218 lines
7.8 KiB
YAML
218 lines
7.8 KiB
YAML
{{- if eq (include "frontend.deployMethod" .) "haMode" }}
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: {{ template "frontend.fullname" . }}
|
|
namespace: {{ .Release.Namespace }}
|
|
labels:
|
|
{{- include "cost-analyzer.commonLabels" . | nindent 4 }}
|
|
{{- with .Values.global.additionalLabels }}
|
|
{{- toYaml . | nindent 4 }}
|
|
{{- end }}
|
|
{{- if and .Values.kubecostDeployment .Values.kubecostDeployment.labels }}
|
|
{{- toYaml .Values.kubecostDeployment.labels | nindent 4 }}
|
|
{{- end }}
|
|
{{- if and .Values.kubecostDeployment .Values.kubecostDeployment.annotations }}
|
|
annotations:
|
|
{{- toYaml .Values.kubecostDeployment.annotations | nindent 4 }}
|
|
{{- end }}
|
|
spec:
|
|
replicas: {{ .Values.kubecostFrontend.haReplicas | default 2 }}
|
|
selector:
|
|
matchLabels:
|
|
{{- include "frontend.selectorLabels" . | nindent 6 }}
|
|
{{- if .Values.kubecostFrontend.deploymentStrategy }}
|
|
{{- with .Values.kubecostFrontend.deploymentStrategy }}
|
|
strategy: {{ toYaml . | nindent 4 }}
|
|
{{- end }}
|
|
{{- else }}
|
|
strategy:
|
|
rollingUpdate:
|
|
maxSurge: 1
|
|
maxUnavailable: 1
|
|
type: RollingUpdate
|
|
{{- end }}
|
|
template:
|
|
metadata:
|
|
labels:
|
|
{{- include "frontend.selectorLabels" . | nindent 8 }}
|
|
{{- if .Values.global.additionalLabels }}
|
|
{{- toYaml .Values.global.additionalLabels | nindent 8 }}
|
|
{{- end }}
|
|
{{- if and .Values.kubecostDeployment .Values.kubecostDeployment.labels }}
|
|
{{- toYaml .Values.kubecostDeployment.labels | nindent 8 }}
|
|
{{- end }}
|
|
annotations:
|
|
{{- with .Values.global.podAnnotations}}
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
checksum/configs: {{ include "configsChecksum" . }}
|
|
spec:
|
|
{{- if .Values.global.platforms.openshift.enabled }}
|
|
securityContext:
|
|
{{- toYaml .Values.global.platforms.openshift.securityContext | nindent 8 }}
|
|
{{- else if .Values.global.securityContext }}
|
|
securityContext:
|
|
{{- toYaml .Values.global.securityContext | nindent 8 }}
|
|
{{- else }}
|
|
securityContext:
|
|
runAsUser: 1001
|
|
runAsGroup: 1001
|
|
fsGroup: 1001
|
|
{{- end }}
|
|
restartPolicy: Always
|
|
serviceAccountName: {{ template "cost-analyzer.serviceAccountName" . }}
|
|
volumes:
|
|
- name: tmp
|
|
emptyDir: {}
|
|
- name: nginx-conf
|
|
configMap:
|
|
name: nginx-conf
|
|
items:
|
|
- key: nginx.conf
|
|
path: default.conf
|
|
{{- if .Values.global.containerSecuritycontext }}
|
|
- name: var-run
|
|
emptyDir: {}
|
|
- name: cache
|
|
emptyDir: {}
|
|
{{- end }}
|
|
{{- if .Values.kubecostFrontend.tls }}
|
|
{{- if .Values.kubecostFrontend.tls.enabled }}
|
|
- name: tls
|
|
secret:
|
|
secretName : {{ .Values.kubecostFrontend.tls.secretName }}
|
|
items:
|
|
- key: tls.crt
|
|
path: kc.crt
|
|
- key: tls.key
|
|
path: kc.key
|
|
{{- end }}
|
|
{{- end }}
|
|
{{- if .Values.kubecostAdmissionController }}
|
|
{{- if .Values.kubecostAdmissionController.enabled }}
|
|
{{- if .Values.kubecostAdmissionController.secretName }}
|
|
- name: webhook-server-tls
|
|
secret:
|
|
secretName: {{ .Values.kubecostAdmissionController.secretName }}
|
|
items:
|
|
- key: tls.crt
|
|
path: tls.crt
|
|
- key: tls.key
|
|
path: tls.key
|
|
{{- end }}
|
|
{{- end }}
|
|
{{- end }}
|
|
containers:
|
|
{{- if .Values.kubecostFrontend }}
|
|
{{- if .Values.kubecostFrontend.fullImageName }}
|
|
- image: {{ .Values.kubecostFrontend.fullImageName }}
|
|
{{- else if .Values.imageVersion }}
|
|
- image: {{ .Values.kubecostFrontend.image }}:{{ .Values.imageVersion }}
|
|
{{- else if eq "development" .Chart.AppVersion }}
|
|
- image: gcr.io/kubecost1/frontend-nightly:latest
|
|
{{- else }}
|
|
- image: {{ .Values.kubecostFrontend.image }}:prod-{{ $.Chart.AppVersion }}
|
|
{{- end }}
|
|
{{- else }}
|
|
- image: gcr.io/kubecost1/frontend:prod-{{ $.Chart.AppVersion }}
|
|
{{- end }}
|
|
name: cost-analyzer-frontend
|
|
ports:
|
|
- name: tcp-frontend
|
|
containerPort: 9090
|
|
protocol: TCP
|
|
env:
|
|
- name: GET_HOSTS_FROM
|
|
value: dns
|
|
{{- if .Values.kubecostFrontend.extraEnv -}}
|
|
{{ toYaml .Values.kubecostFrontend.extraEnv | nindent 12 }}
|
|
{{- end }}
|
|
{{- if .Values.kubecostFrontend.securityContext }}
|
|
securityContext:
|
|
{{- toYaml .Values.kubecostFrontend.securityContext | nindent 12 }}
|
|
{{- else }}
|
|
securityContext:
|
|
{{- toYaml .Values.global.containerSecurityContext | nindent 12 }}
|
|
{{- end }}
|
|
volumeMounts:
|
|
- name: tmp
|
|
mountPath: /tmp
|
|
- name: tmp
|
|
mountPath: /var/lib/nginx/tmp
|
|
- name: tmp
|
|
mountPath: /var/run
|
|
- name: nginx-conf
|
|
mountPath: /etc/nginx/conf.d/
|
|
{{- if .Values.global.containerSecuritycontext }}
|
|
- mountPath: /var/cache/nginx
|
|
name: cache
|
|
- mountPath: /var/run
|
|
name: var-run
|
|
{{- end }}
|
|
{{- if .Values.kubecostFrontend.tls }}
|
|
{{- if .Values.kubecostFrontend.tls.enabled }}
|
|
- name: tls
|
|
mountPath: /etc/ssl/certs
|
|
{{- end }}
|
|
{{- end }}
|
|
resources:
|
|
{{- toYaml .Values.kubecostFrontend.resources | nindent 12 }}
|
|
{{- if .Values.kubecostFrontend.imagePullPolicy }}
|
|
imagePullPolicy: {{ .Values.kubecostFrontend.imagePullPolicy }}
|
|
{{- else }}
|
|
imagePullPolicy: Always
|
|
{{- end }}
|
|
{{- if .Values.kubecostFrontend.readinessProbe.enabled }}
|
|
readinessProbe:
|
|
httpGet:
|
|
path: /healthz
|
|
port: 9090
|
|
initialDelaySeconds: {{ .Values.kubecostFrontend.readinessProbe.initialDelaySeconds }}
|
|
periodSeconds: {{ .Values.kubecostFrontend.readinessProbe.periodSeconds }}
|
|
failureThreshold: {{ .Values.kubecostFrontend.readinessProbe.failureThreshold }}
|
|
{{- end }}
|
|
{{- if .Values.kubecostFrontend.livenessProbe.enabled }}
|
|
livenessProbe:
|
|
httpGet:
|
|
path: /healthz
|
|
port: 9090
|
|
initialDelaySeconds: {{ .Values.kubecostFrontend.livenessProbe.initialDelaySeconds }}
|
|
periodSeconds: {{ .Values.kubecostFrontend.livenessProbe.periodSeconds }}
|
|
failureThreshold: {{ .Values.kubecostFrontend.livenessProbe.failureThreshold }}
|
|
{{- end }}
|
|
{{- if .Values.global.containerSecuritycontext }}
|
|
securityContext:
|
|
{{- toYaml .Values.global.containerSecuritycontext | nindent 12 }}
|
|
{{- end }}
|
|
{{- if .Values.imagePullSecrets }}
|
|
imagePullSecrets:
|
|
{{ toYaml .Values.imagePullSecrets | indent 2 }}
|
|
{{- end }}
|
|
{{- if .Values.priority }}
|
|
{{- if .Values.priority.enabled }}
|
|
{{- if gt (len .Values.priority.name) 0 }}
|
|
priorityClassName: {{ .Values.priority.name }}
|
|
{{- else }}
|
|
priorityClassName: {{ template "cost-analyzer.fullname" . }}-priority
|
|
{{- end }}
|
|
{{- end }}
|
|
{{- end }}
|
|
{{- with .Values.nodeSelector }}
|
|
nodeSelector:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
{{- with .Values.tolerations }}
|
|
tolerations:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
{{- with .Values.affinity }}
|
|
affinity:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
{{- with .Values.topologySpreadConstraints }}
|
|
topologySpreadConstraints:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
{{- end }}
|