diff options
| author |   Andreas Geissler <andreas-geissler@telekom.de> | 2023-02-20 12:00:42 +0100 |
|---|---|---|
| committer | Andreas Geissler <andreas-geissler@telekom.de> | 2023-02-23 16:25:04 +0100 |
| commit | 0fcefb64c2bd0be21f0d20b1d6fa6a4600a51a37 (patch) | |
| tree | 806d3d808e45d5e3ce2432ff603265dfeee72247 /kubernetes/oof/components/oof-has/components/oof-has-api | |
| parent | 7a7b5d419bf216a4ce1d69f5ce135d0d90849e67 (diff) | |
[OOF] Make OOF ServiceMesh compatible
Update the OSDF image version to 3.0.8 and remove the AAF
related configuration options
Issue-ID: OOM-2990
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: Ib2b5085fa51eacb5ddc0e62dc29c2df9838c9c74
Diffstat (limited to 'kubernetes/oof/components/oof-has/components/oof-has-api')
4 files changed, 19 insertions, 134 deletions
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-api/Chart.yaml b/kubernetes/oof/components/oof-has/components/oof-has-api/Chart.yaml index 39d3f0c89f..a7a1d1f172 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-api/Chart.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-api/Chart.yaml @@ -24,9 +24,6 @@ dependencies: - name: common version: ~12.x-0 repository: '@local' - - name: certInitializer - version: ~12.x-0 - repository: '@local' - name: oof-templates version: ~12.x-0 repository: 'file://../../../oof-templates' @@ -36,3 +33,7 @@ dependencies: - name: serviceAccount version: ~12.x-0 repository: '@local' + - name: readinessCheck + version: ~12.x-0 + repository: '@local' + diff --git a/kubernetes/oof/components/oof-has/components/oof-has-api/templates/deployment.yaml b/kubernetes/oof/components/oof-has/components/oof-has-api/templates/deployment.yaml index 4e38c830f0..10793cafc6 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-api/templates/deployment.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-api/templates/deployment.yaml @@ -18,67 +18,15 @@ apiVersion: apps/v1 kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} +metadata: {{- include "common.resourceMetadata" . | nindent 2 }} spec: - selector: - matchLabels: - app: {{ include "common.name" . }} + selector: {{- include "common.selectors" . | nindent 4 }} replicas: {{ .Values.replicaCount }} template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} + metadata: {{- include "common.templateMetadata" . | nindent 6 }} spec: initContainers: - - name: {{ include "common.name" . }}-readiness - command: - - /app/ready.py - args: - - --container-name - - oof-has-controller - {{- if (include "common.needTLS" .) }} - - --container-name - - aaf-service - {{- end }} - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: {{ include "repositoryGenerator.image.readiness" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - - {{- if (include "common.needTLS" .) }} - - name: {{ include "common.name" . }}-has-sms-readiness - command: - - sh - - -c - - resp="FAILURE"; - until [ $resp = "200" ]; do - resp=$(curl -s -o /dev/null -k --write-out %{http_code} https://aaf-sms.{{ include "common.namespace" . }}:10443/v1/sms/domain/has/secret); - echo $resp; - sleep 2; - done - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: {{ include "repositoryGenerator.image.curl" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - {{- end }} -{{ include "common.certInitializer.initContainer" . | indent 6 }} - + {{ include "common.readinessCheck.waitFor" . | nindent 6 }} containers: - name: {{ include "common.name" . }} image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.image.optf_has }} @@ -112,11 +60,6 @@ spec: - mountPath: /usr/local/bin/log.conf name: {{ .Values.global.commonConfigPrefix }}-config subPath: log.conf - {{- if (include "common.needTLS" .) }} - - mountPath: /usr/local/bin/AAF_RootCA.cer - name: {{ include "common.fullname" . }}-onap-certs - subPath: aaf_root_ca.cer - {{- end }} resources: {{ include "common.resources" . | indent 12 }} - name: {{ include "common.name" . }}-nginx @@ -127,13 +70,10 @@ spec: args: - "-c" - | - {{- if (include "common.needTLS" .) }} - grep -v '^$' /opt/bitnami/nginx/ssl/local/org.onap.oof.crt > /tmp/oof.crt - cat /tmp/oof.crt /tmp/intermediate_root_ca.pem /tmp/AAF_RootCA.cer >> /opt/bitnami/nginx/org.onap.oof.crt - {{- end }} /opt/bitnami/scripts/nginx/entrypoint.sh /opt/bitnami/scripts/nginx/run.sh ports: - containerPort: {{ .Values.service.internalPort }} + name: http {{- if .Values.liveness.enabled }} livenessProbe: tcpSocket: @@ -147,21 +87,12 @@ spec: initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} volumeMounts: -{{ include "common.certInitializer.volumeMount" . | indent 10 }} - mountPath: /etc/localtime name: localtime readOnly: true - mountPath: /opt/bitnami/nginx/conf/nginx.conf name: {{ .Values.global.commonConfigPrefix }}-config subPath: nginx.conf - {{- if (include "common.needTLS" .) }} - - mountPath: /tmp/AAF_RootCA.cer - name: {{ include "common.fullname" . }}-onap-certs - subPath: aaf_root_ca.cer - - mountPath: /tmp/intermediate_root_ca.pem - name: {{ include "common.fullname" . }}-onap-certs - subPath: intermediate_root_ca.pem - {{- end }} resources: {{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} @@ -174,7 +105,6 @@ spec: {{- end }} serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: - {{ include "common.certInitializer.volumes" . | nindent 8 }} - name: localtime hostPath: path: /etc/localtime @@ -188,8 +118,5 @@ spec: path: conductor.conf - key: log.conf path: log.conf -{{- if (include "common.needTLS" .) }} -{{ include "oof.certificate.volume" . | indent 8 }} -{{- end }} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/oof/components/oof-has/components/oof-has-api/templates/service.yaml b/kubernetes/oof/components/oof-has/components/oof-has-api/templates/service.yaml index f13e7cea9b..b77b592c08 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-api/templates/service.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-api/templates/service.yaml @@ -1,6 +1,7 @@ {{/* # Copyright © 2017 Amdocs, Bell Canada # Modifications Copyright © 2018 AT&T,VMware +# Modifications Copyright © 2023 Deutsche Telekom # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -15,29 +16,4 @@ # limitations under the License. */}} -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} - annotations: -spec: - type: {{ .Values.service.type }} - ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.externalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} - {{- end}} - selector: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} +{{ include "common.service" . }} diff --git a/kubernetes/oof/components/oof-has/components/oof-has-api/values.yaml b/kubernetes/oof/components/oof-has/components/oof-has-api/values.yaml index c850cb7752..8b2ebdd23c 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-api/values.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-api/values.yaml @@ -22,10 +22,6 @@ global: # global defaults # secrets metaconfig ################################################################# secrets: - - uid: oof-onap-certs - externalSecret: '{{ tpl (default "" .Values.certSecret) . }}' - type: generic - filePaths: '{{ .Values.secretsFilePaths }}' - uid: oof-has-etcd-secret name: &user-creds '{{ include "common.release" . }}-oof-has-etcd-secret' type: basicAuth @@ -42,16 +38,15 @@ config: service: type: NodePort name: oof-has-api - externalPort: 8091 internalPort: 8091 - nodePort: 75 - portName: http + ports: + - name: http + port: 8091 + nodePort: '75' #backend container info uwsgi: internalPort: 8080 -ingress: - enabled: false replicaCount: 1 nodeSelector: {} affinity: {} @@ -85,24 +80,6 @@ readiness: initialDelaySeconds: 10 periodSeconds: 10 -#sub-charts configuration -certInitializer: - nameOverride: oof-has-cert-initializer - fqdn: "oof.onap" - app_ns: "org.osaaf.aaf" - fqi: "oof@oof.onap.org" - fqi_namespace: org.onap.oof - public_fqdn: "oof.onap.org" - aafDeployFqi: "deployer@people.osaaf.org" - aafDeployPass: demo123456! - cadi_latitude: "0.0" - cadi_longitude: "0.0" - credsPath: /opt/app/osaaf/local - appMountPath: /opt/bitnami/nginx/ssl - aaf_add_config: > - chmod 444 {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.key; - - ingress: enabled: false service: @@ -112,6 +89,10 @@ ingress: config: ssl: "redirect" +readinessCheck: + wait_for: + - oof-has-controller + #Pods Service Account serviceAccount: nameOverride: oof-has-api |