Gitiles
Code Review Sign In
code.v1.dodo.cloud / pcloud / b38f736390742bbdceb10981e9b727faba262e49 / . / charts / ingress-nginx / templates / controller-daemonset.yaml
blob: bce21a7d61bfa3dd0a057161426c8396b5a1d9de [file] [log] [blame]
Giorgi Lekveishvili725bb392023-05-05 18:24:27 +0400[diff] [blame]1{{- if or (eq .Values.controller.kind "DaemonSet") (eq .Values.controller.kind "Both") -}}
2{{- include "isControllerTagValid" . -}}
3apiVersion: apps/v1
4kind: DaemonSet
5metadata:
6 labels:
7 {{- include "ingress-nginx.labels" . | nindent 4 }}
8 app.kubernetes.io/component: controller
9 {{- with .Values.controller.labels }}
10 {{- toYaml . | nindent 4 }}
11 {{- end }}
12 name: {{ include "ingress-nginx.controller.fullname" . }}
13 namespace: {{ .Release.Namespace }}
14 {{- if .Values.controller.annotations }}
15 annotations: {{ toYaml .Values.controller.annotations | nindent 4 }}
16 {{- end }}
17spec:
18 selector:
19 matchLabels:
20 {{- include "ingress-nginx.selectorLabels" . | nindent 6 }}
21 app.kubernetes.io/component: controller
22 revisionHistoryLimit: {{ .Values.revisionHistoryLimit }}
23 {{- if .Values.controller.updateStrategy }}
24 updateStrategy: {{ toYaml .Values.controller.updateStrategy | nindent 4 }}
25 {{- end }}
26 minReadySeconds: {{ .Values.controller.minReadySeconds }}
27 template:
28 metadata:
29 {{- if .Values.controller.podAnnotations }}
30 annotations:
31 {{- range $key, $value := .Values.controller.podAnnotations }}
32 {{ $key }}: {{ $value | quote }}
33 {{- end }}
34 {{- end }}
35 labels:
Giorgi Lekveishvilicccf72f2023-05-19 16:13:22 +0400[diff] [blame]36 {{- include "ingress-nginx.labels" . | nindent 8 }}
Giorgi Lekveishvili725bb392023-05-05 18:24:27 +0400[diff] [blame]37 app.kubernetes.io/component: controller
Giorgi Lekveishvilicccf72f2023-05-19 16:13:22 +0400[diff] [blame]38 {{- with .Values.controller.labels }}
39 {{- toYaml . | nindent 8 }}
40 {{- end }}
Giorgi Lekveishvili725bb392023-05-05 18:24:27 +0400[diff] [blame]41 {{- if .Values.controller.podLabels }}
42 {{- toYaml .Values.controller.podLabels | nindent 8 }}
43 {{- end }}
44 spec:
45 {{- if .Values.controller.dnsConfig }}
46 dnsConfig: {{ toYaml .Values.controller.dnsConfig | nindent 8 }}
47 {{- end }}
48 {{- if .Values.controller.hostname }}
49 hostname: {{ toYaml .Values.controller.hostname | nindent 8 }}
50 {{- end }}
51 dnsPolicy: {{ .Values.controller.dnsPolicy }}
52 {{- if .Values.imagePullSecrets }}
53 imagePullSecrets: {{ toYaml .Values.imagePullSecrets | nindent 8 }}
54 {{- end }}
55 {{- if .Values.controller.priorityClassName }}
56 priorityClassName: {{ .Values.controller.priorityClassName }}
57 {{- end }}
58 {{- if or .Values.controller.podSecurityContext .Values.controller.sysctls }}
59 securityContext:
60 {{- end }}
61 {{- if .Values.controller.podSecurityContext }}
62 {{- toYaml .Values.controller.podSecurityContext | nindent 8 }}
63 {{- end }}
64 {{- if .Values.controller.sysctls }}
65 sysctls:
66 {{- range $sysctl, $value := .Values.controller.sysctls }}
