Code Review / oom.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
[OOM] Fixing k8s ServiceAccounts
[oom.git] / kubernetes / so / components / so-mariadb / templates / job.yaml
1 {{/*
2 # Copyright © 2017 Amdocs, Bell Canada
3 # Modifications Copyright (C) 2022/23 Nordix Foundation
4 #
5 # Licensed under the Apache License, Version 2.0 (the "License");
6 # you may not use this file except in compliance with the License.
7 # You may obtain a copy of the License at
8 #
9 #       http://www.apache.org/licenses/LICENSE-2.0
10 #
11 # Unless required by applicable law or agreed to in writing, software
12 # distributed under the License is distributed on an "AS IS" BASIS,
13 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 # See the License for the specific language governing permissions and
15 # limitations under the License.
16 */}}
17 {{- if .Values.global.migration.enabled }}
18 apiVersion: batch/v1
19 kind: Job
20 metadata:
21   name: {{ include "common.fullname" . }}-backup
22   namespace: {{ include "common.namespace" . }}
23   labels:
24     app: {{ include "common.name" . }}
25     chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
26     release: {{ include "common.release" . }}
27     heritage: {{ .Release.Service }}
28   annotations:
29     "helm.sh/hook": pre-upgrade,pre-install
30     "helm.sh/hook-weight": "1"
31     "helm.sh/hook-delete-policy": before-hook-creation
32 spec:
33   backoffLimit: 20
34   template:
35     metadata:
36       labels:
37         app: {{ include "common.name" . }}
38         release: {{ include "common.release" . }}
39       name: {{ include "common.name" . }}
40     spec:
41       containers:
42       - name: {{ include "common.fullname" . }}
43         image: {{ include "repositoryGenerator.image.mariadb" . }}
44         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
45         env:
46         - name: DB_HOST
47           value: {{ .Values.global.migration.dbHost }}
48         - name: DB_USER
49           {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-backup-creds" "key" "login") | indent 10 }}
50         - name: DB_PORT
51           value: "{{ .Values.global.migration.dbPort }}"
52         - name: DB_PASS
53           {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-backup-creds" "key" "password") | indent 10 }}
54         command:
55         - /bin/bash
56         - -c
57         - |
58           {{- if include "common.onServiceMesh" . }}
59           echo "waiting 15s for istio side cars to be up"; sleep 15s;{{- end }}
60           mysqldump -vv --user=${DB_USER} --password=${DB_PASS} --host=${DB_HOST} --port=${DB_PORT} --databases --single-transaction --quick --lock-tables=false catalogdb requestdb nfvo cnfm > /var/data/mariadb/backup-`date +%s`.sql
61         volumeMounts:
62         - mountPath: /etc/localtime
63           name: localtime
64           readOnly: true
65         - name: backup-storage
66           mountPath: /var/data/mariadb
67       {{ include "common.waitForJobContainer" . | indent 6 | trim }}
68       serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
69       volumes:
70       - name: localtime
71         hostPath:
72           path: /etc/localtime
73       - name: backup-storage
74         persistentVolumeClaim:
75           claimName: {{ include "common.fullname" . }}-migration
76       imagePullSecrets:
77         - name: "{{ include "common.namespace" . }}-docker-registry-key"
78       restartPolicy: Never
79 ---
80 {{- end }}
81 apiVersion: batch/v1
82 kind: Job
83 metadata:
84   name: {{ include "common.fullname" . }}-config-job
85   namespace: {{ include "common.namespace" . }}
86   labels:
87     app: {{ include "common.name" . }}
88     chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
89     release: {{ include "common.release" . }}
90     heritage: {{ .Release.Service }}
91   annotations:
92     "helm.sh/hook": post-upgrade,post-rollback,post-install
93     "helm.sh/hook-weight": "0"
94     "helm.sh/hook-delete-policy": before-hook-creation
95 spec:
96   backoffLimit: 20
97   template:
98     metadata:
99       labels:
100         app: {{ include "common.name" . }}-job
101         release: {{ include "common.release" . }}
102       name: {{ include "common.name" . }}
103     spec:
104       initContainers: {{ include "common.readinessCheck.waitFor" . | nindent 6 }}
105       containers:
106       - name: {{ include "common.name" . }}-config
107         image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
108         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
109         command:
110         - /bin/bash
111         - -c
112         - >
113           {{- if include "common.onServiceMesh" . }}
114           echo "waiting 15s for istio side cars to be up"; sleep 15s;{{- end }}
115           mysql() { /usr/bin/mysql  -h ${DB_HOST} -P ${DB_PORT} "$@"; };
116           export -f mysql;
