RubyGems - porkadot - Versions diffs - 0.19.1 → 0.22.2 - Mend

porkadot 0.19.1 → 0.22.2

Files changed (49) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 834e1f31cbbf8c7c8766162945572512fc0311dbf772df008f85ef2a00b3ea3d
-  data.tar.gz: f453e7a4899673f08a550b69c41b30c908eb5bf0906a67eee79a21ccd5fc1dcd
+  metadata.gz: 89c9072a82772720ff6d492d2dcaf475ef31460bc108886be716b1b7b0e0a3d7
+  data.tar.gz: edcc58e0f9e5a616020caa2348a46ecb06e796930fb565efcc6dfad25244d69b
 SHA512:
-  metadata.gz: e13576f10e90eb2d277302bfcfe7cecb7feb681d25070052c50b6060b95e0b455061d093d8ddde84a69c650e2fa6f2b3775e25913cf743023c2ee036bdef0764
-  data.tar.gz: 5714fefdd57b9683974ea42f6d111ac87b66f723221f5f0852c95b758d92cf19f6eac32c9ddd2e98e1f77dcbac4db70c735eddf4999cb39be71ad2717efb5d5d
+  metadata.gz: aa12a3f43721a233b17f46708cced2989430da72ccd3e90be46c72b4d2d01b675372f07f609050d0c49cb966d600c40b2eb209a591715e62c411d148a9ace680
+  data.tar.gz: 2cacb639c73ecb17300b48ba50e923a15a02f95b619fec2c05d3c3ae50eef7f9b5ae5a62fc784c4957bcf8a04850384d1bca7ba6c623101d812d669cd8939423

data/lib/porkadot/assets/bootstrap/manifests/kube-apiserver.bootstrap.yaml.erb CHANGED Viewed

@@ -12,6 +12,9 @@ metadata:
     <%- end -%>
 spec:
   hostNetwork: true
+  securityContext:
+    seccompProfile:
+      type: RuntimeDefault
   containers:
   - name: kube-apiserver
     resources:
@@ -23,6 +26,35 @@ spec:
     <%- k8s.apiserver.args(bootstrap: true).each do |k, v| -%>
     - <%= k %><% if v ;%>=<%= v %><%; end %>
     <%- end -%>
+    livenessProbe:
+      failureThreshold: 8
+      httpGet:
+        host: 127.0.0.1
+        path: /livez
+        port: 6443
+        scheme: HTTPS
+      initialDelaySeconds: 10
+      periodSeconds: 10
+      timeoutSeconds: 15
+    readinessProbe:
+      failureThreshold: 3
+      httpGet:
+        host: 127.0.0.1
+        path: /readyz
+        port: 6443
+        scheme: HTTPS
+      periodSeconds: 1
+      timeoutSeconds: 15
+    startupProbe:
+      failureThreshold: 24
+      httpGet:
+        host: 127.0.0.1
+        path: /livez
+        port: 6443
+        scheme: HTTPS
+      initialDelaySeconds: 10
+      periodSeconds: 10
+      timeoutSeconds: 15
     env:
     - name: POD_IP
       valueFrom:

data/lib/porkadot/assets/bootstrap/manifests/kube-controller-manager.bootstrap.yaml.erb CHANGED Viewed

@@ -10,6 +10,9 @@ metadata:
     <%= k.to_s %>: <%= v %>
     <%- end -%>
 spec:
+  securityContext:
+    seccompProfile:
+      type: RuntimeDefault
   containers:
   - name: kube-controller-manager
     image: <%= k8s.image_repository %>/kube-controller-manager:<%= k8s.kubernetes_version %>
@@ -18,6 +21,26 @@ spec:
     <%- k8s.controller_manager.args(bootstrap: true).each do |k, v| -%>
     - <%= k %><% if v ;%>=<%= v %><%; end %>
     <%- end -%>
+    livenessProbe:
+      failureThreshold: 8
+      httpGet:
+        host: 127.0.0.1
+        path: /healthz
+        port: 10257
+        scheme: HTTPS
+      initialDelaySeconds: 10
+      periodSeconds: 10
+      timeoutSeconds: 15
+    startupProbe:
+      failureThreshold: 24
+      httpGet:
+        host: 127.0.0.1
+        path: /healthz
+        port: 10257
+        scheme: HTTPS
+      initialDelaySeconds: 10
+      periodSeconds: 10
+      timeoutSeconds: 15
     volumeMounts:
     - name: var-run-kubernetes
       mountPath: /var/run/kubernetes

data/lib/porkadot/assets/bootstrap/manifests/kube-scheduler.bootstrap.yaml.erb CHANGED Viewed

