sigs.k8s.io/cluster-api@v1.7.1/bootstrap/kubeadm/config/manager/manager.yaml

sigs.k8s.io/cluster-api@v1.7.1/bootstrap/kubeadm/config/manager/manager.yaml (about)

     1  apiVersion: apps/v1
     2  kind: Deployment
     3  metadata:
     4    name: controller-manager
     5    namespace: system
     6    labels:
     7      control-plane: controller-manager
     8  spec:
     9    selector:
    10      matchLabels:
    11        control-plane: controller-manager
    12    replicas: 1
    13    template:
    14      metadata:
    15        labels:
    16          control-plane: controller-manager
    17      spec:
    18        containers:
    19          - command:
    20              - /manager
    21            args:
    22              - "--leader-elect"
    23              - "--diagnostics-address=${CAPI_DIAGNOSTICS_ADDRESS:=:8443}"
    24              - "--insecure-diagnostics=${CAPI_INSECURE_DIAGNOSTICS:=false}"
    25              - "--feature-gates=MachinePool=${EXP_MACHINE_POOL:=true},KubeadmBootstrapFormatIgnition=${EXP_KUBEADM_BOOTSTRAP_FORMAT_IGNITION:=false}"
    26              - "--bootstrap-token-ttl=${KUBEADM_BOOTSTRAP_TOKEN_TTL:=15m}"
    27            image: controller:latest
    28            name: manager
    29            env:
    30              - name: POD_NAMESPACE
    31                valueFrom:
    32                  fieldRef:
    33                    fieldPath: metadata.namespace
    34              - name: POD_NAME
    35                valueFrom:
    36                  fieldRef:
    37                    fieldPath: metadata.name
    38              - name: POD_UID
    39                valueFrom:
    40                  fieldRef:
    41                    fieldPath: metadata.uid
    42            ports:
    43              - containerPort: 9440
    44                name: healthz
    45                protocol: TCP
    46              - containerPort: 8443
    47                name: metrics
    48                protocol: TCP
    49            readinessProbe:
    50              httpGet:
    51                path: /readyz
    52                port: healthz
    53            livenessProbe:
    54              httpGet:
    55                path: /healthz
    56                port: healthz
    57            securityContext:
    58              allowPrivilegeEscalation: false
    59              capabilities:
    60                drop:
    61                  - ALL
    62              privileged: false
    63              runAsUser: 65532
    64              runAsGroup: 65532
    65        terminationGracePeriodSeconds: 10
    66        serviceAccountName: manager
    67        tolerations:
    68          - effect: NoSchedule
    69            key: node-role.kubernetes.io/master
    70          - effect: NoSchedule
    71            key: node-role.kubernetes.io/control-plane
    72        securityContext:
    73          runAsNonRoot: true
    74          seccompProfile:
    75            type: RuntimeDefault