204 lines
8.3 KiB
YAML
204 lines
8.3 KiB
YAML
{{- if and (not .Values.agent) (not .Values.cloudAgent) (.Values.kubecostAggregator) }}
|
|
{{- if .Values.kubecostAggregator.enabled }}
|
|
|
|
apiVersion: apps/v1
|
|
kind: StatefulSet
|
|
metadata:
|
|
name: {{ template "aggregator.fullname" . }}
|
|
namespace: {{ .Release.Namespace }}
|
|
labels:
|
|
{{- include "aggregator.commonLabels" . | nindent 4 }}
|
|
spec:
|
|
replicas: {{ .Values.kubecostAggregator.replicas }}
|
|
serviceName: {{ template "aggregator.serviceName" . }}
|
|
selector:
|
|
matchLabels:
|
|
app.kubernetes.io/name: aggregator
|
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
app: aggregator
|
|
volumeClaimTemplates:
|
|
- metadata:
|
|
name: persistent-configs
|
|
spec:
|
|
accessModes: [ "ReadWriteOnce" ]
|
|
storageClassName: {{ .Values.kubecostAggregator.persistentConfigsStorage.storageClass }}
|
|
resources:
|
|
requests:
|
|
storage: {{ .Values.kubecostAggregator.persistentConfigsStorage.storageRequest }}
|
|
- metadata:
|
|
name: aggregator-storage
|
|
spec:
|
|
accessModes: [ "ReadWriteOnce" ]
|
|
storageClassName: {{ .Values.kubecostAggregator.aggregatorStorage.storageClass }}
|
|
resources:
|
|
requests:
|
|
storage: {{ .Values.kubecostAggregator.aggregatorStorage.storageRequest }}
|
|
{{- if .Values.kubecostAggregator.aggregatorDbStorage }}
|
|
- metadata:
|
|
name: aggregator-db-storage
|
|
spec:
|
|
accessModes: [ "ReadWriteOnce" ]
|
|
storageClassName: {{ .Values.kubecostAggregator.aggregatorDbStorage.storageClass }}
|
|
resources:
|
|
requests:
|
|
storage: {{ .Values.kubecostAggregator.aggregatorDbStorage.storageRequest }}
|
|
{{- end }}
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/name: aggregator
|
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
app: aggregator
|
|
spec:
|
|
restartPolicy: Always
|
|
{{- if .Values.kubecostAggregator.securityContext }}
|
|
securityContext:
|
|
{{- toYaml .Values.kubecostAggregator.securityContext | nindent 8 }}
|
|
{{- else if .Values.global.securityContext }}
|
|
securityContext:
|
|
{{- toYaml .Values.global.securityContext | nindent 8 }}
|
|
{{ end }}
|
|
serviceAccountName: {{ template "aggregator.serviceAccountName" . }}
|
|
volumes:
|
|
{{- $etlBackupBucketSecret := "" }}
|
|
{{- if .Values.kubecostModel.federatedStorageConfigSecret }}
|
|
{{- $etlBackupBucketSecret = .Values.kubecostModel.federatedStorageConfigSecret }}
|
|
{{- end }}
|
|
{{- if $etlBackupBucketSecret }}
|
|
- name: bucket-config
|
|
secret:
|
|
defaultMode: 420
|
|
secretName: {{ $etlBackupBucketSecret }}
|
|
{{- end }}
|
|
containers:
|
|
{{- if .Values.kubecostAggregator.jaeger.enabled }}
|
|
- name: embedded-jaeger
|
|
securityContext:
|
|
{{- toYaml .Values.kubecostAggregator.jaeger.containerSecurityContext | nindent 12 }}
|
|
image: {{ .Values.kubecostAggregator.jaeger.image }}:{{ .Values.kubecostAggregator.jaeger.imageVersion }}
|
|
{{- end }}
|
|
- name: aggregator
|
|
{{- if .Values.kubecostAggregator.containerSecurityContext }}
|
|
securityContext:
|
|
{{- toYaml .Values.kubecostAggregator.containerSecurityContext | nindent 12 }}
|
|
{{- else if .Values.global.containerSecurityContext }}
|
|
securityContext:
|
|
{{- toYaml .Values.global.containerSecurityContext | nindent 12 }}
|
|
{{ end }}
|
|
{{- if .Values.kubecostModel }}
|
|
{{- if .Values.kubecostModel.openSourceOnly }}
|
|
{{- fail "Kubecost Aggregator cannot be used with open source only" }}
|
|
{{- else if .Values.kubecostAggregator.fullImageName }}
|
|
image: {{ .Values.kubecostAggregator.fullImageName }}
|
|
{{- else if .Values.kubecostModel.fullImageName }}
|
|
image: {{ .Values.kubecostModel.fullImageName }}
|
|
{{- else if .Values.imageVersion }}
|
|
image: {{ .Values.kubecostModel.image }}:{{ .Values.imageVersion }}
|
|
{{- else }}
|
|
