File tree Expand file tree Collapse file tree 4 files changed +28
-0
lines changed Expand file tree Collapse file tree 4 files changed +28
-0
lines changed Original file line number Diff line number Diff line change @@ -349,6 +349,13 @@ app: {{- include "karmada.name" .}}-search
349349 { {- end }
350350{ {- end -}
351351
352+ { {- define " karmada.scheduler.cert.volume" }
353+ { { $name := include " karmada.name" }
354+ - name: karmada-certs
355+ secret:
356+ secretName: { { $name }
357+ { {- end -}
358+
352359{ {/*
353360Return the proper karmada internal etcd image name
354361*/} }
Original file line number Diff line number Diff line change 5252 - --kubeconfig=/etc/kubeconfig
5353 - --bind-address=0.0.0.0
5454 - --leader-elect-resource-namespace={{ $systemNamespace }}
55+ - --scheduler-estimator-ca-file=/etc/karmada/pki/ca.crt
56+ - --scheduler-estimator-cert-file=/etc/karmada/pki/karmada.crt
57+ - --scheduler-estimator-key-file=/etc/karmada/pki/karmada.key
5558 - --v=4
5659 livenessProbe :
5760 httpGet :
@@ -63,12 +66,16 @@ spec:
6366 periodSeconds : 15
6467 timeoutSeconds : 5
6568 volumeMounts :
69+ - name : karmada-certs
70+ mountPath : /etc/karmada/pki
71+ readOnly : true
6672 {{- include "karmada.kubeconfig.volumeMount" . | nindent 12 }}
6773 resources :
6874 {{- toYaml .Values.descheduler.resources | nindent 12 }}
6975 volumes :
7076 {{- include "karmada.init-sa-secret.volume" . | nindent 8 }}
7177 {{- include "karmada.descheduler.kubeconfig.volume" . | nindent 8 }}
78+ {{- include "karmada.scheduler.cert.volume" . | nindent 8 }}
7279
7380{{ if .Values.descheduler.podDisruptionBudget }}
7481---
Original file line number Diff line number Diff line change 4848 - /bin/karmada-scheduler-estimator
4949 - --kubeconfig=/etc/{{ $clusterName }}-kubeconfig
5050 - --cluster-name={{ $clusterName }}
51+ - --grpc-auth-cert-file=/etc/karmada/pki/karmada.crt
52+ - --grpc-auth-key-file=/etc/karmada/pki/karmada.key
53+ - --grpc-client-ca-file=/etc/karmada/pki/ca.crt
5154 {{- with (include "karmada.schedulerEstimator.featureGates" (dict "featureGatesArg" $.Values.schedulerEstimator.featureGates)) }}
5255 - {{ . }}
5356 {{- end}}
@@ -61,12 +64,16 @@ spec:
6164 periodSeconds : 15
6265 timeoutSeconds : 5
6366 volumeMounts :
67+ - name : karmada-certs
68+ mountPath : /etc/karmada/pki
69+ readOnly : true
6470 - name : member-kubeconfig
6571 subPath : {{ $clusterName }}-kubeconfig
6672 mountPath : /etc/{{ $clusterName }}-kubeconfig
6773 resources :
6874 {{- toYaml $.Values.schedulerEstimator.resources | nindent 12 }}
6975 volumes :
76+ {{- include "karmada.scheduler.cert.volume" $ | nindent 8 }}
7077 - name : member-kubeconfig
7178 secret :
7279 secretName : {{ $clusterName }}-kubeconfig
Original file line number Diff line number Diff line change 5353 - --bind-address=0.0.0.0
5454 - --secure-port=10351
5555 - --leader-elect-resource-namespace={{ $systemNamespace }}
56+ - --scheduler-estimator-ca-file=/etc/karmada/pki/ca.crt
57+ - --scheduler-estimator-cert-file=/etc/karmada/pki/karmada.crt
58+ - --scheduler-estimator-key-file=/etc/karmada/pki/karmada.key
5659 livenessProbe :
5760 httpGet :
5861 path : /healthz
@@ -63,12 +66,16 @@ spec:
6366 periodSeconds : 15
6467 timeoutSeconds : 5
6568 volumeMounts :
69+ - name : karmada-certs
70+ mountPath : /etc/karmada/pki
71+ readOnly : true
6672 {{- include "karmada.kubeconfig.volumeMount" . | nindent 12 }}
6773 resources :
6874 {{- toYaml .Values.scheduler.resources | nindent 12 }}
6975 volumes :
7076 {{- include "karmada.init-sa-secret.volume" . | nindent 8 }}
7177 {{- include "karmada.kubeconfig.volume" . | nindent 8 }}
78+ {{- include "karmada.scheduler.cert.volume" . | nindent 8 }}
7279
7380{{ if .Values.scheduler.podDisruptionBudget }}
7481---
You can’t perform that action at this time.
0 commit comments