From 345dd9cf27c7bc0d25af1c85e850f9966155f9b9 Mon Sep 17 00:00:00 2001
From: "nicholas.klem" <nicholas@sanity.io>
Date: Fri, 24 Aug 2018 14:34:38 +0200
Subject: [PATCH] add kubernetes yaml files

---
 kubernetes/configmap.yaml | 26 ++++++++++++++++++++++++++
 kubernetes/job.yaml       | 33 +++++++++++++++++++++++++++++++++
 kubernetes/rbac.yaml      | 37 +++++++++++++++++++++++++++++++++++++
 3 files changed, 96 insertions(+)
 create mode 100644 kubernetes/configmap.yaml
 create mode 100644 kubernetes/job.yaml
 create mode 100644 kubernetes/rbac.yaml

diff --git a/kubernetes/configmap.yaml b/kubernetes/configmap.yaml
new file mode 100644
index 000000000..c7bbd972b
--- /dev/null
+++ b/kubernetes/configmap.yaml
@@ -0,0 +1,26 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: descheduler-policy-configmap
+data:
+  policy.yaml: |
+    apiVersion: "descheduler/v1alpha1"
+    kind: "DeschedulerPolicy"
+    strategies:
+      "RemoveDuplicates":
+         enabled: true
+      "RemovePodsViolatingInterPodAntiAffinity":
+         enabled: true
+      "LowNodeUtilization":
+         enabled: true
+         params:
+           nodeResourceUtilizationThresholds:
+             thresholds:
+               "cpu" : 20
+               "memory": 20
+               "pods": 20
+             targetThresholds:
+               "cpu" : 50
+               "memory": 50
+               "pods": 50
+
diff --git a/kubernetes/job.yaml b/kubernetes/job.yaml
new file mode 100644
index 000000000..3ec6a5a70
--- /dev/null
+++ b/kubernetes/job.yaml
@@ -0,0 +1,33 @@
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: descheduler-job
+  namespace: kube-system
+spec:
+  parallelism: 1
+  completions: 1
+  template:
+    metadata:
+      name: descheduler-pod
+      annotations:
+        scheduler.alpha.kubernetes.io/critical-pod: ""
+    spec:
+        containers:
+        - name: descheduler
+          image: descheduler:latest
+          volumeMounts:
+          - mountPath: /policy-dir
+            name: policy-volume
+          command:
+            - "/bin/descheduler"
+          args:
+            - "--policy-config-file"
+            - "/policy-dir/policy.yaml"
+            - "--v"
+            - "3"
+        restartPolicy: "Never"
+        serviceAccountName: descheduler-sa
+        volumes:
+        - name: policy-volume
+          configMap:
+            name: descheduler-policy-configmap
diff --git a/kubernetes/rbac.yaml b/kubernetes/rbac.yaml
new file mode 100644
index 000000000..15116f115
--- /dev/null
+++ b/kubernetes/rbac.yaml
@@ -0,0 +1,37 @@
+---
+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1beta1
+metadata:
+  name: descheduler-cluster-role
+  namespace: kube-system
+rules:
+- apiGroups: [""]
+  resources: ["nodes"]
+  verbs: ["get", "watch", "list"]
+- apiGroups: [""]
+  resources: ["pods"]
+  verbs: ["get", "watch", "list", "delete"]
+- apiGroups: [""]
+  resources: ["pods/eviction"]
+  verbs: ["create"]
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: descheduler-sa
+  namespace: kube-system
+---
+apiVersion: rbac.authorization.k8s.io/v1beta1
+kind: ClusterRoleBinding
+metadata:
+  name: descehduler-cluster-role-binding
+  namespace: kube-system
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: descheduler-cluster-role
+subjects:
+  - name: descheduler-sa
+    kind: ServiceAccount
+    namespace: kube-system
+