Sylvain Desbureaux | 47eb4d2 | 2020-12-10 12:15:27 +0100 | [diff] [blame] | 1 | {{/* |
Sylvain Desbureaux | 7007041 | 2020-11-09 21:58:48 +0100 | [diff] [blame] | 2 | # Copyright (c) 2017 Amdocs, Bell Canada |
| 3 | # Modifications Copyright (c) 2018 AT&T |
| 4 | # Modifications Copyright (c) 2020 Nokia |
Sylvain Desbureaux | 331f004 | 2021-01-18 11:38:49 +0100 | [diff] [blame] | 5 | # Modifications Copyright (c) 2021 Orange |
Sylvain Desbureaux | 7007041 | 2020-11-09 21:58:48 +0100 | [diff] [blame] | 6 | # |
| 7 | # Licensed under the Apache License, Version 2.0 (the "License"); |
| 8 | # you may not use this file except in compliance with the License. |
| 9 | # You may obtain a copy of the License at |
| 10 | # |
| 11 | # http://www.apache.org/licenses/LICENSE-2.0 |
| 12 | # |
| 13 | # Unless required by applicable law or agreed to in writing, software |
| 14 | # distributed under the License is distributed on an "AS IS" BASIS, |
| 15 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 16 | # See the License for the specific language governing permissions and |
| 17 | # limitations under the License. |
Sylvain Desbureaux | 47eb4d2 | 2020-12-10 12:15:27 +0100 | [diff] [blame] | 18 | */}} |
Sylvain Desbureaux | 7007041 | 2020-11-09 21:58:48 +0100 | [diff] [blame] | 19 | |
| 20 | apiVersion: apps/v1 |
| 21 | kind: Deployment |
| 22 | metadata: |
| 23 | name: {{ include "common.fullname" . }} |
| 24 | namespace: {{ include "common.namespace" . }} |
| 25 | labels: |
| 26 | app: {{ include "common.name" . }} |
| 27 | chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} |
| 28 | release: {{ include "common.release" . }} |
| 29 | heritage: {{ .Release.Service }} |
| 30 | spec: |
| 31 | replicas: {{ .Values.replicaCount }} |
M.Hosnidokht | 09523be | 2021-08-24 09:00:42 -0400 | [diff] [blame] | 32 | minReadySeconds: {{ .Values.minReadySeconds }} |
| 33 | strategy: |
| 34 | type: {{ .Values.updateStrategy.type }} |
| 35 | rollingUpdate: |
| 36 | maxUnavailable: {{ .Values.updateStrategy.maxUnavailable }} |
| 37 | maxSurge: {{ .Values.updateStrategy.maxSurge }} |
Sylvain Desbureaux | 7007041 | 2020-11-09 21:58:48 +0100 | [diff] [blame] | 38 | selector: |
| 39 | matchLabels: |
| 40 | app: {{ include "common.name" . }} |
| 41 | template: |
| 42 | metadata: |
| 43 | labels: |
| 44 | app: {{ include "common.name" . }} |
| 45 | release: {{ include "common.release" . }} |
| 46 | name: {{ include "common.name" . }} |
| 47 | annotations: |
| 48 | checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} |
Sylvain Desbureaux | 331f004 | 2021-01-18 11:38:49 +0100 | [diff] [blame] | 49 | {{- if .Values.global.msbEnabled }} |
| 50 | {{ $values := .Values }} |
Sylvain Desbureaux | 7007041 | 2020-11-09 21:58:48 +0100 | [diff] [blame] | 51 | msb.onap.org/service-info: '[ |
Sylvain Desbureaux | 331f004 | 2021-01-18 11:38:49 +0100 | [diff] [blame] | 52 | {{- range $api_endpoint := $values.aai_enpoints -}} |
| 53 | {{- range $api_version := $values.api_list }} |
Sylvain Desbureaux | 7007041 | 2020-11-09 21:58:48 +0100 | [diff] [blame] | 54 | { |
Sylvain Desbureaux | 331f004 | 2021-01-18 11:38:49 +0100 | [diff] [blame] | 55 | "serviceName": "_{{ $api_endpoint.name }}", |
| 56 | "version": "v{{ $api_version }}", |
| 57 | "url": "/aai/v{{ $api_version }}/{{ $api_endpoint.url }}", |
Sylvain Desbureaux | 7007041 | 2020-11-09 21:58:48 +0100 | [diff] [blame] | 58 | "protocol": "REST", |
| 59 | "port": "8447", |
| 60 | "enable_ssl": true, |
| 61 | "lb_policy":"ip_hash", |
| 62 | "visualRange": "1", |
Sylvain Desbureaux | 331f004 | 2021-01-18 11:38:49 +0100 | [diff] [blame] | 63 | "path": "/aai/v{{ $api_version }}/{{ $api_endpoint.url }}" |
Sylvain Desbureaux | 7007041 | 2020-11-09 21:58:48 +0100 | [diff] [blame] | 64 | }, |
| 65 | { |
Sylvain Desbureaux | 331f004 | 2021-01-18 11:38:49 +0100 | [diff] [blame] | 66 | "serviceName": "{{ $api_endpoint.name }}", |
| 67 | "version": "v{{ $api_version }}", |
| 68 | "url": "/aai/v{{ $api_version }}/{{ $api_endpoint.url }}", |
Sylvain Desbureaux | 7007041 | 2020-11-09 21:58:48 +0100 | [diff] [blame] | 69 | "protocol": "REST", |
| 70 | "port": "8447", |
| 71 | "enable_ssl": true, |
| 72 | "lb_policy":"ip_hash", |
| 73 | "visualRange": "1" |
| 74 | }, |
Sylvain Desbureaux | 331f004 | 2021-01-18 11:38:49 +0100 | [diff] [blame] | 75 | {{- end }} |
| 76 | {{- end }} |
Sylvain Desbureaux | 7007041 | 2020-11-09 21:58:48 +0100 | [diff] [blame] | 77 | ]' |
Sylvain Desbureaux | 331f004 | 2021-01-18 11:38:49 +0100 | [diff] [blame] | 78 | {{- end }} |
Sylvain Desbureaux | 7007041 | 2020-11-09 21:58:48 +0100 | [diff] [blame] | 79 | spec: |
| 80 | hostname: aai-resources |
M.Hosnidokht | 09523be | 2021-08-24 09:00:42 -0400 | [diff] [blame] | 81 | terminationGracePeriodSeconds: {{ .Values.service.terminationGracePeriodSeconds }} |
Sylvain Desbureaux | b4e038d | 2020-12-15 12:00:26 +0100 | [diff] [blame] | 82 | initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }} |
| 83 | - name: {{ include "common.name" . }}-readiness |
| 84 | command: |
Sylvain Desbureaux | 7007041 | 2020-11-09 21:58:48 +0100 | [diff] [blame] | 85 | - /app/ready.py |
| 86 | args: |
Sylvain Desbureaux | b4e038d | 2020-12-15 12:00:26 +0100 | [diff] [blame] | 87 | {{- if .Values.global.jobs.migration.enabled }} |
Sylvain Desbureaux | 7007041 | 2020-11-09 21:58:48 +0100 | [diff] [blame] | 88 | - --job-name |
| 89 | - {{ include "common.release" . }}-aai-graphadmin-migration |
Sylvain Desbureaux | b4e038d | 2020-12-15 12:00:26 +0100 | [diff] [blame] | 90 | {{- else }} |
| 91 | {{- if .Values.global.jobs.createSchema.enabled }} |
Sylvain Desbureaux | 7007041 | 2020-11-09 21:58:48 +0100 | [diff] [blame] | 92 | - --job-name |
| 93 | - {{ include "common.release" . }}-aai-graphadmin-create-db-schema |
Sylvain Desbureaux | 6212bb2 | 2021-01-18 11:43:33 +0100 | [diff] [blame] | 94 | {{- else }} |
Sylvain Desbureaux | b4e038d | 2020-12-15 12:00:26 +0100 | [diff] [blame] | 95 | - --container-name |
| 96 | {{- if .Values.global.cassandra.localCluster }} |
| 97 | - aai-cassandra |
| 98 | {{- else }} |
Sylvain Desbureaux | 7007041 | 2020-11-09 21:58:48 +0100 | [diff] [blame] | 99 | - cassandra |
Sylvain Desbureaux | b4e038d | 2020-12-15 12:00:26 +0100 | [diff] [blame] | 100 | {{- end }} |
Sylvain Desbureaux | 7007041 | 2020-11-09 21:58:48 +0100 | [diff] [blame] | 101 | - --container-name |
| 102 | - aai-schema-service |
Sylvain Desbureaux | b4e038d | 2020-12-15 12:00:26 +0100 | [diff] [blame] | 103 | {{- end }} |
Sylvain Desbureaux | 6212bb2 | 2021-01-18 11:43:33 +0100 | [diff] [blame] | 104 | {{- end }} |
Sylvain Desbureaux | 7007041 | 2020-11-09 21:58:48 +0100 | [diff] [blame] | 105 | env: |
| 106 | - name: NAMESPACE |
| 107 | valueFrom: |
| 108 | fieldRef: |
| 109 | apiVersion: v1 |
| 110 | fieldPath: metadata.namespace |
Sylvain Desbureaux | 5b65132 | 2020-12-07 15:34:15 +0100 | [diff] [blame] | 111 | image: {{ include "repositoryGenerator.image.readiness" . }} |
Sylvain Desbureaux | 7007041 | 2020-11-09 21:58:48 +0100 | [diff] [blame] | 112 | imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} |
Sylvain Desbureaux | 7007041 | 2020-11-09 21:58:48 +0100 | [diff] [blame] | 113 | containers: |
| 114 | - name: {{ include "common.name" . }} |
Sylvain Desbureaux | 5b65132 | 2020-12-07 15:34:15 +0100 | [diff] [blame] | 115 | image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} |
Sylvain Desbureaux | 7007041 | 2020-11-09 21:58:48 +0100 | [diff] [blame] | 116 | imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} |
Sylvain Desbureaux | b4e038d | 2020-12-15 12:00:26 +0100 | [diff] [blame] | 117 | command: |
| 118 | - sh |
| 119 | args: |
| 120 | - -c |
| 121 | - | |
| 122 | echo "*** retrieve Truststore and Keystore password" |
| 123 | export $(cat {{ .Values.certInitializer.credsPath }}/mycreds.prop | xargs -0) |
| 124 | echo "*** actual launch of AAI Resources" |
| 125 | /bin/bash /opt/app/aai-resources/docker-entrypoint.sh |
Sylvain Desbureaux | 7007041 | 2020-11-09 21:58:48 +0100 | [diff] [blame] | 126 | env: |
| 127 | - name: LOCAL_USER_ID |
| 128 | value: {{ .Values.global.config.userId | quote }} |
| 129 | - name: LOCAL_GROUP_ID |
| 130 | value: {{ .Values.global.config.groupId | quote }} |
Harish Venkata Kajur | b06c9af | 2021-02-01 08:59:46 -0500 | [diff] [blame] | 131 | - name: POST_JAVA_OPTS |
Harish Venkata Kajur | 95b39b1 | 2021-06-15 11:49:16 -0400 | [diff] [blame] | 132 | value: '-Djavax.net.ssl.trustStore={{ .Values.certInitializer.credsPath }}/truststoreONAPall.jks -Djavax.net.ssl.trustStorePassword={{ .Values.certInitializer.truststorePassword }}' |
Sylvain Desbureaux | b4e038d | 2020-12-15 12:00:26 +0100 | [diff] [blame] | 133 | - name: TRUSTORE_ALL_PASSWORD |
Sylvain Desbureaux | 6b83dab | 2021-02-23 16:03:21 +0100 | [diff] [blame] | 134 | value: {{ .Values.certInitializer.truststorePassword }} |
M.Hosnidokht | 09523be | 2021-08-24 09:00:42 -0400 | [diff] [blame] | 135 | - name: INTERNAL_PORT_1 |
| 136 | value: {{ .Values.service.internalPort | quote }} |
| 137 | - name: INTERNAL_PORT_2 |
| 138 | value: {{ .Values.service.internalPort2 | quote }} |
