diff options
Diffstat (limited to 'kubernetes/aaf/charts')
44 files changed, 456 insertions, 1649 deletions
diff --git a/kubernetes/aaf/charts/aaf-cass/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-cass/templates/deployment.yaml index eb785e2d9b..309a9f38c6 100644 --- a/kubernetes/aaf/charts/aaf-cass/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-cass/templates/deployment.yaml @@ -1,4 +1,5 @@ # Copyright © 2017 Amdocs, Bell Canada +# Modifications © 2020 Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -12,23 +13,14 @@ # See the License for the specific language governing permissions and # limitations under the License. -apiVersion: extensions/v1beta1 +apiVersion: apps/v1 kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} +metadata: {{- include "common.resourceMetadata" . | nindent 2 }} spec: - replicas: {{ .Values.global.aaf.cass.replicas }} + selector: {{- include "common.selectors" . | nindent 4 }} + replicas: {{ .Values.replicaCount }} template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} + metadata: {{- include "common.templateMetadata" . | nindent 6 }} spec: initContainers: - name: fix-permission @@ -37,47 +29,38 @@ spec: args: - -c - | - chmod -R 775 /opt/app/aaf/status chown -R 1000:1000 /opt/app/aaf/status - chmod -R 775 /var/lib/cassandra chown -R 1000:1000 /var/lib/cassandra image: "{{ .Values.global.busyboxRepository }}/{{ .Values.global.busyboxImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: - - mountPath: /opt/app/aaf/status - name: aaf-status-vol - mountPath: /var/lib/cassandra name: aaf-cass-vol + resources: + limits: + cpu: 100m + memory: 100Mi + requests: + cpu: 30m + memory: 100Mi containers: - name: {{ include "common.name" . }} - image: {{ .Values.global.repository }}/{{.Values.global.aaf.cass.image}} + image: {{ include "common.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} # installing with cmd "onap" will not only initialize the DB, but add ONAP bootstrap data as well command: ["/bin/bash","/opt/app/aaf/cass_init/cmd.sh","onap"] - lifecycle: - preStop: - exec: - command: ["/bin/sh","-c","rm /opt/app/aaf/status/aaf-cass"] - ports: - - name: storage - containerPort: {{.Values.global.aaf.cass.storage_port}} - - name: ssl-storage - containerPort: {{.Values.global.aaf.cass.ssl_storage_port}} - - name: native-trans - containerPort: {{.Values.global.aaf.cass.native_trans_port}} - - name: rpc - containerPort: {{.Values.global.aaf.cass.rpc_port}} + ports: {{ include "common.containerPorts" . | nindent 10 }} env: - name: CASSANDRA_CLUSTER_NAME - value: {{.Values.global.aaf.cass.cluster_name}} + value: {{ .Values.config.cluster_name }} - name: CASSANDRA_DC - value: {{.Values.global.aaf.cass.dc}} + value: {{ .Values.config.dc }} - name: CQLSH value: "/opt/cassandra/bin/cqlsh" - name: HEAP_NEWSIZE - value: {{.Values.global.aaf.cass.heap_new_size}} + value: {{ .Values.config.heap_new_size }} - name: MAX_HEAP_SIZE - value: {{.Values.global.aaf.cass.max_heap_size}} + value: {{ .Values.config.max_heap_size }} - name: MY_POD_NAME valueFrom: fieldRef: @@ -93,44 +76,36 @@ spec: volumeMounts: - mountPath: /var/lib/cassandra name: aaf-cass-vol - - mountPath: /opt/app/aaf/status - name: aaf-status-vol - mountPath: /etc/localtime name: localtime readOnly: true {{- if eq .Values.liveness.enabled true }} livenessProbe: tcpSocket: - port: {{.Values.global.aaf.cass.native_trans_port}} + port: tcp-cql initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} {{ end -}} readinessProbe: tcpSocket: - port: {{.Values.global.aaf.cass.native_trans_port}} + port: tcp-cql initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} - resources: -{{ include "common.resources" . | indent 10 }} + resources: {{ include "common.resources" . | nindent 10 }} {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 10 }} + nodeSelector: {{ toYaml .Values.nodeSelector | nindent 10 }} {{- end -}} {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 10 }} + affinity: {{ toYaml .Values.affinity | nindent 10 }} {{- end }} volumes: - name: localtime hostPath: path: /etc/localtime - - name: aaf-status-vol - persistentVolumeClaim: - claimName: {{ include "common.release" . }}-aaf-status - name: aaf-cass-vol {{- if .Values.persistence.enabled }} persistentVolumeClaim: - claimName: {{ include "common.fullname" . }}-data + claimName: {{ include "common.fullname" . }} {{- else }} emptyDir: {} {{- end }} diff --git a/kubernetes/aaf/charts/aaf-cass/templates/pv.yaml b/kubernetes/aaf/charts/aaf-cass/templates/pv.yaml index 0f0a30585b..187e9b75de 100644 --- a/kubernetes/aaf/charts/aaf-cass/templates/pv.yaml +++ b/kubernetes/aaf/charts/aaf-cass/templates/pv.yaml @@ -1,5 +1,6 @@ {{/* # Copyright © 2017 Amdocs, Bell Canada +# Modifications © 2020 Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -14,27 +15,4 @@ # limitations under the License. */}} -{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) }} -{{- if eq "True" (include "common.needPV" .) }} -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }}-data - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: {{ include "common.release" . }} - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }} -spec: - capacity: - storage: {{ .Values.persistence.size}} - accessModes: - - {{ .Values.persistence.accessMode }} - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ include "common.release" . }}/{{ .Values.persistence.mountSubPath }} - storageClassName: "{{ include "common.fullname" . }}-data" -{{- end -}} -{{- end -}} +{{ include "common.PV" . }} diff --git a/kubernetes/aaf/charts/aaf-cass/templates/pvc.yaml b/kubernetes/aaf/charts/aaf-cass/templates/pvc.yaml index 3cc43560e4..e56c98751c 100644 --- a/kubernetes/aaf/charts/aaf-cass/templates/pvc.yaml +++ b/kubernetes/aaf/charts/aaf-cass/templates/pvc.yaml @@ -1,5 +1,6 @@ {{/* # Copyright © 2017 Amdocs, Bell Canada +# Modifications © 2020 Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -14,26 +15,4 @@ # limitations under the License. */}} -{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: {{ include "common.fullname" .}}-data - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ include "common.release" . }}" - heritage: "{{ .Release.Service }}" -{{- if .Values.persistence.annotations }} - annotations: -{{ toYaml .Values.persistence.annotations | indent 4 }} -{{- end }} -spec: - accessModes: - - {{ .Values.persistence.accessMode }} - resources: - requests: - storage: {{ .Values.persistence.size }} - storageClassName: {{ include "common.storageClass" . }} -{{- end -}} +{{ include "common.PVC" . }} diff --git a/kubernetes/aaf/charts/aaf-cass/templates/service.yaml b/kubernetes/aaf/charts/aaf-cass/templates/service.yaml index d5c615f55d..8f80ee12a2 100644 --- a/kubernetes/aaf/charts/aaf-cass/templates/service.yaml +++ b/kubernetes/aaf/charts/aaf-cass/templates/service.yaml @@ -1,4 +1,5 @@ # Copyright © 2017 Amdocs, Bell Canada +# Modifications © 2020 Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -12,38 +13,4 @@ # See the License for the specific language governing permissions and # limitations under the License. -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -# annotations: -# service.alpha.kubernetes.io/tolerate-unready-endpoints: "true" -spec: - type: {{ .Values.service.type }} - ports: - - name: storage - protocol: TCP - port: {{.Values.global.aaf.cass.storage_port}} - containerPort: {{.Values.global.aaf.cass.storage_port}} - - name: ssl-storage - protocol: TCP - port: {{.Values.global.aaf.cass.ssl_storage_port}} - containerPort: {{.Values.global.aaf.cass.ssl_storage_port}} - - name: native-trans - protocol: TCP - port: {{.Values.global.aaf.cass.native_trans_port}} - containerPort: {{.Values.global.aaf.cass.native_trans_port}} - - name: rpc - protocol: TCP - port: {{.Values.global.aaf.cass.rpc_port}} - containerPort: {{.Values.global.aaf.cass.rpc_port}} - selector: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} - clusterIP: None +{{ include "common.service" . }} diff --git a/kubernetes/aaf/charts/aaf-cass/values.yaml b/kubernetes/aaf/charts/aaf-cass/values.yaml index 9f6ec565f4..3d9f21e297 100644 --- a/kubernetes/aaf/charts/aaf-cass/values.yaml +++ b/kubernetes/aaf/charts/aaf-cass/values.yaml @@ -1,5 +1,5 @@ # Copyright © 2017 Amdocs, Bell Canada -# Modifications © 2020 AT&T +# Modifications © 2020 AT&T, Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -19,7 +19,7 @@ flavor: small # Application configuration defaults. ################################################################# # application configuration -config: {} +replicaCount: 1 nodeSelector: {} @@ -32,6 +32,15 @@ liveness: # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true + port: tcp-cql + +image: onap/aaf/aaf_cass:2.1.20 + +config: + cluster_name: osaaf + heap_new_size: 512M + max_heap_size: 1024M + dc: dc1 readiness: initialDelaySeconds: 5 @@ -40,39 +49,36 @@ readiness: service: name: aaf-cass type: ClusterIP - portName: aaf-cass - #targetPort - internalPort: 7000 - #port - externalPort: 7000 - - internalPort2: 7001 - externalPort2: 7001 - internalPort3: 9042 - externalPort3: 9042 - internalPort4: 9160 - externalPort4: 9160 + ports: + - name: tcp-intra + port: 7000 + - name: tls + port: 7001 + - name: tcp-cql + port: 9042 + - name: tcp-thrift + port: 9160 ingress: enabled: false # Configure resource requests and limits resources: - small: - limits: - cpu: 2100m - memory: 1792Mi - requests: - cpu: 30m - memory: 1280Mi - large: - limits: - cpu: 4 - memory: 12000Mi - requests: - cpu: 40m - memory: 9000Mi - unlimited: {} + small: + limits: + cpu: 2100m + memory: 1792Mi + requests: + cpu: 30m + memory: 1280Mi + large: + limits: + cpu: 4 + memory: 12000Mi + requests: + cpu: 40m + memory: 9000Mi + unlimited: {} persistence: enabled: true diff --git a/kubernetes/aaf/charts/aaf-cm/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-cm/templates/deployment.yaml index b823acd3d5..5074c8bc08 100644 --- a/kubernetes/aaf/charts/aaf-cm/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-cm/templates/deployment.yaml @@ -1,4 +1,5 @@ -# Copyright © 2017 Amdocs, Bell Canada +# Copyright © 2017 Amdocs +# Modifications © 2020 Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -12,128 +13,4 @@ # See the License for the specific language governing permissions and # limitations under the License. -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} -spec: - replicas: {{ .Values.global.aaf.cm.replicas }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} - spec: - initContainers: - - name: fix-permission - command: - - /bin/sh - args: - - -c - - | - chmod -R 775 /opt/app/aaf/status - chown -R 1000:1000 /opt/app/aaf/status - chmod -R 775 /opt/app/osaaf - chown -R 1000:1000 /opt/app/osaaf - image: "{{ .Values.global.busyboxRepository }}/{{ .Values.global.busyboxImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - - mountPath: /opt/app/aaf/status - name: aaf-status-vol - - mountPath: /opt/app/osaaf - name: aaf-config-vol - - name: {{ include "common.name" . }}-config-container - image: {{ .Values.global.repository }}/{{.Values.global.aaf.config.image}} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: ["bash","-c","cd /opt/app/aaf_config && bin/pod_wait.sh config aaf-service aaf-locate remove && bin/agent.sh"] - volumeMounts: - - mountPath: "/opt/app/osaaf" - name: aaf-config-vol - - mountPath: "/opt/app/aaf/status" - name: aaf-status-vol - env: - - name: aaf_env - value: "{{ .Values.global.aaf.aaf_env }}" - - name: cadi_latitude - value: "{{ .Values.global.aaf.cadi_latitude }}" - - name: cadi_longitude - value: "{{ .Values.global.aaf.cadi_longitude }}" - - name: cadi_x509_issuers - value: "{{ .Values.global.aaf.cadi_x509_issuers }}" - - name: aaf_locate_url - value: "https://aaf-locate.{{ .Release.Namespace}}:{{.Values.global.aaf.locate.internal_port}}" - - name: aaf_locator_container - value: "oom" - - name: aaf_release - value: "{{ .Values.global.aaf.aaf_release }}" - - name: aaf_locator_container_ns - value: "{{ .Release.Namespace }}" - - name: aaf_locator_public_fqdn - value: "{{.Values.global.aaf.public_fqdn}}" - - name: aaf_locator_name - value: "{{.Values.global.aaf.aaf_locator_name}}" - - name: aaf_locator_name_oom - value: "{{.Values.global.aaf.aaf_locator_name_oom}}" - - name: cm_always_ignore_ips - value: "true" - - name: CASSANDRA_CLUSTER - value: "{{.Values.global.aaf.cass.fqdn}}.{{ .Release.Namespace }}" -# - name: CASSANDRA_USER -# value: "" -# - name: CASSANDRA_PASSWORD -# value: "" -# - name: CASSANDRA_PORT -# value: "" - containers: - - name: {{ include "common.name" . }} - command: ["/bin/bash","-c","cd /opt/app/aaf && /bin/bash bin/pod_wait.sh aaf-cm aaf-locate && exec bin/cm"] - image: {{ .Values.global.repository }}/{{.Values.global.aaf.image}} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - - mountPath: "/opt/app/osaaf" - name: aaf-config-vol - - mountPath: "/opt/app/aaf/status" - name: aaf-status-vol - - mountPath: /etc/localtime - name: localtime - readOnly: true - {{- if eq .Values.liveness.enabled true }} - livenessProbe: - tcpSocket: - port: {{ .Values.global.aaf.cm.internal_port }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - {{ end -}} - readinessProbe: - tcpSocket: - port: {{ .Values.global.aaf.cm.internal_port }} - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - resources: -{{ include "common.resources" . | indent 12 }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 10 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 10 }} - {{- end }} - volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name: aaf-status-vol - persistentVolumeClaim: - claimName: {{ include "common.release" . }}-aaf-status - - name: aaf-config-vol - persistentVolumeClaim: - claimName: {{ include "common.release" . }}-aaf-config - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" +{{ include "aaf.deployment" . }} diff --git a/kubernetes/aaf/charts/aaf-cm/templates/service.yaml b/kubernetes/aaf/charts/aaf-cm/templates/service.yaml index 28462f2edf..e54c4f3057 100644 --- a/kubernetes/aaf/charts/aaf-cm/templates/service.yaml +++ b/kubernetes/aaf/charts/aaf-cm/templates/service.yaml @@ -1,4 +1,5 @@ -# Copyright © 2017 Amdocs, Bell Canada +# Copyright © 2017 Amdocs, Orange +# Modifications © 2020 Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -12,22 +13,4 @@ # See the License for the specific language governing permissions and # limitations under the License. -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - ports: - - port: {{ .Values.global.aaf.cm.internal_port }} - nodePort: {{ .Values.global.aaf.cm.public_port }} - name: aaf-cm - selector: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} - type: "NodePort" +{{ include "common.service" . }} diff --git a/kubernetes/aaf/charts/aaf-cm/values.yaml b/kubernetes/aaf/charts/aaf-cm/values.yaml index befbdc191d..c391369db6 100644 --- a/kubernetes/aaf/charts/aaf-cm/values.yaml +++ b/kubernetes/aaf/charts/aaf-cm/values.yaml @@ -19,6 +19,13 @@ flavor: small # Application configuration defaults. ################################################################# # application image +replicaCount: 1 + +binary: cm + +sequence_order: + - service + - locate nodeSelector: {} @@ -26,24 +33,25 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 120 + initialDelaySeconds: 30 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true + port: api readiness: initialDelaySeconds: 5 periodSeconds: 10 + port: api service: name: aaf-cm type: ClusterIP - portName: aaf-cm - #targetPort - internalPort: 8150 - #port - externalPort: 8150 + ports: + - name: api + protocol: http + port: 8150 ingress: enabled: false @@ -52,22 +60,22 @@ ingress: name: "aaf-cm" port: 8150 config: - ssl: "none" + ssl: "redirect" # Configure resource requests and limits resources: - small: - limits: - cpu: 400m - memory: 300Mi - requests: - cpu: 1m - memory: 200Mi - large: - limits: - cpu: 400m - memory: 1Gi - requests: - cpu: 40m - memory: 600Mi - unlimited: {} + small: + limits: + cpu: 400m + memory: 300Mi + requests: + cpu: 1m + memory: 200Mi + large: + limits: + cpu: 400m + memory: 1Gi + requests: + cpu: 40m + memory: 600Mi + unlimited: {} diff --git a/kubernetes/aaf/charts/aaf-fs/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-fs/templates/deployment.yaml index 2e8e41e637..c36750809c 100644 --- a/kubernetes/aaf/charts/aaf-fs/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-fs/templates/deployment.yaml @@ -1,4 +1,5 @@ -# Copyright © 2017 Amdocs, Bell Canada +# Copyright © 2017 Amdocs, Orange +# Modifications © 2020 Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -12,128 +13,4 @@ # See the License for the specific language governing permissions and # limitations under the License. -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} -spec: - replicas: {{ .Values.global.aaf.fs.replicas }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} - spec: - initContainers: - - name: fix-permission - command: - - /bin/sh - args: - - -c - - | - chmod -R 775 /opt/app/aaf/status - chown -R 1000:1000 /opt/app/aaf/status - chmod -R 775 /opt/app/osaaf - chown -R 1000:1000 /opt/app/osaaf - image: "{{ .Values.global.busyboxRepository }}/{{ .Values.global.busyboxImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - - mountPath: /opt/app/osaaf - name: aaf-config-vol - - mountPath: /opt/app/aaf/status - name: aaf-status-vol - - name: {{ include "common.name" . }}-config-container - image: {{ .Values.global.repository }}/{{.Values.global.aaf.config.image}} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: ["bash","-c","cd /opt/app/aaf_config && bin/pod_wait.sh config aaf-service aaf-locate remove && bin/agent.sh"] - volumeMounts: - - mountPath: "/opt/app/osaaf" - name: aaf-config-vol - - mountPath: "/opt/app/aaf/status" - name: aaf-status-vol - env: - - name: aaf_env - value: "{{ .Values.global.aaf.aaf_env }}" - - name: cadi_latitude - value: "{{ .Values.global.aaf.cadi_latitude }}" - - name: cadi_longitude - value: "{{ .Values.global.aaf.cadi_longitude }}" - - name: cadi_x509_issuers - value: "{{ .Values.global.aaf.cadi_x509_issuers }}" - - name: aaf_locate_url - value: "https://aaf-locate.{{ .Release.Namespace}}:{{.Values.global.aaf.locate.internal_port}}" - - name: aaf_locator_container - value: "oom" - - name: aaf_release - value: "{{ .Values.global.aaf.aaf_release }}" - - name: aaf_locator_container_ns - value: "{{ .Release.Namespace }}" - - name: aaf_locator_public_fqdn - value: "{{.Values.global.aaf.public_fqdn}}" - - name: aaf_locator_name - value: "{{.Values.global.aaf.aaf_locator_name}}" - - name: aaf_locator_name_oom - value: "{{.Values.global.aaf.aaf_locator_name_oom}}" - - name: cm_always_ignore_ips - value: "true" - - name: CASSANDRA_CLUSTER - value: "{{.Values.global.aaf.cass.fqdn}}.{{ .Release.Namespace }}" -# - name: CASSANDRA_USER -# value: "" -# - name: CASSANDRA_PASSWORD -# value: "" -# - name: CASSANDRA_PORT -# value: "" - containers: - - name: {{ include "common.name" . }} - command: ["/bin/bash","-c","cd /opt/app/aaf && /bin/bash bin/pod_wait.sh aaf-fs aaf-locate && exec bin/fs"] - image: {{ .Values.global.repository }}/{{.Values.global.aaf.image}} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - - mountPath: "/opt/app/osaaf" - name: aaf-config-vol - - mountPath: "/opt/app/aaf/status" - name: aaf-status-vol - - mountPath: /etc/localtime - name: localtime - readOnly: true - {{- if eq .Values.liveness.enabled true }} - livenessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - {{ end -}} - readinessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - resources: -{{ include "common.resources" . | indent 12 }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 10 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 10 }} - {{- end }} - volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name: aaf-status-vol - persistentVolumeClaim: - claimName: {{ include "common.release" . }}-aaf-status - - name: aaf-config-vol - persistentVolumeClaim: - claimName: {{ include "common.release" . }}-aaf-config - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" +{{ include "aaf.deployment" . }} diff --git a/kubernetes/aaf/charts/aaf-fs/templates/service.yaml b/kubernetes/aaf/charts/aaf-fs/templates/service.yaml index b81635f74d..e54c4f3057 100644 --- a/kubernetes/aaf/charts/aaf-fs/templates/service.yaml +++ b/kubernetes/aaf/charts/aaf-fs/templates/service.yaml @@ -1,4 +1,5 @@ -# Copyright © 2017 Amdocs, Bell Canada +# Copyright © 2017 Amdocs, Orange +# Modifications © 2020 Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -12,22 +13,4 @@ # See the License for the specific language governing permissions and # limitations under the License. -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - ports: - - port: {{ .Values.global.aaf.fs.internal_port }} - nodePort: {{ .Values.global.aaf.fs.public_port }} - name: aaf-hello - selector: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} - type: "NodePort" +{{ include "common.service" . }} diff --git a/kubernetes/aaf/charts/aaf-fs/values.yaml b/kubernetes/aaf/charts/aaf-fs/values.yaml index 4b12bd0deb..6ddc07278b 100644 --- a/kubernetes/aaf/charts/aaf-fs/values.yaml +++ b/kubernetes/aaf/charts/aaf-fs/values.yaml @@ -1,5 +1,5 @@ # Copyright © 2017 Amdocs, Bell Canada -# Modifications © 2020 AT&T +# Modifications © 2020 AT&T, Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -21,6 +21,13 @@ flavor: small # application image pullPolicy: Always +replicaCount: 1 + +binary: fs + +sequence_order: + - service + - locate nodeSelector: {} @@ -33,19 +40,20 @@ liveness: # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true + port: api readiness: initialDelaySeconds: 5 periodSeconds: 10 + port: api service: name: aaf-fs type: ClusterIP - portName: aaf-fs - #targetPort - internalPort: 8096 - #port - externalPort: 8096 + ports: + - name: api + port: 8096 + protocol: http ingress: enabled: false @@ -58,18 +66,18 @@ ingress: # Configure resource requests and limits resources: - small: - limits: - cpu: 200m - memory: 110Mi - requests: - cpu: 1m - memory: 80Mi - large: - limits: - cpu: 500m - memory: 700Mi - requests: - cpu: 100m - memory: 400Mi - unlimited: {} + small: + limits: + cpu: 200m + memory: 110Mi + requests: + cpu: 1m + memory: 80Mi + large: + limits: + cpu: 500m + memory: 700Mi + requests: + cpu: 100m + memory: 400Mi + unlimited: {} diff --git a/kubernetes/aaf/charts/aaf-gui/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-gui/templates/deployment.yaml index cbf68aad37..c36750809c 100644 --- a/kubernetes/aaf/charts/aaf-gui/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-gui/templates/deployment.yaml @@ -1,4 +1,5 @@ -# Copyright © 2017 Amdocs, Bell Canada +# Copyright © 2017 Amdocs, Orange +# Modifications © 2020 Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -12,128 +13,4 @@ # See the License for the specific language governing permissions and # limitations under the License. -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} -spec: - replicas: {{ .Values.global.aaf.gui.replicas }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} - spec: - initContainers: - - name: fix-permission - command: - - /bin/sh - args: - - -c - - | - chmod -R 775 /opt/app/aaf/status - chown -R 1000:1000 /opt/app/aaf/status - chmod -R 775 /opt/app/osaaf - chown -R 1000:1000 /opt/app/osaaf - image: "{{ .Values.global.busyboxRepository }}/{{ .Values.global.busyboxImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - - mountPath: /opt/app/osaaf - name: aaf-config-vol - - mountPath: /opt/app/aaf/status - name: aaf-status-vol - - name: {{ include "common.name" . }}-config-container - image: {{ .Values.global.repository }}/{{.Values.global.aaf.config.image}} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: ["bash","-c","cd /opt/app/aaf_config && bin/pod_wait.sh config aaf-service aaf-locate remove && bin/agent.sh"] - volumeMounts: - - mountPath: "/opt/app/osaaf" - name: aaf-config-vol - - mountPath: "/opt/app/aaf/status" - name: aaf-status-vol - env: - - name: aaf_env - value: "{{ .Values.global.aaf.aaf_env }}" - - name: cadi_latitude - value: "{{ .Values.global.aaf.cadi_latitude }}" - - name: cadi_longitude - value: "{{ .Values.global.aaf.cadi_longitude }}" - - name: cadi_x509_issuers - value: "{{ .Values.global.aaf.cadi_x509_issuers }}" - - name: aaf_locate_url - value: "https://aaf-locate.{{ .Release.Namespace}}:{{.Values.global.aaf.locate.internal_port}}" - - name: aaf_locator_container - value: "oom" - - name: aaf_release - value: "{{ .Values.global.aaf.aaf_release }}" - - name: aaf_locator_container_ns - value: "{{ .Release.Namespace }}" - - name: aaf_locator_public_fqdn - value: "{{.Values.global.aaf.public_fqdn}}" - - name: aaf_locator_name - value: "{{.Values.global.aaf.aaf_locator_name}}" - - name: aaf_locator_name_oom - value: "{{.Values.global.aaf.aaf_locator_name_oom}}" - - name: cm_always_ignore_ips - value: "true" - - name: CASSANDRA_CLUSTER - value: "{{.Values.global.aaf.cass.fqdn}}.{{ .Release.Namespace }}" -# - name: CASSANDRA_USER -# value: "" -# - name: CASSANDRA_PASSWORD -# value: "" -# - name: CASSANDRA_PORT -# value: "" - containers: - - name: {{ include "common.name" . }} - command: ["/bin/bash","-c","cd /opt/app/aaf && /bin/bash bin/pod_wait.sh aaf-gui aaf-locate && exec bin/gui"] - image: {{ .Values.global.repository }}/{{.Values.global.aaf.image}} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - - mountPath: "/opt/app/osaaf" - name: aaf-config-vol - - mountPath: "/opt/app/aaf/status" - name: aaf-status-vol - - mountPath: /etc/localtime - name: localtime - readOnly: true - {{- if eq .Values.liveness.enabled true }} - livenessProbe: - tcpSocket: - port: {{ .Values.global.aaf.gui.internal_port }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - {{ end -}} - readinessProbe: - tcpSocket: - port: {{ .Values.global.aaf.gui.internal_port }} - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - resources: -{{ include "common.resources" . | indent 12 }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 10 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 10 }} - {{- end }} - volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name: aaf-status-vol - persistentVolumeClaim: - claimName: {{ include "common.release" . }}-aaf-status - - name: aaf-config-vol - persistentVolumeClaim: - claimName: {{ include "common.release" . }}-aaf-config - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" +{{ include "aaf.deployment" . }} diff --git a/kubernetes/aaf/charts/aaf-gui/templates/service.yaml b/kubernetes/aaf/charts/aaf-gui/templates/service.yaml index 7dc4468598..e54c4f3057 100644 --- a/kubernetes/aaf/charts/aaf-gui/templates/service.yaml +++ b/kubernetes/aaf/charts/aaf-gui/templates/service.yaml @@ -1,4 +1,5 @@ -# Copyright © 2017 Amdocs, Bell Canada +# Copyright © 2017 Amdocs, Orange +# Modifications © 2020 Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -12,22 +13,4 @@ # See the License for the specific language governing permissions and # limitations under the License. -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - ports: - - port: {{ .Values.global.aaf.gui.internal_port }} - nodePort: {{ .Values.global.aaf.gui.public_port }} - name: aaf-gui - selector: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} - type: "NodePort" +{{ include "common.service" . }} diff --git a/kubernetes/aaf/charts/aaf-gui/values.yaml b/kubernetes/aaf/charts/aaf-gui/values.yaml index bc013d07f7..f418fd5b41 100644 --- a/kubernetes/aaf/charts/aaf-gui/values.yaml +++ b/kubernetes/aaf/charts/aaf-gui/values.yaml @@ -20,6 +20,13 @@ flavor: small # application image pullPolicy: Always +replicaCount: 1 + +binary: gui + +sequence_order: + - service + - locate nodeSelector: {} @@ -27,25 +34,26 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 120 + initialDelaySeconds: 30 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true + port: gui readiness: initialDelaySeconds: 5 periodSeconds: 10 + port: gui service: name: aaf-gui type: NodePort - portName: aaf-gui - #targetPort - internalPort: 8200 - #port - externalPort: 8200 - nodePort: 51 + ports: + - name: gui + protocol: http + port: 8200 + nodePort: 51 ingress: enabled: false @@ -54,22 +62,22 @@ ingress: name: "aaf-gui" port: 8200 config: - ssl: "none" + ssl: "redirect" # Configure resource requests and limits resources: - small: - limits: - cpu: 200m - memory: 280Mi - requests: - cpu: 1m - memory: 170Mi - large: - limits: - cpu: 200m - memory: 1Gi - requests: - cpu: 100m - memory: 500Mi - unlimited: {} + small: + limits: + cpu: 200m + memory: 280Mi + requests: + cpu: 1m + memory: 170Mi + large: + limits: + cpu: 200m + memory: 1Gi + requests: + cpu: 100m + memory: 500Mi + unlimited: {} diff --git a/kubernetes/aaf/charts/aaf-hello/templates/aaf-hello-pv.yaml b/kubernetes/aaf/charts/aaf-hello/templates/aaf-hello-pv.yaml deleted file mode 100644 index d2b4f0c76f..0000000000 --- a/kubernetes/aaf/charts/aaf-hello/templates/aaf-hello-pv.yaml +++ /dev/null @@ -1,46 +0,0 @@ -{{- if ne 0 (int .Values.global.aaf.hello.replicas) }} -{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} -{{- if eq "True" (include "common.needPV" .) -}} -######### -## ============LICENSE_START==================================================== -## org.onap.aaf -## =========================================================================== -## Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. -## =========================================================================== -## Licensed under the Apache License, Version 2.0 (the "License"); -## you may not use this file except in compliance with the License. -## You may obtain a copy of the License at -## -## http://www.apache.org/licenses/LICENSE-2.0 -## -## Unless required by applicable law or agreed to in writing, software -## distributed under the License is distributed on an "AS IS" BASIS, -## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -## See the License for the specific language governing permissions and -## limitations under the License. -## ============LICENSE_END==================================================== -## - -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.release" . }}-aaf-hello-pv - namespace: {{ include "common.namespace" . }} - labels: - app: {{ .Chart.Name }}-hello - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: {{ include "common.release" . }} - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }} -spec: - capacity: - storage: {{ .Values.persistence.size}} - accessModes: - - {{ .Values.persistence.accessMode }} - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ include "common.release" . }}/{{ .Values.persistence.mountSubPath }} - storageClassName: "{{ include "common.fullname" . }}-data" -{{- end -}} -{{- end -}} -{{- end -}} diff --git a/kubernetes/aaf/charts/aaf-hello/templates/aaf-hello-pvc.yaml b/kubernetes/aaf/charts/aaf-hello/templates/aaf-hello-pvc.yaml deleted file mode 100644 index fc148f63d6..0000000000 --- a/kubernetes/aaf/charts/aaf-hello/templates/aaf-hello-pvc.yaml +++ /dev/null @@ -1,44 +0,0 @@ -{{- if ne 0 (int .Values.global.aaf.hello.replicas) }} -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} -######### -## ============LICENSE_START==================================================== -## org.onap.aaf -## =========================================================================== -## Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. -## =========================================================================== -## Licensed under the Apache License, Version 2.0 (the "License"); -## you may not use this file except in compliance with the License. -## You may obtain a copy of the License at -## -## http://www.apache.org/licenses/LICENSE-2.0 -## -## Unless required by applicable law or agreed to in writing, software -## distributed under the License is distributed on an "AS IS" BASIS, -## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -## See the License for the specific language governing permissions and -## limitations under the License. -## ============LICENSE_END==================================================== -## -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: {{ include "common.release" . }}-aaf-hello-pvc - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ include "common.release" . }}" - heritage: "{{ .Release.Service }}" -{{- if .Values.persistence.annotations }} - annotations: -{{ toYaml .Values.persistence.annotations | indent 4 }} -{{- end }} -spec: - accessModes: - - {{ .Values.persistence.config.accessMode }} - resources: - requests: - storage: {{ .Values.persistence.config.size }} - storageClassName: {{ include "common.storageClass" . }} -{{- end -}} -{{- end -}} diff --git a/kubernetes/aaf/charts/aaf-hello/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-hello/templates/deployment.yaml index 1e120bd0ad..891b829f43 100644 --- a/kubernetes/aaf/charts/aaf-hello/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-hello/templates/deployment.yaml @@ -1,4 +1,5 @@ # Copyright © 2017 Amdocs, Bell Canada +# Modifications © 2020 Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -11,112 +12,49 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. -apiVersion: extensions/v1beta1 +apiVersion: apps/v1 kind: Deployment -metadata: - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} +metadata: {{- include "common.resourceMetadata" . | nindent 2 }} spec: - replicas: {{ .Values.global.aaf.hello.replicas }} + selector: {{- include "common.selectors" . | nindent 4 }} + replicas: {{ .Values.replicaCount }} template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} + metadata: {{- include "common.templateMetadata" . | nindent 6 }} spec: - volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name: aaf-hello-vol - {{- if and .Values.persistence.enabled }} - persistentVolumeClaim: - claimName: {{ include "common.release" . }}-aaf-hello-pvc - {{- else }} - emptyDir: {} - {{- end }} - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" - initContainers: - - name: fix-permission - command: ["/bin/sh","-c","chmod -R 775 /opt/app/osaaf/local && chown -R 1000:1000 /opt/app/osaaf"] - image: "{{ .Values.global.busyboxRepository }}/{{ .Values.global.busyboxImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - - mountPath: "/opt/app/osaaf/local" - name: aaf-hello-vol - - name: {{ include "common.name" . }}-config-container - image: {{ .Values.global.repository }}/{{.Values.aaf_init.image}} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: ["bash","-c","cd /opt/app/aaf_config && bin/agent.sh"] -# command: ["bash","-c","cd /opt/app/aaf_config && echo Sleeping && sleep 480"] -# command: ["bash","-c","chown 1000:1000 /opt/app/osaaf && cd /opt/app/aaf_config && sleep 480"] - volumeMounts: - - mountPath: "/opt/app/osaaf/local" - name: aaf-hello-vol - env: - - name: APP_FQI - value: "{{ .Values.aaf_init.fqi }}" - - name: aaf_locate_url - value: "https://aaf-locate.