moving certs and keys to k8s secrets

changed location of used certs and keys files, updated deploy yamls and create/delete all Issue-ID: OOM-293 Change-Id: I53766b7028d6b725bf381875105b196246ff2ee1 Signed-off-by: Keren Joseph <keren.joseph@amdocs.com>
author: Keren Joseph <keren.joseph@amdocs.com> 2017-09-12 10:13:15 +0300
committer: Keren Joseph <keren.joseph@amdocs.com> 2017-09-12 13:24:47 +0300
commit: 59ffd500ea34c201fbb3edc39e64655fa8381be0 (patch)
tree: fca37264aba79ef4cc753470d11a095ddb996fd7 /kubernetes/aai
parent: f8bda5c9ee1b5a0519fa5e7faa0fdd5b889e4e85 (diff)
4 files changed, 35 insertions, 0 deletions
diff --git a/kubernetes/aai/templates/data-router-deployment.yaml b/kubernetes/aai/templates/data-router-deployment.yaml
index f823061c33..0033208642 100644
--- a/kubernetes/aai/templates/data-router-deployment.yaml
+++ b/kubernetes/aai/templates/data-router-deployment.yaml
@@ -35,6 +35,10 @@ spec:
         volumeMounts:
         - mountPath: /opt/app/data-router/config/
           name: data-router-config
+        - mountPath: /opt/app/data-router/config/auth/tomcat_keystore
+          name: data-router-tomcat-key
+        - mountPath: /opt/app/data-router/config/auth/client-cert-onap.p12 
+          name: data-router-client-cert
         - mountPath: /opt/app/data-router/dynamic/
           name: data-router-dynamic
         - mountPath: /logs/
@@ -56,6 +60,12 @@ spec:
       - name: data-router-logs
         hostPath:
           path: "/dockerdata-nfs/{{ .Values.nsPrefix }}/aai/data-router/logs/"
+      - name: data-router-tomcat-key
+        secret:
+          secretName: secret-{{ .Values.nsPrefix }}-aai
+      - name: data-router-client-cert
+        secret:
+          secretName: secret-{{ .Values.nsPrefix }}-aai
       restartPolicy: Always
       imagePullSecrets:
       - name: "{{ .Values.nsPrefix }}-docker-registry-key"
diff --git a/kubernetes/aai/templates/modelloader-deployment.yaml b/kubernetes/aai/templates/modelloader-deployment.yaml
index 5391273d9d..ec6a9178a7 100644
--- a/kubernetes/aai/templates/modelloader-deployment.yaml
+++ b/kubernetes/aai/templates/modelloader-deployment.yaml
@@ -20,6 +20,8 @@ spec:
         volumeMounts:
         - mountPath: /opt/app/model-loader/config/
           name: aai-model-loader-config
+        - mountPath: /opt/app/model-loader/config/auth/aai-os-cert.p12
+          name: aai-os-cert
         - mountPath: /logs/
           name: aai-model-loader-logs
         image: "{{ .Values.image.modelLoaderImage }}:{{ .Values.image.modelLoaderVersion }}"
@@ -35,6 +37,9 @@ spec:
       - name: aai-model-loader-logs
         hostPath:
           path: "/dockerdata-nfs/{{ .Values.nsPrefix }}/aai/model-loader/logs/"
+      - name: aai-os-cert
+        secret:
+          secretName: secret-{{ .Values.nsPrefix }}-aai
       restartPolicy: Always
       imagePullSecrets:
       - name: "{{ .Values.nsPrefix }}-docker-registry-key"
diff --git a/kubernetes/aai/templates/search-data-service-deployment.yaml b/kubernetes/aai/templates/search-data-service-deployment.yaml
index f2db9370fd..8f4acef7cb 100644
--- a/kubernetes/aai/templates/search-data-service-deployment.yaml
+++ b/kubernetes/aai/templates/search-data-service-deployment.yaml
@@ -27,6 +27,8 @@ spec:
         volumeMounts:
         - mountPath: /opt/app/search-data-service/config/
           name: aai-search-data-service-config
+        - mountPath: /opt/app/search-data-service/config/auth/tomcat_keystore
+          name: aai-tomcat-key
         - mountPath: /logs/
           name: aai-search-data-service-logs
         ports:
@@ -40,6 +42,9 @@ spec:
       - name: aai-search-data-service-config
         hostPath:
           path: "/dockerdata-nfs/{{ .Values.nsPrefix }}/aai/search-data-service/appconfig/"
+      - name: aai-tomcat-key
+        secret:
+          secretName: secret-{{ .Values.nsPrefix }}-aai
       - name: aai-search-data-service-logs
         hostPath:
           path: "/dockerdata-nfs/{{ .Values.nsPrefix }}/aai/search-data-service/logs/"
diff --git a/kubernetes/aai/templates/sparky-be-deployment.yaml b/kubernetes/aai/templates/sparky-be-deployment.yaml
index 6a8ff9308d..f4c44e28ed 100644
--- a/kubernetes/aai/templates/sparky-be-deployment.yaml
+++ b/kubernetes/aai/templates/sparky-be-deployment.yaml
@@ -27,6 +27,12 @@ spec:
         volumeMounts:
         - mountPath: /opt/app/sparky/config/
           name: aai-sparky-be-config
+        - mountPath: /opt/app/sparky/config/auth/client-cert-onap.p12 
+          name: aai-sparky-be-client-cert
+        - mountPath: /opt/app/sparky/config/auth/aai-os-cert.p12
+          name: aai-sparky-be-aai-os-cert
+        - mountPath: /opt/app/sparky/config/auth/inventory-ui-keystore
+          name: aai-sparky-be-inventory-key
         - mountPath: /logs/
           name: aai-sparky-be-logs
         ports:
@@ -43,6 +49,15 @@ spec:
       - name: aai-sparky-be-logs
         hostPath:
           path: "/dockerdata-nfs/{{ .Values.nsPrefix }}/aai/sparky-be/logs/"
+      - name: aai-sparky-be-client-cert
+        secret:
+          secretName: secret-{{ .Values.nsPrefix }}-aai
+      - name: aai-sparky-be-aai-os-cert
+        secret:
+          secretName: secret-{{ .Values.nsPrefix }}-aai
+      - name: aai-sparky-be-inventory-key
+        secret:
+          secretName: secret-{{ .Values.nsPrefix }}-aai
       restartPolicy: Always
       imagePullSecrets:
       - name: "{{ .Values.nsPrefix }}-docker-registry-key"
author	Keren Joseph <keren.joseph@amdocs.com>	2017-09-12 10:13:15 +0300
committer	Keren Joseph <keren.joseph@amdocs.com>	2017-09-12 13:24:47 +0300
commit	59ffd500ea34c201fbb3edc39e64655fa8381be0 (patch)
tree	fca37264aba79ef4cc753470d11a095ddb996fd7 /kubernetes/aai
parent	f8bda5c9ee1b5a0519fa5e7faa0fdd5b889e4e85 (diff)