fix: add tolerations / affinity to cert-manager (#8389)
Signed-off-by: Cyril Corbon <corboncyril@gmail.com>
This commit is contained in:
parent
135c9b29a7
commit
86953b2ac4
3 changed files with 57 additions and 0 deletions
|
@ -130,6 +130,24 @@ ingress_alb_enabled: false
|
||||||
# Cert manager deployment
|
# Cert manager deployment
|
||||||
cert_manager_enabled: false
|
cert_manager_enabled: false
|
||||||
# cert_manager_namespace: "cert-manager"
|
# cert_manager_namespace: "cert-manager"
|
||||||
|
# cert_manager_tolerations:
|
||||||
|
# - key: node-role.kubernetes.io/master
|
||||||
|
# effect: NoSchedule
|
||||||
|
# - key: node-role.kubernetes.io/control-plane
|
||||||
|
# effect: NoSchedule
|
||||||
|
# cert_manager_affinity:
|
||||||
|
# nodeAffinity:
|
||||||
|
# preferredDuringSchedulingIgnoredDuringExecution:
|
||||||
|
# - weight: 100
|
||||||
|
# preference:
|
||||||
|
# matchExpressions:
|
||||||
|
# - key: node-role.kubernetes.io/control-plane
|
||||||
|
# operator: In
|
||||||
|
# values:
|
||||||
|
# - ""
|
||||||
|
# cert_manager_nodeselector:
|
||||||
|
# kubernetes.io/os: "linux"
|
||||||
|
|
||||||
# cert_manager_trusted_internal_ca: |
|
# cert_manager_trusted_internal_ca: |
|
||||||
# -----BEGIN CERTIFICATE-----
|
# -----BEGIN CERTIFICATE-----
|
||||||
# [REPLACE with your CA certificate]
|
# [REPLACE with your CA certificate]
|
||||||
|
|
|
@ -1,3 +1,6 @@
|
||||||
---
|
---
|
||||||
cert_manager_namespace: "cert-manager"
|
cert_manager_namespace: "cert-manager"
|
||||||
cert_manager_user: 1001
|
cert_manager_user: 1001
|
||||||
|
cert_manager_tolerations: []
|
||||||
|
cert_manager_affinity: {}
|
||||||
|
cert_manager_nodeselector: {}
|
||||||
|
|
|
@ -874,6 +874,18 @@ spec:
|
||||||
fieldPath: metadata.namespace
|
fieldPath: metadata.namespace
|
||||||
resources:
|
resources:
|
||||||
{}
|
{}
|
||||||
|
{% if cert_manager_tolerations %}
|
||||||
|
tolerations:
|
||||||
|
{{ cert_manager_tolerations | to_nice_yaml(indent=2) | indent(width=8) }}
|
||||||
|
{% endif %}
|
||||||
|
{% if cert_manager_nodeselector %}
|
||||||
|
nodeSelector:
|
||||||
|
{{ cert_manager_nodeselector | to_nice_yaml | indent(width=8) }}
|
||||||
|
{% endif %}
|
||||||
|
{% if cert_manager_affinity %}
|
||||||
|
affinity:
|
||||||
|
{{ cert_manager_affinity | to_nice_yaml | indent(width=8) }}
|
||||||
|
{% endif %}
|
||||||
---
|
---
|
||||||
{% if cert_manager_trusted_internal_ca is defined %}
|
{% if cert_manager_trusted_internal_ca is defined %}
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
|
@ -939,6 +951,18 @@ spec:
|
||||||
fieldPath: metadata.namespace
|
fieldPath: metadata.namespace
|
||||||
resources:
|
resources:
|
||||||
{}
|
{}
|
||||||
|
{% if cert_manager_tolerations %}
|
||||||
|
tolerations:
|
||||||
|
{{ cert_manager_tolerations | to_nice_yaml(indent=2) | indent(width=8) }}
|
||||||
|
{% endif %}
|
||||||
|
{% if cert_manager_nodeselector %}
|
||||||
|
nodeSelector:
|
||||||
|
{{ cert_manager_nodeselector | to_nice_yaml | indent(width=8) }}
|
||||||
|
{% endif %}
|
||||||
|
{% if cert_manager_affinity %}
|
||||||
|
affinity:
|
||||||
|
{{ cert_manager_affinity | to_nice_yaml | indent(width=8) }}
|
||||||
|
{% endif %}
|
||||||
{% if cert_manager_trusted_internal_ca is defined %}
|
{% if cert_manager_trusted_internal_ca is defined %}
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
- mountPath: /etc/ssl/certs/internal-ca.pem
|
- mountPath: /etc/ssl/certs/internal-ca.pem
|
||||||
|
@ -1023,6 +1047,18 @@ spec:
|
||||||
fieldPath: metadata.namespace
|
fieldPath: metadata.namespace
|
||||||
resources:
|
resources:
|
||||||
{}
|
{}
|
||||||
|
{% if cert_manager_tolerations %}
|
||||||
|
tolerations:
|
||||||
|
{{ cert_manager_tolerations | to_nice_yaml(indent=2) | indent(width=8) }}
|
||||||
|
{% endif %}
|
||||||
|
{% if cert_manager_nodeselector %}
|
||||||
|
nodeSelector:
|
||||||
|
{{ cert_manager_nodeselector | to_nice_yaml | indent(width=8) }}
|
||||||
|
{% endif %}
|
||||||
|
{% if cert_manager_affinity %}
|
||||||
|
affinity:
|
||||||
|
{{ cert_manager_affinity | to_nice_yaml | indent(width=8) }}
|
||||||
|
{% endif %}
|
||||||
---
|
---
|
||||||
# Source: cert-manager/templates/webhook-mutating-webhook.yaml
|
# Source: cert-manager/templates/webhook-mutating-webhook.yaml
|
||||||
apiVersion: admissionregistration.k8s.io/v1
|
apiVersion: admissionregistration.k8s.io/v1
|
||||||
|
|
Loading…
Reference in a new issue