istioctl/cmd/testdata/uninject/cronjob.yaml.injected - dubbo-go-pixiu - Git at Google

 apiVersion: batch/v2alpha1
 kind: CronJob
 metadata:
   creationTimestamp: null
   name: hellocron
 spec:
   jobTemplate:
     metadata:
       annotations:
         sidecar.istio.io/interceptionMode: REDIRECT
         sidecar.istio.io/status: '{"version":"","initContainers":["istio-init"],"containers":["istio-proxy"],"volumes":["istio-envoy","istio-certs"],"imagePullSecrets":null}'
         traffic.sidecar.istio.io/excludeInboundPorts: "15020"
         traffic.sidecar.istio.io/includeOutboundIPRanges: '*'
       creationTimestamp: null
     spec:
       template:
         metadata:
           creationTimestamp: null
         spec:
           containers:
           - args:
             - /bin/sh
             - -c
             - date; echo Hello from the Kubernetes cluster
             image: busybox
             name: hello
             resources: {}
           - args:
             - proxy
             - sidecar
             - --domain
             - $(POD_NAMESPACE).svc.cluster.local
             - --configPath
             - /etc/istio/proxy
             - --binaryPath
             - /usr/local/bin/envoy
             - --serviceCluster
             - hellocron.default
             - --drainDuration
             - 45s
             - --parentShutdownDuration
             - 1m0s
             - --discoveryAddress
             - istio-pilot:15010
             - --dnsRefreshRate
             - 300s
             - --connectTimeout
             - 1s
             - --proxyAdminPort
             - "15000"
             - --controlPlaneAuthPolicy
             - NONE
             - --statusPort
             - "15020"
             - --applicationPorts
             - ""
             - --concurrency
             - "2"
             env:
             - name: POD_NAME
               valueFrom:
                 fieldRef:
                   fieldPath: metadata.name
             - name: POD_NAMESPACE
               valueFrom:
                 fieldRef:
                   fieldPath: metadata.namespace
             - name: INSTANCE_IP
               valueFrom:
                 fieldRef:
                   fieldPath: status.podIP
             - name: ISTIO_META_POD_NAME
               valueFrom:
                 fieldRef:
                   fieldPath: metadata.name
             - name: ISTIO_META_CONFIG_NAMESPACE
               valueFrom:
                 fieldRef:
                   fieldPath: metadata.namespace
             - name: ISTIO_META_INTERCEPTION_MODE
               value: REDIRECT
             - name: ISTIO_META_INCLUDE_INBOUND_PORTS
             image: docker.io/istio/proxyv2:unittest
             imagePullPolicy: IfNotPresent
             name: istio-proxy
             ports:
             - containerPort: 15090
               name: http-envoy-prom
               protocol: TCP
             readinessProbe:
               failureThreshold: 30
               httpGet:
                 path: /healthz/ready
                 port: 15020
               initialDelaySeconds: 1
               periodSeconds: 2
             resources:
               limits:
                 cpu: "2"
                 memory: 1Gi
               requests:
                 cpu: 100m
                 memory: 128Mi
             securityContext:
               allowPrivilegeEscalation: false
               capabilities:
                 drop:
                 - ALL
               privileged: false
               readOnlyRootFilesystem: true
               runAsGroup: 1337
               runAsNonRoot: true
               runAsUser: 1337
             volumeMounts:
             - mountPath: /etc/istio/proxy
               name: istio-envoy
             - mountPath: /etc/certs/
               name: istio-certs
               readOnly: true
           initContainers:
           - args:
             - -p
             - "15001"
             - -u
             - "1337"
             - -m
             - REDIRECT
             - -i
             - '*'
             - -x
             - ""
             - -b
             - ""
