-
Notifications
You must be signed in to change notification settings - Fork 2.7k
/
demo-customcalls.yaml
136 lines (136 loc) · 2.96 KB
/
demo-customcalls.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
kind: ServiceAccount
apiVersion: v1
metadata:
name: app1-account
---
kind: ServiceAccount
apiVersion: v1
metadata:
name: app2-account
---
apiVersion: v1
kind: Service
metadata:
name: app1-service
spec:
ports:
- name: http
port: 80
protocol: TCP
- name: tftp
port: 69
protocol: UDP
selector:
id: app1
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: app1
spec:
selector:
matchLabels:
id: app1
zgroup: testapp
replicas: 1
template:
metadata:
labels:
id: app1
zgroup: testapp
spec:
serviceAccountName: app1-account
terminationGracePeriodSeconds: 0
containers:
- name: web
image: docker.io/cilium/demo-httpd:1.0
imagePullPolicy: IfNotPresent
ports:
- containerPort: 80
readinessProbe:
httpGet:
path: /
port: 80
- name: udp
image: docker.io/cilium/echoserver-udp:v2020.01.30
imagePullPolicy: IfNotPresent
ports:
- containerPort: 69
protocol: UDP
nodeSelector:
"cilium.io/ci-node": k8s1
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: app2
spec:
selector:
matchLabels:
id: app2
zgroup: testapp
appSecond: "true"
replicas: 1
template:
metadata:
labels:
id: app2
zgroup: testapp
appSecond: "true"
spec:
serviceAccountName: app2-account
terminationGracePeriodSeconds: 0
containers:
- name: app-frontend
image: docker.io/cilium/demo-client:1.0
imagePullPolicy: IfNotPresent
command: [ "sleep" ]
args:
- "1000h"
# We want the two pods to be on separate nodes, the egress custom tail
# call hook for socket-based load-balancing is not supported yet.
nodeSelector:
"cilium.io/ci-node": k8s2
---
apiVersion: v1
kind: Pod
metadata:
name: bytecounter-compiler
spec:
containers:
- name: cilium-builder
image: quay.io/cilium/cilium-builder:330ca61256fedd7b8cbfc34b31316c97d1880876@sha256:e535425dd77cf29f289fa402d8811491617e2b8fe741db4a36ca6acc590006c1
workingDir: /cilium
command: ["sleep"]
args:
- "1000h"
securityContext:
capabilities:
add:
- NET_ADMIN
- SYS_MODULE
privileged: true
volumeMounts:
- mountPath: /sys/fs/bpf
name: bpf-maps
- mountPath: /cilium
name: cilium-src
volumes:
- hostPath:
path: /sys/fs/bpf
type: DirectoryOrCreate
name: bpf-maps
- hostPath:
path: /home/vagrant/go/src/github.com/cilium/cilium
type: Directory
name: cilium-src
# We need the following toleration overwrite because the pod is used with
# Cilium uninstalled, so the network isn't ready.
tolerations:
- key: "node.kubernetes.io/not-ready"
operator: "Exists"
- key: "node.kubernetes.io/unreachable"
operator: "Exists"
hostNetwork: true
nodeSelector:
"cilium.io/ci-node": k8s2