Code Review / oom.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
[SDC] use of certInitializer template
[oom.git] / kubernetes / sdc / components / sdc-wfd-fe / templates / deployment.yaml
1 # Copyright © 2018 Amdocs, Bell Canada
2 #
3 # Licensed under the Apache License, Version 2.0 (the "License");
4 # you may not use this file except in compliance with the License.
5 # You may obtain a copy of the License at
6 #
7 #       http://www.apache.org/licenses/LICENSE-2.0
8 #
9 # Unless required by applicable law or agreed to in writing, software
10 # distributed under the License is distributed on an "AS IS" BASIS,
11 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 # See the License for the specific language governing permissions and
13 # limitations under the License.
14
15 apiVersion: apps/v1
16 kind: Deployment
17 metadata:
18   name: {{ include "common.fullname" . }}
19   namespace: {{ include "common.namespace" . }}
20   labels:
21     app: {{ include "common.name" . }}
22     chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
23     release: {{ include "common.release" . }}
24     heritage: {{ .Release.Service }}
25 spec:
26   selector:
27     matchLabels:
28       app: {{ include "common.name" . }}
29   replicas: {{ .Values.replicaCount }}
30   template:
31     metadata:
32       labels:
33         app: {{ include "common.name" . }}
34         release: {{ include "common.release" . }}
35     spec:
36       initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }}
37       - name: {{ include "common.name" . }}-readiness
38         command:
39         - /app/ready.py
40         args:
41         - --container-name
42         - "sdc-wfd-be"
43         env:
44         - name: NAMESPACE
45           valueFrom:
46             fieldRef:
47               apiVersion: v1
48               fieldPath: metadata.namespace
49         image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}"
50         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
51       {{- if .Values.global.aafEnabled }}
52       - name: {{ include "common.fullname" . }}-move-cert
53         command:
54           - /bin/sh
55         args:
56           - -c
57           - |
58             cp {{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.keystoreFile }} /sdc-certs/{{ .Values.certInitializer.keystoreFile }}
59             cp {{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.truststoreFile }} /sdc-certs/{{ .Values.certInitializer.truststoreFile }}
60             cp {{ .Values.certInitializer.credsPath }}/mycreds.prop /sdc-certs/mycreds.prop
61         image: "{{ .Values.global.busyboxRepository }}/{{ .Values.global.busyboxImage }}"
62         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
63         volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
64           - name: sdc-certs
65             mountPath: /sdc-certs
66       {{- end }}
67       containers:
68         - name: {{ include "common.name" . }}
69           image: "{{ include "common.repository" . }}/{{ .Values.image }}"
70           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
71           {{- if .Values.global.aafEnabled }}
72           command:
73           - sh
74           args:
75           - "-c"
76           - |
77             export $(grep '^c' /sdc-certs/mycreds.prop | xargs -0)
78             export KEYSTORE_PASS=$cadi_keystore_password_p12
79             export TRUSTSTORE_PASS=$cadi_truststore_password
80             export KEYSTORE_PATH=/etc/{{ .Values.certInitializer.keystoreFile }}
81             export TRUSTSTORE_PATH=/etc/{{ .Values.certInitializer.truststoreFile }}
82             ./startup.sh
83           {{- end }}
84           ports:
85           - containerPort: {{ template "wfd-fe.internalPort" . }}
86           {{ if .Values.liveness.enabled }}
87           livenessProbe:
88             tcpSocket:
89               port: {{ template "wfd-fe.internalPort" . }}
90             initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
91             periodSeconds: {{ .Values.liveness.periodSeconds }}
92           {{ end }}
93           readinessProbe:
94             tcpSocket:
95               port: {{ template "wfd-fe.internalPort" . }}
96             initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
97             periodSeconds: {{ .Values.readiness.periodSeconds }}
98           env:
99           - name: ENVNAME
100             value: {{ .Values.env.name }}
101           - name: JAVA_OPTIONS
102             value: {{ .Values.config.javaOptions }}
103           - name: BACKEND
104             value: {{ .Values.config.backendServerURL }}
105           - name: IS_HTTPS
106             value: "{{ .Values.config.isHttpsEnabled}}"
107             {{ if and .Values.config.isHttpsEnabled (eq .Values.security.isDefaultStore false) }}
108           - name: TRUST_ALL
109             value: "{{ .Values.config.isTrustAll}}"
110             {{ end }}
111           volumeMounts:
112           - name: {{ include "common.fullname" . }}-localtime
113             mountPath: /etc/localtime
114             readOnly: true
115           {{- if .Values.global.aafEnabled }}
116           - name: sdc-certs
117             mountPath: /sdc-certs
118             subpath: mycreds.prop
119           - name: sdc-certs
120             mountPath: /var/lib/jetty/etc/{{ .Values.certInitializer.keystoreFile }}
121             subPath: {{ .Values.certInitializer.keystoreFile }}
122           - name: sdc-certs
123             mountPath: /var/lib/jetty/etc/{{ .Values.certInitializer.truststoreFile }}
124             subPath: {{ .Values.certInitializer.truststoreFile }}
125           {{ end }}
126           resources:
127 {{ include "common.resources" . | indent 12 }}
128         {{- if .Values.nodeSelector }}
129         nodeSelector:
130 {{ toYaml .Values.nodeSelector | indent 10 }}
131         {{- end -}}
132         {{- if .Values.affinity }}
133         affinity:
134 {{ toYaml .Values.affinity | indent 10 }}
135         {{- end }}
136         # side car containers
137         - name: {{ include "common.name" . }}-filebeat-onap
138           image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}"
139           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
140           volumeMounts:
141           - name: {{ include "common.fullname" . }}-filebeat-conf
142             mountPath: /usr/share/filebeat/filebeat.yml
143             subPath: filebeat.yml
144           - name: {{ include "common.fullname" . }}-logs
145             mountPath: /var/log/onap
146           - name: {{ include "common.fullname" . }}-data-filebeat
147             mountPath: /usr/share/filebeat/data
148       volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }}
149         - name: {{ include "common.fullname" . }}-localtime
150           hostPath:
151             path: /etc/localtime
152         {{- if .Values.global.aafEnabled }}
153         - name: sdc-certs
154           emptyDir:
155             medium: "Memory"
156         {{- end }}
157         - name: {{ include "common.fullname" . }}-filebeat-conf
158           configMap:
159             name: {{ include "common.release" . }}-sdc-filebeat-configmap
160         - name: {{ include "common.fullname" . }}-data-filebeat
161           emptyDir: {}
162         - name:  {{ include "common.fullname" . }}-logs
163           emptyDir: {}
164       imagePullSecrets:
165       - name: "{{ include "common.namespace" . }}-docker-registry-key"
Introduces the ONAP Platform OOM (ONAP Operations Manager) to efficiently Deploy, Manage, Operate the ONAP platform and its components (e.g. MSO, DCAE, SDC, etc.) and infrastructure (VMs, Containers).