gitea-admin/ab-initio-manifests
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial render: k3s-dev environment

Browse Source
This commit is contained in:
gitea-admin
2026-03-07 15:00:05 +00:00
commit a787720f2a
306 changed files with 75879 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
rendered/manifests/k3s-dev/abinitio-system/ab-runtime-operator/admissionregistration.k8s.io_v1_mutatingwebhookconfiguration_abinitio-system-runtime-controller-webhook.yaml Normal file
View File

@@ -0,0 +1,38 @@
apiVersion: admissionregistration.k8s.io/v1
kind: MutatingWebhookConfiguration
metadata:
name: abinitio-system-runtime-controller-webhook
webhooks:
- admissionReviewVersions:
- v1
clientConfig:
service:
name: abinitio-system-runtime-controller-webhook
namespace: abinitio-system
path: /pod-add-certificate
port: 9443
failurePolicy: Fail
matchConditions:
- expression: has(object.metadata.ownerReferences)
name: pod-has-owner
- expression: object.metadata.ownerReferences.filter(e, e.controller && e.kind ==
"ReplicaSet").size() == 1
name: pod-owned-by-replicaset
- expression: object.metadata.ownerReferences.filter(e, e.controller && e.kind ==
"ReplicaSet").all(x, x.name.substring(0, x.name.lastIndexOf("-")) in ["runtime-locator","trw","portal-nginx"])
name: deployment-selector
matchPolicy: Equivalent
name: rule-0-deployments.abinitio-system-runtime-controller-webhook.abinitio.com
reinvocationPolicy: Never
rules:
- apiGroups:
- ""
apiVersions:
- v1
operations:
- CREATE
resources:
- pods
scope: Namespaced
sideEffects: None
timeoutSeconds: 5

100
rendered/manifests/k3s-dev/abinitio-system/ab-runtime-operator/apiextensions.k8s.io_v1_customresourcedefinition_cooperatingsystemruntimeclaims.cloud.abinitio.com.yaml Normal file
View File

@@ -0,0 +1,100 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
ab-installation-tag: main/b1566433-m1566221
meta.helm.sh/chart: ab-runtime-operator-2.4.3-a
name: cooperatingsystemruntimeclaims.cloud.abinitio.com
spec:
group: cloud.abinitio.com
names:
kind: CoOperatingSystemRuntimeClaim
listKind: CoOperatingSystemRuntimeClaimList
plural: cooperatingsystemruntimeclaims
singular: cooperatingsystemruntimeclaim
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .status.phase
name: Status
type: string
- jsonPath: .status.reservedRuntimeName
name: Reserved-Runtime
type: string
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
name: v1
schema:
openAPIV3Schema:
properties:
apiVersion:
type: string
kind:
type: string
metadata:
type: object
spec:
properties:
airSandboxRunArguments:
type: string
deletePolicy:
type: string
env:
items:
properties:
name:
type: string
value:
type: string
required:
- name
type: object
type: array
jobFinishScript:
type: string
jobLaunchScript:
type: string
keepReservation:
type: boolean
poolName:
type: string
poolNamespace:
type: string
runtimeName:
type: string
workDirectory:
type: string
required:
- poolName
type: object
status:
properties:
commandError:
type: string
exitCode:
type: integer
phase:
type: string
remoteStderr:
format: byte
type: string
remoteStderrTruncated:
type: boolean
remoteStdout:
format: byte
type: string
remoteStdoutTruncated:
type: boolean
reservationMade:
type: boolean
reservedRuntimeName:
type: string
reservedRuntimeNamespace:
type: string
type: object
type: object
served: true
storage: true
subresources:
status: {}

2689
rendered/manifests/k3s-dev/abinitio-system/ab-runtime-operator/apiextensions.k8s.io_v1_customresourcedefinition_cooperatingsystemruntimepools.cloud.abinitio.com.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

860
rendered/manifests/k3s-dev/abinitio-system/ab-runtime-operator/apiextensions.k8s.io_v1_customresourcedefinition_cooperatingsystemruntimeprofiles.cloud.abinitio.com.yaml Normal file
View File

@@ -0,0 +1,860 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
ab-installation-tag: main/b1566433-m1566221
meta.helm.sh/chart: ab-runtime-operator-2.4.3-a
name: cooperatingsystemruntimeprofiles.cloud.abinitio.com
spec:
group: cloud.abinitio.com
names:
kind: CoOperatingSystemRuntimeProfile
listKind: CoOperatingSystemRuntimeProfileList
plural: cooperatingsystemruntimeprofiles
singular: cooperatingsystemruntimeprofile
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .spec.profileType
name: Profile-Type
type: string
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
name: v1
schema:
openAPIV3Schema:
properties:
apiVersion:
type: string
kind:
type: string
metadata:
type: object
spec:
properties:
env:
items:
properties:
name:
type: string
value:
type: string
valueFrom:
properties:
configMapKeyRef:
properties:
key:
type: string
name:
type: string
optional:
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
fieldRef:
properties:
apiVersion:
type: string
fieldPath:
type: string
required:
- fieldPath
type: object
x-kubernetes-map-type: atomic
resourceFieldRef:
properties:
containerName:
type: string
divisor:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
resource:
type: string
required:
- resource
type: object
x-kubernetes-map-type: atomic
secretKeyRef:
properties:
key:
type: string
name:
type: string
optional:
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type: object
required:
- name
type: object
type: array
image:
type: string
jobRecoveryVolumeSize:
type: string
poolName:
type: string
poolNamespace:
type: string
profileMounts:
items:
properties:
awsElasticBlockStore:
properties:
fsType:
type: string
partition:
format: int32
type: integer
readOnly:
type: boolean
volumeID:
type: string
required:
- volumeID
type: object
azureDisk:
properties:
cachingMode:
type: string
diskName:
type: string
diskURI:
type: string
fsType:
type: string
kind:
type: string
readOnly:
type: boolean
required:
- diskName
- diskURI
type: object
azureFile:
properties:
readOnly:
type: boolean
secretName:
type: string
shareName:
type: string
required:
- secretName
- shareName
type: object
cephfs:
properties:
monitors:
items:
type: string
type: array
path:
type: string
readOnly:
type: boolean
secretFile:
type: string
secretRef:
properties:
name:
type: string
type: object
x-kubernetes-map-type: atomic
user:
type: string
required:
- monitors
type: object
cinder:
properties:
fsType:
type: string
readOnly:
type: boolean
secretRef:
properties:
name:
type: string
type: object
x-kubernetes-map-type: atomic
volumeID:
type: string
required:
- volumeID
type: object
configMap:
properties:
defaultMode:
format: int32
type: integer
items:
items:
properties:
key:
type: string
mode:
format: int32
type: integer
path:
type: string
required:
- key
- path
type: object
type: array
name:
type: string
optional:
type: boolean
type: object
x-kubernetes-map-type: atomic
csi:
properties:
driver:
type: string
fsType:
type: string
nodePublishSecretRef:
properties:
name:
type: string
type: object
x-kubernetes-map-type: atomic
readOnly:
type: boolean
volumeAttributes:
additionalProperties:
type: string
type: object
required:
- driver
type: object
downwardAPI:
properties:
defaultMode:
format: int32
type: integer
items:
items:
properties:
fieldRef:
properties:
apiVersion:
type: string
fieldPath:
type: string
required:
- fieldPath
type: object
x-kubernetes-map-type: atomic
mode:
format: int32
type: integer
path:
type: string
resourceFieldRef:
properties:
containerName:
type: string
divisor:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
resource:
type: string
required:
- resource
type: object
x-kubernetes-map-type: atomic
required:
- path
type: object
type: array
type: object
emptyDir:
properties:
medium:
type: string
sizeLimit:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
type: object
ephemeral:
properties:
volumeClaimTemplate:
properties:
metadata:
properties:
annotations:
additionalProperties:
type: string
type: object
finalizers:
items:
type: string
type: array
labels:
additionalProperties:
type: string
type: object
name:
type: string
namespace:
type: string
type: object
spec:
properties:
accessModes:
items:
type: string
type: array
dataSource:
properties:
apiGroup:
type: string
kind:
type: string
name:
type: string
required:
- kind
- name
type: object
x-kubernetes-map-type: atomic
dataSourceRef:
properties:
apiGroup:
type: string
kind:
type: string
name:
type: string
namespace:
type: string
required:
- kind
- name
type: object
resources:
properties:
claims:
items:
properties:
name:
type: string
required:
- name
type: object
type: array
x-kubernetes-list-map-keys:
- name
x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
type: object
requests:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
type: object
type: object
selector:
properties:
matchExpressions:
items:
properties:
key:
type: string
operator:
type: string
values:
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
type: object
type: object
x-kubernetes-map-type: atomic
storageClassName:
type: string
volumeMode:
type: string
volumeName:
type: string
type: object
required:
- spec
type: object
type: object
fc:
properties:
fsType:
type: string
lun:
format: int32
type: integer
readOnly:
type: boolean
targetWWNs:
items:
type: string
type: array
wwids:
items:
type: string
type: array
type: object
flexVolume:
properties:
driver:
type: string
fsType:
type: string
options:
additionalProperties:
type: string
type: object
readOnly:
type: boolean
secretRef:
properties:
name:
type: string
type: object
x-kubernetes-map-type: atomic
required:
- driver
type: object
flocker:
properties:
datasetName:
type: string
datasetUUID:
type: string
type: object
gcePersistentDisk:
properties:
fsType:
type: string
partition:
format: int32
type: integer
pdName:
type: string
readOnly:
type: boolean
required:
- pdName
type: object
gitRepo:
properties:
directory:
type: string
repository:
type: string
revision:
type: string
required:
- repository
type: object
glusterfs:
properties:
endpoints:
type: string
path:
type: string
readOnly:
type: boolean
required:
- endpoints
- path
type: object
hostPath:
properties:
path:
type: string
type:
type: string
required:
- path
type: object
iscsi:
properties:
chapAuthDiscovery:
type: boolean
chapAuthSession:
type: boolean
fsType:
type: string
initiatorName:
type: string
iqn:
type: string
iscsiInterface:
type: string
lun:
format: int32
type: integer
portals:
items:
type: string
type: array
readOnly:
type: boolean
secretRef:
properties:
name:
type: string
type: object
x-kubernetes-map-type: atomic
targetPortal:
type: string
required:
- iqn
- lun
- targetPortal
type: object
mountPath:
type: string
name:
type: string
nfs:
properties:
path:
type: string
readOnly:
type: boolean
server:
type: string
required:
- path
- server
type: object
persistentVolumeClaim:
properties:
claimName:
type: string
readOnly:
type: boolean
required:
- claimName
type: object
photonPersistentDisk:
properties:
fsType:
type: string
pdID:
type: string
required:
- pdID
type: object
portworxVolume:
properties:
fsType:
type: string
readOnly:
type: boolean
volumeID:
type: string
required:
- volumeID
type: object
projected:
properties:
defaultMode:
format: int32
type: integer
sources:
items:
properties:
configMap:
properties:
items:
items:
properties:
key:
type: string
mode:
format: int32
type: integer
path:
type: string
required:
- key
- path
type: object
type: array
name:
type: string
optional:
type: boolean
type: object
x-kubernetes-map-type: atomic
downwardAPI:
properties:
items:
items:
properties:
fieldRef:
properties:
apiVersion:
type: string
fieldPath:
type: string
required:
- fieldPath
type: object
x-kubernetes-map-type: atomic
mode:
format: int32
type: integer
path:
type: string
resourceFieldRef:
properties:
containerName:
type: string
divisor:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
resource:
type: string
required:
- resource
type: object
x-kubernetes-map-type: atomic
required:
- path
type: object
type: array
type: object
secret:
properties:
items:
items:
properties:
key:
type: string
mode:
format: int32
type: integer
path:
type: string
required:
- key
- path
type: object
type: array
name:
type: string
optional:
type: boolean
type: object
x-kubernetes-map-type: atomic
serviceAccountToken:
properties:
audience:
type: string
expirationSeconds:
format: int64
type: integer
path:
type: string
required:
- path
type: object
type: object
type: array
type: object
quobyte:
properties:
group:
type: string
readOnly:
type: boolean
registry:
type: string
tenant:
type: string
user:
type: string
volume:
type: string
required:
- registry
- volume
type: object
rbd:
properties:
fsType:
type: string
image:
type: string
keyring:
type: string
monitors:
items:
type: string
type: array
pool:
type: string
readOnly:
type: boolean
secretRef:
properties:
name:
type: string
type: object
x-kubernetes-map-type: atomic
user:
type: string
required:
- image
- monitors
type: object
readOnly:
type: boolean
scaleIO:
properties:
fsType:
type: string
gateway:
type: string
protectionDomain:
type: string
readOnly:
type: boolean
secretRef:
properties:
name:
type: string
type: object
x-kubernetes-map-type: atomic
sslEnabled:
type: boolean
storageMode:
type: string
storagePool:
type: string
system:
type: string
volumeName:
type: string
required:
- gateway
- secretRef
- system
type: object
secret:
properties:
defaultMode:
format: int32
type: integer
items:
items:
properties:
key:
type: string
mode:
format: int32
type: integer
path:
type: string
required:
- key
- path
type: object
type: array
optional:
type: boolean
secretName:
type: string
type: object
storageos:
properties:
fsType:
type: string
readOnly:
type: boolean
secretRef:
properties:
name:
type: string
type: object
x-kubernetes-map-type: atomic
volumeName:
type: string
volumeNamespace:
type: string
type: object
vsphereVolume:
properties:
fsType:
type: string
storagePolicyID:
type: string
storagePolicyName:
type: string
volumePath:
type: string
required:
- volumePath
type: object
required:
- mountPath
- name
type: object
type: array
profileType:
enum:
- pool
- webapptemplate
- template
- createtemplate
type: string
serviceAccountName:
type: string
templateName:
type: string
templateNamespace:
type: string
type: object
status:
type: object
type: object
served: true
storage: true
subresources: {}

88
rendered/manifests/k3s-dev/abinitio-system/ab-runtime-operator/apiextensions.k8s.io_v1_customresourcedefinition_cooperatingsystemruntimeresourcesrequests.cloud.abinitio.com.yaml Normal file
View File

@@ -0,0 +1,88 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
ab-installation-tag: main/b1566433-m1566221
meta.helm.sh/chart: ab-runtime-operator-2.4.3-a
name: cooperatingsystemruntimeresourcesrequests.cloud.abinitio.com
spec:
group: cloud.abinitio.com
names:
kind: CoOperatingSystemRuntimeResourcesRequest
listKind: CoOperatingSystemRuntimeResourcesRequestList
plural: cooperatingsystemruntimeresourcesrequests
singular: cooperatingsystemruntimeresourcesrequest
scope: Namespaced
versions:
- name: v1
schema:
openAPIV3Schema:
properties:
apiVersion:
type: string
kind:
type: string
metadata:
type: object
resourceRequests:
items:
properties:
agents:
items:
properties:
agentName:
type: string
argList:
items:
type: string
type: array
generation:
type: string
muxName:
type: string
resources:
properties:
claims:
items:
properties:
name:
type: string
required:
- name
type: object
type: array
x-kubernetes-list-map-keys:
- name
x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
type: object
requests:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
type: object
type: object
type: object
type: array
deleteAgentPvcWithAgent:
type: boolean
jobName:
type: string
jobTag:
type: string
required:
- jobName
type: object
type: array
type: object
served: true
storage: true

9886
rendered/manifests/k3s-dev/abinitio-system/ab-runtime-operator/apiextensions.k8s.io_v1_customresourcedefinition_cooperatingsystemruntimes.cloud.abinitio.com.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

9818
rendered/manifests/k3s-dev/abinitio-system/ab-runtime-operator/apiextensions.k8s.io_v1_customresourcedefinition_cooperatingsystemruntimetemplates.cloud.abinitio.com.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

95
rendered/manifests/k3s-dev/abinitio-system/ab-runtime-operator/apps_v1_deployment_abinitio-system-runtime-controller-manager.yaml Normal file
View File

@@ -0,0 +1,95 @@
apiVersion: apps/v1
kind: Deployment
metadata:
annotations:
ab-installation-tag: main/b1566433-m1566221
labels:
app.kubernetes.io/instance: ab-runtime-operator
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: ab-runtime-operator
control-plane: runtime-controller-manager
helm.sh/chart: ab-runtime-operator-2.4.3-a
name: abinitio-system-runtime-controller-manager
namespace: abinitio-system
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/instance: ab-runtime-operator
app.kubernetes.io/name: ab-runtime-operator
control-plane: runtime-controller-manager
strategy:
type: Recreate
template:
metadata:
annotations:
ab-installation-tag: main/b1566433-m1566221
meta.helm.sh/release-revision: "1"
labels:
app.kubernetes.io/instance: ab-runtime-operator
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: ab-runtime-operator
control-plane: runtime-controller-manager
helm.sh/chart: ab-runtime-operator-2.4.3-a
spec:
containers:
- args:
- --metrics-addr=0.0.0.0:8080
command:
- /manager
env:
- name: NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: NUMBER_OF_SHARDS
value: "0"
image: asia-southeast1-docker.pkg.dev/str-22391/cloudplatform-proxy/aidp/ab-runtime-operator:4.4.1.1-1
imagePullPolicy: IfNotPresent
name: manager
ports:
- containerPort: 8080
name: http
volumeMounts:
- mountPath: /disk1/conf/
name: ab-runtime-operator-config
- mountPath: /disk1/perm/
name: ab-runtime-operator-external-config-provider-permissions
- mountPath: /abinitio
name: abinitio-job-metrics-storage
- env:
- name: NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
image: asia-southeast1-docker.pkg.dev/str-22391/cloudplatform-proxy/aidp/ab-fluent-bit:4.4.1.1-1
imagePullPolicy: IfNotPresent
name: fluent-bit
ports:
- containerPort: 24224
name: fb
volumeMounts:
- mountPath: /fluent-bit/etc/
name: ab-runtime-operator-config
- mountPath: /abinitio
name: abinitio-job-metrics-storage
serviceAccountName: default
terminationGracePeriodSeconds: 10
volumes:
- configMap:
name: ab-runtime-operator-config
name: ab-runtime-operator-config
- name: ab-runtime-operator-external-config-provider-permissions
secret:
secretName: ab-runtime-operator-external-config-provider-permissions
- emptyDir:
sizeLimit: 200Mi
name: abinitio-job-metrics-storage

21
rendered/manifests/k3s-dev/abinitio-system/ab-runtime-operator/rbac.authorization.k8s.io_v1_clusterrole_abinitio-system-runtime-internal-manager-clusterrole.yaml Normal file
View File

@@ -0,0 +1,21 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: abinitio-system-runtime-internal-manager-clusterrole
rules:
- apiGroups:
- apiextensions.k8s.io
resources:
- customresourcedefinitions
verbs:
- get
- list
- apiGroups:
- admissionregistration.k8s.io
resourceNames:
- abinitio-system-runtime-controller-webhook
resources:
- mutatingwebhookconfigurations
verbs:
- get
- update

81
rendered/manifests/k3s-dev/abinitio-system/ab-runtime-operator/rbac.authorization.k8s.io_v1_clusterrole_abinitio-system-runtime-manager-role.yaml Normal file
View File

@@ -0,0 +1,81 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: abinitio-system-runtime-manager-role
rules:
- apiGroups:
- cloud.abinitio.com
resources:
- cooperatingsystemruntimeclaims
- cooperatingsystemruntimepools
- cooperatingsystemruntimeresourcesrequests
- cooperatingsystemruntimes
- cooperatingsystemruntimetemplates
verbs:
- create
- delete
- deletecollection
- get
- list
- patch
- update
- watch
- apiGroups:
- cloud.abinitio.com
resources:
- cooperatingsystemruntimeclaims/status
- cooperatingsystemruntimeclaims/finalizers
- cooperatingsystemruntimepools/status
- cooperatingsystemruntimepools/finalizers
- cooperatingsystemruntimeresourcesrequests/status
- cooperatingsystemruntimeresourcesrequests/finalizers
- cooperatingsystemruntimes/status
- cooperatingsystemruntimes/finalizers
- cooperatingsystemruntimetemplates/status
- cooperatingsystemruntimetemplates/finalizers
verbs:
- get
- patch
- update
- apiGroups:
- ""
resources:
- configmaps
- persistentvolumeclaims
- pods
- pods/finalizers
- secrets
- services
verbs:
- create
- delete
- deletecollection
- get
- list
- patch
- update
- watch
- apiGroups:
- ""
resources:
- endpoints
- limitranges
verbs:
- get
- list
- apiGroups:
- ""
resources:
- events
verbs:
- create
- patch
- update
- apiGroups:
- metrics.k8s.io
resources:
- pods
verbs:
- get
- list
- watch

12
rendered/manifests/k3s-dev/abinitio-system/ab-runtime-operator/rbac.authorization.k8s.io_v1_clusterrolebinding_abinitio-system-runtime-internal-manager-clusterrolebinding.yaml Normal file
View File

@@ -0,0 +1,12 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: abinitio-system-runtime-internal-manager-clusterrolebinding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: abinitio-system-runtime-internal-manager-clusterrole
subjects:
- kind: ServiceAccount
name: default
namespace: abinitio-system

12
rendered/manifests/k3s-dev/abinitio-system/ab-runtime-operator/rbac.authorization.k8s.io_v1_clusterrolebinding_abinitio-system-runtime-manager-rolebinding.yaml Normal file
View File

@@ -0,0 +1,12 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: abinitio-system-runtime-manager-rolebinding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: abinitio-system-runtime-manager-role
subjects:
- kind: ServiceAccount
name: default
namespace: abinitio-system

19
rendered/manifests/k3s-dev/abinitio-system/ab-runtime-operator/rbac.authorization.k8s.io_v1_role_cooperatingsystemruntime-role.yaml Normal file
View File

@@ -0,0 +1,19 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: cooperatingsystemruntime-role
namespace: abinitio-system
rules:
- apiGroups:
- ""
resources:
- limitranges
verbs:
- list
- apiGroups:
- cloud.abinitio.com
resources:
- cooperatingsystemruntimes
verbs:
- get
- patch

12
rendered/manifests/k3s-dev/abinitio-system/ab-runtime-operator/rbac.authorization.k8s.io_v1_rolebinding_run-cooperatingsystemruntime-rolebinding.yaml Normal file
View File

@@ -0,0 +1,12 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: run-cooperatingsystemruntime-rolebinding
namespace: abinitio-system
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: cooperatingsystemruntime-role
subjects:
- kind: ServiceAccount
name: abinitio-sa

56
rendered/manifests/k3s-dev/abinitio-system/ab-runtime-operator/v1_configmap_ab-runtime-operator-config.yaml Normal file
View File

@@ -0,0 +1,56 @@
apiVersion: v1
data:
fluent-bit.conf: |
[SERVICE]
Flush 1
Log_Level info
Daemon off
@INCLUDE input.conf
input.conf: |
[INPUT]
Name TCP
Listen localhost
Port 24225
Tag operator-logs
Format json
Chunk_Size 1024
Buffer_Size 2048
operator-config.conf: |
number_of_shards: 0
logging_enabled: true
# To override operator's default of 'true', we explicitly set post_events
# to 'false', when the corresponding Helm chart value is empty.
post_events: true
client_throttling_burst: 100
client_throttling_qps: 50
default_certificate_duration: 7
certificate_renewal_grace_period: 1
audit_interval: 60
metrics_retention_period: 60
load_update_grace_period: 300
pool_min_idle_period: 600
pvc_retention_period: 30 days
pool_pvc_retention_period: 90 days
pvc_usage_period: 0
metrics_service_name: abinitio-system-runtime-controller-manager
metrics_server_port: 9882
metrics_level: default
external_config_provider_enabled: true
external_config_provider_port: 2379
external_config_provider_name: abinitio-system-runtime-controller-manager
external_config_provider_dynamic_permissions: false
mux_proxy_mode: Disabled
mux_proxy_port: 6344
mux_proxy_name: abinitio-system-runtime-controller-manager
webhook_server_enabled: true
webhook_server_port: 9443
webhook_server_name: abinitio-system-runtime-controller-webhook
webhook_configuration_name: abinitio-system-runtime-controller-webhook
pbkdf2_iterations: 0
# to restrict operator permissions set ab_namespace_restrict to true
# and add namespaces for jobs under ab_job_namespaces
ab_namespace_restrict: false
kind: ConfigMap
metadata:
name: ab-runtime-operator-config
namespace: abinitio-system

8
rendered/manifests/k3s-dev/abinitio-system/ab-runtime-operator/v1_secret_ab-runtime-operator-external-config-provider-permissions.yaml Normal file
View File

@@ -0,0 +1,8 @@
apiVersion: v1
data:
config-provider-permissions.yaml: IyBUaGlzIGZpbGUgc3BlY2lmaWVzIHdoaWNoIGFnZW50cyAocG9kcykgYXJlIGFsbG93ZWQgdG8gcmVxdWVzdCBjb25maWd1cmF0aW9ucwojIG9mIGJyaWRnZXMgdXNpbmcgZXRjZCBjb25maWcgcHJvdmlkZXIgaW50ZXJmYWNlIGV4cG9zZWQgYnkgdGhlIG9wZXJhdG9yLgojIFRoZSBmaWxlIGNvbnNpc3RzIG9mIGEgc2V0IG9mIGFnZW50cyBzcGVjaWZpZWQgYnkgdGhlaXIgbmFtZSBhbmQgbmFtZXNwYWNlLgojIEZvciBlYWNoIGFnZW50IHRoZSBmaWxlIHNwZWNpZmllcyBhIGxpc3Qgb2YgYnJpZGdlcyB0aGF0IGFnZW50IGlzIGFsbG93ZWQKIyB0byByZXF1ZXN0IGNvbmZpZyBmb3IuIEVhY2ggYnJpZGdlIGlzIHNwZWNpZmllZCBieSBpdHMgbmFtZSBrZXkgYW5kIG9wdGlvbmFsCiMgbmFtZXNwYWNlOiBbPG5hbWVzcGFjZT46XTxuYW1lIGtleT4uIElmIG5hbWVzcGFjZSBpcyBvbWl0dGVkLCBpdCBpcyBhc3N1bWVkCiMgdG8gYmUgdGhlIG5hbWVzcGFjZSBvZiB0aGUgYWdlbnQuCiMKIyBUaGUgZmlsZSBzdXBwb3J0cyB0YWlsIHdpbGRjYXJkcyBmb3IgbmFtZXMgYW5kIG5hbWVzcGFjZXM6IGlmIGEgbmFtZSBlbmRzIHdpdGgKIyAnKicgaXQgbWF0Y2hlcyBhbGwgbmFtZXMgYmVnaW5uaW5nIHdpdGggdGhlIGNoYXJhY3RlcnMgcHJlY2VkaW5nIHRoZSAgJyonLiBGb3IKIyBleGFtcGxlLCAnYnJpZGdlLSonIG1hdGNoZXMgbmFtZXMgJ2JyaWRnZS0xJywgJ2JyaWRnZS0yJywgJ2JyaWRnZS1mb3ItdGVzdCcsCiMgZXRjLiBBIHNpbmdsZSAnKicgY2hhcmFjdGVyIG1hdGNoZXMgYWxsIG5hbWVzLgojCiMgTm90ZTogdGhlIGJyaWRnZSBuYW1lIGtleSBtYXkgcmVmZXIgdG8gdGhlIGFjdHVhbCBwb2Qgd2hlcmUgdGhlIGNsaWVudHMgd2FudCB0bwojIGNvbm5lY3QuIFRoZXJlZm9yZSwgaXQgaXMgcmVjb21tZW5kZWQgdG8gdXNlIHRhaWwgd2lsZGNhcmQgdG8gaWdub3JlIHBvc3NpYmxlCiMgcG9kIG5hbWUgc3VmZml4ZXMgbGlrZSAnLWxhdW5jaGVyLTAnLgojCiMgVGhlIGZvbGxvd2luZyBleGFtcGxlIGRlZmluZXMgcGVybWlzc2lvbnMgZm9yIGFsbCBhZ2VudHMgaW4gYWxsIG5hbWVzcGFjZXMgdG8KIyBmZXRjaCBjb25maWd1cmF0aW9uIG9mIGFueSBicmlkZ2UgaW4gdGhlaXIgb3duIG5hbWVzcGFjZToKLS0tCnBlcm1pc3Npb25zOgogIC0gbmFtZTogJyonCiAgICBuYW1lc3BhY2U6ICcqJwogICAgIyBPcHRpb25hbCBCZWFyZXIgdG9rZW4gaW4gdGhlIEF1dGhvcml6YXRpb24gaGVhZGVyIG9mIHRoZSByZXF1ZXN0LgogICAgIyBhdXRob3JpemF0aW9uVG9rZW46IC4uLgogICAgYnJpZGdlczoKICAgICAgLSAnKicK
kind: Secret
metadata:
name: ab-runtime-operator-external-config-provider-permissions
namespace: abinitio-system
type: Opaque

