Code Review / oom.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
[AAI] Make AAI helm3 compatible
[oom.git] / kubernetes / aai / components / aai-babel / templates / deployment.yaml
1 {{/*
2 # Copyright © 2018 Amdocs, AT&T
3 # Modifications Copyright © 2018 Bell Canada
4 # Modifications Copyright © 2020 Orange
5 #
6 # Licensed under the Apache License, Version 2.0 (the "License");
7 # you may not use this file except in compliance with the License.
8 # You may obtain a copy of the License at
9 #
10 #       http://www.apache.org/licenses/LICENSE-2.0
11 #
12 # Unless required by applicable law or agreed to in writing, software
13 # distributed under the License is distributed on an "AS IS" BASIS,
14 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 # See the License for the specific language governing permissions and
16 # limitations under the License.
17 */}}
18
19 apiVersion: apps/v1
20 kind: Deployment
21 metadata:
22   name: {{ include "common.fullname" . }}
23   namespace: {{ include "common.namespace" . }}
24   labels:
25     app: {{ include "common.name" . }}
26     chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
27     release: {{ include "common.release" . }}
28     heritage: {{ .Release.Service }}
29 spec:
30   selector:
31     matchLabels:
32       app: {{ include "common.name" . }}
33   replicas: {{ .Values.replicaCount }}
34   template:
35     metadata:
36       labels:
37         app: {{ include "common.name" . }}
38         release: {{ include "common.release" . }}
39     spec:
40     {{ if .Values.global.installSidecarSecurity }}
41       hostAliases:
42       - ip: {{ .Values.global.aaf.serverIp }}
43         hostnames:
44         - {{ .Values.global.aaf.serverHostname }}
45
46       initContainers:
47         - name: {{ .Values.global.tproxyConfig.name }}
48           image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.tproxyConfig.image }}
49           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
50           securityContext:
51             privileged: true
52     {{ end }}
53       containers:
54         - name: {{ include "common.name" . }}
55           image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
56           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
57           ports:
58           - containerPort: {{ .Values.service.internalPort }}
59           # disable liveness probe when breakpoints set in debugger
60           # so K8s doesn't restart unresponsive container
61           {{ if .Values.liveness.enabled }}
62           livenessProbe:
63             tcpSocket:
64               port: {{ .Values.service.internalPort }}
65             initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
66             periodSeconds: {{ .Values.liveness.periodSeconds }}
67           {{ end }}
68           readinessProbe:
69             tcpSocket:
70               port: {{ .Values.service.internalPort }}
71             initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
72             periodSeconds: {{ .Values.readiness.periodSeconds }}
73           env:
74             - name: CONFIG_HOME
75               value: /opt/app/babel/config
76             - name: KEY_STORE_PASSWORD
77               valueFrom:
78                 secretKeyRef:
79                   name: {{ template "common.fullname" . }}-pass
80                   key: KEY_STORE_PASSWORD
81             - name: KEY_MANAGER_PASSWORD
82               valueFrom:
83                 secretKeyRef:
84                   name: {{ template "common.fullname" . }}-pass
85                   key: KEY_MANAGER_PASSWORD
86           volumeMounts:
87           - mountPath: /etc/localtime
88             name: localtime
89             readOnly: true
90           - mountPath: /opt/app/babel/config/artifact-generator.properties
91             name: {{ include "common.fullname" . }}-config
92             subPath: artifact-generator.properties
93           - mountPath: /opt/app/babel/config/tosca-mappings.json
94             name: {{ include "common.fullname" . }}-config
95             subPath: tosca-mappings.json
96           - mountPath: /opt/app/babel/config/babel-auth.properties
97             name: {{ include "common.fullname" . }}-config
98             subPath: babel-auth.properties
99           - mountPath: /opt/app/babel/config/auth
100             name: {{ include "common.fullname" . }}-secrets
101           - mountPath: /var/log/onap
102             name: {{ include "common.fullname" . }}-logs
103           - mountPath: /opt/app/babel/config/logback.xml
104             name: {{ include "common.fullname" . }}-config
105             subPath: logback.xml
106           resources:
107 {{ include "common.resources" . }}
108       {{- if .Values.nodeSelector }}
109       nodeSelector:
110 {{ toYaml .Values.nodeSelector | indent 8 }}
111       {{- end -}}
112       {{- if .Values.affinity }}
113       affinity:
114 {{ toYaml .Values.affinity | indent 8 }}
115       {{- end }}
116
117         # side car containers
118         - name: filebeat-onap
119           image: {{ include "repositoryGenerator.image.logging" . }}
120           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
121           volumeMounts:
122           - mountPath: /usr/share/filebeat/filebeat.yml
123             subPath: filebeat.yml
124             name: filebeat-conf
125           - mountPath: /var/log/onap
126             name: {{ include "common.fullname" . }}-logs
127           - mountPath: /usr/share/filebeat/data
128             name: aai-filebeat
129
130     {{ if .Values.global.installSidecarSecurity }}
131         - name: {{ .Values.global.rproxy.name }}
132           image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.rproxy.image }}
133           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
134           env:
135           - name: CONFIG_HOME
136             value: "/opt/app/rproxy/config"
137           - name: KEY_STORE_PASSWORD
138             value: {{ .Values.config.keyStorePassword }}
139           - name: spring_profiles_active
140             value: {{ .Values.global.rproxy.activeSpringProfiles }}
141           volumeMounts:
142           - name: {{ include "common.fullname" . }}-rproxy-config
143             mountPath: /opt/app/rproxy/config/forward-proxy.properties
144             subPath: forward-proxy.properties
145           - name: {{ include "common.fullname" . }}-rproxy-config
146             mountPath: /opt/app/rproxy/config/primary-service.properties
147             subPath: primary-service.properties
148           - name: {{ include "common.fullname" . }}-rproxy-config
149             mountPath: /opt/app/rproxy/config/reverse-proxy.properties
150             subPath: reverse-proxy.properties
151           - name: {{ include "common.fullname" . }}-rproxy-config
152             mountPath: /opt/app/rproxy/config/cadi.properties
153             subPath: cadi.properties
154           - name: {{ include "common.fullname" . }}-rproxy-log-config
155             mountPath: /opt/app/rproxy/config/logback-spring.xml
156             subPath: logback-spring.xml
157           - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config
158             mountPath: /opt/app/rproxy/config/auth/uri-authorization.json
159             subPath: uri-authorization.json
160           - name: {{ include "common.fullname" . }}-rproxy-auth-config
161             mountPath: /opt/app/rproxy/config/auth/tomcat_keystore
162             subPath: tomcat_keystore
163           - name: {{ include "common.fullname" . }}-rproxy-auth-config
164             mountPath: /opt/app/rproxy/config/auth/client-cert.p12
165             subPath: client-cert.p12
166           - name: {{ include "common.fullname" . }}-rproxy-auth-config
167             mountPath: /opt/app/rproxy/config/auth/aaf_truststore.jks
168             subPath: aaf_truststore.jks
169           - name: {{ include "common.fullname" . }}-rproxy-security-config
170             mountPath: /opt/app/rproxy/config/security/keyfile
171             subPath: keyfile
172
173           ports:
174           - containerPort: {{ .Values.global.rproxy.port }}
175
176         - name: {{ .Values.global.fproxy.name }}
177           image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.fproxy.image }}
178           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
179           env:
180           - name: CONFIG_HOME
181             value: "/opt/app/fproxy/config"
182           - name: KEY_STORE_PASSWORD
183             value: {{ .Values.config.keyStorePassword }}
184           - name: spring_profiles_active
185             value: {{ .Values.global.fproxy.activeSpringProfiles }}
186           volumeMounts:
187           - name: {{ include "common.fullname" . }}-fproxy-config
188             mountPath: /opt/app/fproxy/config/fproxy.properties
189             subPath: fproxy.properties
190           - name: {{ include "common.fullname" . }}-fproxy-log-config
191             mountPath: /opt/app/fproxy/config/logback-spring.xml
192             subPath: logback-spring.xml
193           - name: {{ include "common.fullname" . }}-fproxy-auth-config
194             mountPath: /opt/app/fproxy/config/auth/tomcat_keystore
195             subPath: tomcat_keystore
196           - name: {{ include "common.fullname" . }}-fproxy-auth-config
197             mountPath: /opt/app/fproxy/config/auth/client-cert.p12
198             subPath: client-cert.p12
199           ports:
200           - containerPort: {{ .Values.global.fproxy.port }}
201     {{ end }}
202
203       volumes:
204         - name: localtime
205           hostPath:
206             path: /etc/localtime
207         - name: {{ include "common.fullname" . }}-config
208           configMap:
209             name: {{ include "common.fullname" . }}-configmap
210             items:
211             - key: artifact-generator.properties
212               path: artifact-generator.properties
213             - key: tosca-mappings.json
214               path: tosca-mappings.json
215             - key: babel-auth.properties
216               path: babel-auth.properties
217             - key: logback.xml
218               path: logback.xml
219         - name: {{ include "common.fullname" . }}-secrets
220           secret:
221             secretName: {{ include "common.fullname" . }}-babel-secrets
222         - name: filebeat-conf
223           configMap:
224             name: aai-filebeat
225         - name: {{ include "common.fullname" . }}-logs
226           emptyDir: {}
227         - name: aai-filebeat
228           emptyDir: {}
229     {{ if .Values.global.installSidecarSecurity }}
230         - name: {{ include "common.fullname" . }}-rproxy-config
231           configMap:
232             name: {{ include "common.fullname" . }}-rproxy-config
233         - name: {{ include "common.fullname" . }}-rproxy-log-config
234           configMap:
235             name: {{ include "common.fullname" . }}-rproxy-log-config
236         - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config
237           configMap:
238             name: {{ include "common.fullname" . }}-rproxy-uri-auth-config
239         - name: {{ include "common.fullname" . }}-rproxy-auth-config
240           secret:
241             secretName: {{ include "common.fullname" . }}-rproxy-auth-config
242         - name: {{ include "common.fullname" . }}-rproxy-security-config
243           secret:
244             secretName: {{ include "common.fullname" . }}-rproxy-security-config
245         - name: {{ include "common.fullname" . }}-fproxy-config
246           configMap:
247             name: {{ include "common.fullname" . }}-fproxy-config
248         - name: {{ include "common.fullname" . }}-fproxy-log-config
249           configMap:
250             name: {{ include "common.fullname" . }}-fproxy-log-config
251         - name: {{ include "common.fullname" . }}-fproxy-auth-config
252           secret:
253             secretName: {{ include "common.fullname" . }}-fproxy-auth-config
254     {{ end }}
255
256       imagePullSecrets:
257       - name: "{{ include "common.namespace" . }}-docker-registry-key"
Introduces the ONAP Platform OOM (ONAP Operations Manager) to efficiently Deploy, Manage, Operate the ONAP platform and its components (e.g. MSO, DCAE, SDC, etc.) and infrastructure (VMs, Containers).