blob: f4e56c24b67956e9853720f9e98666d6032248fc [file] [log] [blame]
Sylvain Desbureaux47eb4d22020-12-10 12:15:27 +01001{{/*
Sylvain Desbureaux70070412020-11-09 21:58:48 +01002# Copyright (c) 2017 Amdocs, Bell Canada
3# Modifications Copyright (c) 2018 AT&T
4# Modifications Copyright (c) 2020 Nokia
Sylvain Desbureaux331f0042021-01-18 11:38:49 +01005# Modifications Copyright (c) 2021 Orange
Sylvain Desbureaux70070412020-11-09 21:58:48 +01006#
7# Licensed under the Apache License, Version 2.0 (the "License");
8# you may not use this file except in compliance with the License.
9# You may obtain a copy of the License at
10#
11# http://www.apache.org/licenses/LICENSE-2.0
12#
13# Unless required by applicable law or agreed to in writing, software
14# distributed under the License is distributed on an "AS IS" BASIS,
15# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16# See the License for the specific language governing permissions and
17# limitations under the License.
Sylvain Desbureaux47eb4d22020-12-10 12:15:27 +010018*/}}
Sylvain Desbureaux70070412020-11-09 21:58:48 +010019
20apiVersion: apps/v1
21kind: Deployment
22metadata:
23 name: {{ include "common.fullname" . }}
24 namespace: {{ include "common.namespace" . }}
25 labels:
26 app: {{ include "common.name" . }}
27 chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
28 release: {{ include "common.release" . }}
29 heritage: {{ .Release.Service }}
30spec:
31 replicas: {{ .Values.replicaCount }}
M.Hosnidokht09523be2021-08-24 09:00:42 -040032 minReadySeconds: {{ .Values.minReadySeconds }}
33 strategy:
34 type: {{ .Values.updateStrategy.type }}
35 rollingUpdate:
36 maxUnavailable: {{ .Values.updateStrategy.maxUnavailable }}
37 maxSurge: {{ .Values.updateStrategy.maxSurge }}
Sylvain Desbureaux70070412020-11-09 21:58:48 +010038 selector:
39 matchLabels:
40 app: {{ include "common.name" . }}
41 template:
42 metadata:
43 labels:
44 app: {{ include "common.name" . }}
45 release: {{ include "common.release" . }}
46 name: {{ include "common.name" . }}
47 annotations:
48 checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
Sylvain Desbureaux331f0042021-01-18 11:38:49 +010049 {{- if .Values.global.msbEnabled }}
50 {{ $values := .Values }}
Sylvain Desbureaux70070412020-11-09 21:58:48 +010051 msb.onap.org/service-info: '[
Sylvain Desbureaux331f0042021-01-18 11:38:49 +010052 {{- range $api_endpoint := $values.aai_enpoints -}}
53 {{- range $api_version := $values.api_list }}
Sylvain Desbureaux70070412020-11-09 21:58:48 +010054 {
Sylvain Desbureaux331f0042021-01-18 11:38:49 +010055 "serviceName": "_{{ $api_endpoint.name }}",
56 "version": "v{{ $api_version }}",
57 "url": "/aai/v{{ $api_version }}/{{ $api_endpoint.url }}",
Sylvain Desbureaux70070412020-11-09 21:58:48 +010058 "protocol": "REST",
59 "port": "8447",
60 "enable_ssl": true,
61 "lb_policy":"ip_hash",
62 "visualRange": "1",
Sylvain Desbureaux331f0042021-01-18 11:38:49 +010063 "path": "/aai/v{{ $api_version }}/{{ $api_endpoint.url }}"
Sylvain Desbureaux70070412020-11-09 21:58:48 +010064 },
65 {
Sylvain Desbureaux331f0042021-01-18 11:38:49 +010066 "serviceName": "{{ $api_endpoint.name }}",
67 "version": "v{{ $api_version }}",
68 "url": "/aai/v{{ $api_version }}/{{ $api_endpoint.url }}",
Sylvain Desbureaux70070412020-11-09 21:58:48 +010069 "protocol": "REST",
70 "port": "8447",
71 "enable_ssl": true,
72 "lb_policy":"ip_hash",
73 "visualRange": "1"
74 },
Sylvain Desbureaux331f0042021-01-18 11:38:49 +010075 {{- end }}
76 {{- end }}
Sylvain Desbureaux70070412020-11-09 21:58:48 +010077 ]'
Sylvain Desbureaux331f0042021-01-18 11:38:49 +010078 {{- end }}
Sylvain Desbureaux70070412020-11-09 21:58:48 +010079 spec:
80 hostname: aai-resources
M.Hosnidokht09523be2021-08-24 09:00:42 -040081 terminationGracePeriodSeconds: {{ .Values.service.terminationGracePeriodSeconds }}
Sylvain Desbureauxb4e038d2020-12-15 12:00:26 +010082 initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }}
83 - name: {{ include "common.name" . }}-readiness
84 command:
Sylvain Desbureaux70070412020-11-09 21:58:48 +010085 - /app/ready.py
86 args:
Sylvain Desbureauxb4e038d2020-12-15 12:00:26 +010087 {{- if .Values.global.jobs.migration.enabled }}
Sylvain Desbureaux70070412020-11-09 21:58:48 +010088 - --job-name
89 - {{ include "common.release" . }}-aai-graphadmin-migration
Sylvain Desbureauxb4e038d2020-12-15 12:00:26 +010090 {{- else }}
91 {{- if .Values.global.jobs.createSchema.enabled }}
Sylvain Desbureaux70070412020-11-09 21:58:48 +010092 - --job-name
93 - {{ include "common.release" . }}-aai-graphadmin-create-db-schema
Sylvain Desbureaux6212bb22021-01-18 11:43:33 +010094 {{- else }}
Sylvain Desbureauxb4e038d2020-12-15 12:00:26 +010095 - --container-name
96 {{- if .Values.global.cassandra.localCluster }}
97 - aai-cassandra
98 {{- else }}
Sylvain Desbureaux70070412020-11-09 21:58:48 +010099 - cassandra
Sylvain Desbureauxb4e038d2020-12-15 12:00:26 +0100100 {{- end }}
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100101 - --container-name
102 - aai-schema-service
Sylvain Desbureauxb4e038d2020-12-15 12:00:26 +0100103 {{- end }}
Sylvain Desbureaux6212bb22021-01-18 11:43:33 +0100104 {{- end }}
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100105 env:
106 - name: NAMESPACE
107 valueFrom:
108 fieldRef:
109 apiVersion: v1
110 fieldPath: metadata.namespace
Sylvain Desbureaux5b651322020-12-07 15:34:15 +0100111 image: {{ include "repositoryGenerator.image.readiness" . }}
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100112 imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100113 containers:
114 - name: {{ include "common.name" . }}
Sylvain Desbureaux5b651322020-12-07 15:34:15 +0100115 image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100116 imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
Sylvain Desbureauxb4e038d2020-12-15 12:00:26 +0100117 command:
118 - sh
119 args:
120 - -c
121 - |
122 echo "*** retrieve Truststore and Keystore password"
123 export $(cat {{ .Values.certInitializer.credsPath }}/mycreds.prop | xargs -0)
124 echo "*** actual launch of AAI Resources"
125 /bin/bash /opt/app/aai-resources/docker-entrypoint.sh
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100126 env:
127 - name: LOCAL_USER_ID
128 value: {{ .Values.global.config.userId | quote }}
129 - name: LOCAL_GROUP_ID
130 value: {{ .Values.global.config.groupId | quote }}
Harish Venkata Kajurb06c9af2021-02-01 08:59:46 -0500131 - name: POST_JAVA_OPTS
Harish Venkata Kajur95b39b12021-06-15 11:49:16 -0400132 value: '-Djavax.net.ssl.trustStore={{ .Values.certInitializer.credsPath }}/truststoreONAPall.jks -Djavax.net.ssl.trustStorePassword={{ .Values.certInitializer.truststorePassword }}'
Sylvain Desbureauxb4e038d2020-12-15 12:00:26 +0100133 - name: TRUSTORE_ALL_PASSWORD
Sylvain Desbureaux6b83dab2021-02-23 16:03:21 +0100134 value: {{ .Values.certInitializer.truststorePassword }}
M.Hosnidokht09523be2021-08-24 09:00:42 -0400135 - name: INTERNAL_PORT_1
136 value: {{ .Values.service.internalPort | quote }}
137 - name: INTERNAL_PORT_2
138 value: {{ .Values.service.internalPort2 | quote }}
leila46fb5802022-11-15 11:33:21 -0500139 - name: INTERNAL_PORT_3
140 value: {{ .Values.service.internalPort3 | quote }}
Sylvain Desbureauxb4e038d2020-12-15 12:00:26 +0100141 volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 8 }}
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100142 - mountPath: /etc/localtime
143 name: localtime
144 readOnly: true
145 - mountPath: /opt/app/aai-resources/resources/etc/appprops/janusgraph-realtime.properties
146 name: {{ include "common.fullname" . }}-config
147 subPath: janusgraph-realtime.properties
148 - mountPath: /opt/app/aai-resources/resources/etc/appprops/janusgraph-cached.properties
149 name: {{ include "common.fullname" . }}-config
150 subPath: janusgraph-cached.properties
151 - mountPath: /opt/app/aai-resources/resources/etc/appprops/aaiconfig.properties
152 name: {{ include "common.fullname" . }}-config
153 subPath: aaiconfig.properties
154 - mountPath: /opt/aai/logroot/AAI-RES
Maciej Wereskid523d122021-09-21 11:22:13 +0200155 name: logs
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100156 - mountPath: /opt/app/aai-resources/resources/logback.xml
157 name: {{ include "common.fullname" . }}-config
158 subPath: logback.xml
159 - mountPath: /opt/app/aai-resources/resources/localhost-access-logback.xml
160 name: {{ include "common.fullname" . }}-config
161 subPath: localhost-access-logback.xml
162 - mountPath: /opt/app/aai-resources/resources/etc/auth/realm.properties
163 name: {{ include "common.fullname" . }}-config
164 subPath: realm.properties
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100165 - mountPath: /opt/app/aai-resources/resources/aaf/bath_config.csv
166 name: {{ include "common.fullname" . }}-aaf-certs
167 subPath: bath_config.csv
168 - mountPath: /opt/app/aai-resources/resources/aaf/org.onap.aai.props
169 name: {{ include "common.fullname" . }}-aaf-properties
170 subPath: org.onap.aai.props
171 - mountPath: /opt/app/aai-resources/resources/aaf/org.osaaf.location.props
172 name: {{ include "common.fullname" . }}-aaf-properties
173 subPath: org.osaaf.location.props
174 - mountPath: /opt/app/aai-resources/resources/aaf/permissions.properties
175 name: {{ include "common.fullname" . }}-aaf-properties
176 subPath: permissions.properties
177 - mountPath: /opt/app/aai-resources/resources/cadi.properties
178 name: {{ include "common.fullname" . }}-aaf-properties
179 subPath: cadi.properties
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100180 - mountPath: /opt/app/aai-resources/resources/application.properties
181 name: {{ include "common.fullname" . }}-config
182 subPath: application.properties
183 - mountPath: /opt/app/aai-resources/resources/application-keycloak.properties
184 name: {{ include "common.fullname" . }}-config
185 subPath: application-keycloak.properties
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100186 ports:
187 - containerPort: {{ .Values.service.internalPort }}
188 - containerPort: {{ .Values.service.internalPort2 }}
leila46fb5802022-11-15 11:33:21 -0500189 - containerPort: {{ .Values.service.internalPort3 }}
M.Hosnidokht09523be2021-08-24 09:00:42 -0400190 lifecycle:
191 # wait for active requests (long-running tasks) to be finished
192 # Before the SIGTERM is invoked, Kubernetes exposes a preStop hook in the Pod.
193 preStop:
194 exec:
195 command:
196 - sh
197 - -c
198 - |
199 while (netstat -an | grep ESTABLISHED | grep -e $INTERNAL_PORT_1 -e $INTERNAL_PORT_2)
200 do sleep 10
201 done
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100202 # disable liveness probe when breakpoints set in debugger
203 # so K8s doesn't restart unresponsive container
Sylvain Desbureaux5b651322020-12-07 15:34:15 +0100204 {{- if .Values.liveness.enabled }}
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100205 livenessProbe:
Rommel Pawarc8845ef2022-09-22 14:04:14 -0700206 httpGet:
207 path: /aai/util/echo?action=checkDB
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100208 port: {{ .Values.service.internalPort }}
Rommel Pawarc8845ef2022-09-22 14:04:14 -0700209 scheme: HTTP{{ (eq "true" (include "common.needTLS" .)) | ternary "S" "" }}
210 httpHeaders:
211 - name: X-FromAppId
212 value: LivenessCheck
213 - name: X-TransactionId
214 value: LiveCheck_TID
215 - name: Accept
216 value: application/json
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100217 initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
218 periodSeconds: {{ .Values.liveness.periodSeconds }}
Sylvain Desbureaux5b651322020-12-07 15:34:15 +0100219 {{- end }}
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100220 readinessProbe:
Rommel Pawarc8845ef2022-09-22 14:04:14 -0700221 httpGet:
222 path: /aai/util/echo?action=checkDB
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100223 port: {{ .Values.service.internalPort }}
Rommel Pawarc8845ef2022-09-22 14:04:14 -0700224 scheme: HTTP{{ (eq "true" (include "common.needTLS" .)) | ternary "S" "" }}
225 httpHeaders:
226 - name: X-FromAppId
227 value: ReadinessCheck
228 - name: X-TransactionId
229 value: ReadinessCheck_TID
230 - name: Accept
231 value: application/json
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100232 initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
233 periodSeconds: {{ .Values.readiness.periodSeconds }}
miroslavmasaryka7ac7f02023-03-01 14:12:26 +0100234 resources: {{ include "common.resources" . | nindent 10 }}
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100235 {{- if .Values.nodeSelector }}
Sylvain Desbureaux5b651322020-12-07 15:34:15 +0100236 nodeSelector: {{ toYaml .Values.nodeSelector | nindent 8 }}
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100237 {{- end }}
Sylvain Desbureaux5b651322020-12-07 15:34:15 +0100238 {{- if .Values.affinity }}
239 affinity: {{ toYaml .Values.affinity | nindent 8 }}
240 {{- end }}
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100241 # side car containers
Maciej Wereskid523d122021-09-21 11:22:13 +0200242 {{ include "common.log.sidecar" . | nindent 6 }}
farida azmyd8937332021-03-09 12:20:42 +0200243 serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
Sylvain Desbureauxb4e038d2020-12-15 12:00:26 +0100244 volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }}
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100245 - name: localtime
246 hostPath:
247 path: /etc/localtime
Maciej Wereskid523d122021-09-21 11:22:13 +0200248 - name: logs
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100249 emptyDir: {}
Maciej Wereskid523d122021-09-21 11:22:13 +0200250 {{ include "common.log.volumes" (dict "dot" . "configMapNamePrefix" (tpl .Values.logConfigMapNamePrefix .)) | nindent 6 }}
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100251 - name: {{ include "common.fullname" . }}-config
252 configMap:
Sylvain Desbureauxb4e038d2020-12-15 12:00:26 +0100253 name: {{ include "common.fullname" . }}
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100254 - name: {{ include "common.fullname" . }}-aaf-properties
255 configMap:
Sylvain Desbureaux5b651322020-12-07 15:34:15 +0100256 name: {{ include "common.fullname" . }}-aaf-props
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100257 - name: {{ include "common.fullname" . }}-aaf-certs
258 secret:
Sylvain Desbureaux5b651322020-12-07 15:34:15 +0100259 secretName: {{ include "common.fullname" . }}-aaf-keys
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100260 restartPolicy: {{ .Values.restartPolicy }}
261 imagePullSecrets:
262 - name: "{{ include "common.namespace" . }}-docker-registry-key"