X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=kubernetes%2Fsdc%2Fcomponents%2Fsdc-be%2Ftemplates%2Fdeployment.yaml;h=229d4233cc9f46aab10f733274c72cc10e3b4b2c;hb=refs%2Fheads%2Fmaster;hp=d6ea50e84e8f5db747a4276ca0e213b530158b46;hpb=11e85382bc62797ea511a42b1bd647772129c0d7;p=oom.git diff --git a/kubernetes/sdc/components/sdc-be/templates/deployment.yaml b/kubernetes/sdc/components/sdc-be/templates/deployment.yaml index d6ea50e84e..ad635a119d 100644 --- a/kubernetes/sdc/components/sdc-be/templates/deployment.yaml +++ b/kubernetes/sdc/components/sdc-be/templates/deployment.yaml @@ -20,66 +20,47 @@ kind: Deployment metadata: {{- include "common.resourceMetadata" . | nindent 2 }} spec: selector: {{- include "common.selectors" . | nindent 4 }} + {{- if not .Values.autoscaling.enabled }} replicas: {{ .Values.replicaCount }} + {{- end }} + revisionHistoryLimit: {{ .Values.revisionHistoryLimit }} + minReadySeconds: {{ .Values.minReadySeconds }} + strategy: + type: {{ .Values.updateStrategy.type }} + rollingUpdate: + maxUnavailable: {{ .Values.updateStrategy.maxUnavailable }} + maxSurge: {{ .Values.updateStrategy.maxSurge }} template: metadata: {{- include "common.templateMetadata" . | nindent 6 }} spec: initContainers: - - name: {{ include "common.name" . }}-readiness - command: - - /app/ready.py - args: - - --container-name - - "sdc-onboarding-be" - {{- if not .Values.global.kafka.useKafka }} - - --container-name - - "message-router" - {{- end }} - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: {{ include "repositoryGenerator.image.readiness" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - resources: - limits: - cpu: 100m - memory: 100Mi - requests: - cpu: 3m - memory: 20Mi - - name: {{ include "common.name" . }}-job-completion - image: {{ include "repositoryGenerator.image.readiness" . }} - imagePullPolicy: "{{ .Values.global.pullPolicy | default .Values.pullPolicy }}" - command: - - /app/ready.py - args: - - --job-name - - {{ include "common.release" . }}-sdc-onboarding-be - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - resources: - limits: - cpu: 100m - memory: 100Mi - requests: - cpu: 3m - memory: 20Mi + {{ include "common.readinessCheck.waitFor" (dict "dot" . "wait_for" .Values.readinessCheck.wait_for_service) | nindent 8 }} + - name: {{ include "common.name" . }}-copy-jetty + image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: ["/bin/sh","-c"] + args: ['cp -a /app/jetty/ /app/jetty_rw/; mkdir /app/jetty_rw/jetty/ruby_temp'] + resources: + limits: + cpu: 400m + memory: 400Mi + requests: + cpu: 30m + memory: 200Mi + {{ include "common.containerSecurityContext" . | indent 10 | trim }} + volumeMounts: + - name: {{ include "common.fullname" . }}-jetty + mountPath: /app/jetty_rw containers: - name: {{ include "common.name" . }} image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} ports: {{ include "common.containerPorts" . | nindent 12 }} + {{ include "common.containerSecurityContext" . | indent 10 | trim }} {{ if eq .Values.liveness.enabled true }} livenessProbe: httpGet: - path: /sdc2/rest/healthCheck + path: {{ .Values.liveness.path }} port: {{ .Values.service.internalPort }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} @@ -89,17 +70,16 @@ spec: {{ end }} readinessProbe: httpGet: - path: /sdc2/rest/healthCheck + path: {{ .Values.readiness.path }} port: {{ .Values.service.internalPort }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} timeoutSeconds: {{ .Values.readiness.timeoutSeconds }} successThreshold: {{ .Values.readiness.successThreshold }} failureThreshold: {{ .Values.readiness.failureThreshold }} - resources: {{ include "common.resources" . | nindent 12 }} startupProbe: httpGet: - path: /sdc2/rest/healthCheck + path: {{ .Values.startup.path }} port: {{ .Values.service.internalPort }} initialDelaySeconds: {{ .Values.startup.initialDelaySeconds }} periodSeconds: {{ .Values.startup.periodSeconds }} @@ -108,12 +88,28 @@ spec: failureThreshold: {{ .Values.startup.failureThreshold }} resources: {{ include "common.resources" . | nindent 12 }} env: - - name: ENVNAME - value: {{ .Values.env.name }} + - name: TMPDIR + value: '/app/jetty/ruby_temp' - name: JAVA_OPTIONS value: {{ .Values.config.javaOptions }} - name: cassandra_ssl_enabled value: {{ .Values.config.cassandraSslEnabled | quote }} + - name: TLS_CERT + value: {{ .Values.be.tlsCert }} + - name: TLS_KEY + value: {{ .Values.be.tlsKey }} + - name: TLS_PASSWORD + value: {{ .Values.be.tlsPassword }} + - name: KEYSTORE_PATH + value: {{ .Values.be.keystorePath }} + - name: KEYSTORE_PASSWORD + value: {{ .Values.be.keystorePassword }} + - name: CA_CERT + value: {{ .Values.be.caCert }} + - name: TRUSTSTORE_PATH + value: {{ .Values.be.truststorePath }} + - name: TRUSTSTORE_PASSWORD + value: {{ .Values.be.truststorePassword }} - name: HOST_IP valueFrom: fieldRef: @@ -128,36 +124,88 @@ spec: value: {{ .Values.global.kafka.useKafka | quote }} {{- end }} volumeMounts: - - name: sdc-environments - mountPath: /app/jetty/chef-solo/environments/ - - name: localtime - mountPath: /etc/localtime - readOnly: true - - name: logs + - name: {{ include "common.fullname" . }}-jetty + mountPath: /app/jetty + subPath: jetty + - name: {{ include "common.fullname" . }}-logs mountPath: /var/log/onap + - name: {{ include "common.fullname" . }}-tmp + mountPath: /tmp - name: logback mountPath: /tmp/logback.xml subPath: logback.xml + - name: http-config + mountPath: /app/jetty/start.d/http.ini + subPath: http.ini + - name: https-config + mountPath: /app/jetty/start.d/https.ini + subPath: https.ini + - name: ssl-config + mountPath: /app/jetty/start.d/ssl.ini + subPath: ssl.ini + - name: catalog-be-config + mountPath: /app/jetty/config/catalog-be/janusgraph.properties + subPath: janusgraph.properties + - name: catalog-be-config + mountPath: /app/jetty/config/catalog-be/distribution-engine-configuration.yaml + subPath: distribution-engine-configuration.yaml + - name: catalog-be-config + mountPath: /app/jetty/config/catalog-be/configuration.yaml + subPath: configuration.yaml + - name: catalog-be-resource-config + mountPath: /app/jetty/resources/key.properties + subPath: key.properties + - name: catalog-be-resource-config + mountPath: /app/jetty/resources/portal.properties + subPath: portal.properties + - name: ready-probe-config + mountPath: /app/jetty/ready-probe.sh + subPath: ready-probe.sh + lifecycle: postStart: exec: - command: ["/bin/sh", "-c", "export LOG=wait_logback.log; touch $LOG; export SRC=/tmp/logback.xml; export DST=/app/jetty/config/catalog-be/; while [ ! -e $DST ]; do echo 'Waiting for $DST...' >> $LOG; sleep 5; done; sleep 2; /bin/cp -f $SRC $DST; echo 'Done' >> $LOG"] + command: ["/bin/sh", "-c", "export SRC=/tmp/logback.xml; export DST=/app/jetty/config/catalog-be/; while [ ! -e $DST ]; do echo 'Waiting for $DST...'; sleep 5; done; sleep 2; /bin/cp -f $SRC $DST; echo 'Done copying logback.xml' ; echo 'Running BE_3_setup_key_and_trust_store.sh...' ; /app/jetty/BE_3_setup_key_and_trust_store.sh ; echo 'BE_3_setup_key_and_trust_store.sh completed' "] # side car containers {{ include "common.log.sidecar" . | nindent 8 }} serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} + {{ include "common.podSecurityContext" . | indent 6 | trim }} volumes: - - name: localtime - hostPath: - path: /etc/localtime {{ include "common.log.volumes" (dict "dot" . "configMapNamePrefix" (tpl .Values.logConfigMapNamePrefix .)) | nindent 6 }} - name: logback configMap: name : {{ include "common.fullname" . }}-logging-configmap - - name: sdc-environments + - name: {{ include "common.fullname" . }}-logs + emptyDir: + sizeLimit: {{ .Values.volumes.logSizeLimit }} + - name: {{ include "common.fullname" . }}-tmp + emptyDir: + sizeLimit: {{ .Values.volumes.tmpSizeLimit }} + - name: {{ include "common.fullname" . }}-jetty + emptyDir: + sizeLimit: {{ .Values.volumes.jettySizeLimit }} + - name: http-config + configMap: + name: {{ include "common.release" . }}-sdc-http-be-configmap + defaultMode: 0755 + - name: https-config + configMap: + name: {{ include "common.release" . }}-sdc-https-be-configmap + defaultMode: 0755 + - name: ssl-config + configMap: + name: {{ include "common.release" . }}-sdc-ssl-be-configmap + defaultMode: 0755 + - name: catalog-be-config + configMap: + name: {{ include "common.release" . }}-sdc-catalog-be-configmap + defaultMode: 0755 + - name: catalog-be-resource-config + configMap: + name: {{ include "common.release" . }}-sdc-catalog-be-resource-configmap + defaultMode: 0755 + - name: ready-probe-config configMap: - name: {{ include "common.release" . }}-sdc-environments-configmap + name: {{ include "common.release" . }}-sdc-be-ready-probe-configmap defaultMode: 0755 - - name: logs - emptyDir: {} - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" + {{- include "common.imagePullSecrets" . | nindent 6 }}