[AAI] OOM AAI Rolling Update fixes

[oom.git] / kubernetes / aai / components / aai-babel / templates / deployment.yaml

diff --git a/kubernetes/aai/components/aai-babel/templates/deployment.yaml b/kubernetes/aai/components/aai-babel/templates/deployment.yaml
index db35406..e52ac7a 100644 (file)
--- a/kubernetes/aai/components/aai-babel/templates/deployment.yaml
+++ b/kubernetes/aai/components/aai-babel/templates/deployment.yaml
@@ -31,16 +31,35 @@ spec:
     matchLabels:
       app: {{ include "common.name" . }}
   replicas: {{ .Values.replicaCount }}
+  strategy:
+    type: {{ .Values.updateStrategy.type }}
+    {{- if (eq "RollingUpdate" .Values.updateStrategy.type) }}
+    rollingUpdate:
+      maxUnavailable: {{ .Values.updateStrategy.maxUnavailable }}
+      maxSurge: {{ .Values.updateStrategy.maxSurge }}
+    {{- end }}
   template:
     metadata:
       labels:
         app: {{ include "common.name" . }}
         release: {{ include "common.release" . }}
     spec:
+      initContainers:  {{ include "common.certInitializer.initContainer" . | nindent 6 }}
       containers:
         - name: {{ include "common.name" . }}
           image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+          {{- if .Values.global.aafEnabled }}
+          command:
+          - sh
+          args:
+          - -c
+          - |
+            echo "*** retrieve Truststore and Keystore password"
+            export $(cat {{ .Values.certInitializer.credsPath }}/mycreds.prop | xargs -0)
+            echo "*** actual launch of AAI Babel"
+            /bin/bash /opt/app/babel/bin/start.sh
+          {{- end }}
           ports:
           - containerPort: {{ .Values.service.internalPort }}
           # disable liveness probe when breakpoints set in debugger
@@ -58,37 +77,34 @@ spec:
             initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
             periodSeconds: {{ .Values.readiness.periodSeconds }}
           env:
+            {{- if not (include "common.needTLS" .) }}
+            - name: KEY_STORE_PASSWORD
+              value: NotUsed
+            {{- end }}
             - name: CONFIG_HOME
               value: /opt/app/babel/config
-            - name: KEY_STORE_PASSWORD
-              valueFrom:
-                secretKeyRef:
-                  name: {{ template "common.fullname" . }}-pass
-                  key: KEY_STORE_PASSWORD
-            - name: KEY_MANAGER_PASSWORD
-              valueFrom:
-                secretKeyRef:
-                  name: {{ template "common.fullname" . }}-pass
-                  key: KEY_MANAGER_PASSWORD
-          volumeMounts:
+          volumeMounts:  {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
           - mountPath: /etc/localtime
             name: localtime
             readOnly: true
+          - mountPath: /opt/app/babel/config/application.properties
+            name: config
+            subPath: application.properties
           - mountPath: /opt/app/babel/config/artifact-generator.properties
-            name: {{ include "common.fullname" . }}-config
+            name: config
             subPath: artifact-generator.properties
           - mountPath: /opt/app/babel/config/tosca-mappings.json
-            name: {{ include "common.fullname" . }}-config
+            name: config
             subPath: tosca-mappings.json
           - mountPath: /opt/app/babel/config/babel-auth.properties
-            name: {{ include "common.fullname" . }}-config
+            name: config
             subPath: babel-auth.properties
           - mountPath: /opt/app/babel/config/auth
-            name: {{ include "common.fullname" . }}-secrets
-          - mountPath: /var/log/onap
-            name: {{ include "common.fullname" . }}-logs
+            name: secrets
+          - mountPath: {{ .Values.log.path }}
+            name: logs
           - mountPath: /opt/app/babel/config/logback.xml
-            name: {{ include "common.fullname" . }}-config
+            name: config
             subPath: logback.xml
           resources:
 {{ include "common.resources" . }}
@@ -102,44 +118,21 @@ spec:
       {{- end }}
 
         # side car containers
-        - name: filebeat-onap
-          image: {{ include "repositoryGenerator.image.logging" . }}
-          imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-          volumeMounts:
-          - mountPath: /usr/share/filebeat/filebeat.yml
-            subPath: filebeat.yml
-            name: filebeat-conf
-          - mountPath: /var/log/onap
-            name: {{ include "common.fullname" . }}-logs
-          - mountPath: /usr/share/filebeat/data
-            name: aai-filebeat
+      {{ include "common.log.sidecar" . | nindent 8 }}
       serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
-      volumes:
+      volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }}
         - name: localtime
           hostPath:
             path: /etc/localtime
-        - name: {{ include "common.fullname" . }}-config
+        - name: config
           configMap:
             name: {{ include "common.fullname" . }}-configmap
-            items:
-            - key: artifact-generator.properties
-              path: artifact-generator.properties
-            - key: tosca-mappings.json
-              path: tosca-mappings.json
-            - key: babel-auth.properties
-              path: babel-auth.properties
-            - key: logback.xml
-              path: logback.xml
-        - name: {{ include "common.fullname" . }}-secrets
+        - name: secrets
           secret:
             secretName: {{ include "common.fullname" . }}-babel-secrets
-        - name: filebeat-conf
-          configMap:
-            name: aai-filebeat
-        - name: {{ include "common.fullname" . }}-logs
-          emptyDir: {}
-        - name: aai-filebeat
+        - name: logs
           emptyDir: {}
+        {{ include "common.log.volumes" (dict "dot" . "configMapNamePrefix" (tpl .Values.logConfigMapNamePrefix .)) | nindent 8 }}
 
       imagePullSecrets:
       - name: "{{ include "common.namespace" . }}-docker-registry-key"