198 lines
8.8 KiB
YAML
198 lines
8.8 KiB
YAML
{{- if .Values.gateway.enabled }}
|
|
apiVersion: {{ include "common.capabilities.deployment.apiVersion" . }}
|
|
kind: Deployment
|
|
metadata:
|
|
name: {{ include "common.names.fullname" . }}
|
|
namespace: {{ .Release.Namespace }}
|
|
labels: {{- include "common.labels.standard" . | nindent 4 }}
|
|
{{- if .Values.commonLabels }}
|
|
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
|
|
{{- end }}
|
|
{{- if .Values.commonAnnotations }}
|
|
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
|
|
{{- end }}
|
|
spec:
|
|
replicas: {{ .Values.gateway.replicaCount }}
|
|
{{- if .Values.deployment.updateStrategy }}
|
|
strategy: {{- toYaml .Values.deployment.updateStrategy | nindent 4 }}
|
|
{{- end }}
|
|
selector:
|
|
matchLabels: {{- include "common.labels.matchLabels" . | nindent 6 }}
|
|
template:
|
|
metadata:
|
|
labels: {{- include "common.labels.standard" . | nindent 8 }}
|
|
{{- if .Values.podLabels }}
|
|
{{- include "common.tplvalues.render" (dict "value" .Values.podLabels "context" $) | nindent 8 }}
|
|
{{- end }}
|
|
{{- if or .Values.podAnnotations (include "minio.createSecret" .) }}
|
|
annotations:
|
|
{{- if (include "minio.createSecret" .) }}
|
|
checksum/credentials-secret: {{ include (print $.Template.BasePath "/secrets.yaml") . | sha256sum }}
|
|
{{- end }}
|
|
{{- if .Values.podAnnotations }}
|
|
{{- include "common.tplvalues.render" ( dict "value" .Values.podAnnotations "context" $) | nindent 8 }}
|
|
{{- end }}
|
|
{{- end }}
|
|
spec:
|
|
{{- include "minio.imagePullSecrets" . | nindent 6 }}
|
|
{{- if .Values.schedulerName }}
|
|
schedulerName: {{ .Values.schedulerName }}
|
|
{{- end }}
|
|
serviceAccountName: {{ template "minio.serviceAccountName" . }}
|
|
{{- if .Values.affinity }}
|
|
affinity: {{- include "common.tplvalues.render" (dict "value" .Values.affinity "context" $) | nindent 8 }}
|
|
{{- else }}
|
|
affinity:
|
|
podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.podAffinityPreset "context" $) | nindent 10 }}
|
|
podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.podAntiAffinityPreset "context" $) | nindent 10 }}
|
|
nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.nodeAffinityPreset.type "key" .Values.nodeAffinityPreset.key "values" .Values.nodeAffinityPreset.values) | nindent 10 }}
|
|
{{- end }}
|
|
{{- if .Values.nodeSelector }}
|
|
nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.nodeSelector "context" $) | nindent 8 }}
|
|
{{- end }}
|
|
{{- if .Values.tolerations }}
|
|
tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.tolerations "context" $) | nindent 8 }}
|
|
{{- end }}
|
|
{{- if .Values.hostAliases }}
|
|
hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.hostAliases "context" $) | nindent 8 }}
|
|
{{- end }}
|
|
{{- if .Values.securityContext.enabled }}
|
|
securityContext:
|
|
fsGroup: {{ .Values.securityContext.fsGroup }}
|
|
{{- end }}
|
|
{{- if .Values.initContainers }}
|
|
initContainers: {- include "common.tplvalues.render" (dict "value" .Values.initContainers "context" $) | nindent 8 }}
|
|
{{- end }}
|
|
containers:
|
|
- name: minio
|
|
image: {{ include "minio.image" . }}
|
|
imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
|
|
{{- if .Values.securityContext.enabled }}
|
|
securityContext:
|
|
runAsUser: {{ .Values.securityContext.runAsUser }}
|
|
{{- end }}
|
|
command:
|
|
{{- if .Values.command }}
|
|
{{- include "common.tplvalues.render" (dict "value" .Values.command "context" $) | nindent 12 }}
|
|
{{- else }}
|
|
- minio
|
|
{{- end }}
|
|
args:
|
|
{{- if .Values.args }}
|
|
{{- include "common.tplvalues.render" (dict "value" .Values.args "context" $) | nindent 12 }}
|
|
{{- else }}
|
|
- --certs-dir
|
|
- /opt/bitnami/minio/certs
|
|
- gateway
|
|
- {{ .Values.gateway.type }}
|
|
{{- if eq .Values.gateway.type "gcs" }}
|
|
- {{ .Values.gateway.auth.gcs.projectID }}
|
|
{{- else if eq .Values.gateway.type "nas" }}
|
|
- {{ .Values.persistence.mountPath }}
|
|
{{- else if eq .Values.gateway.type "s3" }}
|
|
- {{ .Values.gateway.auth.s3.serviceEndpoint }}
|
|
{{- end }}
|
|
{{- end }}
|
|
env:
|
|
{{- if eq .Values.gateway.type "azure" }}
|
|
- name: AZURE_STORAGE_ACCOUNT
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: {{ include "minio.secretName" . }}
|
|
key: azure-storage-account-name
|
|
- name: AZURE_STORAGE_KEY
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: {{ include "minio.secretName" . }}
|
|
key: azure-storage-account-key
|
|
{{- else if and (eq .Values.gateway.type "gcs") .Values.gateway.auth.gcs.keyJSON }}
|
|
- name: GOOGLE_APPLICATION_CREDENTIALS
|
|
value: "/opt/bitnami/minio/secrets/key.json"
|
|
{{- end }}
|
|
- name: MINIO_ROOT_USER
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: {{ include "minio.secretName" . }}
|
|
key: access-key
|
|
- name: MINIO_ROOT_PASSWORD
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: {{ include "minio.secretName" . }}
|
|
key: secret-key
|
|
- name: MINIO_PROMETHEUS_AUTH_TYPE
|
|
value: {{ .Values.metrics.prometheusAuthType | quote }}
|
|
{{- if .Values.extraEnv }}
|
|
{{- include "common.tplvalues.render" (dict "value" .Values.extraEnv "context" $) | nindent 12 }}
|
|
{{- end }}
|
|
envFrom:
|
|
{{- if .Values.extraEnvVarsCM }}
|
|
- configMapRef:
|
|
name: {{ include "common.tplvalues.render" (dict "value" .Values.extraEnvVarsCM "context" $) }}
|
|
{{- end }}
|
|
{{- if .Values.extraEnvVarsSecret }}
|
|
- secretRef:
|
|
name: {{ include "common.tplvalues.render" (dict "value" .Values.extraEnvVarsSecret "context" $) }}
|
|
{{- end }}
|
|
ports:
|
|
- name: minio
|
|
containerPort: {{ .Values.containerPort }}
|
|
protocol: TCP
|
|
{{- if .Values.resources }}
|
|
resources: {{- toYaml .Values.resources | nindent 12 }}
|
|
{{- end }}
|
|
volumeMounts:
|
|
{{- if and (eq .Values.gateway.type "gcs") .Values.gateway.auth.gcs.keyJSON }}
|
|
- name: minio-credentials
|
|
mountPath: /opt/bitnami/minio/secrets/
|
|
readOnly: true
|
|
{{- end }}
|
|
{{- if eq .Values.gateway.type "nas" }}
|
|
- name: data
|
|
mountPath: {{ .Values.persistence.mountPath }}
|
|
subPath: {{ .Release.Namespace }}/{{ include "common.names.fullname" . }}
|
|
{{- if .Values.global.srs.pvc }}
|
|
- name: srs-vol
|
|
mountPath: /data/live-cluster-hls
|
|
subPath: {{ .Values.global.srs.mpath.cluster.hls }}
|
|
- name: srs-vol
|
|
mountPath: /data/live-cluster-dvr
|
|
subPath: {{ .Values.global.srs.mpath.cluster.dvr }}
|
|
- name: srs-vol
|
|
mountPath: /data/live-rtc-hls
|
|
subPath: {{ .Values.global.srs.mpath.rtc.hls }}
|
|
- name: srs-vol
|
|
mountPath: /data/live-rtc-dvr
|
|
subPath: {{ .Values.global.srs.mpath.rtc.dvr }}
|
|
{{- end }}
|
|
{{- end }}
|
|
{{- if .Values.extraVolumeMounts }}
|
|
{{- include "common.tplvalues.render" (dict "value" .Values.extraVolumeMounts "context" $) | nindent 12 }}
|
|
{{- end }}
|
|
{{- if .Values.sidecars }}
|
|
{{- include "common.tplvalues.render" (dict "value" .Values.sidecars "context" $) | nindent 8 }}
|
|
{{- end }}
|
|
volumes:
|
|
{{- if and (eq .Values.gateway.type "gcs") .Values.gateway.auth.gcs.keyJSON }}
|
|
- name: minio-credentials
|
|
secret:
|
|
secretName: {{ include "minio.secretName" . }}
|
|
{{- end }}
|
|
{{- if eq .Values.gateway.type "nas" }}
|
|
- name: data
|
|
{{- if .Values.persistence.enabled }}
|
|
persistentVolumeClaim:
|
|
claimName: {{ include "minio.claimName" . }}
|
|
{{- else }}
|
|
emptyDir: {}
|
|
{{- end }}
|
|
{{- if .Values.global.srs.pvc }}
|
|
- name: srs-vol
|
|
persistentVolumeClaim:
|
|
claimName: {{ .Values.global.srs.pvc }}
|
|
{{- end }}
|
|
{{- end }}
|
|
{{- if .Values.extraVolumes }}
|
|
{{- include "common.tplvalues.render" (dict "value" .Values.extraVolumes "context" $) | nindent 8 }}
|
|
{{- end }}
|
|
{{- end }}
|