blob: 8eec50e9ab0828290780d860a0084fd51d10a472 [file] [log] [blame]
{{/*
# Copyright © 2020 Samsung Electronics
# Copyright © 2017 Amdocs, Bell Canada
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
*/}}
apiVersion: apps/v1
kind: StatefulSet
metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
spec:
selector:
matchLabels:
app: {{ include "common.name" . }}
serviceName: {{ include "common.servicename" . }}-cluster
replicas: {{ .Values.replicaCount }}
selector: {{- include "common.selectors" . | nindent 4 }}
podManagementPolicy: Parallel
template:
metadata: {{- include "common.templateMetadata" . | nindent 6 }}
spec:
initContainers:
- command:
- sh
args:
- -c
- "cd /config-input && for PFILE in `ls -1 .`; do envsubst <${PFILE} >/config/${PFILE}; done"
env:
- name: AAI_CLIENT_NAME
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "aai-user-creds" "key" "login") | indent 10 }}
- name: AAI_CLIENT_PASSWORD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "aai-user-creds" "key" "password") | indent 10 }}
- name: MODELSERVICE_USER
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "modeling-user-creds" "key" "login") | indent 10 }}
- name: MODELSERVICE_PASSWORD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "modeling-user-creds" "key" "password") | indent 10 }}
- name: RESTCONF_USER
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restconf-creds" "key" "login") | indent 10 }}
- name: RESTCONF_PASSWORD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restconf-creds" "key" "password") | indent 10 }}
- name: ANSIBLE_USER
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "ansible-creds" "key" "login") | indent 10 }}
- name: ANSIBLE_PASSWORD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "ansible-creds" "key" "password") | indent 10 }}
- name: SCALEOUT_USER
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "scaleout-creds" "key" "login") | indent 10 }}
- name: SCALEOUT_PASSWORD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "scaleout-creds" "key" "password") | indent 10 }}
- name: NETBOX_APIKEY
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "netbox-apikey" "key" "password") | indent 10 }}
- name: SDNC_DB_USER
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 10 }}
- name: SDNC_DB_PASSWORD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 10 }}
volumeMounts:
- mountPath: /config-input
name: config-input
- mountPath: /config
name: properties
image: "{{ .Values.global.envsubstImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
name: {{ include "common.name" . }}-update-config
{{ if .Values.dgbuilder.enabled -}}
- command:
- /app/ready.py
args:
{{ if or .Values.dgbuilder.enabled .Values.config.sdnr.enabled -}}
- --container-name
- {{ include "common.mariadbService" . }}
{{ end -}}
{{ if .Values.config.sdnr.enabled -}}
- --container-name
- {{ include "common.name" . }}-sdnrdb-init-job
{{ end -}}
env:
- name: NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
name: {{ include "common.name" . }}-readiness
{{ end -}}
{{ include "common.certInitializer.initContainer" . | indent 6 }}
{{ if .Values.global.cmpv2Enabled }}
- name: certs-init
image: "{{ .Values.global.repository }}/{{ .Values.global.platform.certServiceClient.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
env:
- name: REQUEST_URL
value: {{ .Values.global.platform.certServiceClient.envVariables.requestURL }}
- name: REQUEST_TIMEOUT
value: "30000"
- name: OUTPUT_PATH
value: {{ .Values.global.platform.certServiceClient.envVariables.cert_path }}
- name: CA_NAME
value: {{ .Values.global.platform.certServiceClient.envVariables.caName }}
- name: COMMON_NAME
value: {{ .Values.global.platform.certServiceClient.envVariables.common_name }}
- name: ORGANIZATION
value: {{ .Values.global.platform.certServiceClient.envVariables.cmpv2Organization }}
- name: ORGANIZATION_UNIT
value: {{ .Values.global.platform.certServiceClient.envVariables.cmpv2OrganizationalUnit }}
- name: LOCATION
value: {{ .Values.global.platform.certServiceClient.envVariables.cmpv2Location }}
- name: STATE
value: {{ .Values.global.platform.certServiceClient.envVariables.cmpv2State }}
- name: COUNTRY
