rancher-partner-charts/charts/kubecost/cost-analyzer/templates/aggregator-statefulset.yaml

{{- if and (not .Values.agent) (not .Values.cloudAgent) (.Values.kubecostAggregator) }}
{{- if .Values.kubecostAggregator.enabled }}

apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: {{ template "aggregator.fullname" . }}
  namespace: {{ .Release.Namespace }}
  labels:
    {{- include "aggregator.commonLabels" . | nindent 4 }}
spec:
  replicas: {{ .Values.kubecostAggregator.replicas }}
  serviceName: {{ template "aggregator.serviceName" . }}
  selector:
    matchLabels:
      app.kubernetes.io/name: aggregator
      app.kubernetes.io/instance: {{ .Release.Name }}
      app: aggregator
  volumeClaimTemplates:
  - metadata:
      name: persistent-configs
    spec:
      accessModes: [ "ReadWriteOnce" ]
      storageClassName: {{ .Values.kubecostAggregator.persistentConfigsStorage.storageClass }}
      resources:
        requests:
          storage: {{ .Values.kubecostAggregator.persistentConfigsStorage.storageRequest }}
  - metadata:
      name: aggregator-storage
    spec:
      accessModes: [ "ReadWriteOnce" ]
      storageClassName: {{ .Values.kubecostAggregator.aggregatorStorage.storageClass }}
      resources:
        requests:
          storage:  {{ .Values.kubecostAggregator.aggregatorStorage.storageRequest }}
  {{- if .Values.kubecostAggregator.aggregatorDbStorage }}
  - metadata:
      name: aggregator-db-storage
    spec:
      accessModes: [ "ReadWriteOnce" ]
      storageClassName: {{ .Values.kubecostAggregator.aggregatorDbStorage.storageClass }}
      resources:
        requests:
          storage:  {{ .Values.kubecostAggregator.aggregatorDbStorage.storageRequest }}
  {{- end }}
  template:
    metadata:
      labels:
        app.kubernetes.io/name: aggregator
        app.kubernetes.io/instance: {{ .Release.Name }}
        app: aggregator
      {{- with .Values.global.podAnnotations}}
      annotations:
        {{- toYaml . | nindent 8 }}
      {{- end }}
    spec:
      restartPolicy: Always
    {{- if .Values.kubecostAggregator.securityContext }}
      securityContext:
    {{- toYaml .Values.kubecostAggregator.securityContext | nindent 8 }}
    {{- else if and (.Values.global.platforms.openshift.enabled) (.Values.global.platforms.openshift.securityContext) }}
      securityContext:
    {{- toYaml .Values.global.platforms.openshift.securityContext | nindent 8 }}
    {{- else if .Values.global.securityContext }}
      securityContext:
    {{- toYaml .Values.global.securityContext | nindent 8 }}
    {{- end }}
      serviceAccountName: {{ template "aggregator.serviceAccountName" . }}
      volumes:
        {{- $etlBackupBucketSecret := "" }}
        {{- if .Values.kubecostModel.federatedStorageConfigSecret }}
            {{- $etlBackupBucketSecret = .Values.kubecostModel.federatedStorageConfigSecret }}
        {{- end }}
        {{- if $etlBackupBucketSecret }}
        - name: bucket-config
          secret:
            defaultMode: 420
            secretName: {{ $etlBackupBucketSecret }}
        {{- else }}
        {{- fail "Kubecost Aggregator requires .Values.kubecostModel.federatedStorageConfigSecret" }}
        {{- end }}
      containers:
      {{- if .Values.kubecostAggregator.jaeger.enabled }}
        - name: embedded-jaeger
          securityContext:
            {{- toYaml .Values.kubecostAggregator.jaeger.containerSecurityContext | nindent 12 }}
          image: {{ .Values.kubecostAggregator.jaeger.image }}:{{ .Values.kubecostAggregator.jaeger.imageVersion }}
      {{- end }}
        - name: aggregator
        {{- if .Values.kubecostAggregator.containerSecurityContext }}
          securityContext:
            {{- toYaml .Values.kubecostAggregator.containerSecurityContext | nindent 12 }}
        {{- else if .Values.global.containerSecurityContext }}
          securityContext:
            {{- toYaml .Values.global.containerSecurityContext | nindent 12 }}
        {{ end }}
          {{- if .Values.kubecostModel }}
          {{- if .Values.kubecostModel.openSourceOnly }}
          {{- fail "Kubecost Aggregator cannot be used with open source only" }}
          {{- else if .Values.kubecostAggregator.fullImageName }}
          image: {{ .Values.kubecostAggregator.fullImageName }}
          {{- else if .Values.kubecostModel.fullImageName }}
          image: {{ .Values.kubecostModel.fullImageName }}
          {{- else if .Values.imageVersion }}
          image: {{ .Values.kubecostModel.image }}:{{ .Values.imageVersion }}
          {{- else }}
          image: {{ .Values.kubecostModel.image }}:prod-{{ $.Chart.AppVersion }}
          {{ end }}
          {{- else }}
          image: gcr.io/kubecost1/cost-model:prod-{{ $.Chart.AppVersion }}
          {{ end }}
          readinessProbe:
            httpGet:
              path: /healthz
              port: 9004
            initialDelaySeconds: 10
            periodSeconds: 5
            failureThreshold: 200
          imagePullPolicy: Always
          args: ["waterfowl"]
          ports:
            - name: tcp-api
              containerPort: 9004
              protocol: TCP
          {{- with.Values.kubecostAggregator.extraPorts }}
            {{- toYaml . | nindent 12 }}
          {{- end }}
          resources:
            {{ toYaml .Values.kubecostAggregator.resources | nindent 12 }}
          volumeMounts:
            - name: persistent-configs
              mountPath: /var/configs
            - name: bucket-config
              mountPath: /var/configs/etl
            - name: aggregator-storage
              mountPath: /var/configs/waterfowl
            {{- if .Values.kubecostAggregator.aggregatorDbStorage }}
            - name: aggregator-db-storage
              mountPath: /var/configs/waterfowl/duckdb
            {{- end }}
          env:
            {{- if and (.Values.prometheus.server.global.external_labels.cluster_id) (not .Values.prometheus.server.clusterIDConfigmap) }}
            - name: CLUSTER_ID
              value: {{ .Values.prometheus.server.global.external_labels.cluster_id }}
            {{- end }}
            {{- if .Values.prometheus.server.clusterIDConfigmap }}
            - name: CLUSTER_ID
              valueFrom:
                configMapKeyRef:
                  name: {{ .Values.prometheus.server.clusterIDConfigmap }}
                  key: CLUSTER_ID
            {{- end }}
            {{- if .Values.kubecostAggregator.jaeger.enabled }}
            - name: TRACING_URL
              value: "http://localhost:14268/api/traces"
            {{- end }}
            - name: CONFIG_PATH
              value: /var/configs/
            - name: ETL_ENABLED
              value: "false" # this pod should never run KC's concept of "ETL"
            - name: CLOUD_PROVIDER_API_KEY
              value: "AIzaSyDXQPG_MHUEy9neR7stolq6l0ujXmjJlvk" # The GCP Pricing API key.This GCP api key is expected to be here and is limited to accessing google's billing API.'
          {{- if .Values.systemProxy.enabled }}
            - name: HTTP_PROXY
              value: {{ .Values.systemProxy.httpProxyUrl }}
            - name: http_proxy
              value: {{ .Values.systemProxy.httpProxyUrl }}
            - name: HTTPS_PROXY
              value:  {{ .Values.systemProxy.httpsProxyUrl }}
            - name: https_proxy
              value:  {{ .Values.systemProxy.httpsProxyUrl }}
            - name: NO_PROXY
              value:  {{ .Values.systemProxy.noProxy }}
            - name: no_proxy
              value:  {{ .Values.systemProxy.noProxy }}
            {{- end }}
            {{- if .Values.kubecostAggregator.extraEnv -}}
            {{ toYaml .Values.kubecostAggregator.extraEnv | nindent 12 }}
            {{- end }}
            {{- if $etlBackupBucketSecret }}
            # If this isn't set, we pretty much have to be in a read only state,
            # initialization will probably fail otherwise.
            - name: ETL_BUCKET_CONFIG
              {{- if not .Values.kubecostModel.federatedStorageConfigSecret}}
              value: "/var/configs/etl/object-store.yaml"
              {{- else  }}
              value: "/var/configs/etl/federated-store.yaml"
            - name: FEDERATED_STORE_CONFIG
              value: "/var/configs/etl/federated-store.yaml"
            - name: FEDERATED_PRIMARY_CLUSTER # this ensures the ingester runs assuming federated primary paths in the bucket
              value: "true"
            - name: FEDERATED_CLUSTER # this ensures the ingester runs assuming federated primary paths in the bucket
              value: "true"
              {{- end }}
            {{- end }}

            {{- range $key, $value := .Values.kubecostAggregator.env }}
            - name: {{ $key | quote }}
              value: {{ $value | quote }}
            {{- end }}
            - name: KUBECOST_NAMESPACE
              value: {{ .Release.Namespace }}

    {{- if .Values.imagePullSecrets }}
      imagePullSecrets:
      {{ toYaml .Values.imagePullSecrets | indent 2 }}
    {{- end }}
      {{- if .Values.kubecostAggregator.priority }}
      {{- if .Values.kubecostAggregator.priority.enabled }}
      {{- if .Values.kubecostAggregator.priority.name }}
      priorityClassName: {{ .Values.kubecostAggregator.priority.name }}
      {{- else }}
      priorityClassName: {{ template "cost-analyzer.fullname" . }}-aggregator-priority
      {{- end }}
      {{- end }}
      {{- end }}
      {{- with .Values.kubecostAggregator.nodeSelector }}
      nodeSelector:
        {{- toYaml . | nindent 8 }}
      {{- end }}
      {{- with .Values.kubecostAggregator.tolerations }}
      tolerations:
        {{- toYaml . | nindent 8 }}
      {{- end }}
      {{- with .Values.kubecostAggregator.affinity }}
      affinity:
        {{- toYaml . | nindent 8 }}
      {{- end }}
{{- end }}
{{- end }}