From e4fcef094ef227adeb8248669eedf2787c9246eb Mon Sep 17 00:00:00 2001 From: Achintha Gunasekara Date: Mon, 25 Mar 2019 11:26:22 +1100 Subject: [PATCH] Cleaning up examples for AWS --- .../cluster-autoscaler-autodiscover.yaml | 85 ++++++++++-------- .../cluster-autoscaler-multi-asg.yaml | 81 +++++++++-------- .../examples/cluster-autoscaler-one-asg.yaml | 81 +++++++++-------- .../cluster-autoscaler-run-on-master.yaml | 89 ++++++++++--------- 4 files changed, 179 insertions(+), 157 deletions(-) diff --git a/cluster-autoscaler/cloudprovider/aws/examples/cluster-autoscaler-autodiscover.yaml b/cluster-autoscaler/cloudprovider/aws/examples/cluster-autoscaler-autodiscover.yaml index 194d7cb19c8f..e84e7f5ae24f 100644 --- a/cluster-autoscaler/cloudprovider/aws/examples/cluster-autoscaler-autodiscover.yaml +++ b/cluster-autoscaler/cloudprovider/aws/examples/cluster-autoscaler-autodiscover.yaml @@ -16,37 +16,42 @@ metadata: k8s-addon: cluster-autoscaler.addons.k8s.io k8s-app: cluster-autoscaler rules: -- apiGroups: [""] - resources: ["events","endpoints"] - verbs: ["create", "patch"] -- apiGroups: [""] - resources: ["pods/eviction"] - verbs: ["create"] -- apiGroups: [""] - resources: ["pods/status"] - verbs: ["update"] -- apiGroups: [""] - resources: ["endpoints"] - resourceNames: ["cluster-autoscaler"] - verbs: ["get","update"] -- apiGroups: [""] - resources: ["nodes"] - verbs: ["watch","list","get","update"] -- apiGroups: [""] - resources: ["pods","services","replicationcontrollers","persistentvolumeclaims","persistentvolumes"] - verbs: ["watch","list","get"] -- apiGroups: ["extensions"] - resources: ["replicasets","daemonsets"] - verbs: ["watch","list","get"] -- apiGroups: ["policy"] - resources: ["poddisruptionbudgets"] - verbs: ["watch","list"] -- apiGroups: ["apps"] - resources: ["statefulsets", "replicasets", "daemonsets"] - verbs: ["watch","list","get"] -- apiGroups: ["storage.k8s.io"] - resources: ["storageclasses"] - verbs: ["watch","list","get"] + - apiGroups: [""] + resources: ["events", "endpoints"] + verbs: ["create", "patch"] + - apiGroups: [""] + resources: ["pods/eviction"] + verbs: ["create"] + - apiGroups: [""] + resources: ["pods/status"] + verbs: ["update"] + - apiGroups: [""] + resources: ["endpoints"] + resourceNames: ["cluster-autoscaler"] + verbs: ["get", "update"] + - apiGroups: [""] + resources: ["nodes"] + verbs: ["watch", "list", "get", "update"] + - apiGroups: [""] + resources: + - "pods" + - "services" + - "replicationcontrollers" + - "persistentvolumeclaims" + - "persistentvolumes" + verbs: ["watch", "list", "get"] + - apiGroups: ["extensions"] + resources: ["replicasets", "daemonsets"] + verbs: ["watch", "list", "get"] + - apiGroups: ["policy"] + resources: ["poddisruptionbudgets"] + verbs: ["watch", "list"] + - apiGroups: ["apps"] + resources: ["statefulsets", "replicasets", "daemonsets"] + verbs: ["watch", "list", "get"] + - apiGroups: ["storage.k8s.io"] + resources: ["storageclasses"] + verbs: ["watch", "list", "get"] --- apiVersion: rbac.authorization.k8s.io/v1 @@ -58,13 +63,13 @@ metadata: k8s-addon: cluster-autoscaler.addons.k8s.io k8s-app: cluster-autoscaler rules: -- apiGroups: [""] - resources: ["configmaps"] - verbs: ["create"] -- apiGroups: [""] - resources: ["configmaps"] - resourceNames: ["cluster-autoscaler-status"] - verbs: ["delete","get","update"] + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["create"] + - apiGroups: [""] + resources: ["configmaps"] + resourceNames: ["cluster-autoscaler-status"] + verbs: ["delete", "get", "update"] --- apiVersion: rbac.authorization.k8s.io/v1 @@ -137,7 +142,9 @@ spec: - --cloud-provider=aws - --skip-nodes-with-local-storage=false - --expander=least-waste - - --node-group-auto-discovery=asg:tag=k8s.io/cluster-autoscaler/enabled,k8s.io/cluster-autoscaler/ + - >- + --node-group-auto-discovery=asg:tag=k8s.io/cluster-autoscaler/enabled, + k8s.io/cluster-autoscaler/ volumeMounts: - name: ssl-certs mountPath: /etc/ssl/certs/ca-certificates.crt diff --git a/cluster-autoscaler/cloudprovider/aws/examples/cluster-autoscaler-multi-asg.yaml b/cluster-autoscaler/cloudprovider/aws/examples/cluster-autoscaler-multi-asg.yaml index 338607da019f..a9fbdc7284ba 100644 --- a/cluster-autoscaler/cloudprovider/aws/examples/cluster-autoscaler-multi-asg.yaml +++ b/cluster-autoscaler/cloudprovider/aws/examples/cluster-autoscaler-multi-asg.yaml @@ -16,37 +16,42 @@ metadata: k8s-addon: cluster-autoscaler.addons.k8s.io k8s-app: cluster-autoscaler rules: -- apiGroups: [""] - resources: ["events","endpoints"] - verbs: ["create", "patch"] -- apiGroups: [""] - resources: ["pods/eviction"] - verbs: ["create"] -- apiGroups: [""] - resources: ["pods/status"] - verbs: ["update"] -- apiGroups: [""] - resources: ["endpoints"] - resourceNames: ["cluster-autoscaler"] - verbs: ["get","update"] -- apiGroups: [""] - resources: ["nodes"] - verbs: ["watch","list","get","update"] -- apiGroups: [""] - resources: ["pods","services","replicationcontrollers","persistentvolumeclaims","persistentvolumes"] - verbs: ["watch","list","get"] -- apiGroups: ["extensions"] - resources: ["replicasets","daemonsets"] - verbs: ["watch","list","get"] -- apiGroups: ["policy"] - resources: ["poddisruptionbudgets"] - verbs: ["watch","list"] -- apiGroups: ["apps"] - resources: ["statefulsets", "replicasets", "daemonsets"] - verbs: ["watch","list","get"] -- apiGroups: ["storage.k8s.io"] - resources: ["storageclasses"] - verbs: ["watch","list","get"] + - apiGroups: [""] + resources: ["events", "endpoints"] + verbs: ["create", "patch"] + - apiGroups: [""] + resources: ["pods/eviction"] + verbs: ["create"] + - apiGroups: [""] + resources: ["pods/status"] + verbs: ["update"] + - apiGroups: [""] + resources: ["endpoints"] + resourceNames: ["cluster-autoscaler"] + verbs: ["get", "update"] + - apiGroups: [""] + resources: ["nodes"] + verbs: ["watch", "list", "get", "update"] + - apiGroups: [""] + resources: + - "pods" + - "services" + - "replicationcontrollers" + - "persistentvolumeclaims" + - "persistentvolumes" + verbs: ["watch", "list", "get"] + - apiGroups: ["extensions"] + resources: ["replicasets", "daemonsets"] + verbs: ["watch", "list", "get"] + - apiGroups: ["policy"] + resources: ["poddisruptionbudgets"] + verbs: ["watch", "list"] + - apiGroups: ["apps"] + resources: ["statefulsets", "replicasets", "daemonsets"] + verbs: ["watch", "list", "get"] + - apiGroups: ["storage.k8s.io"] + resources: ["storageclasses"] + verbs: ["watch", "list", "get"] --- apiVersion: rbac.authorization.k8s.io/v1 @@ -58,13 +63,13 @@ metadata: k8s-addon: cluster-autoscaler.addons.k8s.io k8s-app: cluster-autoscaler rules: -- apiGroups: [""] - resources: ["configmaps"] - verbs: ["create"] -- apiGroups: [""] - resources: ["configmaps"] - resourceNames: ["cluster-autoscaler-status"] - verbs: ["delete","get","update"] + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["create"] + - apiGroups: [""] + resources: ["configmaps"] + resourceNames: ["cluster-autoscaler-status"] + verbs: ["delete", "get", "update"] --- apiVersion: rbac.authorization.k8s.io/v1 diff --git a/cluster-autoscaler/cloudprovider/aws/examples/cluster-autoscaler-one-asg.yaml b/cluster-autoscaler/cloudprovider/aws/examples/cluster-autoscaler-one-asg.yaml index 27be4704f62f..461bbc704beb 100644 --- a/cluster-autoscaler/cloudprovider/aws/examples/cluster-autoscaler-one-asg.yaml +++ b/cluster-autoscaler/cloudprovider/aws/examples/cluster-autoscaler-one-asg.yaml @@ -16,37 +16,42 @@ metadata: k8s-addon: cluster-autoscaler.addons.k8s.io k8s-app: cluster-autoscaler rules: -- apiGroups: [""] - resources: ["events","endpoints"] - verbs: ["create", "patch"] -- apiGroups: [""] - resources: ["pods/eviction"] - verbs: ["create"] -- apiGroups: [""] - resources: ["pods/status"] - verbs: ["update"] -- apiGroups: [""] - resources: ["endpoints"] - resourceNames: ["cluster-autoscaler"] - verbs: ["get","update"] -- apiGroups: [""] - resources: ["nodes"] - verbs: ["watch","list","get","update"] -- apiGroups: [""] - resources: ["pods","services","replicationcontrollers","persistentvolumeclaims","persistentvolumes"] - verbs: ["watch","list","get"] -- apiGroups: ["extensions"] - resources: ["replicasets","daemonsets"] - verbs: ["watch","list","get"] -- apiGroups: ["policy"] - resources: ["poddisruptionbudgets"] - verbs: ["watch","list"] -- apiGroups: ["apps"] - resources: ["statefulsets", "replicasets", "daemonsets"] - verbs: ["watch","list","get"] -- apiGroups: ["storage.k8s.io"] - resources: ["storageclasses"] - verbs: ["watch","list","get"] + - apiGroups: [""] + resources: ["events", "endpoints"] + verbs: ["create", "patch"] + - apiGroups: [""] + resources: ["pods/eviction"] + verbs: ["create"] + - apiGroups: [""] + resources: ["pods/status"] + verbs: ["update"] + - apiGroups: [""] + resources: ["endpoints"] + resourceNames: ["cluster-autoscaler"] + verbs: ["get", "update"] + - apiGroups: [""] + resources: ["nodes"] + verbs: ["watch", "list", "get", "update"] + - apiGroups: [""] + resources: + - "pods" + - "services" + - "replicationcontrollers" + - "persistentvolumeclaims" + - "persistentvolumes" + verbs: ["watch", "list", "get"] + - apiGroups: ["extensions"] + resources: ["replicasets", "daemonsets"] + verbs: ["watch", "list", "get"] + - apiGroups: ["policy"] + resources: ["poddisruptionbudgets"] + verbs: ["watch", "list"] + - apiGroups: ["apps"] + resources: ["statefulsets", "replicasets", "daemonsets"] + verbs: ["watch", "list", "get"] + - apiGroups: ["storage.k8s.io"] + resources: ["storageclasses"] + verbs: ["watch", "list", "get"] --- apiVersion: rbac.authorization.k8s.io/v1 @@ -58,13 +63,13 @@ metadata: k8s-addon: cluster-autoscaler.addons.k8s.io k8s-app: cluster-autoscaler rules: -- apiGroups: [""] - resources: ["configmaps"] - verbs: ["create"] -- apiGroups: [""] - resources: ["configmaps"] - resourceNames: ["cluster-autoscaler-status"] - verbs: ["delete","get","update"] + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["create"] + - apiGroups: [""] + resources: ["configmaps"] + resourceNames: ["cluster-autoscaler-status"] + verbs: ["delete", "get", "update"] --- apiVersion: rbac.authorization.k8s.io/v1 diff --git