Code Review / oom.git / blob
? search:


bd126b810b857b5b88bf13f7f6d026b6a60db134
[oom.git] / kubernetes / policy / charts / policy-xacml-pdp / templates / deployment.yaml
1 apiVersion: extensions/v1beta1
2 kind: Deployment
3 metadata:
4   name: {{ include "common.fullname" . }}
5   namespace: {{ include "common.namespace" . }}
6   labels:
7     app: {{ include "common.name" . }}
8     chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
9     release: {{ include "common.release" . }}
10     heritage: {{ .Release.Service }}
11 spec:
12   replicas: {{ .Values.replicaCount }}
13   template:
14     metadata:
15       labels:
16         app: {{ include "common.name" . }}
17         release: {{ include "common.release" . }}
18     spec:
19       initContainers:
20       - command:
21         - /root/ready.py
22         args:
23         - --container-name
24         - {{ include "common.release" . }}-galera-config
25         env:
26         - name: NAMESPACE
27           valueFrom:
28             fieldRef:
29               apiVersion: v1
30               fieldPath: metadata.namespace
31         image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
32         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
33         name: {{ include "common.name" . }}-readiness
34       - command:
35         - sh
36         args:
37         - -c
38         - "export SQL_PASSWORD_BASE64=`echo -n ${SQL_PASSWORD} | base64`; cd /config-input && for PFILE in `ls -1 .`; do envsubst <${PFILE} >/config/${PFILE}; done"
39         env:
40         - name: RESTSERVER_USER
41           {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-creds" "key" "login") | indent 10 }}
42         - name: RESTSERVER_PASSWORD
43           {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-creds" "key" "password") | indent 10 }}
44         - name: API_USER
45           {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "api-creds" "key" "login") | indent 10 }}
46         - name: API_PASSWORD
47           {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "api-creds" "key" "password") | indent 10 }}
48         - name: SQL_USER
49           {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 10 }}
50         - name: SQL_PASSWORD
51           {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 10 }}
52         volumeMounts:
53         - mountPath: /config-input
54           name: pdpxconfig
55         - mountPath: /config
56           name: pdpxconfig-processed
57         image: "{{ .Values.global.envsubstImage }}"
58         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
59         name: {{ include "common.name" . }}-update-config
60       containers:
61         - name: {{ include "common.name" . }}
62           image: "{{ include "common.repository" . }}/{{ .Values.image }}"
63           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
64           command: ["/opt/app/policy/pdpx/bin/policy-pdpx.sh"]
65           args: ["/opt/app/policy/pdpx/etc/mounted/config.json"]
66           ports:
67           - containerPort: {{ .Values.service.internalPort }}
68           # disable liveness probe when breakpoints set in debugger
69           # so K8s doesn't restart unresponsive container
70           {{- if eq .Values.liveness.enabled true }}
71           livenessProbe:
72             tcpSocket:
73               port: {{ .Values.service.internalPort }}
74             initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
75             periodSeconds: {{ .Values.liveness.periodSeconds }}
76           {{ end -}}
77           readinessProbe:
78             tcpSocket:
79               port: {{ .Values.service.internalPort }}
80             initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
81             periodSeconds: {{ .Values.readiness.periodSeconds }}
82           volumeMounts:
83           - mountPath: /etc/localtime
84             name: localtime
85             readOnly: true
86           - mountPath: /opt/app/policy/pdpx/etc/mounted
87             name: pdpxconfig-processed
88             emptyDir:
89               medium: Memory
90           resources:
91 {{ include "common.resources" . | indent 12 }}
92         {{- if .Values.nodeSelector }}
93         nodeSelector:
94 {{ toYaml .Values.nodeSelector | indent 10 }}
95         {{- end -}}
96         {{- if .Values.affinity }}
97         affinity:
98 {{ toYaml .Values.affinity | indent 10 }}
99         {{- end }}
100       volumes:
101         - name: localtime
102           hostPath:
103              path: /etc/localtime
104         - name: pdpxconfig
105           configMap:
106             name: {{ include "common.fullname" . }}-configmap
107             defaultMode: 0755
108         - name: pdpxconfig-processed
109           emptyDir:
110             medium: Memory
111       imagePullSecrets:
112       - name: "{{ include "common.namespace" . }}-docker-registry-key"
Introduces the ONAP Platform OOM (ONAP Operations Manager) to efficiently Deploy, Manage, Operate the ONAP platform and its components (e.g. MSO, DCAE, SDC, etc.) and infrastructure (VMs, Containers).