rancher-partner-charts/charts/komodor/k8s-watcher/templates/deployment.yaml

apiVersion: apps/v1
kind: Deployment
metadata:
  name: {{ include "k8s-watcher.fullname" . }}
  {{- if hasKey .Values "namespace" }}
  namespace: {{ .Values.namespace }}
  {{- end }}
  labels:
    {{- include "k8s-watcher.labels" . | nindent 4 }}
  {{- with .Values.deploymentAnnotations }}
  annotations:
    {{- toYaml . | nindent 4 }}
  {{- end }}
spec:
  replicas: {{ .Values.replicaCount }}
  strategy:
    rollingUpdate:
      maxUnavailable: 0
      maxSurge: 1
  selector:
    matchLabels:
      {{- include "k8s-watcher.selectorLabels" . | nindent 6 }}
  template:
    metadata:
      annotations:
        checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
        {{- with .Values.podAnnotations }}
        {{- toYaml . | nindent 8 }}
        {{- end }}
      labels:
        {{- include "k8s-watcher.selectorLabels" . | nindent 8 }}
    spec:
      priorityClassName: system-cluster-critical
      serviceAccountName: {{ include "k8s-watcher.serviceAccountName" . }}
      containers:
        - name: {{ .Chart.Name }}
          image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
          imagePullPolicy: {{ .Values.image.pullPolicy }}
          resources:
            {{- toYaml .Values.resources | nindent 12 }}
          volumeMounts:
            - name: configuration
              mountPath: /etc/komodor
{{- if .Values.enableMemLimitChecks }}
            - name: podinfo
              mountPath: /etc/podinfo
{{- end }}
          env:
            - name: KOMOKW_API_KEY
              valueFrom:
                secretKeyRef:
{{- if .Values.existingSecret }}
                  name: {{ .Values.existingSecret | required "Existing secret name required!" }}
                  key: apiKey
{{- else }}
                  name: {{ include "k8s-watcher.name" . }}-secret
                  key: apiKey
{{- end }}
{{- include "k8s-watcher.proxy-conf" . }}
          ports:
            - name: http-healthz
              containerPort: {{ .Values.watcher.servers.healthCheck.port | default 8090 }}
          livenessProbe:
            httpGet:
              path: /healthz
              port: http-healthz
            periodSeconds: 60
            initialDelaySeconds: 15
            failureThreshold: 10
            successThreshold: 1
          readinessProbe:
            httpGet:
              path: /healthz
              port: http-healthz
            initialDelaySeconds: 5
            periodSeconds: 5
            failureThreshold: 3
            successThreshold: 1
      volumes:
        - name: configuration
          configMap:
            name: {{ include "k8s-watcher.name" . }}-config
            items:
              - key: komodor-k8s-watcher.yaml
                path: komodor-k8s-watcher.yaml
{{- if .Values.enableMemLimitChecks }}
        - name: podinfo
          downwardAPI:
            items:
              - path: "mem_limit"
                resourceFieldRef:
                  containerName: {{ .Chart.Name }}
                  resource: limits.memory
                  divisor: 1Mi
{{- end }}