Gitiles
Code Review Sign In
gerrit.nordix.org / onap / oom / 2ce0437988709fd8af46c8f922f1d22d312e49f9 / . / kubernetes / common / mongodb / templates / replicaset / statefulset.yaml
blob: 7de00e79250a1999587a118f189296872daa18ea [file] [log] [blame]
Andreas Geisslercde4a782024-02-28 16:08:06 +0100[diff] [blame]1{{- /*
2Copyright VMware, Inc.
3SPDX-License-Identifier: APACHE-2.0
4*/}}
5
6{{- if eq .Values.architecture "replicaset" }}
7{{- $replicaCount := int .Values.replicaCount }}
8{{- $loadBalancerIPListLength := len .Values.externalAccess.service.loadBalancerIPs }}
9{{- if not (and .Values.externalAccess.enabled (not .Values.externalAccess.autoDiscovery.enabled) (not (eq $replicaCount $loadBalancerIPListLength )) (eq .Values.externalAccess.service.type "LoadBalancer")) }}
10apiVersion: {{ include "common.capabilities.statefulset.apiVersion" . }}
11kind: StatefulSet
12metadata:
13 name: {{ include "mongodb.fullname" . }}
14 namespace: {{ include "mongodb.namespace" . | quote }}
15 {{- $labels := include "common.tplvalues.merge" ( dict "values" ( list .Values.labels .Values.commonLabels ) "context" . ) }}
16 labels: {{- include "common.labels.standard" ( dict "customLabels" $labels "context" $ ) | nindent 4 }}
17 app.kubernetes.io/component: mongodb
18 {{- if or .Values.annotations .Values.commonAnnotations }}
19 {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.annotations .Values.commonAnnotations ) "context" . ) }}
20 annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }}
21 {{- end }}
22spec:
23 serviceName: {{ include "mongodb.service.nameOverride" . }}
24 podManagementPolicy: {{ .Values.podManagementPolicy }}
25 replicas: {{ .Values.replicaCount }}
26 {{- if .Values.updateStrategy }}
27 updateStrategy: {{- toYaml .Values.updateStrategy | nindent 4 }}
28 {{- end }}
29 {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.podLabels .Values.commonLabels ) "context" . ) }}
30 selector:
31 matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }}
32 app.kubernetes.io/component: mongodb
33 template:
34 metadata:
35 labels: {{- include "common.labels.standard" ( dict "customLabels" $podLabels "context" $ ) | nindent 8 }}
36 app.kubernetes.io/component: mongodb
37 {{- if or (include "mongodb.createConfigmap" .) .Values.podAnnotations }}
38 annotations:
39 {{- if (include "mongodb.createConfigmap" .) }}
40 checksum/configuration: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
41 {{- end }}
42 {{- if .Values.podAnnotations }}
43 {{- include "common.tplvalues.render" (dict "value" .Values.podAnnotations "context" $) | nindent 8 }}
44 {{- end }}
45 {{- end }}
46 spec:
47 {{- include "mongodb.imagePullSecrets" . | nindent 6 }}
48 {{- if .Values.schedulerName }}
49 schedulerName: {{ .Values.schedulerName | quote }}
50 {{- end }}
51 serviceAccountName: {{ template "mongodb.serviceAccountName" . }}
52 automountServiceAccountToken: {{ .Values.automountServiceAccountToken }}
53 {{- if .Values.hostAliases }}
54 hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.hostAliases "context" $) | nindent 8 }}
55 {{- end }}
56 {{- if .Values.affinity }}
57 affinity: {{- include "common.tplvalues.render" (dict "value" .Values.affinity "context" $) | nindent 8 }}
58 {{- else }}
59 affinity:
60 podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.podAffinityPreset "component" "mongodb" "customLabels" $podLabels "topologyKey" .Values.topologyKey "context" $) | nindent 10 }}
61 podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.podAntiAffinityPreset "component" "mongodb" "customLabels" $podLabels "topologyKey" .Values.topologyKey "context" $) | nindent 10 }}
62 nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.nodeAffinityPreset.type "key" .Values.nodeAffinityPreset.key "values" .Values.nodeAffinityPreset.values) | nindent 10 }}
63 {{- end }}
64 {{- if .Values.nodeSelector }}
65 nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.nodeSelector "context" $) | nindent 8 }}
66 {{- end }}
67 {{- if .Values.tolerations }}
68 tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.tolerations "context" $) | nindent 8 }}
69 {{- end }}
70 {{- if .Values.topologySpreadConstraints }}
71 topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.topologySpreadConstraints "context" $) | nindent 8 }}
72 {{- end }}
73 {{- if .Values.priorityClassName }}
74 priorityClassName: {{ .Values.priorityClassName }}
75 {{- end }}
76 {{- if .Values.runtimeClassName }}
77 runtimeClassName: {{ .Values.runtimeClassName }}
78 {{- end }}
79 {{- if .Values.podSecurityContext.enabled }}
80 securityContext: {{- omit .Values.podSecurityContext "enabled" | toYaml | nindent 8 }}
81 {{- end }}
82 {{ if .Values.terminationGracePeriodSeconds }}
83 terminationGracePeriodSeconds: {{ .Values.terminationGracePeriodSeconds }}
84 {{- end }}
85 enableServiceLinks: {{ .Values.enableServiceLinks }}
86 {{- if or .Values.initContainers (and .Values.volumePermissions.enabled .Values.persistence.enabled) (and .Values.externalAccess.enabled .Values.externalAccess.autoDiscovery.enabled) .Values.tls.enabled }}
87 initContainers:
88 {{- if .Values.initContainers }}
89 {{- include "common.tplvalues.render" (dict "value" .Values.initContainers "context" $) | nindent 8 }}
90 {{- end }}
91 {{- if and .Values.volumePermissions.enabled .Values.persistence.enabled }}
92 - name: volume-permissions
93 image: {{ include "mongodb.volumePermissions.image" . }}
94 imagePullPolicy: {{ .Values.volumePermissions.image.pullPolicy | quote }}
95 command:
96 - /bin/bash
97 args:
98 - -ec
99 - |
100 mkdir -p {{ printf "%s/%s" .Values.persistence.mountPath (default "" .Values.persistence.subPath) }}
101 chown {{ .Values.containerSecurityContext.runAsUser }}:{{ .Values.podSecurityContext.fsGroup }} {{ printf "%s/%s" .Values.persistence.mountPath (default "" .Values.persistence.subPath) }}
102 find {{ printf "%s/%s" .Values.persistence.mountPath (default "" .Values.persistence.subPath) }} -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" | xargs -r chown -R {{ .Values.containerSecurityContext.runAsUser }}:{{ .Values.podSecurityContext.fsGroup }}
103 {{- if eq ( toString ( .Values.volumePermissions.securityContext.runAsUser )) "auto" }}
104 securityContext: {{- omit .Values.volumePermissions.securityContext "runAsUser" | toYaml | nindent 12 }}
105 {{- else }}
106 securityContext: {{- .Values.volumePermissions.securityContext | toYaml | nindent 12 }}
107 {{- end }}
108 {{- if .Values.volumePermissions.resources }}
109 resources: {{- toYaml .Values.volumePermissions.resources | nindent 12 }}
110 {{- else if ne .Values.volumePermissions.resourcesPreset "none" }}
111 resources: {{- include "common.resources.preset" (dict "type" .Values.volumePermissions.resourcesPreset) | nindent 12 }}
112 {{- end }}
113 volumeMounts:
114 - name: datadir
115 mountPath: {{ .Values.persistence.mountPath }}
116 - name: empty-dir
117 mountPath: /tmp
118 subPath: tmp-dir
119 {{- end }}
120 {{- if .Values.tls.enabled }}
121 - name: generate-tls-certs
122 image: {{ include "mongodb.tls.image" . }}
123 imagePullPolicy: {{ .Values.tls.image.pullPolicy | quote }}
124 env:
125 - name: MY_POD_NAMESPACE
126 valueFrom:
127 fieldRef:
128 fieldPath: metadata.namespace
129 - name: MY_POD_HOST_IP
130 valueFrom:
131 fieldRef:
132 fieldPath: status.hostIP
133 - name: MY_POD_NAME
134 valueFrom:
135 fieldRef:
136 fieldPath: metadata.name
137 volumeMounts:
138 {{- if (include "mongodb.autoGenerateCerts" .) }}
139 - name: certs-volume
140 mountPath: /certs/CAs
141 {{- else }}
142 {{- range $index, $_ := .Values.tls.replicaset.existingSecrets }}
143 - name: mongodb-certs-{{ $index }}
144 mountPath: /certs-{{ $index }}
145 {{- end }}
146 {{- end }}
147 - name: certs
148 mountPath: /certs
149 - name: common-scripts
150 mountPath: /bitnami/scripts
151 - name: empty-dir
152 mountPath: /tmp
153 subPath: tmp-dir
154 command:
155 - /bitnami/scripts/generate-certs.sh
156 args:
157 - -s {{ include "mongodb.service.nameOverride" . }}
158 {{- if .Values.externalAccess.service.loadBalancerIPs }}
159 - -i {{ join "," .Values.externalAccess.service.loadBalancerIPs }}
160 {{- end }}
161 {{- if .Values.tls.extraDnsNames }}
162 - -n {{ join "," .Values.tls.extraDnsNames }}
163 {{- end }}
164 {{- if .Values.tls.resources }}
165 resources: {{- toYaml .Values.tls.resources | nindent 12 }}
166 {{- else if ne .Values.tls.resourcesPreset "none" }}
167 resources: {{- include "common.resources.preset" (dict "type" .Values.tls.resourcesPreset) | nindent 12 }}
168 {{- end }}
169 {{- end }}
170 {{- if and .Values.externalAccess.enabled .Values.externalAccess.autoDiscovery.enabled (eq .Values.externalAccess.service.type "LoadBalancer") }}
171 - name: auto-discovery
172 image: {{ include "mongodb.externalAccess.autoDiscovery.image" . }}
173 imagePullPolicy: {{ .Values.externalAccess.autoDiscovery.image.pullPolicy | quote }}
174 # We need the service account token for contacting the k8s API
175 automountServiceAccountToken: true
176 command:
177 - /scripts/auto-discovery.sh
178 env:
179 - name: MY_POD_NAME
180 valueFrom:
181 fieldRef:
182 fieldPath: metadata.name
183 - name: SHARED_FILE
184 value: "/shared/info.txt"
185 {{- if .Values.externalAccess.autoDiscovery.resources }}
186 resources: {{- toYaml .Values.externalAccess.autoDiscovery.resources | nindent 12 }}
187 {{- else if ne .Values.externalAccess.autoDiscovery.resourcesPreset "none" }}
188 resources: {{- include "common.resources.preset" (dict "type" .Values.externalAccess.autoDiscovery.resourcesPreset) | nindent 12 }}
189 {{- end }}
190 volumeMounts:
191 - name: shared
192 mountPath: /shared
193 - name: scripts
194 mountPath: /scripts/auto-discovery.sh
195 subPath: auto-discovery.sh
196 - name: empty-dir
197 mountPath: /tmp
198 subPath: tmp-dir
199 {{- end }}
200 {{- end }}
201 containers:
202 - name: mongodb
203 image: {{ include "mongodb.image" . }}
204 imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
205 {{- if .Values.containerSecurityContext.enabled }}
206 securityContext: {{- omit .Values.containerSecurityContext "enabled" | toYaml | nindent 12 }}
207 {{- end }}
208 {{- if .Values.diagnosticMode.enabled }}
