mirror of
https://github.com/kyverno/kyverno.git
synced 2025-04-13 15:57:31 +00:00
e4fb379c54
* ensure admission controller is always running with 1+ replicas Signed-off-by: Ashwin901 <ashwinprasanna9@gmail.com> * ensure all deployments are running with 1+ replicas Signed-off-by: Ashwin901 <ashwinprasanna9@gmail.com> * call helper function from deployment template Signed-off-by: Ashwin901 <ashwinprasanna9@gmail.com> * Update the function used to check the number of replicas Signed-off-by: Ashwin901 <ashwinprasanna9@gmail.com> * add an entry in changelog Signed-off-by: Ashwin901 <ashwinprasanna9@gmail.com> --------- Signed-off-by: Ashwin901 <ashwinprasanna9@gmail.com> Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
124 lines
4.8 KiB
YAML
124 lines
4.8 KiB
YAML
{{- if .Values.backgroundController.enabled -}}
|
|
{{- if not .Values.templating.debug -}}
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: {{ template "kyverno.background-controller.name" . }}
|
|
labels:
|
|
{{- include "kyverno.background-controller.labels" . | nindent 4 }}
|
|
namespace: {{ template "kyverno.namespace" . }}
|
|
spec:
|
|
replicas: {{ template "kyverno.deployment.replicas" .Values.backgroundController.replicas }}
|
|
{{- with .Values.backgroundController.updateStrategy }}
|
|
strategy:
|
|
{{- toYaml . | nindent 4 }}
|
|
{{- end }}
|
|
selector:
|
|
matchLabels:
|
|
{{- include "kyverno.background-controller.matchLabels" . | nindent 6 }}
|
|
template:
|
|
metadata:
|
|
labels:
|
|
{{- include "kyverno.background-controller.labels" . | nindent 8 }}
|
|
spec:
|
|
{{- with .Values.backgroundController.image.pullSecrets }}
|
|
imagePullSecrets:
|
|
{{- tpl (toYaml .) $ | nindent 8 }}
|
|
{{- end }}
|
|
{{- with .Values.backgroundController.podSecurityContext }}
|
|
securityContext:
|
|
{{- tpl (toYaml .) $ | nindent 8 }}
|
|
{{- end }}
|
|
{{- with .Values.backgroundController.nodeSelector }}
|
|
nodeSelector:
|
|
{{- tpl (toYaml .) $ | nindent 8 }}
|
|
{{- end }}
|
|
{{- with .Values.backgroundController.tolerations }}
|
|
tolerations:
|
|
{{- tpl (toYaml .) $ | nindent 8 }}
|
|
{{- end }}
|
|
{{- with .Values.backgroundController.topologySpreadConstraints }}
|
|
topologySpreadConstraints:
|
|
{{- tpl (toYaml .) $ | nindent 8 }}
|
|
{{- end }}
|
|
{{- with .Values.backgroundController.priorityClassName }}
|
|
priorityClassName: {{ . | quote }}
|
|
{{- end }}
|
|
{{- with .Values.backgroundController.hostNetwork }}
|
|
hostNetwork: {{ . }}
|
|
{{- end }}
|
|
{{- with .Values.backgroundController.dnsPolicy }}
|
|
dnsPolicy: {{ . }}
|
|
{{- end }}
|
|
{{- if or .Values.backgroundController.antiAffinity.enabled .Values.backgroundController.podAffinity .Values.backgroundController.nodeAffinity }}
|
|
affinity:
|
|
{{- if .Values.backgroundController.antiAffinity.enabled }}
|
|
{{- with .Values.backgroundController.podAntiAffinity }}
|
|
podAntiAffinity:
|
|
{{- tpl (toYaml .) $ | nindent 10 }}
|
|
{{- end }}
|
|
{{- end }}
|
|
{{- with .Values.backgroundController.podAffinity }}
|
|
podAffinity:
|
|
{{- tpl (toYaml .) $ | nindent 10 }}
|
|
{{- end }}
|
|
{{- with .Values.backgroundController.nodeAffinity }}
|
|
nodeAffinity:
|
|
{{- tpl (toYaml .) $ | nindent 10 }}
|
|
{{- end }}
|
|
{{- end }}
|
|
serviceAccountName: {{ template "kyverno.background-controller.serviceAccountName" . }}
|
|
containers:
|
|
- name: controller
|
|
image: {{ include "kyverno.background-controller.image" (dict "image" .Values.backgroundController.image "defaultTag" .Chart.AppVersion) | quote }}
|
|
ports:
|
|
- containerPort: 9443
|
|
name: https
|
|
protocol: TCP
|
|
- containerPort: 8000
|
|
name: metrics
|
|
protocol: TCP
|
|
args:
|
|
- --loggingFormat={{ .Values.backgroundController.logging.format }}
|
|
{{- if .Values.backgroundController.tracing.enabled }}
|
|
- --enableTracing
|
|
- --tracingAddress={{ .Values.backgroundController.tracing.address }}
|
|
- --tracingPort={{ .Values.backgroundController.tracing.port }}
|
|
{{- with .Values.backgroundController.tracing.creds }}
|
|
- --tracingCreds={{ . }}
|
|
{{- end }}
|
|
{{- end }}
|
|
- --disableMetrics={{ .Values.backgroundController.metering.disabled }}
|
|
{{- if not .Values.backgroundController.metering.disabled }}
|
|
- --otelConfig={{ .Values.backgroundController.metering.config }}
|
|
- --metricsPort={{ .Values.backgroundController.metering.port }}
|
|
{{- with .Values.backgroundController.metering.collector }}
|
|
- --otelCollector={{ . }}
|
|
{{- end }}
|
|
{{- with .Values.backgroundController.metering.creds }}
|
|
- --transportCreds={{ . }}
|
|
{{- end }}
|
|
{{- end }}
|
|
{{- range .Values.backgroundController.extraArgs }}
|
|
- {{ . }}
|
|
{{- end }}
|
|
env:
|
|
- name: METRICS_CONFIG
|
|
value: {{ template "kyverno.config.metricsConfigMapName" . }}
|
|
- name: KYVERNO_POD_NAME
|
|
valueFrom:
|
|
fieldRef:
|
|
fieldPath: metadata.name
|
|
- name: KYVERNO_NAMESPACE
|
|
valueFrom:
|
|
fieldRef:
|
|
fieldPath: metadata.namespace
|
|
{{- with .Values.backgroundController.resources }}
|
|
resources: {{ tpl (toYaml .) $ | nindent 12 }}
|
|
{{- end }}
|
|
{{- with .Values.backgroundController.securityContext }}
|
|
securityContext:
|
|
{{- toYaml . | nindent 12 }}
|
|
{{- end }}
|
|
{{- end -}}
|
|
{{- end -}}
|