summaryrefslogtreecommitdiffstats
path: root/kubernetes/sdc/components/sdc-wfd-be/templates/deployment.yaml
diff options
context:
space:
mode:
authorSylvain Desbureaux <sylvain.desbureaux@orange.com>2020-09-10 07:41:02 +0000
committerGerrit Code Review <gerrit@onap.org>2020-09-10 07:41:02 +0000
commit8c62083d8ac58e74f16409adf775cb1c49063745 (patch)
treea1bb88d71983737ab19eabf88931a313d3811882 /kubernetes/sdc/components/sdc-wfd-be/templates/deployment.yaml
parent86a28cdb200f482bc9a2e1f281ec1c51938f6c2c (diff)
parent742a7b29bfb6ffb18ef65b0a45ad08de59e52a6e (diff)
Merge "[SDC] use of certInitializer template"
Diffstat (limited to 'kubernetes/sdc/components/sdc-wfd-be/templates/deployment.yaml')
-rw-r--r--kubernetes/sdc/components/sdc-wfd-be/templates/deployment.yaml128
1 files changed, 128 insertions, 0 deletions
diff --git a/kubernetes/sdc/components/sdc-wfd-be/templates/deployment.yaml b/kubernetes/sdc/components/sdc-wfd-be/templates/deployment.yaml
new file mode 100644
index 0000000000..b188cdae98
--- /dev/null
+++ b/kubernetes/sdc/components/sdc-wfd-be/templates/deployment.yaml
@@ -0,0 +1,128 @@
+# Copyright © 2017 Amdocs, AT&T, Bell Canada
+# Modifications Copyright © 2018 ZTE
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ include "common.release" . }}
+ heritage: {{ .Release.Service }}
+spec:
+ selector:
+ matchLabels:
+ app: {{ include "common.name" . }}
+ replicas: {{ .Values.replicaCount }}
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ include "common.release" . }}
+ spec:
+ initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }}
+ {{- if .Values.initJob.enabled }}
+ - name: {{ include "common.name" . }}-job-completion
+ image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}"
+ imagePullPolicy: "{{ .Values.global.pullPolicy | default .Values.pullPolicy }}"
+ command:
+ - /app/ready.py
+ args:
+ - --job-name
+ - {{ include "common.fullname" . }}-workflow-init
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ {{ end }}
+ containers:
+ - name: {{ include "common.name" . }}
+ image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ {{- if .Values.global.aafEnabled }}
+ command:
+ - sh
+ args:
+ - "-c"
+ - |
+ export $(grep '^c' {{ .Values.certInitializer.credsPath }}/mycreds.prop | xargs -0)
+ export SERVER_SSL_KEY_PASSWORD=$cadi_keystore_password_p12
+ export KEYMANAGER_PASS=$cadi_keystore_password_p12
+ export SERVER_SSL_TRUST_PASSWORD=$cadi_truststore_password
+ export SERVER_SSL_KEYSTORE_PATH={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.keystoreFile }}
+ export SERVER_SSL_TRUSTSTORE_PATH={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.truststoreFile }}
+ ./startup.sh
+ {{- end }}
+ ports:
+ - containerPort: {{ template "wfd-be.internalPort" . }}
+ # disable liveness probe when breakpoints set in debugger
+ # so K8s doesn't restart unresponsive container
+ {{ if .Values.liveness.enabled }}
+ livenessProbe:
+ tcpSocket:
+ port: {{ template "wfd-be.internalPort" . }}
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ {{ end }}
+ readinessProbe:
+ tcpSocket:
+ port: {{ template "wfd-be.internalPort" . }}
+ initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.readiness.periodSeconds }}
+ env:
+ - name: JAVA_OPTIONS
+ value: {{ .Values.config.javaOptions }}
+ - name: CS_HOSTS
+ value: "{{ .Values.global.cassandra.serviceName }}"
+ - name: CS_PORT
+ value: "{{ .Values.config.cassandraClientPort }}"
+ - name: CS_AUTHENTICATE
+ value: "{{ .Values.config.cassandraAuthenticationEnabled }}"
+ - name: CS_USER
+ valueFrom:
+ secretKeyRef: {name: {{ include "common.release" . }}-sdc-cs-secrets, key: sdc_user}
+ - name: CS_PASSWORD
+ valueFrom:
+ secretKeyRef: {name: {{ include "common.release" . }}-sdc-cs-secrets, key: sdc_password}
+ - name: CS_SSL_ENABLED
+ value: "{{ .Values.config.cassandraSSLEnabled }}"
+ - name: CS_TRUST_STORE_PATH
+ value: "{{ .Values.config.cassandraTrustStorePath }}"
+ - name: CS_TRUST_STORE_PASSWORD
+ valueFrom:
+ secretKeyRef: {name: {{ include "common.release" . }}-sdc-cs-secrets, key: cs_truststore_password}
+ - name: SDC_PROTOCOL
+ value: "{{ .Values.config.sdcProtocol }}"
+ - name: SDC_ENDPOINT
+ value: "{{ .Values.config.sdcEndpoint }}"
+ - name: SDC_USER
+ value: "{{ .Values.config.sdcExternalUser }}"
+ - name: SDC_PASSWORD
+ valueFrom:
+ secretKeyRef: {name: {{ include "common.release" . }}-sdc-cs-secrets, key: wf_external_user_password}
+ - name: SERVER_SSL_ENABLED
+ value: "{{ .Values.config.serverSSLEnabled }}"
+ - name: SERVER_SSL_KEYSTORE_TYPE
+ value: "{{ .Values.config.serverSSLKeyStoreType }}"
+ - name: SERVER_SSL_TRUSTSTORE_TYPE
+ value: "{{ .Values.config.serverSSLTrustStoreType }}"
+ volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
+ volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }}
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"