bea/infra-prod
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add mysql ha

Browse Source
This commit is contained in:
Beatrice Dellacà
2025-04-14 14:12:07 +02:00
parent 3e33b17c2c
commit 7f2240ff6a
30 changed files with 5821 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
deploy/mysql/mysql-operator/templates/NOTES.txt
+19
View File
@@ -0,0 +1,19 @@
You can create a new cluster by issuing:
cat <<EOF | kubectl apply -f-
apiVersion: mysql.presslabs.org/v1alpha1
kind: MysqlCluster
metadata:
name: my-cluster
spec:
replicas: 1
secretName: my-cluster-secret
---
apiVersion: v1
kind: Secret
metadata:
name: my-cluster-secret
type: Opaque
data:
ROOT_PASSWORD: $(echo -n "not-so-secure" | base64)
EOF
deploy/mysql/mysql-operator/templates/_helpers.tpl
+62
View File
@@ -0,0 +1,62 @@
{{/*
Expand the name of the chart.
*/}}
{{- define "mysql-operator.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "mysql-operator.fullname" -}}
{{- if .Values.fullnameOverride }}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- $name := default .Chart.Name .Values.nameOverride }}
{{- if contains $name .Release.Name }}
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- end }}
{{- end }}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "mysql-operator.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Common labels
*/}}
{{- define "mysql-operator.labels" -}}
helm.sh/chart: {{ include "mysql-operator.chart" . }}
{{ include "mysql-operator.selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end }}
{{/*
Selector labels
*/}}
{{- define "mysql-operator.selectorLabels" -}}
app.kubernetes.io/name: {{ include "mysql-operator.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}
{{/*
Create the name of the service account to use
*/}}
{{- define "mysql-operator.serviceAccountName" -}}
{{- if .Values.serviceAccount.create }}
{{- default (include "mysql-operator.fullname" .) .Values.serviceAccount.name }}
{{- else }}
{{- default "default" .Values.serviceAccount.name }}
{{- end }}
{{- end }}
deploy/mysql/mysql-operator/templates/_orchestrator-helpers.tpl
+35
View File
@@ -0,0 +1,35 @@
{{- define "orchestrator.name" -}}
{{- $name := include "mysql-operator.name" . | trunc 50 | trimSuffix "-" }}
{{- printf "%s-orchestrator" $name }}
{{- end }}
{{- define "orchestrator.fullname" -}}
{{- $fullname := include "mysql-operator.fullname" . | trunc 59 | trimSuffix "-" }}
{{- printf "%s-orc" $fullname }}
{{- end }}
{{- define "orchestrator.raftList" -}}
{{- $replicas := int .Values.replicaCount }}
{{- $fullname := include "mysql-operator.fullname" . }}
{{- $nodes := (dict) }}
{{- range $i := until $replicas }}
{{- $_ := set $nodes (printf "%d" $i) (printf "%s-%d-orc-svc" $fullname $i) }}
{{- end }}
{{- values $nodes | sortAlpha | join "," }}
{{- end }}
{{- define "orchestrator.secretName" -}}
{{- if .Values.orchestrator.secretName -}}
{{ .Values.orchestrator.secretName }}
{{- else -}}
{{ include "orchestrator.fullname" . }}
{{- end -}}
{{- end }}
{{- define "orchestrator.apiURL" -}}
{{- $port := "" }}
{{- if ne (printf "%d" .Values.orchestrator.service.port) "80" }}
{{- $port := printf ":$d" .Values.orchestrator.service.port }}
{{- end -}}
http://{{ template "mysql-operator.fullname" . }}.{{ .Release.Namespace }}{{ $port }}/api
{{- end }}
deploy/mysql/mysql-operator/templates/clusterrole.yaml
+142
View File
@@ -0,0 +1,142 @@
{{- if .Values.rbac.create }}
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: {{ include "mysql-operator.fullname" . }}
labels:
{{- include "mysql-operator.labels" . | nindent 4 }}
rules:
- apiGroups:
- apps
resources:
- statefulsets
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- batch
resources:
- jobs
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- ""
resources:
- configmaps
- events
- jobs
- persistentvolumeclaims
- pods
- secrets
- services
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- ""
resources:
- pods/status
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- mysql.presslabs.org
resources:
- mysqlbackups
- mysqlbackups/finalizers
- mysqlbackups/status
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- mysql.presslabs.org
resources:
- mysqlclusters
- mysqlclusters/finalizers
- mysqlclusters/status
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- mysql.presslabs.org
resources:
- mysqldatabases
- mysqldatabases/finalizers
- mysqldatabases/status
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- mysql.presslabs.org
resources:
- mysqlusers
- mysqlusers/status
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- policy
resources:
- poddisruptionbudgets
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
{{- end }}
deploy/mysql/mysql-operator/templates/clusterrolebinding.yaml
+16
View File
@@ -0,0 +1,16 @@
{{- if .Values.rbac.create -}}
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: {{ include "mysql-operator.fullname" . }}
labels:
{{- include "mysql-operator.labels" . | nindent 4 }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: {{ template "mysql-operator.fullname" . }}
subjects:
- name: {{ template "mysql-operator.serviceAccountName" . }}
namespace: {{ .Release.Namespace | quote }}
kind: ServiceAccount
{{- end -}}
deploy/mysql/mysql-operator/templates/clustersservicemonitor.yaml
+47
View File
@@ -0,0 +1,47 @@
# This is a ServicMonitor for the MySQL Clusters.
# To scrape the operator, we need https://github.com/bitpoke/mysql-operator/issues/151 first.
{{- if .Values.mysqlClustersGlobalServiceMonitor.enabled }}
{{- if .Capabilities.APIVersions.Has "monitoring.coreos.com/v1" }}
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
name: {{ template "mysql-operator.fullname" . }}-clusters
labels:
{{- include "mysql-operator.labels" . | nindent 4 }}
{{- if .Values.mysqlClustersGlobalServiceMonitor.additionalLabels }}
{{ toYaml .Values.mysqlClustersGlobalServiceMonitor.additionalLabels | indent 4 }}
{{- end }}
spec:
{{- with .Values.mysqlClustersGlobalServiceMonitor.namespaceSelector }}
namespaceSelector:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- with .Values.mysqlClustersGlobalServiceMonitor.selector }}
selector:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- with .Values.mysqlClustersGlobalServiceMonitor.jobLabel }}
jobLabel: {{ . | quote}}
{{- end }}
{{- with .Values.mysqlClustersGlobalServiceMonitor.targetLabels }}
targetLabels:
{{ toYaml . | trim | indent 4 -}}
{{- end }}
{{- with .Values.serviceMonitor.podTargetLabels }}
podTargetLabels:
{{ toYaml . | trim | indent 4 -}}
{{- end }}
endpoints:
- path: /metrics
port: {{ .Values.mysqlClustersGlobalServiceMonitor.servicePortName }}
{{- if .Values.mysqlClustersGlobalServiceMonitor.interval }}
interval: {{ .Values.mysqlClustersGlobalServiceMonitor.interval }}
{{- end }}
{{- if .Values.mysqlClustersGlobalServiceMonitor.scrapeTimeout }}
scrapeTimeout: {{ .Values.mysqlClustersGlobalServiceMonitor.scrapeTimeout }}
{{- end }}
{{- if .Values.mysqlClustersGlobalServiceMonitor.metricRelabelings }}
metricRelabelings: {{ toYaml .Values.mysqlClustersGlobalServiceMonitor.metricRelabelings | nindent 8 }}
{{- end }}
{{- end }}
{{- end }}
deploy/mysql/mysql-operator/templates/orchestrator-config.yaml
+29
View File
@@ -0,0 +1,29 @@
{{- $replicas := int .Values.replicaCount }}
{{- $raftNodes := include "orchestrator.raftList" . | splitList "," }}
{{- $conf := .Values.orchestrator.config }}
{{- $_ := set $conf "ListenAddress" ":3000" }}
{{- $_ := set $conf "MySQLTopologyCredentialsConfigFile" "/etc/orchestrator/orc-topology.cnf" }}
{{- $_ := set $conf "BackendDB" "sqlite" }}
{{- $_ := set $conf "SQLite3DataFile" "/var/lib/orchestrator/orc.db" }}
{{- $_ := set $conf "RaftEnabled" true }}
{{- $_ := set $conf "RaftDataDir" "/var/lib/orchestrator" }}
{{- $_ := set $conf "RaftAdvertise" "{{ .Env.HOSTNAME }}-orc-svc" }}
{{- $_ := set $conf "RaftBind" "{{ .Env.HOSTNAME }}"}}
{{- $_ := set $conf "HTTPAdvertise" "http://{{ .Env.HOSTNAME }}-orc-svc:80" }}
{{- if eq 1 $replicas -}}
{{- $_ := set $conf "RaftNodes" (list) }}
{{- else -}}
{{- $_ := set $conf "RaftNodes" $raftNodes }}
{{- end -}}
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ template "orchestrator.fullname" . }}
labels:
{{- include "mysql-operator.labels" . | nindent 4 }}
data:
orchestrator.conf.json: {{ toPrettyJson $conf | quote }}
orc-topology.cnf: |
[client]
user = {{ printf "{{ .Env.ORC_TOPOLOGY_USER }}" }}
password = {{ printf "{{ .Env.ORC_TOPOLOGY_PASSWORD }}" }}
deploy/mysql/mysql-operator/templates/orchestrator-ingress.yaml
+61
View File
@@ -0,0 +1,61 @@
{{- if .Values.orchestrator.ingress.enabled -}}
{{- $fullName := include "mysql-operator.fullname" . -}}
{{- $svcPort := .Values.orchestrator.service.port -}}
{{- if and .Values.orchestrator.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }}
{{- if not (hasKey .Values.orchestrator.ingress.annotations "kubernetes.io/ingress.class") }}
{{- $_ := set .Values.orchestrator.ingress.annotations "kubernetes.io/ingress.class" .Values.orchestrator.ingress.className}}
{{- end }}
{{- end }}
{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}}
apiVersion: networking.k8s.io/v1
{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
apiVersion: networking.k8s.io/v1beta1
{{- else -}}
apiVersion: extensions/v1beta1
{{- end }}
kind: Ingress
metadata:
name: {{ $fullName }}
labels:
{{- include "mysql-operator.labels" . | nindent 4 }}
{{- with .Values.orchestrator.ingress.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
{{- if and .Values.orchestrator.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }}
ingressClassName: {{ .Values.orchestrator.ingress.className }}
{{- end }}
{{- if .Values.orchestrator.ingress.tls }}
tls:
{{- range .Values.orchestrator.ingress.tls }}
- hosts:
{{- range .hosts }}
- {{ . | quote }}
{{- end }}
secretName: {{ .secretName }}
{{- end }}
{{- end }}
rules:
{{- range .Values.orchestrator.ingress.hosts }}
- host: {{ .host | quote }}
http:
paths:
{{- range .paths }}
- path: {{ .path }}
{{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }}
pathType: {{ .pathType }}
{{- end }}
backend:
{{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }}
service:
name: {{ $fullName }}
port:
number: {{ $svcPort }}
{{- else }}
serviceName: {{ $fullName }}
servicePort: {{ $svcPort }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}
deploy/mysql/mysql-operator/templates/orchestrator-raft-service.yaml
+25
View File
@@ -0,0 +1,25 @@
{{- $replicas := int .Values.replicaCount -}}
{{- $labels := (include "mysql-operator.labels" .) -}}
{{- $fullName := (include "mysql-operator.fullname" .) -}}
{{- range $i := until $replicas -}}
apiVersion: v1
kind: Service
metadata:
name: {{ printf "%s-%d-orc-svc" $fullName $i }}
labels:
app.kubernetes.io/component: orchestrator-raft
{{- $labels | nindent 4}}
spec:
type: ClusterIP
publishNotReadyAddresses: true
ports:
- name: http
port: 80
targetPort: 3000
- name: raft
port: 10008
targetPort: 10008
selector:
statefulset.kubernetes.io/pod-name: {{ printf "%s-%d" $fullName $i }}
---
{{end}}
deploy/mysql/mysql-operator/templates/orchestrator-secret.yaml
+15
View File
@@ -0,0 +1,15 @@
{{- if not .Values.orchestrator.secretName }}
apiVersion: v1
kind: Secret
metadata:
name: {{ template "orchestrator.fullname" . }}
labels:
{{- include "mysql-operator.labels" . | nindent 4 }}
data:
TOPOLOGY_USER: {{ printf "%s" .Values.orchestrator.topologyUser | b64enc | quote }}
{{- if .Values.orchestrator.topologyPassword }}
TOPOLOGY_PASSWORD: {{ printf "%s" .Values.orchestrator.topologyPassword | b64enc | quote }}
{{- else }}
TOPOLOGY_PASSWORD: {{ randAlphaNum 10 | b64enc | quote }}
{{- end }}
{{- end }}
deploy/mysql/mysql-operator/templates/pdb.yaml
+18
View File
@@ -0,0 +1,18 @@
{{- if and .Values.podDisruptionBudget.enabled (gt (int64 .Values.replicaCount) 1) }}
apiVersion: policy/v1
kind: PodDisruptionBudget
metadata:
name: {{ include "mysql-operator.fullname" . }}
labels:
{{- include "mysql-operator.labels" . | nindent 4 }}
spec:
{{- if .Values.podDisruptionBudget.minAvailable }}
minAvailable: {{ .Values.podDisruptionBudget.minAvailable }}
{{- end }}
{{- if .Values.podDisruptionBudget.maxUnavailable }}
maxUnavailable: {{ .Values.podDisruptionBudget.maxUnavailable }}
{{- end }}
selector:
matchLabels:
{{- include "mysql-operator.selectorLabels" . | nindent 6 }}
{{- end }}
deploy/mysql/mysql-operator/templates/service.yaml
+23
View File
@@ -0,0 +1,23 @@
apiVersion: v1
kind: Service
metadata:
name: {{ include "mysql-operator.fullname" . }}
labels:
{{- include "mysql-operator.labels" . | nindent 4 }}
app.kubernetes.io/component: operator
spec:
type: {{ .Values.orchestrator.service.type }}
ports:
- port: {{ .Values.orchestrator.service.port }}
name: http
protocol: TCP
targetPort: http
{{- if .Values.orchestrator.service.nodePort }}
nodePort: {{ .Values.orchestrator.service.nodePort }}
{{- end }}
- port: {{ .Values.serviceMonitor.servicePort }}
name: {{ .Values.serviceMonitor.servicePortName }}
protocol: TCP
targetPort: prometheus
selector:
{{- include "mysql-operator.selectorLabels" . | nindent 4 }}
deploy/mysql/mysql-operator/templates/serviceaccount.yaml
+12
View File
@@ -0,0 +1,12 @@
{{- if .Values.serviceAccount.create -}}
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ include "mysql-operator.serviceAccountName" . }}
labels:
{{- include "mysql-operator.labels" . | nindent 4 }}
{{- with .Values.serviceAccount.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- end }}
deploy/mysql/mysql-operator/templates/servicemonitor.yaml
+43
View File
@@ -0,0 +1,43 @@
# This is a ServicMonitor for the MySQL operator itself.
# To scrape the operator, we need https://github.com/bitpoke/mysql-operator/issues/151 first.
{{- if .Values.serviceMonitor.enabled }}
{{- if .Capabilities.APIVersions.Has "monitoring.coreos.com/v1" }}
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
name: {{ template "mysql-operator.fullname" . }}
labels:
{{- include "mysql-operator.labels" . | nindent 4 }}
{{- if .Values.serviceMonitor.additionalLabels }}
{{ toYaml .Values.serviceMonitor.additionalLabels | indent 4 }}
{{- end }}
spec:
selector:
matchLabels:
{{- include "mysql-operator.selectorLabels" . | nindent 6 }}
app.kubernetes.io/component: operator
{{- with .Values.serviceMonitor.jobLabel }}
jobLabel: {{ . | quote}}
{{- end }}
{{- with .Values.serviceMonitor.targetLabels }}
targetLabels:
{{ toYaml . | trim | indent 4 -}}
{{- end }}
{{- with .Values.serviceMonitor.podTargetLabels }}
podTargetLabels:
{{ toYaml . | trim | indent 4 -}}
{{- end }}
endpoints:
- path: /metrics
port: {{ .Values.serviceMonitor.servicePortName }}
{{- if .Values.serviceMonitor.interval }}
interval: {{ .Values.serviceMonitor.interval }}
{{- end }}
{{- if .Values.serviceMonitor.scrapeTimeout }}
scrapeTimeout: {{ .Values.serviceMonitor.scrapeTimeout }}
{{- end }}
{{- if .Values.serviceMonitor.metricRelabelings }}
metricRelabelings: {{ toYaml .Values.serviceMonitor.metricRelabelings | nindent 8 }}
{{- end }}
{{- end }}
{{- end }}
deploy/mysql/mysql-operator/templates/statefulset.yaml
+195
View File
@@ -0,0 +1,195 @@
{{- $appVersion := .Chart.AppVersion -}}
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: {{ include "mysql-operator.fullname" . }}
labels:
{{- include "mysql-operator.labels" . | nindent 4 }}
spec:
replicas: {{ .Values.replicaCount }}
serviceName: {{ include "orchestrator.fullname" . }}
podManagementPolicy: Parallel
selector:
matchLabels:
{{- include "mysql-operator.selectorLabels" . | nindent 6 }}
template:
metadata:
annotations:
{{- with .Values.podAnnotations }}
{{- toYaml . | nindent 8 }}
{{- end }}
checksum/orchestrator-config: {{ include (print $.Template.BasePath "/orchestrator-config.yaml") . | sha256sum }}
checksum/orchestrator-secret: {{ include (print $.Template.BasePath "/orchestrator-secret.yaml") . | sha256sum }}
labels:
{{- include "mysql-operator.selectorLabels" . | nindent 8 }}
spec:
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ include "mysql-operator.serviceAccountName" . }}
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
containers:
- name: operator
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default $appVersion }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
ports:
- containerPort: 8080
name: prometheus
protocol: TCP
env:
- name: ORC_TOPOLOGY_USER
valueFrom:
secretKeyRef:
name: {{ include "orchestrator.secretName" . }}
key: TOPOLOGY_USER
- name: ORC_TOPOLOGY_PASSWORD
valueFrom:
secretKeyRef:
name: {{ include "orchestrator.secretName" . }}
key: TOPOLOGY_PASSWORD
{{- if .Values.extraEnv }}
{{- toYaml .Values.extraEnv | nindent 12 }}
{{- end }}
args:
- --leader-election-namespace={{ .Release.Namespace }}
- --orchestrator-uri={{ include "orchestrator.apiURL" . }}
{{- with .Values.sidecar57 }}
