97 lines
3.5 KiB
YAML
97 lines
3.5 KiB
YAML
---
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
labels:
|
|
{{ toYaml $.Values.nfc_monitoring.prometheus_adaptor.labels | nindent 4 }}
|
|
app.kubernetes.io/part-of: {{ $.Chart.Name }}
|
|
app.kubernetes.io/managed-by: {{ $.Release.Service }}
|
|
app.kubernetes.io/version: {{ $.Chart.Version }}
|
|
name: prometheus-adapter
|
|
namespace: "{{ .Values.nfc_monitoring.prometheus_adaptor.namespace }}"
|
|
spec:
|
|
replicas: 2
|
|
selector:
|
|
matchLabels:
|
|
{{ toYaml $.Values.nfc_monitoring.prometheus_adaptor.labels | nindent 6 }}
|
|
app.kubernetes.io/part-of: {{ $.Chart.Name }}
|
|
app.kubernetes.io/managed-by: {{ $.Release.Service }}
|
|
app.kubernetes.io/version: {{ $.Chart.Version }}
|
|
strategy:
|
|
rollingUpdate:
|
|
maxSurge: 1
|
|
maxUnavailable: 1
|
|
template:
|
|
metadata:
|
|
labels:
|
|
{{ toYaml $.Values.nfc_monitoring.prometheus_adaptor.labels | nindent 8 }}
|
|
app.kubernetes.io/part-of: {{ $.Chart.Name }}
|
|
app.kubernetes.io/managed-by: {{ $.Release.Service }}
|
|
app.kubernetes.io/version: {{ $.Chart.Version }}
|
|
spec:
|
|
affinity:
|
|
{{- toYaml .Values.nfc_monitoring.prometheus_adaptor.affinity | nindent 8 }}
|
|
automountServiceAccountToken: true
|
|
containers:
|
|
- args:
|
|
- --cert-dir=/var/run/serving-cert
|
|
- --config=/etc/adapter/config.yaml
|
|
- --metrics-relist-interval=1m
|
|
- --prometheus-url=https://prometheus.monitoring.svc:9090/
|
|
- --secure-port=6443
|
|
- --tls-cipher-suites=TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA
|
|
image: "{{ .Values.nfc_monitoring.prometheus_adaptor.image.name }}:{{ .Values.nfc_monitoring.prometheus_adaptor.image.tag }}"
|
|
livenessProbe:
|
|
failureThreshold: 5
|
|
httpGet:
|
|
path: /livez
|
|
port: https
|
|
scheme: HTTPS
|
|
initialDelaySeconds: 30
|
|
periodSeconds: 5
|
|
name: prometheus-adapter
|
|
ports:
|
|
- containerPort: 6443
|
|
name: https
|
|
readinessProbe:
|
|
failureThreshold: 5
|
|
httpGet:
|
|
path: /readyz
|
|
port: https
|
|
scheme: HTTPS
|
|
initialDelaySeconds: 30
|
|
periodSeconds: 5
|
|
resources:
|
|
requests:
|
|
cpu: 102m
|
|
memory: 180Mi
|
|
securityContext:
|
|
allowPrivilegeEscalation: false
|
|
capabilities:
|
|
drop:
|
|
- ALL
|
|
readOnlyRootFilesystem: true
|
|
terminationMessagePolicy: FallbackToLogsOnError
|
|
volumeMounts:
|
|
- mountPath: /tmp
|
|
name: tmpfs
|
|
readOnly: false
|
|
- mountPath: /var/run/serving-cert
|
|
name: volume-serving-cert
|
|
readOnly: false
|
|
- mountPath: /etc/adapter
|
|
name: config
|
|
readOnly: false
|
|
nodeSelector:
|
|
kubernetes.io/os: linux
|
|
securityContext: {}
|
|
serviceAccountName: prometheus-adapter
|
|
volumes:
|
|
- emptyDir: {}
|
|
name: tmpfs
|
|
- emptyDir: {}
|
|
name: volume-serving-cert
|
|
- configMap:
|
|
name: adapter-config
|
|
name: config
|