[DMAAP] Update chart with service account
Add service account to requirements.yaml, values.yaml and deployment/statefulset
Issue-ID: OOM-2702
Signed-off-by: farida azmy <farida.azmy.ext@orange.com>
Co-authored-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: Id63ae33ce92a5192d43ff0f782487b3974fc5f41
diff --git a/kubernetes/dmaap/components/dmaap-bc/requirements.yaml b/kubernetes/dmaap/components/dmaap-bc/requirements.yaml
index 95f8416..7c26bb8 100644
--- a/kubernetes/dmaap/components/dmaap-bc/requirements.yaml
+++ b/kubernetes/dmaap/components/dmaap-bc/requirements.yaml
@@ -26,3 +26,6 @@
- name: repositoryGenerator
version: ~8.x-0
repository: '@local'
+ - name: serviceAccount
+ version: ~8.x-0
+ repository: '@local'
diff --git a/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml b/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml
index eaad403..a0b6fda 100644
--- a/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml
+++ b/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml
@@ -114,6 +114,7 @@
{{- if .Values.affinity }}
affinity: {{ toYaml .Values.affinity | nindent 10 }}
{{- end }}
+ serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }}
- name: localtime
hostPath:
diff --git a/kubernetes/dmaap/components/dmaap-bc/values.yaml b/kubernetes/dmaap/components/dmaap-bc/values.yaml
index 65242b4..a3d42d2 100644
--- a/kubernetes/dmaap/components/dmaap-bc/values.yaml
+++ b/kubernetes/dmaap/components/dmaap-bc/values.yaml
@@ -163,3 +163,9 @@
cpu: 2
memory: 2Gi
unlimited: {}
+
+#Pods Service Account
+serviceAccount:
+ nameOverride: dmaap-bc
+ roles:
+ - read
diff --git a/kubernetes/dmaap/components/dmaap-dr-node/requirements.yaml b/kubernetes/dmaap/components/dmaap-dr-node/requirements.yaml
index d96058d..97ba957 100644
--- a/kubernetes/dmaap/components/dmaap-dr-node/requirements.yaml
+++ b/kubernetes/dmaap/components/dmaap-dr-node/requirements.yaml
@@ -25,3 +25,6 @@
- name: repositoryGenerator
version: ~8.x-0
repository: '@local'
+ - name: serviceAccount
+ version: ~8.x-0
+ repository: '@local'
diff --git a/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml b/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml
index 40a4d7d..dfb435c 100644
--- a/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml
+++ b/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml
@@ -102,6 +102,7 @@
mountPath: /var/log/onap/datarouter-node
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
+ serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes: {{ include "common.aaf-config-volumes" . | nindent 8 }}
- name: localtime
hostPath:
diff --git a/kubernetes/dmaap/components/dmaap-dr-node/values.yaml b/kubernetes/dmaap/components/dmaap-dr-node/values.yaml
index 1d55a13..ee231a0 100644
--- a/kubernetes/dmaap/components/dmaap-dr-node/values.yaml
+++ b/kubernetes/dmaap/components/dmaap-dr-node/values.yaml
@@ -154,3 +154,9 @@
# dr uses the EELF Logging framework https://github.com/att/EELF
# and supports the following log levels: TRACE, DEBUG, INFO, WARN, ERROR, OFF
logLevel: "INFO"
+
+#Pods Service Account
+serviceAccount:
+ nameOverride: dmaap-dr-node
+ roles:
+ - read
diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/requirements.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/requirements.yaml
index ed03e05..65867f5 100644
--- a/kubernetes/dmaap/components/dmaap-dr-prov/requirements.yaml
+++ b/kubernetes/dmaap/components/dmaap-dr-prov/requirements.yaml
@@ -32,3 +32,6 @@
- name: repositoryGenerator
version: ~8.x-0
repository: '@local'
+ - name: serviceAccount
+ version: ~8.x-0
+ repository: '@local'
diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml
index 5c94116..6167896 100644
--- a/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml
+++ b/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml
@@ -118,6 +118,7 @@
mountPath: /usr/share/filebeat/data
- name: {{ include "common.fullname" . }}-logs
mountPath: /var/log/onap/datarouter-prov
+ serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }}
- name: localtime
hostPath:
diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml
index a82eef8..7564ccf 100644
--- a/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml
+++ b/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml
@@ -154,3 +154,9 @@
cpu: 1000m
memory: 2Gi
unlimited: {}
+
+#Pods Service Account
+serviceAccount:
+ nameOverride: dmaap-dr-prov
+ roles:
+ - read
diff --git a/kubernetes/dmaap/components/message-router/components/message-router-kafka/requirements.yaml b/kubernetes/dmaap/components/message-router/components/message-router-kafka/requirements.yaml
index 68c3169..c212f38 100644
--- a/kubernetes/dmaap/components/message-router/components/message-router-kafka/requirements.yaml
+++ b/kubernetes/dmaap/components/message-router/components/message-router-kafka/requirements.yaml
@@ -26,3 +26,6 @@
- name: repositoryGenerator
version: ~8.x-0
repository: '@local'
+ - name: serviceAccount
+ version: ~8.x-0
+ repository: '@local'
diff --git a/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/statefulset.yaml
index 48a2eb1..7cedbf8 100644
--- a/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/statefulset.yaml
+++ b/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/statefulset.yaml
@@ -220,6 +220,7 @@
tolerations:
{{ toYaml .Values.tolerations | indent 10 }}
{{- end }}
+ serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }}
- name: localtime
hostPath:
diff --git a/kubernetes/dmaap/components/message-router/components/message-router-kafka/values.yaml b/kubernetes/dmaap/components/message-router/components/message-router-kafka/values.yaml
index 04d7cee..5732c5d 100644
--- a/kubernetes/dmaap/components/message-router/components/message-router-kafka/values.yaml
+++ b/kubernetes/dmaap/components/message-router/components/message-router-kafka/values.yaml
@@ -219,3 +219,9 @@
cpu: 1000m
memory: 2Gi
unlimited: {}
+
+#Pods Service Account
+serviceAccount:
+ nameOverride: message-router-kafka
+ roles:
+ - read
diff --git a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/requirements.yaml b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/requirements.yaml
index 343812d..20cc48f 100644
--- a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/requirements.yaml
+++ b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/requirements.yaml
@@ -23,3 +23,6 @@
- name: repositoryGenerator
version: ~8.x-0
repository: '@local'
+ - name: serviceAccount
+ version: ~8.x-0
+ repository: '@local'
diff --git a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/statefulset.yaml
index 5ea5bc5..f5473ec 100644
--- a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/statefulset.yaml
+++ b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/statefulset.yaml
@@ -187,6 +187,7 @@
tolerations:
{{ toYaml .Values.tolerations | indent 10 }}
{{- end }}
+ serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes:
- name: localtime
hostPath:
diff --git a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/values.yaml b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/values.yaml
index 64c29db..6863acc 100644
--- a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/values.yaml
+++ b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/values.yaml
@@ -151,3 +151,9 @@
cpu: 1000m
memory: 2Gi
unlimited: {}
+
+#Pods Service Account
+serviceAccount:
+ nameOverride: message-router-zookeeper
+ roles:
+ - read
diff --git a/kubernetes/dmaap/components/message-router/requirements.yaml b/kubernetes/dmaap/components/message-router/requirements.yaml
index 5adbb62..00d1454 100644
--- a/kubernetes/dmaap/components/message-router/requirements.yaml
+++ b/kubernetes/dmaap/components/message-router/requirements.yaml
@@ -33,3 +33,6 @@
- name: message-router-zookeeper
version: ~8.x-0
repository: 'file://components/message-router-zookeeper'
+ - name: serviceAccount
+ version: ~8.x-0
+ repository: '@local'
diff --git a/kubernetes/dmaap/components/message-router/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/templates/statefulset.yaml
index c0d32a3..9bad341 100644
--- a/kubernetes/dmaap/components/message-router/templates/statefulset.yaml
+++ b/kubernetes/dmaap/components/message-router/templates/statefulset.yaml
@@ -137,6 +137,7 @@
name: jetty
{{- end }}
resources: {{ include "common.resources" . | nindent 12 }}
+ serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }}
- name: localtime
hostPath:
diff --git a/kubernetes/dmaap/components/message-router/values.yaml b/kubernetes/dmaap/components/message-router/values.yaml
index d0b162b..7028bb1 100644
--- a/kubernetes/dmaap/components/message-router/values.yaml
+++ b/kubernetes/dmaap/components/message-router/values.yaml
@@ -153,3 +153,9 @@
cpu: 1000m
memory: 2Gi
unlimited: {}
+
+#Pods Service Account
+serviceAccount:
+ nameOverride: message-router
+ roles:
+ - read
diff --git a/kubernetes/dmaap/requirements.yaml b/kubernetes/dmaap/requirements.yaml
index d622734..268ff70 100644
--- a/kubernetes/dmaap/requirements.yaml
+++ b/kubernetes/dmaap/requirements.yaml
@@ -33,3 +33,6 @@
version: ~8.x-0
repository: 'file://components/dmaap-dr-prov'
condition: dmaap-dr-prov.enabled
+ - name: serviceAccount
+ version: ~8.x-0
+ repository: '@local'
\ No newline at end of file
diff --git a/kubernetes/dmaap/values.yaml b/kubernetes/dmaap/values.yaml
index c1ba754..b7f0735 100644
--- a/kubernetes/dmaap/values.yaml
+++ b/kubernetes/dmaap/values.yaml
@@ -54,3 +54,9 @@
enabled: true
dmaap-dr-prov:
enabled: true
+
+#Pods Service Account
+serviceAccount:
+ nameOverride: dmaap
+ roles:
+ - read