Thank you for reading this post, don't forget to subscribe!
задача запустить wordpress на location
т.е. domain.com/blog/
запускать будем в k8s в aws так же будем запускать базу внутри кластера. диск будет на EFS
helm/charts/wordpres_mysql/templates/_helpers.tpl
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 |
{{/* vim: set filetype=mustache: */}} {{/* Expand the name of the chart. */}} {{- define "mysql.name" -}} {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} {{- end -}} {{/* Create chart name and version as used by the chart label. */}} {{- define "mysql.chart" -}} {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} {{- end -}} {{/* Create a default fully qualified app name. We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). If release name contains chart name it will be used as a full name. */}} {{- define "mysql.fullname" -}} {{- if .Values.fullnameOverride -}} {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} {{- else -}} {{- $name := default .Chart.Name .Values.nameOverride -}} {{- if contains $name .Release.Name -}} {{- printf .Release.Name | trunc 63 | trimSuffix "-" -}} {{- else -}} {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} {{- end -}} {{- end -}} {{- end -}} {{/* Common labels */}} {{- define "mysql.labels" -}} app.kubernetes.io/name: mysql app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} helm.sh/chart: {{ include "mysql.chart" . }} {{- end -}} {{/* Selector labels */}} {{- define "mysql.selector" -}} app.kubernetes.io/name: mysql app.kubernetes.io/instance: {{ .Release.Name }} {{- end -}} {{/* Generate chart secret name */}} {{- define "mysql.secretName" -}} {{ default (include "mysql.fullname" .) .Values.existingSecret }} {{- end -}} {{/* Create the name of the service account to use */}} {{- define "mysql.serviceAccountName" -}} {{- if .Values.serviceAccount.create -}} {{ default (include "mysql.fullname" .) .Values.serviceAccount.name }} {{- else -}} {{ default "default" .Values.serviceAccount.name }} {{- end -}} {{- end -}} |
helm/charts/wordpres_mysql/templates/configurationFiles-configmap.yaml
1 2 3 4 5 6 7 8 9 10 11 12 13 |
{{- if .Values.configurationFiles }} apiVersion: v1 kind: ConfigMap metadata: name: {{ include "mysql.fullname" . }}-configuration labels: {{- include "mysql.labels" . | nindent 4 }} data: {{- range $key, $val := .Values.configurationFiles }} {{ $key }}: |- {{ $val | indent 4}} {{- end }} {{- end -}} |
helm/charts/wordpres_mysql/templates/deployment.yaml
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 |
apiVersion: apps/v1 kind: Deployment metadata: name: {{ include "mysql.fullname" . }} labels: {{- include "mysql.labels" . | nindent 4 }} {{- with .Values.deploymentAnnotations }} annotations: {{ toYaml . | indent 4 }} {{- end }} spec: strategy: {{ toYaml .Values.strategy | indent 4 }} selector: matchLabels: {{- include "mysql.selector" . | nindent 6 }} template: metadata: labels: {{- include "mysql.selector" . | nindent 8 }} {{- with .Values.podLabels }} {{ toYaml . | indent 8 }} {{- end }} {{- with .Values.podAnnotations }} annotations: {{ toYaml . | indent 8 }} {{- end }} spec: {{- if .Values.schedulerName }} schedulerName: "{{ .Values.schedulerName }}" {{- end }} {{- if .Values.imagePullSecrets }} imagePullSecrets: {{ toYaml .Values.imagePullSecrets | indent 8 }} {{- end }} {{- if .Values.priorityClassName }} priorityClassName: "{{ .Values.priorityClassName }}" {{- end }} {{- if .Values.securityContext.enabled }} securityContext: fsGroup: {{ .Values.securityContext.fsGroup }} runAsUser: {{ .Values.securityContext.runAsUser }} {{- end }} serviceAccountName: {{ include "mysql.serviceAccountName" . }} initContainers: - name: "remove-lost-found" image: "{{ .Values.busybox.image}}:{{ .Values.busybox.tag }}" imagePullPolicy: {{ .Values.imagePullPolicy | quote }} resources: {{ toYaml .Values.initContainer.resources | indent 10 }} command: ["rm", "-fr", "/var/lib/mysql/lost+found"] volumeMounts: - name: data mountPath: /var/lib/mysql {{- if .Values.persistence.subPath }} subPath: {{ .Values.persistence.subPath }} {{- end }} {{- if .Values.extraInitContainers }} {{ tpl .Values.extraInitContainers . | indent 6 }} {{- end }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 8 }} {{- end }} {{- if .Values.affinity }} affinity: {{ toYaml .Values.affinity | indent 8 }} {{- end }} {{- if .Values.tolerations }} tolerations: {{ toYaml .Values.tolerations | indent 8 }} {{- end }} containers: - name: {{ include "mysql.fullname" . }} image: "{{ .Values.image }}:{{ .Values.imageTag }}" imagePullPolicy: {{ .Values.imagePullPolicy | quote }} {{- with .Values.args }} args: {{- range . }} - {{ . | quote }} {{- end }} {{- end }} resources: {{ toYaml .Values.resources | indent 10 }} env: {{- if .Values.mysqlAllowEmptyPassword }} - name: MYSQL_ALLOW_EMPTY_PASSWORD value: "true" {{- end }} {{- if not (and .Values.allowEmptyRootPassword (not .Values.mysqlRootPassword)) }} - name: MYSQL_ROOT_PASSWORD valueFrom: secretKeyRef: name: {{ include "mysql.secretName" . }} key: mysql-root-password {{- if .Values.mysqlAllowEmptyPassword }} optional: true {{- end }} {{- end }} {{- if not (and .Values.allowEmptyRootPassword (not .Values.mysqlPassword)) }} - name: MYSQL_PASSWORD valueFrom: secretKeyRef: name: {{ include "mysql.secretName" . }} key: mysql-password {{- if or .Values.mysqlAllowEmptyPassword (empty .Values.mysqlUser) }} optional: true {{- end }} {{- end }} - name: MYSQL_USER value: {{ default "" .Values.mysqlUser | quote }} - name: MYSQL_DATABASE value: {{ default "" .Values.mysqlDatabase | quote }} {{- if .Values.timezone }} - name: TZ value: {{ .Values.timezone }} {{- end }} {{- if .Values.extraEnvVars }} {{ tpl .Values.extraEnvVars . | indent 8 }} {{- end }} {{- if .Values.ExternalSecrets }} envFrom: - secretRef: name: {{ include "mysql.fullname" . }} {{- end }} ports: - name: mysql containerPort: 3306 {{- if .Values.mysqlx.port.enabled }} - name: mysqlx port: 33060 {{- end }} livenessProbe: exec: command: {{- if .Values.mysqlAllowEmptyPassword }} - mysqladmin - ping {{- else }} - sh - -c - "mysqladmin ping -u root -p${MYSQL_ROOT_PASSWORD}" {{- end }} initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.livenessProbe.periodSeconds }} timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }} successThreshold: {{ .Values.livenessProbe.successThreshold }} failureThreshold: {{ .Values.livenessProbe.failureThreshold }} readinessProbe: exec: command: {{- if .Values.mysqlAllowEmptyPassword }} - mysqladmin - ping {{- else }} - sh - -c - "mysqladmin ping -u root -p${MYSQL_ROOT_PASSWORD}" {{- end }} initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.readinessProbe.periodSeconds }} timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }} successThreshold: {{ .Values.readinessProbe.successThreshold }} failureThreshold: {{ .Values.readinessProbe.failureThreshold }} volumeMounts: - name: data mountPath: /var/lib/mysql {{- if .Values.persistence.subPath }} subPath: {{ .Values.persistence.subPath }} {{- end }} {{- if .Values.configurationFiles }} {{- range $key, $val := .Values.configurationFiles }} - name: configurations mountPath: {{ $.Values.configurationFilesPath }}{{ $key }} subPath: {{ $key }} {{- end -}} {{- end }} {{- if .Values.initializationFiles }} - name: migrations mountPath: /docker-entrypoint-initdb.d {{- end }} {{- if .Values.ssl.enabled }} - name: certificates mountPath: /ssl {{- end }} {{- if .Values.extraVolumeMounts }} {{ tpl .Values.extraVolumeMounts . | indent 8 }} {{- end }} {{- if .Values.metrics.enabled }} - name: metrics image: "{{ .Values.metrics.image }}:{{ .Values.metrics.imageTag }}" imagePullPolicy: {{ .Values.metrics.imagePullPolicy | quote }} {{- if .Values.mysqlAllowEmptyPassword }} command: - 'sh' - '-c' - 'DATA_SOURCE_NAME="root@(localhost:3306)/" /bin/mysqld_exporter' {{- else }} env: - name: MYSQL_ROOT_PASSWORD valueFrom: secretKeyRef: name: {{ include "mysql.secretName" . }} key: mysql-root-password command: - 'sh' - '-c' - 'DATA_SOURCE_NAME="root:$MYSQL_ROOT_PASSWORD@(localhost:3306)/" /bin/mysqld_exporter' {{- end }} {{- range $f := .Values.metrics.flags }} - {{ $f | quote }} {{- end }} ports: - name: metrics containerPort: 9104 livenessProbe: httpGet: path: / port: metrics initialDelaySeconds: {{ .Values.metrics.livenessProbe.initialDelaySeconds }} timeoutSeconds: {{ .Values.metrics.livenessProbe.timeoutSeconds }} readinessProbe: httpGet: path: / port: metrics initialDelaySeconds: {{ .Values.metrics.readinessProbe.initialDelaySeconds }} timeoutSeconds: {{ .Values.metrics.readinessProbe.timeoutSeconds }} resources: {{ toYaml .Values.metrics.resources | indent 10 }} {{- end }} volumes: {{- if .Values.configurationFiles }} - name: configurations configMap: name: {{ include "mysql.fullname" . }}-configuration {{- end }} {{- if .Values.initializationFiles }} - name: migrations configMap: name: {{ include "mysql.fullname" . }}-initialization {{- end }} {{- if .Values.ssl.enabled }} - name: certificates secret: secretName: {{ .Values.ssl.secret }} {{- end }} - name: data {{- if .Values.persistence.enabled }} persistentVolumeClaim: claimName: {{ .Values.persistence.existingClaim | default (include "mysql.fullname" .) }} {{- else }} emptyDir: {} {{- end -}} {{- if .Values.extraVolumes }} {{ tpl .Values.extraVolumes . | indent 6 }} {{- end }} |
helm/charts/wordpres_mysql/templates/external-secrets.yaml
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 |
{{- if .Values.ExternalSecrets }} apiVersion: kubernetes-client.io/v1 kind: ExternalSecret metadata: name: {{ include "mysql.fullname" . }} labels: {{- include "mysql.labels" . | nindent 4 }} annotations: "helm.sh/hook": pre-install "helm.sh/hook-weight": "1" spec: backendType: secretsManager dataFrom: - {{ .Values.ExternalSecrets }} {{- end }} |
helm/charts/wordpres_mysql/templates/job.yaml
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 |
apiVersion: batch/v1 kind: Job metadata: name: create-database-mysql annotations: "helm.sh/hook": post-install,post-upgrade "helm.sh/hook-weight": "5" "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded spec: template: spec: containers: - name: create-database-mysql image: "arey/mysql-client:latest" {{- if .Values.ExternalSecrets }} envFrom: - secretRef: name: mysql-wordpress {{- end }} command: ["/bin/sh"] args: ["-c", "echo \"CREATE DATABASE IF NOT EXISTS $MYSQL_DATABASE; CREATE USER IF NOT EXISTS '$MYSQL_USER'@'localhost' IDENTIFIED BY '$MYSQL_PASSWORD'; GRANT ALL PRIVILEGES ON $MYSQL_DATABASE.* TO '$MYSQL_USER'@'localhost' IDENTIFIED BY '$MYSQL_PASSWORD'; GRANT ALL PRIVILEGES ON *.* TO '$MYSQL_DATABASE'@'%' IDENTIFIED BY '$MYSQL_PASSWORD'; FLUSH PRIVILEGES;\" >> sql.sql; cat sql.sql | mysql -u root -h $MYSQL_HOST -p$MYSQL_ROOT_PASSWORD;"] restartPolicy: Never |
helm/charts/wordpres_mysql/templates/NOTES.txt
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 |
MySQL can be accessed via port 3306 on the following DNS name from within your cluster: {{ include "mysql.fullname" . }}.{{ .Release.Namespace }}.svc.cluster.local {{- if .Values.mysqlx.port.enabled }} Connection to the X protocol of MySQL can be done via 33060 on the following DNS name from within your cluster: {{ include "mysql.fullname" . }}.{{ .Release.Namespace }}.svc.cluster.local {{- end }} {{- if .Values.existingSecret }} If you have not already created the mysql password secret: kubectl create secret generic {{ .Values.existingSecret }} --namespace {{ .Release.Namespace }} --from-file=./mysql-root-password --from-file=./mysql-password {{ else }} To get your root password run: MYSQL_ROOT_PASSWORD=$(kubectl get secret --namespace {{ .Release.Namespace }} {{ include "mysql.fullname" . }} -o jsonpath="{.data.mysql-root-password}" | base64 --decode; echo) {{- end }} To connect to your database: 1. Run an Ubuntu pod that you can use as a client: kubectl run -i --tty ubuntu --image=ubuntu:16.04 --restart=Never -- bash -il 2. Install the mysql client: $ apt-get update && apt-get install mysql-client -y 3. Connect using the mysql cli, then provide your password: $ mysql -h {{ include "mysql.fullname" . }} -p To connect to your database directly from outside the K8s cluster: {{- if contains "NodePort" .Values.service.type }} MYSQL_HOST=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath='{.items[0].status.addresses[0].address}') MYSQL_PORT=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "mysql.fullname" . }} -o jsonpath='{.spec.ports[0].nodePort}') {{- else if contains "ClusterIP" .Values.service.type }} MYSQL_HOST=127.0.0.1 MYSQL_PORT={{ .Values.service.port }} # Execute the following command to route the connection: kubectl port-forward svc/{{ include "mysql.fullname" . }} {{ .Values.service.port }} {{- end }} mysql -h ${MYSQL_HOST} -P${MYSQL_PORT} -u root -p${MYSQL_ROOT_PASSWORD} |
helm/charts/wordpres_mysql/templates/pv.yaml
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 |
{{ if .Values.efs.enabled }} apiVersion: v1 kind: PersistentVolume metadata: name: mysql-{{ .Values.efs.endpoint }} spec: capacity: storage: {{ .Values.efs.storage }} volumeMode: Filesystem accessModes: - ReadWriteMany persistentVolumeReclaimPolicy: Retain storageClassName: efs csi: driver: efs.csi.aws.com volumeHandle: {{ .Values.efs.endpoint }} {{- end }} |
helm/charts/wordpres_mysql/templates/pvc.yaml
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 |
{{ if .Values.efs.enabled }} apiVersion: v1 kind: PersistentVolumeClaim metadata: name: mysql-efs-claim spec: accessModes: - ReadWriteMany storageClassName: efs volumeName: mysql-{{ .Values.efs.endpoint }} resources: requests: storage: {{ .Values.efs.storage }} {{- end }} |
helm/charts/wordpres_mysql/templates/serviceaccount.yaml
1 2 3 4 5 6 7 8 |
{{- if .Values.serviceAccount.create }} apiVersion: v1 kind: ServiceAccount metadata: name: {{ include "mysql.serviceAccountName" . }} labels: {{- include "mysql.labels" . | nindent 4 }} {{- end }} |
helm/charts/wordpres_mysql/templates/svc.yaml
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 |
apiVersion: v1 kind: Service metadata: name: {{ include "mysql.fullname" . }} namespace: {{ .Release.Namespace }} labels: {{- include "mysql.labels" . | nindent 4 }} annotations: {{- if .Values.service.annotations }} {{ toYaml .Values.service.annotations | indent 4 }} {{- end }} {{- if and (.Values.metrics.enabled) (.Values.metrics.annotations) }} {{ toYaml .Values.metrics.annotations | indent 4 }} {{- end }} spec: type: {{ .Values.service.type }} {{- if (and (eq .Values.service.type "LoadBalancer") (not (empty .Values.service.loadBalancerIP))) }} loadBalancerIP: {{ .Values.service.loadBalancerIP }} {{- end }} ports: - name: mysql port: {{ .Values.service.port }} targetPort: mysql {{- if .Values.service.nodePort }} nodePort: {{ .Values.service.nodePort }} {{- end }} {{- if .Values.mysqlx.port.enabled }} - name: mysqlx port: 33060 targetPort: mysqlx protocol: TCP {{- end }} {{- if .Values.metrics.enabled }} - name: metrics port: 9104 targetPort: metrics {{- end }} selector: {{- include "mysql.selector" . | nindent 4 }} |
helm/charts/wordpres_mysql/Chart.yaml
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 |
apiVersion: v2 appVersion: 5.7.32 description: Fast, reliable, scalable, and easy to use open-source relational database system. home: https://www.mysql.com/ icon: https://www.mysql.com/common/logos/logo-mysql-170x115.png keywords: - mysql - database - sql name: mysql sources: - https://github.com/kubernetes/charts - https://github.com/docker-library/mysql version: 1.0.0 |
helm/charts/wordpres_mysql/values.yaml
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 |
## mysql image version ## ref: https://hub.docker.com/r/library/mysql/tags/ ## image: "mysql" imageTag: "5.7.33" strategy: type: Recreate busybox: image: "busybox" tag: "1.32" testFramework: enabled: true image: "bats/bats" tag: "1.2.1" imagePullPolicy: IfNotPresent securityContext: {} ## Specify password for root user ## ## Default: random 10 character string # mysqlRootPassword: testing ## Create a database user ## # mysqlUser: ## Default: random 10 character string # mysqlPassword: ## Allow unauthenticated access, uncomment to enable ## # mysqlAllowEmptyPassword: true ## Create a database ## # mysqlDatabase: ## Specify an imagePullPolicy (Required) ## It's recommended to change this to 'Always' if the image tag is 'latest' ## ref: http://kubernetes.io/docs/user-guide/images/#updating-images ## imagePullPolicy: IfNotPresent ## Additionnal arguments that are passed to the MySQL container. ## For example use --default-authentication-plugin=mysql_native_password if older clients need to ## connect to a MySQL 8 instance. args: [] extraVolumes: {} # - name: extras # emptyDir: {} extraVolumeMounts: {} # - name: extras # mountPath: /usr/share/extras # readOnly: true extraInitContainers: {} # - name: do-something # image: busybox # command: ['do', 'something'] ## A string to add extra environment variables # extraEnvVars: | # - name: EXTRA_VAR # value: "extra" # Optionally specify an array of imagePullSecrets. # Secrets must be manually created in the namespace. # ref: https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod # imagePullSecrets: # - name: myRegistryKeySecretName ## Node selector ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector nodeSelector: {} ## Affinity ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity affinity: {} ## Tolerations for pod assignment ## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ ## tolerations: [] livenessProbe: initialDelaySeconds: 30 periodSeconds: 10 timeoutSeconds: 5 successThreshold: 1 failureThreshold: 3 readinessProbe: initialDelaySeconds: 5 periodSeconds: 10 timeoutSeconds: 1 successThreshold: 1 failureThreshold: 3 ## Persist data to a persistent volume persistence: enabled: false ## database data Persistent Volume Storage Class ## If defined, storageClassName: <storageClass> ## If set to "-", storageClassName: "", which disables dynamic provisioning ## If undefined (the default) or set to null, no storageClassName spec is ## set, choosing the default provisioner. (gp2 on AWS, standard on ## GKE, AWS & OpenStack) ## # storageClass: "-" accessMode: ReadWriteOnce size: 8Gi annotations: {} ## Use an alternate scheduler, e.g. "stork". ## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/ ## # schedulerName: ## Security context securityContext: enabled: false runAsUser: 999 fsGroup: 999 ## Configure resource requests and limits ## ref: http://kubernetes.io/docs/user-guide/compute-resources/ ## resources: requests: memory: 256Mi cpu: 100m # Custom mysql configuration files path configurationFilesPath: /etc/mysql/conf.d/ # Custom mysql configuration files used to override default mysql