leila | 46fb580 | 2022-11-15 11:33:21 -0500 | [diff] [blame] | 139 | - name: INTERNAL_PORT_3 |
| 140 | value: {{ .Values.service.internalPort3 | quote }} |
Sylvain Desbureaux | b4e038d | 2020-12-15 12:00:26 +0100 | [diff] [blame] | 141 | volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 8 }} |
Sylvain Desbureaux | 7007041 | 2020-11-09 21:58:48 +0100 | [diff] [blame] | 142 | - mountPath: /etc/localtime |
| 143 | name: localtime |
| 144 | readOnly: true |
| 145 | - mountPath: /opt/app/aai-resources/resources/etc/appprops/janusgraph-realtime.properties |
| 146 | name: {{ include "common.fullname" . }}-config |
| 147 | subPath: janusgraph-realtime.properties |
| 148 | - mountPath: /opt/app/aai-resources/resources/etc/appprops/janusgraph-cached.properties |
| 149 | name: {{ include "common.fullname" . }}-config |
| 150 | subPath: janusgraph-cached.properties |
| 151 | - mountPath: /opt/app/aai-resources/resources/etc/appprops/aaiconfig.properties |
| 152 | name: {{ include "common.fullname" . }}-config |
| 153 | subPath: aaiconfig.properties |
| 154 | - mountPath: /opt/aai/logroot/AAI-RES |
Maciej Wereski | d523d12 | 2021-09-21 11:22:13 +0200 | [diff] [blame] | 155 | name: logs |
Sylvain Desbureaux | 7007041 | 2020-11-09 21:58:48 +0100 | [diff] [blame] | 156 | - mountPath: /opt/app/aai-resources/resources/logback.xml |
| 157 | name: {{ include "common.fullname" . }}-config |
| 158 | subPath: logback.xml |
| 159 | - mountPath: /opt/app/aai-resources/resources/localhost-access-logback.xml |
| 160 | name: {{ include "common.fullname" . }}-config |
| 161 | subPath: localhost-access-logback.xml |
| 162 | - mountPath: /opt/app/aai-resources/resources/etc/auth/realm.properties |
| 163 | name: {{ include "common.fullname" . }}-config |
| 164 | subPath: realm.properties |
Sylvain Desbureaux | 7007041 | 2020-11-09 21:58:48 +0100 | [diff] [blame] | 165 | - mountPath: /opt/app/aai-resources/resources/aaf/bath_config.csv |
| 166 | name: {{ include "common.fullname" . }}-aaf-certs |
| 167 | subPath: bath_config.csv |
| 168 | - mountPath: /opt/app/aai-resources/resources/aaf/org.onap.aai.props |
| 169 | name: {{ include "common.fullname" . }}-aaf-properties |
| 170 | subPath: org.onap.aai.props |
| 171 | - mountPath: /opt/app/aai-resources/resources/aaf/org.osaaf.location.props |
| 172 | name: {{ include "common.fullname" . }}-aaf-properties |
| 173 | subPath: org.osaaf.location.props |
| 174 | - mountPath: /opt/app/aai-resources/resources/aaf/permissions.properties |
| 175 | name: {{ include "common.fullname" . }}-aaf-properties |
| 176 | subPath: permissions.properties |
| 177 | - mountPath: /opt/app/aai-resources/resources/cadi.properties |
| 178 | name: {{ include "common.fullname" . }}-aaf-properties |
| 179 | subPath: cadi.properties |
Sylvain Desbureaux | 7007041 | 2020-11-09 21:58:48 +0100 | [diff] [blame] | 180 | - mountPath: /opt/app/aai-resources/resources/application.properties |
| 181 | name: {{ include "common.fullname" . }}-config |
| 182 | subPath: application.properties |
