{{/* #============LICENSE_START======================================================== # ================================================================================ # Copyright (c) 2019-2020 AT&T Intellectual Property. All rights reserved. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # ============LICENSE_END========================================================= */}} apiVersion: apps/v1 kind: Deployment metadata: name: {{ include "common.fullname" . }} namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} release: {{ include "common.release" . }} heritage: {{ .Release.Service }} spec: replicas: 1 selector: matchLabels: app: {{ include "common.name" . }} template: metadata: labels: app: {{ include "common.name" . }} release: {{ include "common.release" . }} spec: initContainers: - name: {{ include "common.name" . }}-readiness image: {{ include "repositoryGenerator.image.readiness" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: - /app/ready.py args: - --container-name - dcae-deployment-handler - --container-name - consul-server - --container-name - policy-xacml-pdp - "-t" - "45" env: - name: NAMESPACE valueFrom: fieldRef: apiVersion: v1 fieldPath: metadata.namespace - name: init-tls env: - name: POD_IP valueFrom: fieldRef: apiVersion: v1 fieldPath: status.podIP - name: aaf_locator_fqdn value: dcae image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.tlsImage }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} resources: {} volumeMounts: - mountPath: /opt/app/osaaf name: tls-info - name: init-consul image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.consulLoaderImage }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} args: - --key - policy_handler|/phconfig/config.json resources: {} volumeMounts: - mountPath: /phconfig name: ph-config containers: - name: {{ include "common.name" . }} image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} resources: {{ include "common.resources" . | indent 12 }} ports: - containerPort: {{ .Values.service.internalPort }} # disable liveness probe when breakpoints set in debugger # so K8s doesn't restart unresponsive container {{- if eq .Values.liveness.enabled true }} livenessProbe: tcpSocket: port: {{ .Values.service.internalPort }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} {{ end }} readinessProbe: httpGet: path: {{ .Values.readiness.path }} port: {{ .Values.service.internalPort }} scheme: {{ .Values.readiness.scheme }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} volumeMounts: - mountPath: /app/logs name: component-log - mountPath: /app/etc/tls/certs/ name: tls-info env: - name: CONSUL_HOST value: consul-server.{{ include "common.namespace" . }} - name: CLOUDIFY_USER value: admin - name: CLOUDIFY_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cm-pass" "key" "password") | indent 14 }} - name: CONFIG_BINDING_SERVICE value: config-binding-service - name: POD_IP valueFrom: fieldRef: apiVersion: v1 fieldPath: status.podIP - name: {{ include "common.name" . }}-filebeat env: - name: POD_IP valueFrom: fieldRef: apiVersion: v1 fieldPath: status.podIP image: {{ include "repositoryGenerator.image.logging" . }} imagePullPolicy: IfNotPresent resources: {} volumeMounts: - mountPath: /var/log/onap/policy-handler name: component-log - mountPath: /usr/share/filebeat/data name: filebeat-data - mountPath: /usr/share/filebeat/filebeat.yml name: filebeat-conf subPath: filebeat.yml serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: - emptyDir: {} name: component-log - emptyDir: {} name: filebeat-data - configMap: defaultMode: 420 name: {{ include "common.fullname" . }}-filebeat-configmap name: filebeat-conf - emptyDir: {} name: tls-info - configMap: defaultMode: 422 name: {{ include "common.fullname" . }}-configmap name: ph-config imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key"