2020-03-02 14:49:26 +00:00
|
|
|
{{- if or (eq .Values.controller.kind "Deployment") (eq .Values.controller.kind "Both") -}}
|
2020-03-15 15:37:59 +00:00
|
|
|
{{- include "isControllerTagValid" . -}}
|
2020-04-06 23:01:52 +00:00
|
|
|
apiVersion: apps/v1
|
2020-02-24 19:25:57 +00:00
|
|
|
kind: Deployment
|
|
|
|
|
metadata:
|
|
|
|
|
labels:
|
2020-02-28 14:53:24 +00:00
|
|
|
{{- include "ingress-nginx.labels" . | nindent 4 }}
|
2020-03-04 02:53:23 +00:00
|
|
|
app.kubernetes.io/component: controller
|
2020-08-31 20:14:44 +00:00
|
|
|
{{- with .Values.controller.labels }}
|
|
|
|
|
{{- toYaml . | nindent 4 }}
|
|
|
|
|
{{- end }}
|
2020-03-04 02:53:23 +00:00
|
|
|
name: {{ include "ingress-nginx.controller.fullname" . }}
|
2021-06-21 11:56:51 +00:00
|
|
|
namespace: {{ .Release.Namespace }}
|
2020-04-06 23:01:52 +00:00
|
|
|
{{- if .Values.controller.annotations }}
|
|
|
|
|
annotations: {{ toYaml .Values.controller.annotations | nindent 4 }}
|
|
|
|
|
{{- end }}
|
2020-02-24 19:25:57 +00:00
|
|
|
spec:
|
|
|
|
|
selector:
|
|
|
|
|
matchLabels:
|
2020-02-28 14:53:24 +00:00
|
|
|
{{- include "ingress-nginx.selectorLabels" . | nindent 6 }}
|
2020-03-04 02:53:23 +00:00
|
|
|
app.kubernetes.io/component: controller
|
2020-04-06 23:01:52 +00:00
|
|
|
{{- if not .Values.controller.autoscaling.enabled }}
|
2020-02-24 19:25:57 +00:00
|
|
|
replicas: {{ .Values.controller.replicaCount }}
|
2020-04-06 23:01:52 +00:00
|
|
|
{{- end }}
|
2020-02-24 19:25:57 +00:00
|
|
|
revisionHistoryLimit: {{ .Values.revisionHistoryLimit }}
|
2020-04-06 23:01:52 +00:00
|
|
|
{{- if .Values.controller.updateStrategy }}
|
2020-04-07 17:05:45 +00:00
|
|
|
strategy:
|
|
|
|
|
{{ toYaml .Values.controller.updateStrategy | nindent 4 }}
|
2020-04-06 23:01:52 +00:00
|
|
|
{{- end }}
|
2020-02-24 19:25:57 +00:00
|
|
|
minReadySeconds: {{ .Values.controller.minReadySeconds }}
|
|
|
|
|
template:
|
|
|
|
|
metadata:
|
2020-03-02 14:49:26 +00:00
|
|
|
{{- if .Values.controller.podAnnotations }}
|
2021-04-13 11:48:34 +00:00
|
|
|
annotations:
|
2020-10-11 10:14:36 +00:00
|
|
|
{{- range $key, $value := .Values.controller.podAnnotations }}
|
|
|
|
|
{{ $key }}: {{ $value | quote }}
|
|
|
|
|
{{- end }}
|
2020-03-02 14:49:26 +00:00
|
|
|
{{- end }}
|
2020-02-24 19:25:57 +00:00
|
|
|
labels:
|
2020-02-28 14:53:24 +00:00
|
|
|
{{- include "ingress-nginx.selectorLabels" . | nindent 8 }}
|
2020-03-04 02:53:23 +00:00
|
|
|
app.kubernetes.io/component: controller
|
2020-03-02 14:49:26 +00:00
|
|
|
{{- if .Values.controller.podLabels }}
|
|
|
|
|
{{- toYaml .Values.controller.podLabels | nindent 8 }}
|
|
|
|
|
{{- end }}
|
2020-02-24 19:25:57 +00:00
|
|
|
spec:
|
2020-03-02 14:49:26 +00:00
|
|
|
{{- if .Values.controller.dnsConfig }}
|
|
|
|
|
dnsConfig: {{ toYaml .Values.controller.dnsConfig | nindent 8 }}
|
|
|
|
|
{{- end }}
|
2020-02-24 19:25:57 +00:00
|
|
|
dnsPolicy: {{ .Values.controller.dnsPolicy }}
|
2020-03-02 14:49:26 +00:00
|
|
|
{{- if .Values.imagePullSecrets }}
|
|
|
|
|
imagePullSecrets: {{ toYaml .Values.imagePullSecrets | nindent 8 }}
|
|
|
|
|
{{- end }}
|
|
|
|
|
{{- if .Values.controller.priorityClassName }}
|
|
|
|
|
priorityClassName: {{ .Values.controller.priorityClassName }}
|
|
|
|
|
{{- end }}
|
2020-06-12 07:45:55 +00:00
|
|
|
{{- if or .Values.controller.podSecurityContext .Values.controller.sysctls }}
|
|
|
|
|
securityContext:
|
|
|
|
|
{{- end }}
|
2020-03-02 14:49:26 +00:00
|
|
|
{{- if .Values.controller.podSecurityContext }}
|
2020-06-12 07:45:55 +00:00
|
|
|
{{- toYaml .Values.controller.podSecurityContext | nindent 8 }}
|
|
|
|
|
{{- end }}
|
|
|
|
|
{{- if .Values.controller.sysctls }}
|
|
|
|
|
sysctls:
|
|
|
|
|
{{- range $sysctl, $value := .Values.controller.sysctls }}
|
2020-07-01 14:02:26 +00:00
|
|
|
- name: {{ $sysctl | quote }}
|
|
|
|
|
value: {{ $value | quote }}
|
2020-06-12 07:45:55 +00:00
|
|
|
{{- end }}
|
2020-03-02 14:49:26 +00:00
|
|
|
{{- end }}
|
2020-02-24 19:25:57 +00:00
|
|
|
containers:
|
2021-04-13 11:48:34 +00:00
|
|
|
- name: {{ .Values.controller.containerName }}
|
2020-05-20 15:34:18 +00:00
|
|
|
{{- with .Values.controller.image }}
|
2021-05-23 16:07:38 +00:00
|
|
|
image: "{{- if .repository -}}{{ .repository }}{{ else }}{{ .registry }}/{{ .image }}{{- end -}}:{{ .tag }}{{- if (.digest) -}} @{{.digest}} {{- end -}}"
|
2020-05-20 15:34:18 +00:00
|
|
|
{{- end }}
|
2020-03-02 14:49:26 +00:00
|
|
|
imagePullPolicy: {{ .Values.controller.image.pullPolicy }}
|
|
|
|
|
{{- if .Values.controller.lifecycle }}
|
|
|
|
|
lifecycle: {{ toYaml .Values.controller.lifecycle | nindent 12 }}
|
|
|
|
|
{{- end }}
|
2020-02-24 19:25:57 +00:00
|
|
|
args:
|
|
|
|
|
- /nginx-ingress-controller
|
|
|
|
|
{{- if .Values.defaultBackend.enabled }}
|
2020-07-29 09:08:51 +00:00
|
|
|
- --default-backend-service=$(POD_NAMESPACE)/{{ include "ingress-nginx.defaultBackend.fullname" . }}
|
2020-02-24 19:25:57 +00:00
|
|
|
{{- end }}
|
2020-03-13 12:50:33 +00:00
|
|
|
{{- if .Values.controller.publishService.enabled }}
|
2020-02-28 14:53:24 +00:00
|
|
|
- --publish-service={{ template "ingress-nginx.controller.publishServicePath" . }}
|
2020-02-24 19:25:57 +00:00
|
|
|
{{- end }}
|
|
|
|
|
- --election-id={{ .Values.controller.electionID }}
|
|
|
|
|
- --ingress-class={{ .Values.controller.ingressClass }}
|
2020-07-29 09:08:51 +00:00
|
|
|
- --configmap=$(POD_NAMESPACE)/{{ include "ingress-nginx.controller.fullname" . }}
|
2020-02-24 19:25:57 +00:00
|
|
|
{{- if .Values.tcp }}
|
2020-07-29 09:08:51 +00:00
|
|
|
- --tcp-services-configmap=$(POD_NAMESPACE)/{{ include "ingress-nginx.fullname" . }}-tcp
|
2020-02-24 19:25:57 +00:00
|
|
|
{{- end }}
|
|
|
|
|
{{- if .Values.udp }}
|
2020-07-29 09:08:51 +00:00
