vendor/k8s.io/kubernetes/cluster/addons/metadata-proxy/gce/metadata-proxy.yaml - cloudstack-kubernetes-provider - Git at Google

 apiVersion: v1
 kind: ServiceAccount
 metadata:
   name: metadata-proxy
   namespace: kube-system
   labels:
     k8s-app: metadata-proxy
     kubernetes.io/cluster-service: "true"
     addonmanager.kubernetes.io/mode: Reconcile
 ---
 apiVersion: extensions/v1beta1
 kind: DaemonSet
 metadata:
   name: metadata-proxy-v0.1
   namespace: kube-system
   labels:
     k8s-app: metadata-proxy
     kubernetes.io/cluster-service: "true"
     addonmanager.kubernetes.io/mode: Reconcile
     version: v0.1
 spec:
   updateStrategy:
     type: RollingUpdate
   template:
     metadata:
       labels:
         k8s-app: metadata-proxy
         kubernetes.io/cluster-service: "true"
         version: v0.1
       # This annotation ensures that the proxy does not get evicted if the node
       # supports critical pod annotation based priority scheme.
       # Note that this does not guarantee admission on the nodes (#40573).
       annotations:
         scheduler.alpha.kubernetes.io/critical-pod: ''
     spec:
       priorityClassName: system-node-critical
       serviceAccountName: metadata-proxy
       hostNetwork: true
       dnsPolicy: Default
       tolerations:
       - operator: "Exists"
         effect: "NoExecute"
       - operator: "Exists"
         effect: "NoSchedule"
       containers:
       - name: metadata-proxy
         image: k8s.gcr.io/metadata-proxy:v0.1.10
         securityContext:
           privileged: true
         # Request and limit resources to get guaranteed QoS.
         resources:
           requests:
             memory: "25Mi"
             cpu: "30m"
           limits:
             memory: "25Mi"
             cpu: "30m"
       # BEGIN_PROMETHEUS_TO_SD
       - name: prometheus-to-sd-exporter
         image: k8s.gcr.io/prometheus-to-sd:v0.3.1
         # Request and limit resources to get guaranteed QoS.
         resources:
           requests:
             memory: "20Mi"
             cpu: "2m"
           limits:
             memory: "20Mi"
             cpu: "2m"
         command:
           - /monitor
           - --stackdriver-prefix={{ prometheus_to_sd_prefix }}/addons
           - --api-override={{ prometheus_to_sd_endpoint }}
           - --source=metadata_proxy:http://127.0.0.1:989?whitelisted=request_count
           - --pod-id=$(POD_NAME)
           - --namespace-id=$(POD_NAMESPACE)
         env:
           - name: POD_NAME
             valueFrom:
               fieldRef:
                 fieldPath: metadata.name
           - name: POD_NAMESPACE
             valueFrom:
               fieldRef:
                 fieldPath: metadata.namespace
       # END_PROMETHEUS_TO_SD
       nodeSelector:
         beta.kubernetes.io/metadata-proxy-ready: "true"
       terminationGracePeriodSeconds: 30
	apiVersion: v1
	kind: ServiceAccount
	metadata:
	name: metadata-proxy
	namespace: kube-system
	labels:
	k8s-app: metadata-proxy
	kubernetes.io/cluster-service: "true"
	addonmanager.kubernetes.io/mode: Reconcile
	---
	apiVersion: extensions/v1beta1
	kind: DaemonSet
	metadata:
	name: metadata-proxy-v0.1
	namespace: kube-system
	labels:
	k8s-app: metadata-proxy
	kubernetes.io/cluster-service: "true"
	addonmanager.kubernetes.io/mode: Reconcile
	version: v0.1
	spec:
	updateStrategy:
	type: RollingUpdate
	template:
	metadata:
	labels:
	k8s-app: metadata-proxy
	kubernetes.io/cluster-service: "true"
	version: v0.1
	# This annotation ensures that the proxy does not get evicted if the node
	# supports critical pod annotation based priority scheme.
	# Note that this does not guarantee admission on the nodes (#40573).
	annotations:
	scheduler.alpha.kubernetes.io/critical-pod: ''
	spec:
	priorityClassName: system-node-critical
	serviceAccountName: metadata-proxy
	hostNetwork: true
	dnsPolicy: Default
	tolerations:
	- operator: "Exists"
	effect: "NoExecute"
	- operator: "Exists"
	effect: "NoSchedule"
	containers:
	- name: metadata-proxy
	image: k8s.gcr.io/metadata-proxy:v0.1.10
	securityContext:
	privileged: true
	# Request and limit resources to get guaranteed QoS.
	resources:
	requests:
	memory: "25Mi"
	cpu: "30m"
	limits:
	memory: "25Mi"
	cpu: "30m"
	# BEGIN_PROMETHEUS_TO_SD
	- name: prometheus-to-sd-exporter
	image: k8s.gcr.io/prometheus-to-sd:v0.3.1
	# Request and limit resources to get guaranteed QoS.
	resources:
	requests:
	memory: "20Mi"
	cpu: "2m"
	limits:
	memory: "20Mi"
	cpu: "2m"
	command:
	- /monitor
	- --stackdriver-prefix={{ prometheus_to_sd_prefix }}/addons
	- --api-override={{ prometheus_to_sd_endpoint }}
	- --source=metadata_proxy:http://127.0.0.1:989?whitelisted=request_count
	- --pod-id=$(POD_NAME)
	- --namespace-id=$(POD_NAMESPACE)
	env:
	- name: POD_NAME
	valueFrom:
	fieldRef:
	fieldPath: metadata.name
	- name: POD_NAMESPACE
	valueFrom:
	fieldRef:
	fieldPath: metadata.namespace
	# END_PROMETHEUS_TO_SD
	nodeSelector:
	beta.kubernetes.io/metadata-proxy-ready: "true"
	terminationGracePeriodSeconds: 30