blob: 0f491d887206d1f89929f0fb3749ac6703aadedc [file] [log] [blame]
Gurjeet Bedi274c5792018-03-27 10:22:52 -04001# Copyright © 2018 Amdocs, AT&T
toshrajbhardwaj84d73b12018-08-06 07:35:14 +00002# Modifications Copyright © 2018 Bell Canada
Gurjeet Bedi274c5792018-03-27 10:22:52 -04003#
4# Licensed under the Apache License, Version 2.0 (the "License");
5# you may not use this file except in compliance with the License.
6# You may obtain a copy of the License at
7#
8# http://www.apache.org/licenses/LICENSE-2.0
9#
10# Unless required by applicable law or agreed to in writing, software
11# distributed under the License is distributed on an "AS IS" BASIS,
12# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13# See the License for the specific language governing permissions and
14# limitations under the License.
15
16apiVersion: extensions/v1beta1
17kind: Deployment
18metadata:
19 name: {{ include "common.fullname" . }}
20 namespace: {{ include "common.namespace" . }}
21 labels:
22 app: {{ include "common.name" . }}
23 chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
24 release: {{ .Release.Name }}
25 heritage: {{ .Release.Service }}
26spec:
27 replicas: {{ .Values.replicaCount }}
28 template:
29 metadata:
30 labels:
31 app: {{ include "common.name" . }}
32 release: {{ .Release.Name }}
33 spec:
Ravi Geda375666c2018-09-30 21:14:41 +010034 {{ if .Values.global.installSidecarSecurity }}
Ravi Geda375666c2018-09-30 21:14:41 +010035 initContainers:
36 - name: {{ .Values.global.tproxyConfig.name }}
37 image: "{{ include "common.repository" . }}/{{ .Values.global.tproxyConfig.image }}"
38 imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
39 securityContext:
40 privileged: true
41 {{ end }}
Gurjeet Bedi274c5792018-03-27 10:22:52 -040042 containers:
43 - name: {{ .Chart.Name }}
BorislavG809b1d72018-05-06 12:55:20 +000044 image: "{{ include "common.repository" . }}/{{ .Values.image }}"
Gurjeet Bedi274c5792018-03-27 10:22:52 -040045 imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
46 ports:
47 - containerPort: {{ .Values.service.internalPort }}
48 # disable liveness probe when breakpoints set in debugger
49 # so K8s doesn't restart unresponsive container
kj8bc9a7c2018-03-28 18:10:32 +030050 {{ if .Values.liveness.enabled }}
Gurjeet Bedi274c5792018-03-27 10:22:52 -040051 livenessProbe:
52 tcpSocket:
53 port: {{ .Values.service.internalPort }}
54 initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
Yang Xu9224dc22019-02-17 16:27:14 -050055 timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
Gurjeet Bedi274c5792018-03-27 10:22:52 -040056 periodSeconds: {{ .Values.liveness.periodSeconds }}
kj8bc9a7c2018-03-28 18:10:32 +030057 {{ end }}
Gurjeet Bedi274c5792018-03-27 10:22:52 -040058 readinessProbe:
59 tcpSocket:
60 port: {{ .Values.service.internalPort }}
61 initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
Yang Xu9224dc22019-02-17 16:27:14 -050062 timeoutSeconds: {{ .Values.readiness.timeoutSeconds }}
Gurjeet Bedi274c5792018-03-27 10:22:52 -040063 periodSeconds: {{ .Values.readiness.periodSeconds }}
64 env:
65 - name: CONFIG_HOME
66 value: /opt/app/crud-service/config/
67 - name: KEY_STORE_PASSWORD
68 valueFrom:
69 secretKeyRef:
70 name: {{ template "common.fullname" . }}-pass
