Bitnami/charts
2
0
Fork 0
mirror of https://github.com/bitnami/charts.git synced 2026-03-06 06:58:50 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
b0c3bfdf2ecd2ea00a43e7bbae649bdceed6a457
charts/bitnami/contour/templates/envoy/deployment.yaml
Ilya c145746c8d [bitnami/contour]: fix typos (#8626)
2022-01-11 16:14:32 +01:00

315 lines
15 KiB
YAML
Raw Blame History

{{- if and .Values.envoy.enabled (eq .Values.envoy.kind "deployment") }}
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ printf "%s-envoy" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-" }}
namespace: {{ .Release.Namespace }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: envoy
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
spec:
{{- if not .Values.envoy.autoscaling.enabled }}
replicas: {{ .Values.envoy.replicaCount }}
{{- end }}
revisionHistoryLimit: {{ .Values.envoy.revisionHistoryLimit }}
{{- if .Values.envoy.updateStrategy }}
strategy: {{- toYaml .Values.envoy.updateStrategy | nindent 4 }}
{{- end }}
minReadySeconds: {{ .Values.envoy.minReadySeconds }}
selector:
matchLabels: {{- include "common.labels.matchLabels" . | nindent 6 }}
app.kubernetes.io/component: envoy
template:
metadata:
{{- if .Values.envoy.podAnnotations }}
annotations: {{- include "common.tplvalues.render" (dict "value" .Values.envoy.podAnnotations "context" $) | nindent 8 }}
{{- end }}
labels: {{- include "common.labels.standard" . | nindent 8 }}
app.kubernetes.io/component: envoy
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 8 }}
{{- end }}
spec:
{{- include "common.images.pullSecrets" ( dict "images" (list .Values.contour.image .Values.envoy.image) "global" .Values.global) | nindent 6 }}
{{- if .Values.envoy.hostAliases }}
hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.envoy.hostAliases "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.envoy.affinity }}
affinity: {{- include "common.tplvalues.render" (dict "value" .Values.envoy.affinity "context" $) | nindent 8 }}
{{- else }}
affinity:
podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.envoy.podAffinityPreset "component" "envoy" "context" $) | nindent 10 }}
podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.envoy.podAntiAffinityPreset "component" "envoy" "context" $) | nindent 10 }}
nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.envoy.nodeAffinityPreset.type "key" .Values.envoy.nodeAffinityPreset.key "values" .Values.envoy.nodeAffinityPreset.values) | nindent 10 }}
{{- end }}
{{- if .Values.envoy.priorityClassName }}
priorityClassName: {{ .Values.envoy.priorityClassName | quote }}
{{- end }}
{{- if .Values.envoy.nodeSelector }}
nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.envoy.nodeSelector "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.envoy.tolerations }}
tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.envoy.tolerations "context" $) | nindent 8 }}
{{- end }}
terminationGracePeriodSeconds: {{ .Values.envoy.terminationGracePeriodSeconds }}
hostNetwork: {{ .Values.envoy.hostNetwork }}
dnsPolicy: {{ .Values.envoy.dnsPolicy }}
{{- if .Values.envoy.podSecurityContext.enabled }}
securityContext:
fsGroup: {{ .Values.envoy.podSecurityContext.fsGroup }}
{{- if .Values.envoy.podSecurityContext.sysctls }}
sysctls:
{{- toYaml .Values.envoy.podSecurityContext.sysctls | nindent 8 }}
{{- end }}
{{- end }}
containers:
- command:
- contour
args:
- envoy
- shutdown-manager
image: {{ include "common.images.image" ( dict "imageRoot" .Values.contour.image "global" .Values.global) }}
imagePullPolicy: {{ .Values.contour.image.pullPolicy }}
{{- if .Values.contour.extraEnvVars }}
env:
{{- include "common.tplvalues.render" (dict "value" .Values.contour.extraEnvVars "context" $) | nindent 12 }}
{{- end }}
{{- if or .Values.contour.extraEnvVarsCM .Values.contour.extraEnvVarsSecret }}
envFrom:
{{- if .Values.contour.extraEnvVarsCM }}
- configMapRef:
name: {{ include "common.tplvalues.render" ( dict "value" .Values.contour.extraEnvVarsCM "context" $ ) }}
{{- end }}
{{- if .Values.contour.extraEnvVarsSecret }}
- secretRef:
name: {{ include "common.tplvalues.render" ( dict "value" .Values.contour.extraEnvVarsSecret "context" $ ) }}
{{- end }}
{{- end }}
lifecycle:
preStop:
exec:
command:
- contour
- envoy
- shutdown
{{- if .Values.contour.livenessProbe.enabled }}
livenessProbe:
httpGet:
path: /healthz
port: 8090
initialDelaySeconds: {{ .Values.contour.livenessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.contour.livenessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.contour.livenessProbe.timeoutSeconds }}
successThreshold: {{ .Values.contour.livenessProbe.successThreshold }}
failureThreshold: {{ .Values.contour.livenessProbe.failureThreshold }}
{{- end }}
name: shutdown-manager
resources: {{- toYaml .Values.envoy.shutdownManager.resources | nindent 12 }}
volumeMounts:
- name: envoy-admin
mountPath: /admin
{{- if .Values.envoy.extraVolumeMounts }}
{{- include "common.tplvalues.render" ( dict "value" .Values.envoy.extraVolumeMounts "context" $ ) | nindent 12 }}
{{- end }}
- name: envoy
{{- if .Values.envoy.command }}
command: {{- include "common.tplvalues.render" (dict "value" .Values.envoy.command "context" $) | nindent 12 }}
{{- else }}
command:
- envoy
{{- end }}
{{- if .Values.envoy.args }}
args: {{- include "common.tplvalues.render" (dict "value" .Values.envoy.args "context" $) | nindent 12 }}
{{- else }}
args:
- -c
- /config/envoy.json
- --service-cluster $(CONTOUR_NAMESPACE)
- --service-node $(ENVOY_POD_NAME)
- --log-level {{ .Values.envoy.logLevel }}
{{- if .Values.envoy.extraArgs }}
{{- include "common.tplvalues.render" (dict "value" .Values.envoy.extraArgs "context" $) | nindent 12 }}
{{- end }}
{{- end }}
image: {{ include "common.images.image" ( dict "imageRoot" .Values.envoy.image "global" .Values.global ) }}
imagePullPolicy: {{ .Values.envoy.image.pullPolicy }}
{{- if .Values.envoy.containerSecurityContext.enabled }}
securityContext:
runAsUser: {{ .Values.envoy.containerSecurityContext.runAsUser }}
{{- end }}
env:
- name: CONTOUR_NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
- name: ENVOY_POD_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.name
{{- if .Values.envoy.extraEnvVars }}
{{- include "common.tplvalues.render" (dict "value" .Values.envoy.extraEnvVars "context" $) | nindent 12 }}
{{- end }}
{{- if or .Values.envoy.extraEnvVarsCM .Values.envoy.extraEnvVarsSecret }}
envFrom:
{{- if .Values.envoy.extraEnvVarsCM }}
- configMapRef:
name: {{ include "common.tplvalues.render" ( dict "value" .Values.envoy.extraEnvVarsCM "context" $ ) }}
{{- end }}
{{- if .Values.envoy.extraEnvVarsSecret }}
- secretRef:
name: {{ include "common.tplvalues.render" ( dict "value" .Values.envoy.extraEnvVarsSecret "context" $ ) }}
{{- end }}
{{- end }}
ports:
- containerPort: {{ .Values.envoy.containerPorts.http }}
{{- if .Values.envoy.useHostPort }}
hostPort: {{ .Values.envoy.hostPorts.http }}
{{- end }}
{{- if .Values.envoy.useHostIP }}
hostIP: {{ .Values.envoy.hostIPs.http }}
{{- end }}
name: http
protocol: TCP
- containerPort: {{ .Values.envoy.containerPorts.https }}
{{- if .Values.envoy.useHostPort }}
hostPort: {{ .Values.envoy.hostPorts.https }}
{{- end }}
{{- if .Values.envoy.useHostIP }}
hostIP: {{ .Values.envoy.hostIPs.https }}
{{- end }}
name: https
protocol: TCP
- containerPort: 8002
name: metrics
protocol: TCP
{{- if .Values.envoy.readinessProbe.enabled }}
readinessProbe:
httpGet:
path: /ready
port: 8002
initialDelaySeconds: {{ .Values.envoy.readinessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.envoy.readinessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.envoy.readinessProbe.timeoutSeconds }}
successThreshold: {{ .Values.envoy.readinessProbe.successThreshold }}
failureThreshold: {{ .Values.envoy.readinessProbe.failureThreshold }}
{{- else if .Values.envoy.customReadinessProbe }}
readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.envoy.customReadinessProbe "context" $) | nindent 12 }}
{{- end }}
{{- if .Values.envoy.livenessProbe.enabled }}
