X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=kubernetes%2Fsdc%2Fcomponents%2Fsdc-wfd-be%2Ftemplates%2Fdeployment.yaml;h=a187e19a75449e9a4d1585432831a2fc2ed18f3e;hb=refs%2Fchanges%2F26%2F122426%2F70;hp=b188cdae98de013c118d33c672b702874ed98d62;hpb=1418b0127785ae145a83190b51b0d032e3e41d94;p=oom.git diff --git a/kubernetes/sdc/components/sdc-wfd-be/templates/deployment.yaml b/kubernetes/sdc/components/sdc-wfd-be/templates/deployment.yaml index b188cdae98..a187e19a75 100644 --- a/kubernetes/sdc/components/sdc-wfd-be/templates/deployment.yaml +++ b/kubernetes/sdc/components/sdc-wfd-be/templates/deployment.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2017 Amdocs, AT&T, Bell Canada # Modifications Copyright © 2018 ZTE # @@ -12,6 +13,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} apiVersion: apps/v1 kind: Deployment @@ -37,7 +39,7 @@ spec: initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }} {{- if .Values.initJob.enabled }} - name: {{ include "common.name" . }}-job-completion - image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}" + image: {{ include "repositoryGenerator.image.readiness" . }} imagePullPolicy: "{{ .Values.global.pullPolicy | default .Values.pullPolicy }}" command: - /app/ready.py @@ -50,10 +52,17 @@ spec: fieldRef: apiVersion: v1 fieldPath: metadata.namespace + resources: + limits: + cpu: 100m + memory: 100Mi + requests: + cpu: 3m + memory: 20Mi {{ end }} containers: - name: {{ include "common.name" . }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" + image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} {{- if .Values.global.aafEnabled }} command: @@ -70,26 +79,37 @@ spec: ./startup.sh {{- end }} ports: - - containerPort: {{ template "wfd-be.internalPort" . }} + - containerPort: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }} # disable liveness probe when breakpoints set in debugger # so K8s doesn't restart unresponsive container {{ if .Values.liveness.enabled }} livenessProbe: tcpSocket: - port: {{ template "wfd-be.internalPort" . }} + port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} + successThreshold: {{ .Values.liveness.successThreshold }} + failureThreshold: {{ .Values.liveness.failureThreshold }} {{ end }} readinessProbe: tcpSocket: - port: {{ template "wfd-be.internalPort" . }} + port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} + successThreshold: {{ .Values.readiness.successThreshold }} + failureThreshold: {{ .Values.readiness.failureThreshold }} + startupProbe: + tcpSocket: + port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.startup.initialDelaySeconds }} + periodSeconds: {{ .Values.startup.periodSeconds }} + successThreshold: {{ .Values.startup.successThreshold }} + failureThreshold: {{ .Values.startup.failureThreshold }} env: - name: JAVA_OPTIONS value: {{ .Values.config.javaOptions }} - name: CS_HOSTS - value: "{{ .Values.global.cassandra.serviceName }}" + value: "{{ .Values.global.sdc_cassandra.serviceName }}" - name: CS_PORT value: "{{ .Values.config.cassandraClientPort }}" - name: CS_AUTHENTICATE @@ -108,21 +128,28 @@ spec: valueFrom: secretKeyRef: {name: {{ include "common.release" . }}-sdc-cs-secrets, key: cs_truststore_password} - name: SDC_PROTOCOL - value: "{{ .Values.config.sdcProtocol }}" + value: "{{ (eq "true" (include "common.needTLS" .)) | ternary "HTTPS" "HTTP" }}" - name: SDC_ENDPOINT - value: "{{ .Values.config.sdcEndpoint }}" + value: "{{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.sdcEndpoint.https .Values.config.sdcEndpoint.http }}" - name: SDC_USER value: "{{ .Values.config.sdcExternalUser }}" - name: SDC_PASSWORD valueFrom: secretKeyRef: {name: {{ include "common.release" . }}-sdc-cs-secrets, key: wf_external_user_password} + {{- if (include "common.needTLS" .) }} - name: SERVER_SSL_ENABLED - value: "{{ .Values.config.serverSSLEnabled }}" + value: "true" - name: SERVER_SSL_KEYSTORE_TYPE value: "{{ .Values.config.serverSSLKeyStoreType }}" - name: SERVER_SSL_TRUSTSTORE_TYPE value: "{{ .Values.config.serverSSLTrustStoreType }}" + {{- else }} + - name: SERVER_SSL_ENABLED + value: "false" + {{- end }} volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }} + resources: {{ include "common.resources" . | nindent 12 }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key"