Home Explore Help
Sign In
sdsys
/
openvpn
6
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 5a869ff1f7
Branches Tags
openvpn
/
helm
/
templates
/
deployment.yaml

deployment.yaml 3.5 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106 
  1. apiVersion: apps/v1
    2. 

  2. kind: Deployment
    3. 

  3. metadata:
    4. 

  4.   name: {{ include "openvpn.fullname" . }}
    5. 

  5.   labels:
    6. 

  6.     {{- include "openvpn.labels" . | nindent 4 }}
    7. 

  7. spec:
    8. 

  8.   replicas: 1
    9. 

  9.   strategy:
    10. 

  10.     type: Recreate
    11. 

  11.   selector:
    12. 

  12.     matchLabels:
    13. 

  13.       {{- include "openvpn.selectorLabels" . | nindent 6 }}
    14. 

  14.   template:
    15. 

  15.     metadata:
    16. 

  16.       annotations:
    17. 

  17.         {{- if .Values.multus }}
    18. 

  18.         v1.multus-cni.io/default-network: "{{ .Release.Namespace }}/{{ .Release.Name }}-net"
    19. 

  19.         {{- end }}
    20. 

  20.         checksum/config: {{ include (print $.Template.BasePath "/cm-configuration.yaml") . | sha256sum }}
    21. 

  21.         checksum/config2: {{ include (print $.Template.BasePath "/secret-keys.yaml") . | sha256sum }}
    22. 

  22.         checksum/config3: {{ include (print $.Template.BasePath "/cm-openvpnscripts.yaml") . | sha256sum }}
    23. 

  23.     {{- with .Values.openvpn.podAnnotations }}
    24. 

  24.         {{- toYaml . | nindent 8 }}
    25. 

  25.     {{- end }}
    26. 

  26.       labels:
    27. 

  27.         {{- include "openvpn.selectorLabels" . | nindent 8 }}
    28. 

  28.     spec:
    29. 

  29.       {{- if .Values.registry_secret_data }}
    30. 

  30.       imagePullSecrets:
    31. 

  31.       - name: {{ include "openvpn.fullname" . }}-registry-secret
    32. 

  32.       {{- end }}
    33. 

  33.       {{- if not .Values.multus }}
    34. 

  34.       hostNetwork: true
    35. 

  35.       {{- end }}
    36. 

  36.       containers:
    37. 

  37.         - name: {{ .Chart.Name }}
    38. 

  38.           command: ["/scripts/startscript"]
    39. 

  39.           {{- if .Values.openvpn.healthcheck }}
    40. 

  40.           livenessProbe:
    41. 

  41.             exec:
    42. 

  42.               command:
    43. 

  43.               - /scripts/healthcheck
    44. 

  44.             initialDelaySeconds: 20
    45. 

  45.             periodSeconds: 60
    46. 

  46.             failureThreshold: 5
    47. 

  47.           {{- end }}
    48. 

  48.           securityContext:
    49. 

  49.             capabilities:
    50. 

  50.               add:
    51. 

  51.                 - NET_ADMIN
    52. 

  52.                 - MKNOD
    53. 

  53.           image: "{{ .Values.openvpn.image }}:{{ .Values.openvpn.tag | default "latest" }}"
    54. 

  54.           imagePullPolicy: {{ .Values.openvpn.pullPolicy }}
    55. 

  55.           env:
    56. 

  56.             - name: TZ
    57. 

  57.               value: Europe/Moscow
    58. 

  58.           resources:
    59. 

  59.             {{- toYaml .Values.openvpn.resources | nindent 12 }}
    60. 

  60.           volumeMounts:
    61. 

  61.             - name: keys
    62. 

  62.               mountPath: /etc/openvpn/keys/
    63. 

  63.             - name: ccd
    64. 

  64.               mountPath: /etc/openvpn/ccd/
    65. 

  65.             - name: configuration
    66. 

  66.               mountPath: /etc/openvpn/configuration/
    67. 

  67.             - name: scripts
    68. 

  68.               mountPath: /scripts/
    69. 

  69.         {{- if and .Values.virtIP_addr .Values.virtIP_dev }}
    70. 

  70.         - name: {{ .Chart.Name }}-stop
    71. 

  71.           image: "{{ .Values.openvpn.image }}:{{ .Values.openvpn.tag | default "latest" }}"
    72. 

  72.           imagePullPolicy: {{ .Values.openvpn.pullPolicy }}
    73. 

  73.           command: ["sleep","infinity"]
    74. 

  74.           lifecycle:
    75. 

  75.             preStop:
    76. 

  76.               exec:
    77. 

  77.                 command: ["/bin/bash","-c","/scripts/stopscript"]
    78. 

  78.           volumeMounts:
    79. 

  79.             - name: scripts
    80. 

  80.               mountPath: /scripts/
    81. 

  81.           securityContext:
    82. 

  82.             capabilities:
    83. 

  83.               add:
    84. 

  84.                 - NET_ADMIN
    85. 

  85.                 - MKNOD
    86. 

  86.         {{- end }}
    87. 

  87.       {{- if .Values.multus }}
    88. 

  88.       dnsPolicy: "None"
    89. 

  89.       dnsConfig:
    90. 

  90.         nameservers:
    91. 

  91.           - {{ .Values.multus.dnsIP }}
    92. 

  92.       {{- end }}
    93. 

  93.       volumes:
    94. 

  94.       - name: keys
    95. 

  95.         secret:
    96. 

  96.           secretName: {{ include "openvpn.fullname" . }}-keys
    97. 

  97.       - name: ccd
    98. 

  98.         configMap:
    99. 

  99.           name: {{ include "openvpn.fullname" . }}-ccd
    100. 

  100.       - name: configuration
    101. 

  101.         configMap:
    102. 

  102.           name: {{ include "openvpn.fullname" . }}-configuration
    103. 

  103.       - name: scripts
    104. 

  104.         configMap:
    105. 

  105.           name: {{ include "openvpn.fullname" . }}-scripts
    106. 

  106.           defaultMode: 0755
    107.