Skip to content

Commit

Permalink
feat(charts): add pdb and topology spread constrants
Browse files Browse the repository at this point in the history
  • Loading branch information
@moabu
moabu committed Nov 16, 2022
1 parent 0961a55 commit 6191c47
Show file tree
Hide file tree
Showing 33 changed files with 712 additions and 28 deletions.
34 changes: 32 additions & 2 deletions flex-cn-setup/pygluu/kubernetes/templates/helm/gluu/charts/admin-ui/templates/_helpers.tpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@ Create user custom defined envs
{{- define "admin-ui.usr-envs"}}
{{- range $key, $val := .Values.usrEnvs.normal }}
- name: {{ $key }}
value: {{ $val }}
value: {{ $val | quote }}
{{- end }}
{{- end }}

Expand All @@ -63,6 +63,36 @@ Create user custom defined secret envs
valueFrom:
secretKeyRef:
name: {{ $.Release.Name }}-{{ $.Chart.Name }}-user-custom-envs
key: {{ $key }}
key: {{ $key | quote }}
{{- end }}
{{- end }}

{{/*
Create topologySpreadConstraints lists
*/}}
{{- define "admin-ui.topology-spread-constraints"}}
{{- range $key, $val := .Values.topologySpreadConstraints }}
- maxSkew: {{ $val.maxSkew }}
{{- if $val.minDomains }}
minDomains: {{ $val.minDomains }} # optional; beta since v1.25
{{- end}}
{{- if $val.topologyKey }}
topologyKey: {{ $val.topologyKey }}
{{- end}}
{{- if $val.whenUnsatisfiable }}
whenUnsatisfiable: {{ $val.whenUnsatisfiable }}
{{- end}}
labelSelector:
matchLabels:
app: {{ $.Release.Name }}-{{ include "admin-ui.name" $ }}
{{- if $val.matchLabelKeys }}
matchLabelKeys: {{ $val.matchLabelKeys }} # optional; alpha since v1.25
{{- end}}
{{- if $val.nodeAffinityPolicy }}
nodeAffinityPolicy: {{ $val.nodeAffinityPolicy }} # optional; alpha since v1.25
{{- end}}
{{- if $val.nodeTaintsPolicy }}
nodeTaintsPolicy: {{ $val.nodeTaintsPolicy }} # optional; alpha since v1.25
{{- end}}
{{- end }}
{{- end }}
11 changes: 11 additions & 0 deletions ...n-setup/pygluu/kubernetes/templates/helm/gluu/charts/admin-ui/templates/admin-ui-pdb.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
{{ if .Values.pdb.enabled -}}
apiVersion: policy/v1
kind: PodDisruptionBudget
metadata:
name: {{ include "admin-ui.fullname" . }}
spec:
maxUnavailable: {{ .Values.pdb.maxUnavailable }}
selector:
matchLabels:
app: {{ .Release.Name }}-{{ include "admin-ui.name" . }}
{{- end }}
4 changes: 4 additions & 0 deletions flex-cn-setup/pygluu/kubernetes/templates/helm/gluu/charts/admin-ui/templates/deployment.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,10 @@ spec:
dnsConfig:
{{ toYaml . | indent 8 }}
{{- end }}
{{- if .Values.topologySpreadConstraints }}
topologySpreadConstraints:
{{- include "admin-ui.topology-spread-constraints" . | indent 8 }}
{{- end }}
containers:
- name: {{ include "admin-ui.name" . }}
imagePullPolicy: {{ .Values.image.pullPolicy }}
Expand Down
4 changes: 2 additions & 2 deletions ...luu/kubernetes/templates/helm/gluu/charts/auth-server-key-rotation/templates/_helpers.tpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@ Create user custom defined envs
{{- define "auth-server-key-rotation.usr-envs"}}
{{- range $key, $val := .Values.usrEnvs.normal }}
- name: {{ $key }}
value: {{ $val }}
value: {{ $val | quote }}
{{- end }}
{{- end }}

Expand All @@ -63,6 +63,6 @@ Create user custom defined secret envs
valueFrom:
secretKeyRef:
name: {{ $.Release.Name }}-{{ $.Chart.Name }}-user-custom-envs
key: {{ $key }}
key: {{ $key | quote }}
{{- end }}
{{- end }}
34 changes: 32 additions & 2 deletions ...-cn-setup/pygluu/kubernetes/templates/helm/gluu/charts/auth-server/templates/_helpers.tpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@ Create user custom defined envs
{{- define "auth-server.usr-envs"}}
{{- range $key, $val := .Values.usrEnvs.normal }}
- name: {{ $key }}
value: {{ $val }}
value: {{ $val | quote }}
{{- end }}
{{- end }}

Expand All @@ -63,6 +63,36 @@ Create user custom defined secret envs
valueFrom:
secretKeyRef:
name: {{ $.Release.Name }}-{{ $.Chart.Name }}-user-custom-envs
key: {{ $key }}
key: {{ $key | quote }}
{{- end }}
{{- end }}

{{/*
Create topologySpreadConstraints lists
*/}}
{{- define "auth-server.topology-spread-constraints"}}
{{- range $key, $val := .Values.topologySpreadConstraints }}
- maxSkew: {{ $val.maxSkew }}
{{- if $val.minDomains }}
minDomains: {{ $val.minDomains }} # optional; beta since v1.25
{{- end}}
{{- if $val.topologyKey }}
topologyKey: {{ $val.topologyKey }}
{{- end}}
{{- if $val.whenUnsatisfiable }}
whenUnsatisfiable: {{ $val.whenUnsatisfiable }}
{{- end}}
labelSelector:
matchLabels:
app: {{ $.Release.Name }}-{{ include "auth-server.name" $ }}
{{- if $val.matchLabelKeys }}
matchLabelKeys: {{ $val.matchLabelKeys }} # optional; alpha since v1.25
{{- end}}
{{- if $val.nodeAffinityPolicy }}
nodeAffinityPolicy: {{ $val.nodeAffinityPolicy }} # optional; alpha since v1.25
{{- end}}
{{- if $val.nodeTaintsPolicy }}
nodeTaintsPolicy: {{ $val.nodeTaintsPolicy }} # optional; alpha since v1.25
{{- end}}
{{- end }}
{{- end }}
11 changes: 11 additions & 0 deletions ...p/pygluu/kubernetes/templates/helm/gluu/charts/auth-server/templates/auth-server-pdb.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
{{ if .Values.pdb.enabled -}}
apiVersion: policy/v1
kind: PodDisruptionBudget
metadata:
name: {{ include "auth-server.fullname" . }}
spec:
maxUnavailable: {{ .Values.pdb.maxUnavailable }}
selector:
matchLabels:
app: {{ .Release.Name }}-{{ include "auth-server.name" . }}
{{- end }}
4 changes: 4 additions & 0 deletions ...n-setup/pygluu/kubernetes/templates/helm/gluu/charts/auth-server/templates/deployment.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,10 @@ spec:
dnsConfig:
{{ toYaml . | indent 8 }}
{{- end }}
{{- if .Values.topologySpreadConstraints }}
topologySpreadConstraints:
{{- include "auth-server.topology-spread-constraints" . | indent 8 }}
{{- end }}
containers:
- name: {{ include "auth-server.name" . }}
imagePullPolicy: {{ .Values.image.pullPolicy }}
Expand Down
34 changes: 32 additions & 2 deletions flex-cn-setup/pygluu/kubernetes/templates/helm/gluu/charts/casa/templates/_helpers.tpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -61,7 +61,7 @@ Create user custom defined envs
{{- define "casa.usr-envs"}}
{{- range $key, $val := .Values.usrEnvs.normal }}
- name: {{ $key }}
value: {{ $val }}
value: {{ $val | quote }}
{{- end }}
{{- end }}

Expand All @@ -74,6 +74,36 @@ Create user custom defined secret envs
valueFrom:
secretKeyRef:
name: {{ $.Release.Name }}-{{ $.Chart.Name }}-user-custom-envs
key: {{ $key }}
key: {{ $key | quote }}
{{- end }}
{{- end }}

{{/*
Create topologySpreadConstraints lists
*/}}
{{- define "casa.topology-spread-constraints"}}
{{- range $key, $val := .Values.topologySpreadConstraints }}
- maxSkew: {{ $val.maxSkew }}
{{- if $val.minDomains }}
minDomains: {{ $val.minDomains }} # optional; beta since v1.25
{{- end}}
{{- if $val.topologyKey }}
topologyKey: {{ $val.topologyKey }}
{{- end}}
{{- if $val.whenUnsatisfiable }}
whenUnsatisfiable: {{ $val.whenUnsatisfiable }}
{{- end}}
labelSelector:
matchLabels:
app: {{ $.Release.Name }}-{{ include "casa.name" $ }}
{{- if $val.matchLabelKeys }}
matchLabelKeys: {{ $val.matchLabelKeys }} # optional; alpha since v1.25
{{- end}}
{{- if $val.nodeAffinityPolicy }}
nodeAffinityPolicy: {{ $val.nodeAffinityPolicy }} # optional; alpha since v1.25
{{- end}}
{{- if $val.nodeTaintsPolicy }}
nodeTaintsPolicy: {{ $val.nodeTaintsPolicy }} # optional; alpha since v1.25
{{- end}}
{{- end }}
{{- end }}
11 changes: 11 additions & 0 deletions flex-cn-setup/pygluu/kubernetes/templates/helm/gluu/charts/casa/templates/casa-pdb.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
{{ if .Values.pdb.enabled -}}
apiVersion: policy/v1
kind: PodDisruptionBudget
metadata:
name: {{ include "casa.fullname" . }}
spec:
maxUnavailable: {{ .Values.pdb.maxUnavailable }}
selector:
matchLabels:
app: {{ .Release.Name }}-{{ include "casa.name" . }}
{{- end }}
4 changes: 4 additions & 0 deletions flex-cn-setup/pygluu/kubernetes/templates/helm/gluu/charts/casa/templates/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,10 @@ spec:
{{- end }}
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
{{- if .Values.topologySpreadConstraints }}
topologySpreadConstraints:
{{- include "casa.topology-spread-constraints" . | indent 8 }}
{{- end }}
containers:
- name: {{ include "casa.name" . }}
securityContext:
Expand Down
38 changes: 34 additions & 4 deletions flex-cn-setup/pygluu/kubernetes/templates/helm/gluu/charts/config-api/templates/_helpers.tpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,22 +47,52 @@ app.kubernetes.io/managed-by: {{ .Release.Service }}
{{/*
Create user custom defined envs
*/}}
{{- define "oxauth.usr-envs"}}
{{- define "config-api.usr-envs"}}
{{- range $key, $val := .Values.usrEnvs.normal }}
- name: {{ $key }}
value: {{ $val }}
value: {{ $val | quote }}
{{- end }}
{{- end }}

{{/*
Create user custom defined secret envs
*/}}
{{- define "oxauth.usr-secret-envs"}}
{{- define "config-api.usr-secret-envs"}}
{{- range $key, $val := .Values.usrEnvs.secret }}
- name: {{ $key }}
valueFrom:
secretKeyRef:
name: {{ $.Release.Name }}-{{ $.Chart.Name }}-user-custom-envs
key: {{ $key }}
key: {{ $key | quote }}
{{- end }}
{{- end }}

{{/*
Create topologySpreadConstraints lists
*/}}
{{- define "config-api.topology-spread-constraints"}}
{{- range $key, $val := .Values.topologySpreadConstraints }}
- maxSkew: {{ $val.maxSkew }}
{{- if $val.minDomains }}
minDomains: {{ $val.minDomains }} # optional; beta since v1.25
{{- end}}
{{- if $val.topologyKey }}
topologyKey: {{ $val.topologyKey }}
{{- end}}
{{- if $val.whenUnsatisfiable }}
whenUnsatisfiable: {{ $val.whenUnsatisfiable }}
{{- end}}
labelSelector:
matchLabels:
app: {{ $.Release.Name }}-{{ include "config-api.name" $ }}
{{- if $val.matchLabelKeys }}
matchLabelKeys: {{ $val.matchLabelKeys }} # optional; alpha since v1.25
{{- end}}
{{- if $val.nodeAffinityPolicy }}
nodeAffinityPolicy: {{ $val.nodeAffinityPolicy }} # optional; alpha since v1.25
{{- end}}
{{- if $val.nodeTaintsPolicy }}
nodeTaintsPolicy: {{ $val.nodeTaintsPolicy }} # optional; alpha since v1.25
{{- end}}
{{- end }}
{{- end }}
11 changes: 11 additions & 0 deletions ...tup/pygluu/kubernetes/templates/helm/gluu/charts/config-api/templates/config-api-pdb.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
{{ if .Values.pdb.enabled -}}
apiVersion: policy/v1
kind: PodDisruptionBudget
metadata:
name: {{ include "config-api.fullname" . }}
spec:
maxUnavailable: {{ .Values.pdb.maxUnavailable }}
selector:
matchLabels:
app: {{ .Release.Name }}-{{ include "config-api.name" . }}
{{- end }}
7 changes: 7 additions & 0 deletions ...n-setup/pygluu/kubernetes/templates/helm/gluu/charts/config-api/templates/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,9 +37,16 @@ spec:
dnsConfig:
{{ toYaml . | indent 8 }}
{{- end }}
{{- if .Values.topologySpreadConstraints }}
topologySpreadConstraints:
{{- include "config-api.topology-spread-constraints" . | indent 8 }}
{{- end }}
containers:
- name: {{ include "config-api.name" . }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
env:
{{- include "config-api.usr-envs" . | indent 12 }}
{{- include "config-api.usr-secret-envs" . | indent 12 }}
securityContext:
runAsUser: 1000
runAsNonRoot: true
Expand Down
4 changes: 2 additions & 2 deletions flex-cn-setup/pygluu/kubernetes/templates/helm/gluu/charts/config/templates/_helpers.tpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@ Create user custom defined envs
{{- define "config.usr-envs"}}
{{- range $key, $val := .Values.usrEnvs.normal }}
- name: {{ $key }}
value: {{ $val }}
value: {{ $val | quote }}
{{- end }}
{{- end }}

