Page MenuHomePhabricator
Paste P15078

debug-namespace.yaml
ActivePublic
Actions

Authored by JMeybohm on Mar 24 2021, 3:46 PM.
Tags
Referenced Files
F34185598: debug-namespace.yaml
Mar 24 2021, 3:46 PM
Subscribers
None
apiVersion: v1
kind: Namespace
metadata:
name: jayme
annotations:
net.beta.kubernetes.io/network-policy: '{"ingress":{"isolation":"DefaultDeny"}}'
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: tiller
namespace: jayme
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: tiller
namespace: jayme
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: tiller
subjects:
- kind: ServiceAccount
name: tiller
namespace: jayme
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: allow-restricted-psp
namespace: jayme
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: allow-restricted-psp
subjects:
- apiGroup: rbac.authorization.k8s.io
kind: Group
name: system:serviceaccounts:jayme
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: tiller
namespace: jayme
spec:
progressDeadlineSeconds: 600
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
app: helm
name: tiller
strategy:
rollingUpdate:
maxSurge: 1
maxUnavailable: 1
type: RollingUpdate
template:
metadata:
labels:
app: helm
name: tiller
spec:
containers:
- env:
- name: TILLER_NAMESPACE
value: jayme
- name: TILLER_HISTORY_MAX
value: "0"
- name: KUBERNETES_SERVICE_HOST
value: kubernetes.default.svc.cluster.local
- name: KUBERNETES_SERVICE_PORT
value: "443"
image: docker-registry.discovery.wmnet/tiller:2.16.7-3
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 3
httpGet:
path: /liveness
port: 44135
scheme: HTTP
initialDelaySeconds: 1
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
name: tiller
ports:
- containerPort: 44134
name: tiller
protocol: TCP
- containerPort: 44135
name: http
protocol: TCP
readinessProbe:
failureThreshold: 3
httpGet:
path: /readiness
port: 44135
scheme: HTTP
initialDelaySeconds: 1
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
dnsPolicy: ClusterFirst
restartPolicy: Always
schedulerName: default-scheduler
serviceAccount: tiller
serviceAccountName: tiller
terminationGracePeriodSeconds: 30
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL