modify pool-coordinator yaml to remove kubectl container (#1097)

* chore: remove kubectl container and rbac yaml Co-authored-by: donychen1134 <[email protected]>
openyurtio · Dec 9, 2022 · 47ae869 · 47ae869
1 parent fa7880f
commit 47ae869
Show file tree

Hide file tree

Showing 2 changed files with 90 additions and 90 deletions.
diff --git a/charts/openyurt/templates/pool-coordinator.yaml b/charts/openyurt/templates/pool-coordinator.yaml
@@ -36,57 +36,57 @@ spec:
   selector:
     k8s-app: pool-coordinator
 ---
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: pool-coordinator-init-rbac
-  namespace: {{ .Release.Namespace | quote }}
-data:
-  pool-coordinator-init-rbac.yaml: |
-    apiVersion: rbac.authorization.k8s.io/v1
-    kind: ClusterRoleBinding
-    metadata:
-      name: openyurt:pool-coordinator:monitoring
-    roleRef:
-      apiGroup: rbac.authorization.k8s.io
-      kind: ClusterRole
-      name: openyurt:pool-coordinator:monitoring
-    subjects:
-    - apiGroup: rbac.authorization.k8s.io
-      kind: User
-      name: openyurt:pool-coordinator:monitoring
-    ---
-    apiVersion: rbac.authorization.k8s.io/v1
-    kind: ClusterRoleBinding
-    metadata:
-      name: openyurt:pool-coordinator:apiserver
-    roleRef:
-      apiGroup: rbac.authorization.k8s.io
-      kind: ClusterRole
-      name: openyurt:pool-coordinator:apiserver
-    subjects:
-    - apiGroup: rbac.authorization.k8s.io
-      kind: User
-      name: openyurt:pool-coordinator:apiserver
-    ---
-    apiVersion: rbac.authorization.k8s.io/v1
-    kind: ClusterRole
-    metadata:
-      name: openyurt:pool-coordinator:apiserver
-    rules:
-    - apiGroups: [""]
-      resources:  ["pods/attach", "pods/exec", "pods/portforward", "pods/proxy", "pods/log"]
-      verbs: ["get", "list"]
-    ---
-    apiVersion: rbac.authorization.k8s.io/v1
-    kind: ClusterRole
-    metadata:
-      name: openyurt:pool-coordinator:monitoring
-    rules:
-    - apiGroups: [""]
-      resources: [""]
-      verbs: ["get", "list", "watch"]
----
+#apiVersion: v1
+#kind: ConfigMap
+#metadata:
+#  name: pool-coordinator-init-rbac
+#  namespace: {{ .Release.Namespace | quote }}
+#data:
+#  pool-coordinator-init-rbac.yaml: |
+#    apiVersion: rbac.authorization.k8s.io/v1
+#    kind: ClusterRoleBinding
+#    metadata:
+#      name: openyurt:pool-coordinator:monitoring
+#    roleRef:
+#      apiGroup: rbac.authorization.k8s.io
+#      kind: ClusterRole
+#      name: openyurt:pool-coordinator:monitoring
+#    subjects:
+#    - apiGroup: rbac.authorization.k8s.io
+#      kind: User
+#      name: openyurt:pool-coordinator:monitoring
+#    ---
+#    apiVersion: rbac.authorization.k8s.io/v1
+#    kind: ClusterRoleBinding
+#    metadata:
+#      name: openyurt:pool-coordinator:apiserver
+#    roleRef:
+#      apiGroup: rbac.authorization.k8s.io
+#      kind: ClusterRole
+#      name: openyurt:pool-coordinator:apiserver
+#    subjects:
+#    - apiGroup: rbac.authorization.k8s.io
+#      kind: User
+#      name: openyurt:pool-coordinator:apiserver
+#    ---
+#    apiVersion: rbac.authorization.k8s.io/v1
+#    kind: ClusterRole
+#    metadata:
+#      name: openyurt:pool-coordinator:apiserver
+#    rules:
+#    - apiGroups: [""]
+#      resources:  ["pods/attach", "pods/exec", "pods/portforward", "pods/proxy", "pods/log"]
+#      verbs: ["get", "list"]
+#    ---
+#    apiVersion: rbac.authorization.k8s.io/v1
+#    kind: ClusterRole
+#    metadata:
+#      name: openyurt:pool-coordinator:monitoring
+#    rules:
+#    - apiGroups: [""]
+#      resources: [""]
+#      verbs: ["get", "list", "watch"]
+#---
 apiVersion: apps.openyurt.io/v1alpha1
 kind: YurtAppDaemon
 metadata:
@@ -220,32 +220,32 @@ spec:
                     name: etcd-data
                   - mountPath: /etc/kubernetes/pki/etcd
                     name: etcd-certs
-              - image: "{{ .Values.poolCoordinator.kubectlImage.registry }}/{{ .Values.poolCoordinator.kubectlImage.repository }}:{{ .Values.poolCoordinator.kubectlImage.tag }}"
