X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=kubernetes%2Faai%2Fcharts%2Faai-elasticsearch%2Ftemplates%2Fdeployment.yaml;h=785693a9ba70519965f83e7f329636d2db5153b6;hb=5c2fe5c4f4e6ee6cd987a154d68697211623fdb7;hp=acb059985d8f6e217ad157d56ada07a95404d5b2;hpb=13d32689eec17049431e21ff62be3f4d7f0975bb;p=oom.git

diff --git a/kubernetes/aai/charts/aai-elasticsearch/templates/deployment.yaml b/kubernetes/aai/charts/aai-elasticsearch/templates/deployment.yaml
index acb059985d..785693a9ba 100644
--- a/kubernetes/aai/charts/aai-elasticsearch/templates/deployment.yaml
+++ b/kubernetes/aai/charts/aai-elasticsearch/templates/deployment.yaml
@@ -34,14 +34,17 @@ spec:
         release: {{ .Release.Name }}
       name: {{ include "common.name" . }}
     spec:
+      hostname: {{ include "common.name" . }}
       initContainers:
       - command:
         - /bin/sh
         - -c
         - |
-          mkdir -p /logroot/elasticsearch/es-data
-          chmod -R 777 /logroot/elasticsearch/es-data
-          chown -R root:root /logroot
+          sysctl -w vm.max_map_count=262144
+          mkdir -p /logroot/elasticsearch/logs
+          mkdir -p /logroot/elasticsearch/data
+          chmod -R 777 /logroot/elasticsearch
+          chown -R 1000:1000 /logroot
         env:
         - name: NAMESPACE
           valueFrom:
@@ -51,18 +54,18 @@ spec:
         securityContext:
           privileged: true
         image: {{ .Values.global.dockerhubRepository | default .Values.dockerhubRepository }}/{{ .Values.global.busyboxImage | default .Values.busyboxImage }}
-        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+        imagePullPolicy: {{ .Values.pullPolicy | default .Values.global.pullPolicy }}
         name: init-sysctl
         volumeMounts:
         - name: elasticsearch-data
           mountPath: /logroot/
-      hostname: {{ include "common.name" . }}
       containers:
       - name: {{ include "common.name" . }}
-        image: {{ .Values.global.dockerhubRepository | default .Values.dockerhubRepository }}/{{ .Values.image }}
-        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+        image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+        imagePullPolicy: {{ .Values.pullPolicy | default .Values.global.pullPolicy }}
         ports:
         - containerPort: {{ .Values.service.internalPort }}
+        - containerPort: {{ .Values.service.internalPort2 }}
         # disable liveness probe when breakpoints set in debugger
         # so K8s doesn't restart unresponsive container
         {{- if eq .Values.liveness.enabled true }}
@@ -84,10 +87,29 @@ spec:
           - name: elasticsearch-config
             subPath: elasticsearch.yml
             mountPath: /usr/share/elasticsearch/config/elasticsearch.yml
+          - name: elasticsearch-config
+            subPath: jvm.options
+            mountPath: /usr/share/elasticsearch/config/jvm.options
+          - name: elasticsearch-config
+            subPath: log4j2.properties
+            mountPath: /usr/share/elasticsearch/config/log4j2.properties
+          - name: searchguard-scripts
+            subPath: run.sh
+            mountPath: /usr/share/elasticsearch/bin/run.sh
+          - name: searchguard-scripts
+            subPath: wait_until_started.sh
+            mountPath: /usr/share/elasticsearch/bin/wait_until_started.sh
+          - name: searchguard-scripts
+            subPath: init_sg.sh
+            mountPath: /usr/share/elasticsearch/bin/init_sg.sh
+          - name: searchguard-config
+            mountPath: /usr/share/elasticsearch/config/sg
+          - name: searchguard-auth-config
+            mountPath: /usr/share/elasticsearch/config/sg/auth
           - name: elasticsearch-data
             mountPath: /usr/share/elasticsearch/data
         resources:
-{{ toYaml .Values.resources | indent 10 }}
+{{ include "common.resources" . | indent 12 }}
       {{- if .Values.nodeSelector }}
       nodeSelector:
 {{ toYaml .Values.nodeSelector | indent 8 }}
@@ -103,9 +125,20 @@ spec:
           path: /etc/localtime
       - name: elasticsearch-config
         configMap:
-          name: {{ include "common.fullname" . }}
+          name: {{ include "common.fullname" . }}-es-config
+      - name: searchguard-scripts
+        configMap:
+          name: {{ include "common.fullname" . }}-sg-scripts
+          defaultMode: 0754
+      - name: searchguard-config
+        configMap:
+          name: {{ include "common.fullname" . }}-sg-config
+      - name: searchguard-auth-config
+        secret:
+          secretName: {{ include "common.fullname" . }}-sg-auth
       - name: elasticsearch-data
         hostPath:
           path: {{ .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
+      restartPolicy: {{ .Values.restartPolicy }}
       imagePullSecrets:
       - name: "{{ include "common.namespace" . }}-docker-registry-key"