--- /dev/null
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: {{ template "kong.fullname" . }}
+ labels:
+ {{- include "kong.metaLabels" . | nindent 4 }}
+ app.kubernetes.io/component: app
+spec:
+ replicas: {{ .Values.replicaCount }}
+ selector:
+ matchLabels:
+ {{- include "kong.selectorLabels" . | nindent 6 }}
+ {{- if .Values.updateStrategy }}
+ strategy:
+{{ toYaml .Values.updateStrategy | indent 4 }}
+ {{- end }}
+
+ template:
+ metadata:
+ annotations:
+ {{- if .Values.ingressController.admissionWebhook.enabled }}
+ checksum/admission-webhook.yaml: {{ include (print $.Template.BasePath "/admission-webhook.yaml") . | sha256sum }}
+ {{- end }}
+ {{- if (and (not .Values.ingressController.enabled) (eq .Values.env.database "off" )) }}
+ {{- if .Values.dblessConfig.config }}
+ checksum/dbless.config: {{ toYaml .Values.dblessConfig.config | sha256sum }}
+ {{- end }}
+ {{- end }}
+ {{- if .Values.podAnnotations }}
+{{ toYaml .Values.podAnnotations | indent 8 }}
+ {{- end }}
+ labels:
+ {{- include "kong.metaLabels" . | nindent 8 }}
+ app.kubernetes.io/component: app
+ spec:
+ {{- if or .Values.ingressController.enabled .Values.podSecurityPolicy.enabled }}
+ serviceAccountName: {{ template "kong.serviceAccountName" . }}
+ {{ end }}
+ {{- if .Values.image.pullSecrets }}
+ imagePullSecrets:
+ {{- range .Values.image.pullSecrets }}
+ - name: {{ . }}
+ {{- end }}
+ {{- end }}
+ {{- if not (eq .Values.env.database "off") }}
+ initContainers:
+ {{- include "kong.wait-for-db" . | nindent 6 }}
+ {{ end }}
+ containers:
+ {{- if .Values.ingressController.enabled }}
+ {{- include "kong.controller-container" . | nindent 6 }}
+ {{ end }}
+ - name: "proxy"
+ image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
+ imagePullPolicy: {{ .Values.image.pullPolicy }}
+ env:
+ {{- include "kong.final_env" . | nindent 8 }}
+ lifecycle:
+ preStop:
+ exec:
+ command: [ "/bin/sh", "-c", "kong quit" ]
+ ports:
+ - name: admin
+ containerPort: {{ .Values.admin.containerPort }}
+ {{- if .Values.admin.hostPort }}
+ hostPort: {{ .Values.admin.hostPort }}
+ {{- end}}
+ protocol: TCP
+ {{- if .Values.proxy.http.enabled }}
+ - name: proxy
+ containerPort: {{ .Values.proxy.http.containerPort }}
+ {{- if .Values.proxy.http.hostPort }}
+ hostPort: {{ .Values.proxy.http.hostPort }}
+ {{- end}}
+ protocol: TCP
+ {{- end }}
+ {{- if .Values.proxy.tls.enabled }}
+ - name: proxy-tls
+ containerPort: {{ .Values.proxy.tls.containerPort }}
+ {{- if .Values.proxy.tls.hostPort }}
+ hostPort: {{ .Values.proxy.tls.hostPort }}
+ {{- end}}
+ protocol: TCP
+ {{- end }}
+ - name: metrics
+ containerPort: 9542
+ protocol: TCP
+ {{- if .Values.ingressController.admissionWebhook.enabled }}
+ - name: webhook
+ containerPort: {{ .Values.ingressController.admissionWebhook.port }}
+ protocol: TCP
+ {{- end }}
+ {{- if .Values.enterprise.enabled }}
+ {{- if .Values.manager.http.enabled }}
+ - name: manager
+ containerPort: {{ .Values.manager.http.containerPort }}
+ {{- if .Values.manager.http.hostPort }}
+ hostPort: {{ .Values.manager.http.hostPort }}
+ {{- end}}
+ protocol: TCP
+ {{- end }}
+ {{- if .Values.manager.tls.enabled }}
+ - name: manager-tls
+ containerPort: {{ .Values.manager.tls.containerPort }}
+ {{- if .Values.manager.tls.hostPort }}
+ hostPort: {{ .Values.manager.tls.hostPort }}
+ {{- end}}
+ protocol: TCP
+ {{- end }}
+ {{- if .Values.portal.http.enabled }}
+ - name: portal
+ containerPort: {{ .Values.portal.http.containerPort }}
+ {{- if .Values.portal.http.hostPort }}
+ hostPort: {{ .Values.portal.http.hostPort }}
+ {{- end}}
+ protocol: TCP
+ {{- end }}
+ {{- if .Values.portal.tls.enabled }}
+ - name: portal-tls
+ containerPort: {{ .Values.portal.tls.containerPort }}
+ {{- if .Values.portal.tls.hostPort }}
+ hostPort: {{ .Values.portal.tls.hostPort }}
+ {{- end}}
+ protocol: TCP
+ {{- end }}
+ {{- if .Values.portalapi.http.enabled }}
+ - name: portalapi
+ containerPort: {{ .Values.portalapi.http.containerPort }}
+ {{- if .Values.portalapi.http.hostPort }}
+ hostPort: {{ .Values.portalapi.http.hostPort }}
+ {{- end}}
+ protocol: TCP
+ {{- end }}
+ {{- if .Values.portalapi.tls.enabled }}
+ - name: portalapi-tls
+ containerPort: {{ .Values.portalapi.tls.containerPort }}
+ {{- if .Values.portalapi.tls.hostPort }}
+ hostPort: {{ .Values.portalapi.tls.hostPort }}
+ {{- end}}
+ protocol: TCP
+ {{- end }}
+ {{- end }}
+ volumeMounts:
+ {{- include "kong.volumeMounts" . | nindent 10 }}
+ readinessProbe:
+{{ toYaml .Values.readinessProbe | indent 10 }}
+ livenessProbe:
+{{ toYaml .Values.livenessProbe | indent 10 }}
+ resources:
+{{ toYaml .Values.resources | indent 10 }}
+ {{- if .Values.affinity }}
+ affinity:
+{{ toYaml .Values.affinity | indent 8 }}
+ {{- end }}
+ securityContext:
+ {{- include "kong.podsecuritycontext" . | nindent 8 }}
+ {{- if .Values.nodeSelector }}
+ nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 8 }}
+ {{- end }}
+ tolerations:
+{{ toYaml .Values.tolerations | indent 8 }}
+ volumes:
+ {{- include "kong.volumes" . | nindent 8 -}}