Code Review / oom.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
[POLICY] Cleanup of Helmcharts from AAF/TLS options
[oom.git] / kubernetes / policy / components / policy-api / templates / deployment.yaml
1 apiVersion: apps/v1
2 kind: Deployment
3 metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
4 spec:
5   selector: {{- include "common.selectors" . | nindent 4 }}
6   replicas: {{ .Values.replicaCount }}
7   template:
8     metadata: {{- include "common.templateMetadata" . | nindent 6 }}
9     spec:
10       initContainers:
11         - command:
12           - /app/ready.py
13           args:
14           - --job-name
15           - {{ include "common.release" . }}-policy-galera-config
16           env:
17           - name: NAMESPACE
18             valueFrom:
19               fieldRef:
20                 apiVersion: v1
21                 fieldPath: metadata.namespace
22           image: {{ include "repositoryGenerator.image.readiness" . }}
23           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
24           name: {{ include "common.name" . }}-readiness
25         - command:
26           - sh
27           args:
28           - -c
29           - "cd /config-input && for PFILE in `ls -1`; do envsubst <${PFILE} >/config/${PFILE}; done"
30           env:
31           - name: SQL_USER
32             {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-creds" "key" "login") | indent 12 }}
33           - name: SQL_PASSWORD
34             {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-creds" "key" "password") | indent 12 }}
35           - name: RESTSERVER_USER
36             {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-creds" "key" "login") | indent 12 }}
37           - name: RESTSERVER_PASSWORD
38             {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-creds" "key" "password") | indent 12 }}
39           volumeMounts:
40           - mountPath: /config-input
41             name: apiconfig
42           - mountPath: /config
43             name: apiconfig-processed
44           image: {{ include "repositoryGenerator.image.envsubst" . }}
45           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
46           name: {{ include "common.name" . }}-update-config
47       containers:
48         - name: {{ include "common.name" . }}
49           image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
50           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
51           command: ["/opt/app/policy/api/bin/policy-api.sh"]
52           args: ["/opt/app/policy/api/etc/mounted/apiParameters.yaml"]
53           ports: {{ include "common.containerPorts" . | nindent 12  }}
54           # disable liveness probe when breakpoints set in debugger
55           # so K8s doesn't restart unresponsive container
56           {{- if eq .Values.liveness.enabled true }}
57           livenessProbe:
58             tcpSocket:
59               port: {{ .Values.service.internalPort }}
60             initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
61             periodSeconds: {{ .Values.liveness.periodSeconds }}
62           {{ end -}}
63           readinessProbe:
64             httpGet:
65               path: {{ .Values.readiness.api }}
66               port: {{ .Values.service.internalPort }}
67               httpHeaders:
68                 - name: Authorization
69                   value: Basic {{ printf "%s:%s" .Values.restServer.user .Values.restServer.password | b64enc }}
70               scheme: HTTP
71             successThreshold: {{ .Values.readiness.successThreshold }}
72             failureThreshold: {{ .Values.readiness.failureThreshold }}
73             initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
74             periodSeconds: {{ .Values.readiness.periodSeconds }}
75             timeoutSeconds: {{ .Values.readiness.timeout }}
76           volumeMounts:
77           - mountPath: /etc/localtime
78             name: localtime
79             readOnly: true
80           - mountPath: /opt/app/policy/api/etc/mounted
81             name: apiconfig-processed
82           resources: {{ include "common.resources" . | nindent 12 }}
83         {{- if .Values.nodeSelector }}
84         nodeSelector:
85 {{ toYaml .Values.nodeSelector | indent 10 }}
86         {{- end -}}
87         {{- if .Values.affinity }}
88         affinity:
89 {{ toYaml .Values.affinity | indent 10 }}
90         {{- end }}
91       serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
92       volumes:
93         - name: localtime
94           hostPath:
95              path: /etc/localtime
96         - name: apiconfig
97           configMap:
98             name: {{ include "common.fullname" . }}-configmap
99             defaultMode: 0755
100         - name: apiconfig-processed
101           emptyDir:
102             medium: Memory
103       imagePullSecrets:
104       - name: "{{ include "common.namespace" . }}-docker-registry-key"
Introduces the ONAP Platform OOM (ONAP Operations Manager) to efficiently Deploy, Manage, Operate the ONAP platform and its components (e.g. MSO, DCAE, SDC, etc.) and infrastructure (VMs, Containers).