|
|
|
- --udp-services-configmap=$(POD_NAMESPACE)/{{ include "ingress-nginx.fullname" . }}-udp
|
2020-02-24 19:25:57 +00:00
|
|
|
{{- end }}
|
|
|
|
|
{{- if .Values.controller.scope.enabled }}
|
2020-07-29 09:08:51 +00:00
|
|
|
- --watch-namespace={{ default "$(POD_NAMESPACE)" .Values.controller.scope.namespace }}
|
2020-02-24 19:25:57 +00:00
|
|
|
{{- end }}
|
2020-03-02 14:49:26 +00:00
|
|
|
{{- if and .Values.controller.reportNodeInternalIp .Values.controller.hostNetwork }}
|
2020-02-24 19:25:57 +00:00
|
|
|
- --report-node-internal-ip-address={{ .Values.controller.reportNodeInternalIp }}
|
|
|
|
|
{{- end }}
|
|
|
|
|
{{- if .Values.controller.admissionWebhooks.enabled }}
|
|
|
|
|
- --validating-webhook=:{{ .Values.controller.admissionWebhooks.port }}
|
2020-10-01 21:07:42 +00:00
|
|
|
- --validating-webhook-certificate={{ .Values.controller.admissionWebhooks.certificate }}
|
|
|
|
|
- --validating-webhook-key={{ .Values.controller.admissionWebhooks.key }}
|
2020-02-24 19:25:57 +00:00
|
|
|
{{- end }}
|
|
|
|
|
{{- if .Values.controller.maxmindLicenseKey }}
|
|
|
|
|
- --maxmind-license-key={{ .Values.controller.maxmindLicenseKey }}
|
|
|
|
|
{{- end }}
|
2020-03-15 14:54:58 +00:00
|
|
|
{{- if not (eq .Values.controller.healthCheckPath "/healthz") }}
|
|
|
|
|
- --health-check-path={{ .Values.controller.healthCheckPath }}
|
|
|
|
|
{{- end }}
|
2020-02-24 19:25:57 +00:00
|
|
|
{{- range $key, $value := .Values.controller.extraArgs }}
|
2020-09-21 16:03:49 +00:00
|
|
|
{{- /* Accept keys without values or with false as value */}}
|
|
|
|
|
{{- if eq ($value | quote | len) 2 }}
|
2020-02-24 19:25:57 +00:00
|
|
|
- --{{ $key }}
|
2020-09-21 16:03:49 +00:00
|
|
|
{{- else }}
|
|
|
|
|
- --{{ $key }}={{ $value }}
|
2020-02-24 19:25:57 +00:00
|
|
|
{{- end }}
|
|
|
|
|
{{- end }}
|
|
|
|
|
securityContext:
|
|
|
|
|
capabilities:
|
|
|
|
|
drop:
|
|
|
|
|
- ALL
|
|
|
|
|
add:
|
|
|
|
|
- NET_BIND_SERVICE
|
|
|
|
|
runAsUser: {{ .Values.controller.image.runAsUser }}
|
|
|
|
|
allowPrivilegeEscalation: {{ .Values.controller.image.allowPrivilegeEscalation }}
|
|
|
|
|
env:
|
|
|
|
|
- name: POD_NAME
|
|
|
|
|
valueFrom:
|
|
|
|
|
fieldRef:
|
|
|
|
|
fieldPath: metadata.name
|
|
|
|
|
- name: POD_NAMESPACE
|
|
|
|
|
valueFrom:
|
|
|
|
|
fieldRef:
|
|
|
|
|
fieldPath: metadata.namespace
|
2020-04-06 16:34:19 +00:00
|
|
|
{{- if .Values.controller.enableMimalloc }}
|
|
|
|
|
- name: LD_PRELOAD
|
|
|
|
|
value: /usr/local/lib/libmimalloc.so
|
|
|
|
|
{{- end }}
|
2020-02-24 19:25:57 +00:00
|
|
|
{{- if .Values.controller.extraEnvs }}
|
2020-03-02 14:49:26 +00:00
|
|
|
{{- toYaml .Values.controller.extraEnvs | nindent 12 }}
|
2021-05-18 13:37:31 +00:00
|
|
|
{{- end }}
|
|
|
|
|
{{- if .Values.controller.startupProbe }}
|
|
|
|
|
startupProbe: {{ toYaml .Values.controller.startupProbe | nindent 12 }}
