X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=kubernetes%2Fvid%2Ftemplates%2Fdeployment.yaml;h=116a7cdfed73dc81926fc45be37d7071ae24b879;hb=8c26e59d30a185186cf33988a0dbb859409f73eb;hp=7b92dcc725935a2111a0ee81019c506501e6e5c7;hpb=7e1a8495095461843a13b39bf02571cf241defb8;p=oom.git diff --git a/kubernetes/vid/templates/deployment.yaml b/kubernetes/vid/templates/deployment.yaml index 7b92dcc725..116a7cdfed 100644 --- a/kubernetes/vid/templates/deployment.yaml +++ b/kubernetes/vid/templates/deployment.yaml @@ -1,5 +1,7 @@ +{{/* # Copyright © 2017 Amdocs, Bell Canada # Copyright © 2020 Samsung Electronics +# Copyright © 2021 Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -12,6 +14,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} apiVersion: apps/v1 kind: Deployment @@ -34,25 +37,36 @@ spec: app: {{ include "common.name" . }} release: {{ include "common.release" . }} spec: - initContainers: + initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }} - command: - /app/ready.py args: - --job-name - - {{ include "common.fullname" . }}-galera-config + - {{ include "common.fullname" . }}-mariadb-init-config-job env: - name: NAMESPACE valueFrom: fieldRef: apiVersion: v1 fieldPath: metadata.namespace - image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}" + image: {{ include "repositoryGenerator.image.readiness" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }}-readiness containers: - name: {{ include "common.name" . }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" + image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + {{- if .Values.global.aafEnabled }} + command: + - sh + args: + - -c + - | + export $(cat {{ .Values.certInitializer.credsPath }}/mycreds.prop | xargs -0) + export VID_TRUSTSTORE_PLAIN_PASSWORD=${VID_TRUSTSTORE_PASSWORD} + export VID_TRUSTSTORE_PASSWORD=`java -cp /usr/local/tomcat/webapps/vid/WEB-INF/lib/jetty-util-9.4.20.v20190813.jar org.eclipse.jetty.util.security.Password ${VID_TRUSTSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"` + /tmp/vid/localize.sh + {{- end }} ports: - containerPort: {{ .Values.service.internalPort }} # disable liveness probe when breakpoints set in debugger @@ -98,33 +112,37 @@ spec: value: "{{ .Values.config.roleaccesscentralized }}" - name: VID_CONTACT_US_LINK value: "{{ .Values.config.vidcontactuslink }}" - - name: VID_KEYSTORE_PASSWORD - value: {{ .Values.config.vidkeystorepassword | quote }} - name: VID_UEB_URL_LIST value: message-router.{{ include "common.namespace" . }} - name: VID_MYSQL_HOST - value: {{ index .Values "mariadb-galera" "service" "name" }} + value: {{ include "common.mariadbService" . }} - name: VID_MYSQL_PORT - value: "{{ index .Values "mariadb-galera" "service" "internalPort" }}" + value: "{{ include "common.mariadbPort" . }}" - name: VID_MYSQL_DBNAME - value: {{ index .Values "mariadb-galera" "config" "mysqlDatabase" }} + value: {{ index .Values "mariadb-galera" "db" "name" }} - name: VID_MYSQL_USER {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "vid-db-user-secret" "key" "login") | indent 14 }} - name: VID_MYSQL_PASS {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "vid-db-user-secret" "key" "password") | indent 14 }} - name: VID_MYSQL_MAXCONNECTIONS value: "{{ .Values.config.vidmysqlmaxconnections }}" - volumeMounts: - - mountPath: /opt/app/vid/etc - name: vid-certs + {{- if .Values.global.aafEnabled }} + - name: VID_KEYSTORE_FILENAME + value: "{{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.jks" + - name: VID_TRUSTSTORE_FILENAME + value: "{{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.trust.jks" + {{- end }} + volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }} - mountPath: /etc/localtime name: localtime readOnly: true - - mountPath: /var/log/onap + - mountPath: "{{ .Values.log.path }}" name: vid-logs - mountPath: /tmp/logback.xml name: vid-logback subPath: logback.xml + - mountPath: /opt/app/vid + name: vid-cache resources: {{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} @@ -136,30 +154,15 @@ spec: {{ toYaml .Values.affinity | indent 10 }} {{- end }} # side car containers - - name: filebeat-onap - image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - - mountPath: /usr/share/filebeat/filebeat.yml - name: filebeat-conf - subPath: filebeat.yml - - mountPath: /var/log/onap - name: vid-logs - - mountPath: /usr/share/filebeat/data - name: vid-data-filebeat - volumes: - - name: vid-certs - secret: - secretName: {{ include "common.fullname" . }}-certs + {{ include "common.log.sidecar" . | nindent 8 }} + volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }} - name: localtime hostPath: path: /etc/localtime - - name: filebeat-conf - configMap: - name: {{ include "common.fullname" . }}-filebeat-configmap - - name: vid-logs + {{ include "common.log.volumes" . | nindent 8 }} + - name: vid-cache emptyDir: {} - - name: vid-data-filebeat + - name: vid-logs emptyDir: {} - name: vid-logback configMap: