mirror of
https://github.com/clastix/kamaji.git
synced 2026-02-14 18:10:03 +00:00
38652260b5
- Fixes a deployment issue with CD tools like ArgoCD. - apiVersion and kind not set in source, causing drift. - Ensures consistent state across deployments. Signed-off-by: kahirokunn <okinakahiro@gmail.com>
116 lines
3.1 KiB
YAML
116 lines
3.1 KiB
YAML
apiVersion: v1
|
|
kind: ServiceAccount
|
|
metadata:
|
|
name: etcd
|
|
namespace:
|
|
---
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
name: etcd-server
|
|
namespace:
|
|
spec:
|
|
type: ClusterIP
|
|
ports:
|
|
- name: client
|
|
port: 2379
|
|
protocol: TCP
|
|
targetPort: 2379
|
|
selector:
|
|
app: etcd
|
|
---
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
name: etcd
|
|
namespace:
|
|
spec:
|
|
clusterIP: None
|
|
ports:
|
|
- port: 2379
|
|
name: client
|
|
- port: 2380
|
|
name: peer
|
|
selector:
|
|
app: etcd
|
|
---
|
|
apiVersion: apps/v1
|
|
kind: StatefulSet
|
|
metadata:
|
|
name: etcd
|
|
labels:
|
|
app: etcd
|
|
namespace:
|
|
spec:
|
|
serviceName: etcd
|
|
selector:
|
|
matchLabels:
|
|
app: etcd
|
|
replicas: 3
|
|
template:
|
|
metadata:
|
|
name: etcd
|
|
labels:
|
|
app: etcd
|
|
spec:
|
|
serviceAccountName: etcd
|
|
volumes:
|
|
- name: certs
|
|
secret:
|
|
secretName: etcd-certs
|
|
containers:
|
|
- name: etcd
|
|
image: quay.io/coreos/etcd:v3.5.1
|
|
ports:
|
|
- containerPort: 2379
|
|
name: client
|
|
- containerPort: 2380
|
|
name: peer
|
|
volumeMounts:
|
|
- name: data
|
|
mountPath: /var/run/etcd
|
|
- name: certs
|
|
mountPath: /etc/etcd/pki
|
|
command:
|
|
- etcd
|
|
- --data-dir=/var/run/etcd
|
|
- --name=$(POD_NAME)
|
|
- --initial-cluster-state=new
|
|
- --initial-cluster=etcd-0=https://etcd-0.etcd.$(POD_NAMESPACE).svc.cluster.local:2380,etcd-1=https://etcd-1.etcd.$(POD_NAMESPACE).svc.cluster.local:2380,etcd-2=https://etcd-2.etcd.$(POD_NAMESPACE).svc.cluster.local:2380
|
|
- --initial-advertise-peer-urls=https://$(POD_NAME).etcd.$(POD_NAMESPACE).svc.cluster.local:2380
|
|
- --initial-cluster-token=kamaji
|
|
- --listen-client-urls=https://0.0.0.0:2379
|
|
- --advertise-client-urls=https://etcd-0.etcd.$(POD_NAMESPACE).svc.cluster.local:2379,https://etcd-1.etcd.$(POD_NAMESPACE).svc.cluster.local:2379,https://etcd-2.etcd.$(POD_NAMESPACE).svc.cluster.local:2379,https://etcd-server.$(POD_NAMESPACE).svc.cluster.local:2379
|
|
- --client-cert-auth=true
|
|
- --trusted-ca-file=/etc/etcd/pki/ca.crt
|
|
- --cert-file=/etc/etcd/pki/server.pem
|
|
- --key-file=/etc/etcd/pki/server-key.pem
|
|
- --listen-peer-urls=https://0.0.0.0:2380
|
|
- --peer-client-cert-auth=true
|
|
- --peer-trusted-ca-file=/etc/etcd/pki/ca.crt
|
|
- --peer-cert-file=/etc/etcd/pki/peer.pem
|
|
- --peer-key-file=/etc/etcd/pki/peer-key.pem
|
|
- --snapshot-count=8000
|
|
- --auto-compaction-mode=periodic
|
|
- --auto-compaction-retention=5m
|
|
- --quota-backend-bytes=8589934592
|
|
env:
|
|
- name: POD_NAME
|
|
valueFrom:
|
|
fieldRef:
|
|
fieldPath: metadata.name
|
|
- name: POD_NAMESPACE
|
|
valueFrom:
|
|
fieldRef:
|
|
fieldPath: metadata.namespace
|
|
volumeClaimTemplates:
|
|
- apiVersion: v1
|
|
kind: PersistentVolumeClaim
|
|
metadata:
|
|
name: data
|
|
spec:
|
|
accessModes: ["ReadWriteOnce"]
|
|
resources:
|
|
requests:
|
|
storage: 8Gi
|