{{- if (lower .Values.targetNodeOs | contains "linux") -}} apiVersion: apps/v1 kind: Deployment metadata: name: {{ include "amazon-ec2-metadata-mock.fullname" . }} namespace: {{ .Release.Namespace }} labels: {{ include "amazon-ec2-metadata-mock.labels" . | indent 4 }} spec: replicas: {{ toYaml .Values.replicaCount }} strategy: type: {{ toYaml .Values.updateStrategy }} selector: matchLabels: app.kubernetes.io/name: {{ include "amazon-ec2-metadata-mock.name" . }} app.kubernetes.io/instance: {{ .Release.Name }} {{ include "amazon-ec2-metadata-mock.nodeSelectorTermsOs" . }}: linux template: metadata: {{- if (or .Values.podAnnotations .Values.linuxPodAnnotations) }} annotations: {{- range $key, $value := (mergeOverwrite (dict) .Values.podAnnotations .Values.linuxPodAnnotations) }} {{ $key }}: {{ $value | quote }} {{- end }} {{- end }} labels: app.kubernetes.io/name: {{ include "amazon-ec2-metadata-mock.name" . }} app.kubernetes.io/instance: {{ .Release.Name }} {{ include "amazon-ec2-metadata-mock.nodeSelectorTermsOs" . }}: linux spec: nodeSelector: {{ include "amazon-ec2-metadata-mock.nodeSelectorTermsOs" . }}: linux {{- with .Values.nodeSelector }} {{- toYaml . | nindent 8 }} {{- end }} {{- with .Values.linuxNodeSelector }} {{- toYaml . | nindent 8 }} {{- end }} affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: {{ include "amazon-ec2-metadata-mock.nodeSelectorTermsOs" . | quote }} operator: In values: - linux - key: {{ include "amazon-ec2-metadata-mock.nodeSelectorTermsArch" . | quote }} operator: In values: - amd64 - arm - arm64 tolerations: {{- with .Values.tolerations }} {{- toYaml . | nindent 8 }} {{- end }} {{- with .Values.linuxTolerations }} {{- toYaml . | nindent 8 }} {{- end }} serviceAccountName: {{ template "amazon-ec2-metadata-mock.serviceAccountName" . }} hostNetwork: false # turn off host network to prevent undesired exposure of AEMM web server {{- if .Values.configMap }} volumes: - name: "aemm-config" configMap: name: {{ .Values.configMap }} {{- end }} containers: - name: {{ include "amazon-ec2-metadata-mock.name" . }} image: {{ .Values.image.repository }}:{{ .Values.image.tag }} imagePullPolicy: {{ .Values.image.pullPolicy }} {{- if (or .Values.arguments .Values.linuxArguments) }} args: {{ range .Values.arguments }} - {{ . }} {{ end }} {{ range .Values.linuxArguments }} - {{ . }} {{ end }} {{- end }} securityContext: readOnlyRootFilesystem: true runAsNonRoot: true runAsUser: {{ .Values.securityContext.runAsUserID }} runAsGroup: {{ .Values.securityContext.runAsGroupID }} allowPrivilegeEscalation: false {{- if .Values.configMap }} volumeMounts: - name: "aemm-config" mountPath: {{ with $file := .Values.configMapFileName | default "aemm-config.json" }} {{ printf "/%s/%s" "config" $file }} {{ end }} subPath: {{ .Values.configMapFileName | default "aemm-config.json" }} readOnly: true {{- end }} env: {{- if .Values.configMap }} - name: AEMM_CONFIG_FILE value: {{ with $file := .Values.configMapFileName | default "aemm-config.json" }} {{ printf "/%s/%s" "config" $file }} {{ end }} {{- end }} - name: AEMM_SERVER_HOSTNAME # override hostname in order to listen on all available interfaces e.g. ClusterIP value: {{ .Values.aemm.server.hostname | default "" | quote }} {{- if .Values.aemm.mockDelaySec }} - name: AEMM_MOCK_DELAY_SEC value: {{ .Values.aemm.mockDelaySec | quote }} {{- end }} {{- if .Values.aemm.mockTriggerTime }} - name: AEMM_MOCK_TRIGGER_TIME value: {{ .Values.aemm.mockTriggerTime | quote }} {{- end }} {{- if .Values.aemm.mockIPCount }} - name: AEMM_MOCK_IP_COUNT value: {{ .Values.aemm.mockIPCount | quote }} {{- end }} {{- if .Values.aemm.imdsv2 }} - name: AEMM_IMDSV2 value: {{ .Values.aemm.imdsv2 | quote }} {{- end }} {{- if .Values.aemm.rebalanceDelaySec }} - name: AEMM_REBALANCE_DELAY_SEC value: {{ .Values.aemm.rebalanceDelaySec | quote }} {{- end }} {{- if .Values.aemm.rebalanceTriggerTime }} - name: AEMM_REBALANCE_TRIGGER_TIME value: {{ .Values.aemm.rebalanceTriggerTime | quote }} {{- end }} {{- if .Values.aemm.events.code }} - name: AEMM_EVENTS_CODE value: {{ .Values.aemm.events.code | quote }} {{- end }} {{- if .Values.aemm.events.notAfter }} - name: AEMM_EVENTS_NOT_AFTER value: {{ .Values.aemm.events.notAfter | quote }} {{- end }} {{- if .Values.aemm.events.notBefore }} - name: AEMM_EVENTS_NOT_BEFORE value: {{ .Values.aemm.events.notBefore | quote }} {{- end }} {{- if .Values.aemm.events.notBeforeDeadline }} - name: AEMM_EVENTS_NOT_BEFORE_DEADLINE value: {{ .Values.aemm.events.notBeforeDeadline | quote }} {{- end }} {{- if .Values.aemm.events.state }} - name: AEMM_EVENTS_STATE value: {{ .Values.aemm.events.state | quote }} {{- end }} {{- if .Values.aemm.spot.action }} - name: AEMM_SPOT_ACTION value: {{ .Values.aemm.spot.action | quote }} {{- end }} {{- if .Values.aemm.spot.time }} - name: AEMM_SPOT_TIME value: {{ .Values.aemm.spot.time | quote }} {{- end }} {{- if .Values.aemm.spot.rebalanceRecTime }} - name: AEMM_SPOT_REBALANCE_REC_TIME value: {{ .Values.aemm.spot.rebalanceRecTime | quote }} {{- end }} resources: {{- toYaml .Values.resources | nindent 12 }} {{- end -}}