             - -d
             - "15090,15020"
             image: docker.io/istio/proxy_init:unittest
             imagePullPolicy: IfNotPresent
             name: istio-init
             resources:
               limits:
                 cpu: 100m
                 memory: 50Mi
               requests:
                 cpu: 10m
                 memory: 10Mi
             securityContext:
               allowPrivilegeEscalation: false
               capabilities:
                 add:
                 - NET_ADMIN
                 - NET_RAW
                 drop:
                 - ALL
               privileged: false
               readOnlyRootFilesystem: false
               runAsGroup: 0
               runAsNonRoot: false
               runAsUser: 0
           restartPolicy: OnFailure
           volumes:
           - emptyDir:
               medium: Memory
             name: istio-envoy
           - name: istio-certs
             secret:
               optional: true
               secretName: istio.default
   schedule: '*/1 * * * *'
 status: {}
 ---
	apiVersion: batch/v2alpha1
	kind: CronJob
	metadata:
	creationTimestamp: null
	name: hellocron
	spec:
	jobTemplate:
	metadata:
	annotations:
	sidecar.istio.io/interceptionMode: REDIRECT
	sidecar.istio.io/status: '{"version":"","initContainers":["istio-init"],"containers":["istio-proxy"],"volumes":["istio-envoy","istio-certs"],"imagePullSecrets":null}'
	traffic.sidecar.istio.io/excludeInboundPorts: "15020"
	traffic.sidecar.istio.io/includeOutboundIPRanges: '*'
	creationTimestamp: null
	spec:
	template:
	metadata:
	creationTimestamp: null
	spec:
	containers:
	- args:
	- /bin/sh
	- -c
	- date; echo Hello from the Kubernetes cluster
	image: busybox
	name: hello
	resources: {}
	- args:
	- proxy
	- sidecar
	- --domain
	- $(POD_NAMESPACE).svc.cluster.local
	- --configPath
	- /etc/istio/proxy
	- --binaryPath
	- /usr/local/bin/envoy
	- --serviceCluster
	- hellocron.default
	- --drainDuration
	- 45s
	- --parentShutdownDuration
	- 1m0s
	- --discoveryAddress
	- istio-pilot:15010
	- --dnsRefreshRate
	- 300s
	- --connectTimeout
	- 1s
	- --proxyAdminPort
	- "15000"
	- --controlPlaneAuthPolicy
	- NONE
	- --statusPort
	- "15020"
	- --applicationPorts
	- ""
	- --concurrency
	- "2"
	env:
	- name: POD_NAME
	valueFrom:
	fieldRef:
	fieldPath: metadata.name
	- name: POD_NAMESPACE
	valueFrom:
	fieldRef:
	fieldPath: metadata.namespace
	- name: INSTANCE_IP
	valueFrom:
	fieldRef:
	fieldPath: status.podIP
	- name: ISTIO_META_POD_NAME
	valueFrom:
	fieldRef:
	fieldPath: metadata.name
	- name: ISTIO_META_CONFIG_NAMESPACE
	valueFrom:
	fieldRef:
	fieldPath: metadata.namespace
	- name: ISTIO_META_INTERCEPTION_MODE
	value: REDIRECT
	- name: ISTIO_META_INCLUDE_INBOUND_PORTS
	image: docker.io/istio/proxyv2:unittest
	imagePullPolicy: IfNotPresent
	name: istio-proxy
	ports:
	- containerPort: 15090
	name: http-envoy-prom
	protocol: TCP
	readinessProbe:
	failureThreshold: 30
	httpGet:
	path: /healthz/ready
	port: 15020
	initialDelaySeconds: 1
	periodSeconds: 2
	resources:
	limits:
	cpu: "2"
	memory: 1Gi
	requests:
	cpu: 100m
	memory: 128Mi
	securityContext:
	allowPrivilegeEscalation: false
	capabilities:
	drop:
	- ALL
	privileged: false
	readOnlyRootFilesystem: true
	runAsGroup: 1337
	runAsNonRoot: true
	runAsUser: 1337
	volumeMounts:
	- mountPath: /etc/istio/proxy
	name: istio-envoy
	- mountPath: /etc/certs/
	name: istio-certs
	readOnly: true
	initContainers:
	- args:
	- -p
	- "15001"
	- -u
	- "1337"
	- -m
	- REDIRECT
	- -i
	- '*'
	- -x
	- ""
	- -b
	- ""
	- -d
	- "15090,15020"
	image: docker.io/istio/proxy_init:unittest
	imagePullPolicy: IfNotPresent
	name: istio-init
	resources:
	limits:
	cpu: 100m
	memory: 50Mi
	requests:
	cpu: 10m
	memory: 10Mi
	securityContext:
	allowPrivilegeEscalation: false
	capabilities:
	add:
	- NET_ADMIN
	- NET_RAW
	drop:
	- ALL
	privileged: false
	readOnlyRootFilesystem: false
	runAsGroup: 0
	runAsNonRoot: false
	runAsUser: 0
	restartPolicy: OnFailure
	volumes:
	- emptyDir:
	medium: Memory
	name: istio-envoy
	- name: istio-certs
	secret:
	optional: true
	secretName: istio.default
	schedule: '/1 * * *'
	status: {}
	---