-                imagePullPolicy: {{ .Values.poolCoordinator.apiserverImage.pullPolicy }}
-                {{- if .Values.imagePullSecrets }}
-                imagePullSecrets: {{ toYaml .Values.imagePullSecrets | nindent 8 }}
-                {{- end }}
-                  lifecycle:
-                    postStart:
-                      exec:
-                        command:
-                          - kubectl
-                          - apply
-                          - -f
-                          - /etc/kubernetes/pool-coordinator-init-rbac.yaml
-                  name: kubectl
-                  resources:
-                    {{- toYaml .Values.poolCoordinator.etcdResources | nindent 12 }}
-                  securityContext:
-                    privileged: true
-                  terminationMessagePath: /dev/termination-log
-                  terminationMessagePolicy: File
-                  tty: true
-                  volumeMounts:
-                    - mountPath: /root/.kube/
-                      name: kubeconfig
-                    - mountPath: /etc/kubernetes/pool-coordinator-init-rbac.yaml
-                      name: pool-coordinator-init-rbac
+#              - image: "{{ .Values.poolCoordinator.kubectlImage.registry }}/{{ .Values.poolCoordinator.kubectlImage.repository }}:{{ .Values.poolCoordinator.kubectlImage.tag }}"
+#                imagePullPolicy: {{ .Values.poolCoordinator.apiserverImage.pullPolicy }}
+#                {{- if .Values.imagePullSecrets }}
+#                imagePullSecrets: {{ toYaml .Values.imagePullSecrets | nindent 8 }}
+#                {{- end }}
+#                  lifecycle:
+#                    postStart:
+#                      exec:
+#                        command:
+#                          - kubectl
+#                          - apply
+#                          - -f
+#                          - /etc/kubernetes/pool-coordinator-init-rbac.yaml
+#                  name: kubectl
+#                  resources:
+#                    {{- toYaml .Values.poolCoordinator.etcdResources | nindent 12 }}
+#                  securityContext:
+#                    privileged: true
+#                  terminationMessagePath: /dev/termination-log
+#                  terminationMessagePolicy: File
+#                  tty: true
+#                  volumeMounts:
+#                    - mountPath: /root/.kube/
+#                      name: kubeconfig
+#                    - mountPath: /etc/kubernetes/pool-coordinator-init-rbac.yaml
+#                      name: pool-coordinator-init-rbac
             dnsPolicy: ClusterFirst
             enableServiceLinks: true
             hostNetwork: true
@@ -273,10 +273,10 @@ spec:
                   secretName: pool-coordinator-etcd-certs
                   defaultMode: 420
                 name: etcd-certs
-              - secret:
-                  secretName: pool-coordinator-self-kubeconfig
-                  defaultMode: 420
-                name: kubeconfig
-              - configMap:
-                  name: pool-coordinator-init-rbac
-                name: pool-coordinator-init-rbac
+#              - secret:
+#                  secretName: pool-coordinator-self-kubeconfig
+#                  defaultMode: 420
+#                name: kubeconfig
+#              - configMap:
+#                  name: pool-coordinator-init-rbac
+#                name: pool-coordinator-init-rbac
diff --git a/charts/openyurt/values.yaml b/charts/openyurt/values.yaml
@@ -62,7 +62,7 @@ poolCoordinator:
     registry: docker.io
     repository: google_containers/kube-apiserver
     pullPolicy: IfNotPresent
-    tag: v1.20.0
+    tag: v1.22.0
   apiserverResources:
     requests:
       cpu: 250m
@@ -81,11 +81,11 @@ poolCoordinator:
     requests:
       cpu: 100m
       memory: 256Mi
-  kubectlImage:
-    registry: docker.io
-    repository: viejo/kubectl
-    pullPolicy: IfNotPresent
-    tag: latest
+#  kubectlImage:
+#    registry: docker.io
+#    repository: viejo/kubectl
+#    pullPolicy: IfNotPresent
+#    tag: latest
 
 yurtHub:
   cacheAgents: ""