diff --git a/utils/helm/speckle-server/templates/_helpers.tpl b/utils/helm/speckle-server/templates/_helpers.tpl index 5927ac7ef..e2f2b28f3 100644 --- a/utils/helm/speckle-server/templates/_helpers.tpl +++ b/utils/helm/speckle-server/templates/_helpers.tpl @@ -228,3 +228,16 @@ Params: {{- printf "false" -}} {{- end -}} {{- end -}} + +{{/* +Renders a value that contains template. +Usage: +{{ include "speckle.renderTpl" ( dict "value" .Values.path.to.value "context" $) }} +*/}} +{{- define "speckle.renderTpl" -}} + {{- if typeIs "string" .value }} + {{- tpl .value .context }} + {{- else }} + {{- tpl (.value | toYaml) .context }} + {{- end }} +{{- end -}} diff --git a/utils/helm/speckle-server/templates/fileimport_service/deployment.yml b/utils/helm/speckle-server/templates/fileimport_service/deployment.yml index 744b1b07f..66a55136f 100644 --- a/utils/helm/speckle-server/templates/fileimport_service/deployment.yml +++ b/utils/helm/speckle-server/templates/fileimport_service/deployment.yml @@ -65,7 +65,7 @@ spec: env: - name: SPECKLE_SERVER_URL value: "http://speckle-server:3000" - + - name: PG_CONNECTION_STRING valueFrom: secretKeyRef: @@ -83,6 +83,19 @@ spec: - name: FILE_IMPORT_TIME_LIMIT_MIN value: {{ .Values.fileimport_service.time_limit_min | quote }} + {{- if .Values.fileimport_service.affinity }} + affinity: {{- include "speckle.renderTpl" (dict "value" .Values.fileimport_service.affinity "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.fileimport_service.nodeSelector }} + nodeSelector: {{- include "speckle.renderTpl" (dict "value" .Values.fileimport_service.nodeSelector "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.fileimport_service.tolerations }} + tolerations: {{- include "speckle.renderTpl" (dict "value" .Values.fileimport_service.tolerations "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.fileimport_service.topologySpreadConstraints }} + topologySpreadConstraints: {{- include "speckle.renderTpl" (dict "value" .Values.fileimport_service.topologySpreadConstraints "context" $) | nindent 8 }} + {{- end }} + securityContext: runAsNonRoot: true runAsUser: 20000 @@ -91,7 +104,6 @@ spec: runAsGroup: 30000 seccompProfile: type: RuntimeDefault - priorityClassName: low-priority volumes: diff --git a/utils/helm/speckle-server/templates/frontend/deployment.yml b/utils/helm/speckle-server/templates/frontend/deployment.yml index 7b521d0ed..c66993978 100644 --- a/utils/helm/speckle-server/templates/frontend/deployment.yml +++ b/utils/helm/speckle-server/templates/frontend/deployment.yml @@ -52,3 +52,15 @@ spec: value: {{ .Values.file_size_limit_mb | quote }} priorityClassName: high-priority + {{- if .Values.frontend.affinity }} + affinity: {{- include "speckle.renderTpl" (dict "value" .Values.frontend.affinity "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.frontend.nodeSelector }} + nodeSelector: {{- include "speckle.renderTpl" (dict "value" .Values.frontend.nodeSelector "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.frontend.tolerations }} + tolerations: {{- include "speckle.renderTpl" (dict "value" .Values.frontend.tolerations "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.frontend.topologySpreadConstraints }} + topologySpreadConstraints: {{- include "speckle.renderTpl" (dict "value" .Values.frontend.topologySpreadConstraints "context" $) | nindent 8 }} + {{- end }} diff --git a/utils/helm/speckle-server/templates/monitoring/deployment.yml b/utils/helm/speckle-server/templates/monitoring/deployment.yml index 3711838f8..1be1e8997 100644 --- a/utils/helm/speckle-server/templates/monitoring/deployment.yml +++ b/utils/helm/speckle-server/templates/monitoring/deployment.yml @@ -81,3 +81,15 @@ spec: {{- end }} terminationGracePeriodSeconds: 10 + {{- if .Values.monitoring.affinity }} + affinity: {{- include "speckle.renderTpl" (dict "value" .Values.monitoring.affinity "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.monitoring.nodeSelector }} + nodeSelector: {{- include "speckle.renderTpl" (dict "value" .Values.monitoring.nodeSelector "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.monitoring.tolerations }} + tolerations: {{- include "speckle.renderTpl" (dict "value" .Values.monitoring.tolerations "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.monitoring.topologySpreadConstraints }} + topologySpreadConstraints: {{- include "speckle.renderTpl" (dict "value" .Values.monitoring.topologySpreadConstraints "context" $) | nindent 8 }} + {{- end }} diff --git a/utils/helm/speckle-server/templates/preview_service/deployment.yml b/utils/helm/speckle-server/templates/preview_service/deployment.yml index 2ce33c418..3289a7052 100644 --- a/utils/helm/speckle-server/templates/preview_service/deployment.yml +++ b/utils/helm/speckle-server/templates/preview_service/deployment.yml @@ -76,6 +76,18 @@ spec: value: "/postgres-certificate/ca-certificate.crt" {{- end }} + {{- if .Values.preview_service.affinity }} + affinity: {{- include "speckle.renderTpl" (dict "value" .Values.preview_service.affinity "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.preview_service.nodeSelector }} + nodeSelector: {{- include "speckle.renderTpl" (dict "value" .Values.preview_service.nodeSelector "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.preview_service.tolerations }} + tolerations: {{- include "speckle.renderTpl" (dict "value" .Values.preview_service.tolerations "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.preview_service.topologySpreadConstraints }} + topologySpreadConstraints: {{- include "speckle.renderTpl" (dict "value" .Values.preview_service.topologySpreadConstraints "context" $) | nindent 8 }} + {{- end }} priorityClassName: low-priority securityContext: diff --git a/utils/helm/speckle-server/templates/server/deployment.yml b/utils/helm/speckle-server/templates/server/deployment.yml index c9449eab6..1a4372525 100644 --- a/utils/helm/speckle-server/templates/server/deployment.yml +++ b/utils/helm/speckle-server/templates/server/deployment.yml @@ -255,6 +255,18 @@ spec: name: {{ .Values.secretName }} key: apollo_key {{- end }} + {{- if .Values.server.affinity }} + affinity: {{- include "speckle.renderTpl" (dict "value" .Values.server.affinity "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.server.nodeSelector }} + nodeSelector: {{- include "speckle.renderTpl" (dict "value" .Values.server.nodeSelector "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.server.tolerations }} + tolerations: {{- include "speckle.renderTpl" (dict "value" .Values.server.tolerations "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.server.topologySpreadConstraints }} + topologySpreadConstraints: {{- include "speckle.renderTpl" (dict "value" .Values.server.topologySpreadConstraints "context" $) | nindent 8 }} + {{- end }} priorityClassName: high-priority securityContext: diff --git a/utils/helm/speckle-server/templates/webhook_service/deployment.yml b/utils/helm/speckle-server/templates/webhook_service/deployment.yml index 9c090d879..5c8b71cd4 100644 --- a/utils/helm/speckle-server/templates/webhook_service/deployment.yml +++ b/utils/helm/speckle-server/templates/webhook_service/deployment.yml @@ -76,6 +76,19 @@ spec: value: "/postgres-certificate/ca-certificate.crt" {{- end }} + {{- if .Values.webhook_service.affinity }} + affinity: {{- include "speckle.renderTpl" (dict "value" .Values.webhook_service.affinity "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.webhook_service.nodeSelector }} + nodeSelector: {{- include "speckle.renderTpl" (dict "value" .Values.webhook_service.nodeSelector "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.webhook_service.tolerations }} + tolerations: {{- include "speckle.renderTpl" (dict "value" .Values.webhook_service.tolerations "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.webhook_service.topologySpreadConstraints }} + topologySpreadConstraints: {{- include "speckle.renderTpl" (dict "value" .Values.webhook_service.topologySpreadConstraints "context" $) | nindent 8 }} + {{- end }} + priorityClassName: low-priority securityContext: diff --git a/utils/helm/speckle-server/values.yaml b/utils/helm/speckle-server/values.yaml index 5d89ceb83..876ed33fb 100644 --- a/utils/helm/speckle-server/values.yaml +++ b/utils/helm/speckle-server/values.yaml @@ -94,9 +94,24 @@ server: sentry_dns: '' disable_tracking: false disable_tracing: false - networkPolicy: enabled: false + ## @param server.affinity Affinity for Speckle server pods assignment + ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity + ## + affinity: {} + ## @param server.nodeSelector Node labels for Speckle server pods assignment + ## ref: https://kubernetes.io/docs/user-guide/node-selection/ + ## + nodeSelector: {} + ## @param server.tolerations Tolerations for Speckle server pods assignment + ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ + ## + tolerations: [] + ## @param server.topologySpreadConstraints Spread Constraints for Speckle server pod assignment + ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + ## + topologySpreadConstraints: [] frontend: replicas: 1 @@ -108,6 +123,22 @@ frontend: memory: 512Mi networkPolicy: enabled: false + ## @param server.affinity Affinity for Speckle server pods assignment + ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity + ## + affinity: {} + ## @param server.nodeSelector Node labels for Speckle server pods assignment + ## ref: https://kubernetes.io/docs/user-guide/node-selection/ + ## + nodeSelector: {} + ## @param server.tolerations Tolerations for Speckle server pods assignment + ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ + ## + tolerations: [] + ## @param server.topologySpreadConstraints Spread Constraints for Speckle server pod assignment + ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + ## + topologySpreadConstraints: [] preview_service: replicas: 1 @@ -119,6 +150,22 @@ preview_service: memory: 4Gi networkPolicy: enabled: false + ## @param server.affinity Affinity for Speckle server pods assignment + ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity + ## + affinity: {} + ## @param server.nodeSelector Node labels for Speckle server pods assignment + ## ref: https://kubernetes.io/docs/user-guide/node-selection/ + ## + nodeSelector: {} + ## @param server.tolerations Tolerations for Speckle server pods assignment + ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ + ## + tolerations: [] + ## @param server.topologySpreadConstraints Spread Constraints for Speckle server pod assignment + ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + ## + topologySpreadConstraints: [] webhook_service: replicas: 1 @@ -130,6 +177,22 @@ webhook_service: memory: 512Mi networkPolicy: enabled: false + ## @param server.affinity Affinity for Speckle server pods assignment + ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity + ## + affinity: {} + ## @param server.nodeSelector Node labels for Speckle server pods assignment + ## ref: https://kubernetes.io/docs/user-guide/node-selection/ + ## + nodeSelector: {} + ## @param server.tolerations Tolerations for Speckle server pods assignment + ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ + ## + tolerations: [] + ## @param server.topologySpreadConstraints Spread Constraints for Speckle server pod assignment + ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + ## + topologySpreadConstraints: [] fileimport_service: replicas: 1 @@ -142,6 +205,22 @@ fileimport_service: time_limit_min: 10 networkPolicy: enabled: false + ## @param server.affinity Affinity for Speckle server pods assignment + ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity + ## + affinity: {} + ## @param server.nodeSelector Node labels for Speckle server pods assignment + ## ref: https://kubernetes.io/docs/user-guide/node-selection/ + ## + nodeSelector: {} + ## @param server.tolerations Tolerations for Speckle server pods assignment + ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ + ## + tolerations: [] + ## @param server.topologySpreadConstraints Spread Constraints for Speckle server pod assignment + ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + ## + topologySpreadConstraints: [] monitoring: replicas: 1 @@ -153,6 +232,22 @@ monitoring: memory: 512Mi networkPolicy: enabled: false + ## @param server.affinity Affinity for Speckle server pods assignment + ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity + ## + affinity: {} + ## @param server.nodeSelector Node labels for Speckle server pods assignment + ## ref: https://kubernetes.io/docs/user-guide/node-selection/ + ## + nodeSelector: {} + ## @param server.tolerations Tolerations for Speckle server pods assignment + ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ + ## + tolerations: [] + ## @param server.topologySpreadConstraints Spread Constraints for Speckle server pod assignment + ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + ## + topologySpreadConstraints: [] test: requests: