39 lines
1.3 KiB
Django/Jinja
39 lines
1.3 KiB
Django/Jinja
---
|
|
# Source: cilium/templates/hubble-generate-certs-cronjob.yaml
|
|
apiVersion: batch/v1
|
|
kind: CronJob
|
|
metadata:
|
|
name: hubble-generate-certs
|
|
namespace: kube-system
|
|
labels:
|
|
k8s-app: hubble-generate-certs
|
|
spec:
|
|
schedule: "0 0 1 */4 *"
|
|
concurrencyPolicy: Forbid
|
|
jobTemplate:
|
|
spec:
|
|
template:
|
|
metadata:
|
|
labels:
|
|
k8s-app: hubble-generate-certs
|
|
spec:
|
|
serviceAccount: hubble-generate-certs
|
|
serviceAccountName: hubble-generate-certs
|
|
containers:
|
|
- name: certgen
|
|
image: "{{ cilium_hubble_certgen_image_repo }}:{{ cilium_hubble_certgen_image_tag }}"
|
|
imagePullPolicy: {{ k8s_image_pull_policy }}
|
|
command:
|
|
- "/usr/bin/cilium-certgen"
|
|
# Because this is executed as a job, we pass the values as command
|
|
# line args instead of via config map. This allows users to inspect
|
|
# the values used in past runs by inspecting the completed pod.
|
|
args:
|
|
{% for key, value in cilium_certgen_args.items() -%}
|
|
- "--{{ key }}={{ value }}"
|
|
{% endfor %}
|
|
|
|
hostNetwork: true
|
|
restartPolicy: OnFailure
|
|
ttlSecondsAfterFinished: 1800
|