Code Review / oom.git / blob
? search:


9ac5d68a890627227abd50c13c339cce44bac8f2
[oom.git] / kubernetes / policy / charts / policy-xacml-pdp / templates / deployment.yaml
1 apiVersion: extensions/v1beta1
2 kind: Deployment
3 metadata:
4   name: {{ include "common.fullname" . }}
5   namespace: {{ include "common.namespace" . }}
6   labels:
7     app: {{ include "common.name" . }}
8     chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
9     release: {{ include "common.release" . }}
10     heritage: {{ .Release.Service }}
11 spec:
12   replicas: {{ .Values.replicaCount }}
13   template:
14     metadata:
15       labels:
16         app: {{ include "common.name" . }}
17         release: {{ include "common.release" . }}
18     spec:
19       initContainers:
20       - command:
21         - /root/ready.py
22         args:
23         - --container-name
24         - {{ include "common.release" . }}-galera-config
25         env:
26         - name: NAMESPACE
27           valueFrom:
28             fieldRef:
29               apiVersion: v1
30               fieldPath: metadata.namespace
31         image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
32         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
33         name: {{ include "common.name" . }}-readiness
34       - command:
35         - sh
36         args:
37         - -c
38         - "cd /config-input && for PFILE in `ls -1 .`; do envsubst <${PFILE} >/config/${PFILE}; done"
39         env:
40         - name: RESTSERVER_USER
41           {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-creds" "key" "login") | indent 10 }}
42         - name: RESTSERVER_PASSWORD
43           {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-creds" "key" "password") | indent 10 }}
44         - name: API_USER
45           {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "api-creds" "key" "login") | indent 10 }}
46         - name: API_PASSWORD
47           {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "api-creds" "key" "password") | indent 10 }}
48         volumeMounts:
49         - mountPath: /config-input
50           name: pdpxconfig
51         - mountPath: /config
52           name: pdpxconfig-processed
53         image: "{{ .Values.global.envsubstImage }}"
54         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
55         name: {{ include "common.name" . }}-update-config
56       containers:
57         - name: {{ include "common.name" . }}
58           image: "{{ include "common.repository" . }}/{{ .Values.image }}"
59           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
60           command: ["/opt/app/policy/pdpx/bin/policy-pdpx.sh"]
61           args: ["/opt/app/policy/pdpx/etc/mounted/config.json"]
62           env:
63           - name: SQL_USER
64             {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 12 }}
65           - name: SQL_PASSWORD
66             {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 12 }}
67           ports:
68           - containerPort: {{ .Values.service.internalPort }}
69           # disable liveness probe when breakpoints set in debugger
70           # so K8s doesn't restart unresponsive container
71           {{- if eq .Values.liveness.enabled true }}
72           livenessProbe:
73             tcpSocket:
74               port: {{ .Values.service.internalPort }}
75             initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
76             periodSeconds: {{ .Values.liveness.periodSeconds }}
77           {{ end -}}
78           readinessProbe:
79             tcpSocket:
80               port: {{ .Values.service.internalPort }}
81             initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
82             periodSeconds: {{ .Values.readiness.periodSeconds }}
83           volumeMounts:
84           - mountPath: /etc/localtime
85             name: localtime
86             readOnly: true
87           - mountPath: /opt/app/policy/pdpx/etc/mounted
88             name: pdpxconfig-processed
89             emptyDir:
90               medium: Memory
91           resources:
92 {{ include "common.resources" . | indent 12 }}
93         {{- if .Values.nodeSelector }}
94         nodeSelector:
95 {{ toYaml .Values.nodeSelector | indent 10 }}
96         {{- end -}}
97         {{- if .Values.affinity }}
98         affinity:
99 {{ toYaml .Values.affinity | indent 10 }}
100         {{- end }}
101       volumes:
102         - name: localtime
103           hostPath:
104              path: /etc/localtime
105         - name: pdpxconfig
106           configMap:
107             name: {{ include "common.fullname" . }}-configmap
108             defaultMode: 0755
109         - name: pdpxconfig-processed
110           emptyDir:
111             medium: Memory
112       imagePullSecrets:
113       - name: "{{ include "common.namespace" . }}-docker-registry-key"
Introduces the ONAP Platform OOM (ONAP Operations Manager) to efficiently Deploy, Manage, Operate the ONAP platform and its components (e.g. MSO, DCAE, SDC, etc.) and infrastructure (VMs, Containers).