kennyh
/
emqx4.3


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187
							apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: {{ include "emqx.fullname" . }}
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: {{ include "emqx.name" . }}
    helm.sh/chart: {{ include "emqx.chart" . }}
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/managed-by: {{ .Release.Service }}
spec:
  serviceName: {{ include "emqx.fullname" . }}-headless
  podManagementPolicy: {{ .Values.podManagementPolicy }}
  {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }}
  volumeClaimTemplates:
    - metadata:
        name: emqx-data
        namespace: {{ .Release.Namespace }}
        labels:
          app.kubernetes.io/name: {{ include "emqx.name" . }}
          app.kubernetes.io/instance: {{ .Release.Name }}
          app.kubernetes.io/managed-by: {{ .Release.Service }}
      spec:
        {{- if .Values.persistence.storageClassName }}
        storageClassName: {{ .Values.persistence.storageClassName | quote }}
        {{- end }}
        accessModes:
          - {{ .Values.persistence.accessMode | quote }}
        resources:
         requests:
           storage: {{ .Values.persistence.size | quote }}
  {{- end }}
  updateStrategy:
    type: RollingUpdate
  {{- if .Values.minReadySeconds }}
  minReadySeconds: {{ .Values.minReadySeconds }}
  {{- end }}
  replicas: {{ .Values.replicaCount }}
  selector:
    matchLabels:
      app.kubernetes.io/name: {{ include "emqx.name" . }}
      app.kubernetes.io/instance: {{ .Release.Name }}
  template:
    metadata:
      labels:
        app: {{ include "emqx.name" . }}
        version: {{ .Chart.AppVersion }}
        app.kubernetes.io/name: {{ include "emqx.name" . }}
        app.kubernetes.io/instance: {{ .Release.Name }}
      annotations:
      {{- with .Values.podAnnotations }}
          {{- toYaml . | nindent 8 }}
      {{- end }}
      {{- if .Values.recreatePods }}
        checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum | quote }}
      {{- end }}
    spec:
      serviceAccountName: {{ include "emqx.serviceAccountName" . }}
      volumes:
      {{- if .Values.ssl.enabled }}
      - name: ssl-cert
        secret:
          secretName: {{ include "emqx.ssl.secretName" . }}
      {{- end }}
      {{- if not .Values.persistence.enabled }}
      - name: emqx-data
        emptyDir: {}
      {{- else if .Values.persistence.existingClaim }}
      - name: emqx-data
        persistentVolumeClaim:
        {{- with .Values.persistence.existingClaim }}
          claimName: {{ tpl . $ }}
        {{- end }}
      {{- end }}
      {{- if .Values.emqxLicenseSecretName  }}
      - name: emqx-license
        secret:
          secretName: {{ .Values.emqxLicenseSecretName }}
      {{- end }}
    {{- if .Values.extraVolumes }}
      {{- toYaml .Values.extraVolumes | nindent 6 }}
    {{- end }}
      {{- if .Values.podSecurityContext.enabled }}
      securityContext: {{- omit .Values.podSecurityContext "enabled" | toYaml | nindent 8 }}
      {{- end }}
      {{- if .Values.initContainers }}
      initContainers:
        {{- toYaml .Values.initContainers | nindent 8 }}
      {{- end }}
      {{- if .Values.image.pullSecrets }}
      imagePullSecrets:
        {{- range .Values.image.pullSecrets }}
        - name: {{ . }}
      {{- end }}
      {{- end }}
      containers:
        - name: emqx
          image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
          imagePullPolicy: {{ .Values.image.pullPolicy }}
          {{- if .Values.containerSecurityContext.enabled }}
          securityContext: {{- omit .Values.containerSecurityContext "enabled" | toYaml | nindent 12 }}
          {{- end }}
          ports:
          - name: mqtt
            containerPort: {{ .Values.emqxConfig.EMQX_LISTENERS__TCP__DEFAULT__BIND | default 1883 }}
          - name: mqttssl
            containerPort: {{ .Values.emqxConfig.EMQX_LISTENERS__SSL__DEFAULT__BIND | default 8883 }}
          - name: ws
            containerPort: {{ .Values.emqxConfig.EMQX_LISTENERS__WS__DEFAULT__BIND | default 8083 }}
          - name: wss
            containerPort: {{ .Values.emqxConfig.EMQX_LISTENERS__WSS__DEFAULT__BIND | default 8084 }}
          - name: dashboard
            containerPort: {{ .Values.emqxConfig.EMQX_DASHBOARD__LISTENERS__HTTP__BIND | default 18083 }}
          {{- if not (empty .Values.emqxConfig.EMQX_LISTENERS__TCP__INTERNAL__BIND) }}
          - name: internalmqtt
            containerPort: {{ .Values.emqxConfig.EMQX_LISTENERS__TCP__INTERNAL__BIND }}
          {{- end }}
          {{- if not (empty .Values.emqxConfig.EMQX_DASHBOARD__LISTENERS__HTTPS__BIND) }}
          - name: dashboardtls
            containerPort: {{ .Values.emqxConfig.EMQX_DASHBOARD__LISTENERS__HTTPS__BIND }}
          {{- end }}
          - name: ekka
            containerPort: 4370
          envFrom:
            - configMapRef:
                name: {{ include "emqx.fullname" . }}-env
         {{- if .Values.envFromSecret }}
            - secretRef:
                name: {{ .Values.envFromSecret }}
         {{- end }}
          resources:
{{ toYaml .Values.resources | indent 12 }}
          volumeMounts:
          - name: emqx-data
            mountPath: "/opt/emqx/data"
          {{- if .Values.ssl.enabled }}
          - name: ssl-cert
            mountPath: /tmp/ssl
            readOnly: true
          {{- end}}
          {{ if .Values.emqxLicenseSecretName }}
          - name: emqx-license
            mountPath: "/opt/emqx/etc/emqx.lic"
            subPath: "emqx.lic"
            readOnly: true
          {{- end }}
        {{- if .Values.extraVolumeMounts }}
          {{- toYaml .Values.extraVolumeMounts | nindent 10 }}
        {{- end }}
          readinessProbe:
            httpGet:
              path: /status
              port: {{ .Values.emqxConfig.EMQX_DASHBOARD__LISTENERS__HTTP__BIND | default 18083 }}
            initialDelaySeconds: 10
            periodSeconds: 5
            failureThreshold: 30
          livenessProbe:
            httpGet:
              path: /status
              port: {{ .Values.emqxConfig.EMQX_DASHBOARD__LISTENERS__HTTP__BIND | default 18083 }}
            initialDelaySeconds: 60
            periodSeconds: 30
            failureThreshold: 10
    {{- with .Values.nodeSelector }}
      nodeSelector:
        {{- toYaml . | nindent 8 }}
      {{- end }}
    {{- with .Values.affinity }}
      affinity:
        {{- toYaml . | nindent 8 }}
    {{- end }}
    {{- with .Values.tolerations }}
      tolerations:
        {{- toYaml . | nindent 8 }}
    {{- end }}
    {{- with .Values.topologySpreadConstraints }}
      topologySpreadConstraints:
        {{- range . }}
        - maxSkew: {{ .maxSkew }}
          topologyKey: {{ .topologyKey }}
          whenUnsatisfiable: {{ .whenUnsatisfiable }}
          labelSelector:
            matchLabels:
              app.kubernetes.io/name: {{ include "emqx.name" $ }}
              app.kubernetes.io/instance: {{ $.Release.Name }}
        {{- end }}
    {{- end }}