hswaw
/
hscloud
mirror of https://gerrit.hackerspace.pl/hscloud
4
0
Fork 2
Code Actions

add grace period for client pod, rename volume mounts

changes/03/3/1
Patryk Jakuszew 2019-05-24 01:59:44 +02:00 committed by Sergiusz Bazanski
parent 5dfd4cc799
commit fae3a9d514
1 changed files with 18 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
kube/cockroachdb.libsonnet
View File

@ -240,17 +240,17 @@ local cm = import "../cluster/kube/lib/cert-manager.libsonnet";
mountPath: "/cockroach/cockroach-data",
},
{
name: "cockroachdb-node-cert",
name: "certs",
mountPath: "/cockroach/cockroach-certs/node.crt",
subPath: "tls.crt",
},
{
name: "cockroachdb-node-cert",
name: "certs",
mountPath: "/cockroach/cockroach-certs/node.key",
subPath: "tls.key",
},
{
name: "cockroachdb-node-cert",
name: "certs",
mountPath: "/cockroach/cockroach-certs/ca.crt",
subPath: "ca.crt",
},
@ -272,11 +272,11 @@ local cm = import "../cluster/kube/lib/cert-manager.libsonnet";
emptyDir: {},
},
{
name: "cockroachdb-node-cert",
name: "certs",
secret: {
secretName: crdb.pki.nodeCertificate.spec.secretName,
defaultMode: kube.parseOctal("400")
}
defaultMode: kube.parseOctal("400"),
},
},
],
},
@ -309,17 +309,17 @@ local cm = import "../cluster/kube/lib/cert-manager.libsonnet";
],
volumeMounts: [
{
name: "cockroachdb-client-cert",
name: "certs",
mountPath: "/cockroach/cockroach-certs/ca.crt",
subPath: "ca.crt",
},
{
name: "cockroachdb-client-cert",
name: "certs",
mountPath: "/cockroach/cockroach-certs/client.root.crt",
subPath: "tls.crt",
},
{
name: "cockroachdb-client-cert",
name: "certs",
mountPath: "/cockroach/cockroach-certs/client.root.key",
subPath: "tls.key",
},
@ -343,17 +343,17 @@ local cm = import "../cluster/kube/lib/cert-manager.libsonnet";
],
volumeMounts: [
{
name: "cockroachdb-client-cert",
name: "certs",
mountPath: "/cockroach/cockroach-certs/ca.crt",
subPath: "ca.crt",
},
{
name: "cockroachdb-client-cert",
name: "certs",
mountPath: "/cockroach/cockroach-certs/client.root.crt",
subPath: "tls.crt",
},
{
name: "cockroachdb-client-cert",
name: "certs",
mountPath: "/cockroach/cockroach-certs/client.root.key",
subPath: "tls.key",
},
@ -363,7 +363,7 @@ local cm = import "../cluster/kube/lib/cert-manager.libsonnet";
restartPolicy: "OnFailure",
volumes: [
{
name: "cockroachdb-client-cert",
name: "certs",
secret: {
secretName: crdb.pki.clientCertificate.spec.secretName,
defaultMode: kube.parseOctal("400")
@ -378,6 +378,7 @@ local cm = import "../cluster/kube/lib/cert-manager.libsonnet";
clientPod: kube.Pod(crdb.makeName("cockroachdb-client")) {
metadata+: crdb.metadata,
spec: {
terminationGracePeriodSeconds: 5,
containers: [
kube.Container("cockroachdb-client") {
image: cfg.image,
@ -387,17 +388,17 @@ local cm = import "../cluster/kube/lib/cert-manager.libsonnet";
command: ["sleep", "2147483648"], //(FIXME) keep the client pod running indefinitely
volumeMounts: [
{
name: "cockroachdb-client-cert",
name: "certs",
mountPath: "/cockroach/cockroach-certs/ca.crt",
subPath: "ca.crt",
},
{
name: "cockroachdb-client-cert",
name: "certs",
mountPath: "/cockroach/cockroach-certs/client.root.crt",
subPath: "tls.crt",
},
{
name: "cockroachdb-client-cert",
name: "certs",
mountPath: "/cockroach/cockroach-certs/client.root.key",
subPath: "tls.key",
},
@ -406,7 +407,7 @@ local cm = import "../cluster/kube/lib/cert-manager.libsonnet";
],
volumes: [
{
name: "cockroachdb-client-cert",
name: "certs",
secret: {
secretName: crdb.pki.clientCertificate.spec.secretName,
defaultMode: kube.parseOctal("400")