diff --git a/apps/system/kubevirt/.gitignore b/apps/system/kubevirt/.gitignore deleted file mode 100644 index 719aed9..0000000 --- a/apps/system/kubevirt/.gitignore +++ /dev/null @@ -1,2 +0,0 @@ -requirements.lock -charts/ diff --git a/apps/system/kubevirt/Chart.yaml b/apps/system/kubevirt/Chart.yaml deleted file mode 100644 index 9d70f6a..0000000 --- a/apps/system/kubevirt/Chart.yaml +++ /dev/null @@ -1,2 +0,0 @@ -name: kubevirt -version: 0.1 \ No newline at end of file diff --git a/apps/system/kubevirt/templates/kubevirt-cr.yaml b/apps/system/kubevirt/templates/kubevirt-cr.yaml deleted file mode 100644 index ea7b79f..0000000 --- a/apps/system/kubevirt/templates/kubevirt-cr.yaml +++ /dev/null @@ -1,10 +0,0 @@ ---- -apiVersion: kubevirt.io/v1alpha3 -kind: KubeVirt -metadata: - name: kubevirt - namespace: kubevirt -spec: - certificateRotateStrategy: {} - configuration: {} - imagePullPolicy: IfNotPresent diff --git a/apps/system/kubevirt/templates/kubevirt-operator.yaml b/apps/system/kubevirt/templates/kubevirt-operator.yaml deleted file mode 100644 index 217a90d..0000000 --- a/apps/system/kubevirt/templates/kubevirt-operator.yaml +++ /dev/null @@ -1,759 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - labels: - operator.kubevirt.io: "" - name: kubevirts.kubevirt.io -spec: - additionalPrinterColumns: - - JSONPath: .metadata.creationTimestamp - name: Age - type: date - - JSONPath: .status.phase - name: Phase - type: string - group: kubevirt.io - names: - categories: - - all - kind: KubeVirt - plural: kubevirts - shortNames: - - kv - - kvs - singular: kubevirt - scope: Namespaced - version: v1alpha3 - versions: - - name: v1alpha3 - served: true - storage: true - ---- -apiVersion: scheduling.k8s.io/v1 -kind: PriorityClass -metadata: - name: kubevirt-cluster-critical -value: 1000000000 -globalDefault: false -description: "This priority class should be used for core kubevirt components only." ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: kubevirt.io:operator - labels: - operator.kubevirt.io: "" - rbac.authorization.k8s.io/aggregate-to-admin: "true" -rules: - - apiGroups: - - kubevirt.io - resources: - - kubevirts - verbs: - - get - - delete - - create - - update - - patch - - list - - watch - - deletecollection ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - labels: - kubevirt.io: "" - name: kubevirt-operator - namespace: kubevirt ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - labels: - kubevirt.io: "" - name: kubevirt-operator - namespace: kubevirt -rules: -- apiGroups: - - "" - resources: - - secrets - verbs: - - create - - get - - list - - watch - - patch - - delete -- apiGroups: - - "" - resources: - - configmaps - verbs: - - create - - get - - list - - watch - - patch - - delete ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - labels: - kubevirt.io: "" - name: kubevirt-operator-rolebinding - namespace: kubevirt -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: kubevirt-operator -subjects: -- kind: ServiceAccount - name: kubevirt-operator - namespace: kubevirt ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - kubevirt.io: "" - name: kubevirt-operator -rules: -- apiGroups: - - "" - resources: - - secrets - verbs: - - create - - get - - update -- apiGroups: - - kubevirt.io - resources: - - kubevirts - verbs: - - get - - list - - watch - - patch - - update - - patch -- apiGroups: - - "" - resources: - - serviceaccounts - - services - - endpoints - - pods/exec - verbs: - - get - - list - - watch - - create - - update - - delete - - patch -- apiGroups: - - "" - resources: - - configmaps - verbs: - - patch - - delete -- apiGroups: - - batch - resources: - - jobs - verbs: - - get - - list - - watch - - create - - delete - - patch -- apiGroups: - - apps - resources: - - deployments - - daemonsets - verbs: - - get - - list - - watch - - create - - delete - - patch -- apiGroups: - - rbac.authorization.k8s.io - resources: - - clusterroles - - clusterrolebindings - - roles - - rolebindings - verbs: - - get - - list - - watch - - create - - delete - - patch - - update -- apiGroups: - - apiextensions.k8s.io - resources: - - customresourcedefinitions - verbs: - - get - - list - - watch - - create - - delete - - patch -- apiGroups: - - security.openshift.io - resources: - - securitycontextconstraints - verbs: - - create - - get - - list - - watch -- apiGroups: - - security.openshift.io - resourceNames: - - privileged - resources: - - securitycontextconstraints - verbs: - - get - - patch - - update -- apiGroups: - - security.openshift.io - resourceNames: - - kubevirt-handler - - kubevirt-controller - resources: - - securitycontextconstraints - verbs: - - get - - list - - watch - - update - - delete -- apiGroups: - - admissionregistration.k8s.io - resources: - - validatingwebhookconfigurations - - mutatingwebhookconfigurations - verbs: - - get - - list - - watch - - create - - delete - - update - - patch -- apiGroups: - - apiregistration.k8s.io - resources: - - apiservices - verbs: - - get - - list - - watch - - create - - delete - - update - - patch -- apiGroups: - - monitoring.coreos.com - resources: - - servicemonitors - - prometheusrules - verbs: - - get - - list - - watch - - create - - delete - - update - - patch -- apiGroups: - - subresources.kubevirt.io - resources: - - virtualmachines/start - - virtualmachines/stop - - virtualmachines/restart - verbs: - - put -- apiGroups: - - "" - resources: - - namespaces - verbs: - - get - - list - - watch - - patch -- apiGroups: - - "" - resources: - - pods - verbs: - - get - - list - - delete - - patch -- apiGroups: - - kubevirt.io - resources: - - virtualmachines - - virtualmachineinstances - verbs: - - get - - list - - watch - - patch -- apiGroups: - - kubevirt.io - resources: - - virtualmachineinstancemigrations - verbs: - - create - - get - - list - - watch - - patch -- apiGroups: - - kubevirt.io - resources: - - virtualmachineinstancepresets - verbs: - - watch - - list -- apiGroups: - - "" - resources: - - configmaps - verbs: - - get - - list - - watch -- apiGroups: - - "" - resources: - - limitranges - verbs: - - watch - - list -- apiGroups: - - apiextensions.k8s.io - resources: - - customresourcedefinitions - verbs: - - get - - list - - watch -- apiGroups: - - kubevirt.io - resources: - - kubevirts - verbs: - - get - - list - - watch -- apiGroups: - - "" - resources: - - configmaps - verbs: - - get - - list - - watch -- apiGroups: - - policy - resources: - - poddisruptionbudgets - verbs: - - get - - list - - watch - - delete - - create - - patch -- apiGroups: - - "" - resources: - - pods - - configmaps - - endpoints - verbs: - - get - - list - - watch - - delete - - update - - create -- apiGroups: - - "" - resources: - - events - verbs: - - update - - create - - patch -- apiGroups: - - "" - resources: - - pods/finalizers - verbs: - - update -- apiGroups: - - "" - resources: - - nodes - verbs: - - get - - list - - watch - - update - - patch -- apiGroups: - - "" - resources: - - persistentvolumeclaims - verbs: - - get - - list - - watch -- apiGroups: - - snapshot.kubevirt.io - resources: - - '*' - verbs: - - '*' -- apiGroups: - - kubevirt.io - resources: - - '*' - verbs: - - '*' -- apiGroups: - - cdi.kubevirt.io - resources: - - '*' - verbs: - - '*' -- apiGroups: - - k8s.cni.cncf.io - resources: - - network-attachment-definitions - verbs: - - get - - list - - watch -- apiGroups: - - apiextensions.k8s.io - resources: - - customresourcedefinitions - verbs: - - get - - list - - watch -- apiGroups: - - authorization.k8s.io - resources: - - subjectaccessreviews - verbs: - - create -- apiGroups: - - snapshot.storage.k8s.io - resources: - - volumesnapshotclasses - verbs: - - get - - list - - watch -- apiGroups: - - snapshot.storage.k8s.io - resources: - - volumesnapshots - verbs: - - get - - list - - watch - - create - - update - - delete -- apiGroups: - - storage.k8s.io - resources: - - storageclasses - verbs: - - get - - list - - watch -- apiGroups: - - kubevirt.io - resources: - - virtualmachineinstances - verbs: - - update - - list - - watch -- apiGroups: - - "" - resources: - - persistentvolumeclaims - verbs: - - get -- apiGroups: - - "" - resources: - - nodes - verbs: - - patch -- apiGroups: - - "" - resources: - - events - verbs: - - create - - patch -- apiGroups: - - apiextensions.k8s.io - resources: - - customresourcedefinitions - verbs: - - get - - list - - watch -- apiGroups: - - kubevirt.io - resources: - - kubevirts - verbs: - - get - - list - - watch -- apiGroups: - - "" - resources: - - configmaps - verbs: - - get - - list - - watch -- apiGroups: - - subresources.kubevirt.io - resources: - - version - verbs: - - get - - list -- apiGroups: - - subresources.kubevirt.io - resources: - - virtualmachineinstances/console - - virtualmachineinstances/vnc - - virtualmachineinstances/pause - - virtualmachineinstances/unpause - verbs: - - get -- apiGroups: - - subresources.kubevirt.io - resources: - - virtualmachines/start - - virtualmachines/stop - - virtualmachines/restart - verbs: - - update -- apiGroups: - - kubevirt.io - resources: - - virtualmachines - - virtualmachineinstances - - virtualmachineinstancepresets - - virtualmachineinstancereplicasets - - virtualmachineinstancemigrations - verbs: - - get - - delete - - create - - update - - patch - - list - - watch - - deletecollection -- apiGroups: - - subresources.kubevirt.io - resources: - - virtualmachineinstances/console - - virtualmachineinstances/vnc - - virtualmachineinstances/pause - - virtualmachineinstances/unpause - verbs: - - get -- apiGroups: - - subresources.kubevirt.io - resources: - - virtualmachines/start - - virtualmachines/stop - - virtualmachines/restart - verbs: - - update -- apiGroups: - - kubevirt.io - resources: - - virtualmachines - - virtualmachineinstances - - virtualmachineinstancepresets - - virtualmachineinstancereplicasets - - virtualmachineinstancemigrations - verbs: - - get - - delete - - create - - update - - patch - - list - - watch -- apiGroups: - - kubevirt.io - resources: - - virtualmachines - - virtualmachineinstances - - virtualmachineinstancepresets - - virtualmachineinstancereplicasets - - virtualmachineinstancemigrations - verbs: - - get - - list - - watch -- apiGroups: - - authentication.k8s.io - resources: - - tokenreviews - verbs: - - create -- apiGroups: - - authorization.k8s.io - resources: - - subjectaccessreviews - verbs: - - create ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - labels: - kubevirt.io: "" - name: kubevirt-operator -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: kubevirt-operator -subjects: -- kind: ServiceAccount - name: kubevirt-operator - namespace: kubevirt - ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - kubevirt.io: virt-operator - name: virt-operator - namespace: kubevirt -spec: - replicas: 2 - selector: - matchLabels: - kubevirt.io: virt-operator - strategy: - type: RollingUpdate - template: - metadata: - annotations: - scheduler.alpha.kubernetes.io/critical-pod: "" - labels: - kubevirt.io: virt-operator - prometheus.kubevirt.io: "" - name: virt-operator - spec: - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchExpressions: - - key: kubevirt.io - operator: In - values: - - virt-operator - topologyKey: kubernetes.io/hostname - weight: 1 - containers: - - command: - - virt-operator - - --port - - "8443" - - -v - - "2" - env: - - name: OPERATOR_IMAGE - value: index.docker.io/kubevirt/virt-operator@sha256:cc2737d30399db6536fe67ae19f6add5855a9e0dd04de09bb4415a0f572e903b - - name: WATCH_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.annotations['olm.targetNamespaces'] - - name: KUBEVIRT_VERSION - value: v0.31.0-rc.1 - - name: VIRT_API_SHASUM - value: sha256:73ab3b95ee45c5f3cd3892b4d340978bbf46b7ee09a4b28fb161f74406a17254 - - name: VIRT_CONTROLLER_SHASUM - value: sha256:af0c5363a654104684c0b3393bd73c309a3e15a5950395b6cdadcde30e46b506 - - name: VIRT_HANDLER_SHASUM - value: sha256:e80b25cf961f4732002d818cc6fe0d61ba51352fcc5b6a947b6d5cc6c5ce1d09 - - name: VIRT_LAUNCHER_SHASUM - value: sha256:afa4c333617cff7103dc240bc22cca91c97c16da681bf522b91af951527b7f7a - image: index.docker.io/kubevirt/virt-operator@sha256:cc2737d30399db6536fe67ae19f6add5855a9e0dd04de09bb4415a0f572e903b - imagePullPolicy: IfNotPresent - name: virt-operator - ports: - - containerPort: 8443 - name: metrics - protocol: TCP - - containerPort: 8444 - name: webhooks - protocol: TCP - readinessProbe: - httpGet: - path: /metrics - port: 8443 - scheme: HTTPS - initialDelaySeconds: 5 - timeoutSeconds: 10 - resources: {} - volumeMounts: - - mountPath: /etc/virt-operator/certificates - name: kubevirt-operator-certs - readOnly: true - priorityClassName: kubevirt-cluster-critical - securityContext: - runAsNonRoot: true - serviceAccountName: kubevirt-operator - tolerations: - - key: CriticalAddonsOnly - operator: Exists - volumes: - - name: kubevirt-operator-certs - secret: - optional: true - secretName: kubevirt-operator-certs diff --git a/main/apps/kubevirt.yaml b/main/apps/kubevirt.yaml deleted file mode 100644 index f47e654..0000000 --- a/main/apps/kubevirt.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: argoproj.io/v1alpha1 -kind: Application -metadata: - name: kubevirt - namespace: argocd - finalizers: - - resources-finalizer.argocd.argoproj.io -spec: - destination: - namespace: kubevirt - server: https://kubernetes.default.svc - project: default - source: - path: apps/system/kubevirt - repoURL: git@github.com:gorilych/gf-k8s - syncPolicy: - automated: - prune: true - selfHeal: true diff --git a/main/namespaces/kubevirt.yaml b/main/namespaces/kubevirt.yaml deleted file mode 100644 index 81bbb04..0000000 --- a/main/namespaces/kubevirt.yaml +++ /dev/null @@ -1,4 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - name: kubevirt