Gitiles
Code Review Sign In
gerrit.nordix.org / onap / oom / 47eb4d2c38499bd60cdfb01010319ed5bf4ac45f / . / kubernetes / aai / components / aai-babel / templates / deployment.yaml
blob: e75815ecb6d227763735fcb6a8740b405f5c6711 [file] [log] [blame]
Sylvain Desbureaux47eb4d22020-12-10 12:15:27 +0100[diff] [blame^]1{{/*
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100[diff] [blame]2# Copyright © 2018 Amdocs, AT&T
3# Modifications Copyright © 2018 Bell Canada
Sylvain Desbureaux5b651322020-12-07 15:34:15 +0100[diff] [blame]4# Modifications Copyright © 2020 Orange
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100[diff] [blame]5#
6# Licensed under the Apache License, Version 2.0 (the "License");
7# you may not use this file except in compliance with the License.
8# You may obtain a copy of the License at
9#
10# http://www.apache.org/licenses/LICENSE-2.0
11#
12# Unless required by applicable law or agreed to in writing, software
13# distributed under the License is distributed on an "AS IS" BASIS,
14# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15# See the License for the specific language governing permissions and
16# limitations under the License.
Sylvain Desbureaux47eb4d22020-12-10 12:15:27 +0100[diff] [blame^]17*/}}
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100[diff] [blame]18
19apiVersion: apps/v1
20kind: Deployment
21metadata:
22 name: {{ include "common.fullname" . }}
23 namespace: {{ include "common.namespace" . }}
24 labels:
25 app: {{ include "common.name" . }}
26 chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
27 release: {{ include "common.release" . }}
28 heritage: {{ .Release.Service }}
29spec:
30 selector:
31 matchLabels:
32 app: {{ include "common.name" . }}
33 replicas: {{ .Values.replicaCount }}
34 template:
35 metadata:
36 labels:
37 app: {{ include "common.name" . }}
38 release: {{ include "common.release" . }}
39 spec:
40 {{ if .Values.global.installSidecarSecurity }}
41 hostAliases:
42 - ip: {{ .Values.global.aaf.serverIp }}
43 hostnames:
44 - {{ .Values.global.aaf.serverHostname }}
45
46 initContainers:
47 - name: {{ .Values.global.tproxyConfig.name }}
Sylvain Desbureaux5b651322020-12-07 15:34:15 +0100[diff] [blame]48 image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.tproxyConfig.image }}
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100[diff] [blame]49 imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
50 securityContext:
51 privileged: true
52 {{ end }}
53 containers:
54 - name: {{ include "common.name" . }}
Sylvain Desbureaux5b651322020-12-07 15:34:15 +0100[diff] [blame]55 image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100[diff] [blame]56 imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
57 ports:
58 - containerPort: {{ .Values.service.internalPort }}
59 # disable liveness probe when breakpoints set in debugger
60 # so K8s doesn't restart unresponsive container
61 {{ if .Values.liveness.enabled }}
62 livenessProbe:
63 tcpSocket:
64 port: {{ .Values.service.internalPort }}
65 initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
66 periodSeconds: {{ .Values.liveness.periodSeconds }}
67 {{ end }}
68 readinessProbe:
69 tcpSocket:
70 port: {{ .Values.service.internalPort }}
71 initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
72 periodSeconds: {{ .Values.readiness.periodSeconds }}
73 env:
74 - name: CONFIG_HOME
75 value: /opt/app/babel/config
76 - name: KEY_STORE_PASSWORD
77 valueFrom:
78 secretKeyRef:
79 name: {{ template "common.fullname" . }}-pass
80 key: KEY_STORE_PASSWORD
81 - name: KEY_MANAGER_PASSWORD
82 valueFrom:
83 secretKeyRef:
84 name: {{ template "common.fullname" . }}-pass
