# A headless service to create DNS records.
apiVersion: v1
kind: Service
metadata:
  name: {{ template "hdfs-k8s.krb5.fullname" . }}
  labels:
    app: {{ template "hdfs-k8s.krb5.name" . }}
    chart: {{ template "hdfs-k8s.subchart" . }}
    release: {{ .Release.Name }}
  annotations:
    # TODO: Deprecated. Replace tolerate-unready-endpoints with
    # v1.Service.PublishNotReadyAddresses.
    service.alpha.kubernetes.io/tolerate-unready-endpoints: "true"
spec:
  ports:
    - port: {{ .Values.service.port }}
      protocol: TCP
      name: kdc-tcp
    - port: {{ .Values.service.port }}
      protocol: UDP
      name: kdc-udp
  clusterIP: None
  selector:
    app: {{ template "hdfs-k8s.krb5.name" . }}
    release: {{ .Release.Name }}
---
apiVersion: apps/v1beta1
kind: StatefulSet
metadata:
  name: {{ template "hdfs-k8s.krb5.fullname" . }}
  labels:
    app: {{ template "hdfs-k8s.krb5.name" . }}
    chart: {{ template "hdfs-k8s.subchart" . }}
    release: {{ .Release.Name }}
spec:
  serviceName: {{ template "hdfs-k8s.krb5.fullname" . }}
  replicas: {{ .Values.replicaCount }}
  selector:
    matchLabels:
      app: {{ template "hdfs-k8s.krb5.name" . }}
      release: {{ .Release.Name }}
  template:
    metadata:
      labels:
        app: {{ template "hdfs-k8s.krb5.name" . }}
        release: {{ .Release.Name }}
      {{- if .Values.podAnnotations }}
      annotations:
{{ toYaml .Values.podAnnotations | indent 8 }}
      {{- end }}
    spec:
      containers:
        - name: {{ .Chart.Name }}
          image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
          imagePullPolicy: {{ .Values.image.pullPolicy }}
          env:
            - name: KRB5_REALM
              value: {{ .Values.global.kerberosRealm }}
            - name: KRB5_KDC
              value: {{ template "krb5-svc-0" . }}
          ports:
            - name: kdc-tcp
              containerPort: 88
              protocol: TCP
            - name: kdc-udp
              containerPort: 88
              protocol: UDP
          livenessProbe:
            tcpSocket:
              port: kdc-tcp
          readinessProbe:
            tcpSocket:
              port: kdc-tcp
      restartPolicy: Always
      {{- if .Values.global.podSecurityContext.enabled }}
      securityContext:
        runAsUser: {{ .Values.global.podSecurityContext.runAsUser }}
        fsGroup: {{ .Values.global.podSecurityContext.fsGroup }}
      {{- end }}
  volumeClaimTemplates:
    - metadata:
        name: datadir
      spec:
        accessModes:
          - {{ .Values.persistence.accessMode | quote }}
        resources:
          requests:
            storage: {{ .Values.persistence.size | quote }}
      {{- if .Values.persistence.storageClass }}
        {{- if (eq "-" .Values.persistence.storageClass) }}
        storageClassName: ""
        {{- else }}
        storageClassName: "{{ .Values.persistence.storageClass }}"
        {{- end }}
      {{- end }}
      {{- if .Values.persistence.selector }}
        selector:
{{ toYaml .Values.persistence.selector | indent 10 }}
      {{- end }}