| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172 |
- apiVersion: apps/v1
- kind: StatefulSet
- metadata:
- name: {{ include "emqx.fullname" . }}
- namespace: {{ .Release.Namespace }}
- labels:
- app.kubernetes.io/name: {{ include "emqx.name" . }}
- helm.sh/chart: {{ include "emqx.chart" . }}
- app.kubernetes.io/instance: {{ .Release.Name }}
- app.kubernetes.io/managed-by: {{ .Release.Service }}
- spec:
- serviceName: {{ include "emqx.fullname" . }}-headless
- podManagementPolicy: {{ .Values.podManagementPolicy }}
- {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }}
- volumeClaimTemplates:
- - metadata:
- name: emqx-data
- namespace: {{ .Release.Namespace }}
- labels:
- app.kubernetes.io/name: {{ include "emqx.name" . }}
- app.kubernetes.io/instance: {{ .Release.Name }}
- app.kubernetes.io/managed-by: {{ .Release.Service }}
- spec:
- {{- if .Values.persistence.storageClassName }}
- storageClassName: {{ .Values.persistence.storageClassName | quote }}
- {{- end }}
- accessModes:
- - {{ .Values.persistence.accessMode | quote }}
- resources:
- requests:
- storage: {{ .Values.persistence.size | quote }}
- {{- end }}
- updateStrategy:
- type: RollingUpdate
- replicas: {{ .Values.replicaCount }}
- selector:
- matchLabels:
- app.kubernetes.io/name: {{ include "emqx.name" . }}
- app.kubernetes.io/instance: {{ .Release.Name }}
- template:
- metadata:
- labels:
- app: {{ include "emqx.name" . }}
- version: {{ .Chart.AppVersion }}
- app.kubernetes.io/name: {{ include "emqx.name" . }}
- app.kubernetes.io/instance: {{ .Release.Name }}
- annotations:
- {{- with .Values.podAnnotations }}
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- if .Values.recreatePods }}
- checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum | quote }}
- {{- end }}
- spec:
- serviceAccountName: {{ include "emqx.serviceAccountName" . }}
- volumes:
- {{- if .Values.ssl.enabled }}
- - name: ssl-cert
- secret:
- secretName: {{ include "emqx.ssl.secretName" . }}
- {{- end }}
- {{- if not .Values.persistence.enabled }}
- - name: emqx-data
- emptyDir: {}
- {{- else if .Values.persistence.existingClaim }}
- - name: emqx-data
- persistentVolumeClaim:
- {{- with .Values.persistence.existingClaim }}
- claimName: {{ tpl . $ }}
- {{- end }}
- {{- end }}
- {{- if .Values.emqxLicenseSecretName }}
- - name: emqx-license
- secret:
- secretName: {{ .Values.emqxLicenseSecretName }}
- {{- end }}
- {{- if .Values.extraVolumes }}
- {{- toYaml .Values.extraVolumes | nindent 6 }}
- {{- end }}
- {{- if .Values.podSecurityContext.enabled }}
- securityContext: {{- omit .Values.podSecurityContext "enabled" | toYaml | nindent 8 }}
- {{- end }}
- {{- if .Values.initContainers }}
- initContainers:
- {{- toYaml .Values.initContainers | nindent 8 }}
- {{- end }}
- {{- if .Values.image.pullSecrets }}
- imagePullSecrets:
- {{- range .Values.image.pullSecrets }}
- - name: {{ . }}
- {{- end }}
- {{- end }}
- containers:
- - name: emqx
- image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
- imagePullPolicy: {{ .Values.image.pullPolicy }}
- {{- if .Values.containerSecurityContext.enabled }}
- securityContext: {{- omit .Values.containerSecurityContext "enabled" | toYaml | nindent 12 }}
- {{- end }}
- ports:
- - name: mqtt
- containerPort: {{ .Values.emqxConfig.EMQX_LISTENERS__TCP__DEFAULT__BIND | default 1883 }}
- - name: mqttssl
- containerPort: {{ .Values.emqxConfig.EMQX_LISTENERS__SSL__DEFAULT__BIND | default 8883 }}
- - name: ws
- containerPort: {{ .Values.emqxConfig.EMQX_LISTENERS__WS__DEFAULT__BIND | default 8083 }}
- - name: wss
- containerPort: {{ .Values.emqxConfig.EMQX_LISTENERS__WSS__DEFAULT__BIND | default 8084 }}
- - name: dashboard
- containerPort: {{ .Values.emqxConfig.EMQX_DASHBOARD__LISTENERS__HTTP__BIND | default 18083 }}
- {{- if not (empty .Values.emqxConfig.EMQX_LISTENERS__TCP__INTERNAL__BIND) }}
- - name: internalmqtt
- containerPort: {{ .Values.emqxConfig.EMQX_LISTENERS__TCP__INTERNAL__BIND }}
- {{- end }}
- {{- if not (empty .Values.emqxConfig.EMQX_DASHBOARD__LISTENERS__HTTPS__BIND) }}
- - name: dashboardtls
- containerPort: {{ .Values.emqxConfig.EMQX_DASHBOARD__LISTENERS__HTTPS__BIND }}
- {{- end }}
- - name: ekka
- containerPort: 4370
- envFrom:
- - configMapRef:
- name: {{ include "emqx.fullname" . }}-env
- {{- if .Values.envFromSecret }}
- - secretRef:
- name: {{ .Values.envFromSecret }}
- {{- end }}
- resources:
- {{ toYaml .Values.resources | indent 12 }}
- volumeMounts:
- - name: emqx-data
- mountPath: "/opt/emqx/data"
- {{- if .Values.ssl.enabled }}
- - name: ssl-cert
- mountPath: /tmp/ssl
- readOnly: true
- {{- end}}
- {{ if .Values.emqxLicenseSecretName }}
- - name: emqx-license
- mountPath: "/opt/emqx/etc/emqx.lic"
- subPath: "emqx.lic"
- readOnly: true
- {{- end }}
- {{- if .Values.extraVolumeMounts }}
- {{- toYaml .Values.extraVolumeMounts | nindent 10 }}
- {{- end }}
- readinessProbe:
- httpGet:
- path: /status
- port: {{ .Values.emqxConfig.EMQX_DASHBOARD__LISTENERS__HTTP__BIND | default 18083 }}
- initialDelaySeconds: 10
- periodSeconds: 5
- failureThreshold: 30
- livenessProbe:
- httpGet:
- path: /status
- port: {{ .Values.emqxConfig.EMQX_DASHBOARD__LISTENERS__HTTP__BIND | default 18083 }}
- initialDelaySeconds: 60
- periodSeconds: 30
- failureThreshold: 10
- {{- with .Values.nodeSelector }}
- nodeSelector:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.affinity }}
- affinity:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.tolerations }}
- tolerations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
|
