kubezero/charts/kubezero-addons/charts/aws-node-termination-handler/templates/deployment.yaml

230 lines
8.9 KiB
YAML

{{- if .Values.enableSqsTerminationDraining }}
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "aws-node-termination-handler.fullname" . }}
namespace: {{ .Release.Namespace }}
labels:
{{- include "aws-node-termination-handler.labelsDeployment" . | nindent 4 }}
spec:
replicas: {{ .Values.replicas }}
{{- with .Values.strategy }}
strategy:
{{- toYaml . | nindent 4 }}
{{- end }}
selector:
matchLabels:
{{- include "aws-node-termination-handler.selectorLabelsDeployment" . | nindent 6 }}
template:
metadata:
labels:
{{- include "aws-node-termination-handler.selectorLabelsDeployment" . | nindent 8 }}
k8s-app: aws-node-termination-handler
{{- with .Values.podLabels }}
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.podAnnotations }}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}
spec:
{{- with .Values.image.pullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ include "aws-node-termination-handler.serviceAccountName" . }}
{{- with .Values.podSecurityContext }}
securityContext:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.priorityClassName }}
priorityClassName: {{ . }}
{{- end }}
{{- with .Values.terminationGracePeriodSeconds }}
terminationGracePeriodSeconds: {{ . }}
{{- end }}
{{- with .Values.dnsConfig }}
dnsConfig:
{{- toYaml . | nindent 8 }}
{{- end }}
containers:
- name: aws-node-termination-handler
{{- with .Values.securityContext }}
securityContext:
{{- toYaml . | nindent 12 }}
{{- end }}
image: {{ include "aws-node-termination-handler.image" . }}
imagePullPolicy: {{ .Values.image.pullPolicy }}
env:
- name: NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: ENABLE_PROBES_SERVER
value: "true"
- name: PROBES_SERVER_PORT
value: {{ .Values.probes.httpGet.port | quote }}
- name: PROBES_SERVER_ENDPOINT
value: {{ .Values.probes.httpGet.path | quote }}
- name: LOG_LEVEL
value: {{ .Values.logLevel | quote }}
- name: JSON_LOGGING
value: {{ .Values.jsonLogging | quote }}
- name: LOG_FORMAT_VERSION
value: {{ .Values.logFormatVersion | quote }}
- name: ENABLE_PROMETHEUS_SERVER
value: {{ .Values.enablePrometheusServer | quote }}
- name: PROMETHEUS_SERVER_PORT
value: {{ .Values.prometheusServerPort | quote }}
# [DEPRECATED] Use CHECK_TAG_BEFORE_DRAINING instead
- name: CHECK_ASG_TAG_BEFORE_DRAINING
value: {{ .Values.checkASGTagBeforeDraining | quote }}
- name: CHECK_TAG_BEFORE_DRAINING
value: {{ .Values.checkTagBeforeDraining | quote }}
# [DEPRECATED] Use MANAGED_TAG instead
- name: MANAGED_ASG_TAG
value: {{ .Values.managedAsgTag | quote }}
- name: MANAGED_TAG
value: {{ .Values.managedTag | quote }}
- name: USE_PROVIDER_ID
value: {{ .Values.useProviderId | quote }}
- name: DRY_RUN
value: {{ .Values.dryRun | quote }}
- name: CORDON_ONLY
value: {{ .Values.cordonOnly | quote }}
- name: TAINT_NODE
value: {{ .Values.taintNode | quote }}
- name: EXCLUDE_FROM_LOAD_BALANCERS
value: {{ .Values.excludeFromLoadBalancers | quote }}
- name: DELETE_LOCAL_DATA
value: {{ .Values.deleteLocalData | quote }}
- name: IGNORE_DAEMON_SETS
value: {{ .Values.ignoreDaemonSets | quote }}
- name: POD_TERMINATION_GRACE_PERIOD
value: {{ .Values.podTerminationGracePeriod | quote }}