117           mysql --user=root --password=${MYSQL_ROOT_PASSWORD} requestdb -e exit > /dev/null 2>&1 {{ if not .Values.global.migration.enabled }} && echo "Database already initialized!!!" && exit 0 {{ end }};
118           for f in /docker-entrypoint-initdb.d/*; do case "$f" in  *.sh) echo "$0: running $f"; . "$f" ;;  *.sql) echo "$0: running $f"; "${mysql[@]}" < "$f"; echo ;; *.sql.gz) echo "$0: running $f"; gunzip -c "$f" | "${mysql[@]}"; echo ;;  *) echo "$0: ignoring $f" ;;  esac; echo; done;
119           {{- if .Values.global.migration.enabled }}
120           mysql -vv --user=root --password=${MYSQL_ROOT_PASSWORD} < `ls -tr /var/data/mariadb/* | tail -1`;
121           {{- end }}
122         env:
123         - name: DB_HOST
124           value: {{ include "common.mariadbService" . }}
125         - name: DB_PORT
126           value: {{ include "common.mariadbPort" . | quote }}
127         - name: MYSQL_ROOT_PASSWORD
128           {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-root-pass" "key" "password") | indent 10 }}
129         - name: DB_USER
130           {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-user-creds" "key" "login") | indent 10 }}
131         - name: DB_PASSWORD
132           {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-user-creds" "key" "password") | indent 10 }}
133         - name: DB_ADMIN
134           {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-admin-creds" "key" "login") | indent 10 }}
135         - name: DB_ADMIN_PASSWORD
136           {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-admin-creds" "key" "password") | indent 10 }}
137         - name: CAMUNDA_DB_USER
138           {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "camunda-db-creds" "key" "login") | indent 10 }}
139         - name: CAMUNDA_DB_PASSWORD
140           {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "camunda-db-creds" "key" "password") | indent 10 }}
141         - name: REQUEST_DB_USER
142           {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "request-db-creds" "key" "login") | indent 10 }}
143         - name: REQUEST_DB_PASSWORD
144           {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "request-db-creds" "key" "password") | indent 10 }}
145         - name: CATALOG_DB_USER
146           {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "catalog-db-creds" "key" "login") | indent 10 }}
147         - name: CATALOG_DB_PASSWORD
148           {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "catalog-db-creds" "key" "password") | indent 10 }}
149         - name: NFVO_DB_USER
150           {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "nfvo-db-creds" "key" "login") | indent 10 }}
151         - name: NFVO_DB_PASSWORD
152           {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "nfvo-db-creds" "key" "password") | indent 10 }}
153         - name: CNFM_DB_USER
154           {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cnfm-db-creds" "key" "login") | indent 10 }}
155         - name: CNFM_DB_PASSWORD
156           {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cnfm-db-creds" "key" "password") | indent 10 }}
157         volumeMounts:
158         - mountPath: /etc/localtime
159           name: localtime
160           readOnly: true
161         - name: docker-entrypoint-initdb-d-sh
162           mountPath: "/docker-entrypoint-initdb.d"
163         - name: docker-entrypoint-initdb-d-sql
164           mountPath: "/docker-entrypoint-initdb.d/db-sql-scripts"
165         {{- if .Values.global.migration.enabled }}
166         - name: backup-storage
167           mountPath: /var/data/mariadb
168         {{- end }}
169         resources: {{ include "common.resources" . | nindent 10 }}
170       {{ include "common.waitForJobContainer" . | indent 6 | trim }}
171       {{- if .Values.nodeSelector }}
172       nodeSelector:
173 {{ toYaml .Values.nodeSelector | indent 10 }}
174       {{- end -}}
175       {{- if .Values.affinity }}
176       affinity:
177 {{ toYaml .Values.affinity | indent 10 }}
178       {{- end }}
179       serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
180       volumes:
181       - name: localtime
182         hostPath:
183           path: /etc/localtime
184       - name: docker-entrypoint-initdb-d-sh
185         configMap:
186           name: {{ include "common.fullname" . }}-mariadb-sh
187       - name: docker-entrypoint-initdb-d-sql
188         configMap:
189           name: {{ include "common.fullname" . }}-mariadb-sql
190       {{- if .Values.global.migration.enabled }}
191       - name: backup-storage
192         persistentVolumeClaim:
193           claimName: {{ include "common.fullname" . }}-migration
194       {{- end }}
195       restartPolicy: Never
196       imagePullSecrets:
197       - name: "{{ include "common.namespace" . }}-docker-registry-key"
Introduces the ONAP Platform OOM (ONAP Operations Manager) to efficiently Deploy, Manage, Operate the ONAP platform and its components (e.g. MSO, DCAE, SDC, etc.) and infrastructure (VMs, Containers).