|
2020-02-24 19:25:57 +00:00
|
|
|
{{- end }}
|
2021-05-18 13:37:31 +00:00
|
|
|
livenessProbe: {{ toYaml .Values.controller.livenessProbe | nindent 12 }}
|
|
|
|
|
readinessProbe: {{ toYaml .Values.controller.readinessProbe | nindent 12 }}
|
2020-02-24 19:25:57 +00:00
|
|
|
ports:
|
|
|
|
|
{{- range $key, $value := .Values.controller.containerPort }}
|
|
|
|
|
- name: {{ $key }}
|
|
|
|
|
containerPort: {{ $value }}
|
|
|
|
|
protocol: TCP
|
2020-04-06 23:01:52 +00:00
|
|
|
{{- if $.Values.controller.hostPort.enabled }}
|
|
|
|
|
hostPort: {{ index $.Values.controller.hostPort.ports $key | default $value }}
|
2020-03-14 21:24:46 +00:00
|
|
|
{{- end }}
|
2020-02-24 19:25:57 +00:00
|
|
|
{{- end }}
|
|
|
|
|
{{- if .Values.controller.metrics.enabled }}
|
|
|
|
|
- name: metrics
|
|
|
|
|
containerPort: {{ .Values.controller.metrics.port }}
|
|
|
|
|
protocol: TCP
|
|
|
|
|
{{- end }}
|
|
|
|
|
{{- if .Values.controller.admissionWebhooks.enabled }}
|
|
|
|
|
- name: webhook
|
|
|
|
|
containerPort: {{ .Values.controller.admissionWebhooks.port }}
|
|
|
|
|
protocol: TCP
|
|
|
|
|
{{- end }}
|
|
|
|
|
{{- range $key, $value := .Values.tcp }}
|
2020-03-02 14:49:26 +00:00
|
|
|
- name: {{ $key }}-tcp
|
2020-02-24 19:25:57 +00:00
|
|
|
containerPort: {{ $key }}
|
|
|
|
|
protocol: TCP
|
2020-04-06 23:01:52 +00:00
|
|
|
{{- if $.Values.controller.hostPort.enabled }}
|
|
|
|
|
hostPort: {{ $key }}
|
|
|
|
|
{{- end }}
|
2020-02-24 19:25:57 +00:00
|
|
|
{{- end }}
|
|
|
|
|
{{- range $key, $value := .Values.udp }}
|
2020-03-02 14:49:26 +00:00
|
|
|
- name: {{ $key }}-udp
|
2020-02-24 19:25:57 +00:00
|
|
|
containerPort: {{ $key }}
|
|
|
|
|
protocol: UDP
|
2020-04-06 23:01:52 +00:00
|
|
|
{{- if $.Values.controller.hostPort.enabled }}
|
|
|
|
|
hostPort: {{ $key }}
|
|
|
|
|
{{- end }}
|
2020-02-24 19:25:57 +00:00
|
|
|
{{- end }}
|
2020-03-02 14:49:26 +00:00
|
|
|
{{- if (or .Values.controller.customTemplate.configMapName .Values.controller.extraVolumeMounts .Values.controller.admissionWebhooks.enabled) }}
|
2020-02-24 19:25:57 +00:00
|
|
|
volumeMounts:
|
2020-03-02 14:49:26 +00:00
|
|
|
{{- if .Values.controller.customTemplate.configMapName }}
|
2020-02-24 19:25:57 +00:00
|
|
|
- mountPath: /etc/nginx/template
|
|
|
|
|
name: nginx-template-volume
|
|
|
|
|
readOnly: true
|
2020-03-02 14:49:26 +00:00
|
|
|
{{- end }}
|
|
|
|
|
{{- if .Values.controller.admissionWebhooks.enabled }}
|
2020-02-24 19:25:57 +00:00
|
|
|
- name: webhook-cert
|
2020-03-02 14:49:26 +00:00
|
|
|
mountPath: /usr/local/certificates/
|
2020-02-24 19:25:57 +00:00
|
|
|
readOnly: true
|
2020-03-02 14:49:26 +00:00
|
|
|
{{- end }}
|
|
|
|
|
{{- if .Values.controller.extraVolumeMounts }}
|
|
|
|
|
{{- toYaml .Values.controller.extraVolumeMounts | nindent 12 }}
|
|
|
|
|
{{- end }}
|
|
|
|
|
{{- end }}
|
|
|
|
|
