261 lines
9.0 KiB
YAML
261 lines
9.0 KiB
YAML
{{- $functionNs := default .Release.Namespace .Values.functionNamespace }}
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
labels:
|
|
app: {{ template "openfaas.name" . }}
|
|
chart: {{ .Chart.Name }}-{{ .Chart.Version }}
|
|
component: gateway
|
|
heritage: {{ .Release.Service }}
|
|
release: {{ .Release.Name }}
|
|
name: gateway
|
|
namespace: {{ .Release.Namespace | quote }}
|
|
spec:
|
|
replicas: {{ .Values.gateway.replicas }}
|
|
selector:
|
|
matchLabels:
|
|
app: gateway
|
|
template:
|
|
metadata:
|
|
annotations:
|
|
prometheus.io.scrape: "true"
|
|
prometheus.io.port: "8082"
|
|
labels:
|
|
app: gateway
|
|
spec:
|
|
{{- if .Values.operator.create }}
|
|
serviceAccountName: {{ .Release.Name }}-operator
|
|
{{- else }}
|
|
serviceAccountName: {{ .Release.Name }}-controller
|
|
{{- end }}
|
|
volumes:
|
|
- name: faas-netes-temp-volume
|
|
emptyDir: {}
|
|
{{- if .Values.basic_auth }}
|
|
- name: auth
|
|
secret:
|
|
secretName: basic-auth
|
|
{{- end }}
|
|
containers:
|
|
- name: gateway
|
|
resources:
|
|
{{- .Values.gateway.resources | toYaml | nindent 12 }}
|
|
image: {{ .Values.gateway.image }}
|
|
imagePullPolicy: {{ .Values.openfaasImagePullPolicy }}
|
|
{{- if .Values.securityContext }}
|
|
securityContext:
|
|
readOnlyRootFilesystem: true
|
|
runAsUser: 10001
|
|
{{- end }}
|
|
livenessProbe:
|
|
{{- if .Values.httpProbe }}
|
|
httpGet:
|
|
path: /healthz
|
|
port: 8080
|
|
{{- else }}
|
|
exec:
|
|
command:
|
|
- wget
|
|
- --quiet
|
|
- --tries=1
|
|
- --timeout=5
|
|
- --spider
|
|
- http://localhost:8080/healthz
|
|
{{- end }}
|
|
timeoutSeconds: 5
|
|
readinessProbe:
|
|
{{- if .Values.httpProbe }}
|
|
httpGet:
|
|
path: /healthz
|
|
port: 8080
|
|
{{- else }}
|
|
exec:
|
|
command:
|
|
- wget
|
|
- --quiet
|
|
- --tries=1
|
|
- --timeout=5
|
|
- --spider
|
|
- http://localhost:8080/healthz
|
|
{{- end }}
|
|
timeoutSeconds: 5
|
|
env:
|
|
{{- if .Values.gateway.logsProviderURL }}
|
|
- name: logs_provider_url
|
|
value: "{{ .Values.gateway.logsProviderURL }}"
|
|
{{- end }}
|
|
- name: read_timeout
|
|
value: "{{ .Values.gateway.readTimeout }}"
|
|
- name: write_timeout
|
|
value: "{{ .Values.gateway.writeTimeout }}"
|
|
- name: upstream_timeout
|
|
value: "{{ .Values.gateway.upstreamTimeout }}"
|
|
- name: functions_provider_url
|
|
value: "http://127.0.0.1:8081/"
|
|
- name: direct_functions
|
|
{{- if .Values.gateway.directFunctions }}
|
|
value: "{{.Values.gateway.directFunctions}}"
|
|
{{- else}}
|
|
value: "false"
|
|
{{- end }}
|
|
- name: direct_functions_suffix
|
|
value: "{{ $functionNs }}.svc.{{ .Values.kubernetesDNSDomain }}"
|
|
- name: function_namespace
|
|
value: {{ $functionNs | quote }}
|
|
{{- if .Values.nats.external.enabled }}
|
|
- name: faas_nats_address
|
|
value: "{{ .Values.nats.external.host }}"
|
|
- name: faas_nats_port
|
|
value: "{{ .Values.nats.external.port }}"
|
|
- name: faas_nats_cluster_name
|
|
value: "{{ .Values.nats.external.clusterName }}"
|
|
- name: faas_nats_channel
|
|
value: "{{ .Values.nats.channel }}"
|
|
{{- else }}
|
|
{{- if .Values.async }}
|
|
- name: faas_nats_address
|
|
value: "nats.{{ .Release.Namespace }}.svc.{{ .Values.kubernetesDNSDomain }}"
|
|
- name: faas_nats_port
|
|
value: "4222"
|
|
- name: faas_nats_channel
|
|
value: "{{ .Values.nats.channel }}"
|
|
{{- end }}
|
|
{{- end }}
|
|
{{- if .Values.basic_auth }}
|
|
- name: basic_auth
|
|
value: "true"
|
|
- name: secret_mount_path
|
|
value: "/var/secrets"
|
|
{{- if .Values.oauth2Plugin.enabled }}
|
|
- name: auth_proxy_url
|
|
value: "http://oauth2-plugin.{{ .Release.Namespace }}:8080/validate"
|
|
- name: auth_pass_body
|
|
value: "false"
|
|
{{- else }}
|
|
- name: auth_proxy_url
|
|
value: "http://basic-auth-plugin.{{ .Release.Namespace }}:8080/validate"
|
|
- name: auth_pass_body
|
|
value: "false"
|
|
{{- end }}
|
|
{{- end }}
|
|
- name: scale_from_zero
|
|
value: "{{ .Values.gateway.scaleFromZero }}"
|
|
- name: max_idle_conns
|
|
value: "{{ .Values.gateway.maxIdleConns }}"
