Code Review / oom.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
[AAI] Service monitor for scraping prometheus metrics
[oom.git] / kubernetes / aai / components / aai-resources / templates / deployment.yaml
1 {{/*
2 # Copyright (c) 2017 Amdocs, Bell Canada
3 # Modifications Copyright (c) 2018 AT&T
4 # Modifications Copyright (c) 2020 Nokia
5 # Modifications Copyright (c) 2021 Orange
6 #
7 # Licensed under the Apache License, Version 2.0 (the "License");
8 # you may not use this file except in compliance with the License.
9 # You may obtain a copy of the License at
10 #
11 #       http://www.apache.org/licenses/LICENSE-2.0
12 #
13 # Unless required by applicable law or agreed to in writing, software
14 # distributed under the License is distributed on an "AS IS" BASIS,
15 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 # See the License for the specific language governing permissions and
17 # limitations under the License.
18 */}}
19
20 apiVersion: apps/v1
21 kind: Deployment
22 metadata:
23   name: {{ include "common.fullname" . }}
24   namespace: {{ include "common.namespace" . }}
25   labels:
26     app: {{ include "common.name" . }}
27     chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
28     release: {{ include "common.release" . }}
29     heritage: {{ .Release.Service }}
30 spec:
31   replicas: {{ .Values.replicaCount }}
32   minReadySeconds: {{ .Values.minReadySeconds }}
33   strategy:
34     type: {{ .Values.updateStrategy.type }}
35     rollingUpdate:
36       maxUnavailable: {{ .Values.updateStrategy.maxUnavailable }}
37       maxSurge: {{ .Values.updateStrategy.maxSurge }}
38   selector:
39     matchLabels:
40       app: {{ include "common.name" . }}
41   template:
42     metadata:
43       labels:
44         app: {{ include "common.name" . }}
45         release: {{ include "common.release" . }}
46       name: {{ include "common.name" . }}
47       annotations:
48         checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
49       {{- if .Values.global.msbEnabled }}
50         {{ $values := .Values }}
51         msb.onap.org/service-info: '[
52         {{- range $api_endpoint := $values.aai_enpoints -}}
53           {{- range $api_version := $values.api_list }}
54           {
55               "serviceName": "_{{ $api_endpoint.name }}",
56               "version": "v{{ $api_version }}",
57               "url": "/aai/v{{ $api_version }}/{{ $api_endpoint.url }}",
58               "protocol": "REST",
59               "port": "8447",
60               "enable_ssl": true,
61               "lb_policy":"ip_hash",
62               "visualRange": "1",
63               "path": "/aai/v{{ $api_version }}/{{ $api_endpoint.url }}"
64           },
65           {
66               "serviceName": "{{ $api_endpoint.name }}",
67               "version": "v{{ $api_version }}",
68               "url": "/aai/v{{ $api_version }}/{{ $api_endpoint.url }}",
69               "protocol": "REST",
70               "port": "8447",
71               "enable_ssl": true,
72               "lb_policy":"ip_hash",
73               "visualRange": "1"
74           },
75           {{- end }}
76         {{- end }}
77           ]'
78       {{- end }}
79     spec:
80       hostname: aai-resources
81       terminationGracePeriodSeconds: {{ .Values.service.terminationGracePeriodSeconds }}
82       initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }}
83       - name: {{ include "common.name" . }}-readiness
84         command:
85         - /app/ready.py
86         args:
87         {{- if .Values.global.jobs.migration.enabled }}
88         - --job-name
89         - {{ include "common.release" . }}-aai-graphadmin-migration
90         {{- else }}
91           {{- if .Values.global.jobs.createSchema.enabled  }}
92         - --job-name
93         - {{ include "common.release" . }}-aai-graphadmin-create-db-schema
94           {{- else }}
95         - --container-name
96             {{- if .Values.global.cassandra.localCluster }}
97         - aai-cassandra
98             {{- else }}
99         - cassandra
100             {{- end }}
101         - --container-name
102         - aai-schema-service
103           {{- end }}
104         {{- end }}
105         env:
106         - name: NAMESPACE
107           valueFrom:
108             fieldRef:
109               apiVersion: v1
110               fieldPath: metadata.namespace
111         image: {{ include "repositoryGenerator.image.readiness" . }}
112         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
113       containers:
114       - name: {{ include "common.name" . }}
115         image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
116         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
117         command:
118         - sh
119         args:
120         - -c
121         - |
122           echo "*** retrieve Truststore and Keystore password"
123           export $(cat {{ .Values.certInitializer.credsPath }}/mycreds.prop | xargs -0)
124           echo "*** actual launch of AAI Resources"
125           /bin/bash /opt/app/aai-resources/docker-entrypoint.sh
126         env:
127         - name: LOCAL_USER_ID
128           value: {{ .Values.global.config.userId | quote }}
129         - name: LOCAL_GROUP_ID
130           value: {{ .Values.global.config.groupId | quote }}
131         - name: POST_JAVA_OPTS
132           value: '-Djavax.net.ssl.trustStore={{ .Values.certInitializer.credsPath }}/truststoreONAPall.jks -Djavax.net.ssl.trustStorePassword={{ .Values.certInitializer.truststorePassword }}'
133         - name: TRUSTORE_ALL_PASSWORD
134           value: {{ .Values.certInitializer.truststorePassword }}
135         - name: INTERNAL_PORT_1
136           value: {{ .Values.service.internalPort | quote }}
137         - name: INTERNAL_PORT_2
138           value: {{ .Values.service.internalPort2 | quote }}
139         - name: INTERNAL_PORT_3
140           value: {{ .Values.service.internalPort3 | quote }}
141         volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 8 }}
142         - mountPath: /etc/localtime
143           name: localtime
144           readOnly: true
145         - mountPath: /opt/app/aai-resources/resources/etc/appprops/janusgraph-realtime.properties
146           name: {{ include "common.fullname" . }}-config
147           subPath: janusgraph-realtime.properties
148         - mountPath: /opt/app/aai-resources/resources/etc/appprops/janusgraph-cached.properties
149           name: {{ include "common.fullname" . }}-config
150           subPath: janusgraph-cached.properties
151         - mountPath: /opt/app/aai-resources/resources/etc/appprops/aaiconfig.properties
152           name: {{ include "common.fullname" . }}-config
153           subPath: aaiconfig.properties
154         - mountPath: /opt/aai/logroot/AAI-RES
155           name: logs
156         - mountPath: /opt/app/aai-resources/resources/logback.xml
157           name: {{ include "common.fullname" . }}-config
158           subPath: logback.xml
159         - mountPath: /opt/app/aai-resources/resources/localhost-access-logback.xml
160           name: {{ include "common.fullname" . }}-config
161           subPath: localhost-access-logback.xml
162         - mountPath: /opt/app/aai-resources/resources/etc/auth/realm.properties
163           name: {{ include "common.fullname" . }}-config
164           subPath: realm.properties
165         - mountPath: /opt/app/aai-resources/resources/aaf/bath_config.csv
166           name: {{ include "common.fullname" . }}-aaf-certs
167           subPath: bath_config.csv
168         - mountPath: /opt/app/aai-resources/resources/aaf/org.onap.aai.props
169           name: {{ include "common.fullname" . }}-aaf-properties
170           subPath: org.onap.aai.props
171         - mountPath: /opt/app/aai-resources/resources/aaf/org.osaaf.location.props
172           name: {{ include "common.fullname" . }}-aaf-properties
173           subPath: org.osaaf.location.props
174         - mountPath: /opt/app/aai-resources/resources/aaf/permissions.properties
175           name: {{ include "common.fullname" . }}-aaf-properties
176           subPath: permissions.properties
177         - mountPath: /opt/app/aai-resources/resources/cadi.properties
178           name: {{ include "common.fullname" . }}-aaf-properties
179           subPath: cadi.properties
180         - mountPath: /opt/app/aai-resources/resources/application.properties
181           name: {{ include "common.fullname" . }}-config
182           subPath: application.properties
183         - mountPath: /opt/app/aai-resources/resources/application-keycloak.properties
184           name: {{ include "common.fullname" . }}-config
185           subPath: application-keycloak.properties
186         ports:
187         - containerPort: {{ .Values.service.internalPort }}
188         - containerPort: {{ .Values.service.internalPort2 }}
189         - containerPort: {{ .Values.service.internalPort3 }}
190         lifecycle:
191           # wait for active requests (long-running tasks) to be finished
192           # Before the SIGTERM is invoked, Kubernetes exposes a preStop hook in the Pod.
