954e338d17
This patch adds mairadb controller that is responsible to mark one ready pod as mariadb_role: primary to forward all traffic to it. This will allow to drop nginx ingress controller which adds extra hops between client and server and uses heavy customized nginx templates. Change-Id: I3b29bc2029bfd39754516e73a09e4e14c52ccc99
120 lines
4.5 KiB
YAML
120 lines
4.5 KiB
YAML
{{/*
|
|
Licensed under the Apache License, Version 2.0 (the "License");
|
|
you may not use this file except in compliance with the License.
|
|
You may obtain a copy of the License at
|
|
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
Unless required by applicable law or agreed to in writing, software
|
|
distributed under the License is distributed on an "AS IS" BASIS,
|
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
See the License for the specific language governing permissions and
|
|
limitations under the License.
|
|
*/}}
|
|
|
|
{{- if .Values.manifests.deployment_controller }}
|
|
{{- if .Values.manifests.deployment_ingress }}
|
|
{{- fail ".Values.manifests.deployment_ingress and .Values.manifests.deployment_controlle are mutually exclusive" }}
|
|
{{- end }}
|
|
{{- $envAll := . }}
|
|
|
|
{{- $serviceAccountName := "mariadb-controller" }}
|
|
{{ tuple $envAll "controller" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: Role
|
|
metadata:
|
|
name: {{ $envAll.Release.Name }}-{{ $serviceAccountName }}-pod
|
|
namespace: {{ $envAll.Release.Namespace }}
|
|
rules:
|
|
- apiGroups:
|
|
- ""
|
|
resources:
|
|
- pods
|
|
verbs:
|
|
- get
|
|
- list
|
|
- apiGroups:
|
|
- ""
|
|
resources:
|
|
- services
|
|
verbs:
|
|
- update
|
|
- patch
|
|
- get
|
|
- list
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: RoleBinding
|
|
metadata:
|
|
name: {{ $envAll.Release.Name }}-{{ $serviceAccountName }}-pod
|
|
namespace: {{ $envAll.Release.Namespace }}
|
|
roleRef:
|
|
apiGroup: rbac.authorization.k8s.io
|
|
kind: Role
|
|
name: {{ $envAll.Release.Name }}-{{ $serviceAccountName }}-pod
|
|
subjects:
|
|
- kind: ServiceAccount
|
|
name: {{ $serviceAccountName }}
|
|
namespace: {{ $envAll.Release.Namespace }}
|
|
---
|
|
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: mariadb-controller
|
|
annotations:
|
|
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
|
|
labels:
|
|
{{ tuple $envAll "mariadb" "controller" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
|
|
spec:
|
|
replicas: {{ .Values.pod.replicas.controller }}
|
|
selector:
|
|
matchLabels:
|
|
{{ tuple $envAll "mariadb" "controller" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }}
|
|
{{ tuple $envAll | include "helm-toolkit.snippets.kubernetes_upgrades_deployment" | indent 2 }}
|
|
template:
|
|
metadata:
|
|
labels:
|
|
{{ tuple $envAll "mariadb" "controller" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
|
|
annotations:
|
|
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }}
|
|
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
|
|
spec:
|
|
serviceAccountName: {{ $serviceAccountName }}
|
|
{{ dict "envAll" $envAll "application" "controller" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
|
|
affinity:
|
|
{{ tuple $envAll "mariadb" "controller" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
|
|
nodeSelector:
|
|
{{ .Values.labels.controller.node_selector_key }}: {{ .Values.labels.controller.node_selector_value }}
|
|
initContainers:
|
|
{{ tuple $envAll "controller" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
|
|
containers:
|
|
- name: controller
|
|
{{ tuple $envAll "mariadb_controller" | include "helm-toolkit.snippets.image" | indent 10 }}
|
|
{{ dict "envAll" $envAll "application" "controller" "container" "controller" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
|
|
{{ tuple $envAll $envAll.Values.pod.resources.controller | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
|
command:
|
|
- /tmp/mariadb_controller.py
|
|
env:
|
|
{{ include "helm-toolkit.utils.to_k8s_env_vars" .Values.pod.env.mariadb_controller | indent 12 }}
|
|
- name: MARIADB_CONTROLLER_PODS_NAMESPACE
|
|
value: {{ $envAll.Release.Namespace }}
|
|
- name: MARIADB_MASTER_SERVICE_NAME
|
|
value: {{ tuple "oslo_db" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
|
|
volumeMounts:
|
|
- name: pod-tmp
|
|
mountPath: /tmp
|
|
- mountPath: /tmp/mariadb_controller.py
|
|
name: mariadb-bin
|
|
readOnly: true
|
|
subPath: mariadb_controller.py
|
|
volumes:
|
|
- name: pod-tmp
|
|
emptyDir: {}
|
|
- name: mariadb-bin
|
|
configMap:
|
|
name: mariadb-bin
|
|
defaultMode: 365
|
|
{{- end }}
|