# Licensed to the Apache Software Foundation (ASF) under one # or more contributor license agreements. See the NOTICE file # distributed with this work for additional information # regarding copyright ownership. The ASF licenses this file # to you under the Apache License, Version 2.0 (the # "License"); you may not use this file except in compliance # with the License. You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, # software distributed under the License is distributed on an # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY # KIND, either express or implied. See the License for the # specific language governing permissions and limitations # under the License. # permissions to do leader election. apiVersion: v1 kind: ServiceAccount metadata: name: fdb-kubernetes-operator-controller-manager --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: creationTimestamp: null name: fdb-kubernetes-operator-manager-clusterrole rules: - apiGroups: - "" resources: - nodes verbs: - get - list - watch --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: fdb-kubernetes-operator-manager-role rules: - apiGroups: - "" resources: - configmaps - events - persistentvolumeclaims - pods - secrets - services verbs: - create - delete - get - list - patch - update - watch - apiGroups: - apps resources: - deployments verbs: - create - delete - get - list - patch - update - watch - apiGroups: - apps.foundationdb.org resources: - foundationdbbackups verbs: - create - delete - get - list - patch - update - watch - apiGroups: - apps.foundationdb.org resources: - foundationdbbackups/status verbs: - get - patch - update - apiGroups: - apps.foundationdb.org resources: - foundationdbclusters verbs: - create - delete - get - list - patch - update - watch - apiGroups: - apps.foundationdb.org resources: - foundationdbclusters/status verbs: - get - patch - update - apiGroups: - apps.foundationdb.org resources: - foundationdbrestores verbs: - create - delete - get - list - patch - update - watch - apiGroups: - apps.foundationdb.org resources: - foundationdbrestores/status verbs: - get - patch - update - apiGroups: - coordination.k8s.io resources: - leases verbs: - create - delete - get - list - patch - update - watch --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: creationTimestamp: null name: fdb-kubernetes-operator-manager-rolebinding roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: fdb-kubernetes-operator-manager-role subjects: - kind: ServiceAccount name: fdb-kubernetes-operator-controller-manager --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: creationTimestamp: null name: fdb-kubernetes-operator-manager-clusterrolebinding roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: fdb-kubernetes-operator-manager-clusterrole subjects: - kind: ServiceAccount name: fdb-kubernetes-operator-controller-manager namespace: metadata.namespace --- apiVersion: apps/v1 kind: Deployment metadata: labels: app: fdb-kubernetes-operator-controller-manager control-plane: controller-manager name: fdb-kubernetes-operator-controller-manager spec: replicas: 1 selector: matchLabels: app: fdb-kubernetes-operator-controller-manager template: metadata: labels: app: fdb-kubernetes-operator-controller-manager control-plane: controller-manager spec: containers: - command: - /manager env: - name: LD_LIBRARY_PATH value: /usr/bin/fdb/primary/lib - name: WATCH_NAMESPACE valueFrom: fieldRef: fieldPath: metadata.namespace image: foundationdb/fdb-kubernetes-operator:v1.46.0 name: manager ports: - containerPort: 8080 name: metrics resources: limits: cpu: 500m memory: 256Mi requests: cpu: 500m memory: 256Mi securityContext: allowPrivilegeEscalation: false privileged: false readOnlyRootFilesystem: true volumeMounts: - mountPath: /tmp name: tmp - mountPath: /var/log/fdb name: logs - mountPath: /usr/bin/fdb name: fdb-binaries initContainers: - args: - --copy-library - "7.1" - --copy-binary - fdbcli - --copy-binary - fdbbackup - --copy-binary - fdbrestore - --output-dir - /var/output-files/7.1.46 - --init-mode image: foundationdb/foundationdb-kubernetes-sidecar:7.1.46-1 name: foundationdb-kubernetes-init-7-1 volumeMounts: - mountPath: /var/output-files name: fdb-binaries - args: - --copy-library - "7.1" - --output-dir - /var/output-files/primary - --init-mode image: foundationdb/foundationdb-kubernetes-sidecar:7.1.46-1 name: foundationdb-kubernetes-init-7-1-primary volumeMounts: - name: fdb-binaries mountPath: /var/output-files securityContext: fsGroup: 4059 runAsGroup: 4059 runAsUser: 4059 serviceAccountName: fdb-kubernetes-operator-controller-manager terminationGracePeriodSeconds: 10 volumes: - emptyDir: {} name: tmp - emptyDir: {} name: logs - emptyDir: {} name: fdb-binaries