220 lines
8.4 KiB
YAML
220 lines
8.4 KiB
YAML
{{- if .Values.enableSqsTerminationDraining }}
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: {{ include "aws-node-termination-handler.fullname" . }}
|
|
namespace: {{ .Release.Namespace }}
|
|
labels:
|
|
{{- include "aws-node-termination-handler.labelsDeployment" . | nindent 4 }}
|
|
spec:
|
|
replicas: {{ .Values.replicas }}
|
|
{{- with .Values.strategy }}
|
|
strategy:
|
|
{{- toYaml . | nindent 4 }}
|
|
{{- end }}
|
|
selector:
|
|
matchLabels:
|
|
{{- include "aws-node-termination-handler.selectorLabelsDeployment" . | nindent 6 }}
|
|
template:
|
|
metadata:
|
|
labels:
|
|
{{- include "aws-node-termination-handler.selectorLabelsDeployment" . | nindent 8 }}
|
|
k8s-app: aws-node-termination-handler
|
|
{{- with .Values.podLabels }}
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
{{- with .Values.podAnnotations }}
|
|
annotations:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
spec:
|
|
{{- with .Values.image.pullSecrets }}
|
|
imagePullSecrets:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
serviceAccountName: {{ include "aws-node-termination-handler.serviceAccountName" . }}
|
|
{{- with .Values.podSecurityContext }}
|
|
securityContext:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
{{- with .Values.priorityClassName }}
|
|
priorityClassName: {{ . }}
|
|
{{- end }}
|
|
{{- with .Values.terminationGracePeriodSeconds }}
|
|
terminationGracePeriodSeconds: {{ . }}
|
|
{{- end }}
|
|
{{- with .Values.dnsConfig }}
|
|
dnsConfig:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
containers:
|
|
- name: aws-node-termination-handler
|
|
{{- with .Values.securityContext }}
|
|
securityContext:
|
|
{{- toYaml . | nindent 12 }}
|
|
{{- end }}
|
|
image: {{ include "aws-node-termination-handler.image" . }}
|
|
imagePullPolicy: {{ .Values.image.pullPolicy }}
|
|
env:
|
|
- name: NODE_NAME
|
|
valueFrom:
|
|
fieldRef:
|
|
fieldPath: spec.nodeName
|
|
- name: POD_NAME
|
|
valueFrom:
|
|
fieldRef:
|
|
fieldPath: metadata.name
|
|
- name: NAMESPACE
|
|
valueFrom:
|
|
fieldRef:
|
|
fieldPath: metadata.namespace
|
|
- name: ENABLE_PROBES_SERVER
|
|
value: "true"
|
|
- name: PROBES_SERVER_PORT
|
|
value: {{ .Values.probes.httpGet.port | quote }}
|
|
- name: PROBES_SERVER_ENDPOINT
|
|
value: {{ .Values.probes.httpGet.path | quote }}
|
|
- name: LOG_LEVEL
|
|
value: {{ .Values.logLevel | quote }}
|
|
- name: JSON_LOGGING
|
|
value: {{ .Values.jsonLogging | quote }}
|
|
- name: ENABLE_PROMETHEUS_SERVER
|
|
value: {{ .Values.enablePrometheusServer | quote }}
|
|
- name: PROMETHEUS_SERVER_PORT
|
|
value: {{ .Values.prometheusServerPort | quote }}
|
|
- name: CHECK_ASG_TAG_BEFORE_DRAINING
|
|
value: {{ .Values.checkASGTagBeforeDraining | quote }}
|
|
- name: MANAGED_ASG_TAG
|
|
value: {{ .Values.managedAsgTag | quote }}
|
|
- name: USE_PROVIDER_ID
|
|
value: {{ .Values.useProviderId | quote }}
|
|
- name: DRY_RUN
|
|
value: {{ .Values.dryRun | quote }}
|
|
- name: CORDON_ONLY
|
|
value: {{ .Values.cordonOnly | quote }}
|
|
- name: TAINT_NODE
|
|
value: {{ .Values.taintNode | quote }}
|
|
- name: EXCLUDE_FROM_LOAD_BALANCERS
|
|
value: {{ .Values.excludeFromLoadBalancers | quote }}
|
|
- name: DELETE_LOCAL_DATA
|
|
value: {{ .Values.deleteLocalData | quote }}
|
|
- name: IGNORE_DAEMON_SETS
|
|
value: {{ .Values.ignoreDaemonSets | quote }}
|
|
- name: POD_TERMINATION_GRACE_PERIOD
|
|
value: {{ .Values.podTerminationGracePeriod | quote }}
|
|
- name: NODE_TERMINATION_GRACE_PERIOD
|
|
value: {{ .Values.nodeTerminationGracePeriod | quote }}
|
|
- name: EMIT_KUBERNETES_EVENTS
|
|
value: {{ .Values.emitKubernetesEvents | quote }}
|
|
{{- with .Values.kubernetesEventsExtraAnnotations }}
|
|
- name: KUBERNETES_EVENTS_EXTRA_ANNOTATIONS
|
|
value: {{ . | quote }}
|
|
{{- end }}
|
|
{{- if or .Values.webhookURL .Values.webhookURLSecretName }}
|
|
- name: WEBHOOK_URL
|
|
{{- if .Values.webhookURLSecretName }}
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: {{ .Values.webhookURLSecretName }}
|
|
key: webhookurl
|
|
{{- else }}
|
|
value: {{ .Values.webhookURL | quote }}
|
|
{{- end }}
|
|
{{- end }}
|
|
{{- with .Values.webhookHeaders }}
|
|
- name: WEBHOOK_HEADERS
|
|
value: {{ . | quote }}
|
|
{{- end }}
|
|
{{- with .Values.webhookProxy }}
|
|
- name: WEBHOOK_PROXY
|
|
value: {{ . | quote }}
|
|
{{- end }}
|
|
{{- if and .Values.webhookTemplateConfigMapName .Values.webhookTemplateConfigMapKey }}
|
|
- name: WEBHOOK_TEMPLATE_FILE
|
|
value: {{ print "/config/" .Values.webhookTemplateConfigMapKey | quote }}
|
|
{{- else if .Values.webhookTemplate }}
|
|
- name: WEBHOOK_TEMPLATE
|
|
value: {{ .Values.webhookTemplate | quote }}
|
|
{{- end }}
|
|
- name: ENABLE_SPOT_INTERRUPTION_DRAINING
|
|
value: {{ .Values.enableSpotInterruptionDraining | quote }}
|
|
- name: ENABLE_SCHEDULED_EVENT_DRAINING
|
|
value: {{ .Values.enableScheduledEventDraining | quote }}
|
|
- name: ENABLE_REBALANCE_MONITORING
|
|
value: {{ .Values.enableRebalanceMonitoring | quote }}
|
|
- name: ENABLE_REBALANCE_DRAINING
|
|
value: {{ .Values.enableRebalanceDraining | quote }}
|
|
- name: ENABLE_SQS_TERMINATION_DRAINING
|
|
value: "true"
|
|
{{- with .Values.awsRegion }}
|
|
- name: AWS_REGION
|
|
value: {{ . | quote }}
|
|
{{- end }}
|
|
{{- with .Values.awsEndpoint }}
|
|
- name: AWS_ENDPOINT
|
|
value: {{ . | quote }}
|
|
{{- end }}
|
|
{{- if and .Values.awsAccessKeyID .Values.awsSecretAccessKey }}
|
|
- name: AWS_ACCESS_KEY_ID
|
|
value: {{ .Values.awsAccessKeyID | quote }}
|
|
- name: AWS_SECRET_ACCESS_KEY
|
|
value: {{ .Values.awsSecretAccessKey | quote }}
|
|
{{- end }}
|
|
- name: QUEUE_URL
|
|
value: {{ .Values.queueURL | quote }}
|
|
- name: WORKERS
|
|
value: {{ .Values.workers | quote }}
|
|
{{- with .Values.extraEnv }}
|
|
{{- toYaml . | nindent 12 }}
|
|
{{- end }}
|
|
ports:
|
|
- name: liveness-probe
|
|
protocol: TCP
|
|
containerPort: {{ .Values.probes.httpGet.port }}
|
|
{{- if .Values.enablePrometheusServer }}
|
|
- name: http-metrics
|
|
protocol: TCP
|
|
containerPort: {{ .Values.prometheusServerPort }}
|
|
{{- end }}
|
|
livenessProbe:
|
|
{{- toYaml .Values.probes | nindent 12 }}
|
|
{{- with .Values.resources }}
|
|
resources:
|
|
{{- toYaml . | nindent 12 }}
|
|
{{- end }}
|
|
volumeMounts:
|
|
- name: aws-token
|
|
mountPath: "/var/run/secrets/sts.amazonaws.com/serviceaccount/"
|
|
readOnly: true
|
|
{{- if and .Values.webhookTemplateConfigMapName .Values.webhookTemplateConfigMapKey }}
|
|
- name: webhook-template
|
|
mountPath: /config/
|
|
{{- end }}
|
|
volumes:
|
|
- name: aws-token
|
|
projected:
|
|
sources:
|
|
- serviceAccountToken:
|
|
path: token
|
|
expirationSeconds: 86400
|
|
audience: "sts.amazonaws.com"
|
|
{{- if and .Values.webhookTemplateConfigMapName .Values.webhookTemplateConfigMapKey }}
|
|
- name: webhook-template
|
|
configMap:
|
|
name: {{ .Values.webhookTemplateConfigMapName }}
|
|
{{- end }}
|
|
nodeSelector:
|
|
kubernetes.io/os: linux
|
|
{{- with .Values.nodeSelector }}
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
{{- with .Values.affinity }}
|
|
affinity:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
{{- with .Values.tolerations }}
|
|
tolerations:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
{{- end }}
|