charts/versions/kruise-game/next/templates/manager.yaml at 3c004c6eff5ebdabf75d01b10cb27139ff6032a6 · openkruise/charts · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
{{- if .Values.installation.createNamespace }}
apiVersion: v1
kind: Namespace
metadata:
  labels:
    control-plane: {{ .Values.kruiseGame.fullname }}
  name: {{ .Values.installation.namespace }}
  {{- end }}
---
apiVersion: v1
kind: Service
metadata:
  name: kruise-game-controller-manager-metrics-service
  namespace: {{ .Values.installation.namespace }}
  labels:
    control-plane: {{ .Values.kruiseGame.fullname }}
spec:
  ports:
    - name: https
      port: {{ .Values.service.port }}
      protocol: TCP
      targetPort: https
  selector:
    control-plane: {{ .Values.kruiseGame.fullname }}
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: {{ .Values.kruiseGame.fullname }}
  namespace: {{ .Values.installation.namespace }}
  labels:
    control-plane: {{ .Values.kruiseGame.fullname }}
spec:
  selector:
    matchLabels:
      control-plane: {{ .Values.kruiseGame.fullname }}
  replicas: {{ .Values.replicaCount }}
  template:
    metadata:
      annotations:
        kubectl.kubernetes.io/default-container: manager
      labels:
        control-plane: {{ .Values.kruiseGame.fullname }}
    spec:
      #      securityContext:
      #        runAsNonRoot: true
      # TODO(user): For common cases that do not require escalating privileges
      # it is recommended to ensure that all your Pods/Containers are restrictive.
      # More info: https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
      # Please uncomment the following code if your project does NOT have to work on old Kubernetes
      # versions < 1.19 or on vendors versions which do NOT support this field by default (i.e. Openshift < 4.11 ).
      # seccompProfile:
      #   type: RuntimeDefault
      containers:
        - command:
            - /manager
          args:
            - --leader-elect=false
            - --provider-config=/etc/kruise-game/config.toml
            - --api-server-qps={{ .Values.kruiseGame.apiServerQps }}
            - --api-server-qps-burst={{ .Values.kruiseGame.apiServerQpsBurst }}
            - --scale-server-bind-address=:{{ .Values.scale.service.targetPort }}
            {{- if .Values.prometheus.enabled }}
            - --metrics-bind-address=:{{ .Values.prometheus.monitorService.port }}
            {{- end }}
          image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
          imagePullPolicy: {{ .Values.image.pullPolicy }}
          name: manager
          env:
          - name: "NETWORK_TOTAL_WAIT_TIME"
            value: {{ .Values.network.totalWaitTime | quote }}
          - name: "NETWORK_PROBE_INTERVAL_TIME"
            value: {{ .Values.network.probeIntervalTime | quote }}
          ports:
            - name: https
              containerPort: {{ .Values.prometheus.monitorService.port }}
          securityContext:
            allowPrivilegeEscalation: false
            capabilities:
              drop:
                - "ALL"
          livenessProbe:
            httpGet:
              path: /healthz
              port: {{ .Values.kruiseGame.healthBindPort }}
            initialDelaySeconds: 5
            periodSeconds: 5
          readinessProbe:
            httpGet:
              path: /readyz
              port: {{ .Values.kruiseGame.healthBindPort }}
            initialDelaySeconds: 5
            periodSeconds: 5
          # TODO(user): Configure the resources accordingly based on the project requirements.
          # More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
          resources:
            {{- toYaml .Values.resources | nindent 12 }}
          volumeMounts:
            - mountPath: /etc/kruise-game
              name: provider-config
      topologySpreadConstraints:
      - labelSelector:
          matchLabels:
            control-plane: {{ .Values.kruiseGame.fullname }}
{{- if and ( eq (int .Capabilities.KubeVersion.Major) 1) ( gt (int .Capabilities.KubeVersion.Minor) 26 ) }}
        matchLabelKeys:
        - pod-template-hash
{{- end }}
        maxSkew: 1
        topologyKey: topology.kubernetes.io/zone
        whenUnsatisfiable:  ScheduleAnyway
      serviceAccountName: {{ .Values.kruiseGame.fullname }}
      terminationGracePeriodSeconds: 10
      volumes:
        - configMap:
            defaultMode: 420
            items:
              - key: config.toml
                path: config.toml
            name: kruise-game-manager-config
          name: provider-config
      {{- with .Values.nodeSelector }}
      nodeSelector:
        {{- toYaml . | nindent 8 }}
      {{- end }}
      {{- with .Values.affinity }}
      affinity:
        {{- toYaml . | nindent 8 }}
      {{- end }}
      {{- with .Values.tolerations }}
      tolerations:
        {{- toYaml . | nindent 8 }}
      {{- end }}