222 lines
6.6 KiB
YAML
222 lines
6.6 KiB
YAML
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: cpx-ingress
|
|
spec:
|
|
selector:
|
|
matchLabels:
|
|
app: cpx-ingress
|
|
replicas: 1
|
|
template:
|
|
metadata:
|
|
name: cpx-ingress
|
|
labels:
|
|
app: cpx-ingress
|
|
annotations:
|
|
spec:
|
|
serviceAccountName: cpx-ingress-k8s-role
|
|
containers:
|
|
- name: cpx-ingress
|
|
image: "{{ .Values.image }}"
|
|
imagePullPolicy: {{ .Values.pullPolicy }}
|
|
securityContext:
|
|
privileged: true
|
|
env:
|
|
- name: "EULA"
|
|
value: "{{ .Values.license.accept }}"
|
|
- name: "KUBERNETES_TASK_ID"
|
|
value: ""
|
|
{{- if .Values.ADMSettings.licenseServerIP }}
|
|
- name: "LS_IP"
|
|
value: {{ .Values.ADMSettings.licenseServerIP | quote }}
|
|
{{- end }}
|
|
{{- if .Values.ADMSettings.licenseServerPort }}
|
|
- name: "LS_PORT"
|
|
value: {{ .Values.ADMSettings.licenseServerPort | quote }}
|
|
{{- end }}
|
|
- name: "MGMT_HTTP_PORT"
|
|
value: {{ .Values.mgmtHttpPort | quote }}
|
|
- name: "MGMT_HTTPS_PORT"
|
|
value: {{ .Values.mgmtHttpsPort | quote }}
|
|
{{- if .Values.ADMSettings.ADMIP }}
|
|
- name: "NS_MGMT_SERVER"
|
|
value: {{ .Values.ADMSettings.ADMIP | quote }}
|
|
- name: "NS_MGMT_FINGER_PRINT"
|
|
value: {{ .Values.ADMSettings.ADMFingerPrint | quote }}
|
|
- name: "NS_HTTP_PORT"
|
|
value: {{ .Values.mgmtHttpPort | quote }}
|
|
- name: "NS_HTTPS_PORT"
|
|
value: {{ .Values.mgmtHttpsPort | quote }}
|
|
- name: "LOGSTREAM_COLLECTOR_IP"
|
|
value: {{ .Values.ADMSettings.ADMIP | quote }}
|
|
{{- end }}
|
|
#To povision bandwidth based licensing to Citrix ADC CPX from ADM, needs bandwidth
|
|
{{- if and ( .Values.ADMSettings.licenseServerIP ) (eq .Values.ADMSettings.bandWidthLicense true) }}
|
|
- name: "BANDWIDTH"
|
|
value: {{ required "Mention bandwidth for bandwidth based licensing" .Values.ADMSettings.bandWidth | quote }}
|
|
{{- end }}
|
|
#for multiple-PE support, need to set CPX_CORES
|
|
{{- if .Values.ADMSettings.licenseServerIP }}
|
|
{{- if or (eq .Values.ADMSettings.vCPULicense true) (eq .Values.ADMSettings.bandWidthLicense true) }}
|
|
- name: "CPX_CORES"
|
|
value: {{ .Values.ADMSettings.cpxCores | default 1 | quote }}
|
|
{{- end }}
|
|
{{- end }}
|
|
{{- if or (.Values.ADMSettings.ADMIP) (.Values.ADMSettings.licenseServerIP) }}
|
|
- name: NS_MGMT_USER
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: {{ required "Provide Secret for ADM/LicenseServer credentials" .Values.ADMSettings.loginSecret }}
|
|
key: username
|
|
- name: NS_MGMT_PASS
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: {{ required "Provide Secret for ADM/LicenseServer credentials" .Values.ADMSettings.loginSecret }}
|
|
key: password
|
|
{{- end }}
|
|
volumeMounts:
|
|
- mountPath: /cpx/conf/
|
|
name: cpx-volume1
|
|
- mountPath: /cpx/crash/
|
|
name: cpx-volume2
|
|
{{- if .Values.cic.required }}
|
|
# Add cic as a sidecar
|
|
- name: cic
|
|
image: "{{ .Values.cic.image }}"
|
|
imagePullPolicy: {{ .Values.cic.pullPolicy }}
|
|
env:
|
|
- name: "EULA"
|
|
value: "{{ .Values.license.accept }}"
|
|
- name: "NS_IP"
|
|
value: "127.0.0.1"
|
|
- name: "NS_APPS_NAME_PREFIX"
|
|
value: {{ .Values.nsNamespace | default "k8s"}}
|
|
- name: "NS_DEPLOYMENT_MODE"
|
|
value: "SIDECAR"
|
|
- name: "NS_ENABLE_MONITORING"
|
|
value: "YES"
|
|
- name: "NS_USER"
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: cpxlogin
|
|
key: username
|
|
- name: "NS_PASSWORD"
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: cpxlogin
|
|
key: password
|
|
{{- if .Values.logProxy }}
|
|
- name: "NS_LOGPROXY"
|
|
value: {{ .Values.logProxy | quote }}
|
|
{{- end }}
|
|
- name: POD_NAME
|
|
valueFrom:
|
|
fieldRef:
|
|
apiVersion: v1
|
|
fieldPath: metadata.name
|
|
- name: POD_NAMESPACE
|
|
valueFrom:
|
|
fieldRef:
|
|
apiVersion: v1
|
|
fieldPath: metadata.namespace
|
|
{{- if .Values.kubernetesURL }}
|
|
- name: "kubernetes_url"
|
|
value: "{{ .Values.kubernetesURL }}"
|
|
{{- end }}
|
|
args:
|
|
- --configmap
|
|
{{ .Release.Namespace }}/cpx-cic-configmap
|
|
{{- if .Values.ingressClass }}
|
|
- --ingress-class
|
|
{{- range .Values.ingressClass}}
|
|
{{.}}
|
|
{{- end }}
|
|
{{- end }}
|
|
{{- if .Values.defaultSSLCert }}
|
|
- --default-ssl-certificate
|
|
{{ .Release.Namespace }}/{{ .Values.defaultSSLCert }}
|
|
{{- end }}
|
|
{{- end }}
|
|
{{- if .Values.exporter.required }}
|
|
- name: exporter
|
|
image: "{{ .Values.exporter.image }}"
|
|
imagePullPolicy: {{ .Values.exporter.pullPolicy }}
|
|
args:
|
|
- "--secure=no"
|
|
- "--target-nsip=127.0.0.1"
|
|
- "--port={{ .Values.exporter.ports.containerPort }}"
|
|
env:
|
|
- name: "NS_USER"
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: cpxlogin
|
|
key: username
|
|
- name: "NS_PASSWORD"
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: cpxlogin
|
|
key: password
|
|
securityContext:
|
|
readOnlyRootFilesystem: true
|
|
{{- end }}
|
|
volumes:
|
|
- name: cpx-volume1
|
|
emptyDir: {}
|
|
- name: cpx-volume2
|
|
emptyDir: {}
|
|
{{- if and .Values.nodeSelector.key .Values.nodeSelector.value }}
|
|
nodeSelector:
|
|
{{ .Values.nodeSelector.key }}: {{ .Values.nodeSelector.value }}
|
|
{{- end }}
|
|
|
|
---
|
|
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
name: cpx-service
|
|
labels:
|
|
app: cpx-service
|
|
service-type: citrix-adc-cpx-monitor
|
|
spec:
|
|
type: NodePort
|
|
ports:
|
|
- port: 80
|
|
protocol: TCP
|
|
name: http
|
|
- port: 443
|
|
protocol: TCP
|
|
name: https
|
|
{{- if .Values.exporter.required }}
|
|
- port: {{ .Values.exporter.ports.containerPort }}
|
|
targetPort: {{ .Values.exporter.ports.containerPort }}
|
|
name: exporter-port
|
|
{{- end }}
|
|
selector:
|
|
app: cpx-ingress
|
|
|
|
---
|
|
|
|
{{- if .Values.exporter.required }}
|
|
|
|
apiVersion: monitoring.coreos.com/v1
|
|
kind: ServiceMonitor
|
|
metadata:
|
|
name: citrix-adc-cpx-servicemonitor
|
|
labels:
|
|
servicemonitor: citrix-adc-cpx
|
|
spec:
|
|
endpoints:
|
|
- interval: 30s
|
|
port: exporter-port
|
|
selector:
|
|
matchLabels:
|
|
service-type: citrix-adc-cpx-monitor
|
|
namespaceSelector:
|
|
matchNames:
|
|
- monitoring
|
|
- default
|
|
- {{ .Release.Namespace }}
|
|
|
|
{{- end }}
|