Code Review / oom.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
Merge "[COMMON] Update words whitelist URL"
[oom.git] / kubernetes / aai / components / aai-traversal / templates / deployment.yaml
1 {{/*
2 # Copyright (c) 2017 Amdocs, Bell Canada
3 # Modifications Copyright (c) 2018 AT&T
4 # Modifications Copyright (c) 2020 Nokia, Orange
5 # Modifications Copyright (c) 2021 Orange
6 #
7 # Licensed under the Apache License, Version 2.0 (the "License");
8 # you may not use this file except in compliance with the License.
9 # You may obtain a copy of the License at
10 #
11 #       http://www.apache.org/licenses/LICENSE-2.0
12 #
13 # Unless required by applicable law or agreed to in writing, software
14 # distributed under the License is distributed on an "AS IS" BASIS,
15 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 # See the License for the specific language governing permissions and
17 # limitations under the License.
18 */}}
19
20 apiVersion: apps/v1
21 kind: Deployment
22 metadata:
23   name: {{ include "common.fullname" . }}
24   namespace: {{ include "common.namespace" . }}
25   labels:
26     app: {{ include "common.name" . }}
27     chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
28     release: {{ include "common.release" . }}
29     heritage: {{ .Release.Service }}
30 spec:
31   replicas: {{ .Values.replicaCount }}
32   selector:
33     matchLabels:
34       app: {{ include "common.name" . }}
35   template:
36     metadata:
37       labels:
38         app: {{ include "common.name" . }}
39         release: {{ include "common.release" . }}
40       name: {{ include "common.name" . }}
41       annotations:
42         checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
43       {{- if .Values.global.msbEnabled }}
44         {{ $values := .Values }}
45         msb.onap.org/service-info: '[
46         {{- range $api_endpoint := $values.aai_enpoints -}}
47           {{- range $api_version := $values.api_list }}
48           {
49               "serviceName": "_{{ $api_endpoint.name }}",
50               "version": "v{{ $api_version }}",
51               "url": "/aai/v{{ $api_version }}/{{ $api_endpoint.url }}",
52               "protocol": "REST",
53               "port": "8446",
54               "enable_ssl": true,
55               "lb_policy":"ip_hash",
56               "visualRange": "1",
57               "path": "/aai/v{{ $api_version }}/{{ $api_endpoint.url }}"
58           },
59           {
60               "serviceName": "{{ $api_endpoint.name }}",
61               "version": "v{{ $api_version }}",
62               "url": "/aai/v{{ $api_version }}/{{ $api_endpoint.url }}",
63               "protocol": "REST",
64               "port": "8446",
65               "enable_ssl": true,
66               "lb_policy":"ip_hash",
67               "visualRange": "1"
68           },
69           {{- end }}
70         {{- end }}
71           {
72               "serviceName": "_aai-named-query",
73               "url": "/aai/search",
74               "protocol": "REST",
75               "port": "8446",
76               "enable_ssl": true,
77               "lb_policy":"ip_hash",
78               "visualRange": "1",
79               "path": "/aai/search"
80           },
81           {
82               "serviceName": "aai-named-query",
83               "url": "/aai/search",
84               "protocol": "REST",
85               "port": "8446",
86               "enable_ssl": true,
87               "lb_policy":"ip_hash",
88               "visualRange": "1"
89           }
90           ]'
91       {{- end }}
92     spec:
93       hostname: aai-traversal
94     {{ if .Values.global.initContainers.enabled }}
95       initContainers:
96       - command:
97       {{ if .Values.global.jobs.migration.enabled }}
98         - /app/ready.py
99         args:
100         - --job-name
101         - {{ include "common.release" . }}-aai-graphadmin-migration
102       {{  else if .Values.global.jobs.createSchema.enabled  }}
103         - /app/ready.py
104         args:
105         - --job-name
106         - {{ include "common.release" . }}-aai-graphadmin-create-db-schema
107       {{  else }}
108         - /app/ready.py
109         args:
110         - --container-name
111         {{- if .Values.global.cassandra.localCluster }}
112         - aai-cassandra
113         {{- else }}
114         - cassandra
115         {{- end }}
116         - --container-name
117         - aai-schema-service
118       {{ end }}
119         env:
120         - name: NAMESPACE
121           valueFrom:
122             fieldRef:
123               apiVersion: v1
124               fieldPath: metadata.namespace
125         image: {{ include "repositoryGenerator.image.readiness" . }}
126         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
127         name: {{ include "common.name" . }}-readiness
128     {{ end }}
129       containers:
130       - name: {{ include "common.name" . }}
131         image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
132         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
133         env:
134         - name: DISABLE_UPDATE_QUERY
135           value: {{ .Values.config.disableUpdateQuery | quote }}
136         - name: LOCAL_USER_ID
137           value: {{ .Values.global.config.userId | quote }}
138         - name: LOCAL_GROUP_ID
139           value: {{ .Values.global.config.groupId | quote }}
140         volumeMounts:
141         - mountPath: /etc/localtime
142           name: localtime
143           readOnly: true
144         - mountPath: /opt/app/aai-traversal/resources/etc/appprops/janusgraph-realtime.properties
145           name: {{ include "common.fullname" . }}-config
146           subPath: janusgraph-realtime.properties
147         - mountPath: /opt/app/aai-traversal/resources/etc/appprops/janusgraph-cached.properties
148           name: {{ include "common.fullname" . }}-config
149           subPath: janusgraph-cached.properties
150         - mountPath: /opt/app/aai-traversal/resources/etc/appprops/aaiconfig.properties
151           name: {{ include "common.fullname" . }}-config
152           subPath: aaiconfig.properties
153         - mountPath: /opt/aai/logroot/AAI-GQ
154           name: {{ include "common.fullname" . }}-logs
155         - mountPath: /opt/aai/logroot/AAI-GQ/misc
156           name: {{ include "common.fullname" . }}-logs-misc
157         - mountPath: /opt/app/aai-traversal/resources/logback.xml
158           name: {{ include "common.fullname" . }}-config
159           subPath: logback.xml
160         - mountPath: /opt/app/aai-traversal/resources/localhost-access-logback.xml
161           name: {{ include "common.fullname" . }}-config
162           subPath: localhost-access-logback.xml
163         - mountPath: /opt/app/aai-traversal/resources/etc/auth/realm.properties
164           name: {{ include "common.fullname" . }}-config
165           subPath: realm.properties
166         - mountPath: /opt/app/aai-traversal/resources/aaf/org.onap.aai.keyfile
167           name: {{ include "common.fullname" . }}-aaf-certs
168           subPath: org.onap.aai.keyfile
169         - mountPath: /opt/app/aai-traversal/resources/aaf/bath_config.csv
170           name: {{ include "common.fullname" . }}-aaf-certs
171           subPath: bath_config.csv
172         - mountPath: /opt/app/aai-traversal/resources/aaf/org.onap.aai.props
173           name: {{ include "common.fullname" . }}-aaf-properties
174           subPath: org.onap.aai.props
175         - mountPath: /opt/app/aai-traversal/resources/aaf/org.osaaf.location.props
176           name: {{ include "common.fullname" . }}-aaf-properties
177           subPath: org.osaaf.location.props
178         - mountPath: /opt/app/aai-traversal/resources/aaf/permissions.properties
179           name: {{ include "common.fullname" . }}-aaf-properties
180           subPath: permissions.properties
181         - mountPath: /opt/app/aai-traversal/resources/cadi.properties
182           name: {{ include "common.fullname" . }}-aaf-properties
183           subPath: cadi.properties
184         - mountPath: /opt/app/aai-traversal/resources/aaf/org.onap.aai.p12
185           name: {{ include "common.fullname" . }}-aaf-certs
186           subPath: org.onap.aai.p12
187         - mountPath: /opt/app/aai-traversal/resources/aaf/truststoreONAPall.jks
188           name: aai-common-aai-auth-mount
189           subPath: truststoreONAPall.jks
190         - mountPath: /opt/app/aai-traversal/resources/application.properties
191           name: {{ include "common.fullname" . }}-config
192           subPath: application.properties
193           {{ $global := . }}
194           {{ range $job := .Values.global.config.auth.files }}
195         - mountPath: /opt/app/aai-traversal/resources/etc/auth/{{ . }}
196           name: {{ include "common.fullname" $global }}-auth-truststore-sec
197           subPath: {{ . }}
198           {{ end }}
199         ports:
200         - containerPort: {{ .Values.service.internalPort }}
201         - containerPort: {{ .Values.service.internalPort2 }}
202         # disable liveness probe when breakpoints set in debugger
203         # so K8s doesn't restart unresponsive container
204         {{ if .Values.liveness.enabled }}
205         livenessProbe:
206           tcpSocket:
207             port: {{ .Values.service.internalPort }}
208           initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
209           periodSeconds: {{ .Values.liveness.periodSeconds }}
210         {{ end }}
211         readinessProbe:
212           tcpSocket:
213             port: {{ .Values.service.internalPort }}
214           initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
215           periodSeconds: {{ .Values.readiness.periodSeconds }}
216         resources:
217 {{ include "common.resources" . }}
218       {{- if .Values.nodeSelector }}
219       nodeSelector:
220 {{ toYaml .Values.nodeSelector | indent 8 }}
221       {{- end -}}
222       {{- if .Values.affinity }}
223       affinity:
224 {{ toYaml .Values.affinity | indent 8 }}
225       {{- end }}
226
227       # side car containers
228       - name: filebeat-onap
229         image: {{ include "repositoryGenerator.image.logging" . }}
230         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
231         volumeMounts:
232         - mountPath: /usr/share/filebeat/filebeat.yml
233           subPath: filebeat.yml
234           name: filebeat-conf
235         - mountPath: /var/log/onap
236           name: {{ include "common.fullname" . }}-logs
237         - mountPath: /usr/share/filebeat/data
238           name: {{ include "common.fullname" . }}-filebeat
239         resources:
240 {{ include "common.resources" . }}
241       volumes:
242       - name: localtime
243         hostPath:
244           path: /etc/localtime
245       - name: filebeat-conf
246         configMap:
247           name: aai-filebeat
248       - name: {{ include "common.fullname" . }}-logs
249         emptyDir: {}
250       - name: {{ include "common.fullname" . }}-logs-misc
251         emptyDir: {}
252       - name: {{ include "common.fullname" . }}-filebeat
253         emptyDir: {}
254       - name: {{ include "common.fullname" . }}-config
255         configMap:
256           name: {{ include "common.fullname" . }}-configmap
257       - name: {{ include "common.fullname" . }}-aaf-properties
258         configMap:
259           name: {{ include "common.fullname" . }}-aaf-props
260       - name: {{ include "common.fullname" . }}-aaf-certs
261         secret:
262           secretName: {{ include "common.fullname" . }}-aaf-keys
263       - name: aai-common-aai-auth-mount
264         secret:
265           secretName: aai-common-aai-auth
266       - name: {{ include "common.fullname" . }}-auth-truststore-sec
267         secret:
268           secretName: aai-common-truststore
269           items:
270             {{ range $job := .Values.global.config.auth.files }}
271             - key: {{ . }}
272               path: {{ . }}
273             {{ end }}
274       restartPolicy: {{ .Values.global.restartPolicy | default .Values.restartPolicy }}
275       imagePullSecrets:
276       - name: "{{ include "common.namespace" . }}-docker-registry-key"
Introduces the ONAP Platform OOM (ONAP Operations Manager) to efficiently Deploy, Manage, Operate the ONAP platform and its components (e.g. MSO, DCAE, SDC, etc.) and infrastructure (VMs, Containers).