X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=kubernetes%2Fsdnc%2Ftemplates%2Fstatefulset.yaml;h=01cc0c0e87ea2555cc5621fe29f0a415f94d37b0;hb=7e8244a3a3a835a8758ffa865542f4dc53bb6771;hp=51c50e4fecd03e225d95a8fb531a602a698c65a0;hpb=3465ee1be5636b48753bc7bf4d0bf8ca1fac5147;p=oom.git diff --git a/kubernetes/sdnc/templates/statefulset.yaml b/kubernetes/sdnc/templates/statefulset.yaml index 51c50e4fec..01cc0c0e87 100644 --- a/kubernetes/sdnc/templates/statefulset.yaml +++ b/kubernetes/sdnc/templates/statefulset.yaml @@ -41,6 +41,36 @@ spec: {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "aai-user-creds" "key" "login") | indent 10 }} - name: AAI_CLIENT_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "aai-user-creds" "key" "password") | indent 10 }} + - name: AAI_TRUSTSTORE_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "aai-truststore-password" "key" "password") | indent 10 }} + - name: ANSIBLE_TRUSTSTORE_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "ansible-truststore-password" "key" "password") | indent 10 }} + - name: SO_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "so-user-creds" "key" "login") | indent 10 }} + - name: SO_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "so-user-creds" "key" "password") | indent 10 }} + - name: NENG_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "neng-user-creds" "key" "login") | indent 10 }} + - name: NENG_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "neng-user-creds" "key" "password") | indent 10 }} + - name: CDS_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cds-user-creds" "key" "login") | indent 10 }} + - name: CDS_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cds-user-creds" "key" "password") | indent 10 }} + - name: HONEYCOMB_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "honeycomb-user-creds" "key" "login") | indent 10 }} + - name: HONEYCOMB_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "honeycomb-user-creds" "key" "password") | indent 10 }} + - name: TRUSTSTORE_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "truststore-password" "key" "password") | indent 10 }} + - name: KEYSTORE_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "keystore-password" "key" "password") | indent 10 }} + - name: DMAAP_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmaap-user-creds" "key" "login") | indent 10 }} + - name: DMAAP_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmaap-user-creds" "key" "password") | indent 10 }} + - name: DMAAP_AUTHKEY + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmaap-authkey" "key" "password") | indent 10 }} - name: MODELSERVICE_USER {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "modeling-user-creds" "key" "login") | indent 10 }} - name: MODELSERVICE_PASSWORD @@ -63,16 +93,33 @@ spec: {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 10 }} - name: SDNC_DB_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 10 }} + - name: MYSQL_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 10 }} + - name: MYSQL_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 10 }} - name: ODL_ADMIN_USERNAME {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "login") | indent 10 }} + - name: ODL_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "login") | indent 10 }} - name: ODL_ADMIN_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "password") | indent 10 }} + - name: ODL_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "password") | indent 10 }} {{ if and .Values.config.sdnr.dmaapProxy.enabled .Values.config.sdnr.dmaapProxy.usepwd }} - name: DMAAP_HTTP_PROXY_USERNAME {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmaap-proxy-creds" "key" "login") | indent 10 }} - name: DMAAP_HTTP_PROXY_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmaap-proxy-creds" "key" "password") | indent 10 }} {{- end }} + {{ if .Values.config.sdnr.oauth.enabled }} + - name: OAUTH_TOKEN_SECRET + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "oauth-token-secret" "key" "password") | indent 10 }} + - name: KEYCLOAK_SECRET + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "keycloak-secret" "key" "password") | indent 10 }} + + - name: ENABLE_ODLUX_RBAC + value: "{{ .Values.config.sdnr.oauth.odluxRbac.enabled | default "true" }}" + {{ end }} volumeMounts: @@ -114,9 +161,9 @@ spec: args: - -c - | - mkdir {{ .Values.persistence.mdsalPath }}/daexim mkdir {{ .Values.persistence.mdsalPath }}/journal mkdir {{ .Values.persistence.mdsalPath }}/snapshots + mkdir {{ .Values.persistence.mdsalPath }}/daexim chown -R {{ .Values.config.odlUid }}:{{ .Values.config.odlGid}} {{ .Values.persistence.mdsalPath }} {{- if .Values.global.aafEnabled }} chown -R {{ .Values.config.odlUid }}:{{ .Values.config.odlGid}} {{ .Values.certInitializer.credsPath }} @@ -129,6 +176,13 @@ spec: - name: {{ include "common.name" . }} image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + {{- if and .Values.global.cmpv2Enabled .Values.global.CMPv2CertManagerIntegration }} + {{- $linkCommand := include "common.certManager.linkVolumeMounts" . }} + lifecycle: + postStart: + exec: + command: ["sh", "-c", {{$linkCommand | quote}} ] + {{- end }} command: ["/bin/bash"] args: ["-c", "/opt/onap/sdnc/bin/createLinks.sh ; /opt/onap/sdnc/bin/startODL.sh"] ports: @@ -146,14 +200,58 @@ spec: {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-root-password" "key" "password") | indent 12 }} - name: ODL_ADMIN_USERNAME {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "login") | indent 12 }} + - name: ODL_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "login") | indent 12 }} - name: ODL_ADMIN_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "password") | indent 12 }} + - name: ODL_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "password") | indent 12 }} - name: SDNC_DB_USER {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 12 }} - name: SDNC_DB_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 12 }} + - name: MYSQL_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 12 }} + - name: MYSQL_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 12 }} + - name: MYSQL_DATABASE + value: "{{ .Values.config.dbSdnctlDatabase }}" - name: SDNC_CONFIG_DIR value: "{{ .Values.config.configDir }}" + - name: AAI_CLIENT_NAME + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "aai-user-creds" "key" "login") | indent 12 }} + - name: AAI_CLIENT_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "aai-user-creds" "key" "password") | indent 12 }} + - name: AAI_TRUSTSTORE_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "aai-truststore-password" "key" "password") | indent 12 }} + - name: ANSIBLE_TRUSTSTORE_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "ansible-truststore-password" "key" "password") | indent 12 }} + - name: SO_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "so-user-creds" "key" "login") | indent 12 }} + - name: SO_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "so-user-creds" "key" "password") | indent 12 }} + - name: NENG_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "neng-user-creds" "key" "login") | indent 12 }} + - name: NENG_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "neng-user-creds" "key" "password") | indent 12 }} + - name: CDS_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cds-user-creds" "key" "login") | indent 12 }} + - name: CDS_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cds-user-creds" "key" "password") | indent 12 }} + - name: HONEYCOMB_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "honeycomb-user-creds" "key" "login") | indent 12 }} + - name: HONEYCOMB_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "honeycomb-user-creds" "key" "password") | indent 12 }} + - name: TRUSTSTORE_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "truststore-password" "key" "password") | indent 12 }} + - name: KEYSTORE_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "keystore-password" "key" "password") | indent 12 }} + - name: DMAAP_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmaap-user-creds" "key" "login") | indent 12 }} + - name: DMAAP_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmaap-user-creds" "key" "password") | indent 12 }} + - name: DMAAP_AUTHKEY + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmaap-authkey" "key" "password") | indent 12 }} - name: ENABLE_ODL_CLUSTER value: "{{ .Values.config.enableClustering }}" - name: MY_ODL_CLUSTER @@ -198,8 +296,13 @@ spec: {{- if .Values.config.sdnr.sdnrdbTrustAllCerts }} - name: SDNRDBTRUSTALLCERTS value: "true" - {{ end }} - + {{- end }} + {{- if .Values.global.cmpv2Enabled }} + - name: ODL_CERT_DIR + value: {{ (mustFirst (.Values.certificates)).mountPath }} + {{- end }} + - name: ENABLE_OAUTH + value: "{{ .Values.config.sdnr.oauth.enabled | default "false" }}" volumeMounts: {{ include "common.certInitializer.volumeMount" . | indent 10 }} {{ include "common.certServiceClient.volumeMounts" . | indent 10 }} @@ -264,6 +367,14 @@ spec: - mountPath: {{ .Values.config.odl.etcDir }}/mountpoint-state-provider.properties name: properties subPath: mountpoint-state-provider.properties + - mountPath: {{ .Values.config.odl.etcDir }}/org.opendaylight.daexim.cfg + name: properties + subPath: org.opendaylight.daexim.cfg + {{- if .Values.config.sdnr.oauth.enabled }} + - mountPath: {{ .Values.config.odl.etcDir }}/oauth-provider.config.json + name: properties + subPath: oauth-provider.config.json + {{ end }} resources: {{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }}