新增kpl-launcher服务

kpl_deploy_yaml/5-kpl-launcher/certs/server.crt

+-----BEGIN CERTIFICATE-----
+MIICKTCCAbCgAwIBAgIJAOEzff/TB45/MAoGCCqGSM49BAMCMFMxCzAJBgNVBAYT
+AkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRn
+aXRzIFB0eSBMdGQxDDAKBgNVBAMMA0tQTDAeFw0yMDA2MDMwMzA2MDRaFw0zMDA2
+MDEwMzA2MDRaMFMxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEw
+HwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxDDAKBgNVBAMMA0tQTDB2
+MBAGByqGSM49AgEGBSuBBAAiA2IABDUlvu7GTOB4kYiqBuRqiLU3chqccZhMFL16
+olmMX31M8EWA0VXj5JeMo4js7NcuBRfFp2JIdhqOroodz+Bu64nmhjbr7Qkglk14
+XguoUrwycTAlba2JdBpXRXwY5uP7eqNQME4wHQYDVR0OBBYEFPQ81JjaE8UG4FyX
+Hjo09H9dRkcEMB8GA1UdIwQYMBaAFPQ81JjaE8UG4FyXHjo09H9dRkcEMAwGA1Ud
+EwQFMAMBAf8wCgYIKoZIzj0EAwIDZwAwZAIwSCzsAdwv5fJOlAMI6W+0s5whygR3
+VQEq88EffPmjQ8Cn6rqWFzev4Cd5W18Qput9AjAjoBh5WdlK1N0sIZpRLaCYK7El
+2vab3X1CbV8MkwGJU7Vnjav+w185kSNpbpF6idw=
+-----END CERTIFICATE-----

kpl_deploy_yaml/5-kpl-launcher/certs/server.key

+-----BEGIN EC PARAMETERS-----
+BgUrgQQAIg==
+-----END EC PARAMETERS-----
+-----BEGIN EC PRIVATE KEY-----
+MIGkAgEBBDCc8hpwAUrmEZUnFeD4Fi/OnMT2fAXVtJ50FIR/HCWMD/pPDV1uKLZI
+Hm6h6fRQX82gBwYFK4EEACKhZANiAAQ1Jb7uxkzgeJGIqgbkaoi1N3IanHGYTBS9
+eqJZjF99TPBFgNFV4+SXjKOI7OzXLgUXxadiSHYajq6KHc/gbuuJ5oY26+0JIJZN
+eF4LqFK8MnEwJW2tiXQaV0V8GObj+3o=
+-----END EC PRIVATE KEY-----

kpl_deploy_yaml/5-kpl-launcher/kpl-launcher/deployment.yaml

+kind: Deployment
+apiVersion: apps/v1
+metadata:
+  name: kpl-launcher
+  namespace: kpl
+  labels:
+    app: kpl-launcher
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: kpl-launcher
+  template:
+    metadata:
+      labels:
+        app: kpl-launcher
+    spec:
+      serviceAccount: kpl-launcher
+      containers:
+        - name: launcher
+          image: IMAGE_NAME   #镜像仓库以及名字变量模板
+          command:
+            - /bin/bash
+            - -c
+            - kpl_launcher --incluster --private-key /etc/kpl/ssl/server.key --cert-chain /etc/kpl/ssl/server.crt --port 8000 2>&1
+          ports:
+            - containerPort: 8000
+              name: launcher-port
+          imagePullPolicy: "IfNotPresent"
+          resources:
+              requests:   #新增加request。降低资源调度要求
+                cpu: 1
+                memory: 100Mi
+              limits:
+                cpu: 8
+                memory: 100Mi
+          env:
+            - name: KPL_IMAGE_SECRET_NAME
+              value: kpl-regcred
+          volumeMounts:
+            - name: kpl-ssl
+              mountPath: /etc/kpl/ssl
+              readOnly: true
+      volumes:
+        - name: kpl-ssl
+          configMap:
+            name: kpl-ssl
+      imagePullSecrets:
+        - name: kpl-regcred
+---
+apiVersion: v1
+kind: Service
+metadata:
+  labels:
+    app: kpl-launcher
+  name: kpl-launcher-service
+  namespace: kpl
+spec:
+  ports:
+    - port: 8000
+      protocol: TCP
+      targetPort: 8000
+  # type: NodePort
+  selector:
+    app: kpl-launcher