30
rendered/manifests/k3s-dev/abinitio-system/ab-runtime-operator/v1_service_abinitio-system-runtime-controller-manager.yaml Normal file
View File

@@ -0,0 +1,30 @@
apiVersion: v1
kind: Service
metadata:
labels:
app.kubernetes.io/instance: ab-runtime-operator
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: ab-runtime-operator
control-plane: runtime-controller-manager
helm.sh/chart: ab-runtime-operator-2.4.3-a
name: abinitio-system-runtime-controller-manager
namespace: abinitio-system
spec:
clusterIP: None
ports:
- name: metrics
port: 8080
protocol: TCP
targetPort: 8080
- name: push-metrics
port: 9882
protocol: TCP
targetPort: 9882
- name: ext-config-provider
port: 2379
protocol: TCP
targetPort: 2379
selector:
app.kubernetes.io/instance: ab-runtime-operator
app.kubernetes.io/name: ab-runtime-operator
control-plane: runtime-controller-manager

21
rendered/manifests/k3s-dev/abinitio-system/ab-runtime-operator/v1_service_abinitio-system-runtime-controller-webhook.yaml Normal file
View File

@@ -0,0 +1,21 @@
apiVersion: v1
kind: Service
metadata:
labels:
app.kubernetes.io/instance: ab-runtime-operator
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: ab-runtime-operator
control-plane: runtime-controller-manager
helm.sh/chart: ab-runtime-operator-2.4.3-a
name: abinitio-system-runtime-controller-webhook
namespace: abinitio-system
spec:
ports:
- name: webhook
port: 9443
protocol: TCP
targetPort: 9443
selector:
app.kubernetes.io/instance: ab-runtime-operator
app.kubernetes.io/name: ab-runtime-operator
control-plane: runtime-controller-manager