From 455a1910cc29803fc46e78dce5ac48ab88521a07 Mon Sep 17 00:00:00 2001 From: Josh Mize Date: Wed, 15 Aug 2018 19:43:35 -0500 Subject: [PATCH] WIP: port k8s agent daemonset deployment for #461 --- k8s/Dockerfile | 9 +++++++++ k8s/daemonset.yaml | 46 ++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 55 insertions(+) create mode 100644 k8s/Dockerfile create mode 100644 k8s/daemonset.yaml diff --git a/k8s/Dockerfile b/k8s/Dockerfile new file mode 100644 index 00000000..96d630e4 --- /dev/null +++ b/k8s/Dockerfile @@ -0,0 +1,9 @@ +FROM debian:stretch-slim + +ADD mig-agent_20180803-0.e8eb90a.prod_amd64.deb . +#TODO: copy from public s3 +RUN dpkg -i mig-agent_20180803-0.e8eb90a.prod_amd64.deb + +RUN apt update && apt install -y ca-certificates + +CMD ["/sbin/mig-agent", "-f"] diff --git a/k8s/daemonset.yaml b/k8s/daemonset.yaml new file mode 100644 index 00000000..3ffb6d83 --- /dev/null +++ b/k8s/daemonset.yaml @@ -0,0 +1,46 @@ +apiVersion: extensions/v1beta1 +kind: DaemonSet +metadata: + name: mig-daemon + namespace: mig +spec: + updateStrategy: + type: RollingUpdate + template: + metadata: + labels: + name: mig-ds + spec: + hostPID: true + hostNetwork: true + containers: + - name: mig-agent + image: quay.io/mozmar/mig:8a3f0aaa97dccc808919f7cc561927571980893b + securityContext: + privileged: true + capabilities: + add: + - SYS_PTRACE + volumeMounts: + - name: mig-agent-secrets + mountPath: "/etc/mig" + readOnly: true + - name: root-fs + mountPath: /rootfs + volumes: + - name: root-fs + hostPath: + path: / + - name: mig-agent-secrets + secret: + secretName: "mig-agent-secrets" + items: + - key: agent.crt + path: agent.crt + - key: agent.key + path: agent.key + - key: ca.crt + path: ca.crt + - key: mig-agent.cfg + path: mig-agent.cfg +