deployment.yaml 8.3 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233
  1. apiVersion: apps/v1
  2. kind: Deployment
  3. metadata:
  4. name: {{ template "podinfo.fullname" . }}
  5. namespace: {{ include "podinfo.namespace" . }}
  6. labels:
  7. {{- include "podinfo.labels" . | nindent 4 }}
  8. spec:
  9. {{- if not .Values.hpa.enabled }}
  10. replicas: {{ .Values.replicaCount }}
  11. {{- end }}
  12. strategy:
  13. type: RollingUpdate
  14. rollingUpdate:
  15. maxUnavailable: 1
  16. selector:
  17. matchLabels:
  18. {{- include "podinfo.selectorLabels" . | nindent 6 }}
  19. template:
  20. metadata:
  21. labels:
  22. {{- include "podinfo.selectorLabels" . | nindent 8 }}
  23. annotations:
  24. prometheus.io/scrape: "true"
  25. prometheus.io/port: "{{ .Values.service.httpPort }}"
  26. {{- range $key, $value := .Values.podAnnotations }}
  27. {{ $key }}: {{ $value | quote }}
  28. {{- end }}
  29. spec:
  30. terminationGracePeriodSeconds: 30
  31. {{- if .Values.serviceAccount.enabled }}
  32. serviceAccountName: {{ template "podinfo.serviceAccountName" . }}
  33. {{- end }}
  34. {{- if .Values.image.pullSecrets }}
  35. imagePullSecrets: {{ toYaml .Values.image.pullSecrets | nindent 8 }}
  36. {{- end }}
  37. containers:
  38. - name: {{ .Chart.Name }}
  39. image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
  40. imagePullPolicy: {{ .Values.image.pullPolicy }}
  41. {{- if .Values.securityContext }}
  42. securityContext:
  43. {{- toYaml .Values.securityContext | nindent 12 }}
  44. {{- else if (or .Values.service.hostPort .Values.tls.hostPort) }}
  45. securityContext:
  46. allowPrivilegeEscalation: true
  47. capabilities:
  48. drop:
  49. - ALL
  50. add:
  51. - NET_BIND_SERVICE
  52. {{- end }}
  53. command:
  54. - ./podinfo
  55. - --port={{ .Values.service.httpPort | default 9898 }}
  56. - --prefix={{ .Values.prefix | default "/" }}
  57. {{- if .Values.host }}
  58. - --host={{ .Values.host }}
  59. {{- end }}
  60. {{- if .Values.tls.enabled }}
  61. - --secure-port={{ .Values.tls.port }}
  62. {{- end }}
  63. {{- if .Values.tls.certPath }}
  64. - --cert-path={{ .Values.tls.certPath }}
  65. {{- end }}
  66. {{- if .Values.service.metricsPort }}
  67. - --port-metrics={{ .Values.service.metricsPort }}
  68. {{- end }}
  69. {{- if .Values.service.grpcPort }}
  70. - --grpc-port={{ .Values.service.grpcPort }}
  71. {{- end }}
  72. {{- if .Values.service.grpcService }}
  73. - --grpc-service-name={{ .Values.service.grpcService }}
  74. {{- end }}
  75. {{- range .Values.backends }}
  76. - --backend-url={{ . }}
  77. {{- end }}
  78. {{- if .Values.cache }}
  79. - --cache-server={{ .Values.cache }}
  80. {{- else if .Values.redis.enabled }}
  81. - --cache-server=tcp://{{ template "podinfo.fullname" . }}-redis:6379
  82. {{- end }}
  83. - --level={{ .Values.logLevel }}
  84. - --random-delay={{ .Values.faults.delay }}
  85. - --random-error={{ .Values.faults.error }}
  86. {{- if .Values.faults.unhealthy }}
  87. - --unhealthy
  88. {{- end }}
  89. {{- if .Values.faults.unready }}
  90. - --unready
  91. {{- end }}
  92. {{- if .Values.h2c.enabled }}
  93. - --h2c
  94. {{- end }}
  95. {{- with .Values.config.path }}
  96. - --config-path={{ . }}
  97. {{- end }}
  98. {{- with .Values.config.name }}
  99. - --config={{ . }}
  100. {{- end }}
  101. {{- with .Values.extraArgs }}
  102. {{- toYaml . | nindent 12 }}
  103. {{- end }}
  104. env:
  105. {{- if .Values.ui.message }}
  106. - name: PODINFO_UI_MESSAGE
  107. value: {{ quote .Values.ui.message }}
  108. {{- end }}
  109. {{- if .Values.ui.logo }}
  110. - name: PODINFO_UI_LOGO
  111. value: {{ .Values.ui.logo }}
  112. {{- end }}
  113. {{- if .Values.ui.color }}
  114. - name: PODINFO_UI_COLOR
  115. value: {{ quote .Values.ui.color }}
  116. {{- end }}
  117. {{- if .Values.backend }}
  118. - name: PODINFO_BACKEND_URL
  119. value: {{ .Values.backend }}