image: {{ .Values.kubecostModel.image }}:prod-{{ $.Chart.AppVersion }}
|
|
{{ end }}
|
|
{{- else }}
|
|
image: gcr.io/kubecost1/cost-model:prod-{{ $.Chart.AppVersion }}
|
|
{{ end }}
|
|
readinessProbe:
|
|
httpGet:
|
|
path: /healthz
|
|
port: 9004
|
|
initialDelaySeconds: 10
|
|
periodSeconds: 5
|
|
failureThreshold: 200
|
|
imagePullPolicy: Always
|
|
args: ["waterfowl"]
|
|
ports:
|
|
- name: tcp-api
|
|
containerPort: 9004
|
|
protocol: TCP
|
|
resources:
|
|
{{ toYaml .Values.kubecostAggregator.resources | nindent 12 }}
|
|
volumeMounts:
|
|
- name: persistent-configs
|
|
mountPath: /var/configs
|
|
- name: bucket-config
|
|
mountPath: /var/configs/etl
|
|
- name: aggregator-storage
|
|
mountPath: /var/configs/waterfowl
|
|
{{- if .Values.kubecostAggregator.aggregatorDbStorage }}
|
|
- name: aggregator-db-storage
|
|
mountPath: /var/configs/waterfowl/duckdb
|
|
{{- end }}
|
|
env:
|
|
{{- if and (.Values.prometheus.server.global.external_labels.cluster_id) (not .Values.prometheus.server.clusterIDConfigmap) }}
|
|
- name: CLUSTER_ID
|
|
value: {{ .Values.prometheus.server.global.external_labels.cluster_id }}
|
|
{{- end }}
|
|
{{- if .Values.prometheus.server.clusterIDConfigmap }}
|
|
- name: CLUSTER_ID
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
name: {{ .Values.prometheus.server.clusterIDConfigmap }}
|
|
key: CLUSTER_ID
|
|
{{- end }}
|
|
{{- if .Values.kubecostAggregator.jaeger.enabled }}
|
|
- name: TRACING_URL
|
|
value: "http://localhost:14268/api/traces"
|
|
{{- end }}
|
|
- name: CONFIG_PATH
|
|
value: /var/configs/
|
|
- name: ETL_ENABLED
|
|
value: "false" # this pod should never run KC's concept of "ETL"
|
|
- name: CLOUD_PROVIDER_API_KEY
|
|
value: "AIzaSyDXQPG_MHUEy9neR7stolq6l0ujXmjJlvk" # The GCP Pricing API key.This GCP api key is expected to be here and is limited to accessing google's billing API.'
|
|
value: "true" # just in case, not sure if necessary
|
|
|
|
{{- if $etlBackupBucketSecret }}
|
|
# If this isn't set, we pretty much have to be in a read only state,
|
|
# initialization will probably fail otherwise.
|
|
- name: ETL_BUCKET_CONFIG
|
|
{{- if not .Values.kubecostModel.federatedStorageConfigSecret}}
|
|
value: "/var/configs/etl/object-store.yaml"
|
|
{{- else }}
|
|
value: "/var/configs/etl/federated-store.yaml"
|
|
- name: FEDERATED_STORE_CONFIG
|
|
value: "/var/configs/etl/federated-store.yaml"
|
|
- name: FEDERATED_PRIMARY_CLUSTER # this ensures the ingester runs assuming federated primary paths in the bucket
|
|
value: "true"
|
|
- name: FEDERATED_CLUSTER # this ensures the ingester runs assuming federated primary paths in the bucket
|
|
value: "true"
|
|
{{- end }}
|
|
{{- end }}
|
|
|
|
{{- range $key, $value := .Values.kubecostAggregator.env }}
|
|
- name: {{ $key | quote }}
|
|
value: {{ $value | quote }}
|
|
{{- end }}
|
|
- name: KUBECOST_NAMESPACE
|
|
value: {{ .Release.Namespace }}
|
|
|
|
{{- if .Values.imagePullSecrets }}
|
|
imagePullSecrets:
|
|
{{ toYaml .Values.imagePullSecrets | indent 2 }}
|
|
{{- end }}
|
|
{{- if .Values.kubecostAggregator.priority }}
|
|
{{- if .Values.kubecostAggregator.priority.enabled }}
|
|
{{- if .Values.kubecostAggregator.priority.name }}
|
|
priorityClassName: {{ .Values.kubecostAggregator.priority.name }}
|
|
{{- else }}
|
|
priorityClassName: {{ template "cost-analyzer.fullname" . }}-aggregator-priority
|
|
{{- end }}
|
|
{{- end }}
|
|
{{- end }}
|
|
{{- with .Values.kubecostAggregator.nodeSelector }}
|
|
nodeSelector:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
{{- with .Values.kubecostAggregator.tolerations }}
|
|
tolerations:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
{{- with .Values.kubecostAggregator.affinity }}
|
|
affinity:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
{{- end }}
|
|
{{- end }}
|