persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
hostPath:
path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
-{{- end -}}
+{{- end -}}
\ No newline at end of file
storageClassName: "{{ .Values.persistence.storageClass }}"
{{- end }}
{{- end }}
-{{- end -}}
+{{- end -}}
\ No newline at end of file
- name: SDC_PASSWORD
valueFrom:
secretKeyRef: {name: {{ .Release.Name }}-sdc-cs-secrets, key: sdc_password}
+ - name: SDC_CERT_DIR
+ value: {{ .Values.cert.certDir }}
volumeMounts:
- name: {{ include "common.fullname" . }}-environments
mountPath: /root/chef-solo/environments/
- name: {{ include "common.fullname" . }}-logback
mountPath: /tmp/logback.xml
subPath: logback.xml
+ - name: {{ include "common.fullname" . }}-cert-storage
+ mountPath: "{{ .Values.cert.certDir }}"
lifecycle:
postStart:
exec:
defaultMode: 0755
- name: {{ include "common.fullname" . }}-logs
emptyDir: {}
+ - name: {{ include "common.fullname" . }}-cert-storage
+ persistentVolumeClaim:
+ claimName: {{ include "common.fullname" . }}-cert
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
--- /dev/null
+{{/*
+# ================================================================================
+# Copyright (C) 2019, Nordix Foundation. All rights reserved.
+# ================================================================================
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+{{- if and .Values.persistence.enabled (not .Values.cert.persistence.existingClaim) -}}
+kind: PersistentVolume
+apiVersion: v1
+metadata:
+ name: {{ include "common.fullname" . }}-cert
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
+ name: {{ include "common.fullname" . }}
+spec:
+ capacity:
+ storage: {{ .Values.cert.persistence.size}}
+ accessModes:
+ - {{ .Values.cert.persistence.accessMode }}
+ persistentVolumeReclaimPolicy: {{ .Values.cert.persistence.volumeReclaimPolicy }}
+ hostPath:
+ path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.cert.persistence.mountSubPath }}
+{{- end -}}
\ No newline at end of file
--- /dev/null
+{{/*
+# ================================================================================
+# Copyright (C) 2019, Nordix Foundation. All rights reserved.
+# ================================================================================
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+{{- if and .Values.cert.persistence.enabled (not .Values.cert.persistence.existingClaim) -}}
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+ name: {{ include "common.fullname" . }}-cert
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
+{{- if .Values.cert.persistence.annotations }}
+ annotations:
+{{ toYaml .Values.cert.persistence.annotations | indent 4 }}
+{{- end }}
+spec:
+ selector:
+ matchLabels:
+ name: {{ include "common.fullname" . }}
+ accessModes:
+ - {{ .Values.cert.persistence.accessMode }}
+ resources:
+ requests:
+ storage: {{ .Values.cert.persistence.size }}
+{{- if .Values.cert.persistence.storageClass }}
+{{- if (eq "-" .Values.cert.persistence.storageClass) }}
+ storageClassName: ""
+{{- else }}
+ storageClassName: "{{ .Values.cert.persistence.storageClass }}"
+{{- end }}
+{{- end }}
+{{- end -}}
\ No newline at end of file
mountPath: /dockerdata-nfs
mountSubPath: /sdc/sdc-cs/CS
+##Certificate storage persistence
+##This is temporary solution for SDC-1980
+cert:
+ certDir: /var/lib/jetty/cert
+ persistence:
+ enabled: true
+ size: 10Mi
+ accessMode: ReadOnlyMany
+ volumeReclaimPolicy: Retain
+ mountSubPath: /sdc/onbaording/cert
+
+
ingress:
enabled: false
Code Review / oom.git / commitdiff