---
apiVersion: v1
kind: Pod
metadata:
  name: haproxy
  namespace: kube-system
spec:
  hostNetwork: true
  priorityClassName: system-node-critical
  containers:
    - name: haproxy
      image: {{ config['HostSystem:images.haproxy'] }}
      imagePullPolicy: IfNotPresent
      hostNetwork: true
      env:
        - name: HAPROXY_CONF
          value: /usr/local/etc/haproxy/haproxy.cfg
      command:
        - /bin/sh
        - -c
        - |
            set -eux

            while [ ! -s "$HAPROXY_CONF" ]; do
                echo Waiting for "HAPROXY_CONF"
                sleep 1
            done

            haproxy -f "$HAPROXY_CONF"

      volumeMounts:
        - name: etc
          mountPath: /usr/local/etc/haproxy
          readOnly: true
  volumes:
    - name: etc
      hostPath:
        path: /etc/promenade/haproxy
  securityContext:
    runAsUser: {{ config.get_path('Genesis:haproxy.run_as_user', '65534') }}