# Source: purelb/templates/serviceaccount-allocator.yaml apiVersion: v1 kind: ServiceAccount metadata: labels: helm.sh/chart: purelb-v0.13.0 app.kubernetes.io/name: purelb app.kubernetes.io/instance: purelb app.kubernetes.io/version: v0.13.0 app.kubernetes.io/managed-by: Helm name: allocator namespace: purelb --- # Source: purelb/templates/serviceaccount-lbnodeagent.yaml apiVersion: v1 kind: ServiceAccount metadata: labels: helm.sh/chart: purelb-v0.13.0 app.kubernetes.io/name: purelb app.kubernetes.io/instance: purelb app.kubernetes.io/version: v0.13.0 app.kubernetes.io/managed-by: Helm name: lbnodeagent namespace: purelb --- # Source: purelb/templates/clusterrole-allocator.yaml apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: labels: helm.sh/chart: purelb-v0.13.0 app.kubernetes.io/name: purelb app.kubernetes.io/instance: purelb app.kubernetes.io/version: v0.13.0 app.kubernetes.io/managed-by: Helm name: purelb:allocator rules: - apiGroups: [purelb.io] resources: [servicegroups, lbnodeagents] verbs: [get, list, watch, update] - apiGroups: [''] resources: [services] verbs: [get, list, watch, update] - apiGroups: [''] resources: [services/status] verbs: [update] - apiGroups: [''] resources: [events] verbs: [create, patch] - apiGroups: [''] resources: [namespaces] verbs: [get, list] - apiGroups: [policy] resourceNames: [allocator] resources: [podsecuritypolicies] verbs: [use] --- # Source: purelb/templates/clusterrole-lbnodeagent.yaml apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: labels: helm.sh/chart: purelb-v0.13.0 app.kubernetes.io/name: purelb app.kubernetes.io/instance: purelb app.kubernetes.io/version: v0.13.0 app.kubernetes.io/managed-by: Helm name: purelb:lbnodeagent rules: - apiGroups: [purelb.io] resources: [servicegroups, lbnodeagents] verbs: [get, list, watch, update] - apiGroups: [''] resources: [endpoints, nodes] verbs: [get, list, watch] - apiGroups: [''] resources: [services] verbs: [get, list, watch, update] - apiGroups: [''] resources: [events] verbs: [create, patch] - apiGroups: [''] resources: [namespaces] verbs: [get, list] - apiGroups: [policy] resourceNames: [lbnodeagent] resources: [podsecuritypolicies] verbs: [use] --- # Source: purelb/templates/clusterrolebinding-allocator.yaml apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: labels: helm.sh/chart: purelb-v0.13.0 app.kubernetes.io/name: purelb app.kubernetes.io/instance: purelb app.kubernetes.io/version: v0.13.0 app.kubernetes.io/managed-by: Helm name: purelb:allocator roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: purelb:allocator subjects: - kind: ServiceAccount name: allocator namespace: purelb --- # Source: purelb/templates/clusterrolebinding-lbnodeagent.yaml apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: labels: helm.sh/chart: purelb-v0.13.0 app.kubernetes.io/name: purelb app.kubernetes.io/instance: purelb app.kubernetes.io/version: v0.13.0 app.kubernetes.io/managed-by: Helm name: purelb:lbnodeagent roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: purelb:lbnodeagent subjects: - kind: ServiceAccount name: lbnodeagent namespace: purelb --- # Source: purelb/templates/role.yaml apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: labels: helm.sh/chart: purelb-v0.13.0 app.kubernetes.io/name: purelb app.kubernetes.io/instance: purelb app.kubernetes.io/version: v0.13.0 app.kubernetes.io/managed-by: Helm name: pod-lister namespace: purelb rules: - apiGroups: [''] resources: [pods] verbs: [list] --- # Source: purelb/templates/rolebinding.yaml apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: labels: helm.sh/chart: purelb-v0.13.0 app.kubernetes.io/name: purelb app.kubernetes.io/instance: purelb app.kubernetes.io/version: v0.13.0 app.kubernetes.io/managed-by: Helm name: pod-lister namespace: purelb roleRef: apiGroup: rbac.authorization.k8s.io kind: Role name: pod-lister subjects: - kind: ServiceAccount name: lbnodeagent --- # Source: purelb/templates/daemonset.yaml apiVersion: apps/v1 kind: DaemonSet metadata: labels: helm.sh/chart: purelb-v0.13.0 app.kubernetes.io/name: purelb app.kubernetes.io/instance: purelb app.kubernetes.io/version: v0.13.0 app.kubernetes.io/managed-by: Helm app.kubernetes.io/component: lbnodeagent name: lbnodeagent namespace: purelb spec: selector: matchLabels: app.kubernetes.io/name: purelb app.kubernetes.io/instance: purelb app.kubernetes.io/component: lbnodeagent template: metadata: annotations: prometheus.io/port: '7472' prometheus.io/scrape: 'true' labels: helm.sh/chart: purelb-v0.13.0 app.kubernetes.io/name: purelb app.kubernetes.io/instance: purelb app.kubernetes.io/version: v0.13.0 app.kubernetes.io/managed-by: Helm app.kubernetes.io/component: lbnodeagent spec: containers: - env: - name: NETBOX_USER_TOKEN valueFrom: secretKeyRef: name: netbox-client key: user-token optional: true - name: DEFAULT_ANNOUNCER value: PureLB - name: PURELB_NODE_NAME valueFrom: fieldRef: fieldPath: spec.nodeName - name: PURELB_HOST valueFrom: fieldRef: fieldPath: status.hostIP - name: PURELB_ML_NAMESPACE valueFrom: fieldRef: fieldPath: metadata.namespace - name: PURELB_ML_LABELS value: app.kubernetes.io/name=purelb,app.kubernetes.io/component=lbnodeagent - name: ML_GROUP value: 8sb7ikA5qHwQQqxc image: registry.gitlab.com/purelb/purelb/lbnodeagent:v0.13.0 imagePullPolicy: Always name: lbnodeagent ports: - containerPort: 7472 name: monitoring resources: securityContext: capabilities: add: [NET_ADMIN, NET_RAW] drop: [ALL] readOnlyRootFilesystem: false runAsGroup: 0 runAsUser: 0 hostNetwork: true nodeSelector: kubernetes.io/os: linux serviceAccountName: lbnodeagent terminationGracePeriodSeconds: 2 --- # Source: purelb/templates/deployment.yaml apiVersion: apps/v1 kind: Deployment metadata: labels: helm.sh/chart: purelb-v0.13.0 app.kubernetes.io/name: purelb app.kubernetes.io/instance: purelb app.kubernetes.io/version: v0.13.0 app.kubernetes.io/managed-by: Helm app.kubernetes.io/component: allocator name: allocator namespace: purelb spec: revisionHistoryLimit: 3 selector: matchLabels: app.kubernetes.io/name: purelb app.kubernetes.io/instance: purelb app.kubernetes.io/component: allocator template: metadata: annotations: prometheus.io/port: '7472' prometheus.io/scrape: 'true' labels: helm.sh/chart: purelb-v0.13.0 app.kubernetes.io/name: purelb app.kubernetes.io/instance: purelb app.kubernetes.io/version: v0.13.0 app.kubernetes.io/managed-by: Helm app.kubernetes.io/component: allocator spec: containers: - env: - name: NETBOX_USER_TOKEN valueFrom: secretKeyRef: name: netbox-client key: user-token optional: true - name: DEFAULT_ANNOUNCER value: PureLB image: registry.gitlab.com/purelb/purelb/allocator:v0.13.0 imagePullPolicy: Always name: allocator ports: - containerPort: 7472 name: monitoring resources: securityContext: allowPrivilegeEscalation: false capabilities: drop: [all] readOnlyRootFilesystem: true nodeSelector: kubernetes.io/os: linux securityContext: runAsNonRoot: true runAsUser: 65534 serviceAccountName: allocator terminationGracePeriodSeconds: 0 --- # Source: purelb/templates/lbnodeagent.yaml apiVersion: purelb.io/v1 kind: LBNodeAgent metadata: name: default namespace: purelb labels: helm.sh/chart: purelb-v0.13.0 app.kubernetes.io/name: purelb app.kubernetes.io/instance: purelb app.kubernetes.io/version: v0.13.0 app.kubernetes.io/managed-by: Helm spec: local: localint: default extlbint: kube-lb0 sendgarp: false