kubernetes/dmaap/components/message-router/templates/statefulset.yaml

   1 {{/*
   2 # Copyright © 2017 Amdocs, Bell Canada
   3 # Modifications Copyright © 2018 AT&T
   4 # Modifications Copyright © 2021-2022 Nordix Foundation
   5 # Modifications Copyright © 2023 DTAG
   6 #
   7 # Licensed under the Apache License, Version 2.0 (the "License");
   8 # you may not use this file except in compliance with the License.
   9 # You may obtain a copy of the License at
  10 #
  11 #       http://www.apache.org/licenses/LICENSE-2.0
  12 #
  13 # Unless required by applicable law or agreed to in writing, software
  14 # distributed under the License is distributed on an "AS IS" BASIS,
  15 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16 # See the License for the specific language governing permissions and
  17 # limitations under the License.
  18 */}}
  19
  20 apiVersion: apps/v1
  21 kind: StatefulSet
  22 metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
  23 spec:
  24   selector: {{- include "common.selectors" . | nindent 4 }}
  25   serviceName: {{ include "common.servicename" . }}
  26   replicas: 1
  27   template:
  28     metadata: {{- include "common.templateMetadata" . | nindent 6 }}
  29     spec:
  30       containers:
  31         - name: {{ include "common.name" . }}
  32           image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
  33           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
  34           ports: {{ include "common.containerPorts" . | nindent 10  }}
  35           {{- if eq .Values.liveness.enabled true }}
  36           livenessProbe:
  37             httpGet:
  38               path: /events/__strimzi-topic-operator-kstreams-topic-store-changelog/CG1/C1
  39               port: {{ .Values.liveness.port }}
  40               scheme: HTTP
  41             failureThreshold: {{ .Values.liveness.failureThreshold }}
  42             initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
  43             periodSeconds: {{ .Values.liveness.periodSeconds }}
  44             successThreshold: {{ .Values.liveness.successThreshold }}
  45             timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
  46           {{ end }}
  47           readinessProbe:
  48             tcpSocket:
  49               port: {{ .Values.readiness.port }}
  50             initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
  51             periodSeconds: {{ .Values.readiness.periodSeconds }}
  52             timeoutSeconds: {{ .Values.readiness.timeoutSeconds }}
  53             successThreshold: {{ .Values.readiness.successThreshold }}
  54             failureThreshold: {{ .Values.readiness.failureThreshold }}
  55           startupProbe:
  56             httpGet:
  57               path: /events/__strimzi-topic-operator-kstreams-topic-store-changelog/CG1/C1
  58               port: {{ .Values.startup.port }}
  59               scheme: HTTP
  60             failureThreshold: {{ .Values.startup.failureThreshold }}
  61             initialDelaySeconds: {{ .Values.startup.initialDelaySeconds }}
  62             periodSeconds: {{ .Values.startup.periodSeconds }}
  63             successThreshold: {{ .Values.startup.successThreshold }}
  64             timeoutSeconds: {{ .Values.startup.timeoutSeconds }}
  65           env:
  66           - name: JAASLOGIN
  67             valueFrom:
  68               secretKeyRef:
  69                 name: strimzi-kafka-admin
  70                 key: sasl.jaas.config
  71           - name: SASLMECH
  72             value: scram-sha-512
  73           - name: enableCadi
  74             value: "true"
  75           - name: useZkTopicStore
  76             value: "false"
  77           volumeMounts:
  78             - mountPath: /etc/localtime
  79               name: localtime
  80               readOnly: true
  81             - mountPath: /appl/dmaapMR1/bundleconfig/etc/appprops/MsgRtrApi.properties
  82               subPath: MsgRtrApi.properties
  83               name: appprops
  84             - mountPath: /appl/dmaapMR1/bundleconfig/etc/logback.xml
  85               subPath: logback.xml
  86               name: logback
  87           resources: {{ include "common.resources" . | nindent 12 }}
  88         - name: {{ .Values.zkTunnelService.name }}
  89           image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.zkTunnelService.image }}
  90           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
  91           command:
  92             - /opt/stunnel/stunnel_run.sh
  93           ports:
  94             - containerPort: {{ .Values.zkTunnelService.internalPort }}
  95               name: {{ .Values.zkTunnelService.portName }}
  96               protocol: {{ .Values.zkTunnelService.protocol }}
  97           env:
  98             - name: LOG_LEVEL
  99               value: {{ .Values.zkTunnelService.logLevel }}
 100             - name: STRIMZI_ZOOKEEPER_CONNECT
 101               value: '{{ include "common.release" . }}-strimzi-zookeeper-client:{{ .Values.zkTunnelService.internalPort }}'
 102           livenessProbe:
 103             exec:
 104               command:
 105                 - /opt/stunnel/stunnel_healthcheck.sh
 106                 - '{{ .Values.zkTunnelService.internalPort }}'
 107             failureThreshold: 3
 108             initialDelaySeconds: 15
 109             periodSeconds: 10
 110             successThreshold: 1
 111             timeoutSeconds: 5
 112           readinessProbe:
 113             exec:
 114               command:
 115                 - /opt/stunnel/stunnel_healthcheck.sh
 116                 - '{{ .Values.zkTunnelService.internalPort }}'
 117             failureThreshold: 3
 118             initialDelaySeconds: 15
 119             periodSeconds: 10
 120             successThreshold: 1
 121             timeoutSeconds: 5
 122           volumeMounts:
 123             - mountPath: /etc/cluster-operator-certs/
 124               name: cluster-operator-certs
 125             - mountPath: /etc/cluster-ca-certs/
 126               name: cluster-ca-certs
 127       serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
 128       volumes:
 129         - name: localtime
 130           hostPath:
 131             path: /etc/localtime
 132         - name: appprops
 133           configMap:
 134             name: {{ include "common.fullname" . }}-msgrtrapi-prop-configmap
 135         - name: logback
 136           configMap:
 137             name: {{ include "common.fullname" . }}-logback-xml-configmap
 138         - name: cluster-operator-certs
 139           secret:
 140             defaultMode: 288
 141             secretName: {{ include "common.release" . }}-strimzi-cluster-operator-certs
 142         - name: cluster-ca-certs
 143           secret:
 144             defaultMode: 288
 145             secretName: {{ include "common.release" . }}-strimzi-cluster-ca-cert
 146       {{- include "common.imagePullSecrets" . | nindent 6 }}
 147 ---
 148 apiVersion: networking.k8s.io/v1
 149 kind: NetworkPolicy
 150 metadata:
 151   name: {{ include "common.fullname" . }}-zk-network-policy
 152   namespace: {{ include "common.namespace" . }}
 153 spec:
 154   podSelector:
 155     matchLabels:
 156       strimzi.io/name: {{ include "common.release" . }}-strimzi-zookeeper
 157   ingress:
 158   - from:
 159     - podSelector:
 160         matchLabels:
 161           app.kubernetes.io/name: {{ include "common.name" . }}
 162     ports:
 163     - port: {{ .Values.zkTunnelService.internalPort }}
 164       protocol: {{ .Values.zkTunnelService.protocol }}
 165   policyTypes:
 166   - Ingress