porkadot 0.20.0 → 0.21.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/porkadot/assets/kubernetes.rb +2 -0
- data/lib/porkadot/assets/kubernetes/manifests/000-metallb.yaml.erb +7 -0
- data/lib/porkadot/assets/kubernetes/manifests/metallb.config.yaml.erb +13 -0
- data/lib/porkadot/assets/kubernetes/manifests/metallb.yaml.erb +71 -41
- data/lib/porkadot/default.yaml +1 -1
- data/lib/porkadot/version.rb +1 -1
- metadata +3 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 839afa115dc53563a391b710c14ab686f6c45a5420a6d1f6c6eee21ebdb1e6cf
|
|
4
|
+
data.tar.gz: 8f8fbc1099bebe03b5f994050e083c385baad03536d15c14ef6ed1f412ce278c
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 20194aa567e21c0e7af5caa6deb7645c617d58240c5685b0a90e477ea9331ea522618c206718b97a4218ab9d939fa6bd7b557df698703fb8c45c240dbb025e95
|
|
7
|
+
data.tar.gz: 3fdd45b9a6132bf0167c4e30c939aa42db77331a6007a850baa1adb67335731e639ccc9483435aecc7c3411d49094698846592a712205b5377adda17965ea930
|
|
@@ -27,7 +27,9 @@ module Porkadot; module Assets
|
|
|
27
27
|
cni = global_config.cni
|
|
28
28
|
render_erb 'manifests/porkadot.yaml'
|
|
29
29
|
render_erb 'manifests/kubelet.yaml'
|
|
30
|
+
render_erb "manifests/000-#{lb.type}.yaml"
|
|
30
31
|
render_erb "manifests/#{lb.type}.yaml"
|
|
32
|
+
render_erb "manifests/#{lb.type}.config.yaml"
|
|
31
33
|
render_secrets_erb "manifests/#{lb.type}.secrets.yaml"
|
|
32
34
|
render_erb "manifests/#{cni.type}.yaml"
|
|
33
35
|
render_erb "manifests/coredns.yaml"
|
|
@@ -1,11 +1,3 @@
|
|
|
1
|
-
<% k8s = global_config.k8s -%>
|
|
2
|
-
apiVersion: v1
|
|
3
|
-
kind: Namespace
|
|
4
|
-
metadata:
|
|
5
|
-
labels:
|
|
6
|
-
app: metallb
|
|
7
|
-
name: metallb-system
|
|
8
|
-
---
|
|
9
1
|
apiVersion: policy/v1beta1
|
|
10
2
|
kind: PodSecurityPolicy
|
|
11
3
|
metadata:
|
|
@@ -58,9 +50,7 @@ metadata:
|
|
|
58
50
|
spec:
|
|
59
51
|
allowPrivilegeEscalation: false
|
|
60
52
|
allowedCapabilities:
|
|
61
|
-
- NET_ADMIN
|
|
62
53
|
- NET_RAW
|
|
63
|
-
- SYS_ADMIN
|
|
64
54
|
allowedHostPaths: []
|
|
65
55
|
defaultAddCapabilities: []
|
|
66
56
|
defaultAllowPrivilegeEscalation: false
|
|
@@ -72,6 +62,8 @@ spec:
|
|
|
72
62
|
hostPorts:
|
|
73
63
|
- max: 7472
|
|
74
64
|
min: 7472
|
|
65
|
+
- max: 7946
|
|
66
|
+
min: 7946
|
|
75
67
|
privileged: true
|
|
76
68
|
readOnlyRootFilesystem: true
|
|
77
69
|
requiredDropCapabilities:
|
|
@@ -118,7 +110,6 @@ rules:
|
|
|
118
110
|
- get
|
|
119
111
|
- list
|
|
120
112
|
- watch
|
|
121
|
-
- update
|
|
122
113
|
- apiGroups:
|
|
123
114
|
- ''
|
|
124
115
|
resources:
|
|
@@ -158,6 +149,13 @@ rules:
|
|
|
158
149
|
- get
|
|
159
150
|
- list
|
|
160
151
|
- watch
|
|
