From d18e9cf56f69bf01c61178df47806488e96793c8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Lucas=20K=C3=A4ldstr=C3=B6m?= Date: Tue, 14 Feb 2017 18:15:19 +0200 Subject: [PATCH] Add weave-kube DaemonSet that can be used with k8s version v1.6 --- prog/weave-kube/weave-daemonset-k8s-HEAD.yaml | 126 ++++++++++++++++++ 1 file changed, 126 insertions(+) create mode 100644 prog/weave-kube/weave-daemonset-k8s-HEAD.yaml diff --git a/prog/weave-kube/weave-daemonset-k8s-HEAD.yaml b/prog/weave-kube/weave-daemonset-k8s-HEAD.yaml new file mode 100644 index 0000000000..0433982abb --- /dev/null +++ b/prog/weave-kube/weave-daemonset-k8s-HEAD.yaml @@ -0,0 +1,126 @@ +# +# WARNING: This YAML file applies to Kubernetes at HEAD (currently around v1.6.0-alpha.2) +# +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1beta1 +metadata: + name: weave-net +rules: +- apiGroups: + - "" + resources: + - pods + - namespaces + - nodes + verbs: + - get + - list + - watch +- apiGroups: + - extensions + resources: + - networkpolicies + verbs: + - get + - list + - watch +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: weave-net + namespace: kube-system +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1beta1 +metadata: + name: weave-net +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: weave-net +subjects: +- kind: ServiceAccount + name: weave-net + namespace: kube-system +--- +apiVersion: extensions/v1beta1 +kind: DaemonSet +metadata: + name: weave-net + namespace: kube-system +spec: + template: + metadata: + labels: + name: weave-net + annotations: + # TODO: Move this field to the Tolerations property of PodSpec once it's possible + scheduler.alpha.kubernetes.io/tolerations: | + [ + { + "key": "dedicated", + "operator": "Equal", + "value": "master", + "effect": "NoSchedule" + } + ] + spec: + hostNetwork: true + hostPID: true + containers: + - name: weave + image: weaveworks/weave-kube:latest + imagePullPolicy: Always + command: + - /home/weave/launch.sh + livenessProbe: + initialDelaySeconds: 30 + httpGet: + host: 127.0.0.1 + path: /status + port: 6784 + securityContext: + privileged: true + volumeMounts: + - name: weavedb + mountPath: /weavedb + - name: cni-bin + mountPath: /host/opt + - name: cni-bin2 + mountPath: /host/home + - name: cni-conf + mountPath: /host/etc + - name: dbus + mountPath: /host/var/lib/dbus + resources: + requests: + cpu: 10m + - name: weave-npc + image: weaveworks/weave-npc:latest + imagePullPolicy: Always + resources: + requests: + cpu: 10m + securityContext: + privileged: true + restartPolicy: Always + serviceAccountName: weave-net + securityContext: + seLinuxOptions: + type: spc_t + volumes: + - name: weavedb + emptyDir: {} + - name: cni-bin + hostPath: + path: /opt + - name: cni-bin2 + hostPath: + path: /home + - name: cni-conf + hostPath: + path: /etc + - name: dbus + hostPath: + path: /var/lib/dbus