Support HTTPS and SSL Cassandra in workflow

1. Added multiple property mapping parameters. 2. Added some placeholder volume mounts. 3. Refactored few property names. 4. Didn't expose service on HTTPS due to absence of preserved node port. Change-Id: I55e66b5a1ff8798afa86088428d304f932ac37f8 Issue-ID: OOM-1740 Signed-off-by: priyanshua <pagarwal@amdocs.com>
author: priyanshu <pagarwal@amdocs.com> 2019-03-20 12:45:21 +0530
committer: priyanshua <pagarwal@amdocs.com> 2019-03-20 12:45:21 +0530
commit: bd7fbe2babda72ce78049ab7d6b3e7c963cae996 (patch)
tree: 38b4bad8a0a4b7ad0e2f331d4b7cbd5ae5a82de1 /kubernetes/sdc/charts/sdc-wfd-be/templates
parent: bb26706ffcfbbe412a43a2c04a5e127f4a21b5d4 (diff)
2 files changed, 42 insertions, 1 deletions
diff --git a/kubernetes/sdc/charts/sdc-wfd-be/templates/deployment.yaml b/kubernetes/sdc/charts/sdc-wfd-be/templates/deployment.yaml
index 84285c4a29..26ad05555a 100644
--- a/kubernetes/sdc/charts/sdc-wfd-be/templates/deployment.yaml
+++ b/kubernetes/sdc/charts/sdc-wfd-be/templates/deployment.yaml
@@ -54,6 +54,7 @@ spec:
           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
           ports:
           - containerPort: {{ .Values.service.internalPort }}
+          - containerPort: {{ .Values.service.internalPort2 }}
           # disable liveness probe when breakpoints set in debugger
           # so K8s doesn't restart unresponsive container
           {{ if .Values.liveness.enabled }}
@@ -75,12 +76,20 @@ spec:
             value: "{{ .Values.config.cassandraHosts }}"
           - name: CS_PORT
             value: "{{ .Values.config.cassandraClientPort }}"
+          - name: CS_AUTHENTICATE
+            value: "{{ .Values.config.cassandraAuthenticationEnabled }}"
           - name: CS_USER
             valueFrom:
               secretKeyRef: {name: {{ .Release.Name }}-sdc-cs-secrets, key: sdc_user}
           - name: CS_PASSWORD
             valueFrom:
               secretKeyRef: {name: {{ .Release.Name }}-sdc-cs-secrets, key: sdc_password}
+          - name: CS_SSL_ENABLED
+            value: "{{ .Values.config.cassandraSSLEnabled }}"
+          - name: CS_TRUST_STORE_PATH
+            value: "{{ .Values.config.cassandraTrustStorePath }}"
+          - name: CS_TRUST_STORE_PASSWORD
+            value: "{{ .Values.config.cassandraTrustStorePassword }}"
           - name: SDC_PROTOCOL
             value: "{{ .Values.config.sdcProtocol }}"
           - name: SDC_ENDPOINT
@@ -89,5 +98,37 @@ spec:
             value: "{{ .Values.config.sdcExternalUser }}"
           - name: SDC_PASSWORD
             value: "{{ .Values.config.sdcExternalUserPassword }}"
+          - name: SERVER_SSL_ENABLED
+            value: "{{ .Values.config.serverSSLEnabled }}"
+          - name: SERVER_SSL_KEYSTORE_TYPE
+            value: "{{ .Values.config.ser }}"
+          - name: SERVER_SSL_KEYSTORE_PATH
+            value: "{{ .Values.config.serverSSLKeyStorePath }}"
+          - name: SERVER_SSL_KEY_PASSWORD
+            value: "{{ .Values.config.serverSSLKeyPassword }}"
+          volumeMounts:
+          {{ if .Values.config.cassandraSSLEnabled }}
+          - name: {{ include "common.fullname" . }}-cassandra-client-truststore
+            mountPath: /config/cassandra-client-truststore
+            subPath: truststore
+            readOnly: true
+          {{- end }}
+          {{ if .Values.config.serverSSLEnabled }}
+          - name: {{ include "common.fullname" . }}-server-https-keystore
+            mountPath: /config/server-https-keystore
+            subPath: keystore
+            readOnly: true
+          {{- end }}
+      volumes:
+      {{ if .Values.config.cassandraSSLEnabled }}
+      - name: {{ include "common.fullname" . }}-cassandra-client-truststore
+        hostPath:
+          path: /config/cassandra-client-truststore
+      {{- end }}
+      {{ if .Values.config.serverSSLEnabled }}
+      - name: {{ include "common.fullname" . }}-server-https-keystore
+        hostPath:
+          path: /config/server-https-keystore
+      {{- end }}
       imagePullSecrets:
       - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/sdc/charts/sdc-wfd-be/templates/job.yaml b/kubernetes/sdc/charts/sdc-wfd-be/templates/job.yaml
index 2cfdacbe87..38f526d215 100644
--- a/kubernetes/sdc/charts/sdc-wfd-be/templates/job.yaml
+++ b/kubernetes/sdc/charts/sdc-wfd-be/templates/job.yaml
@@ -58,7 +58,7 @@ spec:
         - name: CS_PORT
           value: "{{ .Values.config.cassandraThriftClientPort }}"
         - name: CS_AUTHENTICATE
-          value: "{{ .Values.config.cassandaAuthenticationEnabled }}"
+          value: "{{ .Values.config.cassandraAuthenticationEnabled }}"
         - name: CS_USER
           valueFrom:
             secretKeyRef: {name: {{ .Release.Name }}-sdc-cs-secrets, key: sdc_user}
author	priyanshu <pagarwal@amdocs.com>	2019-03-20 12:45:21 +0530
committer	priyanshua <pagarwal@amdocs.com>	2019-03-20 12:45:21 +0530
commit	bd7fbe2babda72ce78049ab7d6b3e7c963cae996 (patch)
tree	38b4bad8a0a4b7ad0e2f331d4b7cbd5ae5a82de1 /kubernetes/sdc/charts/sdc-wfd-be/templates
parent	bb26706ffcfbbe412a43a2c04a5e127f4a21b5d4 (diff)