aboutsummaryrefslogtreecommitdiffstats
path: root/kubernetes/sdnc/templates
diff options
context:
space:
mode:
authorAndreas Geissler <andreas-geissler@telekom.de>2023-03-27 17:11:27 +0200
committerAndreas Geissler <andreas-geissler@telekom.de>2023-03-29 17:46:17 +0200
commit2af5079ba7cc09fda2c19a3f627299b3ef655227 (patch)
tree76dd5b7179c384b58a2c1609365a15c21f3c0865 /kubernetes/sdnc/templates
parent2ff70ab60f387a40f1723c0449e29c74fe1e118c (diff)
[SDNC] Chart cleanup from TLS/AAF options
Remove checks and add the usage of common templates Add information about external access to SDNC-callhome and add ingress setup for it Issue-ID: OOM-3122 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de> Change-Id: I7b32832ee31d811c23b4eaa5d43f7aa9d767c353
Diffstat (limited to 'kubernetes/sdnc/templates')
-rwxr-xr-xkubernetes/sdnc/templates/sdnrdb-init-job.yaml15
-rw-r--r--kubernetes/sdnc/templates/service.yaml39
-rw-r--r--kubernetes/sdnc/templates/statefulset.yaml22
3 files changed, 22 insertions, 54 deletions
diff --git a/kubernetes/sdnc/templates/sdnrdb-init-job.yaml b/kubernetes/sdnc/templates/sdnrdb-init-job.yaml
index 9b69481c58..a36b97d39c 100755
--- a/kubernetes/sdnc/templates/sdnrdb-init-job.yaml
+++ b/kubernetes/sdnc/templates/sdnrdb-init-job.yaml
@@ -23,13 +23,6 @@ spec:
metadata: {{ include "common.templateMetadata" . | indent 6}}
spec:
initContainers:
- {{ include "common.certInitializer.initContainer" . | indent 6 }}
- {{ if .Values.global.aafEnabled }}
- - name: {{ include "common.name" . }}-chown
- image: {{ include "repositoryGenerator.image.busybox" . }}
- command: ["sh", "-c", "chown -R {{ .Values.config.odlUid }}:{{ .Values.config.odlGid}} {{ .Values.certInitializer.credsPath }}"]
- volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
- {{ end }}
- name: {{ include "common.name" . }}-readiness
command:
- /app/ready.py
@@ -59,7 +52,7 @@ spec:
sleep 90; "{{ .Values.config.binDir }}/startODL.sh"
env:
- name: SDNC_AAF_ENABLED
- value: "{{ .Values.global.aafEnabled}}"
+ value: "false"
- name: SDNC_HOME
value: "{{.Values.config.sdncHome}}"
- name: ETC_DIR
@@ -70,14 +63,9 @@ spec:
- name: SDNRINIT
value: "true"
- name: SDNRDBURL
- {{ if .Values.global.aafEnabled -}}
- value: "https://{{ .Values.elasticsearch.service.name | default "sdnrdb"}}.{{.Release.Namespace}}:{{.Values.elasticsearch.service.port | default "9200"}}"
- {{- else -}}
value: "http://{{ .Values.elasticsearch.service.name | default "sdnrdb"}}.{{.Release.Namespace}}:{{.Values.elasticsearch.service.port | default "9200"}}"
- {{- end }}
- name: SDNRDBPARAMETER
value: "-k"
- volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
resources: {{ include "common.resources" . | nindent 10 }}
{{- if include "common.onServiceMesh" . }}
- name: sdnrdb-service-mesh-wait-for-job-container
@@ -117,7 +105,6 @@ spec:
configMap:
name: {{ include "common.fullname" . }}-properties
defaultMode: 0644
-{{ include "common.certInitializer.volumes" . | nindent 6 }}
restartPolicy: Never
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/sdnc/templates/service.yaml b/kubernetes/sdnc/templates/service.yaml
index 1fe4ee3ded..3490dff9ab 100644
--- a/kubernetes/sdnc/templates/service.yaml
+++ b/kubernetes/sdnc/templates/service.yaml
@@ -38,17 +38,14 @@ metadata:
}
]'
spec:
- type: NodePort
+ type: {{ if (include "common.ingressEnabled" .) }}ClusterIP{{ else }}NodePort{{ end }}
ports:
- name: "{{ .Values.service.portName }}-restconf"
- {{ if not .Values.global.aafEnabled }}
port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
- {{- else -}}
- port: {{ .Values.service.externalPort4 }}
