Google Git
Sign in
apache / skywalking-banyandb-helm / HEAD / . / chart / templates / statefulset.yaml
blob: 78afc706d0e68da91b121885a46b147f93e2276e [file] [log] [blame]
# Licensed to Apache Software Foundation (ASF) under one or more contributor
# license agreements. See the NOTICE file distributed with
# this work for additional information regarding copyright
# ownership. Apache Software Foundation (ASF) licenses this file to you under
# the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
{{- if .Values.standalone.enabled }}
apiVersion: apps/v1
kind: StatefulSet
metadata:
labels:
app: {{ template "banyandb.name" . }}
chart: {{ .Chart.Name }}-{{ .Chart.Version }}
component: "{{ .Values.standalone.name }}"
heritage: {{ .Release.Service }}
release: {{ .Release.Name }}
name: {{ template "banyandb.fullname" . }}
spec:
serviceName: banyandb
replicas: 1
selector:
matchLabels:
app: {{ template "banyandb.name" . }}
component: "{{ .Values.standalone.name }}"
release: {{ .Release.Name }}
template:
metadata:
labels:
app: {{ template "banyandb.name" . }}
component: "{{ .Values.standalone.name }}"
release: {{ .Release.Name }}
{{- if .Values.standalone.podAnnotations }}
annotations:
{{ toYaml .Values.standalone.podAnnotations | indent 8 }}
{{- end }}
spec:
serviceAccountName: {{ template "banyandb.serviceAccountName" . }}
{{- with .Values.standalone.securityContext }}
securityContext:
{{- toYaml . | nindent 8 }}
{{- end }}
priorityClassName: {{ .Values.standalone.priorityClassName }}
containers:
- name: {{ .Values.standalone.name }}
image: {{ .Values.image.repository }}:{{ required "banyandb.image.tag is required" .Values.image.tag }}
imagePullPolicy: {{ .Values.image.pullPolicy }}
env:
{{- range $env := .Values.standalone.env }}
- name: {{ $env.name }}
value: {{ $env.value }}
{{- end }}
{{- if .Values.standalone.tls}}
{{- if .Values.standalone.tls.grpcSecretName }}
- name: BYDB_TLS
value: "true"
- name: BYDB_CERT_FILE
value: "/etc/tls/{{ .Values.standalone.tls.grpcSecretName }}/tls.crt"
- name: BYDB_KEY_FILE
value: "/etc/tls/{{ .Values.standalone.tls.grpcSecretName }}/tls.key"
- name: BYDB_HTTP_GRPC_CERT_FILE
value: "/etc/tls/{{ .Values.standalone.tls.grpcSecretName }}/tls.crt"
{{- end }}
{{- if .Values.standalone.tls.httpSecretName }}
- name: BYDB_HTTP_TLS
value: "true"
- name: BYDB_HTTP_CERT_FILE
value: "/etc/tls/{{ .Values.standalone.tls.httpSecretName }}/tls.crt"
- name: BYDB_HTTP_KEY_FILE
value: "/etc/tls/{{ .Values.standalone.tls.httpSecretName }}/tls.key"
{{- end }}
{{- end }}
args:
- standalone
ports:
- containerPort: 17912
name: grpc
- containerPort: 17913
name: http
- containerPort: 6060
name: pprof
- containerPort: 2121
name: observebility
readinessProbe:
exec:
command:
- sh
- -c
- "/bydbctl health {{- if .Values.standalone.tls }} --enable-tls {{- else }} --insecure{{- end}}"
initialDelaySeconds: 20
periodSeconds: 60
livenessProbe:
exec:
command:
- sh
- -c
- "/bydbctl health {{- if .Values.standalone.tls }} --enable-tls {{- else }} --insecure{{- end}}"
initialDelaySeconds: 20
periodSeconds: 60
{{- if.Values.standalone.resources }}
resources:
{{- if.Values.standalone.resources.requests }}
requests:
{{- range $request := .Values.standalone.resources.requests }}
{{ $request.key }}: {{ $request.value }}
{{- end }}
{{- end }}
{{- if.Values.standalone.resources.limits }}
limits:
{{- range $limit := .Values.standalone.resources.limits }}
{{ $limit.key }}: {{ $limit.value }}
{{- end }}
{{- end }}
{{- end }}
{{- if or .Values.storage.enabled .Values.standalone.tls }}
volumeMounts:
{{- if .Values.storage.enabled }}
{{- range $claim := .Values.storage.persistentVolumeClaims }}
{{- if $claim.existingClaimName }}
{{- range $claim.mountTargets }}
- mountPath: /tmp/{{ . }}
name: {{ $claim.existingClaimName }}
subPath: {{ . }}
{{- end }}
{{- else }}
{{- range $claim.mountTargets }}
- mountPath: /tmp/{{ . }}
name: {{ $claim.claimName }}
subPath: {{ . }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}
{{- if .Values.standalone.tls.grpcSecretName }}
- mountPath: /etc/tls/{{ .Values.standalone.tls.grpcSecretName }}
name: {{ .Values.standalone.tls.grpcSecretName }}-volume
{{- end }}
{{- if and .Values.standalone.tls.httpSecretName (ne .Values.standalone.tls.httpSecretName .Values.standalone.tls.grpcSecretName) }}
- mountPath: /etc/tls/{{ .Values.standalone.tls.httpSecretName }}
name: {{ .Values.standalone.tls.httpSecretName }}-volume
{{- end }}
{{- end }}
{{- if .Values.standalone.tls }}
volumes:
{{- if .Values.standalone.tls.grpcSecretName }}
- name: {{ .Values.standalone.tls.grpcSecretName }}-volume
secret:
secretName: {{ .Values.standalone.tls.grpcSecretName }}
{{- end }}
{{- if and .Values.standalone.tls.httpSecretName (ne .Values.standalone.tls.httpSecretName .Values.standalone.tls.grpcSecretName) }}
- name: {{ .Values.standalone.tls.httpSecretName }}-volume
secret:
secretName: {{ .Values.standalone.tls.httpSecretName }}
{{- end }}
{{- end }}
{{- if .Values.standalone.tolerations }}
tolerations:
{{- range $toleration := .Values.standalone.tolerations }}
- key: {{ $toleration.key }}
operator: {{ $toleration.operator }}
value: {{ $toleration.value }}
effect: {{ $toleration.effect }}
{{- end }}
{{- end }}
{{- if .Values.standalone.nodeSelector }}
nodeSelector:
{{- range $selector := .Values.standalone.nodeSelector }}
{{ $selector.key }}: {{ $selector.value }}
{{- end }}
{{- end }}
{{- if .Values.standalone.affinity }}
{{- $affinity := .Values.standalone.affinity }}
affinity:
{{- if $affinity.nodeAffinity }}
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
{{- range $requirement := $affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms }}
{{- range $matchExpression := $requirement.matchExpressions }}
- matchExpressions:
- key: {{ $matchExpression.key }}
operator: {{ $matchExpression.operator }}
values:
{{- range $v := $matchExpression.values }}
- {{ $v }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}
{{- if $affinity.podAffinity }}
podAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
{{- range $term := $affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution }}
- topologyKey: {{ $term.topologyKey }}
namespaces:
{{- range $ns := $term.namespaces }}
- {{ $ns }}
{{- end }}
labelSelector:
matchLabels:
{{- range $label := $term.labelSelector.matchLabels }}
{{ $label.key }}: {{ $label.value }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}
{{- if .Values.storage.enabled }}
volumeClaimTemplates:
{{- range $claim := .Values.storage.persistentVolumeClaims }}
- metadata:
name: {{ $claim.claimName }}
spec:
{{- if $claim.accessModes }}
accessModes:
{{- range $claim.accessModes }}
- {{ . }}
{{- end }}
{{- end }}
{{- if $claim.size }}
resources:
requests:
storage: {{ $claim.size }}
{{- end }}
{{- if $claim.storageClass }}
storageClassName: {{ $claim.storageClass }}
{{- end }}
{{- if $claim.volumeMode }}
volumeMode: {{ $claim.volumeMode }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}
{{- if and .Values.cluster.enabled .Values.cluster.data }}
apiVersion: apps/v1
kind: StatefulSet
metadata:
labels:
app: {{ template "banyandb.name" . }}
chart: {{ .Chart.Name }}-{{ .Chart.Version }}
component: "{{ .Values.cluster.data.name }}"
heritage: {{ .Release.Service }}
release: {{ .Release.Name }}
name: {{ template "banyandb.fullname" . }}
spec:
serviceName: banyandb
replicas: {{ .Values.cluster.data.replicas }}
selector:
matchLabels:
app: {{ template "banyandb.name" . }}
component: "{{ .Values.cluster.data.name }}"
release: {{ .Release.Name }}
role: {{ .Values.cluster.data.role }}
template:
metadata:
labels:
app: {{ template "banyandb.name" . }}
component: "{{ .Values.cluster.data.name }}"
release: {{ .Release.Name }}
role: {{ .Values.cluster.data.role }}
{{- if .Values.cluster.data.podAnnotations }}
annotations:
{{ toYaml .Values.cluster.data.podAnnotations | indent 8 }}
{{- end }}
spec:
serviceAccountName: {{ template "banyandb.serviceAccountName" . }}
{{- with .Values.cluster.data.securityContext }}
securityContext:
{{- toYaml . | nindent 8 }}
{{- end }}
priorityClassName: {{ .Values.cluster.data.priorityClassName }}
containers:
- name: {{ .Values.cluster.data.name }}
image: {{ .Values.image.repository }}:{{ required "banyandb.image.tag is required" .Values.image.tag }}
imagePullPolicy: {{ .Values.image.pullPolicy }}
env:
{{- range $env := .Values.cluster.data.env }}
- name: {{ $env.name }}
value: {{ $env.value }}
{{- end }}
{{- if .Values.cluster.data.tls}}
{{- if .Values.cluster.data.tls.grpcSecretName }}
- name: BYDB_TLS
value: "true"
- name: BYDB_CERT_FILE
value: "/etc/tls/{{ .Values.cluster.data.tls.grpcSecretName }}/tls.crt"
- name: BYDB_KEY_FILE
value: "/etc/tls/{{ .Values.cluster.data.tls.grpcSecretName }}/tls.key"
- name: BYDB_HTTP_GRPC_CERT_FILE
value: "/etc/tls/{{ .Values.cluster.data.tls.grpcSecretName }}/tls.crt"
{{- end }}
{{- end }}
{{- if and .Values.etcd.auth.rbac.create (not .Values.etcd.auth.rbac.allowNoneAuthentication) }}
- name: BYDB_ETCD_USERNAME
value: "root"
- name: BYDB_ETCD_PASSWORD
value: {{ .Values.etcd.auth.rbac.rootPassword }}
{{- end }}
{{- if .Values.etcd.auth.client.secureTransport }}
- name: BYDB_ETCD_TLS_CA_FILE
value: "/etc/tls/{{ .Values.cluster.data.tls.etcdSecretName }}/ca.crt"
{{- end }}
{{- if .Values.etcd.auth.client.enableAuthentication }}
- name: BYDB_ETCD_TLS_CERT_FILE
value: "/etc/tls/{{ .Values.cluster.data.tls.etcdSecretName }}/tls.crt"
- name: BYDB_ETCD_TLS_KEY_FILE
value: "/etc/tls/{{ .Values.cluster.data.tls.etcdSecretName }}/tls.key"
{{- end }}
{{- if and (not .Values.etcd.enabled) .Values.cluster.etcdEndpoints }}
- name: BYDB_ETCD_ENDPOINTS
value: "{{- .Values.cluster.etcdEndpoints | join "," -}}"
{{- else }}
{{- include "banyandb.etcdEndpoints" . | nindent 12 }}
{{- end }}
- name: BYDB_NODE_HOST_PROVIDER
value: "ip"
- name: BYDB_NODE_HOST
valueFrom:
fieldRef:
fieldPath: status.podIP
args:
- data
ports:
- containerPort: 17912
name: grpc
- containerPort: 6060
name: pprof
- containerPort: 2121
name: observebility
readinessProbe:
exec:
command:
- sh
- -c
- "/bydbctl health --grpc-addr=localhost:17912 {{- if .Values.cluster.data.tls }} --enable-tls --insecure{{- end}}"
initialDelaySeconds: 20
periodSeconds: 60
livenessProbe:
exec:
command:
- sh
- -c
- "/bydbctl health --grpc-addr=localhost:17912 {{- if .Values.cluster.data.tls }} --enable-tls --insecure{{- end}}"
initialDelaySeconds: 20
periodSeconds: 60
{{- if.Values.cluster.data.resources }}
resources:
{{- if.Values.cluster.data.resources.requests }}
requests:
{{- range $request := .Values.cluster.data.resources.requests }}
{{ $request.key }}: {{ $request.value }}
{{- end }}
{{- end }}
{{- if.Values.cluster.data.resources.limits }}
limits:
{{- range $limit := .Values.cluster.data.resources.limits }}
{{ $limit.key }}: {{ $limit.value }}
{{- end }}
{{- end }}
{{- end }}
{{- if or .Values.storage.enabled .Values.cluster.data.tls }}
volumeMounts:
{{- if .Values.storage.enabled }}
{{- range $claim := .Values.storage.persistentVolumeClaims }}
{{- if $claim.existingClaimName }}
{{- range $claim.mountTargets }}
- mountPath: /tmp/{{ . }}
name: {{ $claim.existingClaimName }}
subPath: {{ . }}
{{- end }}
{{- else }}
{{- range $claim.mountTargets }}
- mountPath: /tmp/{{ . }}
name: {{ $claim.claimName }}
