apiVersion: apps/v1 kind: StatefulSet metadata: name: {{ include "nfs-provisioner.fullname" . }} labels: app: {{ include "nfs-provisioner.name" . }} chart: {{ include "nfs-provisioner.chart" . }} heritage: {{ .Release.Service }} release: {{ .Release.Name }} spec: # TODO: Investigate how/if nfs-provisioner can be scaled out beyond 1 replica replicas: {{ .Values.replicaCount }} selector: matchLabels: app: {{ include "nfs-provisioner.name" . }} release: {{ .Release.Name }} serviceName: {{ include "nfs-provisioner.fullname" . }} template: metadata: labels: app: {{ include "nfs-provisioner.name" . }} chart: {{ include "nfs-provisioner.chart" . }} heritage: {{ .Release.Service }} release: {{ .Release.Name }} spec: # NOTE: This is 10 seconds longer than the default nfs-provisioner --grace-period value of 90sec terminationGracePeriodSeconds: 100 serviceAccountName: {{ if .Values.rbac.create }}{{ include "nfs-provisioner.fullname" . }}{{ else }}{{ .Values.rbac.serviceAccountName | quote }}{{ end }} {{- with .Values.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} containers: - name: {{ .Chart.Name }} {{- with .Values.image }} image: "{{ .repository }}{{ if .digest }}@{{ .digest }}{{ else }}:{{ .tag }}{{ end }}" imagePullPolicy: {{ .pullPolicy }} {{- end }} ports: - name: nfs containerPort: 2049 protocol: TCP - name: nfs-udp containerPort: 2049 protocol: UDP - name: nlockmgr containerPort: 32803 protocol: TCP - name: nlockmgr-udp containerPort: 32803 protocol: UDP - name: mountd containerPort: 20048 protocol: TCP - name: mountd-udp containerPort: 20048 protocol: UDP - name: rquotad containerPort: 875 protocol: TCP - name: rquotad-udp containerPort: 875 protocol: UDP - name: rpcbind containerPort: 111 protocol: TCP - name: rpcbind-udp containerPort: 111 protocol: UDP - name: statd containerPort: 662 protocol: TCP - name: statd-udp containerPort: 662 protocol: UDP securityContext: capabilities: add: - DAC_READ_SEARCH - SYS_RESOURCE args: - "-provisioner={{ include "nfs-provisioner.provisionerName" . }}" {{- range $key, $value := .Values.extraArgs }} - "-{{ $key }}={{ $value }}" {{- end }} env: - name: POD_IP valueFrom: fieldRef: fieldPath: status.podIP - name: SERVICE_NAME value: {{ include "nfs-provisioner.fullname" . }} - name: POD_NAMESPACE valueFrom: fieldRef: fieldPath: metadata.namespace volumeMounts: - name: data mountPath: /export {{- with .Values.resources }} resources: {{- toYaml . | nindent 12 }} {{- end }} {{- with .Values.podSecurityContext }} securityContext: {{- toYaml . | nindent 8 }} {{- end }} {{- with .Values.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} {{- with .Values.affinity }} affinity: {{- toYaml . | nindent 8 }} {{- end }} {{- with .Values.tolerations }} tolerations: {{- toYaml . | nindent 8 }} {{- end }} {{- if (or .Values.priorityClass.name .Values.priorityClass.create) }} priorityClassName: {{ .Values.priorityClass.name | default (include "nfs-provisioner.fullname" .) | quote }} {{- end }} {{- if not .Values.persistence.enabled }} volumes: - name: data emptyDir: {} {{- end }} {{- if .Values.persistence.enabled }} volumeClaimTemplates: - metadata: name: data spec: accessModes: [ {{ .Values.persistence.accessMode | quote }} ] {{- if .Values.persistence.storageClass }} {{- if (eq "-" .Values.persistence.storageClass) }} storageClassName: "" {{- else }} storageClassName: {{ .Values.persistence.storageClass | quote }} {{- end }} {{- end }} resources: requests: storage: {{ .Values.persistence.size | quote }} {{- end }}