Copy deploy.yaml almost verbatim from services-deployment (605d3788) · Commits · kodo.org.uk / Port Proxy

deploy.yaml

0 → 100644

+63 −0

Original line number	Diff line number	Diff line
		# Port-Proxy ServiceAccount
		kind: ServiceAccount
		apiVersion: v1
		metadata:
		name: port-proxy
		namespace: kube-system

		---

		# Service Reader Role
		kind: ClusterRole
		apiVersion: rbac.authorization.k8s.io/v1
		metadata:
		name: kodo.org.uk:service-reader
		rules:
		- apiGroups: ["*"]
		resources: ["services"]
		verbs: ["get", "watch", "list"]

		---

		# Port-Proxy Rolebinding (services)
		kind: ClusterRoleBinding
		apiVersion: rbac.authorization.k8s.io/v1
		metadata:
		name: kodo.org.uk:proxy-port:service-reader
		subjects:
		- kind: ServiceAccount
		name: port-proxy
		namespace: kube-system
		roleRef:
		kind: ClusterRole
		name: kodo.org.uk:service-reader
		apiGroup: rbac.authorization.k8s.io

		---

		apiVersion: apps/v1
		kind: DaemonSet
		metadata:
		name: port-proxy
		namespace: kube-system
		labels:
		app: port-proxy
		spec:
		selector:
		matchLabels:
		name: port-proxy

		template:
		metadata:
		labels:
		name: port-proxy

		spec:
		serviceAccountName: port-proxy
		hostNetwork: true
		dnsPolicy: ClusterFirstWithHostNet

		containers:
		- name: port-proxy
		args: [monitor, --monitor-url=http://127.0.0.1:8000/healthz]
		image: docker.kodo.org.uk/kodo.org.uk/port-proxy:latest