Example 1 with PodSecurityContextBuilder
use of io.fabric8.kubernetes.api.model.PodSecurityContextBuilder in project strimzi by strimzi.
the class AbstractModel method createStatefulSet.
protected StatefulSet createStatefulSet(List<ContainerPort> ports, List<Volume> volumes, List<PersistentVolumeClaim> volumeClaims, List<VolumeMount> volumeMounts, Probe livenessProbe, Probe readinessProbe, boolean isOpenShift) {
Map<String, String> annotations = new HashMap<>();
annotations.put(String.format("%s/%s", ClusterController.STRIMZI_CLUSTER_CONTROLLER_DOMAIN, Storage.DELETE_CLAIM_FIELD), String.valueOf(storage.isDeleteClaim()));
Container container = new ContainerBuilder().withName(name).withImage(getImage()).withEnv(getEnvVars()).withVolumeMounts(volumeMounts).withPorts(ports).withLivenessProbe(livenessProbe).withReadinessProbe(readinessProbe).build();
List<Container> initContainers = new ArrayList<>();
PodSecurityContext securityContext = null;
// there is an hack on volume mounting which needs an "init-container"
if ((this.storage.type() == Storage.StorageType.PERSISTENT_CLAIM) && !isOpenShift) {
String chown = String.format("chown -R %d:%d %s", AbstractModel.VOLUME_MOUNT_HACK_GROUPID, AbstractModel.VOLUME_MOUNT_HACK_GROUPID, volumeMounts.get(0).getMountPath());
Container initContainer = new ContainerBuilder().withName(AbstractModel.VOLUME_MOUNT_HACK_NAME).withImage(AbstractModel.VOLUME_MOUNT_HACK_IMAGE).withVolumeMounts(volumeMounts.get(0)).withCommand("sh", "-c", chown).build();
initContainers.add(initContainer);
securityContext = new PodSecurityContextBuilder().withFsGroup(AbstractModel.VOLUME_MOUNT_HACK_GROUPID).build();
}
StatefulSet statefulSet = new StatefulSetBuilder().withNewMetadata().withName(name).withLabels(getLabelsWithName()).withNamespace(namespace).withAnnotations(annotations).endMetadata().withNewSpec().withPodManagementPolicy("Parallel").withUpdateStrategy(new StatefulSetUpdateStrategyBuilder().withType("OnDelete").build()).withSelector(new LabelSelectorBuilder().withMatchLabels(getLabelsWithName()).build()).withServiceName(headlessName).withReplicas(replicas).withNewTemplate().withNewMetadata().withName(name).withLabels(getLabelsWithName()).withAnnotations(getPrometheusAnnotations()).endMetadata().withNewSpec().withSecurityContext(securityContext).withInitContainers(initContainers).withContainers(container).withVolumes(volumes).endSpec().endTemplate().withVolumeClaimTemplates(volumeClaims).endSpec().build();
return statefulSet;
}
Also used :
LabelSelectorBuilder(io.fabric8.kubernetes.api.model.LabelSelectorBuilder)
HashMap(java.util.HashMap)
PodSecurityContext(io.fabric8.kubernetes.api.model.PodSecurityContext)
StatefulSetUpdateStrategyBuilder(io.fabric8.kubernetes.api.model.extensions.StatefulSetUpdateStrategyBuilder)
ArrayList(java.util.ArrayList)
StatefulSetBuilder(io.fabric8.kubernetes.api.model.extensions.StatefulSetBuilder)
Container(io.fabric8.kubernetes.api.model.Container)
ContainerBuilder(io.fabric8.kubernetes.api.model.ContainerBuilder)
PodSecurityContextBuilder(io.fabric8.kubernetes.api.model.PodSecurityContextBuilder)
StatefulSet(io.fabric8.kubernetes.api.model.extensions.StatefulSet)
Aggregations
Container (io.fabric8.kubernetes.api.model.Container)1
ContainerBuilder (io.fabric8.kubernetes.api.model.ContainerBuilder)1
LabelSelectorBuilder (io.fabric8.kubernetes.api.model.LabelSelectorBuilder)1
PodSecurityContext (io.fabric8.kubernetes.api.model.PodSecurityContext)1
PodSecurityContextBuilder (io.fabric8.kubernetes.api.model.PodSecurityContextBuilder)1
StatefulSet (io.fabric8.kubernetes.api.model.extensions.StatefulSet)1
StatefulSetBuilder (io.fabric8.kubernetes.api.model.extensions.StatefulSetBuilder)1
StatefulSetUpdateStrategyBuilder (io.fabric8.kubernetes.api.model.extensions.StatefulSetUpdateStrategyBuilder)1
ArrayList (java.util.ArrayList)1
HashMap (java.util.HashMap)1
