backoffLimit: 20
template:
metadata:
+ annotations:
+ # Workarround to exclude K8S API from istio communication
+ # as init-container (readinessCheck) does not work with the
+ # Istio CNI plugin, see:
+ # (https://istio.io/latest/docs/setup/additional-setup/cni/#compatibility-with-application-init-containers)
+ traffic.sidecar.istio.io/excludeOutboundPorts: "443"
labels:
app: {{ include "common.name" . }}
release: {{ include "common.release" . }}
name: {{ include "common.name" . }}
spec:
- initContainers:
- - name: {{ include "common.name" . }}-readiness
- command:
- - /app/ready.py
- args:
- - --container-name
- - {{ default .Values.global.mariadbGalera.nameOverride .Values.mariadbGalera.containerName }}
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ initContainers: {{ include "common.readinessCheck.waitFor" . | nindent 6 }}
containers:
- name: {{ include "common.name" . }}
- image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ image: {{ include "repositoryGenerator.image.mariadb" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
command:
- - bash
- - /db_init/db_init.sh
+ - /bin/sh
+ - -c
+ - |
+ {{- if include "common.onServiceMesh" . }}
+ echo "waiting 15s for istio side cars to be up"; sleep 15s;{{- end }}
+ /db_init/db_init.sh {{ if or .Values.dbScriptConfigMap .Values.dbScript }} &&
+ /db_config/db_cmd.sh{{ end }}
env:
- name: DB_HOST
- value: "{{ default .Values.global.mariadbGalera.nameOverride .Values.mariadbGalera.serviceName }}"
+ value: {{ include "common.mariadbService" . }}
- name: DB_PORT
- value: "{{ default .Values.global.mariadbGalera.servicePort .Values.mariadbGalera.servicePort }}"
+ value: {{ include "common.mariadbPort" . | quote }}
- name: MYSQL_ROOT_PASSWORD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "root-password" "key" (default "password" .Values.global.mariadbGalera.userRootSecretKey)) | indent 10 }}
- name: {{ printf "MYSQL_USER_%s" .Values.config.mysqlDatabase | upper }}
- mountPath: /etc/localtime
name: localtime
readOnly: true
- - name: mariadb-conf
+ - name: mariadb-init
mountPath: /db_init/
- readOnly: true
- resources:
-{{ include "common.resources" . | indent 12 }}
+{{- if or .Values.dbScriptConfigMap .Values.dbScript }}
+ - name: mariadb-conf
+ mountPath: /db_config/
+{{- end }}
+ resources: {{ include "common.resources" . | nindent 10 }}
+ {{ include "common.waitForJobContainer" . | indent 6 | trim }}
{{- if .Values.nodeSelector }}
nodeSelector:
{{ toYaml .Values.nodeSelector | indent 10 }}
affinity:
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
+ serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes:
- - name: mariadb-conf
- configMap:
- name: {{ include "mariadbInit.configMap" . }}
- name: localtime
hostPath:
path: /etc/localtime
+{{- if or .Values.dbScriptConfigMap .Values.dbScript }}
+ - name: mariadb-conf
+ configMap:
+{{- if .Values.dbScriptConfigMap }}
+ name: {{ tpl .Values.dbScriptConfigMap . }}
+{{- else -}}
+ name: {{ include "common.fullname" . }}-dbscript
+{{- end }}
+ defaultMode: 0755
+{{- end }}
+ - name: mariadb-init
+ configMap:
+ name: {{ include "mariadbInit.configMap" . }}
+ defaultMode: 0755
restartPolicy: Never
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"