{{/* # Copyright © 2018 Amdocs, Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. */}} apiVersion: apps/v1 kind: Deployment metadata: name: {{ include "common.fullname" . }} namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} release: {{ include "common.release" . }} heritage: {{ .Release.Service }} spec: selector: matchLabels: app: {{ include "common.name" . }} replicas: {{ .Values.replicaCount }} template: metadata: labels: app: {{ include "common.name" . }} release: {{ include "common.release" . }} spec: initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }} - name: {{ include "common.name" . }}-readiness command: - /app/ready.py args: - --container-name - "sdc-wfd-be" env: - name: NAMESPACE valueFrom: fieldRef: apiVersion: v1 fieldPath: metadata.namespace image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} resources: limits: cpu: 100m memory: 100Mi requests: cpu: 3m memory: 20Mi {{- if .Values.global.aafEnabled }} - name: {{ include "common.fullname" . }}-move-cert command: - /bin/sh args: - -c - | cp {{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.keystoreFile }} /sdc-certs/{{ .Values.certInitializer.keystoreFile }} cp {{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.truststoreFile }} /sdc-certs/{{ .Values.certInitializer.truststoreFile }} cp {{ .Values.certInitializer.credsPath }}/mycreds.prop /sdc-certs/mycreds.prop image: "{{ .Values.global.busyboxRepository }}/{{ .Values.global.busyboxImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }} - name: sdc-certs mountPath: /sdc-certs resources: limits: cpu: 100m memory: 100Mi requests: cpu: 3m memory: 20Mi {{- end }} containers: - name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} {{- if .Values.global.aafEnabled }} command: - sh args: - "-c" - | export $(grep '^c' /sdc-certs/mycreds.prop | xargs -0) export KEYSTORE_PASS=$cadi_keystore_password_p12 export TRUSTSTORE_PASS=$cadi_truststore_password export KEYSTORE_PATH=/etc/{{ .Values.certInitializer.keystoreFile }} export TRUSTSTORE_PATH=/etc/{{ .Values.certInitializer.truststoreFile }} ./startup.sh {{- end }} ports: - containerPort: {{ template "wfd-fe.internalPort" . }} {{ if .Values.liveness.enabled }} livenessProbe: tcpSocket: port: {{ template "wfd-fe.internalPort" . }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} {{ end }} readinessProbe: tcpSocket: port: {{ template "wfd-fe.internalPort" . }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} env: - name: ENVNAME value: {{ .Values.env.name }} - name: JAVA_OPTIONS value: {{ .Values.config.javaOptions }} - name: BACKEND value: {{ .Values.config.backendServerURL }} - name: IS_HTTPS value: "{{ .Values.config.isHttpsEnabled}}" {{ if and .Values.config.isHttpsEnabled (eq .Values.security.isDefaultStore false) }} - name: TRUST_ALL value: "{{ .Values.config.isTrustAll}}" {{ end }} volumeMounts: - name: {{ include "common.fullname" . }}-localtime mountPath: /etc/localtime readOnly: true {{- if .Values.global.aafEnabled }} - name: sdc-certs mountPath: /sdc-certs/mycreds.prop subPath: mycreds.prop - name: sdc-certs mountPath: /var/lib/jetty/etc/{{ .Values.certInitializer.keystoreFile }} subPath: {{ .Values.certInitializer.keystoreFile }} - name: sdc-certs mountPath: /var/lib/jetty/etc/{{ .Values.certInitializer.truststoreFile }} subPath: {{ .Values.certInitializer.truststoreFile }} {{ end }} resources: {{ include "common.resources" . | nindent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} {{- end -}} {{- if .Values.affinity }} affinity: {{ toYaml .Values.affinity | indent 10 }} {{- end }} # side car containers - name: {{ include "common.name" . }}-filebeat-onap image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: - name: {{ include "common.fullname" . }}-filebeat-conf mountPath: /usr/share/filebeat/filebeat.yml subPath: filebeat.yml - name: {{ include "common.fullname" . }}-logs mountPath: /var/log/onap - name: {{ include "common.fullname" . }}-data-filebeat mountPath: /usr/share/filebeat/data resources: limits: cpu: 100m memory: 100Mi requests: cpu: 3m memory: 20Mi volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }} - name: {{ include "common.fullname" . }}-localtime hostPath: path: /etc/localtime {{- if .Values.global.aafEnabled }} - name: sdc-certs emptyDir: medium: "Memory" {{- end }} - name: {{ include "common.fullname" . }}-filebeat-conf configMap: name: {{ include "common.release" . }}-sdc-filebeat-configmap - name: {{ include "common.fullname" . }}-data-filebeat emptyDir: {} - name: {{ include "common.fullname" . }}-logs emptyDir: {} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key"