{{- if .Values.controller.resources }}
|
|
|
|
|
resources: {{ toYaml .Values.controller.resources | nindent 12 }}
|
|
|
|
|
{{- end }}
|
|
|
|
|
{{- if .Values.controller.extraContainers }}
|
|
|
|
|
{{ toYaml .Values.controller.extraContainers | nindent 8 }}
|
|
|
|
|
{{- end }}
|
|
|
|
|
{{- if .Values.controller.extraInitContainers }}
|
|
|
|
|
initContainers: {{ toYaml .Values.controller.extraInitContainers | nindent 8 }}
|
|
|
|
|
{{- end }}
|
|
|
|
|
{{- if .Values.controller.hostNetwork }}
|
2020-02-24 19:25:57 +00:00
|
|
|
hostNetwork: {{ .Values.controller.hostNetwork }}
|
2020-03-02 14:49:26 +00:00
|
|
|
{{- end }}
|
2020-02-24 19:25:57 +00:00
|
|
|
{{- if .Values.controller.nodeSelector }}
|
2020-03-02 14:49:26 +00:00
|
|
|
nodeSelector: {{ toYaml .Values.controller.nodeSelector | nindent 8 }}
|
2020-02-24 19:25:57 +00:00
|
|
|
{{- end }}
|
|
|
|
|
{{- if .Values.controller.tolerations }}
|
2020-03-02 14:49:26 +00:00
|
|
|
tolerations: {{ toYaml .Values.controller.tolerations | nindent 8 }}
|
2020-02-24 19:25:57 +00:00
|
|
|
{{- end }}
|
|
|
|
|
{{- if .Values.controller.affinity }}
|
2020-03-02 14:49:26 +00:00
|
|
|
affinity: {{ toYaml .Values.controller.affinity | nindent 8 }}
|
2020-09-11 06:55:34 +00:00
|
|
|
{{- end }}
|
|
|
|
|
{{- if .Values.controller.topologySpreadConstraints }}
|
|
|
|
|
topologySpreadConstraints: {{ toYaml .Values.controller.topologySpreadConstraints | nindent 8 }}
|
2020-02-24 19:25:57 +00:00
|
|
|
{{- end }}
|
2020-02-28 14:53:24 +00:00
|
|
|
serviceAccountName: {{ template "ingress-nginx.serviceAccountName" . }}
|
2020-02-24 19:25:57 +00:00
|
|
|
terminationGracePeriodSeconds: {{ .Values.controller.terminationGracePeriodSeconds }}
|
2020-03-02 14:49:26 +00:00
|
|
|
{{- if (or .Values.controller.customTemplate.configMapName .Values.controller.extraVolumeMounts .Values.controller.admissionWebhooks.enabled .Values.controller.extraVolumes) }}
|
2020-02-24 19:25:57 +00:00
|
|
|
volumes:
|
2020-03-02 14:49:26 +00:00
|
|
|
{{- if .Values.controller.customTemplate.configMapName }}
|
2020-02-24 19:25:57 +00:00
|
|
|
- name: nginx-template-volume
|
|
|
|
|
configMap:
|
|
|
|
|
name: {{ .Values.controller.customTemplate.configMapName }}
|
|
|
|
|
items:
|
|
|
|
|
- key: {{ .Values.controller.customTemplate.configMapKey }}
|
|
|
|
|
path: nginx.tmpl
|
2020-03-02 14:49:26 +00:00
|
|
|
{{- end }}
|
|
|
|
|
{{- if .Values.controller.admissionWebhooks.enabled }}
|
2020-02-24 19:25:57 +00:00
|
|
|
- name: webhook-cert
|
|
|
|
|
secret:
|
2020-03-04 02:53:23 +00:00
|
|
|
secretName: {{ include "ingress-nginx.fullname" . }}-admission
|
2020-03-02 14:49:26 +00:00
|
|
|
{{- end }}
|
|
|
|
|
{{- if .Values.controller.extraVolumes }}
|
|
|
|
|
{{ toYaml .Values.controller.extraVolumes | nindent 8 }}
|
|
|
|
|
{{- end }}
|
|
|
|
|
{{- end }}
|
2021-06-21 11:56:51 +00:00
|
|
|
{{- end }}
|
