{{/*
# Copyright © 2020 Samsung Electronics
# Copyright © 2017 Amdocs, Bell Canada
+# Copyright © 2021 Nokia
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
kind: StatefulSet
metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
spec:
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
- serviceName: {{ include "common.servicename" . }}-cluster
- replicas: {{ .Values.replicaCount }}
selector: {{- include "common.selectors" . | nindent 4 }}
+ serviceName: {{ include "common.servicename" . }}-cluster
podManagementPolicy: Parallel
+ replicas: {{ .Values.replicaCount }}
template:
metadata: {{- include "common.templateMetadata" . | nindent 6 }}
spec:
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "aai-user-creds" "key" "login") | indent 10 }}
- name: AAI_CLIENT_PASSWORD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "aai-user-creds" "key" "password") | indent 10 }}
+ - name: AAI_TRUSTSTORE_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "aai-truststore-password" "key" "password") | indent 10 }}
+ - name: ANSIBLE_TRUSTSTORE_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "ansible-truststore-password" "key" "password") | indent 10 }}
+ - name: SO_USER
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "so-user-creds" "key" "login") | indent 10 }}
+ - name: SO_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "so-user-creds" "key" "password") | indent 10 }}
+ - name: NENG_USER
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "neng-user-creds" "key" "login") | indent 10 }}
+ - name: NENG_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "neng-user-creds" "key" "password") | indent 10 }}
+ - name: CDS_USER
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cds-user-creds" "key" "login") | indent 10 }}
+ - name: CDS_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cds-user-creds" "key" "password") | indent 10 }}
+ - name: HONEYCOMB_USER
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "honeycomb-user-creds" "key" "login") | indent 10 }}
+ - name: HONEYCOMB_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "honeycomb-user-creds" "key" "password") | indent 10 }}
+ - name: TRUSTSTORE_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "truststore-password" "key" "password") | indent 10 }}
+ - name: KEYSTORE_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "keystore-password" "key" "password") | indent 10 }}
+ - name: DMAAP_USER
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmaap-user-creds" "key" "login") | indent 10 }}
+ - name: DMAAP_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmaap-user-creds" "key" "password") | indent 10 }}
+ - name: DMAAP_AUTHKEY
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmaap-authkey" "key" "password") | indent 10 }}
- name: MODELSERVICE_USER
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "modeling-user-creds" "key" "login") | indent 10 }}
- name: MODELSERVICE_PASSWORD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 10 }}
- name: SDNC_DB_PASSWORD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 10 }}
+ - name: MYSQL_USER
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 10 }}
+ - name: MYSQL_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 10 }}
- name: ODL_ADMIN_USERNAME
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "login") | indent 10 }}
+ - name: ODL_USER
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "login") | indent 10 }}
- name: ODL_ADMIN_PASSWORD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "password") | indent 10 }}
-
+ - name: ODL_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "password") | indent 10 }}
+ {{ if .Values.config.sdnr.oauth.enabled }}
+ - name: OAUTH_TOKEN_SECRET
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "oauth-token-secret" "key" "password") | indent 10 }}
+ - name: KEYCLOAK_SECRET
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "keycloak-secret" "key" "password") | indent 10 }}
+ - name: ENABLE_ODLUX_RBAC
+ value: "{{ .Values.config.sdnr.oauth.odluxRbac.enabled | default "true" }}"
+ {{ end }}
+ - name: SDNR_KAFKA_ENABLED
+ value: "{{ .Values.config.sdnr.kafka.enabled | default "false" }}"
+ {{ if .Values.config.sdnr.kafka.enabled }}
+ - name: SDNR_KAFKA_BOOTSTRAP_SERVERS
+ value: "{{ .Values.config.sdnr.kafka.bootstrapServers | default (include "common.release" .) }}-strimzi-kafka-bootstrap.{{.Release.Namespace}}:9092"
+ - name: SDNR_KAFKA_SECURITY_PROTOCOL
+ value: "{{ .Values.config.sdnr.kafka.securityProtocol | default "SASL_PLAINTEXT" }}"
+ - name: SDNR_KAFKA_SASL_MECHANISM
+ value: "{{ .Values.config.sdnr.kafka.saslMechanism | default "SCRAM-SHA-512" }}"
+ - name: SDNR_KAFKA_SASL_JASS_CONFIG
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "common.name" . }}-ku
+ key: sasl.jaas.config
+ {{ end }}
volumeMounts:
- mountPath: /config-input
name: config-input
- mountPath: /config
name: properties
- image: "{{ .Values.global.envsubstImage }}"
+ image: {{ include "repositoryGenerator.image.envsubst" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
name: {{ include "common.name" . }}-update-config
- {{ if .Values.dgbuilder.enabled -}}
+ {{ if or .Values.dgbuilder.enabled .Values.config.sdnr.enabled -}}
- command:
- /app/ready.py
args:
- {{ if or .Values.dgbuilder.enabled .Values.config.sdnr.enabled -}}
- - --container-name
+ {{ if .Values.dgbuilder.enabled -}}
+ - --service-name
- {{ include "common.mariadbService" . }}
+ - --job-name
+ - {{ include "common.fullname" . }}-dbinit-job
{{ end -}}
{{ if .Values.config.sdnr.enabled -}}
- - --container-name
- - {{ include "common.name" . }}-sdnrdb-init-job
+ - --job-name
+ - {{ include "common.fullname" . }}-sdnrdb-init-job
{{ end -}}
env:
- name: NAMESPACE
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
- image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}"
+ image: {{ include "repositoryGenerator.image.readiness" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
name: {{ include "common.name" . }}-readiness
- {{ end -}}
-{{ include "common.certInitializer.initContainer" . | indent 6 }}
-
- {{ if .Values.global.cmpv2Enabled }}
- - name: certs-init
- image: "{{ .Values.global.repository }}/{{ .Values.global.platform.certServiceClient.image }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- env:
- - name: REQUEST_URL
- value: {{ .Values.global.platform.certServiceClient.envVariables.requestURL }}
- - name: REQUEST_TIMEOUT
- value: "30000"
- - name: OUTPUT_PATH
- value: {{ .Values.global.platform.certServiceClient.envVariables.cert_path }}
- - name: CA_NAME
- value: {{ .Values.global.platform.certServiceClient.envVariables.caName }}
- - name: COMMON_NAME
- value: {{ .Values.global.platform.certServiceClient.envVariables.common_name }}
- - name: ORGANIZATION
- value: {{ .Values.global.platform.certServiceClient.envVariables.cmpv2Organization }}
- - name: ORGANIZATION_UNIT
- value: {{ .Values.global.platform.certServiceClient.envVariables.cmpv2OrganizationalUnit }}
- - name: LOCATION
- value: {{ .Values.global.platform.certServiceClient.envVariables.cmpv2Location }}
- - name: STATE
- value: {{ .Values.global.platform.certServiceClient.envVariables.cmpv2State }}
- - name: COUNTRY
- value: {{ .Values.global.platform.certServiceClient.envVariables.cmpv2Country }}
- - name: KEYSTORE_PATH
- value: {{ .Values.global.platform.certServiceClient.envVariables.keystorePath }}
- - name: KEYSTORE_PASSWORD
- value: {{ .Values.global.platform.certServiceClient.envVariables.keystorePassword }}
- - name: TRUSTSTORE_PATH
- value: {{ .Values.global.platform.certServiceClient.envVariables.truststorePath }}
- - name: TRUSTSTORE_PASSWORD
- value: {{ .Values.global.platform.certServiceClient.envVariables.truststorePassword }}
- terminationMessagePath: /dev/termination-log
- terminationMessagePolicy: File
- volumeMounts:
- - mountPath: {{ .Values.global.platform.certServiceClient.envVariables.cert_path }}
- name: certs
- - mountPath: {{ .Values.global.platform.certServiceClient.secret.mountPath }}
- name: certservice-tls-volume
- {{ end }}
-
+ resources:
+ limits:
+ cpu: "100m"
+ memory: "500Mi"
+ requests:
+ cpu: "3m"
+ memory: "20Mi"
+ {{ end }}
- name: {{ include "common.name" . }}-chown
- image: {{ .Values.global.busyboxRepository | default .Values.busyboxRepository }}/{{ .Values.global.busyboxImage | default .Values.busyboxImage }}
+ image: {{ include "repositoryGenerator.image.busybox" . }}
command:
- sh
args:
- -c
- - chown -R {{ .Values.config.odlUid }}:{{ .Values.config.odlGid}} {{ .Values.persistence.mdsalPath }}
-{{- if .Values.global.aafEnabled }}
- - chown -R {{ .Values.config.odlUid }}:{{ .Values.config.odlGid}} {{ .Values.certInitializer.credsPath }}
-{{- end }}
+ - |
+ mkdir {{ .Values.persistence.mdsalPath }}/journal
+ mkdir {{ .Values.persistence.mdsalPath }}/snapshots
+ mkdir {{ .Values.persistence.mdsalPath }}/daexim
+ chown -R {{ .Values.config.odlUid }}:{{ .Values.config.odlGid}} {{ .Values.persistence.mdsalPath }}
volumeMounts:
-{{ include "common.certInitializer.volumeMount" . | indent 10 }}
- mountPath: {{ .Values.persistence.mdsalPath }}
name: {{ include "common.fullname" . }}-data
containers:
- name: {{ include "common.name" . }}
- image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ {{- if .Values.global.cmpv2Enabled }}
+ {{- $linkCommand := include "common.certManager.linkVolumeMounts" . }}
+ lifecycle:
+ postStart:
+ exec:
+ command: ["sh", "-c", {{$linkCommand | quote}} ]
+ {{- end }}
command: ["/bin/bash"]
- args: ["-c", "/opt/onap/sdnc/bin/startODL.sh"]
+ args: ["-c", "/opt/onap/sdnc/bin/createLinks.sh ; /opt/onap/sdnc/bin/startODL.sh"]
ports:
- containerPort: {{ .Values.service.internalPort }}
- containerPort: {{ .Values.service.internalPort2 }}
- containerPort: {{ .Values.service.internalPort3 }}
- containerPort: {{ .Values.service.clusterPort }}
+ {{- if .Values.config.sdnr.netconfCallHome.enabled }}
+ - containerPort: {{ .Values.service.callHomePort }}
+ {{- end }}
readinessProbe:
tcpSocket:
port: {{ .Values.service.internalPort }}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
env:
+ {{ if and .Values.config.sdnr.enabled .Values.config.sdnr.sdnronly -}}
- name: MYSQL_ROOT_PASSWORD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-root-password" "key" "password") | indent 12 }}
+ {{ end -}}
- name: ODL_ADMIN_USERNAME
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "login") | indent 12 }}
+ - name: ODL_USER
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "login") | indent 12 }}
- name: ODL_ADMIN_PASSWORD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "password") | indent 12 }}
+ - name: ODL_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "password") | indent 12 }}
- name: SDNC_DB_USER
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 12 }}
- name: SDNC_DB_PASSWORD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 12 }}
+ - name: MYSQL_USER
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 12 }}
+ - name: MYSQL_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 12 }}
+ - name: MYSQL_DATABASE
+ value: "{{ .Values.config.dbSdnctlDatabase }}"
- name: SDNC_CONFIG_DIR
value: "{{ .Values.config.configDir }}"
+ - name: AAI_CLIENT_NAME
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "aai-user-creds" "key" "login") | indent 12 }}
+ - name: AAI_CLIENT_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "aai-user-creds" "key" "password") | indent 12 }}
+ - name: AAI_TRUSTSTORE_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "aai-truststore-password" "key" "password") | indent 12 }}
+ - name: ANSIBLE_TRUSTSTORE_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "ansible-truststore-password" "key" "password") | indent 12 }}
+ - name: SO_USER
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "so-user-creds" "key" "login") | indent 12 }}
+ - name: SO_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "so-user-creds" "key" "password") | indent 12 }}
+ - name: NENG_USER
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "neng-user-creds" "key" "login") | indent 12 }}
+ - name: NENG_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "neng-user-creds" "key" "password") | indent 12 }}
+ - name: CDS_USER
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cds-user-creds" "key" "login") | indent 12 }}
+ - name: CDS_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cds-user-creds" "key" "password") | indent 12 }}
+ - name: HONEYCOMB_USER
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "honeycomb-user-creds" "key" "login") | indent 12 }}
+ - name: HONEYCOMB_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "honeycomb-user-creds" "key" "password") | indent 12 }}
+ - name: TRUSTSTORE_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "truststore-password" "key" "password") | indent 12 }}
+ - name: KEYSTORE_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "keystore-password" "key" "password") | indent 12 }}
+ - name: DMAAP_USER
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmaap-user-creds" "key" "login") | indent 12 }}
+ - name: DMAAP_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmaap-user-creds" "key" "password") | indent 12 }}
+ - name: DMAAP_AUTHKEY
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmaap-authkey" "key" "password") | indent 12 }}
- name: ENABLE_ODL_CLUSTER
value: "{{ .Values.config.enableClustering }}"
- name: MY_ODL_CLUSTER
- name: GEO_ENABLED
value: "{{ .Values.config.geoEnabled}}"
- name: SDNC_AAF_ENABLED
- value: "{{ .Values.global.aafEnabled}}"
+ value: "false"
- name: SDNC_REPLICAS
value: "{{ .Values.replicaCount }}"
- name: MYSQL_HOST
value: {{ include "common.mariadbService" . }}
+ - name: MDSAL_PATH
+ value: {{ .Values.persistence.mdsalPath }}
+ - name: DAEXIM_PATH
+ value: {{ .Values.persistence.daeximPath }}
+ - name: JOURNAL_PATH
+ value: {{ .Values.persistence.journalPath }}
+ - name: SNAPSHOTS_PATH
+ value: {{ .Values.persistence.snapshotsPath }}
- name: JAVA_HOME
value: "{{ .Values.config.javaHome}}"
- name: JAVA_OPTS
value: "-Xms{{.Values.config.odl.javaOptions.minMemory}} -Xmx{{.Values.config.odl.javaOptions.maxMemory}}"
+ - name: LOG4J_FORMAT_MSG_NO_LOOKUPS
+ value: "true"
- name: KARAF_CONSOLE_LOG_LEVEL
value: "{{ include "common.log.level" . }}"
- name: SDNRWT
{{- end }}
- name: SDNRONLY
value: "{{ .Values.config.sdnr.sdnronly | default "false" }}"
+ {{- if .Values.config.sdnr.mariadb.enabled }}
+ - name: SDNRCONTROLLERID
+ value: {{ uuidv4 }}
+ - name: SDNRDBTYPE
+ value: MARIADB
- name: SDNRDBURL
- {{- $prefix := ternary "https" "http" .Values.global.aafEnabled}}
- value: "{{$prefix}}://{{ .Values.elasticsearch.service.name | default "sdnrdb"}}.{{.Release.Namespace}}:{{.Values.elasticsearch.service.port | default "9200"}}"
+ value: "jdbc:mysql://{{ include "common.mariadbService" . }}:3306/{{ .Values.config.sdnr.mariadb.databaseName}}"
+ - name: SDNR_DB_DATABASE
+ value: {{ .Values.config.sdnr.mariadb.databaseName }}
+ - name: SDNRDBUSERNAME
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "sdnrdb-secret" "key" "login") | indent 12 }}
+ - name: SDNRDBPASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "sdnrdb-secret" "key" "password") | indent 12 }}
+ - name: SDNR_ASYNC_HANDLING
+ value: {{ .Values.config.sdnr.mariadb.asyncHandling | default "false" | quote }}
+ - name: SDNR_ASYNC_POOLSIZE
+ value: {{ .Values.config.sdnr.mariadb.asyncPoolSize | default 200 | quote }}
+ {{- else }}
+ - name: SDNRDBURL
+ value: "http://{{ .Values.elasticsearch.service.name | default "sdnrdb"}}.{{.Release.Namespace}}:{{.Values.elasticsearch.service.port | default "9200"}}"
{{- if .Values.config.sdnr.sdnrdbTrustAllCerts }}
- name: SDNRDBTRUSTALLCERTS
value: "true"
+ {{- end }}
+ {{- end }}
+ {{- if .Values.global.cmpv2Enabled }}
+ - name: ODL_CERT_DIR
+ value: {{ (mustFirst (.Values.certificates)).mountPath }}
+ {{- end }}
+ - name: ENABLE_OAUTH
+ value: "{{ .Values.config.sdnr.oauth.enabled | default "false" }}"
+ - name: SDNR_NETCONF_CALLHOME_ENABLED
+ value: "{{ .Values.config.sdnr.netconfCallHome.enabled | default "false" }}"
+ - name: SDNR_VES_COLLECTOR_ENABLED
+ value: "{{ .Values.config.sdnr.vesCollector.enabled }}"
+ - name: SDNR_VES_COLLECTOR_TLS_ENABLED
+ value: "{{ .Values.config.sdnr.vesCollector.tls.enabled }}"
+ - name: SDNR_VES_COLLECTOR_TRUST_ALL_CERTS
+ value: "{{ .Values.config.sdnr.vesCollector.trustAllCertificates }}"
+ - name: SDNR_VES_COLLECTOR_IP
+ value: "{{ .Values.config.sdnr.vesCollector.address }}"
+ - name: SDNR_VES_COLLECTOR_PORT
+ value: "{{ .Values.config.sdnr.vesCollector.port }}"
+ - name: SDNR_VES_COLLECTOR_VERSION
+ value: "{{ .Values.config.sdnr.vesCollector.version | default "v7" }}"
+ - name: SDNR_VES_COLLECTOR_REPORTING_ENTITY_NAME
+ value: "{{ .Values.config.sdnr.vesCollector.reportingEntityName | default "ONAP SDN-R" }}"
+ - name: SDNR_VES_COLLECTOR_EVENTLOG_MSG_DETAIL
+ value: "{{ .Values.config.sdnr.vesCollector.eventLogMsgDetail | default "SHORT" }}"
+ - name: SDNR_VES_COLLECTOR_USERNAME
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "ves-collector-secret" "key" "login") | indent 12 }}
+ - name: SDNR_VES_COLLECTOR_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "ves-collector-secret" "key" "password") | indent 12 }}
+ - name: SDNR_WEBSOCKET_PORT
+ value: "{{ .Values.sdnrWebsocketPort | default "8182"}}"
+ - name: SDNR_KAFKA_ENABLED
+ value: "{{ .Values.config.sdnr.kafka.enabled | default "false" }}"
+ {{ if .Values.config.sdnr.kafka.enabled }}
+ - name: SDNR_KAFKA_BOOTSTRAP_SERVERS
+ value: "{{ .Values.config.sdnr.kafka.bootstrapServers | default (include "common.release" .) }}-strimzi-kafka-bootstrap.{{.Release.Namespace}}:9092"
+ - name: SDNR_KAFKA_SECURITY_PROTOCOL
+ value: "{{ .Values.config.sdnr.kafka.securityProtocol | default "PLAINTEXT" }}"
+ - name: SDNR_KAFKA_SASL_MECHANISM
+ value: "{{ .Values.config.sdnr.kafka.saslMechanism | default "PLAIN" }}"
+ - name: SDNR_KAFKA_SASL_JASS_CONFIG
+ value: "{{ .Values.config.sdnr.kafka.saslJassConfig | default "PLAIN" }}"
{{ end }}
+
volumeMounts:
-{{ include "common.certInitializer.volumeMount" . | indent 10 }}
- - mountPath: /etc/localtime
- name: localtime
- readOnly: true
+{{- if .Values.global.cmpv2Enabled }}
+{{ include "common.certManager.volumeMounts" . | indent 10 }}
+{{- end }}
- mountPath: /opt/opendaylight/current/etc/org.ops4j.pax.logging.cfg
name: sdnc-logging-cfg-config
subPath: org.ops4j.pax.logging.cfg
- mountPath: {{ .Values.config.binDir }}/installSdncDb.sh
name: bin
subPath: installSdncDb.sh
+ - mountPath: {{ .Values.config.binDir }}/createLinks.sh
