Code Review / oom.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
Merge "Container restart loop"
[oom.git] / kubernetes / aai / charts / aai-gizmo / templates / deployment.yaml
1 # Copyright © 2018 Amdocs, AT&T
2 # Modifications Copyright © 2018 Bell Canada
3 #
4 # Licensed under the Apache License, Version 2.0 (the "License");
5 # you may not use this file except in compliance with the License.
6 # You may obtain a copy of the License at
7 #
8 #       http://www.apache.org/licenses/LICENSE-2.0
9 #
10 # Unless required by applicable law or agreed to in writing, software
11 # distributed under the License is distributed on an "AS IS" BASIS,
12 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 # See the License for the specific language governing permissions and
14 # limitations under the License.
15
16 apiVersion: extensions/v1beta1
17 kind: Deployment
18 metadata:
19   name: {{ include "common.fullname" . }}
20   namespace: {{ include "common.namespace" . }}
21   labels:
22     app: {{ include "common.name" . }}
23     chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
24     release: {{ .Release.Name }}
25     heritage: {{ .Release.Service }}
26 spec:
27   replicas: {{ .Values.replicaCount }}
28   template:
29     metadata:
30       labels:
31         app: {{ include "common.name" . }}
32         release: {{ .Release.Name }}
33     spec:
34     {{ if .Values.global.installSidecarSecurity }}
35       hostAliases:
36       - ip: {{ .Values.global.aaf.serverIp }}
37         hostnames:
38         - {{ .Values.global.aaf.serverHostname }}
39
40       initContainers:
41         - name: {{ .Values.global.tproxyConfig.name }}
42           image: "{{ include "common.repository" . }}/{{ .Values.global.tproxyConfig.image }}"
43           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
44           securityContext:
45             privileged: true
46     {{ end }}
47       containers:
48         - name: {{ .Chart.Name }}
49           image: "{{ include "common.repository" . }}/{{ .Values.image }}"
50           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
51           ports:
52           - containerPort: {{ .Values.service.internalPort }}
53           # disable liveness probe when breakpoints set in debugger
54           # so K8s doesn't restart unresponsive container
55           {{ if .Values.liveness.enabled }}
56           livenessProbe:
57             tcpSocket:
58               port: {{ .Values.service.internalPort }}
59             initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
60             periodSeconds: {{ .Values.liveness.periodSeconds }}
61           {{ end }}
62           readinessProbe:
63             tcpSocket:
64               port: {{ .Values.service.internalPort }}
65             initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
66             periodSeconds: {{ .Values.readiness.periodSeconds }}
67           env:
68             - name: CONFIG_HOME
69               value: /opt/app/crud-service/config/
70             - name: KEY_STORE_PASSWORD
71               valueFrom:
72                 secretKeyRef:
73                   name: {{ template "common.fullname" . }}-pass
74                   key: KEY_STORE_PASSWORD
75             - name: KEY_MANAGER_PASSWORD
76               valueFrom:
77                 secretKeyRef:
78                   name: {{ template "common.fullname" . }}-pass
79                   key: KEY_MANAGER_PASSWORD
80             - name: SERVICE_BEANS
81               value: /opt/app/crud-service/dynamic/conf
82           volumeMounts:
83           - mountPath: /etc/localtime
84             name: localtime
85             readOnly: true
86           - mountPath: /opt/app/crud-service/config/crud-api.properties
87             subPath: crud-api.properties
88             name: {{ include "common.fullname" . }}-config
89           - mountPath: /opt/app/crud-service/config/schemaIngest.properties
90             subPath: schemaIngest.properties
91             name: {{ include "common.fullname" . }}-config
92           - mountPath: /opt/app/crud-service/config/model/
93             name: {{ include "common.fullname" . }}-model-config
94           - mountPath: /opt/app/crud-service/config/auth
95             name: {{ include "common.fullname" . }}-auth-secret
96           - mountPath: /opt/app/crud-service/dynamic/conf/crud-beans.xml
97             name: {{ include "common.fullname" . }}-config
98             subPath: crud-beans.xml
99           - mountPath: /var/log/onap
100             name: {{ include "common.fullname" . }}-logs
101           - mountPath: /opt/app/crud-api/bundleconfig/etc/logback.xml
102             name: {{ include "common.fullname" . }}-logback-config
103             subPath: logback.xml
104           resources:
105 {{ include "common.resources" . | indent 12 }}
106         {{- if .Values.nodeSelector }}
107         nodeSelector:
108 {{ toYaml .Values.nodeSelector | indent 10 }}
109         {{- end -}}
110         {{- if .Values.affinity }}
111         affinity:
112 {{ toYaml .Values.affinity | indent 10 }}
113         {{- end }}
114
115         - name: filebeat-onap
116           image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}"
117           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
118           volumeMounts:
119           - mountPath: /usr/share/filebeat/filebeat.yml
120             name: filebeat-conf
121             subPath: filebeat.yml
122           - mountPath: /var/log/onap
123             name: {{ include "common.fullname" . }}-logs
124           - mountPath: /usr/share/filebeat/data
125             name: {{ include "common.fullname" . }}-data-filebeat
126
127     {{ if .Values.global.installSidecarSecurity }}
128         - name: {{ .Values.global.rproxy.name }}
129           image: "{{ include "common.repository" . }}/{{ .Values.global.rproxy.image }}"
130           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
131           env:
132           - name: CONFIG_HOME
133             value: "/opt/app/rproxy/config"
134           - name: KEY_STORE_PASSWORD
135             value: {{ .Values.config.keyStorePassword }}
136           - name: spring_profiles_active
137             value: {{ .Values.global.rproxy.activeSpringProfiles }}
138           volumeMounts:
139           - name: {{ include "common.fullname" . }}-rproxy-config
140             mountPath: /opt/app/rproxy/config/forward-proxy.properties
141             subPath: forward-proxy.properties
142           - name: {{ include "common.fullname" . }}-rproxy-config
143             mountPath: /opt/app/rproxy/config/primary-service.properties
144             subPath: primary-service.properties
145           - name: {{ include "common.fullname" . }}-rproxy-config
146             mountPath: /opt/app/rproxy/config/reverse-proxy.properties
147             subPath: reverse-proxy.properties
148           - name: {{ include "common.fullname" . }}-rproxy-config
149             mountPath: /opt/app/rproxy/config/cadi.properties
150             subPath: cadi.properties
151           - name: {{ include "common.fullname" . }}-rproxy-log-config
152             mountPath: /opt/app/rproxy/config/logback-spring.xml
153             subPath: logback-spring.xml
154           - name: {{ include "common.fullname" . }}-rproxy-auth-config
155             mountPath: /opt/app/rproxy/config/auth/tomcat_keystore
156             subPath: tomcat_keystore
157           - name: {{ include "common.fullname" . }}-rproxy-auth-config
158             mountPath: /opt/app/rproxy/config/auth/client-cert.p12
159             subPath: client-cert.p12
160           - name: {{ include "common.fullname" . }}-rproxy-auth-config
161             mountPath: /opt/app/rproxy/config/auth/uri-authorization.json
162             subPath: uri-authorization.json
163           - name: {{ include "common.fullname" . }}-rproxy-auth-config
164             mountPath: /opt/app/rproxy/config/auth/aaf_truststore.jks
165             subPath: aaf_truststore.jks
166           - name: {{ include "common.fullname" . }}-rproxy-security-config
167             mountPath: /opt/app/rproxy/config/security/keyfile
168             subPath: keyfile
169
170           ports:
171           - containerPort: {{ .Values.global.rproxy.port }}
172
173         - name: {{ .Values.global.fproxy.name }}
174           image: "{{ include "common.repository" . }}/{{ .Values.global.fproxy.image }}"
175           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
176           env:
177           - name: CONFIG_HOME
178             value: "/opt/app/fproxy/config"
179           - name: KEY_STORE_PASSWORD
180             value: {{ .Values.config.keyStorePassword }}
181           - name: spring_profiles_active
182             value: {{ .Values.global.fproxy.activeSpringProfiles }}
183           volumeMounts:
184           - name: {{ include "common.fullname" . }}-fproxy-config
185             mountPath: /opt/app/fproxy/config/fproxy.properties
186             subPath: fproxy.properties
187           - name: {{ include "common.fullname" . }}-fproxy-log-config
188             mountPath: /opt/app/fproxy/config/logback-spring.xml
189             subPath: logback-spring.xml
190           - name: {{ include "common.fullname" . }}-fproxy-auth-config
191             mountPath: /opt/app/fproxy/config/auth/tomcat_keystore
192             subPath: tomcat_keystore
193           - name: {{ include "common.fullname" . }}-fproxy-auth-config
194             mountPath: /opt/app/fproxy/config/auth/client-cert.p12
195             subPath: client-cert.p12
196           ports:
197           - containerPort: {{ .Values.global.fproxy.port }}
198     {{ end }}
199
200       volumes:
201         - name: localtime
202           hostPath:
203             path: /etc/localtime
204         - name: {{ include "common.fullname" . }}-data-filebeat
205           emptyDir: {}
206         - name: filebeat-conf
207           configMap:
208             name: {{ include "common.fullname" . }}-filebeat-configmap
209         - name: {{ include "common.fullname" . }}-logs
210           emptyDir: {}
211         - name: {{ include "common.fullname" . }}-auth-secret
212           secret:
213             secretName: {{ include "common.fullname" . }}-auth
214         - name: {{ include "common.fullname" . }}-config
215           configMap:
216             name: {{ include "common.fullname" . }}-configmap
217             items:
218             - key: crud-api.properties
219               path: crud-api.properties
220             - key: schemaIngest.properties
221               path: schemaIngest.properties
222             - key: crud-beans.xml
223               path: crud-beans.xml
224         - name: {{ include "common.fullname" . }}-logback-config
225           configMap:
226             name: {{ include "common.fullname" . }}-log-configmap
227             items:
228             - key: logback.xml
229               path: logback.xml
230         - name: {{ include "common.fullname" . }}-model-config
231           configMap:
232             name: {{ include "common.fullname" . }}-model-configmap
233     {{ if .Values.global.installSidecarSecurity }}
234         - name: {{ include "common.fullname" . }}-rproxy-config
235           configMap:
236             name: {{ include "common.fullname" . }}-rproxy-config
237         - name: {{ include "common.fullname" . }}-rproxy-log-config
238           configMap:
239             name: {{ include "common.fullname" . }}-rproxy-log-config
240         - name: {{ include "common.fullname" . }}-rproxy-auth-config
241           secret:
242             secretName: {{ include "common.fullname" . }}-rproxy-auth-config
243         - name: {{ include "common.fullname" . }}-rproxy-security-config
244           secret:
245             secretName: {{ include "common.fullname" . }}-rproxy-security-config
246         - name: {{ include "common.fullname" . }}-fproxy-config
247           configMap:
248             name: {{ include "common.fullname" . }}-fproxy-config
249         - name: {{ include "common.fullname" . }}-fproxy-log-config
250           configMap:
251             name: {{ include "common.fullname" . }}-fproxy-log-config
252         - name: {{ include "common.fullname" . }}-fproxy-auth-config
253           secret:
254             secretName: {{ include "common.fullname" . }}-fproxy-auth-config
255     {{ end }}
256
257       imagePullSecrets:
258       - name: "{{ include "common.namespace" . }}-docker-registry-key"
Introduces the ONAP Platform OOM (ONAP Operations Manager) to efficiently Deploy, Manage, Operate the ONAP platform and its components (e.g. MSO, DCAE, SDC, etc.) and infrastructure (VMs, Containers).