85 key: KEY_MANAGER_PASSWORD
86 volumeMounts:
87 - mountPath: /etc/localtime
88 name: localtime
89 readOnly: true
90 - mountPath: /opt/app/babel/config/artifact-generator.properties
91 name: {{ include "common.fullname" . }}-config
92 subPath: artifact-generator.properties
93 - mountPath: /opt/app/babel/config/tosca-mappings.json
94 name: {{ include "common.fullname" . }}-config
95 subPath: tosca-mappings.json
96 - mountPath: /opt/app/babel/config/babel-auth.properties
97 name: {{ include "common.fullname" . }}-config
98 subPath: babel-auth.properties
99 - mountPath: /opt/app/babel/config/auth
100 name: {{ include "common.fullname" . }}-secrets
101 - mountPath: /var/log/onap
102 name: {{ include "common.fullname" . }}-logs
103 - mountPath: /opt/app/babel/config/logback.xml
104 name: {{ include "common.fullname" . }}-config
105 subPath: logback.xml
106 resources:
107{{ include "common.resources" . }}
108 {{- if .Values.nodeSelector }}
109 nodeSelector:
110{{ toYaml .Values.nodeSelector | indent 8 }}
111 {{- end -}}
112 {{- if .Values.affinity }}
113 affinity:
114{{ toYaml .Values.affinity | indent 8 }}
115 {{- end }}
116
117 # side car containers
118 - name: filebeat-onap
Sylvain Desbureaux5b651322020-12-07 15:34:15 +0100[diff] [blame]119 image: {{ include "repositoryGenerator.image.logging" . }}
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100[diff] [blame]120 imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
121 volumeMounts:
122 - mountPath: /usr/share/filebeat/filebeat.yml
123 subPath: filebeat.yml
124 name: filebeat-conf
125 - mountPath: /var/log/onap
126 name: {{ include "common.fullname" . }}-logs
127 - mountPath: /usr/share/filebeat/data
128 name: aai-filebeat
129
130 {{ if .Values.global.installSidecarSecurity }}
131 - name: {{ .Values.global.rproxy.name }}
Sylvain Desbureaux5b651322020-12-07 15:34:15 +0100[diff] [blame]132 image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.rproxy.image }}
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100[diff] [blame]133 imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
134 env:
135 - name: CONFIG_HOME
136 value: "/opt/app/rproxy/config"
137 - name: KEY_STORE_PASSWORD
138 value: {{ .Values.config.keyStorePassword }}
139 - name: spring_profiles_active
140 value: {{ .Values.global.rproxy.activeSpringProfiles }}
141 volumeMounts:
142 - name: {{ include "common.fullname" . }}-rproxy-config
143 mountPath: /opt/app/rproxy/config/forward-proxy.properties
144 subPath: forward-proxy.properties
145 - name: {{ include "common.fullname" . }}-rproxy-config
146 mountPath: /opt/app/rproxy/config/primary-service.properties
147 subPath: primary-service.properties
148 - name: {{ include "common.fullname" . }}-rproxy-config
149 mountPath: /opt/app/rproxy/config/reverse-proxy.properties
150 subPath: reverse-proxy.properties
151 - name: {{ include "common.fullname" . }}-rproxy-config
152 mountPath: /opt/app/rproxy/config/cadi.properties
153 subPath: cadi.properties
154 - name: {{ include "common.fullname" . }}-rproxy-log-config
155 mountPath: /opt/app/rproxy/config/logback-spring.xml
156 subPath: logback-spring.xml
157 - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config
158 mountPath: /opt/app/rproxy/config/auth/uri-authorization.json
159 subPath: uri-authorization.json
160 - name: {{ include "common.fullname" . }}-rproxy-auth-config
161 mountPath: /opt/app/rproxy/config/auth/tomcat_keystore
162 subPath: tomcat_keystore
163 - name: {{ include "common.fullname" . }}-rproxy-auth-config
164 mountPath: /opt/app/rproxy/config/auth/client-cert.p12
165 subPath: client-cert.p12
166 - name: {{ include "common.fullname" . }}-rproxy-auth-config
167 mountPath: /opt/app/rproxy/config/auth/aaf_truststore.jks
168 subPath: aaf_truststore.jks
169 - name: {{ include "common.fullname" . }}-rproxy-security-config
170 mountPath: /opt/app/rproxy/config/security/keyfile
171 subPath: keyfile
172
173 ports:
174 - containerPort: {{ .Values.global.rproxy.port }}
175
176 - name: {{ .Values.global.fproxy.name }}
Sylvain Desbureaux5b651322020-12-07 15:34:15 +0100[diff] [blame]177 image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.fproxy.image }}
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100[diff] [blame]178 imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
179 env:
180 - name: CONFIG_HOME
181 value: "/opt/app/fproxy/config"
182 - name: KEY_STORE_PASSWORD
183 value: {{ .Values.config.keyStorePassword }}
184 - name: spring_profiles_active
185 value: {{ .Values.global.fproxy.activeSpringProfiles }}
186 volumeMounts:
187 - name: {{ include "common.fullname" . }}-fproxy-config
188 mountPath: /opt/app/fproxy/config/fproxy.properties
189 subPath: fproxy.properties
190 - name: {{ include "common.fullname" . }}-fproxy-log-config
191 mountPath: /opt/app/fproxy/config/logback-spring.xml
192 subPath: logback-spring.xml
193 - name: {{ include "common.fullname" . }}-fproxy-auth-config
194 mountPath: /opt/app/fproxy/config/auth/tomcat_keystore
195 subPath: tomcat_keystore
196 - name: {{ include "common.fullname" . }}-fproxy-auth-config
197 mountPath: /opt/app/fproxy/config/auth/client-cert.p12
198 subPath: client-cert.p12
199 ports:
200 - containerPort: {{ .Values.global.fproxy.port }}
201 {{ end }}
202
203 volumes:
204 - name: localtime
205 hostPath:
206 path: /etc/localtime
207 - name: {{ include "common.fullname" . }}-config
208 configMap:
209 name: {{ include "common.fullname" . }}-configmap
210 items:
211 - key: artifact-generator.properties
212 path: artifact-generator.properties
213 - key: tosca-mappings.json
214 path: tosca-mappings.json
215 - key: babel-auth.properties
216 path: babel-auth.properties
217 - key: logback.xml
218 path: logback.xml
219 - name: {{ include "common.fullname" . }}-secrets
220 secret:
221 secretName: {{ include "common.fullname" . }}-babel-secrets
222 - name: filebeat-conf
223 configMap:
224 name: aai-filebeat
225 - name: {{ include "common.fullname" . }}-logs
226 emptyDir: {}
227 - name: aai-filebeat
228 emptyDir: {}
229 {{ if .Values.global.installSidecarSecurity }}
230 - name: {{ include "common.fullname" . }}-rproxy-config
231 configMap:
232 name: {{ include "common.fullname" . }}-rproxy-config
233 - name: {{ include "common.fullname" . }}-rproxy-log-config
234 configMap:
235 name: {{ include "common.fullname" . }}-rproxy-log-config
236 - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config
237 configMap:
238 name: {{ include "common.fullname" . }}-rproxy-uri-auth-config
239 - name: {{ include "common.fullname" . }}-rproxy-auth-config
240 secret:
241 secretName: {{ include "common.fullname" . }}-rproxy-auth-config
242 - name: {{ include "common.fullname" . }}-rproxy-security-config
243 secret:
244 secretName: {{ include "common.fullname" . }}-rproxy-security-config
245 - name: {{ include "common.fullname" . }}-fproxy-config
246 configMap:
247 name: {{ include "common.fullname" . }}-fproxy-config
248 - name: {{ include "common.fullname" . }}-fproxy-log-config
249 configMap:
250 name: {{ include "common.fullname" . }}-fproxy-log-config
251 - name: {{ include "common.fullname" . }}-fproxy-auth-config
252 secret:
253 secretName: {{ include "common.fullname" . }}-fproxy-auth-config
254 {{ end }}
255
256 imagePullSecrets:
257 - name: "{{ include "common.namespace" . }}-docker-registry-key"