# Licensed to the Apache Software Foundation (ASF) under one # or more contributor license agreements. See the NOTICE file # distributed with this work for additional information # regarding copyright ownership. The ASF licenses this file # to you under the Apache License, Version 2.0 (the # "License"); you may not use this file except in compliance # with the License. You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, # software distributed under the License is distributed on an # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY # KIND, either express or implied. See the License for the # specific language governing permissions and limitations # under the License. # apiVersion: apps/v1 kind: StatefulSet metadata: name: nuvolaris-operator namespace: nuvolaris spec: replicas: 1 selector: matchLabels: name: nuvolaris-operator template: metadata: labels: name: nuvolaris-operator app: nuvolaris-operator annotations: whisks.nuvolaris.org/annotate-version: "true" spec: serviceAccountName: nuvolaris-operator restartPolicy: Always affinity: # prefer to not run on an invoker node (only prefer because of single node clusters) nodeAffinity: preferredDuringSchedulingIgnoredDuringExecution: - weight: 100 preference: matchExpressions: - key: nuvolaris-role operator: NotIn values: - invoker - weight: 80 preference: matchExpressions: - key: nuvolaris-role operator: In values: - core # Fault tolerance: prevent multiple instances of nuvolaris-operator from running on the same node podAntiAffinity: requiredDuringSchedulingIgnoredDuringExecution: - labelSelector: matchExpressions: - key: name operator: In values: - nuvolaris-operator topologyKey: "kubernetes.io/hostname" tolerations: - key: "nuvolaris-role" operator: "Equal" value: core effect: "NoSchedule" securityContext: runAsUser: 1001 fsGroup: 1001 volumes: - name: deploy persistentVolumeClaim: claimName: nuvolaris-operator-deploy-pvc containers: - name: nuvolaris-operator image: ${IMAGES_OPERATOR} imagePullPolicy: Always command: ["./run.sh"] args: ["--verbose"] securityContext: capabilities: drop: - ALL volumeMounts: - name: deploy mountPath: "/home/nuvolaris/deploy"