Code Review / oom.git / blob
? search:


de0558e4cdc89228201a272f5c029041689e09a2
[oom.git] / kubernetes / policy / components / policy-api / templates / deployment.yaml
1 apiVersion: apps/v1
2 kind: Deployment
3 metadata:
4   name: {{ include "common.fullname" . }}
5   namespace: {{ include "common.namespace" . }}
6   labels:
7     app: {{ include "common.name" . }}
8     chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
9     release: {{ include "common.release" . }}
10     heritage: {{ .Release.Service }}
11 spec:
12   selector:
13     matchLabels:
14       app: {{ include "common.name" . }}
15   replicas: {{ .Values.replicaCount }}
16   template:
17     metadata:
18       labels:
19         app: {{ include "common.name" . }}
20         release: {{ include "common.release" . }}
21     spec:
22       initContainers:
23         - command:
24           - /app/ready.py
25           args:
26           - --job-name
27           - {{ include "common.release" . }}-policy-galera-config
28           env:
29           - name: NAMESPACE
30             valueFrom:
31               fieldRef:
32                 apiVersion: v1
33                 fieldPath: metadata.namespace
34           image: {{ include "repositoryGenerator.image.readiness" . }}
35           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
36           name: {{ include "common.name" . }}-readiness
37         - command:
38           - sh
39           args:
40           - -c
41           - "cd /config-input && for PFILE in `ls -1`; do envsubst <${PFILE} >/config/${PFILE}; done"
42           env:
43           - name: SQL_USER
44             {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-creds" "key" "login") | indent 12 }}
45           - name: SQL_PASSWORD
46             {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-creds" "key" "password") | indent 12 }}
47           - name: RESTSERVER_USER
48             {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-creds" "key" "login") | indent 12 }}
49           - name: RESTSERVER_PASSWORD
50             {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-creds" "key" "password") | indent 12 }}
51           volumeMounts:
52           - mountPath: /config-input
53             name: apiconfig
54           - mountPath: /config
55             name: apiconfig-processed
56           image: {{ include "repositoryGenerator.image.envsubst" . }}
57           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
58           name: {{ include "common.name" . }}-update-config
59 {{ include "common.certInitializer.initContainer" . | indent 8 }}
60       containers:
61         - name: {{ include "common.name" . }}
62           image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
63           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
64 {{- if .Values.global.aafEnabled }}
65           command: ["sh","-c"]
66           args: ["source {{ .Values.certInitializer.credsPath }}/.ci;\
67                   /opt/app/policy/api/bin/policy-api.sh /opt/app/policy/api/etc/mounted/config.json"]
68 {{- else }}
69           command: ["/opt/app/policy/api/bin/policy-api.sh"]
70           args: ["/opt/app/policy/api/etc/mounted/config.json"]
71           env:
72           - name: KEYSTORE_PASSWD
73             {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "keystore-password" "key" "password") | indent 12 }}
74           - name: TRUSTSTORE_PASSWD
75             {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "truststore-password" "key" "password") | indent 12 }}
76 {{- end }}
77           ports:
78           - containerPort: {{ .Values.service.internalPort }}
79           # disable liveness probe when breakpoints set in debugger
80           # so K8s doesn't restart unresponsive container
81           {{- if eq .Values.liveness.enabled true }}
82           livenessProbe:
83             tcpSocket:
84               port: {{ .Values.service.internalPort }}
85             initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
86             periodSeconds: {{ .Values.liveness.periodSeconds }}
87           {{ end -}}
88           readinessProbe:
89             tcpSocket:
90               port: {{ .Values.service.internalPort }}
91             initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
92             periodSeconds: {{ .Values.readiness.periodSeconds }}
93           volumeMounts:
94 {{ include "common.certInitializer.volumeMount" . | indent 10 }}
95           - mountPath: /etc/localtime
96             name: localtime
97             readOnly: true
98           - mountPath: /opt/app/policy/api/etc/mounted
99             name: apiconfig-processed
100           resources:
101 {{ include "common.resources" . }}
102         {{- if .Values.nodeSelector }}
103         nodeSelector:
104 {{ toYaml .Values.nodeSelector | indent 10 }}
105         {{- end -}}
106         {{- if .Values.affinity }}
107         affinity:
108 {{ toYaml .Values.affinity | indent 10 }}
109         {{- end }}
110       serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
111       volumes:
112 {{ include "common.certInitializer.volumes" . | indent 8 }}
113         - name: localtime
114           hostPath:
115              path: /etc/localtime
116         - name: apiconfig
117           configMap:
118             name: {{ include "common.fullname" . }}-configmap
119             defaultMode: 0755
120         - name: apiconfig-processed
121           emptyDir:
122             medium: Memory
123       imagePullSecrets:
124       - name: "{{ include "common.namespace" . }}-docker-registry-key"
Introduces the ONAP Platform OOM (ONAP Operations Manager) to efficiently Deploy, Manage, Operate the ONAP platform and its components (e.g. MSO, DCAE, SDC, etc.) and infrastructure (VMs, Containers).