| 183 | - mountPath: /opt/app/aai-resources/resources/application-keycloak.properties |
| 184 | name: {{ include "common.fullname" . }}-config |
| 185 | subPath: application-keycloak.properties |
Sylvain Desbureaux | 7007041 | 2020-11-09 21:58:48 +0100 | [diff] [blame] | 186 | ports: |
| 187 | - containerPort: {{ .Values.service.internalPort }} |
| 188 | - containerPort: {{ .Values.service.internalPort2 }} |
leila | 46fb580 | 2022-11-15 11:33:21 -0500 | [diff] [blame] | 189 | - containerPort: {{ .Values.service.internalPort3 }} |
M.Hosnidokht | 09523be | 2021-08-24 09:00:42 -0400 | [diff] [blame] | 190 | lifecycle: |
| 191 | # wait for active requests (long-running tasks) to be finished |
| 192 | # Before the SIGTERM is invoked, Kubernetes exposes a preStop hook in the Pod. |
| 193 | preStop: |
| 194 | exec: |
| 195 | command: |
| 196 | - sh |
| 197 | - -c |
| 198 | - | |
| 199 | while (netstat -an | grep ESTABLISHED | grep -e $INTERNAL_PORT_1 -e $INTERNAL_PORT_2) |
| 200 | do sleep 10 |
| 201 | done |
Sylvain Desbureaux | 7007041 | 2020-11-09 21:58:48 +0100 | [diff] [blame] | 202 | # disable liveness probe when breakpoints set in debugger |
| 203 | # so K8s doesn't restart unresponsive container |
Sylvain Desbureaux | 5b65132 | 2020-12-07 15:34:15 +0100 | [diff] [blame] | 204 | {{- if .Values.liveness.enabled }} |
Sylvain Desbureaux | 7007041 | 2020-11-09 21:58:48 +0100 | [diff] [blame] | 205 | livenessProbe: |
Rommel Pawar | c8845ef | 2022-09-22 14:04:14 -0700 | [diff] [blame] | 206 | httpGet: |
| 207 | path: /aai/util/echo?action=checkDB |
Sylvain Desbureaux | 7007041 | 2020-11-09 21:58:48 +0100 | [diff] [blame] | 208 | port: {{ .Values.service.internalPort }} |
Rommel Pawar | c8845ef | 2022-09-22 14:04:14 -0700 | [diff] [blame] | 209 | scheme: HTTP{{ (eq "true" (include "common.needTLS" .)) | ternary "S" "" }} |
| 210 | httpHeaders: |
| 211 | - name: X-FromAppId |
| 212 | value: LivenessCheck |
| 213 | - name: X-TransactionId |
| 214 | value: LiveCheck_TID |
| 215 | - name: Accept |
| 216 | value: application/json |
Sylvain Desbureaux | 7007041 | 2020-11-09 21:58:48 +0100 | [diff] [blame] | 217 | initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} |
| 218 | periodSeconds: {{ .Values.liveness.periodSeconds }} |
Sylvain Desbureaux | 5b65132 | 2020-12-07 15:34:15 +0100 | [diff] [blame] | 219 | {{- end }} |
Sylvain Desbureaux | 7007041 | 2020-11-09 21:58:48 +0100 | [diff] [blame] | 220 | readinessProbe: |
Rommel Pawar | c8845ef | 2022-09-22 14:04:14 -0700 | [diff] [blame] | 221 | httpGet: |
| 222 | path: /aai/util/echo?action=checkDB |
Sylvain Desbureaux | 7007041 | 2020-11-09 21:58:48 +0100 | [diff] [blame] | 223 | port: {{ .Values.service.internalPort }} |
Rommel Pawar | c8845ef | 2022-09-22 14:04:14 -0700 | [diff] [blame] | 224 | scheme: HTTP{{ (eq "true" (include "common.needTLS" .)) | ternary "S" "" }} |
| 225 | httpHeaders: |
| 226 | - name: X-FromAppId |
| 227 | value: ReadinessCheck |
| 228 | - name: X-TransactionId |
| 229 | value: ReadinessCheck_TID |
| 230 | - name: Accept |
| 231 | value: application/json |
Sylvain Desbureaux | 7007041 | 2020-11-09 21:58:48 +0100 | [diff] [blame] | 232 | initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} |
| 233 | periodSeconds: {{ .Values.readiness.periodSeconds }} |
miroslavmasaryk | a7ac7f0 | 2023-03-01 14:12:26 +0100 | [diff] [blame] | 234 | resources: {{ include "common.resources" . | nindent 10 }} |
Sylvain Desbureaux | 7007041 | 2020-11-09 21:58:48 +0100 | [diff] [blame] | 235 | {{- if .Values.nodeSelector }} |
Sylvain Desbureaux | 5b65132 | 2020-12-07 15:34:15 +0100 | [diff] [blame] | 236 | nodeSelector: {{ toYaml .Values.nodeSelector | nindent 8 }} |
Sylvain Desbureaux | 7007041 | 2020-11-09 21:58:48 +0100 | [diff] [blame] | 237 | {{- end }} |
Sylvain Desbureaux | 5b65132 | 2020-12-07 15:34:15 +0100 | [diff] [blame] | 238 | {{- if .Values.affinity }} |
| 239 | affinity: {{ toYaml .Values.affinity | nindent 8 }} |
| 240 | {{- end }} |
Sylvain Desbureaux | 7007041 | 2020-11-09 21:58:48 +0100 | [diff] [blame] | 241 | # side car containers |
Maciej Wereski | d523d12 | 2021-09-21 11:22:13 +0200 | [diff] [blame] | 242 | {{ include "common.log.sidecar" . | nindent 6 }} |
farida azmy | d893733 | 2021-03-09 12:20:42 +0200 | [diff] [blame] | 243 | serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} |
Sylvain Desbureaux | b4e038d | 2020-12-15 12:00:26 +0100 | [diff] [blame] | 244 | volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }} |
Sylvain Desbureaux | 7007041 | 2020-11-09 21:58:48 +0100 | [diff] [blame] | 245 | - name: localtime |
| 246 | hostPath: |
| 247 | path: /etc/localtime |
Maciej Wereski | d523d12 | 2021-09-21 11:22:13 +0200 | [diff] [blame] | 248 | - name: logs |
Sylvain Desbureaux | 7007041 | 2020-11-09 21:58:48 +0100 | [diff] [blame] | 249 | emptyDir: {} |
Maciej Wereski | d523d12 | 2021-09-21 11:22:13 +0200 | [diff] [blame] | 250 | {{ include "common.log.volumes" (dict "dot" . "configMapNamePrefix" (tpl .Values.logConfigMapNamePrefix .)) | nindent 6 }} |
Sylvain Desbureaux | 7007041 | 2020-11-09 21:58:48 +0100 | [diff] [blame] | 251 | - name: {{ include "common.fullname" . }}-config |
| 252 | configMap: |
Sylvain Desbureaux | b4e038d | 2020-12-15 12:00:26 +0100 | [diff] [blame] | 253 | name: {{ include "common.fullname" . }} |
Sylvain Desbureaux | 7007041 | 2020-11-09 21:58:48 +0100 | [diff] [blame] | 254 | - name: {{ include "common.fullname" . }}-aaf-properties |
| 255 | configMap: |
Sylvain Desbureaux | 5b65132 | 2020-12-07 15:34:15 +0100 | [diff] [blame] | 256 | name: {{ include "common.fullname" . }}-aaf-props |
Sylvain Desbureaux | 7007041 | 2020-11-09 21:58:48 +0100 | [diff] [blame] | 257 | - name: {{ include "common.fullname" . }}-aaf-certs |
| 258 | secret: |
Sylvain Desbureaux | 5b65132 | 2020-12-07 15:34:15 +0100 | [diff] [blame] | 259 | secretName: {{ include "common.fullname" . }}-aaf-keys |
Sylvain Desbureaux | 7007041 | 2020-11-09 21:58:48 +0100 | [diff] [blame] | 260 | restartPolicy: {{ .Values.restartPolicy }} |
| 261 | imagePullSecrets: |
| 262 | - name: "{{ include "common.namespace" . }}-docker-registry-key" |