--- apiVersion: apps/v1 kind: StatefulSet metadata: labels: control-plane: controller-manager controller-tools.k8s.io: "1.0" name: {{ .Release.Name }}-amzn-apigw-ingress-controller spec: selector: matchLabels: control-plane: controller-manager controller-tools.k8s.io: "1.0" serviceName: {{ .Release.Name }}-amzn-apigw-ingress-controller-manager-service template: metadata: annotations: iam.amazonaws.com/role: kube2iam-ingress-role labels: control-plane: controller-manager controller-tools.k8s.io: "1.0" spec: serviceAccountName: {{ .Release.Name }}-amzn-apigw-ingress-controller containers: - command: - /manager env: - name: POD_NAMESPACE valueFrom: fieldRef: fieldPath: metadata.namespace - name: SECRET_NAME value: {{ .Release.Name }}-amzn-apigw-ingress-controller-webhook-server-secret image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" imagePullPolicy: Always name: manager ports: - containerPort: 9876 name: webhook-server protocol: TCP resources: limits: cpu: 100m memory: 30Mi requests: cpu: 100m memory: 20Mi volumeMounts: - mountPath: /tmp/cert name: cert readOnly: true terminationGracePeriodSeconds: 10 volumes: - name: cert secret: defaultMode: 420 secretName: {{ .Release.Name }}-amzn-apigw-ingress-controller-webhook-server-secret