diff options
author | Agarwal, Ruchira (ra1926) <ra1926@att.com> | 2019-10-01 17:36:24 +0000 |
---|---|---|
committer | Agarwal, Ruchira (ra1926) <ra1926@att.com> | 2020-01-21 20:37:49 +0000 |
commit | ec7c75e84977916ae0262c10a0f4401d946e4dfd (patch) | |
tree | b47623f572a2f4d698816bc1342b8a801ef88968 /kubernetes/sdnc/templates | |
parent | 78211d7aabf6d7612e5c94cecbd40eb3c29a48d6 (diff) |
aaf auto cert generation
Add support for AAF init container for config and cert generation
Issue-ID: SDNC-755
Signed-off-by: Agarwal, Ruchira (ra1926) <ra1926@att.com>
Change-Id: I06ee7921b6dbb1b4b9ca64cf276a374256af3a45
Signed-off-by: Agarwal, Ruchira (ra1926) <ra1926@att.com>
Diffstat (limited to 'kubernetes/sdnc/templates')
-rw-r--r-- | kubernetes/sdnc/templates/secret-aaf.yaml | 15 | ||||
-rw-r--r-- | kubernetes/sdnc/templates/service.yaml | 5 | ||||
-rw-r--r-- | kubernetes/sdnc/templates/statefulset.yaml | 55 |
3 files changed, 75 insertions, 0 deletions
diff --git a/kubernetes/sdnc/templates/secret-aaf.yaml b/kubernetes/sdnc/templates/secret-aaf.yaml new file mode 100644 index 0000000000..cd2e539b28 --- /dev/null +++ b/kubernetes/sdnc/templates/secret-aaf.yaml @@ -0,0 +1,15 @@ +{{ if .Values.global.aafEnabled }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "common.fullname" . }}-aaf + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.fullname" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +type: Opaque +data: + aaf-password: {{ .Values.aaf_init.deploy_pass | b64enc | quote }} +{{ end }} diff --git a/kubernetes/sdnc/templates/service.yaml b/kubernetes/sdnc/templates/service.yaml index db6d73a3c5..d2136ccb0b 100644 --- a/kubernetes/sdnc/templates/service.yaml +++ b/kubernetes/sdnc/templates/service.yaml @@ -40,6 +40,9 @@ spec: {{if eq .Values.service.type "NodePort" -}} - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} + {{ if not .Values.global.aafEnabled }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort4 }} + {{ end }} name: "{{ .Values.service.portName }}-8282" - port: {{ .Values.service.externalPort2 }} targetPort: {{ .Values.service.internalPort2 }} @@ -50,7 +53,9 @@ spec: name: "{{ .Values.service.portName }}-8280" - port: {{ .Values.service.externalPort4 }} targetPort: {{ .Values.service.internalPort4 }} + {{ if .Values.global.aafEnabled }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort4 }} + {{ end }} name: "{{ .Values.service.portName }}-8443" {{- else -}} - port: {{ .Values.service.externalPort }} diff --git a/kubernetes/sdnc/templates/statefulset.yaml b/kubernetes/sdnc/templates/statefulset.yaml index 4ab8d1ccfe..536eaaf552 100644 --- a/kubernetes/sdnc/templates/statefulset.yaml +++ b/kubernetes/sdnc/templates/statefulset.yaml @@ -47,6 +47,59 @@ spec: image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }}-readiness + {{ if .Values.global.aafEnabled }} + - name: {{ include "common.name" . }}-aaf-readiness + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - /root/ready.py + args: + - --container-name + - aaf-locate + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + - name: {{ include "common.name" . }}-aaf + image: {{ .Values.global.repository }}/{{ .Values.aaf_init.agentImage }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - mountPath: {{ .Values.certpersistence.certPath }} + name: {{ include "common.fullname" . }}-certs + command: + - bash + - -c + - | + /opt/app/aaf_config/bin/agent.sh && + cd /opt/app/osaaf/local && + /opt/app/aaf_config/bin/agent.sh local showpass | grep cadi_keystore_password= | cut -d= -f 2 > /opt/app/osaaf/local/.pass 2>&1 + env: + - name: APP_FQI + value: "{{ .Values.aaf_init.fqi }}" + - name: aaf_locate_url + value: "https://aaf-locate.{{ .Release.Namespace}}:8095" + - name: aaf_locator_container + value: "oom" + - name: aaf_locator_container_ns + value: "{{ .Release.Namespace }}" + - name: aaf_locator_fqdn + value: "{{ .Values.aaf_init.fqdn }}" + - name: aaf_locator_app_ns + value: "{{ .Values.aaf_init.app_ns }}" + - name: DEPLOY_FQI + value: "{{ .Values.aaf_init.deploy_fqi }}" + - name: DEPLOY_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "common.fullname" .}}-aaf + key: aaf-password + - name: cadi_longitude + value: "{{ .Values.aaf_init.cadi_longitude }}" + - name: cadi_latitude + value: "{{ .Values.aaf_init.cadi_latitude }}" + {{ end }} - name: {{ include "common.name" . }}-chown image: "busybox" command: ["sh", "-c", "chown -R {{ .Values.config.odlUid }}:{{ .Values.config.odlGid}} {{ .Values.persistence.mdsalPath }} ; chown -R {{ .Values.config.odlUid }}:{{ .Values.config.odlGid}} {{ .Values.certpersistence.certPath }}"] @@ -99,6 +152,8 @@ spec: value: "{{ .Values.config.isPrimaryCluster }}" - name: GEO_ENABLED value: "{{ .Values.config.geoEnabled}}" + - name: SDNC_AAF_ENABLED + value: "{{ .Values.global.aafEnabled}}" - name: SDNC_REPLICAS value: "{{ .Values.replicaCount }}" - name: MYSQL_HOST |