-
Notifications
You must be signed in to change notification settings - Fork 27
/
Copy pathautoscaler.yaml
85 lines (85 loc) · 2.77 KB
/
autoscaler.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
# In this example a ClusterProfile is created. This ClusterProfile
# references two configMaps. The content of serviceaccount-autoscaler
# will be deployed in the management cluster (deploymentType: Local) while
# the content of the secret-autoscaler ConfigMap will be deployed in
# the managed cluster (deploymentType: Remote).
# templateResourceRef indicates all resources to fetch from the management
# cluster that need to be used to instantiate templates.
# Both ConfigMaps contain templates.
# serviceaccount-autoscaler will create in the management cluster, in the
# cluster namespace a ServiceAccount and a Secret. This very same Secret
# will then be fecthed and used to instantiate the content of the secret-autoscaler
# ConfigMap.
# This essentially will create a ServiceAccount in the management cluster
# for autoscaler. Then pass corresponding token/ca.crt to the managed cluster
# allowing autoscaler running in the managed cluster to reach back to managed
# cluster and scale up/down nodes.
#
# When asking Sveltos to deploy resources in the management cluster, remember
# to add necessary RBACs.
# kubectl edit clusterrole addon-controller-role-extra
apiVersion: config.projectsveltos.io/v1beta1
kind: ClusterProfile
metadata:
name: deploy-resources
spec:
clusterSelector:
matchLabels:
env: prod
templateResourceRefs:
- resource:
kind: Secret
name: autoscaler
identifier: AutoscalerSecret
policyRefs:
- deploymentType: Local
kind: ConfigMap
name: serviceaccount-autoscaler
namespace: default
- deploymentType: Remote
kind: ConfigMap
name: secret-autoscaler
namespace: default
---
apiVersion: v1
kind: ConfigMap
metadata:
name: serviceaccount-autoscaler
namespace: default
annotations:
projectsveltos.io/template: "true"
data:
autoscaler.yaml: |
apiVersion: v1
kind: ServiceAccount
metadata:
name: "{{ .Cluster.metadata.name }}-autoscaler"
namespace: "{{ .Cluster.metadata.namespace }}"
---
# Secret to get serviceAccount token
apiVersion: v1
kind: Secret
metadata:
name: autoscaler
namespace: "{{ .Cluster.metadata.namespace }}"
annotations:
kubernetes.io/service-account.name: "{{ .Cluster.metadata.name }}-autoscaler"
type: kubernetes.io/service-account-token
---
apiVersion: v1
kind: ConfigMap
metadata:
name: secret-autoscaler
namespace: default
annotations:
projectsveltos.io/template: "true"
data:
secret.yaml: |
apiVersion: v1
kind: Secret
metadata:
name: autoscaler
namespace: {{ (index .MgmtResources "AutoscalerSecret").metadata.namespace }}
data:
token: {{ (index .MgmtResources "AutoscalerSecret").data.token }}
ca.crt: {{ $data:=(index .MgmtResources "AutoscalerSecret").data }} {{ (index $data "ca.crt") }}