value: {{ .Values.global.platform.certServiceClient.envVariables.cmpv2Country }}
- name: KEYSTORE_PATH
value: {{ .Values.global.platform.certServiceClient.envVariables.keystorePath }}
- name: KEYSTORE_PASSWORD
value: {{ .Values.global.platform.certServiceClient.envVariables.keystorePassword }}
- name: TRUSTSTORE_PATH
value: {{ .Values.global.platform.certServiceClient.envVariables.truststorePath }}
- name: TRUSTSTORE_PASSWORD
value: {{ .Values.global.platform.certServiceClient.envVariables.truststorePassword }}
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: {{ .Values.global.platform.certServiceClient.envVariables.cert_path }}
name: certs
- mountPath: {{ .Values.global.platform.certServiceClient.secret.mountPath }}
name: certservice-tls-volume
{{ end }}
- name: {{ include "common.name" . }}-chown
image: {{ .Values.global.busyboxRepository | default .Values.busyboxRepository }}/{{ .Values.global.busyboxImage | default .Values.busyboxImage }}
command:
- sh
args:
- -c
- chown -R {{ .Values.config.odlUid }}:{{ .Values.config.odlGid}} {{ .Values.persistence.mdsalPath }}
{{- if .Values.global.aafEnabled }}
- chown -R {{ .Values.config.odlUid }}:{{ .Values.config.odlGid}} {{ .Values.certInitializer.credsPath }}
{{- end }}
volumeMounts:
{{ include "common.certInitializer.volumeMount" . | indent 10 }}
- mountPath: {{ .Values.persistence.mdsalPath }}
name: {{ include "common.fullname" . }}-data
containers:
- name: {{ include "common.name" . }}
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
{{- if not .Values.config.sdnr.enabled }}
command: ["/bin/bash"]
args: ["-c", "/opt/onap/sdnc/bin/startODL.sh"]
{{ else }}
command: ["/bin/bash"]
args: ["-c", "{{ .Values.config.binDir }}/startODL.oom.sh"]
{{ end }}
ports:
- containerPort: {{ .Values.service.internalPort }}
- containerPort: {{ .Values.service.internalPort2 }}
- containerPort: {{ .Values.service.internalPort3 }}
- containerPort: {{ .Values.service.clusterPort }}
readinessProbe:
tcpSocket:
port: {{ .Values.service.internalPort }}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
env:
- name: MYSQL_ROOT_PASSWORD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-root-password" "key" "password") | indent 12 }}
- name: ODL_ADMIN_USERNAME
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "login") | indent 12 }}
- name: ODL_ADMIN_PASSWORD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "password") | indent 12 }}
- name: SDNC_DB_USER
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 12 }}
- name: SDNC_DB_PASSWORD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 12 }}
- name: SDNC_CONFIG_DIR
value: "{{ .Values.config.configDir }}"
- name: ENABLE_ODL_CLUSTER
value: "{{ .Values.config.enableClustering }}"
- name: MY_ODL_CLUSTER
value: "{{ .Values.config.myODLCluster }}"
- name: PEER_ODL_CLUSTER
value: "{{ .Values.config.peerODLCluster }}"
- name: IS_PRIMARY_CLUSTER
value: "{{ .Values.config.isPrimaryCluster }}"
- name: GEO_ENABLED
value: "{{ .Values.config.geoEnabled}}"
- name: SDNC_AAF_ENABLED
value: "{{ .Values.global.aafEnabled}}"
- name: SDNC_REPLICAS
value: "{{ .Values.replicaCount }}"
- name: MYSQL_HOST
value: {{ include "common.mariadbService" . }}
- name: JAVA_HOME
value: "{{ .Values.config.javaHome}}"
- name: JAVA_OPTS
value: "-Xms{{.Values.config.odl.javaOptions.minMemory}} -Xmx{{.Values.config.odl.javaOptions.maxMemory}}"
- name: KARAF_CONSOLE_LOG_LEVEL
value: "{{ include "common.log.level" . }}"
- name: SDNRWT
value: "{{ .Values.config.sdnr.enabled | default "false"}}"
{{- if eq .Values.config.sdnr.mode "web" }}
- name: SDNRDM
value: "true"
{{- end }}
- name: SDNRONLY
value: "{{ .Values.config.sdnr.sdnronly | default "false" }}"
- name: SDNRDBURL
{{- $prefix := ternary "https" "http" .Values.global.aafEnabled}}
value: "{{$prefix}}://{{ .Values.elasticsearch.service.name | default "sdnrdb"}}.{{.Release.Namespace}}:{{.Values.elasticsearch.service.port | default "9200"}}"
{{- if .Values.config.sdnr.sdnrdbTrustAllCerts }}
- name: SDNRDBTRUSTALLCERTS
value: "true"
{{ end }}
volumeMounts:
{{ include "common.certInitializer.volumeMount" . | indent 10 }}
- mountPath: /etc/localtime
name: localtime
readOnly: true
