You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
633 lines
16 KiB
633 lines
16 KiB
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: ClusterRole
|
|
metadata:
|
|
name: knative-eventing-mt-channel-broker-controller
|
|
labels:
|
|
app.kubernetes.io/version: "1.16.4"
|
|
app.kubernetes.io/name: knative-eventing
|
|
rules:
|
|
- apiGroups:
|
|
- ""
|
|
resources:
|
|
- "namespaces/finalizers"
|
|
verbs:
|
|
- "update"
|
|
- apiGroups:
|
|
- coordination.k8s.io
|
|
resources:
|
|
- leases
|
|
verbs:
|
|
- "get"
|
|
- "list"
|
|
- "create"
|
|
- "update"
|
|
- "delete"
|
|
- "patch"
|
|
- "watch"
|
|
- apiGroups:
|
|
- eventing.knative.dev
|
|
resources:
|
|
- brokers
|
|
verbs:
|
|
- "knsubscribe"
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: ClusterRole
|
|
metadata:
|
|
name: knative-eventing-mt-broker-filter
|
|
labels:
|
|
app.kubernetes.io/version: "1.16.4"
|
|
app.kubernetes.io/name: knative-eventing
|
|
rules:
|
|
- apiGroups:
|
|
- eventing.knative.dev
|
|
resources:
|
|
- brokers
|
|
- brokers/status
|
|
- triggers
|
|
- triggers/status
|
|
- eventpolicies
|
|
verbs:
|
|
- get
|
|
- list
|
|
- watch
|
|
- apiGroups:
|
|
- messaging.knative.dev
|
|
resources:
|
|
- subscriptions
|
|
verbs:
|
|
- get
|
|
- list
|
|
- watch
|
|
- apiGroups:
|
|
- ""
|
|
resources:
|
|
- "configmaps"
|
|
verbs:
|
|
- get
|
|
- list
|
|
- watch
|
|
- apiGroups:
|
|
- ""
|
|
resources:
|
|
- "serviceaccounts/token"
|
|
verbs:
|
|
- create
|
|
- apiGroups:
|
|
- "eventing.knative.dev"
|
|
resources:
|
|
- "eventtypes"
|
|
verbs:
|
|
- "get"
|
|
- "list"
|
|
- "watch"
|
|
- "create"
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: Role
|
|
metadata:
|
|
name: mt-broker-filter
|
|
namespace: knative-eventing
|
|
rules:
|
|
- apiGroups:
|
|
- ""
|
|
resources:
|
|
- "secrets"
|
|
verbs:
|
|
- get
|
|
- list
|
|
- watch
|
|
---
|
|
apiVersion: v1
|
|
kind: ServiceAccount
|
|
metadata:
|
|
name: mt-broker-filter
|
|
namespace: knative-eventing
|
|
labels:
|
|
app.kubernetes.io/version: "1.16.4"
|
|
app.kubernetes.io/name: knative-eventing
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: ClusterRole
|
|
metadata:
|
|
name: knative-eventing-mt-broker-ingress
|
|
labels:
|
|
app.kubernetes.io/version: "1.16.4"
|
|
app.kubernetes.io/name: knative-eventing
|
|
rules:
|
|
- apiGroups:
|
|
- eventing.knative.dev
|
|
resources:
|
|
- eventtypes
|
|
verbs:
|
|
- create
|
|
- get
|
|
- list
|
|
- watch
|
|
- apiGroups:
|
|
- eventing.knative.dev
|
|
resources:
|
|
- brokers
|
|
- eventpolicies
|
|
verbs:
|
|
- get
|
|
- list
|
|
- watch
|
|
- apiGroups:
|
|
- ""
|
|
resources:
|
|
- "configmaps"
|
|
verbs:
|
|
- get
|
|
- list
|
|
- watch
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: Role
|
|
metadata:
|
|
name: mt-broker-ingress
|
|
namespace: knative-eventing
|
|
rules:
|
|
- apiGroups:
|
|
- ""
|
|
resources:
|
|
- "secrets"
|
|
verbs:
|
|
- get
|
|
- list
|
|
- watch
|
|
- apiGroups:
|
|
- ""
|
|
resources:
|
|
- "serviceaccounts/token"
|
|
resourceNames:
|
|
- "mt-broker-ingress-oidc"
|
|
verbs:
|
|
- create
|
|
---
|
|
apiVersion: v1
|
|
kind: ServiceAccount
|
|
metadata:
|
|
name: mt-broker-ingress-oidc
|
|
namespace: knative-eventing
|
|
labels:
|
|
app.kubernetes.io/version: "1.16.4"
|
|
app.kubernetes.io/name: knative-eventing
|
|
---
|
|
apiVersion: v1
|
|
kind: ServiceAccount
|
|
metadata:
|
|
name: mt-broker-ingress
|
|
namespace: knative-eventing
|
|
labels:
|
|
app.kubernetes.io/version: "1.16.4"
|
|
app.kubernetes.io/name: knative-eventing
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: ClusterRoleBinding
|
|
metadata:
|
|
name: eventing-mt-channel-broker-controller
|
|
labels:
|
|
app.kubernetes.io/version: "1.16.4"
|
|
app.kubernetes.io/name: knative-eventing
|
|
subjects:
|
|
- kind: ServiceAccount
|
|
name: eventing-controller
|
|
namespace: knative-eventing
|
|
roleRef:
|
|
kind: ClusterRole
|
|
name: knative-eventing-mt-channel-broker-controller
|
|
apiGroup: rbac.authorization.k8s.io
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: ClusterRoleBinding
|
|
metadata:
|
|
name: knative-eventing-mt-broker-filter
|
|
labels:
|
|
app.kubernetes.io/version: "1.16.4"
|
|
app.kubernetes.io/name: knative-eventing
|
|
subjects:
|
|
- kind: ServiceAccount
|
|
name: mt-broker-filter
|
|
namespace: knative-eventing
|
|
roleRef:
|
|
kind: ClusterRole
|
|
name: knative-eventing-mt-broker-filter
|
|
apiGroup: rbac.authorization.k8s.io
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: RoleBinding
|
|
metadata:
|
|
name: mt-broker-filter
|
|
namespace: knative-eventing
|
|
subjects:
|
|
- kind: ServiceAccount
|
|
name: mt-broker-filter
|
|
namespace: knative-eventing
|
|
roleRef:
|
|
kind: Role
|
|
name: mt-broker-filter
|
|
apiGroup: rbac.authorization.k8s.io
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: ClusterRoleBinding
|
|
metadata:
|
|
name: knative-eventing-mt-broker-ingress
|
|
labels:
|
|
app.kubernetes.io/version: "1.16.4"
|
|
app.kubernetes.io/name: knative-eventing
|
|
subjects:
|
|
- kind: ServiceAccount
|
|
name: mt-broker-ingress
|
|
namespace: knative-eventing
|
|
roleRef:
|
|
kind: ClusterRole
|
|
name: knative-eventing-mt-broker-ingress
|
|
apiGroup: rbac.authorization.k8s.io
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: RoleBinding
|
|
metadata:
|
|
name: mt-broker-ingress
|
|
namespace: knative-eventing
|
|
subjects:
|
|
- kind: ServiceAccount
|
|
name: mt-broker-ingress
|
|
namespace: knative-eventing
|
|
roleRef:
|
|
kind: Role
|
|
name: mt-broker-ingress
|
|
apiGroup: rbac.authorization.k8s.io
|
|
---
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: mt-broker-filter
|
|
namespace: knative-eventing
|
|
labels:
|
|
app.kubernetes.io/component: broker-filter
|
|
app.kubernetes.io/version: "1.16.4"
|
|
app.kubernetes.io/name: knative-eventing
|
|
bindings.knative.dev/exclude: "true"