67 - name: {{ $sysctl | quote }}
68 value: {{ $value | quote }}
69 {{- end }}
70 {{- end }}
Giorgi Lekveishvilicccf72f2023-05-19 16:13:22 +0400[diff] [blame]71 {{- if .Values.controller.shareProcessNamespace }}
72 shareProcessNamespace: {{ .Values.controller.shareProcessNamespace }}
73 {{- end }}
Giorgi Lekveishvili725bb392023-05-05 18:24:27 +0400[diff] [blame]74 containers:
75 - name: {{ .Values.controller.containerName }}
76 {{- with .Values.controller.image }}
Giorgi Lekveishvilicccf72f2023-05-19 16:13:22 +0400[diff] [blame]77 image: "{{- if .repository -}}{{ .repository }}{{ else }}{{ .registry }}/{{ include "ingress-nginx.image" . }}{{- end -}}:{{ .tag }}{{ include "ingress-nginx.imageDigest" . }}"
Giorgi Lekveishvili725bb392023-05-05 18:24:27 +0400[diff] [blame]78 {{- end }}
79 imagePullPolicy: {{ .Values.controller.image.pullPolicy }}
80 {{- if .Values.controller.lifecycle }}
81 lifecycle: {{ toYaml .Values.controller.lifecycle | nindent 12 }}
82 {{- end }}
83 args:
Giorgi Lekveishvilicccf72f2023-05-19 16:13:22 +0400[diff] [blame]84 {{- include "ingress-nginx.params" . | nindent 12 }}
85 securityContext: {{ include "controller.containerSecurityContext" . | nindent 12 }}
Giorgi Lekveishvili725bb392023-05-05 18:24:27 +0400[diff] [blame]86 env:
87 - name: POD_NAME
88 valueFrom:
89 fieldRef:
90 fieldPath: metadata.name
91 - name: POD_NAMESPACE
92 valueFrom:
93 fieldRef:
94 fieldPath: metadata.namespace
95 {{- if .Values.controller.enableMimalloc }}
96 - name: LD_PRELOAD
97 value: /usr/local/lib/libmimalloc.so
98 {{- end }}
99 {{- if .Values.controller.extraEnvs }}
100 {{- toYaml .Values.controller.extraEnvs | nindent 12 }}
101 {{- end }}
102 {{- if .Values.controller.startupProbe }}
103 startupProbe: {{ toYaml .Values.controller.startupProbe | nindent 12 }}
104 {{- end }}
Giorgi Lekveishvilicccf72f2023-05-19 16:13:22 +0400[diff] [blame]105 {{- if .Values.controller.livenessProbe }}
Giorgi Lekveishvili725bb392023-05-05 18:24:27 +0400[diff] [blame]106 livenessProbe: {{ toYaml .Values.controller.livenessProbe | nindent 12 }}
Giorgi Lekveishvilicccf72f2023-05-19 16:13:22 +0400[diff] [blame]107 {{- end }}
108 {{- if .Values.controller.readinessProbe }}
Giorgi Lekveishvili725bb392023-05-05 18:24:27 +0400[diff] [blame]109 readinessProbe: {{ toYaml .Values.controller.readinessProbe | nindent 12 }}
Giorgi Lekveishvilicccf72f2023-05-19 16:13:22 +0400[diff] [blame]110 {{- end }}
Giorgi Lekveishvili725bb392023-05-05 18:24:27 +0400[diff] [blame]111 ports:
112 {{- range $key, $value := .Values.controller.containerPort }}
113 - name: {{ $key }}
114 containerPort: {{ $value }}
115 protocol: TCP
116 {{- if $.Values.controller.hostPort.enabled }}
117 hostPort: {{ index $.Values.controller.hostPort.ports $key | default $value }}
118 {{- end }}
119 {{- end }}
120 {{- if .Values.controller.metrics.enabled }}
Giorgi Lekveishvilicccf72f2023-05-19 16:13:22 +0400[diff] [blame]121 - name: {{ .Values.controller.metrics.portName }}
Giorgi Lekveishvili725bb392023-05-05 18:24:27 +0400[diff] [blame]122 containerPort: {{ .Values.controller.metrics.port }}
123 protocol: TCP
124 {{- end }}
125 {{- if .Values.controller.admissionWebhooks.enabled }}
126 - name: webhook
127 containerPort: {{ .Values.controller.admissionWebhooks.port }}
128 protocol: TCP
129 {{- end }}
130 {{- range $key, $value := .Values.tcp }}
Giorgi Lekveishvilicccf72f2023-05-19 16:13:22 +0400[diff] [blame]131 - name: {{ if $.Values.portNamePrefix }}{{ $.Values.portNamePrefix }}-{{ end }}{{ $key }}-tcp
Giorgi Lekveishvili725bb392023-05-05 18:24:27 +0400[diff] [blame]132 containerPort: {{ $key }}
133 protocol: TCP
134 {{- if $.Values.controller.hostPort.enabled }}
135 hostPort: {{ $key }}
136 {{- end }}
137 {{- end }}
138 {{- range $key, $value := .Values.udp }}
Giorgi Lekveishvilicccf72f2023-05-19 16:13:22 +0400[diff] [blame]139 - name: {{ if $.Values.portNamePrefix }}{{ $.Values.portNamePrefix }}-{{ end }}{{ $key }}-udp
Giorgi Lekveishvili725bb392023-05-05 18:24:27 +0400[diff] [blame]140 containerPort: {{ $key }}
141 protocol: UDP
142 {{- if $.Values.controller.hostPort.enabled }}
143 hostPort: {{ $key }}
144 {{- end }}
145 {{- end }}
Giorgi Lekveishvilicccf72f2023-05-19 16:13:22 +0400[diff] [blame]146 {{- if (or .Values.controller.customTemplate.configMapName .Values.controller.extraVolumeMounts .Values.controller.admissionWebhooks.enabled .Values.controller.extraModules) }}
Giorgi Lekveishvili725bb392023-05-05 18:24:27 +0400[diff] [blame]147 volumeMounts:
Giorgi Lekveishvilicccf72f2023-05-19 16:13:22 +0400[diff] [blame]148 {{- if .Values.controller.extraModules }}
149 - name: modules
150 mountPath: /modules_mount
151 {{- end }}
Giorgi Lekveishvili725bb392023-05-05 18:24:27 +0400[diff] [blame]152 {{- if .Values.controller.customTemplate.configMapName }}
153 - mountPath: /etc/nginx/template
154 name: nginx-template-volume
155 readOnly: true
156 {{- end }}
157 {{- if .Values.controller.admissionWebhooks.enabled }}
158 - name: webhook-cert
159 mountPath: /usr/local/certificates/
160 readOnly: true
161 {{- end }}
162 {{- if .Values.controller.extraVolumeMounts }}
163 {{- toYaml .Values.controller.extraVolumeMounts | nindent 12 }}
164 {{- end }}
165 {{- end }}
166 {{- if .Values.controller.resources }}
167 resources: {{ toYaml .Values.controller.resources | nindent 12 }}
168 {{- end }}
169 {{- if .Values.controller.extraContainers }}
170 {{ toYaml .Values.controller.extraContainers | nindent 8 }}
171 {{- end }}
Giorgi Lekveishvilicccf72f2023-05-19 16:13:22 +0400[diff] [blame]172
173
174 {{- if (or .Values.controller.extraInitContainers .Values.controller.extraModules) }}
175 initContainers:
176 {{- if .Values.controller.extraInitContainers }}
177 {{ toYaml .Values.controller.extraInitContainers | nindent 8 }}
178 {{- end }}
179 {{- if .Values.controller.extraModules }}
180 {{- range .Values.controller.extraModules }}
181 {{ $containerSecurityContext := .containerSecurityContext | default $.Values.controller.containerSecurityContext }}
