X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=kubernetes%2Fsdnc%2Ftemplates%2Fstatefulset.yaml;h=8a7259ba0da97382e85f66d1d563796e758f07aa;hb=21349802fd5b6aea04b66630f108b3603930c7c4;hp=96fa3378fbb1d71eb88035b89ca24fbb5e840bb4;hpb=572f2249f452136d12b7cf0fdcfc4c418d5177af;p=oom.git diff --git a/kubernetes/sdnc/templates/statefulset.yaml b/kubernetes/sdnc/templates/statefulset.yaml index 96fa3378fb..8a7259ba0d 100644 --- a/kubernetes/sdnc/templates/statefulset.yaml +++ b/kubernetes/sdnc/templates/statefulset.yaml @@ -41,6 +41,36 @@ spec: {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "aai-user-creds" "key" "login") | indent 10 }} - name: AAI_CLIENT_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "aai-user-creds" "key" "password") | indent 10 }} + - name: AAI_TRUSTSTORE_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "aai-truststore-password" "key" "password") | indent 10 }} + - name: ANSIBLE_TRUSTSTORE_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "ansible-truststore-password" "key" "password") | indent 10 }} + - name: SO_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "so-user-creds" "key" "login") | indent 10 }} + - name: SO_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "so-user-creds" "key" "password") | indent 10 }} + - name: NENG_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "neng-user-creds" "key" "login") | indent 10 }} + - name: NENG_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "neng-user-creds" "key" "password") | indent 10 }} + - name: CDS_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cds-user-creds" "key" "login") | indent 10 }} + - name: CDS_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cds-user-creds" "key" "password") | indent 10 }} + - name: HONEYCOMB_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "honeycomb-user-creds" "key" "login") | indent 10 }} + - name: HONEYCOMB_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "honeycomb-user-creds" "key" "password") | indent 10 }} + - name: TRUSTSTORE_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "truststore-password" "key" "password") | indent 10 }} + - name: KEYSTORE_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "keystore-password" "key" "password") | indent 10 }} + - name: DMAAP_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmaap-user-creds" "key" "login") | indent 10 }} + - name: DMAAP_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmaap-user-creds" "key" "password") | indent 10 }} + - name: DMAAP_AUTHKEY + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmaap-authkey" "key" "password") | indent 10 }} - name: MODELSERVICE_USER {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "modeling-user-creds" "key" "login") | indent 10 }} - name: MODELSERVICE_PASSWORD @@ -63,16 +93,33 @@ spec: {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 10 }} - name: SDNC_DB_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 10 }} + - name: MYSQL_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 10 }} + - name: MYSQL_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 10 }} - name: ODL_ADMIN_USERNAME {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "login") | indent 10 }} + - name: ODL_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "login") | indent 10 }} - name: ODL_ADMIN_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "password") | indent 10 }} + - name: ODL_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "password") | indent 10 }} {{ if and .Values.config.sdnr.dmaapProxy.enabled .Values.config.sdnr.dmaapProxy.usepwd }} - name: DMAAP_HTTP_PROXY_USERNAME {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmaap-proxy-creds" "key" "login") | indent 10 }} - name: DMAAP_HTTP_PROXY_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmaap-proxy-creds" "key" "password") | indent 10 }} {{- end }} + {{ if .Values.config.sdnr.oauth.enabled }} + - name: OAUTH_TOKEN_SECRET + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "oauth-token-secret" "key" "password") | indent 10 }} + - name: KEYCLOAK_SECRET + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "keycloak-secret" "key" "password") | indent 10 }} + + - name: ENABLE_ODLUX_RBAC + value: "{{ .Values.config.sdnr.oauth.odluxRbac.enabled | default "true" }}" + {{ end }} volumeMounts: @@ -90,6 +137,8 @@ spec: {{ if or .Values.dgbuilder.enabled .Values.config.sdnr.enabled -}} - --container-name - {{ include "common.mariadbService" . }} + - --job-name + - {{ include "common.fullname" . }}-dbinit-job {{ end -}} {{ if .Values.config.sdnr.enabled -}} - --container-name @@ -116,6 +165,7 @@ spec: - | mkdir {{ .Values.persistence.mdsalPath }}/journal mkdir {{ .Values.persistence.mdsalPath }}/snapshots + mkdir {{ .Values.persistence.mdsalPath }}/daexim chown -R {{ .Values.config.odlUid }}:{{ .Values.config.odlGid}} {{ .Values.persistence.mdsalPath }} {{- if .Values.global.aafEnabled }} chown -R {{ .Values.config.odlUid }}:{{ .Values.config.odlGid}} {{ .Values.certInitializer.credsPath }} @@ -142,6 +192,9 @@ spec: - containerPort: {{ .Values.service.internalPort2 }} - containerPort: {{ .Values.service.internalPort3 }} - containerPort: {{ .Values.service.clusterPort }} + {{- if .Values.config.sdnr.netconfCallHome.enabled }} + - containerPort: {{ .Values.service.callHomePort }} + {{- end }} readinessProbe: tcpSocket: port: {{ .Values.service.internalPort }} @@ -152,14 +205,58 @@ spec: {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-root-password" "key" "password") | indent 12 }} - name: ODL_ADMIN_USERNAME {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "login") | indent 12 }} + - name: ODL_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "login") | indent 12 }} - name: ODL_ADMIN_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "password") | indent 12 }} + - name: ODL_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "password") | indent 12 }} - name: SDNC_DB_USER {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 12 }} - name: SDNC_DB_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 12 }} + - name: MYSQL_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 12 }} + - name: MYSQL_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 12 }} + - name: MYSQL_DATABASE + value: "{{ .Values.config.dbSdnctlDatabase }}" - name: SDNC_CONFIG_DIR value: "{{ .Values.config.configDir }}" + - name: AAI_CLIENT_NAME + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "aai-user-creds" "key" "login") | indent 12 }} + - name: AAI_CLIENT_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "aai-user-creds" "key" "password") | indent 12 }} + - name: AAI_TRUSTSTORE_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "aai-truststore-password" "key" "password") | indent 12 }} + - name: ANSIBLE_TRUSTSTORE_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "ansible-truststore-password" "key" "password") | indent 12 }} + - name: SO_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "so-user-creds" "key" "login") | indent 12 }} + - name: SO_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "so-user-creds" "key" "password") | indent 12 }} + - name: NENG_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "neng-user-creds" "key" "login") | indent 12 }} + - name: NENG_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "neng-user-creds" "key" "password") | indent 12 }} + - name: CDS_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cds-user-creds" "key" "login") | indent 12 }} + - name: CDS_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cds-user-creds" "key" "password") | indent 12 }} + - name: HONEYCOMB_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "honeycomb-user-creds" "key" "login") | indent 12 }} + - name: HONEYCOMB_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "honeycomb-user-creds" "key" "password") | indent 12 }} + - name: TRUSTSTORE_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "truststore-password" "key" "password") | indent 12 }} + - name: KEYSTORE_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "keystore-password" "key" "password") | indent 12 }} + - name: DMAAP_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmaap-user-creds" "key" "login") | indent 12 }} + - name: DMAAP_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmaap-user-creds" "key" "password") | indent 12 }} + - name: DMAAP_AUTHKEY + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmaap-authkey" "key" "password") | indent 12 }} - name: ENABLE_ODL_CLUSTER value: "{{ .Values.config.enableClustering }}" - name: MY_ODL_CLUSTER @@ -209,7 +306,10 @@ spec: - name: ODL_CERT_DIR value: {{ (mustFirst (.Values.certificates)).mountPath }} {{- end }} - + - name: ENABLE_OAUTH + value: "{{ .Values.config.sdnr.oauth.enabled | default "false" }}" + - name: SDNR_NETCONF_CALLHOME_ENABLED + value: "{{ .Values.config.sdnr.netconfCallHome.enabled | default "false" }}" volumeMounts: {{ include "common.certInitializer.volumeMount" . | indent 10 }} {{ include "common.certServiceClient.volumeMounts" . | indent 10 }} @@ -277,6 +377,11 @@ spec: - mountPath: {{ .Values.config.odl.etcDir }}/org.opendaylight.daexim.cfg name: properties subPath: org.opendaylight.daexim.cfg + {{- if .Values.config.sdnr.oauth.enabled }} + - mountPath: {{ .Values.config.odl.etcDir }}/oauth-provider.config.json + name: properties + subPath: oauth-provider.config.json + {{ end }} resources: {{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }}