Skip to content

Instantly share code, notes, and snippets.

@sanjaynaikwadi

sanjaynaikwadi/pvc-controller.yaml

Created July 21, 2020 11:14
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save sanjaynaikwadi/61cf7f3f85c788925261cffe0ecf5279 to your computer and use it in GitHub Desktop.
Save sanjaynaikwadi/61cf7f3f85c788925261cffe0ecf5279 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
pvc-controller.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: portworx-pvc-controller-account
namespace: kube-system
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: portworx-pvc-controller-role
rules:
- apiGroups: [""]
resources: ["persistentvolumes"]
verbs: ["create","delete","get","list","update","watch"]
- apiGroups: [""]
resources: ["persistentvolumes/status"]
verbs: ["update"]
- apiGroups: [""]
resources: ["persistentvolumeclaims"]
verbs: ["get", "list", "update", "watch"]
- apiGroups: [""]
resources: ["persistentvolumeclaims/status"]
verbs: ["update"]
- apiGroups: [""]
resources: ["pods"]
verbs: ["create", "delete", "get", "list", "watch"]
- apiGroups: ["storage.k8s.io"]
resources: ["storageclasses"]
verbs: ["get", "list", "watch"]
- apiGroups: [""]
resources: ["endpoints", "services"]
verbs: ["create", "delete", "get", "update"]
- apiGroups: [""]
resources: ["secrets"]
verbs: ["get", "list"]
- apiGroups: [""]
resources: ["nodes"]
verbs: ["get", "list", "watch"]
- apiGroups: [""]
resources: ["events"]
verbs: ["watch", "create", "patch", "update"]
- apiGroups: [""]
resources: ["serviceaccounts"]
verbs: ["get", "create"]
- apiGroups: [""]
resources: ["serviceaccounts/token"]
verbs: ["create"]
- apiGroups: [""]
resources: ["configmaps"]
verbs: ["get", "create", "update"]
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: portworx-pvc-controller-role-binding
subjects:
- kind: ServiceAccount
name: portworx-pvc-controller-account
namespace: kube-system
roleRef:
kind: ClusterRole
name: portworx-pvc-controller-role
apiGroup: rbac.authorization.k8s.io
---
apiVersion: apps/v1
kind: Deployment
metadata:
annotations:
scheduler.alpha.kubernetes.io/critical-pod: ""
labels:
tier: control-plane
name: portworx-pvc-controller
namespace: kube-system
spec:
selector:
matchLabels:
name: portworx-pvc-controller
replicas: 3
strategy:
rollingUpdate:
maxSurge: 1
maxUnavailable: 1
type: RollingUpdate
template:
metadata:
annotations:
scheduler.alpha.kubernetes.io/critical-pod: ""
labels:
name: portworx-pvc-controller
tier: control-plane
spec:
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: "name"
operator: In
values:
- portworx-pvc-controller
topologyKey: "kubernetes.io/hostname"
hostNetwork: true
containers:
- command:
- kube-controller-manager
- --leader-elect=true
- --address=0.0.0.0
- --controllers=persistentvolume-binder,persistentvolume-expander
- --use-service-account-credentials=true
- --leader-elect-resource-lock=configmaps
image: gcr.io/google_containers/kube-controller-manager-amd64:v1.15.3
imagePullPolicy: Always
livenessProbe:
failureThreshold: 8
httpGet:
host: 127.0.0.1
path: /healthz
port: 10252
scheme: HTTP
initialDelaySeconds: 15
timeoutSeconds: 15
name: portworx-pvc-controller-manager
resources:
requests:
cpu: 200m
serviceAccountName: portworx-pvc-controller-account
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment