| {{/* |
| # Copyright © 2020 Samsung Electronics |
| # Copyright © 2017 Amdocs, Bell Canada |
| # |
| # Licensed under the Apache License, Version 2.0 (the "License"); |
| # you may not use this file except in compliance with the License. |
| # You may obtain a copy of the License at |
| # |
| # http://www.apache.org/licenses/LICENSE-2.0 |
| # |
| # Unless required by applicable law or agreed to in writing, software |
| # distributed under the License is distributed on an "AS IS" BASIS, |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| # See the License for the specific language governing permissions and |
| # limitations under the License. |
| */}} |
| |
| apiVersion: apps/v1 |
| kind: StatefulSet |
| metadata: {{- include "common.resourceMetadata" . | nindent 2 }} |
| spec: |
| selector: |
| matchLabels: |
| app: {{ include "common.name" . }} |
| serviceName: {{ include "common.servicename" . }}-cluster |
| replicas: {{ .Values.replicaCount }} |
| selector: {{- include "common.selectors" . | nindent 4 }} |
| podManagementPolicy: Parallel |
| template: |
| metadata: {{- include "common.templateMetadata" . | nindent 6 }} |
| spec: |
| initContainers: |
| - command: |
| - sh |
| args: |
| - -c |
| - "cd /config-input && for PFILE in `ls -1 .`; do envsubst <${PFILE} >/config/${PFILE}; done" |
| env: |
| - name: AAI_CLIENT_NAME |
| {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "aai-user-creds" "key" "login") | indent 10 }} |
| - name: AAI_CLIENT_PASSWORD |
| {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "aai-user-creds" "key" "password") | indent 10 }} |
| - name: MODELSERVICE_USER |
| {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "modeling-user-creds" "key" "login") | indent 10 }} |
| - name: MODELSERVICE_PASSWORD |
| {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "modeling-user-creds" "key" "password") | indent 10 }} |
| - name: RESTCONF_USER |
| {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restconf-creds" "key" "login") | indent 10 }} |
| - name: RESTCONF_PASSWORD |
| {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restconf-creds" "key" "password") | indent 10 }} |
| - name: ANSIBLE_USER |
| {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "ansible-creds" "key" "login") | indent 10 }} |
| - name: ANSIBLE_PASSWORD |
| {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "ansible-creds" "key" "password") | indent 10 }} |
| - name: SCALEOUT_USER |
| {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "scaleout-creds" "key" "login") | indent 10 }} |
| - name: SCALEOUT_PASSWORD |
| {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "scaleout-creds" "key" "password") | indent 10 }} |
| - name: NETBOX_APIKEY |
| {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "netbox-apikey" "key" "password") | indent 10 }} |
| - name: SDNC_DB_USER |
| {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 10 }} |
| - name: SDNC_DB_PASSWORD |
| {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 10 }} |
| volumeMounts: |
| - mountPath: /config-input |
| name: config-input |
| - mountPath: /config |
| name: properties |
| image: "{{ .Values.global.envsubstImage }}" |
| imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} |
| name: {{ include "common.name" . }}-update-config |
| {{ if .Values.dgbuilder.enabled -}} |
| - command: |
| - /app/ready.py |
| args: |
| {{ if or .Values.dgbuilder.enabled .Values.config.sdnr.enabled -}} |
| - --container-name |
| - {{ include "common.mariadbService" . }} |
| {{ end -}} |
| {{ if .Values.config.sdnr.enabled -}} |
| - --container-name |
| - {{ include "common.name" . }}-sdnrdb-init-job |
| {{ end -}} |
| env: |
| - name: NAMESPACE |
| valueFrom: |
