{{- if $.Values.server.enabled }} {{- range $service := (list "frontend" "history" "matching" "worker") }} {{- $serviceValues := index $.Values.server $service -}} apiVersion: apps/v1 kind: Deployment metadata: name: {{ include "temporal.componentname" (list $ $service) }} labels: app.kubernetes.io/name: {{ include "temporal.name" $ }} helm.sh/chart: {{ include "temporal.chart" $ }} app.kubernetes.io/managed-by: {{ $.Release.Service }} app.kubernetes.io/instance: {{ $.Release.Name }} app.kubernetes.io/version: {{ $.Chart.AppVersion | replace "+" "_" }} app.kubernetes.io/component: {{ $service }} app.kubernetes.io/part-of: {{ $.Chart.Name }} spec: replicas: {{ default $.Values.server.replicaCount $serviceValues.replicaCount }} selector: matchLabels: app.kubernetes.io/name: {{ include "temporal.name" $ }} app.kubernetes.io/instance: {{ $.Release.Name }} app.kubernetes.io/component: {{ $service }} template: metadata: labels: app.kubernetes.io/name: {{ include "temporal.name" $ }} helm.sh/chart: {{ include "temporal.chart" $ }} app.kubernetes.io/managed-by: {{ $.Release.Service }} app.kubernetes.io/instance: {{ $.Release.Name }} app.kubernetes.io/version: {{ $.Chart.AppVersion | replace "+" "_" }} app.kubernetes.io/component: {{ $service }} app.kubernetes.io/part-of: {{ $.Chart.Name }} {{- with (default $.Values.server.podLabels $serviceValues.podLabels) }} {{- toYaml . | nindent 8 }} {{- end }} annotations: checksum/config: {{ include (print $.Template.BasePath "/server-configmap.yaml") $ | sha256sum }} {{- if (default $.Values.server.metrics.annotations.enabled $serviceValues.metrics.annotations.enabled) }} prometheus.io/job: {{ $.Chart.Name }}-{{ $service }} prometheus.io/scrape: 'true' prometheus.io/port: '9090' {{- end }} {{- with (default $.Values.server.podAnnotations $serviceValues.podAnnotations) }} {{- toYaml . | nindent 8 }} {{- end }} spec: {{ include "temporal.serviceAccount" $ }} {{- if or $.Values.cassandra.enabled (or $.Values.elasticsearch.enabled $.Values.elasticsearch.external)}} {{- if semverCompare ">=1.13.0" $.Chart.AppVersion}} {{- with $.Values.server.securityContext }} securityContext: {{- toYaml . | nindent 8 }} {{- end }} {{- end }} initContainers: {{- if $.Values.cassandra.enabled }} - name: check-cassandra-service image: busybox command: ['sh', '-c', 'until nslookup {{ include "cassandra.host" $ }}; do echo waiting for cassandra service; sleep 1; done;'] - name: check-cassandra image: "{{ $.Values.cassandra.image.repo }}:{{ $.Values.cassandra.image.tag }}" imagePullPolicy: {{ $.Values.cassandra.image.pullPolicy }} command: ['sh', '-c', 'until cqlsh {{ include "cassandra.host" $ }} {{ $.Values.cassandra.config.ports.cql }} -e "SHOW VERSION"; do echo waiting for cassandra to start; sleep 1; done;'] - name: check-cassandra-temporal-schema image: "{{ $.Values.cassandra.image.repo }}:{{ $.Values.cassandra.image.tag }}" imagePullPolicy: {{ $.Values.cassandra.image.pullPolicy }} command: ['sh', '-c', 'until cqlsh {{ include "cassandra.host" $ }} {{ $.Values.cassandra.config.ports.cql }} -e "SELECT keyspace_name FROM system_schema.keyspaces" | grep {{ $.Values.server.config.persistence.default.cassandra.keyspace }}$; do echo waiting for default keyspace to become ready; sleep 1; done;'] {{- end }} {{- if or $.Values.elasticsearch.enabled $.Values.elasticsearch.external }} - name: check-elasticsearch-index image: "{{ $.Values.admintools.image.repository }}:{{ $.Values.admintools.image.tag }}" imagePullPolicy: {{ $.Values.admintools.image.pullPolicy }} command: ['sh', '-c', 'until curl --silent --fail {{- if and $.Values.elasticsearch.username $.Values.elasticsearch.password }} --user {{ $.Values.elasticsearch.username }}:{{ $.Values.elasticsearch.password }} {{- end }} {{ $.Values.elasticsearch.scheme }}://{{ $.Values.elasticsearch.host }}:{{ $.Values.elasticsearch.port }}/{{ $.Values.elasticsearch.visibilityIndex }} 2>&1 > /dev/null; do echo waiting for elasticsearch index to become ready; sleep 1; done;'] {{- end }} {{- end }} containers: - name: {{ $.Chart.Name }}-{{ $service }} image: "{{ $.Values.server.image.repository }}:{{ $.Values.server.image.tag }}" imagePullPolicy: {{ $.Values.server.image.pullPolicy }} env: - name: POD_IP valueFrom: fieldRef: fieldPath: status.podIP - name: ENABLE_ES value: "{{ or $.Values.elasticsearch.enabled $.Values.elasticsearch.external }}" - name: ES_SEEDS value: "{{ $.Values.elasticsearch.host }}" - name: ES_PORT value: "{{ $.Values.elasticsearch.port }}" - name: ES_VERSION value: "{{ $.Values.elasticsearch.version }}" - name: ES_SCHEME value: "{{ $.Values.elasticsearch.scheme }}" - name: ES_VIS_INDEX value: "{{ $.Values.elasticsearch.visibilityIndex }}" - name: ES_USER value: "{{ $.Values.elasticsearch.username }}" - name: ES_PWD value: "{{ $.Values.elasticsearch.password }}" - name: TEMPORAL_BROADCAST_ADDRESS valueFrom: fieldRef: fieldPath: status.podIP - name: SERVICES value: {{ $service }} - name: TEMPORAL_STORE_PASSWORD valueFrom: secretKeyRef: name: {{ include "temporal.persistence.secretName" (list $ "default") }} key: {{ include "temporal.persistence.secretKey" (list $ "default") }} - name: TEMPORAL_VISIBILITY_STORE_PASSWORD valueFrom: secretKeyRef: name: {{ include "temporal.persistence.secretName" (list $ "visibility") }} key: {{ include "temporal.persistence.secretKey" (list $ "visibility") }} {{- if $.Values.server.versionCheckDisabled }} - name: TEMPORAL_VERSION_CHECK_DISABLED value: "1" {{- end }} {{- if or $.Values.server.additionalEnv $serviceValues.additionalEnv }} {{- toYaml (default $.Values.server.additionalEnv $serviceValues.additionalEnv) | nindent 12 }} {{- end }} ports: - name: rpc containerPort: {{ include (printf "temporal.%s.grpcPort" $service) $ }} protocol: TCP - name: metrics containerPort: 9090 protocol: TCP - name: grpc-membership protocol: TCP containerPort: {{ include (printf "temporal.%s.membershipPort" $service) $ }} {{- if ne $service "worker"}} livenessProbe: initialDelaySeconds: 150 tcpSocket: port: rpc {{- end }} volumeMounts: - name: config mountPath: /etc/temporal/config/config_template.yaml subPath: config_template.yaml - name: dynamic-config mountPath: /etc/temporal/dynamic_config {{- if $.Values.server.additionalVolumeMounts }} {{- toYaml $.Values.server.additionalVolumeMounts | nindent 12}} {{- end }} resources: {{- toYaml (default $.Values.server.resources $serviceValues.resources) | nindent 12 }} {{- with $serviceValues.containerSecurityContext }} securityContext: {{- toYaml . | nindent 12 }} {{- end }} {{- if $.Values.server.sidecarContainers }} {{- toYaml $.Values.server.sidecarContainers | nindent 8 }} {{- end }} {{- with $.Values.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} volumes: - name: config configMap: name: "{{ include "temporal.componentname" (list $ $service) }}-config" - name: dynamic-config configMap: name: "{{ include "temporal.fullname" $ }}-dynamic-config" items: - key: dynamic_config.yaml path: dynamic_config.yaml {{- if $.Values.server.additionalVolumes }} {{- toYaml $.Values.server.additionalVolumes | nindent 8}} {{- end }} {{- with (default $.Values.server.nodeSelector $serviceValues.nodeSelector) }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} {{- with (default $.Values.server.affinity $serviceValues.affinity) }} affinity: {{- toYaml . | nindent 8 }} {{- end }} {{- with (default $.Values.server.tolerations $serviceValues.tolerations) }} tolerations: {{- toYaml . | nindent 8 }} {{- end }} {{- with $serviceValues.topologySpreadConstraints }} topologySpreadConstraints: {{- toYaml . | nindent 8 }} {{- end }} --- {{- end }} {{- end }}