71 key: KEY_STORE_PASSWORD
72 - name: KEY_MANAGER_PASSWORD
73 valueFrom:
74 secretKeyRef:
75 name: {{ template "common.fullname" . }}-pass
76 key: KEY_MANAGER_PASSWORD
77 - name: SERVICE_BEANS
78 value: /opt/app/crud-service/dynamic/conf
79 volumeMounts:
80 - mountPath: /etc/localtime
81 name: localtime
82 readOnly: true
83 - mountPath: /opt/app/crud-service/config/crud-api.properties
84 subPath: crud-api.properties
85 name: {{ include "common.fullname" . }}-config
Ravi Gedaadb991a2018-11-29 11:23:46 +000086 - mountPath: /opt/app/crud-service/config/schema-ingest.properties
87 subPath: schema-ingest.properties
88 name: {{ include "common.fullname" . }}-config
89 - mountPath: /opt/app/crud-service/config/edgeprops-ingest.properties
90 subPath: edgeprops-ingest.properties
Michael Arrastia73797fb2018-06-13 17:01:15 +010091 name: {{ include "common.fullname" . }}-config
Gurjeet Bedi274c5792018-03-27 10:22:52 -040092 - mountPath: /opt/app/crud-service/config/model/
93 name: {{ include "common.fullname" . }}-model-config
94 - mountPath: /opt/app/crud-service/config/auth
95 name: {{ include "common.fullname" . }}-auth-secret
96 - mountPath: /opt/app/crud-service/dynamic/conf/crud-beans.xml
97 name: {{ include "common.fullname" . }}-config
98 subPath: crud-beans.xml
99 - mountPath: /var/log/onap
100 name: {{ include "common.fullname" . }}-logs
101 - mountPath: /opt/app/crud-api/bundleconfig/etc/logback.xml
102 name: {{ include "common.fullname" . }}-logback-config
103 subPath: logback.xml
104 resources:
kranthikirang03078562018-12-07 16:12:02 -0500105{{ include "common.resources" . }}
106 {{- if .Values.nodeSelector }}
107 nodeSelector:
108{{ toYaml .Values.nodeSelector | indent 8 }}
109 {{- end -}}
110 {{- if .Values.affinity }}
111 affinity:
112{{ toYaml .Values.affinity | indent 8 }}
113 {{- end }}
Gurjeet Bedi274c5792018-03-27 10:22:52 -0400114
115 - name: filebeat-onap
116 image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}"
117 imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
118 volumeMounts:
119 - mountPath: /usr/share/filebeat/filebeat.yml
120 name: filebeat-conf
121 subPath: filebeat.yml
122 - mountPath: /var/log/onap
123 name: {{ include "common.fullname" . }}-logs
124 - mountPath: /usr/share/filebeat/data
125 name: {{ include "common.fullname" . }}-data-filebeat
126
Ravi Geda375666c2018-09-30 21:14:41 +0100127 {{ if .Values.global.installSidecarSecurity }}
128 - name: {{ .Values.global.rproxy.name }}
129 image: "{{ include "common.repository" . }}/{{ .Values.global.rproxy.image }}"
130 imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
131 env:
132 - name: CONFIG_HOME
133 value: "/opt/app/rproxy/config"
134 - name: KEY_STORE_PASSWORD
135 value: {{ .Values.config.keyStorePassword }}
136 - name: spring_profiles_active
137 value: {{ .Values.global.rproxy.activeSpringProfiles }}
138 volumeMounts:
139 - name: {{ include "common.fullname" . }}-rproxy-config
140 mountPath: /opt/app/rproxy/config/forward-proxy.properties
141 subPath: forward-proxy.properties
142 - name: {{ include "common.fullname" . }}-rproxy-config
143 mountPath: /opt/app/rproxy/config/primary-service.properties
144 subPath: primary-service.properties
145 - name: {{ include "common.fullname" . }}-rproxy-config
146 mountPath: /opt/app/rproxy/config/reverse-proxy.properties
147 subPath: reverse-proxy.properties
148 - name: {{ include "common.fullname" . }}-rproxy-config
149 mountPath: /opt/app/rproxy/config/cadi.properties
150 subPath: cadi.properties
151 - name: {{ include "common.fullname" . }}-rproxy-log-config
152 mountPath: /opt/app/rproxy/config/logback-spring.xml
153 subPath: logback-spring.xml
bwong2160e43952019-03-14 17:15:58 +0000154 - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config
155 mountPath: /opt/app/rproxy/config/auth/uri-authorization.json
156 subPath: uri-authorization.json
Lee, Tian (tl5884)f988fcc2019-01-11 16:52:27 +0000157 - name: {{ include "common.fullname" . }}-rproxy-auth-certs
Ravi Geda375666c2018-09-30 21:14:41 +0100158 mountPath: /opt/app/rproxy/config/auth/tomcat_keystore
159 subPath: tomcat_keystore
Lee, Tian (tl5884)f988fcc2019-01-11 16:52:27 +0000160 - name: {{ include "common.fullname" . }}-rproxy-auth-certs
Ravi Geda375666c2018-09-30 21:14:41 +0100161 mountPath: /opt/app/rproxy/config/auth/client-cert.p12
162 subPath: client-cert.p12
Lee, Tian (tl5884)f988fcc2019-01-11 16:52:27 +0000163 - name: {{ include "common.fullname" . }}-rproxy-auth-certs
164 mountPath: /opt/app/rproxy/config/auth/org.onap.aai.p12
165 subPath: org.onap.aai.p12
Ravi Geda375666c2018-09-30 21:14:41 +0100166 - name: {{ include "common.fullname" . }}-rproxy-security-config
167 mountPath: /opt/app/rproxy/config/security/keyfile
168 subPath: keyfile
169
170 ports:
171 - containerPort: {{ .Values.global.rproxy.port }}
172
173 - name: {{ .Values.global.fproxy.name }}
174 image: "{{ include "common.repository" . }}/{{ .Values.global.fproxy.image }}"
175 imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
176 env:
177 - name: CONFIG_HOME
178 value: "/opt/app/fproxy/config"
179 - name: KEY_STORE_PASSWORD
180 value: {{ .Values.config.keyStorePassword }}
Lee, Tian (tl5884)f988fcc2019-01-11 16:52:27 +0000181 - name: TRUST_STORE_PASSWORD
182 value: {{ .Values.config.trustStorePassword }}
Ravi Geda375666c2018-09-30 21:14:41 +0100183 - name: spring_profiles_active
184 value: {{ .Values.global.fproxy.activeSpringProfiles }}
185 volumeMounts:
186 - name: {{ include "common.fullname" . }}-fproxy-config
187 mountPath: /opt/app/fproxy/config/fproxy.properties
188 subPath: fproxy.properties
189 - name: {{ include "common.fullname" . }}-fproxy-log-config
190 mountPath: /opt/app/fproxy/config/logback-spring.xml
191 subPath: logback-spring.xml
Lee, Tian (tl5884)f988fcc2019-01-11 16:52:27 +0000192 - name: {{ include "common.fullname" . }}-fproxy-auth-certs
Ravi Geda375666c2018-09-30 21:14:41 +0100193 mountPath: /opt/app/fproxy/config/auth/tomcat_keystore
194 subPath: tomcat_keystore
Lee, Tian (tl5884)f988fcc2019-01-11 16:52:27 +0000195 - name: {{ include "common.fullname" . }}-fproxy-auth-certs
196 mountPath: /opt/app/fproxy/config/auth/fproxy_truststore
197 subPath: fproxy_truststore
198 - name: {{ include "common.fullname" . }}-fproxy-auth-certs
Ravi Geda375666c2018-09-30 21:14:41 +0100199 mountPath: /opt/app/fproxy/config/auth/client-cert.p12
200 subPath: client-cert.p12
201 ports:
202 - containerPort: {{ .Values.global.fproxy.port }}
203 {{ end }}
204
Gurjeet Bedi274c5792018-03-27 10:22:52 -0400205 volumes:
206 - name: localtime
207 hostPath:
208 path: /etc/localtime
Gurjeet Bedi274c5792018-03-27 10:22:52 -0400209 - name: {{ include "common.fullname" . }}-data-filebeat
210 emptyDir: {}
211 - name: filebeat-conf
212 configMap:
213 name: {{ include "common.fullname" . }}-filebeat-configmap
214 - name: {{ include "common.fullname" . }}-logs
215 emptyDir: {}
216 - name: {{ include "common.fullname" . }}-auth-secret
217 secret:
218 secretName: {{ include "common.fullname" . }}-auth
219 - name: {{ include "common.fullname" . }}-config
220 configMap:
221 name: {{ include "common.fullname" . }}-configmap
222 items:
223 - key: crud-api.properties
224 path: crud-api.properties
Ravi Gedaadb991a2018-11-29 11:23:46 +0000225 - key: schema-ingest.properties
226 path: schema-ingest.properties
227 - key: edgeprops-ingest.properties
228 path: edgeprops-ingest.properties
Gurjeet Bedi274c5792018-03-27 10:22:52 -0400229 - key: crud-beans.xml
230 path: crud-beans.xml
231 - name: {{ include "common.fullname" . }}-logback-config
232 configMap:
233 name: {{ include "common.fullname" . }}-log-configmap
234 items:
235 - key: logback.xml
236 path: logback.xml
237 - name: {{ include "common.fullname" . }}-model-config
238 configMap:
239 name: {{ include "common.fullname" . }}-model-configmap
Ravi Geda375666c2018-09-30 21:14:41 +0100240 {{ if .Values.global.installSidecarSecurity }}
241 - name: {{ include "common.fullname" . }}-rproxy-config
242 configMap:
243 name: {{ include "common.fullname" . }}-rproxy-config
244 - name: {{ include "common.fullname" . }}-rproxy-log-config
245 configMap:
246 name: {{ include "common.fullname" . }}-rproxy-log-config
bwong2160e43952019-03-14 17:15:58 +0000247 - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config
248 configMap:
249 name: {{ include "common.fullname" . }}-rproxy-uri-auth-config
Ravi Geda375666c2018-09-30 21:14:41 +0100250 - name: {{ include "common.fullname" . }}-rproxy-auth-config
251 secret:
252 secretName: {{ include "common.fullname" . }}-rproxy-auth-config
Lee, Tian (tl5884)f988fcc2019-01-11 16:52:27 +0000253 - name: {{ include "common.fullname" . }}-rproxy-auth-certs
254 secret:
255 secretName: aai-rproxy-auth-certs
Ravi Geda375666c2018-09-30 21:14:41 +0100256 - name: {{ include "common.fullname" . }}-rproxy-security-config
257 secret:
Lee, Tian (tl5884)f988fcc2019-01-11 16:52:27 +0000258 secretName: aai-rproxy-security-config
Ravi Geda375666c2018-09-30 21:14:41 +0100259 - name: {{ include "common.fullname" . }}-fproxy-config
260 configMap:
261 name: {{ include "common.fullname" . }}-fproxy-config
262 - name: {{ include "common.fullname" . }}-fproxy-log-config
263 configMap:
264 name: {{ include "common.fullname" . }}-fproxy-log-config
Lee, Tian (tl5884)f988fcc2019-01-11 16:52:27 +0000265 - name: {{ include "common.fullname" . }}-fproxy-auth-certs
Ravi Geda375666c2018-09-30 21:14:41 +0100266 secret:
Lee, Tian (tl5884)f988fcc2019-01-11 16:52:27 +0000267 secretName: aai-fproxy-auth-certs
Ravi Geda375666c2018-09-30 21:14:41 +0100268 {{ end }}
269
Gurjeet Bedi274c5792018-03-27 10:22:52 -0400270 imagePullSecrets:
kj8bc9a7c2018-03-28 18:10:32 +0300271 - name: "{{ include "common.namespace" . }}-docker-registry-key"