kubernetes/policy/components/policy-clamp-be/templates/deployment.yaml

   1 {{/*
   2 # Copyright © 2017 Amdocs, Bell Canada
   3 # Modifications Copyright © 2018 AT&T
   4 #
   5 # Licensed under the Apache License, Version 2.0 (the "License");
   6 # you may not use this file except in compliance with the License.
   7 # You may obtain a copy of the License at
   8 #
   9 #       http://www.apache.org/licenses/LICENSE-2.0
  10 #
  11 # Unless required by applicable law or agreed to in writing, software
  12 # distributed under the License is distributed on an "AS IS" BASIS,
  13 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  14 # See the License for the specific language governing permissions and
  15 # limitations under the License.
  16 */}}
  17
  18 apiVersion: apps/v1
  19 kind: Deployment
  20 metadata:
  21   name: {{ include "common.fullname" . }}
  22   namespace: {{ include "common.namespace" . }}
  23   labels:
  24     app: {{ include "common.name" . }}
  25     chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
  26     release: {{ include "common.release" . }}
  27     heritage: {{ .Release.Service }}
  28 spec:
  29   replicas: {{ .Values.replicaCount }}
  30   selector:
  31     matchLabels:
  32       app: {{ include "common.name" . }}
  33   template:
  34     metadata:
  35       labels:
  36         app: {{ include "common.name" . }}
  37         release: {{ include "common.release" . }}
  38     spec:
  39       initContainers:
  40       - command:
  41         - /app/ready.py
  42         args:
  43         - --job-name
  44         - {{ include "common.release" . }}-policy-clamp-galera-config
  45         env:
  46         - name: NAMESPACE
  47           valueFrom:
  48             fieldRef:
  49               apiVersion: v1
  50               fieldPath: metadata.namespace
  51         image: {{ include "repositoryGenerator.image.readiness" . }}
  52         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
  53         name: {{ include "common.name" . }}-readiness
  54 {{ include "common.certInitializer.initContainer" . | indent 6 }}
  55       containers:
  56         # side car containers
  57         {{ if .Values.global.centralizedLoggingEnabled }}{{ include "common.log.sidecar" . | nindent 8 }}{{ end }}
  58         # main container
  59         - name: {{ include "common.name" . }}
  60           image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
  61           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
  62           command:
  63           - sh
  64           workingDir: "/opt/policy/clamp/"
  65           args:
  66           - -c
  67           - |
  68           {{- if .Values.global.aafEnabled }}
  69             export $(grep '^cadi_' {{ .Values.certInitializer.credsPath }}/org.onap.clamp.cred.props | xargs -0)
  70             export SDC_CLIENT_PASSWORD_ENC=`java -jar {{ .Values.certInitializer.credsPath }}/aaf-cadi-aaf-2.1.20-full.jar cadi digest ${SDC_CLIENT_PASSWORD} {{ .Values.certInitializer.credsPath }}/org.onap.clamp.keyfile`;
  71             envsubst < "/opt/policy/clamp/sdc-controllers-config.json" > "/opt/policy/clamp/sdc-controllers-config-pass.json"
  72           {{- end }}
  73             java -Djava.security.egd=file:/dev/./urandom ${JAVA_RAM_CONFIGURATION} -jar ./policy-clamp-backend.jar --spring.config.location=optional:classpath:/,optional:classpath:/config/,optional:file:./,optional:file:./config/
  74           ports:
  75           - containerPort: {{ .Values.service.internalPort }}
  76           # disable liveness probe when breakpoints set in debugger
  77           # so K8s doesn't restart unresponsive container
  78           {{- if eq .Values.liveness.enabled true }}
  79           livenessProbe:
  80             tcpSocket:
  81               port: {{ .Values.service.internalPort }}
  82             initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
  83             periodSeconds: {{ .Values.liveness.periodSeconds }}
  84           {{ end -}}
  85           readinessProbe:
  86             tcpSocket:
  87               port: {{ .Values.service.internalPort }}
  88             initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
  89             periodSeconds: {{ .Values.readiness.periodSeconds }}
  90           volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
  91           - name: logs
  92             mountPath: {{ .Values.log.path }}
  93           - mountPath: /opt/policy/clamp/sdc-controllers-config.json
  94             name: {{ include "common.fullname" . }}-config
  95             subPath: sdc-controllers-config.json
  96           - mountPath: /opt/policy/clamp/application.properties
  97             name: {{ include "common.fullname" . }}-config
  98             subPath: application.properties
  99           env:
 100           - name: RUNTIME_USER
 101             {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "runtime-be-secret" "key" "login") | indent 12 }}
 102           - name: RUNTIME_PASSWORD
 103             {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "runtime-be-secret" "key" "password") | indent 12 }}
 104           - name: MYSQL_USER
 105             {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-creds" "key" "login") | indent 12 }}
 106           - name: MYSQL_PASSWORD
 107             {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-creds" "key" "password") | indent 12 }}
 108           - name: SDC_CLIENT_PASSWORD
 109             {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "sdc-creds" "key" "password") | indent 12 }}
 110           {{-  if ne "unlimited" (include "common.flavor" .) }}
 111           - name: JAVA_RAM_CONFIGURATION
 112             value: -XX:MinRAMPercentage=50 -XX:MaxRAMPercentage=75
 113           {{-  end }}
 114           resources: {{ include "common.resources" . | nindent 12 }}
 115         {{- if .Values.nodeSelector }}
 116         nodeSelector: {{ toYaml .Values.nodeSelector | nindent 10 }}
 117         {{- end -}}
 118         {{- if .Values.affinity }}
 119         affinity: {{ toYaml .Values.affinity | nindent 10 }}
 120         {{- end }}
 121       serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
 122       volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }}
 123         - name: {{ include "common.fullname" . }}-config
 124           configMap:
 125             name: {{ include "common.fullname" . }}-configmap
 126             items:
 127             - key: sdc-controllers-config.json
 128               path: sdc-controllers-config.json
 129             - key: application.properties
 130               path: application.properties
 131         - name:  logs
 132           emptyDir: {}
 133         {{ if .Values.global.centralizedLoggingEnabled }}{{ include "common.log.volumes" . | nindent 8 }}{{ end }}
 134       imagePullSecrets:
 135       - name: "{{ include "common.namespace" . }}-docker-registry-key"