@@ -10,6 +10,9 @@ metadata:
     <%= k.to_s %>: <%= v %>
     <%- end -%>
 spec:
+  securityContext:
+    seccompProfile:
+      type: RuntimeDefault
   containers:
   - name: kube-scheduler
     image: <%= k8s.image_repository %>/kube-scheduler:<%= k8s.kubernetes_version %>
@@ -18,6 +21,26 @@ spec:
     <%- k8s.scheduler.args(bootstrap: true).each do |k, v| -%>
     - <%= k %><% if v ;%>=<%= v %><%; end %>
     <%- end -%>
+    livenessProbe:
+      failureThreshold: 8
+      httpGet:
+        host: 127.0.0.1
+        path: /healthz
+        port: 10259
+        scheme: HTTPS
+      initialDelaySeconds: 10
+      periodSeconds: 10
+      timeoutSeconds: 15
+    startupProbe:
+      failureThreshold: 24
+      httpGet:
+        host: 127.0.0.1
+        path: /healthz
+        port: 10259
+        scheme: HTTPS
+      initialDelaySeconds: 10
+      periodSeconds: 10
+      timeoutSeconds: 15
     volumeMounts:
     - name: kubernetes
       mountPath: /etc/kubernetes

data/lib/porkadot/assets/kubelet/install-deps.sh.erb CHANGED Viewed

@@ -37,3 +37,12 @@ chmod +x ${ETCD_TMP}/etcdctl
 rm -f /opt/bin/etcdctl
 mv ${ETCD_TMP}/etcdctl /opt/bin/etcdctl-${ETCD_VER}
 ln -s /opt/bin/etcdctl-${ETCD_VER} /opt/bin/etcdctl
+CRICTL_VER="<%= global_config.k8s.crictl_version %>"
+CRICTL_URL=https://github.com/kubernetes-sigs/cri-tools/releases/download/${CRICTL_VER}/crictl-${CRICTL_VER}-linux-${architecture}.tar.gz
+CRICTL_TMP=$(mktemp -d)
+curl -L ${CRICTL_URL} -o ${CRICTL_TMP}/crictl.tar.gz
+tar zxvf ${CRICTL_TMP}/crictl.tar.gz -C ${CRICTL_TMP}/
+rm -f /opt/bin/crictl
+mv ${CRICTL_TMP}/crictl /opt/bin/crictl-${CRICTL_VER}
+ln -s /opt/bin/crictl-${CRICTL_VER} /opt/bin/crictl

data/lib/porkadot/assets/kubelet/setup-containerd.sh.erb CHANGED Viewed

@@ -5,6 +5,13 @@ ROOT=$(dirname "${BASH_SOURCE}")
 mkdir -p /etc/containerd
 containerd config default | tee /etc/containerd/config.toml
-sed -i -e "/containerd.runtimes.runc.options/a SystemdCgroup = true" /etc/containerd/config.toml
+grep SystemdCgroup /etc/containerd/config.toml && :
+if [[ $? == 0 ]]; then
+  sed -i -e "s/SystemdCgroup.*$/SystemdCgroup = true/" /etc/containerd/config.toml
+else
+  sed -i -e "/containerd.runtimes.runc.options/a SystemdCgroup = true" /etc/containerd/config.toml
+fi
 systemctl restart containerd

data/lib/porkadot/assets/kubelet-default/install.sh.erb ADDED Viewed

@@ -0,0 +1,14 @@
+#!/bin/bash
+set -eu
+export LC_ALL=C
+ROOT=$(dirname "${BASH_SOURCE}")
+# Install addons
+for addon in $(ls ${ROOT}/addons/); do
+  install_sh="${ROOT}/addons/${addon}/install.sh"
+  if [[ -f ${install_sh} ]]; then
+    echo "Install: ${install_sh}"
+    bash ${install_sh}
+  fi
+done

data/lib/porkadot/assets/kubelet.rb CHANGED Viewed

@@ -7,11 +7,13 @@ module Porkadot; module Assets
   class KubeletList
     attr_reader :global_config
     attr_reader :logger
+    attr_reader :kubelet_default
     attr_reader :kubelets
     def initialize global_config
       @global_config = global_config
       @logger = global_config.logger
+      @kubelet_default = KubeletDefault.new(global_config.kubelet_default)
       @kubelets = {}
       global_config.nodes.each do |k, config|
         @kubelets[k] = Kubelet.new(config)
@@ -19,6 +21,7 @@ module Porkadot; module Assets
     end
     def render
+      self.kubelet_default.render
       self.kubelets.each do |_, v|
         v.render
       end
@@ -29,6 +32,35 @@ module Porkadot; module Assets
     end
   end
+  class KubeletDefault
+    include Porkadot::Assets
+    TEMPLATE_DIR = File.join(File.dirname(__FILE__), "kubelet-default")
+    attr_reader :global_config
+    attr_reader :config
+    attr_reader :logger
+    attr_reader :certs
+    def initialize config
+      @config = config
+      @logger = config.logger
+      @global_config = config.config
+      @certs = Porkadot::Assets::Certs::Kubernetes.new(global_config)
+    end
+    def render
+      logger.info "--> Rendering Kubelet default configs"
+      unless File.directory?(config.addon_path)
+        FileUtils.mkdir_p(config.addon_path)
+      end
+      unless File.directory?(config.addon_secrets_path)
+        FileUtils.mkdir_p(config.addon_secrets_path)
+      end
+      render_erb 'install.sh'
+    end
+  end
   class Kubelet
     include Porkadot::Assets
     TEMPLATE_DIR = File.join(File.dirname(__FILE__), "kubelet")

data/lib/porkadot/assets/kubernetes/install.secrets.sh.erb ADDED Viewed

@@ -0,0 +1,8 @@
+#!/bin/bash
+set -eu
+export LC_ALL=C
+ROOT=$(dirname "${BASH_SOURCE}")
+/opt/bin/kubectl apply -R -f ${ROOT}/manifests

data/lib/porkadot/assets/kubernetes/install.sh.erb CHANGED Viewed

@@ -3,5 +3,12 @@
 set -eu
 export LC_ALL=C
 ROOT=$(dirname "${BASH_SOURCE}")
+KUBECTL_OPTS=${KUBECTL_OPTS:-""}
-/opt/bin/kubectl apply -f ${ROOT}/manifests/
+KUBECTL_OPTS="${KUBECTL_OPTS} --server-side --force-conflicts --prune"
+KUBECTL_OPTS="${KUBECTL_OPTS} -l kubernetes.unstable.cloud/installed-by=porkadot"
+<%- prune_allowlist.each do |a| -%>
+KUBECTL_OPTS="${KUBECTL_OPTS} --prune-whitelist=<%= a %>"
+<%- end -%>
+/opt/bin/kubectl apply ${KUBECTL_OPTS} -k ${ROOT}

data/lib/porkadot/assets/kubernetes/kubeconfig.yaml.erb ADDED Viewed

@@ -0,0 +1,19 @@
+apiVersion: v1
+kind: Config
+clusters:
+- name: kubernetes
+  cluster:
+    certificate-authority-data: <%= certs.kubernetes.to_base64(:ca_cert) %>
+    server: https://127.0.0.1:<%= global_config.k8s.apiserver.bind_port %>
+users:
+- name: admin
+  user:
+    client-certificate-data: <%= certs.kubernetes.to_base64(:client_cert) %>
+    client-key-data: <%= certs.kubernetes.to_base64(:client_key) %>
+contexts:
+- context:
+    cluster: kubernetes
+    user: admin
+  name: admin-context
+current-context: admin-context

data/lib/porkadot/assets/kubernetes/kustomization.yaml.erb ADDED Viewed

@@ -0,0 +1,7 @@
+# Modify this file if you want to kustomize generated manifests
+# This file will not be overridden by Porkadot.
+labels:
+- pairs:
+    'kubernetes.unstable.cloud/installed-by': 'porkadot'
+resources:
+- manifests

data/lib/porkadot/assets/kubernetes/manifests/{coredns.yaml.erb → addons/coredns/coredns.yaml.erb} RENAMED Viewed

@@ -75,7 +75,7 @@ data:
             lameduck 5s
         }
         ready
-        kubernetes <%= k8s.networking.dns_domain %>  in-addr.arpa ip6.arpa {
+        kubernetes <%= k8s.networking.dns_domain %> <%= k8s.networking.additional_domains.join(" ") %> in-addr.arpa ip6.arpa {
             pods insecure
             fallthrough in-addr.arpa ip6.arpa
             ttl 30
@@ -193,6 +193,7 @@ metadata:
     kubernetes.io/cluster-service: "true"
     addonmanager.kubernetes.io/mode: Reconcile
     kubernetes.io/name: "CoreDNS"
+    app.kubernetes.io/name: kube-dns
 spec:
   selector:
     k8s-app: kube-dns

data/lib/porkadot/assets/kubernetes/manifests/{dns-horizontal-autoscaler.yaml.erb → addons/coredns/dns-horizontal-autoscaler.yaml.erb} RENAMED Viewed

@@ -82,8 +82,6 @@ spec:
       securityContext:
         supplementalGroups: [ 65534 ]
         fsGroup: 65534
-      nodeSelector:
-        kubernetes.io/os: linux
       containers:
       - name: autoscaler
         image: k8s.gcr.io/cluster-proportional-autoscaler-amd64:1.7.1

data/lib/porkadot/assets/kubernetes/manifests/addons/coredns/kustomization.yaml.erb ADDED Viewed

@@ -0,0 +1,3 @@
+resources:
+- coredns.yaml
+- dns-horizontal-autoscaler.yaml

data/lib/porkadot/assets/kubernetes/manifests/{flannel.yaml.erb → addons/flannel/flannel.yaml.erb} RENAMED Viewed

@@ -1,3 +1,5 @@
+<% cni = config.flannel -%>
+<% k8s = global_config.k8s -%>
 ---
 apiVersion: policy/v1beta1
 kind: PodSecurityPolicy
@@ -125,9 +127,15 @@ data:
     }
   net-conf.json: |
     {
-      "Network": "<%= global_config.k8s.networking.pod_subnet %>",
+      <%- if k8s.networking.enable_ipv4 -%>
+      "Network": "<%= k8s.networking.pod_v4subnet %>",
+      <%- end -%>
+      <%- if k8s.networking.enable_ipv6 -%>
+      "EnableIPv6": true,
+      "IPv6Network": "<%= k8s.networking.pod_v6subnet %>",
+      <%- end -%>
       "Backend": {
-        "Type": "<%= global_config.cni.backend %>"
+        "Type": "<%= cni.backend %>"
       }
     }
 ---
@@ -165,8 +173,20 @@ spec:
         effect: NoSchedule
       serviceAccountName: flannel
       initContainers:
+      - name: install-cni-plugin
+       #image: flannelcni/flannel-cni-plugin:v1.0.1 for ppc64le and mips64le (dockerhub limitations may apply)
+        image: <%= cni.plugin_image_repository %>:<%= cni.plugin_image_tag %>
+        command:
+        - cp
+        args:
+        - -f
+        - /flannel
+        - /opt/cni/bin/flannel
+        volumeMounts:
+        - name: cni-plugin
+          mountPath: /opt/cni/bin
       - name: install-cni
-        image: quay.io/coreos/flannel:v0.13.0
+        image: <%= cni.daemon_image_repository %>:<%= cni.daemon_image_tag %>
         command:
         - cp
         args:
@@ -180,19 +200,14 @@ spec:
           mountPath: /etc/kube-flannel/
       containers:
       - name: kube-flannel
-        image: quay.io/coreos/flannel:v0.13.0
+        image: <%= cni.daemon_image_repository %>:<%= cni.daemon_image_tag %>
         command:
         - /opt/bin/flanneld
         args:
         - --ip-masq
         - --kube-subnet-mgr
         resources:
-          requests:
-            cpu: "100m"
-            memory: "50Mi"
-          limits:
-            cpu: "100m"
-            memory: "50Mi"
+<%= u.to_yaml(cni.resources, 10)%>
         securityContext:
           privileged: false
           capabilities:
@@ -211,13 +226,27 @@ spec:
           mountPath: /run/flannel
         - name: flannel-cfg
           mountPath: /etc/kube-flannel/
+        - name: ipam-data
+          mountPath: /var/lib/cni/networks
+        - name: xtables-lock
+          mountPath: /run/xtables.lock
       volumes:
       - name: run
         hostPath:
           path: /run/flannel
+      - name: cni-plugin
+        hostPath:
+          path: /opt/cni/bin
       - name: cni
         hostPath:
           path: /etc/cni/net.d
+      - name: ipam-data
+        hostPath:
+          path: /var/lib/cni/networks
       - name: flannel-cfg
         configMap:
           name: kube-flannel-cfg
+      - name: xtables-lock
+        hostPath:
+          path: /run/xtables.lock
+          type: FileOrCreate

data/lib/porkadot/assets/kubernetes/manifests/addons/flannel/kustomization.yaml.erb ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ resources:
2	+ - flannel.yaml

data/lib/porkadot/assets/kubernetes/manifests/{kubelet-rubber-stamp.yaml.erb → addons/kubelet-rubber-stamp/kubelet-rubber-stamp.yaml.erb} RENAMED Viewed

@@ -24,7 +24,7 @@ spec:
         - name: kubelet-rubber-stamp
           # image: quay.io/kontena/kubelet-rubber-stamp-amd64:0.2
           # Use following image until issue is fixed
-          image: yuanying/kubelet-rubber-stamp:0.3.0.y01
+          image: ghcr.io/porkadot/kubelet-rubber-stamp:0.22.0
           args:
             - "--v=2"
           imagePullPolicy: Always

data/lib/porkadot/assets/kubernetes/manifests/addons/kubelet-rubber-stamp/kustomization.yaml.erb ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ resources:
2	+ - kubelet-rubber-stamp.yaml

data/lib/porkadot/assets/kubernetes/manifests/addons/kustomization.yaml.erb ADDED Viewed

@@ -0,0 +1,4 @@
+resources:
+<%- config.enabled.each do |a| -%>
+- <%= a %>
+<%- end %>

data/lib/porkadot/assets/kubernetes/manifests/addons/metallb/000-metallb.yaml.erb ADDED Viewed

@@ -0,0 +1,7 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  labels:
+    app: metallb
+  name: metallb-system

data/lib/porkadot/assets/kubernetes/manifests/addons/metallb/kustomization.yaml.erb ADDED Viewed

@@ -0,0 +1,4 @@
+resources:
+- 000-metallb.yaml
+- metallb.config.yaml
+- metallb.yaml

data/lib/porkadot/assets/kubernetes/manifests/addons/metallb/metallb.config.yaml.erb ADDED Viewed

@@ -0,0 +1,12 @@
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  labels:
+    app: metallb
+  name: config
+  namespace: metallb-system
+data:
+  config: |
+<%= u.indent(config.metallb.config, 4) %>

data/lib/porkadot/assets/kubernetes/manifests/{metallb.secrets.yaml.erb → addons/metallb/metallb.secrets.yaml.erb} RENAMED Viewed

File without changes

data/lib/porkadot/assets/kubernetes/manifests/{metallb.yaml.erb → addons/metallb/metallb.yaml.erb} RENAMED Viewed

