Add manifests for extensions container and service

For OCP layering, we're changing the way the extensions are retrieved -- they are present in their own separate container, intended to be run as a service that serves up the RPM repo (see openshift/os#763) for details. This adds manifests for that extensions container deployment and the service that will allow the nodes to connect to it.
jkyros · Aug 29, 2022 · 2dbc684 · 2dbc684
1 parent f21482c
commit 2dbc684
Show file tree

Hide file tree

Showing 2 changed files with 74 additions and 0 deletions.
diff --git a/manifests/machineconfigcontroller/extensionsDeployment.yaml b/manifests/machineconfigcontroller/extensionsDeployment.yaml
@@ -0,0 +1,57 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: rhel-coreos-8-extensions
+  namespace: openshift-machine-config-operator
+  labels:
+    k8s-app: rhel-coreos-8-extensions
+  annotations:
+    exclude.release.openshift.io/internal-openshift-hosted: "true"
+    include.release.openshift.io/self-managed-high-availability: "true"
+    include.release.openshift.io/single-node-developer: "true"
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      k8s-app: rhel-coreos-8-extensions
+  template:
+    metadata:
+      labels:
+        k8s-app: rhel-coreos-8-extensions
+      annotations:
+        target.workload.openshift.io/management: '{"effect": "PreferredDuringScheduling"}'
+    spec:
+      containers:
+      - name: rhel-coreos-8-extensions
+        image: {{.ControllerConfig.BaseOperatingSystemExtensionsContainer}}
+        args:
+        resources:
+          requests:
+            cpu: 20m
+            memory: 50Mi
+        env:
+          - name: RELEASE_VERSION
+            value: "0.0.1-snapshot"
+        terminationMessagePolicy: FallbackToLogsOnError
+      nodeSelector:
+        node-role.kubernetes.io/master: ""
+      priorityClassName: "system-cluster-critical"
+      restartPolicy: Always
+      securityContext:
+        runAsNonRoot: true
+        runAsUser: 65534
+      tolerations:
+      - key: "node-role.kubernetes.io/master"
+        operator: "Exists"
+        effect: "NoSchedule"
+      - key: "node.kubernetes.io/unreachable"
+        operator: "Exists"
+        effect: "NoExecute"
+        tolerationSeconds: 120
+      - key: "node.kubernetes.io/not-ready"
+        operator: "Exists"
+        effect: "NoExecute"
+        tolerationSeconds: 120
+
+
diff --git a/manifests/machineconfigcontroller/extensionsService.yaml b/manifests/machineconfigcontroller/extensionsService.yaml
@@ -0,0 +1,17 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: rhel-coreos-8-extensions
+  namespace: openshift-machine-config-operator
+  labels:
+    k8s-app: rhel-coreos-8-extensions
+  annotations:
+spec:
+  type: ClusterIP
+  selector:
+    k8s-app: rhel-coreos-8-extensions
+  ports:
+  - name: repo
+    port: 9091
+    protocol: TCP