diff options
author | farida azmy <farida.azmy.ext@orange.com> | 2021-03-17 11:33:28 +0200 |
---|---|---|
committer | othman touijer <othman.touijer@soprasteria.com> | 2021-07-23 12:33:48 +0200 |
commit | 13388baca0e98f0f870ba77f40e2e2a944cf08d0 (patch) | |
tree | 426d6dbf2dfd1a49b34eb0fd988e9b98b617105e | |
parent | f4b8ca07e7137c93721084c550d2e4a8c6121acb (diff) |
[DMAAP] Update chart with service account
Add service account to requirements.yaml, values.yaml and deployment/statefulset
Issue-ID: OOM-2702
Signed-off-by: farida azmy <farida.azmy.ext@orange.com>
Co-authored-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: Id63ae33ce92a5192d43ff0f782487b3974fc5f41
20 files changed, 69 insertions, 0 deletions
diff --git a/kubernetes/dmaap/components/dmaap-bc/requirements.yaml b/kubernetes/dmaap/components/dmaap-bc/requirements.yaml index 95f841632c..7c26bb83b1 100644 --- a/kubernetes/dmaap/components/dmaap-bc/requirements.yaml +++ b/kubernetes/dmaap/components/dmaap-bc/requirements.yaml @@ -26,3 +26,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml b/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml index eaad403dc8..a0b6fdad8d 100644 --- a/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml +++ b/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml @@ -114,6 +114,7 @@ spec: {{- if .Values.affinity }} affinity: {{ toYaml .Values.affinity | nindent 10 }} {{- end }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }} - name: localtime hostPath: diff --git a/kubernetes/dmaap/components/dmaap-bc/values.yaml b/kubernetes/dmaap/components/dmaap-bc/values.yaml index 65242b4a4f..a3d42d2130 100644 --- a/kubernetes/dmaap/components/dmaap-bc/values.yaml +++ b/kubernetes/dmaap/components/dmaap-bc/values.yaml @@ -163,3 +163,9 @@ resources: cpu: 2 memory: 2Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: dmaap-bc + roles: + - read diff --git a/kubernetes/dmaap/components/dmaap-dr-node/requirements.yaml b/kubernetes/dmaap/components/dmaap-dr-node/requirements.yaml index d96058de91..97ba957f4f 100644 --- a/kubernetes/dmaap/components/dmaap-dr-node/requirements.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-node/requirements.yaml @@ -25,3 +25,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml b/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml index 40a4d7db93..dfb435ce04 100644 --- a/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml @@ -102,6 +102,7 @@ spec: mountPath: /var/log/onap/datarouter-node imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "common.aaf-config-volumes" . | nindent 8 }} - name: localtime hostPath: diff --git a/kubernetes/dmaap/components/dmaap-dr-node/values.yaml b/kubernetes/dmaap/components/dmaap-dr-node/values.yaml index 1d55a13bd9..ee231a0c06 100644 --- a/kubernetes/dmaap/components/dmaap-dr-node/values.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-node/values.yaml @@ -154,3 +154,9 @@ config: # dr uses the EELF Logging framework https://github.com/att/EELF # and supports the following log levels: TRACE, DEBUG, INFO, WARN, ERROR, OFF logLevel: "INFO" + +#Pods Service Account +serviceAccount: + nameOverride: dmaap-dr-node + roles: + - read diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/requirements.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/requirements.yaml index ed03e05b2e..65867f50af 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/requirements.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/requirements.yaml @@ -32,3 +32,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml index 5c94116bac..61678961cc 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml @@ -118,6 +118,7 @@ spec: mountPath: /usr/share/filebeat/data - name: {{ include "common.fullname" . }}-logs mountPath: /var/log/onap/datarouter-prov + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }} - name: localtime hostPath: diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml index a82eef85d4..7564ccfc78 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml @@ -154,3 +154,9 @@ resources: cpu: 1000m memory: 2Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: dmaap-dr-prov + roles: + - read diff --git a/kubernetes/dmaap/components/message-router/components/message-router-kafka/requirements.yaml b/kubernetes/dmaap/components/message-router/components/message-router-kafka/requirements.yaml index 68c3169e68..c212f38b39 100644 --- a/kubernetes/dmaap/components/message-router/components/message-router-kafka/requirements.yaml +++ b/kubernetes/dmaap/components/message-router/components/message-router-kafka/requirements.yaml @@ -26,3 +26,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/statefulset.yaml index 48a2eb197e..7cedbf89d1 100644 --- a/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/statefulset.yaml +++ b/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/statefulset.yaml @@ -220,6 +220,7 @@ spec: tolerations: {{ toYaml .Values.tolerations | indent 10 }} {{- end }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }} - name: localtime hostPath: diff --git a/kubernetes/dmaap/components/message-router/components/message-router-kafka/values.yaml b/kubernetes/dmaap/components/message-router/components/message-router-kafka/values.yaml index 04d7cee705..5732c5de0e 100644 --- a/kubernetes/dmaap/components/message-router/components/message-router-kafka/values.yaml +++ b/kubernetes/dmaap/components/message-router/components/message-router-kafka/values.yaml @@ -219,3 +219,9 @@ resources: cpu: 1000m memory: 2Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: message-router-kafka + roles: + - read diff --git a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/requirements.yaml b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/requirements.yaml index 343812db25..20cc48f360 100644 --- a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/requirements.yaml +++ b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/requirements.yaml @@ -23,3 +23,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/statefulset.yaml index 5ea5bc53b7..f5473ec589 100644 --- a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/statefulset.yaml +++ b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/statefulset.yaml @@ -187,6 +187,7 @@ spec: tolerations: {{ toYaml .Values.tolerations | indent 10 }} {{- end }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: - name: localtime hostPath: diff --git a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/values.yaml b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/values.yaml index 64c29db935..6863acc7a2 100644 --- a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/values.yaml +++ b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/values.yaml @@ -151,3 +151,9 @@ resources: cpu: 1000m memory: 2Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: message-router-zookeeper + roles: + - read diff --git a/kubernetes/dmaap/components/message-router/requirements.yaml b/kubernetes/dmaap/components/message-router/requirements.yaml index 5adbb623bd..00d14549cd 100644 --- a/kubernetes/dmaap/components/message-router/requirements.yaml +++ b/kubernetes/dmaap/components/message-router/requirements.yaml @@ -33,3 +33,6 @@ dependencies: - name: message-router-zookeeper version: ~8.x-0 repository: 'file://components/message-router-zookeeper' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/dmaap/components/message-router/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/templates/statefulset.yaml index c0d32a362b..9bad341792 100644 --- a/kubernetes/dmaap/components/message-router/templates/statefulset.yaml +++ b/kubernetes/dmaap/components/message-router/templates/statefulset.yaml @@ -137,6 +137,7 @@ spec: name: jetty {{- end }} resources: {{ include "common.resources" . | nindent 12 }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }} - name: localtime hostPath: diff --git a/kubernetes/dmaap/components/message-router/values.yaml b/kubernetes/dmaap/components/message-router/values.yaml index d0b162b45e..7028bb1263 100644 --- a/kubernetes/dmaap/components/message-router/values.yaml +++ b/kubernetes/dmaap/components/message-router/values.yaml @@ -153,3 +153,9 @@ resources: cpu: 1000m memory: 2Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: message-router + roles: + - read diff --git a/kubernetes/dmaap/requirements.yaml b/kubernetes/dmaap/requirements.yaml index d62273499e..268ff70467 100644 --- a/kubernetes/dmaap/requirements.yaml +++ b/kubernetes/dmaap/requirements.yaml @@ -33,3 +33,6 @@ dependencies: version: ~8.x-0 repository: 'file://components/dmaap-dr-prov' condition: dmaap-dr-prov.enabled + - name: serviceAccount + version: ~8.x-0 + repository: '@local'
\ No newline at end of file diff --git a/kubernetes/dmaap/values.yaml b/kubernetes/dmaap/values.yaml index c1ba7547db..b7f0735c8d 100644 --- a/kubernetes/dmaap/values.yaml +++ b/kubernetes/dmaap/values.yaml @@ -54,3 +54,9 @@ dmaap-dr-node: enabled: true dmaap-dr-prov: enabled: true + +#Pods Service Account +serviceAccount: + nameOverride: dmaap + roles: + - read |