kpl_deploy_yaml/5-kpl-launcher/kpl-launcher/rbac.yaml

+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: kpl-launcher
+  namespace: kpl
+---
+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: kpl-launcher
+rules:
+  - apiGroups: ["apiextensions.k8s.io"]
+    resources: ["customresourcedefinitions"]
+    verbs: ["get", "list", "watch"]
+  - apiGroups: ["batch.volcano.sh"]
+    resources: ["jobs"]
+    verbs: ["get", "create", "list", "watch", "update", "delete"]
+  - apiGroups: [""]
+    resources: ["pods", "pods/status"]
+    verbs: ["create", "get", "list", "watch", "update", "bind", "updateStatus", "delete"]
+  - apiGroups: [""]
+    resources: ["persistentvolumeclaims"]
+    verbs: ["list", "watch"]
+  - apiGroups: [""]
+    resources: ["persistentvolumes"]
+    verbs: ["list", "watch"]
+  - apiGroups: [""]
+    resources: ["services"]
+    verbs: ["list", "watch"]
+  - apiGroups: ["apps"]
+    resources: ["deployments"]
+    verbs: ["list", "watch"]
+  - apiGroups: [""]
+    resources: ["namespaces"]
+    verbs: ["list", "watch"]
+  - apiGroups: ["storage.k8s.io"]
+    resources: ["storageclasses"]
+    verbs: ["list", "watch"]
+  - apiGroups: [""]
+    resources: ["nodes"]
+    verbs: ["list", "watch"]
+---
+kind: ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: kpl-launcher
+subjects:
+- kind: ServiceAccount
+  name: kpl-launcher
+  namespace: kpl
+roleRef:
+  kind: ClusterRole
+  name: kpl-launcher
+  apiGroup: rbac.authorization.k8s.io

kpl_deploy_yaml/5-kpl-launcher/kpl-ssl-configmap-autodl.yaml

+apiVersion: v1
+data:
+  server.crt: |
+    -----BEGIN CERTIFICATE-----
+    MIICKTCCAbCgAwIBAgIJAOEzff/TB45/MAoGCCqGSM49BAMCMFMxCzAJBgNVBAYT
+    AkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRn
+    aXRzIFB0eSBMdGQxDDAKBgNVBAMMA0tQTDAeFw0yMDA2MDMwMzA2MDRaFw0zMDA2
+    MDEwMzA2MDRaMFMxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEw
+    HwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxDDAKBgNVBAMMA0tQTDB2
+    MBAGByqGSM49AgEGBSuBBAAiA2IABDUlvu7GTOB4kYiqBuRqiLU3chqccZhMFL16
+    olmMX31M8EWA0VXj5JeMo4js7NcuBRfFp2JIdhqOroodz+Bu64nmhjbr7Qkglk14
+    XguoUrwycTAlba2JdBpXRXwY5uP7eqNQME4wHQYDVR0OBBYEFPQ81JjaE8UG4FyX
+    Hjo09H9dRkcEMB8GA1UdIwQYMBaAFPQ81JjaE8UG4FyXHjo09H9dRkcEMAwGA1Ud
+    EwQFMAMBAf8wCgYIKoZIzj0EAwIDZwAwZAIwSCzsAdwv5fJOlAMI6W+0s5whygR3
+    VQEq88EffPmjQ8Cn6rqWFzev4Cd5W18Qput9AjAjoBh5WdlK1N0sIZpRLaCYK7El
+    2vab3X1CbV8MkwGJU7Vnjav+w185kSNpbpF6idw=
+    -----END CERTIFICATE-----
+  server.key: |
+    -----BEGIN EC PARAMETERS-----
+    BgUrgQQAIg==
+    -----END EC PARAMETERS-----
+    -----BEGIN EC PRIVATE KEY-----
+    MIGkAgEBBDCc8hpwAUrmEZUnFeD4Fi/OnMT2fAXVtJ50FIR/HCWMD/pPDV1uKLZI
+    Hm6h6fRQX82gBwYFK4EEACKhZANiAAQ1Jb7uxkzgeJGIqgbkaoi1N3IanHGYTBS9
+    eqJZjF99TPBFgNFV4+SXjKOI7OzXLgUXxadiSHYajq6KHc/gbuuJ5oY26+0JIJZN
+    eF4LqFK8MnEwJW2tiXQaV0V8GObj+3o=
+    -----END EC PRIVATE KEY-----
+kind: ConfigMap
+metadata:
+  name: kpl-ssl
+  namespace: autodl

