-
Notifications
You must be signed in to change notification settings - Fork 0
/
mkyaml.sh
executable file
·79 lines (79 loc) · 1.87 KB
/
mkyaml.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
#!/bin/bash
cat << EOF
$(kubectl create configmap nsfdsuds-scripts --from-file=scripts --dry-run=client -o yaml)
---
apiVersion: v1
kind: ConfigMap
metadata:
name: nsfdsuds-env
data:
EXCLUDEDIR: "/exclude"
INITFILE: "/exclude/scripts/init.sh"
LOWERDIR: "/exclude/lowerdir"
NEWROOT: "/exclude/newroot"
NSENTER: "/exclude/scripts/nsenter.sh"
NSFDSUDS: "/nsfdsuds"
OVERLAYDIR: "/exclude/overlay"
READYFILE: "/ready"
REMOUNTFILE: "/exclude/scripts/remount.sh"
SETUPFILE: "/exclude/scripts/overlay.sh"
SOCKETFILE: "/exclude/shared/nsfdsuds.socket"
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: nsfdsuds
spec:
replicas: 1
selector:
matchLabels:
app: nsfdsuds
serviceName: nsfdsuds
template:
metadata:
labels:
app: nsfdsuds
spec:
containers:
- command:
- /exclude/scripts/priv.sh
envFrom:
- configMapRef:
name: nsfdsuds-env
image: synthetel/busybox-nsfdsuds
name: busybox-priv
resources: {}
securityContext:
privileged: true
volumeMounts:
- mountPath: /exclude/scripts
name: scripts
readOnly: true
- mountPath: /exclude/shared
name: shared
- command:
- /exclude/scripts/nonpriv.sh
envFrom:
- configMapRef:
name: nsfdsuds-env
image: synthetel/busybox-nsfdsuds
name: busybox-nonpriv
resources: {}
volumeMounts:
- mountPath: /exclude/overlay
name: overlay
- mountPath: /exclude/scripts
name: scripts
readOnly: true
- mountPath: /exclude/shared
name: shared
volumes:
- emptyDir: {}
name: overlay
- configMap:
name: nsfdsuds-scripts
defaultMode: 0777
name: scripts
- emptyDir: {}
name: shared
EOF