{{- /* Copyright Broadcom, Inc. All Rights Reserved. SPDX-License-Identifier: APACHE-2.0 */}} apiVersion: {{ include "common.capabilities.deployment.apiVersion" . }} kind: Deployment metadata: name: {{ template "common.names.fullname" . }} namespace: {{ include "common.names.namespace" . | quote }} labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} app.kubernetes.io/part-of: clickhouse-operator app.kubernetes.io/component: operator {{- if or .Values.deploymentAnnotations .Values.commonAnnotations }} {{- $annotations := include "common.tplvalues.merge" (dict "values" (list .Values.deploymentAnnotations .Values.commonAnnotations) "context" .) }} annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $ ) | nindent 4 }} {{- end }} spec: {{- if not .Values.autoscaling.hpa.enabled }} replicas: {{ .Values.replicaCount }} {{- end }} {{- if .Values.updateStrategy }} strategy: {{- toYaml .Values.updateStrategy | nindent 4 }} {{- end }} {{- $podLabels := include "common.tplvalues.merge" (dict "values" (list .Values.podLabels .Values.commonLabels) "context" .) }} selector: matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }} app.kubernetes.io/part-of: clickhouse-operator app.kubernetes.io/component: operator template: metadata: annotations: {{- if not .Values.existingConfigmap }} checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} {{- end }} {{- if not .Values.existingChiTemplatesConfigmap }} checksum/chi-templates: {{ include (print $.Template.BasePath "/chi-templates-configmap.yaml") . | sha256sum }} {{- end }} {{- if not .Values.existingChiConfigdConfigmap }} checksum/chi-configd: {{ include (print $.Template.BasePath "/chi-configd-configmap.yaml") . | sha256sum }} {{- end }} {{- if not .Values.existingChiUsersdConfigmap }} checksum/chi-usersd: {{ include (print $.Template.BasePath "/chi-usersd-configmap.yaml") . | sha256sum }} {{- end }} {{- if not .Values.existingChkTemplatesConfigmap }} checksum/chk-templates: {{ include (print $.Template.BasePath "/chk-templates-configmap.yaml") . | sha256sum }} {{- end }} {{- if not .Values.existingChkConfigdConfigmap }} checksum/chk-configd: {{ include (print $.Template.BasePath "/chk-configd-configmap.yaml") . | sha256sum }} {{- end }} {{- if not .Values.existingChkUsersdConfigmap }} checksum/chk-usersd: {{ include (print $.Template.BasePath "/chk-usersd-configmap.yaml") . | sha256sum }} {{- end }} {{- if or .Values.podAnnotations .Values.commonAnnotations }} {{- $podAnnotations := include "common.tplvalues.merge" (dict "values" (list .Values.podAnnotations .Values.commonAnnotations) "context" .) }} {{- include "common.tplvalues.render" (dict "value" $podAnnotations "context" $) | nindent 8 }} {{- end }} labels: {{- include "common.labels.standard" ( dict "customLabels" $podLabels "context" $ ) | nindent 8 }} app.kubernetes.io/part-of: clickhouse-operator app.kubernetes.io/component: operator spec: {{- include "clickhouse-operator.imagePullSecrets" . | nindent 6 }} serviceAccountName: {{ template "clickhouse-operator.serviceAccount.name" . }} automountServiceAccountToken: {{ .Values.automountServiceAccountToken }} {{- if .Values.hostAliases }} hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.hostAliases "context" $) | nindent 8 }} {{- end }} {{- if .Values.affinity }} affinity: {{- include "common.tplvalues.render" ( dict "value" .Values.affinity "context" $) | nindent 8 }} {{- else }} affinity: podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.podAffinityPreset "component" "operator" "customLabels" $podLabels "context" $) | nindent 10 }} podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.podAntiAffinityPreset "component" "operator" "customLabels" $podLabels "context" $) | nindent 10 }} nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.nodeAffinityPreset.type "key" .Values.nodeAffinityPreset.key "values" .Values.nodeAffinityPreset.values) | nindent 10 }} {{- end }} {{- if .Values.nodeSelector }} nodeSelector: {{- include "common.tplvalues.render" ( dict "value" .Values.nodeSelector "context" $) | nindent 8 }} {{- end }} {{- if .Values.tolerations }} tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.tolerations "context" .) | nindent 8 }} {{- end }} {{- if .Values.priorityClassName }} priorityClassName: {{ .Values.priorityClassName | quote }} {{- end }} {{- if .Values.schedulerName }} schedulerName: {{ .Values.schedulerName | quote }} {{- end }} {{- if .Values.topologySpreadConstraints }} topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.topologySpreadConstraints "context" .) | nindent 8 }} {{- end }} {{- if .Values.podSecurityContext.enabled }} securityContext: {{- omit .Values.podSecurityContext "enabled" | toYaml | nindent 8 }} {{- end }} {{- if .Values.terminationGracePeriodSeconds }} terminationGracePeriodSeconds: {{ .Values.terminationGracePeriodSeconds }} {{- end }} {{- if .Values.initContainers }} initContainers: {{- include "common.tplvalues.render" (dict "value" .Values.initContainers "context" $) | nindent 8 }} {{- end }} containers: - name: operator image: {{ template "clickhouse-operator.image" . }} imagePullPolicy: {{ .Values.image.pullPolicy }} {{- if .Values.containerSecurityContext.enabled }} securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.containerSecurityContext "context" $) | nindent 12 }} {{- end }} {{- if .Values.command }} command: {{- include "common.tplvalues.render" (dict "value" .Values.command "context" $) | nindent 12 }} {{- end }} {{- if .Values.args }} args: {{- include "common.tplvalues.render" (dict "value" .Values.args "context" $) | nindent 12 }} {{- end }} env: - name: OPERATOR_POD_NODE_NAME valueFrom: fieldRef: fieldPath: spec.nodeName - name: OPERATOR_POD_NAME valueFrom: fieldRef: fieldPath: metadata.name - name: OPERATOR_POD_NAMESPACE valueFrom: fieldRef: fieldPath: metadata.namespace - name: OPERATOR_POD_IP valueFrom: fieldRef: fieldPath: status.podIP - name: OPERATOR_POD_SERVICE_ACCOUNT valueFrom: fieldRef: fieldPath: spec.serviceAccountName - name: OPERATOR_CONTAINER_CPU_REQUEST valueFrom: resourceFieldRef: containerName: operator resource: requests.cpu - name: OPERATOR_CONTAINER_CPU_LIMIT valueFrom: resourceFieldRef: containerName: operator resource: limits.cpu - name: OPERATOR_CONTAINER_MEM_REQUEST valueFrom: resourceFieldRef: containerName: operator resource: requests.memory - name: OPERATOR_CONTAINER_MEM_LIMIT valueFrom: resourceFieldRef: containerName: operator resource: limits.memory - name: CLICKHOUSE_CONTAINER_IMAGE value: {{ include "clickhouse-operator.clickhouse.image" . | quote }} - name: KEEPER_CONTAINER_IMAGE value: {{ include "clickhouse-operator.keeper.image" . | quote }} {{- if .Values.extraEnvVars }} {{- include "common.tplvalues.render" (dict "value" .Values.extraEnvVars "context" $) | nindent 12 }} {{- end }} envFrom: {{- if .Values.extraEnvVarsCM }} - configMapRef: name: {{ include "common.tplvalues.render" (dict "value" .Values.extraEnvVarsCM "context" $) }} {{- end }} {{- if .Values.extraEnvVarsSecret }} - secretRef: name: {{ include "common.tplvalues.render" (dict "value" .Values.extraEnvVarsSecret "context" $) }} {{- end }} {{- if .Values.resources }} resources: {{- toYaml .Values.resources | nindent 12 }} {{- else if ne .Values.resourcesPreset "none" }} resources: {{- include "common.resources.preset" (dict "type" .Values.resourcesPreset) | nindent 12 }} {{- end }} ports: - name: metrics containerPort: {{ .Values.containerPorts.metrics }} {{- if .Values.extraContainerPorts }} {{- include "common.tplvalues.render" (dict "value" .Values.extraContainerPorts "context" $) | nindent 12 }} {{- end }} {{- if .Values.customLivenessProbe }} livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.customLivenessProbe "context" $) | nindent 12 }} {{- else if .Values.livenessProbe.enabled }} livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.livenessProbe "enabled") "context" $) | nindent 12 }} tcpSocket: port: metrics {{- end }} {{- if .Values.customReadinessProbe }} readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.customReadinessProbe "context" $) | nindent 12 }} {{- else if .Values.readinessProbe.enabled }} readinessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.readinessProbe "enabled") "context" $) | nindent 12 }} httpGet: path: /metrics port: metrics {{- end }} {{- if .Values.customStartupProbe }} startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.customStartupProbe "context" $) | nindent 12 }} {{- else if .Values.startupProbe.enabled }} startupProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.startupProbe "enabled") "context" $) | nindent 12 }} tcpSocket: port: metrics {{- end }} {{- if .Values.lifecycleHooks }} lifecycle: {{- include "common.tplvalues.render" (dict "value" .Values.lifecycleHooks "context" $) | nindent 12 }} {{- end }} volumeMounts: - name: empty-dir mountPath: /tmp subPath: tmp-dir - name: config mountPath: /etc/clickhouse-operator readOnly: true - name: chi-templates mountPath: /etc/clickhouse-operator/chi/templates.d readOnly: true - name: chi-configd mountPath: /etc/clickhouse-operator/chi/config.d readOnly: true - name: chi-usersd mountPath: /etc/clickhouse-operator/chi/users.d readOnly: true {{- if or .Values.chkTemplate .Values.existingChkTemplatesConfigmap }} - name: chk-templates mountPath: /etc/clickhouse-operator/chk/templates.d readOnly: true {{- end }} - name: chk-configd mountPath: /etc/clickhouse-operator/chk/keeper_config.d readOnly: true {{- if or .Values.chkUsersd .Values.existingChkUsersdConfigmap }} - name: chk-usersd mountPath: /etc/clickhouse-operator/chk/users.d readOnly: true {{- end }} {{- if .Values.extraVolumeMounts }} {{- include "common.tplvalues.render" (dict "value" .Values.extraVolumeMounts "context" $) | nindent 12 }} {{- end }} {{- if .Values.metrics.enabled }} - name: metrics-exporter image: {{ template "clickhouse-operator.metrics.image" . }} imagePullPolicy: {{ .Values.metrics.image.pullPolicy }} {{- if .Values.metrics.containerSecurityContext.enabled }} securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.metrics.containerSecurityContext "context" $) | nindent 12 }} {{- end }} env: - name: OPERATOR_POD_NODE_NAME valueFrom: fieldRef: fieldPath: spec.nodeName - name: OPERATOR_POD_NAME valueFrom: fieldRef: fieldPath: metadata.name - name: OPERATOR_POD_NAMESPACE valueFrom: fieldRef: fieldPath: metadata.namespace - name: OPERATOR_POD_IP valueFrom: fieldRef: fieldPath: status.podIP - name: OPERATOR_POD_SERVICE_ACCOUNT valueFrom: fieldRef: fieldPath: spec.serviceAccountName - name: OPERATOR_CONTAINER_CPU_REQUEST valueFrom: resourceFieldRef: containerName: operator resource: requests.cpu - name: OPERATOR_CONTAINER_CPU_LIMIT valueFrom: resourceFieldRef: containerName: operator resource: limits.cpu - name: OPERATOR_CONTAINER_MEM_REQUEST valueFrom: resourceFieldRef: containerName: operator resource: requests.memory - name: OPERATOR_CONTAINER_MEM_LIMIT valueFrom: resourceFieldRef: containerName: operator resource: limits.memory {{- if .Values.metrics.extraEnvVars }} {{- include "common.tplvalues.render" (dict "value" .Values.metrics.extraEnvVars "context" $) | nindent 12 }} {{- end }} envFrom: {{- if .Values.metrics.extraEnvVarsCM }} - configMapRef: name: {{ include "common.tplvalues.render" (dict "value" .Values.metrics.extraEnvVarsCM "context" $) }} {{- end }} {{- if .Values.metrics.extraEnvVarsSecret }} - secretRef: name: {{ include "common.tplvalues.render" (dict "value" .Values.metrics.extraEnvVarsSecret "context" $) }} {{- end }} {{- if .Values.metrics.resources }} resources: {{- toYaml .Values.metrics.resources | nindent 12 }} {{- else if ne .Values.metrics.resourcesPreset "none" }} resources: {{- include "common.resources.preset" (dict "type" .Values.metrics.resourcesPreset) | nindent 12 }} {{- end }} ports: - name: metrics containerPort: {{ .Values.metrics.containerPorts.metrics }} {{- if .Values.metrics.extraContainerPorts }} {{- include "common.tplvalues.render" (dict "value" .Values.metrics.extraContainerPorts "context" $) | nindent 12 }} {{- end }} {{- if .Values.metrics.customLivenessProbe }} livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.metrics.customLivenessProbe "context" $) | nindent 12 }} {{- else if .Values.metrics.livenessProbe.enabled }} livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.metrics.livenessProbe "enabled") "context" $) | nindent 12 }} tcpSocket: port: metrics {{- end }} {{- if .Values.metrics.customReadinessProbe }} readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.metrics.customReadinessProbe "context" $) | nindent 12 }} {{- else if .Values.metrics.readinessProbe.enabled }} readinessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.metrics.readinessProbe "enabled") "context" $) | nindent 12 }} httpGet: path: /metrics port: metrics {{- end }} {{- if .Values.metrics.customStartupProbe }} startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.metrics.customStartupProbe "context" $) | nindent 12 }} {{- else if .Values.metrics.startupProbe.enabled }} startupProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.metrics.startupProbe "enabled") "context" $) | nindent 12 }} tcpSocket: port: metrics {{- end }} volumeMounts: - name: empty-dir mountPath: /tmp subPath: tmp-dir - name: config mountPath: /etc/clickhouse-operator readOnly: true {{- end }} {{- if .Values.sidecars }} {{- include "common.tplvalues.render" ( dict "value" .Values.sidecars "context" $) | nindent 8 }} {{- end }} volumes: - name: empty-dir emptyDir: {} - name: config configMap: name: {{ template "clickhouse-operator.configmap.name" . }} items: - key: config.yaml path: config.yaml - name: chi-templates configMap: name: {{ template "clickhouse-operator.chiTemplates.configmap.name" . }} - name: chi-configd configMap: name: {{ template "clickhouse-operator.chiConfigd.configmap.name" . }} - name: chi-usersd configMap: name: {{ template "clickhouse-operator.chiUsersd.configmap.name" . }} {{- if or .Values.chkTemplate .Values.existingChkTemplatesConfigmap }} - name: chk-templates configMap: name: {{ template "clickhouse-operator.chkTemplates.configmap.name" . }} {{- end }} - name: chk-configd configMap: name: {{ template "clickhouse-operator.chkConfigd.configmap.name" . }} {{- if or .Values.chkUsersd .Values.existingChkUsersdConfigmap }} - name: chk-usersd configMap: name: {{ template "clickhouse-operator.chkUsersd.configmap.name" . }} {{- end }} {{- if .Values.extraVolumes }} {{- include "common.tplvalues.render" (dict "value" .Values.extraVolumes "context" $) | nindent 8 }} {{- end }}