Skip to content

Instantly share code, notes, and snippets.

@ssube

ssube/prom-cluster.yml

Last active December 12, 2021 09:16
Show Gist options
  • Star 2 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save ssube/b5f9a6ab1f5fa3341c1b5f49867c8654 to your computer and use it in GitHub Desktop.
Save ssube/b5f9a6ab1f5fa3341c1b5f49867c8654 to your computer and use it in GitHub Desktop.
Download ZIP
kubernetes storage & monitoring (influx, prometheus, rook)
Raw
prom-cluster.yml
# step 2.5: prometheus cluster
apiVersion: v1
kind: ServiceAccount
metadata:
name: prometheus
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRole
metadata:
name: prometheus
rules:
- apiGroups: [""]
resources:
- nodes
- services
- endpoints
- pods
verbs: ["get", "list", "watch"]
- apiGroups: [""]
resources:
- configmaps
verbs: ["get"]
- apiGroups: [""]
resources:
- nodes/metrics
verbs: ["get"]
- nonResourceURLs: ["/metrics"]
verbs: ["get"]
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
name: prometheus
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: prometheus
subjects:
- kind: ServiceAccount
name: prometheus
namespace: default
---
apiVersion: monitoring.coreos.com/v1
kind: Prometheus
metadata:
labels:
prometheus: k8s
name: k8s
spec:
baseImage: quay.io/prometheus/prometheus
# nodeSelector:
# beta.kubernetes.io/os: linux
remoteRead:
- url: http://prometheus-influxdb.default.svc:8086/api/v1/prom/read?db=k8s-prometheus
remoteWrite:
- url: http://prometheus-influxdb.default.svc:8086/api/v1/prom/write?db=k8s-prometheus
replicas: 2
resources:
requests:
memory: 400Mi
ruleSelector:
matchLabels:
prometheus: k8s
serviceAccountName: prometheus
serviceMonitorSelector:
matchExpressions:
- key: k8s-app
operator: Exists
version: v2.2.1
---
apiVersion: v1
kind: Service
metadata:
name: prometheus
spec:
type: NodePort
ports:
- name: web
nodePort: 30900
port: 9090
protocol: TCP
targetPort: web
selector:
prometheus: k8s
Raw
prom-influx.yml
# step 2.2: datastore for prometheus
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: prometheus-influxdb
labels:
k8s-app: prometheus
spec:
storageClassName: rook-durable
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 16Gi
volumeMode: Block
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: prometheus-influxdb
labels:
k8s-app: prometheus-influxdb
spec:
replicas: 1
selector:
matchLabels:
k8s-app: prometheus-influxdb
template:
metadata:
labels:
task: prometheus
k8s-app: prometheus-influxdb
spec:
containers:
- name: influxdb
image: influxdb:1.5
env:
- name: INFLUXDB_BIND_ADDRESS
value: "0.0.0.0:8088"
ports:
- containerPort: 8086
name: http
- containerPort: 8088
name: backup
volumeMounts:
- mountPath: /var/lib/influxdb
name: influxdb-storage
volumes:
- name: influxdb-storage
persistentVolumeClaim:
claimName: prometheus-influxdb
---
apiVersion: v1
kind: Service
metadata:
name: prometheus-influxdb
spec:
ports:
- name: http
port: 8086
targetPort: http
- name: backup
port: 8088
targetPort: backup
selector:
k8s-app: prometheus-influxdb
Raw
prom-kube.yml
# step 2.3: services to monitor
apiVersion: v1
kind: ServiceAccount
metadata:
name: prometheus
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRole
metadata:
name: prometheus
rules:
- apiGroups: [""]
resources:
- nodes
- services
- endpoints
- pods
verbs: ["get", "list", "watch"]
- apiGroups: [""]
resources:
- configmaps
verbs: ["get"]
- apiGroups: [""]
resources:
- nodes/metrics
verbs: ["get"]
- nonResourceURLs: ["/metrics"]
verbs: ["get"]
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
name: prometheus
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: prometheus
subjects:
- kind: ServiceAccount
name: prometheus
namespace: default
---
apiVersion: monitoring.coreos.com/v1
kind: Prometheus
metadata:
labels:
prometheus: k8s
name: k8s
spec:
baseImage: quay.io/prometheus/prometheus
# nodeSelector:
# beta.kubernetes.io/os: linux
remoteRead:
