{{- $functionNs := default .Release.Namespace .Values.functionNamespace }}
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: {{ template "openfaas.name" . }}
chart: {{ .Chart.Name }}-{{ .Chart.Version }}
component: gateway
heritage: {{ .Release.Service }}
release: {{ .Release.Name }}
name: gateway
namespace: {{ .Release.Namespace | quote }}
spec:
replicas: {{ .Values.gateway.replicas }}
selector:
matchLabels:
app: gateway
template:
metadata:
annotations:
prometheus.io.scrape: "true"
prometheus.io.port: "8082"
labels:
app: gateway
spec:
{{- if .Values.operator.create }}
serviceAccountName: {{ .Release.Name }}-operator
{{- else }}
serviceAccountName: {{ .Release.Name }}-controller
{{- end }}
volumes:
- name: faas-netes-temp-volume
emptyDir: {}
{{- if .Values.basic_auth }}
- name: auth
secret:
secretName: basic-auth
{{- end }}
containers:
- name: gateway
resources:
{{- .Values.gateway.resources | toYaml | nindent 12 }}
image: {{ .Values.gateway.image }}
imagePullPolicy: {{ .Values.openfaasImagePullPolicy }}
{{- if .Values.securityContext }}
securityContext:
readOnlyRootFilesystem: true
runAsUser: 10001
{{- end }}
livenessProbe:
{{- if .Values.httpProbe }}
httpGet:
path: /healthz
port: 8080
{{- else }}
exec:
command:
- wget
- --quiet
- --tries=1
- --timeout=5
- --spider
- http://localhost:8080/healthz
{{- end }}
timeoutSeconds: 5
readinessProbe:
{{- if .Values.httpProbe }}
httpGet:
path: /healthz
port: 8080
{{- else }}
exec:
command:
- wget
- --quiet
- --tries=1
- --timeout=5
- --spider
- http://localhost:8080/healthz
{{- end }}
timeoutSeconds: 5
env:
{{- if .Values.gateway.logsProviderURL }}
- name: logs_provider_url
value: "{{ .Values.gateway.logsProviderURL }}"
{{- end }}
- name: read_timeout
value: "{{ .Values.gateway.readTimeout }}"
- name: write_timeout
value: "{{ .Values.gateway.writeTimeout }}"
- name: upstream_timeout
value: "{{ .Values.gateway.upstreamTimeout }}"
- name: functions_provider_url
value: "http://127.0.0.1:8081/"
- name: direct_functions
{{- if .Values.gateway.directFunctions }}
value: "{{.Values.gateway.directFunctions}}"
{{- else}}
value: "false"
{{- end }}
- name: direct_functions_suffix
value: "{{ $functionNs }}.svc.{{ .Values.kubernetesDNSDomain }}"
- name: function_namespace
value: {{ $functionNs | quote }}
{{- if .Values.nats.external.enabled }}
- name: faas_nats_address
value: "{{ .Values.nats.external.host }}"
- name: faas_nats_port
value: "{{ .Values.nats.external.port }}"
- name: faas_nats_cluster_name
value: "{{ .Values.nats.external.clusterName }}"
- name: faas_nats_channel
value: "{{ .Values.nats.channel }}"
{{- else }}
{{- if .Values.async }}
- name: faas_nats_address
value: "nats.{{ .Release.Namespace }}.svc.{{ .Values.kubernetesDNSDomain }}"
- name: faas_nats_port
value: "4222"
- name: faas_nats_channel
value: "{{ .Values.nats.channel }}"
{{- end }}
{{- end }}
{{- if .Values.basic_auth }}
- name: basic_auth
value: "true"
- name: secret_mount_path
value: "/var/secrets"
{{- if .Values.oauth2Plugin.enabled }}
- name: auth_proxy_url
value: "http://oauth2-plugin.{{ .Release.Namespace }}:8080/validate"
- name: auth_pass_body
value: "false"
{{- else }}
- name: auth_proxy_url
value: "http://basic-auth-plugin.{{ .Release.Namespace }}:8080/validate"
- name: auth_pass_body
value: "false"
{{- end }}
{{- end }}
- name: scale_from_zero
value: "{{ .Values.gateway.scaleFromZero }}"
- name: max_idle_conns
value: "{{ .Values.gateway.maxIdleConns }}"
- name: max_idle_conns_per_host
value: "{{ .Values.gateway.maxIdleConnsPerHost }}"
