AB#2394 Change KMS to be deployed as DaemonSet (#69)

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-10-01 01:36:09 -04:00 · 2022-09-05 10:22:40 +02:00 · 2022-09-05 10:22:40 +02:00 · f8c01a0298
commit f8c01a0298
parent 71fb62fe31
1 changed files with 7 additions and 5 deletions
--- a/bootstrapper/internal/kubernetes/k8sapi/resources/kms.go
+++ b/bootstrapper/internal/kubernetes/k8sapi/resources/kms.go
@ -26,7 +26,7 @@ type kmsDeployment struct {
 	Service            k8s.Service
 	ClusterRole        rbac.ClusterRole
 	ClusterRoleBinding rbac.ClusterRoleBinding
-	Deployment         apps.Deployment
+	Deployment         apps.DaemonSet
 	MasterSecret       k8s.Secret
 }

@ -117,19 +117,21 @@ func NewKMSDeployment(csp string, config KMSConfig) *kmsDeployment {
 				},
 			},
 		},
-		Deployment: apps.Deployment{
+		Deployment: apps.DaemonSet{
 			TypeMeta: meta.TypeMeta{
 				APIVersion: "apps/v1",
-				Kind:       "Deployment",
+				Kind:       "DaemonSet",
 			},
 			ObjectMeta: meta.ObjectMeta{
 				Labels: map[string]string{
-					"k8s-app": "kms",
+					"k8s-app":                       "kms",
+					"component":                     "kms",
+					"kubernetes.io/cluster-service": "true",
 				},
 				Name:      "kms",
 				Namespace: kmsNamespace,
 			},
-			Spec: apps.DeploymentSpec{
+			Spec: apps.DaemonSetSpec{
 				Selector: &meta.LabelSelector{
 					MatchLabels: map[string]string{
 						"k8s-app": "kms",