Code Review / oom.git / blob
? search:


e9d890e43214cefd1caa8ca87a850a11a0319abd
[oom.git] / kubernetes / dmaap / components / message-router / templates / statefulset.yaml
1 {{/*
2 # Copyright © 2017 Amdocs, Bell Canada
3 # Modifications Copyright © 2018 AT&T
4 # Modifications Copyright © 2021-2022 Nordix Foundation
5 #
6 # Licensed under the Apache License, Version 2.0 (the "License");
7 # you may not use this file except in compliance with the License.
8 # You may obtain a copy of the License at
9 #
10 #       http://www.apache.org/licenses/LICENSE-2.0
11 #
12 # Unless required by applicable law or agreed to in writing, software
13 # distributed under the License is distributed on an "AS IS" BASIS,
14 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 # See the License for the specific language governing permissions and
16 # limitations under the License.
17 */}}
18
19 apiVersion: apps/v1
20 kind: StatefulSet
21 metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
22 spec:
23   selector: {{- include "common.selectors" . | nindent 4 }}
24   serviceName: {{ include "common.servicename" . }}
25   replicas: {{ .Values.replicaCount }}
26   template:
27     metadata: {{- include "common.templateMetadata" . | nindent 6 }}
28     spec:
29       initContainers:
30       {{ include "common.certInitializer.initContainer" . | indent 6 | trim }}
31       {{- if  .Values.global.aafEnabled }}
32       - name: {{ include "common.name" . }}-update-config
33         command:
34         - sh
35         args:
36         - -c
37         - |
38           export $(cat {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop | xargs -0);
39           cd /config-input  && for PFILE in `ls -1 .`; do envsubst <${PFILE} >/config/${PFILE}; done
40         volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 8 }}
41         - mountPath: /config
42           name: jetty
43         - mountPath: /config-input
44           name: etc
45         image: {{ include "repositoryGenerator.image.envsubst" . }}
46         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
47       {{- end }}
48       containers:
49       {{- if .Values.prometheus.jmx.enabled }}
50         - name: prometheus-jmx-exporter
51           image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.prometheus.jmx.image }}:{{ .Values.prometheus.jmx.imageTag }}
52           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
53           command:
54           - java
55           - -XX:+UnlockExperimentalVMOptions
56           - -XX:+UseCGroupMemoryLimitForHeap
57           - -XX:MaxRAMFraction=1
58           - -XshowSettings:vm
59           - -jar
60           - jmx_prometheus_httpserver.jar
61           - {{ .Values.prometheus.jmx.port | quote }}
62           - /etc/jmx-kafka/jmx-mrservice-prometheus.yml
63           ports:
64           - containerPort: {{ .Values.prometheus.jmx.port }}
65           resources:
66           volumeMounts:
67           - name: jmx-config
68             mountPath: /etc/jmx-kafka
69       {{- end }}
70         - name: srimzi-zk-entrance
71           image: 'docker.io/scholzj/zoo-entrance:latest'
72           command:
73             - /opt/stunnel/stunnel_run.sh
74           ports:
75             - containerPort: {{ .Values.global.zkTunnelService.internalPort }}
76               name: zoo
77               protocol: TCP
78           env:
79             - name: LOG_LEVEL
80               value: debug
81             - name: STRIMZI_ZOOKEEPER_CONNECT
82               value: '{{ include "common.release" . }}-strimzi-zookeeper-client:{{ .Values.global.zkTunnelService.internalPort }}'
83           imagePullPolicy: Always
84           livenessProbe:
85             exec:
86               command:
87                 - /opt/stunnel/stunnel_healthcheck.sh
88                 - '{{ .Values.global.zkTunnelService.internalPort }}'
89             failureThreshold: 3
90             initialDelaySeconds: 15
91             periodSeconds: 10
92             successThreshold: 1
93             timeoutSeconds: 5
94           readinessProbe:
95             exec:
96               command:
97                 - /opt/stunnel/stunnel_healthcheck.sh
98                 - '{{ .Values.global.zkTunnelService.internalPort }}'
99             failureThreshold: 3
100             initialDelaySeconds: 15
101             periodSeconds: 10
102             successThreshold: 1
103             timeoutSeconds: 5
104           volumeMounts:
105             - mountPath: /etc/cluster-operator-certs/
106               name: cluster-operator-certs
107             - mountPath: /etc/cluster-ca-certs/
108               name: cluster-ca-certs
109         - name: {{ include "common.name" . }}
110           image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
111           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
112           {{- if  .Values.global.aafEnabled }}
113           command:
114           - sh
115           args:
116           - -c
117           - |
118             cp /jetty-config/ajsc-jetty.xml /appl/dmaapMR1/etc/
119             cp /jetty-config/cadi.properties {{ .Values.certInitializer.appMountPath }}/local/cadi.properties
120             /bin/sh /appl/startup.sh
121           {{- end }}
122           ports: {{ include "common.containerPorts" . | nindent 10  }}
123           {{- if eq .Values.liveness.enabled true }}
124           livenessProbe:
125             tcpSocket:
126               port: {{ .Values.liveness.port }}
127             initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
128             periodSeconds: {{ .Values.liveness.periodSeconds }}
129             timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
130             successThreshold: {{ .Values.liveness.successThreshold }}
131             failureThreshold: {{ .Values.liveness.failureThreshold }}
132           {{ end }}
133           readinessProbe:
134             tcpSocket:
135               port: {{ .Values.readiness.port }}
136             initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
137             periodSeconds: {{ .Values.readiness.periodSeconds }}
138             timeoutSeconds: {{ .Values.readiness.timeoutSeconds }}
139             successThreshold: {{ .Values.readiness.successThreshold }}
140             failureThreshold: {{ .Values.readiness.failureThreshold }}
141           startupProbe:
142             tcpSocket:
143                 port: {{ .Values.startup.port }}
144             initialDelaySeconds: {{ .Values.startup.initialDelaySeconds }}
145             periodSeconds: {{ .Values.startup.periodSeconds }}
146             timeoutSeconds: {{ .Values.startup.timeoutSeconds }}
147             successThreshold: {{ .Values.startup.successThreshold }}
148             failureThreshold: {{ .Values.startup.failureThreshold }}
149           env:
150           - name: JAASLOGIN
151             {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "mr-kafka-admin-secret" "key" "sasl.jaas.config") | indent 12 }}
152           - name: SASLMECH
153             value: {{ .Values.global.saslMechanism }}
154           - name: enableCadi
155             value: "{{ .Values.global.aafEnabled }}"
156           volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
157           - mountPath: /etc/localtime
158             name: localtime
159             readOnly: true
160           - mountPath: /appl/dmaapMR1/bundleconfig/etc/appprops/MsgRtrApi.properties
161             subPath: MsgRtrApi.properties
162             name: appprops
163           - mountPath: /appl/dmaapMR1/bundleconfig/etc/logback.xml
164             subPath: logback.xml
165             name: logback
166           {{- if  .Values.global.aafEnabled }}
167           - mountPath: /appl/dmaapMR1/etc/runner-web.xml
168             subPath: runner-web.xml
169             name: etc
170           - mountPath: /appl/dmaapMR1/bundleconfig/etc/sysprops/sys-props.properties
171             subPath: sys-props.properties
172             name: sys-props
173           - mountPath: /jetty-config
174             name: jetty
175           {{- end }}
176           resources: {{ include "common.resources" . | nindent 12 }}
177       serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
178       volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }}
179         - name: localtime
180           hostPath:
181             path: /etc/localtime
182         - name: appprops
183           configMap:
184             name: {{ include "common.fullname" . }}-msgrtrapi-prop-configmap
185         - name: etc
186           configMap:
187             name: {{ include "common.fullname" . }}-etc
188         - name: logback
189           configMap:
190             name: {{ include "common.fullname" . }}-logback-xml-configmap
191         {{- if .Values.prometheus.jmx.enabled }}
192         - name: jmx-config
193           configMap:
194             name: {{ include "common.fullname" . }}-prometheus-configmap
195         {{- end }}
196         - name: sys-props
197           configMap:
198             name: {{ include "common.fullname" . }}-sys-props
199         - name: jetty
200           emptyDir: {}
201         - name: cluster-operator-certs
202           secret:
203             defaultMode: 288
204             secretName: {{ include "common.release" . }}-strimzi-cluster-operator-certs
205         - name: cluster-ca-certs
206           secret:
207             defaultMode: 288
208             secretName: {{ include "common.release" . }}-strimzi-cluster-ca-cert
209       imagePullSecrets:
210       - name: "{{ include "common.namespace" . }}-docker-registry-key"
211 ---
212 apiVersion: networking.k8s.io/v1
213 kind: NetworkPolicy
214 metadata:
215   name: {{ include "common.fullname" . }}-zk-network-policy
216   namespace: {{ include "common.namespace" . }}
217 spec:
218   podSelector:
219     matchLabels:
220       strimzi.io/name: {{ include "common.release" . }}-strimzi-zookeeper
221   ingress:
222   - from:
223     - podSelector:
224         matchLabels:
225           app.kubernetes.io/name: {{ include "common.name" . }}
226     ports:
227     - port: {{ .Values.global.zkTunnelService.internalPort }}
228       protocol: TCP
229   policyTypes:
230   - Ingress
Introduces the ONAP Platform OOM (ONAP Operations Manager) to efficiently Deploy, Manage, Operate the ONAP platform and its components (e.g. MSO, DCAE, SDC, etc.) and infrastructure (VMs, Containers).