Interlegis Public Rancher Charts for Kubernetes

100 lines
3.4 KiB

apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "mailproxy.fullname" . }}-nginx
labels:
{{- include "mailproxy.labels" . | nindent 4 }}
spec:
replicas: {{ .Values.nginx.replicaCount }}
selector:
matchLabels:
{{- include "mailproxy.nginx.selectorLabels" . | nindent 6 }}
template:
metadata:
{{- with .Values.podAnnotations }}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "mailproxy.nginx.selectorLabels" . | nindent 8 }}
spec:
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
containers:
- name: {{ .Chart.Name }}
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
image: "{{ .Values.nginx.image.repository }}:{{ .Values.nginx.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.nginx.image.pullPolicy }}
ports:
{{- range $i, $port := .Values.nginx.service.ports }}
- name: {{ $port.name }}
containerPort: {{ $port.number }}
protocol: {{ $port.protocol }}
{{- end }}
livenessProbe:
httpGet:
path: /
port: http
readinessProbe:
tcpSocket:
port: {{ (index .Values.nginx.service.ports 0).number }}
initialDelaySeconds: 10
periodSeconds: 15
volumeMounts:
- mountPath: /etc/nginx/nginx.conf
subPath: nginx-conf
name: nginx-conf
- mountPath: /etc/nginx/conf.d/phpfpm.conf
subPath: phpfpm-conf
name: nginx-conf
- mountPath: /etc/nginx/mailhosts
name: mailhosts-conf
readOnly: true
- mountPath: /etc/nginx/ssl
name: mailproxy-tls
readOnly: true
resources:
{{- toYaml .Values.nginx.resources | nindent 12 }}
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 100
podAffinityTerm:
labelSelector:
matchExpressions:
- key: app.kubernetes.io/name
operator: In
values:
- {{ include "mailproxy.name" . }}
- key: app.kubernetes.io/instance
operator: In
values:
- {{ .Release.Name }}
- key: app.kubernetes.io/component
operator: In
values:
- nginx
topologyKey: "kubernetes.io/hostname"
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
volumes:
- name: nginx-conf
configMap:
name: {{ include "mailproxy.fullname" . }}-nginx-conf
- name: mailhosts-conf
configMap:
name: {{ include "mailproxy.fullname" . }}-mailhosts-conf
- name: mailproxy-tls
secret:
secretName: {{ include "mailproxy.fullname" . }}-tls