Expand All @@ -63,7 +63,7 @@ Create user custom defined secret envs
valueFrom:
secretKeyRef:
name: {{ $.Release.Name }}-{{ $.Chart.Name }}-user-custom-envs
key: {{ $key }}
key: {{ $key | quote }}
{{- end }}
{{- end }}

Expand Down
2 changes: 1 addition & 1 deletion ...setup/pygluu/kubernetes/templates/helm/gluu/charts/config/templates/user-custom-envs.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ metadata:
{{- end }}
data:
{{- range $key, $val := .Values.global.usrEnvs.normal }}
{{ $key }}: {{ $val }}
{{ $key }}: {{ $val | quote }}
{{- end}}
{{- end}}
{{ if .Values.usrEnvs.secret }}
Expand Down
34 changes: 32 additions & 2 deletions flex-cn-setup/pygluu/kubernetes/templates/helm/gluu/charts/fido2/templates/_helpers.tpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@ Create user custom defined envs
{{- define "fido2.usr-envs"}}
{{- range $key, $val := .Values.usrEnvs.normal }}
- name: {{ $key }}
value: {{ $val }}
value: {{ $val | quote }}
{{- end }}
{{- end }}

Expand All @@ -63,6 +63,36 @@ Create user custom defined secret envs
valueFrom:
secretKeyRef:
name: {{ $.Release.Name }}-{{ $.Chart.Name }}-user-custom-envs
key: {{ $key }}
key: {{ $key | quote }}
{{- end }}
{{- end }}

{{/*
Create topologySpreadConstraints lists
*/}}
{{- define "fido2.topology-spread-constraints"}}
{{- range $key, $val := .Values.topologySpreadConstraints }}
- maxSkew: {{ $val.maxSkew }}
{{- if $val.minDomains }}
minDomains: {{ $val.minDomains }} # optional; beta since v1.25
{{- end}}
{{- if $val.topologyKey }}
topologyKey: {{ $val.topologyKey }}
{{- end}}
{{- if $val.whenUnsatisfiable }}
whenUnsatisfiable: {{ $val.whenUnsatisfiable }}
{{- end}}
labelSelector:
matchLabels:
app: {{ $.Release.Name }}-{{ include "fido2.name" $ }}
{{- if $val.matchLabelKeys }}
matchLabelKeys: {{ $val.matchLabelKeys }} # optional; alpha since v1.25
{{- end}}
{{- if $val.nodeAffinityPolicy }}
nodeAffinityPolicy: {{ $val.nodeAffinityPolicy }} # optional; alpha since v1.25
{{- end}}
{{- if $val.nodeTaintsPolicy }}
nodeTaintsPolicy: {{ $val.nodeTaintsPolicy }} # optional; alpha since v1.25
{{- end}}
{{- end }}
{{- end }}
Loading

0 comments on commit 6191c47

Please sign in to comment.