Code Review / oom.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
Merge "[AAI] Add model-loader tracing config"
[oom.git] / kubernetes / platform / components / oom-cert-service / templates / deployment.yaml
1 {{/*# Copyright © 2020, Nokia
2 # Modifications Copyright  © 2020, Nordix Foundation
3 #
4 # Licensed under the Apache License, Version 2.0 (the "License");
5 # you may not use this file except in compliance with the License.
6 # You may obtain a copy of the License at
7 #
8 #       http://www.apache.org/licenses/LICENSE-2.0
9 #
10 # Unless required by applicable law or agreed to in writing, software
11 # distributed under the License is distributed on an "AS IS" BASIS,
12 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 # See the License for the specific language governing permissions and
14 # limitations under the License.*/}}
15
16 {{- if .Values.global.cmpv2Enabled }}
17 apiVersion: apps/v1
18 kind: Deployment
19 metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
20 spec:
21   replicas: {{ .Values.replicaCount }}
22   selector: {{- include "common.selectors" . | nindent 4 }}
23   template:
24     metadata: {{- include "common.templateMetadata" . | nindent 6 }}
25       {{- if (include "common.onServiceMesh" . ) }}
26       annotations:
27       {{- if eq ( .Values.global.serviceMesh.engine ) "linkerd" }}
28         linkerd.io/inject: disabled
29       {{- end }}
30       {{- if eq ( .Values.global.serviceMesh.engine ) "istio" }}
31           traffic.sidecar.istio.io/excludeInboundPorts: "8080,8443"
32           traffic.sidecar.istio.io/includeInboundPorts: '*'
33       {{- end }}
34       {{- end }}
35     spec:
36       {{- include "common.imagePullSecrets" . | nindent 6 }}
37       volumes:
38 {{- if .Values.global.addTestingComponents }}
39         - name: cmp-servers-template-volume
40           secret:
41             secretName: {{ .Values.cmpServers.secret.name }}
42         - name: {{ .Values.cmpServers.volume.name }}
43           emptyDir:
44             medium: Memory
45 {{- else }}
46         - name: {{ .Values.cmpServers.volume.name }}
47           secret:
48             secretName: {{ .Values.cmpServers.secret.name }}
49 {{- end }}
50         - name: {{ .Values.tls.server.volume.name }}
51           secret:
52             secretName: {{ .Values.tls.server.secret.name }}
53 {{- if .Values.global.addTestingComponents }}
54       initContainers:
55         - name: wait-for-ejbca
56           command:
57           - /app/ready.py
58           args:
59           - --service-name
60           - ejbca-ejbca
61           env:
62           - name: NAMESPACE
63             valueFrom:
64               fieldRef:
65                 apiVersion: v1
66                 fieldPath: metadata.namespace
67           image: {{ include "repositoryGenerator.image.readiness" . }}
68           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
69           resources:
70             limits:
71               cpu: "100m"
72               memory: "500Mi"
73             requests:
74               cpu: "3m"
75               memory: "20Mi"
76         - name: subsitute-envs
77           image: {{ include "repositoryGenerator.image.envsubst" . }}
78           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
79           command: ['sh', '-c', "cd /config-input &&  envsubst < cmpServers.json > {{ .Values.cmpServers.volume.mountPath }}/cmpServers.json"]
80           volumeMounts:
81             - name: cmp-servers-template-volume
82               mountPath: /config-input
83               readOnly: true
84             - name: {{ .Values.cmpServers.volume.name }}
85               mountPath: {{ .Values.cmpServers.volume.mountPath }}
86               readOnly: false
87           env:
88             - name: CLIENT_IAK
89               {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "ejbca-server-client-iak" "key" "password") | indent 14 }}
90             - name: CLIENT_RV
91               {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cmp-config-client-rv" "key" "password") | indent 14 }}
92             - name: RA_IAK
93               {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "ejbca-server-ra-iak" "key" "password") | indent 14 }}
94             - name: RA_RV
95               {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cmp-config-ra-rv" "key" "password") | indent 14 }}
96 {{- end }}
97       containers:
98         - name: {{ include "common.name" . }}
99           image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
100           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
101           ports: {{ include "common.containerPorts" . | nindent 10 }}
102           env:
103             - name: HTTPS_PORT
104               value: "{{ .Values.envs.httpsPort }}"
105             - name: KEYSTORE_PATH
106               value: "{{ .Values.tls.server.volume.mountPath }}/{{ .Values.envs.keystore.jksName }}"
107             - name: KEYSTORE_P12_PATH
108               value: "{{ .Values.tls.server.volume.mountPath }}/{{ .Values.envs.keystore.p12Name }}"
109             - name: TRUSTSTORE_PATH
110               value: "{{ .Values.tls.server.volume.mountPath }}/{{ .Values.envs.truststore.jksName }}"
111             - name: ROOT_CERT
112               value: "{{ .Values.tls.server.volume.mountPath }}/{{ .Values.envs.truststore.crtName }}"
113             - name: KEYSTORE_PASSWORD
114               {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "certificates-password" "key" "password") | indent 14 }}
115             - name: TRUSTSTORE_PASSWORD
116               {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "certificates-password" "key" "password") | indent 14 }}
117           livenessProbe:
118             exec:
119               command:
120                 - /bin/bash
121                 - -c
122                 - {{ .Values.liveness.command }}
123             initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
124             periodSeconds: {{ .Values.liveness.periodSeconds }}
125           readinessProbe:
126             exec:
127               command:
128                 - /bin/bash
129                 - -c
130                 - {{ .Values.readiness.command }}
131             initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
132             periodSeconds: {{ .Values.readiness.periodSeconds }}
133           volumeMounts:
134             - name: {{ .Values.cmpServers.volume.name }}
135               mountPath: {{ .Values.cmpServers.volume.mountPath }}
136               readOnly: false
137             - name: {{ .Values.tls.server.volume.name }}
138               mountPath: {{ .Values.tls.server.volume.mountPath }}
139               readOnly: true
140           resources: {{ include "common.resources" . | nindent 12 }}
141 {{ end -}}
Introduces the ONAP Platform OOM (ONAP Operations Manager) to efficiently Deploy, Manage, Operate the ONAP platform and its components (e.g. MSO, DCAE, SDC, etc.) and infrastructure (VMs, Containers).