apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: kube-state-metrics
spec:
replicas: 1
template:
metadata:
labels:
app: kube-state-metrics
spec:
serviceAccountName: kube-state-metrics
securityContext:
runAsNonRoot: true
runAsUser: 65534
containers:
- name: kube-rbac-proxy-main
image: quay.io/brancz/kube-rbac-proxy:v0.2.0
args:
- "--secure-listen-address=:8443"
- "--upstream=http://127.0.0.1:8081/"
ports:
- name: https-main
containerPort: 8443
resources:
requests:
memory: 20Mi
cpu: 10m
limits:
memory: 40Mi
cpu: 20m
- name: kube-rbac-proxy-self
image: quay.io/brancz/kube-rbac-proxy:v0.2.0
args:
- "--secure-listen-address=:9443"
- "--upstream=http://127.0.0.1:8082/"
ports:
- name: https-self
containerPort: 9443
resources:
requests:
memory: 20Mi
cpu: 10m
limits:
memory: 40Mi
cpu: 20m
- name: kube-state-metrics
image: quay.io/coreos/kube-state-metrics:v1.2.0
args:
- "--host=127.0.0.1"
- "--port=8081"
- "--telemetry-host=127.0.0.1"
- "--telemetry-port=8082"
- name: addon-resizer
image: gcr.io/google_containers/addon-resizer:1.0
resources:
limits:
cpu: 100m
memory: 30Mi
requests:
cpu: 100m
memory: 30Mi
env:
- name: MY_POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: MY_POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
command:
- /pod_nanny
- --container=kube-state-metrics
- --cpu=100m
- --extra-cpu=2m
- --memory=150Mi
- --extra-memory=30Mi
- --threshold=5
- --deployment=kube-state-metrics