airship
/
promenade
Code Issues Proposed changes
promenade/charts/coredns/templates/deployment.yaml

174 lines
6.4 KiB
YAML
Raw Blame History

{{/*
Copyright 2018 AT&T Intellectual Property. All other rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- $envAll := . }}
{{- $labels := tuple $envAll "kubernetes" "coredns" | include "helm-toolkit.snippets.kubernetes_metadata_labels" -}}
{{- $kinds := list -}}
{{- if .Values.manifests.deployment -}}{{ $kinds = append $kinds "Deployment" -}}{{- end -}}
{{- if .Values.manifests.daemonset -}}{{ $kinds = append $kinds "DaemonSet" -}}{{- end -}}
{{- range $kinds -}}
{{- $kind := . -}}
---
apiVersion: apps/v1
kind: {{ $kind }}
metadata:
name: coredns
labels:
{{ $labels | indent 4 }}
{{ $envAll.Values.service.name }}: enabled
kubernetes.io/name: "CoreDNS"
annotations:
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
spec:
{{- if eq $kind "Deployment" }}
replicas: {{ $envAll.Values.pod.replicas.coredns }}
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 1
{{- end }}
selector:
matchLabels:
{{ $labels | indent 6 }}
{{ $envAll.Values.service.name }}: enabled
{{- if eq $kind "DaemonSet" }}
{{ tuple $envAll "coredns" | include "helm-toolkit.snippets.kubernetes_upgrades_daemonset" | indent 2 }}
{{- end }}
template:
metadata:
labels:
{{ $labels | indent 8 }}
{{ $envAll.Values.service.name }}: enabled
annotations:
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }}
configmap-bin-hash: {{ tuple "configmap-bin.yaml" $envAll | include "helm-toolkit.utils.hash" }}
configmap-etc-hash: {{ tuple "configmap-etc.yaml" $envAll | include "helm-toolkit.utils.hash" }}
spec:
{{ dict "envAll" $envAll "application" "coredns" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
serviceAccountName: coredns
shareProcessNamespace: true
tolerations:
- key: "CriticalAddonsOnly"
operator: "Exists"
nodeSelector:
{{ $envAll.Values.labels.coredns.node_selector_key }}: {{ $envAll.Values.labels.coredns.node_selector_value }}
terminationGracePeriodSeconds: {{ $envAll.Values.pod.lifecycle.termination_grace_period.coredns.timeout | default "30" }}
{{- if eq $kind "Deployment" }}
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 100
podAffinityTerm:
labelSelector:
matchExpressions:
- key: {{ $envAll.Values.service.name }}
operator: In
values:
- enabled
topologyKey: kubernetes.io/hostname
{{- end }}
containers:
- name: coredns-health
image: {{ $envAll.Values.images.tags.test | quote }}
imagePullPolicy: {{ $envAll.Values.images.pull_policy | quote }}
{{ tuple $envAll $envAll.Values.pod.resources.coredns | include "helm-toolkit.snippets.kubernetes_resources" | indent 8 }}
{{ dict "envAll" $envAll "application" "coredns" "container" "coredns" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 8 }}
command: ["python"]
args:
- "-u"
- "/tmp/bin/probe.py"
- "--filename"
- "/tmp/etc/names_to_resolve"
- "--check-port"
- {{ $envAll.Values.conf.test.coredns_check_port | quote | default "8080" }}
- "--listen-port"
- {{ $envAll.Values.conf.test.ext_health_check_port | quote | default "8282" }}
volumeMounts:
- name: scripts
mountPath: /tmp/bin
- name: dns-names
mountPath: /tmp/etc
livenessProbe:
httpGet:
port: {{ $envAll.Values.conf.test.ext_health_check_port | default "8282" }}
path: /selfcheck
scheme: HTTP
initialDelaySeconds: 60
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 3
readinessProbe:
httpGet:
port: {{ $envAll.Values.conf.test.ext_health_check_port | default "8282" }}
path: /selfcheck
scheme: HTTP
initialDelaySeconds: 10
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 3
- name: coredns
image: {{ $envAll.Values.images.tags.coredns | quote }}
imagePullPolicy: {{ $envAll.Values.images.pull_policy | quote }}
{{ tuple $envAll $envAll.Values.pod.resources.coredns | include "helm-toolkit.snippets.kubernetes_resources" | indent 8 }}
{{ dict "envAll" $envAll "application" "coredns" "container" "coredns" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 8 }}
args: [ "-conf", "/etc/coredns/Corefile" ]
volumeMounts:
- name: config-volume
mountPath: /etc/coredns
ports:
- containerPort: 53
name: dns
protocol: UDP
- containerPort: 53
name: dns-tcp
protocol: TCP
livenessProbe:
httpGet:
port: {{ $envAll.Values.conf.test.ext_health_check_port | default "8282" }}
path: /externalhealth
scheme: HTTP
initialDelaySeconds: 60
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 3
readinessProbe:
httpGet:
port: {{ $envAll.Values.conf.test.ext_health_check_port | default "8282" }}
path: /externalhealth
scheme: HTTP
initialDelaySeconds: 10
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 3
dnsPolicy: Default
volumes:
- name: config-volume
configMap:
name: {{ $envAll.Values.service.name }}-etc
items:
- key: Corefile
path: Corefile
- name: scripts
configMap:
name: {{ $envAll.Values.service.name }}-bin
defaultMode: 0555
- name: dns-names
configMap:
name: {{ $envAll.Values.service.name }}-list
defaultMode: 0555
{{ end }}
View Git Blame Copy Permalink