open-cluster-management/deploy/klusterlet/config/operator/operator.yaml

kind: Deployment
apiVersion: apps/v1
metadata:
  name: klusterlet
  namespace: open-cluster-management
  labels:
    app: klusterlet
spec:
  replicas: 3
  selector:
    matchLabels:
      app: klusterlet
  template:
    metadata:
      annotations:
        target.workload.openshift.io/management: '{"effect": "PreferredDuringScheduling"}'
      labels:
        app: klusterlet
    spec:
      affinity:
        podAntiAffinity:
          preferredDuringSchedulingIgnoredDuringExecution:
          - weight: 70
            podAffinityTerm:
              topologyKey: failure-domain.beta.kubernetes.io/zone
              labelSelector:
                matchExpressions:
                - key: app
                  operator: In
                  values:
                  - klusterlet
          - weight: 30
            podAffinityTerm:
              topologyKey: kubernetes.io/hostname
              labelSelector:
                matchExpressions:
                - key: app
                  operator: In
                  values:
                  - klusterlet
      serviceAccountName: klusterlet
      securityContext:
        runAsNonRoot: true
      containers:
      - name: klusterlet
        image: quay.io/open-cluster-management/registration-operator:latest
        args:
          - "/registration-operator"
          - "klusterlet"
        env:
          - name: POD_NAME
            valueFrom:
              fieldRef:
                fieldPath: metadata.name
        securityContext:
          allowPrivilegeEscalation: false
          capabilities:
            drop:
              - ALL
          privileged: false
          runAsNonRoot: true
          readOnlyRootFilesystem: true
        livenessProbe:
          httpGet:
            path: /healthz
            scheme: HTTPS
            port: 8443
          initialDelaySeconds: 2
          periodSeconds: 10
        readinessProbe:
          httpGet:
            path: /healthz
            scheme: HTTPS
            port: 8443
          initialDelaySeconds: 2
        resources:
          requests:
            cpu: 2m
            memory: 16Mi
        volumeMounts:
        - name: tmpdir
          mountPath: /tmp
      volumes:
      - name: tmpdir
        emptyDir: { }

      # Uncomment the following configuration lines to add hostAliases for hub api server, 
      # if the server field in your hub cluster kubeconfig is a domain name instead of an ipv4 address.
      # For example, https://xxx.yyy.zzz.
      # hostAliases:
      # - hostnames:
        # set the target hostname
        # - xxx.yyy.zzz 
        # set the target ipv4 address
        # ip: 1.2.3.4