---
apiVersion: v1
kind: Service
metadata:
namespace: kube-system
name: kube-scheduler-prometheus-discovery
labels:
k8s-app: kube-scheduler
spec:
selector:
k8s-app: kube-scheduler
type: ClusterIP
clusterIP: None
ports:
- name: http-metrics
port: 10251
targetPort: 10251
protocol: TCP
---
apiVersion: v1
kind: Service
metadata:
namespace: kube-system
name: kube-controller-manager-prometheus-discovery
labels:
k8s-app: kube-controller-manager
spec:
selector:
k8s-app: kube-controller-manager
type: ClusterIP
clusterIP: None
ports:
- name: http-metrics
port: 10252
targetPort: 10252
protocol: TCP
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: kube-state-metrics
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
# kubernetes versions before 1.8.0 should use rbac.authorization.k8s.io/v1beta1
kind: ClusterRole
metadata:
name: kube-state-metrics
rules:
- apiGroups: [""]
resources:
- configmaps
- secrets
- nodes
- pods
- services
- resourcequotas
- replicationcontrollers
- limitranges
- persistentvolumeclaims
- persistentvolumes
- namespaces
- endpoints
verbs: ["list", "watch"]
- apiGroups: ["extensions"]
resources:
- daemonsets
- deployments
- replicasets
verbs: ["list", "watch"]
- apiGroups: ["apps"]
resources:
- statefulsets
verbs: ["list", "watch"]
- apiGroups: ["batch"]
resources:
- cronjobs
- jobs
verbs: ["list", "watch"]
- apiGroups: ["autoscaling"]
resources:
- horizontalpodautoscalers
verbs: ["list", "watch"]
---
apiVersion: rbac.authorization.k8s.io/v1
# kubernetes versions before 1.8.0 should use rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
name: kube-state-metrics
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: kube-state-metrics
subjects:
- kind: ServiceAccount
name: kube-state-metrics
namespace: kube-system
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: kube-state-metrics
spec:
replicas: 1
selector:
matchLabels:
k8s-app: kube-state-metrics
template:
metadata:
labels:
app: kube-state-metrics
k8s-app: kube-state-metrics
spec:
serviceAccountName: kube-state-metrics
securityContext:
runAsNonRoot: true
runAsUser: 65534
containers:
- name: kube-rbac-proxy-main
image: quay.io/brancz/kube-rbac-proxy:v0.2.0
args:
- "--secure-listen-address=:8443"
- "--upstream=http://127.0.0.1:8081/"
ports:
- name: https-main
containerPort: 8443
resources:
requests:
memory: 20Mi
cpu: 10m
limits:
memory: 40Mi
cpu: 20m
- name: kube-rbac-proxy-self
image: quay.io/brancz/kube-rbac-proxy:v0.2.0
args:
- "--secure-listen-address=:9443"
- "--upstream=http://127.0.0.1:8082/"
ports:
- name: https-self
containerPort: 9443
resources:
requests:
memory: 20Mi
cpu: 10m
limits:
memory: 40Mi
cpu: 20m
- name: kube-state-metrics
image: quay.io/coreos/kube-state-metrics:v1.2.0
args:
- "--host=127.0.0.1"
- "--port=8081"
- "--telemetry-host=127.0.0.1"
- "--telemetry-port=8082"
- name: addon-resizer
image: gcr.io/google_containers/addon-resizer:1.0
resources:
limits:
cpu: 100m
memory: 30Mi
requests:
cpu: 100m
memory: 30Mi
env:
- name: MY_POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: MY_POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
command:
- /pod_nanny
- --container=kube-state-metrics
- --cpu=100m
- --extra-cpu=2m
- --memory=150Mi
- --extra-memory=30Mi
- --threshold=5
- --deployment=kube-state-metrics
---
apiVersion: v1
kind: Service
metadata:
labels:
app: kube-state-metrics
k8s-app: kube-state-metrics
name: kube-state-metrics
spec:
clusterIP: None
ports:
- name: https-main
port: 8443
targetPort: https-main
protocol: TCP
- name: https-self
port: 9443
targetPort: https-self
protocol: TCP
selector:
app: kube-state-metrics
---
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
labels:
k8s-app: apiserver
name: kube-apiserver
spec:
endpoints:
- bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
interval: 30s
port: https
scheme: https
tlsConfig:
caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
serverName: kubernetes
jobLabel: component
namespaceSelector:
matchNames:
- default
selector:
matchLabels:
component: apiserver
provider: kubernetes
---
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
labels:
k8s-app: kubelet
name: kubelet
spec:
endpoints:
- bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
interval: 30s
port: https-metrics
scheme: https
tlsConfig:
insecureSkipVerify: true
- bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
honorLabels: true
interval: 30s
path: /metrics/cadvisor
port: https-metrics
scheme: https
tlsConfig:
insecureSkipVerify: true
jobLabel: k8s-app
namespaceSelector:
matchNames:
- kube-system
selector:
matchLabels:
k8s-app: kubelet
---
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
labels:
k8s-app: kube-controller-manager
name: kube-controller-manager
spec:
endpoints:
- interval: 30s
port: http-metrics
jobLabel: k8s-app
namespaceSelector:
matchNames:
- kube-system
selector:
matchLabels:
k8s-app: kube-controller-manager
---
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
labels:
k8s-app: kube-scheduler
name: kube-scheduler
spec:
endpoints:
- interval: 30s
port: http-metrics
jobLabel: k8s-app
namespaceSelector:
matchNames:
- kube-system
selector:
matchLabels:
k8s-app: kube-scheduler
---
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
labels:
k8s-app: kube-state-metrics
name: kube-state-metrics
spec:
endpoints:
- bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
honorLabels: true
interval: 30s
port: https-main
scheme: https
tlsConfig:
insecureSkipVerify: true
- bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
interval: 30s
port: https-self
scheme: https
tlsConfig:
insecureSkipVerify: true
jobLabel: k8s-app
namespaceSelector:
matchNames:
- default
- isolex
selector:
matchLabels:
k8s-app: kube-state-metrics
serviceAccount: prometheus
Raw
prom-node.yml
# step 2.4: prometheus node exporter
apiVersion: v1
kind: ServiceAccount
metadata:
name: node-exporter
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRole
metadata:
name: node-exporter
rules:
- apiGroups: ["authentication.k8s.io"]
resources: ["tokenreviews"]
verbs: ["create", "get", "list"]
- apiGroups: ["authorization.k8s.io"]
resources: ["subjectaccessreviews"]
verbs: ["create", "get", "list"]
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
name: node-exporter
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: node-exporter
subjects:
- kind: ServiceAccount
name: node-exporter
namespace: default
---
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: node-exporter
spec:
updateStrategy:
rollingUpdate:
maxUnavailable: 1
type: RollingUpdate
selector:
matchLabels:
k8s-app: node-exporter
template:
metadata:
labels:
app: node-exporter
k8s-app: node-exporter
name: node-exporter
spec:
serviceAccountName: node-exporter
securityContext:
runAsNonRoot: true
runAsUser: 65534
hostNetwork: true
hostPID: true
containers:
- image: quay.io/prometheus/node-exporter:v0.15.2
args:
- "--web.listen-address=127.0.0.1:9101"
- "--path.procfs=/host/proc"
- "--path.sysfs=/host/sys"
name: node-exporter
resources:
requests:
memory: 30Mi
cpu: 100m
limits:
memory: 50Mi
cpu: 200m
volumeMounts:
- name: proc
readOnly: true
mountPath: /host/proc
- name: sys
readOnly: true
mountPath: /host/sys
- name: kube-rbac-proxy
image: quay.io/brancz/kube-rbac-proxy:v0.2.0
args:
- "--secure-listen-address=:9100"
- "--upstream=http://127.0.0.1:9101/"
ports:
- containerPort: 9100
hostPort: 9100
name: https
resources:
requests:
memory: 20Mi
cpu: 10m
limits:
memory: 40Mi
cpu: 20m
tolerations:
- effect: NoSchedule
operator: Exists
volumes:
- name: proc
hostPath:
path: /proc
- name: sys
hostPath:
path: /sys
---
apiVersion: v1
kind: Service
metadata:
labels:
app: node-exporter
k8s-app: node-exporter
name: node-exporter
spec:
type: ClusterIP
clusterIP: None
