apiVersion: apps/v1 kind: DaemonSet metadata: labels: {{- include "longhorn.labels" . | nindent 4 }} app: longhorn-manager name: longhorn-manager namespace: {{ include "release_namespace" . }} spec: selector: matchLabels: app: longhorn-manager template: metadata: labels: {{- include "longhorn.labels" . | nindent 8 }} app: longhorn-manager {{- with .Values.annotations }} annotations: {{- toYaml . | nindent 8 }} {{- end }} spec: initContainers: - name: wait-longhorn-admission-webhook image: {{ template "registry_url" . }}{{ .Values.image.longhorn.manager.repository }}:{{ .Values.image.longhorn.manager.tag }} command: ['sh', '-c', 'while [ $(curl -m 1 -s -o /dev/null -w "%{http_code}" -k https://longhorn-admission-webhook:9443/v1/healthz) != "200" ]; do echo waiting; sleep 2; done'] containers: - name: longhorn-manager image: {{ template "registry_url" . }}{{ .Values.image.longhorn.manager.repository }}:{{ .Values.image.longhorn.manager.tag }} imagePullPolicy: {{ .Values.image.pullPolicy }} securityContext: privileged: true command: - longhorn-manager - -d - daemon - --engine-image - "{{ template "registry_url" . }}{{ .Values.image.longhorn.engine.repository }}:{{ .Values.image.longhorn.engine.tag }}" - --instance-manager-image - "{{ template "registry_url" . }}{{ .Values.image.longhorn.instanceManager.repository }}:{{ .Values.image.longhorn.instanceManager.tag }}" - --share-manager-image - "{{ template "registry_url" . }}{{ .Values.image.longhorn.shareManager.repository }}:{{ .Values.image.longhorn.shareManager.tag }}" - --backing-image-manager-image - "{{ template "registry_url" . }}{{ .Values.image.longhorn.backingImageManager.repository }}:{{ .Values.image.longhorn.backingImageManager.tag }}" - --manager-image - "{{ template "registry_url" . }}{{ .Values.image.longhorn.manager.repository }}:{{ .Values.image.longhorn.manager.tag }}" - --service-account - longhorn-service-account ports: - containerPort: 9500 name: manager readinessProbe: tcpSocket: port: 9500 volumeMounts: - name: dev mountPath: /host/dev/ - name: proc mountPath: /host/proc/ - name: longhorn mountPath: /var/lib/longhorn/ mountPropagation: Bidirectional - name: longhorn-grpc-tls mountPath: /tls-files/ env: - name: POD_NAMESPACE valueFrom: fieldRef: fieldPath: metadata.namespace - name: POD_IP valueFrom: fieldRef: fieldPath: status.podIP - name: NODE_NAME valueFrom: fieldRef: fieldPath: spec.nodeName volumes: - name: dev hostPath: path: /dev/ - name: proc hostPath: path: /proc/ - name: longhorn hostPath: path: /var/lib/longhorn/ - name: longhorn-grpc-tls secret: secretName: longhorn-grpc-tls optional: true {{- if .Values.privateRegistry.registrySecret }} imagePullSecrets: - name: {{ .Values.privateRegistry.registrySecret }} {{- end }} {{- if .Values.longhornManager.priorityClass }} priorityClassName: {{ .Values.longhornManager.priorityClass | quote}} {{- end }} {{- if .Values.longhornManager.tolerations }} tolerations: {{ toYaml .Values.longhornManager.tolerations | indent 6 }} {{- end }} {{- if .Values.longhornManager.nodeSelector }} nodeSelector: {{ toYaml .Values.longhornManager.nodeSelector | indent 8 }} {{- end }} serviceAccountName: longhorn-service-account updateStrategy: rollingUpdate: maxUnavailable: "100%" --- apiVersion: v1 kind: Service metadata: labels: {{- include "longhorn.labels" . | nindent 4 }} app: longhorn-manager name: longhorn-backend namespace: {{ include "release_namespace" . }} spec: type: {{ .Values.service.manager.type }} sessionAffinity: ClientIP selector: app: longhorn-manager ports: - name: manager port: 9500 targetPort: manager {{- if .Values.service.manager.nodePort }} nodePort: {{ .Values.service.manager.nodePort }} {{- end }}