blob: 093277169a810435b70408e96734b2976b41d4db [file] [log] [blame]
Sylvain Desbureaux47eb4d22020-12-10 12:15:27 +01001{{/*
Sylvain Desbureaux70070412020-11-09 21:58:48 +01002# Copyright (c) 2017 Amdocs, Bell Canada
3# Modifications Copyright (c) 2018 AT&T
Sylvain Desbureaux5b651322020-12-07 15:34:15 +01004# Modifications Copyright (c) 2020 Nokia, Orange
Sylvain Desbureaux331f0042021-01-18 11:38:49 +01005# Modifications Copyright (c) 2021 Orange
Sylvain Desbureaux70070412020-11-09 21:58:48 +01006#
7# Licensed under the Apache License, Version 2.0 (the "License");
8# you may not use this file except in compliance with the License.
9# You may obtain a copy of the License at
10#
11# http://www.apache.org/licenses/LICENSE-2.0
12#
13# Unless required by applicable law or agreed to in writing, software
14# distributed under the License is distributed on an "AS IS" BASIS,
15# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16# See the License for the specific language governing permissions and
17# limitations under the License.
Sylvain Desbureaux47eb4d22020-12-10 12:15:27 +010018*/}}
Sylvain Desbureaux70070412020-11-09 21:58:48 +010019
20apiVersion: apps/v1
21kind: Deployment
22metadata:
23 name: {{ include "common.fullname" . }}
24 namespace: {{ include "common.namespace" . }}
25 labels:
26 app: {{ include "common.name" . }}
27 chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
28 release: {{ include "common.release" . }}
29 heritage: {{ .Release.Service }}
30spec:
31 replicas: {{ .Values.replicaCount }}
M.Hosnidokht15fea932021-08-25 09:08:40 -040032 minReadySeconds: {{ .Values.minReadySeconds }}
33 strategy:
34 type: {{ .Values.updateStrategy.type }}
35 rollingUpdate:
36 maxUnavailable: {{ .Values.updateStrategy.maxUnavailable }}
37 maxSurge: {{ .Values.updateStrategy.maxSurge }}
Sylvain Desbureaux70070412020-11-09 21:58:48 +010038 selector:
39 matchLabels:
40 app: {{ include "common.name" . }}
41 template:
42 metadata:
43 labels:
44 app: {{ include "common.name" . }}
45 release: {{ include "common.release" . }}
46 name: {{ include "common.name" . }}
47 annotations:
48 checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
Sylvain Desbureaux331f0042021-01-18 11:38:49 +010049 {{- if .Values.global.msbEnabled }}
50 {{ $values := .Values }}
Sylvain Desbureaux70070412020-11-09 21:58:48 +010051 msb.onap.org/service-info: '[
Sylvain Desbureaux331f0042021-01-18 11:38:49 +010052 {{- range $api_endpoint := $values.aai_enpoints -}}
53 {{- range $api_version := $values.api_list }}
Sylvain Desbureaux70070412020-11-09 21:58:48 +010054 {
Sylvain Desbureaux331f0042021-01-18 11:38:49 +010055 "serviceName": "_{{ $api_endpoint.name }}",
56 "version": "v{{ $api_version }}",
57 "url": "/aai/v{{ $api_version }}/{{ $api_endpoint.url }}",
Sylvain Desbureaux70070412020-11-09 21:58:48 +010058 "protocol": "REST",
59 "port": "8446",
60 "enable_ssl": true,
61 "lb_policy":"ip_hash",
62 "visualRange": "1",
Sylvain Desbureaux331f0042021-01-18 11:38:49 +010063 "path": "/aai/v{{ $api_version }}/{{ $api_endpoint.url }}"
Sylvain Desbureaux70070412020-11-09 21:58:48 +010064 },
65 {
Sylvain Desbureaux331f0042021-01-18 11:38:49 +010066 "serviceName": "{{ $api_endpoint.name }}",
67 "version": "v{{ $api_version }}",
68 "url": "/aai/v{{ $api_version }}/{{ $api_endpoint.url }}",
Sylvain Desbureaux70070412020-11-09 21:58:48 +010069 "protocol": "REST",
70 "port": "8446",
71 "enable_ssl": true,
72 "lb_policy":"ip_hash",
Sylvain Desbureaux331f0042021-01-18 11:38:49 +010073 "visualRange": "1"
Sylvain Desbureaux70070412020-11-09 21:58:48 +010074 },
Sylvain Desbureaux331f0042021-01-18 11:38:49 +010075 {{- end }}
76 {{- end }}
Sylvain Desbureaux70070412020-11-09 21:58:48 +010077 {
78 "serviceName": "_aai-named-query",
79 "url": "/aai/search",
80 "protocol": "REST",
81 "port": "8446",
82 "enable_ssl": true,
83 "lb_policy":"ip_hash",
84 "visualRange": "1",
85 "path": "/aai/search"
86 },
87 {
Sylvain Desbureaux70070412020-11-09 21:58:48 +010088 "serviceName": "aai-named-query",
89 "url": "/aai/search",
90 "protocol": "REST",
91 "port": "8446",
92 "enable_ssl": true,
93 "lb_policy":"ip_hash",
94 "visualRange": "1"
95 }
96 ]'
Sylvain Desbureaux331f0042021-01-18 11:38:49 +010097 {{- end }}
Sylvain Desbureaux70070412020-11-09 21:58:48 +010098 spec:
99 hostname: aai-traversal
M.Hosnidokht15fea932021-08-25 09:08:40 -0400100 terminationGracePeriodSeconds: {{ .Values.service.terminationGracePeriodSeconds }}
Sylvain Desbureauxa41dfc02021-02-15 10:14:22 +0100101 initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }}
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100102 - command:
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100103 - /app/ready.py
104 args:
Sylvain Desbureauxa41dfc02021-02-15 10:14:22 +0100105 {{- if .Values.global.jobs.migration.enabled }}
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100106 - --job-name
107 - {{ include "common.release" . }}-aai-graphadmin-migration
Sylvain Desbureauxa41dfc02021-02-15 10:14:22 +0100108 {{- else }}
109 {{- if .Values.global.jobs.createSchema.enabled }}
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100110 - --job-name
111 - {{ include "common.release" . }}-aai-graphadmin-create-db-schema
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100112 {{- else }}
Sylvain Desbureauxa41dfc02021-02-15 10:14:22 +0100113 - --container-name
114 {{- if .Values.global.cassandra.localCluster }}
115 - aai-cassandra
116 {{- else }}
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100117 - cassandra
Sylvain Desbureauxa41dfc02021-02-15 10:14:22 +0100118 {{- end }}
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100119 - --container-name
120 - aai-schema-service
Sylvain Desbureauxa41dfc02021-02-15 10:14:22 +0100121 {{- end }}
122 {{- end }}
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100123 env:
124 - name: NAMESPACE
125 valueFrom:
126 fieldRef:
127 apiVersion: v1
128 fieldPath: metadata.namespace
Sylvain Desbureaux5b651322020-12-07 15:34:15 +0100129 image: {{ include "repositoryGenerator.image.readiness" . }}
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100130 imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
131 name: {{ include "common.name" . }}-readiness
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100132 containers:
133 - name: {{ include "common.name" . }}
Sylvain Desbureaux5b651322020-12-07 15:34:15 +0100134 image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100135 imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
Sylvain Desbureauxa41dfc02021-02-15 10:14:22 +0100136 command:
137 - sh
138 args:
139 - -c
140 - |
141 echo "*** retrieve Truststore and Keystore password"
142 export $(cat {{ .Values.certInitializer.credsPath }}/mycreds.prop | xargs -0)
143 echo "*** actual launch of AAI Resources"
144 /bin/bash /opt/app/aai-traversal/docker-entrypoint.sh
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100145 env:
Sylvain Desbureauxa41dfc02021-02-15 10:14:22 +0100146 - name: TRUSTORE_ALL_PASSWORD
Sylvain Desbureaux6b83dab2021-02-23 16:03:21 +0100147 value: {{ .Values.certInitializer.truststorePassword }}
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100148 - name: DISABLE_UPDATE_QUERY
149 value: {{ .Values.config.disableUpdateQuery | quote }}
150 - name: LOCAL_USER_ID
151 value: {{ .Values.global.config.userId | quote }}
152 - name: LOCAL_GROUP_ID
153 value: {{ .Values.global.config.groupId | quote }}
M.Hosnidokht15fea932021-08-25 09:08:40 -0400154 - name: INTERNAL_PORT_1
155 value: {{ .Values.service.internalPort | quote }}
156 - name: INTERNAL_PORT_2
157 value: {{ .Values.service.internalPort2 | quote }}
leila46fb5802022-11-15 11:33:21 -0500158 - name: INTERNAL_PORT_3
159 value: {{ .Values.service.internalPort3 | quote }}
Sylvain Desbureauxa41dfc02021-02-15 10:14:22 +0100160 volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 8 }}
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100161 - mountPath: /etc/localtime
162 name: localtime
163 readOnly: true
164 - mountPath: /opt/app/aai-traversal/resources/etc/appprops/janusgraph-realtime.properties
165 name: {{ include "common.fullname" . }}-config
166 subPath: janusgraph-realtime.properties
167 - mountPath: /opt/app/aai-traversal/resources/etc/appprops/janusgraph-cached.properties
168 name: {{ include "common.fullname" . }}-config
169 subPath: janusgraph-cached.properties
170 - mountPath: /opt/app/aai-traversal/resources/etc/appprops/aaiconfig.properties
171 name: {{ include "common.fullname" . }}-config
172 subPath: aaiconfig.properties
173 - mountPath: /opt/aai/logroot/AAI-GQ
Maciej Wereskid523d122021-09-21 11:22:13 +0200174 name: logs
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100175 - mountPath: /opt/aai/logroot/AAI-GQ/misc
176 name: {{ include "common.fullname" . }}-logs-misc
177 - mountPath: /opt/app/aai-traversal/resources/logback.xml
178 name: {{ include "common.fullname" . }}-config
179 subPath: logback.xml
180 - mountPath: /opt/app/aai-traversal/resources/localhost-access-logback.xml
181 name: {{ include "common.fullname" . }}-config
182 subPath: localhost-access-logback.xml
183 - mountPath: /opt/app/aai-traversal/resources/etc/auth/realm.properties
184 name: {{ include "common.fullname" . }}-config
185 subPath: realm.properties
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100186 - mountPath: /opt/app/aai-traversal/resources/aaf/bath_config.csv
187 name: {{ include "common.fullname" . }}-aaf-certs
188 subPath: bath_config.csv
189 - mountPath: /opt/app/aai-traversal/resources/aaf/org.onap.aai.props
190 name: {{ include "common.fullname" . }}-aaf-properties
191 subPath: org.onap.aai.props
192 - mountPath: /opt/app/aai-traversal/resources/aaf/org.osaaf.location.props
193 name: {{ include "common.fullname" . }}-aaf-properties
194 subPath: org.osaaf.location.props
195 - mountPath: /opt/app/aai-traversal/resources/aaf/permissions.properties
196 name: {{ include "common.fullname" . }}-aaf-properties
197 subPath: permissions.properties
198 - mountPath: /opt/app/aai-traversal/resources/cadi.properties
199 name: {{ include "common.fullname" . }}-aaf-properties
200 subPath: cadi.properties
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100201 - mountPath: /opt/app/aai-traversal/resources/application.properties
202 name: {{ include "common.fullname" . }}-config
203 subPath: application.properties
Sam Huang56a6dd42021-03-26 13:27:17 -0600204 - mountPath: /opt/app/aai-traversal/resources/application-keycloak.properties
205 name: {{ include "common.fullname" . }}-config
206 subPath: application-keycloak.properties
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100207 ports:
208 - containerPort: {{ .Values.service.internalPort }}
209 - containerPort: {{ .Values.service.internalPort2 }}
leila46fb5802022-11-15 11:33:21 -0500210 - containerPort: {{ .Values.service.internalPort3 }}
M.Hosnidokht15fea932021-08-25 09:08:40 -0400211 lifecycle:
212 # wait for active requests (long-running tasks) to be finished
213 # Before the SIGTERM is invoked, Kubernetes exposes a preStop hook in the Pod.
214 preStop:
215 exec:
216 command:
217 - sh
218 - -c
219 - |
220 while (netstat -an | grep ESTABLISHED | grep -e $INTERNAL_PORT_1 -e $INTERNAL_PORT_2)
221 do sleep 10
222 done
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100223 # disable liveness probe when breakpoints set in debugger
224 # so K8s doesn't restart unresponsive container
225 {{ if .Values.liveness.enabled }}
226 livenessProbe:
Fiete Ostkampc113ef32022-10-12 09:50:46 +0200227 httpGet:
228 path: /aai/util/echo?action=checkDB
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100229 port: {{ .Values.service.internalPort }}
Fiete Ostkampc113ef32022-10-12 09:50:46 +0200230 scheme: HTTP{{ (eq "true" (include "common.needTLS" .)) | ternary "S" "" }}
231 httpHeaders:
232 - name: X-FromAppId
233 value: LivenessCheck
234 - name: X-TransactionId
235 value: LiveCheck_TID
236 - name: Accept
237 value: application/json
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100238 initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
239 periodSeconds: {{ .Values.liveness.periodSeconds }}
240 {{ end }}
241 readinessProbe:
Fiete Ostkampc113ef32022-10-12 09:50:46 +0200242 httpGet:
243 path: /aai/util/echo?action=checkDB
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100244 port: {{ .Values.service.internalPort }}
Fiete Ostkampc113ef32022-10-12 09:50:46 +0200245 scheme: HTTP{{ (eq "true" (include "common.needTLS" .)) | ternary "S" "" }}
246 httpHeaders:
247 - name: X-FromAppId
248 value: ReadinessCheck
249 - name: X-TransactionId
250 value: ReadinessCheck_TID
251 - name: Accept
252 value: application/json
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100253 initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
254 periodSeconds: {{ .Values.readiness.periodSeconds }}
Fiete Ostkampc113ef32022-10-12 09:50:46 +0200255 resources: {{ include "common.resources" . | nindent 12 }}
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100256 {{- if .Values.nodeSelector }}
257 nodeSelector:
258{{ toYaml .Values.nodeSelector | indent 8 }}
Sylvain Desbureauxa41dfc02021-02-15 10:14:22 +0100259 {{- end }}
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100260 {{- if .Values.affinity }}
261 affinity:
262{{ toYaml .Values.affinity | indent 8 }}
263 {{- end }}
264
265 # side car containers
Maciej Wereskid523d122021-09-21 11:22:13 +0200266 {{ include "common.log.sidecar" . | nindent 6 }}
farida azmyd8937332021-03-09 12:20:42 +0200267 serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
Sylvain Desbureauxa41dfc02021-02-15 10:14:22 +0100268 volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }}
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100269 - name: localtime
270 hostPath:
271 path: /etc/localtime
Maciej Wereskid523d122021-09-21 11:22:13 +0200272 - name: logs
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100273 emptyDir: {}
274 - name: {{ include "common.fullname" . }}-logs-misc
275 emptyDir: {}
Maciej Wereskid523d122021-09-21 11:22:13 +0200276 {{ include "common.log.volumes" (dict "dot" . "configMapNamePrefix" (tpl .Values.logConfigMapNamePrefix .)) | nindent 6 }}
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100277 - name: {{ include "common.fullname" . }}-config
278 configMap:
Sylvain Desbureauxa41dfc02021-02-15 10:14:22 +0100279 name: {{ include "common.fullname" . }}
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100280 - name: {{ include "common.fullname" . }}-aaf-properties
281 configMap:
Sylvain Desbureaux5b651322020-12-07 15:34:15 +0100282 name: {{ include "common.fullname" . }}-aaf-props
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100283 - name: {{ include "common.fullname" . }}-aaf-certs
284 secret:
Sylvain Desbureauxa41dfc02021-02-15 10:14:22 +0100285 secretName: {{ include "common.fullname" . }}-aaf
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100286 - name: aai-common-aai-auth-mount
287 secret:
288 secretName: aai-common-aai-auth
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100289 restartPolicy: {{ .Values.global.restartPolicy | default .Values.restartPolicy }}
290 imagePullSecrets:
291 - name: "{{ include "common.namespace" . }}-docker-registry-key"