a/cluster-autoscaler/cloudprovider/aws/examples/cluster-autoscaler-run-on-master.yaml b/cluster-autoscaler/cloudprovider/aws/examples/cluster-autoscaler-run-on-master.yaml index ed02bf2c3735..27c714cc8b38 100644 --- a/cluster-autoscaler/cloudprovider/aws/examples/cluster-autoscaler-run-on-master.yaml +++ b/cluster-autoscaler/cloudprovider/aws/examples/cluster-autoscaler-run-on-master.yaml @@ -16,37 +16,42 @@ metadata: k8s-addon: cluster-autoscaler.addons.k8s.io k8s-app: cluster-autoscaler rules: -- apiGroups: [""] - resources: ["events","endpoints"] - verbs: ["create", "patch"] -- apiGroups: [""] - resources: ["pods/eviction"] - verbs: ["create"] -- apiGroups: [""] - resources: ["pods/status"] - verbs: ["update"] -- apiGroups: [""] - resources: ["endpoints"] - resourceNames: ["cluster-autoscaler"] - verbs: ["get","update"] -- apiGroups: [""] - resources: ["nodes"] - verbs: ["watch","list","get","update"] -- apiGroups: [""] - resources: ["pods","services","replicationcontrollers","persistentvolumeclaims","persistentvolumes"] - verbs: ["watch","list","get"] -- apiGroups: ["extensions"] - resources: ["replicasets","daemonsets"] - verbs: ["watch","list","get"] -- apiGroups: ["policy"] - resources: ["poddisruptionbudgets"] - verbs: ["watch","list"] -- apiGroups: ["apps"] - resources: ["statefulsets", "replicasets", "daemonsets"] - verbs: ["watch","list","get"] -- apiGroups: ["storage.k8s.io"] - resources: ["storageclasses"] - verbs: ["watch","list","get"] + - apiGroups: [""] + resources: ["events", "endpoints"] + verbs: ["create", "patch"] + - apiGroups: [""] + resources: ["pods/eviction"] + verbs: ["create"] + - apiGroups: [""] + resources: ["pods/status"] + verbs: ["update"] + - apiGroups: [""] + resources: ["endpoints"] + resourceNames: ["cluster-autoscaler"] + verbs: ["get", "update"] + - apiGroups: [""] + resources: ["nodes"] + verbs: ["watch", "list", "get", "update"] + - apiGroups: [""] + resources: + - "pods" + - "services" + - "replicationcontrollers" + - "persistentvolumeclaims" + - "persistentvolumes" + verbs: ["watch", "list", "get"] + - apiGroups: ["extensions"] + resources: ["replicasets", "daemonsets"] + verbs: ["watch", "list", "get"] + - apiGroups: ["policy"] + resources: ["poddisruptionbudgets"] + verbs: ["watch", "list"] + - apiGroups: ["apps"] + resources: ["statefulsets", "replicasets", "daemonsets"] + verbs: ["watch", "list", "get"] + - apiGroups: ["storage.k8s.io"] + resources: ["storageclasses"] + verbs: ["watch", "list", "get"] --- apiVersion: rbac.authorization.k8s.io/v1 @@ -58,13 +63,13 @@ metadata: k8s-addon: cluster-autoscaler.addons.k8s.io k8s-app: cluster-autoscaler rules: -- apiGroups: [""] - resources: ["configmaps"] - verbs: ["create"] -- apiGroups: [""] - resources: ["configmaps"] - resourceNames: ["cluster-autoscaler-status"] - verbs: ["delete","get","update"] + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["create"] + - apiGroups: [""] + resources: ["configmaps"] + resourceNames: ["cluster-autoscaler-status"] + verbs: ["delete", "get", "update"] --- apiVersion: rbac.authorization.k8s.io/v1 @@ -121,10 +126,10 @@ spec: spec: serviceAccountName: cluster-autoscaler tolerations: - - effect: NoSchedule - operator: "Equal" - value: "true" - key: node-role.kubernetes.io/master + - effect: NoSchedule + operator: "Equal" + value: "true" + key: node-role.kubernetes.io/master nodeSelector: kubernetes.io/role: master containers: