charts/ats-ingress/templates/deployment.yaml - trafficserver-ingress-controller - Git at Google

 #  Licensed to the Apache Software Foundation (ASF) under one
 #  or more contributor license agreements.  See the NOTICE file
 #  distributed with this work for additional information
 #  regarding copyright ownership.  The ASF licenses this file
 #  to you under the Apache License, Version 2.0 (the
 #  "License"); you may not use this file except in compliance
 #  with the License.  You may obtain a copy of the License at
 #
 #      http://www.apache.org/licenses/LICENSE-2.0
 #
 #  Unless required by applicable law or agreed to in writing, software
 #  distributed under the License is distributed on an "AS IS" BASIS,
 #  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 #  See the License for the specific language governing permissions and
 #  limitations under the License.
 apiVersion: apps/v1
 kind: Deployment
 metadata:
   name: {{ include "ats-ingress.fullname" . }}
   namespace: {{ .Release.Namespace }}
   labels:
     app.kubernetes.io/name: {{ include "ats-ingress.name" . }}
     helm.sh/chart: {{ include "ats-ingress.chart" . }}
     app.kubernetes.io/managed-by: {{ .Release.Service }}
     app.kubernetes.io/instance: {{ .Release.Name }}
     app.kubernetes.io/version: {{ .Chart.AppVersion }}
     {{- if .Values.controller.extraLabels }}
 {{ toYaml .Values.controller.extraLabels | indent 4 }}
     {{- end }}
 spec:
   minReadySeconds: {{ .Values.controller.minReadySeconds }}

   {{- if not .Values.controller.autoscaling.enabled }}
   replicas: {{ .Values.controller.replicaCount }}
   {{- end }}

   selector:
     matchLabels:
       app.kubernetes.io/name: {{ include "ats-ingress.name" . }}
       app.kubernetes.io/instance: {{ .Release.Name }}
   {{- with .Values.controller.strategy }}
   strategy:
     {{- toYaml . | nindent 4 }}
   {{- end }}
   template:
     metadata:
       labels:
         app.kubernetes.io/name: {{ include "ats-ingress.name" . }}
         app.kubernetes.io/instance: {{ .Release.Name }}
         {{- if .Values.controller.podLabels }}
 {{ toYaml .Values.controller.podLabels | indent 8 }}
         {{- end }}
       {{- if .Values.controller.podAnnotations }}
       annotations:
 {{ toYaml .Values.controller.podAnnotations | indent 8 }}
       {{- end }}
     spec:
       serviceAccountName: {{ include "ats-ingress.serviceAccountName" . }}
       terminationGracePeriodSeconds: {{ .Values.controller.terminationGracePeriodSeconds }}
 {{- if .Values.controller.podSecurityContext }}
       securityContext:
 {{ toYaml .Values.controller.podSecurityContext | indent 8 }}
 {{- end }}
 {{- if .Values.controller.dnsConfig }}
       dnsConfig:
 {{ toYaml .Values.controller.dnsConfig | indent 8 }}
 {{- end }}
       dnsPolicy: {{ .Values.controller.dnsPolicy }}
 {{- if .Values.controller.imageCredentials.registry }}
       imagePullSecrets:
       - name: {{ include "ats-ingress.fullname" . }}
 {{- else if .Values.controller.existingImagePullSecret }}
       imagePullSecrets:
       - name: {{ .Values.controller.existingImagePullSecret }}
 {{- end }}
 {{- if .Values.controller.priorityClassName }}
       priorityClassName: {{ .Values.controller.priorityClassName }}
 {{- end }}
       containers:
         - name: {{ .Chart.Name }}
           image: {{ .Values.controller.image.repository }}:{{ .Values.controller.image.tag | default .Chart.AppVersion }}
           imagePullPolicy: {{ .Values.controller.image.pullPolicy }}
 {{- if .Values.controller.command }}
           command: {{ .Values.controller.command }}
 {{- end }}
           args:
 {{- range .Values.controller.extraArgs }}
           - {{ . }}
 {{- end }}
           volumeMounts:
           - mountPath: {{ .Values.controller.ssl.path | quote }}
             name: {{ .Values.controller.ssl.name }}
             readOnly: true
           - name: log-trafficserver
             mountPath: {{ .Values.controller.log.trafficserver.dir }}
           - name: log-ingress
             mountPath: {{ .Values.controller.log.ingress.dir }}
           {{- range .Values.controller.extraVolumeMounts }}
           - name: {{ .key }}
             value: {{ .value }}
           {{- end }}
           env:
           - name: POD_NAME
             valueFrom:
               fieldRef:
                 fieldPath: metadata.name
           - name: POD_NAMESPACE
             valueFrom:
               fieldRef:
                 fieldPath: metadata.namespace
           - name: POD_TLS_PATH
             value: {{ .Values.controller.ssl.path | quote }}
           {{- range .Values.controller.extraEnvs }}
           - name: {{ .name }}
             value: {{ .value }}
           {{- end }}
           ports:
           - containerPort: 80
             name: http
             protocol: TCP
           - containerPort: 443
             name: https
             protocol: TCP
           resources:
             {{- toYaml .Values.controller.resources | nindent 12 }}
           {{- if .Values.controller.livenessProbe }}
           livenessProbe:
 {{ toYaml .Values.controller.livenessProbe | indent 12 }}
           {{- end }}
           {{- if .Values.controller.readinessProbe }}
           readinessProbe:
 {{ toYaml .Values.controller.readinessProbe | indent 12 }}
           {{- end }}
           {{- if .Values.controller.startupProbe }}
           startupProbe:
 {{ toYaml .Values.controller.startupProbe | indent 12 }}
           {{- end }}
           {{- if .Values.controller.securityContext }}
           securityContext:
 {{ toYaml .Values.controller.securityContext | indent 12 }}
           {{- end }}
           {{- if .Values.controller.lifecycle }}
           lifecycle:
             {{- if eq "string" (printf "%T" .Values.controller.lifecycle) }}
 {{ tpl .Values.controller.lifecycle . | indent 12 }}
             {{- else }}
 {{ toYaml .Values.controller.lifecycle | indent 12 }}
             {{- end }}
           {{- end }}
         {{- if .Values.controller.extraContainers }}
           {{- if eq "string" (printf "%T" .Values.controller.extraContainers) }}
 {{ tpl .Values.controller.extraContainers . | indent 8 }}
           {{- else }}
 {{ toYaml .Values.controller.extraContainers | indent 8 }}
           {{- end }}
         {{- end }}
       volumes:
         - name: {{ .Values.controller.ssl.name }}
           secret:
             secretName: {{ .Values.controller.ssl.secret }}
         - name: log-trafficserver
           emptyDir: {}
         - name: log-ingress
           emptyDir: {}
       {{- if .Values.controller.extraVolumes }}
         {{- if eq "string" (printf "%T" .Values.controller.extraVolumes) }}
 {{ tpl .Values.controller.extraVolumes . | indent 8 }}
         {{- else }}
 {{ toYaml .Values.controller.extraVolumes | indent 8 }}
         {{- end }}
       {{- end }}
       {{- with.Values.controller.initContainers }}
       initContainers:
         {{- toYaml . | nindent 8 }}
       {{- end }}
       {{- with .Values.controller.nodeSelector }}
       nodeSelector:
         {{- toYaml . | nindent 8 }}
       {{- end }}
       {{- with .Values.controller.affinity }}
       affinity:
         {{- toYaml . | nindent 8 }}
       {{- end }}
       {{- with .Values.controller.tolerations }}
       tolerations:
         {{- toYaml . | nindent 8 }}
       {{- end }}
	# Licensed to the Apache Software Foundation (ASF) under one
	# or more contributor license agreements. See the NOTICE file
	# distributed with this work for additional information
	# regarding copyright ownership. The ASF licenses this file
	# to you under the Apache License, Version 2.0 (the
	# "License"); you may not use this file except in compliance
	# with the License. You may obtain a copy of the License at
	#
	# http://www.apache.org/licenses/LICENSE-2.0
	#
	# Unless required by applicable law or agreed to in writing, software
	# distributed under the License is distributed on an "AS IS" BASIS,
	# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	# See the License for the specific language governing permissions and
	# limitations under the License.
	apiVersion: apps/v1
	kind: Deployment
	metadata:
	name: {{ include "ats-ingress.fullname" . }}
	namespace: {{ .Release.Namespace }}
	labels:
	app.kubernetes.io/name: {{ include "ats-ingress.name" . }}
	helm.sh/chart: {{ include "ats-ingress.chart" . }}
	app.kubernetes.io/managed-by: {{ .Release.Service }}
	app.kubernetes.io/instance: {{ .Release.Name }}
	app.kubernetes.io/version: {{ .Chart.AppVersion }}
	{{- if .Values.controller.extraLabels }}
	{{ toYaml .Values.controller.extraLabels \| indent 4 }}
	{{- end }}
	spec:
	minReadySeconds: {{ .Values.controller.minReadySeconds }}

	{{- if not .Values.controller.autoscaling.enabled }}
	replicas: {{ .Values.controller.replicaCount }}
	{{- end }}

	selector:
	matchLabels:
	app.kubernetes.io/name: {{ include "ats-ingress.name" . }}
	app.kubernetes.io/instance: {{ .Release.Name }}
	{{- with .Values.controller.strategy }}
	strategy:
	{{- toYaml . \| nindent 4 }}
	{{- end }}
	template:
	metadata:
	labels:
	app.kubernetes.io/name: {{ include "ats-ingress.name" . }}
	app.kubernetes.io/instance: {{ .Release.Name }}
	{{- if .Values.controller.podLabels }}
	{{ toYaml .Values.controller.podLabels \| indent 8 }}
	{{- end }}
	{{- if .Values.controller.podAnnotations }}
	annotations:
	{{ toYaml .Values.controller.podAnnotations \| indent 8 }}
	{{- end }}
	spec:
	serviceAccountName: {{ include "ats-ingress.serviceAccountName" . }}
	terminationGracePeriodSeconds: {{ .Values.controller.terminationGracePeriodSeconds }}
	{{- if .Values.controller.podSecurityContext }}
	securityContext:
	{{ toYaml .Values.controller.podSecurityContext \| indent 8 }}
	{{- end }}
	{{- if .Values.controller.dnsConfig }}
	dnsConfig:
	{{ toYaml .Values.controller.dnsConfig \| indent 8 }}
	{{- end }}
	dnsPolicy: {{ .Values.controller.dnsPolicy }}
	{{- if .Values.controller.imageCredentials.registry }}
	imagePullSecrets:
	- name: {{ include "ats-ingress.fullname" . }}
	{{- else if .Values.controller.existingImagePullSecret }}
	imagePullSecrets:
	- name: {{ .Values.controller.existingImagePullSecret }}
	{{- end }}
	{{- if .Values.controller.priorityClassName }}
	priorityClassName: {{ .Values.controller.priorityClassName }}
	{{- end }}
	containers:
	- name: {{ .Chart.Name }}
	image: {{ .Values.controller.image.repository }}:{{ .Values.controller.image.tag \| default .Chart.AppVersion }}
	imagePullPolicy: {{ .Values.controller.image.pullPolicy }}
	{{- if .Values.controller.command }}
	command: {{ .Values.controller.command }}
	{{- end }}
	args:
	{{- range .Values.controller.extraArgs }}
	- {{ . }}
	{{- end }}
	volumeMounts:
	- mountPath: {{ .Values.controller.ssl.path \| quote }}
	name: {{ .Values.controller.ssl.name }}
	readOnly: true
	- name: log-trafficserver
	mountPath: {{ .Values.controller.log.trafficserver.dir }}
	- name: log-ingress
	mountPath: {{ .Values.controller.log.ingress.dir }}
	{{- range .Values.controller.extraVolumeMounts }}
	- name: {{ .key }}
	value: {{ .value }}
	{{- end }}
	env:
	- name: POD_NAME
	valueFrom:
	fieldRef:
	fieldPath: metadata.name
	- name: POD_NAMESPACE
	valueFrom:
	fieldRef:
	fieldPath: metadata.namespace
	- name: POD_TLS_PATH
	value: {{ .Values.controller.ssl.path \| quote }}
	{{- range .Values.controller.extraEnvs }}
	- name: {{ .name }}
	value: {{ .value }}
	{{- end }}
	ports:
	- containerPort: 80
	name: http
	protocol: TCP
	- containerPort: 443
	name: https
	protocol: TCP
	resources:
	{{- toYaml .Values.controller.resources \| nindent 12 }}
	{{- if .Values.controller.livenessProbe }}
	livenessProbe:
	{{ toYaml .Values.controller.livenessProbe \| indent 12 }}
	{{- end }}
	{{- if .Values.controller.readinessProbe }}
	readinessProbe:
	{{ toYaml .Values.controller.readinessProbe \| indent 12 }}
	{{- end }}
	{{- if .Values.controller.startupProbe }}
	startupProbe:
	{{ toYaml .Values.controller.startupProbe \| indent 12 }}
	{{- end }}
	{{- if .Values.controller.securityContext }}
	securityContext:
	{{ toYaml .Values.controller.securityContext \| indent 12 }}
	{{- end }}
	{{- if .Values.controller.lifecycle }}
	lifecycle:
	{{- if eq "string" (printf "%T" .Values.controller.lifecycle) }}
	{{ tpl .Values.controller.lifecycle . \| indent 12 }}
	{{- else }}
	{{ toYaml .Values.controller.lifecycle \| indent 12 }}
	{{- end }}
	{{- end }}
	{{- if .Values.controller.extraContainers }}
	{{- if eq "string" (printf "%T" .Values.controller.extraContainers) }}
	{{ tpl .Values.controller.extraContainers . \| indent 8 }}
	{{- else }}
	{{ toYaml .Values.controller.extraContainers \| indent 8 }}
	{{- end }}
	{{- end }}
	volumes:
	- name: {{ .Values.controller.ssl.name }}
	secret:
	secretName: {{ .Values.controller.ssl.secret }}
	- name: log-trafficserver
	emptyDir: {}
	- name: log-ingress
	emptyDir: {}
	{{- if .Values.controller.extraVolumes }}
	{{- if eq "string" (printf "%T" .Values.controller.extraVolumes) }}
	{{ tpl .Values.controller.extraVolumes . \| indent 8 }}
	{{- else }}
	{{ toYaml .Values.controller.extraVolumes \| indent 8 }}
	{{- end }}
	{{- end }}
	{{- with.Values.controller.initContainers }}
	initContainers:
	{{- toYaml . \| nindent 8 }}
	{{- end }}
	{{- with .Values.controller.nodeSelector }}
	nodeSelector:
	{{- toYaml . \| nindent 8 }}
	{{- end }}
	{{- with .Values.controller.affinity }}
	affinity:
	{{- toYaml . \| nindent 8 }}
	{{- end }}
	{{- with .Values.controller.tolerations }}
	tolerations:
	{{- toYaml . \| nindent 8 }}
	{{- end }}