-
Notifications
You must be signed in to change notification settings - Fork 2
/
linstor-scheduler.yaml
175 lines (174 loc) · 4.35 KB
/
linstor-scheduler.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
---
apiVersion: v1
kind: ConfigMap
metadata:
name: linstor-scheduler
namespace: kube-system
data:
scheduler-config.yaml: |-
apiVersion: kubescheduler.config.k8s.io/v1beta3
kind: KubeSchedulerConfiguration
profiles:
- schedulerName: linstor
extenders:
- urlPrefix: http://localhost:8099
filterVerb: filter
prioritizeVerb: prioritize
weight: 5
enableHTTPS: false
httpTimeout: 300000s
nodeCacheCapable: false
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: linstor-scheduler
namespace: kube-system
spec:
replicas: 2
selector:
matchLabels:
app.kubernetes.io/name: linstor-scheduler
template:
metadata:
labels:
app.kubernetes.io/name: linstor-scheduler
spec:
containers:
- name: kube-scheduler
command:
- kube-scheduler
- --config=/etc/kubernetes/scheduler-config.yaml
- --leader-elect=true
- --leader-elect-resource-name=linstor-scheduler
- --leader-elect-resource-namespace=$(NAMESPACE)
env:
- name: NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
image: registry.k8s.io/kube-scheduler-amd64:v1.23.3
imagePullPolicy: IfNotPresent
startupProbe:
failureThreshold: 24
httpGet:
path: /healthz
port: 10259
scheme: HTTPS
livenessProbe:
failureThreshold: 8
httpGet:
path: /healthz
port: 10259
scheme: HTTPS
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 15
readinessProbe:
httpGet:
path: /healthz
port: 10259
scheme: HTTPS
volumeMounts:
- mountPath: /etc/kubernetes
name: scheduler-config
- name: linstor-scheduler-extender
image: quay.io/piraeusdatastore/linstor-scheduler-extender:v0.3.2
imagePullPolicy: IfNotPresent
args:
- --verbose=true
env:
- name: LS_CONTROLLERS
value: http://piraeus-op-cs.default.svc
serviceAccountName: linstor-scheduler
securityContext:
runAsUser: 1000
runAsGroup: 1000
fsGroup: 1000
volumes:
- configMap:
defaultMode: 420
name: linstor-scheduler
name: scheduler-config
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- topologyKey: kubernetes.io/hostname
labelSelector:
matchLabels:
app.kubernetes.io/name: linstor-scheduler
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: linstor-scheduler
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: linstor-scheduler
namespace: kube-system
rules:
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- create
- get
- update
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: linstor-scheduler-kube-scheduler
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: system:kube-scheduler
subjects:
- kind: ServiceAccount
name: linstor-scheduler
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: linstor-scheduler-volume-scheduler
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: system:volume-scheduler
subjects:
- kind: ServiceAccount
name: linstor-scheduler
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: linstor-scheduler
namespace: kube-system
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: linstor-scheduler
subjects:
- kind: ServiceAccount
name: linstor-scheduler
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: linstor-scheduler-extension-apiserver-authentication-reader
namespace: kube-system
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: extension-apiserver-authentication-reader
subjects:
- kind: ServiceAccount
name: linstor-scheduler
namespace: kube-system