parts/k8s/addons/arc-onboarding.yaml (102 lines of code) (raw):
---
apiVersion: v1
kind: Namespace
metadata:
name: azure-arc-onboarding
labels:
addonmanager.kubernetes.io/mode: "EnsureExists"
---
apiVersion: v1
kind: Secret
metadata:
name: azure-arc-onboarding
namespace: azure-arc-onboarding
labels:
addonmanager.kubernetes.io/mode: "EnsureExists"
data:
TENANT_ID: {{ContainerConfigBase64 "tenantID"}}
SUBSCRIPTION_ID: {{ContainerConfigBase64 "subscriptionID"}}
RESOURCE_GROUP: {{ContainerConfigBase64 "resourceGroup"}}
CONNECTED_CLUSTER: {{ContainerConfigBase64 "clusterName"}}
LOCATION: {{ContainerConfigBase64 "location"}}
CLIENT_ID: {{ContainerConfigBase64 "clientID"}}
CLIENT_SECRET: {{ContainerConfigBase64 "clientSecret"}}
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: azure-arc-onboarding
namespace: azure-arc-onboarding
labels:
addonmanager.kubernetes.io/mode: "EnsureExists"
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: azure-arc-onboarding
labels:
addonmanager.kubernetes.io/mode: "EnsureExists"
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: azure-arc-onboarding
namespace: azure-arc-onboarding
---
apiVersion: batch/v1
kind: Job
metadata:
name: azure-arc-onboarding
namespace: azure-arc-onboarding
labels:
addonmanager.kubernetes.io/mode: "EnsureExists"
spec:
template:
spec:
serviceAccountName: azure-arc-onboarding
nodeSelector:
kubernetes.io/arch: amd64
kubernetes.io/os: linux
containers:
- name: azure-arc-onboarding
image: {{ContainerImage "azure-arc-onboarding"}}
env:
- name: TENANT_ID
valueFrom:
secretKeyRef:
name: azure-arc-onboarding
key: TENANT_ID
- name: SUBSCRIPTION_ID
valueFrom:
secretKeyRef:
name: azure-arc-onboarding
key: SUBSCRIPTION_ID
- name: RESOURCE_GROUP
valueFrom:
secretKeyRef:
name: azure-arc-onboarding
key: RESOURCE_GROUP
- name: CONNECTED_CLUSTER
valueFrom:
secretKeyRef:
name: azure-arc-onboarding
key: CONNECTED_CLUSTER
- name: LOCATION
valueFrom:
secretKeyRef:
name: azure-arc-onboarding
key: LOCATION
- name: CLIENT_ID
valueFrom:
secretKeyRef:
name: azure-arc-onboarding
key: CLIENT_ID
- name: CLIENT_SECRET
valueFrom:
secretKeyRef:
name: azure-arc-onboarding
key: CLIENT_SECRET
restartPolicy: Never
backoffLimit: 4