apiVersion: v1 kind: Namespace metadata: labels: author: 2ALCHESMISTS-SAS control-plane: kb-kubernetes-operator name: krossboard --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: (devel) creationTimestamp: null labels: author: 2ALCHESMISTS-SAS name: krossboards.krossboard.krossboard.app spec: group: krossboard.krossboard.app names: kind: Krossboard listKind: KrossboardList plural: krossboards singular: krossboard scope: Namespaced versions: - name: v1alpha1 schema: openAPIV3Schema: description: Krossboard is the Schema for the krossboards API properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: description: KrossboardSpec defines the desired state of Krossboard properties: koaImage: default: rchakode/kube-opex-analytics:latest description: KoaImage sets the image of kube-opex-analytics type: string krossboardDataProcessorImage: default: krossboard/krossboard-data-processor:latest description: KrossboardDataProcessorImage sets the image of Krossboard Data Processor type: string krossboardPersistentVolumeClaim: default: krossboard/krossboard-data-pvc description: KrossboardPersistentVolumeClaim sets the name of the persitent volume used for data type: string krossboardSecretName: default: krossboard-secrets description: KrossboardSecretName is the name of the secret map for Krossbaord type: string krossboardUIImage: default: krossboard/krossboard-ui:latest description: KrossboardUIImage sets Krossboard UI image type: string useGKEIdentity: default: false description: useGKEIdentity uses relying on GCP Workload Identity to get GKE credentials type: boolean type: object status: description: KrossboardStatus defines the observed state of Krossboard properties: kbComponentInstances: items: description: KbComponentInstance defines a the state of a Krossboard component instance properties: containerPort: format: int64 type: integer name: type: string type: object type: array koaInstances: description: KoaInstances contains a list of kube-opex-analytics instances items: description: KoaInstance defines a state of a kube-opex-analytics instance properties: clusterEndpoint: type: string clusterName: type: string containerPort: format: int64 type: integer name: type: string type: object type: array required: - kbComponentInstances - koaInstances type: object type: object served: true storage: true subresources: status: {} --- apiVersion: v1 kind: ServiceAccount metadata: labels: author: 2ALCHESMISTS-SAS name: krossboard-kb-kubernetes-operator namespace: krossboard --- apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: labels: author: 2ALCHESMISTS-SAS name: krossboard-leader-election-role namespace: krossboard rules: - apiGroups: - "" resources: - configmaps verbs: - get - list - watch - create - update - patch - delete - apiGroups: - coordination.k8s.io resources: - leases verbs: - get - list - watch - create - update - patch - delete - apiGroups: - "" resources: - events verbs: - create - patch --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: creationTimestamp: null labels: author: 2ALCHESMISTS-SAS name: krossboard-kb-kubernetes-operator-role rules: - apiGroups: - apps resources: - deployments verbs: - create - delete - get - list - patch - update - watch - apiGroups: - "" resources: - pods verbs: - get - list - watch - apiGroups: - "" resources: - secrets verbs: - get - list - watch - apiGroups: - krossboard.krossboard.app resources: - krossboards verbs: - create - delete - get - list - patch - update - watch - apiGroups: - krossboard.krossboard.app resources: - krossboards/finalizers verbs: - update - apiGroups: - krossboard.krossboard.app resources: - krossboards/status verbs: - get - patch - update --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: labels: author: 2ALCHESMISTS-SAS name: krossboard-metrics-reader rules: - nonResourceURLs: - /metrics verbs: - get --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: labels: author: 2ALCHESMISTS-SAS name: krossboard-proxy-role rules: - apiGroups: - authentication.k8s.io resources: - tokenreviews verbs: - create - apiGroups: - authorization.k8s.io resources: - subjectaccessreviews verbs: - create --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: labels: author: 2ALCHESMISTS-SAS name: krossboard-kb-kubernetes-operator-rolebinding namespace: krossboard roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: krossboard-kb-kubernetes-operator-role subjects: - kind: ServiceAccount name: krossboard-kb-kubernetes-operator namespace: krossboard --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: labels: author: 2ALCHESMISTS-SAS name: krossboard-leader-election-rolebinding namespace: krossboard roleRef: apiGroup: rbac.authorization.k8s.io kind: Role name: krossboard-leader-election-role subjects: - kind: ServiceAccount name: krossboard-kb-kubernetes-operator namespace: krossboard --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: labels: author: 2ALCHESMISTS-SAS name: krossboard-proxy-rolebinding roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: krossboard-proxy-role subjects: - kind: ServiceAccount name: krossboard-kb-kubernetes-operator namespace: krossboard --- apiVersion: v1 data: controller_manager_config.yaml: | apiVersion: controller-runtime.sigs.k8s.io/v1alpha1 kind: ControllerManagerConfig health: healthProbeBindAddress: :8081 metrics: bindAddress: 127.0.0.1:8080 webhook: port: 9443 leaderElection: leaderElect: true resourceName: 85261257.krossboard.app kind: ConfigMap metadata: labels: author: 2ALCHESMISTS-SAS name: krossboard-manager-config namespace: krossboard --- apiVersion: v1 kind: Service metadata: labels: author: 2ALCHESMISTS-SAS control-plane: kb-kubernetes-operator name: krossboard-kb-kubernetes-operator-metrics-service namespace: krossboard spec: ports: - name: https port: 8443 protocol: TCP targetPort: https selector: author: 2ALCHESMISTS-SAS control-plane: kb-kubernetes-operator --- apiVersion: apps/v1 kind: Deployment metadata: labels: author: 2ALCHESMISTS-SAS control-plane: kb-kubernetes-operator name: krossboard-kb-kubernetes-operator namespace: krossboard spec: replicas: 1 selector: matchLabels: author: 2ALCHESMISTS-SAS control-plane: kb-kubernetes-operator template: metadata: annotations: kubectl.kubernetes.io/default-container: manager labels: author: 2ALCHESMISTS-SAS control-plane: kb-kubernetes-operator spec: containers: - args: - --secure-listen-address=0.0.0.0:8443 - --upstream=http://127.0.0.1:8080/ - --logtostderr=true - --v=0 image: gcr.io/kubebuilder/kube-rbac-proxy:v0.8.0 name: kube-rbac-proxy ports: - containerPort: 8443 name: https protocol: TCP resources: limits: cpu: 500m memory: 128Mi requests: cpu: 5m memory: 64Mi - args: - --health-probe-bind-address=:8081 - --metrics-bind-address=127.0.0.1:8080 - --leader-elect command: - /manager image: krossboard/krossboard-kubernetes-operator:0.1.0 livenessProbe: httpGet: path: /healthz port: 8081 initialDelaySeconds: 15 periodSeconds: 20 name: manager readinessProbe: httpGet: path: /readyz port: 8081 initialDelaySeconds: 5 periodSeconds: 10 resources: limits: cpu: 500m memory: 128Mi requests: cpu: 10m memory: 64Mi securityContext: allowPrivilegeEscalation: false securityContext: runAsNonRoot: true serviceAccountName: krossboard-kb-kubernetes-operator terminationGracePeriodSeconds: 10