livenessProbe:
httpGet:
path: /ready
port: 8002
initialDelaySeconds: {{ .Values.envoy.livenessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.envoy.livenessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.envoy.livenessProbe.timeoutSeconds }}
successThreshold: {{ .Values.envoy.livenessProbe.successThreshold }}
failureThreshold: {{ .Values.envoy.livenessProbe.failureThreshold }}
{{- else if .Values.envoy.customLivenessProbe }}
livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.envoy.customLivenessProbe "context" $) | nindent 12 }}
{{- end }}
{{- if .Values.envoy.startupProbe.enabled }}
startupProbe:
httpGet:
path: /ready
port: 8002
initialDelaySeconds: {{ .Values.envoy.startupProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.envoy.startupProbe.periodSeconds }}
timeoutSeconds: {{ .Values.envoy.startupProbe.timeoutSeconds }}
successThreshold: {{ .Values.envoy.startupProbe.successThreshold }}
failureThreshold: {{ .Values.envoy.startupProbe.failureThreshold }}
{{- else if .Values.envoy.customStartupProbe }}
startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.envoy.customStartupProbe "context" $) | nindent 12 }}
{{- end }}
resources: {{- toYaml .Values.envoy.resources | nindent 12 }}
volumeMounts:
- name: envoy-config
mountPath: /config
- name: envoycert
mountPath: /certs
- name: envoy-admin
mountPath: /admin
{{- if .Values.envoy.extraVolumeMounts }}
{{- include "common.tplvalues.render" ( dict "value" .Values.envoy.extraVolumeMounts "context" $ ) | nindent 12 }}
{{- end }}
lifecycle:
preStop:
httpGet:
path: /shutdown
port: 8090
scheme: HTTP
{{- if .Values.envoy.sidecars }}
{{- include "common.tplvalues.render" ( dict "value" .Values.envoy.sidecars "context" $ ) | nindent 8 }}
{{- end }}
initContainers:
- command:
- contour
args:
- bootstrap
- /config/envoy.json
- --xds-address={{ template "common.names.fullname" . }}
- --xds-port=8001
- --resources-dir=/config/resources
- --envoy-cafile=/certs/ca.crt
- --envoy-cert-file=/certs/tls.crt
- --envoy-key-file=/certs/tls.key
image: {{ include "common.images.image" ( dict "imageRoot" .Values.contour.image "global" .Values.global) }}
imagePullPolicy: {{ .Values.contour.image.pullPolicy }}
name: envoy-initconfig
resources: {{ toYaml .Values.contour.resources | nindent 12 }}
volumeMounts:
- name: envoy-config
mountPath: /config
- name: envoycert
mountPath: /certs
readOnly: true
- name: envoy-admin
mountPath: /admin
{{- if .Values.envoy.extraVolumeMounts }}
{{- include "common.tplvalues.render" ( dict "value" .Values.envoy.extraVolumeMounts "context" $ ) | nindent 12 }}
{{- end }}
env:
- name: CONTOUR_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
{{- if .Values.contour.extraEnvVars }}
{{- include "common.tplvalues.render" (dict "value" .Values.contour.extraEnvVars "context" $) | nindent 12 }}
{{- end }}
{{- if or .Values.contour.extraEnvVarsCM .Values.contour.extraEnvVarsSecret }}
envFrom:
{{- if .Values.contour.extraEnvVarsCM }}
- configMapRef:
name: {{ include "common.tplvalues.render" ( dict "value" .Values.contour.extraEnvVarsCM "context" $ ) }}
{{- end }}
{{- if .Values.contour.extraEnvVarsSecret }}
- secretRef:
name: {{ include "common.tplvalues.render" ( dict "value" .Values.contour.extraEnvVarsSecret "context" $ ) }}
{{- end }}
{{- end }}
{{- if .Values.envoy.initContainers }}
{{- include "common.tplvalues.render" ( dict "value" .Values.envoy.initContainers "context" $ ) | nindent 8 }}
{{- end }}
automountServiceAccountToken: {{ .Values.envoy.serviceAccount.automountServiceAccountToken }}
serviceAccountName: {{ include "envoy.envoyServiceAccountName" . }}
volumes:
- name: envoy-admin
emptyDir: {}
- name: envoy-config
emptyDir: {}
- name: envoycert
secret:
secretName: {{ include "contour.envoy.certs-secret.name" . }}
{{- if .Values.envoy.extraVolumes }}
{{- include "common.tplvalues.render" ( dict "value" .Values.envoy.extraVolumes "context" $ ) | nindent 8 }}
{{- end }}
restartPolicy: Always
{{- end }}
Reference in New Issue View Git Blame Copy Permalink