github.com/replicatedcom/ship@v0.50.0/integration/init/istio-1.0.3/expected/.ship/upstream/charts/mixer/templates/deployment.yaml

github.com/replicatedcom/ship@v0.50.0/integration/init/istio-1.0.3/expected/.ship/upstream/charts/mixer/templates/deployment.yaml (about)

     1  {{- define "policy_container" }}
     2      spec:
     3        serviceAccountName: istio-mixer-service-account
     4  {{- if $.Values.global.priorityClassName }}
     5        priorityClassName: "{{ $.Values.global.priorityClassName }}"
     6  {{- end }}
     7        volumes:
     8        - name: istio-certs
     9          secret:
    10            secretName: istio.istio-mixer-service-account
    11            optional: true
    12        - name: uds-socket
    13          emptyDir: {}
    14        affinity:
    15        {{- include "nodeaffinity" . | indent 6 }}
    16        containers:
    17        - name: mixer
    18  {{- if contains "/" .Values.image }}
    19          image: "{{ .Values.image }}"
    20  {{- else }}
    21          image: "{{ $.Values.global.hub }}/{{ $.Values.image }}:{{ $.Values.global.tag }}"
    22  {{- end }}
    23          imagePullPolicy: {{ $.Values.global.imagePullPolicy }}
    24          ports:
    25          - containerPort: 9093
    26          - containerPort: 42422
    27          args:
    28            - --address
    29            - unix:///sock/mixer.socket
    30            - --configStoreURL=k8s://
    31            - --configDefaultNamespace={{ $.Release.Namespace }}
    32            - --trace_zipkin_url=http://zipkin:9411/api/v1/spans
    33          {{- if .Values.env }}
    34          env:
    35          {{- range $key, $val := .Values.env }}
    36          - name: {{ $key }}
    37            value: "{{ $val }}"
    38          {{- end }}
    39          {{- end }}
    40          resources:
    41  {{- if .Values.resources }}
    42  {{ toYaml .Values.resources | indent 10 }}
    43  {{- else }}
    44  {{ toYaml .Values.global.defaultResources | indent 10 }}
    45  {{- end }}
    46          volumeMounts:
    47          - name: uds-socket
    48            mountPath: /sock
    49          livenessProbe:
    50            httpGet:
    51              path: /version
    52              port: 9093
    53            initialDelaySeconds: 5
    54            periodSeconds: 5
    55        - name: istio-proxy
    56          image: "{{ $.Values.global.hub }}/proxyv2:{{ $.Values.global.tag }}"
    57          imagePullPolicy: {{ $.Values.global.imagePullPolicy }}
    58          ports:
    59          - containerPort: 9091
    60          - containerPort: 15004
    61  {{ if ne .Values.global.proxy.stats.prometheusPort 0. }}
    62          ports:
    63          - containerPort: {{ .Values.global.proxy.stats.prometheusPort }}
    64            protocol: TCP
    65            name: http-envoy-prom
    66  {{ end }}
    67          args:
    68          - proxy
    69          - --serviceCluster
    70          - istio-policy
    71          - --templateFile
    72          - /etc/istio/proxy/envoy_policy.yaml.tmpl
    73        {{- if $.Values.global.controlPlaneSecurityEnabled }}
    74          - --controlPlaneAuthPolicy
    75          - MUTUAL_TLS
    76        {{- else }}
    77          - --controlPlaneAuthPolicy
    78          - NONE
    79        {{- end }}
    80          env:
    81          - name: POD_NAME
    82            valueFrom:
    83              fieldRef:
    84                apiVersion: v1
    85                fieldPath: metadata.name
    86          - name: POD_NAMESPACE
    87            valueFrom:
    88              fieldRef:
    89                apiVersion: v1
    90                fieldPath: metadata.namespace
    91          - name: INSTANCE_IP
    92            valueFrom:
    93              fieldRef:
    94                apiVersion: v1
    95                fieldPath: status.podIP
    96          resources:
    97  {{- if $.Values.global.proxy.resources }}
    98  {{ toYaml $.Values.global.proxy.resources | indent 10 }}
    99  {{- else }}
   100  {{ toYaml .Values.global.defaultResources | indent 10 }}
   101  {{- end }}
   102          volumeMounts:
   103          - name: istio-certs
   104            mountPath: /etc/certs
   105            readOnly: true
   106          - name: uds-socket
   107            mountPath: /sock
   108  {{- end }}
   109  
   110  {{- define "telemetry_container" }}
   111      spec:
   112        serviceAccountName: istio-mixer-service-account
   113        volumes:
   114        - name: istio-certs
   115          secret:
   116            secretName: istio.istio-mixer-service-account
   117            optional: true
   118        - name: uds-socket
   119          emptyDir: {}
   120      {{- if $.Values.nodeSelector }}
   121        nodeSelector:
   122  {{ toYaml $.Values.nodeSelector | indent 8 }}
   123      {{- end }}
   124        containers:
   125        - name: mixer
   126  {{- if contains "/" .Values.image }}
   127          image: "{{ .Values.image }}"
   128  {{- else }}
   129          image: "{{ $.Values.global.hub }}/{{ $.Values.image }}:{{ $.Values.global.tag }}"
   130  {{- end }}
   131          imagePullPolicy: {{ $.Values.global.imagePullPolicy }}
   132          ports:
   133          - containerPort: 9093
   134          - containerPort: 42422
   135          args:
   136            - --address
   137            - unix:///sock/mixer.socket
   138            - --configStoreURL=k8s://
   139            - --configDefaultNamespace={{ $.Release.Namespace }}
   140            - --trace_zipkin_url=http://zipkin:9411/api/v1/spans
   141          {{- if .Values.env }}
   142          env:
   143          {{- range $key, $val := .Values.env }}
   144          - name: {{ $key }}
   145            value: "{{ $val }}"
   146          {{- end }}
   147          {{- end }}
   148          resources:
   149  {{- if .Values.resources }}
   150  {{ toYaml .Values.resources | indent 10 }}
   151  {{- else }}
   152  {{ toYaml .Values.global.defaultResources | indent 10 }}
   153  {{- end }}
   154          volumeMounts:
   155          - name: uds-socket
   156            mountPath: /sock
   157          livenessProbe:
   158            httpGet:
   159              path: /version
   160              port: 9093
   161            initialDelaySeconds: 5
   162            periodSeconds: 5
   163        - name: istio-proxy
   164          image: "{{ $.Values.global.hub }}/proxyv2:{{ $.Values.global.tag }}"
   165          imagePullPolicy: {{ $.Values.global.imagePullPolicy }}
   166          ports:
   167          - containerPort: 9091
   168          - containerPort: 15004
   169  {{ if ne .Values.global.proxy.stats.prometheusPort 0. }}
   170          ports:
   171          - containerPort: {{ .Values.global.proxy.stats.prometheusPort }}
   172            protocol: TCP
   173            name: http-envoy-prom
   174  {{ end }}
   175          args:
   176          - proxy
   177          - --serviceCluster
   178          - istio-telemetry
   179          - --templateFile
   180          - /etc/istio/proxy/envoy_telemetry.yaml.tmpl
   181        {{- if $.Values.global.controlPlaneSecurityEnabled }}
   182          - --controlPlaneAuthPolicy
   183          - MUTUAL_TLS
   184        {{- else }}
   185          - --controlPlaneAuthPolicy
   186          - NONE
   187        {{- end }}
   188          env:
   189          - name: POD_NAME
   190            valueFrom:
   191              fieldRef:
   192                apiVersion: v1
   193                fieldPath: metadata.name
   194          - name: POD_NAMESPACE
   195            valueFrom:
   196              fieldRef:
   197                apiVersion: v1
   198                fieldPath: metadata.namespace
   199          - name: INSTANCE_IP
   200            valueFrom:
   201              fieldRef:
   202                apiVersion: v1
   203                fieldPath: status.podIP
   204          resources:
   205  {{- if $.Values.global.proxy.resources }}
   206  {{ toYaml $.Values.global.proxy.resources | indent 10 }}
   207  {{- else }}
   208  {{ toYaml .Values.global.defaultResources | indent 10 }}
   209  {{- end }}
   210          volumeMounts:
   211          - name: istio-certs
   212            mountPath: /etc/certs
   213            readOnly: true
   214          - name: uds-socket
   215            mountPath: /sock
   216  {{- end }}
   217  
   218  
   219  {{- $mixers := list "policy" "telemetry" }}
   220  {{- range $idx, $mname := $mixers }}
   221  apiVersion: extensions/v1beta1
   222  kind: Deployment
   223  metadata:
   224    name: istio-{{ $mname }}
   225    namespace: {{ $.Release.Namespace }}
   226    labels:
   227      chart: {{ $.Chart.Name }}-{{ $.Chart.Version | replace "+" "_" }}
   228      release: {{ $.Release.Name }}
   229      istio: mixer
   230  spec:
   231    replicas: {{ $.Values.replicaCount }}
   232    template:
   233      metadata:
   234        labels:
   235          app: {{ $mname }}
   236          istio: mixer
   237          istio-mixer-type: {{ $mname }}
   238        annotations:
   239          sidecar.istio.io/inject: "false"
   240          scheduler.alpha.kubernetes.io/critical-pod: ""
   241  {{- if eq $mname "policy"}}
   242  {{- template "policy_container" $ }}
   243  {{- else }}
   244  {{- template "telemetry_container" $ }}
   245  {{- end }}
   246  
   247  ---
   248  {{- end }} {{/* range */}}