| fieldRef: |
| apiVersion: v1 |
| fieldPath: metadata.namespace |
| image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}" |
| imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} |
| name: {{ include "common.name" . }}-readiness |
| {{ end -}} |
| {{ include "common.certInitializer.initContainer" . | indent 6 }} |
| |
| {{ if .Values.global.cmpv2Enabled }} |
| - name: certs-init |
| image: "{{ .Values.global.repository }}/{{ .Values.global.platform.certServiceClient.image }}" |
| imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} |
| env: |
| - name: REQUEST_URL |
| value: {{ .Values.global.platform.certServiceClient.envVariables.requestURL }} |
| - name: REQUEST_TIMEOUT |
| value: "30000" |
| - name: OUTPUT_PATH |
| value: {{ .Values.global.platform.certServiceClient.envVariables.cert_path }} |
| - name: CA_NAME |
| value: {{ .Values.global.platform.certServiceClient.envVariables.caName }} |
| - name: COMMON_NAME |
| value: {{ .Values.global.platform.certServiceClient.envVariables.common_name }} |
| - name: ORGANIZATION |
| value: {{ .Values.global.platform.certServiceClient.envVariables.cmpv2Organization }} |
| - name: ORGANIZATION_UNIT |
| value: {{ .Values.global.platform.certServiceClient.envVariables.cmpv2OrganizationalUnit }} |
| - name: LOCATION |
| value: {{ .Values.global.platform.certServiceClient.envVariables.cmpv2Location }} |
| - name: STATE |
| value: {{ .Values.global.platform.certServiceClient.envVariables.cmpv2State }} |
| - name: COUNTRY |
| value: {{ .Values.global.platform.certServiceClient.envVariables.cmpv2Country }} |
| - name: KEYSTORE_PATH |
| value: {{ .Values.global.platform.certServiceClient.envVariables.keystorePath }} |
| - name: KEYSTORE_PASSWORD |
| value: {{ .Values.global.platform.certServiceClient.envVariables.keystorePassword }} |
| - name: TRUSTSTORE_PATH |
| value: {{ .Values.global.platform.certServiceClient.envVariables.truststorePath }} |
| - name: TRUSTSTORE_PASSWORD |
| value: {{ .Values.global.platform.certServiceClient.envVariables.truststorePassword }} |
| terminationMessagePath: /dev/termination-log |
| terminationMessagePolicy: File |
| volumeMounts: |
| - mountPath: {{ .Values.global.platform.certServiceClient.envVariables.cert_path }} |
| name: certs |
| - mountPath: {{ .Values.global.platform.certServiceClient.secret.mountPath }} |
| name: certservice-tls-volume |
| {{ end }} |
| |
| - name: {{ include "common.name" . }}-chown |
| image: {{ .Values.global.busyboxRepository | default .Values.busyboxRepository }}/{{ .Values.global.busyboxImage | default .Values.busyboxImage }} |
| command: |
| - sh |
| args: |
| - -c |
| - chown -R {{ .Values.config.odlUid }}:{{ .Values.config.odlGid}} {{ .Values.persistence.mdsalPath }} |
| {{- if .Values.global.aafEnabled }} |
| - chown -R {{ .Values.config.odlUid }}:{{ .Values.config.odlGid}} {{ .Values.certInitializer.credsPath }} |
| {{- end }} |
| volumeMounts: |
| {{ include "common.certInitializer.volumeMount" . | indent 10 }} |
| - mountPath: {{ .Values.persistence.mdsalPath }} |
| name: {{ include "common.fullname" . }}-data |
| containers: |
| - name: {{ include "common.name" . }} |
| image: "{{ include "common.repository" . }}/{{ .Values.image }}" |
| imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} |
| {{- if not .Values.config.sdnr.enabled }} |
| command: ["/bin/bash"] |
| args: ["-c", "/opt/onap/sdnc/bin/startODL.sh"] |
| {{ else }} |
| command: ["/bin/bash"] |
| args: ["-c", "{{ .Values.config.binDir }}/startODL.oom.sh"] |
| {{ end }} |
| ports: |
| - containerPort: {{ .Values.service.internalPort }} |
| - containerPort: {{ .Values.service.internalPort2 }} |
| - containerPort: {{ .Values.service.internalPort3 }} |
| - containerPort: {{ .Values.service.clusterPort }} |
| readinessProbe: |
| tcpSocket: |
| port: {{ .Values.service.internalPort }} |
| initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} |
| periodSeconds: {{ .Values.readiness.periodSeconds }} |
| env: |
| - name: MYSQL_ROOT_PASSWORD |
| {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-root-password" "key" "password") | indent 12 }} |
| - name: ODL_ADMIN_USERNAME |
| {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "login") | indent 12 }} |
| - name: ODL_ADMIN_PASSWORD |
| {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "password") | indent 12 }} |
| - name: SDNC_DB_USER |
| {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 12 }} |
| - name: SDNC_DB_PASSWORD |
| {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 12 }} |
| - name: SDNC_CONFIG_DIR |
| value: "{{ .Values.config.configDir }}" |
| - name: ENABLE_ODL_CLUSTER |
| value: "{{ .Values.config.enableClustering }}" |
| - name: MY_ODL_CLUSTER |
| value: "{{ .Values.config.myODLCluster }}" |
| - name: PEER_ODL_CLUSTER |
| value: "{{ .Values.config.peerODLCluster }}" |
| - name: IS_PRIMARY_CLUSTER |
| value: "{{ .Values.config.isPrimaryCluster }}" |
| - name: GEO_ENABLED |
| value: "{{ .Values.config.geoEnabled}}" |
| - name: SDNC_AAF_ENABLED |
| value: "{{ .Values.global.aafEnabled}}" |
| - name: SDNC_REPLICAS |
| value: "{{ .Values.replicaCount }}" |
| - name: MYSQL_HOST |
| value: {{ include "common.mariadbService" . }} |
| - name: JAVA_HOME |
| value: "{{ .Values.config.javaHome}}" |
| - name: JAVA_OPTS |
| value: "-Xms{{.Values.config.odl.javaOptions.minMemory}} -Xmx{{.Values.config.odl.javaOptions.maxMemory}}" |
| - name: KARAF_CONSOLE_LOG_LEVEL |
| value: "{{ include "common.log.level" . }}" |
| - name: SDNRWT |
| value: "{{ .Values.config.sdnr.enabled | default "false"}}" |
| {{- if eq .Values.config.sdnr.mode "web" }} |
| - name: SDNRDM |
| value: "true" |
| {{- end }} |
| - name: SDNRONLY |
| value: "{{ .Values.config.sdnr.sdnronly | default "false" }}" |
| - name: SDNRDBURL |
| {{- $prefix := ternary "https" "http" .Values.global.aafEnabled}} |
| value: "{{$prefix}}://{{ .Values.elasticsearch.service.name | default "sdnrdb"}}.{{.Release.Namespace}}:{{.Values.elasticsearch.service.port | default "9200"}}" |
| {{- if .Values.config.sdnr.sdnrdbTrustAllCerts }} |
| - name: SDNRDBTRUSTALLCERTS |
| value: "true" |
| {{ end }} |
| |
| volumeMounts: |
| {{ include "common.certInitializer.volumeMount" . | indent 10 }} |
| - mountPath: /etc/localtime |
| name: localtime |
| readOnly: true |
| - mountPath: /opt/opendaylight/current/etc/org.ops4j.pax.logging.cfg |
| name: sdnc-logging-cfg-config |
| subPath: org.ops4j.pax.logging.cfg |
| - mountPath: {{ .Values.config.binDir }}/startODL.sh |
| name: bin |
| subPath: startODL.sh |
| - mountPath: {{ .Values.config.binDir }}/startODL.oom.sh |
| name: bin |
| subPath: startODL.oom.sh |
| - mountPath: {{ .Values.config.binDir }}/installSdncDb.sh |
| name: bin |
| subPath: installSdncDb.sh |
| - mountPath: {{ .Values.config.ccsdkConfigDir }}/aaiclient.properties |
| name: properties |
| subPath: aaiclient.properties |
| - mountPath: {{ .Values.config.configDir }}/aaiclient.properties |
| name: properties |
| subPath: aaiclient.properties |
| - mountPath: {{ .Values.config.configDir }}/dblib.properties |
| name: properties |
| subPath: dblib.properties |
| - mountPath: {{ .Values.config.configDir }}/lcm-dg.properties |
| name: properties |
| subPath: lcm-dg.properties |
| - mountPath: {{ .Values.config.configDir }}/svclogic.properties |
| name: properties |
| subPath: svclogic.properties |
| - mountPath: /opt/onap/sdnc/svclogic/config/svclogic.properties |
| name: properties |
| subPath: svclogic.properties |
| - mountPath: {{ .Values.config.configDir }}/netbox.properties |
| name: properties |
| subPath: netbox.properties |
| - mountPath: {{ .Values.config.configDir }}/blueprints-processor-adaptor.properties |
| name: properties |
| subPath: blueprints-processor-adaptor.properties |
| - mountPath: {{ .Values.persistence.mdsalPath }} |
| name: {{ include "common.fullname" . }}-data |
| - mountPath: /var/log/onap |
| name: logs |
| - mountPath: {{ .Values.config.odl.salConfigDir }}/{{ .Values.config.odl.salConfigVersion}}/sal-clustering-config-{{ .Values.config.odl.salConfigVersion}}-akkaconf.xml |
| name: properties |
| subPath: akka.conf |
| - mountPath: {{ .Values.config.odl.etcDir }}/org.opendaylight.controller.cluster.datastore.cfg |
| name: properties |
| subPath: org.opendaylight.controller.cluster.datastore.cfg |
| - mountPath: {{ .Values.config.odl.binDir }}/setenv |
| name: properties |
| subPath: setenv |
| - mountPath: {{ .Values.config.odl.etcDir }}/mountpoint-registrar.properties |
| name: properties |
| subPath: mountpoint-registrar.properties |
| - mountPath: {{ .Values.config.odl.etcDir }}/mountpoint-state-provider.properties |
| name: properties |
| subPath: mountpoint-state-provider.properties |
| - mountPath: {{ .Values.global.platform.certServiceClient.envVariables.cert_path }} |
| name: certs |
| resources: |
| {{ include "common.resources" . | indent 12 }} |
| {{- if .Values.nodeSelector }} |
| nodeSelector: |
| {{ toYaml .Values.nodeSelector | indent 10 }} |
| {{- end -}} |
| {{- if .Values.affinity }} |
| affinity: |
| {{ toYaml .Values.affinity | indent 10 }} |
| {{- end }} |
| |
| # side car containers |
| - name: filebeat-onap |
| image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" |
| imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} |
| volumeMounts: |
| - mountPath: /usr/share/filebeat/filebeat.yml |
| name: filebeat-conf |
| subPath: filebeat.yml |
| - mountPath: /var/log/onap |
| name: logs |
| - mountPath: /usr/share/filebeat/data |
| name: data-filebeat |
| imagePullSecrets: |
| - name: "{{ include "common.namespace" . }}-docker-registry-key" |
| volumes: |
| - name: localtime |
| hostPath: |
| path: /etc/localtime |
| - name: logs |
| emptyDir: {} |
| - name: data-filebeat |
| emptyDir: {} |
| - name: filebeat-conf |
| configMap: |
| name: {{ include "common.fullname" . }}-filebeat-configmap |
| - name: sdnc-logging-cfg-config |
| configMap: |
| name: {{ include "common.fullname" . }}-log-configmap |
| - name: bin |
| configMap: |
| name: {{ include "common.fullname" . }}-bin |
| defaultMode: 0755 |
| - name: config-input |
| configMap: |
| name: {{ include "common.fullname" . }}-properties |
| defaultMode: 0644 |
| - name: properties |
| emptyDir: |
| medium: Memory |
| - name: certs |
| emptyDir: |
| medium: Memory |
| - name: certservice-tls-volume |
| secret: |
| secretName: {{ .Values.global.platform.certServiceClient.secret.name }} |
| {{ if not .Values.persistence.enabled }} |
| - name: {{ include "common.fullname" . }}-data |
| emptyDir: {} |
| {{ else }} |
| {{ include "common.certInitializer.volumes" . | nindent 8 }} |
| volumeClaimTemplates: |
| - metadata: |
| name: {{ include "common.fullname" . }}-data |
| labels: |
| name: {{ include "common.fullname" . }} |
| chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" |
| release: "{{ include "common.release" . }}" |
| heritage: "{{ .Release.Service }}" |
| spec: |
| accessModes: |
| - {{ .Values.persistence.accessMode }} |
| storageClassName: {{ include "common.storageClass" . }} |
| resources: |
| requests: |
| storage: {{ .Values.persistence.size }} |
| {{- end }} |