Skip to content

Commit 7dcc185

Browse files
catpineapplecatpineapple
committed
add fdb rolebinding for deployment
1 parent 3f94d79 commit 7dcc185

File tree

2 files changed

+240
-26
lines changed

2 files changed

+240
-26
lines changed

doc/examples/disaggregated/fdb/deployment.yaml

Lines changed: 240 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,240 @@
1+
apiVersion: v1
2+
kind: ServiceAccount
3+
metadata:
4+
name: fdb-kubernetes-operator-controller-manager
5+
---
6+
apiVersion: rbac.authorization.k8s.io/v1
7+
kind: ClusterRole
8+
metadata:
9+
creationTimestamp: null
10+
name: fdb-kubernetes-operator-manager-clusterrole
11+
rules:
12+
- apiGroups:
13+
- ""
14+
resources:
15+
- nodes
16+
verbs:
17+
- get
18+
- list
19+
- watch
20+
---
21+
apiVersion: rbac.authorization.k8s.io/v1
22+
kind: ClusterRole
23+
metadata:
24+
name: fdb-kubernetes-operator-manager-role
25+
rules:
26+
- apiGroups:
27+
- ""
28+
resources:
29+
- configmaps
30+
- events
31+
- persistentvolumeclaims
32+
- pods
33+
- secrets
34+
- services
35+
verbs:
36+
- create
37+
- delete
38+
- get
39+
- list
40+
- patch
41+
- update
42+
- watch
43+
- apiGroups:
44+
- apps
45+
resources:
46+
- deployments
47+
verbs:
48+
- create
49+
- delete
50+
- get
51+
- list
52+
- patch
53+
- update
54+
- watch
55+
- apiGroups:
56+
- apps.foundationdb.org
57+
resources:
58+
- foundationdbbackups
59+
- foundationdbclusters
60+
- foundationdbrestores
61+
verbs:
62+
- create
63+
- delete
64+
- get
65+
- list
66+
- patch
67+
- update
68+
- watch
69+
- apiGroups:
70+
- apps.foundationdb.org
71+
resources:
72+
- foundationdbbackups/status
73+
- foundationdbclusters/status
74+
- foundationdbrestores/status
75+
verbs:
76+
- get
77+
- patch
78+
- update
79+
- apiGroups:
80+
- coordination.k8s.io
81+
resources:
82+
- leases
83+
verbs:
84+
- create
85+
- delete
86+
- get
87+
- list
88+
- patch
89+
- update
90+
- watch
91+
---
92+
apiVersion: rbac.authorization.k8s.io/v1
93+
kind: RoleBinding
94+
metadata:
95+
creationTimestamp: null
96+
name: fdb-kubernetes-operator-manager-rolebinding
97+
roleRef:
98+
apiGroup: rbac.authorization.k8s.io
99+
kind: ClusterRole
100+
name: fdb-kubernetes-operator-manager-role
101+
subjects:
102+
- kind: ServiceAccount
103+
name: fdb-kubernetes-operator-controller-manager
104+
- kind: ServiceAccount
105+
name: default
106+
---
107+
apiVersion: rbac.authorization.k8s.io/v1
108+
kind: ClusterRoleBinding
109+
metadata:
110+
creationTimestamp: null
111+
name: fdb-kubernetes-operator-manager-clusterrolebinding
112+
roleRef:
113+
apiGroup: rbac.authorization.k8s.io
114+
kind: ClusterRole
115+
name: fdb-kubernetes-operator-manager-clusterrole
116+
subjects:
117+
- kind: ServiceAccount
118+
name: fdb-kubernetes-operator-controller-manager
119+
namespace: metadata.namespace
120+
- kind: ServiceAccount
121+
name: default
122+
namespace: metadata.namespace
123+
---
124+
apiVersion: apps/v1
125+
kind: Deployment
126+
metadata:
127+
labels:
128+
app: fdb-kubernetes-operator-controller-manager
129+
control-plane: controller-manager
130+
name: fdb-kubernetes-operator-controller-manager
131+
spec:
132+
replicas: 1
133+
selector:
134+
matchLabels:
135+
app: fdb-kubernetes-operator-controller-manager
136+
template:
137+
metadata:
138+
labels:
139+
app: fdb-kubernetes-operator-controller-manager
140+
control-plane: controller-manager
141+
spec:
142+
containers:
143+
- command:
144+
- /manager
145+
env:
146+
- name: WATCH_NAMESPACE
147+
valueFrom:
148+
fieldRef:
149+
fieldPath: metadata.namespace
150+
image: foundationdb/fdb-kubernetes-operator:v2.13.0
151+
name: manager
152+
ports:
153+
- containerPort: 8080
154+
name: metrics
155+
resources:
156+
limits:
157+
cpu: 500m
158+
memory: 256Mi
159+
requests:
160+
cpu: 500m
161+
memory: 256Mi
162+
securityContext:
163+
allowPrivilegeEscalation: false
164+
privileged: false
165+
readOnlyRootFilesystem: true
166+
volumeMounts:
167+
- mountPath: /tmp
168+
name: tmp
169+
- mountPath: /var/log/fdb
170+
name: logs
171+
- mountPath: /usr/bin/fdb
172+
name: fdb-binaries
173+
initContainers:
174+
- args:
175+
- --copy-library
176+
- "7.1"
177+
- --copy-binary
178+
- fdbcli
179+
- --copy-binary
180+
- fdbbackup
181+
- --copy-binary
182+
- fdbrestore
183+
- --output-dir
184+
- /var/output-files
185+
- --mode
186+
- init
187+
image: foundationdb/fdb-kubernetes-monitor:7.1.67
188+
name: foundationdb-kubernetes-init-7-1
189+
volumeMounts:
190+
- mountPath: /var/output-files
191+
name: fdb-binaries
192+
- args:
193+
- --copy-library
194+
- "7.3"
195+
- --copy-binary
196+
- fdbcli
197+
- --copy-binary
198+
- fdbbackup
199+
- --copy-binary
200+
- fdbrestore
201+
- --output-dir
202+
- /var/output-files
203+
- --mode
204+
- init
205+
image: foundationdb/fdb-kubernetes-monitor:7.3.63
206+
name: foundationdb-kubernetes-init-7-3
207+
volumeMounts:
208+
- mountPath: /var/output-files
209+
name: fdb-binaries
210+
- args:
211+
- --copy-library
212+
- "7.4"
213+
- --copy-binary
214+
- fdbcli
215+
- --copy-binary
216+
- fdbbackup
217+
- --copy-binary
218+
- fdbrestore
219+
- --output-dir
220+
- /var/output-files
221+
- --mode
222+
- init
223+
image: foundationdb/fdb-kubernetes-monitor:7.4.1
224+
name: foundationdb-kubernetes-init-7-4
225+
volumeMounts:
226+
- mountPath: /var/output-files
227+
name: fdb-binaries
228+
securityContext:
229+
fsGroup: 4059
230+
runAsGroup: 4059
231+
runAsUser: 4059
232+
serviceAccountName: fdb-kubernetes-operator-controller-manager
233+
terminationGracePeriodSeconds: 10
234+
volumes:
235+
- emptyDir: {}
236+
name: tmp
237+
- emptyDir: {}
238+
name: logs
239+
- emptyDir: {}
240+
name: fdb-binaries

doc/examples/disaggregated/fdb/rbac_role_binding.yaml

Lines changed: 0 additions & 26 deletions
This file was deleted.

0 commit comments

Comments
 (0)