  120. {{- end }}
  121. {{- if .Values.extraEnvs }}
  122. {{ toYaml .Values.extraEnvs | indent 10 }}
  123. {{- end }}
  124. ports:
  125. - name: http
  126. containerPort: {{ .Values.service.httpPort | default 9898 }}
  127. protocol: TCP
  128. {{- if .Values.service.hostPort }}
  129. hostPort: {{ .Values.service.hostPort }}
  130. {{- end }}
  131. {{- if .Values.tls.enabled }}
  132. - name: https
  133. containerPort: {{ .Values.tls.port | default 9899 }}
  134. protocol: TCP
  135. {{- if .Values.tls.hostPort }}
  136. hostPort: {{ .Values.tls.hostPort }}
  137. {{- end }}
  138. {{- end }}
  139. {{- if .Values.service.metricsPort }}
  140. - name: http-metrics
  141. containerPort: {{ .Values.service.metricsPort }}
  142. protocol: TCP
  143. {{- end }}
  144. {{- if .Values.service.grpcPort }}
  145. - name: grpc
  146. containerPort: {{ .Values.service.grpcPort }}
  147. protocol: TCP
  148. {{- end }}
  149. {{- if .Values.probes.startup.enable }}
  150. startupProbe:
  151. exec:
  152. command:
  153. - podcli
  154. - check
  155. - http
  156. - localhost:{{ .Values.service.httpPort | default 9898 }}{{ trimSuffix "/" (.Values.prefix | default "/") }}/healthz
  157. {{- with .Values.probes.startup }}
  158. initialDelaySeconds: {{ .initialDelaySeconds | default 1 }}
  159. timeoutSeconds: {{ .timeoutSeconds | default 5 }}
  160. failureThreshold: {{ .failureThreshold | default 3 }}
  161. successThreshold: {{ .successThreshold | default 1 }}
  162. periodSeconds: {{ .periodSeconds | default 10 }}
  163. {{- end }}
  164. {{- end }}
  165. livenessProbe:
  166. exec:
  167. command:
  168. - podcli
  169. - check
  170. - http
  171. - localhost:{{ .Values.service.httpPort | default 9898 }}{{ trimSuffix "/" (.Values.prefix | default "/") }}/healthz
  172. {{- with .Values.probes.liveness }}
  173. initialDelaySeconds: {{ .initialDelaySeconds | default 1 }}
  174. timeoutSeconds: {{ .timeoutSeconds | default 5 }}
  175. failureThreshold: {{ .failureThreshold | default 3 }}
  176. successThreshold: {{ .successThreshold | default 1 }}
  177. periodSeconds: {{ .periodSeconds | default 10 }}
  178. {{- end }}
  179. readinessProbe:
  180. exec:
  181. command:
  182. - podcli
  183. - check
  184. - http
  185. - localhost:{{ .Values.service.httpPort | default 9898 }}{{ trimSuffix "/" (.Values.prefix | default "/") }}/readyz
  186. {{- with .Values.probes.readiness }}
  187. initialDelaySeconds: {{ .initialDelaySeconds | default 1 }}
  188. timeoutSeconds: {{ .timeoutSeconds | default 5 }}
  189. failureThreshold: {{ .failureThreshold | default 3 }}
  190. successThreshold: {{ .successThreshold | default 1 }}
  191. periodSeconds: {{ .periodSeconds | default 10 }}
  192. {{- end }}
  193. volumeMounts:
  194. - name: data
  195. mountPath: /data
  196. {{- if .Values.tls.enabled }}
  197. - name: tls
  198. mountPath: {{ .Values.tls.certPath | default "/data/cert" }}
  199. readOnly: true
  200. {{- end }}
  201. resources:
  202. {{ toYaml .Values.resources | indent 12 }}
  203. {{- with .Values.podSecurityContext }}
  204. securityContext:
  205. {{ toYaml . | indent 8 }}
  206. {{- end }}
  207. {{- with .Values.nodeSelector }}
  208. nodeSelector:
  209. {{ toYaml . | indent 8 }}
  210. {{- end }}
  211. {{- with .Values.affinity }}
  212. affinity:
  213. {{ toYaml . | indent 8 }}
  214. {{- end }}
  215. {{- with .Values.tolerations }}
  216. tolerations:
  217. {{ toYaml . | indent 8 }}
  218. {{- end }}
  219. {{- with .Values.priorityClassName }}
  220. priorityClassName: {{ . }}
  221. {{- end }}
  222. volumes:
  223. - name: data
  224. emptyDir: {}
  225. {{- if .Values.tls.enabled }}
  226. - name: tls
  227. secret:
  228. secretName: {{ template "podinfo.tlsSecretName" . }}
  229. {{- end }}
  230. {{- with .Values.topologySpreadConstraints }}
  231. topologySpreadConstraints:
  232. {{- toYaml . | nindent 8 }}
  233. {{- end }}