Revert "moving certs and keys to k8s secrets"

This reverts commit 59ffd500ea34c201fbb3edc39e64655fa8381be0.

Tested locally and does not work.  DmaaP fails to come up causing
many other pods to crash loop.

failed to start container "dmaap": Error response from daemon:
{"message":"invalid header field value "oci runtime error:
container_linux.go:247:starting container process caused
"process_linux.go:359: container init caused "rootfs_linux.go:53:
mounting "/var/lib/kubelet/pods/9ae222e0-98a9-11e7-badd-02cfc855c3b9
/volumes/kubernetes.io~secret/mykey" to rootfs "/var/lib/docker/aufs/mnt
/b92c56185f3371cb1f091679780d40797dd2c6124cd00cb8fe68da2b247363a8"
at "/var/lib/docker/aufs/mnt/.../appl/dmaapMR1/etc/keyfile" caused
"not a directory"""n""}

Issue-ID: OOM-293

Change-Id: I348ffa14718bd6e89e99f2859cf6612c10370559
Signed-off-by: Mandeep Khinda <mandeep.khinda@amdocs.com>

diff --git a/templates/data-router-deployment.yaml b/templates/data-router-deployment.yaml
index 0033208..f823061 100644 (file)
--- a/templates/data-router-deployment.yaml
+++ b/templates/data-router-deployment.yaml
@@ -35,10 +35,6 @@ spec:
         volumeMounts:
         - mountPath: /opt/app/data-router/config/
           name: data-router-config
-        - mountPath: /opt/app/data-router/config/auth/tomcat_keystore
-          name: data-router-tomcat-key
-        - mountPath: /opt/app/data-router/config/auth/client-cert-onap.p12 
-          name: data-router-client-cert
         - mountPath: /opt/app/data-router/dynamic/
           name: data-router-dynamic
         - mountPath: /logs/
@@ -60,12 +56,6 @@ spec:
       - name: data-router-logs
         hostPath:
           path: "/dockerdata-nfs/{{ .Values.nsPrefix }}/aai/data-router/logs/"
-      - name: data-router-tomcat-key
-        secret:
-          secretName: secret-{{ .Values.nsPrefix }}-aai
-      - name: data-router-client-cert
-        secret:
-          secretName: secret-{{ .Values.nsPrefix }}-aai
       restartPolicy: Always
       imagePullSecrets:
       - name: "{{ .Values.nsPrefix }}-docker-registry-key"

diff --git a/templates/modelloader-deployment.yaml b/templates/modelloader-deployment.yaml
index ec6a917..5391273 100644 (file)
--- a/templates/modelloader-deployment.yaml
+++ b/templates/modelloader-deployment.yaml
@@ -20,8 +20,6 @@ spec:
         volumeMounts:
         - mountPath: /opt/app/model-loader/config/
           name: aai-model-loader-config
-        - mountPath: /opt/app/model-loader/config/auth/aai-os-cert.p12
-          name: aai-os-cert
         - mountPath: /logs/
           name: aai-model-loader-logs
         image: "{{ .Values.image.modelLoaderImage }}:{{ .Values.image.modelLoaderVersion }}"
@@ -37,9 +35,6 @@ spec:
       - name: aai-model-loader-logs
         hostPath:
           path: "/dockerdata-nfs/{{ .Values.nsPrefix }}/aai/model-loader/logs/"
-      - name: aai-os-cert
-        secret:
-          secretName: secret-{{ .Values.nsPrefix }}-aai
       restartPolicy: Always
       imagePullSecrets:
       - name: "{{ .Values.nsPrefix }}-docker-registry-key"

diff --git a/templates/search-data-service-deployment.yaml b/templates/search-data-service-deployment.yaml
index 8f4acef..f2db937 100644 (file)
--- a/templates/search-data-service-deployment.yaml
+++ b/templates/search-data-service-deployment.yaml
@@ -27,8 +27,6 @@ spec:
         volumeMounts:
         - mountPath: /opt/app/search-data-service/config/
           name: aai-search-data-service-config
-        - mountPath: /opt/app/search-data-service/config/auth/tomcat_keystore
-          name: aai-tomcat-key
         - mountPath: /logs/
           name: aai-search-data-service-logs
         ports:
@@ -42,9 +40,6 @@ spec:
       - name: aai-search-data-service-config
         hostPath:
           path: "/dockerdata-nfs/{{ .Values.nsPrefix }}/aai/search-data-service/appconfig/"
-      - name: aai-tomcat-key
-        secret:
-          secretName: secret-{{ .Values.nsPrefix }}-aai
       - name: aai-search-data-service-logs
         hostPath:
           path: "/dockerdata-nfs/{{ .Values.nsPrefix }}/aai/search-data-service/logs/"

diff --git a/templates/sparky-be-deployment.yaml b/templates/sparky-be-deployment.yaml
index f4c44e2..6a8ff93 100644 (file)
--- a/templates/sparky-be-deployment.yaml
+++ b/templates/sparky-be-deployment.yaml
@@ -27,12 +27,6 @@ spec:
         volumeMounts:
         - mountPath: /opt/app/sparky/config/
           name: aai-sparky-be-config
-        - mountPath: /opt/app/sparky/config/auth/client-cert-onap.p12 
-          name: aai-sparky-be-client-cert
-        - mountPath: /opt/app/sparky/config/auth/aai-os-cert.p12
-          name: aai-sparky-be-aai-os-cert
-        - mountPath: /opt/app/sparky/config/auth/inventory-ui-keystore
-          name: aai-sparky-be-inventory-key
         - mountPath: /logs/
           name: aai-sparky-be-logs
         ports:
@@ -49,15 +43,6 @@ spec:
       - name: aai-sparky-be-logs
         hostPath:
           path: "/dockerdata-nfs/{{ .Values.nsPrefix }}/aai/sparky-be/logs/"
-      - name: aai-sparky-be-client-cert
-        secret:
-          secretName: secret-{{ .Values.nsPrefix }}-aai
-      - name: aai-sparky-be-aai-os-cert
-        secret:
-          secretName: secret-{{ .Values.nsPrefix }}-aai
-      - name: aai-sparky-be-inventory-key
-        secret:
-          secretName: secret-{{ .Values.nsPrefix }}-aai
       restartPolicy: Always
       imagePullSecrets:
       - name: "{{ .Values.nsPrefix }}-docker-registry-key"