193           preStop:
194             exec:
195               command:
196                 - sh
197                 - -c
198                 - |
199                   while (netstat -an | grep ESTABLISHED | grep -e $INTERNAL_PORT_1 -e $INTERNAL_PORT_2)
200                   do sleep 10
201                   done
202         # disable liveness probe when breakpoints set in debugger
203         # so K8s doesn't restart unresponsive container
204         {{- if .Values.liveness.enabled }}
205         livenessProbe:
206           httpGet:
207             path: /aai/util/echo?action=checkDB
208             port: {{ .Values.service.internalPort }}
209             scheme: HTTP{{ (eq "true" (include "common.needTLS" .)) | ternary "S" "" }}
210             httpHeaders:
211             - name: X-FromAppId
212               value: LivenessCheck
213             - name: X-TransactionId
214               value: LiveCheck_TID
215             - name: Accept
216               value: application/json
217           initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
218           periodSeconds: {{ .Values.liveness.periodSeconds }}
219         {{- end }}
220         readinessProbe:
221           httpGet:
222             path: /aai/util/echo?action=checkDB
223             port: {{ .Values.service.internalPort }}
224             scheme: HTTP{{ (eq "true" (include "common.needTLS" .)) | ternary "S" "" }}
225             httpHeaders:
226             - name: X-FromAppId
227               value: ReadinessCheck
228             - name: X-TransactionId
229               value: ReadinessCheck_TID
230             - name: Accept
231               value: application/json
232           initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
233           periodSeconds: {{ .Values.readiness.periodSeconds }}
234         resources: {{ include "common.resources" . | nindent 12 }}
235       {{- if .Values.nodeSelector }}
236       nodeSelector: {{ toYaml .Values.nodeSelector | nindent 8 }}
237       {{- end }}
238       {{- if .Values.affinity }}
239       affinity: {{ toYaml .Values.affinity | nindent 8 }}
240       {{- end }}
241       # side car containers
242       {{ include "common.log.sidecar" . | nindent 6 }}
243       serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
244       volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }}
245       - name: localtime
246         hostPath:
247           path: /etc/localtime
248       - name: logs
249         emptyDir: {}
250       {{ include "common.log.volumes" (dict "dot" . "configMapNamePrefix" (tpl .Values.logConfigMapNamePrefix .)) | nindent 6 }}
251       - name: {{ include "common.fullname" . }}-config
252         configMap:
253           name: {{ include "common.fullname" . }}
254       - name: {{ include "common.fullname" . }}-aaf-properties
255         configMap:
256           name: {{ include "common.fullname" . }}-aaf-props
257       - name: {{ include "common.fullname" . }}-aaf-certs
258         secret:
259           secretName: {{ include "common.fullname" . }}-aaf-keys
260       restartPolicy: {{ .Values.restartPolicy }}
261       imagePullSecrets:
262       - name: "{{ include "common.namespace" . }}-docker-registry-key"
Introduces the ONAP Platform OOM (ONAP Operations Manager) to efficiently Deploy, Manage, Operate the ONAP platform and its components (e.g. MSO, DCAE, SDC, etc.) and infrastructure (VMs, Containers).