:
+        #  privileged: true
+        resources:
+          requests:
+            cpu: 100m
+        volumeMounts:
+        - mountPath: /etc/kubernetes/kubeconfig
+          name: kubeconfig
+          readOnly: true
+        - mountPath: /etc/cloud
+          name: cloud-config
+          readOnly: true
+      volumes:
+      - configMap:
+          name: cluster1-cloud-config
+        name: cloud-config
+      - secret:
+          secretName: cluster1-kubeconfig
+        name: kubeconfig
+      tolerations:
+      - operator: Exists
+      serviceAccountName: cloud-controller-manager

packages/apps/kubernetes/templates/kccm/service_account.yaml

@@ -0,0 +1,5 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: cloud-controller-manager
+  namespace: tenant-foo