diff --git a/templates/_helpers.tpl b/templates/_helpers.tpl index e86537a..edd42a5 100644 --- a/templates/_helpers.tpl +++ b/templates/_helpers.tpl @@ -212,12 +212,43 @@ storage might be desired by the user. Set's the affinity for pod placement when running in standalone and HA modes. */}} {{- define "vault.affinity" -}} - {{- if and (ne .mode "dev") (ne .Values.server.affinity "") }} + {{- if and (ne .mode "dev") .Values.server.affinity }} affinity: {{ tpl .Values.server.affinity . | nindent 8 | trim }} {{ end }} {{- end -}} +{{/* +Set's the toleration for pod placement when running in standalone and HA modes. +*/}} +{{- define "vault.tolerations" -}} + {{- if and (ne .mode "dev") .Values.server.tolerations }} + tolerations: + {{ tpl .Values.server.tolerations . | nindent 8 | trim }} + {{- end }} +{{- end -}} + +{{/* +Set's the node selector for pod placement when running in standalone and HA modes. +*/}} +{{- define "vault.nodeselector" -}} + {{- if and (ne .mode "dev") .Values.server.nodeSelector }} + nodeSelector: + {{ tpl .Values.server.nodeSelector . | indent 8 | trim }} + {{- end }} +{{- end -}} + + +{{/* +Set's extra pod annotations +*/}} +{{- define "vault.annotations" -}} + {{- if and (ne .mode "dev") .Values.server.annotations }} + annotations: + {{- tpl .Values.server.annotations . | nindent 8 }} + {{- end }} +{{- end -}} + {{/* Set's the container resources if the user has set any. */}} diff --git a/templates/server-statefulset.yaml b/templates/server-statefulset.yaml index 21066d9..160b0a1 100644 --- a/templates/server-statefulset.yaml +++ b/templates/server-statefulset.yaml @@ -29,8 +29,11 @@ spec: chart: {{ template "vault.chart" . }} release: {{ .Release.Name }} component: server + {{ template "vault.annotations" . }} spec: {{ template "vault.affinity" . }} + {{ template "vault.tolerations" . }} + {{ template "vault.nodeselector" . }} terminationGracePeriodSeconds: 10 serviceAccountName: {{ template "vault.fullname" . }} securityContext: diff --git a/test/unit/server-ha-statefulset.bats b/test/unit/server-ha-statefulset.bats index 163e306..49f4cf4 100755 --- a/test/unit/server-ha-statefulset.bats +++ b/test/unit/server-ha-statefulset.bats @@ -337,3 +337,45 @@ load _helpers yq -r '.spec.volumeClaimTemplates | length' | tee /dev/stderr) [ "${actual}" = "1" ] } + +@test "server/ha-StatefulSet: tolerations not set by default" { + cd `chart_dir` + local actual=$(helm template \ + -x templates/server-statefulset.yaml \ + --set 'server.ha.enabled=true' \ + . | tee /dev/stderr | + yq '.spec.template.spec | .tolerations? == null' | tee /dev/stderr) + [ "${actual}" = "true" ] +} + +@test "server/ha-StatefulSet: tolerations can be set" { + cd `chart_dir` + local actual=$(helm template \ + -x templates/server-statefulset.yaml \ + --set 'server.ha.enabled=true' \ + --set 'server.tolerations=foobar' \ + . | tee /dev/stderr | + yq '.spec.template.spec.tolerations == "foobar"' | tee /dev/stderr) + [ "${actual}" = "true" ] +} + +@test "server/ha-StatefulSet: nodeSelector is not set by default" { + cd `chart_dir` + local actual=$(helm template \ + -x templates/server-statefulset.yaml \ + --set 'server.ha.enabled=true' \ + . | tee /dev/stderr | + yq '.spec.template.spec.nodeSelector' | tee /dev/stderr) + [ "${actual}" = "null" ] +} + +@test "server/ha-StatefulSet: specified nodeSelector" { + cd `chart_dir` + local actual=$(helm template \ + -x templates/server-statefulset.yaml \ + --set 'server.ha.enabled=true' \ + --set 'server.nodeSelector=testing' \ + . | tee /dev/stderr | + yq -r '.spec.template.spec.nodeSelector' | tee /dev/stderr) + [ "${actual}" = "testing" ] +} diff --git a/test/unit/server-statefulset.bats b/test/unit/server-statefulset.bats index a2e9acd..3ee6105 100755 --- a/test/unit/server-statefulset.bats +++ b/test/unit/server-statefulset.bats @@ -472,3 +472,41 @@ load _helpers yq -r '.spec.volumeClaimTemplates | length' | tee /dev/stderr) [ "${actual}" = "0" ] } + +@test "server/standalone-StatefulSet: tolerations not set by default" { + cd `chart_dir` + local actual=$(helm template \ + -x templates/server-statefulset.yaml \ + . | tee /dev/stderr | + yq '.spec.template.spec | .tolerations? == null' | tee /dev/stderr) + [ "${actual}" = "true" ] +} + +@test "server/standalone-StatefulSet: tolerations can be set" { + cd `chart_dir` + local actual=$(helm template \ + -x templates/server-statefulset.yaml \ + --set 'server.tolerations=foobar' \ + . | tee /dev/stderr | + yq '.spec.template.spec.tolerations == "foobar"' | tee /dev/stderr) + [ "${actual}" = "true" ] +} + +@test "server/standalone-StatefulSet: nodeSelector is not set by default" { + cd `chart_dir` + local actual=$(helm template \ + -x templates/server-statefulset.yaml \ + . | tee /dev/stderr | + yq '.spec.template.spec.nodeSelector' | tee /dev/stderr) + [ "${actual}" = "null" ] +} + +@test "server/standalone-StatefulSet: specified nodeSelector" { + cd `chart_dir` + local actual=$(helm template \ + -x templates/server-statefulset.yaml \ + --set 'server.nodeSelector=testing' \ + . | tee /dev/stderr | + yq -r '.spec.template.spec.nodeSelector' | tee /dev/stderr) + [ "${actual}" = "testing" ] +} diff --git a/values.yaml b/values.yaml index ce934eb..bb9cf7a 100644 --- a/values.yaml +++ b/values.yaml @@ -48,6 +48,23 @@ server: release: "{{ .Release.Name }}" component: server topologyKey: kubernetes.io/hostname + + # Toleration Settings for server pods + # This should be a multi-line string matching the Toleration array + # in a PodSpec. + tolerations: {} + + # nodeSelector labels for server pod assignment, formatted as a muli-line string. + # ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector + # Example: + # nodeSelector: | + # beta.kubernetes.io/arch: amd64 + nodeSelector: {} + + # Extra annotations to attach to the server pods + # This should be a multi-line string mapping directly to the a map of + # the annotations to apply to the server pods + annotations: {} # Enables a headless service to be used by the Vault Statefulset service: