heritage: {{ .Release.Service }}
spec:
replicas: {{ .Values.replicaCount }}
+ minReadySeconds: {{ .Values.minReadySeconds }}
+ strategy:
+ type: {{ .Values.updateStrategy.type }}
+ rollingUpdate:
+ maxUnavailable: {{ .Values.updateStrategy.maxUnavailable }}
+ maxSurge: {{ .Values.updateStrategy.maxSurge }}
selector:
matchLabels:
app: {{ include "common.name" . }}
{{- end }}
spec:
hostname: aai-traversal
+ terminationGracePeriodSeconds: {{ .Values.service.terminationGracePeriodSeconds }}
initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }}
- command:
- /app/ready.py
value: {{ .Values.global.config.userId | quote }}
- name: LOCAL_GROUP_ID
value: {{ .Values.global.config.groupId | quote }}
+ - name: INTERNAL_PORT_1
+ value: {{ .Values.service.internalPort | quote }}
+ - name: INTERNAL_PORT_2
+ value: {{ .Values.service.internalPort2 | quote }}
+ - name: INTERNAL_PORT_3
+ value: {{ .Values.service.internalPort3 | quote }}
volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 8 }}
- mountPath: /etc/localtime
name: localtime
name: {{ include "common.fullname" . }}-config
subPath: aaiconfig.properties
- mountPath: /opt/aai/logroot/AAI-GQ
- name: {{ include "common.fullname" . }}-logs
+ name: logs
- mountPath: /opt/aai/logroot/AAI-GQ/misc
name: {{ include "common.fullname" . }}-logs-misc
- mountPath: /opt/app/aai-traversal/resources/logback.xml
- mountPath: /opt/app/aai-traversal/resources/application.properties
name: {{ include "common.fullname" . }}-config
subPath: application.properties
+ - mountPath: /opt/app/aai-traversal/resources/application-keycloak.properties
+ name: {{ include "common.fullname" . }}-config
+ subPath: application-keycloak.properties
ports:
- containerPort: {{ .Values.service.internalPort }}
- containerPort: {{ .Values.service.internalPort2 }}
+ - containerPort: {{ .Values.service.internalPort3 }}
+ lifecycle:
+ # wait for active requests (long-running tasks) to be finished
+ # Before the SIGTERM is invoked, Kubernetes exposes a preStop hook in the Pod.
+ preStop:
+ exec:
+ command:
+ - sh
+ - -c
+ - |
+ while (netstat -an | grep ESTABLISHED | grep -e $INTERNAL_PORT_1 -e $INTERNAL_PORT_2)
+ do sleep 10
+ done
# disable liveness probe when breakpoints set in debugger
# so K8s doesn't restart unresponsive container
{{ if .Values.liveness.enabled }}
livenessProbe:
- tcpSocket:
+ httpGet:
+ path: /aai/util/echo?action=checkDB
port: {{ .Values.service.internalPort }}
+ scheme: HTTP{{ (eq "true" (include "common.needTLS" .)) | ternary "S" "" }}
+ httpHeaders:
+ - name: X-FromAppId
+ value: LivenessCheck
+ - name: X-TransactionId
+ value: LiveCheck_TID
+ - name: Accept
+ value: application/json
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
{{ end }}
readinessProbe:
- tcpSocket:
+ httpGet:
+ path: /aai/util/echo?action=checkDB
port: {{ .Values.service.internalPort }}
+ scheme: HTTP{{ (eq "true" (include "common.needTLS" .)) | ternary "S" "" }}
+ httpHeaders:
+ - name: X-FromAppId
+ value: ReadinessCheck
+ - name: X-TransactionId
+ value: ReadinessCheck_TID
+ - name: Accept
+ value: application/json
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
- resources:
-{{ include "common.resources" . }}
+ resources: {{ include "common.resources" . | nindent 12 }}
{{- if .Values.nodeSelector }}
nodeSelector:
{{ toYaml .Values.nodeSelector | indent 8 }}
{{- end }}
# side car containers
- - name: filebeat-onap
- image: {{ include "repositoryGenerator.image.logging" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- volumeMounts:
- - mountPath: /usr/share/filebeat/filebeat.yml
- subPath: filebeat.yml
- name: filebeat-conf
- - mountPath: /var/log/onap
- name: {{ include "common.fullname" . }}-logs
- - mountPath: /usr/share/filebeat/data
- name: {{ include "common.fullname" . }}-filebeat
- resources:
-{{ include "common.resources" . }}
+ {{ include "common.log.sidecar" . | nindent 6 }}
+ serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }}
- name: localtime
hostPath:
path: /etc/localtime
- - name: filebeat-conf
- configMap:
- name: aai-filebeat
- - name: {{ include "common.fullname" . }}-logs
+ - name: logs
emptyDir: {}
- name: {{ include "common.fullname" . }}-logs-misc
emptyDir: {}
- - name: {{ include "common.fullname" . }}-filebeat
- emptyDir: {}
+ {{ include "common.log.volumes" (dict "dot" . "configMapNamePrefix" (tpl .Values.logConfigMapNamePrefix .)) | nindent 6 }}
- name: {{ include "common.fullname" . }}-config
configMap:
name: {{ include "common.fullname" . }}
Code Review / oom.git / blobdiff