selector: {{- include "common.selectors" . | nindent 4 }}
template:
metadata: {{- include "common.templateMetadata" . | nindent 6 }}
+ {{- if (include "common.onServiceMesh" . ) }}
+ annotations:
+ {{- if eq ( .Values.global.serviceMesh.engine ) "linkerd" }}
+ linkerd.io/inject: disabled
+ {{- end }}
+ {{- if eq ( .Values.global.serviceMesh.engine ) "istio" }}
+ sidecar.istio.io/rewriteAppHTTPProbers: "false"
+ proxy.istio.io/config: '{ "holdApplicationUntilProxyStarts": true }'
+ {{- end }}
+ {{- end }}
spec:
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
lifecycle:
postStart:
exec:
- command: ["/bin/sh", "-c", "/opt/primekey/scripts/ejbca-config.sh"]
+ command:
+ - sh
+ - -c
+ - |
+ sleep 60; /opt/primekey/scripts/ejbca-config.sh
volumeMounts:
- name: "{{ include "common.fullname" . }}-volume"
mountPath: /opt/primekey/scripts/
# probe configuration parameters
liveness:
path: /ejbca/publicweb/healthcheck/ejbcahealth
- port: api
- initialDelaySeconds: 30
+ port: 8443
+ initialDelaySeconds: 180
periodSeconds: 30
readiness:
path: /ejbca/publicweb/healthcheck/ejbcahealth
- port: api
- initialDelaySeconds: 30
+ port: 8443
+ initialDelaySeconds: 180
periodSeconds: 30
service:
port_protocol: http
# Resource Limit flavor -By Default using small
-flavor: small
+flavor: unlimited
# Segregation for Different environment (Small and Large)
resources:
small:
Code Review / oom.git / commitdiff