107 lines
3.3 KiB
YAML
107 lines
3.3 KiB
YAML
---
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/component: kmm
|
|
app.kubernetes.io/instance: amd-gpu-operator
|
|
app.kubernetes.io/name: kmm
|
|
app.kubernetes.io/part-of: kmm
|
|
app.kubernetes.io/version: v20240618-v2.1.1
|
|
control-plane: webhook-server
|
|
name: amd-gpu-operator-kmm-webhook-server
|
|
namespace: kube-amd-gpu
|
|
spec:
|
|
replicas: 1
|
|
selector:
|
|
matchLabels:
|
|
app.kubernetes.io/component: kmm
|
|
app.kubernetes.io/instance: amd-gpu-operator
|
|
app.kubernetes.io/name: kmm
|
|
app.kubernetes.io/part-of: kmm
|
|
control-plane: webhook-server
|
|
template:
|
|
metadata:
|
|
annotations:
|
|
kubectl.kubernetes.io/default-container: webhook-server
|
|
labels:
|
|
app.kubernetes.io/component: kmm
|
|
app.kubernetes.io/instance: amd-gpu-operator
|
|
app.kubernetes.io/name: kmm
|
|
app.kubernetes.io/part-of: kmm
|
|
control-plane: webhook-server
|
|
spec:
|
|
affinity:
|
|
nodeAffinity:
|
|
preferredDuringSchedulingIgnoredDuringExecution:
|
|
- preference:
|
|
matchExpressions:
|
|
- key: node-role.kubernetes.io/control-plane
|
|
operator: Exists
|
|
weight: 1
|
|
containers:
|
|
- args:
|
|
- --config=controller_config.yaml
|
|
- --enable-module
|
|
- --enable-namespace
|
|
- --enable-preflightvalidation
|
|
env:
|
|
- name: KUBERNETES_CLUSTER_DOMAIN
|
|
value: cluster.local
|
|
image: docker.io/rocm/kernel-module-management-webhook-server@sha256:8b31959473da74e9d94c81c2e529cef74b1c9b19006430f038cfd51bf6bc839e # Original tag: v1.3.0
|
|
imagePullPolicy: Always
|
|
livenessProbe:
|
|
httpGet:
|
|
path: /healthz
|
|
port: 8081
|
|
initialDelaySeconds: 15
|
|
periodSeconds: 20
|
|
name: webhook-server
|
|
ports:
|
|
- containerPort: 9443
|
|
name: webhook-server
|
|
protocol: TCP
|
|
readinessProbe:
|
|
httpGet:
|
|
path: /readyz
|
|
port: 8081
|
|
initialDelaySeconds: 5
|
|
periodSeconds: 10
|
|
resources:
|
|
limits:
|
|
cpu: 500m
|
|
memory: 384Mi
|
|
requests:
|
|
cpu: 10m
|
|
memory: 64Mi
|
|
securityContext:
|
|
allowPrivilegeEscalation: false
|
|
volumeMounts:
|
|
- mountPath: /tmp/k8s-webhook-server/serving-certs
|
|
name: cert
|
|
readOnly: true
|
|
- mountPath: /controller_config.yaml
|
|
name: manager-config
|
|
subPath: controller_config.yaml
|
|
nodeSelector: {}
|
|
securityContext:
|
|
runAsNonRoot: true
|
|
serviceAccountName: amd-gpu-operator-kmm-controller
|
|
terminationGracePeriodSeconds: 10
|
|
tolerations:
|
|
- effect: NoSchedule
|
|
key: node-role.kubernetes.io/master
|
|
operator: Equal
|
|
value: ""
|
|
- effect: NoSchedule
|
|
key: node-role.kubernetes.io/control-plane
|
|
operator: Equal
|
|
value: ""
|
|
volumes:
|
|
- name: cert
|
|
secret:
|
|
defaultMode: 420
|
|
secretName: kmm-operator-webhook-server-cert
|
|
- configMap:
|
|
name: amd-gpu-operator-kmm-manager-config
|
|
name: manager-config |