subPath: {{ . }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}
{{- if .Values.cluster.data.tls }}
{{- if .Values.cluster.data.tls.grpcSecretName }}
- mountPath: /etc/tls/{{ .Values.cluster.data.tls.grpcSecretName }}
name: {{ .Values.cluster.data.tls.grpcSecretName }}-volume
{{- end }}
{{- if .Values.cluster.data.tls.etcdSecretName }}
- mountPath: /etc/tls/{{ .Values.cluster.data.tls.etcdSecretName }}
name: {{ .Values.cluster.data.tls.etcdSecretName }}-volume
{{- end }}
{{- end }}
{{- end }}
{{- range $sidecar := .Values.cluster.data.sidecar }}
- name: {{ $sidecar.name }}
image: {{ $sidecar.image }}
imagePullPolicy: {{ $sidecar.imagePullPolicy }}
command:
{{- range $sidecar.commands.normal }}
- {{ . | quote }}
{{- end }}
lifecycle:
preStop:
exec:
command:
{{- range $sidecar.commands.preStop }}
- {{ . | quote }}
{{- end }}
{{- if $.Values.storage.enabled }}
volumeMounts:
{{- range $claim := $.Values.storage.persistentVolumeClaims }}
{{- if $claim.existingClaimName }}
{{- range $claim.mountTargets }}
- mountPath: /tmp/{{ . }}
name: {{ $claim.existingClaimName }}
subPath: {{ . }}
{{- end }}
{{- else }}
{{- range $claim.mountTargets }}
- mountPath: /tmp/{{ . }}
name: {{ $claim.claimName }}
subPath: {{ . }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}
{{- if .Values.cluster.data.tls }}
volumes:
{{- if .Values.cluster.data.tls.grpcSecretName }}
- name: {{ .Values.cluster.data.tls.grpcSecretName }}-volume
secret:
secretName: {{ .Values.cluster.data.tls.grpcSecretName }}
{{- end }}
{{- if .Values.cluster.data.tls.etcdSecretName }}
- name: {{ .Values.cluster.data.tls.etcdSecretName }}-volume
secret:
secretName: {{ .Values.cluster.data.tls.etcdSecretName }}
{{- end }}
{{- end }}
{{- if .Values.cluster.data.tolerations }}
tolerations:
{{- range $toleration := .Values.cluster.data.tolerations }}
- key: {{ $toleration.key }}
operator: {{ $toleration.operator }}
value: {{ $toleration.value }}
effect: {{ $toleration.effect }}
{{- end }}
{{- end }}
{{- if .Values.cluster.data.nodeSelector }}
nodeSelector:
{{- range $selector := .Values.cluster.data.nodeSelector }}
{{ $selector.key }}: {{ $selector.value }}
{{- end }}
{{- end }}
{{- if .Values.cluster.data.affinity }}
{{- $affinity := .Values.cluster.data.affinity }}
affinity:
{{- if $affinity.nodeAffinity }}
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
{{- range $requirement := $affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms }}
{{- range $matchExpression := $requirement.matchExpressions }}
- matchExpressions:
- key: {{ $matchExpression.key }}
operator: {{ $matchExpression.operator }}
values:
{{- range $v := $matchExpression.values }}
- {{ $v }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}
{{- if $affinity.podAffinity }}
podAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
{{- range $term := $affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution }}
- topologyKey: {{ $term.topologyKey }}
namespaces:
{{- range $ns := $term.namespaces }}
- {{ $ns }}
{{- end }}
labelSelector:
matchLabels:
{{- range $label := $term.labelSelector.matchLabels }}
{{ $label.key }}: {{ $label.value }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}
{{- if .Values.storage.enabled }}
volumeClaimTemplates:
{{- range $claim := .Values.storage.persistentVolumeClaims }}
- metadata:
name: {{ $claim.claimName }}
spec:
{{- if $claim.accessModes }}
accessModes:
{{- range $claim.accessModes }}
- {{ . }}
{{- end }}
{{- end }}
{{- if $claim.size }}
resources:
requests:
storage: {{ $claim.size }}
{{- end }}
{{- if $claim.storageClass }}
storageClassName: {{ $claim.storageClass }}
{{- end }}
{{- if $claim.volumeMode }}
volumeMode: {{ $claim.volumeMode }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}