114 lines
4.3 KiB
YAML
114 lines
4.3 KiB
YAML
{{ if eq (include "multicluster.role" .) "host" }}
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
labels:
|
|
app: ks-controller-manager
|
|
version: {{ .Chart.AppVersion }}
|
|
name: ks-controller-manager
|
|
spec:
|
|
strategy:
|
|
rollingUpdate:
|
|
maxSurge: 0
|
|
maxUnavailable: 1
|
|
type: RollingUpdate
|
|
progressDeadlineSeconds: 600
|
|
replicas: {{ if .Values.ha.enabled }}3{{ else }}1{{ end }}
|
|
revisionHistoryLimit: 10
|
|
selector:
|
|
matchLabels:
|
|
app: ks-controller-manager
|
|
tier: backend
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: ks-controller-manager
|
|
tier: backend
|
|
annotations:
|
|
# force restart ks-controller-manager after the upgrade is complete if kubesphere-config changes
|
|
checksum/config: {{ include (print $.Template.BasePath "/kubesphere-config.yaml") . | sha256sum }}
|
|
spec:
|
|
serviceAccountName: {{ template "ks-core.serviceAccountName" . }}
|
|
{{- if .Values.global.imagePullSecrets }}
|
|
imagePullSecrets: {{ toYaml .Values.global.imagePullSecrets | nindent 8 }}
|
|
{{- end }}
|
|
{{- if .Values.nodeSelector }}
|
|
nodeSelector: {{- include "common.tplvalues.render" ( dict "value" .Values.nodeSelector "context" $) | nindent 8 }}
|
|
{{- end }}
|
|
affinity:
|
|
{{- with .Values.affinity }}
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
podAntiAffinity:
|
|
{{- if .Values.controller.hardAntiAffinity }}
|
|
requiredDuringSchedulingIgnoredDuringExecution:
|
|
- labelSelector:
|
|
matchLabels:
|
|
app: ks-controller-manager
|
|
topologyKey: kubernetes.io/hostname
|
|
namespaces:
|
|
- {{ .Release.Namespace | quote }}
|
|
{{- else }}
|
|
preferredDuringSchedulingIgnoredDuringExecution:
|
|
- weight: 100
|
|
podAffinityTerm:
|
|
labelSelector:
|
|
matchLabels:
|
|
app: ks-controller-manager
|
|
topologyKey: kubernetes.io/hostname
|
|
namespaces:
|
|
- {{ .Release.Namespace | quote }}
|
|
{{- end }}
|
|
{{- if .Values.tolerations }}
|
|
tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.tolerations "context" .) | nindent 8 }}
|
|
{{- end }}
|
|
dnsPolicy: ClusterFirst
|
|
restartPolicy: Always
|
|
schedulerName: default-scheduler
|
|
terminationGracePeriodSeconds: 30
|
|
containers:
|
|
- name: ks-controller-manager
|
|
image: {{ template "controller.image" . }}
|
|
imagePullPolicy: {{ .Values.controller.image.pullPolicy }}
|
|
{{- if .Values.controller.containerPorts }}
|
|
ports: {{- include "common.tplvalues.render" (dict "value" .Values.controller.containerPorts "context" $) | nindent 12 }}
|
|
{{- end }}
|
|
{{- if .Values.controller.command }}
|
|
command: {{- include "common.tplvalues.render" (dict "value" .Values.controller.command "context" $) | nindent 12 }}
|
|
{{- end }}
|
|
env:
|
|
{{- if .Values.controller.extraEnvVars }}
|
|
{{- include "common.tplvalues.render" (dict "value" .Values.controller.extraEnvVars "context" $) | nindent 12 }}
|
|
{{- end }}
|
|
{{- if .Values.controller.resources }}
|
|
resources: {{- toYaml .Values.controller.resources | nindent 12 }}
|
|
{{- end }}
|
|
volumeMounts:
|
|
- mountPath: /etc/kubesphere/
|
|
name: kubesphere-config
|
|
- mountPath: /tmp/k8s-webhook-server/serving-certs
|
|
name: webhook-cert
|
|
- mountPath: /etc/localtime
|
|
name: host-time
|
|
readOnly: true
|
|
{{- if .Values.controller.extraVolumeMounts }}
|
|
{{- include "common.tplvalues.render" (dict "value" .Values.controller.extraVolumeMounts "context" $) | nindent 12 }}
|
|
{{- end }}
|
|
volumes:
|
|
- name: kubesphere-config
|
|
configMap:
|
|
name: kubesphere-config
|
|
defaultMode: 420
|
|
- name: webhook-cert
|
|
secret:
|
|
defaultMode: 420
|
|
secretName: ks-controller-manager-webhook-cert
|
|
- hostPath:
|
|
path: /etc/localtime
|
|
type: ""
|
|
name: host-time
|
|
{{- if .Values.controller.extraVolumes }}
|
|
{{- include "common.tplvalues.render" (dict "value" .Values.controller.extraVolumes "context" $) | nindent 8 }}
|
|
{{- end }}
|
|
{{ end }}
|