|
|
spec:
|
|
selector:
|
|
matchLabels:
|
|
eventing.knative.dev/brokerRole: filter
|
|
template:
|
|
metadata:
|
|
labels:
|
|
eventing.knative.dev/brokerRole: filter
|
|
app.kubernetes.io/component: broker-filter
|
|
app.kubernetes.io/version: "1.16.4"
|
|
app.kubernetes.io/name: knative-eventing
|
|
spec:
|
|
serviceAccountName: mt-broker-filter
|
|
enableServiceLinks: false
|
|
containers:
|
|
- name: filter
|
|
terminationMessagePolicy: FallbackToLogsOnError
|
|
image: gcr.io/knative-releases/knative.dev/eventing/cmd/broker/filter@sha256:71879b9320951fd245e3f0251f3dd4d77b8171e48de12daba2cad9617c4355d1
|
|
readinessProbe:
|
|
failureThreshold: 3
|
|
httpGet:
|
|
path: /healthz
|
|
port: 8080
|
|
scheme: HTTP
|
|
periodSeconds: 2
|
|
successThreshold: 1
|
|
timeoutSeconds: 1
|
|
livenessProbe:
|
|
failureThreshold: 3
|
|
httpGet:
|
|
path: /healthz
|
|
port: 8080
|
|
scheme: HTTP
|
|
periodSeconds: 2
|
|
successThreshold: 1
|
|
timeoutSeconds: 1
|
|
initialDelaySeconds: 5
|
|
resources:
|
|
requests:
|
|
cpu: 100m
|
|
memory: 100Mi
|
|
ports:
|
|
- containerPort: 8080
|
|
name: http
|
|
protocol: TCP
|
|
- containerPort: 8443
|
|
name: https
|
|
protocol: TCP
|
|
- containerPort: 9092
|
|
name: metrics
|
|
protocol: TCP
|
|
terminationMessagePath: /dev/termination-log
|
|
env:
|
|
- name: SYSTEM_NAMESPACE
|
|
valueFrom:
|
|
fieldRef:
|
|
fieldPath: metadata.namespace
|
|
- name: NAMESPACE
|
|
valueFrom:
|
|
fieldRef:
|
|
apiVersion: v1
|
|
fieldPath: metadata.namespace
|
|
- name: POD_NAME
|
|
valueFrom:
|
|
fieldRef:
|
|
apiVersion: v1
|
|
fieldPath: metadata.name
|
|
- name: CONTAINER_NAME
|
|
value: filter
|
|
- name: CONFIG_LOGGING_NAME
|
|
value: config-logging
|
|
- name: CONFIG_OBSERVABILITY_NAME
|
|
value: config-observability
|
|
- name: METRICS_DOMAIN
|
|
value: knative.dev/internal/eventing
|
|
- name: FILTER_PORT
|
|
value: "8080"
|
|
- name: FILTER_PORT_HTTPS
|
|
value: "8443"
|
|
securityContext:
|
|
allowPrivilegeEscalation: false
|
|
readOnlyRootFilesystem: true
|
|
runAsNonRoot: true
|
|
capabilities:
|
|
drop:
|
|
- ALL
|
|
seccompProfile:
|
|
type: RuntimeDefault
|
|
---
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
labels:
|
|
eventing.knative.dev/brokerRole: filter
|
|
app.kubernetes.io/component: broker-filter
|
|
app.kubernetes.io/version: "1.16.4"
|
|
app.kubernetes.io/name: knative-eventing
|
|
name: broker-filter
|
|
namespace: knative-eventing
|
|
spec:
|
|
ports:
|
|
- name: http
|
|
port: 80
|
|
protocol: TCP
|
|
targetPort: 8080
|
|
- name: https
|
|
port: 443
|
|
protocol: TCP
|
|
targetPort: 8443
|
|
- name: http-metrics
|
|
port: 9092
|
|
protocol: TCP
|
|
targetPort: 9092
|
|
selector:
|
|
eventing.knative.dev/brokerRole: filter
|
|
---
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: mt-broker-ingress
|
|
namespace: knative-eventing
|
|
labels:
|
|
app.kubernetes.io/component: broker-ingress
|
|
app.kubernetes.io/version: "1.16.4"
