kind: Deployment
apiVersion: apps/v1
metadata:
  name: {{ include "ceph-csi-rbd.provisioner.fullname" . }}
  namespace: {{ .Release.Namespace }}
  labels:
    app: {{ include "ceph-csi-rbd.name" . }}
    chart: {{ include "ceph-csi-rbd.chart" . }}
    component: {{ .Values.provisioner.name }}
    release: {{ .Release.Name }}
    heritage: {{ .Release.Service }}
spec:
  replicas: {{ .Values.provisioner.replicaCount }}
  selector:
    matchLabels:
      app: {{ include "ceph-csi-rbd.name" . }}
      component: {{ .Values.provisioner.name }}
      release: {{ .Release.Name }}
  template:
    metadata:
      labels:
        app: {{ include "ceph-csi-rbd.name" . }}
        chart: {{ include "ceph-csi-rbd.chart" . }}
        component: {{ .Values.provisioner.name }}
        release: {{ .Release.Name }}
        heritage: {{ .Release.Service }}
    spec:
      serviceAccountName: {{ include "ceph-csi-rbd.serviceAccountName.provisioner" . }}
      containers:
        - name: csi-provisioner
          image: "{{ .Values.provisioner.provisioner.image.repository }}:{{ .Values.provisioner.provisioner.image.tag }}"
          imagePullPolicy: {{ .Values.provisioner.provisioner.image.pullPolicy }}
          args:
            - "--csi-address=$(ADDRESS)"
            - "--v=5"
            - "--timeout=60s"
            - "--enable-leader-election=true"
            - "--leader-election-type=leases"
            - "--retry-interval-start=500ms"
          env:
            - name: ADDRESS
              value: "{{ .Values.socketDir }}/{{ .Values.socketFile }}"
          volumeMounts:
            - name: socket-dir
              mountPath: {{ .Values.socketDir }}
          resources:
{{ toYaml .Values.provisioner.provisioner.resources | indent 12 }}
        - name: csi-snapshotter
          image: {{ .Values.provisioner.snapshotter.image.repository }}:{{ .Values.provisioner.snapshotter.image.tag }}
          imagePullPolicy: {{ .Values.provisioner.snapshotter.image.pullPolicy }}
          args:
            - "--csi-address=$(ADDRESS)"
            - "--v=5"
            - "--timeout=60s"
            - "leader-election=true"
          env:
            - name: ADDRESS
              value: "{{ .Values.socketDir }}/{{ .Values.socketFile }}"
          securityContext:
            privileged: true
          volumeMounts:
            - name: socket-dir
              mountPath: {{ .Values.socketDir }}
          resources:
{{ toYaml .Values.provisioner.snapshotter.resources | indent 12 }}
{{- if .Values.provisioner.attacher.enabled }}
        - name: csi-attacher
          image: "{{ .Values.provisioner.attacher.image.repository }}:{{ .Values.provisioner.attacher.image.tag }}"
          imagePullPolicy: {{ .Values.provisioner.attacher.image.pullPolicy }}
          args:
            - "--v=5"
            - "--csi-address=$(ADDRESS)"
            - "leader-election=true"
            - "--leader-election-type=leases"
          env:
            - name: ADDRESS
              value: "{{ .Values.socketDir }}/{{ .Values.socketFile }}"
          volumeMounts:
            - name: socket-dir
              mountPath: {{ .Values.socketDir }}
          resources:
{{ toYaml .Values.provisioner.attacher.resources | indent 12 }}
{{- end }}
        - name: csi-rbdplugin
          securityContext:
            privileged: true
            capabilities:
              add: ["SYS_ADMIN"]
            allowPrivilegeEscalation: true
          image: "{{ .Values.nodeplugin.plugin.image.repository }}:{{ .Values.nodeplugin.plugin.image.tag }}"
          imagePullPolicy: {{ .Values.nodeplugin.plugin.image.pullPolicy }}
          args :
            - "--nodeid=$(NODE_ID)"
            - "--type=rbd"
            - "--endpoint=$(CSI_ENDPOINT)"
            - "--v=5"
            - "--drivername=$(DRIVER_NAME)"
            - "--containerized=true"
            - "--pidlimit=-1"
          env:
            - name: DRIVER_NAME
              value: {{ .Values.driverName }}
            - name: NODE_ID
              valueFrom:
                fieldRef:
                  fieldPath: spec.nodeName
            - name: CSI_ENDPOINT
              value: "unix:/{{ .Values.socketDir }}/{{ .Values.socketFile }}"
          volumeMounts:
            - name: socket-dir
              mountPath: {{ .Values.socketDir }}
            - name: host-rootfs
              mountPath: "/rootfs"
            - name: ceph-csi-config
              mountPath: /etc/ceph-csi-config/
            - name: keys-tmp-dir
              mountPath: /tmp/csi/keys
          resources:
{{ toYaml .Values.nodeplugin.plugin.resources | indent 12 }}
      volumes:
        - name: socket-dir
          emptyDir: {}
#FIXME this seems way too much. Why is it needed at all for this?
        - name: host-rootfs
          hostPath:
            path: /
        - name: ceph-csi-config
          configMap:
            name: {{ .Values.configMapName | quote }}
        - name: keys-tmp-dir
          emptyDir: {
            medium: "Memory"
          }
{{- if .Values.provisioner.affinity }}
      affinity:
{{ toYaml .Values.provisioner.affinity . | indent 8 -}}
{{- end -}}
{{- if .Values.provisioner.nodeSelector }}
      nodeSelector:
{{ toYaml .Values.provisioner.nodeSelector | indent 8 -}}
{{- end -}}
{{- if .Values.provisioner.tolerations }}
      tolerations:
{{ toYaml .Values.provisioner.tolerations | indent 8 -}}
{{- end -}}