Skip to content
This repository has been archived by the owner on Mar 7, 2024. It is now read-only.

Commit

Permalink
Rollout new release multi-tenancy
Browse files Browse the repository at this point in the history
  • Loading branch information
@ubombar
ubombar committed Apr 17, 2023
1 parent 3b20053 commit d49917b
Showing 1 changed file with 186 additions and 14 deletions.
200 changes: 186 additions & 14 deletions build/yamls/kubernetes/multi-tenancy.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,107 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
edge-net.io/generated: "true"
name: edgenet:tenant-owner
rules:
- apiGroups:
- core.edgenet.io
resources:
- subnamespaces
verbs:
- '*'
- apiGroups:
- core.edgenet.io
resources:
- subnamespaces/status
verbs:
- get
- list
- watch
- apiGroups:
- apps.edgenet.io
resources:
- selectivedeployments
verbs:
- '*'
- apiGroups:
- rbac.authorization.k8s.io
resources:
- roles
- rolebindings
verbs:
- '*'
- apiGroups:
- ""
resources:
- configmaps
- endpoints
- persistentvolumeclaims
- pods
- pods/exec
- pods/log
- pods/attach
- pods/portforward
- replicationcontrollers
- services
- secrets
- serviceaccounts
verbs:
- '*'
- apiGroups:
- apps
resources:
- daemonsets
- deployments
- replicasets
- statefulsets
verbs:
- '*'
- apiGroups:
- autoscaling
resources:
- horizontalpodautoscalers
verbs:
- '*'
- apiGroups:
- batch
resources:
- cronjobs
- jobs
verbs:
- '*'
- apiGroups:
- extensions
resources:
- daemonsets
- deployments
- ingresses
- networkpolicies
- replicasets
- replicationcontrollers
verbs:
- '*'
- apiGroups:
- networking.k8s.io
resources:
- ingresses
- networkpolicies
verbs:
- '*'
- apiGroups:
- ""
resources:
- events
- controllerrevisions
verbs:
- get
- list
- watch
---
apiVersion: v1
kind: Namespace
metadata:
Expand Down Expand Up @@ -128,6 +229,11 @@ spec:
type: string
message:
type: string
child:
type: string
nullable: true
failed:
type: integer
scope: Namespaced
names:
plural: subnamespaces
Expand Down Expand Up @@ -235,6 +341,8 @@ spec:
type: string
message:
type: string
failed:
type: integer
scope: Cluster
names:
plural: tenants
Expand Down Expand Up @@ -354,6 +462,8 @@ spec:
notified:
type: boolean
default: false
failed:
type: integer
scope: Cluster
names:
plural: tenantrequests
Expand Down Expand Up @@ -403,6 +513,8 @@ spec:
type: string
message:
type: string
failed:
type: integer
scope: Cluster
names:
plural: tenantresourcequotas
Expand Down Expand Up @@ -489,6 +601,8 @@ spec:
notified:
type: boolean
default: false
failed:
type: integer
scope: Namespaced
names:
plural: rolerequests
Expand Down Expand Up @@ -564,6 +678,8 @@ spec:
notified:
type: boolean
default: false
failed:
type: integer
scope: Cluster
names:
plural: clusterrolerequests
Expand Down Expand Up @@ -645,6 +761,8 @@ spec:
type: string
message:
type: string
failed:
type: integer
scope: Namespaced
names:
plural: sliceclaims
Expand Down Expand Up @@ -724,6 +842,8 @@ spec:
type: string
format: dateTime
nullable: true
failed:
type: integer
scope: Cluster
names:
plural: slices
Expand Down Expand Up @@ -837,9 +957,16 @@ spec:
containers:
- command:
- ./subnamespace
image: edgenetio/subnamespace:main
image: edgenetio/subnamespace:v1.0.0-alpha.5
imagePullPolicy: Always
name: subnamespace
resources:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "128Mi"
cpu: "100m"
priorityClassName: system-cluster-critical
nodeSelector:
node-role.kubernetes.io/control-plane: ""
Expand Down Expand Up @@ -979,9 +1106,16 @@ spec:
containers:
- command:
- ./tenant
image: edgenetio/tenant:main
