blob: 3d51abc526f94227a65f5cce46fc7770a1ef57c0 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
|
apiVersion: v1
kind: List
items:
- apiVersion: v1
kind: ServiceAccount
metadata:
name: dockergc
# You must grant privileged via: oc adm policy add-scc-to-user -z dockergc privileged
# in order for the dockergc to access the docker socket and root directory
- apiVersion: extensions/v1beta1
kind: DaemonSet
metadata:
name: dockergc
labels:
app: dockergc
spec:
template:
metadata:
labels:
app: dockergc
name: dockergc
spec:
{# Only set nodeSelector if the dict is not empty #}
{% if r_docker_gc_node_selectors %}
nodeSelector:
{% for k,v in r_docker_gc_node_selectors.items() %}
{{ k }}: {{ v }}{% endfor %}{% endif %}
serviceAccountName: dockergc
containers:
- image: openshift/origin:latest
args:
- "ex"
- "dockergc"
- "--image-gc-low-threshold=60"
- "--image-gc-high-threshold=80"
- "--minimum-ttl-duration=1h0m0s"
securityContext:
privileged: true
name: dockergc
resources:
requests:
memory: 30Mi
cpu: 50m
volumeMounts:
- name: docker-root
readOnly: true
mountPath: /var/lib/docker
- name: docker-socket
readOnly: false
mountPath: /var/run/docker.sock
volumes:
- name: docker-root
hostPath:
path: /var/lib/docker
- name: docker-socket
hostPath:
path: /var/run/docker.sock
|
