diff --git a/charts/self-host/templates/admin.yaml b/charts/self-host/templates/admin.yaml index 5915b07d..6c55fa5e 100644 --- a/charts/self-host/templates/admin.yaml +++ b/charts/self-host/templates/admin.yaml @@ -7,6 +7,7 @@ metadata: labels: app.kubernetes.io/component: admin app: {{ template "bitwarden.admin" . }} + {{ include "bitwarden.labels" . | indent 4 }} {{- with .Values.component.admin.labels }} {{ toYaml . | indent 4 }} @@ -25,6 +26,7 @@ spec: app: {{ template "bitwarden.admin" . }} {{ include "bitwarden.labels" . | indent 8 }} spec: +{{ include "bitwarden.podCoLocation.affinity" . | indent 6 }} {{- if .Values.component.admin.podServiceAccount }} serviceAccount: "{{ .Values.component.admin.podServiceAccount }}" serviceAccountName: "{{ .Values.component.admin.podServiceAccount }}" diff --git a/charts/self-host/templates/attachments.yaml b/charts/self-host/templates/attachments.yaml index 18ddb31e..f1ce4364 100644 --- a/charts/self-host/templates/attachments.yaml +++ b/charts/self-host/templates/attachments.yaml @@ -12,6 +12,7 @@ metadata: {{ toYaml . | indent 4 }} {{- end }} spec: + replicas: 1 strategy: type: "{{ .Values.component.attachments.deploymentStrategy }}" @@ -25,6 +26,7 @@ spec: app.kubernetes.io/component: attachments {{ include "bitwarden.labels" . | indent 8 }} spec: +{{ include "bitwarden.podCoLocation.affinity" . | indent 6 }} {{- if .Values.component.attachments.podServiceAccount }} serviceAccount: "{{ .Values.component.attachments.podServiceAccount }}" serviceAccountName: "{{ .Values.component.attachments.podServiceAccount }}" diff --git a/charts/self-host/templates/events.yaml b/charts/self-host/templates/events.yaml index 3b615d4a..83189a89 100644 --- a/charts/self-host/templates/events.yaml +++ b/charts/self-host/templates/events.yaml @@ -12,6 +12,7 @@ metadata: {{ toYaml . | indent 4 }} {{- end }} spec: + replicas: 1 strategy: type: "{{ .Values.component.events.deploymentStrategy }}" @@ -25,6 +26,7 @@ spec: app.kubernetes.io/component: events {{ include "bitwarden.labels" . | indent 8 }} spec: +{{ include "bitwarden.podCoLocation.affinity" . | indent 6 }} {{- if .Values.component.events.podServiceAccount }} serviceAccount: "{{ .Values.component.events.podServiceAccount }}" serviceAccountName: "{{ .Values.component.events.podServiceAccount }}" diff --git a/charts/self-host/templates/helpers.tpl b/charts/self-host/templates/helpers.tpl index 8e537cbb..5ee7a4cb 100644 --- a/charts/self-host/templates/helpers.tpl +++ b/charts/self-host/templates/helpers.tpl @@ -51,6 +51,9 @@ app.kubernetes.io/name: {{ template "bitwarden.name" . }} app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/instance: {{ .Release.Name }} helm.sh/chart: {{ template "bitwarden.chart" . }} +{{- if eq .Values.general.volumeAccessMode "ReadWriteOnce" }} +app.kubernetes.io/storage: "ReadWriteOnce" +{{- end -}} {{- if .Values.general.labels }} {{ toYaml .Values.general.labels }} {{- end -}} @@ -225,6 +228,22 @@ Name of SCIM components {{ template "bitwarden.fullname" . }}-scim {{- end -}} +{{- define "bitwarden.podCoLocation.affinity" -}} +{{- if eq .Values.general.volumeAccessMode "ReadWriteOnce" }} +affinity: + podAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: app.kubernetes.io/storage + operator: In + values: + - ReadWriteOnce + topologyKey: "kubernetes.io/hostname" +{{- end -}} +{{- end -}} + + {{/* Name of the keys secret */}} diff --git a/charts/self-host/templates/icons.yaml b/charts/self-host/templates/icons.yaml index ef8539c2..9f4edb7c 100644 --- a/charts/self-host/templates/icons.yaml +++ b/charts/self-host/templates/icons.yaml @@ -25,6 +25,7 @@ spec: app.kubernetes.io/component: icons {{ include "bitwarden.labels" . | indent 8 }} spec: +{{ include "bitwarden.podCoLocation.affinity" . | indent 6 }} {{- if .Values.component.icons.podServiceAccount }} serviceAccount: "{{ .Values.component.icons.podServiceAccount }}" serviceAccountName: "{{ .Values.component.icons.podServiceAccount }}" diff --git a/charts/self-host/templates/identity.yaml b/charts/self-host/templates/identity.yaml index 5a007422..3b5771e7 100644 --- a/charts/self-host/templates/identity.yaml +++ b/charts/self-host/templates/identity.yaml @@ -25,6 +25,7 @@ spec: app.kubernetes.io/component: identity {{ include "bitwarden.labels" . | indent 8 }} spec: +{{ include "bitwarden.podCoLocation.affinity" . | indent 6 }} {{- if .Values.component.identity.podServiceAccount }} serviceAccount: "{{ .Values.component.identity.podServiceAccount }}" serviceAccountName: "{{ .Values.component.identity.podServiceAccount }}" diff --git a/charts/self-host/templates/notifications.yaml b/charts/self-host/templates/notifications.yaml index ef262a88..7a1efff1 100644 --- a/charts/self-host/templates/notifications.yaml +++ b/charts/self-host/templates/notifications.yaml @@ -25,6 +25,7 @@ spec: app.kubernetes.io/component: notifications {{ include "bitwarden.labels" . | indent 8 }} spec: +{{ include "bitwarden.podCoLocation.affinity" . | indent 6 }} {{- if .Values.component.notifications.podServiceAccount }} serviceAccount: "{{ .Values.component.notifications.podServiceAccount }}" serviceAccountName: "{{ .Values.component.notifications.podServiceAccount }}" diff --git a/charts/self-host/templates/post-install-db-migrator-job.yaml b/charts/self-host/templates/post-install-db-migrator-job.yaml index 174591e8..4ed62cdb 100644 --- a/charts/self-host/templates/post-install-db-migrator-job.yaml +++ b/charts/self-host/templates/post-install-db-migrator-job.yaml @@ -16,6 +16,18 @@ spec: labels: app.kubernetes.io/component: post-install-db-migrator-job spec: + {{- if and (.Values.database.enabled) ( eq .Values.general.volumeAccessMode "ReadWriteOnce") }} + affinity: + podAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: app + operator: In + values: + - {{ template "bitwarden.mssql" . }} + topologyKey: "kubernetes.io/hostname" + {{- end }} {{- if .Values.serviceAccount.name }} serviceAccountName: "{{ .Values.serviceAccount.name }}" {{- end }} diff --git a/charts/self-host/templates/pre-install-db-migrator-job.yaml b/charts/self-host/templates/pre-install-db-migrator-job.yaml index b808ba2f..d58e86dd 100644 --- a/charts/self-host/templates/pre-install-db-migrator-job.yaml +++ b/charts/self-host/templates/pre-install-db-migrator-job.yaml @@ -20,6 +20,18 @@ spec: labels: app.kubernetes.io/component: pre-install-db-migrator-job spec: + {{- if and (.Values.database.enabled) (eq .Values.general.volumeAccessMode "ReadWriteOnce") }} + affinity: + podAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: app + operator: In + values: + - {{ template "bitwarden.mssql" . }} + topologyKey: "kubernetes.io/hostname" + {{- end }} {{- if .Values.serviceAccount.name }} serviceAccountName: "{{ .Values.serviceAccount.name }}" {{- end }} diff --git a/charts/self-host/templates/scim.yaml b/charts/self-host/templates/scim.yaml index 5f2dbd4e..e722cae2 100644 --- a/charts/self-host/templates/scim.yaml +++ b/charts/self-host/templates/scim.yaml @@ -26,6 +26,7 @@ spec: app.kubernetes.io/component: scim {{ include "bitwarden.labels" . | indent 8 }} spec: +{{ include "bitwarden.podCoLocation.affinity" . | indent 6 }} {{- if .Values.component.scim.podServiceAccount }} serviceAccount: "{{ .Values.component.scim.podServiceAccount }}" serviceAccountName: "{{ .Values.component.scim.podServiceAccount }}" diff --git a/charts/self-host/templates/sso.yaml b/charts/self-host/templates/sso.yaml index 02c3c7b4..9a6d4c88 100644 --- a/charts/self-host/templates/sso.yaml +++ b/charts/self-host/templates/sso.yaml @@ -25,6 +25,7 @@ spec: app.kubernetes.io/component: sso {{ include "bitwarden.labels" . | indent 8 }} spec: +{{ include "bitwarden.podCoLocation.affinity" . | indent 6 }} {{- if .Values.component.sso.podServiceAccount }} serviceAccount: "{{ .Values.component.sso.podServiceAccount }}" serviceAccountName: "{{ .Values.component.sso.podServiceAccount }}"