devstar/devstar-devcontainer-operator
1
0
Fork 0
mirror of https://gitee.com/devstar/devstar-devcontainer-operator synced 2025-04-21 09:42:22 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
main
devstar-devcontainer-operator/internal/controller/templates/statefulset.yaml

110 lines
3.4 KiB
YAML
Raw Permalink Normal View History

!1 可通过 YAML 创建 CRD DevcontainerApp (StatefulSet + NodePort_Service) * 优化 DevcontainerApp Reconciler 逻辑 * Added Readiness Probing * Updated port num validation * Updated Quickstart Doc * Replaced Nginx Ingress Controller with NodePort Service * Updated resource creation: * Added resource creation * Added .editorconfig
2024-09-25 01:51:11 +00:00
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: {{.ObjectMeta.Name}}
namespace: {{.ObjectMeta.Namespace}}
labels:
app: {{.ObjectMeta.Name}}
devstar-resource-type: devstar-devcontainer
spec:
podManagementPolicy: OrderedReady
replicas: 1
selector:
matchLabels:
app: {{.ObjectMeta.Name}}
devstar-resource-type: devstar-devcontainer
template:
metadata:
labels:
app: {{.ObjectMeta.Name}}
devstar-resource-type: devstar-devcontainer
spec:
[feature] SSH Public Key Login for DevContainer
2024-10-13 11:24:13 +00:00
# 安全策略,禁止挂载 ServiceAccount Token
automountServiceAccountToken: false
volumes:
- name: root-ssh-dir
emptyDir: {}
initContainers:
- name: init-root-ssh-dir
[feature] git clone repo upon initialization
2024-10-14 05:49:23 +00:00
image: devstar.cn/public/busybox:27a71e19c956
[feature] SSH Public Key Login for DevContainer
2024-10-13 11:24:13 +00:00
imagePullPolicy: IfNotPresent
command:
- /bin/sh
- -c
- {{range .Spec.StatefulSet.SSHPublicKeyList}} echo "{{.}}" >> /root/.ssh/authorized_keys && {{end}} chmod -R 700 /root/.ssh/ && echo 'SSH Public Key(s) imported.'
# 注意,必须递归设置 ~/.ssh/ 目录下权限 700否则即使配置了 ~/.ssh/authorized_keys 也不会生效
volumeMounts:
- name: root-ssh-dir
mountPath: /root/.ssh
[feature] git clone repo upon initialization
2024-10-14 05:49:23 +00:00
- name: init-git-repo-dir
image: {{.Spec.StatefulSet.Image}}
imagePullPolicy: IfNotPresent
command:
- /bin/sh
- -c
- if [ ! -d '/data/workspace' ]; then git clone {{.Spec.StatefulSet.GitRepositoryURL}} /data/workspace && echo "Git Repository cloned."; else echo "Folder already exists."; fi
volumeMounts:
- name: pvc-devcontainer
mountPath: /data
!1 可通过 YAML 创建 CRD DevcontainerApp (StatefulSet + NodePort_Service) * 优化 DevcontainerApp Reconciler 逻辑 * Added Readiness Probing * Updated port num validation * Updated Quickstart Doc * Replaced Nginx Ingress Controller with NodePort Service * Updated resource creation: * Added resource creation * Added .editorconfig
2024-09-25 01:51:11 +00:00
containers:
- name: {{.ObjectMeta.Name}}
image: {{.Spec.StatefulSet.Image}}
command:
{{range .Spec.StatefulSet.Command}}
- {{.}}
{{end}}
imagePullPolicy: IfNotPresent
[feature] SSH Public Key Login for DevContainer
2024-10-13 11:24:13 +00:00
# securityContext: TODO: 设置 DevContainer 安全策略
!1 可通过 YAML 创建 CRD DevcontainerApp (StatefulSet + NodePort_Service) * 优化 DevcontainerApp Reconciler 逻辑 * Added Readiness Probing * Updated port num validation * Updated Quickstart Doc * Replaced Nginx Ingress Controller with NodePort Service * Updated resource creation: * Added resource creation * Added .editorconfig
2024-09-25 01:51:11 +00:00
ports:
- name: ssh-port
protocol: TCP
containerPort: {{.Spec.StatefulSet.ContainerPort}}
volumeMounts:
- name: pvc-devcontainer
mountPath: /data
[feature] SSH Public Key Login for DevContainer
2024-10-13 11:24:13 +00:00
- name: root-ssh-dir
mountPath: /root/.ssh
!1 可通过 YAML 创建 CRD DevcontainerApp (StatefulSet + NodePort_Service) * 优化 DevcontainerApp Reconciler 逻辑 * Added Readiness Probing * Updated port num validation * Updated Quickstart Doc * Replaced Nginx Ingress Controller with NodePort Service * Updated resource creation: * Added resource creation * Added .editorconfig
2024-09-25 01:51:11 +00:00
livenessProbe:
exec:
command:
- /bin/sh
- -c
- exec ls ~
failureThreshold: 6
[feature] git clone repo upon initialization
2024-10-14 05:49:23 +00:00
initialDelaySeconds: 5
!1 可通过 YAML 创建 CRD DevcontainerApp (StatefulSet + NodePort_Service) * 优化 DevcontainerApp Reconciler 逻辑 * Added Readiness Probing * Updated port num validation * Updated Quickstart Doc * Replaced Nginx Ingress Controller with NodePort Service * Updated resource creation: * Added resource creation * Added .editorconfig
2024-09-25 01:51:11 +00:00
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 5
readinessProbe:
exec:
command:
- /bin/sh
- -c
- exec cat /etc/ssh/ssh_host*.pub
!2 CRD status Reporter + CI Workflow Test * Added CI workflow for Dockerized k8s Operator * Added Readiness Listener based on StatefulSet.Status.ReadyReplicas * Update Readiness Probing timeout mechanism
2024-09-30 06:38:22 +00:00
failureThreshold: 6
[feature] git clone repo upon initialization
2024-10-14 05:49:23 +00:00
initialDelaySeconds: 5
!2 CRD status Reporter + CI Workflow Test * Added CI workflow for Dockerized k8s Operator * Added Readiness Listener based on StatefulSet.Status.ReadyReplicas * Update Readiness Probing timeout mechanism
2024-09-30 06:38:22 +00:00
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 5
!1 可通过 YAML 创建 CRD DevcontainerApp (StatefulSet + NodePort_Service) * 优化 DevcontainerApp Reconciler 逻辑 * Added Readiness Probing * Updated port num validation * Updated Quickstart Doc * Replaced Nginx Ingress Controller with NodePort Service * Updated resource creation: * Added resource creation * Added .editorconfig
2024-09-25 01:51:11 +00:00
resources:
limits:
cpu: 300m
ephemeral-storage: 8Gi
memory: 512Mi
requests:
cpu: 100m
ephemeral-storage: 50Mi
memory: 128Mi
volumeClaimTemplates:
- apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: pvc-devcontainer
spec:
storageClassName: openebs-hostpath
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi
Reference in New Issue Copy Permalink