113 lines
3.9 KiB
YAML
113 lines
3.9 KiB
YAML
---
|
|
# Source: kube-prometheus-stack/charts/kube-prometheus-stack/templates/prometheus-operator/deployment.yaml
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: kube-prometheus-stack-operator
|
|
namespace: kube-prometheus-stack
|
|
labels:
|
|
app.kubernetes.io/managed-by: Helm
|
|
app.kubernetes.io/instance: kube-prometheus-stack
|
|
app.kubernetes.io/version: "79.11.0"
|
|
app.kubernetes.io/part-of: kube-prometheus-stack
|
|
chart: kube-prometheus-stack-79.11.0
|
|
release: "kube-prometheus-stack"
|
|
heritage: "Helm"
|
|
app: kube-prometheus-stack-operator
|
|
app.kubernetes.io/name: kube-prometheus-stack-prometheus-operator
|
|
app.kubernetes.io/component: prometheus-operator
|
|
spec:
|
|
replicas: 1
|
|
revisionHistoryLimit: 10
|
|
selector:
|
|
matchLabels:
|
|
app: kube-prometheus-stack-operator
|
|
release: "kube-prometheus-stack"
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/managed-by: Helm
|
|
app.kubernetes.io/instance: kube-prometheus-stack
|
|
app.kubernetes.io/version: "79.11.0"
|
|
app.kubernetes.io/part-of: kube-prometheus-stack
|
|
chart: kube-prometheus-stack-79.11.0
|
|
release: "kube-prometheus-stack"
|
|
heritage: "Helm"
|
|
app: kube-prometheus-stack-operator
|
|
app.kubernetes.io/name: kube-prometheus-stack-prometheus-operator
|
|
app.kubernetes.io/component: prometheus-operator
|
|
spec:
|
|
containers:
|
|
- name: kube-prometheus-stack
|
|
image: "quay.io/prometheus-operator/prometheus-operator:v0.86.2"
|
|
imagePullPolicy: "IfNotPresent"
|
|
args:
|
|
- --kubelet-service=kube-system/kube-prometheus-stack-kubelet
|
|
- --kubelet-endpoints=true
|
|
- --kubelet-endpointslice=false
|
|
- --localhost=127.0.0.1
|
|
- --prometheus-config-reloader=quay.io/prometheus-operator/prometheus-config-reloader:v0.86.2
|
|
- --config-reloader-cpu-request=0
|
|
- --config-reloader-cpu-limit=0
|
|
- --config-reloader-memory-request=0
|
|
- --config-reloader-memory-limit=0
|
|
- --thanos-default-base-image=quay.io/thanos/thanos:v0.40.1
|
|
- --secret-field-selector=type!=kubernetes.io/dockercfg,type!=kubernetes.io/service-account-token,type!=helm.sh/release.v1
|
|
- --web.enable-tls=true
|
|
- --web.cert-file=/cert/cert
|
|
- --web.key-file=/cert/key
|
|
- --web.listen-address=:10250
|
|
- --web.tls-min-version=VersionTLS13
|
|
ports:
|
|
- containerPort: 10250
|
|
name: https
|
|
env:
|
|
- name: GOGC
|
|
value: "30"
|
|
resources: {}
|
|
securityContext:
|
|
allowPrivilegeEscalation: false
|
|
capabilities:
|
|
drop:
|
|
- ALL
|
|
readOnlyRootFilesystem: true
|
|
volumeMounts:
|
|
- name: tls-secret
|
|
mountPath: /cert
|
|
readOnly: true
|
|
readinessProbe:
|
|
httpGet:
|
|
path: /healthz
|
|
port: https
|
|
scheme: HTTPS
|
|
initialDelaySeconds: 0
|
|
periodSeconds: 10
|
|
timeoutSeconds: 1
|
|
successThreshold: 1
|
|
failureThreshold: 3
|
|
livenessProbe:
|
|
httpGet:
|
|
path: /healthz
|
|
port: https
|
|
scheme: HTTPS
|
|
initialDelaySeconds: 0
|
|
periodSeconds: 10
|
|
timeoutSeconds: 1
|
|
successThreshold: 1
|
|
failureThreshold: 3
|
|
volumes:
|
|
- name: tls-secret
|
|
secret:
|
|
defaultMode: 420
|
|
secretName: kube-prometheus-stack-admission
|
|
securityContext:
|
|
fsGroup: 65534
|
|
runAsGroup: 65534
|
|
runAsNonRoot: true
|
|
runAsUser: 65534
|
|
seccompProfile:
|
|
type: RuntimeDefault
|
|
serviceAccountName: kube-prometheus-stack-operator
|
|
automountServiceAccountToken: true
|
|
terminationGracePeriodSeconds: 30
|