ports:
- name: https
port: 9100
protocol: TCP
selector:
app: node-exporter
---
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
labels:
k8s-app: node-exporter
name: node-exporter
spec:
endpoints:
- bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
interval: 30s
port: https
scheme: https
tlsConfig:
insecureSkipVerify: true
jobLabel: k8s-app
namespaceSelector:
matchNames:
- default
selector:
matchLabels:
k8s-app: node-exporter
serviceAccount: prometheus
Raw
prom-oper.yml
# step 2.1: prometheus operator
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
name: prometheus-operator
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: prometheus-operator
subjects:
- kind: ServiceAccount
name: prometheus-operator
namespace: default
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRole
metadata:
name: prometheus-operator
rules:
- apiGroups:
- extensions
resources:
- thirdpartyresources
verbs:
- "*"
- apiGroups:
- apiextensions.k8s.io
resources:
- customresourcedefinitions
verbs:
- "*"
- apiGroups:
- monitoring.coreos.com
resources:
- alertmanagers
- prometheuses
- prometheuses/finalizers
- alertmanagers/finalizers
- servicemonitors
- rulefiles
verbs:
- "*"
- apiGroups:
- apps
resources:
- statefulsets
verbs: ["*"]
- apiGroups: [""]
resources:
- configmaps
- secrets
verbs: ["*"]
- apiGroups: [""]
resources:
- pods
verbs: ["list", "delete"]
- apiGroups: [""]
resources:
- services
- endpoints
verbs: ["get", "create", "update"]
- apiGroups: [""]
resources:
- nodes
- namespaces
verbs: ["list", "watch"]
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: prometheus-operator
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
k8s-app: prometheus-operator
name: prometheus-operator
spec:
replicas: 1
selector:
matchLabels:
k8s-app: prometheus-operator
template:
metadata:
labels:
k8s-app: prometheus-operator
spec:
containers:
- args:
- --kubelet-service=kube-system/kubelet
- --config-reloader-image=quay.io/coreos/configmap-reload:v0.0.1
image: quay.io/coreos/prometheus-operator:v0.19.0
name: prometheus-operator
ports:
- containerPort: 8080
name: http
resources:
limits:
cpu: 200m
memory: 100Mi
requests:
cpu: 100m
memory: 50Mi
securityContext:
runAsNonRoot: true
runAsUser: 65534
serviceAccountName: prometheus-operator
Raw
rook-cluster.yml
# step 1.2: rook ceph cluster
apiVersion: rook.io/v1alpha1
kind: Cluster
metadata:
name: rook
namespace: rook
spec:
backend: ceph
dashboard:
enabled: true
dataDirHostPath: /data/rook
hostNetwork: false
monCount: 3
resources:
placement:
all:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: zone
operator: In
values:
- maple
storage:
useAllNodes: false
useAllDevices: false
storeConfig:
databaseSizeMB: 1024
journalSizeMB: 1024
storeType: bluestore
nodes:
- name: game-1
directories:
- path: /rook-dev/ssd-1
- name: game-2
directories:
- path: /rook-dev/ssd-1
- name: iron-1
directories:
- path: /rook-dev/hdd-1
- path: /rook-dev/hdd-2
- name: iron-2
directories:
- path: /rook-dev/hdd-1
- path: /rook-dev/hdd-2
Raw
rook-oper.yml
# step 1.1: rook operator
apiVersion: v1
kind: Namespace
metadata:
name: rook-system
---
apiVersion: v1
kind: Namespace
metadata:
name: rook
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: clusters.rook.io
spec:
group: rook.io
names:
kind: Cluster
listKind: ClusterList
plural: clusters
singular: cluster
scope: Namespaced
version: v1alpha1
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: filesystems.rook.io
spec:
group: rook.io
names:
kind: Filesystem
listKind: FilesystemList
plural: filesystems
singular: filesystem
scope: Namespaced
version: v1alpha1
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: objectstores.rook.io
spec:
group: rook.io
names:
kind: ObjectStore
listKind: ObjectStoreList
plural: objectstores
singular: objectstore
scope: Namespaced
version: v1alpha1
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: pools.rook.io