- --sidecar-image={{ .image.repository }}:{{ .image.tag | default $appVersion }}
{{- end -}}
{{- with .Values.sidecar80 }}
- --sidecar-mysql8-image={{ .image.repository }}:{{ .image.tag | default $appVersion }}
{{- end -}}
{{- with .Values.metricsExporter }}
- --metrics-exporter-image={{ .image.repository }}:{{ .image.tag }}
{{- end -}}
{{- if .Values.watchNamespace }}
- --namespace={{ .Values.watchNamespace }}
{{- end }}
{{- if .Values.gracefulShutdown.enabled }}
- --failover-before-shutdown=true
{{- else }}
- --failover-before-shutdown=false
{{- end }}
{{- range $arg := .Values.extraArgs }}
- {{ $arg }}
{{- end }}
livenessProbe:
httpGet:
path: /healthz
port: 8081
readinessProbe:
httpGet:
path: /readyz
port: 8081
resources:
{{- toYaml .Values.resources | nindent 12 }}
- name: orchestrator
securityContext:
{{- toYaml .Values.orchestrator.securityContext | nindent 12 }}
image: {{ .Values.orchestrator.image.repository }}:{{ .Values.orchestrator.image.tag | default .Chart.AppVersion }}
imagePullPolicy: {{ .Values.orchestrator.image.pullPolicy }}
ports:
- containerPort: 3000
name: http
protocol: TCP
- containerPort: 10008
name: raft
protocol: TCP
env:
- name: POD_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
{{- if .Values.orchestrator.extraEnv }}
{{- toYaml .Values.orchestrator.extraEnv | nindent 12 }}
{{- end }}
envFrom:
- prefix: ORC_
secretRef:
name: {{ include "orchestrator.secretName" . }}
volumeMounts:
- name: data
mountPath: /var/lib/orchestrator
- name: config
mountPath: /usr/local/share/orchestrator/templates
livenessProbe:
timeoutSeconds: 10
initialDelaySeconds: 200
httpGet:
path: /api/lb-check
port: 3000
# https://github.com/github/orchestrator/blob/master/docs/raft.md#proxy-healthy-raft-nodes
readinessProbe:
timeoutSeconds: 10
httpGet:
path: /api/raft-health
port: 3000
resources:
{{- toYaml .Values.orchestrator.resources | nindent 12 }}
volumes:
- name: config
configMap:
name: {{ template "orchestrator.fullname" . }}
{{- if not .Values.orchestrator.persistence.enabled }}
- name: data
emptyDir: {}
{{- end }}
{{- if .Values.orchestrator.persistence.fsGroupWorkaroundEnabled }}
initContainers:
- name: init-mount
securityContext:
runAsUser: 0
image: busybox:1.34.0
command: ['sh', '-c', "chown -R {{ .Values.podSecurityContext.fsGroup | default "0" }}:{{ .Values.podSecurityContext.fsGroup | default "0" }} /var/lib/orchestrator"]
volumeMounts:
- name: data
mountPath: /var/lib/orchestrator
{{- end }}
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- if .Values.orchestrator.persistence.enabled }}
volumeClaimTemplates:
- metadata:
name: data
{{- with .Values.orchestrator.persistence.annotations }}
annotations:
{{- toYaml . | nindent 10 }}
{{- end }}
spec:
accessModes: [ {{ .Values.orchestrator.persistence.accessMode }} ]
resources:
requests:
storage: {{ .Values.orchestrator.persistence.size }}
{{- if .Values.orchestrator.persistence.selector }}
{{- with .Values.orchestrator.persistence.selector.matchLabels }}
selector:
matchLabels:
{{- toYaml . | nindent 12 }}
{{- end }}
{{- end }}
{{- if .Values.orchestrator.persistence.storageClass }}
{{- if (eq "-" .Values.orchestrator.persistence.storageClass) }}
storageClassName: ""
{{- else }}
storageClassName: "{{ .Values.orchestrator.persistence.storageClass }}"
{{- end }}
{{- end }}
{{- end }}