Merge "Update Keystore cert"

[oom.git] / kubernetes / aai / templates / deployment.yaml

diff --git a/kubernetes/aai/templates/deployment.yaml b/kubernetes/aai/templates/deployment.yaml
index 46d7c64..17680a0 100644 (file)
--- a/kubernetes/aai/templates/deployment.yaml
+++ b/kubernetes/aai/templates/deployment.yaml
@@ -1,3 +1,18 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
 apiVersion: extensions/v1beta1
 kind: Deployment
 metadata:
@@ -16,13 +31,19 @@ spec:
         app: {{ include "common.name" . }}
         release: {{ .Release.Name }}
       name: {{ .Release.Name }}
+      annotations:
+        checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
     spec:
       initContainers:
       - command:
         - /root/ready.py
         args:
         - --container-name
+        - aai-resources
+        - --container-name
         - aai-traversal
+        - --container-name
+        - aai-graphadmin
         env:
         - name: NAMESPACE
           valueFrom:
@@ -43,7 +64,11 @@ spec:
         - mountPath: /dev/log
           name: aai-service-log
         - mountPath: /usr/local/etc/haproxy/haproxy.cfg
+        {{ if .Values.global.installSidecarSecurity }}
+          subPath: haproxy-pluggable-security.cfg
+        {{ else }}
           subPath: haproxy.cfg
+        {{ end }}
           name: haproxy-cfg
         ports:
         - containerPort: {{ .Values.service.internalPort }}
@@ -58,19 +83,32 @@ spec:
           periodSeconds: {{ .Values.liveness.periodSeconds }}
         {{ end -}}
         readinessProbe:
-          tcpSocket:
+          httpGet:
+            path: /aai/util/echo
             port: {{ .Values.service.internalPort2 }}
+            scheme: HTTPS
+            httpHeaders:
+            - name: X-FromAppId
+              value: OOM_ReadinessCheck
+      {{ if .Values.global.installSidecarSecurity }}
+            - name: Authorization
+              value: Basic YWFpQGFhaS5vbmFwLm9yZzpkZW1vMTIzNDU2IQ==
+      {{ end }}
+            - name: X-TransactionId
+              value: {{ uuidv4 }}
+            - name: Accept
+              value: application/json
           initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
           periodSeconds: {{ .Values.readiness.periodSeconds }}
         resources:
-{{ toYaml .Values.resources | indent 12 }}
+{{ include "common.resources" . }}
       {{- if .Values.nodeSelector }}
       nodeSelector:
-{{ toYaml .Values.nodeSelector | indent 10 }}
+{{ toYaml .Values.nodeSelector | indent 8 }}
       {{- end -}}
       {{- if .Values.affinity }}
       affinity:
-{{ toYaml .Values.affinity | indent 10 }}
+{{ toYaml .Values.affinity | indent 8 }}
       {{- end }}
 
       volumes: