kubernetes/oof/templates/deployment.yaml

   1 {{/*
   2 # Copyright © 2017 Amdocs, Bell Canada
   3 # Modifications Copyright © 2018 AT&T,VMware
   4 # Modifications Copyright (C) 2020 Wipro Limited.
   5 #
   6 # Licensed under the Apache License, Version 2.0 (the "License");
   7 # you may not use this file except in compliance with the License.
   8 # You may obtain a copy of the License at
   9 #
  10 #       http://www.apache.org/licenses/LICENSE-2.0
  11 #
  12 # Unless required by applicable law or agreed to in writing, software
  13 # distributed under the License is distributed on an "AS IS" BASIS,
  14 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  15 # See the License for the specific language governing permissions and
  16 # limitations under the License.
  17 */}}
  18
  19 apiVersion: apps/v1
  20 kind: Deployment
  21 metadata:
  22   name: {{ include "common.fullname" . }}
  23   namespace: {{ include "common.namespace" . }}
  24   labels:
  25     app: {{ include "common.name" . }}
  26     chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
  27     release: {{ include "common.release" . }}
  28     heritage: {{ .Release.Service }}
  29 spec:
  30   selector:
  31     matchLabels:
  32       app: {{ include "common.name" . }}
  33   replicas: {{ .Values.replicaCount }}
  34   template:
  35     metadata:
  36       labels:
  37         app: {{ include "common.name" . }}
  38         release: {{ include "common.release" . }}
  39     spec:
  40       initContainers:
  41       - command:
  42         - /app/ready.py
  43         args:
  44         - --container-name
  45         - policy-xacml-pdp
  46         env:
  47         - name: NAMESPACE
  48           valueFrom:
  49             fieldRef:
  50               apiVersion: v1
  51               fieldPath: metadata.namespace
  52         image: {{ include "repositoryGenerator.image.readiness" . }}
  53         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
  54         name: {{ include "common.name" . }}-readiness
  55       {{- if (include "common.needTLS" .) }}
  56       - command:
  57         - sh
  58         - -c
  59         - resp="FAILURE";
  60           until [ $resp = "200" ]; do
  61           resp=$(curl -s -o /dev/null -k --write-out %{http_code} http{{ if (include "common.needTLS" .) }}s{{ end }}://aaf-sms.{{ include "common.namespace" . }}:10443/v1/sms/domain/osdf/secret);
  62           echo $resp;
  63           sleep 2;
  64           done
  65         env:
  66         - name: NAMESPACE
  67           valueFrom:
  68             fieldRef:
  69               apiVersion: v1
  70               fieldPath: metadata.namespace
  71         image: {{ include "repositoryGenerator.image.curl" . }}
  72         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
  73         name: {{ include "common.name" . }}-osdf-sms-readiness
  74         {{- end }}
  75 {{ include "common.certInitializer.initContainer" . | indent 6 }}
  76       containers:
  77         - name: {{ include "common.name" . }}
  78           image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
  79           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
  80           command:
  81           - /bin/sh
  82           args:
  83           - "-c"
  84           - |
  85             {{- if (include "common.needTLS" .) }}
  86             grep -v '^$'  /opt/osdf/osaaf/local/org.onap.oof.crt > /tmp/oof.crt
  87             cat /tmp/oof.crt /opt/app/ssl_cert/intermediate_root_ca.pem /opt/app/ssl_cert/aaf_root_ca.cer >> /opt/osdf/org.onap.oof.crt
  88             {{ end }}
  89             python osdfapp.py
  90           ports:
  91           - containerPort: {{ .Values.service.internalPort }}
  92           # disable liveness probe when breakpoints set in debugger
  93           # so K8s doesn't restart unresponsive container
  94           {{- if .Values.liveness.enabled }}
  95           livenessProbe:
  96             tcpSocket:
  97               port: {{ .Values.service.internalPort }}
  98             initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
  99             periodSeconds: {{ .Values.liveness.periodSeconds }}
 100           {{ end -}}
 101           readinessProbe:
 102             tcpSocket:
 103               port: {{ .Values.service.internalPort }}
 104             initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
 105             periodSeconds: {{ .Values.readiness.periodSeconds }}
 106           env:
 107           volumeMounts:
 108 {{ include "common.certInitializer.volumeMount" . | indent 10 }}
 109           - mountPath: /etc/localtime
 110             name: localtime
 111             readOnly: true
 112           - mountPath: /opt/osdf/config/osdf_config.yaml
 113             name: {{ include "common.fullname" . }}-config
 114             subPath: osdf_config.yaml
 115           {{- if (include "common.needTLS" .) }}
 116           - mountPath: /opt/app/ssl_cert/aaf_root_ca.cer
 117             name: {{ include "common.fullname" . }}-onap-certs
 118             subPath: aaf_root_ca.cer
 119           - mountPath: /opt/app/ssl_cert/intermediate_root_ca.pem
 120             name: {{ include "common.fullname" . }}-onap-certs
 121             subPath: intermediate_root_ca.pem
 122           {{- end }}
 123           - mountPath: /opt/osdf/config/common_config.yaml
 124             name: {{ include "common.fullname" . }}-config
 125             subPath: common_config.yaml
 126           - mountPath: /opt/osdf/config/log.yml
 127             name: {{ include "common.fullname" . }}-config
 128             subPath: log.yml
 129           - mountPath: /opt/osdf/config/slicing_config.yaml
 130             name: {{ include "common.fullname" . }}-config
 131             subPath: slicing_config.yaml
 132           resources:
 133 {{ include "common.resources" . | indent 12 }}
 134         {{- if .Values.nodeSelector }}
 135         nodeSelector:
 136 {{ toYaml .Values.nodeSelector | indent 10 }}
 137         {{- end -}}
 138         {{- if .Values.affinity }}
 139         affinity:
 140 {{ toYaml .Values.affinity | indent 10 }}
 141         {{- end }}
 142       serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
 143       volumes:
 144        {{ include "common.certInitializer.volumes" . | nindent 8 }}
 145         - name: localtime
 146           hostPath:
 147             path: /etc/localtime
 148         - name: {{ include "common.fullname" . }}-config
 149           configMap:
 150             name: {{ include "common.fullname" . }}-configmap
 151             items:
 152             - key: osdf_config.yaml
 153               path: osdf_config.yaml
 154             - key: common_config.yaml
 155               path: common_config.yaml
 156             - key: log.yml
 157               path: log.yml
 158             - key: slicing_config.yaml
 159               path: slicing_config.yaml
 160 {{ include "oof.certificate.volume" . | indent 8 }}
 161       imagePullSecrets:
 162       - name: "{{ include "common.namespace" . }}-docker-registry-key"