X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=kubernetes%2Fsdnc%2Ftemplates%2Fstatefulset.yaml;h=666a8ada12fb10b57ad0da780a5902540b1f8e80;hb=refs%2Fheads%2Fmaster;hp=06b864961fdf148249142e40654b548ccd54e751;hpb=bea32da3552ed09d15d2994fefdd9eae31fad5b3;p=oom.git diff --git a/kubernetes/sdnc/templates/statefulset.yaml b/kubernetes/sdnc/templates/statefulset.yaml index 06b864961f..666a8ada12 100644 --- a/kubernetes/sdnc/templates/statefulset.yaml +++ b/kubernetes/sdnc/templates/statefulset.yaml @@ -20,13 +20,10 @@ apiVersion: apps/v1 kind: StatefulSet metadata: {{- include "common.resourceMetadata" . | nindent 2 }} spec: - selector: - matchLabels: - app: {{ include "common.name" . }} - serviceName: {{ include "common.servicename" . }}-cluster - replicas: {{ .Values.replicaCount }} selector: {{- include "common.selectors" . | nindent 4 }} + serviceName: {{ include "common.servicename" . }}-cluster podManagementPolicy: Parallel + replicas: {{ .Values.replicaCount }} template: metadata: {{- include "common.templateMetadata" . | nindent 6 }} spec: @@ -105,23 +102,29 @@ spec: {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "password") | indent 10 }} - name: ODL_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "password") | indent 10 }} - {{ if and .Values.config.sdnr.dmaapProxy.enabled .Values.config.sdnr.dmaapProxy.usepwd }} - - name: DMAAP_HTTP_PROXY_USERNAME - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmaap-proxy-creds" "key" "login") | indent 10 }} - - name: DMAAP_HTTP_PROXY_PASSWORD - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmaap-proxy-creds" "key" "password") | indent 10 }} - {{- end }} {{ if .Values.config.sdnr.oauth.enabled }} - name: OAUTH_TOKEN_SECRET {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "oauth-token-secret" "key" "password") | indent 10 }} - name: KEYCLOAK_SECRET {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "keycloak-secret" "key" "password") | indent 10 }} - - name: ENABLE_ODLUX_RBAC value: "{{ .Values.config.sdnr.oauth.odluxRbac.enabled | default "true" }}" {{ end }} - - + - name: SDNR_KAFKA_ENABLED + value: "{{ .Values.config.sdnr.kafka.enabled | default "false" }}" + {{ if .Values.config.sdnr.kafka.enabled }} + - name: SDNR_KAFKA_BOOTSTRAP_SERVERS + value: "{{ .Values.config.sdnr.kafka.bootstrapServers | default (include "common.release" .) }}-strimzi-kafka-bootstrap.{{.Release.Namespace}}:9092" + - name: SDNR_KAFKA_SECURITY_PROTOCOL + value: "{{ .Values.config.sdnr.kafka.securityProtocol | default "SASL_PLAINTEXT" }}" + - name: SDNR_KAFKA_SASL_MECHANISM + value: "{{ .Values.config.sdnr.kafka.saslMechanism | default "SCRAM-SHA-512" }}" + - name: SDNR_KAFKA_SASL_JASS_CONFIG + valueFrom: + secretKeyRef: + name: {{ include "common.name" . }}-ku + key: sasl.jaas.config + {{ end }} volumeMounts: - mountPath: /config-input name: config-input @@ -130,12 +133,12 @@ spec: image: {{ include "repositoryGenerator.image.envsubst" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }}-update-config - {{ if .Values.dgbuilder.enabled -}} + {{ if or .Values.dgbuilder.enabled .Values.config.sdnr.enabled -}} - command: - /app/ready.py args: - {{ if or .Values.dgbuilder.enabled .Values.config.sdnr.enabled -}} - - --container-name + {{ if .Values.dgbuilder.enabled -}} + - --service-name - {{ include "common.mariadbService" . }} - --job-name - {{ include "common.fullname" . }}-dbinit-job @@ -153,8 +156,14 @@ spec: image: {{ include "repositoryGenerator.image.readiness" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }}-readiness - {{ end -}} -{{ include "common.certInitializer.initContainer" . | indent 6 }} + resources: + limits: + cpu: "100m" + memory: "500Mi" + requests: + cpu: "3m" + memory: "20Mi" + {{ end }} - name: {{ include "common.name" . }}-chown image: {{ include "repositoryGenerator.image.busybox" . }} command: @@ -166,11 +175,7 @@ spec: mkdir {{ .Values.persistence.mdsalPath }}/snapshots mkdir {{ .Values.persistence.mdsalPath }}/daexim chown -R {{ .Values.config.odlUid }}:{{ .Values.config.odlGid}} {{ .Values.persistence.mdsalPath }} -{{- if .Values.global.aafEnabled }} - chown -R {{ .Values.config.odlUid }}:{{ .Values.config.odlGid}} {{ .Values.certInitializer.credsPath }} -{{- end }} volumeMounts: -{{ include "common.certInitializer.volumeMount" . | indent 10 }} - mountPath: {{ .Values.persistence.mdsalPath }} name: {{ include "common.fullname" . }}-data containers: @@ -200,8 +205,10 @@ spec: initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} env: + {{ if and .Values.config.sdnr.enabled .Values.config.sdnr.sdnronly -}} - name: MYSQL_ROOT_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-root-password" "key" "password") | indent 12 }} + {{ end -}} - name: ODL_ADMIN_USERNAME {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "login") | indent 12 }} - name: ODL_USER @@ -267,7 +274,7 @@ spec: - name: GEO_ENABLED value: "{{ .Values.config.geoEnabled}}" - name: SDNC_AAF_ENABLED - value: "{{ .Values.global.aafEnabled}}" + value: "false" - name: SDNC_REPLICAS value: "{{ .Values.replicaCount }}" - name: MYSQL_HOST @@ -284,6 +291,8 @@ spec: value: "{{ .Values.config.javaHome}}" - name: JAVA_OPTS value: "-Xms{{.Values.config.odl.javaOptions.minMemory}} -Xmx{{.Values.config.odl.javaOptions.maxMemory}}" + - name: LOG4J_FORMAT_MSG_NO_LOOKUPS + value: "true" - name: KARAF_CONSOLE_LOG_LEVEL value: "{{ include "common.log.level" . }}" - name: SDNRWT @@ -294,13 +303,31 @@ spec: {{- end }} - name: SDNRONLY value: "{{ .Values.config.sdnr.sdnronly | default "false" }}" + {{- if .Values.config.sdnr.mariadb.enabled }} + - name: SDNRCONTROLLERID + value: {{ uuidv4 }} + - name: SDNRDBTYPE + value: MARIADB + - name: SDNRDBURL + value: "jdbc:mysql://{{ include "common.mariadbService" . }}:3306/{{ .Values.config.sdnr.mariadb.databaseName}}" + - name: SDNR_DB_DATABASE + value: {{ .Values.config.sdnr.mariadb.databaseName }} + - name: SDNRDBUSERNAME + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "sdnrdb-secret" "key" "login") | indent 12 }} + - name: SDNRDBPASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "sdnrdb-secret" "key" "password") | indent 12 }} + - name: SDNR_ASYNC_HANDLING + value: {{ .Values.config.sdnr.mariadb.asyncHandling | default "false" | quote }} + - name: SDNR_ASYNC_POOLSIZE + value: {{ .Values.config.sdnr.mariadb.asyncPoolSize | default 200 | quote }} + {{- else }} - name: SDNRDBURL - {{- $prefix := ternary "https" "http" .Values.global.aafEnabled}} - value: "{{$prefix}}://{{ .Values.elasticsearch.service.name | default "sdnrdb"}}.{{.Release.Namespace}}:{{.Values.elasticsearch.service.port | default "9200"}}" + value: "http://{{ .Values.elasticsearch.service.name | default "sdnrdb"}}.{{.Release.Namespace}}:{{.Values.elasticsearch.service.port | default "9200"}}" {{- if .Values.config.sdnr.sdnrdbTrustAllCerts }} - name: SDNRDBTRUSTALLCERTS value: "true" {{- end }} + {{- end }} {{- if .Values.global.cmpv2Enabled }} - name: ODL_CERT_DIR value: {{ (mustFirst (.Values.certificates)).mountPath }} @@ -309,14 +336,46 @@ spec: value: "{{ .Values.config.sdnr.oauth.enabled | default "false" }}" - name: SDNR_NETCONF_CALLHOME_ENABLED value: "{{ .Values.config.sdnr.netconfCallHome.enabled | default "false" }}" + - name: SDNR_VES_COLLECTOR_ENABLED + value: "{{ .Values.config.sdnr.vesCollector.enabled }}" + - name: SDNR_VES_COLLECTOR_TLS_ENABLED + value: "{{ .Values.config.sdnr.vesCollector.tls.enabled }}" + - name: SDNR_VES_COLLECTOR_TRUST_ALL_CERTS + value: "{{ .Values.config.sdnr.vesCollector.trustAllCertificates }}" + - name: SDNR_VES_COLLECTOR_IP + value: "{{ .Values.config.sdnr.vesCollector.address }}" + - name: SDNR_VES_COLLECTOR_PORT + value: "{{ .Values.config.sdnr.vesCollector.port }}" + - name: SDNR_VES_COLLECTOR_VERSION + value: "{{ .Values.config.sdnr.vesCollector.version | default "v7" }}" + - name: SDNR_VES_COLLECTOR_REPORTING_ENTITY_NAME + value: "{{ .Values.config.sdnr.vesCollector.reportingEntityName | default "ONAP SDN-R" }}" + - name: SDNR_VES_COLLECTOR_EVENTLOG_MSG_DETAIL + value: "{{ .Values.config.sdnr.vesCollector.eventLogMsgDetail | default "SHORT" }}" + - name: SDNR_VES_COLLECTOR_USERNAME + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "ves-collector-secret" "key" "login") | indent 12 }} + - name: SDNR_VES_COLLECTOR_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "ves-collector-secret" "key" "password") | indent 12 }} + - name: SDNR_WEBSOCKET_PORT + value: "{{ .Values.sdnrWebsocketPort | default "8182"}}" + - name: SDNR_KAFKA_ENABLED + value: "{{ .Values.config.sdnr.kafka.enabled | default "false" }}" + {{ if .Values.config.sdnr.kafka.enabled }} + - name: SDNR_KAFKA_BOOTSTRAP_SERVERS + value: "{{ .Values.config.sdnr.kafka.bootstrapServers | default (include "common.release" .) }}-strimzi-kafka-bootstrap.{{.Release.Namespace}}:9092" + - name: SDNR_KAFKA_SECURITY_PROTOCOL + value: "{{ .Values.config.sdnr.kafka.securityProtocol | default "PLAINTEXT" }}" + - name: SDNR_KAFKA_SASL_MECHANISM + value: "{{ .Values.config.sdnr.kafka.saslMechanism | default "PLAIN" }}" + - name: SDNR_KAFKA_SASL_JASS_CONFIG + value: "{{ .Values.config.sdnr.kafka.saslJassConfig | default "PLAIN" }}" + {{ end }} + + volumeMounts: -{{ include "common.certInitializer.volumeMount" . | indent 10 }} {{- if .Values.global.cmpv2Enabled }} {{ include "common.certManager.volumeMounts" . | indent 10 }} {{- end }} - - mountPath: /etc/localtime - name: localtime - readOnly: true - mountPath: /opt/opendaylight/current/etc/org.ops4j.pax.logging.cfg name: sdnc-logging-cfg-config subPath: org.ops4j.pax.logging.cfg @@ -389,13 +448,9 @@ spec: {{- if .Values.affinity }} affinity: {{ toYaml .Values.affinity | nindent 8 }} {{- end }} - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" + {{- include "common.imagePullSecrets" . | nindent 6 }} serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: - - name: localtime - hostPath: - path: /etc/localtime - name: logs emptyDir: {} {{ include "common.log.volumes" . | nindent 8 }} @@ -417,7 +472,6 @@ spec: - name: {{ include "common.fullname" . }}-data emptyDir: {} {{ else }} -{{ include "common.certInitializer.volumes" . | nindent 8 }} {{- if .Values.global.cmpv2Enabled }} {{ include "common.certManager.volumes" . | nindent 8 }} {{- end }}