+{{/*
# Copyright (c) 2018 Amdocs, Bell Canada, AT&T
# Modifications Copyright (c) 2020 Nokia, Orange
#
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-
+*/}}
apiVersion: apps/v1
kind: Deployment
matchLabels:
app: {{ include "common.name" . }}
replicas: {{ .Values.replicaCount }}
+ strategy:
+ type: {{ .Values.updateStrategy.type }}
+ {{- if (eq "RollingUpdate" .Values.updateStrategy.type) }}
+ rollingUpdate:
+ maxUnavailable: {{ .Values.updateStrategy.maxUnavailable }}
+ maxSurge: {{ .Values.updateStrategy.maxSurge }}
+ {{- end }}
template:
metadata:
labels:
annotations:
checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
spec:
- initContainers:
+ terminationGracePeriodSeconds: {{ .Values.service.terminationGracePeriodSeconds }}
+ initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }}
- command:
- /app/ready.py
args:
image: {{ include "repositoryGenerator.image.readiness" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
name: {{ include "common.name" . }}-readiness
+ resources:
+ requests:
+ memory: {{ .Values.haproxy.initContainers.resources.memory }}
+ cpu: {{ .Values.haproxy.initContainers.resources.cpu }}
+ limits:
+ memory: {{ .Values.haproxy.initContainers.resources.memory }}
+ cpu: {{ .Values.haproxy.initContainers.resources.cpu }}
containers:
- name: {{ include "common.name" . }}
image: "{{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image }}"
subPath: haproxy.cfg
{{ end }}
name: haproxy-cfg
- - mountPath: /etc/ssl/private/aai.pem
- name: aai-pem
- subPath: aai.pem
+ {{- include "common.certInitializer.volumeMount" . | nindent 8 }}
ports:
- containerPort: {{ .Values.service.internalPort }}
+ - containerPort: {{ .Values.service.internalPlainPort }}
+ - containerPort: {{ .Values.metricsService.internalPort }}
# disable liveness probe when breakpoints set in debugger
# so K8s doesn't restart unresponsive container
{{- if eq .Values.liveness.enabled true }}
livenessProbe:
tcpSocket:
- port: {{ .Values.service.internalPort }}
+ port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort .Values.service.internalPlainPort }}
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
{{ end -}}
readinessProbe:
httpGet:
path: /aai/util/echo
- port: {{ .Values.service.internalPort }}
- scheme: HTTPS
+ port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort .Values.service.internalPlainPort }}
+ #scheme: HTTPS
+ scheme: {{ (eq "true" (include "common.needTLS" .)) | ternary "HTTPS" "HTTP" }}
httpHeaders:
- name: X-FromAppId
value: OOM_ReadinessCheck
affinity:
{{ toYaml .Values.affinity | indent 8 }}
{{- end }}
-
+ serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes:
- name: localtime
hostPath:
- name: haproxy-cfg
configMap:
name: aai-deployment-configmap
- - name: aai-pem
- secret:
- secretName: aai-haproxy-secret
+ {{ include "common.certInitializer.volumes" . | nindent 8 }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
Code Review / oom.git / blobdiff