magic_rb/dotfiles
1
0
Fork 0
mirror of https://git.sr.ht/~magic_rb/dotfiles synced 2024-12-04 05:56:14 +01:00
Code Issues Packages Projects Releases Wiki Activity
dotfiles/terranix/main/kubernetes/generated/metallb/metallb-system.Deployment.metallb-controller.nix
magic_rb 03b54bd52b
Use helm2nix2terraform to create nix files from helm charts 
Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-04-07 13:24:08 +02:00

121 lines
3.4 KiB
Nix
Raw Blame History

{
apiVersion = "apps/v1";
kind = "Deployment";
metadata = {
labels = {
"app.kubernetes.io/component" = "controller";
"app.kubernetes.io/instance" = "metallb";
"app.kubernetes.io/managed-by" = "Helm";
"app.kubernetes.io/name" = "metallb";
"app.kubernetes.io/version" = "v0.14.3";
"helm.sh/chart" = "metallb-0.14.3";
};
name = "metallb-controller";
namespace = "metallb-system";
};
spec = {
selector = {
matchLabels = {
"app.kubernetes.io/component" = "controller";
"app.kubernetes.io/instance" = "metallb";
"app.kubernetes.io/name" = "metallb";
};
};
strategy = {type = "RollingUpdate";};
template = {
metadata = {
labels = {
"app.kubernetes.io/component" = "controller";
"app.kubernetes.io/instance" = "metallb";
"app.kubernetes.io/name" = "metallb";
};
};
spec = {
containers = [
{
args = ["--port=7472" "--log-level=info" "--cert-service-name=metallb-webhook-service" "--tls-min-version=VersionTLS12"];
env = [
{
name = "METALLB_ML_SECRET_NAME";
value = "metallb-memberlist";
}
{
name = "METALLB_DEPLOYMENT";
value = "metallb-controller";
}
{
name = "METALLB_BGP_TYPE";
value = "frr";
}
];
image = "quay.io/metallb/controller:v0.14.3";
livenessProbe = {
failureThreshold = 3;
httpGet = {
path = "/metrics";
port = "monitoring";
};
initialDelaySeconds = 10;
periodSeconds = 10;
successThreshold = 1;
timeoutSeconds = 1;
};
name = "controller";
ports = [
{
containerPort = 7472;
name = "monitoring";
}
{
containerPort = 9443;
name = "webhook-server";
protocol = "TCP";
}
];
readinessProbe = {
failureThreshold = 3;
httpGet = {
path = "/metrics";
port = "monitoring";
};
initialDelaySeconds = 10;
periodSeconds = 10;
successThreshold = 1;
timeoutSeconds = 1;
};
securityContext = {
allowPrivilegeEscalation = false;
capabilities = {drop = ["ALL"];};
readOnlyRootFilesystem = true;
};
volumeMounts = [
{
mountPath = "/tmp/k8s-webhook-server/serving-certs";
name = "cert";
readOnly = true;
}
];
}
];
nodeSelector = {"kubernetes.io/os" = "linux";};
securityContext = {
fsGroup = 65534;
runAsNonRoot = true;
runAsUser = 65534;
};
serviceAccountName = "metallb-controller";
terminationGracePeriodSeconds = 0;
volumes = [
{
name = "cert";
secret = {
defaultMode = 420;
secretName = "webhook-server-cert";
};
}
];
};
};
};
}
Reference in a new issue View git blame Copy permalink