- targetPort: {{ .Values.service.internalPort4 }}
- {{ end }}
+ {{ if not (include "common.ingressEnabled" .) }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort4 }}
+ {{ end }}
{{ if .Values.config.sdnr.enabled }}
sessionAffinity: ClientIP
{{ end }}
@@ -111,15 +108,13 @@ metadata:
statefulset.kubernetes.io/pod-name: {{ include "common.fullname" . }}-0
spec:
ports:
- - name: {{ .Values.service.portName }}-0-port-{{ .Values.service.internalPort4 }}
- port: {{ .Values.service.clusterPort2 }}
- targetPort: {{ .Values.service.internalPort4 }}
- nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{ .Values.service.geoNodePort4 }}
- name: {{ .Values.service.portName }}-0-port-{{ .Values.service.internalPort }}
port: {{ .Values.service.clusterPort3 }}
targetPort: {{ .Values.service.internalPort }}
+ {{ if not (include "common.ingressEnabled" .) }}
nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{ .Values.service.geoNodePort1 }}
- type: NodePort
+ {{ end }}
+ type: {{ if (include "common.ingressEnabled" .) }}ClusterIP{{ else }}NodePort{{ end }}
selector:
statefulset.kubernetes.io/pod-name: {{ include "common.fullname" . }}-0
{{ end }}
@@ -134,15 +129,13 @@ metadata:
statefulset.kubernetes.io/pod-name: {{ include "common.fullname" . }}-1
spec:
ports:
- - name: {{ .Values.service.portName }}-1-port-{{ .Values.service.internalPort4 }}
- port: {{ .Values.service.clusterPort2 }}
- targetPort: {{ .Values.service.internalPort4 }}
- nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{ .Values.service.geoNodePort5 }}
- name: {{ .Values.service.portName }}-1-port-{{ .Values.service.internalPort }}
port: {{ .Values.service.clusterPort3 }}
targetPort: {{ .Values.service.internalPort }}
+ {{ if not (include "common.ingressEnabled" .) }}
nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{ .Values.service.geoNodePort2 }}
- type: NodePort
+ {{ end }}
+ type: {{ if (include "common.ingressEnabled" .) }}ClusterIP{{ else }}NodePort{{ end }}
selector:
statefulset.kubernetes.io/pod-name: {{ include "common.fullname" . }}-1
{{ end }}
@@ -157,15 +150,13 @@ metadata:
statefulset.kubernetes.io/pod-name: {{ include "common.fullname" . }}-2
spec:
ports:
- - name: {{ .Values.service.portName }}-2-port-{{ .Values.service.internalPort4 }}
- port: {{ .Values.service.clusterPort2 }}
- targetPort: {{ .Values.service.internalPort4 }}
- nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{ .Values.service.geoNodePort6 }}
- name: {{ .Values.service.portName }}-2-port-{{ .Values.service.internalPort }}
port: {{ .Values.service.clusterPort3 }}
targetPort: {{ .Values.service.internalPort }}
+ {{ if not (include "common.ingressEnabled" .) }}
nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{ .Values.service.geoNodePort3 }}
- type: NodePort
+ {{ end }}
+ type: {{ if (include "common.ingressEnabled" .) }}ClusterIP{{ else }}NodePort{{ end }}
selector:
statefulset.kubernetes.io/pod-name: {{ include "common.fullname" . }}-2
{{ end }}
@@ -183,13 +174,15 @@ metadata:
release: {{ include "common.release" . }}
heritage: {{ .Release.Service }}
spec:
- type: NodePort
+ type: {{ if (include "common.ingressEnabled" .) }}ClusterIP{{ else }}NodePort{{ end }}
ports:
- name: "{{ .Values.service.portName }}-callhome"
port: {{ .Values.service.callHomePort }}
targetPort: {{ .Values.service.callHomePort }}
+ {{ if not (include "common.ingressEnabled" .) }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.callHomeNodePort }}
+ {{ end }}
selector:
app.kubernetes.io/name: {{ include "common.name" . }}
app.kubernetes.io/instance: {{ include "common.release" . }}
-{{ end }}
+{{ end }} \ No newline at end of file
diff --git a/kubernetes/sdnc/templates/statefulset.yaml b/kubernetes/sdnc/templates/statefulset.yaml
index d252c9a3fb..8a844f4e9d 100644
--- a/kubernetes/sdnc/templates/statefulset.yaml
+++ b/kubernetes/sdnc/templates/statefulset.yaml
@@ -20,13 +20,10 @@ apiVersion: apps/v1
kind: StatefulSet
metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
spec:
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
- serviceName: {{ include "common.servicename" . }}-cluster
- replicas: {{ .Values.replicaCount }}
selector: {{- include "common.selectors" . | nindent 4 }}
+ serviceName: {{ include "common.servicename" . }}-cluster
podManagementPolicy: Parallel
+ replicas: {{ .Values.replicaCount }}
template:
metadata: {{- include "common.templateMetadata" . | nindent 6 }}
spec:
@@ -116,7 +113,6 @@ spec:
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "oauth-token-secret" "key" "password") | indent 10 }}
- name: KEYCLOAK_SECRET
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "keycloak-secret" "key" "password") | indent 10 }}
-
- name: ENABLE_ODLUX_RBAC
value: "{{ .Values.config.sdnr.oauth.odluxRbac.enabled | default "true" }}"
{{ end }}
@@ -152,8 +148,7 @@ spec:
image: {{ include "repositoryGenerator.image.readiness" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
name: {{ include "common.name" . }}-readiness
- {{ end -}}
-{{ include "common.certInitializer.initContainer" . | indent 6 }}
+ {{ end }}
- name: {{ include "common.name" . }}-chown
image: {{ include "repositoryGenerator.image.busybox" . }}
command:
@@ -165,11 +160,7 @@ spec:
mkdir {{ .Values.persistence.mdsalPath }}/snapshots
mkdir {{ .Values.persistence.mdsalPath }}/daexim
chown -R {{ .Values.config.odlUid }}:{{ .Values.config.odlGid}} {{ .Values.persistence.mdsalPath }}
-{{- if .Values.global.aafEnabled }}
- chown -R {{ .Values.config.odlUid }}:{{ .Values.config.odlGid}} {{ .Values.certInitializer.credsPath }}
-{{- end }}
volumeMounts:
-{{ include "common.certInitializer.volumeMount" . | indent 10 }}
- mountPath: {{ .Values.persistence.mdsalPath }}
name: {{ include "common.fullname" . }}-data
containers:
@@ -268,7 +259,7 @@ spec:
- name: GEO_ENABLED
value: "{{ .Values.config.geoEnabled}}"
- name: SDNC_AAF_ENABLED
- value: "{{ .Values.global.aafEnabled}}"
+ value: "false"
- name: SDNC_REPLICAS
value: "{{ .Values.replicaCount }}"
- name: MYSQL_HOST
@@ -298,8 +289,7 @@ spec:
- name: SDNRONLY
value: "{{ .Values.config.sdnr.sdnronly | default "false" }}"
- name: SDNRDBURL
- {{- $prefix := ternary "https" "http" .Values.global.aafEnabled}}
- value: "{{$prefix}}://{{ .Values.elasticsearch.service.name | default "sdnrdb"}}.{{.Release.Namespace}}:{{.Values.elasticsearch.service.port | default "9200"}}"
+ value: "http://{{ .Values.elasticsearch.service.name | default "sdnrdb"}}.{{.Release.Namespace}}:{{.Values.elasticsearch.service.port | default "9200"}}"
{{- if .Values.config.sdnr.sdnrdbTrustAllCerts }}
- name: SDNRDBTRUSTALLCERTS
value: "true"
@@ -334,7 +324,6 @@ spec:
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "ves-collector-secret" "key" "password") | indent 12 }}
volumeMounts:
-{{ include "common.certInitializer.volumeMount" . | indent 10 }}
{{- if .Values.global.cmpv2Enabled }}
{{ include "common.certManager.volumeMounts" . | indent 10 }}
{{- end }}
@@ -441,7 +430,6 @@ spec:
- name: {{ include "common.fullname" . }}-data
emptyDir: {}
{{ else }}
-{{ include "common.certInitializer.volumes" . | nindent 8 }}
{{- if .Values.global.cmpv2Enabled }}
{{ include "common.certManager.volumes" . | nindent 8 }}
{{- end }}