Increase priority of tailscale pods
This commit is contained in:
Grant
parent
485f26ca19
commit
23cc0fd76c
@ -47,13 +47,13 @@ releases:
|
|||||||
namespace: tailscale
|
namespace: tailscale
|
||||||
createNamespace: true
|
createNamespace: true
|
||||||
chart: tailscale/tailscale-operator
|
chart: tailscale/tailscale-operator
|
||||||
|
values:
|
||||||
|
- ./tailscale/values.yaml
|
||||||
setString:
|
setString:
|
||||||
- name: oauth.clientId
|
- name: oauth.clientId
|
||||||
value: {{ requiredEnv "TAILSCALE_OAUTH_CLIENT_ID" }}
|
value: {{ requiredEnv "TAILSCALE_OAUTH_CLIENT_ID" }}
|
||||||
- name: oauth.clientSecret
|
- name: oauth.clientSecret
|
||||||
value: {{ requiredEnv "TAILSCALE_OAUTH_CLIENT_SECRET" }}
|
value: {{ requiredEnv "TAILSCALE_OAUTH_CLIENT_SECRET" }}
|
||||||
- name: apiServerProxyConfig.mode
|
|
||||||
value: noauth
|
|
||||||
# storage infrastructure
|
# storage infrastructure
|
||||||
- name: rook-ceph
|
- name: rook-ceph
|
||||||
namespace: rook-ceph
|
namespace: rook-ceph
|
||||||
|
|||||||
11
tailscale/connector.yaml
Normal file
11
tailscale/connector.yaml
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
apiVersion: tailscale.com/v1alpha1
|
||||||
|
kind: Connector
|
||||||
|
metadata:
|
||||||
|
name: home-cidr
|
||||||
|
spec:
|
||||||
|
tags:
|
||||||
|
- "tag:k8s"
|
||||||
|
hostname: home-cidr
|
||||||
|
subnetRouter:
|
||||||
|
advertiseRoutes:
|
||||||
|
- "192.168.1.0/24"
|
||||||
30
tailscale/rbac.yaml
Normal file
30
tailscale/rbac.yaml
Normal file
@ -0,0 +1,30 @@
|
|||||||
|
apiVersion: v1
|
||||||
|
kind: ServiceAccount
|
||||||
|
metadata:
|
||||||
|
name: tailscale
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
apiVersion: rbac.authorization.k8s.io/v1
|
||||||
|
kind: Role
|
||||||
|
metadata:
|
||||||
|
name: tailscale
|
||||||
|
rules:
|
||||||
|
- apiGroups: [""]
|
||||||
|
resourceNames: ["tailscale-auth"]
|
||||||
|
resources: ["secrets"]
|
||||||
|
verbs: ["get", "update", "patch"]
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
apiVersion: rbac.authorization.k8s.io/v1
|
||||||
|
kind: RoleBinding
|
||||||
|
metadata:
|
||||||
|
name: tailscale
|
||||||
|
subjects:
|
||||||
|
- kind: ServiceAccount
|
||||||
|
name: tailscale
|
||||||
|
roleRef:
|
||||||
|
kind: Role
|
||||||
|
name: tailscale
|
||||||
|
apiGroup: rbac.authorization.k8s.io
|
||||||
4
tailscale/values.yaml
Normal file
4
tailscale/values.yaml
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
operatorConfig:
|
||||||
|
extraEnv:
|
||||||
|
- name: PROXY_PRIORITY_CLASS_NAME
|
||||||
|
value: critical
|
||||||
15
utils/priorityclasses.yaml
Normal file
15
utils/priorityclasses.yaml
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
apiVersion: scheduling.k8s.io/v1
|
||||||
|
kind: PriorityClass
|
||||||
|
metadata:
|
||||||
|
name: critical
|
||||||
|
value: 1000000
|
||||||
|
globalDefault: false
|
||||||
|
description: "This priority class is for admin and critical maintenance services"
|
||||||
|
---
|
||||||
|
apiVersion: scheduling.k8s.io/v1
|
||||||
|
kind: PriorityClass
|
||||||
|
metadata:
|
||||||
|
name: high
|
||||||
|
value: 500000
|
||||||
|
globalDefault: false
|
||||||
|
description: "This priority class is for high value services"
|
||||||
Loading…
x
Reference in New Issue
Block a user