andata
/
rancher-partner-charts
mirror of https://git.rancher.io/partner-charts
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
rancher-partner-charts/charts/hashicorp/consul/templates/cni-daemonset.yaml

85 lines
3.3 KiB
YAML
Raw Normal View History

CI Updated Charts Added: hashicorp/consul: - 0.49.0 hashicorp/vault: - 0.22.0
2022-10-18 08:13:05 +00:00
{{- if (and (.Values.connectInject.cni.enabled) (not .Values.connectInject.enabled)) }}{{ fail "connectInject.enabled must be true if connectInject.cni.enabled is true" }}{{ end -}}
{{- if .Values.connectInject.cni.enabled }}
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: {{ template "consul.fullname" . }}-cni
Charts CI ``` Updated: argo/argo-cd: - 5.16.0 asserts/asserts: - 1.16.0 bitnami/postgresql: - 12.1.3 bitnami/redis: - 17.3.13 gitlab/gitlab: - 6.6.1 hashicorp/consul: - 1.0.2 jfrog/artifactory-ha: - 107.47.10 jfrog/artifactory-jcr: - 107.47.10 nats/nats: - 0.19.1 redpanda/redpanda: - 2.3.9 ```
2022-12-02 06:33:44 +00:00
namespace: {{ default .Release.Namespace .Values.connectInject.cni.namespace }}
CI Updated Charts Added: hashicorp/consul: - 0.49.0 hashicorp/vault: - 0.22.0
2022-10-18 08:13:05 +00:00
labels:
app: {{ template "consul.name" . }}
chart: {{ template "consul.chart" . }}
heritage: {{ .Release.Service }}
release: {{ .Release.Name }}
component: cni
spec:
{{- if .Values.connectInject.cni.updateStrategy }}
updateStrategy:
{{ tpl .Values.connectInject.cni.updateStrategy . | nindent 4 | trim }}
{{- end }}
selector:
matchLabels:
app: {{ template "consul.name" . }}
chart: {{ template "consul.chart" . }}
release: {{ .Release.Name }}
component: cni
template:
metadata:
labels:
app: {{ template "consul.name" . }}
chart: {{ template "consul.chart" . }}
release: {{ .Release.Name }}
component: cni
annotations:
consul.hashicorp.com/connect-inject: "false"
spec:
# consul-cni only runs on linux operating systems
nodeSelector:
kubernetes.io/os: linux
tolerations:
# Mark the pod as a critical add-on for rescheduling.
- key: CriticalAddonsOnly
operator: Exists
- effect: NoExecute
operator: Exists
# Tell kubernetes that this daemonset is critical so that it will be scheduled on a new node before other pods
priorityClassName: system-node-critical
serviceAccountName: {{ template "consul.fullname" . }}-cni
{{- if not .Values.global.openshift.enabled }}
securityContext:
{{- toYaml .Values.connectInject.cni.securityContext | nindent 8 -}}
{{- end }}
# Minimize downtime during a rolling upgrade or deletion; tell Kubernetes to do a "force
# deletion": https://kubernetes.io/docs/concepts/workloads/pods/pod/#termination-of-pods.
terminationGracePeriodSeconds: 10
containers:
# This container installs the consul CNI binaries and CNI network config file on each node
- name: install-cni
image: {{ .Values.global.imageK8S }}
securityContext:
privileged: true
command:
- consul-k8s-control-plane
- install-cni
- -log-level={{ default .Values.global.logLevel .Values.connectInject.cni.logLevel }}
- -cni-bin-dir={{ .Values.connectInject.cni.cniBinDir }}
- -cni-net-dir={{ .Values.connectInject.cni.cniNetDir }}
- -multus={{ .Values.connectInject.cni.multus }}
{{- with .Values.connectInject.cni.resources }}
resources:
{{- toYaml . | nindent 12 }}
{{- end }}
volumeMounts:
- mountPath: {{ .Values.connectInject.cni.cniBinDir }}
name: cni-bin-dir
- mountPath: {{ .Values.connectInject.cni.cniNetDir }}
name: cni-net-dir
volumes:
# Used to install CNI.
- name: cni-bin-dir
hostPath:
path: {{ .Values.connectInject.cni.cniBinDir }}
- name: cni-net-dir
hostPath:
path: {{ .Values.connectInject.cni.cniNetDir }}
{{- end }}