Created
June 23, 2020 14:04
-
-
Save skhatri/5bc327562800c5ca6f03e8ba4566eab7 to your computer and use it in GitHub Desktop.
Adapted Kubernetes Dashboard for Read Only Setup
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
kind: Deployment | |
apiVersion: apps/v1 | |
metadata: | |
labels: | |
k8s-app: kubernetes-dashboard | |
name: kubernetes-dashboard | |
namespace: kubernetes-dashboard | |
spec: | |
replicas: 1 | |
revisionHistoryLimit: 10 | |
selector: | |
matchLabels: | |
k8s-app: kubernetes-dashboard | |
template: | |
metadata: | |
labels: | |
k8s-app: kubernetes-dashboard | |
spec: | |
containers: | |
- name: kubernetes-dashboard | |
image: kubesailmaker/kube-view:v2.0.2 | |
#image: kubernetesui/dashboard:v2.0.1 | |
imagePullPolicy: IfNotPresent | |
ports: | |
- containerPort: 8443 | |
protocol: TCP | |
args: | |
#- --auto-generate-certificates | |
- --namespace=kubernetes-dashboard | |
# Uncomment the following line to manually specify Kubernetes API server Host | |
# If not specified, Dashboard will attempt to auto discover the API server and connect | |
# to it. Uncomment only if the default does not work. | |
# - --apiserver-host=http://my-address:port | |
env: | |
- name: DASHBOARD_SETTINGS_NAME | |
value: kube-view-settings | |
- name: CSRF_TOKEN_NAME | |
value: kube-view-csrf | |
- name: KEY_HOLDER_NAME | |
value: kube-view-key-holder | |
- name: DASHBOARD_CERTS_NAME | |
value: kube-view-certs | |
volumeMounts: | |
# - name: kubernetes-dashboard-certs | |
# mountPath: /certs | |
# Create on-disk volume to store exec logs | |
- mountPath: /tmp | |
name: tmp-volume | |
livenessProbe: | |
httpGet: | |
scheme: HTTP | |
path: / | |
port: 8443 | |
initialDelaySeconds: 30 | |
timeoutSeconds: 30 | |
securityContext: | |
allowPrivilegeEscalation: false | |
readOnlyRootFilesystem: true | |
runAsUser: 1001 | |
runAsGroup: 2001 | |
volumes: | |
# - name: kubernetes-dashboard-certs | |
# secret: | |
# secretName: kubernetes-dashboard-certs | |
- name: tmp-volume | |
emptyDir: {} | |
serviceAccountName: kubernetes-dashboard | |
nodeSelector: | |
"kubernetes.io/os": linux | |
# Comment the following tolerations if Dashboard must not be deployed on master | |
tolerations: | |
- key: node-role.kubernetes.io/master | |
effect: NoSchedule |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment