OOM code transfer for AAI

Transfer code from oom/kubernetes/aai into the aai/oom tech team repo. Change-Id: I7bcd43ff9acbc12ae36c95e3ebcee567fb7572cf Issue-ID: CIMAN-250 Signed-off-by: Jessica Wagantall <jwagantall@linuxfoundation.org>
author: Jessica Wagantall <jwagantall@linuxfoundation.org> 2019-04-22 11:57:18 -0700
committer: Jessica Wagantall <jwagantall@linuxfoundation.org> 2019-04-22 11:58:36 -0700
commit: 9b34a8a4d357fc5a03875f99244f48bdd8b2d03e (patch)
tree: dbabc5e56188f200913bcefb75424febaabe9952 /charts/aai-elasticsearch/templates
parent: 9a427329607433c038f9a8fec8d866f354881234 (diff)
parent: 201670e70e53a3a9b7e2e8536e8e6719a8ebbab8 (diff)
4 files changed, 262 insertions, 0 deletions
diff --git a/charts/aai-elasticsearch/templates/configmap.yaml b/charts/aai-elasticsearch/templates/configmap.yaml
new file mode 100644
index 0000000..4be124f
--- /dev/null
+++ b/charts/aai-elasticsearch/templates/configmap.yaml
@@ -0,0 +1,52 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "common.fullname" . }}-es-config
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "common.fullname" . }}-sg-scripts
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/bin/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "common.fullname" . }}-sg-config
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/sg/*").AsConfig . | indent 2 }}
diff --git a/charts/aai-elasticsearch/templates/deployment.yaml b/charts/aai-elasticsearch/templates/deployment.yaml
new file mode 100644
index 0000000..785693a
--- /dev/null
+++ b/charts/aai-elasticsearch/templates/deployment.yaml
@@ -0,0 +1,144 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+  name: {{ include "common.fullname" . }}
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+spec:
+  replicas: {{ .Values.replicaCount }}
+  selector:
+    matchLabels:
+      app: {{ include "common.name" . }}
+  template:
+    metadata:
+      labels:
+        app: {{ include "common.name" . }}
+        release: {{ .Release.Name }}
+      name: {{ include "common.name" . }}
+    spec:
+      hostname: {{ include "common.name" . }}
+      initContainers:
+      - command:
+        - /bin/sh
+        - -c
+        - |
+          sysctl -w vm.max_map_count=262144
+          mkdir -p /logroot/elasticsearch/logs
+          mkdir -p /logroot/elasticsearch/data
+          chmod -R 777 /logroot/elasticsearch
+          chown -R 1000:1000 /logroot
+        env:
+        - name: NAMESPACE
+          valueFrom:
+            fieldRef:
+              apiVersion: v1
+              fieldPath: metadata.namespace
+        securityContext:
+          privileged: true
+        image: {{ .Values.global.dockerhubRepository | default .Values.dockerhubRepository }}/{{ .Values.global.busyboxImage | default .Values.busyboxImage }}
+        imagePullPolicy: {{ .Values.pullPolicy | default .Values.global.pullPolicy }}
+        name: init-sysctl
+        volumeMounts:
+        - name: elasticsearch-data
+          mountPath: /logroot/
+      containers:
+      - name: {{ include "common.name" . }}
+        image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+        imagePullPolicy: {{ .Values.pullPolicy | default .Values.global.pullPolicy }}
+        ports:
+        - containerPort: {{ .Values.service.internalPort }}
+        - containerPort: {{ .Values.service.internalPort2 }}
+        # disable liveness probe when breakpoints set in debugger
+        # so K8s doesn't restart unresponsive container
+        {{- if eq .Values.liveness.enabled true }}
+        livenessProbe:
+          tcpSocket:
+            port: {{ .Values.service.internalPort }}
+          initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+          periodSeconds: {{ .Values.liveness.periodSeconds }}
+        {{ end -}}
+        readinessProbe:
+          tcpSocket:
+            port: {{ .Values.service.internalPort }}
+          initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+          periodSeconds: {{ .Values.readiness.periodSeconds }}
+        volumeMounts:
+          - name: localtime
+            mountPath: /etc/localtime
+            readOnly: true
+          - name: elasticsearch-config
+            subPath: elasticsearch.yml
+            mountPath: /usr/share/elasticsearch/config/elasticsearch.yml
+          - name: elasticsearch-config
+            subPath: jvm.options
+            mountPath: /usr/share/elasticsearch/config/jvm.options
+          - name: elasticsearch-config
+            subPath: log4j2.properties
+            mountPath: /usr/share/elasticsearch/config/log4j2.properties
+          - name: searchguard-scripts
+            subPath: run.sh
+            mountPath: /usr/share/elasticsearch/bin/run.sh
+          - name: searchguard-scripts
+            subPath: wait_until_started.sh
+            mountPath: /usr/share/elasticsearch/bin/wait_until_started.sh
+          - name: searchguard-scripts
+            subPath: init_sg.sh
+            mountPath: /usr/share/elasticsearch/bin/init_sg.sh
+          - name: searchguard-config
+            mountPath: /usr/share/elasticsearch/config/sg
+          - name: searchguard-auth-config
+            mountPath: /usr/share/elasticsearch/config/sg/auth
+          - name: elasticsearch-data
+            mountPath: /usr/share/elasticsearch/data
+        resources:
+{{ include "common.resources" . | indent 12 }}
+      {{- if .Values.nodeSelector }}
+      nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 8 }}
+      {{- end -}}
+      {{- if .Values.affinity }}
+      affinity:
+{{ toYaml .Values.affinity | indent 8 }}
+      {{- end }}
+
+      volumes:
+      - name: localtime
+        hostPath:
+          path: /etc/localtime
+      - name: elasticsearch-config
+        configMap:
+          name: {{ include "common.fullname" . }}-es-config
+      - name: searchguard-scripts
+        configMap:
+          name: {{ include "common.fullname" . }}-sg-scripts
+          defaultMode: 0754
+      - name: searchguard-config
+        configMap:
+          name: {{ include "common.fullname" . }}-sg-config
+      - name: searchguard-auth-config
+        secret:
+          secretName: {{ include "common.fullname" . }}-sg-auth
+      - name: elasticsearch-data
+        hostPath:
+          path: {{ .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
+      restartPolicy: {{ .Values.restartPolicy }}
+      imagePullSecrets:
+      - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/charts/aai-elasticsearch/templates/secrets.yaml b/charts/aai-elasticsearch/templates/secrets.yaml
new file mode 100644
index 0000000..34b272f
--- /dev/null
+++ b/charts/aai-elasticsearch/templates/secrets.yaml
@@ -0,0 +1,22 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ include "common.fullname" . }}-sg-auth
+  namespace: {{ include "common.namespace" . }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/config/sg/auth/*").AsSecrets . | indent 2 }}
+\ No newline at end of file
diff --git a/charts/aai-elasticsearch/templates/service.yaml b/charts/aai-elasticsearch/templates/service.yaml
new file mode 100644
index 0000000..d119912
--- /dev/null
+++ b/charts/aai-elasticsearch/templates/service.yaml
@@ -0,0 +1,44 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "common.servicename" . }}
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+spec:
+  type: {{ .Values.service.type }}
+  ports:
+  {{if eq .Values.service.type "NodePort" -}}
+  - port: {{ .Values.service.internalPort }}
+    nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+    name: {{ .Values.service.portName }}
+  - port: {{ .Values.service.internalPort2 }}
+    nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }}
+    name: {{ .Values.service.portName2 }}
+  {{- else -}}
+  - port: {{ .Values.service.internalPort }}
+    name: {{ .Values.service.portName }}
+  - port: {{ .Values.service.internalPort2 }}
+    name: {{ .Values.service.portName2 }}
+  {{- end}}
+  selector:
+    app: {{ include "common.name" . }}
+    release: {{ .Release.Name }}
+  clusterIP: None
author	Jessica Wagantall <jwagantall@linuxfoundation.org>	2019-04-22 11:57:18 -0700
committer	Jessica Wagantall <jwagantall@linuxfoundation.org>	2019-04-22 11:58:36 -0700
commit	9b34a8a4d357fc5a03875f99244f48bdd8b2d03e (patch)
tree	dbabc5e56188f200913bcefb75424febaabe9952 /charts/aai-elasticsearch/templates
parent	9a427329607433c038f9a8fec8d866f354881234 (diff)
parent	201670e70e53a3a9b7e2e8536e8e6719a8ebbab8 (diff)