kubernetes/dcaegen2/components/dcae-policy-handler/templates/deployment.yaml

   1 {{/*
   2 #============LICENSE_START========================================================
   3 # ================================================================================
   4 # Copyright (c) 2019-2020 AT&T Intellectual Property. All rights reserved.
   5 # ================================================================================
   6 # Licensed under the Apache License, Version 2.0 (the "License");
   7 # you may not use this file except in compliance with the License.
   8 # You may obtain a copy of the License at
   9 #
  10 #     http://www.apache.org/licenses/LICENSE-2.0
  11 #
  12 # Unless required by applicable law or agreed to in writing, software
  13 # distributed under the License is distributed on an "AS IS" BASIS,
  14 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  15 # See the License for the specific language governing permissions and
  16 # limitations under the License.
  17 # ============LICENSE_END=========================================================
  18 */}}
  19
  20 apiVersion: apps/v1
  21 kind: Deployment
  22 metadata:
  23   name: {{ include "common.fullname" . }}
  24   namespace: {{ include "common.namespace" . }}
  25   labels:
  26     app: {{ include "common.name" . }}
  27     chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
  28     release: {{ include "common.release" . }}
  29     heritage: {{ .Release.Service }}
  30 spec:
  31   replicas: 1
  32   selector:
  33     matchLabels:
  34       app: {{ include "common.name" . }}
  35   template:
  36     metadata:
  37       labels:
  38         app: {{ include "common.name" . }}
  39         release: {{ include "common.release" . }}
  40     spec:
  41       initContainers:
  42         - name: {{ include "common.name" . }}-readiness
  43           image: {{ include "repositoryGenerator.image.readiness" . }}
  44           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
  45           command:
  46             - /app/ready.py
  47           args:
  48           - --container-name
  49           - dcae-deployment-handler
  50           - --container-name
  51           - consul-server
  52           - --container-name
  53           - policy-xacml-pdp
  54           - "-t"
  55           - "45"
  56           env:
  57           - name: NAMESPACE
  58             valueFrom:
  59               fieldRef:
  60                 apiVersion: v1
  61                 fieldPath: metadata.namespace
  62         - name: init-tls
  63           env:
  64           - name: POD_IP
  65             valueFrom:
  66               fieldRef:
  67                 apiVersion: v1
  68                 fieldPath: status.podIP
  69           - name: aaf_locator_fqdn
  70             value: dcae
  71           image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.tlsImage }}
  72           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
  73           resources: {}
  74           volumeMounts:
  75             - mountPath: /opt/app/osaaf
  76               name: tls-info
  77         - name: init-consul
  78           image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.consulLoaderImage }}
  79           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
  80           args:
  81           - --key
  82           - policy_handler|/phconfig/config.json
  83           resources: {}
  84           volumeMounts:
  85             - mountPath: /phconfig
  86               name: ph-config
  87       containers:
  88         - name: {{ include "common.name" . }}
  89           image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
  90           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
  91           resources:
  92 {{ include "common.resources" . | indent 12 }}
  93           ports:
  94           - containerPort: {{ .Values.service.internalPort }}
  95           # disable liveness probe when breakpoints set in debugger
  96           # so K8s doesn't restart unresponsive container
  97           {{- if eq .Values.liveness.enabled true }}
  98           livenessProbe:
  99             tcpSocket:
 100               port: {{ .Values.service.internalPort }}
 101             initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
 102             periodSeconds: {{ .Values.liveness.periodSeconds }}
 103           {{ end }}
 104           readinessProbe:
 105             httpGet:
 106               path: {{ .Values.readiness.path }}
 107               port: {{ .Values.service.internalPort }}
 108               scheme: {{ .Values.readiness.scheme }}
 109             initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
 110             periodSeconds: {{ .Values.readiness.periodSeconds }}
 111           volumeMounts:
 112             - mountPath: /app/logs
 113               name: component-log
 114             - mountPath: /app/etc/tls/certs/
 115               name: tls-info
 116           env:
 117             - name: CONSUL_HOST
 118               value: consul-server.{{ include "common.namespace" . }}
 119             - name: CLOUDIFY_USER
 120               value: admin
 121             - name: CLOUDIFY_PASSWORD
 122               {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cm-pass" "key" "password") | indent 14 }}
 123             - name: CONFIG_BINDING_SERVICE
 124               value: config-binding-service
 125             - name: POD_IP
 126               valueFrom:
 127                 fieldRef:
 128                   apiVersion: v1
 129                   fieldPath: status.podIP
 130         - name: {{ include "common.name" . }}-filebeat
 131           env:
 132             - name: POD_IP
 133               valueFrom:
 134                 fieldRef:
 135                   apiVersion: v1
 136                   fieldPath: status.podIP
 137           image: {{ include "repositoryGenerator.image.logging" . }}
 138           imagePullPolicy: IfNotPresent
 139           resources: {}
 140           volumeMounts:
 141           - mountPath: /var/log/onap/policy-handler
 142             name: component-log
 143           - mountPath: /usr/share/filebeat/data
 144             name: filebeat-data
 145           - mountPath: /usr/share/filebeat/filebeat.yml
 146             name: filebeat-conf
 147             subPath: filebeat.yml
 148       serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
 149       volumes:
 150         - emptyDir: {}
 151           name: component-log
 152         - emptyDir: {}
 153           name: filebeat-data
 154         - configMap:
 155             defaultMode: 420
 156             name: {{ include "common.fullname" . }}-filebeat-configmap
 157           name: filebeat-conf
 158         - emptyDir: {}
 159           name: tls-info
 160         - configMap:
 161             defaultMode: 422
 162             name: {{ include "common.fullname" . }}-configmap
 163           name: ph-config
 164       imagePullSecrets:
 165       - name: "{{ include "common.namespace" . }}-docker-registry-key"