| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308 |
- {{- if .Values.filer.enabled }}
- apiVersion: apps/v1
- kind: StatefulSet
- metadata:
- name: {{ template "seaweedfs.name" . }}-filer
- namespace: {{ .Release.Namespace }}
- labels:
- app: {{ template "seaweedfs.name" . }}
- chart: {{ template "seaweedfs.chart" . }}
- heritage: {{ .Release.Service }}
- release: {{ .Release.Name }}
- spec:
- serviceName: {{ template "seaweedfs.name" . }}-filer
- podManagementPolicy: Parallel
- replicas: {{ .Values.filer.replicas }}
- {{- if (gt (int .Values.filer.updatePartition) 0) }}
- updateStrategy:
- type: RollingUpdate
- rollingUpdate:
- partition: {{ .Values.filer.updatePartition }}
- {{- end }}
- selector:
- matchLabels:
- app: {{ template "seaweedfs.name" . }}
- chart: {{ template "seaweedfs.chart" . }}
- release: {{ .Release.Name }}
- component: filer
- template:
- metadata:
- labels:
- app: {{ template "seaweedfs.name" . }}
- chart: {{ template "seaweedfs.chart" . }}
- release: {{ .Release.Name }}
- component: filer
- spec:
- restartPolicy: {{ default .Values.global.restartPolicy .Values.filer.restartPolicy }}
- {{- if .Values.filer.affinity }}
- affinity:
- {{ tpl .Values.filer.affinity . | nindent 8 | trim }}
- {{- end }}
- {{- if .Values.filer.tolerations }}
- tolerations:
- {{ tpl .Values.filer.tolerations . | nindent 8 | trim }}
- {{- end }}
- {{- if .Values.global.imagePullSecrets }}
- imagePullSecrets:
- - name: {{ .Values.global.imagePullSecrets }}
- {{- end }}
- serviceAccountName: seaweedfs-rw-sa #hack for delete pod master after migration
- terminationGracePeriodSeconds: 60
- {{- if .Values.filer.priorityClassName }}
- priorityClassName: {{ .Values.filer.priorityClassName | quote }}
- {{- end }}
- enableServiceLinks: false
- {{- if .Values.filer.initContainers }}
- initContainers:
- {{ tpl .Values.filer.initContainers . | nindent 8 | trim }}
- {{- end }}
- containers:
- - name: seaweedfs
- image: {{ template "filer.image" . }}
- imagePullPolicy: {{ default "IfNotPresent" .Values.global.imagePullPolicy }}
- env:
- - name: POD_IP
- valueFrom:
- fieldRef:
- fieldPath: status.podIP
- - name: POD_NAME
- valueFrom:
- fieldRef:
- fieldPath: metadata.name
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- fieldPath: metadata.namespace
- - name: WEED_MYSQL_USERNAME
- valueFrom:
- secretKeyRef:
- name: secret-seaweedfs-db
- key: user
- - name: WEED_MYSQL_PASSWORD
- valueFrom:
- secretKeyRef:
- name: secret-seaweedfs-db
- key: password
- - name: SEAWEEDFS_FULLNAME
- value: "{{ template "seaweedfs.name" . }}"
- {{- if .Values.filer.extraEnvironmentVars }}
- {{- range $key, $value := .Values.filer.extraEnvironmentVars }}
- - name: {{ $key }}
- value: {{ $value | quote }}
- {{- end }}
- {{- end }}
- {{- if .Values.global.extraEnvironmentVars }}
- {{- range $key, $value := .Values.global.extraEnvironmentVars }}
- - name: {{ $key }}
- value: {{ $value | quote }}
- {{- end }}
- {{- end }}
- command:
- - "/bin/sh"
- - "-ec"
- - |
- exec /usr/bin/weed -logdir=/logs \
- {{- if .Values.filer.loggingOverrideLevel }}
- -v={{ .Values.filer.loggingOverrideLevel }} \
- {{- else }}
- -v={{ .Values.global.loggingLevel }} \
- {{- end }}
- filer \
- -port={{ .Values.filer.port }} \
- {{- if .Values.filer.metricsPort }}
- -metricsPort={{ .Values.filer.metricsPort }} \
- {{- end }}
- {{- if .Values.filer.redirectOnRead }}
- -redirectOnRead \
- {{- end }}
- {{- if .Values.filer.disableHttp }}
- -disableHttp \
- {{- end }}
- {{- if .Values.filer.disableDirListing }}
- -disableDirListing \
- {{- end }}
- -dirListLimit={{ .Values.filer.dirListLimit }} \
- {{- if .Values.global.enableReplication }}
- -defaultReplicaPlacement={{ .Values.global.replicationPlacment }} \
- {{- else }}
- -defaultReplicaPlacement={{ .Values.filer.defaultReplicaPlacement }} \
- {{- end }}
- {{- if .Values.filer.disableDirListing }}
- -disableDirListing \
- {{- end }}
- {{- if .Values.filer.maxMB }}
- -maxMB={{ .Values.filer.maxMB }} \
- {{- end }}
- {{- if .Values.filer.encryptVolumeData }}
- -encryptVolumeData \
- {{- end }}
- -ip=${POD_IP} \
- {{- if .Values.filer.s3.enabled }}
- -s3 \
- -s3.port={{ .Values.filer.s3.port }} \
- {{- if .Values.filer.s3.domainName }}
- -s3.domainName={{ .Values.filer.s3.domainName }} \
- {{- end }}
- {{- if .Values.global.enableSecurity }}
- -s3.cert.file=/usr/local/share/ca-certificates/client/tls.crt \
- -s3.key.file=/usr/local/share/ca-certificates/client/tls.key \
- {{- end }}
- {{- if .Values.filer.s3.allowEmptyFolder }}
- -s3.allowEmptyFolder={{ .Values.filer.s3.allowEmptyFolder }} \
- {{- end }}
- {{- if .Values.filer.s3.enableAuth }}
- -s3.config=/etc/sw/seaweedfs_s3_config \
- {{- end }}
- {{- if .Values.filer.s3.auditLogConfig }}
- -s3.auditLogConfig=/etc/sw/filer_s3_auditLogConfig.json \
- {{- end }}
- {{- end }}
- -master={{ range $index := until (.Values.master.replicas | int) }}${SEAWEEDFS_FULLNAME}-master-{{ $index }}.${SEAWEEDFS_FULLNAME}-master:{{ $.Values.master.port }}{{ if lt $index (sub ($.Values.master.replicas | int) 1) }},{{ end }}{{ end }}
- volumeMounts:
- - name: seaweedfs-filer-log-volume
- mountPath: "/logs/"
- - mountPath: /etc/sw
- name: config-users
- readOnly: true
- {{- if .Values.filer.enablePVC }}
- - name: data-filer
- mountPath: /data
- {{- end }}
- {{- if .Values.global.enableSecurity }}
- - name: security-config
- readOnly: true
- mountPath: /etc/seaweedfs/security.toml
- subPath: security.toml
- - name: ca-cert
- readOnly: true
- mountPath: /usr/local/share/ca-certificates/ca/
- - name: master-cert
- readOnly: true
- mountPath: /usr/local/share/ca-certificates/master/
- - name: volume-cert
- readOnly: true
- mountPath: /usr/local/share/ca-certificates/volume/
- - name: filer-cert
- readOnly: true
- mountPath: /usr/local/share/ca-certificates/filer/
- - name: client-cert
- readOnly: true
- mountPath: /usr/local/share/ca-certificates/client/
- {{- end }}
- {{ tpl .Values.filer.extraVolumeMounts . | nindent 12 | trim }}
- ports:
- - containerPort: {{ .Values.filer.port }}
- name: swfs-filer
- - containerPort: {{ .Values.filer.metricsPort }}
- name: metrics
- - containerPort: {{ .Values.filer.grpcPort }}
- #name: swfs-filer-grpc
- readinessProbe:
- httpGet:
- path: /
- port: {{ .Values.filer.port }}
- scheme: HTTP
- initialDelaySeconds: 10
- periodSeconds: 15
- successThreshold: 1
- failureThreshold: 100
- timeoutSeconds: 10
- livenessProbe:
- httpGet:
- path: /
- port: {{ .Values.filer.port }}
- scheme: HTTP
- initialDelaySeconds: 20
- periodSeconds: 30
- successThreshold: 1
- failureThreshold: 5
- timeoutSeconds: 10
- {{- if .Values.filer.resources }}
- resources:
- {{ tpl .Values.filer.resources . | nindent 12 | trim }}
- {{- end }}
- volumes:
- {{- if eq .Values.filer.logs.type "hostPath" }}
- - name: seaweedfs-filer-log-volume
- hostPath:
- path: /storage/logs/seaweedfs/filer
- type: DirectoryOrCreate
- {{- end }}
- {{- if eq .Values.filer.data.type "hostPath" }}
- - name: data-filer
- hostPath:
- path: /storage/filer_store
- type: DirectoryOrCreate
- {{- end }}
- - name: db-schema-config-volume
- configMap:
- name: seaweedfs-db-init-config
- - name: config-users
- secret:
- defaultMode: 420
- secretName: seaweedfs-s3-secret
- {{- if .Values.global.enableSecurity }}
- - name: security-config
- configMap:
- name: {{ template "seaweedfs.name" . }}-security-config
- - name: ca-cert
- secret:
- secretName: {{ template "seaweedfs.name" . }}-ca-cert
- - name: master-cert
- secret:
- secretName: {{ template "seaweedfs.name" . }}-master-cert
- - name: volume-cert
- secret:
- secretName: {{ template "seaweedfs.name" . }}-volume-cert
- - name: filer-cert
- secret:
- secretName: {{ template "seaweedfs.name" . }}-filer-cert
- - name: client-cert
- secret:
- secretName: {{ template "seaweedfs.name" . }}-client-cert
- {{- end }}
- {{ tpl .Values.filer.extraVolumes . | indent 8 | trim }}
- {{- if .Values.filer.nodeSelector }}
- nodeSelector:
- {{ tpl .Values.filer.nodeSelector . | indent 8 | trim }}
- {{- end }}
- {{- if .Values.filer.enablePVC }}
- # DEPRECATION: Deprecate in favor of filer.data section below
- volumeClaimTemplates:
- - metadata:
- name: data-filer
- spec:
- accessModes:
- - ReadWriteOnce
- resources:
- requests:
- storage: {{ .Values.filer.storage }}
- {{- if .Values.filer.storageClass }}
- storageClassName: {{ .Values.filer.storageClass }}
- {{- end }}
- {{- end }}
- {{- $pvc_exists := include "filer.pvc_exists" . -}}
- {{- if $pvc_exists }}
- volumeClaimTemplates:
- {{- if eq .Values.filer.data.type "persistentVolumeClaim"}}
- - metadata:
- name: data-filer
- spec:
- accessModes: [ "ReadWriteOnce" ]
- storageClassName: {{ .Values.filer.data.storageClass }}
- resources:
- requests:
- storage: {{ .Values.filer.data.size }}
- {{- end }}
- {{- if eq .Values.filer.logs.type "persistentVolumeClaim"}}
- - metadata:
- name: seaweedfs-filer-log-volume
- spec:
- accessModes: [ "ReadWriteOnce" ]
- storageClassName: {{ .Values.filer.logs.storageClass }}
- resources:
- requests:
- storage: {{ .Values.filer.logs.size }}
- {{- end }}
- {{- end }}
- {{- end }}
|
