aafc456527
VolumeGroupSnapshots are still in alpha. This commit adds cmdline args to enable group snapshot webhooks while keeping it disbaled by default. Signed-off-by: Rakshith R <rakshith.r.0001@gmail.com>
52 lines
1.7 KiB
YAML
52 lines
1.7 KiB
YAML
---
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: snapshot-validation-deployment
|
|
namespace: default # NOTE: change the namespace
|
|
labels:
|
|
app.kubernetes.io/name: snapshot-validation
|
|
spec:
|
|
replicas: 3
|
|
selector:
|
|
matchLabels:
|
|
app.kubernetes.io/name: snapshot-validation
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/name: snapshot-validation
|
|
spec:
|
|
serviceAccountName: snapshot-webhook
|
|
containers:
|
|
- name: snapshot-validation
|
|
image: registry.k8s.io/sig-storage/snapshot-validation-webhook:v6.2.1 # change the image if you wish to use your own custom validation server image
|
|
imagePullPolicy: IfNotPresent
|
|
args:
|
|
- '--tls-cert-file=/etc/snapshot-validation-webhook/certs/tls.crt'
|
|
- '--tls-private-key-file=/etc/snapshot-validation-webhook/certs/tls.key'
|
|
# uncomment the following line to enable webhook for VolumeGroupSnapshot, VolumeGroupSnapshotContent and VolumeGroupSnapshotClass.
|
|
# - '--enable-volume-group-snapshot-webhook'
|
|
ports:
|
|
- containerPort: 443 # change the port as needed
|
|
volumeMounts:
|
|
- name: snapshot-validation-webhook-certs
|
|
mountPath: /etc/snapshot-validation-webhook/certs
|
|
readOnly: true
|
|
volumes:
|
|
- name: snapshot-validation-webhook-certs
|
|
secret:
|
|
secretName: snapshot-validation-secret
|
|
---
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
name: snapshot-validation-service
|
|
namespace: default # NOTE: change the namespace
|
|
spec:
|
|
selector:
|
|
app.kubernetes.io/name: snapshot-validation
|
|
ports:
|
|
- protocol: TCP
|
|
port: 443 # Change if needed
|
|
targetPort: 443 # Change if the webserver image expects a different port
|