Merge "[DCAEGEN2-SERVICES] Update chart with service account"

[oom.git] / kubernetes / aai / components / aai-graphadmin / templates / deployment.yaml
diff --git a/kubernetes/aai/components/aai-graphadmin/templates/deployment.yaml b/kubernetes/aai/components/aai-graphadmin/templates/deployment.yaml

index a43e984..6102900 100644 (file)
--- a/kubernetes/aai/components/aai-graphadmin/templates/deployment.yaml
+++ b/kubernetes/aai/components/aai-graphadmin/templates/deployment.yaml
@@ -1,9 +1,11 @@
+{{/*
  #
  # ============LICENSE_START=======================================================
  # org.onap.aai
  # ================================================================================
  # Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
  # Copyright (c) 2020 Nokia Intellectual Property. All rights reserved.
+# Copyright (c) 2020 Orange Intellectual Property. All rights reserved.
  # ================================================================================
  # Licensed under the Apache License, Version 2.0 (the "License");
  # you may not use this file except in compliance with the License.
@@ -17,6 +19,7 @@
  # See the License for the specific language governing permissions and
  # limitations under the License.
  # ============LICENSE_END=========================================================
+*/}}
  apiVersion: apps/v1
  kind: Deployment
  metadata:
@@ -29,6 +32,12 @@ metadata:
      heritage: {{ .Release.Service }}
  spec:
    replicas: {{ .Values.replicaCount }}
+  minReadySeconds: {{ .Values.minReadySeconds }}
+  strategy:
+    type: {{ .Values.updateStrategy.type }}
+    rollingUpdate:
+      maxUnavailable: {{ .Values.updateStrategy.maxUnavailable }}
+      maxSurge: {{ .Values.updateStrategy.maxSurge }}
    selector:
      matchLabels:
        app: {{ include "common.name" . }}
@@ -42,6 +51,7 @@ spec:
          checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
      spec:
        hostname: aai-graphadmin
+      terminationGracePeriodSeconds: {{ .Values.service.terminationGracePeriodSeconds }}
      {{ if .Values.global.initContainers.enabled }}
        initContainers:
        - command:
@@ -73,19 +83,23 @@ spec:
              fieldRef:
                apiVersion: v1
                fieldPath: metadata.namespace
-        image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}"
+        image: {{ include "repositoryGenerator.image.readiness" . }}
          imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
          name: {{ include "common.name" . }}-readiness
        {{  end  }}
        containers:
        - name: {{ include "common.name" . }}
-        image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+        image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
          imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
          env:
          - name: LOCAL_USER_ID
            value: {{ .Values.global.config.userId | quote }}
          - name: LOCAL_GROUP_ID
            value: {{ .Values.global.config.groupId | quote }}
+        - name: INTERNAL_PORT_1
+          value: {{ .Values.service.internalPort | quote }}
+        - name: INTERNAL_PORT_2
+          value: {{ .Values.service.internalPort2 | quote }}
          volumeMounts:
          - mountPath: /etc/localtime
            name: localtime
@@ -122,6 +136,18 @@ spec:
          ports:
          - containerPort: {{ .Values.service.internalPort }}
          - containerPort: {{ .Values.service.internalPort2 }}
+        lifecycle:
+          # wait for active requests (long-running tasks) to be finished
+          # Before the SIGTERM is invoked, Kubernetes exposes a preStop hook in the Pod.
+          preStop:
+            exec:
+              command:
+                - sh
+                - -c
+                - |
+                  while (netstat -an | grep ESTABLISHED | grep -e $INTERNAL_PORT_1 -e $INTERNAL_PORT_2)
+                  do sleep 10
+                  done
          # disable liveness probe when breakpoints set in debugger
          # so K8s doesn't restart unresponsive container
          {{ if .Values.liveness.enabled }}
@@ -149,7 +175,7 @@ spec:
  
        # side car containers
        - name: filebeat-onap
-        image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}"
+        image: {{ include "repositoryGenerator.image.logging" . }}
          imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
          volumeMounts:
          - mountPath: /usr/share/filebeat/filebeat.yml
@@ -159,7 +185,7 @@ spec:
            name: {{ include "common.fullname" . }}-logs
          - mountPath: /usr/share/filebeat/data
            name: {{ include "common.fullname" . }}-filebeat
-
+      serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
        volumes:
        - name: localtime
          hostPath:
@@ -173,15 +199,15 @@ spec:
          emptyDir: {}
        - name: {{ include "common.fullname" . }}-config
          configMap:
-         name: {{ include "common.fullname" . }}-configmap
+          name: {{ include "common.fullname" . }}-configmap
        - name: {{ include "common.fullname" . }}-auth-truststore-sec
          secret:
-         secretName: aai-common-truststore
-         items:
-          {{ range $job := .Values.global.config.auth.files }}
-           - key: {{ . }}
-             path: {{ . }}
-          {{ end }}
+          secretName: aai-common-truststore
+          items:
+            {{ range $job := .Values.global.config.auth.files }}
+            - key: {{ . }}
+              path: {{ . }}
+            {{ end }}
        restartPolicy: {{ .Values.restartPolicy }}
        imagePullSecrets:
-      - name: "{{ include "common.namespace" . }}-docker-registry-key"
+      - name: {{ include "common.namespace" . }}-docker-registry-key