aboutsummaryrefslogtreecommitdiffstats
path: root/kubernetes/sdc/components/sdc-onboarding-be/templates
diff options
context:
space:
mode:
authorChrisC <christophe.closset@intl.att.com>2020-09-04 11:29:57 +0200
committerChrisC <christophe.closset@intl.att.com>2020-09-09 10:34:45 +0200
commit742a7b29bfb6ffb18ef65b0a45ad08de59e52a6e (patch)
treeb09589f5e3401652eace884d45cdb24519b8a1db /kubernetes/sdc/components/sdc-onboarding-be/templates
parent92878fe491ab5166573fefbf8a3a2e5010813f08 (diff)
[SDC] use of certInitializer template
Auto SSL certificates generation through certInitializer template for SDC Refactor to components Issue-ID: SDC-3172 Change-Id: I2c895a8d8e7c25e11a2a1e997735d2e7b2d258aa Signed-off-by: ChrisC <christophe.closset@intl.att.com>
Diffstat (limited to 'kubernetes/sdc/components/sdc-onboarding-be/templates')
-rw-r--r--kubernetes/sdc/components/sdc-onboarding-be/templates/NOTES.txt33
-rw-r--r--kubernetes/sdc/components/sdc-onboarding-be/templates/configmap.yaml27
-rw-r--r--kubernetes/sdc/components/sdc-onboarding-be/templates/deployment.yaml179
-rw-r--r--kubernetes/sdc/components/sdc-onboarding-be/templates/job.yaml82
-rw-r--r--kubernetes/sdc/components/sdc-onboarding-be/templates/service.yaml47
5 files changed, 368 insertions, 0 deletions
diff --git a/kubernetes/sdc/components/sdc-onboarding-be/templates/NOTES.txt b/kubernetes/sdc/components/sdc-onboarding-be/templates/NOTES.txt
new file mode 100644
index 0000000000..edfb08642a
--- /dev/null
+++ b/kubernetes/sdc/components/sdc-onboarding-be/templates/NOTES.txt
@@ -0,0 +1,33 @@
+# Copyright © 2018 Amdocs, Bell Canada, ZTE and AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+1. Get the application URL by running these commands:
+{{- if .Values.ingress.enabled }}
+{{- range .Values.ingress.hosts }}
+ http://{{ . }}
+{{- end }}
+{{- else if contains "NodePort" .Values.service.type }}
+ export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.fullname" . }})
+ export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
+ echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.service.type }}
+ NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+ You can watch the status of by running 'kubectl get svc -w {{ include "common.fullname" . }}'
+ export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
+ echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
+{{- else if contains "ClusterIP" .Values.service.type }}
+ export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+ echo "Visit http://127.0.0.1:8080 to use your application"
+ kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
+{{- end }}
diff --git a/kubernetes/sdc/components/sdc-onboarding-be/templates/configmap.yaml b/kubernetes/sdc/components/sdc-onboarding-be/templates/configmap.yaml
new file mode 100644
index 0000000000..ea5009914a
--- /dev/null
+++ b/kubernetes/sdc/components/sdc-onboarding-be/templates/configmap.yaml
@@ -0,0 +1,27 @@
+# Copyright © 2017 Amdocs, Bell Canada
+# Modifications Copyright © 2018 AT&T, ZTE
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-logging-configmap
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ include "common.release" . }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/logging/*").AsConfig . | indent 2 }}
diff --git a/kubernetes/sdc/components/sdc-onboarding-be/templates/deployment.yaml b/kubernetes/sdc/components/sdc-onboarding-be/templates/deployment.yaml
new file mode 100644
index 0000000000..6f1e2a9b61
--- /dev/null
+++ b/kubernetes/sdc/components/sdc-onboarding-be/templates/deployment.yaml
@@ -0,0 +1,179 @@
+# Copyright © 2017 Amdocs, AT&T, Bell Canada
+# Modifications Copyright © 2018 ZTE
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ include "common.release" . }}
+ heritage: {{ .Release.Service }}
+spec:
+ selector:
+ matchLabels:
+ app: {{ include "common.name" . }}
+ replicas: {{ .Values.replicaCount }}
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ include "common.release" . }}
+ spec:
+ initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }}
+ - name: {{ include "common.name" . }}-job-completion
+ image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}"
+ imagePullPolicy: "{{ .Values.global.pullPolicy | default .Values.pullPolicy }}"
+ command:
+ - /app/ready.py
+ args:
+ - --job-name
+ - {{ include "common.release" . }}-sdc-onboarding-be-cassandra-init
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ {{- if .Values.global.aafEnabled }}
+ - name: {{ include "common.name" . }}-update-config
+ image: "{{ .Values.global.envsubstImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command:
+ - sh
+ args:
+ - "-c"
+ - |
+ export $(grep '^c' {{ .Values.certInitializer.credsPath }}/mycreds.prop | xargs -0)
+ export KEYSTORE_PASS=$cadi_keystore_password_p12
+ export KEYMANAGER_PASS=$cadi_keystore_password_p12
+ export TRUSTSTORE_PASS=$cadi_truststore_password
+ cp {{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.keystoreFile }} /config-output
+ cp {{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.truststoreFile }} /config-output
+ cd /config-input && \
+ for PFILE in `find . -not -type d | grep -v -F ..`
+ do
+ envsubst <${PFILE} >/config-output/${PFILE}
+ chmod 0755 /config-output/${PFILE}
+ done
+ volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
+ - name: {{ include "common.fullname" . }}-environments
+ mountPath: /config-input/
+ - name: sdc-environments-output
+ mountPath: /config-output/
+ {{- end }}
+ containers:
+ - name: {{ include "common.name" . }}
+ image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ ports:
+ - containerPort: {{ .Values.service.internalPort }}
+ - containerPort: {{ .Values.service.internalPort2 }}
+ {{ if eq .Values.liveness.enabled true }}
+ livenessProbe:
+ exec:
+ command:
+ - "/var/lib/jetty/ready-probe.sh"
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
+ {{ end }}
+ readinessProbe:
+ exec:
+ command:
+ - "/var/lib/jetty/ready-probe.sh"
+ initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.readiness.periodSeconds }}
+ timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
+ resources:
+{{ include "common.resources" . | indent 12 }}
+ env:
+ - name: ENVNAME
+ value: {{ .Values.env.name }}
+ - name: JAVA_OPTIONS
+ value: {{ .Values.config.javaOptions }}
+ - name: SDC_CLUSTER_NAME
+ value: "SDC-CS-{{ .Values.env.name }}"
+ - name: cassandra_ssl_enabled
+ value: {{ .Values.config.cassandraSslEnabled | quote }}
+ - name: HOST_IP
+ valueFrom:
+ fieldRef:
+ fieldPath: status.podIP
+ - name: SDC_USER
+ valueFrom:
+ secretKeyRef: {name: {{ include "common.release" . }}-sdc-cs-secrets, key: sdc_user}
+ - name: SDC_PASSWORD
+ valueFrom:
+ secretKeyRef: {name: {{ include "common.release" . }}-sdc-cs-secrets, key: sdc_password}
+ - name: SDC_CERT_DIR
+ value: {{ .Values.cert.certDir }}
+ volumeMounts:
+ - name: sdc-environments-output
+ mountPath: /var/lib/jetty/chef-solo/environments/
+ - name: sdc-environments-output
+ mountPath: /var/lib/jetty/chef-solo/cookbooks/sdc-onboard-backend/files/default/org.onap.sdc.p12
+ subPath: org.onap.sdc.p12
+ - name: sdc-environments-output
+ mountPath: /var/lib/jetty/chef-solo/cookbooks/sdc-onboard-backend/files/default/org.onap.sdc.trust.jks
+ subPath: org.onap.sdc.trust.jks
+ - name: {{ include "common.fullname" . }}-localtime
+ mountPath: /etc/localtime
+ readOnly: true
+ - name: {{ include "common.fullname" . }}-logs
+ mountPath: /var/log/onap
+ - name: {{ include "common.fullname" . }}-logback
+ mountPath: /tmp/logback.xml
+ subPath: logback.xml
+ lifecycle:
+ postStart:
+ exec:
+ command: ["/bin/sh", "-c", "export LOG=wait_logback.log; touch $LOG; export SRC=/tmp/logback.xml; export DST=/var/lib/jetty/config/onboarding-be/; while [ ! -e $DST ]; do echo 'Waiting for $DST...' >> $LOG; sleep 5; done; sleep 2; /bin/cp -f $SRC $DST; echo 'Done' >> $LOG"]
+ # side car containers
+ - name: {{ include "common.name" . }}-filebeat-onap
+ image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ volumeMounts:
+ - name: {{ include "common.fullname" . }}-filebeat-conf
+ mountPath: /usr/share/filebeat/filebeat.yml
+ subPath: filebeat.yml
+ - name: {{ include "common.fullname" . }}-logs
+ mountPath: /var/log/onap
+ - name: {{ include "common.fullname" . }}-data-filebeat
+ mountPath: /usr/share/filebeat/data
+ volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }}
+ - name: {{ include "common.fullname" . }}-localtime
+ hostPath:
+ path: /etc/localtime
+ - name: {{ include "common.fullname" . }}-filebeat-conf
+ configMap:
+ name: {{ include "common.release" . }}-sdc-filebeat-configmap
+ - name: {{ include "common.fullname" . }}-data-filebeat
+ emptyDir: {}
+ - name: {{ include "common.fullname" . }}-logback
+ configMap:
+ name : {{ include "common.fullname" . }}-logging-configmap
+ - name: {{ include "common.fullname" . }}-environments
+ configMap:
+ name: {{ include "common.release" . }}-sdc-environments-configmap
+ defaultMode: 0755
+ - name: sdc-environments-output
+ emptyDir: { medium: "Memory" }
+ - name: {{ include "common.fullname" . }}-logs
+ emptyDir: {}
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/sdc/components/sdc-onboarding-be/templates/job.yaml b/kubernetes/sdc/components/sdc-onboarding-be/templates/job.yaml
new file mode 100644
index 0000000000..936c7c41b5
--- /dev/null
+++ b/kubernetes/sdc/components/sdc-onboarding-be/templates/job.yaml
@@ -0,0 +1,82 @@
+# Copyright © 2017 Amdocs, AT&T, Bell Canada
+# Modifications Copyright © 2018 ZTE
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: batch/v1
+kind: Job
+metadata:
+ name: {{ include "common.fullname" . }}-cassandra-init
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}-job
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ include "common.release" . }}
+ heritage: {{ .Release.Service }}
+spec:
+ backoffLimit: 20
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}-job
+ release: {{ include "common.release" . }}
+ spec:
+ restartPolicy: Never
+ initContainers:
+ - name: {{ include "common.name" . }}-job-completion
+ image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}"
+ imagePullPolicy: "{{ .Values.global.pullPolicy | default .Values.pullPolicy }}"
+ command:
+ - /app/ready.py
+ args:
+ - --job-name
+ - {{ include "common.release" . }}-sdc-cs-config-cassandra
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ containers:
+ - name: {{ include "common.name" . }}-job
+ image: "{{ include "common.repository" . }}/{{ .Values.onboardingInitImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ volumeMounts:
+ - name: {{ include "common.fullname" . }}-environments
+ mountPath: /home/sdc/chef-solo/environments/
+ env:
+ - name: ENVNAME
+ value: {{ .Values.env.name }}
+ - name: HOST_IP
+ valueFrom:
+ fieldRef:
+ fieldPath: status.podIP
+ - name: SDC_USER
+ valueFrom:
+ secretKeyRef: {name: {{ include "common.release" . }}-sdc-cs-secrets, key: sdc_user}
+ - name: SDC_PASSWORD
+ valueFrom:
+ secretKeyRef: {name: {{ include "common.release" . }}-sdc-cs-secrets, key: sdc_password}
+ - name: CS_PASSWORD
+ valueFrom:
+ secretKeyRef: {name: {{ include "common.release" . }}-sdc-cs-secrets, key: cs_password}
+ - name: CS_HOST_IP
+ value: "{{ .Values.global.cassandra.serviceName }}"
+ volumes:
+ - name: {{ include "common.fullname" . }}-environments
+ configMap:
+ name: {{ include "common.release" . }}-sdc-environments-configmap
+ defaultMode: 0755
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
+ restartPolicy: Never
diff --git a/kubernetes/sdc/components/sdc-onboarding-be/templates/service.yaml b/kubernetes/sdc/components/sdc-onboarding-be/templates/service.yaml
new file mode 100644
index 0000000000..ad6650aa86
--- /dev/null
+++ b/kubernetes/sdc/components/sdc-onboarding-be/templates/service.yaml
@@ -0,0 +1,47 @@
+# Copyright © 2017 Amdocs, Bell Canada
+# Modifications Copyright © 2018 AT&T, ZTE
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "common.servicename" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ include "common.release" . }}
+ heritage: {{ .Release.Service }}
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ {{if eq .Values.service.type "NodePort" -}}
+ - port: {{ .Values.service.externalPort }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.portName | default "http" }}
+
+ - port: {{ .Values.service.externalPort2 }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }}
+ name: {{ .Values.service.portName | default "http" }}2
+ {{- else -}}
+ - port: {{ .Values.service.externalPort }}
+ targetPort: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.portName | default "http" }}
+ - port: {{ .Values.service.externalPort2 }}
+ targetPort: {{ .Values.service.internalPort2 }}
+ name: {{ .Values.service.portName | default "http" }}2
+ {{- end}}
+ selector:
+ app: {{ include "common.name" . }}
+ release: {{ include "common.release" . }}