[stable/zed] Add TLS to node exporter (#1780) This is manual cherry-pick, Fixes #1778 Initial round of node-tls-sidecar Fix image name Added pod-tls-sidecar for node-exporter The art of escaping Helm and Ansible Fix configmap mount Dance around Helm Fix volume mount Mount service token Added RBAC Fix role binding name Switch node exporter to use TLS Fix mount Switch to VerifyClientCertIfGiven

commit: e47a25b035e262525ae51360b9be5c6bbecc3f6a [log] [tgz]
author: Yaguang Tang <yaguang.tang@vexxhost.com> Mon Aug 12 23:03:11 2024 +0800
committer: GitHub <noreply@github.com> Mon Aug 12 15:03:11 2024 +0000
tree: 7ac5f1689ddad443dc6bf00f3e799ef0a5a70b91
parent: 927278fa36b1542d9b964138d7a2c0cb468ef609 [diff]
diff --git a/roles/defaults/vars/main.yml b/roles/defaults/vars/main.yml
index 0a192ea..7fd144c 100644
--- a/roles/defaults/vars/main.yml
+++ b/roles/defaults/vars/main.yml

@@ -193,6 +193,7 @@
   percona_version_service: docker.io/perconalab/version-service:main-3325140
   placement_db_sync: "registry.atmosphere.dev/library/placement:{{ atmosphere_release }}"
   placement: "registry.atmosphere.dev/library/placement:{{ atmosphere_release }}"
+  pod_tls_sidecar: registry.atmosphere.dev/library/pod-tls-sidecar:latest
   prometheus_config_reloader: quay.io/prometheus-operator/prometheus-config-reloader:v0.73.0
   prometheus_ipmi_exporter: us-docker.pkg.dev/vexxhost-infra/openstack/ipmi-exporter:1.4.0
   prometheus_memcached_exporter: quay.io/prometheus/memcached-exporter:v0.10.0
commit	e47a25b035e262525ae51360b9be5c6bbecc3f6a	[log] [tgz]
author	Yaguang Tang <yaguang.tang@vexxhost.com>	Mon Aug 12 23:03:11 2024 +0800
committer	GitHub <noreply@github.com>	Mon Aug 12 15:03:11 2024 +0000
tree	7ac5f1689ddad443dc6bf00f3e799ef0a5a70b91
parent	927278fa36b1542d9b964138d7a2c0cb468ef609 [diff]