{{/* # Copyright © 2020 Samsung Electronics # Copyright © 2017 Amdocs, Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. */}} apiVersion: apps/v1 kind: StatefulSet metadata: {{- include "common.resourceMetadata" . | nindent 2 }} spec: selector: matchLabels: app: {{ include "common.name" . }} serviceName: {{ include "common.servicename" . }}-cluster replicas: {{ .Values.replicaCount }} selector: {{- include "common.selectors" . | nindent 4 }} podManagementPolicy: Parallel template: metadata: {{- include "common.templateMetadata" . | nindent 6 }} spec: initContainers: - command: - sh args: - -c - "cd /config-input && for PFILE in `ls -1 .`; do envsubst <${PFILE} >/config/${PFILE}; done" env: - name: AAI_CLIENT_NAME {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "aai-user-creds" "key" "login") | indent 10 }} - name: AAI_CLIENT_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "aai-user-creds" "key" "password") | indent 10 }} - name: MODELSERVICE_USER {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "modeling-user-creds" "key" "login") | indent 10 }} - name: MODELSERVICE_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "modeling-user-creds" "key" "password") | indent 10 }} - name: RESTCONF_USER {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restconf-creds" "key" "login") | indent 10 }} - name: RESTCONF_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restconf-creds" "key" "password") | indent 10 }} - name: ANSIBLE_USER {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "ansible-creds" "key" "login") | indent 10 }} - name: ANSIBLE_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "ansible-creds" "key" "password") | indent 10 }} - name: SCALEOUT_USER {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "scaleout-creds" "key" "login") | indent 10 }} - name: SCALEOUT_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "scaleout-creds" "key" "password") | indent 10 }} - name: NETBOX_APIKEY {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "netbox-apikey" "key" "password") | indent 10 }} - name: SDNC_DB_USER {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 10 }} - name: SDNC_DB_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 10 }} - name: ODL_ADMIN_USERNAME {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "login") | indent 10 }} - name: ODL_ADMIN_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "password") | indent 10 }} volumeMounts: - mountPath: /config-input name: config-input - mountPath: /config name: properties image: "{{ .Values.global.envsubstImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }}-update-config {{ if .Values.dgbuilder.enabled -}} - command: - /app/ready.py args: {{ if or .Values.dgbuilder.enabled .Values.config.sdnr.enabled -}} - --container-name - {{ include "common.mariadbService" . }} {{ end -}} {{ if .Values.config.sdnr.enabled -}} - --container-name - {{ include "common.name" . }}-sdnrdb-init-job {{ end -}} env: - name: NAMESPACE valueFrom: fieldRef: apiVersion: v1 fieldPath: metadata.namespace image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }}-readiness {{ end -}} {{ include "common.certInitializer.initContainer" . | indent 6 }} {{ if .Values.global.cmpv2Enabled }} - name: certs-init image: "{{ .Values.global.repository }}/{{ .Values.global.platform.certServiceClient.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} env: - name: REQUEST_URL value: {{ .Values.global.platform.certServiceClient.envVariables.requestURL }} - name: REQUEST_TIMEOUT value: "30000" - name: OUTPUT_PATH value: {{ .Values.global.platform.certServiceClient.envVariables.cert_path }} - name: CA_NAME value: {{ .Values.global.platform.certServiceClient.envVariables.caName }} - name: COMMON_NAME value: {{ .Values.global.platform.certServiceClient.envVariables.common_name }} - name: ORGANIZATION value: {{ .Values.global.platform.certServiceClient.envVariables.cmpv2Organization }} - name: ORGANIZATION_UNIT value: {{ .Values.global.platform.certServiceClient.envVariables.cmpv2OrganizationalUnit }} - name: LOCATION value: {{ .Values.global.platform.certServiceClient.envVariables.cmpv2Location }} - name: STATE value: {{ .Values.global.platform.certServiceClient.envVariables.cmpv2State }} - name: COUNTRY value: {{ .Values.global.platform.certServiceClient.envVariables.cmpv2Country }} - name: KEYSTORE_PATH value: {{ .Values.global.platform.certServiceClient.envVariables.keystorePath }} - name: KEYSTORE_PASSWORD value: {{ .Values.global.platform.certServiceClient.envVariables.keystorePassword }} - name: TRUSTSTORE_PATH value: {{ .Values.global.platform.certServiceClient.envVariables.truststorePath }} - name: TRUSTSTORE_PASSWORD value: {{ .Values.global.platform.certServiceClient.envVariables.truststorePassword }} terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - mountPath: {{ .Values.global.platform.certServiceClient.envVariables.cert_path }} name: certs - mountPath: {{ .Values.global.platform.certServiceClient.secret.mountPath }} name: certservice-tls-volume {{ end }} - name: {{ include "common.name" . }}-chown image: {{ .Values.global.busyboxRepository | default .Values.busyboxRepository }}/{{ .Values.global.busyboxImage | default .Values.busyboxImage }} command: - sh args: - -c - chown -R {{ .Values.config.odlUid }}:{{ .Values.config.odlGid}} {{ .Values.persistence.mdsalPath }} {{- if .Values.global.aafEnabled }} - chown -R {{ .Values.config.odlUid }}:{{ .Values.config.odlGid}} {{ .Values.certInitializer.credsPath }} {{- end }} volumeMounts: {{ include "common.certInitializer.volumeMount" . | indent 10 }} - mountPath: {{ .Values.persistence.mdsalPath }} name: {{ include "common.fullname" . }}-data containers: - name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: ["/bin/bash"] args: ["-c", "/opt/onap/sdnc/bin/startODL.sh"] ports: - containerPort: {{ .Values.service.internalPort }} - containerPort: {{ .Values.service.internalPort2 }} - containerPort: {{ .Values.service.internalPort3 }} - containerPort: {{ .Values.service.clusterPort }} readinessProbe: tcpSocket: port: {{ .Values.service.internalPort }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} env: - name: MYSQL_ROOT_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-root-password" "key" "password") | indent 12 }} - name: ODL_ADMIN_USERNAME {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "login") | indent 12 }} - name: ODL_ADMIN_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "password") | indent 12 }} - name: SDNC_DB_USER {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 12 }} - name: SDNC_DB_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 12 }} - name: SDNC_CONFIG_DIR value: "{{ .Values.config.configDir }}" - name: ENABLE_ODL_CLUSTER value: "{{ .Values.config.enableClustering }}" - name: MY_ODL_CLUSTER value: "{{ .Values.config.myODLCluster }}" - name: PEER_ODL_CLUSTER value: "{{ .Values.config.peerODLCluster }}" - name: IS_PRIMARY_CLUSTER value: "{{ .Values.config.isPrimaryCluster }}" - name: GEO_ENABLED value: "{{ .Values.config.geoEnabled}}" - name: SDNC_AAF_ENABLED value: "{{ .Values.global.aafEnabled}}" - name: SDNC_REPLICAS value: "{{ .Values.replicaCount }}" - name: MYSQL_HOST value: {{ include "common.mariadbService" . }} - name: JAVA_HOME value: "{{ .Values.config.javaHome}}" - name: JAVA_OPTS value: "-Xms{{.Values.config.odl.javaOptions.minMemory}} -Xmx{{.Values.config.odl.javaOptions.maxMemory}}" - name: KARAF_CONSOLE_LOG_LEVEL value: "{{ include "common.log.level" . }}" - name: SDNRWT value: "{{ .Values.config.sdnr.enabled | default "false"}}" {{- if eq .Values.config.sdnr.mode "web" }} - name: SDNRDM value: "true" {{- end }} - name: SDNRONLY value: "{{ .Values.config.sdnr.sdnronly | default "false" }}" - name: SDNRDBURL {{- $prefix := ternary "https" "http" .Values.global.aafEnabled}} value: "{{$prefix}}://{{ .Values.elasticsearch.service.name | default "sdnrdb"}}.