X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=kubernetes%2Fcommon%2Fetcd-init%2Ftemplates%2Fjob.yaml;h=71f912e201dc07b955495dadaf6460ff9f5fb4fd;hb=refs%2Fheads%2Fmaster;hp=69bcfaaf99c8e39c2217fd1f9ab8f8f8236097b2;hpb=8e032164e936cd0d1ee22737eebeabfe9fda58c7;p=oom.git

diff --git a/kubernetes/common/etcd-init/templates/job.yaml b/kubernetes/common/etcd-init/templates/job.yaml
index 69bcfaaf99..71f912e201 100644
--- a/kubernetes/common/etcd-init/templates/job.yaml
+++ b/kubernetes/common/etcd-init/templates/job.yaml
@@ -27,6 +27,12 @@ spec:
   backoffLimit: {{ .Values.backoffLimit }}
   template:
     metadata:
+      annotations:
+        # Workarround to exclude K8S API from istio communication
+        # as init-container (readinessCheck) does not work with the
+        # Istio CNI plugin, see:
+        # (https://istio.io/latest/docs/setup/additional-setup/cni/#compatibility-with-application-init-containers)
+        traffic.sidecar.istio.io/excludeOutboundPorts: "443"
       labels:
         app: {{ include "common.name" . }}
         release: {{ include "common.release" . }}
@@ -37,8 +43,8 @@ spec:
         command:
         - /app/ready.py
         args:
-        - --container-name
-        - {{ .Values.etcd.containerName }}
+        - --service-name
+        - {{ .Values.etcd.serviceName }}
         env:
         - name: NAMESPACE
           valueFrom:
@@ -47,6 +53,13 @@ spec:
               fieldPath: metadata.namespace
         image: {{ include "repositoryGenerator.image.readiness" . }}
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+        resources:
+          limits:
+            cpu: "100m"
+            memory: "500Mi"
+          requests:
+            cpu: "3m"
+            memory: "20Mi"
       containers:
       - name: {{ include "common.name" . }}
         image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image }}
@@ -55,6 +68,8 @@ spec:
           - /bin/sh
           - -ec
           - |
+            {{- if include "common.onServiceMesh" . }}
+            echo "waiting 15s for istio side cars to be up"; sleep 15s;{{- end }}
             # Create users
             export ETCDCTL_ENDPOINTS=http://${ETCD_HOST}:${ETCD_PORT}
             export ETCDCTL_API=3
@@ -84,21 +99,14 @@ spec:
           value: "{{ .Values.config.appRole }}"
         - name: KEY_PREFIX
           value: "{{ .Values.config.keyPrefix }}"
-        volumeMounts:
-        - mountPath: /etc/localtime
-          name: localtime
-          readOnly: true
-        resources: {{ include "common.resources" . | nindent 12 }}
+        resources: {{ include "common.resources" . | nindent 10 }}
+      {{ include "common.waitForJobContainer" . | indent 6 | trim }}
       {{- if .Values.nodeSelector }}
       nodeSelector: {{ toYaml .Values.nodeSelector | nindent 10 }}
       {{- end -}}
       {{- if .Values.affinity }}
       affinity: {{ toYaml .Values.affinity | nindent 10 }}
       {{- end }}
-      volumes:
-      - name: localtime
-        hostPath:
-          path: /etc/localtime
+      serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
       restartPolicy: Never
-      imagePullSecrets:
-      - name: "{{ include "common.namespace" . }}-docker-registry-key"
+      {{- include "common.imagePullSecrets" . | nindent 6 }}