209 command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }}
210 {{- else if .Values.command }}
211 command: {{- include "common.tplvalues.render" (dict "value" .Values.command "context" $) | nindent 12 }}
212 {{- else }}
213 command:
214 - /scripts/setup.sh
215 {{- end }}
216 {{- if .Values.diagnosticMode.enabled }}
217 args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 12 }}
218 {{- else if .Values.args }}
219 args: {{- include "common.tplvalues.render" (dict "value" .Values.args "context" $) | nindent 12 }}
220 {{- end }}
221 {{- if .Values.lifecycleHooks }}
222 lifecycle: {{- include "common.tplvalues.render" (dict "value" .Values.lifecycleHooks "context" $) | nindent 12 }}
223 {{- end }}
224 env:
225 - name: BITNAMI_DEBUG
226 value: {{ ternary "true" "false" (or .Values.image.debug .Values.diagnosticMode.enabled) | quote }}
227 {{- if and .Values.externalAccess.enabled .Values.externalAccess.autoDiscovery.enabled (eq .Values.externalAccess.service.type "LoadBalancer") }}
228 - name: SHARED_FILE
229 value: "/shared/info.txt"
230 {{- end }}
231 - name: MY_POD_NAME
232 valueFrom:
233 fieldRef:
234 fieldPath: metadata.name
235 - name: MY_POD_NAMESPACE
236 valueFrom:
237 fieldRef:
238 fieldPath: metadata.namespace
239 - name: MY_POD_HOST_IP
240 valueFrom:
241 fieldRef:
242 fieldPath: status.hostIP
243 - name: K8S_SERVICE_NAME
244 value: "{{ include "mongodb.service.nameOverride" . }}"
245 - name: MONGODB_INITIAL_PRIMARY_HOST
246 value: {{ printf "%s-0.$(K8S_SERVICE_NAME).$(MY_POD_NAMESPACE).svc.%s" (include "mongodb.fullname" .) .Values.clusterDomain }}
247 - name: MONGODB_REPLICA_SET_NAME
248 value: {{ .Values.replicaSetName | quote }}
249 {{- if and .Values.replicaSetHostnames (not .Values.externalAccess.enabled) }}
250 - name: MONGODB_ADVERTISED_HOSTNAME
251 value: "$(MY_POD_NAME).$(K8S_SERVICE_NAME).$(MY_POD_NAMESPACE).svc.{{ .Values.clusterDomain }}"
252 {{- end }}
253 {{- $customUsers := include "mongodb.customUsers" . -}}
254 {{- $customDatabases := include "mongodb.customDatabases" . -}}
255 {{- if not (empty $customUsers) }}
256 - name: MONGODB_EXTRA_USERNAMES
257 value: {{ $customUsers | quote }}
258 {{- end }}
259 {{- if not (empty $customDatabases) }}
260 - name: MONGODB_EXTRA_DATABASES
261 value: {{ $customDatabases | quote }}
262 {{- end }}
263 {{- if .Values.auth.enabled }}
264 {{- if and (not (empty $customUsers)) (not (empty $customDatabases)) }}
265 - name: MONGODB_EXTRA_PASSWORDS
266 valueFrom:
267 secretKeyRef:
268 name: {{ include "mongodb.secretName" . }}
269 key: mongodb-passwords
270 {{- end }}
271 - name: MONGODB_ROOT_USER
272 value: {{ .Values.auth.rootUser | quote }}
273 - name: MONGODB_ROOT_PASSWORD
274 valueFrom:
275 secretKeyRef:
276 name: {{ include "mongodb.secretName" . }}
277 key: mongodb-root-password
278 - name: MONGODB_REPLICA_SET_KEY
279 valueFrom:
280 secretKeyRef:
281 name: {{ include "mongodb.secretName" . }}
282 key: mongodb-replica-set-key
283 {{- end }}
284 {{- if and .Values.metrics.enabled (not (empty .Values.metrics.username)) }}
285 - name: MONGODB_METRICS_USERNAME
286 value: {{ .Values.metrics.username | quote }}
287 {{- if .Values.auth.enabled }}
288 - name: MONGODB_METRICS_PASSWORD
289 valueFrom:
290 secretKeyRef:
291 name: {{ include "mongodb.secretName" . }}
292 key: mongodb-metrics-password
293 {{- end }}
294 {{- end }}
295 - name: ALLOW_EMPTY_PASSWORD
296 value: {{ ternary "no" "yes" .Values.auth.enabled | quote }}
297 - name: MONGODB_SYSTEM_LOG_VERBOSITY
298 value: {{ .Values.systemLogVerbosity | quote }}
299 - name: MONGODB_DISABLE_SYSTEM_LOG
300 value: {{ ternary "yes" "no" .Values.disableSystemLog | quote }}
301 - name: MONGODB_DISABLE_JAVASCRIPT
302 value: {{ ternary "yes" "no" .Values.disableJavascript | quote }}
303 - name: MONGODB_ENABLE_JOURNAL
304 value: {{ ternary "yes" "no" .Values.enableJournal | quote }}
305 - name: MONGODB_PORT_NUMBER
306 value: {{ .Values.containerPorts.mongodb | quote }}
307 - name: MONGODB_ENABLE_IPV6
308 value: {{ ternary "yes" "no" .Values.enableIPv6 | quote }}
309 - name: MONGODB_ENABLE_DIRECTORY_PER_DB
310 value: {{ ternary "yes" "no" .Values.directoryPerDB | quote }}
311 {{- $extraFlags := .Values.extraFlags | join " " -}}
312 {{- if .Values.tls.enabled }}
313 {{- if .Values.tls.mTLS.enabled }}
314 {{- $extraFlags = printf "--tlsCAFile=/certs/mongodb-ca-cert %s" $extraFlags }}
315 {{- end }}
316 {{- $extraFlags = printf "--tlsMode=%s --tlsCertificateKeyFile=/certs/mongodb.pem %s" .Values.tls.mode $extraFlags }}
317 {{- end }}
318 {{- if ne $extraFlags "" }}
319 - name: MONGODB_EXTRA_FLAGS
320 value: {{ $extraFlags | quote }}
321 {{- end }}
322 {{- if .Values.tls.enabled }}
323 - name: MONGODB_CLIENT_EXTRA_FLAGS
324 value: --tls {{ if .Values.tls.mTLS.enabled }}--tlsCertificateKeyFile=/certs/mongodb.pem {{ end }}--tlsCAFile=/certs/mongodb-ca-cert
325 {{- end }}
326 {{- if .Values.extraEnvVars }}
327 {{- include "common.tplvalues.render" (dict "value" .Values.extraEnvVars "context" $) | nindent 12 }}
328 {{- end }}
329 {{- if or .Values.extraEnvVarsCM .Values.extraEnvVarsSecret }}
330 envFrom:
331 {{- if .Values.extraEnvVarsCM }}
332 - configMapRef:
333 name: {{ tpl .Values.extraEnvVarsCM . | quote }}
334 {{- end }}
335 {{- if .Values.extraEnvVarsSecret }}
336 - secretRef:
337 name: {{ tpl .Values.extraEnvVarsSecret . | quote }}
338 {{- end }}
339 {{- end }}
340 ports:
341 - name: mongodb
342 containerPort: {{ .Values.containerPorts.mongodb }}
343 {{- if not .Values.diagnosticMode.enabled }}
344 {{- if .Values.customLivenessProbe }}
345 livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.customLivenessProbe "context" $) | nindent 12 }}
346 {{- else if .Values.livenessProbe.enabled }}
347 livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.livenessProbe "enabled") "context" $) | nindent 12 }}
348 exec:
349 command:
350 - /bitnami/scripts/ping-mongodb.sh
351 {{- end }}
352 {{- if .Values.customReadinessProbe }}
353 readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.customReadinessProbe "context" $) | nindent 12 }}
354 {{- else if .Values.readinessProbe.enabled }}
355 readinessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.readinessProbe "enabled") "context" $) | nindent 12 }}
356 exec:
357 command:
358 - /bitnami/scripts/readiness-probe.sh
359 {{- end }}
360 {{- if .Values.customStartupProbe }}
361 startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.customStartupProbe "context" $) | nindent 12 }}
362 {{- else if .Values.startupProbe.enabled }}
363 startupProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.startupProbe "enabled") "context" $) | nindent 12 }}
364 exec:
365 command:
366 - /bitnami/scripts/startup-probe.sh
367 {{- end }}
368 {{- end }}
369 {{- if .Values.resources }}
370 resources: {{- toYaml .Values.resources | nindent 12 }}
371 {{- else if ne .Values.resourcesPreset "none" }}
372 resources: {{- include "common.resources.preset" (dict "type" .Values.resourcesPreset) | nindent 12 }}
373 {{- end }}
374 volumeMounts:
375 - name: empty-dir
376 mountPath: /tmp
377 subPath: tmp-dir
378 - name: empty-dir
379 mountPath: /opt/bitnami/mongodb/conf
380 subPath: app-conf-dir
381 - name: empty-dir
382 mountPath: /opt/bitnami/mongodb/tmp
383 subPath: app-tmp-dir
384 - name: empty-dir
385 mountPath: /opt/bitnami/mongodb/logs
386 subPath: app-logs-dir
387 - name: datadir
388 mountPath: {{ .Values.persistence.mountPath }}
389 subPath: {{ .Values.persistence.subPath }}
390 - name: common-scripts
391 mountPath: /bitnami/scripts
392 {{- if or .Values.initdbScriptsConfigMap .Values.initdbScripts }}
393 - name: custom-init-scripts
394 mountPath: /docker-entrypoint-initdb.d
395 {{- end }}
396 {{- if or .Values.configuration .Values.existingConfigmap }}
397 - name: config
398 mountPath: /opt/bitnami/mongodb/conf/mongodb.conf
399 subPath: mongodb.conf
400 {{- end }}
401 - name: scripts
402 mountPath: /scripts/setup.sh
403 subPath: setup.sh
404 {{ if .Values.replicaSetConfigurationSettings.enabled }}
405 - name: scripts
406 mountPath: /scripts/replicaSetConfigurationSettings.sh
407 subPath: replicaSetConfigurationSettings.sh
408 {{- end }}
409 {{- if and .Values.externalAccess.enabled .Values.externalAccess.autoDiscovery.enabled (eq .Values.externalAccess.service.type "LoadBalancer") }}
410 - name: shared
411 mountPath: /shared
412 {{- end }}
413 {{- if .Values.tls.enabled }}
414 - name: certs
415 mountPath: /certs
416 {{- end }}
417 {{- if .Values.extraVolumeMounts }}
418 {{- include "common.tplvalues.render" (dict "value" .Values.extraVolumeMounts "context" $) | nindent 12 }}
419 {{- end }}
420 {{- if .Values.metrics.enabled }}
421 - name: metrics
422 image: {{ template "mongodb.metrics.image" . }}
423 imagePullPolicy: {{ .Values.metrics.image.pullPolicy | quote }}
424 {{- if .Values.containerSecurityContext.enabled }}
425 securityContext: {{- omit .Values.containerSecurityContext "enabled" | toYaml | nindent 12 }}
426 {{- end }}
427 {{- if .Values.diagnosticMode.enabled }}
428 command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }}
429 {{- else if .Values.metrics.command }}
430 command: {{- include "common.tplvalues.render" (dict "value" .Values.metrics.command "context" $) | nindent 12 }}
431 {{- else }}
432 command:
433 - /bin/bash
434 - -ec
435 {{- end }}
436 {{- if .Values.diagnosticMode.enabled }}
437 args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 12 }}
438 {{- else if .Values.metrics.args }}
439 args: {{- include "common.tplvalues.render" (dict "value" .Values.metrics.args "context" $) | nindent 12 }}
440 {{- else }}
441 args:
442 - |
443 /bin/mongodb_exporter {{ include "mongodb.exporterArgs" $ }} --mongodb.direct-connect --mongodb.global-conn-pool --web.listen-address ":{{ .Values.metrics.containerPort }}" --mongodb.uri "{{ include "mongodb.mongodb_exporter.uri" . }}" {{ .Values.metrics.extraFlags }}
444 {{- end }}
445 env:
446 {{- if .Values.auth.enabled }}
447 {{- if not .Values.metrics.username }}
448 - name: MONGODB_ROOT_USER
449 value: {{ .Values.auth.rootUser | quote }}
450 - name: MONGODB_ROOT_PASSWORD
451 valueFrom:
452 secretKeyRef:
453 name: {{ include "mongodb.secretName" . }}
454 key: mongodb-root-password
455 {{- else }}
456 - name: MONGODB_METRICS_USERNAME
457 value: {{ .Values.metrics.username | quote }}
458 - name: MONGODB_METRICS_PASSWORD
459 valueFrom:
460 secretKeyRef:
461 name: {{ include "mongodb.secretName" . }}
462 key: mongodb-metrics-password
463 {{- end }}
464 {{- end }}
465 volumeMounts:
466 - name: empty-dir
467 mountPath: /tmp
468 subPath: tmp-dir
469 {{- if .Values.tls.enabled }}
470 - name: certs
471 mountPath: /certs
472 {{- end }}
473 {{- if .Values.metrics.extraVolumeMounts }}
474 {{- include "common.tplvalues.render" (dict "value" .Values.metrics.extraVolumeMounts "context" $) | nindent 12 }}
475 {{- end }}
476 ports:
477 - name: metrics
478 containerPort: {{ .Values.metrics.containerPort }}
479 {{- if not .Values.diagnosticMode.enabled }}
480 {{- if .Values.metrics.customLivenessProbe }}
481 livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.metrics.customLivenessProbe "context" $) | nindent 12 }}
482 {{- else if .Values.metrics.livenessProbe.enabled }}
483 livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.metrics.livenessProbe "enabled") "context" $) | nindent 12 }}
484 httpGet:
485 path: /
486 port: metrics
487 {{- end }}
488 {{- if .Values.metrics.customReadinessProbe }}
489 readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.metrics.customReadinessProbe "context" $) | nindent 12 }}
490 {{- else if .Values.metrics.readinessProbe.enabled }}
491 readinessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.metrics.readinessProbe "enabled") "context" $) | nindent 12 }}
492 httpGet:
493 path: /
494 port: metrics
495 {{- end }}
496 {{- if .Values.metrics.customStartupProbe }}
497 startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.metrics.customStartupProbe "context" $) | nindent 12 }}
498 {{- else if .Values.metrics.startupProbe.enabled }}
499 startupProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.metrics.startupProbe "enabled") "context" $) | nindent 12 }}
500 tcpSocket:
501 port: metrics
502 {{- end }}
503 {{- end }}
504 {{- if .Values.metrics.resources }}
505 resources: {{- toYaml .Values.metrics.resources | nindent 12 }}
506 {{- else if ne .Values.metrics.resourcesPreset "none" }}
507 resources: {{- include "common.resources.preset" (dict "type" .Values.metrics.resourcesPreset) | nindent 12 }}
508 {{- end }}
509 {{- end }}
510 {{- if .Values.sidecars }}
511 {{- include "common.tplvalues.render" (dict "value" .Values.sidecars "context" $) | nindent 8 }}
512 {{- end }}
513 volumes:
514 - name: empty-dir
Fiete Ostkampd2b2a3d2024-04-30 13:08:03 +0200[diff] [blame]515 emptyDir:
Andreas Geisslerdbabc4b2024-08-02 14:18:07 +0200[diff] [blame]516 sizeLimit: {{ .Values.replicaSet.emptyDir.sizeLimit }}
Andreas Geisslercde4a782024-02-28 16:08:06 +0100[diff] [blame]517 - name: common-scripts
518 configMap:
519 name: {{ printf "%s-common-scripts" (include "mongodb.fullname" .) }}
520 defaultMode: 0550
521 {{- if or .Values.initdbScriptsConfigMap .Values.initdbScripts }}
522 - name: custom-init-scripts
523 configMap:
524 name: {{ template "mongodb.initdbScriptsCM" . }}
525 {{- end }}
526 {{- if or .Values.configuration .Values.existingConfigmap }}
527 - name: config
528 configMap:
529 name: {{ include "mongodb.configmapName" . }}
530 {{- end }}
531 {{- if and .Values.externalAccess.enabled .Values.externalAccess.autoDiscovery.enabled (eq .Values.externalAccess.service.type "LoadBalancer") }}
532 - name: shared
Fiete Ostkampd2b2a3d2024-04-30 13:08:03 +0200[diff] [blame]533 emptyDir:
534 sizeLimit: 64Mi
Andreas Geisslercde4a782024-02-28 16:08:06 +0100[diff] [blame]535 {{- end }}
536 - name: scripts
537 configMap:
538 name: {{ printf "%s-scripts" (include "mongodb.fullname" .) }}
539 defaultMode: 0755
540 {{- if .Values.extraVolumes }}
541 {{- include "common.tplvalues.render" (dict "value" .Values.extraVolumes "context" $) | nindent 8 }}
542 {{- end }}
543 {{- if .Values.tls.enabled }}
544 - name: certs
Fiete Ostkampd2b2a3d2024-04-30 13:08:03 +0200[diff] [blame]545 emptyDir:
546 sizeLimit: 64Mi
Andreas Geisslercde4a782024-02-28 16:08:06 +0100[diff] [blame]547 {{- if (include "mongodb.autoGenerateCerts" .) }}
548 - name: certs-volume
549 secret:
550 secretName: {{ template "mongodb.tlsSecretName" . }}
551 items:
552 - key: mongodb-ca-cert
553 path: mongodb-ca-cert
554 mode: 0600
555 - key: mongodb-ca-key
556 path: mongodb-ca-key
557 mode: 0600
558 {{- else }}
559 {{- range $index, $secret := .Values.tls.replicaset.existingSecrets }}
560 - name: mongodb-certs-{{ $index }}
561 secret:
562 secretName: {{ include "common.tplvalues.render" ( dict "value" $secret "context" $) }}
563 defaultMode: 256
564 {{- end }}
565 {{- end }}
566 {{- end }}
567 {{- if not .Values.persistence.enabled }}
568 - name: datadir
569 {{- if .Values.persistence.medium }}
570 emptyDir:
571 medium: {{ .Values.persistence.medium | quote }}
Fiete Ostkampd2b2a3d2024-04-30 13:08:03 +0200[diff] [blame]572 sizeLimit: 64Mi
Andreas Geisslercde4a782024-02-28 16:08:06 +0100[diff] [blame]573 {{- else }}
Fiete Ostkampd2b2a3d2024-04-30 13:08:03 +0200[diff] [blame]574 emptyDir:
575 sizeLimit: 64Mi
Andreas Geisslercde4a782024-02-28 16:08:06 +0100[diff] [blame]576 {{- end }}
577 {{- else }}
578 {{- if .Values.persistentVolumeClaimRetentionPolicy.enabled }}
579 persistentVolumeClaimRetentionPolicy:
580 whenDeleted: {{ .Values.persistentVolumeClaimRetentionPolicy.whenDeleted }}
581 whenScaled: {{ .Values.persistentVolumeClaimRetentionPolicy.whenScaled }}
582 {{- end }}
583 volumeClaimTemplates:
584 - apiVersion: v1
585 kind: PersistentVolumeClaim
586 metadata:
587 name: datadir
588 {{- if .Values.persistence.annotations }}
589 annotations: {{- include "common.tplvalues.render" (dict "value" .Values.persistence.annotations "context" $) | nindent 10 }}
590 {{- end }}
591 spec:
592 accessModes:
593 {{- range .Values.persistence.accessModes }}
594 - {{ . | quote }}
595 {{- end }}
596 resources:
597 requests:
598 storage: {{ .Values.persistence.size | quote }}
599 {{- if .Values.persistence.volumeClaimTemplates.requests }}
600 {{- include "common.tplvalues.render" (dict "value" .Values.persistence.volumeClaimTemplates.requests "context" $) | nindent 12 }}
601 {{- end }}
602 {{- if .Values.persistence.volumeClaimTemplates.dataSource }}
603 dataSource: {{- include "common.tplvalues.render" (dict "value" .Values.persistence.volumeClaimTemplates.dataSource "context" $) | nindent 10 }}
604 {{- end }}
605 {{- if .Values.persistence.volumeClaimTemplates.selector }}
606 selector: {{- include "common.tplvalues.render" (dict "value" .Values.persistence.volumeClaimTemplates.selector "context" $) | nindent 10 }}
607 {{- end }}
608 {{ include "common.storage.class" (dict "persistence" .Values.persistence "global" .Values.global) }}
609 {{- end }}
610{{- end }}
611{{- end }}