+{{/*
# Copyright © 2018 AT&T USA
#
# Licensed under the Apache License, Version 2.0 (the "License");
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-apiVersion: extensions/v1beta1
+*/}}
+apiVersion: apps/v1
kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.fullname" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
+metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
spec:
- replicas: {{ index .Values.replicaCount }}
+ selector: {{- include "common.selectors" . | nindent 4 }}
+ replicas: {{ .Values.replicaCount }}
minReadySeconds: {{ index .Values.minReadySeconds }}
strategy:
type: {{ index .Values.updateStrategy.type }}
maxUnavailable: {{ index .Values.updateStrategy.maxUnavailable }}
maxSurge: {{ index .Values.updateStrategy.maxSurge }}
template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
+ metadata: {{- include "common.templateMetadata" . | nindent 6 }}
spec:
initContainers:
- - command:
- - /root/job_complete.py
- args:
- - --job-name
- - {{ include "common.release" . }}-so-mariadb-config-job
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-readiness
+ {{ include "common.readinessCheck.waitFor" . | indent 6 | trim }}
containers:
- name: {{ include "common.name" . }}
- image: {{ include "common.repository" . }}/{{ .Values.image }}
- resources:
-{{ include "common.resources" . | indent 12 }}
+ image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
+ resources: {{ include "common.resources" . | nindent 10 }}
env:
- name: DB_HOST
- valueFrom:
- secretKeyRef:
- name: {{ include "common.release" . }}-so-db-secrets
- key: mariadb.readwrite.host
+ value: {{ include "common.mariadbService" . }}
- name: DB_PORT
- valueFrom:
- secretKeyRef:
- name: {{ include "common.release" . }}-so-db-secrets
- key: mariadb.readwrite.port
+ value: {{ include "common.mariadbPort" . | quote }}
- name: DB_USERNAME
- valueFrom:
- secretKeyRef:
- name: {{ include "common.release" . }}-so-db-secrets
- key: mariadb.readwrite.rolename
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-user-creds" "key" "login") | indent 10 }}
- name: DB_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ include "common.release" . }}-so-db-secrets
- key: mariadb.readwrite.password
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-user-creds" "key" "password") | indent 10 }}
- name: DB_ADMIN_USERNAME
- valueFrom:
- secretKeyRef:
- name: {{ include "common.release" . }}-so-db-secrets
- key: mariadb.admin.rolename
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-admin-creds" "key" "login") | indent 10 }}
- name: DB_ADMIN_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ include "common.release" . }}-so-db-secrets
- key: mariadb.admin.password
- {{- if eq .Values.global.security.aaf.enabled true }}
- - name: TRUSTSTORE
- value: /app/org.onap.so.trust.jks
- - name: TRUSTSTORE_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ .Release.Name}}-so-client-certs-secret
- key: trustStorePassword
- - name: KEYSTORE
- value: /app/org.onap.so.jks
- - name: KEYSTORE_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ .Release.Name}}-so-client-certs-secret
- key: keyStorePassword
- {{- end }}
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-admin-creds" "key" "password") | indent 10 }}
envFrom:
- configMapRef:
name: {{ include "common.fullname" . }}-configmap
mountPath: /app/config
readOnly: true
- name: {{ include "common.fullname" . }}-logs
- mountPath: /var/log/onap
-{{ include "helpers.livenessProbe" .| indent 8 }}
- ports:
- - containerPort: {{ index .Values.containerPort }}
- name: {{ .Values.service.portName }}
- protocol: TCP
+ mountPath: {{ .Values.log.path }}
+{{ include "so.helpers.livenessProbe" .| indent 8 }}
+ ports: {{ include "common.containerPorts" . | nindent 10 }}
# Filebeat sidecar container
- - name: {{ include "common.name" . }}-filebeat-onap
- image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- volumeMounts:
- - name: {{ include "common.fullname" . }}-filebeat-conf
- mountPath: /usr/share/filebeat/filebeat.yml
- subPath: filebeat.yml
- - name: {{ include "common.fullname" . }}-data-filebeat
- mountPath: /usr/share/filebeat/data
- - name: logs
- mountPath: /var/log/onap/so
- - name: {{ include "common.fullname" . }}-logs
- mountPath: /var/log/onap
+ {{ include "common.log.sidecar" . | nindent 6 }}
+ serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes:
- name: logs
emptyDir: {}
- name: config
configMap:
- name: {{ include "common.fullname" . }}-app-configmap
+ name: {{ include "common.fullname" . }}-app-configmap
- name: {{ include "common.fullname" . }}-log-conf
configMap:
name: {{ include "common.fullname" . }}-log
- - name: {{ include "common.fullname" . }}-filebeat-conf
- configMap:
- name: {{ .Release.Name }}-so-filebeat-configmap
- - name: {{ include "common.fullname" . }}-data-filebeat
- emptyDir: {}
+ {{ include "common.log.volumes" . | nindent 6 }}
- name: {{ include "common.fullname" . }}-logs
emptyDir: {}
imagePullSecrets:
Code Review / oom.git / blobdiff