Feature #TASK_QT-15938 容器化部署

cloudwise-apm-euspace.yaml

@@ -1,13 +1,13 @@
 apiVersion: v1
 kind: Namespace
 metadata:
-  name: cloudwise-apm
+  name: cloudwise
 ---
 apiVersion: apps/v1
 kind: DaemonSet
 metadata:
   name: cloudwise-apm-euspace
-  namespace: cloudwise-apm
+  namespace: cloudwise
 spec:
   selector:
     matchLabels:
@@ -16,11 +16,13 @@ spec:
     metadata:
       annotations:
         container.apparmor.security.beta.kubernetes.io/cloudwise-apm-euspace: unconfined
+      name: cloudwise-apm-euspace
+      namespace: cloudwise
       labels:
         app: cloudwise-apm-euspace
     spec:
       hostPID: true
-      nodeSelector: 
+      nodeSelector:
         kubernetes.io/os: linux
         kubernetes.io/arch: amd64
       containers:
@@ -90,3 +92,44 @@ spec:
           hostPath:
             path: /tmp
             type: Directory   
+---
+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: euspace-agent-role
+rules:
+  - apiGroups: [""]
+    resources:
+      - nodes
+      - namespaces
+      - configmaps
+      - services
+      - pods
+      - replicationcontrollers
+    verbs: ["get", "list", "watch"]
+  - apiGroups: ["apps"]
+    resources:
+      - daemonsets
+      - deployments
+      - replicasets
+      - statefulsets
+    verbs: ["get", "list", "watch"]
+  - apiGroups: ["extensions", "networking.k8s.io"]
+    resources: ["ingresses"]
+    verbs: ["get", "list", "watch"]
+  - apiGroups: ["route.openshift.io"]
+    resources: ["routes"]
+    verbs: ["get", "list", "watch"]
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: cw-agent-view-binding
+subjects:
+  - kind: ServiceAccount
+    name: default
+    namespace: cloudwise
+roleRef:
+  kind: ClusterRole
+  name: euspace-agent-role
+  apiGroup: rbac.authorization.k8s.io