diff --git a/tailscale/deployment.yaml b/tailscale/deployment.yaml index dae6204..3e62399 100644 --- a/tailscale/deployment.yaml +++ b/tailscale/deployment.yaml @@ -4,28 +4,21 @@ metadata: name: tailscale-operator namespace: tailscale labels: - app.kubernetes.io/name: tailscale - app.kubernetes.io/component: operator + app: tailscale-operator spec: replicas: 1 selector: matchLabels: - app.kubernetes.io/name: tailscale - app.kubernetes.io/component: operator + app: tailscale-operator template: metadata: labels: - app.kubernetes.io/name: tailscale - app.kubernetes.io/component: operator + app: tailscale-operator spec: serviceAccountName: tailscale-operator - securityContext: - runAsNonRoot: true containers: - name: operator - image: ghcr.io/tailscale/operator:v1.76.0 - args: - - --hostname=$(POD_NAME) + image: ghcr.io/tailscale/k8s-operator:v1.78.3 env: - name: POD_NAME valueFrom: @@ -35,32 +28,8 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - envFrom: - - secretRef: - name: tailscale-operator-secret - ports: - - containerPort: 8080 - name: metrics - protocol: TCP - resources: - requests: - cpu: 10m - memory: 64Mi - limits: - cpu: 100m - memory: 128Mi - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsUser: 1000 - runAsGroup: 1000 - capabilities: - drop: - - ALL - affinity: - nodeAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - nodeSelectorTerms: - - matchExpressions: - - key: node-role.kubernetes.io/control-plane - operator: Exists + - name: TS_AUTH_KEY + valueFrom: + secretKeyRef: + key: TS_AUTH_KEY + name: tailscale-auth