{{.Release.Namespace}}:{{.Values.elasticsearch.service.port | default "9200"}}" {{- if .Values.config.sdnr.sdnrdbTrustAllCerts }} - name: SDNRDBTRUSTALLCERTS value: "true" {{ end }} volumeMounts: {{ include "common.certInitializer.volumeMount" . | indent 10 }} - mountPath: /etc/localtime name: localtime readOnly: true - mountPath: /opt/opendaylight/current/etc/org.ops4j.pax.logging.cfg name: sdnc-logging-cfg-config subPath: org.ops4j.pax.logging.cfg - mountPath: {{ .Values.config.binDir }}/installSdncDb.sh name: bin subPath: installSdncDb.sh - mountPath: {{ .Values.config.ccsdkConfigDir }}/aaiclient.properties name: properties subPath: aaiclient.properties - mountPath: {{ .Values.config.configDir }}/aaiclient.properties name: properties subPath: aaiclient.properties - mountPath: {{ .Values.config.configDir }}/dblib.properties name: properties subPath: dblib.properties - mountPath: {{ .Values.config.configDir }}/lcm-dg.properties name: properties subPath: lcm-dg.properties - mountPath: {{ .Values.config.configDir }}/svclogic.properties name: properties subPath: svclogic.properties - mountPath: /opt/onap/sdnc/svclogic/config/svclogic.properties name: properties subPath: svclogic.properties - mountPath: {{ .Values.config.configDir }}/netbox.properties name: properties subPath: netbox.properties - mountPath: {{ .Values.config.configDir }}/blueprints-processor-adaptor.properties name: properties subPath: blueprints-processor-adaptor.properties - mountPath: {{ .Values.persistence.mdsalPath }} name: {{ include "common.fullname" . }}-data - mountPath: /var/log/onap name: logs - mountPath: {{ .Values.config.odl.salConfigDir }}/{{ .Values.config.odl.salConfigVersion}}/sal-clustering-config-{{ .Values.config.odl.salConfigVersion}}-akkaconf.xml name: properties subPath: akka.conf - mountPath: {{ .Values.config.odl.etcDir }}/org.opendaylight.controller.cluster.datastore.cfg name: properties subPath: org.opendaylight.controller.cluster.datastore.cfg - mountPath: {{ .Values.config.odl.binDir }}/setenv name: properties subPath: setenv - mountPath: {{ .Values.config.odl.etcDir }}/mountpoint-registrar.properties name: properties subPath: mountpoint-registrar.properties - mountPath: {{ .Values.config.odl.etcDir }}/mountpoint-state-provider.properties name: properties subPath: mountpoint-state-provider.properties {{ if .Values.global.cmpv2Enabled }} - mountPath: {{ .Values.global.platform.certServiceClient.envVariables.cert_path }} name: certs {{- end }} resources: {{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} {{- end -}} {{- if .Values.affinity }} affinity: {{ toYaml .Values.affinity | indent 10 }} {{- end }} # side car containers - name: filebeat-onap image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: - mountPath: /usr/share/filebeat/filebeat.yml name: filebeat-conf subPath: filebeat.yml - mountPath: /var/log/onap name: logs - mountPath: /usr/share/filebeat/data name: data-filebeat imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" volumes: - name: localtime hostPath: path: /etc/localtime - name: logs emptyDir: {} - name: data-filebeat emptyDir: {} - name: filebeat-conf configMap: name: {{ include "common.fullname" . }}-filebeat-configmap - name: sdnc-logging-cfg-config configMap: name: {{ include "common.fullname" . }}-log-configmap - name: bin configMap: name: {{ include "common.fullname" . }}-bin defaultMode: 0755 - name: config-input configMap: name: {{ include "common.fullname" . }}-properties defaultMode: 0644 - name: properties emptyDir: medium: Memory {{ if .Values.global.cmpv2Enabled }} - name: certs emptyDir: medium: Memory - name: certservice-tls-volume secret: secretName: {{ .Values.global.platform.certServiceClient.secret.name }} {{- end }} {{ if not .Values.persistence.enabled }} - name: {{ include "common.fullname" . }}-data emptyDir: {} {{ else }} {{ include "common.certInitializer.volumes" . | nindent 8 }} volumeClaimTemplates: - metadata: name: {{ include "common.fullname" . }}-data labels: name: {{ include "common.fullname" . }} chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" release: "{{ include "common.release" . }}" heritage: "{{ .Release.Service }}" spec: accessModes: - {{ .Values.persistence.accessMode }} storageClassName: {{ include "common.storageClass" . }} resources: requests: storage: {{ .Values.persistence.size }} {{- end }}