blob: 631cb7cba820bdc94e408f21430e795686702b74 [file] [log] [blame]
{{/*
# Copyright © 2018 Orange
# Modifications Copyright © 2018 Amdocs, Bell Canada
# Modifications Copyright © 2020 Nokia
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
*/}}
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "common.fullname" . }}
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
release: {{ include "common.release" . }}
heritage: {{ .Release.Service }}
spec:
selector:
matchLabels:
app: {{ include "common.name" . }}
replicas: {{ .Values.replicaCount }}
template:
metadata:
labels:
app: {{ include "common.name" . }}
release: {{ include "common.release" . }}
name: {{ include "common.fullname" . }}
spec:
{{- if .Values.global.aafEnabled }}
initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }}
{{- end }}
containers:
- name: {{ include "common.name" . }}
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
ports:
- containerPort: {{ .Values.service.internalPort }}
# disable liveness probe when breakpoints set in debugger
# so K8s doesn't restart unresponsive container
{{- if .Values.global.aafEnabled }}
command:
- bash
args:
- -c
- |
export $(grep '^c' {{ .Values.certInitializer.credsPath }}/mycreds.prop | xargs -0)
export JAVA_OPTS="-Djavax.net.ssl.trustStorePassword=$cadi_truststore_password \
-Dserver.ssl.key-store={{ .Values.certInitializer.credsPath }}/org.onap.nbi.p12 \
-Dserver.ssl.key-store-type=PKCS12 \
-Djavax.net.ssl.trustStore={{ .Values.certInitializer.credsPath }}/org.onap.nbi.trust.jks \
-Dserver.ssl.key-store-password=$cadi_keystore_password_p12 \
-Djavax.net.ssl.trustStoreType=jks\
-Djava.security.egd=file:/dev/./urandom -Dserver.port=8443"
exec java -XX:+UseContainerSupport $JAVA_OPTS -jar /opt/onap/app.jar
{{- end }}
{{ if .Values.liveness.enabled }}
livenessProbe:
httpGet:
port: {{ .Values.liveness.port }}
path: {{ .Values.liveness.path }}
scheme: HTTPS
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
{{ end }}
readinessProbe:
httpGet:
port: {{ .Values.readiness.port }}
path: {{ .Values.readiness.path }}
scheme: HTTPS
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
env:
- name: SPRING_DATASOURCE_URL
value: jdbc:mariadb://{{ include "common.mariadbService" . }}:{{ include "common.mariadbPort" . }}/{{ index .Values "mariadb-galera" "config" "mysqlDatabase" }}
- name: SPRING_DATASOURCE_USERNAME
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "nbi-db-secret" "key" "login") | indent 14 }}
- name: SPRING_DATASOURCE_PASSWORD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "nbi-db-secret" "key" "password") | indent 14 }}
- name: SPRING_DATA_MONGODB_HOST
value: {{ .Values.mongo.service.name }}.{{ include "common.namespace" . }}
- name: SPRING_DATA_MONGODB_PORT
value: "{{ .Values.mongo.service.internalPort }}"
- name: SPRING_DATA_MONGODB_DATABASE
value: {{ .Values.mongo.config.dbName }}
- name: ONAP_LCPCLOUDREGIONID
value: {{ .Values.config.openStackRegion }}
- name: ONAP_TENANTID
value: {{ .Values.config.openStackVNFTenantId | quote }}
- name: ONAP_CLOUDOWNER
value: {{ .Values.config.cloudOwner }}
- name: NBI_URL
value: "https://nbi.{{ include "common.namespace" . }}:8443/nbi/api/v4"
- name: SDC_HOST
value: "https://sdc-be.{{ include "common.namespace" . }}:8443"
- name: SDC_HEADER_ECOMPINSTANCEID
value: {{ .Values.config.ecompInstanceId }}
- name: SDC_HEADER_AUTHORIZATION
value: {{ .Values.sdc_authorization }}
- name: AAI_HOST
value: "https://aai.{{ include "common.namespace" . }}:8443"
- name: AAI_HEADER_AUTHORIZATION
value: {{ .Values.aai_authorization }}
- name: SO_HOST
value: http://so.{{ include "common.namespace" . }}:8080
{{- if .Values.so_authorization }}
- name: SO_HEADER_AUTHORIZATION
value: {{ .Values.so_authorization }}
{{- end }}
- name: DMAAP_HOST
value: "https://message-router.{{ include "common.namespace" . }}:3905"
- name: LOGGING_LEVEL_ORG_ONAP_NBI
value: {{ .Values.config.loglevel }}
- name: MSB_ENABLED
value: "true"
- name: MSB_DISCOVERY_HOST
value: "msb-discovery.{{ include "common.namespace" . }}"
- name: MSB_DISCOVERY_PORT
value: "10081"
volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 12 }}
- mountPath: /etc/localtime
name: localtime
readOnly: true
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
nodeSelector:
{{ toYaml .Values.nodeSelector | indent 10 }}
{{- end -}}
{{- if .Values.affinity }}
affinity:
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
# side car containers
# - name: filebeat-onap
# image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}"
# imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
# volumeMounts:
# - mountPath: /usr/share/filebeat/filebeat.yml
# name: filebeat-conf
# subPath: filebeat.yml
# - mountPath: /home/esr/works/logs
# name: esr-server-logs
# - mountPath: /usr/share/filebeat/data
# name: esr-server-filebeat
volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }}
- name: localtime
hostPath:
path: /etc/localtime
# - name: filebeat-conf
# configMap:
# name: {{ include "common.fullname" . }}-esr-filebeat
# - name: esr-server-logs
# emptyDir: {}
# - name: esr-server-filebeat
# emptyDir: {}
# - name: esrserver-log
# configMap:
# name: {{ include "common.fullname" . }}-esr-esrserver-log
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"