apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRole
metadata:
  name: swift
  labels:
    app: swift
rules:
- apiGroups: [""]
  resources: ["services"]
  verbs: ["list"]
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
  name: swift
  labels:
    app: swift
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: swift
subjects:
- kind: ServiceAccount
  name: swift
  namespace: kube-system
---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: swift
  namespace: kube-system
  labels:
    app: swift
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  labels:
    app: swift
  name: swift
  namespace: kube-system
spec:
  template:
    metadata:
      labels:
        app: swift
    spec:
      serviceAccountName: swift
      containers:
      - args:
        - run
        - --v=3
        - --connector=incluster
        image: appscode/swift:0.4.0
        imagePullPolicy: Always
        name: swift
        ports:
        - containerPort: 9855
          name: pt
          protocol: TCP
        - containerPort: 50055
          name: tls
          protocol: TCP
        - containerPort: 56790
          name: web
          protocol: TCP
        volumeMounts:
            - mountPath: /tmp
              name: chart-volume
      volumes:
        - name: chart-volume
          emptyDir: {}
---
apiVersion: v1
kind: Service
metadata:
  name: swift
  namespace: kube-system
  labels:
    app: swift
spec:
  ports:
  - name: pt
    port: 9855
    targetPort: pt
  - name: tls
    port: 50055
    targetPort: web
  - name: web
    port: 56790
    targetPort: web
  selector:
    app: swift