107 lines
3.4 KiB
Django/Jinja
107 lines
3.4 KiB
Django/Jinja
---
|
|
apiVersion: v1
|
|
kind: Pod
|
|
metadata:
|
|
name: ansible-tower-management
|
|
namespace: {{ kubernetes_namespace }}
|
|
{% if kubernetes_pod_annotations is defined %}
|
|
annotations:
|
|
{% for key, value in kubernetes_pod_annotations.items() %}
|
|
{{ key }}: {{ value | quote }}
|
|
{% endfor %}
|
|
{% endif %}
|
|
spec:
|
|
{% if kubernetes_image_pull_secrets is defined %}
|
|
imagePullSecrets:
|
|
- name: "{{ kubernetes_image_pull_secrets }}"
|
|
{% endif %}
|
|
containers:
|
|
- name: ansible-tower-management
|
|
image: "{{ kubernetes_awx_image }}:{{ kubernetes_awx_version }}"
|
|
imagePullPolicy: Always
|
|
command: ["sleep", "infinity"]
|
|
volumeMounts:
|
|
{% if ca_trust_dir is defined %}
|
|
- name: {{ kubernetes_deployment_name }}-ca-trust-dir
|
|
mountPath: "/etc/pki/ca-trust/source/anchors/"
|
|
readOnly: true
|
|
|
|
{% endif %}
|
|
- name: {{ kubernetes_deployment_name }}-application-config
|
|
mountPath: "/etc/tower/settings.py"
|
|
subPath: settings.py
|
|
readOnly: true
|
|
{% if postgres_root_ca_cert is defined %}
|
|
- name: {{ kubernetes_deployment_name }}-postgres-root-ca-cert
|
|
mountPath: {{ ca_trust_bundle }}
|
|
subPath: {{ postgres_root_ca_filename }}
|
|
readOnly: true
|
|
{% endif %}
|
|
- name: "{{ kubernetes_deployment_name }}-application-credentials"
|
|
mountPath: "/etc/tower/conf.d/"
|
|
readOnly: true
|
|
|
|
- name: {{ kubernetes_deployment_name }}-secret-key
|
|
mountPath: "/etc/tower/SECRET_KEY"
|
|
subPath: SECRET_KEY
|
|
readOnly: true
|
|
resources:
|
|
{% if management_mem_limit is defined or management_cpu_limit is defined %}
|
|
limits:
|
|
{% endif %}
|
|
{% if management_mem_limit is defined %}
|
|
memory: "{{ management_mem_limit }}Gi"
|
|
{% endif %}
|
|
{% if management_cpu_limit is defined %}
|
|
cpu: "{{ management_cpu_limit }}m"
|
|
{% endif %}
|
|
{% if tolerations is defined %}
|
|
tolerations:
|
|
{{ tolerations | to_nice_yaml(indent=2) | indent(width=4, indentfirst=True) }}
|
|
{% endif %}
|
|
{% if node_selector is defined %}
|
|
nodeSelector:
|
|
{{ node_selector | to_nice_yaml(indent=2) | indent(width=4, indentfirst=True) }}
|
|
{% endif %}
|
|
{% if affinity is defined %}
|
|
affinity:
|
|
{{ affinity | to_nice_yaml(indent=2) | indent(width=4, indentfirst=True) }}
|
|
{% endif %}
|
|
volumes:
|
|
{% if ca_trust_dir is defined %}
|
|
- name: {{ kubernetes_deployment_name }}-ca-trust-dir
|
|
hostPath:
|
|
path: "{{ ca_trust_dir }}"
|
|
type: Directory
|
|
|
|
{% endif %}
|
|
- name: {{ kubernetes_deployment_name }}-application-config
|
|
configMap:
|
|
name: {{ kubernetes_deployment_name }}-config
|
|
items:
|
|
- key: {{ kubernetes_deployment_name }}_settings
|
|
path: settings.py
|
|
{% if postgres_root_ca_cert is defined %}
|
|
- name: {{ kubernetes_deployment_name }}-postgres-root-ca-cert
|
|
configMap:
|
|
name: {{ kubernetes_deployment_name }}-postgres-root-ca-cert
|
|
items:
|
|
- key: postgres_root_ca.crt
|
|
path: postgres_root_ca.crt
|
|
{% endif %}
|
|
- name: {{ kubernetes_deployment_name }}-secret-key
|
|
secret:
|
|
secretName: "{{ kubernetes_deployment_name }}-secrets"
|
|
items:
|
|
- key: secret_key
|
|
path: SECRET_KEY
|
|
|
|
- name: "{{ kubernetes_deployment_name }}-application-credentials"
|
|
secret:
|
|
secretName: "{{ kubernetes_deployment_name }}-secrets"
|
|
items:
|
|
- key: credentials_py
|
|
path: 'credentials.py'
|
|
|
|
restartPolicy: Never
|