mirror of
https://github.com/intel/intel-device-plugins-for-kubernetes.git
synced 2025-06-03 03:59:37 +00:00
webhook: adjust deployment script to accommodate CRDs
This commit is contained in:
Dmitry Rozhkov
parent
271bc0d29a
commit
763d229f65
20
deployments/fpga_admissionwebhook/mappings-collection.yaml
Normal file
20
deployments/fpga_admissionwebhook/mappings-collection.yaml
Normal file
@ -0,0 +1,20 @@
|
||||
apiVersion: fpga.intel.com/v1
|
||||
kind: AcceleratorFunction
|
||||
metadata:
|
||||
name: arria10-nlb0
|
||||
spec:
|
||||
afuId: d8424dc4a4a3c413f89e433683f9040b
|
||||
---
|
||||
apiVersion: fpga.intel.com/v1
|
||||
kind: AcceleratorFunction
|
||||
metadata:
|
||||
name: arria10-nlb3
|
||||
spec:
|
||||
afuId: f7df405cbd7acf7222f144b0b93acd18
|
||||
---
|
||||
apiVersion: fpga.intel.com/v1
|
||||
kind: FpgaRegion
|
||||
metadata:
|
||||
name: arria10
|
||||
spec:
|
||||
interfaceId: ce48969398f05f33946d560708be108a
|
||||
21
deployments/fpga_admissionwebhook/rbac-config.yaml
Normal file
21
deployments/fpga_admissionwebhook/rbac-config.yaml
Normal file
@ -0,0 +1,21 @@
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
name: fpga-reader
|
||||
rules:
|
||||
- apiGroups: ["fpga.intel.com"]
|
||||
resources: ["acceleratorfunctions", "fpgaregions"]
|
||||
verbs: ["get", "list", "watch"]
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
name: default-fpga-reader
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: ClusterRole
|
||||
name: fpga-reader
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: default
|
||||
namespace: default
|
||||
@ -53,6 +53,10 @@ done
|
||||
${kubectl} delete MutatingWebhookConfiguration "fpga-mutator-webhook-cfg" 2>/dev/null || true
|
||||
${kubectl} delete service ${service} 2>/dev/null || true
|
||||
${kubectl} delete deployment "intel-fpga-webhook-deployment" 2>/dev/null || true
|
||||
${kubectl} delete -f ${srcroot}/deployments/fpga_admissionwebhook/rbac-config.yaml 2>/dev/null || true
|
||||
${kubectl} delete -f ${srcroot}/deployments/fpga_admissionwebhook/mappings-collection.yaml 2>/dev/null || true
|
||||
${kubectl} delete -f ${srcroot}/deployments/fpga_admissionwebhook/region-crd.yaml 2>/dev/null || true
|
||||
${kubectl} delete -f ${srcroot}/deployments/fpga_admissionwebhook/af-crd.yaml 2>/dev/null || true
|
||||
${kubectl} delete secret ${secret} 2>/dev/null || true
|
||||
${kubectl} delete csr "${service}.default" 2>/dev/null || true
|
||||
|
||||
@ -75,6 +79,12 @@ fi
|
||||
echo "Create secret including signed key/cert pair for the webhook"
|
||||
${srcroot}/scripts/webhook-create-signed-cert.sh --kubectl ${kubectl} --service ${service} --secret ${secret} --namespace "default"
|
||||
|
||||
echo "Create FPGA CRDs"
|
||||
${kubectl} create -f ${srcroot}/deployments/fpga_admissionwebhook/af-crd.yaml
|
||||
${kubectl} create -f ${srcroot}/deployments/fpga_admissionwebhook/region-crd.yaml
|
||||
${kubectl} create -f ${srcroot}/deployments/fpga_admissionwebhook/mappings-collection.yaml
|
||||
${kubectl} create -f ${srcroot}/deployments/fpga_admissionwebhook/rbac-config.yaml
|
||||
|
||||
echo "Create webhook deployment"
|
||||
cat ${srcroot}/deployments/fpga_admissionwebhook/deployment-tpl.yaml | sed -e "s/{MODE}/${mode}/g" | ${kubectl} create -f -
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user