Code Review / oom.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
Merge "[UUI] Service Mesh Compliance for UUI"
[oom.git] / kubernetes / oof / components / oof-has / components / oof-has-api / templates / deployment.yaml
1 {{/*
2 # Copyright © 2017 Amdocs, Bell Canada
3 # Copyright (C) 2020 Wipro Limited.
4 # Modifications Copyright © 2018 AT&T,VMware
5 #
6 # Licensed under the Apache License, Version 2.0 (the "License");
7 # you may not use this file except in compliance with the License.
8 # You may obtain a copy of the License at
9 #
10 #       http://www.apache.org/licenses/LICENSE-2.0
11 #
12 # Unless required by applicable law or agreed to in writing, software
13 # distributed under the License is distributed on an "AS IS" BASIS,
14 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 # See the License for the specific language governing permissions and
16 # limitations under the License.
17 */}}
18
19 apiVersion: apps/v1
20 kind: Deployment
21 metadata:
22   name: {{ include "common.fullname" . }}
23   namespace: {{ include "common.namespace" . }}
24   labels:
25     app: {{ include "common.name" . }}
26     chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
27     release: {{ include "common.release" . }}
28     heritage: {{ .Release.Service }}
29 spec:
30   selector:
31     matchLabels:
32       app: {{ include "common.name" . }}
33   replicas: {{ .Values.replicaCount }}
34   template:
35     metadata:
36       labels:
37         app: {{ include "common.name" . }}
38         release: {{ include "common.release" . }}
39     spec:
40       initContainers:
41       - name: {{ include "common.name" . }}-readiness
42         command:
43         - /app/ready.py
44         args:
45         - --container-name
46         - oof-has-controller
47         {{- if (include "common.needTLS" .) }}
48         - --container-name
49         - aaf-service
50         {{- end }}
51         env:
52         - name: NAMESPACE
53           valueFrom:
54             fieldRef:
55               apiVersion: v1
56               fieldPath: metadata.namespace
57         image: {{ include "repositoryGenerator.image.readiness" . }}
58         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
59
60       {{- if (include "common.needTLS" .) }}
61       - name: {{ include "common.name" . }}-has-sms-readiness
62         command:
63         - sh
64         - -c
65         - resp="FAILURE";
66           until [ $resp = "200" ]; do
67           resp=$(curl -s -o /dev/null -k --write-out %{http_code} https://aaf-sms.{{ include "common.namespace" . }}:10443/v1/sms/domain/has/secret);
68           echo $resp;
69           sleep 2;
70           done
71         env:
72         - name: NAMESPACE
73           valueFrom:
74             fieldRef:
75               apiVersion: v1
76               fieldPath: metadata.namespace
77         image: {{ include "repositoryGenerator.image.curl" . }}
78         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
79       {{- end }}
80 {{ include "common.certInitializer.initContainer" . | indent 6 }}
81
82       containers:
83         - name: {{ include "common.name" . }}
84           image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.image.optf_has }}
85           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
86           command: ["/bin/sh","-c"]
87           args: ["/usr/local/bin/uwsgi -s /run/conductor/uwsgi.sock --chmod-socket=777 --wsgi-file /etc/nginx/conductor.wsgi --callable application --set port={{ .Values.uwsgi.internalPort }} --die-on-term --exit-on-reload --pidfile /run/conductor/conductor-uwsgi.pid --enable-threads --workers 6 --master --vacuum --single-interpreter --socket-timeout 10 --max-worker-lifetime 300 --max-requests 100 --no-defer-accept --protocol=uwsgi --socket 0.0.0.0:{{ .Values.uwsgi.internalPort }}"]
88           ports:
89           - containerPort: {{ .Values.uwsgi.internalPort }}
90           # disable liveness probe when breakpoints set in debugger
91           # so K8s doesn't restart unresponsive container
92           {{- if .Values.liveness.enabled }}
93           livenessProbe:
94             tcpSocket:
95               port: {{ .Values.uwsgi.internalPort }}
96             initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
97             periodSeconds: {{ .Values.liveness.periodSeconds }}
98           {{ end -}}
99           readinessProbe:
100             tcpSocket:
101               port: {{ .Values.uwsgi.internalPort }}
102             initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
103             periodSeconds: {{ .Values.readiness.periodSeconds }}
104           env: {{ include "oof.etcd.env" . | nindent 10 }}
105           volumeMounts:
106           - mountPath: /etc/localtime
107             name: localtime
108             readOnly: true
109           - mountPath: /usr/local/etc/conductor/conductor.conf
110             name: {{ .Values.global.commonConfigPrefix }}-config
111             subPath: conductor.conf
112           - mountPath: /usr/local/bin/log.conf
113             name: {{ .Values.global.commonConfigPrefix  }}-config
114             subPath: log.conf
115           {{- if (include "common.needTLS" .) }}
116           - mountPath: /usr/local/bin/AAF_RootCA.cer
117             name: {{ include "common.fullname" . }}-onap-certs
118             subPath: aaf_root_ca.cer
119           {{- end }}
120           resources:
121 {{ include "common.resources" . | indent 12 }}
122         - name: {{ include "common.name" . }}-nginx
123           image: {{ include "repositoryGenerator.image.nginx" . }}
124           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
125           command:
126           - /bin/sh
127           args:
128           - "-c"
129           - |
130             {{- if (include "common.needTLS" .) }}
131             grep -v '^$'  /opt/bitnami/nginx/ssl/local/org.onap.oof.crt > /tmp/oof.crt
132             cat /tmp/oof.crt /tmp/intermediate_root_ca.pem /tmp/AAF_RootCA.cer >> /opt/bitnami/nginx/org.onap.oof.crt
133             {{- end }}
134             /opt/bitnami/scripts/nginx/entrypoint.sh /opt/bitnami/scripts/nginx/run.sh
135           ports:
136           - containerPort: {{ .Values.service.internalPort }}
137           {{- if .Values.liveness.enabled }}
138           livenessProbe:
139             tcpSocket:
140               port: {{ .Values.service.internalPort }}
141             initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
142             periodSeconds: {{ .Values.liveness.periodSeconds }}
143           {{ end -}}
144           readinessProbe:
145             tcpSocket:
146               port: {{ .Values.service.internalPort }}
147             initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
148             periodSeconds: {{ .Values.readiness.periodSeconds }}
149           volumeMounts:
150 {{ include "common.certInitializer.volumeMount" . | indent 10 }}
151           - mountPath: /etc/localtime
152             name: localtime
153             readOnly: true
154           - mountPath: /opt/bitnami/nginx/conf/nginx.conf
155             name: {{ .Values.global.commonConfigPrefix  }}-config
156             subPath: nginx.conf
157           {{- if (include "common.needTLS" .) }}
158           - mountPath: /tmp/AAF_RootCA.cer
159             name: {{ include "common.fullname" . }}-onap-certs
160             subPath: aaf_root_ca.cer
161           - mountPath: /tmp/intermediate_root_ca.pem
162             name: {{ include "common.fullname" . }}-onap-certs
163             subPath: intermediate_root_ca.pem
164           {{- end }}
165           resources:
166 {{ include "common.resources" . | indent 12 }}
167         {{- if .Values.nodeSelector }}
168         nodeSelector:
169 {{ toYaml .Values.nodeSelector | indent 10 }}
170         {{- end -}}
171         {{- if .Values.affinity }}
172         affinity:
173 {{ toYaml .Values.affinity | indent 10 }}
174         {{- end }}
175       serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
176       volumes:
177         {{ include "common.certInitializer.volumes" . | nindent 8 }}
178         - name: localtime
179           hostPath:
180             path: /etc/localtime
181         - name: {{ .Values.global.commonConfigPrefix }}-config
182           configMap:
183             name: {{ .Values.global.commonConfigPrefix  }}-configmap
184             items:
185             - key: nginx.conf
186               path: nginx.conf
187             - key: conductor.conf
188               path: conductor.conf
189             - key: log.conf
190               path: log.conf
191 {{- if (include "common.needTLS" .) }}
192 {{ include "oof.certificate.volume" . | indent 8 }}
193 {{- end }}
194       imagePullSecrets:
195       - name: "{{ include "common.namespace" . }}-docker-registry-key"
Introduces the ONAP Platform OOM (ONAP Operations Manager) to efficiently Deploy, Manage, Operate the ONAP platform and its components (e.g. MSO, DCAE, SDC, etc.) and infrastructure (VMs, Containers).