|
|
app.kubernetes.io/name: knative-eventing
|
|
bindings.knative.dev/exclude: "true"
|
|
spec:
|
|
selector:
|
|
matchLabels:
|
|
eventing.knative.dev/brokerRole: ingress
|
|
template:
|
|
metadata:
|
|
labels:
|
|
eventing.knative.dev/brokerRole: ingress
|
|
app.kubernetes.io/component: broker-ingress
|
|
app.kubernetes.io/version: "1.16.4"
|
|
app.kubernetes.io/name: knative-eventing
|
|
spec:
|
|
serviceAccountName: mt-broker-ingress
|
|
enableServiceLinks: false
|
|
containers:
|
|
- name: ingress
|
|
terminationMessagePolicy: FallbackToLogsOnError
|
|
image: gcr.io/knative-releases/knative.dev/eventing/cmd/broker/ingress@sha256:fc52f7e445fbf3512ed08003c5cba0b3e4d59fb1308271fa9dc1ce910f3ec71d
|
|
readinessProbe:
|
|
failureThreshold: 3
|
|
httpGet:
|
|
path: /healthz
|
|
port: 8080
|
|
scheme: HTTP
|
|
periodSeconds: 2
|
|
successThreshold: 1
|
|
timeoutSeconds: 1
|
|
livenessProbe:
|
|
failureThreshold: 3
|
|
httpGet:
|
|
path: /healthz
|
|
port: 8080
|
|
scheme: HTTP
|
|
periodSeconds: 2
|
|
successThreshold: 1
|
|
timeoutSeconds: 1
|
|
initialDelaySeconds: 5
|
|
resources:
|
|
requests:
|
|
cpu: 100m
|
|
memory: 100Mi
|
|
ports:
|
|
- containerPort: 8080
|
|
name: http
|
|
protocol: TCP
|
|
- containerPort: 8443
|
|
name: https
|
|
protocol: TCP
|
|
- containerPort: 9092
|
|
name: metrics
|
|
protocol: TCP
|
|
terminationMessagePath: /dev/termination-log
|
|
env:
|
|
- name: SYSTEM_NAMESPACE
|
|
valueFrom:
|
|
fieldRef:
|
|
fieldPath: metadata.namespace
|
|
- name: NAMESPACE
|
|
valueFrom:
|
|
fieldRef:
|
|
apiVersion: v1
|
|
fieldPath: metadata.namespace
|
|
- name: POD_NAME
|
|
valueFrom:
|
|
fieldRef:
|
|
apiVersion: v1
|
|
fieldPath: metadata.name
|
|
- name: CONTAINER_NAME
|
|
value: ingress
|
|
- name: CONFIG_LOGGING_NAME
|
|
value: config-logging
|
|
- name: CONFIG_OBSERVABILITY_NAME
|
|
value: config-observability
|
|
- name: METRICS_DOMAIN
|
|
value: knative.dev/internal/eventing
|
|
- name: INGRESS_PORT
|
|
value: "8080"
|
|
- name: INGRESS_PORT_HTTPS
|
|
value: "8443"
|
|
securityContext:
|
|
allowPrivilegeEscalation: false
|
|
readOnlyRootFilesystem: true
|
|
runAsNonRoot: true
|
|
capabilities:
|
|
drop:
|
|
- ALL
|
|
seccompProfile:
|
|
type: RuntimeDefault
|
|
---
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
labels:
|
|
eventing.knative.dev/brokerRole: ingress
|
|
app.kubernetes.io/component: broker-ingress
|
|
app.kubernetes.io/version: "1.16.4"
|
|
app.kubernetes.io/name: knative-eventing
|
|
name: broker-ingress
|
|
namespace: knative-eventing
|
|
spec:
|
|
ports:
|
|
- name: http
|
|
port: 80
|
|
protocol: TCP
|
|
targetPort: 8080
|
|
- name: https
|
|
port: 443
|
|
protocol: TCP
|
|
targetPort: 8443
|
|
- name: http-metrics
|
|
port: 9092
|
|
protocol: TCP
|
|
targetPort: 9092
|
|
selector:
|
|
eventing.knative.dev/brokerRole: ingress
|
|
---
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: mt-broker-controller
|
|
