apiVersion: apps/v1 kind: Deployment metadata: name: {{ .Values.name }}-deployment labels: app: {{.Values.name}} version: {{ .Values.version }} spec: replicas: 1 selector: matchLabels: app: {{.Values.name}} version: {{ .Values.version }} strategy: type: RollingUpdate template: metadata: annotations: sidecar.istio.io/inject: "true" traffic.sidecar.istio.io/excludeOutboundPorts: '5432,9093' labels: app: {{.Values.name}} version: {{ .Values.version }} collect.logs: "json" spec: serviceAccountName: {{.Values.name }} containers: - name: {{.Values.name }} image: "{{ .Values.image.name }}:{{ .Values.image.version }}" ports: - containerPort: {{ .Values.port }} protocol: TCP imagePullPolicy: Always {{- if not .Values.global.disableRequestsLimits }} resources: limits: cpu: 400m memory: 800Mi requests: cpu: 400m memory: 800Mi {{- end }} terminationMessagePath: /dev/termination-log terminationMessagePolicy: File livenessProbe: httpGet: path: {{ .Values.probes.liveness.path }} port: {{ .Values.port }} failureThreshold: 1 initialDelaySeconds: 180 periodSeconds: 20 successThreshold: 1 timeoutSeconds: 5 readinessProbe: httpGet: path: {{ .Values.probes.readiness.path }} port: {{ .Values.port }} failureThreshold: 5 initialDelaySeconds: 60 periodSeconds: 20 successThreshold: 1 timeoutSeconds: 5 volumeMounts: - mountPath: /app/config/config.yaml name: config readOnly: true subPath: config.yaml - mountPath: /app/secrets name: db-credentials readOnly: true - mountPath: /app/secrets/datafactoryexcerptceph name: {{ .Chart.Name }}-datafactory-excerpt-ceph-bucket-credentials readOnly: true env: - name: JAVA_OPTS value: {{ .Values.java.javaOpts }} - name: DB_URL value: {{ .Values.db.url }} - name: DB_NAME value: {{ .Values.db.name }} - name: POSTGRES_USER valueFrom: secretKeyRef: name: {{ .Values.db.secret }} key: excerptWorkName - name: POSTGRES_PASSWORD valueFrom: secretKeyRef: name: {{ .Values.db.secret }} key: excerptWorkPass - name: DATAFACTORY_EXCERPT_CEPH_BUCKET_NAME valueFrom: configMapKeyRef: name: {{ .Values.datafactoryExcerptCeph.bucketName }} key: BUCKET_NAME - name: DATAFACTORY_EXCERPT_CEPH_BUCKET_HOST valueFrom: configMapKeyRef: name: {{ .Values.datafactoryExcerptCeph.bucketName }} key: BUCKET_HOST - name: KAFKA_USER_KEYSTORE_CERTIFICATE valueFrom: secretKeyRef: name: {{ .Values.kafka.user }} key: user.crt - name: KAFKA_USER_KEYSTORE_KEY valueFrom: secretKeyRef: name: {{ .Values.kafka.user }} key: user.key - name: KAFKA_CLUSTER_TRUSTSTORE valueFrom: secretKeyRef: name: {{ .Values.kafka.clusterName }}-cluster-ca-cert key: ca.crt initContainers: - name: init-db image: {{ template "imageRegistry" . -}} busybox imagePullPolicy: IfNotPresent command: ["sh", "-c", "while ! nc -w 1 {{ .Values.db.url }} {{ .Values.db.port }} </dev/null; do echo waiting for {{ .Values.db.url }}; sleep 10; done;"] - name: init-kafka image: {{ template "imageRegistry" . -}} busybox imagePullPolicy: IfNotPresent command: ["sh", "-c", "while ! nc -w 1 {{ .Values.kafka.url }} {{ .Values.kafka.port }} </dev/null; do echo waiting for {{ .Values.kafka.url }}; sleep 10; done;"] dnsPolicy: ClusterFirst restartPolicy: Always schedulerName: default-scheduler securityContext: {} terminationGracePeriodSeconds: 30 volumes: - name: config configMap: name: excerpt-worker-properties - name: db-credentials secret: secretName: {{ .Values.db.secret }} items: - key: excerptWorkPass path: data-platform.datasource.password - key: excerptWorkName path: data-platform.datasource.username - name: {{ .Chart.Name }}-datafactory-excerpt-ceph-bucket-credentials secret: secretName: {{ .Values.datafactoryExcerptCeph.bucketName }} items: - key: AWS_ACCESS_KEY_ID path: datafactory-excerpt-ceph.access-key - key: AWS_SECRET_ACCESS_KEY path: datafactory-excerpt-ceph.secret-key