X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=kubernetes%2Faai%2Fcomponents%2Faai-traversal%2Ftemplates%2Fdeployment.yaml;h=3171d4c53409040d4fd2499af80e5a2fb6a5b37e;hb=4753743f0743a6b22f69e718c3cdb4ba8843cea6;hp=ed8cde7a8818a7216e6fe94c3914d5aa4e2dc15d;hpb=8f18b2dfc4f65282a17fa81dcf0c539b4b8b866a;p=oom.git diff --git a/kubernetes/aai/components/aai-traversal/templates/deployment.yaml b/kubernetes/aai/components/aai-traversal/templates/deployment.yaml index ed8cde7a88..3171d4c534 100644 --- a/kubernetes/aai/components/aai-traversal/templates/deployment.yaml +++ b/kubernetes/aai/components/aai-traversal/templates/deployment.yaml @@ -3,6 +3,7 @@ # Modifications Copyright (c) 2018 AT&T # Modifications Copyright (c) 2020 Nokia, Orange # Modifications Copyright (c) 2021 Orange +# Modifications Copyright © 2023 Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -24,6 +25,12 @@ metadata: namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} + app.kubernetes.io/name: {{ include "common.name" . }} + {{- if .Chart.AppVersion }} + version: "{{ .Chart.AppVersion | replace "+" "_" }}" + {{- else }} + version: "{{ .Chart.Version | replace "+" "_" }}" + {{- end }} chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} release: {{ include "common.release" . }} heritage: {{ .Release.Service }} @@ -43,6 +50,12 @@ spec: labels: app: {{ include "common.name" . }} release: {{ include "common.release" . }} + app.kubernetes.io/name: {{ include "common.name" . }} + {{- if .Chart.AppVersion }} + version: "{{ .Chart.AppVersion | replace "+" "_" }}" + {{- else }} + version: "{{ .Chart.Version | replace "+" "_" }}" + {{- end }} name: {{ include "common.name" . }} annotations: checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} @@ -98,7 +111,7 @@ spec: spec: hostname: aai-traversal terminationGracePeriodSeconds: {{ .Values.service.terminationGracePeriodSeconds }} - initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }} + initContainers: - command: - /app/ready.py args: @@ -110,7 +123,7 @@ spec: - --job-name - {{ include "common.release" . }}-aai-graphadmin-create-db-schema {{- else }} - - --container-name + - --app-name {{- if .Values.global.cassandra.localCluster }} - aai-cassandra {{- else }} @@ -129,6 +142,13 @@ spec: image: {{ include "repositoryGenerator.image.readiness" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }}-readiness + resources: + limits: + cpu: "100m" + memory: "0.5Gi" + requests: + cpu: "3m" + memory: "0.02Gi" containers: - name: {{ include "common.name" . }} image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} @@ -138,13 +158,23 @@ spec: args: - -c - | - echo "*** retrieve Truststore and Keystore password" - export $(cat {{ .Values.certInitializer.credsPath }}/mycreds.prop | xargs -0) echo "*** actual launch of AAI Resources" /bin/bash /opt/app/aai-traversal/docker-entrypoint.sh env: - - name: TRUSTORE_ALL_PASSWORD - value: {{ .Values.certInitializer.truststorePassword }} + {{- if .Values.config.env }} + {{- range $key,$value := .Values.config.env }} + - name: {{ $key | upper | quote}} + value: {{ $value | quote}} + {{- end }} + {{- end }} + {{- if .Values.config.profiling.enabled }} + - name: PRE_JVM_ARGS + value: '{{ join " " .Values.config.profiling.args }}' + {{- end }} + {{- if .Values.config.debug.enabled }} + - name: POST_JVM_ARGS + value: {{ .Values.config.debug.args | quote }} + {{- end }} - name: DISABLE_UPDATE_QUERY value: {{ .Values.config.disableUpdateQuery | quote }} - name: LOCAL_USER_ID @@ -155,7 +185,9 @@ spec: value: {{ .Values.service.internalPort | quote }} - name: INTERNAL_PORT_2 value: {{ .Values.service.internalPort2 | quote }} - volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 8 }} + - name: INTERNAL_PORT_3 + value: {{ .Values.service.internalPort3 | quote }} + volumeMounts: - mountPath: /etc/localtime name: localtime readOnly: true @@ -181,21 +213,6 @@ spec: - mountPath: /opt/app/aai-traversal/resources/etc/auth/realm.properties name: {{ include "common.fullname" . }}-config subPath: realm.properties - - mountPath: /opt/app/aai-traversal/resources/aaf/bath_config.csv - name: {{ include "common.fullname" . }}-aaf-certs - subPath: bath_config.csv - - mountPath: /opt/app/aai-traversal/resources/aaf/org.onap.aai.props - name: {{ include "common.fullname" . }}-aaf-properties - subPath: org.onap.aai.props - - mountPath: /opt/app/aai-traversal/resources/aaf/org.osaaf.location.props - name: {{ include "common.fullname" . }}-aaf-properties - subPath: org.osaaf.location.props - - mountPath: /opt/app/aai-traversal/resources/aaf/permissions.properties - name: {{ include "common.fullname" . }}-aaf-properties - subPath: permissions.properties - - mountPath: /opt/app/aai-traversal/resources/cadi.properties - name: {{ include "common.fullname" . }}-aaf-properties - subPath: cadi.properties - mountPath: /opt/app/aai-traversal/resources/application.properties name: {{ include "common.fullname" . }}-config subPath: application.properties @@ -204,7 +221,19 @@ spec: subPath: application-keycloak.properties ports: - containerPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + + {{- if .Values.config.debug.enabled }} - containerPort: {{ .Values.service.internalPort2 }} + name: {{ .Values.service.portName2 }} + {{- end }} + - containerPort: {{ .Values.service.internalPort3 }} + name: {{ .Values.service.portName3 }} + {{- if .Values.config.profiling.enabled }} + - containerPort: {{ .Values.service.internalPort4 }} + name: {{ .Values.service.portName4 }} + {{- end }} + lifecycle: # wait for active requests (long-running tasks) to be finished # Before the SIGTERM is invoked, Kubernetes exposes a preStop hook in the Pod. @@ -221,18 +250,35 @@ spec: # so K8s doesn't restart unresponsive container {{ if .Values.liveness.enabled }} livenessProbe: - tcpSocket: + httpGet: + path: /aai/util/echo?action=checkDB port: {{ .Values.service.internalPort }} + scheme: HTTP + httpHeaders: + - name: X-FromAppId + value: LivenessCheck + - name: X-TransactionId + value: LiveCheck_TID + - name: Accept + value: application/json initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} {{ end }} readinessProbe: - tcpSocket: + httpGet: + path: /aai/util/echo?action=checkDB port: {{ .Values.service.internalPort }} + scheme: HTTP + httpHeaders: + - name: X-FromAppId + value: ReadinessCheck + - name: X-TransactionId + value: ReadinessCheck_TID + - name: Accept + value: application/json initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} - resources: -{{ include "common.resources" . }} + resources: {{ include "common.resources" . | nindent 10 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 8 }} @@ -245,7 +291,7 @@ spec: # side car containers {{ include "common.log.sidecar" . | nindent 6 }} serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} - volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }} + volumes: - name: localtime hostPath: path: /etc/localtime @@ -257,15 +303,6 @@ spec: - name: {{ include "common.fullname" . }}-config configMap: name: {{ include "common.fullname" . }} - - name: {{ include "common.fullname" . }}-aaf-properties - configMap: - name: {{ include "common.fullname" . }}-aaf-props - - name: {{ include "common.fullname" . }}-aaf-certs - secret: - secretName: {{ include "common.fullname" . }}-aaf - - name: aai-common-aai-auth-mount - secret: - secretName: aai-common-aai-auth restartPolicy: {{ .Values.global.restartPolicy | default .Values.restartPolicy }} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key"