kpl_deploy_yaml/5-kpl-launcher/kpl-ssl-configmap.yaml

+apiVersion: v1
+data:
+  server.crt: |
+    -----BEGIN CERTIFICATE-----
+    MIICKTCCAbCgAwIBAgIJAOEzff/TB45/MAoGCCqGSM49BAMCMFMxCzAJBgNVBAYT
+    AkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRn
+    aXRzIFB0eSBMdGQxDDAKBgNVBAMMA0tQTDAeFw0yMDA2MDMwMzA2MDRaFw0zMDA2
+    MDEwMzA2MDRaMFMxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEw
+    HwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxDDAKBgNVBAMMA0tQTDB2
+    MBAGByqGSM49AgEGBSuBBAAiA2IABDUlvu7GTOB4kYiqBuRqiLU3chqccZhMFL16
+    olmMX31M8EWA0VXj5JeMo4js7NcuBRfFp2JIdhqOroodz+Bu64nmhjbr7Qkglk14
+    XguoUrwycTAlba2JdBpXRXwY5uP7eqNQME4wHQYDVR0OBBYEFPQ81JjaE8UG4FyX
+    Hjo09H9dRkcEMB8GA1UdIwQYMBaAFPQ81JjaE8UG4FyXHjo09H9dRkcEMAwGA1Ud
+    EwQFMAMBAf8wCgYIKoZIzj0EAwIDZwAwZAIwSCzsAdwv5fJOlAMI6W+0s5whygR3
+    VQEq88EffPmjQ8Cn6rqWFzev4Cd5W18Qput9AjAjoBh5WdlK1N0sIZpRLaCYK7El
+    2vab3X1CbV8MkwGJU7Vnjav+w185kSNpbpF6idw=
+    -----END CERTIFICATE-----
+  server.key: |
+    -----BEGIN EC PARAMETERS-----
+    BgUrgQQAIg==
+    -----END EC PARAMETERS-----
+    -----BEGIN EC PRIVATE KEY-----
+    MIGkAgEBBDCc8hpwAUrmEZUnFeD4Fi/OnMT2fAXVtJ50FIR/HCWMD/pPDV1uKLZI
+    Hm6h6fRQX82gBwYFK4EEACKhZANiAAQ1Jb7uxkzgeJGIqgbkaoi1N3IanHGYTBS9
+    eqJZjF99TPBFgNFV4+SXjKOI7OzXLgUXxadiSHYajq6KHc/gbuuJ5oY26+0JIJZN
+    eF4LqFK8MnEwJW2tiXQaV0V8GObj+3o=
+    -----END EC PRIVATE KEY-----
+kind: ConfigMap
+metadata:
+  creationTimestamp: "2020-06-03T03:06:22Z"
+  name: kpl-ssl
+  namespace: kpl
+  resourceVersion: "61559587"
+  selfLink: /api/v1/namespaces/kpl/configmaps/kpl-ssl
+  uid: 4c6174b1-3847-4c29-a7e7-fcd7b6e011e9