- name: NODE_TERMINATION_GRACE_PERIOD
value: {{ .Values.nodeTerminationGracePeriod | quote }}
- name: EMIT_KUBERNETES_EVENTS
value: {{ .Values.emitKubernetesEvents | quote }}
- name: COMPLETE_LIFECYCLE_ACTION_DELAY_SECONDS
value: {{ .Values.completeLifecycleActionDelaySeconds | quote }}
{{- with .Values.kubernetesEventsExtraAnnotations }}
- name: KUBERNETES_EVENTS_EXTRA_ANNOTATIONS
value: {{ . | quote }}
{{- end }}
{{- if or .Values.webhookURL .Values.webhookURLSecretName }}
- name: WEBHOOK_URL
{{- if .Values.webhookURLSecretName }}
valueFrom:
secretKeyRef:
name: {{ .Values.webhookURLSecretName }}
key: webhookurl
{{- else }}
value: {{ .Values.webhookURL | quote }}
{{- end }}
{{- end }}
{{- with .Values.webhookHeaders }}
- name: WEBHOOK_HEADERS
value: {{ . | quote }}
{{- end }}
{{- with .Values.webhookProxy }}
- name: WEBHOOK_PROXY
value: {{ . | quote }}
{{- end }}
{{- if and .Values.webhookTemplateConfigMapName .Values.webhookTemplateConfigMapKey }}
- name: WEBHOOK_TEMPLATE_FILE
value: {{ print "/config/" .Values.webhookTemplateConfigMapKey | quote }}
{{- else if .Values.webhookTemplate }}
- name: WEBHOOK_TEMPLATE
value: {{ .Values.webhookTemplate | quote }}
{{- end }}
- name: ENABLE_SPOT_INTERRUPTION_DRAINING
value: {{ .Values.enableSpotInterruptionDraining | quote }}
- name: ENABLE_SCHEDULED_EVENT_DRAINING
value: {{ .Values.enableScheduledEventDraining | quote }}
- name: ENABLE_REBALANCE_MONITORING
value: {{ .Values.enableRebalanceMonitoring | quote }}
- name: ENABLE_REBALANCE_DRAINING
value: {{ .Values.enableRebalanceDraining | quote }}
- name: ENABLE_SQS_TERMINATION_DRAINING
value: "true"
{{- with .Values.awsRegion }}
- name: AWS_REGION
value: {{ . | quote }}
{{- end }}
{{- with .Values.awsEndpoint }}
- name: AWS_ENDPOINT
value: {{ . | quote }}
{{- end }}
{{- if and .Values.awsAccessKeyID .Values.awsSecretAccessKey }}
- name: AWS_ACCESS_KEY_ID
value: {{ .Values.awsAccessKeyID | quote }}
- name: AWS_SECRET_ACCESS_KEY
value: {{ .Values.awsSecretAccessKey | quote }}
{{- end }}
- name: QUEUE_URL
value: {{ .Values.queueURL | quote }}
- name: WORKERS
value: {{ .Values.workers | quote }}
{{- with .Values.extraEnv }}
{{- toYaml . | nindent 12 }}
{{- end }}
ports:
- name: liveness-probe
protocol: TCP
containerPort: {{ .Values.probes.httpGet.port }}
{{- if .Values.enablePrometheusServer }}
- name: http-metrics
protocol: TCP
containerPort: {{ .Values.prometheusServerPort }}
{{- end }}
livenessProbe:
{{- toYaml .Values.probes | nindent 12 }}
{{- with .Values.resources }}
resources:
{{- toYaml . | nindent 12 }}
{{- end }}
volumeMounts:
- name: aws-token
mountPath: "/var/run/secrets/sts.amazonaws.com/serviceaccount/"
readOnly: true
{{- if and .Values.webhookTemplateConfigMapName .Values.webhookTemplateConfigMapKey }}
- name: webhook-template
mountPath: /config/
{{- end }}
volumes:
- name: aws-token
projected:
sources:
- serviceAccountToken:
path: token
expirationSeconds: 86400
audience: "sts.amazonaws.com"
{{- if and .Values.webhookTemplateConfigMapName .Values.webhookTemplateConfigMapKey }}
- name: webhook-template
configMap:
name: {{ .Values.webhookTemplateConfigMapName }}
{{- end }}
nodeSelector:
kubernetes.io/os: linux
{{- with .Values.nodeSelector }}
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- end }}