mirror of
https://github.com/optim-enterprises-bv/terraform-talos.git
synced 2025-10-29 17:42:47 +00:00
101 lines
3.1 KiB
YAML
101 lines
3.1 KiB
YAML
---
|
|
# Source: hcloud-cloud-controller-manager/templates/serviceaccount.yaml
|
|
apiVersion: v1
|
|
kind: ServiceAccount
|
|
metadata:
|
|
name: hcloud-cloud-controller-manager
|
|
namespace: kube-system
|
|
---
|
|
# Source: hcloud-cloud-controller-manager/templates/clusterrolebinding.yaml
|
|
kind: ClusterRoleBinding
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
metadata:
|
|
name: "system:hcloud-cloud-controller-manager"
|
|
roleRef:
|
|
apiGroup: rbac.authorization.k8s.io
|
|
kind: ClusterRole
|
|
name: cluster-admin
|
|
subjects:
|
|
- kind: ServiceAccount
|
|
name: hcloud-cloud-controller-manager
|
|
namespace: kube-system
|
|
---
|
|
# Source: hcloud-cloud-controller-manager/templates/deployment.yaml
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: hcloud-cloud-controller-manager
|
|
namespace: kube-system
|
|
spec:
|
|
replicas: 1
|
|
revisionHistoryLimit: 2
|
|
selector:
|
|
matchLabels:
|
|
app.kubernetes.io/instance: 'hcloud-cloud-controller-manager'
|
|
app.kubernetes.io/name: 'hcloud-cloud-controller-manager'
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/instance: 'hcloud-cloud-controller-manager'
|
|
app.kubernetes.io/name: 'hcloud-cloud-controller-manager'
|
|
spec:
|
|
serviceAccountName: hcloud-cloud-controller-manager
|
|
dnsPolicy: Default
|
|
tolerations:
|
|
# Allow HCCM itself to schedule on nodes that have not yet been initialized by HCCM.
|
|
- key: "node.cloudprovider.kubernetes.io/uninitialized"
|
|
value: "true"
|
|
effect: "NoSchedule"
|
|
- key: "CriticalAddonsOnly"
|
|
operator: "Exists"
|
|
|
|
# Allow HCCM to schedule on control plane nodes.
|
|
- key: "node-role.kubernetes.io/master"
|
|
effect: NoSchedule
|
|
operator: Exists
|
|
- key: "node-role.kubernetes.io/control-plane"
|
|
effect: NoSchedule
|
|
operator: Exists
|
|
|
|
- key: "node.kubernetes.io/not-ready"
|
|
effect: "NoExecute"
|
|
nodeSelector:
|
|
|
|
node-role.kubernetes.io/control-plane: ""
|
|
containers:
|
|
- name: hcloud-cloud-controller-manager
|
|
args:
|
|
- "--allow-untagged-cloud"
|
|
- "--cloud-provider=hcloud"
|
|
- "--controllers=cloud-node-lifecycle"
|
|
- "--route-reconciliation-period=30s"
|
|
- "--webhook-secure-port=0"
|
|
- "--leader-elect=false"
|
|
env:
|
|
- name: HCLOUD_TOKEN
|
|
valueFrom:
|
|
secretKeyRef:
|
|
key: token
|
|
name: hcloud
|
|
- name: ROBOT_PASSWORD
|
|
valueFrom:
|
|
secretKeyRef:
|
|
key: robot-password
|
|
name: hcloud
|
|
optional: true
|
|
- name: ROBOT_USER
|
|
valueFrom:
|
|
secretKeyRef:
|
|
key: robot-user
|
|
name: hcloud
|
|
optional: true
|
|
image: docker.io/hetznercloud/hcloud-cloud-controller-manager:v1.20.0 # x-release-please-version
|
|
ports:
|
|
- name: metrics
|
|
containerPort: 8233
|
|
resources:
|
|
requests:
|
|
cpu: 100m
|
|
memory: 50Mi
|
|
priorityClassName: system-cluster-critical
|