@@ -1,11 +1,3 @@
-<% k8s = global_config.k8s -%>
-apiVersion: v1
-kind: Namespace
-metadata:
-  labels:
-    app: metallb
-  name: metallb-system
----
 apiVersion: policy/v1beta1
 kind: PodSecurityPolicy
 metadata:
@@ -58,9 +50,7 @@ metadata:
 spec:
   allowPrivilegeEscalation: false
   allowedCapabilities:
-  - NET_ADMIN
   - NET_RAW
-  - SYS_ADMIN
   allowedHostPaths: []
   defaultAddCapabilities: []
   defaultAllowPrivilegeEscalation: false
@@ -72,6 +62,8 @@ spec:
   hostPorts:
   - max: 7472
     min: 7472
+  - max: 7946
+    min: 7946
   privileged: true
   readOnlyRootFilesystem: true
   requiredDropCapabilities:
@@ -118,7 +110,6 @@ rules:
   - get
   - list
   - watch
-  - update
 - apiGroups:
   - ''
   resources:
@@ -158,6 +149,13 @@ rules:
   - get
   - list
   - watch
+- apiGroups: ["discovery.k8s.io"]
+  resources:
+  - endpointslices
+  verbs:
+  - get
+  - list
+  - watch
 - apiGroups:
   - ''
   resources:
@@ -207,6 +205,37 @@ rules:
   - list
 ---
 apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  labels:
+    app: metallb
+  name: controller
+  namespace: metallb-system
+rules:
+- apiGroups:
+  - ''
+  resources:
+  - secrets
+  verbs:
+  - create
+- apiGroups:
+  - ''
+  resources:
+  - secrets
+  resourceNames:
+  - memberlist
+  verbs:
+  - list
+- apiGroups:
+  - apps
+  resources:
+  - deployments
+  resourceNames:
+  - controller
+  verbs:
+  - get
+---
+apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
   labels:
@@ -268,6 +297,21 @@ subjects:
 - kind: ServiceAccount
   name: speaker
 ---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  labels:
+    app: metallb
+  name: controller
+  namespace: metallb-system
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: controller
+subjects:
+- kind: ServiceAccount
+  name: controller
+---
 apiVersion: apps/v1
 kind: DaemonSet
 metadata:
@@ -308,47 +352,44 @@ spec:
             fieldRef:
               fieldPath: status.podIP
         # needed when another software is also using memberlist / port 7946
+        # when changing this default you also need to update the container ports definition
+        # and the PodSecurityPolicy hostPorts definition
         #- name: METALLB_ML_BIND_PORT
         #  value: "7946"
         - name: METALLB_ML_LABELS
           value: "app=metallb,component=speaker"
-        - name: METALLB_ML_NAMESPACE
-          valueFrom:
-            fieldRef:
-              fieldPath: metadata.namespace
         - name: METALLB_ML_SECRET_KEY
           valueFrom:
             secretKeyRef:
               name: memberlist
               key: secretkey
-        image: metallb/speaker:v0.9.4
-        imagePullPolicy: Always
+        image: quay.io/metallb/speaker:v0.10.2
         name: speaker
         ports:
         - containerPort: 7472
           name: monitoring
-        resources:
-          limits:
-            cpu: 100m
-            memory: 100Mi
+        - containerPort: 7946
+          name: memberlist-tcp
+        - containerPort: 7946
+          name: memberlist-udp
+          protocol: UDP
         securityContext:
           allowPrivilegeEscalation: false
           capabilities:
             add:
-            - NET_ADMIN
             - NET_RAW
-            - SYS_ADMIN
             drop:
             - ALL
           readOnlyRootFilesystem: true
       hostNetwork: true
       nodeSelector:
-        beta.kubernetes.io/os: linux
+        kubernetes.io/os: linux
       serviceAccountName: speaker
       terminationGracePeriodSeconds: 2
       tolerations:
       - effect: NoSchedule
         key: node-role.kubernetes.io/master
+        operator: Exists
 ---
 apiVersion: apps/v1
 kind: Deployment
@@ -377,16 +418,16 @@ spec:
       - args:
         - --port=7472
         - --config=config
-        image: metallb/controller:v0.9.5
-        imagePullPolicy: Always
+        env:
+        - name: METALLB_ML_SECRET_NAME
+          value: memberlist
+        - name: METALLB_DEPLOYMENT
+          value: controller
+        image: quay.io/metallb/controller:v0.10.2
         name: controller
         ports:
         - containerPort: 7472
           name: monitoring
-        resources:
-          limits:
-            cpu: 100m
-            memory: 100Mi
         securityContext:
           allowPrivilegeEscalation: false
           capabilities:
@@ -400,14 +441,3 @@ spec:
         runAsUser: 65534
       serviceAccountName: controller
       terminationGracePeriodSeconds: 0
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  labels:
-    app: metallb
-  name: config
-  namespace: metallb-system
-data:
-  config: |
-<%= u.indent(global_config.lb.lb_config, 4) %>

data/lib/porkadot/assets/kubernetes/manifests/addons/storage-version-migrator/kustomization.yaml.erb ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ resources:
2	+ - storage-version-migrator.yaml

data/lib/porkadot/assets/kubernetes/manifests/{storage-version-migrator.yaml.erb → addons/storage-version-migrator/storage-version-migrator.yaml.erb} RENAMED Viewed

File without changes