| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150 |
- apiVersion: apps/v1
- kind: DaemonSet
- metadata:
- name: cloudwise-apm-euspace
- namespace: cloudwise
- spec:
- selector:
- matchLabels:
- app: cloudwise-apm-euspace
- template:
- metadata:
- annotations:
- container.apparmor.security.beta.kubernetes.io/cloudwise-apm-euspace: unconfined
- name: cloudwise-apm-euspace
- namespace: cloudwise
- labels:
- app: cloudwise-apm-euspace
- spec:
- hostPID: true
- hostNetwork: true
- nodeSelector:
- kubernetes.io/os: linux
- kubernetes.io/arch: amd64
- containers:
- - name: cloudwise-apm-euspace
- image: harbor.cloudwise.com/apm/euspace-agent:1.6.1-dev-amd64
- imagePullPolicy: IfNotPresent
- args: ["--listen", "0.0.0.0:8123", "--cgroupfs-root", "/host/sys/fs/cgroup","--run-in-container"]
- ports:
- - containerPort: 8123
- name: http
- securityContext:
- privileged: true
- runAsUser: 0
- volumeMounts:
- - name: sys-fs-cgroup
- mountPath: /host/sys/fs/cgroup
- readOnly: true
- - name: sys-kernel-debug
- mountPath: /sys/kernel/debug
- readOnly: true
- - name: host-usr
- mountPath: /host/usr
- readOnly: true
- mountPropagation: HostToContainer
- - name: host-var
- mountPath: /host/var
- readOnly: false
- mountPropagation: HostToContainer
- - name: host-run
- mountPath: /host/run
- readOnly: false
- mountPropagation: HostToContainer
- - name: host-tmp
- mountPath: /host/tmp
- readOnly: false
- mountPropagation: HostToContainer
- env:
- - name: CONFIG_SERVER
- value: ''
- - name: DATA_SERVER
- value: ''
- - name: LICENSE_KEY
- value: 'J45Engw88NeHUZ4Q7qNsK8L47FTH**QvgW113IEnsNaBNMR5zZ**oj/g!!!!'
- - name: MYSQL_DEFAULT
- value: 'mariadb'
- - name: DISABLE_E2E_TRACING
- value: 'false'
- - name: DISABLE_STACK_TRACING
- value: 'true'
- - name: DISABLE_REG_HOST
- value: 'false'
- - name: CONSOLE_LOG
- value: 'true'
- - name: LOG_LEVEL
- value: 'info'
- - name: SEND
- value: '1'
- - name: INSECURE_SKIP_VERIFY
- value: 'true'
- - name: node_ip
- valueFrom:
- fieldRef:
- fieldPath: status.hostIP
- - name: REGISTER_APP_TO_DOOP
- value: 'true'
- volumes:
- - name: sys-fs-cgroup
- hostPath:
- path: /sys/fs/cgroup
- - name: sys-kernel-debug
- hostPath:
- path: /sys/kernel/debug
- - name: host-usr
- hostPath:
- path: /usr
- type: Directory
- - name: host-var
- hostPath:
- path: /var
- type: Directory
- - name: host-run
- hostPath:
- path: /run
- type: Directory
- - name: host-tmp
- hostPath:
- path: /tmp
- type: Directory
- ---
- kind: ClusterRole
- apiVersion: rbac.authorization.k8s.io/v1
- metadata:
- name: euspace-agent-role
- rules:
- - apiGroups: [""]
- resources:
- - nodes
- - namespaces
- - configmaps
- - services
- - pods
- - replicationcontrollers
- verbs: ["get", "list", "watch"]
- - apiGroups: ["apps"]
- resources:
- - daemonsets
- - deployments
- - replicasets
- - statefulsets
- verbs: ["get", "list", "watch"]
- - apiGroups: ["extensions", "networking.k8s.io"]
- resources: ["ingresses"]
- verbs: ["get", "list", "watch"]
- - apiGroups: ["route.openshift.io"]
- resources: ["routes"]
- verbs: ["get", "list", "watch"]
- ---
- apiVersion: rbac.authorization.k8s.io/v1
- kind: ClusterRoleBinding
- metadata:
- name: cw-agent-view-binding
- subjects:
- - kind: ServiceAccount
- name: default
- namespace: cloudwise
- roleRef:
- kind: ClusterRole
- name: euspace-agent-role
- apiGroup: rbac.authorization.k8s.io
|
