github.com/verrazzano/verrazzano@v1.7.0/platform-operator/thirdparty/charts/velero/templates/deployment.yaml (about) 1 {{- if .Values.configuration.provider -}} 2 {{- $provider := .Values.configuration.provider -}} 3 {{/* 'securityContext' got renamed to 'podSecurityContext', merge both dicts into one for backward compatibility */}} 4 {{- $podSecurityContext := merge (.Values.podSecurityContext | default dict) (.Values.securityContext | default dict) -}} 5 apiVersion: apps/v1 6 kind: Deployment 7 metadata: 8 name: {{ include "velero.fullname" . }} 9 namespace: {{ .Release.Namespace }} 10 {{- with .Values.annotations }} 11 annotations: 12 {{- toYaml . | nindent 4 }} 13 {{- end }} 14 labels: 15 app.kubernetes.io/name: {{ include "velero.name" . }} 16 app.kubernetes.io/instance: {{ .Release.Name }} 17 app.kubernetes.io/managed-by: {{ .Release.Service }} 18 helm.sh/chart: {{ include "velero.chart" . }} 19 component: velero 20 {{- with .Values.labels }} 21 {{- toYaml . | nindent 4 }} 22 {{- end }} 23 spec: 24 replicas: 1 25 selector: 26 matchLabels: 27 app.kubernetes.io/instance: {{ .Release.Name }} 28 app.kubernetes.io/name: {{ include "velero.name" . }} 29 template: 30 metadata: 31 labels: 32 name: velero 33 app.kubernetes.io/name: {{ include "velero.name" . }} 34 app.kubernetes.io/instance: {{ .Release.Name }} 35 app.kubernetes.io/managed-by: {{ .Release.Service }} 36 helm.sh/chart: {{ include "velero.chart" . }} 37 {{- if .Values.podLabels }} 38 {{- toYaml .Values.podLabels | nindent 8 }} 39 {{- end }} 40 {{- if or .Values.podAnnotations .Values.metrics.enabled }} 41 annotations: 42 {{- with .Values.podAnnotations }} 43 {{- toYaml . | nindent 8 }} 44 {{- end }} 45 {{- with .Values.metrics.podAnnotations }} 46 {{- toYaml . | nindent 8 }} 47 {{- end }} 48 {{- end }} 49 spec: 50 {{- if .Values.image.imagePullSecrets }} 51 imagePullSecrets: 52 {{- range .Values.image.imagePullSecrets }} 53 - name: {{ . }} 54 {{- end }} 55 {{- end }} 56 restartPolicy: Always 57 serviceAccountName: {{ include "velero.serverServiceAccount" . }} 58 {{- if .Values.priorityClassName }} 59 priorityClassName: {{ include "velero.priorityClassName" . }} 60 {{- end }} 61 containers: 62 - name: velero 63 {{- if .Values.image.digest }} 64 image: "{{ .Values.image.repository }}@{{ .Values.image.digest }}" 65 {{- else }} 66 image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" 67 {{- end }} 68 imagePullPolicy: {{ .Values.image.pullPolicy }} 69 {{- if .Values.metrics.enabled }} 70 ports: 71 - name: http-monitoring 72 containerPort: 8085 73 {{- end }} 74 command: 75 - /velero 76 args: 77 - server 78 {{- with .Values.configuration }} 79 {{- with .backupSyncPeriod }} 80 - --backup-sync-period={{ . }} 81 {{- end }} 82 {{- with .resticTimeout }} 83 - --restic-timeout={{ . }} 84 {{- end }} 85 {{- if .restoreOnlyMode }} 86 - --restore-only 87 {{- end }} 88 {{- with .restoreResourcePriorities }} 89 - --restore-resource-priorities={{ . }} 90 {{- end }} 91 {{- with .features }} 92 - --features={{ . }} 93 {{- end }} 94 {{- with .logLevel }} 95 - --log-level={{ . }} 96 {{- end }} 97 {{- with .logFormat }} 98 - --log-format={{ . }} 99 {{- end }} 100 {{- if .defaultVolumesToRestic }} 101 - --default-volumes-to-restic 102 {{- end }} 103 {{- with .defaultResticPruneFrequency }} 104 - --default-restic-prune-frequency={{ . }} 105 {{- end }} 106 {{- with .clientQPS }} 107 - --client-qps={{ . }} 108 {{- end }} 109 {{- with .clientBurst }} 110 - --client-burst={{ . }} 111 {{- end }} 112 {{- with .disableControllers }} 113 - --disable-controllers={{ . }} 114 {{- end }} 115 {{- end }} 116 {{- with .Values.resources }} 117 resources: 118 {{- toYaml . | nindent 12 }} 119 {{- end }} 120 {{- with .Values.containerSecurityContext }} 121 securityContext: 122 {{- toYaml . | nindent 12 }} 123 {{- end }} 124 volumeMounts: 125 - name: plugins 126 mountPath: /plugins 127 {{- if .Values.credentials.useSecret }} 128 - name: cloud-credentials 129 mountPath: /credentials 130 {{- end }} 131 - name: scratch 132 mountPath: /scratch 133 {{- if .Values.containerSecurityContext.readOnlyRootFilesystem }} 134 - name: tmpdir 135 mountPath: /tmp 136 {{- end }} 137 {{- if .Values.extraVolumeMounts }} 138 {{- toYaml .Values.extraVolumeMounts | nindent 12 }} 139 {{- end }} 140 {{- if .Values.credentials.extraSecretRef }} 141 envFrom: 142 - secretRef: 143 name: {{ .Values.credentials.extraSecretRef }} 144 {{- end }} 145 env: 146 - name: VELERO_SCRATCH_DIR 147 value: /scratch 148 - name: VELERO_NAMESPACE 149 valueFrom: 150 fieldRef: 151 apiVersion: v1 152 fieldPath: metadata.namespace 153 - name: LD_LIBRARY_PATH 154 value: /plugins 155 {{- if .Values.credentials.useSecret }} 156 {{- if eq $provider "aws" }} 157 - name: AWS_SHARED_CREDENTIALS_FILE 158 value: /credentials/cloud 159 {{- else if eq $provider "gcp"}} 160 - name: GOOGLE_APPLICATION_CREDENTIALS 161 value: /credentials/cloud 162 {{- else if eq $provider "azure" }} 163 - name: AZURE_CREDENTIALS_FILE 164 value: /credentials/cloud 165 {{- else if eq $provider "alibabacloud" }} 166 - name: ALIBABA_CLOUD_CREDENTIALS_FILE 167 value: /credentials/cloud 168 {{- end }} 169 {{- end }} 170 {{- with .Values.configuration.extraEnvVars }} 171 {{- range $key, $value := . }} 172 - name: {{ default "none" $key }} 173 value: {{ default "none" $value | quote }} 174 {{- end }} 175 {{- end }} 176 {{- with .Values.credentials.extraEnvVars }} 177 {{- range $key, $value := . }} 178 - name: {{ default "none" $key }} 179 valueFrom: 180 secretKeyRef: 181 name: {{ include "velero.secretName" $ }} 182 key: {{ default "none" $key }} 183 {{- end }} 184 {{- end }} 185 dnsPolicy: {{ .Values.dnsPolicy }} 186 {{- if .Values.initContainers }} 187 initContainers: 188 {{- if eq (typeOf .Values.initContainers) "string" }} 189 {{- tpl .Values.initContainers . | nindent 8 }} 190 {{- else }} 191 {{- toYaml .Values.initContainers | nindent 8 }} 192 {{- end }} 193 {{- end }} 194 volumes: 195 {{- if .Values.credentials.useSecret }} 196 - name: cloud-credentials 197 secret: 198 secretName: {{ include "velero.secretName" . }} 199 {{- end }} 200 - name: plugins 201 emptyDir: {} 202 - name: scratch 203 emptyDir: {} 204 {{- if .Values.containerSecurityContext.readOnlyRootFilesystem }} 205 - name: tmpdir 206 emptyDir: {} 207 {{- end }} 208 {{- if .Values.extraVolumes }} 209 {{- toYaml .Values.extraVolumes | nindent 8 }} 210 {{- end }} 211 {{- with $podSecurityContext }} 212 securityContext: 213 {{- toYaml . | nindent 8 }} 214 {{- end }} 215 {{- with .Values.nodeSelector }} 216 nodeSelector: 217 {{- toYaml . | nindent 8 }} 218 {{- end }} 219 {{- with .Values.tolerations }} 220 tolerations: 221 {{- toYaml . | nindent 8 }} 222 {{- end }} 223 {{- with .Values.affinity }} 224 affinity: 225 {{- toYaml . | nindent 8 }} 226 {{- end }} 227 {{- end -}}