{{- if .Values.basic_auth }}
volumeMounts:
- name: auth
readOnly: true
mountPath: "/var/secrets"
{{- end }}
ports:
- name: http
containerPort: 8080
protocol: TCP
{{- if .Values.operator.create }}
- name: operator
resources:
{{- .Values.operator.resources | toYaml | nindent 12 }}
image: {{ .Values.operator.image }}
imagePullPolicy: {{ .Values.openfaasImagePullPolicy }}
command:
- ./faas-netes
- -operator=true
env:
- name: port
value: "8081"
- name: function_namespace
value: {{ $functionNs | quote }}
- name: profiles_namespace
value: {{ .Release.Namespace | quote }}
- name: read_timeout
value: "{{ .Values.faasnetes.readTimeout }}"
- name: write_timeout
value: "{{ .Values.faasnetes.writeTimeout }}"
- name: image_pull_policy
value: {{ .Values.faasnetes.imagePullPolicy | quote }}
- name: http_probe
value: "{{ .Values.faasnetes.httpProbe }}"
- name: set_nonroot_user
value: "{{ .Values.faasnetes.setNonRootUser }}"
- name: readiness_probe_initial_delay_seconds
value: "{{ .Values.faasnetes.readinessProbe.initialDelaySeconds }}"
- name: readiness_probe_timeout_seconds
value: "{{ .Values.faasnetes.readinessProbe.timeoutSeconds }}"
- name: readiness_probe_period_seconds
value: "{{ .Values.faasnetes.readinessProbe.periodSeconds }}"
- name: liveness_probe_initial_delay_seconds
value: "{{ .Values.faasnetes.livenessProbe.initialDelaySeconds }}"
- name: liveness_probe_timeout_seconds
value: "{{ .Values.faasnetes.livenessProbe.timeoutSeconds }}"
- name: liveness_probe_period_seconds
value: "{{ .Values.faasnetes.livenessProbe.periodSeconds }}"
- name: cluster_role
value: "{{ .Values.clusterRole }}"
ports:
- containerPort: 8081
protocol: TCP
{{- else }}
- name: faas-netes
resources:
{{- .Values.faasnetes.resources | toYaml | nindent 12 }}
image: {{ .Values.faasnetes.image }}
imagePullPolicy: {{ .Values.openfaasImagePullPolicy }}
{{- if .Values.securityContext }}
securityContext:
readOnlyRootFilesystem: true
runAsUser: 10001
{{- end }}
env:
- name: port
value: "8081"
- name: function_namespace
value: {{ $functionNs | quote }}
- name: read_timeout
value: "{{ .Values.faasnetes.readTimeout }}"
- name: profiles_namespace
value: {{ .Release.Namespace | quote }}
- name: write_timeout
value: "{{ .Values.faasnetes.writeTimeout }}"
- name: image_pull_policy
value: {{ .Values.faasnetes.imagePullPolicy | quote }}
- name: http_probe
value: "{{ .Values.faasnetes.httpProbe }}"
- name: set_nonroot_user
value: "{{ .Values.faasnetes.setNonRootUser }}"
- name: readiness_probe_initial_delay_seconds
value: "{{ .Values.faasnetes.readinessProbe.initialDelaySeconds }}"
- name: readiness_probe_timeout_seconds
value: "{{ .Values.faasnetes.readinessProbe.timeoutSeconds }}"
- name: readiness_probe_period_seconds
value: "{{ .Values.faasnetes.readinessProbe.periodSeconds }}"
- name: liveness_probe_initial_delay_seconds
value: "{{ .Values.faasnetes.livenessProbe.initialDelaySeconds }}"
- name: liveness_probe_timeout_seconds
value: "{{ .Values.faasnetes.livenessProbe.timeoutSeconds }}"
- name: liveness_probe_period_seconds
value: "{{ .Values.faasnetes.livenessProbe.periodSeconds }}"
- name: cluster_role
value: "{{ .Values.clusterRole }}"
volumeMounts:
- mountPath: /tmp
name: faas-netes-temp-volume
ports:
- containerPort: 8081
protocol: TCP
{{- end }}
{{- with .Values.nodeSelector }}
nodeSelector:
{{ toYaml . | indent 8 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{ toYaml . | indent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{ toYaml . | indent 8 }}
{{- end }}