Gitiles
Code Review Sign In
code.v1.dodo.cloud / helm-charts / refs/heads/main / . / charts / ingress-nginx / templates / controller-daemonset.yaml
blob: 82abe7564210f5a1a0be85946dc945adb0127b4e [file] [log] [blame]
Giorgi Lekveishvili4ec4c022024-08-17 15:09:24 +0400[diff] [blame]1{{- if or (eq .Values.controller.kind "DaemonSet") (eq .Values.controller.kind "Both") -}}
2{{- include "isControllerTagValid" . -}}
3apiVersion: apps/v1
4kind: DaemonSet
5metadata:
6 labels:
7 {{- include "ingress-nginx.labels" . | nindent 4 }}
8 app.kubernetes.io/component: controller
9 {{- with .Values.controller.labels }}
10 {{- toYaml . | nindent 4 }}
11 {{- end }}
12 name: {{ include "ingress-nginx.controller.fullname" . }}
13 namespace: {{ .Release.Namespace }}
14 {{- if .Values.controller.annotations }}
15 annotations: {{ toYaml .Values.controller.annotations | nindent 4 }}
16 {{- end }}
17spec:
18 selector:
19 matchLabels:
20 {{- include "ingress-nginx.selectorLabels" . | nindent 6 }}
21 app.kubernetes.io/component: controller
22 revisionHistoryLimit: {{ .Values.revisionHistoryLimit }}
23 {{- if .Values.controller.updateStrategy }}
24 updateStrategy: {{ toYaml .Values.controller.updateStrategy | nindent 4 }}
25 {{- end }}
26 minReadySeconds: {{ .Values.controller.minReadySeconds }}
27 template:
28 metadata:
29 {{- if .Values.controller.podAnnotations }}
30 annotations:
31 {{- range $key, $value := .Values.controller.podAnnotations }}
32 {{ $key }}: {{ $value | quote }}
33 {{- end }}
34 {{- end }}
35 labels:
36 {{- include "ingress-nginx.labels" . | nindent 8 }}
37 app.kubernetes.io/component: controller
38 {{- with .Values.controller.labels }}
39 {{- toYaml . | nindent 8 }}
40 {{- end }}
41 {{- if .Values.controller.podLabels }}
42 {{- toYaml .Values.controller.podLabels | nindent 8 }}
43 {{- end }}
44 spec:
45 {{- if .Values.controller.dnsConfig }}
46 dnsConfig: {{ toYaml .Values.controller.dnsConfig | nindent 8 }}
47 {{- end }}
48 {{- if .Values.controller.hostname }}
49 hostname: {{ toYaml .Values.controller.hostname | nindent 8 }}
50 {{- end }}
51 dnsPolicy: {{ .Values.controller.dnsPolicy }}
52 {{- if .Values.imagePullSecrets }}
53 imagePullSecrets: {{ toYaml .Values.imagePullSecrets | nindent 8 }}
54 {{- end }}
55 {{- if .Values.controller.priorityClassName }}
56 priorityClassName: {{ .Values.controller.priorityClassName | quote }}
57 {{- end }}
58 {{- if or .Values.controller.podSecurityContext .Values.controller.sysctls }}
59 securityContext:
60 {{- end }}
61 {{- if .Values.controller.podSecurityContext }}
62 {{- toYaml .Values.controller.podSecurityContext | nindent 8 }}
63 {{- end }}
64 {{- if .Values.controller.sysctls }}
65 sysctls:
66 {{- range $sysctl, $value := .Values.controller.sysctls }}
67 - name: {{ $sysctl | quote }}
68 value: {{ $value | quote }}
69 {{- end }}
70 {{- end }}
71 {{- if .Values.controller.shareProcessNamespace }}
72 shareProcessNamespace: {{ .Values.controller.shareProcessNamespace }}
73 {{- end }}
74 containers:
75 - name: {{ .Values.controller.containerName }}
76 {{- with .Values.controller.image }}
77 image: "{{- if .repository -}}{{ .repository }}{{ else }}{{ .registry }}/{{ include "ingress-nginx.image" . }}{{- end -}}:{{ .tag }}{{ include "ingress-nginx.imageDigest" . }}"
78 {{- end }}
79 imagePullPolicy: {{ .Values.controller.image.pullPolicy }}
80 {{- if .Values.controller.lifecycle }}
81 lifecycle: {{ toYaml .Values.controller.lifecycle | nindent 12 }}
82 {{- end }}
83 args:
84 {{- include "ingress-nginx.params" . | nindent 12 }}
85 securityContext: {{ include "controller.containerSecurityContext" . | nindent 12 }}
86 env:
87 - name: POD_NAME
88 valueFrom:
89 fieldRef:
90 fieldPath: metadata.name
91 - name: POD_NAMESPACE
92 valueFrom:
93 fieldRef:
94 fieldPath: metadata.namespace
95 {{- if .Values.controller.enableMimalloc }}
96 - name: LD_PRELOAD
97 value: /usr/local/lib/libmimalloc.so
98 {{- end }}
99 {{- if .Values.controller.extraEnvs }}
100 {{- toYaml .Values.controller.extraEnvs | nindent 12 }}
101 {{- end }}
102 {{- if .Values.controller.startupProbe }}
103 startupProbe: {{ toYaml .Values.controller.startupProbe | nindent 12 }}
104 {{- end }}
105 {{- if .Values.controller.livenessProbe }}
106 livenessProbe: {{ toYaml .Values.controller.livenessProbe | nindent 12 }}
107 {{- end }}
108 {{- if .Values.controller.readinessProbe }}
109 readinessProbe: {{ toYaml .Values.controller.readinessProbe | nindent 12 }}
110 {{- end }}
111 ports:
112 {{- range $key, $value := .Values.controller.containerPort }}
113 - name: {{ $key }}
114 containerPort: {{ $value }}
115 protocol: TCP
116 {{- if $.Values.controller.hostPort.enabled }}
117 hostPort: {{ index $.Values.controller.hostPort.ports $key | default $value }}
118 {{- end }}
119 {{- end }}
120 {{- if .Values.controller.metrics.enabled }}
121 - name: {{ .Values.controller.metrics.portName }}
122 containerPort: {{ .Values.controller.metrics.port }}
123 protocol: TCP
124 {{- end }}
125 {{- if .Values.controller.admissionWebhooks.enabled }}
126 - name: webhook
127 containerPort: {{ .Values.controller.admissionWebhooks.port }}
128 protocol: TCP
129 {{- end }}
130 {{- range $key, $value := .Values.tcp }}
131 - name: {{ if $.Values.portNamePrefix }}{{ $.Values.portNamePrefix }}-{{ end }}{{ $key }}-tcp
132 containerPort: {{ $key }}
133 protocol: TCP
134 {{- if $.Values.controller.hostPort.enabled }}
135 hostPort: {{ $key }}
136 {{- end }}
137 {{- end }}
138 {{- range $key, $value := .Values.udp }}
139 - name: {{ if $.Values.portNamePrefix }}{{ $.Values.portNamePrefix }}-{{ end }}{{ $key }}-udp
140 containerPort: {{ $key }}
141 protocol: UDP
142 {{- if $.Values.controller.hostPort.enabled }}
143 hostPort: {{ $key }}
144 {{- end }}
145 {{- end }}
146 {{- if (or .Values.controller.customTemplate.configMapName .Values.controller.extraVolumeMounts .Values.controller.admissionWebhooks.enabled .Values.controller.extraModules .Values.controller.opentelemetry.enabled) }}
147 volumeMounts:
148 {{- if (or .Values.controller.extraModules .Values.controller.opentelemetry.enabled) }}
149 - name: modules
150 {{ if .Values.controller.image.chroot }}
151 mountPath: /chroot/modules_mount
152 {{ else }}
153 mountPath: /modules_mount
154 {{ end }}
155 {{- end }}
156 {{- if .Values.controller.customTemplate.configMapName }}
157 - mountPath: /etc/nginx/template
158 name: nginx-template-volume
159 readOnly: true
160 {{- end }}
161 {{- if .Values.controller.admissionWebhooks.enabled }}
162 - name: webhook-cert
163 mountPath: /usr/local/certificates/
164 readOnly: true
165 {{- end }}
166 {{- if .Values.controller.extraVolumeMounts }}
167 {{- toYaml .Values.controller.extraVolumeMounts | nindent 12 }}
168 {{- end }}
169 {{- end }}
170 {{- if .Values.controller.resources }}
171 resources: {{ toYaml .Values.controller.resources | nindent 12 }}
172 {{- end }}
173 {{- if .Values.controller.extraContainers }}
174 {{ toYaml .Values.controller.extraContainers | nindent 8 }}
175 {{- end }}
176 {{- if (or .Values.controller.extraInitContainers .Values.controller.extraModules .Values.controller.opentelemetry.enabled) }}
177 initContainers:
178 {{- if .Values.controller.extraInitContainers }}
179 {{ toYaml .Values.controller.extraInitContainers | nindent 8 }}
180 {{- end }}
181 {{- if .Values.controller.extraModules }}
182 {{- range .Values.controller.extraModules }}
183 {{ $containerSecurityContext := .containerSecurityContext | default $.Values.controller.containerSecurityContext }}
184{{ include "extraModules" (dict "name" .name "image" .image "containerSecurityContext" $containerSecurityContext) | indent 8 }}
185 {{- end }}
186 {{- end }}
187 {{- if .Values.controller.opentelemetry.enabled}}
188 {{ $otelContainerSecurityContext := $.Values.controller.opentelemetry.containerSecurityContext | default $.Values.controller.containerSecurityContext }}
189 {{- include "extraModules" (dict "name" "opentelemetry" "image" .Values.controller.opentelemetry.image "containerSecurityContext" $otelContainerSecurityContext) | nindent 8}}
190 {{- end}}
191 {{- end }}
192 {{- if .Values.controller.hostNetwork }}
193 hostNetwork: {{ .Values.controller.hostNetwork }}
194 {{- end }}
195 {{- if .Values.controller.nodeSelector }}
196 nodeSelector: {{ toYaml .Values.controller.nodeSelector | nindent 8 }}
197 {{- end }}
198 {{- if .Values.controller.tolerations }}
199 tolerations: {{ toYaml .Values.controller.tolerations | nindent 8 }}
200 {{- end }}
201 {{- if .Values.controller.affinity }}
202 affinity: {{ toYaml .Values.controller.affinity | nindent 8 }}
203 {{- end }}
204 {{- if .Values.controller.topologySpreadConstraints }}
205 topologySpreadConstraints: {{ toYaml .Values.controller.topologySpreadConstraints | nindent 8 }}
206 {{- end }}
207 serviceAccountName: {{ template "ingress-nginx.serviceAccountName" . }}
208 terminationGracePeriodSeconds: {{ .Values.controller.terminationGracePeriodSeconds }}
209 {{- if (or .Values.controller.customTemplate.configMapName .Values.controller.extraVolumeMounts .Values.controller.admissionWebhooks.enabled .Values.controller.extraVolumes .Values.controller.extraModules .Values.controller.opentelemetry.enabled) }}
210 volumes:
211 {{- if (or .Values.controller.extraModules .Values.controller.opentelemetry.enabled)}}
212 - name: modules
213 emptyDir: {}
214 {{- end }}
215 {{- if .Values.controller.customTemplate.configMapName }}
216 - name: nginx-template-volume
217 configMap:
218 name: {{ .Values.controller.customTemplate.configMapName }}
219 items:
220 - key: {{ .Values.controller.customTemplate.configMapKey }}
221 path: nginx.tmpl
222 {{- end }}
223 {{- if .Values.controller.admissionWebhooks.enabled }}
224 - name: webhook-cert
225 secret:
226 secretName: {{ include "ingress-nginx.fullname" . }}-admission
227 {{- if .Values.controller.admissionWebhooks.certManager.enabled }}
228 items:
229 - key: tls.crt
230 path: cert
231 - key: tls.key
232 path: key
233 {{- end }}
234 {{- end }}
235 {{- if .Values.controller.extraVolumes }}
236 {{ toYaml .Values.controller.extraVolumes | nindent 8 }}
237 {{- end }}
238 {{- end }}
239{{- end }}