k8s.io/kubernetes@v1.31.0-alpha.0.0.20240520171757-56147500dadc/cluster/gce/manifests/konnectivity-server.yaml (about) 1 apiVersion: v1 2 kind: Pod 3 metadata: 4 name: konnectivity-server 5 namespace: kube-system 6 component: konnectivity-server 7 spec: 8 securityContext: 9 {{ run_as_user }} 10 {{ run_as_group }} 11 {{ supplemental_groups }} 12 seccompProfile: 13 type: RuntimeDefault 14 priorityClassName: system-node-critical 15 priority: 2000001000 16 hostNetwork: true 17 containers: 18 - name: konnectivity-server-container 19 {{ container_security_context }}: 20 {{ disallow_privilege_escalation}} 21 {{ capabilities }} 22 {{ drop_capabilities }} 23 image: registry.k8s.io/kas-network-proxy/proxy-server:v0.29.0 24 resources: 25 requests: 26 cpu: 25m 27 command: [ "/proxy-server"{{ konnectivity_args }} ] 28 livenessProbe: 29 httpGet: 30 scheme: HTTP 31 host: 127.0.0.1 32 port: {{ health_port }} 33 path: /healthz 34 initialDelaySeconds: {{ liveness_probe_initial_delay }} 35 timeoutSeconds: 60 36 ports: 37 - name: agentport 38 containerPort: {{ agent_port }} 39 hostPort: {{ agent_port }} 40 - name: healthport 41 containerPort: {{ health_port }} 42 hostPort: {{ health_port }} 43 - name: adminport 44 containerPort: {{ admin_port }} 45 hostPort: {{ admin_port }} 46 volumeMounts: 47 - name: varlogkonnectivityserver 48 mountPath: /var/log/konnectivity-server.log 49 readOnly: false 50 - name: pki 51 mountPath: /etc/srv/kubernetes/pki 52 readOnly: true 53 - name: konnectivity-uds 54 mountPath: /etc/srv/kubernetes/konnectivity-server 55 readOnly: false 56 volumes: 57 - name: varlogkonnectivityserver 58 hostPath: 59 path: /var/log/konnectivity-server.log 60 type: FileOrCreate 61 - name: pki 62 hostPath: 63 path: /etc/srv/kubernetes/pki 64 - name: konnectivity-uds 65 hostPath: 66 path: /etc/srv/kubernetes/konnectivity-server 67 type: DirectoryOrCreate