github.com/verrazzano/verrazzano@v1.7.0/platform-operator/thirdparty/charts/prometheus-community/kube-state-metrics/templates/deployment.yaml (about) 1 apiVersion: apps/v1 2 {{- if .Values.autosharding.enabled }} 3 kind: StatefulSet 4 {{- else }} 5 kind: Deployment 6 {{- end }} 7 metadata: 8 name: {{ template "kube-state-metrics.fullname" . }} 9 namespace: {{ template "kube-state-metrics.namespace" . }} 10 labels: 11 {{- include "kube-state-metrics.labels" . | indent 4 }} 12 {{- if .Values.annotations }} 13 annotations: 14 {{ toYaml .Values.annotations | indent 4 }} 15 {{- end }} 16 spec: 17 selector: 18 matchLabels: 19 {{- include "kube-state-metrics.selectorLabels" . | indent 6 }} 20 replicas: {{ .Values.replicas }} 21 {{- if not .Values.autosharding.enabled }} 22 strategy: 23 type: {{ .Values.updateStrategy | default "RollingUpdate" }} 24 {{- end }} 25 revisionHistoryLimit: {{ .Values.revisionHistoryLimit }} 26 {{- if .Values.autosharding.enabled }} 27 serviceName: {{ template "kube-state-metrics.fullname" . }} 28 volumeClaimTemplates: [] 29 {{- end }} 30 template: 31 metadata: 32 labels: 33 {{- include "kube-state-metrics.labels" . | indent 8 }} 34 {{- if .Values.podAnnotations }} 35 annotations: 36 {{ toYaml .Values.podAnnotations | indent 8 }} 37 {{- end }} 38 spec: 39 hostNetwork: {{ .Values.hostNetwork }} 40 serviceAccountName: {{ template "kube-state-metrics.serviceAccountName" . }} 41 {{- if .Values.securityContext.enabled }} 42 securityContext: {{- omit .Values.securityContext "enabled" | toYaml | nindent 8 }} 43 {{- end }} 44 {{- if .Values.priorityClassName }} 45 priorityClassName: {{ .Values.priorityClassName }} 46 {{- end }} 47 containers: 48 {{- $httpPort := ternary 9090 (.Values.service.port | default 8080) .Values.kubeRBACProxy.enabled}} 49 {{- $telemetryPort := ternary 9091 (.Values.selfMonitor.telemetryPort | default 8081) .Values.kubeRBACProxy.enabled}} 50 - name: {{ template "kube-state-metrics.name" . }} 51 {{- if .Values.autosharding.enabled }} 52 env: 53 - name: POD_NAME 54 valueFrom: 55 fieldRef: 56 fieldPath: metadata.name 57 - name: POD_NAMESPACE 58 valueFrom: 59 fieldRef: 60 fieldPath: metadata.namespace 61 {{- end }} 62 args: 63 {{- if .Values.extraArgs }} 64 {{- .Values.extraArgs | toYaml | nindent 8 }} 65 {{- end }} 66 - --port={{ $httpPort }} 67 {{- if .Values.collectors }} 68 - --resources={{ .Values.collectors | join "," }} 69 {{- end }} 70 {{- if .Values.metricLabelsAllowlist }} 71 - --metric-labels-allowlist={{ .Values.metricLabelsAllowlist | join "," }} 72 {{- end }} 73 {{- if .Values.metricAnnotationsAllowList }} 74 - --metric-annotations-allowlist={{ .Values.metricAnnotationsAllowList | join "," }} 75 {{- end }} 76 {{- if .Values.metricAllowlist }} 77 - --metric-allowlist={{ .Values.metricAllowlist | join "," }} 78 {{- end }} 79 {{- if .Values.metricDenylist }} 80 - --metric-denylist={{ .Values.metricDenylist | join "," }} 81 {{- end }} 82 {{- $namespaces := list }} 83 {{- if .Values.namespaces }} 84 {{- range $ns := join "," .Values.namespaces | split "," }} 85 {{- $namespaces = append $namespaces (tpl $ns $) }} 86 {{- end }} 87 {{- end }} 88 {{- if .Values.releaseNamespace }} 89 {{- $namespaces = append $namespaces ( include "kube-state-metrics.namespace" . ) }} 90 {{- end }} 91 {{- if $namespaces }} 92 - --namespaces={{ $namespaces | mustUniq | join "," }} 93 {{- end }} 94 {{- if .Values.namespacesDenylist }} 95 - --namespaces-denylist={{ tpl (.Values.namespacesDenylist | join ",") $ }} 96 {{- end }} 97 {{- if .Values.autosharding.enabled }} 98 - --pod=$(POD_NAME) 99 - --pod-namespace=$(POD_NAMESPACE) 100 {{- end }} 101 {{- if .Values.kubeconfig.enabled }} 102 - --kubeconfig=/opt/k8s/.kube/config 103 {{- end }} 104 {{- if .Values.kubeRBACProxy.enabled }} 105 - --telemetry-host=127.0.0.1 106 - --telemetry-port={{ $telemetryPort }} 107 {{- else }} 108 {{- if .Values.selfMonitor.telemetryHost }} 109 - --telemetry-host={{ .Values.selfMonitor.telemetryHost }} 110 {{- end }} 111 {{- if .Values.selfMonitor.telemetryPort }} 112 - --telemetry-port={{ $telemetryPort }} 113 {{- end }} 114 {{- if .Values.customResourceState.enabled }} 115 - --custom-resource-state-config-file=/etc/customresourcestate/config.yaml 116 {{- end }} 117 {{- end }} 118 {{- if or (.Values.kubeconfig.enabled) (.Values.customResourceState.enabled) (.Values.volumeMounts) }} 119 volumeMounts: 120 {{- if .Values.kubeconfig.enabled }} 121 - name: kubeconfig 122 mountPath: /opt/k8s/.kube/ 123 readOnly: true 124 {{- end }} 125 {{- if .Values.customResourceState.enabled }} 126 - name: customresourcestate-config 127 mountPath: /etc/customresourcestate 128 readOnly: true 129 {{- end }} 130 {{- if .Values.volumeMounts }} 131 {{ toYaml .Values.volumeMounts | indent 8 }} 132 {{- end }} 133 {{- end }} 134 imagePullPolicy: {{ .Values.image.pullPolicy }} 135 image: {{ include "kube-state-metrics.image" . }} 136 {{- if eq .Values.kubeRBACProxy.enabled false }} 137 ports: 138 - containerPort: {{ .Values.service.port | default 8080}} 139 name: "http" 140 {{- if .Values.selfMonitor.enabled }} 141 - containerPort: {{ $telemetryPort }} 142 name: "metrics" 143 {{- end }} 144 {{- end }} 145 livenessProbe: 146 httpGet: 147 path: /healthz 148 port: {{ $httpPort }} 149 initialDelaySeconds: 5 150 timeoutSeconds: 5 151 readinessProbe: 152 httpGet: 153 path: / 154 port: {{ $httpPort }} 155 initialDelaySeconds: 5 156 timeoutSeconds: 5 157 {{- if .Values.resources }} 158 resources: 159 {{ toYaml .Values.resources | indent 10 }} 160 {{- end }} 161 {{- if .Values.containerSecurityContext }} 162 securityContext: 163 {{ toYaml .Values.containerSecurityContext | indent 10 }} 164 {{- end }} 165 {{- if .Values.kubeRBACProxy.enabled }} 166 - name: kube-rbac-proxy-http 167 args: 168 {{- if .Values.kubeRBACProxy.extraArgs }} 169 {{- .Values.kubeRBACProxy.extraArgs | toYaml | nindent 8 }} 170 {{- end }} 171 - --secure-listen-address=:{{ .Values.service.port | default 8080}} 172 - --upstream=http://127.0.0.1:{{ $httpPort }}/ 173 - --proxy-endpoints-port=8888 174 - --config-file=/etc/kube-rbac-proxy-config/config-file.yaml 175 volumeMounts: 176 - name: kube-rbac-proxy-config 177 mountPath: /etc/kube-rbac-proxy-config 178 {{- with .Values.kubeRBACProxy.volumeMounts }} 179 {{- toYaml . | nindent 10 }} 180 {{- end }} 181 imagePullPolicy: {{ .Values.kubeRBACProxy.image.pullPolicy }} 182 image: {{ include "kubeRBACProxy.image" . }} 183 ports: 184 - containerPort: {{ .Values.service.port | default 8080}} 185 name: "http" 186 - containerPort: 8888 187 name: "http-healthz" 188 readinessProbe: 189 httpGet: 190 scheme: HTTPS 191 port: 8888 192 path: healthz 193 initialDelaySeconds: 5 194 timeoutSeconds: 5 195 {{- if .Values.kubeRBACProxy.resources }} 196 resources: 197 {{ toYaml .Values.kubeRBACProxy.resources | indent 10 }} 198 {{- end }} 199 {{- if .Values.kubeRBACProxy.containerSecurityContext }} 200 securityContext: 201 {{ toYaml .Values.kubeRBACProxy.containerSecurityContext | indent 10 }} 202 {{- end }} 203 {{- if .Values.selfMonitor.enabled }} 204 - name: kube-rbac-proxy-telemetry 205 args: 206 {{- if .Values.kubeRBACProxy.extraArgs }} 207 {{- .Values.kubeRBACProxy.extraArgs | toYaml | nindent 8 }} 208 {{- end }} 209 - --secure-listen-address=:{{ .Values.selfMonitor.telemetryPort | default 8081 }} 210 - --upstream=http://127.0.0.1:{{ $telemetryPort }}/ 211 - --proxy-endpoints-port=8889 212 - --config-file=/etc/kube-rbac-proxy-config/config-file.yaml 213 volumeMounts: 214 - name: kube-rbac-proxy-config 215 mountPath: /etc/kube-rbac-proxy-config 216 {{- with .Values.kubeRBACProxy.volumeMounts }} 217 {{- toYaml . | nindent 10 }} 218 {{- end }} 219 imagePullPolicy: {{ .Values.kubeRBACProxy.image.pullPolicy }} 220 image: {{ include "kubeRBACProxy.image" . }} 221 ports: 222 - containerPort: {{ .Values.selfMonitor.telemetryPort | default 8081 }} 223 name: "metrics" 224 - containerPort: 8889 225 name: "metrics-healthz" 226 readinessProbe: 227 httpGet: 228 scheme: HTTPS 229 port: 8889 230 path: healthz 231 initialDelaySeconds: 5 232 timeoutSeconds: 5 233 {{- if .Values.kubeRBACProxy.resources }} 234 resources: 235 {{ toYaml .Values.kubeRBACProxy.resources | indent 10 }} 236 {{- end }} 237 {{- if .Values.kubeRBACProxy.containerSecurityContext }} 238 securityContext: 239 {{ toYaml .Values.kubeRBACProxy.containerSecurityContext | indent 10 }} 240 {{- end }} 241 {{- end }} 242 {{- end }} 243 {{- if or .Values.imagePullSecrets .Values.global.imagePullSecrets }} 244 imagePullSecrets: 245 {{- include "kube-state-metrics.imagePullSecrets" (dict "Values" .Values "imagePullSecrets" .Values.imagePullSecrets) | indent 8 }} 246 {{- end }} 247 {{- if .Values.affinity }} 248 affinity: 249 {{ toYaml .Values.affinity | indent 8 }} 250 {{- end }} 251 {{- if .Values.nodeSelector }} 252 nodeSelector: 253 {{ toYaml .Values.nodeSelector | indent 8 }} 254 {{- end }} 255 {{- if .Values.tolerations }} 256 tolerations: 257 {{ toYaml .Values.tolerations | indent 8 }} 258 {{- end }} 259 {{- if .Values.topologySpreadConstraints }} 260 topologySpreadConstraints: 261 {{ toYaml .Values.topologySpreadConstraints | indent 8 }} 262 {{- end }} 263 {{- if or (.Values.kubeconfig.enabled) (.Values.customResourceState.enabled) (.Values.volumes) (.Values.kubeRBACProxy.enabled) }} 264 volumes: 265 {{- if .Values.kubeconfig.enabled}} 266 - name: kubeconfig 267 secret: 268 secretName: {{ template "kube-state-metrics.fullname" . }}-kubeconfig 269 {{- end }} 270 {{- if .Values.kubeRBACProxy.enabled}} 271 - name: kube-rbac-proxy-config 272 configMap: 273 name: {{ template "kube-state-metrics.fullname" . }}-rbac-config 274 {{- end }} 275 {{- if .Values.customResourceState.enabled}} 276 - name: customresourcestate-config 277 configMap: 278 name: {{ template "kube-state-metrics.fullname" . }}-customresourcestate-config 279 {{- end }} 280 {{- if .Values.volumes }} 281 {{ toYaml .Values.volumes | indent 8 }} 282 {{- end }} 283 {{- end }}