- name: mariadb-galera
alias: mariadb
version: ~6.x-0
- repository: '@local'
\ No newline at end of file
+ repository: '@local'
+ - name: certInitializer
+ version: ~6.x-0
+ repository: '@local'
apiVersion: v1
fieldPath: metadata.namespace
{{- if .Values.global.aafEnabled }}
- - name: {{ include "common.name" . }}-aaf-readiness
- image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command:
- - /root/ready.py
- args:
- - --container-name
- - aaf-locate
- - --container-name
- - aaf-cm
- - --container-name
- - aaf-service
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- - name: {{ include "common.name" . }}-dr-prov-aaf-config
- image: "{{ include "common.repository" . }}/{{ .Values.global.aafAgentImage }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command: ["bash","-c","exec /opt/app/aaf_config/bin/agent.sh"]
- volumeMounts:
- - mountPath: {{ .Values.persistence.aafCredsPath }}
- name: {{ include "common.fullname" . }}-aaf-config-vol
- env:
- - name: APP_FQI
- value: "{{ .Values.aafConfig.fqi }}"
- - name: aaf_locate_url
- value: "https://aaf-locate.{{ .Release.Namespace }}:8095"
- - name: aaf_locator_container
- value: "{{ .Values.global.aafLocatorContainer }}"
- - name: aaf_locator_container_ns
- value: "{{ .Release.Namespace }}"
- - name: aaf_locator_fqdn
- value: "{{ .Values.aafConfig.fqdn }}"
- - name: aaf_locator_public_fqdn
- value: "{{.Values.aafConfig.publicFqdn}}"
- - name: aaf_locator_app_ns
- value: "{{ .Values.global.aafAppNs }}"
- - name: DEPLOY_FQI
- value: "{{ .Values.aafConfig.aafDeployFqi }}"
- - name: DEPLOY_PASSWORD
- value: "{{ .Values.aafConfig.aafDeployPass }}"
- - name: cadi_longitude
- value: "{{ .Values.aafConfig.cadiLongitude }}"
- - name: cadi_latitude
- value: "{{ .Values.aafConfig.cadiLatitude }}"
+
+ {{ include "common.certInitializer.initContainer" . | nindent 8 }}
+
- name: {{ include "common.name" . }}-permission-fixer
image: "{{ .Values.global.busyBoxRepository }}/{{ .Values.global.busyBoxImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- volumeMounts:
- - mountPath: {{ .Values.persistence.aafCredsPath }}
- name: {{ include "common.fullname" . }}-aaf-config-vol
+ volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
command: ["chown","-Rf","1000:1001", "/opt/app/"]
+
{{ end }}
containers:
- name: {{ include "common.name" . }}
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmaap-dr-db-user-secret" "key" "login") | indent 12 }}
- name: DB_PASSWORD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmaap-dr-db-user-secret" "key" "password") | indent 12 }}
- volumeMounts:
- {{- if .Values.global.aafEnabled }}
- - mountPath: {{ .Values.persistence.aafCredsPath }}
- name: {{ include "common.fullname" . }}-aaf-config-vol
- {{- end }}
+ volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
- mountPath: /etc/localtime
name: localtime
readOnly: false
mountPath: /usr/share/filebeat/data
- name: {{ include "common.fullname" . }}-logs
mountPath: /var/log/onap/datarouter-prov
- volumes:
+ volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }}
- name: localtime
hostPath:
path: /etc/localtime
emptyDir: {}
- name: {{ include "common.fullname" . }}-logs
emptyDir: {}
- {{- if .Values.global.aafEnabled }}
- - name: {{ include "common.fullname" . }}-aaf-config-vol
- {{- if .Values.persistence.enabled }}
- persistentVolumeClaim:
- claimName: {{ include "common.fullname" . }}-aaf-props
- {{- else }}
- emptyDir: {}
- {{- end }}
- {{- end }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
+++ /dev/null
-{{/*
- # ============LICENSE_START=======================================================
- # Copyright (C) 2019 Nordix Foundation.
- # ================================================================================
- # Licensed under the Apache License, Version 2.0 (the "License");
- # you may not use this file except in compliance with the License.
- # You may obtain a copy of the License at
- #
- # http://www.apache.org/licenses/LICENSE-2.0
- #
- # Unless required by applicable law or agreed to in writing, software
- # distributed under the License is distributed on an "AS IS" BASIS,
- # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- # See the License for the specific language governing permissions and
- # limitations under the License.
- #
- # SPDX-License-Identifier: Apache-2.0
- # ============LICENSE_END=========================================================
-*/}}
-{{- if .Values.global.aafEnabled }}
-{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }}
-{{- if eq "True" (include "common.needPV" .) -}}
-kind: PersistentVolume
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}-aaf-props
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}-aaf-props
- chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- release: "{{ include "common.release" . }}"
- heritage: "{{ .Release.Service }}"
- name: {{ include "common.fullname" . }}-aaf-props
-spec:
- capacity:
- storage: {{ .Values.persistence.aafCredsSize}}
- accessModes:
- - {{ .Values.persistence.accessMode }}
- storageClassName: "{{ include "common.fullname" . }}-data"
- persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
- hostPath:
- path: {{ .Values.persistence.mountPath }}/{{ include "common.release" . }}/{{ .Values.persistence.aafCredsMountSubPath }}
-{{ end -}}
-{{- end -}}
-{{- end -}}
+++ /dev/null
-{{/*
- # ============LICENSE_START=======================================================
- # Copyright (C) 2019 Nordix Foundation.
- # ================================================================================
- # Licensed under the Apache License, Version 2.0 (the "License");
- # you may not use this file except in compliance with the License.
- # You may obtain a copy of the License at
- #
- # http://www.apache.org/licenses/LICENSE-2.0
- #
- # Unless required by applicable law or agreed to in writing, software
- # distributed under the License is distributed on an "AS IS" BASIS,
- # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- # See the License for the specific language governing permissions and
- # limitations under the License.
- #
- # SPDX-License-Identifier: Apache-2.0
- # ============LICENSE_END=========================================================
-*/}}
-{{- if .Values.global.aafEnabled }}
-{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }}
-kind: PersistentVolumeClaim
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}-aaf-props
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
- release: "{{ include "common.release" . }}"
- heritage: "{{ .Release.Service }}"
-{{- if .Values.persistence.annotations }}
- annotations:
-{{ toYaml .Values.persistence.annotations | indent 4 }}
-{{- end }}
-spec:
- accessModes:
- - {{ .Values.persistence.accessMode }}
- storageClassName: {{ include "common.storageClass" . }}
- resources:
- requests:
- storage: {{ .Values.persistence.aafCredsSize }}
-{{ end -}}
-{{ end -}}
#################################################################
secrets:
- uid: dmaap-dr-db-user-secret
- name: '{{ include "common.release" . }}-dmaap-dr-db-user-secret'
+ name: &dbSecretName '{{ include "common.release" . }}-dmaap-dr-db-user-secret'
type: basicAuth
externalSecret: '{{ tpl (default "" .Values.config.dmaapDrDb.userCredentialsExternalSecret) . }}'
login: '{{ .Values.config.dmaapDrDb.userName }}'
accessMode: ReadWriteOnce
mountPath: /dockerdata-nfs
- aafCredsMountSubPath: data-router/dr-prov/aaf-props
- aafCredsSize: 10M
- aafCredsPath: /opt/app/osaaf/local
-
ingress:
enabled: false
service:
nameOverride: dmaap-dr-db
replicaCount: 2
config:
- userCredentialsExternalSecret: '{{ include "common.release" . }}-dmaap-dr-db-user-secret'
+ userCredentialsExternalSecret: *dbSecretName
mysqlDatabase: datarouter
service:
name: dmaap-dr-db-svc
mountSubPath: data-router/dr-db-data
disableNfsProvisioner: true
-#AAF local config
-aafConfig:
+#################################################################
+# AAF part
+#################################################################
+certInitializer:
+ nameOverride: dmaap-dr-prov-cert-initializer
aafDeployFqi: deployer@people.osaaf.org
aafDeployPass: demo123456!
+# aafDeployCredsExternalSecret: some secret
fqdn: dmaap-dr-prov
fqi: dmaap-dr-prov@dmaap-dr.onap.org
publicFqdn: dmaap-dr.onap.org
cadiLatitude: 0.0
cadiLongitude: 0.0
+ app_ns: org.osaaf.aaf
+ credsPath: /opt/app/osaaf/local
+
# Resource Limit flavor -By Default using small
flavor: small
Code Review / oom.git / commitdiff