forked from mendersoftware/mender-helm
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathtenantadm-deploy.yaml
112 lines (101 loc) · 3.58 KB
/
tenantadm-deploy.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
{{- if and (.Values.global.enterprise) (.Values.tenantadm.enabled) }}
apiVersion: apps/v1
kind: Deployment
metadata:
name: tenantadm
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: tenantadm
app.kubernetes.io/managed-by: {{ .Release.Service }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/component: tenantadm
app.kubernetes.io/part-of: mender
helm.sh/chart: "{{ .Chart.Name }}"
spec:
replicas: {{ .Values.tenantadm.replicas }}
selector:
matchLabels:
app.kubernetes.io/name: tenantadm
# if deployment is not completed within 10 min, consider it failed,
# as result deployment Reason=ProgressDeadlineExceeded
# needs to be big enough to rollout to complete
progressDeadlineSeconds: 600
# Rollout upgrade one by one
# In this case we warranty there are always instances online.
# In case any issues, they will be detected early and deployment be stopped.
strategy:
rollingUpdate:
maxSurge: 1
maxUnavailable: 1
template:
metadata:
{{- with .Values.tenantadm.podAnnotations }}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
app.kubernetes.io/name: tenantadm
spec:
{{- with .Values.tenantadm.affinity }}
affinity: {{ tpl (toYaml .) $ | nindent 8 }}
{{- end }}
containers:
- name: tenantadm
image: {{ .Values.tenantadm.image.registry }}/{{ .Values.tenantadm.image.repository }}:{{ .Values.tenantadm.image.tag }}
imagePullPolicy: {{ .Values.tenantadm.image.imagePullPolicy }}
resources:
{{ toYaml .Values.tenantadm.resources | indent 10 }}
# Readiness/liveness probes
readinessProbe:
httpGet:
path: /api/internal/v1/tenantadm/health
port: 8080
periodSeconds: 15
livenessProbe:
httpGet:
path: /api/internal/v1/tenantadm/alive
port: 8080
periodSeconds: 5
startupProbe:
httpGet:
path: /api/internal/v1/tenantadm/alive
port: 8080
failureThreshold: 36
periodSeconds: 5
volumeMounts:
- name: rsa
mountPath: "/etc/tenantadm/rsa/"
readOnly: true
env:
- name: TENANTADM_MIDDLEWARE
value: {{ .Values.tenantadm.env.TENANTADM_MIDDLEWARE | quote }}
- name: TENANTADM_SERVER_PRIV_KEY_PATH
value: {{ .Values.tenantadm.env.TENANTADM_SERVER_PRIV_KEY_PATH | quote }}
- name: TENANTADM_ORCHESTRATOR_ADDR
value: {{ .Values.tenantadm.env.TENANTADM_ORCHESTRATOR_ADDR | quote }}
- name: TENANTADM_RECAPTCHA_URL_VERIFY
value: {{ .Values.tenantadm.env.TENANTADM_RECAPTCHA_URL_VERIFY | quote }}
- name: TENANTADM_DEFAULT_API_LIMITS
value: {{ .Values.tenantadm.env.TENANTADM_DEFAULT_API_LIMITS | quote }}
{{- if .Values.global.hosted }}
- name: TENANTADM_ENABLE_SELF_SERVICE_SIGN_UP
value: {{ .Values.global.hosted | quote }}
{{- end }}
# Supported configuration settings: https://github.com/mendersoftware/tenantadm/blob/master/config.yaml
# Set in order, last value for the key will be used in case duplications.
envFrom:
- prefix: TENANTADM_
secretRef:
name: mongodb-common
{{- with .Values.tenantadm.nodeSelector }}
nodeSelector: {{ toYaml . | nindent 8 }}
{{- end }}
volumes:
- name: rsa
secret:
secretName: rsa-tenantadm
{{- if .Values.global.image.username }}
imagePullSecrets:
- name: docker-registry
{{- end }}
{{- end }}