kubernetes/policy/charts/policy-xacml-pdp/templates/deployment.yaml

   1 apiVersion: extensions/v1beta1
   2 kind: Deployment
   3 metadata:
   4   name: {{ include "common.fullname" . }}
   5   namespace: {{ include "common.namespace" . }}
   6   labels:
   7     app: {{ include "common.name" . }}
   8     chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
   9     release: {{ include "common.release" . }}
  10     heritage: {{ .Release.Service }}
  11 spec:
  12   replicas: {{ .Values.replicaCount }}
  13   template:
  14     metadata:
  15       labels:
  16         app: {{ include "common.name" . }}
  17         release: {{ include "common.release" . }}
  18     spec:
  19       initContainers:
  20       - command:
  21         - /root/ready.py
  22         args:
  23         - --container-name
  24         - {{ include "common.release" . }}-galera-config
  25         env:
  26         - name: NAMESPACE
  27           valueFrom:
  28             fieldRef:
  29               apiVersion: v1
  30               fieldPath: metadata.namespace
  31         image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
  32         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
  33         name: {{ include "common.name" . }}-readiness
  34       containers:
  35         - name: {{ include "common.name" . }}
  36           image: "{{ include "common.repository" . }}/{{ .Values.image }}"
  37           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
  38           command: ["/opt/app/policy/pdpx/bin/policy-pdpx.sh"]
  39           args: ["/opt/app/policy/pdpx/etc/mounted/config.json"]
  40           env:
  41           - name: SQL_USER
  42             {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 12 }}
  43           - name: SQL_PASSWORD
  44             {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 12 }}
  45           ports:
  46           - containerPort: {{ .Values.service.internalPort }}
  47           # disable liveness probe when breakpoints set in debugger
  48           # so K8s doesn't restart unresponsive container
  49           {{- if eq .Values.liveness.enabled true }}
  50           livenessProbe:
  51             tcpSocket:
  52               port: {{ .Values.service.internalPort }}
  53             initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
  54             periodSeconds: {{ .Values.liveness.periodSeconds }}
  55           {{ end -}}
  56           readinessProbe:
  57             tcpSocket:
  58               port: {{ .Values.service.internalPort }}
  59             initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
  60             periodSeconds: {{ .Values.readiness.periodSeconds }}
  61           volumeMounts:
  62           - mountPath: /etc/localtime
  63             name: localtime
  64             readOnly: true
  65           - mountPath: /opt/app/policy/pdpx/etc/mounted
  66             name: pdpxconfig
  67           resources:
  68 {{ include "common.resources" . | indent 12 }}
  69         {{- if .Values.nodeSelector }}
  70         nodeSelector:
  71 {{ toYaml .Values.nodeSelector | indent 10 }}
  72         {{- end -}}
  73         {{- if .Values.affinity }}
  74         affinity:
  75 {{ toYaml .Values.affinity | indent 10 }}
  76         {{- end }}
  77       volumes:
  78         - name: localtime
  79           hostPath:
  80              path: /etc/localtime
  81         - name: pdpxconfig
  82           configMap:
  83             name: {{ include "common.fullname" . }}-configmap
  84             defaultMode: 0755
  85       imagePullSecrets:
  86       - name: "{{ include "common.namespace" . }}-docker-registry-key"