- mountPath: /opt/opendaylight/current/etc/org.ops4j.pax.logging.cfg
name: sdnc-logging-cfg-config
subPath: org.ops4j.pax.logging.cfg
- mountPath: {{ .Values.config.binDir }}/startODL.sh
name: bin
subPath: startODL.sh
- mountPath: {{ .Values.config.binDir }}/startODL.oom.sh
name: bin
subPath: startODL.oom.sh
- mountPath: {{ .Values.config.binDir }}/installSdncDb.sh
name: bin
subPath: installSdncDb.sh
- mountPath: {{ .Values.config.ccsdkConfigDir }}/aaiclient.properties
name: properties
subPath: aaiclient.properties
- mountPath: {{ .Values.config.configDir }}/aaiclient.properties
name: properties
subPath: aaiclient.properties
- mountPath: {{ .Values.config.configDir }}/dblib.properties
name: properties
subPath: dblib.properties
- mountPath: {{ .Values.config.configDir }}/lcm-dg.properties
name: properties
subPath: lcm-dg.properties
- mountPath: {{ .Values.config.configDir }}/svclogic.properties
name: properties
subPath: svclogic.properties
- mountPath: /opt/onap/sdnc/svclogic/config/svclogic.properties
name: properties
subPath: svclogic.properties
- mountPath: {{ .Values.config.configDir }}/netbox.properties
name: properties
subPath: netbox.properties
- mountPath: {{ .Values.config.configDir }}/blueprints-processor-adaptor.properties
name: properties
subPath: blueprints-processor-adaptor.properties
- mountPath: {{ .Values.persistence.mdsalPath }}
name: {{ include "common.fullname" . }}-data
- mountPath: /var/log/onap
name: logs
- mountPath: {{ .Values.config.odl.salConfigDir }}/{{ .Values.config.odl.salConfigVersion}}/sal-clustering-config-{{ .Values.config.odl.salConfigVersion}}-akkaconf.xml
name: properties
subPath: akka.conf
- mountPath: {{ .Values.config.odl.etcDir }}/org.opendaylight.controller.cluster.datastore.cfg
name: properties
subPath: org.opendaylight.controller.cluster.datastore.cfg
- mountPath: {{ .Values.config.odl.binDir }}/setenv
name: properties
subPath: setenv
- mountPath: {{ .Values.config.odl.etcDir }}/mountpoint-registrar.properties
name: properties
subPath: mountpoint-registrar.properties
- mountPath: {{ .Values.config.odl.etcDir }}/mountpoint-state-provider.properties
name: properties
subPath: mountpoint-state-provider.properties
- mountPath: {{ .Values.global.platform.certServiceClient.envVariables.cert_path }}
name: certs
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
nodeSelector:
{{ toYaml .Values.nodeSelector | indent 10 }}
{{- end -}}
{{- if .Values.affinity }}
affinity:
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
# side car containers
- name: filebeat-onap
image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
volumeMounts:
- mountPath: /usr/share/filebeat/filebeat.yml
name: filebeat-conf
subPath: filebeat.yml
- mountPath: /var/log/onap
name: logs
- mountPath: /usr/share/filebeat/data
name: data-filebeat
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
volumes:
- name: localtime
hostPath:
path: /etc/localtime
- name: logs
emptyDir: {}
- name: data-filebeat
emptyDir: {}
- name: filebeat-conf
configMap:
name: {{ include "common.fullname" . }}-filebeat-configmap
- name: sdnc-logging-cfg-config
configMap:
name: {{ include "common.fullname" . }}-log-configmap
- name: bin
configMap:
name: {{ include "common.fullname" . }}-bin
defaultMode: 0755
- name: config-input
configMap:
name: {{ include "common.fullname" . }}-properties
defaultMode: 0644
- name: properties
emptyDir:
medium: Memory
- name: certs
emptyDir:
medium: Memory
- name: certservice-tls-volume
secret:
secretName: {{ .Values.global.platform.certServiceClient.secret.name }}
{{ if not .Values.persistence.enabled }}
- name: {{ include "common.fullname" . }}-data
emptyDir: {}
{{ else }}
{{ include "common.certInitializer.volumes" . | nindent 8 }}
volumeClaimTemplates:
- metadata:
name: {{ include "common.fullname" . }}-data
labels:
name: {{ include "common.fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
release: "{{ include "common.release" . }}"
heritage: "{{ .Release.Service }}"
spec:
accessModes:
- {{ .Values.persistence.accessMode }}
storageClassName: {{ include "common.storageClass" . }}
resources:
requests:
storage: {{ .Values.persistence.size }}
{{- end }}