github.com/ironcore-dev/gardener-extension-provider-ironcore@v0.3.2-0.20240314231816-8336447fb9a0/charts/internal/machine-controller-manager/seed/templates/deployment.yaml (about) 1 --- 2 apiVersion: apps/v1 3 kind: Deployment 4 metadata: 5 name: machine-controller-manager 6 namespace: {{ .Release.Namespace }} 7 labels: 8 app: kubernetes 9 role: machine-controller-manager 10 high-availability-config.resources.gardener.cloud/type: controller 11 spec: 12 revisionHistoryLimit: 0 13 replicas: {{ .Values.replicas }} 14 selector: 15 matchLabels: 16 app: kubernetes 17 role: machine-controller-manager 18 template: 19 metadata: 20 {{- if .Values.podAnnotations }} 21 annotations: 22 {{ toYaml .Values.podAnnotations | indent 8 }} 23 {{- end }} 24 labels: 25 gardener.cloud/role: controlplane 26 app: kubernetes 27 role: machine-controller-manager 28 networking.gardener.cloud/to-dns: allowed 29 networking.gardener.cloud/to-public-networks: allowed 30 networking.gardener.cloud/to-private-networks: allowed 31 networking.gardener.cloud/to-runtime-apiserver: allowed 32 networking.resources.gardener.cloud/to-kube-apiserver-tcp-443: allowed 33 {{- if .Values.podLabels }} 34 {{ toYaml .Values.podLabels | indent 8 }} 35 {{- end }} 36 spec: 37 priorityClassName: gardener-system-300 38 serviceAccountName: machine-controller-manager 39 terminationGracePeriodSeconds: 5 40 containers: 41 - name: machine-controller-manager-provider-ironcore 42 image: {{ index .Values.images "machine-controller-manager-provider-ironcore" }} 43 imagePullPolicy: IfNotPresent 44 command: 45 - ./machine-controller 46 - --ironcore-kubeconfig=/etc/ironcore/kubeconfig 47 - --control-kubeconfig=inClusterConfig 48 - --machine-creation-timeout=20m 49 - --machine-drain-timeout=2h 50 - --machine-health-timeout=10m 51 - --machine-safety-apiserver-statuscheck-timeout=30s 52 - --machine-safety-apiserver-statuscheck-period=1m 53 - --machine-safety-orphan-vms-period=30m 54 - --namespace={{ .Release.Namespace }} 55 - --port={{ .Values.metricsPortIroncore }} 56 - --target-kubeconfig=/var/run/secrets/gardener.cloud/shoot/generic-kubeconfig/kubeconfig 57 - --v=4 58 livenessProbe: 59 failureThreshold: 3 60 httpGet: 61 path: /healthz 62 port: {{ .Values.metricsPortIroncore }} 63 scheme: HTTP 64 initialDelaySeconds: 30 65 periodSeconds: 10 66 successThreshold: 1 67 timeoutSeconds: 5 68 terminationMessagePath: /dev/termination-log 69 terminationMessagePolicy: File 70 resources: 71 {{ toYaml .Values.resources.mcmProviderIroncore | indent 10 }} 72 volumeMounts: 73 - mountPath: /var/run/secrets/gardener.cloud/shoot/generic-kubeconfig 74 name: kubeconfig 75 readOnly: true 76 - mountPath: /etc/ironcore 77 name: cloudprovider 78 readOnly: true 79 - name: ironcore-machine-controller-manager 80 image: {{ index .Values.images "machine-controller-manager" }} 81 imagePullPolicy: IfNotPresent 82 command: 83 - ./machine-controller-manager 84 - --control-kubeconfig=inClusterConfig 85 - --machine-safety-overshooting-period=1m 86 - --namespace={{ .Release.Namespace }} 87 - --port={{ .Values.metricsPort }} 88 - --safety-up=2 89 - --safety-down=1 90 - --target-kubeconfig=/var/run/secrets/gardener.cloud/shoot/generic-kubeconfig/kubeconfig 91 - --v=4 92 livenessProbe: 93 failureThreshold: 3 94 httpGet: 95 path: /healthz 96 port: {{ .Values.metricsPort }} 97 scheme: HTTP 98 initialDelaySeconds: 30 99 periodSeconds: 10 100 successThreshold: 1 101 timeoutSeconds: 5 102 ports: 103 - name: metrics 104 containerPort: {{ .Values.metricsPort }} 105 protocol: TCP 106 resources: 107 {{ toYaml .Values.resources.mcm | indent 10 }} 108 volumeMounts: 109 - mountPath: /var/run/secrets/gardener.cloud/shoot/generic-kubeconfig 110 name: kubeconfig 111 readOnly: true 112 volumes: 113 - name: cloudprovider 114 secret: 115 secretName: cloudprovider 116 - name: kubeconfig 117 projected: 118 defaultMode: 420 119 sources: 120 - secret: 121 items: 122 - key: kubeconfig 123 path: kubeconfig 124 name: {{ .Values.genericTokenKubeconfigSecretName }} 125 optional: false 126 - secret: 127 items: 128 - key: token 129 path: token 130 name: shoot-access-machine-controller-manager 131 optional: false