diff options
Diffstat (limited to 'kubernetes/multicloud/components/multicloud-k8s/templates/deployment.yaml')
| -rw-r--r-- | kubernetes/multicloud/components/multicloud-k8s/templates/deployment.yaml | 41 |
1 files changed, 37 insertions, 4 deletions
diff --git a/kubernetes/multicloud/components/multicloud-k8s/templates/deployment.yaml b/kubernetes/multicloud/components/multicloud-k8s/templates/deployment.yaml index 9881a13615..6ed5dee8ee 100644 --- a/kubernetes/multicloud/components/multicloud-k8s/templates/deployment.yaml +++ b/kubernetes/multicloud/components/multicloud-k8s/templates/deployment.yaml @@ -1,5 +1,6 @@ {{/* # Copyright 2019 Intel Corporation, Inc +# Modifications Copyright © 2024 Deutsche Telekom # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -23,6 +24,7 @@ spec: template: metadata: {{- include "common.templateMetadata" . | nindent 6 }} spec: + {{ include "common.podSecurityContext" . | indent 6 | trim }} containers: - image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} @@ -30,6 +32,7 @@ spec: command: ["/opt/multicloud/k8splugin/k8plugin"] workingDir: /opt/multicloud/k8splugin ports: {{ include "common.containerPorts" . | nindent 10 }} + {{ include "common.containerSecurityContext" . | indent 10 | trim }} {{- if eq .Values.liveness.enabled true }} livenessProbe: tcpSocket: @@ -43,9 +46,11 @@ spec: initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} volumeMounts: - - mountPath: /opt/multicloud/k8splugin/k8sconfig.json - name: {{ include "common.name" .}} - subPath: k8sconfig.json + - mountPath: /tmp + name: tmp-dir-k8s + - mountPath: /opt/multicloud/k8splugin/k8sconfig.json + name: {{ include "common.name" .}} + subPath: k8sconfig.json resources: {{ include "common.resources" . | nindent 10 }} {{- if .Values.nodeSelector }} nodeSelector: @@ -60,10 +65,28 @@ spec: name: framework-artifactbroker command: ["/opt/app/distribution/bin/artifact-dist.sh"] args: ["/opt/app/distribution/etc/mounted/config.json"] + {{ include "common.containerSecurityContext" . | indent 10 | trim }} + resources: {{ include "common.resources" . | nindent 10 }} ports: - containerPort: {{ .Values.artifactbroker.internalPort }} protocol: TCP + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.artifactbroker.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.artifactbroker.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} volumeMounts: + - mountPath: /tmp + name: tmp-dir-broker + - mountPath: "{{ .Values.log.path }}" + name: framework-log - mountPath: /opt/app/distribution/etc/mounted/config.json name: {{ include "common.name" .}} subPath: config.json @@ -77,9 +100,19 @@ spec: key: sasl.jaas.config serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: + - name: tmp-dir-k8s + emptyDir: + sizeLimit: {{ .Values.volumes.tmpK8SSizeLimit }} + - name: tmp-dir-broker + emptyDir: + sizeLimit: {{ .Values.volumes.tmpBrokerSizeLimit }} + - name: framework-log + emptyDir: + sizeLimit: {{ .Values.volumes.logSizeLimit }} - name : {{ include "common.name" . }} configMap: name: {{ include "common.fullname" . }} - name: artifact-data - emptyDir: {} + emptyDir: + sizeLimit: {{ .Values.volumes.artifactDataSizeLimit }} {{- include "common.imagePullSecrets" . | nindent 6 }} |