| # Licensed to Apache Software Foundation (ASF) under one or more contributor |
| # license agreements. See the NOTICE file distributed with |
| # this work for additional information regarding copyright |
| # ownership. Apache Software Foundation (ASF) licenses this file to you under |
| # the Apache License, Version 2.0 (the "License"); you may |
| # not use this file except in compliance with the License. |
| # You may obtain a copy of the License at |
| # |
| # http://www.apache.org/licenses/LICENSE-2.0 |
| # |
| # Unless required by applicable law or agreed to in writing, |
| # software distributed under the License is distributed on an |
| # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| # KIND, either express or implied. See the License for the |
| # specific language governing permissions and limitations |
| # under the License. |
| |
| {{- if .Values.standalone.enabled }} |
| apiVersion: apps/v1 |
| kind: StatefulSet |
| metadata: |
| labels: |
| app: {{ template "banyandb.name" . }} |
| chart: {{ .Chart.Name }}-{{ .Chart.Version }} |
| component: "{{ .Values.standalone.name }}" |
| heritage: {{ .Release.Service }} |
| release: {{ .Release.Name }} |
| name: {{ template "banyandb.fullname" . }} |
| spec: |
| serviceName: banyandb |
| replicas: 1 |
| selector: |
| matchLabels: |
| app: {{ template "banyandb.name" . }} |
| component: "{{ .Values.standalone.name }}" |
| release: {{ .Release.Name }} |
| template: |
| metadata: |
| labels: |
| app: {{ template "banyandb.name" . }} |
| component: "{{ .Values.standalone.name }}" |
| release: {{ .Release.Name }} |
| {{- if .Values.standalone.podAnnotations }} |
| annotations: |
| {{ toYaml .Values.standalone.podAnnotations | indent 8 }} |
| {{- end }} |
| spec: |
| serviceAccountName: {{ template "banyandb.serviceAccountName" . }} |
| {{- with .Values.standalone.securityContext }} |
| securityContext: |
| {{- toYaml . | nindent 8 }} |
| {{- end }} |
| priorityClassName: {{ .Values.standalone.priorityClassName }} |
| containers: |
| - name: {{ .Values.standalone.name }} |
| image: {{ .Values.image.repository }}:{{ required "banyandb.image.tag is required" .Values.image.tag }} |
| imagePullPolicy: {{ .Values.image.pullPolicy }} |
| env: |
| {{- range $env := .Values.standalone.env }} |
| - name: {{ $env.name }} |
| value: {{ $env.value }} |
| {{- end }} |
| {{- if .Values.standalone.tls}} |
| {{- if .Values.standalone.tls.grpcSecretName }} |
| - name: BYDB_TLS |
| value: "true" |
| - name: BYDB_CERT_FILE |
| value: "/etc/tls/{{ .Values.standalone.tls.grpcSecretName }}/tls.crt" |
| - name: BYDB_KEY_FILE |
| value: "/etc/tls/{{ .Values.standalone.tls.grpcSecretName }}/tls.key" |
| - name: BYDB_HTTP_GRPC_CERT_FILE |
| value: "/etc/tls/{{ .Values.standalone.tls.grpcSecretName }}/tls.crt" |
| {{- end }} |
| {{- if .Values.standalone.tls.httpSecretName }} |
| - name: BYDB_HTTP_TLS |
| value: "true" |
| - name: BYDB_HTTP_CERT_FILE |
| value: "/etc/tls/{{ .Values.standalone.tls.httpSecretName }}/tls.crt" |
| - name: BYDB_HTTP_KEY_FILE |
| value: "/etc/tls/{{ .Values.standalone.tls.httpSecretName }}/tls.key" |
| {{- end }} |
| {{- end }} |
| args: |
| - standalone |
| ports: |
| - containerPort: 17912 |
| name: grpc |
| - containerPort: 17913 |
| name: http |
| - containerPort: 6060 |
| name: pprof |
| - containerPort: 2121 |
| name: observebility |
| readinessProbe: |
| exec: |
| command: |
| - sh |
| - -c |
| - "/bydbctl health {{- if .Values.standalone.tls }} --enable-tls {{- else }} --insecure{{- end}}" |
| initialDelaySeconds: 20 |
| periodSeconds: 60 |
| livenessProbe: |
| exec: |
| command: |
| - sh |
| - -c |
| - "/bydbctl health {{- if .Values.standalone.tls }} --enable-tls {{- else }} --insecure{{- end}}" |
| initialDelaySeconds: 20 |
| periodSeconds: 60 |
| |
| {{- if.Values.standalone.resources }} |
| resources: |
| {{- if.Values.standalone.resources.requests }} |
| requests: |
| {{- range $request := .Values.standalone.resources.requests }} |
| {{ $request.key }}: {{ $request.value }} |
| {{- end }} |
| {{- end }} |
| {{- if.Values.standalone.resources.limits }} |
| limits: |
| {{- range $limit := .Values.standalone.resources.limits }} |
| {{ $limit.key }}: {{ $limit.value }} |
| {{- end }} |
| {{- end }} |
| {{- end }} |
| |
| {{- if or .Values.storage.enabled .Values.standalone.tls }} |
| volumeMounts: |
| {{- if .Values.storage.enabled }} |
| {{- range $claim := .Values.storage.persistentVolumeClaims }} |
| {{- if $claim.existingClaimName }} |
| {{- range $claim.mountTargets }} |
| - mountPath: /tmp/{{ . }} |
| name: {{ $claim.existingClaimName }} |
| subPath: {{ . }} |
| {{- end }} |
| {{- else }} |
| {{- range $claim.mountTargets }} |
| - mountPath: /tmp/{{ . }} |
| name: {{ $claim.claimName }} |
| subPath: {{ . }} |
| {{- end }} |
| {{- end }} |
| {{- end }} |
| {{- end }} |
| |
| {{- if .Values.standalone.tls.grpcSecretName }} |
| - mountPath: /etc/tls/{{ .Values.standalone.tls.grpcSecretName }} |
| name: {{ .Values.standalone.tls.grpcSecretName }}-volume |
| {{- end }} |
| {{- if and .Values.standalone.tls.httpSecretName (ne .Values.standalone.tls.httpSecretName .Values.standalone.tls.grpcSecretName) }} |
| - mountPath: /etc/tls/{{ .Values.standalone.tls.httpSecretName }} |
| name: {{ .Values.standalone.tls.httpSecretName }}-volume |
| {{- end }} |
| {{- end }} |
| |
| {{- if .Values.standalone.tls }} |
| volumes: |
| {{- if .Values.standalone.tls.grpcSecretName }} |
| - name: {{ .Values.standalone.tls.grpcSecretName }}-volume |
| secret: |
| secretName: {{ .Values.standalone.tls.grpcSecretName }} |
| {{- end }} |
| {{- if and .Values.standalone.tls.httpSecretName (ne .Values.standalone.tls.httpSecretName .Values.standalone.tls.grpcSecretName) }} |
| - name: {{ .Values.standalone.tls.httpSecretName }}-volume |
| secret: |
| secretName: {{ .Values.standalone.tls.httpSecretName }} |
| {{- end }} |
| {{- end }} |
| |
| {{- if .Values.standalone.tolerations }} |
| tolerations: |
| {{- range $toleration := .Values.standalone.tolerations }} |
| - key: {{ $toleration.key }} |
| operator: {{ $toleration.operator }} |
| value: {{ $toleration.value }} |
| effect: {{ $toleration.effect }} |
| {{- end }} |
| {{- end }} |
| |
| {{- if .Values.standalone.nodeSelector }} |
| nodeSelector: |
| {{- range $selector := .Values.standalone.nodeSelector }} |
| {{ $selector.key }}: {{ $selector.value }} |
| {{- end }} |
| {{- end }} |
| |
| {{- if .Values.standalone.affinity }} |
| {{- $affinity := .Values.standalone.affinity }} |
| affinity: |
| {{- if $affinity.nodeAffinity }} |
| nodeAffinity: |
| requiredDuringSchedulingIgnoredDuringExecution: |
| nodeSelectorTerms: |
| {{- range $requirement := $affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms }} |
| {{- range $matchExpression := $requirement.matchExpressions }} |
| - matchExpressions: |
| - key: {{ $matchExpression.key }} |
| operator: {{ $matchExpression.operator }} |
| values: |
| {{- range $v := $matchExpression.values }} |
| - {{ $v }} |
| {{- end }} |
| {{- end }} |
| {{- end }} |
| {{- end }} |
| |
| {{- if $affinity.podAffinity }} |
| podAffinity: |
| requiredDuringSchedulingIgnoredDuringExecution: |
| {{- range $term := $affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution }} |
| - topologyKey: {{ $term.topologyKey }} |
| namespaces: |
| {{- range $ns := $term.namespaces }} |
| - {{ $ns }} |
| {{- end }} |
| labelSelector: |
| matchLabels: |
| {{- range $label := $term.labelSelector.matchLabels }} |
| {{ $label.key }}: {{ $label.value }} |
| {{- end }} |
| {{- end }} |
| {{- end }} |
| {{- end }} |
| {{- if .Values.storage.enabled }} |
| volumeClaimTemplates: |
| {{- range $claim := .Values.storage.persistentVolumeClaims }} |
| - metadata: |
| name: {{ $claim.claimName }} |
| spec: |
| {{- if $claim.accessModes }} |
| accessModes: |
| {{- range $claim.accessModes }} |
| - {{ . }} |
| {{- end }} |
| {{- end }} |
| |
| {{- if $claim.size }} |
| resources: |
| requests: |
| storage: {{ $claim.size }} |
| {{- end }} |
| |
| {{- if $claim.storageClass }} |
| storageClassName: {{ $claim.storageClass }} |
| {{- end }} |
| |
| {{- if $claim.volumeMode }} |
| volumeMode: {{ $claim.volumeMode }} |
| {{- end }} |
| {{- end }} |
| {{- end }} |
| {{- end }} |
| |
| {{- if and .Values.cluster.enabled .Values.cluster.data }} |
| apiVersion: apps/v1 |
| kind: StatefulSet |
| metadata: |
| labels: |
| app: {{ template "banyandb.name" . }} |
| chart: {{ .Chart.Name }}-{{ .Chart.Version }} |
| component: "{{ .Values.cluster.data.name }}" |
| heritage: {{ .Release.Service }} |
| release: {{ .Release.Name }} |
| name: {{ template "banyandb.fullname" . }} |
| spec: |
| serviceName: banyandb |
| replicas: {{ .Values.cluster.data.replicas }} |
| selector: |
| matchLabels: |
| app: {{ template "banyandb.name" . }} |
| component: "{{ .Values.cluster.data.name }}" |
| release: {{ .Release.Name }} |
| role: {{ .Values.cluster.data.role }} |
| template: |
| metadata: |
| labels: |
| app: {{ template "banyandb.name" . }} |
| component: "{{ .Values.cluster.data.name }}" |
| release: {{ .Release.Name }} |
| role: {{ .Values.cluster.data.role }} |
| {{- if .Values.cluster.data.podAnnotations }} |
| annotations: |
| {{ toYaml .Values.cluster.data.podAnnotations | indent 8 }} |
| {{- end }} |
| spec: |
| serviceAccountName: {{ template "banyandb.serviceAccountName" . }} |
| {{- with .Values.cluster.data.securityContext }} |
| securityContext: |
| {{- toYaml . | nindent 8 }} |
| {{- end }} |
| priorityClassName: {{ .Values.cluster.data.priorityClassName }} |
| containers: |
| - name: {{ .Values.cluster.data.name }} |
| image: {{ .Values.image.repository }}:{{ required "banyandb.image.tag is required" .Values.image.tag }} |
| imagePullPolicy: {{ .Values.image.pullPolicy }} |
| env: |
| {{- range $env := .Values.cluster.data.env }} |
| - name: {{ $env.name }} |
| value: {{ $env.value }} |
| {{- end }} |
| {{- if .Values.cluster.data.tls}} |
| {{- if .Values.cluster.data.tls.grpcSecretName }} |
| - name: BYDB_TLS |
| value: "true" |
| - name: BYDB_CERT_FILE |
| value: "/etc/tls/{{ .Values.cluster.data.tls.grpcSecretName }}/tls.crt" |
| - name: BYDB_KEY_FILE |
| value: "/etc/tls/{{ .Values.cluster.data.tls.grpcSecretName }}/tls.key" |
| - name: BYDB_HTTP_GRPC_CERT_FILE |
| value: "/etc/tls/{{ .Values.cluster.data.tls.grpcSecretName }}/tls.crt" |
| {{- end }} |
| {{- end }} |
| {{- if and .Values.etcd.auth.rbac.create (not .Values.etcd.auth.rbac.allowNoneAuthentication) }} |
| - name: BYDB_ETCD_USERNAME |
| value: "root" |
| - name: BYDB_ETCD_PASSWORD |
| value: {{ .Values.etcd.auth.rbac.rootPassword }} |
| {{- end }} |
| {{- if .Values.etcd.auth.client.secureTransport }} |
| - name: BYDB_ETCD_TLS_CA_FILE |
| value: "/etc/tls/{{ .Values.cluster.data.tls.etcdSecretName }}/ca.crt" |
| {{- end }} |
| {{- if .Values.etcd.auth.client.enableAuthentication }} |
| - name: BYDB_ETCD_TLS_CERT_FILE |
| value: "/etc/tls/{{ .Values.cluster.data.tls.etcdSecretName }}/tls.crt" |
| - name: BYDB_ETCD_TLS_KEY_FILE |
| value: "/etc/tls/{{ .Values.cluster.data.tls.etcdSecretName }}/tls.key" |
| {{- end }} |
| {{- if and (not .Values.etcd.enabled) .Values.cluster.etcdEndpoints }} |
| - name: BYDB_ETCD_ENDPOINTS |
| value: "{{- .Values.cluster.etcdEndpoints | join "," -}}" |
| {{- else }} |
| {{- include "banyandb.etcdEndpoints" . | nindent 12 }} |
| {{- end }} |
| - name: BYDB_NODE_HOST_PROVIDER |
| value: "ip" |
| - name: BYDB_NODE_HOST |
| valueFrom: |
| fieldRef: |
| fieldPath: status.podIP |
| args: |
| - data |
| ports: |
| - containerPort: 17912 |
| name: grpc |
| - containerPort: 6060 |
| name: pprof |
| - containerPort: 2121 |
| name: observebility |
| readinessProbe: |
| exec: |
| command: |
| - sh |
| - -c |
| - "/bydbctl health --grpc-addr=localhost:17912 {{- if .Values.cluster.data.tls }} --enable-tls --insecure{{- end}}" |
| initialDelaySeconds: 20 |
| periodSeconds: 60 |
| livenessProbe: |
| exec: |
| command: |
| - sh |
| - -c |
| - "/bydbctl health --grpc-addr=localhost:17912 {{- if .Values.cluster.data.tls }} --enable-tls --insecure{{- end}}" |
| initialDelaySeconds: 20 |
| periodSeconds: 60 |
| |
| {{- if.Values.cluster.data.resources }} |
| resources: |
| {{- if.Values.cluster.data.resources.requests }} |
| requests: |
| {{- range $request := .Values.cluster.data.resources.requests }} |
| {{ $request.key }}: {{ $request.value }} |
| {{- end }} |
| {{- end }} |
| {{- if.Values.cluster.data.resources.limits }} |
| limits: |
| {{- range $limit := .Values.cluster.data.resources.limits }} |
| {{ $limit.key }}: {{ $limit.value }} |
| {{- end }} |
| {{- end }} |
| {{- end }} |
| |
| {{- if or .Values.storage.enabled .Values.cluster.data.tls }} |
| volumeMounts: |
| {{- if .Values.storage.enabled }} |
| {{- range $claim := .Values.storage.persistentVolumeClaims }} |
| {{- if $claim.existingClaimName }} |
| {{- range $claim.mountTargets }} |
| - mountPath: /tmp/{{ . }} |
| name: {{ $claim.existingClaimName }} |
| subPath: {{ . }} |
| {{- end }} |
| {{- else }} |
| {{- range $claim.mountTargets }} |
| - mountPath: /tmp/{{ . }} |
| name: {{ $claim.claimName }} |
| subPath: {{ . }} |
| {{- end }} |
| {{- end }} |
| {{- end }} |
| {{- end }} |
| |
| {{- if .Values.cluster.data.tls }} |
| {{- if .Values.cluster.data.tls.grpcSecretName }} |
| - mountPath: /etc/tls/{{ .Values.cluster.data.tls.grpcSecretName }} |
| name: {{ .Values.cluster.data.tls.grpcSecretName }}-volume |
| {{- end }} |
| {{- if .Values.cluster.data.tls.etcdSecretName }} |
| - mountPath: /etc/tls/{{ .Values.cluster.data.tls.etcdSecretName }} |
| name: {{ .Values.cluster.data.tls.etcdSecretName }}-volume |
| {{- end }} |
| {{- end }} |
| {{- end }} |
| {{- range $sidecar := .Values.cluster.data.sidecar }} |
| - name: {{ $sidecar.name }} |
| image: {{ $sidecar.image }} |
| imagePullPolicy: {{ $sidecar.imagePullPolicy }} |
| command: |
| {{- range $sidecar.commands.normal }} |
| - {{ . | quote }} |
| {{- end }} |
| lifecycle: |
| preStop: |
| exec: |
| command: |
| {{- range $sidecar.commands.preStop }} |
| - {{ . | quote }} |
| {{- end }} |
| {{- if $.Values.storage.enabled }} |
| volumeMounts: |
| {{- range $claim := $.Values.storage.persistentVolumeClaims }} |
| {{- if $claim.existingClaimName }} |
| {{- range $claim.mountTargets }} |
| - mountPath: /tmp/{{ . }} |
| name: {{ $claim.existingClaimName }} |
| subPath: {{ . }} |
| {{- end }} |
| {{- else }} |
| {{- range $claim.mountTargets }} |
| - mountPath: /tmp/{{ . }} |
| name: {{ $claim.claimName }} |
| subPath: {{ . }} |
| {{- end }} |
| {{- end }} |
| {{- end }} |
| {{- end }} |
| {{- end }} |
| |
| {{- if .Values.cluster.data.tls }} |
| volumes: |
| {{- if .Values.cluster.data.tls.grpcSecretName }} |
| - name: {{ .Values.cluster.data.tls.grpcSecretName }}-volume |
| secret: |
| secretName: {{ .Values.cluster.data.tls.grpcSecretName }} |
| {{- end }} |
| {{- if .Values.cluster.data.tls.etcdSecretName }} |
| - name: {{ .Values.cluster.data.tls.etcdSecretName }}-volume |
| secret: |
| secretName: {{ .Values.cluster.data.tls.etcdSecretName }} |
| {{- end }} |
| {{- end }} |
| |
| {{- if .Values.cluster.data.tolerations }} |
| tolerations: |
| {{- range $toleration := .Values.cluster.data.tolerations }} |
| - key: {{ $toleration.key }} |
| operator: {{ $toleration.operator }} |
| value: {{ $toleration.value }} |
| effect: {{ $toleration.effect }} |
| {{- end }} |
| {{- end }} |
| |
| {{- if .Values.cluster.data.nodeSelector }} |
| nodeSelector: |
| {{- range $selector := .Values.cluster.data.nodeSelector }} |
| {{ $selector.key }}: {{ $selector.value }} |
| {{- end }} |
| {{- end }} |
| |
| {{- if .Values.cluster.data.affinity }} |
| {{- $affinity := .Values.cluster.data.affinity }} |
| affinity: |
| {{- if $affinity.nodeAffinity }} |
| nodeAffinity: |
| requiredDuringSchedulingIgnoredDuringExecution: |
| nodeSelectorTerms: |
| {{- range $requirement := $affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms }} |
| {{- range $matchExpression := $requirement.matchExpressions }} |
| - matchExpressions: |
| - key: {{ $matchExpression.key }} |
| operator: {{ $matchExpression.operator }} |
| values: |
| {{- range $v := $matchExpression.values }} |
| - {{ $v }} |
| {{- end }} |
| {{- end }} |
| {{- end }} |
| {{- end }} |
| |
| {{- if $affinity.podAffinity }} |
| podAffinity: |
| requiredDuringSchedulingIgnoredDuringExecution: |
| {{- range $term := $affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution }} |
| - topologyKey: {{ $term.topologyKey }} |
| namespaces: |
| {{- range $ns := $term.namespaces }} |
| - {{ $ns }} |
| {{- end }} |
| labelSelector: |
| matchLabels: |
| {{- range $label := $term.labelSelector.matchLabels }} |
| {{ $label.key }}: {{ $label.value }} |
| {{- end }} |
| {{- end }} |
| {{- end }} |
| {{- end }} |
| {{- if .Values.storage.enabled }} |
| volumeClaimTemplates: |
| {{- range $claim := .Values.storage.persistentVolumeClaims }} |
| - metadata: |
| name: {{ $claim.claimName }} |
| spec: |
| {{- if $claim.accessModes }} |
| accessModes: |
| {{- range $claim.accessModes }} |
| - {{ . }} |
| {{- end }} |
| {{- end }} |
| |
| {{- if $claim.size }} |
| resources: |
| requests: |
| storage: {{ $claim.size }} |
| {{- end }} |
| |
| {{- if $claim.storageClass }} |
| storageClassName: {{ $claim.storageClass }} |
| {{- end }} |
| |
| {{- if $claim.volumeMode }} |
| volumeMode: {{ $claim.volumeMode }} |
| {{- end }} |
| {{- end }} |
| {{- end }} |
| {{- end }} |