spec:
group: rook.io
names:
kind: Pool
listKind: PoolList
plural: pools
singular: pool
scope: Namespaced
version: v1alpha1
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: volumeattachments.rook.io
spec:
group: rook.io
names:
kind: VolumeAttachment
listKind: VolumeAttachmentList
plural: volumeattachments
singular: volumeattachment
scope: Namespaced
version: v1alpha1
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRole
metadata:
name: rook-operator
rules:
- apiGroups:
- ""
resources:
- namespaces
- serviceaccounts
- secrets
- pods
- services
- nodes
- nodes/proxy
- configmaps
- events
- persistentvolumes
- persistentvolumeclaims
verbs:
- get
- list
- watch
- patch
- create
- update
- delete
- apiGroups:
- extensions
resources:
- deployments
- daemonsets
- replicasets
verbs:
- get
- list
- watch
- create
- update
- delete
- apiGroups:
- rbac.authorization.k8s.io
resources:
- clusterroles
- clusterrolebindings
- roles
- rolebindings
verbs:
- get
- list
- watch
- create
- update
- delete
- apiGroups:
- storage.k8s.io
resources:
- storageclasses
verbs:
- get
- list
- watch
- delete
- apiGroups:
- rook.io
resources:
- "*"
verbs:
- "*"
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: rook-operator
namespace: rook-system
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: rook-operator
namespace: rook-system
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: rook-operator
subjects:
- kind: ServiceAccount
name: rook-operator
namespace: rook-system
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: rook-operator
namespace: rook-system
labels:
k8s-app: rook-operator
spec:
replicas: 1
selector:
matchLabels:
k8s-app: rook-operator
template:
metadata:
labels:
k8s-app: rook-operator
spec:
serviceAccountName: rook-operator
containers:
- name: rook-operator
image: rook/rook:master
args: ["operator"]
env:
- name: ROOK_ALLOW_MULTIPLE_FILESYSTEMS
value: "false"
- name: ROOK_MON_HEALTHCHECK_INTERVAL
value: "45s"
- name: ROOK_MON_OUT_TIMEOUT
value: "300s"
- name: NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
---
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
name: rook-ceph-mgr
labels:
k8s-app: rook
spec:
namespaceSelector:
matchNames:
- rook
selector:
matchLabels:
app: rook-ceph-mgr
rook_cluster: rook
endpoints:
- port: http-metrics
path: /metrics
interval: 5s
Raw
rook-pool.yml
# step 1.3: rook storage pools & k8s classes
apiVersion: rook.io/v1alpha1
kind: Pool
metadata:
name: rook-durable
namespace: rook
spec:
crushRoot: hdd
failureDomain: osd
replicated:
size: 3
---
apiVersion: rook.io/v1alpha1
kind: Pool
metadata:
name: rook-mirror
namespace: rook
spec:
crushRoot: ssd
failureDomain: osd
replicated:
size: 2
---
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: rook-durable
provisioner: rook.io/block
parameters:
pool: rook-durable
clusterName: rook
---
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: rook-mirror
provisioner: rook.io/block
parameters:
pool: rook-mirror
clusterName: rook
Raw
rook-tools.yml
# step 1.4: rook debug tools
apiVersion: v1
kind: Pod
metadata:
name: rook-ceph-tools
namespace: rook
spec:
dnsPolicy: ClusterFirstWithHostNet
containers:
- name: rook-ceph-tools
image: rook/ceph-toolbox:master
imagePullPolicy: IfNotPresent
env:
- name: ROOK_ADMIN_SECRET
valueFrom:
secretKeyRef:
name: rook-ceph-mon
key: admin-secret
securityContext:
privileged: true
volumeMounts:
- mountPath: /dev
name: dev
- mountPath: /sys/bus
name: sysbus
- mountPath: /lib/modules
name: libmodules
- name: mon-endpoint-volume
mountPath: /etc/rook
hostNetwork: false
volumes:
- name: dev
hostPath:
path: /dev
- name: sysbus
hostPath:
path: /sys/bus
- name: libmodules
hostPath:
path: /lib/modules
- name: mon-endpoint-volume
configMap:
name: rook-ceph-mon-endpoints
items:
- key: data
path: mon-endpoints
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment