Code Review / oom.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
Merge "[AAI] Uses new tpls for repos / images"
[oom.git] / kubernetes / aai / components / aai-babel / templates / deployment.yaml
1 # Copyright © 2018 Amdocs, AT&T
2 # Modifications Copyright © 2018 Bell Canada
3 # Modifications Copyright © 2020 Orange
4 #
5 # Licensed under the Apache License, Version 2.0 (the "License");
6 # you may not use this file except in compliance with the License.
7 # You may obtain a copy of the License at
8 #
9 #       http://www.apache.org/licenses/LICENSE-2.0
10 #
11 # Unless required by applicable law or agreed to in writing, software
12 # distributed under the License is distributed on an "AS IS" BASIS,
13 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 # See the License for the specific language governing permissions and
15 # limitations under the License.
16
17 apiVersion: apps/v1
18 kind: Deployment
19 metadata:
20   name: {{ include "common.fullname" . }}
21   namespace: {{ include "common.namespace" . }}
22   labels:
23     app: {{ include "common.name" . }}
24     chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
25     release: {{ include "common.release" . }}
26     heritage: {{ .Release.Service }}
27 spec:
28   selector:
29     matchLabels:
30       app: {{ include "common.name" . }}
31   replicas: {{ .Values.replicaCount }}
32   template:
33     metadata:
34       labels:
35         app: {{ include "common.name" . }}
36         release: {{ include "common.release" . }}
37     spec:
38     {{ if .Values.global.installSidecarSecurity }}
39       hostAliases:
40       - ip: {{ .Values.global.aaf.serverIp }}
41         hostnames:
42         - {{ .Values.global.aaf.serverHostname }}
43
44       initContainers:
45         - name: {{ .Values.global.tproxyConfig.name }}
46           image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.tproxyConfig.image }}
47           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
48           securityContext:
49             privileged: true
50     {{ end }}
51       containers:
52         - name: {{ include "common.name" . }}
53           image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
54           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
55           ports:
56           - containerPort: {{ .Values.service.internalPort }}
57           # disable liveness probe when breakpoints set in debugger
58           # so K8s doesn't restart unresponsive container
59           {{ if .Values.liveness.enabled }}
60           livenessProbe:
61             tcpSocket:
62               port: {{ .Values.service.internalPort }}
63             initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
64             periodSeconds: {{ .Values.liveness.periodSeconds }}
65           {{ end }}
66           readinessProbe:
67             tcpSocket:
68               port: {{ .Values.service.internalPort }}
69             initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
70             periodSeconds: {{ .Values.readiness.periodSeconds }}
71           env:
72             - name: CONFIG_HOME
73               value: /opt/app/babel/config
74             - name: KEY_STORE_PASSWORD
75               valueFrom:
76                 secretKeyRef:
77                   name: {{ template "common.fullname" . }}-pass
78                   key: KEY_STORE_PASSWORD
79             - name: KEY_MANAGER_PASSWORD
80               valueFrom:
81                 secretKeyRef:
82                   name: {{ template "common.fullname" . }}-pass
83                   key: KEY_MANAGER_PASSWORD
84           volumeMounts:
85           - mountPath: /etc/localtime
86             name: localtime
87             readOnly: true
88           - mountPath: /opt/app/babel/config/artifact-generator.properties
89             name: {{ include "common.fullname" . }}-config
90             subPath: artifact-generator.properties
91           - mountPath: /opt/app/babel/config/tosca-mappings.json
92             name: {{ include "common.fullname" . }}-config
93             subPath: tosca-mappings.json
94           - mountPath: /opt/app/babel/config/babel-auth.properties
95             name: {{ include "common.fullname" . }}-config
96             subPath: babel-auth.properties
97           - mountPath: /opt/app/babel/config/auth
98             name: {{ include "common.fullname" . }}-secrets
99           - mountPath: /var/log/onap
100             name: {{ include "common.fullname" . }}-logs
101           - mountPath: /opt/app/babel/config/logback.xml
102             name: {{ include "common.fullname" . }}-config
103             subPath: logback.xml
104           resources:
105 {{ include "common.resources" . }}
106       {{- if .Values.nodeSelector }}
107       nodeSelector:
108 {{ toYaml .Values.nodeSelector | indent 8 }}
109       {{- end -}}
110       {{- if .Values.affinity }}
111       affinity:
112 {{ toYaml .Values.affinity | indent 8 }}
113       {{- end }}
114
115         # side car containers
116         - name: filebeat-onap
117           image: {{ include "repositoryGenerator.image.logging" . }}
118           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
119           volumeMounts:
120           - mountPath: /usr/share/filebeat/filebeat.yml
121             subPath: filebeat.yml
122             name: filebeat-conf
123           - mountPath: /var/log/onap
124             name: {{ include "common.fullname" . }}-logs
125           - mountPath: /usr/share/filebeat/data
126             name: aai-filebeat
127
128     {{ if .Values.global.installSidecarSecurity }}
129         - name: {{ .Values.global.rproxy.name }}
130           image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.rproxy.image }}
131           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
132           env:
133           - name: CONFIG_HOME
134             value: "/opt/app/rproxy/config"
135           - name: KEY_STORE_PASSWORD
136             value: {{ .Values.config.keyStorePassword }}
137           - name: spring_profiles_active
138             value: {{ .Values.global.rproxy.activeSpringProfiles }}
139           volumeMounts:
140           - name: {{ include "common.fullname" . }}-rproxy-config
141             mountPath: /opt/app/rproxy/config/forward-proxy.properties
142             subPath: forward-proxy.properties
143           - name: {{ include "common.fullname" . }}-rproxy-config
144             mountPath: /opt/app/rproxy/config/primary-service.properties
145             subPath: primary-service.properties
146           - name: {{ include "common.fullname" . }}-rproxy-config
147             mountPath: /opt/app/rproxy/config/reverse-proxy.properties
148             subPath: reverse-proxy.properties
149           - name: {{ include "common.fullname" . }}-rproxy-config
150             mountPath: /opt/app/rproxy/config/cadi.properties
151             subPath: cadi.properties
152           - name: {{ include "common.fullname" . }}-rproxy-log-config
153             mountPath: /opt/app/rproxy/config/logback-spring.xml
154             subPath: logback-spring.xml
155           - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config
156             mountPath: /opt/app/rproxy/config/auth/uri-authorization.json
157             subPath: uri-authorization.json
158           - name: {{ include "common.fullname" . }}-rproxy-auth-config
159             mountPath: /opt/app/rproxy/config/auth/tomcat_keystore
160             subPath: tomcat_keystore
161           - name: {{ include "common.fullname" . }}-rproxy-auth-config
162             mountPath: /opt/app/rproxy/config/auth/client-cert.p12
163             subPath: client-cert.p12
164           - name: {{ include "common.fullname" . }}-rproxy-auth-config
165             mountPath: /opt/app/rproxy/config/auth/aaf_truststore.jks
166             subPath: aaf_truststore.jks
167           - name: {{ include "common.fullname" . }}-rproxy-security-config
168             mountPath: /opt/app/rproxy/config/security/keyfile
169             subPath: keyfile
170
171           ports:
172           - containerPort: {{ .Values.global.rproxy.port }}
173
174         - name: {{ .Values.global.fproxy.name }}
175           image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.fproxy.image }}
176           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
177           env:
178           - name: CONFIG_HOME
179             value: "/opt/app/fproxy/config"
180           - name: KEY_STORE_PASSWORD
181             value: {{ .Values.config.keyStorePassword }}
182           - name: spring_profiles_active
183             value: {{ .Values.global.fproxy.activeSpringProfiles }}
184           volumeMounts:
185           - name: {{ include "common.fullname" . }}-fproxy-config
186             mountPath: /opt/app/fproxy/config/fproxy.properties
187             subPath: fproxy.properties
188           - name: {{ include "common.fullname" . }}-fproxy-log-config
189             mountPath: /opt/app/fproxy/config/logback-spring.xml
190             subPath: logback-spring.xml
191           - name: {{ include "common.fullname" . }}-fproxy-auth-config
192             mountPath: /opt/app/fproxy/config/auth/tomcat_keystore
193             subPath: tomcat_keystore
194           - name: {{ include "common.fullname" . }}-fproxy-auth-config
195             mountPath: /opt/app/fproxy/config/auth/client-cert.p12
196             subPath: client-cert.p12
197           ports:
198           - containerPort: {{ .Values.global.fproxy.port }}
199     {{ end }}
200
201       volumes:
202         - name: localtime
203           hostPath:
204             path: /etc/localtime
205         - name: {{ include "common.fullname" . }}-config
206           configMap:
207             name: {{ include "common.fullname" . }}-configmap
208             items:
209             - key: artifact-generator.properties
210               path: artifact-generator.properties
211             - key: tosca-mappings.json
212               path: tosca-mappings.json
213             - key: babel-auth.properties
214               path: babel-auth.properties
215             - key: logback.xml
216               path: logback.xml
217         - name: {{ include "common.fullname" . }}-secrets
218           secret:
219             secretName: {{ include "common.fullname" . }}-babel-secrets
220         - name: filebeat-conf
221           configMap:
222             name: aai-filebeat
223         - name: {{ include "common.fullname" . }}-logs
224           emptyDir: {}
225         - name: aai-filebeat
226           emptyDir: {}
227     {{ if .Values.global.installSidecarSecurity }}
228         - name: {{ include "common.fullname" . }}-rproxy-config
229           configMap:
230             name: {{ include "common.fullname" . }}-rproxy-config
231         - name: {{ include "common.fullname" . }}-rproxy-log-config
232           configMap:
233             name: {{ include "common.fullname" . }}-rproxy-log-config
234         - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config
235           configMap:
236             name: {{ include "common.fullname" . }}-rproxy-uri-auth-config
237         - name: {{ include "common.fullname" . }}-rproxy-auth-config
238           secret:
239             secretName: {{ include "common.fullname" . }}-rproxy-auth-config
240         - name: {{ include "common.fullname" . }}-rproxy-security-config
241           secret:
242             secretName: {{ include "common.fullname" . }}-rproxy-security-config
243         - name: {{ include "common.fullname" . }}-fproxy-config
244           configMap:
245             name: {{ include "common.fullname" . }}-fproxy-config
246         - name: {{ include "common.fullname" . }}-fproxy-log-config
247           configMap:
248             name: {{ include "common.fullname" . }}-fproxy-log-config
249         - name: {{ include "common.fullname" . }}-fproxy-auth-config
250           secret:
251             secretName: {{ include "common.fullname" . }}-fproxy-auth-config
252     {{ end }}
253
254       imagePullSecrets:
255       - name: "{{ include "common.namespace" . }}-docker-registry-key"
Introduces the ONAP Platform OOM (ONAP Operations Manager) to efficiently Deploy, Manage, Operate the ONAP platform and its components (e.g. MSO, DCAE, SDC, etc.) and infrastructure (VMs, Containers).