github.com/verrazzano/verrazzano@v1.7.0/platform-operator/thirdparty/charts/thanos/templates/storegateway/statefulset.yaml

github.com/verrazzano/verrazzano@v1.7.0/platform-operator/thirdparty/charts/thanos/templates/storegateway/statefulset.yaml (about)

     1  {{- if and .Values.storegateway.enabled (not .Values.storegateway.sharded.enabled) }}
     2  apiVersion: {{ include "common.capabilities.statefulset.apiVersion" . }}
     3  kind: StatefulSet
     4  metadata:
     5    name: {{ include "common.names.fullname" . }}-storegateway
     6    namespace: {{ .Release.Namespace | quote }}
     7    labels: {{- include "common.labels.standard" . | nindent 4 }}
     8      app.kubernetes.io/component: storegateway
     9      {{- if .Values.commonLabels }}
    10      {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
    11      {{- end }}
    12    {{- if .Values.commonAnnotations }}
    13    annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
    14    {{- end }}
    15  spec:
    16    {{- if not .Values.storegateway.autoscaling.enabled }}
    17    replicas: {{ .Values.storegateway.replicaCount }}
    18    {{- end }}
    19    podManagementPolicy: {{ .Values.storegateway.podManagementPolicy }}
    20    serviceName: {{ include "common.names.fullname" . }}-storegateway-headless
    21    {{- if .Values.storegateway.updateStrategy }}
    22    updateStrategy: {{- toYaml .Values.storegateway.updateStrategy | nindent 4 }}
    23    {{- end }}
    24    selector:
    25      matchLabels: {{- include "common.labels.matchLabels" . | nindent 6 }}
    26        app.kubernetes.io/component: storegateway
    27    template:
    28      metadata:
    29        labels: {{- include "common.labels.standard" . | nindent 8 }}
    30          app.kubernetes.io/component: storegateway
    31          {{- if .Values.commonLabels }}
    32          {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 8 }}
    33          {{- end }}
    34          {{- if .Values.storegateway.podLabels }}
    35          {{- include "common.tplvalues.render" (dict "value" .Values.storegateway.podLabels "context" $) | nindent 8 }}
    36          {{- end }}
    37        annotations:
    38          checksum/objstore-configuration: {{ include (print $.Template.BasePath "/objstore-secret.yaml") . | sha256sum }}
    39          {{- if (include "thanos.storegateway.createConfigmap" .) }}
    40          checksum/storegateway-configuration: {{ include (print $.Template.BasePath "/storegateway/configmap.yaml") . | sha256sum }}
    41          {{- end }}
    42          {{- if .Values.storegateway.podAnnotations }}
    43          {{- include "common.tplvalues.render" (dict "value" .Values.storegateway.podAnnotations "context" $) | nindent 8 }}
    44          {{- end }}
    45      spec:
    46        {{- include "thanos.imagePullSecrets" . | nindent 6 }}
    47        serviceAccount: {{ include "thanos.serviceAccountName" (dict "component" "storegateway" "context" $) }}
    48        automountServiceAccountToken: {{ .Values.storegateway.automountServiceAccountToken }}
    49        {{- if .Values.storegateway.hostAliases }}
    50        hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.storegateway.hostAliases "context" $) | nindent 8 }}
    51        {{- end }}
    52        {{- if .Values.storegateway.affinity }}
    53        affinity: {{- include "common.tplvalues.render" (dict "value" .Values.storegateway.affinity "context" $) | nindent 8 }}
    54        {{- else }}
    55        affinity:
    56          podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.storegateway.podAffinityPreset "component" "storegateway" "context" $) | nindent 10 }}
    57          podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.storegateway.podAntiAffinityPreset "component" "storegateway" "context" $) | nindent 10 }}
    58          nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.storegateway.nodeAffinityPreset.type "key" .Values.storegateway.nodeAffinityPreset.key "values" .Values.storegateway.nodeAffinityPreset.values) | nindent 10 }}
    59        {{- end }}
    60        {{- if .Values.storegateway.nodeSelector }}
    61        nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.storegateway.nodeSelector "context" $) | nindent 8 }}
    62        {{- end }}
    63        {{- if .Values.storegateway.tolerations }}
    64        tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.storegateway.tolerations "context" $) | nindent 8 }}
    65        {{- end }}
    66        {{- if .Values.storegateway.priorityClassName }}
    67        priorityClassName: {{ .Values.storegateway.priorityClassName | quote }}
    68        {{- end }}
    69        {{- if .Values.storegateway.schedulerName }}
    70        schedulerName: {{ .Values.storegateway.schedulerName }}
    71        {{- end }}
    72        {{- if .Values.storegateway.podSecurityContext.enabled }}
    73        securityContext: {{- omit .Values.storegateway.podSecurityContext "enabled" | toYaml | nindent 8 }}
    74        {{- end }}
    75        {{- if .Values.storegateway.topologySpreadConstraints }}
    76        topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.storegateway.topologySpreadConstraints "context" $) | nindent 8 }}
    77        {{- end }}
    78        {{- if or .Values.storegateway.initContainers (and .Values.volumePermissions.enabled .Values.storegateway.persistence.enabled) }}
    79        initContainers:
    80          {{- if and .Values.volumePermissions.enabled .Values.storegateway.persistence.enabled }}
    81          - name: init-chmod-data
    82            image: {{ include "thanos.volumePermissions.image" . }}
    83            imagePullPolicy: {{ .Values.volumePermissions.image.pullPolicy | quote }}
    84            command:
    85              - sh
    86              - -c
    87              - |
    88                mkdir -p /data
    89                chown -R "{{ .Values.storegateway.containerSecurityContext.runAsUser }}:{{ .Values.storegateway.podSecurityContext.fsGroup }}" /data
    90            securityContext:
    91              runAsUser: 0
    92            volumeMounts:
    93              - name: data
    94                mountPath: /data
    95          {{- end }}
    96          {{- if .Values.storegateway.initContainers }}
    97          {{- include "common.tplvalues.render" (dict "value" .Values.storegateway.initContainers "context" $) | nindent 8 }}
    98          {{- end }}
    99        {{- end }}
   100        containers:
   101          {{- if .Values.storegateway.sidecars }}
   102          {{- include "common.tplvalues.render" (dict "value" .Values.storegateway.sidecars "context" $) | nindent 8 }}
   103          {{- end }}
   104          - name: storegateway
   105            image: {{ include "thanos.image" . }}
   106            imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
   107            {{- if .Values.storegateway.containerSecurityContext.enabled }}
   108            securityContext: {{- omit .Values.storegateway.containerSecurityContext "enabled" | toYaml | nindent 12 }}
   109            {{- end }}
   110            {{- if .Values.storegateway.command }}
   111            command: {{- include "common.tplvalues.render" (dict "value" .Values.storegateway.command "context" $) | nindent 12 }}
   112            {{- end }}
   113            args:
   114              {{- if .Values.storegateway.args }}
   115              {{- include "common.tplvalues.render" (dict "value" .Values.storegateway.args "context" $) | nindent 12 }}
   116              {{- else }}
   117              - store
   118              - --log.level={{ .Values.storegateway.logLevel }}
   119              - --log.format={{ .Values.storegateway.logFormat }}
   120              - --grpc-address=0.0.0.0:10901
   121              - --http-address=0.0.0.0:10902
   122              - --data-dir=/data
   123              - --objstore.config-file=/conf/objstore.yml
   124              {{- if (include "thanos.httpConfigEnabled" .) }}
   125              - --http.config=/conf/http/http-config.yml
   126              {{- end }}
   127              {{- if .Values.indexCacheConfig }}
   128              - --index-cache.config-file=/conf/index-cache.yml
   129              {{- end }}
   130              {{- if .Values.bucketCacheConfig }}
   131              - --store.caching-bucket.config-file=/conf/bucket-cache.yml
   132              {{- end }}
   133              {{- if or .Values.storegateway.config .Values.storegateway.existingConfigmap }}
   134              - --index-cache.config-file=/conf/cache/config.yml
   135              {{- end }}
   136              {{- if .Values.storegateway.grpc.server.tls.enabled }}
   137              - --grpc-server-tls-cert=/certs/{{ include "common.secrets.key" (dict "existingSecret" .Values.storegateway.grpc.server.tls.existingSecret "key" "tls-cert") }}
   138              - --grpc-server-tls-key=/certs/{{ include "common.secrets.key" (dict "existingSecret" .Values.storegateway.grpc.server.tls.existingSecret "key" "tls-key") }}
   139              - --grpc-server-tls-client-ca=/certs/{{ include "common.secrets.key" (dict "existingSecret" .Values.storegateway.grpc.server.tls.existingSecret "key" "ca-cert") }}
   140              {{- end }}
   141              {{- if .Values.storegateway.extraFlags }}
   142              {{- .Values.storegateway.extraFlags | toYaml | nindent 12 }}
   143              {{- end }}
   144              {{- end }}
   145            {{- if .Values.storegateway.extraEnvVars }}
   146            env: {{- include "common.tplvalues.render" (dict "value" .Values.storegateway.extraEnvVars "context" $) | nindent 12 }}
   147            {{- end }}
   148            {{- if or .Values.storegateway.extraEnvVarsCM .Values.storegateway.extraEnvVarsSecret }}
   149            envFrom:
   150              {{- if .Values.storegateway.extraEnvVarsCM }}
   151              - configMapRef:
   152                  name: {{ include "common.tplvalues.render" (dict "value" .Values.storegateway.extraEnvVarsCM "context" $) }}
   153              {{- end }}
   154              {{- if .Values.storegateway.extraEnvVarsSecret }}
   155              - secretRef:
   156                  name: {{ include "common.tplvalues.render" (dict "value" .Values.storegateway.extraEnvVarsSecret "context" $) }}
   157              {{- end }}
   158            {{- end }}
   159            ports:
   160              - name: http
   161                containerPort: 10902
   162                protocol: TCP
   163              - name: grpc
   164                containerPort: 10901
   165                protocol: TCP
   166            {{- if .Values.storegateway.customLivenessProbe }}
   167            livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.storegateway.customLivenessProbe "context" $) | nindent 12 }}
   168            {{- else if .Values.storegateway.livenessProbe.enabled }}
   169            livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.storegateway.livenessProbe "enabled") "context" $) | nindent 12 }}
   170              {{- if not .Values.auth.basicAuthUsers }}
   171              httpGet:
   172                path: /-/healthy
   173                port: http
   174                scheme: {{ ternary "HTTPS" "HTTP" .Values.https.enabled }}
   175              {{- else }}
   176              tcpSocket:
   177                port: http
   178              {{- end }}
   179            {{- end }}
   180            {{- if .Values.storegateway.customReadinessProbe }}
   181            readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.storegateway.customReadinessProbe "context" $) | nindent 12 }}
   182            {{- else if .Values.storegateway.readinessProbe.enabled }}
   183            readinessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.storegateway.readinessProbe "enabled") "context" $) | nindent 12 }}
   184              {{- if not .Values.auth.basicAuthUsers }}
   185              httpGet:
   186                path: /-/ready
   187                port: http
   188                scheme: {{ ternary "HTTPS" "HTTP" .Values.https.enabled }}
   189              {{- else }}
   190              tcpSocket:
   191                port: http
   192              {{- end }}
   193            {{- end }}
   194            {{- if .Values.storegateway.customStartupProbe }}
   195            startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.storegateway.customStartupProbe "context" $) | nindent 12 }}
   196            {{- else if .Values.storegateway.startupProbe.enabled }}
   197            startupProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.storegateway.startupProbe "enabled") "context" $) | nindent 12 }}
   198              {{- if not .Values.auth.basicAuthUsers }}
   199              httpGet:
   200                path: /-/ready
   201                port: http
   202                scheme: {{ ternary "HTTPS" "HTTP" .Values.https.enabled }}
   203              {{- else }}
   204              tcpSocket:
   205                port: http
   206              {{- end }}
   207            {{- end }}
   208            {{- if .Values.storegateway.lifecycleHooks }}
   209            lifecycle: {{- include "common.tplvalues.render" (dict "value" .Values.storegateway.lifecycleHooks "context" $) | nindent 12 }}
   210            {{- end }}
   211            {{- if .Values.storegateway.resources }}
   212            resources: {{- toYaml .Values.storegateway.resources | nindent 12 }}
   213            {{- end }}
   214            volumeMounts:
   215              {{- if (include "thanos.httpConfigEnabled" .) }}
   216              - name: http-config
   217                mountPath: /conf/http
   218              {{- if .Values.https.enabled }}
   219              - name: http-certs
   220                mountPath: /certs
   221              {{- end }}
   222              {{- end }}
   223              - name: objstore-config
   224                mountPath: /conf
   225              - name: data
   226                mountPath: /data
   227              {{- if or .Values.storegateway.config .Values.storegateway.existingConfigmap }}
   228              - name: cache-config
   229                mountPath: /conf/cache
   230              {{- end }}
   231              {{- if .Values.storegateway.grpc.server.tls.enabled }}
   232              - name: grpc-server-tls
   233                mountPath: /certs
   234              {{- end }}
   235              {{- if .Values.storegateway.extraVolumeMounts }}
   236              {{- include "common.tplvalues.render" (dict "value" .Values.storegateway.extraVolumeMounts "context" $) | nindent 12 }}
   237              {{- end }}
   238        volumes:
   239          - name: objstore-config
   240            secret:
   241              secretName: {{ include "thanos.objstoreSecretName" . }}
   242              {{- if .Values.existingObjstoreSecretItems }}
   243              items: {{- toYaml .Values.existingObjstoreSecretItems | nindent 14 }}
   244              {{- end }}
   245          {{- if .Values.storegateway.extraVolumes }}
   246          {{- include "common.tplvalues.render" (dict "value" .Values.storegateway.extraVolumes "context" $) | nindent 8 }}
   247          {{- end }}
   248          {{- if or .Values.storegateway.config .Values.storegateway.existingConfigmap }}
   249          - name: cache-config
   250            configMap:
   251              name: {{ include "thanos.storegateway.configmapName" . }}
   252          {{- end }}
   253          {{- if (include "thanos.httpConfigEnabled" .) }}
   254          - name: http-config
   255            secret:
   256              secretName: {{ include "thanos.httpConfigSecretName" . }}
   257          {{- if .Values.https.enabled }}
   258          - name: http-certs
   259            secret:
   260              secretName: {{ include "thanos.httpCertsSecretName" . }}
   261          {{- end }}
   262          {{- end }}
   263          {{- if .Values.storegateway.grpc.server.tls.enabled }}
   264          - name: grpc-server-tls
   265            secret:
   266              secretName: {{ include "common.secrets.name" (dict "existingSecret" .Values.storegateway.grpc.server.tls.existingSecret "defaultNameSuffix" "store-grpc-server" "context" $) }}
   267          {{- end }}
   268    {{- if and .Values.storegateway.persistence.enabled .Values.storegateway.persistence.existingClaim }}
   269          - name: data
   270            persistentVolumeClaim:
   271              claimName: {{ .Values.storegateway.persistence.existingClaim }}
   272    {{- else if not .Values.storegateway.persistence.enabled }}
   273          - name: data
   274            emptyDir: {}
   275    {{- else if and .Values.storegateway.persistence.enabled (not .Values.storegateway.persistence.existingClaim) }}
   276    volumeClaimTemplates:
   277      - metadata:
   278          name: data
   279          {{- if .Values.storegateway.persistence.labels }}
   280          labels: {{- include "common.tplvalues.render" ( dict "value" .Values.storegateway.persistence.labels "context" $) | nindent 10 }}
   281          {{- end }}
   282          {{- if .Values.storegateway.persistence.annotations }}
   283          annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.storegateway.persistence.annotations "context" $) | nindent 10 }}
   284          {{- end }}
   285        spec:
   286          accessModes:
   287          {{- range .Values.storegateway.persistence.accessModes }}
   288            - {{ . | quote }}
   289          {{- end }}
   290          resources:
   291            requests:
   292              storage: {{ .Values.storegateway.persistence.size | quote }}
   293          {{- include "common.storage.class" (dict "persistence" .Values.storegateway.persistence "global" .Values.global) | nindent 8 }}
   294    {{- end }}
   295  {{- end }}