peridot/infrastructure/dev-helm/temporal/templates/server-deployment.yaml
2022-07-07 22:13:21 +02:00

176 lines
8.7 KiB
YAML

{{- if $.Values.server.enabled }}
{{- range $service := (list "frontend" "history" "matching" "worker") }}
{{- $serviceValues := index $.Values.server $service -}}
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "temporal.componentname" (list $ $service) }}
labels:
app.kubernetes.io/name: {{ include "temporal.name" $ }}
helm.sh/chart: {{ include "temporal.chart" $ }}
app.kubernetes.io/managed-by: {{ $.Release.Service }}
app.kubernetes.io/instance: {{ $.Release.Name }}
app.kubernetes.io/version: {{ $.Chart.AppVersion | replace "+" "_" }}
app.kubernetes.io/component: {{ $service }}
app.kubernetes.io/part-of: {{ $.Chart.Name }}
spec:
replicas: {{ default $.Values.server.replicaCount $serviceValues.replicaCount }}
selector:
matchLabels:
app.kubernetes.io/name: {{ include "temporal.name" $ }}
app.kubernetes.io/instance: {{ $.Release.Name }}
app.kubernetes.io/component: {{ $service }}
template:
metadata:
labels:
app.kubernetes.io/name: {{ include "temporal.name" $ }}
helm.sh/chart: {{ include "temporal.chart" $ }}
app.kubernetes.io/managed-by: {{ $.Release.Service }}
app.kubernetes.io/instance: {{ $.Release.Name }}
app.kubernetes.io/version: {{ $.Chart.AppVersion | replace "+" "_" }}
app.kubernetes.io/component: {{ $service }}
app.kubernetes.io/part-of: {{ $.Chart.Name }}
annotations:
checksum/config: {{ include (print $.Template.BasePath "/server-configmap.yaml") $ | sha256sum }}
{{- if (default $.Values.server.metrics.annotations.enabled $serviceValues.metrics.annotations.enabled) }}
prometheus.io/job: {{ $.Chart.Name }}-{{ $service }}
prometheus.io/scrape: 'true'
prometheus.io/port: '9090'
{{- end }}
{{- with (default $.Values.server.podAnnotations $serviceValues.podAnnotations) }}
{{- toYaml . | nindent 8 }}
{{- end }}
spec:
{{ include "temporal.serviceAccount" $ }}
{{- if or $.Values.cassandra.enabled (or $.Values.elasticsearch.enabled $.Values.elasticsearch.external)}}
{{- if semverCompare ">=1.13.0" $.Chart.AppVersion}}
securityContext:
fsGroup: 1000 #temporal group
runAsUser: 1000 #temporal user
{{- end }}
initContainers:
{{- if $.Values.cassandra.enabled }}
- name: check-cassandra-service
image: busybox
command: ['sh', '-c', 'until nslookup {{ include "cassandra.host" $ }}; do echo waiting for cassandra service; sleep 1; done;']
- name: check-cassandra
image: "{{ $.Values.cassandra.image.repo }}:{{ $.Values.cassandra.image.tag }}"
imagePullPolicy: {{ $.Values.cassandra.image.pullPolicy }}
command: ['sh', '-c', 'until cqlsh {{ include "cassandra.host" $ }} {{ $.Values.cassandra.config.ports.cql }} -e "SHOW VERSION"; do echo waiting for cassandra to start; sleep 1; done;']
- name: check-cassandra-temporal-schema
image: "{{ $.Values.cassandra.image.repo }}:{{ $.Values.cassandra.image.tag }}"
imagePullPolicy: {{ $.Values.cassandra.image.pullPolicy }}
command: ['sh', '-c', 'until cqlsh {{ include "cassandra.host" $ }} {{ $.Values.cassandra.config.ports.cql }} -e "SELECT keyspace_name FROM system_schema.keyspaces" | grep {{ $.Values.server.config.persistence.default.cassandra.keyspace }}$; do echo waiting for default keyspace to become ready; sleep 1; done;']
- name: check-cassandra-visibility-schema
image: "{{ $.Values.cassandra.image.repo }}:{{ $.Values.cassandra.image.tag }}"
imagePullPolicy: {{ $.Values.cassandra.image.pullPolicy }}
command: ['sh', '-c', 'until cqlsh {{ include "cassandra.host" $ }} {{ $.Values.cassandra.config.ports.cql }} -e "SELECT keyspace_name FROM system_schema.keyspaces" | grep {{ $.Values.server.config.persistence.visibility.cassandra.keyspace }}$; do echo waiting for visibility keyspace to become ready; sleep 1; done;']
{{- end }}
{{- if or $.Values.elasticsearch.enabled $.Values.elasticsearch.external }}
- name: check-elasticsearch-index
image: "{{ $.Values.admintools.image.repository }}:{{ $.Values.admintools.image.tag }}"
imagePullPolicy: {{ $.Values.admintools.image.pullPolicy }}
command: ['sh', '-c', 'until curl --silent --fail --user {{ $.Values.elasticsearch.username }}:{{ $.Values.elasticsearch.password }} {{ $.Values.elasticsearch.scheme }}://{{ $.Values.elasticsearch.host }}:{{ $.Values.elasticsearch.port }}/{{ $.Values.elasticsearch.visibilityIndex }} 2>&1 > /dev/null; do echo waiting for elasticsearch index to become ready; sleep 1; done;']
{{- end }}
{{- end }}
containers:
- name: {{ $.Chart.Name }}-{{ $service }}
image: "{{ $.Values.server.image.repository }}:{{ $.Values.server.image.tag }}"
imagePullPolicy: {{ $.Values.server.image.pullPolicy }}
env:
- name: POD_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
- name: ENABLE_ES
value: "{{ or $.Values.elasticsearch.enabled $.Values.elasticsearch.external }}"
- name: ES_SEEDS
value: "{{ $.Values.elasticsearch.host }}"
- name: ES_PORT
value: "{{ $.Values.elasticsearch.port }}"
- name: ES_VERSION
value: "{{ $.Values.elasticsearch.version }}"
- name: ES_SCHEME
value: "{{ $.Values.elasticsearch.scheme }}"
- name: ES_VIS_INDEX
value: "{{ $.Values.elasticsearch.visibilityIndex }}"
- name: ES_USER
value: "{{ $.Values.elasticsearch.username }}"
- name: ES_PWD
value: "{{ $.Values.elasticsearch.password }}"
- name: SERVICES
value: {{ $service }}
- name: TEMPORAL_STORE_PASSWORD
valueFrom:
secretKeyRef:
name: {{ include "temporal.persistence.secretName" (list $ "default") }}
key: {{ include "temporal.persistence.secretKey" (list $ "default") }}
- name: TEMPORAL_VISIBILITY_STORE_PASSWORD
valueFrom:
secretKeyRef:
name: {{ include "temporal.persistence.secretName" (list $ "visibility") }}
key: {{ include "temporal.persistence.secretKey" (list $ "visibility") }}
{{- if $.Values.server.versionCheckDisabled }}
- name: TEMPORAL_VERSION_CHECK_DISABLED
value: "1"
{{- end }}
ports:
- name: rpc
containerPort: {{ include (printf "temporal.%s.grpcPort" $service) $ }}
protocol: TCP
- name: metrics
containerPort: 9090
protocol: TCP
{{- if ne $service "worker"}}
livenessProbe:
initialDelaySeconds: 150
tcpSocket:
port: rpc
{{- end }}
volumeMounts:
- name: config
mountPath: /etc/temporal/config/config_template.yaml
subPath: config_template.yaml
- name: dynamic-config
mountPath: /etc/temporal/dynamic_config
{{- if $.Values.server.additionalVolumeMounts }}
{{- toYaml $.Values.server.additionalVolumeMounts | nindent 12}}
{{- end }}
resources:
{{- toYaml (default $.Values.server.resources $serviceValues.resources) | nindent 12 }}
{{- if $.Values.server.sidecarContainers }}
{{- toYaml $.Values.server.sidecarContainers | nindent 8 }}
{{- end }}
{{- with $.Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
volumes:
- name: config
configMap:
name: "{{ include "temporal.componentname" (list $ $service) }}-config"
- name: dynamic-config
configMap:
name: "{{ include "temporal.fullname" $ }}-dynamic-config"
items:
- key: dynamic_config.yaml
path: dynamic_config.yaml
{{- if $.Values.server.additionalVolumes }}
{{- toYaml $.Values.server.additionalVolumes | nindent 8}}
{{- end }}
{{- with (default $.Values.server.nodeSelector $serviceValues.nodeSelector) }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with (default $.Values.server.affinity $serviceValues.affinity) }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with (default $.Values.server.tolerations $serviceValues.tolerations) }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
---
{{- end }}
{{- end }}