image: edgenetio/tenant:v1.0.0-alpha.5
imagePullPolicy: Always
name: tenant
resources:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "128Mi"
cpu: "100m"
priorityClassName: system-cluster-critical
nodeSelector:
node-role.kubernetes.io/control-plane: ""
Expand Down Expand Up @@ -1121,9 +1255,16 @@ spec:
containers:
- command:
- ./tenantrequest
image: edgenetio/tenantrequest:main
image: edgenetio/tenantrequest:v1.0.0-alpha.5
imagePullPolicy: Always
name: tenantrequest
resources:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "128Mi"
cpu: "100m"
priorityClassName: system-cluster-critical
nodeSelector:
node-role.kubernetes.io/control-plane: ""
Expand Down Expand Up @@ -1215,9 +1356,16 @@ spec:
containers:
- command:
- ./tenantresourcequota
image: edgenetio/tenantresourcequota:main
image: edgenetio/tenantresourcequota:v1.0.0-alpha.5
imagePullPolicy: Always
name: tenantresourcequota
resources:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "128Mi"
cpu: "100m"
priorityClassName: system-cluster-critical
nodeSelector:
node-role.kubernetes.io/control-plane: ""
Expand Down Expand Up @@ -1348,9 +1496,16 @@ spec:
containers:
- command:
- ./rolerequest
image: edgenetio/rolerequest:main
image: edgenetio/rolerequest:v1.0.0-alpha.5
imagePullPolicy: Always
name: rolerequest
resources:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "128Mi"
cpu: "100m"
priorityClassName: system-cluster-critical
nodeSelector:
node-role.kubernetes.io/control-plane: ""
Expand Down Expand Up @@ -1481,9 +1636,16 @@ spec:
containers:
- command:
- ./clusterrolerequest
image: edgenetio/clusterrolerequest:main
image: edgenetio/clusterrolerequest:v1.0.0-alpha.5
imagePullPolicy: Always
name: clusterrolerequest
resources:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "128Mi"
cpu: "100m"
priorityClassName: system-cluster-critical
nodeSelector:
node-role.kubernetes.io/control-plane: ""
Expand Down Expand Up @@ -1519,7 +1681,7 @@ rules:
resources: ["sliceclaims", "sliceclaims/status", "slices", "slices/status"]
verbs: ["*"]
- apiGroups: ["core.edgenet.io"]
resources: ["subnamespaces"]
resources: ["subnamespaces", "tenants"]
verbs: ["get", "list", "watch", "update"]
- apiGroups: ["core.edgenet.io"]
resources: ["subnamespaces/status"]
Expand Down Expand Up @@ -1575,9 +1737,16 @@ spec:
containers:
- command:
- ./sliceclaim
image: edgenetio/sliceclaim:main
image: edgenetio/sliceclaim:v1.0.0-alpha.5
imagePullPolicy: Always
name: sliceclaim
resources:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "128Mi"
cpu: "100m"
priorityClassName: system-cluster-critical
nodeSelector:
node-role.kubernetes.io/control-plane: ""
Expand All @@ -1591,10 +1760,6 @@ spec:
key: node-role.kubernetes.io/control-plane
- effect: NoSchedule
key: node.kubernetes.io/unschedulable
volumes:
- name: configs
secret:
secretName: configs-secret
---
apiVersion: v1
kind: ServiceAccount
Expand Down Expand Up @@ -1673,9 +1838,16 @@ spec:
containers:
- command:
- ./slice
image: edgenetio/slice:main
image: edgenetio/slice:v1.0.0-alpha.5
imagePullPolicy: Always
name: slice
resources:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "128Mi"
cpu: "100m"
priorityClassName: system-cluster-critical
nodeSelector:
node-role.kubernetes.io/control-plane: ""
Expand Down Expand Up @@ -1880,7 +2052,7 @@ spec:
spec:
containers:
- name: admission-control-webhook
image: edgenetio/admissioncontrol:main
image: edgenetio/admissioncontrol:v1.0.0-alpha.5
imagePullPolicy: Always
ports:
- containerPort: 443
Expand Down

0 comments on commit d49917b

Please sign in to comment.