152
|
+
- apiGroups: ["discovery.k8s.io"]
|
|
153
|
+
resources:
|
|
154
|
+
- endpointslices
|
|
155
|
+
verbs:
|
|
156
|
+
- get
|
|
157
|
+
- list
|
|
158
|
+
- watch
|
|
161
159
|
- apiGroups:
|
|
162
160
|
- ''
|
|
163
161
|
resources:
|
|
@@ -207,6 +205,37 @@ rules:
|
|
|
207
205
|
- list
|
|
208
206
|
---
|
|
209
207
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
208
|
+
kind: Role
|
|
209
|
+
metadata:
|
|
210
|
+
labels:
|
|
211
|
+
app: metallb
|
|
212
|
+
name: controller
|
|
213
|
+
namespace: metallb-system
|
|
214
|
+
rules:
|
|
215
|
+
- apiGroups:
|
|
216
|
+
- ''
|
|
217
|
+
resources:
|
|
218
|
+
- secrets
|
|
219
|
+
verbs:
|
|
220
|
+
- create
|
|
221
|
+
- apiGroups:
|
|
222
|
+
- ''
|
|
223
|
+
resources:
|
|
224
|
+
- secrets
|
|
225
|
+
resourceNames:
|
|
226
|
+
- memberlist
|
|
227
|
+
verbs:
|
|
228
|
+
- list
|
|
229
|
+
- apiGroups:
|
|
230
|
+
- apps
|
|
231
|
+
resources:
|
|
232
|
+
- deployments
|
|
233
|
+
resourceNames:
|
|
234
|
+
- controller
|
|
235
|
+
verbs:
|
|
236
|
+
- get
|
|
237
|
+
---
|
|
238
|
+
apiVersion: rbac.authorization.k8s.io/v1
|
|
210
239
|
kind: ClusterRoleBinding
|
|
211
240
|
metadata:
|
|
212
241
|
labels:
|
|
@@ -268,6 +297,21 @@ subjects:
|
|
|
268
297
|
- kind: ServiceAccount
|
|
269
298
|
name: speaker
|
|
270
299
|
---
|
|
300
|
+
apiVersion: rbac.authorization.k8s.io/v1
|
|
301
|
+
kind: RoleBinding
|
|
302
|
+
metadata:
|
|
303
|
+
labels:
|
|
304
|
+
app: metallb
|
|
305
|
+
name: controller
|
|
306
|
+
namespace: metallb-system
|
|
307
|
+
roleRef:
|
|
308
|
+
apiGroup: rbac.authorization.k8s.io
|
|
309
|
+
kind: Role
|
|
310
|
+
name: controller
|
|
311
|
+
subjects:
|
|
312
|
+
- kind: ServiceAccount
|
|
313
|
+
name: controller
|
|
314
|
+
---
|
|
271
315
|
apiVersion: apps/v1
|
|
272
316
|
kind: DaemonSet
|
|
273
317
|
metadata:
|
|
@@ -308,47 +352,44 @@ spec:
|
|
|
308
352
|
fieldRef:
|
|
309
353
|
fieldPath: status.podIP
|
|
310
354
|
# needed when another software is also using memberlist / port 7946
|
|
355
|
+
# when changing this default you also need to update the container ports definition
|
|
356
|
+
# and the PodSecurityPolicy hostPorts definition
|
|
311
357
|
#- name: METALLB_ML_BIND_PORT
|
|
312
358
|
# value: "7946"
|
|
313
359
|
- name: METALLB_ML_LABELS
|
|
314
360
|
value: "app=metallb,component=speaker"
|
|
315
|
-
- name: METALLB_ML_NAMESPACE
|
|
316
|
-
valueFrom:
|
|
317
|
-
fieldRef:
|
|
318
|
-
fieldPath: metadata.namespace
|
|
319
361
|
- name: METALLB_ML_SECRET_KEY
|
|
320
362
|
valueFrom:
|
|
321
363
|
secretKeyRef:
|
|
322
364
|
name: memberlist
|
|
323
365
|
key: secretkey
|
|
324
|
-
image: metallb/speaker:v0.
|
|
325
|
-
imagePullPolicy: Always
|
|
366
|
+
image: quay.io/metallb/speaker:v0.10.2
|
|
326
367
|
name: speaker
|
|
327
368
|
ports:
|
|
328
369
|
- containerPort: 7472
|
|
329
370
|
name: monitoring
|
|
330
|
-
|
|
331
|
-
|
|
332
|
-
|
|
333
|
-
|
|
371
|
+
- containerPort: 7946
|
|
372
|
+
name: memberlist-tcp
|
|
373
|
+
- containerPort: 7946
|
|
374
|
+
name: memberlist-udp
|
|
375
|
+
protocol: UDP
|
|
334
376
|
securityContext:
|
|
335
377
|
allowPrivilegeEscalation: false
|
|
336
378
|
capabilities:
|
|
337
379
|
add:
|
|
338
|
-
- NET_ADMIN
|
|
339
380
|
- NET_RAW
|
|
340
|
-
- SYS_ADMIN
|
|
341
381
|
drop:
|
|
342
382
|
- ALL
|
|
343
383
|
readOnlyRootFilesystem: true
|
|
344
384
|
hostNetwork: true
|
|
345
385
|
nodeSelector:
|
|
346
|
-
|
|
386
|
+
kubernetes.io/os: linux
|
|
347
387
|
serviceAccountName: speaker
|
|
348
388
|
terminationGracePeriodSeconds: 2
|
|
349
389
|
tolerations:
|
|
350
390
|
- effect: NoSchedule
|
|
351
391
|
key: node-role.kubernetes.io/master
|
|
392
|
+
operator: Exists
|
|
352
393
|
---
|
|
353
394
|
apiVersion: apps/v1
|
|
354
395
|
kind: Deployment
|
|
@@ -377,16 +418,16 @@ spec:
|
|
|
377
418
|
- args:
|
|
378
419
|
- --port=7472
|
|
379
420
|
- --config=config
|
|
380
|
-
|
|
381
|
-
|
|
421
|
+
env:
|
|
422
|
+
- name: METALLB_ML_SECRET_NAME
|
|
423
|
+
value: memberlist
|
|
424
|
+
- name: METALLB_DEPLOYMENT
|
|
425
|
+
value: controller
|
|
426
|
+
image: quay.io/metallb/controller:v0.10.2
|
|
382
427
|
name: controller
|
|
383
428
|
ports:
|
|
384
429
|
- containerPort: 7472
|
|
385
430
|
name: monitoring
|
|
386
|
-
resources:
|
|
387
|
-
limits:
|
|
388
|
-
cpu: 100m
|
|
389
|
-
memory: 100Mi
|
|
390
431
|
securityContext:
|
|
391
432
|
allowPrivilegeEscalation: false
|
|
392
433
|
capabilities:
|
|
@@ -400,14 +441,3 @@ spec:
|
|
|
400
441
|
runAsUser: 65534
|
|
401
442
|
serviceAccountName: controller
|
|
402
443
|
terminationGracePeriodSeconds: 0
|
|
403
|
-
---
|
|
404
|
-
apiVersion: v1
|
|
405
|
-
kind: ConfigMap
|
|
406
|
-
metadata:
|
|
407
|
-
labels:
|
|
408
|
-
app: metallb
|
|
409
|
-
name: config
|
|
410
|
-
namespace: metallb-system
|
|
411
|
-
data:
|
|
412
|
-
config: |
|
|
413
|
-
<%= u.indent(global_config.lb.lb_config, 4) %>
|
data/lib/porkadot/default.yaml
CHANGED
data/lib/porkadot/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: porkadot
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.21.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- OTSUKA, Yuanying
|
|
@@ -144,6 +144,7 @@ files:
|
|
|
144
144
|
- lib/porkadot/assets/kubernetes.rb
|
|
145
145
|
- lib/porkadot/assets/kubernetes/install.sh.erb
|
|
146
146
|
- lib/porkadot/assets/kubernetes/kubeconfig.yaml.erb
|
|
147
|
+
- lib/porkadot/assets/kubernetes/manifests/000-metallb.yaml.erb
|
|
147
148
|
- lib/porkadot/assets/kubernetes/manifests/coredns.yaml.erb
|
|
148
149
|
- lib/porkadot/assets/kubernetes/manifests/dns-horizontal-autoscaler.yaml.erb
|
|
149
150
|
- lib/porkadot/assets/kubernetes/manifests/flannel.yaml.erb
|
|
@@ -155,6 +156,7 @@ files:
|
|
|
155
156
|
- lib/porkadot/assets/kubernetes/manifests/kube-scheduler.yaml.erb
|
|
156
157
|
- lib/porkadot/assets/kubernetes/manifests/kubelet-rubber-stamp.yaml.erb
|
|
157
158
|
- lib/porkadot/assets/kubernetes/manifests/kubelet.yaml.erb
|
|
159
|
+
- lib/porkadot/assets/kubernetes/manifests/metallb.config.yaml.erb
|
|
158
160
|
- lib/porkadot/assets/kubernetes/manifests/metallb.secrets.yaml.erb
|
|
159
161
|
- lib/porkadot/assets/kubernetes/manifests/metallb.yaml.erb
|
|
160
162
|
- lib/porkadot/assets/kubernetes/manifests/porkadot.yaml.erb
|