settings configurationFiles: {} # mysql.cnf: |- # [mysqld] # skip-name-resolve # ssl-ca=/ssl/ca.pem # ssl-cert=/ssl/server-cert.pem # ssl-key=/ssl/server-key.pem # To enaable the mysql X Protocol's port # .. will expose the port 33060 # .. Note the X Plugin needs installation # ref: https://dev.mysql.com/doc/refman/8.0/en/x-plugin-checking-installation.html mysqlx: port: enabled: false metrics: enabled: false image: prom/mysqld-exporter imageTag: v0.10.0 imagePullPolicy: IfNotPresent resources: {} annotations: {} # prometheus.io/scrape: "true" # prometheus.io/port: "9104" livenessProbe: initialDelaySeconds: 15 timeoutSeconds: 5 readinessProbe: initialDelaySeconds: 5 timeoutSeconds: 1 flags: [] serviceMonitor: enabled: false additionalLabels: {} ## Configure the service ## ref: http://kubernetes.io/docs/user-guide/services/ service: annotations: {} ## Specify a service type ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services---service-types type: ClusterIP port: 3306 # nodePort: 32000 # loadBalancerIP: ## Pods Service Account ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ serviceAccount: ## Specifies whether a ServiceAccount should be created ## create: false ## The name of the ServiceAccount to use. ## If not set and create is true, a name is generated using the mariadb.fullname template # name: ssl: enabled: false secret: mysql-ssl-certs certificates: {} # - name: mysql-ssl-certs # ca: |- # -----BEGIN CERTIFICATE----- # … # -----END CERTIFICATE----- # cert: |- # -----BEGIN CERTIFICATE----- # … # -----END CERTIFICATE----- # key: |- # -----BEGIN RSA PRIVATE KEY----- # … # -----END RSA PRIVATE KEY----- ## Populates the 'TZ' system timezone environment variable ## ref: https://dev.mysql.com/doc/refman/5.7/en/time-zone-support.html ## ## Default: nil (mysql will use image's default timezone, normally UTC) ## Example: 'Australia/Sydney' # timezone: # Deployment Annotations deploymentAnnotations: {} # To be added to the database server pod(s) podAnnotations: {} podLabels: {} ## Set pod priorityClassName # priorityClassName: {} ## Init container resources defaults initContainer: resources: requests: memory: 10Mi cpu: 10m |
теперь распишу темплейты самого вордпресса
helm/charts/wordpress/templates/_helpers.tpl
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 |
{{/* vim: set filetype=mustache: */}} {{/* Create a default fully qualified app name. We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). */}} {{- define "wordpress.mariadb.fullname" -}} {{- include "common.names.dependency.fullname" (dict "chartName" "mariadb" "chartValues" .Values.mariadb "context" $) -}} {{- end -}} {{/* Create a default fully qualified app name. We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). */}} {{- define "wordpress.memcached.fullname" -}} {{- include "common.names.dependency.fullname" (dict "chartName" "memcached" "chartValues" .Values.memcached "context" $) -}} {{- end -}} {{/* Return the proper WordPress image name */}} {{- define "wordpress.image" -}} {{- include "common.images.image" (dict "imageRoot" .Values.image "global" .Values.global) -}} {{- end -}} {{/* Return the proper image name (for the metrics image) */}} {{- define "wordpress.metrics.image" -}} {{- include "common.images.image" (dict "imageRoot" .Values.metrics.image "global" .Values.global) -}} {{- end -}} {{/* Return the proper image name (for the init container volume-permissions image) */}} {{- define "wordpress.volumePermissions.image" -}} {{- include "common.images.image" ( dict "imageRoot" .Values.volumePermissions.image "global" .Values.global ) -}} {{- end -}} {{/* Return the proper Docker Image Registry Secret Names */}} {{- define "wordpress.imagePullSecrets" -}} {{- include "common.images.pullSecrets" (dict "images" (list .Values.image .Values.metrics.image .Values.volumePermissions.image) "global" .Values.global) -}} {{- end -}} {{/* Create the name of the service account to use */}} {{- define "wordpress.serviceAccountName" -}} {{- if .Values.serviceAccount.create -}} {{ default (include "common.names.fullname" .) .Values.serviceAccount.name }} {{- else -}} {{ default "default" .Values.serviceAccount.name }} {{- end -}} {{- end -}} {{/* Create chart name and version as used by the chart label. */}} {{- define "wordpress.customHTAccessCM" -}} {{- printf "%s" .Values.customHTAccessCM -}} {{- end -}} {{/* Return the WordPress configuration secret */}} {{- define "wordpress.configSecretName" -}} {{- if .Values.existingWordPressConfigurationSecret -}} {{- printf "%s" (tpl .Values.existingWordPressConfigurationSecret $) -}} {{- else -}} {{- printf "%s-configuration" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-" -}} {{- end -}} {{- end -}} {{/* Return true if a secret object should be created for WordPress configuration */}} {{- define "wordpress.createConfigSecret" -}} {{- if and .Values.wordpressConfiguration (not .Values.existingWordPressConfigurationSecret) }} {{- true -}} {{- end -}} {{- end -}} {{/* Return the WordPress Apache configuration configmap */}} {{- define "wordpress.apache.configmapName" -}} {{- if .Values.existingApacheConfigurationConfigMap -}} {{- printf "%s" (tpl .Values.existingApacheConfigurationConfigMap $) -}} {{- else -}} {{- printf "%s-apache-configuration" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-" -}} {{- end -}} {{- end -}} {{/* Return true if a secret object should be created for Apache configuration */}} {{- define "wordpress.apache.createConfigmap" -}} {{- if and .Values.apacheConfiguration (not .Values.existingApacheConfigurationConfigMap) }} {{- true -}} {{- end -}} {{- end -}} {{/* Return the MariaDB Hostname */}} {{- define "wordpress.databaseHost" -}} {{- if .Values.mariadb.enabled }} {{- if eq .Values.mariadb.architecture "replication" }} {{- printf "%s-primary" (include "wordpress.mariadb.fullname" .) | trunc 63 | trimSuffix "-" -}} {{- else -}} {{- printf "%s" (include "wordpress.mariadb.fullname" .) -}} {{- end -}} {{- else -}} {{- printf "%s" .Values.externalDatabase.host -}} {{- end -}} {{- end -}} {{/* Return the MariaDB Port */}} {{- define "wordpress.databasePort" -}} {{- if .Values.mariadb.enabled }} {{- printf "3306" -}} {{- else -}} {{- printf "%d" (.Values.externalDatabase.port | int ) -}} {{- end -}} {{- end -}} {{/* Return the MariaDB Database Name */}} {{- define "wordpress.databaseName" -}} {{- if .Values.mariadb.enabled }} {{- printf "%s" .Values.mariadb.auth.database -}} {{- else -}} {{- printf "%s" .Values.externalDatabase.database -}} {{- end -}} {{- end -}} {{/* Return the MariaDB User */}} {{- define "wordpress.databaseUser" -}} {{- if .Values.mariadb.enabled }} {{- printf "%s" .Values.mariadb.auth.username -}} {{- else -}} {{- printf "%s" .Values.externalDatabase.user -}} {{- end -}} {{- end -}} {{/* Return the MariaDB Secret Name */}} {{- define "wordpress.databaseSecretName" -}} {{- if .Values.mariadb.enabled }} {{- if .Values.mariadb.auth.existingSecret -}} {{- printf "%s" .Values.mariadb.auth.existingSecret -}} {{- else -}} {{- printf "%s" (include "wordpress.mariadb.fullname" .) -}} {{- end -}} {{- else if .Values.externalDatabase.existingSecret -}} {{- include "common.tplvalues.render" (dict "value" .Values.externalDatabase.existingSecret "context" $) -}} {{- else -}} {{- printf "%s-externaldb" (include "common.names.fullname" .) -}} {{- end -}} {{- end -}} {{/* Return the Memcached Hostname */}} {{- define "wordpress.cacheHost" -}} {{- if .Values.memcached.enabled }} {{- $releaseNamespace := .Release.Namespace }} {{- $clusterDomain := .Values.clusterDomain }} {{- printf "%s.%s.svc.%s" (include "wordpress.memcached.fullname" .) $releaseNamespace $clusterDomain -}} {{- else -}} {{- printf "%s" .Values.externalCache.host -}} {{- end -}} {{- end -}} {{/* Return the Memcached Port */}} {{- define "wordpress.cachePort" -}} {{- if .Values.memcached.enabled }} {{- printf "11211" -}} {{- else -}} {{- printf "%d" (.Values.externalCache.port | int ) -}} {{- end -}} {{- end -}} {{/* Return the WordPress Secret Name */}} {{- define "wordpress.secretName" -}} {{- if .Values.existingSecret }} {{- printf "%s" .Values.existingSecret -}} {{- else -}} {{- printf "%s" (include "common.names.fullname" .) -}} {{- end -}} {{- end -}} {{/* Return the SMTP Secret Name */}} {{- define "wordpress.smtpSecretName" -}} {{- if .Values.smtpExistingSecret }} {{- printf "%s" .Values.smtpExistingSecret -}} {{- else -}} {{- printf "%s" (include "common.names.fullname" .) -}} {{- end -}} {{- end -}} {{/* Compile all warnings into a single message. */}} {{- define "wordpress.validateValues" -}} {{- $messages := list -}} {{- $messages := append $messages (include "wordpress.validateValues.configuration" .) -}} {{- $messages := append $messages (include "wordpress.validateValues.htaccess" .) -}} {{- $messages := append $messages (include "wordpress.validateValues.database" .) -}} {{- $messages := append $messages (include "wordpress.validateValues.cache" .) -}} {{- $messages := without $messages "" -}} {{- $message := join "\n" $messages -}} {{- if $message -}} {{- printf "\nVALUES VALIDATION:\n%s" $message | fail -}} {{- end -}} {{- end -}} {{/* Validate values of WordPress - Custom wp-config.php */}} {{- define "wordpress.validateValues.configuration" -}} {{- if and (or .Values.wordpressConfiguration .Values.existingWordPressConfigurationSecret) (not .Values.wordpressSkipInstall) -}} wordpress: wordpressConfiguration You are trying to use a wp-config.php file. This setup is only supported when skipping wizard installation (--set wordpressSkipInstall=true). {{- end -}} {{- end -}} {{/* Validate values of WordPress - htaccess configuration */}} {{- define "wordpress.validateValues.htaccess" -}} {{- if and .Values.customHTAccessCM .Values.allowOverrideNone -}} wordpress: customHTAccessCM You are trying to use custom htaccess rules but Apache was configured to prohibit overriding directives with htaccess files. To use this feature, allow overriding Apache directives (--set allowOverrideNone=false). {{- end -}} {{- end -}} {{/* Validate values of WordPress - Database */}} {{- define "wordpress.validateValues.database" -}} {{- if and (not .Values.mariadb.enabled) (or (empty .Values.externalDatabase.host) (empty .Values.externalDatabase.port) (empty .Values.externalDatabase.database)) -}} wordpress: database You disable the MariaDB installation but you did not provide the required parameters to use an external database. To use an external database, please ensure you provide (at least) the following values: externalDatabase.host=DB_SERVER_HOST externalDatabase.database=DB_NAME externalDatabase.port=DB_SERVER_PORT {{- end -}} {{- end -}} {{/* Validate values of WordPress - Cache */}} {{- define "wordpress.validateValues.cache" -}} {{- if and .Values.wordpressConfigureCache (not .Values.memcached.enabled) (or (empty .Values.externalCache.host) (empty .Values.externalCache.port)) -}} wordpress: cache You enabled cache via W3 Total Cache without but you did not enable the Memcached installation nor you did provided the required parameters to use an external cache server. Please enable the Memcached installation (--set memcached.enabled=true) or provide the external cache server values: externalCache.host=CACHE_SERVER_HOST externalCache.port=CACHE_SERVER_PORT {{- end -}} {{- end -}} |
helm/charts/wordpress/templates/config-secret.yaml
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 |
{{- if (include "wordpress.createConfigSecret" .) }} apiVersion: v1 kind: Secret metadata: name: {{ printf "%s-configuration" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-" }} namespace: {{ .Release.Namespace | quote }} labels: {{- include "common.labels.standard" . | nindent 4 }} {{- if .Values.commonLabels }} {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} {{- end }} {{- if .Values.commonAnnotations }} annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} {{- end }} data: wp-config.php: {{ .Values.wordpressConfiguration | b64enc }} {{- end }} |
helm/charts/wordpress/templates/deployment.yaml
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 |
apiVersion: {{ include "common.capabilities.deployment.apiVersion" . }} kind: Deployment metadata: name: {{ include "common.names.fullname" . }} namespace: {{ .Release.Namespace | quote }} labels: {{- include "common.labels.standard" . | nindent 4 }} {{- if .Values.commonLabels }} {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} {{- end }} {{- if .Values.commonAnnotations }} annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} {{- end }} spec: selector: matchLabels: {{- include "common.labels.matchLabels" . | nindent 6 }} {{- if .Values.updateStrategy }} strategy: {{- toYaml .Values.updateStrategy | nindent 4 }} {{- end }} {{- if not .Values.autoscaling.enabled }} replicas: {{ .Values.replicaCount }} {{- end }} template: metadata: labels: {{- include "common.labels.standard" . | nindent 8 }} {{- if .Values.podLabels }} {{- include "common.tplvalues.render" (dict "value" .Values.podLabels "context" $) | nindent 8 }} {{- end }} {{- if or .Values.podAnnotations .Values.metrics.enabled (include "wordpress.createConfigSecret" .) }} annotations: {{- if .Values.podAnnotations }} {{- include "common.tplvalues.render" (dict "value" .Values.podAnnotations "context" $) | nindent 8 }} {{- end }} {{- if .Values.metrics.podAnnotations }} {{- include "common.tplvalues.render" (dict "value" .Values.metrics.podAnnotations "context" $) | nindent 8 }} {{- end }} {{- if (include "wordpress.createConfigSecret" .) }} checksum/config-secret: {{ include (print $.Template.BasePath "/config-secret.yaml") . | sha256sum }} {{- end }} {{- end }} spec: {{- include "wordpress.imagePullSecrets" . | nindent 6 }} {{- if .Values.hostAliases }} # yamllint disable rule:indentation hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.hostAliases "context" $) | nindent 8 }} # yamllint enable rule:indentation {{- end }} {{- if .Values.affinity }} affinity: {{- include "common.tplvalues.render" (dict "value" .Values.affinity "context" $) | nindent 8 }} {{- else }} affinity: podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.podAffinityPreset "context" $) | nindent 10 }} podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.podAntiAffinityPreset "context" $) | nindent 10 }} nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.nodeAffinityPreset.type "key" .Values.nodeAffinityPreset.key "values" .Values.nodeAffinityPreset.values) | nindent 10 }} {{- end }} {{- if .Values.nodeSelector }} nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.nodeSelector "context" $) | nindent 8 }} {{- end }} {{- if .Values.tolerations }} tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.tolerations "context" $) | nindent 8 }} {{- end }} {{- if .Values.priorityClassName }} priorityClassName: {{ .Values.priorityClassName }} {{- end }} {{- if .Values.schedulerName }} schedulerName: {{ .Values.schedulerName | quote }} {{- end }} {{- if .Values.podSecurityContext.enabled }} securityContext: {{- omit .Values.podSecurityContext "enabled" | toYaml | nindent 8 }} {{- end }} serviceAccountName: {{ include "wordpress.serviceAccountName" .}} {{- if .Values.topologySpreadConstraints }} topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.topologySpreadConstraints "context" .) | nindent 8 }} {{- end }} {{- if or (and .Values.podSecurityContext.enabled .Values.volumePermissions.enabled .Values.persistence.enabled) (.Values.initContainers) }} initContainers: {{- if and .Values.podSecurityContext.enabled .Values.volumePermissions.enabled .Values.persistence.enabled }} - name: volume-permissions image: "{{ include "wordpress.volumePermissions.image" . }}" imagePullPolicy: {{ .Values.volumePermissions.image.pullPolicy | quote }} command: - /bin/bash args: - -ec - | mkdir -p /bitnami/wordpress {{- if eq ( toString ( .Values.volumePermissions.containerSecurityContext.runAsUser )) "auto" }} find /bitnami/wordpress -mindepth 0 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" | xargs -r chown -R $(id -u):$(id -G | cut -d " " -f2) {{- else }} find /bitnami/wordpress -mindepth 0 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" | xargs -r chown -R {{ .Values.containerSecurityContext.runAsUser }}:{{ .Values.podSecurityContext.fsGroup }} {{- end }} {{- if eq ( toString ( .Values.volumePermissions.containerSecurityContext.runAsUser )) "auto " }} securityContext: {{- omit .Values.volumePermissions.containerSecurityContext "runAsUser" | toYaml | nindent 12 }} {{- else }} securityContext: {{- .Values.volumePermissions.containerSecurityContext | toYaml | nindent 12 }} {{- end }} {{- if .Values.volumePermissions.resources }} resources: {{- toYaml .Values.volumePermissions.resources | nindent 12 }} {{- end }} volumeMounts: - mountPath: /bitnami/wordpress name: wordpress-data subPath: wordpress {{- end }} {{- if .Values.initContainers }} {{- include "common.tplvalues.render" (dict "value" .Values.initContainers "context" $) | nindent 8 }} {{- end }} {{- end }} containers: - name: wordpress image: {{ include "wordpress.image" . }} imagePullPolicy: {{ .Values.image.pullPolicy | quote }} {{- if .Values.diagnosticMode.enabled }} command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }} {{- else if .Values.command }} command: {{- include "common.tplvalues.render" ( dict "value" .Values.command "context" $) | nindent 12 }} {{- end }} {{- if .Values.diagnosticMode.enabled }} args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 12 }} {{- else if .Values.args }} args: {{- include "common.tplvalues.render" ( dict "value" .Values.args "context" $) | nindent 12 }} {{- end }} # command: ["sleep", "500"] {{- if .Values.containerSecurityContext.enabled }} securityContext: {{- omit .Values.containerSecurityContext "enabled" | toYaml | nindent 12 }} {{- end }} env: - name: BITNAMI_DEBUG value: {{ ternary "true" "false" (or .Values.image.debug .Values.diagnosticMode.enabled) | quote }} - name: ALLOW_EMPTY_PASSWORD value: {{ ternary "yes" "no" .Values.allowEmptyPassword | quote }} - name: MARIADB_HOST value: {{ include "wordpress.databaseHost" . | quote }} - name: MARIADB_PORT_NUMBER value: {{ include "wordpress.databasePort" . | quote }} - name: WORDPRESS_DATABASE_NAME value: {{ include "wordpress.databaseName" . | quote }} - name: WORDPRESS_DATABASE_USER value: {{ include "wordpress.databaseUser" . | quote }} - name: WORDPRESS_DATABASE_PASSWORD valueFrom: secretKeyRef: name: {{ include "wordpress.databaseSecretName" . }} key: mariadb-password - name: WORDPRESS_USERNAME value: {{ .Values.wordpressUsername | quote }} - name: WORDPRESS_PASSWORD valueFrom: secretKeyRef: name: {{ include "wordpress.secretName" . }} key: wordpress-password - name: WORDPRESS_EMAIL value: {{ .Values.wordpressEmail | quote }} - name: WORDPRESS_FIRST_NAME value: {{ .Values.wordpressFirstName | quote }} - name: WORDPRESS_LAST_NAME value: {{ .Values.wordpressLastName | quote }} - name: WORDPRESS_HTACCESS_OVERRIDE_NONE value: {{ ternary "yes" "no" .Values.allowOverrideNone | quote }} - name: WORDPRESS_ENABLE_HTACCESS_PERSISTENCE value: {{ ternary "yes" "no" .Values.htaccessPersistenceEnabled | quote }} - name: WORDPRESS_BLOG_NAME value: {{ .Values.wordpressBlogName | quote }} - name: WORDPRESS_SKIP_BOOTSTRAP value: {{ ternary "yes" "no" .Values.wordpressSkipInstall | quote }} - name: WORDPRESS_TABLE_PREFIX value: {{ .Values.wordpressTablePrefix | quote }} - name: WORDPRESS_SCHEME value: {{ .Values.wordpressScheme | quote }} - name: WORDPRESS_EXTRA_WP_CONFIG_CONTENT value: {{ .Values.wordpressExtraConfigContent | quote }} - name: WORDPRESS_PLUGINS value: {{ join "," .Values.wordpressPlugins | quote }} - name: APACHE_HTTP_PORT_NUMBER value: {{ .Values.containerPorts.http | quote }} - name: APACHE_HTTPS_PORT_NUMBER value: {{ .Values.containerPorts.https | quote }} {{- if .Values.overrideDatabaseSettings }} - name: WORDPRESS_OVERRIDE_DATABASE_SETTINGS value: "yes" {{- end }} {{- if .Values.multisite.enable }} - name: WORDPRESS_ENABLE_MULTISITE value: "yes" - name: WORDPRESS_MULTISITE_HOST value: {{ .Values.multisite.host | quote }} - name: WORDPRESS_MULTISITE_EXTERNAL_HTTP_PORT_NUMBER value: {{ .Values.service.ports.http | quote }} - name: WORDPRESS_MULTISITE_EXTERNAL_HTTPS_PORT_NUMBER value: {{ .Values.service.ports.https | quote }} - name: WORDPRESS_MULTISITE_NETWORK_TYPE value: {{ .Values.multisite.networkType | quote }} - name: WORDPRESS_MULTISITE_ENABLE_NIP_IO_REDIRECTION value: {{ ternary "yes" "no" .Values.multisite.enableNipIoRedirect | quote }} {{- end }} {{- if .Values.smtpHost }} - name: SMTP_HOST value: {{ .Values.smtpHost | quote }} {{- end }} {{- if .Values.smtpPort }} - name: SMTP_PORT value: {{ .Values.smtpPort | quote }} {{- end }} {{- if .Values.smtpUser }} - name: SMTP_USER value: {{ .Values.smtpUser | quote }} {{- end }} {{- if or .Values.smtpPassword .Values.smtpExistingSecret }} - name: SMTP_PASSWORD valueFrom: secretKeyRef: name: {{ include "wordpress.smtpSecretName" . }} key: smtp-password {{- end }} {{- if .Values.smtpProtocol }} - name: SMTP_PROTOCOL value: {{ .Values.smtpProtocol | quote }} {{- end }} {{- if .Values.extraEnvVars }} {{- include "common.tplvalues.render" (dict "value" .Values.extraEnvVars "context" $) | nindent 12 }} {{- end }} envFrom: {{- if .Values.extraEnvVarsCM }} - configMapRef: name: {{ include "common.tplvalues.render" (dict "value" .Values.extraEnvVarsCM "context" $) }} {{- end }} {{- if .Values.extraEnvVarsSecret }} - secretRef: name: {{ include "common.tplvalues.render" (dict "value" .Values.extraEnvVarsSecret "context" $) }} {{- end }} ports: - name: http containerPort: {{ .Values.containerPorts.http }} - name: https containerPort: {{ .Values.containerPorts.https }} {{- if .Values.extraContainerPorts }} {{- include "common.tplvalues.render" (dict "value" .Values.extraContainerPorts "context" $) | nindent 12 }} {{- end }} {{- if .Values.lifecycleHooks }} lifecycle: {{- include "common.tplvalues.render" (dict "value" .Values.lifecycleHooks "context" $) | nindent 12 }} {{- end }} {{- if not .Values.diagnosticMode.enabled }} {{- if .Values.customLivenessProbe }} livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.customLivenessProbe "context" $) | nindent 12 }} {{- else if .Values.livenessProbe.enabled }} livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.livenessProbe "enabled") "context" $) | nindent 12 }} {{- end }} {{- if .Values.customReadinessProbe }} readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.customReadinessProbe "context" $) | nindent 12 }} {{- else if .Values.readinessProbe.enabled }} readinessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.readinessProbe "enabled") "context" $) | nindent 12 }} {{- end }} {{- if .Values.customStartupProbe }} startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.customStartupProbe "context" $) | nindent 12 }} {{- else if .Values.startupProbe.enabled }} startupProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.startupProbe "enabled") "context" $) | nindent 12 }} {{- end }} {{- end }} {{- if .Values.resources }} resources: {{- toYaml .Values.resources | nindent 12 }} {{- end }} volumeMounts: - mountPath: /bitnami/wordpress name: wordpress-data subPath: wordpress {{- if or .Values.wordpressConfiguration .Values.existingWordPressConfigurationSecret }} - name: wordpress-config mountPath: /opt/bitnami/wordpress/wp-config.php subPath: wp-config.php {{- end }} {{- if or .Values.apacheConfiguration .Values.existingApacheConfigurationConfigMap }} - name: apache-config mountPath: /opt/bitnami/apache/conf/httpd.conf subPath: httpd.conf {{- end }} {{- if and (not .Values.allowOverrideNone) .Values.customHTAccessCM }} - mountPath: /opt/bitnami/apache/conf/vhosts/htaccess name: custom-htaccess {{- end }} {{- if or .Values.customPostInitScripts .Values.wordpressConfigureCache }} - mountPath: /docker-entrypoint-init.d name: custom-postinit {{- end }} {{- if .Values.extraVolumeMounts }} {{- include "common.tplvalues.render" (dict "value" .Values.extraVolumeMounts "context" $) | nindent 12 }} {{- end }} {{- if .Values.metrics.enabled }} - name: metrics image: {{ include "wordpress.metrics.image" . }} imagePullPolicy: {{ .Values.metrics.image.pullPolicy | quote }} {{- if .Values.diagnosticMode.enabled }} command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }} args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 12 }} {{- else if .Values.diagnosticMode.enabled }} command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }} {{- else }} command: - /bin/apache_exporter - --scrape_uri - http://status.localhost:8080/server-status/?auto {{- end }} ports: - name: metrics containerPort: {{ .Values.metrics.containerPorts.metrics }} {{- if not .Values.diagnosticMode.enabled }} {{- if .Values.metrics.customLivenessProbe }} livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.metrics.customLivenessProbe "context" $) | nindent 12 }} {{- else if .Values.metrics.livenessProbe.enabled }} livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.metrics.livenessProbe "enabled") "context" $) | nindent 12 }} httpGet: path: /metrics port: metrics {{- end }} {{- if .Values.metrics.customReadinessProbe }} readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.metrics.customReadinessProbe "context" $) | nindent 12 }} {{- else if .Values.metrics.readinessProbe.enabled }} readinessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.metrics.readinessProbe "enabled") "context" $) | nindent 12 }} httpGet: path: /metrics port: metrics {{- end }} {{- if .Values.metrics.customStartupProbe }} startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.metrics.customStartupProbe "context" $) | nindent 12 }} {{- else if .Values.metrics.startupProbe.enabled }} startupProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.metrics.startupProbe "enabled") "context" $) | nindent 12 }} tcpSocket: port: metrics {{- end }} {{- end }} {{- if .Values.metrics.resources }} resources: {{- toYaml .Values.metrics.resources | nindent 12 }} {{- end }} {{- end }} {{- if .Values.sidecars }} {{- include "common.tplvalues.render" (dict "value" .Values.sidecars "context" $) | nindent 8 }} {{- end }} volumes: {{- if or .Values.wordpressConfiguration .Values.existingWordPressConfigurationSecret }} - name: wordpress-config secret: secretName: {{ include "wordpress.configSecretName" . }} defaultMode: 0755 {{- end }} {{- if or .Values.apacheConfiguration .Values.existingApacheConfigurationConfigMap }} - name: apache-config configMap: name: {{ include "wordpress.apache.configmapName" . }} defaultMode: 0644 {{- end }} {{- if and (not .Values.allowOverrideNone) .Values.customHTAccessCM }} - name: custom-htaccess configMap: name: {{ include "wordpress.customHTAccessCM" . }} items: - key: wordpress-htaccess.conf path: wordpress-htaccess.conf {{- end }} {{- if or .Values.customPostInitScripts .Values.wordpressConfigureCache }} - name: custom-postinit configMap: name: {{ printf "%s-postinit" (include "common.names.fullname" .) }} defaultMode: 0755 {{- end }} - name: wordpress-data {{- if .Values.persistence.enabled }} persistentVolumeClaim: claimName: {{ .Values.persistence.existingClaim | default (include "common.names.fullname" .)}}-efs-claim {{- else }} emptyDir: {} {{- end }} {{- if .Values.extraVolumes }} {{- include "common.tplvalues.render" (dict "value" .Values.extraVolumes "context" $) | nindent 8 }} {{- end }} |
helm/charts/wordpress/templates/external-secrets.yaml
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 |
{{- if .Values.ExternalSecrets }} apiVersion: kubernetes-client.io/v1 kind: ExternalSecret metadata: name: {{ include "common.names.fullname" . }}-aws labels: {{- include "common.labels.standard" . | nindent 4 }}-aws {{- if .Values.commonLabels }} {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} {{- end }} annotations: "helm.sh/hook": pre-install "helm.sh/hook-weight": "1" spec: backendType: secretsManager dataFrom: - {{ .Values.ExternalSecrets }} {{- end }} |
helm/charts/wordpress/templates/externaldb-secrets.yaml
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 |
{{- if not (or .Values.mariadb.enabled .Values.externalDatabase.existingSecret) }} apiVersion: v1 kind: Secret metadata: name: {{ printf "%s-externaldb" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-" }} namespace: {{ .Release.Namespace | quote }} labels: {{- include "common.labels.standard" . | nindent 4 }} {{- if .Values.commonLabels }} {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} {{- end }} {{- if .Values.commonAnnotations }} annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} {{- end }} type: Opaque data: mariadb-password: {{ .Values.externalDatabase.password | b64enc | quote }} {{- end }} |
helm/charts/wordpress/templates/extra-list.yaml
1 2 3 4 5 |
{{- range .Values.extraDeploy }} --- {{ include "common.tplvalues.render" (dict "value" . "context" $) }} {{- end }} |
helm/charts/wordpress/templates/hpa.yaml
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 |
{{- if .Values.autoscaling.enabled }} apiVersion: {{ include "common.capabilities.hpa.apiVersion" ( dict "context" $ ) }} kind: HorizontalPodAutoscaler metadata: name: {{ include "common.names.fullname" . }} namespace: {{ .Release.Namespace | quote }} labels: {{- include "common.labels.standard" . | nindent 4 }} {{- if .Values.commonLabels }} {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} {{- end }} {{- if .Values.commonAnnotations }} annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} {{- end }} spec: scaleTargetRef: apiVersion: {{ include "common.capabilities.deployment.apiVersion" . }} kind: Deployment name: {{ include "common.names.fullname" . }} minReplicas: {{ .Values.autoscaling.minReplicas }} maxReplicas: {{ .Values.autoscaling.maxReplicas }} metrics: {{- if .Values.autoscaling.targetCPU }} - type: Resource resource: name: cpu {{- if semverCompare "<1.23-0" (include "common.capabilities.kubeVersion" .) }} targetAverageUtilization: {{ .Values.autoscaling.targetCPU }} {{- else }} target: type: Utilization averageUtilization: {{ .Values.autoscaling.targetCPU }} {{- end }} {{- end }} {{- if .Values.autoscaling.targetMemory }} - type: Resource resource: name: memory {{- if semverCompare "<1.23-0" (include "common.capabilities.kubeVersion" .) }} targetAverageUtilization: {{ .Values.autoscaling.targetMemory }} {{- else }} target: type: Utilization averageUtilization: {{ .Values.autoscaling.targetMemory }} {{- end }} {{- end }} {{- end }} |
helm/charts/wordpress/templates/httpd-configmap.yaml
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 |
{{- if (include "wordpress.apache.createConfigmap" .) }} apiVersion: v1 kind: ConfigMap metadata: name: {{ printf "%s-apache-configuration" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-" }} namespace: {{ .Release.Namespace | quote }} labels: {{- include "common.labels.standard" . | nindent 4 }} {{- if .Values.commonLabels }} {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} {{- end }} {{- if .Values.commonAnnotations }} annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} {{- end }} data: httpd.conf: |- {{- .Values.apacheConfiguration | nindent 4 }} {{- end }} |
helm/charts/wordpress/templates/ingress.yaml