|
|
- name: max_idle_conns_per_host
|
|
value: "{{ .Values.gateway.maxIdleConnsPerHost }}"
|
|
{{- if .Values.basic_auth }}
|
|
volumeMounts:
|
|
- name: auth
|
|
readOnly: true
|
|
mountPath: "/var/secrets"
|
|
{{- end }}
|
|
ports:
|
|
- name: http
|
|
containerPort: 8080
|
|
protocol: TCP
|
|
{{- if .Values.operator.create }}
|
|
- name: operator
|
|
resources:
|
|
{{- .Values.operator.resources | toYaml | nindent 12 }}
|
|
image: {{ .Values.operator.image }}
|
|
imagePullPolicy: {{ .Values.openfaasImagePullPolicy }}
|
|
command:
|
|
- ./faas-netes
|
|
- -operator=true
|
|
env:
|
|
- name: port
|
|
value: "8081"
|
|
- name: function_namespace
|
|
value: {{ $functionNs | quote }}
|
|
- name: profiles_namespace
|
|
value: {{ .Release.Namespace | quote }}
|
|
- name: read_timeout
|
|
value: "{{ .Values.faasnetes.readTimeout }}"
|
|
- name: write_timeout
|
|
value: "{{ .Values.faasnetes.writeTimeout }}"
|
|
- name: image_pull_policy
|
|
value: {{ .Values.faasnetes.imagePullPolicy | quote }}
|
|
- name: http_probe
|
|
value: "{{ .Values.faasnetes.httpProbe }}"
|
|
- name: set_nonroot_user
|
|
value: "{{ .Values.faasnetes.setNonRootUser }}"
|
|
- name: readiness_probe_initial_delay_seconds
|
|
value: "{{ .Values.faasnetes.readinessProbe.initialDelaySeconds }}"
|
|
- name: readiness_probe_timeout_seconds
|
|
value: "{{ .Values.faasnetes.readinessProbe.timeoutSeconds }}"
|
|
- name: readiness_probe_period_seconds
|
|
value: "{{ .Values.faasnetes.readinessProbe.periodSeconds }}"
|
|
- name: liveness_probe_initial_delay_seconds
|
|
value: "{{ .Values.faasnetes.livenessProbe.initialDelaySeconds }}"
|
|
- name: liveness_probe_timeout_seconds
|
|
value: "{{ .Values.faasnetes.livenessProbe.timeoutSeconds }}"
|
|
- name: liveness_probe_period_seconds
|
|
value: "{{ .Values.faasnetes.livenessProbe.periodSeconds }}"
|
|
- name: cluster_role
|
|
value: "{{ .Values.clusterRole }}"
|
|
ports:
|
|
- containerPort: 8081
|
|
protocol: TCP
|
|
{{- else }}
|
|
- name: faas-netes
|
|
resources:
|
|
{{- .Values.faasnetes.resources | toYaml | nindent 12 }}
|
|
image: {{ .Values.faasnetes.image }}
|
|
imagePullPolicy: {{ .Values.openfaasImagePullPolicy }}
|
|
{{- if .Values.securityContext }}
|
|
securityContext:
|
|
readOnlyRootFilesystem: true
|
|
runAsUser: 10001
|
|
{{- end }}
|
|
env:
|
|
- name: port
|
|
value: "8081"
|
|
- name: function_namespace
|
|
value: {{ $functionNs | quote }}
|
|
- name: read_timeout
|
|
value: "{{ .Values.faasnetes.readTimeout }}"
|
|
- name: profiles_namespace
|
|
value: {{ .Release.Namespace | quote }}
|
|
- name: write_timeout
|
|
value: "{{ .Values.faasnetes.writeTimeout }}"
|
|
- name: image_pull_policy
|
|
value: {{ .Values.faasnetes.imagePullPolicy | quote }}
|
|
- name: http_probe
|
|
value: "{{ .Values.faasnetes.httpProbe }}"
|
|
- name: set_nonroot_user
|
|
value: "{{ .Values.faasnetes.setNonRootUser }}"
|
|
- name: readiness_probe_initial_delay_seconds
|
|
value: "{{ .Values.faasnetes.readinessProbe.initialDelaySeconds }}"
|
|
- name: readiness_probe_timeout_seconds
|
|
value: "{{ .Values.faasnetes.readinessProbe.timeoutSeconds }}"
|
|
- name: readiness_probe_period_seconds
|
|
value: "{{ .Values.faasnetes.readinessProbe.periodSeconds }}"
|
|
- name: liveness_probe_initial_delay_seconds
|
|
value: "{{ .Values.faasnetes.livenessProbe.initialDelaySeconds }}"
|
|
- name: liveness_probe_timeout_seconds
|
|
value: "{{ .Values.faasnetes.livenessProbe.timeoutSeconds }}"
|
|
- name: liveness_probe_period_seconds
|
|
value: "{{ .Values.faasnetes.livenessProbe.periodSeconds }}"
|
|
- name: cluster_role
|
|
value: "{{ .Values.clusterRole }}"
|
|
volumeMounts:
|
|
- mountPath: /tmp
|
|
name: faas-netes-temp-volume
|
|
ports:
|
|
- containerPort: 8081
|
|
protocol: TCP
|
|
{{- end }}
|
|
{{- with .Values.nodeSelector }}
|
|
nodeSelector:
|
|
{{ toYaml . | indent 8 }}
|
|
{{- end }}
|
|
{{- with .Values.affinity }}
|
|
affinity:
|
|
{{ toYaml . | indent 8 }}
|
|
{{- end }}
|
|
{{- with .Values.tolerations }}
|
|
tolerations:
|
|
{{ toYaml . | indent 8 }}
|
|
{{- end }}
|