{{/* # Copyright © 2017 Amdocs, AT&T, Bell Canada # Modifications Copyright © 2018 ZTE # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. */}} apiVersion: apps/v1 kind: Deployment metadata: {{- include "common.resourceMetadata" . | nindent 2 }} spec: selector: {{- include "common.selectors" . | nindent 4 }} replicas: {{ .Values.replicaCount }} template: metadata: {{- include "common.templateMetadata" . | nindent 6 }} spec: initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }} - name: {{ include "common.name" . }}-readiness command: - /app/ready.py args: - --container-name - "sdc-onboarding-be" {{- if not .Values.global.kafka.useKafka }} - --container-name - "message-router" {{- end }} env: - name: NAMESPACE valueFrom: fieldRef: apiVersion: v1 fieldPath: metadata.namespace image: {{ include "repositoryGenerator.image.readiness" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} resources: limits: cpu: 100m memory: 100Mi requests: cpu: 3m memory: 20Mi - name: {{ include "common.name" . }}-job-completion image: {{ include "repositoryGenerator.image.readiness" . }} imagePullPolicy: "{{ .Values.global.pullPolicy | default .Values.pullPolicy }}" command: - /app/ready.py args: - --job-name - {{ include "common.release" . }}-sdc-onboarding-be-cassandra-init env: - name: NAMESPACE valueFrom: fieldRef: apiVersion: v1 fieldPath: metadata.namespace resources: limits: cpu: 100m memory: 100Mi requests: cpu: 3m memory: 20Mi {{- if .Values.global.aafEnabled }} - name: {{ include "common.name" . }}-update-config image: {{ include "repositoryGenerator.image.envsubst" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: - sh args: - "-c" - | export $(grep '^c' {{ .Values.certInitializer.credsPath }}/mycreds.prop | xargs -0) export KEYSTORE_PASS=$cadi_keystore_password_p12 export KEYMANAGER_PASS=$cadi_keystore_password_p12 export TRUSTSTORE_PASS=$cadi_truststore_password cp {{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.keystoreFile }} /config-output cp {{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.truststoreFile }} /config-output cd /config-input && \ for PFILE in `find . -not -type d | grep -v -F ..` do envsubst <${PFILE} >/config-output/${PFILE} chmod 0755 /config-output/${PFILE} done resources: limits: cpu: 100m memory: 100Mi requests: cpu: 3m memory: 20Mi volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 8 }} - name: sdc-environments-input mountPath: /config-input/ - name: sdc-environments mountPath: /config-output/ {{- end }} containers: - name: {{ include "common.name" . }} image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} {{- if .Values.global.aafEnabled }} command: - sh args: - "-c" - | sed -i '/trustStorePassword/d' ${JETTY_BASE}/startup.sh ${JETTY_BASE}/startup.sh {{- end }} ports: {{ include "common.containerPorts" . | nindent 10 }} {{ if eq .Values.liveness.enabled true }} livenessProbe: httpGet: path: /sdc2/rest/healthCheck port: {{ .Values.service.internalPort }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} successThreshold: {{ .Values.liveness.successThreshold }} failureThreshold: {{ .Values.liveness.failureThreshold }} {{ end }} readinessProbe: httpGet: path: /sdc2/rest/healthCheck port: {{ .Values.service.internalPort }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} timeoutSeconds: {{ .Values.readiness.timeoutSeconds }} successThreshold: {{ .Values.readiness.successThreshold }} failureThreshold: {{ .Values.readiness.failureThreshold }} resources: {{ include "common.resources" . | nindent 12 }} startupProbe: httpGet: path: /sdc2/rest/healthCheck port: {{ .Values.service.internalPort }} initialDelaySeconds: {{ .Values.startup.initialDelaySeconds }} periodSeconds: {{ .Values.startup.periodSeconds }} timeoutSeconds: {{ .Values.startup.timeoutSeconds }} successThreshold: {{ .Values.startup.successThreshold }} failureThreshold: {{ .Values.startup.failureThreshold }} resources: {{ include "common.resources" . | nindent 12 }} env: - name: ENVNAME value: {{ .Values.env.name }} - name: JAVA_OPTIONS value: {{ .Values.config.javaOptions }} - name: cassandra_ssl_enabled value: {{ .Values.config.cassandraSslEnabled | quote }} - name: HOST_IP valueFrom: fieldRef: fieldPath: status.podIP {{- if .Values.global.kafka.useKafka }} - name: SASL_JAAS_CONFIG {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "sdc-be-kafka-secret" "key" "sasl.jaas.config") | indent 12 }} - name: USE_KAFKA value: {{ .Values.global.kafka.useKafka | quote }} {{- end }} volumeMounts: - name: sdc-environments mountPath: /app/jetty/chef-solo/environments/ {{- if .Values.global.aafEnabled }} - name: sdc-environments mountPath: /app/jetty/chef-solo/cookbooks/sdc-catalog-be/files/default/org.onap.sdc.p12 subPath: org.onap.sdc.p12 - name: sdc-environments mountPath: /app/jetty/chef-solo/cookbooks/sdc-catalog-be/files/default/org.onap.sdc.trust.jks subPath: org.onap.sdc.trust.jks {{- end }} - name: localtime mountPath: /etc/localtime readOnly: true - name: logs mountPath: /var/log/onap - name: logback mountPath: /tmp/logback.xml subPath: logback.xml lifecycle: postStart: exec: command: ["/bin/sh", "-c", "export LOG=wait_logback.log; touch $LOG; export SRC=/tmp/logback.xml; export DST=/app/jetty/config/catalog-be/; while [ ! -e $DST ]; do echo 'Waiting for $DST...' >> $LOG; sleep 5; done; sleep 2; /bin/cp -f $SRC $DST; echo 'Done' >> $LOG"] # side car containers {{ include "common.log.sidecar" . | nindent 8 }} serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }} - name: localtime hostPath: path: /etc/localtime {{ include "common.log.volumes" (dict "dot" . "configMapNamePrefix" (tpl .Values.logConfigMapNamePrefix .)) | nindent 6 }} - name: logback configMap: name : {{ include "common.fullname" . }}-logging-configmap - name: sdc-environments {{- if .Values.global.aafEnabled }} emptyDir: { medium: "Memory" } - name: sdc-environments-input {{- end }} configMap: name: {{ include "common.release" . }}-sdc-environments-configmap defaultMode: 0755 - name: logs emptyDir: {} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key"