+ name: bin
+ subPath: createLinks.sh
- mountPath: {{ .Values.config.ccsdkConfigDir }}/aaiclient.properties
name: properties
subPath: aaiclient.properties
subPath: blueprints-processor-adaptor.properties
- mountPath: {{ .Values.persistence.mdsalPath }}
name: {{ include "common.fullname" . }}-data
- - mountPath: /var/log/onap
+ - mountPath: {{ .Values.log.path }}
name: logs
- mountPath: {{ .Values.config.odl.salConfigDir }}/{{ .Values.config.odl.salConfigVersion}}/sal-clustering-config-{{ .Values.config.odl.salConfigVersion}}-akkaconf.xml
name: properties
- mountPath: {{ .Values.config.odl.etcDir }}/org.opendaylight.controller.cluster.datastore.cfg
name: properties
subPath: org.opendaylight.controller.cluster.datastore.cfg
+ - mountPath: {{ .Values.config.odl.etcDir }}/org.opendaylight.aaa.filterchain.cfg
+ name: properties
+ subPath: org.opendaylight.aaa.filterchain.cfg
- mountPath: {{ .Values.config.odl.binDir }}/setenv
name: properties
subPath: setenv
- mountPath: {{ .Values.config.odl.etcDir }}/mountpoint-state-provider.properties
name: properties
subPath: mountpoint-state-provider.properties
- {{ if .Values.global.cmpv2Enabled }}
- - mountPath: {{ .Values.global.platform.certServiceClient.envVariables.cert_path }}
- name: certs
- {{- end }}
- resources:
-{{ include "common.resources" . | indent 12 }}
- {{- if .Values.nodeSelector }}
- nodeSelector:
-{{ toYaml .Values.nodeSelector | indent 10 }}
- {{- end -}}
- {{- if .Values.affinity }}
- affinity:
-{{ toYaml .Values.affinity | indent 10 }}
- {{- end }}
-
+ - mountPath: {{ .Values.config.odl.etcDir }}/org.opendaylight.daexim.cfg
+ name: properties
+ subPath: org.opendaylight.daexim.cfg
+ {{- if .Values.config.sdnr.oauth.enabled }}
+ - mountPath: {{ .Values.config.odl.etcDir }}/oauth-provider.config.json
+ name: properties
+ subPath: oauth-provider.config.json
+ {{ end }}
+ resources: {{ include "common.resources" . | nindent 12 }}
# side car containers
- - name: filebeat-onap
- image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- volumeMounts:
- - mountPath: /usr/share/filebeat/filebeat.yml
- name: filebeat-conf
- subPath: filebeat.yml
- - mountPath: /var/log/onap
- name: logs
- - mountPath: /usr/share/filebeat/data
- name: data-filebeat
- imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
+ {{ include "common.log.sidecar" . | nindent 8 }}
+ {{- if .Values.nodeSelector }}
+ nodeSelector: {{ toYaml .Values.nodeSelector | nindent 8 }}
+ {{- end }}
+ {{- if .Values.affinity }}
+ affinity: {{ toYaml .Values.affinity | nindent 8 }}
+ {{- end }}
+ {{- include "common.imagePullSecrets" . | nindent 6 }}
+ serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes:
- - name: localtime
- hostPath:
- path: /etc/localtime
- name: logs
emptyDir: {}
- - name: data-filebeat
- emptyDir: {}
- - name: filebeat-conf
- configMap:
- name: {{ include "common.fullname" . }}-filebeat-configmap
+ {{ include "common.log.volumes" . | nindent 8 }}
- name: sdnc-logging-cfg-config
configMap:
name: {{ include "common.fullname" . }}-log-configmap
- name: properties
emptyDir:
medium: Memory
- {{ if .Values.global.cmpv2Enabled }}
- - name: certs
- emptyDir:
- medium: Memory
- - name: certservice-tls-volume
- secret:
- secretName: {{ .Values.global.platform.certServiceClient.secret.name }}
- {{- end }}
{{ if not .Values.persistence.enabled }}
- name: {{ include "common.fullname" . }}-data
emptyDir: {}
{{ else }}
-{{ include "common.certInitializer.volumes" . | nindent 8 }}
+{{- if .Values.global.cmpv2Enabled }}
+{{ include "common.certManager.volumes" . | nindent 8 }}
+{{- end }}
volumeClaimTemplates:
- metadata:
name: {{ include "common.fullname" . }}-data
Code Review / oom.git / blobdiff