charts/coredns/templates/deployment.yaml

{{- if .Values.deployment.enabled }}
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: {{ default (include "coredns.fullname" .) .Values.deployment.name }}
  namespace: {{ .Release.Namespace }}
  labels: {{- include "coredns.labels" . | nindent 4 }}
    app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- if .Values.customLabels }}
{{ toYaml .Values.customLabels | indent 4 }}
{{- end }}
  {{- if or .Values.deployment.annotations .Values.customAnnotations }}
  annotations:
    {{- if .Values.customAnnotations }}
    {{- toYaml .Values.customAnnotations | nindent 4 }}
    {{- end }}
    {{- if .Values.deployment.annotations }}
    {{- toYaml .Values.deployment.annotations | nindent 4 }}
    {{- end }}
  {{- end }}
spec:
  {{- if and (not .Values.autoscaler.enabled) (not .Values.hpa.enabled) }}
  replicas: {{ .Values.replicaCount }}
  {{- end }}
  strategy:
    type: RollingUpdate
    rollingUpdate:
      maxUnavailable: {{ .Values.rollingUpdate.maxUnavailable }}
      maxSurge: {{ .Values.rollingUpdate.maxSurge }}
  selector:
    {{- if .Values.deployment.selector }}
    {{- toYaml .Values.deployment.selector | nindent 4 }}
    {{- else }}
    matchLabels:
      app.kubernetes.io/instance: {{ .Release.Name | quote }}
      {{- if .Values.isClusterService }}
      k8s-app: {{ template "coredns.k8sapplabel" . }}
      {{- end }}
      app.kubernetes.io/name: {{ template "coredns.name" . }}
    {{- end }}
  template:
    metadata:
      labels:
        {{- if .Values.isClusterService }}
        k8s-app: {{ template "coredns.k8sapplabel" . }}
        {{- end }}
        app.kubernetes.io/name: {{ template "coredns.name" . }}
        app.kubernetes.io/instance: {{ .Release.Name | quote }}
{{- if .Values.customLabels }}
{{ toYaml .Values.customLabels | indent 8 }}
{{- end }}
      annotations:
        checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
        {{- if .Values.isClusterService }}
        scheduler.alpha.kubernetes.io/tolerations: '[{"key":"CriticalAddonsOnly", "operator":"Exists"}]'
        {{- end }}
{{- if .Values.podAnnotations }}
{{ toYaml .Values.podAnnotations | indent 8 }}
{{- end }}
    spec:
      {{- if .Values.podSecurityContext }}
      securityContext: {{ toYaml .Values.podSecurityContext | nindent 8 }}
      {{- end }}
      {{- if .Values.terminationGracePeriodSeconds }}
      terminationGracePeriodSeconds: {{ .Values.terminationGracePeriodSeconds }}
      {{- end }}
      serviceAccountName: {{ template "coredns.serviceAccountName" . }}
      {{- if .Values.priorityClassName }}
      priorityClassName: {{ .Values.priorityClassName | quote }}
      {{- end }}
      {{- if .Values.isClusterService }}
      dnsPolicy: Default
      {{- end }}
      {{- if .Values.affinity }}
      affinity:
{{ toYaml .Values.affinity | indent 8 }}
      {{- end }}
      {{- if .Values.topologySpreadConstraints }}
      topologySpreadConstraints:
{{ tpl (toYaml .Values.topologySpreadConstraints) $ | indent 8 }}
      {{- end }}
      {{- if .Values.tolerations }}
      tolerations:
{{ toYaml .Values.tolerations | indent 8 }}
      {{- end }}
      {{- if .Values.nodeSelector }}
      nodeSelector:
{{ toYaml .Values.nodeSelector | indent 8 }}
      {{- end }}
      {{- if not (empty .Values.image.pullSecrets) }}
      imagePullSecrets:
{{ toYaml .Values.image.pullSecrets | indent 8 }}
      {{- end }}
      containers:
      - name: "coredns"
        image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
        imagePullPolicy: {{ .Values.image.pullPolicy }}
        args: [ "-conf", "/etc/coredns/Corefile" ]
        volumeMounts:
        - name: config-volume
          mountPath: /etc/coredns
{{- range .Values.extraSecrets }}
        - name: {{ .name }}
          mountPath: {{ .mountPath }}
          readOnly: true
{{- end }}
{{- if .Values.extraVolumeMounts }}
{{- toYaml .Values.extraVolumeMounts | nindent 8}}
{{- end }}
        resources:
{{ toYaml .Values.resources | indent 10 }}
        ports:
{{ include "coredns.containerPorts" . | indent 8 }}
        {{- if .Values.livenessProbe.enabled }}
        livenessProbe:
          httpGet:
            path: /health
            port: 8080
            scheme: HTTP
          initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }}
          periodSeconds: {{ .Values.livenessProbe.periodSeconds }}
          timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }}
          successThreshold: {{ .Values.livenessProbe.successThreshold }}
          failureThreshold: {{ .Values.livenessProbe.failureThreshold }}
        {{- end }}
        {{- if .Values.readinessProbe.enabled }}
        readinessProbe:
          httpGet:
            path: /ready
            port: 8181
            scheme: HTTP
          initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }}
          periodSeconds: {{ .Values.readinessProbe.periodSeconds }}
          timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }}
          successThreshold: {{ .Values.readinessProbe.successThreshold }}
          failureThreshold: {{ .Values.readinessProbe.failureThreshold }}
        {{- end }}
{{- if .Values.securityContext }}
        securityContext:
{{- toYaml .Values.securityContext | nindent 10 }}
{{- end }}
{{- if .Values.extraContainers }}
{{ toYaml .Values.extraContainers | indent 6 }}
{{- end }}
      volumes:
        - name: config-volume
          configMap:
            name: {{ template "coredns.fullname" . }}
            items:
            - key: Corefile
              path: Corefile
            {{ range .Values.zoneFiles }}
            - key: {{ .filename }}
              path: {{ .filename }}
            {{ end }}
{{- range .Values.extraSecrets }}
        - name: {{ .name }}
          secret:
            secretName: {{ .name }}
            defaultMode: {{ default 400 .defaultMode }}
{{- end }}
{{- if .Values.extraVolumes }}
{{ toYaml .Values.extraVolumes | indent 8 }}
{{- end }}
{{- end }}