| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191 |
- {{- if .Values.s3.enabled }}
- apiVersion: apps/v1
- kind: Deployment
- metadata:
- name: {{ template "seaweedfs.name" . }}-s3
- namespace: {{ .Release.Namespace }}
- labels:
- app: {{ template "seaweedfs.name" . }}
- chart: {{ template "seaweedfs.chart" . }}
- heritage: {{ .Release.Service }}
- release: {{ .Release.Name }}
- spec:
- serviceName: {{ template "seaweedfs.name" . }}-s3
- replicas: {{ .Values.s3.replicas }}
- selector:
- matchLabels:
- app: {{ template "seaweedfs.name" . }}
- chart: {{ template "seaweedfs.chart" . }}
- release: {{ .Release.Name }}
- component: s3
- template:
- metadata:
- labels:
- app: {{ template "seaweedfs.name" . }}
- chart: {{ template "seaweedfs.chart" . }}
- release: {{ .Release.Name }}
- component: s3
- spec:
- restartPolicy: {{ default .Values.global.restartPolicy .Values.s3.restartPolicy }}
- {{- if .Values.s3.tolerations }}
- tolerations:
- {{ tpl .Values.s3.tolerations . | nindent 8 | trim }}
- {{- end }}
- {{- if .Values.global.imagePullSecrets }}
- imagePullSecrets:
- - name: {{ .Values.global.imagePullSecrets }}
- {{- end }}
- terminationGracePeriodSeconds: 10
- {{- if .Values.s3.priorityClassName }}
- priorityClassName: {{ .Values.s3.priorityClassName | quote }}
- {{- end }}
- enableServiceLinks: false
- containers:
- - name: seaweedfs
- image: {{ template "s3.image" . }}
- imagePullPolicy: {{ default "IfNotPresent" .Values.global.imagePullPolicy }}
- env:
- - name: POD_IP
- valueFrom:
- fieldRef:
- fieldPath: status.podIP
- - name: POD_NAME
- valueFrom:
- fieldRef:
- fieldPath: metadata.name
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- fieldPath: metadata.namespace
- - name: SEAWEEDFS_FULLNAME
- value: "{{ template "seaweedfs.name" . }}"
- {{- if .Values.global.extraEnvironmentVars }}
- {{- range $key, $value := .Values.global.extraEnvironmentVars }}
- - name: {{ $key }}
- value: {{ $value | quote }}
- {{- end }}
- {{- end }}
- command:
- - "/bin/sh"
- - "-ec"
- - |
- exec /usr/bin/weed -logdir=/logs \
- {{- if .Values.s3.loggingOverrideLevel }}
- -v={{ .Values.s3.loggingOverrideLevel }} \
- {{- else }}
- -v={{ .Values.global.loggingLevel }} \
- {{- end }}
- s3 \
- -port={{ .Values.s3.port }} \
- {{- if .Values.s3.metricsPort }}
- -metricsPort {{ .Values.s3.metricsPort }} \
- {{- end }}
- {{- if .Values.global.enableSecurity }}
- -cert.file=/usr/local/share/ca-certificates/client/tls.crt \
- -key.file=/usr/local/share/ca-certificates/client/tls.key \
- {{- end }}
- {{- if .Values.s3.domainName }}
- -domainName={{ .Values.s3.domainName }} \
- {{- end }}
- {{- if .Values.s3.allowEmptyFolder }}
- -allowEmptyFolder={{ .Values.s3.allowEmptyFolder }} \
- {{- end }}
- {{- if .Values.s3.enableAuth }}
- -config=/etc/sw/seaweedfs_s3_config \
- {{- end }}
- {{- if .Values.s3.auditLogConfig }}
- -auditLogConfig=/etc/sw/s3_auditLogConfig.json \
- {{- end }}
- -filer={{ template "seaweedfs.name" . }}-filer-client:{{ .Values.filer.port }}
- volumeMounts:
- - name: logs
- mountPath: "/logs/"
- - mountPath: /etc/sw
- name: config-users
- readOnly: true
- {{- if .Values.global.enableSecurity }}
- - name: security-config
- readOnly: true
- mountPath: /etc/seaweedfs/security.toml
- subPath: security.toml
- - name: ca-cert
- readOnly: true
- mountPath: /usr/local/share/ca-certificates/ca/
- - name: master-cert
- readOnly: true
- mountPath: /usr/local/share/ca-certificates/master/
- - name: volume-cert
- readOnly: true
- mountPath: /usr/local/share/ca-certificates/volume/
- - name: filer-cert
- readOnly: true
- mountPath: /usr/local/share/ca-certificates/filer/
- - name: client-cert
- readOnly: true
- mountPath: /usr/local/share/ca-certificates/client/
- {{- end }}
- {{ tpl .Values.s3.extraVolumeMounts . | nindent 12 | trim }}
- ports:
- - containerPort: {{ .Values.s3.port }}
- name: swfs-s3
- readinessProbe:
- httpGet:
- path: /
- port: {{ .Values.s3.port }}
- scheme: HTTP
- initialDelaySeconds: 15
- periodSeconds: 15
- successThreshold: 1
- failureThreshold: 100
- timeoutSeconds: 10
- livenessProbe:
- httpGet:
- path: /
- port: {{ .Values.s3.port }}
- scheme: HTTP
- initialDelaySeconds: 20
- periodSeconds: 60
- successThreshold: 1
- failureThreshold: 20
- timeoutSeconds: 10
- {{- if .Values.s3.resources }}
- resources:
- {{ tpl .Values.s3.resources . | nindent 12 | trim }}
- {{- end }}
- volumes:
- - name: config-users
- secret:
- defaultMode: 420
- secretName: seaweedfs-s3-secret
- {{- if eq .Values.s3.logs.type "hostPath" }}
- - name: logs
- hostPath:
- path: /storage/logs/seaweedfs/s3
- type: DirectoryOrCreate
- {{- end }}
- {{- if .Values.global.enableSecurity }}
- - name: security-config
- configMap:
- name: {{ template "seaweedfs.name" . }}-security-config
- - name: ca-cert
- secret:
- secretName: {{ template "seaweedfs.name" . }}-ca-cert
- - name: master-cert
- secret:
- secretName: {{ template "seaweedfs.name" . }}-master-cert
- - name: volume-cert
- secret:
- secretName: {{ template "seaweedfs.name" . }}-volume-cert
- - name: filer-cert
- secret:
- secretName: {{ template "seaweedfs.name" . }}-filer-cert
- - name: client-cert
- secret:
- secretName: {{ template "seaweedfs.name" . }}-client-cert
- {{- end }}
- {{ tpl .Values.s3.extraVolumes . | indent 8 | trim }}
- {{- if .Values.s3.nodeSelector }}
- nodeSelector:
- {{ tpl .Values.s3.nodeSelector . | indent 8 | trim }}
- {{- end }}
- {{- end }}
|
