constellation/cli/internal/helm/charts/edgeless/kms/templates/daemonset.yaml

64 lines
1.7 KiB
YAML
Raw Normal View History

apiVersion: apps/v1
kind: DaemonSet
metadata:
labels:
component: kms
k8s-app: kms
kubernetes.io/cluster-service: "true"
name: kms
namespace: {{ .Values.namespace }}
spec:
selector:
matchLabels:
k8s-app: kms
template:
metadata:
labels:
k8s-app: kms
spec:
containers:
- args:
- --port={{ .Values.kmsPort }}
image: {{ .Values.kmsImage }}
name: kms
resources: {}
volumeMounts:
- mountPath: {{ .Values.serviceBasePath }}
name: config
readOnly: true
nodeSelector:
node-role.kubernetes.io/control-plane: ""
priorityClassName: system-cluster-critical
serviceAccountName: kms
tolerations:
- key: CriticalAddonsOnly
operator: Exists
- effect: NoSchedule
key: node-role.kubernetes.io/master
operator: Equal
value: "true"
- effect: NoSchedule
key: node-role.kubernetes.io/control-plane
operator: Exists
- effect: NoExecute
operator: Exists
- effect: NoSchedule
operator: Exists
volumes:
- name: config
projected:
sources:
- configMap:
items:
- key: {{ .Values.measurementsFilename }}
path: {{ .Values.measurementsFilename }}
name: {{ .Values.joinConfigCMName }}
- secret:
items:
- key: {{ .Values.masterSecretKeyName }}
path: {{ .Values.masterSecretKeyName }}
- key: {{ .Values.saltKeyName }}
path: {{ .Values.saltKeyName }}
name: {{ .Values.masterSecretName }}
updateStrategy: {}