zheng1/port.yaml

## port.yaml
apiVersion: v1
kind: Namespace
metadata:
  name: porter-system
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
  creationTimestamp: null
  name: eips.network.kubesphere.io
spec:
  additionalPrinterColumns:
  - JSONPath: .spec.address
    name: cidr
    type: string
  - JSONPath: .status.usage
    name: usage
    type: integer
  - JSONPath: .status.poolSize
    name: total
    type: integer
  group: network.kubesphere.io
  names:
    categories:
    - ksnet
    kind: Eip
    plural: eips
  scope: Cluster
  subresources:
    status: {}
  validation:
    openAPIV3Schema:
      description: Eip is the Schema for the eips API
      properties:
        apiVersion:
          description: 'APIVersion defines the versioned schema of this representation
            of an object. Servers should convert recognized schemas to the latest
            internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
          type: string
        kind:
          description: 'Kind is a string value representing the REST resource this
            object represents. Servers may infer this from the endpoint the client
            submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
          type: string
        metadata:
          type: object
        spec:
          description: EipSpec defines the desired state of EIP
          properties:
            address:
              type: string
            disable:
              type: boolean
            usingKnownIPs:
              type: boolean
          type: object
        status:
          description: EipStatus defines the observed state of EIP
          properties:
            occupied:
              type: boolean
            poolSize:
              type: integer
            usage:
              type: integer
          type: object
      type: object
  version: v1alpha1
  versions:
  - name: v1alpha1
    served: true
    storage: true
status:
  acceptedNames:
    kind: ""
    plural: ""
  conditions: []
  storedVersions: []
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  name: leader-election-role
  namespace: porter-system
rules:
- apiGroups:
  - ""
  resources:
  - configmaps
  verbs:
  - get
  - list
  - watch
  - create
  - update
  - patch
  - delete
- apiGroups:
  - ""
  resources:
  - configmaps/status
  verbs:
  - get
  - update
  - patch
- apiGroups:
  - ""
  resources:
  - events
  verbs:
  - create
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  creationTimestamp: null
  name: manager-role
rules:
- apiGroups:
  - ""
  resources:
  - events
  verbs:
  - create
  - patch
- apiGroups:
  - ""
  resources:
  - endpoints
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - ""
  resources:
  - nodes
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - ""
  resources:
  - services
  verbs:
  - create
  - delete
  - get
  - list
  - patch
  - update
  - watch
- apiGroups:
  - ""
  resources:
  - services/status
  verbs:
  - get
  - patch
  - update
- apiGroups:
  - network.kubesphere.io
  resources:
  - eips
  verbs:
  - create
  - delete
  - get
  - list
  - patch
  - update
  - watch
- apiGroups:
  - network.kubesphere.io
  resources:
  - eips/status
  verbs:
  - get
  - patch
  - update
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: proxy-role
rules:
- apiGroups:
  - authentication.k8s.io
  resources:
  - tokenreviews
  verbs:
  - create
- apiGroups:
  - authorization.k8s.io
  resources:
  - subjectaccessreviews
  verbs:
  - create
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  name: leader-election-rolebinding
  namespace: porter-system
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: leader-election-role
subjects:
- kind: ServiceAccount
  name: default
  namespace: porter-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: manager-rolebinding
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: manager-role
subjects:
- kind: ServiceAccount
  name: default
  namespace: porter-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: proxy-rolebinding
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: proxy-role
subjects:
- kind: ServiceAccount
  name: default
  namespace: porter-system
---
apiVersion: v1
kind: ConfigMap
metadata:
  name: bgp-cfg
  namespace: porter-system
data:
  config.toml: |-
    [global.config]
        as = 65000
        router-id = "192.168.98.111"
        port = 17900
    [porter-config]
        using-port-forward =true
    [[neighbors]]
        [neighbors.config]
            neighbor-address = "192.168.98.5"
            peer-as = 65001
        [neighbors.add-paths.config]
            send-max = 8
---
apiVersion: v1
kind: Secret
metadata:
  name: webhook-server-secret
  namespace: porter-system
---
apiVersion: v1
kind: Service
metadata:
  annotations:
    prometheus.io/port: "8443"
    prometheus.io/scheme: https
    prometheus.io/scrape: "true"
  labels:
    control-plane: controller-manager
  name: controller-manager-metrics-service
  namespace: porter-system
spec:
  ports:
  - name: https
    port: 8443
    targetPort: https
  selector:
    control-plane: controller-manager
---
apiVersion: v1
kind: Service
metadata:
  labels:
    control-plane: porter-manager
  name: porter-manager-service
  namespace: porter-system
spec:
  ports:
  - port: 443
  selector:
    control-plane: porter-manager
---
apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: porter-manager
    control-plane: porter-manager
  name: porter-manager
  namespace: porter-system
spec:
  selector:
    matchLabels:
      app: porter-manager
      control-plane: porter-manager
  template:
    metadata:
      labels:
        app: porter-manager
        control-plane: porter-manager
    spec:
      containers:
      - args:
        - -f
        - /etc/config/config.toml
        command:
        - /manager
        env:
        - name: POD_NAMESPACE
          valueFrom:
            fieldRef:
              fieldPath: metadata.namespace
        image: kubespheredev/porter:v0.1.1
        imagePullPolicy: IfNotPresent
        name: manager
        readinessProbe:
          httpGet:
            path: /hello
            port: 8000
          initialDelaySeconds: 5
          periodSeconds: 3
        resources:
          limits:
            cpu: 100m
            memory: 30Mi
          requests:
            cpu: 100m
            memory: 20Mi
        securityContext:
          capabilities:
            add:
            - NET_ADMIN
            - SYS_TIME
        volumeMounts:
        - mountPath: /etc/config
          name: config-bgp
      hostNetwork: true
      nodeSelector:
        node-role.kubernetes.io/master: ""
      terminationGracePeriodSeconds: 10
      tolerations:
      - key: CriticalAddonsOnly
        operator: Exists
      - effect: NoSchedule
        key: node-role.kubernetes.io/master
      volumes:
      - configMap:
          name: bgp-cfg
        name: config-bgp
---
apiVersion: apps/v1
kind: DaemonSet
metadata:
  labels:
    control-plane: porter-agent
    controller-tools.k8s.io: "1.0"
  name: porter-agent
  namespace: porter-system
spec:
  selector:
    matchLabels:
      app: porter-agent
  template:
    metadata:
      labels:
        app: porter-agent
    spec:
      containers:
      - env:
        - name: MY_NODE_NAME
          valueFrom:
            fieldRef:
              fieldPath: spec.nodeName
        - name: MY_NODE_IP
          valueFrom:
            fieldRef:
              fieldPath: status.hostIP
        image: kubespheredev/porter-agent:v0.1.1
        imagePullPolicy: IfNotPresent
        name: porter-agent
        resources:
          limits:
            cpu: 100m
            memory: 30Mi
          requests:
            cpu: 100m
            memory: 20Mi
        securityContext:
          capabilities:
            add:
            - NET_ADMIN
      hostNetwork: true
	apiVersion: v1
	kind: Namespace
	metadata:
	name: porter-system
	---
	apiVersion: apiextensions.k8s.io/v1beta1
	kind: CustomResourceDefinition
	metadata:
	creationTimestamp: null
	name: eips.network.kubesphere.io
	spec:
	additionalPrinterColumns:
	- JSONPath: .spec.address
	name: cidr
	type: string
	- JSONPath: .status.usage
	name: usage
	type: integer
	- JSONPath: .status.poolSize
	name: total
	type: integer
	group: network.kubesphere.io
	names:
	categories:
	- ksnet
	kind: Eip
	plural: eips
	scope: Cluster
	subresources:
	status: {}
	validation:
	openAPIV3Schema:
	description: Eip is the Schema for the eips API
	properties:
	apiVersion:
	description: 'APIVersion defines the versioned schema of this representation
	of an object. Servers should convert recognized schemas to the latest
	internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
	type: string
	kind:
	description: 'Kind is a string value representing the REST resource this
	object represents. Servers may infer this from the endpoint the client
	submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
	type: string
	metadata:
	type: object
	spec:
	description: EipSpec defines the desired state of EIP
	properties:
	address:
	type: string
	disable:
	type: boolean
	usingKnownIPs:
	type: boolean
	type: object
	status:
	description: EipStatus defines the observed state of EIP
	properties:
	occupied:
	type: boolean
	poolSize:
	type: integer
	usage:
	type: integer
	type: object
	type: object
	version: v1alpha1
	versions:
	- name: v1alpha1
	served: true
	storage: true
	status:
	acceptedNames:
	kind: ""
	plural: ""
	conditions: []
	storedVersions: []
	---
	apiVersion: rbac.authorization.k8s.io/v1
	kind: Role
	metadata:
	name: leader-election-role
	namespace: porter-system
	rules:
	- apiGroups:
	- ""
	resources:
	- configmaps
	verbs:
	- get
	- list
	- watch
	- create
	- update
	- patch
	- delete
	- apiGroups:
	- ""
	resources:
	- configmaps/status
	verbs:
	- get
	- update
	- patch
	- apiGroups:
	- ""
	resources:
	- events
	verbs:
	- create
	---
	apiVersion: rbac.authorization.k8s.io/v1
	kind: ClusterRole
	metadata:
	creationTimestamp: null
	name: manager-role
	rules:
	- apiGroups:
	- ""
	resources:
	- events
	verbs:
	- create
	- patch
	- apiGroups:
	- ""
	resources:
	- endpoints
	verbs:
	- get
	- list
	- watch
	- apiGroups:
	- ""
	resources:
	- nodes
	verbs:
	- get
	- list
	- watch
	- apiGroups:
	- ""
	resources:
	- services
	verbs:
	- create
	- delete
	- get
	- list
	- patch
	- update
	- watch
	- apiGroups:
	- ""
	resources:
	- services/status
	verbs:
	- get
	- patch
	- update
	- apiGroups:
	- network.kubesphere.io
	resources:
	- eips
	verbs:
	- create
	- delete
	- get
	- list
	- patch
	- update
	- watch
	- apiGroups:
	- network.kubesphere.io
	resources:
	- eips/status
	verbs:
	- get
	- patch
	- update
	---
	apiVersion: rbac.authorization.k8s.io/v1
	kind: ClusterRole
	metadata:
	name: proxy-role
	rules:
	- apiGroups:
	- authentication.k8s.io
	resources:
	- tokenreviews
	verbs:
	- create
	- apiGroups:
	- authorization.k8s.io
	resources:
	- subjectaccessreviews
	verbs:
	- create
	---
	apiVersion: rbac.authorization.k8s.io/v1
	kind: RoleBinding
	metadata:
	name: leader-election-rolebinding
	namespace: porter-system
	roleRef:
	apiGroup: rbac.authorization.k8s.io
	kind: Role
	name: leader-election-role
	subjects:
	- kind: ServiceAccount
	name: default
	namespace: porter-system
	---
	apiVersion: rbac.authorization.k8s.io/v1
	kind: ClusterRoleBinding
	metadata:
	name: manager-rolebinding
	roleRef:
	apiGroup: rbac.authorization.k8s.io
	kind: ClusterRole
	name: manager-role
	subjects:
	- kind: ServiceAccount
	name: default
	namespace: porter-system
	---
	apiVersion: rbac.authorization.k8s.io/v1
	kind: ClusterRoleBinding
	metadata:
	name: proxy-rolebinding
	roleRef:
	apiGroup: rbac.authorization.k8s.io
	kind: ClusterRole
	name: proxy-role
	subjects:
	- kind: ServiceAccount
	name: default
	namespace: porter-system
	---
	apiVersion: v1
	kind: ConfigMap
	metadata:
	name: bgp-cfg
	namespace: porter-system
	data:
	config.toml: \|-
	[global.config]
	as = 65000
	router-id = "192.168.98.111"
	port = 17900
	[porter-config]
	using-port-forward =true
	[[neighbors]]
	[neighbors.config]
	neighbor-address = "192.168.98.5"
	peer-as = 65001
	[neighbors.add-paths.config]
	send-max = 8
	---
	apiVersion: v1
	kind: Secret
	metadata:
	name: webhook-server-secret
	namespace: porter-system
	---
	apiVersion: v1
	kind: Service
	metadata:
	annotations:
	prometheus.io/port: "8443"
	prometheus.io/scheme: https
	prometheus.io/scrape: "true"
	labels:
	control-plane: controller-manager
	name: controller-manager-metrics-service
	namespace: porter-system
	spec:
	ports:
	- name: https
	port: 8443
	targetPort: https
	selector:
	control-plane: controller-manager
	---
	apiVersion: v1
	kind: Service
	metadata:
	labels:
	control-plane: porter-manager
	name: porter-manager-service
	namespace: porter-system
	spec:
	ports:
	- port: 443
	selector:
	control-plane: porter-manager
	---
	apiVersion: apps/v1
	kind: Deployment
	metadata:
	labels:
	app: porter-manager
	control-plane: porter-manager
	name: porter-manager
	namespace: porter-system
	spec:
	selector:
	matchLabels:
	app: porter-manager
	control-plane: porter-manager
	template:
	metadata:
	labels:
	app: porter-manager
	control-plane: porter-manager
	spec:
	containers:
	- args:
	- -f
	- /etc/config/config.toml
	command:
	- /manager
	env:
	- name: POD_NAMESPACE
	valueFrom:
	fieldRef:
	fieldPath: metadata.namespace
	image: kubespheredev/porter:v0.1.1
	imagePullPolicy: IfNotPresent
	name: manager
	readinessProbe:
	httpGet:
	path: /hello
	port: 8000
	initialDelaySeconds: 5
	periodSeconds: 3
	resources:
	limits:
	cpu: 100m
	memory: 30Mi
	requests:
	cpu: 100m
	memory: 20Mi
	securityContext:
	capabilities:
	add:
	- NET_ADMIN
	- SYS_TIME
	volumeMounts:
	- mountPath: /etc/config
	name: config-bgp
	hostNetwork: true
	nodeSelector:
	node-role.kubernetes.io/master: ""
	terminationGracePeriodSeconds: 10
	tolerations:
	- key: CriticalAddonsOnly
	operator: Exists
	- effect: NoSchedule
	key: node-role.kubernetes.io/master
	volumes:
	- configMap:
	name: bgp-cfg
	name: config-bgp
	---
	apiVersion: apps/v1
	kind: DaemonSet
	metadata:
	labels:
	control-plane: porter-agent
	controller-tools.k8s.io: "1.0"
	name: porter-agent
	namespace: porter-system
	spec:
	selector:
	matchLabels:
	app: porter-agent
	template:
	metadata:
	labels:
	app: porter-agent
	spec:
	containers:
	- env:
	- name: MY_NODE_NAME
	valueFrom:
	fieldRef:
	fieldPath: spec.nodeName
	- name: MY_NODE_IP
	valueFrom:
	fieldRef:
	fieldPath: status.hostIP
	image: kubespheredev/porter-agent:v0.1.1
	imagePullPolicy: IfNotPresent
	name: porter-agent
	resources:
	limits:
	cpu: 100m
	memory: 30Mi
	requests:
	cpu: 100m
	memory: 20Mi
	securityContext:
	capabilities:
	add:
	- NET_ADMIN
	hostNetwork: true