X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=kubernetes%2Fsdc%2Fcomponents%2Fsdc-wfd-be%2Ftemplates%2Fdeployment.yaml;h=a187e19a75449e9a4d1585432831a2fc2ed18f3e;hb=refs%2Fchanges%2F26%2F122426%2F70;hp=9defb8e1ce9f9a2882b1c451bfcfd05616ce1c2e;hpb=d92618a67e411c4e0568c7a71a7d7b3307a56807;p=oom.git diff --git a/kubernetes/sdc/components/sdc-wfd-be/templates/deployment.yaml b/kubernetes/sdc/components/sdc-wfd-be/templates/deployment.yaml index 9defb8e1ce..a187e19a75 100644 --- a/kubernetes/sdc/components/sdc-wfd-be/templates/deployment.yaml +++ b/kubernetes/sdc/components/sdc-wfd-be/templates/deployment.yaml @@ -79,26 +79,37 @@ spec: ./startup.sh {{- end }} ports: - - containerPort: {{ template "wfd-be.internalPort" . }} + - containerPort: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }} # disable liveness probe when breakpoints set in debugger # so K8s doesn't restart unresponsive container {{ if .Values.liveness.enabled }} livenessProbe: tcpSocket: - port: {{ template "wfd-be.internalPort" . }} + port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} + successThreshold: {{ .Values.liveness.successThreshold }} + failureThreshold: {{ .Values.liveness.failureThreshold }} {{ end }} readinessProbe: tcpSocket: - port: {{ template "wfd-be.internalPort" . }} + port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} + successThreshold: {{ .Values.readiness.successThreshold }} + failureThreshold: {{ .Values.readiness.failureThreshold }} + startupProbe: + tcpSocket: + port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.startup.initialDelaySeconds }} + periodSeconds: {{ .Values.startup.periodSeconds }} + successThreshold: {{ .Values.startup.successThreshold }} + failureThreshold: {{ .Values.startup.failureThreshold }} env: - name: JAVA_OPTIONS value: {{ .Values.config.javaOptions }} - name: CS_HOSTS - value: "{{ .Values.global.cassandra.serviceName }}" + value: "{{ .Values.global.sdc_cassandra.serviceName }}" - name: CS_PORT value: "{{ .Values.config.cassandraClientPort }}" - name: CS_AUTHENTICATE @@ -117,22 +128,28 @@ spec: valueFrom: secretKeyRef: {name: {{ include "common.release" . }}-sdc-cs-secrets, key: cs_truststore_password} - name: SDC_PROTOCOL - value: "{{ .Values.config.sdcProtocol }}" + value: "{{ (eq "true" (include "common.needTLS" .)) | ternary "HTTPS" "HTTP" }}" - name: SDC_ENDPOINT - value: "{{ .Values.config.sdcEndpoint }}" + value: "{{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.sdcEndpoint.https .Values.config.sdcEndpoint.http }}" - name: SDC_USER value: "{{ .Values.config.sdcExternalUser }}" - name: SDC_PASSWORD valueFrom: secretKeyRef: {name: {{ include "common.release" . }}-sdc-cs-secrets, key: wf_external_user_password} + {{- if (include "common.needTLS" .) }} - name: SERVER_SSL_ENABLED - value: "{{ .Values.config.serverSSLEnabled }}" + value: "true" - name: SERVER_SSL_KEYSTORE_TYPE value: "{{ .Values.config.serverSSLKeyStoreType }}" - name: SERVER_SSL_TRUSTSTORE_TYPE value: "{{ .Values.config.serverSSLTrustStoreType }}" + {{- else }} + - name: SERVER_SSL_ENABLED + value: "false" + {{- end }} volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }} resources: {{ include "common.resources" . | nindent 12 }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key"