diff options
author | Sylvain Desbureaux <sylvain.desbureaux@orange.com> | 2020-09-10 07:41:02 +0000 |
---|---|---|
committer | Gerrit Code Review <gerrit@onap.org> | 2020-09-10 07:41:02 +0000 |
commit | 8c62083d8ac58e74f16409adf775cb1c49063745 (patch) | |
tree | a1bb88d71983737ab19eabf88931a313d3811882 /kubernetes/sdc/components/sdc-wfd-be/templates/deployment.yaml | |
parent | 86a28cdb200f482bc9a2e1f281ec1c51938f6c2c (diff) | |
parent | 742a7b29bfb6ffb18ef65b0a45ad08de59e52a6e (diff) |
Merge "[SDC] use of certInitializer template"
Diffstat (limited to 'kubernetes/sdc/components/sdc-wfd-be/templates/deployment.yaml')
-rw-r--r-- | kubernetes/sdc/components/sdc-wfd-be/templates/deployment.yaml | 128 |
1 files changed, 128 insertions, 0 deletions
diff --git a/kubernetes/sdc/components/sdc-wfd-be/templates/deployment.yaml b/kubernetes/sdc/components/sdc-wfd-be/templates/deployment.yaml new file mode 100644 index 0000000000..b188cdae98 --- /dev/null +++ b/kubernetes/sdc/components/sdc-wfd-be/templates/deployment.yaml @@ -0,0 +1,128 @@ +# Copyright © 2017 Amdocs, AT&T, Bell Canada +# Modifications Copyright © 2018 ZTE +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +spec: + selector: + matchLabels: + app: {{ include "common.name" . }} + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ include "common.release" . }} + spec: + initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }} + {{- if .Values.initJob.enabled }} + - name: {{ include "common.name" . }}-job-completion + image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: "{{ .Values.global.pullPolicy | default .Values.pullPolicy }}" + command: + - /app/ready.py + args: + - --job-name + - {{ include "common.fullname" . }}-workflow-init + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + {{ end }} + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + {{- if .Values.global.aafEnabled }} + command: + - sh + args: + - "-c" + - | + export $(grep '^c' {{ .Values.certInitializer.credsPath }}/mycreds.prop | xargs -0) + export SERVER_SSL_KEY_PASSWORD=$cadi_keystore_password_p12 + export KEYMANAGER_PASS=$cadi_keystore_password_p12 + export SERVER_SSL_TRUST_PASSWORD=$cadi_truststore_password + export SERVER_SSL_KEYSTORE_PATH={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.keystoreFile }} + export SERVER_SSL_TRUSTSTORE_PATH={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.truststoreFile }} + ./startup.sh + {{- end }} + ports: + - containerPort: {{ template "wfd-be.internalPort" . }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{ if .Values.liveness.enabled }} + livenessProbe: + tcpSocket: + port: {{ template "wfd-be.internalPort" . }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end }} + readinessProbe: + tcpSocket: + port: {{ template "wfd-be.internalPort" . }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + env: + - name: JAVA_OPTIONS + value: {{ .Values.config.javaOptions }} + - name: CS_HOSTS + value: "{{ .Values.global.cassandra.serviceName }}" + - name: CS_PORT + value: "{{ .Values.config.cassandraClientPort }}" + - name: CS_AUTHENTICATE + value: "{{ .Values.config.cassandraAuthenticationEnabled }}" + - name: CS_USER + valueFrom: + secretKeyRef: {name: {{ include "common.release" . }}-sdc-cs-secrets, key: sdc_user} + - name: CS_PASSWORD + valueFrom: + secretKeyRef: {name: {{ include "common.release" . }}-sdc-cs-secrets, key: sdc_password} + - name: CS_SSL_ENABLED + value: "{{ .Values.config.cassandraSSLEnabled }}" + - name: CS_TRUST_STORE_PATH + value: "{{ .Values.config.cassandraTrustStorePath }}" + - name: CS_TRUST_STORE_PASSWORD + valueFrom: + secretKeyRef: {name: {{ include "common.release" . }}-sdc-cs-secrets, key: cs_truststore_password} + - name: SDC_PROTOCOL + value: "{{ .Values.config.sdcProtocol }}" + - name: SDC_ENDPOINT + value: "{{ .Values.config.sdcEndpoint }}" + - name: SDC_USER + value: "{{ .Values.config.sdcExternalUser }}" + - name: SDC_PASSWORD + valueFrom: + secretKeyRef: {name: {{ include "common.release" . }}-sdc-cs-secrets, key: wf_external_user_password} + - name: SERVER_SSL_ENABLED + value: "{{ .Values.config.serverSSLEnabled }}" + - name: SERVER_SSL_KEYSTORE_TYPE + value: "{{ .Values.config.serverSSLKeyStoreType }}" + - name: SERVER_SSL_TRUSTSTORE_TYPE + value: "{{ .Values.config.serverSSLTrustStoreType }}" + volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }} + volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" |