sigs.k8s.io/cluster-api-provider-aws@v1.5.5/test/e2e/data/infrastructure-aws/kustomize_sources/external-cloud-provider/aws-ccm-external.yaml (about) 1 --- 2 apiVersion: apps/v1 3 kind: DaemonSet 4 metadata: 5 name: aws-cloud-controller-manager 6 namespace: kube-system 7 labels: 8 k8s-app: aws-cloud-controller-manager 9 spec: 10 selector: 11 matchLabels: 12 k8s-app: aws-cloud-controller-manager 13 updateStrategy: 14 type: RollingUpdate 15 template: 16 metadata: 17 labels: 18 k8s-app: aws-cloud-controller-manager 19 spec: 20 nodeSelector: 21 node-role.kubernetes.io/master: "" 22 tolerations: 23 - key: node.cloudprovider.kubernetes.io/uninitialized 24 value: "true" 25 effect: NoSchedule 26 - key: node-role.kubernetes.io/master 27 effect: NoSchedule 28 - effect: NoSchedule 29 key: node-role.kubernetes.io/control-plane 30 affinity: 31 nodeAffinity: 32 requiredDuringSchedulingIgnoredDuringExecution: 33 nodeSelectorTerms: 34 - matchExpressions: 35 - key: node-role.kubernetes.io/control-plane 36 operator: Exists 37 - matchExpressions: 38 - key: node-role.kubernetes.io/master 39 operator: Exists 40 serviceAccountName: cloud-controller-manager 41 containers: 42 - name: aws-cloud-controller-manager 43 image: gcr.io/k8s-staging-provider-aws/cloud-controller-manager:v1.20.0-alpha.0 44 args: 45 - --v=2 46 resources: 47 requests: 48 cpu: 200m 49 hostNetwork: true 50 --- 51 apiVersion: v1 52 kind: ServiceAccount 53 metadata: 54 name: cloud-controller-manager 55 namespace: kube-system 56 --- 57 apiVersion: rbac.authorization.k8s.io/v1 58 kind: RoleBinding 59 metadata: 60 name: cloud-controller-manager:apiserver-authentication-reader 61 namespace: kube-system 62 roleRef: 63 apiGroup: rbac.authorization.k8s.io 64 kind: Role 65 name: extension-apiserver-authentication-reader 66 subjects: 67 - apiGroup: "" 68 kind: ServiceAccount 69 name: cloud-controller-manager 70 namespace: kube-system 71 --- 72 apiVersion: rbac.authorization.k8s.io/v1 73 kind: ClusterRole 74 metadata: 75 name: system:cloud-controller-manager 76 rules: 77 - apiGroups: 78 - "" 79 resources: 80 - events 81 verbs: 82 - create 83 - patch 84 - update 85 - apiGroups: 86 - "" 87 resources: 88 - nodes 89 verbs: 90 - '*' 91 - apiGroups: 92 - "" 93 resources: 94 - nodes/status 95 verbs: 96 - patch 97 - apiGroups: 98 - "" 99 resources: 100 - services 101 verbs: 102 - list 103 - patch 104 - update 105 - watch 106 - apiGroups: 107 - "" 108 resources: 109 - services/status 110 verbs: 111 - list 112 - patch 113 - update 114 - watch 115 - apiGroups: 116 - "" 117 resources: 118 - serviceaccounts 119 verbs: 120 - create 121 - apiGroups: 122 - "" 123 resources: 124 - persistentvolumes 125 verbs: 126 - get 127 - list 128 - update 129 - watch 130 - apiGroups: 131 - "" 132 resources: 133 - configmaps 134 verbs: 135 - list 136 - watch 137 - apiGroups: 138 - "" 139 resources: 140 - endpoints 141 verbs: 142 - create 143 - get 144 - list 145 - watch 146 - update 147 - apiGroups: 148 - coordination.k8s.io 149 resources: 150 - leases 151 verbs: 152 - create 153 - get 154 - list 155 - watch 156 - update 157 --- 158 kind: ClusterRoleBinding 159 apiVersion: rbac.authorization.k8s.io/v1 160 metadata: 161 name: system:cloud-controller-manager 162 roleRef: 163 apiGroup: rbac.authorization.k8s.io 164 kind: ClusterRole 165 name: system:cloud-controller-manager 166 subjects: 167 - apiGroup: "" 168 kind: ServiceAccount 169 name: cloud-controller-manager 170 namespace: kube-system