X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=kubernetes%2Fsdnc%2Ftemplates%2Fstatefulset.yaml;h=d765197f13efee37858140b5f0013f2b3576f004;hb=cf8f42f496f9f062964f0b62a4de7ba2ef0a72ee;hp=6054546d5810ee5bd157d51adaf2ab29cde6a153;hpb=ff1c5075c21a7fe77e9be438eb1831c5dbcb552f;p=oom.git diff --git a/kubernetes/sdnc/templates/statefulset.yaml b/kubernetes/sdnc/templates/statefulset.yaml index 6054546d58..51c50e4fec 100644 --- a/kubernetes/sdnc/templates/statefulset.yaml +++ b/kubernetes/sdnc/templates/statefulset.yaml @@ -1,4 +1,7 @@ +{{/* +# Copyright © 2020 Samsung Electronics # Copyright © 2017 Amdocs, Bell Canada +# Copyright © 2021 Nokia # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -11,26 +14,21 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} -apiVersion: apps/v1beta1 +apiVersion: apps/v1 kind: StatefulSet -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} +metadata: {{- include "common.resourceMetadata" . | nindent 2 }} spec: + selector: + matchLabels: + app: {{ include "common.name" . }} serviceName: {{ include "common.servicename" . }}-cluster replicas: {{ .Values.replicaCount }} + selector: {{- include "common.selectors" . | nindent 4 }} podManagementPolicy: Parallel template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} + metadata: {{- include "common.templateMetadata" . | nindent 6 }} spec: initContainers: - command: @@ -40,118 +38,99 @@ spec: - "cd /config-input && for PFILE in `ls -1 .`; do envsubst <${PFILE} >/config/${PFILE}; done" env: - name: AAI_CLIENT_NAME - {{- include "common.secret.envFromSecret" (dict "global" . "uid" "aai-user-creds" "key" "login") | indent 10 }} + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "aai-user-creds" "key" "login") | indent 10 }} - name: AAI_CLIENT_PASSWORD - {{- include "common.secret.envFromSecret" (dict "global" . "uid" "aai-user-creds" "key" "password") | indent 10 }} + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "aai-user-creds" "key" "password") | indent 10 }} - name: MODELSERVICE_USER - {{- include "common.secret.envFromSecret" (dict "global" . "uid" "modeling-user-creds" "key" "login") | indent 10 }} + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "modeling-user-creds" "key" "login") | indent 10 }} - name: MODELSERVICE_PASSWORD - {{- include "common.secret.envFromSecret" (dict "global" . "uid" "modeling-user-creds" "key" "password") | indent 10 }} + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "modeling-user-creds" "key" "password") | indent 10 }} - name: RESTCONF_USER - {{- include "common.secret.envFromSecret" (dict "global" . "uid" "restconf-creds" "key" "login") | indent 10 }} + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restconf-creds" "key" "login") | indent 10 }} - name: RESTCONF_PASSWORD - {{- include "common.secret.envFromSecret" (dict "global" . "uid" "restconf-creds" "key" "password") | indent 10 }} + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restconf-creds" "key" "password") | indent 10 }} - name: ANSIBLE_USER - {{- include "common.secret.envFromSecret" (dict "global" . "uid" "ansible-creds" "key" "login") | indent 10 }} + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "ansible-creds" "key" "login") | indent 10 }} - name: ANSIBLE_PASSWORD - {{- include "common.secret.envFromSecret" (dict "global" . "uid" "ansible-creds" "key" "password") | indent 10 }} + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "ansible-creds" "key" "password") | indent 10 }} - name: SCALEOUT_USER - {{- include "common.secret.envFromSecret" (dict "global" . "uid" "scaleout-creds" "key" "login") | indent 10 }} + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "scaleout-creds" "key" "login") | indent 10 }} - name: SCALEOUT_PASSWORD - {{- include "common.secret.envFromSecret" (dict "global" . "uid" "scaleout-creds" "key" "password") | indent 10 }} + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "scaleout-creds" "key" "password") | indent 10 }} - name: NETBOX_APIKEY - {{- include "common.secret.envFromSecret" (dict "global" . "uid" "netbox-apikey" "key" "password") | indent 10 }} + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "netbox-apikey" "key" "password") | indent 10 }} - name: SDNC_DB_USER - {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-secret" "key" "login") | indent 10 }} + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 10 }} - name: SDNC_DB_PASSWORD - {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-secret" "key" "password") | indent 10 }} + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 10 }} + - name: ODL_ADMIN_USERNAME + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "login") | indent 10 }} + - name: ODL_ADMIN_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "password") | indent 10 }} + {{ if and .Values.config.sdnr.dmaapProxy.enabled .Values.config.sdnr.dmaapProxy.usepwd }} + - name: DMAAP_HTTP_PROXY_USERNAME + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmaap-proxy-creds" "key" "login") | indent 10 }} + - name: DMAAP_HTTP_PROXY_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmaap-proxy-creds" "key" "password") | indent 10 }} + {{- end }} + + volumeMounts: - mountPath: /config-input name: config-input - mountPath: /config name: properties - image: "{{ .Values.global.envsubstImage }}" + image: {{ include "repositoryGenerator.image.envsubst" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }}-update-config - + {{ if .Values.dgbuilder.enabled -}} - command: - - /root/ready.py + - /app/ready.py args: + {{ if or .Values.dgbuilder.enabled .Values.config.sdnr.enabled -}} - --container-name - {{ include "common.mariadbService" . }} + {{ end -}} + {{ if .Values.config.sdnr.enabled -}} + - --container-name + - {{ include "common.name" . }}-sdnrdb-init-job + {{ end -}} env: - name: NAMESPACE valueFrom: fieldRef: apiVersion: v1 fieldPath: metadata.namespace - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + image: {{ include "repositoryGenerator.image.readiness" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }}-readiness - {{ if .Values.global.aafEnabled }} - - name: {{ include "common.name" . }}-aaf-readiness - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + {{ end -}} +{{ include "common.certInitializer.initContainer" . | indent 6 }} +{{ include "common.certServiceClient.initContainer" . | indent 6 }} + - name: {{ include "common.name" . }}-chown + image: {{ include "repositoryGenerator.image.busybox" . }} command: - - /root/ready.py + - sh args: - - --container-name - - aaf-locate - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - name: {{ include "common.name" . }}-aaf - image: {{ .Values.global.repository }}/{{ .Values.aaf_init.agentImage }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - - mountPath: {{ .Values.certpersistence.certPath }} - name: {{ include "common.fullname" . }}-certs - command: - - bash - -c - | - /opt/app/aaf_config/bin/agent.sh && - cd /opt/app/osaaf/local && - /opt/app/aaf_config/bin/agent.sh local showpass | grep cadi_keystore_password= | cut -d= -f 2 > /opt/app/osaaf/local/.pass 2>&1 - env: - - name: APP_FQI - value: "{{ .Values.aaf_init.fqi }}" - - name: aaf_locate_url - value: "https://aaf-locate.{{ .Release.Namespace}}:8095" - - name: aaf_locator_container - value: "oom" - - name: aaf_locator_container_ns - value: "{{ .Release.Namespace }}" - - name: aaf_locator_fqdn - value: "{{ .Values.aaf_init.fqdn }}" - - name: aaf_locator_app_ns - value: "{{ .Values.aaf_init.app_ns }}" - - name: DEPLOY_FQI - {{- include "common.secret.envFromSecret" (dict "global" . "uid" "aaf-creds" "key" "login") | indent 12 }} - - name: DEPLOY_PASSWORD - {{- include "common.secret.envFromSecret" (dict "global" . "uid" "aaf-creds" "key" "password") | indent 12 }} - - name: cadi_longitude - value: "{{ .Values.aaf_init.cadi_longitude }}" - - name: cadi_latitude - value: "{{ .Values.aaf_init.cadi_latitude }}" - {{ end }} - - name: {{ include "common.name" . }}-chown - image: "busybox" - command: ["sh", "-c", "chown -R {{ .Values.config.odlUid }}:{{ .Values.config.odlGid}} {{ .Values.persistence.mdsalPath }} ; chown -R {{ .Values.config.odlUid }}:{{ .Values.config.odlGid}} {{ .Values.certpersistence.certPath }}"] + mkdir {{ .Values.persistence.mdsalPath }}/daexim + mkdir {{ .Values.persistence.mdsalPath }}/journal + mkdir {{ .Values.persistence.mdsalPath }}/snapshots + chown -R {{ .Values.config.odlUid }}:{{ .Values.config.odlGid}} {{ .Values.persistence.mdsalPath }} +{{- if .Values.global.aafEnabled }} + chown -R {{ .Values.config.odlUid }}:{{ .Values.config.odlGid}} {{ .Values.certInitializer.credsPath }} +{{- end }} volumeMounts: +{{ include "common.certInitializer.volumeMount" . | indent 10 }} - mountPath: {{ .Values.persistence.mdsalPath }} name: {{ include "common.fullname" . }}-data - - mountPath: {{ .Values.certpersistence.certPath }} - name: {{ include "common.fullname" . }}-certs containers: - name: {{ include "common.name" . }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" + image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: ["/bin/bash"] - args: ["-c", "/opt/sdnc/bin/startODL.sh"] + args: ["-c", "/opt/onap/sdnc/bin/createLinks.sh ; /opt/onap/sdnc/bin/startODL.sh"] ports: - containerPort: {{ .Values.service.internalPort }} - containerPort: {{ .Values.service.internalPort2 }} @@ -164,15 +143,15 @@ spec: periodSeconds: {{ .Values.readiness.periodSeconds }} env: - name: MYSQL_ROOT_PASSWORD - {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-root-password" "key" "password") | indent 12 }} + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-root-password" "key" "password") | indent 12 }} - name: ODL_ADMIN_USERNAME - {{- include "common.secret.envFromSecret" (dict "global" . "uid" "odl-creds" "key" "login") | indent 12 }} + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "login") | indent 12 }} - name: ODL_ADMIN_PASSWORD - {{- include "common.secret.envFromSecret" (dict "global" . "uid" "odl-creds" "key" "password") | indent 12 }} + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "password") | indent 12 }} - name: SDNC_DB_USER - {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-secret" "key" "login") | indent 12 }} + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 12 }} - name: SDNC_DB_PASSWORD - {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-secret" "key" "password") | indent 12 }} + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 12 }} - name: SDNC_CONFIG_DIR value: "{{ .Values.config.configDir }}" - name: ENABLE_ODL_CLUSTER @@ -191,21 +170,57 @@ spec: value: "{{ .Values.replicaCount }}" - name: MYSQL_HOST value: {{ include "common.mariadbService" . }} + - name: MDSAL_PATH + value: {{ .Values.persistence.mdsalPath }} + - name: DAEXIM_PATH + value: {{ .Values.persistence.daeximPath }} + - name: JOURNAL_PATH + value: {{ .Values.persistence.journalPath }} + - name: SNAPSHOTS_PATH + value: {{ .Values.persistence.snapshotsPath }} - name: JAVA_HOME value: "{{ .Values.config.javaHome}}" + - name: JAVA_OPTS + value: "-Xms{{.Values.config.odl.javaOptions.minMemory}} -Xmx{{.Values.config.odl.javaOptions.maxMemory}}" + - name: KARAF_CONSOLE_LOG_LEVEL + value: "{{ include "common.log.level" . }}" + - name: SDNRWT + value: "{{ .Values.config.sdnr.enabled | default "false"}}" + {{- if eq .Values.config.sdnr.mode "web" }} + - name: SDNRDM + value: "true" + {{- end }} + - name: SDNRONLY + value: "{{ .Values.config.sdnr.sdnronly | default "false" }}" + - name: SDNRDBURL + {{- $prefix := ternary "https" "http" .Values.global.aafEnabled}} + value: "{{$prefix}}://{{ .Values.elasticsearch.service.name | default "sdnrdb"}}.{{.Release.Namespace}}:{{.Values.elasticsearch.service.port | default "9200"}}" + {{- if .Values.config.sdnr.sdnrdbTrustAllCerts }} + - name: SDNRDBTRUSTALLCERTS + value: "true" + {{ end }} + volumeMounts: +{{ include "common.certInitializer.volumeMount" . | indent 10 }} +{{ include "common.certServiceClient.volumeMounts" . | indent 10 }} +{{- if and .Values.global.cmpv2Enabled .Values.global.CMPv2CertManagerIntegration }} +{{ include "common.certManager.volumeMounts" . | indent 10 }} +{{- end }} - mountPath: /etc/localtime name: localtime readOnly: true - mountPath: /opt/opendaylight/current/etc/org.ops4j.pax.logging.cfg name: sdnc-logging-cfg-config subPath: org.ops4j.pax.logging.cfg - - mountPath: {{ .Values.config.binDir }}/startODL.sh - name: bin - subPath: startODL.sh - mountPath: {{ .Values.config.binDir }}/installSdncDb.sh name: bin subPath: installSdncDb.sh + - mountPath: {{ .Values.config.binDir }}/createLinks.sh + name: bin + subPath: createLinks.sh + - mountPath: {{ .Values.config.ccsdkConfigDir }}/aaiclient.properties + name: properties + subPath: aaiclient.properties - mountPath: {{ .Values.config.configDir }}/aaiclient.properties name: properties subPath: aaiclient.properties @@ -231,17 +246,24 @@ spec: name: {{ include "common.fullname" . }}-data - mountPath: /var/log/onap name: logs - - mountPath: {{ .Values.certpersistence.certPath }} - name: {{ include "common.fullname" . }}-certs - mountPath: {{ .Values.config.odl.salConfigDir }}/{{ .Values.config.odl.salConfigVersion}}/sal-clustering-config-{{ .Values.config.odl.salConfigVersion}}-akkaconf.xml name: properties subPath: akka.conf - mountPath: {{ .Values.config.odl.etcDir }}/org.opendaylight.controller.cluster.datastore.cfg name: properties subPath: org.opendaylight.controller.cluster.datastore.cfg + - mountPath: {{ .Values.config.odl.etcDir }}/org.opendaylight.aaa.filterchain.cfg + name: properties + subPath: org.opendaylight.aaa.filterchain.cfg - mountPath: {{ .Values.config.odl.binDir }}/setenv name: properties subPath: setenv + - mountPath: {{ .Values.config.odl.etcDir }}/mountpoint-registrar.properties + name: properties + subPath: mountpoint-registrar.properties + - mountPath: {{ .Values.config.odl.etcDir }}/mountpoint-state-provider.properties + name: properties + subPath: mountpoint-state-provider.properties resources: {{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} @@ -255,7 +277,7 @@ spec: # side car containers - name: filebeat-onap - image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" + image: {{ include "repositoryGenerator.image.logging" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: - mountPath: /usr/share/filebeat/filebeat.yml @@ -292,17 +314,15 @@ spec: - name: properties emptyDir: medium: Memory - - name: {{ include "common.fullname" . }}-certs - {{ if .Values.certpersistence.enabled }} - persistentVolumeClaim: - claimName: {{ include "common.fullname" . }}-certs - {{ else }} - emptyDir: {} - {{ end }} {{ if not .Values.persistence.enabled }} - name: {{ include "common.fullname" . }}-data emptyDir: {} {{ else }} +{{ include "common.certInitializer.volumes" . | nindent 8 }} +{{ include "common.certServiceClient.volumes" . | nindent 8 }} +{{- if and .Values.global.cmpv2Enabled .Values.global.CMPv2CertManagerIntegration }} +{{ include "common.certManager.volumes" . | nindent 8 }} +{{- end }} volumeClaimTemplates: - metadata: name: {{ include "common.fullname" . }}-data