diff options
author | krishnaa96 <krishna.moorthy6@wipro.com> | 2020-08-11 10:26:50 +0530 |
---|---|---|
committer | krishnaa96 <krishna.moorthy6@wipro.com> | 2020-09-16 18:34:44 +0530 |
commit | dbcd1cacf9d08b2d17b569736effb389c6f99d13 (patch) | |
tree | 9a3af346400f6d7f0c30fc8813b2527b835f4134 /kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/templates/deployment.yaml | |
parent | 27aae18cdee00c873e3617a6a3b5fb2d294b9b98 (diff) |
[OOF] Use certInitializer for OOF pods
Remove Hardcoded certificates from OOF
Resturcture OOF charts
Issue-ID: OPTFRA-803
Signed-off-by: krishnaa96 <krishna.moorthy6@wipro.com>
Change-Id: Ibe886a44fcbf22bb3443fbb8ec8e37ddc7636ffe
Diffstat (limited to 'kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/templates/deployment.yaml')
-rw-r--r-- | kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/templates/deployment.yaml | 182 |
1 files changed, 182 insertions, 0 deletions
diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/templates/deployment.yaml b/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/templates/deployment.yaml new file mode 100644 index 0000000000..fd131906a2 --- /dev/null +++ b/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/templates/deployment.yaml @@ -0,0 +1,182 @@ +# Copyright © 2018 AT&T +# Copyright (C) 2020 Wipro Limited. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +spec: + selector: + matchLabels: + app: {{ include "common.name" . }} + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ include "common.release" . }} + spec: + initContainers: + - command: + - /app/ready.py + args: + - --container-name + - {{ .Values.config.db.container }} + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness + - name: {{ include "common.name" . }}-db-config-readiness + command: + - /app/ready.py + args: + - -j + - "{{ include "common.release" . }}-cmso-db-config-config-job" + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + - name: {{ include "common.name" . }}-chown + command: ["/bin/sh", "-c", "chown -Rf 1000:1000 /share/"] + image: "{{ .Values.global.busyBoxRepository }}/{{ .Values.global.busyBoxImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - name: {{ include "common.fullname" . }}-logs + mountPath: /share/logs + - name: db-init + image: "{{ include "common.repository" . }}/{{ .Values.dbinit.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + env: + - name: DB_HOST + value: {{ .Values.config.db.host }}.{{.Release.Namespace}} + - name: DB_PORT + value: {{ .Values.config.db.port | quote}} + - name: DB_USERNAME + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cmso-db-user-secret" "key" "login") | indent 10}} + - name: DB_SCHEMA + value: {{ .Values.config.db.mysqlDatabase }} + - name: DB_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cmso-db-user-secret" "key" "password") | indent 10}} + terminationMessagePolicy: File + volumeMounts: + - name: {{ include "common.fullname" . }}-config + mountPath: /share/etc/config + - name: {{ include "common.fullname" . }}-logs + mountPath: /share/logs +{{ include "common.certInitializer.initContainer" . | indent 6 }} + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + env: + - name: DB_HOST + value: {{ .Values.config.db.host }}.{{.Release.Namespace}} + - name: DB_PORT + value: {{ .Values.config.db.port | quote}} + - name: DB_USERNAME + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cmso-db-user-secret" "key" "login") | indent 10}} + - name: DB_SCHEMA + value: {{ .Values.config.db.mysqlDatabase }} + - name: DB_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cmso-db-user-secret" "key" "password") | indent 10}} + - name: JAVA_TRUSTSTORE + value: /share/etc/osaaf/local/{{ .Values.global.truststoreFile }} + - name: SSL_KEYSTORE + value: /share/etc/osaaf/local/{{ .Values.global.keystoreFile }} + - name: JAVA_TRUSTSTORE_PASSWORD + value: {{ .Values.global.truststorePassword }} + - name: AUTHENTICATION + value: {{ .Values.global.authentication }} + command: + - /bin/sh + args: + - "-c" + - | + export SSL_KEYSTORE_PASSWORD=$(cat /share/etc/osaaf/local/.pass) + ./startService.sh + ports: + - containerPort: {{ .Values.service.internalPort }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + volumeMounts: +{{ include "common.certInitializer.volumeMount" . | indent 8 }} + - name: {{ include "common.fullname" . }}-logs + mountPath: /share/logs + - name: {{ include "common.fullname" . }}-logs + mountPath: /share/debug-logs + - name: {{ include "common.fullname" . }}-config + mountPath: /share/etc/config + - name: {{ include "common.fullname" . }}-certs + mountPath: /share/etc/certs + - name: {{ include "common.fullname" . }}-certs + mountPath: /opt/app/cmso/src/main/resources/aaf + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + {{ include "common.certInitializer.volumes" . | nindent 8 }} + - name: {{ include "common.fullname" . }}-config + configMap: + name: {{ include "common.fullname" . }} + items: + - key: logback.xml + path: logback.xml + - key: cadi.properties + path: cadi.properties + - key: optimizer.properties + path: optimizer.properties + - key: liquibase.properties + path: liquibase.properties + - name: {{ include "common.fullname" . }}-logs + emptyDir: {} + - name: {{ include "common.fullname" . }}-certs + secret: + secretName: {{ include "common.release" . }}-{{ .Values.global.commonConfigPrefix }}-certs + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" |