Code Review / oom.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
[CONSUL] Add limits to consul chart.
[oom.git] / kubernetes / policy / components / policy-distribution / templates / deployment.yaml
1 #  ============LICENSE_START=======================================================
2 #   Copyright (C) 2020 AT&T Intellectual Property.
3 #  ================================================================================
4 #  Licensed under the Apache License, Version 2.0 (the "License");
5 #  you may not use this file except in compliance with the License.
6 #  You may obtain a copy of the License at
7 #
8 #       http://www.apache.org/licenses/LICENSE-2.0
9 #
10 #  Unless required by applicable law or agreed to in writing, software
11 #  distributed under the License is distributed on an "AS IS" BASIS,
12 #  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 #  See the License for the specific language governing permissions and
14 #  limitations under the License.
15 #
16 #  SPDX-License-Identifier: Apache-2.0
17 #  ============LICENSE_END=========================================================
18
19 apiVersion: apps/v1
20 kind: Deployment
21 metadata:
22   name: {{ include "common.fullname" . }}
23   namespace: {{ include "common.namespace" . }}
24   labels:
25     app: {{ include "common.name" . }}
26     chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
27     release: {{ include "common.release" . }}
28     heritage: {{ .Release.Service }}
29 spec:
30   selector:
31     matchLabels:
32       app: {{ include "common.name" . }}
33   replicas: {{ .Values.replicaCount }}
34   template:
35     metadata:
36       labels:
37         app: {{ include "common.name" . }}
38         release: {{ include "common.release" . }}
39     spec:
40       initContainers:
41       - command:
42         - sh
43         args:
44         - -c
45         - "cd /config-input && for PFILE in `ls -1`; do envsubst <${PFILE} >/config/${PFILE}; done"
46         env:
47         - name: RESTSERVER_USER
48           {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-creds" "key" "login") | indent 10 }}
49         - name: RESTSERVER_PASSWORD
50           {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-creds" "key" "password") | indent 10 }}
51         - name: API_USER
52           {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "apiparameters-creds" "key" "login") | indent 10 }}
53         - name: API_PASSWORD
54           {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "apiparameters-creds" "key" "password") | indent 10 }}
55         - name: PAP_USER
56           {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "papparameters-creds" "key" "login") | indent 10 }}
57         - name: PAP_PASSWORD
58           {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "papparameters-creds" "key" "password") | indent 10 }}
59         - name: SDCBE_USER
60           {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "sdcbe-creds" "key" "login") | indent 10 }}
61         - name: SDCBE_PASSWORD
62           {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "sdcbe-creds" "key" "password") | indent 10 }}
63         volumeMounts:
64         - mountPath: /config-input
65           name: distributionconfig-input
66         - mountPath: /config
67           name: distributionconfig
68         image: "{{ .Values.global.envsubstImage }}"
69         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
70         name: {{ include "common.name" . }}-update-config
71 {{ include "common.certInitializer.initContainer" . | indent 6 }}
72       containers:
73         - name: {{ include "common.name" . }}
74           image: "{{ include "common.repository" . }}/{{ .Values.image }}"
75           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
76 {{- if .Values.global.aafEnabled }}
77           command: ["bash","-c"]
78           args: ["source {{ .Values.certInitializer.credsPath }}/.ci;\
79                   /opt/app/policy/distribution/bin/policy-dist.sh /opt/app/policy/distribution/etc/mounted/config.json"]
80 {{- else }}
81           command: ["/opt/app/policy/distribution/bin/policy-dist.sh"]
82           args: ["/opt/app/policy/distribution/etc/mounted/config.json"]
83           env:
84           - name: KEYSTORE_PASSWD
85             {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "keystore-password" "key" "password") | indent 12 }}
86           - name: TRUSTSTORE_PASSWD
87             {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "truststore-password" "key" "password") | indent 12 }}
88 {{- end }}
89           ports:
90           - containerPort: {{ .Values.service.internalPort }}
91           # disable liveness probe when breakpoints set in debugger
92           # so K8s doesn't restart unresponsive container
93           {{- if eq .Values.liveness.enabled true }}
94           livenessProbe:
95             tcpSocket:
96               port: {{ .Values.service.internalPort }}
97             initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
98             periodSeconds: {{ .Values.liveness.periodSeconds }}
99           {{ end -}}
100           readinessProbe:
101             tcpSocket:
102               port: {{ .Values.service.internalPort }}
103             initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
104             periodSeconds: {{ .Values.readiness.periodSeconds }}
105           volumeMounts:
106 {{ include "common.certInitializer.volumeMount" . | indent 10 }}
107           - mountPath: /etc/localtime
108             name: localtime
109             readOnly: true
110           - mountPath: /opt/app/policy/distribution/etc/mounted
111             name: distributionconfig
112           resources:
113 {{ include "common.resources" . }}
114         {{- if .Values.nodeSelector }}
115         nodeSelector:
116 {{ toYaml .Values.nodeSelector | indent 10 }}
117         {{- end -}}
118         {{- if .Values.affinity }}
119         affinity:
120 {{ toYaml .Values.affinity | indent 10 }}
121         {{- end }}
122       volumes:
123 {{ include "common.certInitializer.volumes" . | indent 8 }}
124         - name: localtime
125           hostPath:
126              path: /etc/localtime
127         - name: distributionconfig-input
128           configMap:
129             name: {{ include "common.fullname" . }}-configmap
130             defaultMode: 0755
131         - name: distributionconfig
132           emptyDir:
133             medium: Memory
134       imagePullSecrets:
135       - name: "{{ include "common.namespace" . }}-docker-registry-key"
Introduces the ONAP Platform OOM (ONAP Operations Manager) to efficiently Deploy, Manage, Operate the ONAP platform and its components (e.g. MSO, DCAE, SDC, etc.) and infrastructure (VMs, Containers).