{{- $functionNs := default .Release.Namespace .Values.functionNamespace }} apiVersion: apps/v1 kind: Deployment metadata: labels: app: {{ template "openfaas.name" . }} chart: {{ .Chart.Name }}-{{ .Chart.Version }} component: gateway heritage: {{ .Release.Service }} release: {{ .Release.Name }} name: gateway namespace: {{ .Release.Namespace | quote }} spec: replicas: {{ .Values.gateway.replicas }} selector: matchLabels: app: gateway template: metadata: annotations: prometheus.io.scrape: "true" prometheus.io.port: "8082" labels: app: gateway spec: {{- if .Values.operator.create }} serviceAccountName: {{ .Release.Name }}-operator {{- else }} serviceAccountName: {{ .Release.Name }}-controller {{- end }} volumes: - name: faas-netes-temp-volume emptyDir: {} {{- if .Values.basic_auth }} - name: auth secret: secretName: basic-auth {{- end }} containers: - name: gateway resources: {{- .Values.gateway.resources | toYaml | nindent 12 }} image: {{ .Values.gateway.image }} imagePullPolicy: {{ .Values.openfaasImagePullPolicy }} {{- if .Values.securityContext }} securityContext: readOnlyRootFilesystem: true runAsUser: 10001 {{- end }} livenessProbe: {{- if .Values.httpProbe }} httpGet: path: /healthz port: 8080 {{- else }} exec: command: - wget - --quiet - --tries=1 - --timeout=5 - --spider - http://localhost:8080/healthz {{- end }} timeoutSeconds: 5 readinessProbe: {{- if .Values.httpProbe }} httpGet: path: /healthz port: 8080 {{- else }} exec: command: - wget - --quiet - --tries=1 - --timeout=5 - --spider - http://localhost:8080/healthz {{- end }} timeoutSeconds: 5 env: {{- if .Values.gateway.logsProviderURL }} - name: logs_provider_url value: "{{ .Values.gateway.logsProviderURL }}" {{- end }} - name: read_timeout value: "{{ .Values.gateway.readTimeout }}" - name: write_timeout value: "{{ .Values.gateway.writeTimeout }}" - name: upstream_timeout value: "{{ .Values.gateway.upstreamTimeout }}" - name: functions_provider_url value: "http://127.0.0.1:8081/" - name: direct_functions {{- if .Values.gateway.directFunctions }} value: "{{.Values.gateway.directFunctions}}" {{- else}} value: "false" {{- end }} - name: direct_functions_suffix value: "{{ $functionNs }}.svc.{{ .Values.kubernetesDNSDomain }}" - name: function_namespace value: {{ $functionNs | quote }} {{- if .Values.nats.external.enabled }} - name: faas_nats_address value: "{{ .Values.nats.external.host }}" - name: faas_nats_port value: "{{ .Values.nats.external.port }}" - name: faas_nats_cluster_name value: "{{ .Values.nats.external.clusterName }}" - name: faas_nats_channel value: "{{ .Values.nats.channel }}" {{- else }} {{- if .Values.async }} - name: faas_nats_address value: "nats.{{ .Release.Namespace }}.svc.{{ .Values.kubernetesDNSDomain }}" - name: faas_nats_port value: "4222" - name: faas_nats_channel value: "{{ .Values.nats.channel }}" {{- end }} {{- end }} {{- if .Values.basic_auth }} - name: basic_auth value: "true" - name: secret_mount_path value: "/var/secrets" {{- if .Values.oauth2Plugin.enabled }} - name: auth_proxy_url value: "http://oauth2-plugin.{{ .Release.Namespace }}:8080/validate" - name: auth_pass_body value: "false" {{- else }} - name: auth_proxy_url value: "http://basic-auth-plugin.{{ .Release.Namespace }}:8080/validate" - name: auth_pass_body value: "false" {{- end }} {{- end }} - name: scale_from_zero value: "{{ .Values.gateway.scaleFromZero }}" - name: max_idle_conns value: "{{ .Values.gateway.maxIdleConns }}" - name: max_idle_conns_per_host value: "{{ .Values.gateway.maxIdleConnsPerHost }}" {{- if .Values.basic_auth }} volumeMounts: - name: auth readOnly: true mountPath: "/var/secrets" {{- end }} ports: - name: http containerPort: 8080 protocol: TCP {{- if .Values.operator.create }} - name: operator resources: {{- .Values.operator.resources | toYaml | nindent 12 }} image: {{ .Values.operator.image }} imagePullPolicy: {{ .Values.openfaasImagePullPolicy }} command: - ./faas-netes - -operator=true env: - name: port value: "8081" - name: function_namespace value: {{ $functionNs | quote }} - name: profiles_namespace value: {{ .Release.Namespace | quote }} - name: read_timeout value: "{{ .Values.faasnetes.readTimeout }}" - name: write_timeout value: "{{ .Values.faasnetes.writeTimeout }}" - name: image_pull_policy value: {{ .Values.faasnetes.imagePullPolicy | quote }} - name: http_probe value: "{{ .Values.faasnetes.httpProbe }}" - name: set_nonroot_user value: "{{ .Values.faasnetes.setNonRootUser }}" - name: readiness_probe_initial_delay_seconds value: "{{ .Values.faasnetes.readinessProbe.initialDelaySeconds }}" - name: readiness_probe_timeout_seconds value: "{{ .Values.faasnetes.readinessProbe.timeoutSeconds }}" - name: readiness_probe_period_seconds value: "{{ .Values.faasnetes.readinessProbe.periodSeconds }}" - name: liveness_probe_initial_delay_seconds value: "{{ .Values.faasnetes.livenessProbe.initialDelaySeconds }}" - name: liveness_probe_timeout_seconds value: "{{ .Values.faasnetes.livenessProbe.timeoutSeconds }}" - name: liveness_probe_period_seconds value: "{{ .Values.faasnetes.livenessProbe.periodSeconds }}" - name: cluster_role value: "{{ .Values.clusterRole }}" ports: - containerPort: 8081 protocol: TCP {{- else }} - name: faas-netes resources: {{- .Values.faasnetes.resources | toYaml | nindent 12 }} image: {{ .Values.faasnetes.image }} imagePullPolicy: {{ .Values.openfaasImagePullPolicy }} {{- if .Values.securityContext }} securityContext: readOnlyRootFilesystem: true runAsUser: 10001 {{- end }} env: - name: port value: "8081" - name: function_namespace value: {{ $functionNs | quote }} - name: read_timeout value: "{{ .Values.faasnetes.readTimeout }}" - name: profiles_namespace value: {{ .Release.Namespace | quote }} - name: write_timeout value: "{{ .Values.faasnetes.writeTimeout }}" - name: image_pull_policy value: {{ .Values.faasnetes.imagePullPolicy | quote }} - name: http_probe value: "{{ .Values.faasnetes.httpProbe }}" - name: set_nonroot_user value: "{{ .Values.faasnetes.setNonRootUser }}" - name: readiness_probe_initial_delay_seconds value: "{{ .Values.faasnetes.readinessProbe.initialDelaySeconds }}" - name: readiness_probe_timeout_seconds value: "{{ .Values.faasnetes.readinessProbe.timeoutSeconds }}" - name: readiness_probe_period_seconds value: "{{ .Values.faasnetes.readinessProbe.periodSeconds }}" - name: liveness_probe_initial_delay_seconds value: "{{ .Values.faasnetes.livenessProbe.initialDelaySeconds }}" - name: liveness_probe_timeout_seconds value: "{{ .Values.faasnetes.livenessProbe.timeoutSeconds }}" - name: liveness_probe_period_seconds value: "{{ .Values.faasnetes.livenessProbe.periodSeconds }}" - name: cluster_role value: "{{ .Values.clusterRole }}" volumeMounts: - mountPath: /tmp name: faas-netes-temp-volume ports: - containerPort: 8081 protocol: TCP {{- end }} {{- with .Values.nodeSelector }} nodeSelector: {{ toYaml . | indent 8 }} {{- end }} {{- with .Values.affinity }} affinity: {{ toYaml . | indent 8 }} {{- end }} {{- with .Values.tolerations }} tolerations: {{ toYaml . | indent 8 }} {{- end }}