From: farida azmy Date: Wed, 17 Mar 2021 09:33:28 +0000 (+0200) Subject: [DMAAP] Update chart with service account X-Git-Tag: 9.0.0~180^2 X-Git-Url: https://gerrit.onap.org/r/gitweb?p=oom.git;a=commitdiff_plain;h=13388baca0e98f0f870ba77f40e2e2a944cf08d0 [DMAAP] Update chart with service account Add service account to requirements.yaml, values.yaml and deployment/statefulset Issue-ID: OOM-2702 Signed-off-by: farida azmy Co-authored-by: Sylvain Desbureaux Change-Id: Id63ae33ce92a5192d43ff0f782487b3974fc5f41 --- diff --git a/kubernetes/dmaap/components/dmaap-bc/requirements.yaml b/kubernetes/dmaap/components/dmaap-bc/requirements.yaml index 95f841632c..7c26bb83b1 100644 --- a/kubernetes/dmaap/components/dmaap-bc/requirements.yaml +++ b/kubernetes/dmaap/components/dmaap-bc/requirements.yaml @@ -26,3 +26,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml b/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml index eaad403dc8..a0b6fdad8d 100644 --- a/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml +++ b/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml @@ -114,6 +114,7 @@ spec: {{- if .Values.affinity }} affinity: {{ toYaml .Values.affinity | nindent 10 }} {{- end }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }} - name: localtime hostPath: diff --git a/kubernetes/dmaap/components/dmaap-bc/values.yaml b/kubernetes/dmaap/components/dmaap-bc/values.yaml index 65242b4a4f..a3d42d2130 100644 --- a/kubernetes/dmaap/components/dmaap-bc/values.yaml +++ b/kubernetes/dmaap/components/dmaap-bc/values.yaml @@ -163,3 +163,9 @@ resources: cpu: 2 memory: 2Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: dmaap-bc + roles: + - read diff --git a/kubernetes/dmaap/components/dmaap-dr-node/requirements.yaml b/kubernetes/dmaap/components/dmaap-dr-node/requirements.yaml index d96058de91..97ba957f4f 100644 --- a/kubernetes/dmaap/components/dmaap-dr-node/requirements.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-node/requirements.yaml @@ -25,3 +25,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml b/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml index 40a4d7db93..dfb435ce04 100644 --- a/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml @@ -102,6 +102,7 @@ spec: mountPath: /var/log/onap/datarouter-node imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "common.aaf-config-volumes" . | nindent 8 }} - name: localtime hostPath: diff --git a/kubernetes/dmaap/components/dmaap-dr-node/values.yaml b/kubernetes/dmaap/components/dmaap-dr-node/values.yaml index 1d55a13bd9..ee231a0c06 100644 --- a/kubernetes/dmaap/components/dmaap-dr-node/values.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-node/values.yaml @@ -154,3 +154,9 @@ config: # dr uses the EELF Logging framework https://github.com/att/EELF # and supports the following log levels: TRACE, DEBUG, INFO, WARN, ERROR, OFF logLevel: "INFO" + +#Pods Service Account +serviceAccount: + nameOverride: dmaap-dr-node + roles: + - read diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/requirements.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/requirements.yaml index ed03e05b2e..65867f50af 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/requirements.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/requirements.yaml @@ -32,3 +32,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml index 5c94116bac..61678961cc 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml @@ -118,6 +118,7 @@ spec: mountPath: /usr/share/filebeat/data - name: {{ include "common.fullname" . }}-logs mountPath: /var/log/onap/datarouter-prov + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }} - name: localtime hostPath: diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml index a82eef85d4..7564ccfc78 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml @@ -154,3 +154,9 @@ resources: cpu: 1000m memory: 2Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: dmaap-dr-prov + roles: + - read diff --git a/kubernetes/dmaap/components/message-router/components/message-router-kafka/requirements.yaml b/kubernetes/dmaap/components/message-router/components/message-router-kafka/requirements.yaml index 68c3169e68..c212f38b39 100644 --- a/kubernetes/dmaap/components/message-router/components/message-router-kafka/requirements.yaml +++ b/kubernetes/dmaap/components/message-router/components/message-router-kafka/requirements.yaml @@ -26,3 +26,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/statefulset.yaml index 48a2eb197e..7cedbf89d1 100644 --- a/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/statefulset.yaml +++ b/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/statefulset.yaml @@ -220,6 +220,7 @@ spec: tolerations: {{ toYaml .Values.tolerations | indent 10 }} {{- end }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }} - name: localtime hostPath: diff --git a/kubernetes/dmaap/components/message-router/components/message-router-kafka/values.yaml b/kubernetes/dmaap/components/message-router/components/message-router-kafka/values.yaml index 04d7cee705..5732c5de0e 100644 --- a/kubernetes/dmaap/components/message-router/components/message-router-kafka/values.yaml +++ b/kubernetes/dmaap/components/message-router/components/message-router-kafka/values.yaml @@ -219,3 +219,9 @@ resources: cpu: 1000m memory: 2Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: message-router-kafka + roles: + - read diff --git a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/requirements.yaml b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/requirements.yaml index 343812db25..20cc48f360 100644 --- a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/requirements.yaml +++ b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/requirements.yaml @@ -23,3 +23,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/statefulset.yaml index 5ea5bc53b7..f5473ec589 100644 --- a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/statefulset.yaml +++ b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/statefulset.yaml @@ -187,6 +187,7 @@ spec: tolerations: {{ toYaml .Values.tolerations | indent 10 }} {{- end }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: - name: localtime hostPath: diff --git a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/values.yaml b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/values.yaml index 64c29db935..6863acc7a2 100644 --- a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/values.yaml +++ b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/values.yaml @@ -151,3 +151,9 @@ resources: cpu: 1000m memory: 2Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: message-router-zookeeper + roles: + - read diff --git a/kubernetes/dmaap/components/message-router/requirements.yaml b/kubernetes/dmaap/components/message-router/requirements.yaml index 5adbb623bd..00d14549cd 100644 --- a/kubernetes/dmaap/components/message-router/requirements.yaml +++ b/kubernetes/dmaap/components/message-router/requirements.yaml @@ -33,3 +33,6 @@ dependencies: - name: message-router-zookeeper version: ~8.x-0 repository: 'file://components/message-router-zookeeper' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/dmaap/components/message-router/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/templates/statefulset.yaml index c0d32a362b..9bad341792 100644 --- a/kubernetes/dmaap/components/message-router/templates/statefulset.yaml +++ b/kubernetes/dmaap/components/message-router/templates/statefulset.yaml @@ -137,6 +137,7 @@ spec: name: jetty {{- end }} resources: {{ include "common.resources" . | nindent 12 }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }} - name: localtime hostPath: diff --git a/kubernetes/dmaap/components/message-router/values.yaml b/kubernetes/dmaap/components/message-router/values.yaml index d0b162b45e..7028bb1263 100644 --- a/kubernetes/dmaap/components/message-router/values.yaml +++ b/kubernetes/dmaap/components/message-router/values.yaml @@ -153,3 +153,9 @@ resources: cpu: 1000m memory: 2Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: message-router + roles: + - read diff --git a/kubernetes/dmaap/requirements.yaml b/kubernetes/dmaap/requirements.yaml index d62273499e..268ff70467 100644 --- a/kubernetes/dmaap/requirements.yaml +++ b/kubernetes/dmaap/requirements.yaml @@ -33,3 +33,6 @@ dependencies: version: ~8.x-0 repository: 'file://components/dmaap-dr-prov' condition: dmaap-dr-prov.enabled + - name: serviceAccount + version: ~8.x-0 + repository: '@local' \ No newline at end of file diff --git a/kubernetes/dmaap/values.yaml b/kubernetes/dmaap/values.yaml index c1ba7547db..b7f0735c8d 100644 --- a/kubernetes/dmaap/values.yaml +++ b/kubernetes/dmaap/values.yaml @@ -54,3 +54,9 @@ dmaap-dr-node: enabled: true dmaap-dr-prov: enabled: true + +#Pods Service Account +serviceAccount: + nameOverride: dmaap + roles: + - read