Skip to content

Instantly share code, notes, and snippets.

@zaki-lknr
Last active March 17, 2020 12:46
Show Gist options
  • Save zaki-lknr/ca785b605afda8cf8b8980ec59a7ee5e to your computer and use it in GitHub Desktop.
Save zaki-lknr/ca785b605afda8cf8b8980ec59a7ee5e to your computer and use it in GitHub Desktop.

OKD 3.11 (single node)

apiVersion: v1
kind: Pod
metadata:
  annotations:
    openshift.io/deployment-config.latest-version: "1"
    openshift.io/deployment-config.name: router
    openshift.io/deployment.name: router-1
    openshift.io/scc: hostnetwork
  creationTimestamp: 2020-02-17T03:43:58Z
  generateName: router-1-
  labels:
    deployment: router-1
    deploymentconfig: router
    router: router
  name: router-1-lb9jx
  namespace: default
  ownerReferences:
  - apiVersion: v1
    blockOwnerDeletion: true
    controller: true
    kind: ReplicationController
    name: router-1
    uid: b7b3078e-5137-11ea-af4e-000c29f44d7c
  resourceVersion: "76662"
  selfLink: /api/v1/namespaces/default/pods/router-1-lb9jx
  uid: bac97cb5-5137-11ea-af4e-000c29f44d7c
spec:
  containers:
  - env:
    - name: DEFAULT_CERTIFICATE_DIR
      value: /etc/pki/tls/private
    - name: DEFAULT_CERTIFICATE_PATH
      value: /etc/pki/tls/private/tls.crt
    - name: ROUTER_CIPHERS
    - name: ROUTER_EXTERNAL_HOST_HOSTNAME
    - name: ROUTER_EXTERNAL_HOST_HTTPS_VSERVER
    - name: ROUTER_EXTERNAL_HOST_HTTP_VSERVER
    - name: ROUTER_EXTERNAL_HOST_INSECURE
      value: "false"
    - name: ROUTER_EXTERNAL_HOST_INTERNAL_ADDRESS
    - name: ROUTER_EXTERNAL_HOST_PARTITION_PATH
    - name: ROUTER_EXTERNAL_HOST_PASSWORD
    - name: ROUTER_EXTERNAL_HOST_PRIVKEY
      value: /etc/secret-volume/router.pem
    - name: ROUTER_EXTERNAL_HOST_USERNAME
    - name: ROUTER_EXTERNAL_HOST_VXLAN_GW_CIDR
    - name: ROUTER_LISTEN_ADDR
      value: 0.0.0.0:1936
    - name: ROUTER_METRICS_TLS_CERT_FILE
      value: /etc/pki/tls/metrics/tls.crt
    - name: ROUTER_METRICS_TLS_KEY_FILE
      value: /etc/pki/tls/metrics/tls.key
    - name: ROUTER_METRICS_TYPE
      value: haproxy
    - name: ROUTER_SERVICE_HTTPS_PORT
      value: "443"
    - name: ROUTER_SERVICE_HTTP_PORT
      value: "80"
    - name: ROUTER_SERVICE_NAME
      value: router
    - name: ROUTER_SERVICE_NAMESPACE
      value: default
    - name: ROUTER_SUBDOMAIN
    - name: ROUTER_THREADS
      value: "0"
    - name: STATS_PASSWORD
      value: KGlcXOV8hs
    - name: STATS_PORT
      value: "1936"
    - name: STATS_USERNAME
      value: admin
    - name: EXTENDED_VALIDATION
      value: "true"
    image: docker.io/openshift/origin-haproxy-router:v3.11
    imagePullPolicy: IfNotPresent
    livenessProbe:
      failureThreshold: 3
      httpGet:
        host: localhost
        path: /healthz
        port: 1936
        scheme: HTTP
      initialDelaySeconds: 10
      periodSeconds: 10
      successThreshold: 1
      timeoutSeconds: 1
    name: router
    ports:
    - containerPort: 80
      hostPort: 80
      protocol: TCP
    - containerPort: 443
      hostPort: 443
      protocol: TCP
    - containerPort: 1936
      hostPort: 1936
      name: stats
      protocol: TCP
    readinessProbe:
      failureThreshold: 3
      httpGet:
        host: localhost
        path: healthz/ready
        port: 1936
        scheme: HTTP
      initialDelaySeconds: 10
      periodSeconds: 10
      successThreshold: 1
      timeoutSeconds: 1
    resources:
      requests:
        cpu: 100m
        memory: 256Mi
    securityContext:
      capabilities:
        drop:
        - KILL
        - MKNOD
        - SETGID
        - SETUID
      runAsUser: 1000000000
    terminationMessagePath: /dev/termination-log
    terminationMessagePolicy: File
    volumeMounts:
    - mountPath: /etc/pki/tls/metrics/
      name: metrics-server-certificate
      readOnly: true
    - mountPath: /etc/pki/tls/private
      name: server-certificate
      readOnly: true
    - mountPath: /var/run/secrets/kubernetes.io/serviceaccount
      name: router-token-78cv5
      readOnly: true
  dnsPolicy: ClusterFirst
  hostNetwork: true
  imagePullSecrets:
  - name: router-dockercfg-zckg5
  nodeName: okd-master.esxi.jp-z.jp
  nodeSelector:
    node-role.kubernetes.io/infra: "true"
  priority: 0
  restartPolicy: Always
  schedulerName: default-scheduler
  securityContext:
    fsGroup: 1000000000
    seLinuxOptions:
      level: s0:c1,c0
    supplementalGroups:
    - 1000000000
  serviceAccount: router
  serviceAccountName: router
  terminationGracePeriodSeconds: 30
  tolerations:
  - effect: NoSchedule
    key: node.kubernetes.io/memory-pressure
    operator: Exists
  volumes:
  - name: metrics-server-certificate
    secret:
      defaultMode: 420
      secretName: router-metrics-tls
  - name: server-certificate
    secret:
      defaultMode: 420
      secretName: router-certs
  - name: router-token-78cv5
    secret:
      defaultMode: 420
      secretName: router-token-78cv5
status:
  conditions:
  - lastProbeTime: null
    lastTransitionTime: 2020-02-17T03:43:58Z
    status: "True"
    type: Initialized
  - lastProbeTime: null
    lastTransitionTime: 2020-03-17T11:40:30Z
    status: "True"
    type: Ready
  - lastProbeTime: null
    lastTransitionTime: null
    status: "True"
    type: ContainersReady
  - lastProbeTime: null
    lastTransitionTime: 2020-02-17T03:43:58Z
    status: "True"
    type: PodScheduled
  containerStatuses:
  - containerID: docker://1f1d2e914eb2ac01259e90bc2c71c1242a242b265844546287e0972ddda9e669
    image: docker.io/openshift/origin-haproxy-router:v3.11
    imageID: docker-pullable://docker.io/openshift/origin-haproxy-router@sha256:473572b5dc0df6fc28f9b08aa1f5bb9eb86526b66c58f13dbaa3a73a94f9ba7f
    lastState:
      terminated:
        containerID: docker://351794e462eb4f3a6351ea89fdcea2329bdd6cc19c2ab24b5efa6e40b35cd858
        exitCode: 2
        finishedAt: 2020-02-27T23:12:56Z
        reason: Error
        startedAt: 2020-02-27T22:29:39Z
    name: router
    ready: true
    restartCount: 4
    state:
      running:
        startedAt: 2020-03-17T11:40:12Z
  hostIP: 192.168.0.71
  phase: Running
  podIP: 192.168.0.71
  qosClass: Burstable
  startTime: 2020-02-17T03:43:58Z
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment