This repository has been archived by the owner on Jan 12, 2021. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 18
/
ClusterManagerTemplate.yaml
74 lines (74 loc) · 2.34 KB
/
ClusterManagerTemplate.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
apiVersion: v1
kind: Secret
metadata:
name: cluster-manager-provider-access-keys
namespace: $FEDERATION_NAMESPACE
type: Opaque
data:
awsAccessKeyId: "$AWS_ACCESS_KEY_ID_BASE64"
awsSecretAccessKey: "$AWS_SECRET_ACCESS_KEY_BASE64"
okeBearerToken: "$OKE_BEARER_TOKEN_BASE64"
okeAuthGroup: "$OKE_AUTH_GROUP_BASE64"
okeCloudAuthId: "$OKE_CLOUD_AUTH_ID_BASE64"
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: cluster-manager
namespace: $FEDERATION_NAMESPACE
spec:
replicas: 1
template:
metadata:
labels:
app: cluster-manager
spec:
containers:
- name: cluster-manager
image: ${IMAGE_REPOSITORY}/cluster-manager:${IMAGE_VERSION}
imagePullPolicy: Always
env:
- name: AWS_ACCESS_KEY_ID
valueFrom:
secretKeyRef:
name: cluster-manager-provider-access-keys
key: awsAccessKeyId
- name: AWS_SECRET_ACCESS_KEY
valueFrom:
secretKeyRef:
name: cluster-manager-provider-access-keys
key: awsSecretAccessKey
- name: OKE_BEARER_TOKEN
valueFrom:
secretKeyRef:
name: cluster-manager-provider-access-keys
key: okeBearerToken
- name: OKE_AUTH_GROUP
valueFrom:
secretKeyRef:
name: cluster-manager-provider-access-keys
key: okeAuthGroup
- name: OKE_CLOUD_AUTH_ID
valueFrom:
secretKeyRef:
name: cluster-manager-provider-access-keys
key: okeCloudAuthId
command:
- /cluster-manager
- --v=2
- --domain=$DOMAIN
- --fkubeApiServer=https://$FEDERATION_CONTEXT-apiserver
- --fkubeName=$FEDERATION_CONTEXT
- --fkubeNamespace=$FEDERATION_NAMESPACE
- --okeApiHost=api.cluster.us-ashburn-1.oracledx.com
- --statestore=$KOPS_STATE_STORE
volumeMounts:
- mountPath: /etc/federation/controller-manager
name: $FEDERATION_CONTEXT-controller-manager-kubeconfig
readOnly: true
serviceAccountName: federation-controller-manager
serviceAccount: federation-controller-manager
volumes:
- name: $FEDERATION_CONTEXT-controller-manager-kubeconfig
secret:
secretName: $FEDERATION_CONTEXT-controller-manager-kubeconfig