diff --git a/node-labeler/node-labeler.yaml b/node-labeler/node-labeler.yaml new file mode 100644 index 0000000..09f1e45 --- /dev/null +++ b/node-labeler/node-labeler.yaml @@ -0,0 +1,58 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: node-labeler +--- +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: worker-node-labeler + namespace: node-labeler +spec: + selector: + matchLabels: + role: worker-node-labeler + template: + metadata: + labels: + role: worker-node-labeler + spec: + tolerations: + - key: node-role.kubernetes.io/master + operator: Exists + effect: NoSchedule + containers: + - name: labeler + image: bitnami/kubectl + env: + - name: NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + command: ["/bin/sh", "-c", "while true; do kubectl get node $(NODE_NAME) -o=jsonpath='{.metadata.labels}' | grep -q node-role.kubernetes.io/worker || kubectl label node $(NODE_NAME) node-role.kubernetes.io/worker=; sleep 60; done"] + imagePullPolicy: IfNotPresent + restartPolicy: Always +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: worker-node-labeler-role + namespace: node-labeler +rules: + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get", "patch"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: worker-node-labeler-binding + namespace: node-labeler +subjects: + - kind: ServiceAccount + name: default + namespace: node-labeler +roleRef: + kind: ClusterRole + name: worker-node-labeler-role + apiGroup: rbac.authorization.k8s.io \ No newline at end of file