gitea-admin/talos-cluster
1
0
Fork 0
Code Issues Pull Requests 15 Actions Packages Projects Releases Wiki Activity

feat: deploy Tailscale Operator via GitOps
Validate Manifests / validate (pull_request) Has been cancelled
Details

Browse Source
This commit is contained in:
gitea-admin
2026-05-10 15:13:57 +00:00
parent 7829189b3a
commit e35f4d22f9
1 changed files with 9 additions and 40 deletions
Download Patch File Download Diff File Expand all files Collapse all files
tailscale/deployment.yaml
+9 -40
View File
@@ -4,28 +4,21 @@ metadata:
name: tailscale-operator name: tailscale-operator
namespace: tailscale namespace: tailscale
labels: labels:
app.kubernetes.io/name: tailscale app: tailscale-operator
app.kubernetes.io/component: operator
spec: spec:
replicas: 1 replicas: 1
selector: selector:
matchLabels: matchLabels:
app.kubernetes.io/name: tailscale app: tailscale-operator
app.kubernetes.io/component: operator
template: template:
metadata: metadata:
labels: labels:
app.kubernetes.io/name: tailscale app: tailscale-operator
app.kubernetes.io/component: operator
spec: spec:
serviceAccountName: tailscale-operator serviceAccountName: tailscale-operator
securityContext:
runAsNonRoot: true
containers: containers:
- name: operator - name: operator
image: ghcr.io/tailscale/operator:v1.76.0 image: ghcr.io/tailscale/k8s-operator:v1.78.3
args:
- --hostname=$(POD_NAME)
env: env:
- name: POD_NAME - name: POD_NAME
valueFrom: valueFrom:
@@ -35,32 +28,8 @@ spec:
valueFrom: valueFrom:
fieldRef: fieldRef:
fieldPath: metadata.namespace fieldPath: metadata.namespace
envFrom: - name: TS_AUTH_KEY
- secretRef: valueFrom:
name: tailscale-operator-secret secretKeyRef:
ports: key: TS_AUTH_KEY
- containerPort: 8080 name: tailscale-auth
name: metrics
protocol: TCP
resources:
requests:
cpu: 10m
memory: 64Mi
limits:
cpu: 100m
memory: 128Mi
securityContext:
allowPrivilegeEscalation: false
readOnlyRootFilesystem: true
runAsUser: 1000
runAsGroup: 1000
capabilities:
drop:
- ALL
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: node-role.kubernetes.io/control-plane
operator: Exists