182{{ include "extraModules" (dict "name" .name "image" .image "containerSecurityContext" $containerSecurityContext) | indent 8 }}
183 {{- end }}
184 {{- end }}
185 {{- if .Values.controller.opentelemetry.enabled}}
186 {{ $otelContainerSecurityContext := $.Values.controller.opentelemetry.containerSecurityContext | default $.Values.controller.containerSecurityContext }}
187 {{- include "extraModules" (dict "name" "opentelemetry" "image" .Values.controller.opentelemetry.image "containerSecurityContext" $otelContainerSecurityContext) | nindent 8}}
188 {{- end}}
Giorgi Lekveishvili725bb392023-05-05 18:24:27 +0400[diff] [blame]189 {{- end }}
190 {{- if .Values.controller.hostNetwork }}
191 hostNetwork: {{ .Values.controller.hostNetwork }}
192 {{- end }}
193 {{- if .Values.controller.nodeSelector }}
194 nodeSelector: {{ toYaml .Values.controller.nodeSelector | nindent 8 }}
195 {{- end }}
196 {{- if .Values.controller.tolerations }}
197 tolerations: {{ toYaml .Values.controller.tolerations | nindent 8 }}
198 {{- end }}
199 {{- if .Values.controller.affinity }}
200 affinity: {{ toYaml .Values.controller.affinity | nindent 8 }}
201 {{- end }}
202 {{- if .Values.controller.topologySpreadConstraints }}
203 topologySpreadConstraints: {{ toYaml .Values.controller.topologySpreadConstraints | nindent 8 }}
204 {{- end }}
205 serviceAccountName: {{ template "ingress-nginx.serviceAccountName" . }}
206 terminationGracePeriodSeconds: {{ .Values.controller.terminationGracePeriodSeconds }}
Giorgi Lekveishvilicccf72f2023-05-19 16:13:22 +0400[diff] [blame]207 {{- if (or .Values.controller.customTemplate.configMapName .Values.controller.extraVolumeMounts .Values.controller.admissionWebhooks.enabled .Values.controller.extraVolumes .Values.controller.extraModules .Values.controller.opentelemetry.enabled) }}
Giorgi Lekveishvili725bb392023-05-05 18:24:27 +0400[diff] [blame]208 volumes:
Giorgi Lekveishvilicccf72f2023-05-19 16:13:22 +0400[diff] [blame]209 {{- if (or .Values.controller.extraModules .Values.controller.opentelemetry.enabled)}}
210 - name: modules
211 emptyDir: {}
212 {{- end }}
Giorgi Lekveishvili725bb392023-05-05 18:24:27 +0400[diff] [blame]213 {{- if .Values.controller.customTemplate.configMapName }}
214 - name: nginx-template-volume
215 configMap:
216 name: {{ .Values.controller.customTemplate.configMapName }}
217 items:
218 - key: {{ .Values.controller.customTemplate.configMapKey }}
219 path: nginx.tmpl
220 {{- end }}
221 {{- if .Values.controller.admissionWebhooks.enabled }}
222 - name: webhook-cert
223 secret:
224 secretName: {{ include "ingress-nginx.fullname" . }}-admission
Giorgi Lekveishvilicccf72f2023-05-19 16:13:22 +0400[diff] [blame]225 {{- if .Values.controller.admissionWebhooks.certManager.enabled }}
226 items:
227 - key: tls.crt
228 path: cert
229 - key: tls.key
230 path: key
231 {{- end }}
Giorgi Lekveishvili725bb392023-05-05 18:24:27 +0400[diff] [blame]232 {{- end }}
233 {{- if .Values.controller.extraVolumes }}
234 {{ toYaml .Values.controller.extraVolumes | nindent 8 }}
235 {{- end }}
236 {{- end }}
237{{- end }}