namespace: knative-eventing
|
|
labels:
|
|
app.kubernetes.io/component: mt-broker-controller
|
|
app.kubernetes.io/version: "1.16.4"
|
|
app.kubernetes.io/name: knative-eventing
|
|
bindings.knative.dev/exclude: "true"
|
|
spec:
|
|
selector:
|
|
matchLabels:
|
|
app: mt-broker-controller
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: mt-broker-controller
|
|
app.kubernetes.io/component: broker-controller
|
|
app.kubernetes.io/version: "1.16.4"
|
|
app.kubernetes.io/name: knative-eventing
|
|
spec:
|
|
affinity:
|
|
podAntiAffinity:
|
|
preferredDuringSchedulingIgnoredDuringExecution:
|
|
- podAffinityTerm:
|
|
labelSelector:
|
|
matchLabels:
|
|
app: mt-broker-controller
|
|
topologyKey: kubernetes.io/hostname
|
|
weight: 100
|
|
serviceAccountName: eventing-controller
|
|
enableServiceLinks: false
|
|
containers:
|
|
- name: mt-broker-controller
|
|
terminationMessagePolicy: FallbackToLogsOnError
|
|
image: gcr.io/knative-releases/knative.dev/eventing/cmd/mtchannel_broker@sha256:8700453a537ea6ca6cd78259335c36e7ad528abe539b593fc2bdf6e5ddf91ab0
|
|
resources:
|
|
requests:
|
|
cpu: 100m
|
|
memory: 100Mi
|
|
env:
|
|
- name: SYSTEM_NAMESPACE
|
|
valueFrom:
|
|
fieldRef:
|
|
fieldPath: metadata.namespace
|
|
- name: CONFIG_LOGGING_NAME
|
|
value: config-logging
|
|
- name: CONFIG_OBSERVABILITY_NAME
|
|
value: config-observability
|
|
- name: METRICS_DOMAIN
|
|
value: knative.dev/eventing
|
|
- name: POD_NAME
|
|
valueFrom:
|
|
fieldRef:
|
|
fieldPath: metadata.name
|
|
securityContext:
|
|
allowPrivilegeEscalation: false
|
|
readOnlyRootFilesystem: true
|
|
runAsNonRoot: true
|
|
capabilities:
|
|
drop:
|
|
- ALL
|
|
seccompProfile:
|
|
type: RuntimeDefault
|
|
ports:
|
|
- name: metrics
|
|
containerPort: 9090
|
|
- name: profiling
|
|
containerPort: 8008
|
|
---
|
|
apiVersion: autoscaling/v2
|
|
kind: HorizontalPodAutoscaler
|
|
metadata:
|
|
name: broker-ingress-hpa
|
|
namespace: knative-eventing
|
|
labels:
|
|
app.kubernetes.io/component: broker-ingress
|
|
app.kubernetes.io/version: "1.16.4"
|
|
app.kubernetes.io/name: knative-eventing
|
|
spec:
|
|
scaleTargetRef:
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
name: mt-broker-ingress
|
|
minReplicas: 1
|
|
maxReplicas: 10
|
|
metrics:
|
|
- type: Resource
|
|
resource:
|
|
name: cpu
|
|
target:
|
|
type: Utilization
|
|
averageUtilization: 70
|
|
---
|
|
apiVersion: autoscaling/v2
|
|
kind: HorizontalPodAutoscaler
|
|
metadata:
|
|
name: broker-filter-hpa
|
|
namespace: knative-eventing
|
|
labels:
|
|
app.kubernetes.io/component: broker-filter
|
|
app.kubernetes.io/version: "1.16.4"
|
|
app.kubernetes.io/name: knative-eventing
|
|
spec:
|
|
scaleTargetRef:
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
name: mt-broker-filter
|
|
minReplicas: 1
|
|
maxReplicas: 10
|
|
metrics:
|
|
- type: Resource
|
|
resource:
|
|
name: cpu
|
|
target:
|
|
type: Utilization
|
|
averageUtilization: 70
|
|
---
|
|
|
|
|