{{ .Release.Namespace}}:{{.Values.global.aaf.locate.internal_port}}" - - name: aaf_locator_container - value: "oom" - - name: aaf_locator_container_ns - value: "{{ .Release.Namespace }}" -# This should the APP's FQDN to be put in Locator -# This MUST match what is entered for AAF Certificate Artifacts - - name: aaf_locator_fqdn - value: "{{.Values.aaf_init.fqdn}}" -# Hello specific. Clients don't don't need this, unless Registering with AAF Locator -# This should be the APP's PUBLIC FQDN, if applicable - - name: aaf_locator_public_fqdn - value: "{{.Values.aaf_init.locator_public_fqdn}}" - - name: LATITUDE - value: "{{ .Values.aaf_init.cadi_latitude }}" - - name: LONGITUDE - value: "{{ .Values.aaf_init.cadi_longitude }}" -# Note: We want to put this in Secrets or at LEAST ConfigMaps - - name: "DEPLOY_FQI" - value: "deployer@people.osaaf.org" -# Note: want to put this on Nodes, evenutally - - name: "DEPLOY_PASSWORD" - value: "demo123456!" + initContainers: {{ include "common.aaf-config" (dict "aafRoot" .Values.aaf_init "dot" .) | nindent 6 }} # CONTAINER Definition containers: - name: {{ include "common.name" . }} command: ["bash","-c","cd /opt/app/aaf && if [ ! -d /opt/app/osaaf/etc ]; then cp -Rf etc logs /opt/app/osaaf; fi && exec bin/hello"] - image: {{ .Values.global.repository }}/{{.Values.service.image }} + image: {{ .Values.global.repository }}/{{.Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - - mountPath: "/opt/app/osaaf/local" - name: aaf-hello-vol + ports: {{ include "common.containerPorts" . | nindent 10 }} + volumeMounts: {{ include "common.aaf-config-volume-mountpath" . | nindent 8 }} - mountPath: /etc/localtime name: localtime readOnly: true {{- if eq .Values.liveness.enabled true }} livenessProbe: tcpSocket: - port: {{ .Values.service.port }} + port: {{ .Values.liveness.port }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} - {{ end -}} + {{- end }} readinessProbe: tcpSocket: - port: {{ .Values.service.port }} + port: {{ .Values.readiness.port }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} - resources: -{{ include "common.resources" . | indent 12 }} + resources: {{ include "common.resources" . | nindent 12 }} {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 10 }} + nodeSelector: {{ toYaml .Values.nodeSelector | nindent 10 }} {{- end -}} {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 10 }} + affinity: {{ toYaml .Values.affinity | nindent 10 }} {{- end }} + volumes: {{ include "common.aaf-config-volumes" (dict "aafRoot" .Values.aaf_init "dot" .) | nindent 6 }} + - name: localtime + hostPath: + path: /etc/localtime + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/aaf/charts/aaf-hello/templates/secret.yaml b/kubernetes/aaf/charts/aaf-hello/templates/secret.yaml new file mode 100644 index 0000000000..f8c32e0670 --- /dev/null +++ b/kubernetes/aaf/charts/aaf-hello/templates/secret.yaml @@ -0,0 +1,15 @@ +# Copyright © 2020 Orange +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +{{ include "common.secretFast" . }} diff --git a/kubernetes/aaf/charts/aaf-hello/templates/service.yaml b/kubernetes/aaf/charts/aaf-hello/templates/service.yaml index 5ba4f68be9..8f80ee12a2 100644 --- a/kubernetes/aaf/charts/aaf-hello/templates/service.yaml +++ b/kubernetes/aaf/charts/aaf-hello/templates/service.yaml @@ -1,4 +1,5 @@ # Copyright © 2017 Amdocs, Bell Canada +# Modifications © 2020 Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -12,22 +13,4 @@ # See the License for the specific language governing permissions and # limitations under the License. -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - ports: - - port: {{ .Values.service.port }} - nodePort: {{ .Values.service.public_port }} - name: aaf-hello - selector: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} - type: "NodePort" +{{ include "common.service" . }} diff --git a/kubernetes/aaf/charts/aaf-hello/values.yaml b/kubernetes/aaf/charts/aaf-hello/values.yaml index 0400dcc1fd..aeb659082d 100644 --- a/kubernetes/aaf/charts/aaf-hello/values.yaml +++ b/kubernetes/aaf/charts/aaf-hello/values.yaml @@ -12,6 +12,8 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +global: + aafEnabled: true flavor: small @@ -22,47 +24,58 @@ flavor: small aaf_init: # You might want this in your own app. For AAF, we store in global # replicas: 1 - image: onap/aaf/aaf_agent:2.1.20 - fqi: "aaf@aaf.osaaf.org" + fqi: aaf@aaf.osaaf.org # This MUST match what is put in AAF's "Artifact" for Certificates - fqdn: "aaf-hello" + fqdn: aaf-hello # What is put in Locator for External Access - locator_public_fqdn: "aaf.osaaf.org" - app_ns: "org.osaaf.aaf" - deploy_fqi: "deployer@people.osaaf.org" + public_fqdn: aaf.osaaf.org cadi_latitude: "38.0" cadi_longitude: "-72.0" + credsPath: /opt/app/osaaf/local + aafDeployFqi: deployer@people.osaaf.org + aafDeployPass: demo123456! + # aafDeployCredsExternalSecret: some secret + secret_uid: &aaf_secret_uid nbi-aaf-deploy-creds + permission_user: 1000 + permission_group: 999 -service: - image: onap/aaf/aaf_hello:2.1.20 - port: "8130" - public_port: "31119" +replicaCount: 0 -persistence: - enabled: false - #existingClaim: - # You will want "Reatan" in non-Hello Example. - volumeReclaimPolicy: Delete - accessMode: ReadWriteMany - size: 40M - mountPath: /dockerdata-nfs - mountSubPath: aaf/hello +image: onap/aaf/aaf_hello:2.1.20 + +service: + name: aaf-hello + type: ClusterIP + ports: + - name: api + protocol: http + port: 8130 nodeSelector: {} affinity: {} +secrets: + - uid: *aaf_secret_uid + type: basicAuth + externalSecret: '{{ ternary (tpl (default "" .Values.aaf_init.aafDeployCredsExternalSecret) .) "aafIsDisabled" .Values.global.aafEnabled }}' + login: '{{ .Values.aaf_init.aafDeployFqi }}' + password: '{{ .Values.aaf_init.aafDeployPass }}' + passwordPolicy: required + # probe configuration parameters liveness: - initialDelaySeconds: 120 + initialDelaySeconds: 30 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true + port: api readiness: initialDelaySeconds: 5 periodSeconds: 10 + port: api ingress: enabled: false @@ -75,18 +88,18 @@ ingress: # Configure resource requests and limits resources: - small: - limits: - cpu: 200m - memory: 500Mi - requests: - cpu: 10m - memory: 200Mi - large: - limits: - cpu: 400m - memory: 1Gi - requests: - cpu: 20m - memory: 500Mi - unlimited: {} + small: + limits: + cpu: 200m + memory: 500Mi + requests: + cpu: 10m + memory: 200Mi + large: + limits: + cpu: 400m + memory: 1Gi + requests: + cpu: 20m + memory: 500Mi + unlimited: {} diff --git a/kubernetes/aaf/charts/aaf-locate/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-locate/templates/deployment.yaml index cc7f19176f..5074c8bc08 100644 --- a/kubernetes/aaf/charts/aaf-locate/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-locate/templates/deployment.yaml @@ -1,4 +1,5 @@ -# Copyright © 2017 Amdocs, Bell Canada +# Copyright © 2017 Amdocs +# Modifications © 2020 Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -12,128 +13,4 @@ # See the License for the specific language governing permissions and # limitations under the License. -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} -spec: - replicas: {{ .Values.global.aaf.locate.replicas }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} - spec: - initContainers: - - name: fix-permission - command: - - /bin/sh - args: - - -c - - | - chmod -R 775 /opt/app/aaf/status - chown -R 1000:1000 /opt/app/aaf/status - chmod -R 775 /opt/app/osaaf - chown -R 1000:1000 /opt/app/osaaf - image: "{{ .Values.global.busyboxRepository }}/{{ .Values.global.busyboxImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - - mountPath: /opt/app/aaf/status - name: aaf-status-vol - - mountPath: /opt/app/osaaf - name: aaf-config-vol - - name: {{ include "common.name" . }}-config-container - image: {{ .Values.global.repository }}/{{.Values.global.aaf.config.image}} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: ["bash","-c","cd /opt/app/aaf_config && bin/pod_wait.sh config aaf-service remove && bin/agent.sh"] - volumeMounts: - - mountPath: "/opt/app/osaaf" - name: aaf-config-vol - - mountPath: "/opt/app/aaf/status" - name: aaf-status-vol - env: - - name: aaf_env - value: "{{ .Values.global.aaf.aaf_env }}" - - name: cadi_latitude - value: "{{ .Values.global.aaf.cadi_latitude }}" - - name: cadi_longitude - value: "{{ .Values.global.aaf.cadi_longitude }}" - - name: cadi_x509_issuers - value: "{{ .Values.global.aaf.cadi_x509_issuers }}" - - name: aaf_locate_url - value: "https://aaf-locate.{{ .Release.Namespace}}:{{.Values.global.aaf.locate.internal_port}}" - - name: aaf_locator_container - value: "oom" - - name: aaf_release - value: "{{ .Values.global.aaf.aaf_release }}" - - name: aaf_locator_container_ns - value: "{{ .Release.Namespace }}" - - name: aaf_locator_public_fqdn - value: "{{.Values.global.aaf.public_fqdn}}" - - name: aaf_locator_name - value: "{{.Values.global.aaf.aaf_locator_name}}" - - name: aaf_locator_name_oom - value: "{{.Values.global.aaf.aaf_locator_name_oom}}" - - name: cm_always_ignore_ips - value: "true" - - name: CASSANDRA_CLUSTER - value: "{{.Values.global.aaf.cass.fqdn}}.{{ .Release.Namespace }}" -# - name: CASSANDRA_USER -# value: "" -# - name: CASSANDRA_PASSWORD -# value: "" -# - name: CASSANDRA_PORT -# value: "" - containers: - - name: {{ include "common.name" . }} - command: ["/bin/bash","-c","cd /opt/app/aaf && /bin/bash bin/pod_wait.sh aaf-locate aaf-service && exec bin/locate"] - image: {{ .Values.global.repository }}/{{.Values.global.aaf.image}} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - - mountPath: "/opt/app/osaaf" - name: aaf-config-vol - - mountPath: "/opt/app/aaf/status" - name: aaf-status-vol - - mountPath: /etc/localtime - name: localtime - readOnly: true - {{- if eq .Values.liveness.enabled true }} - livenessProbe: - tcpSocket: - port: {{ .Values.global.aaf.locate.internal_port }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - {{ end -}} - readinessProbe: - tcpSocket: - port: {{ .Values.global.aaf.locate.internal_port }} - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - resources: -{{ include "common.resources" . | indent 12 }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 10 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 10 }} - {{- end }} - volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name: aaf-status-vol - persistentVolumeClaim: - claimName: {{ include "common.release" . }}-aaf-status - - name: aaf-config-vol - persistentVolumeClaim: - claimName: {{ include "common.release" . }}-aaf-config - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" +{{ include "aaf.deployment" . }} diff --git a/kubernetes/aaf/charts/aaf-locate/templates/ingress.yaml b/kubernetes/aaf/charts/aaf-locate/templates/ingress.yaml index 40b4bba0ce..1b33c1f8d1 100644 --- a/kubernetes/aaf/charts/aaf-locate/templates/ingress.yaml +++ b/kubernetes/aaf/charts/aaf-locate/templates/ingress.yaml @@ -1,4 +1,2 @@ {{ include "common.ingress" . }} - - diff --git a/kubernetes/aaf/charts/aaf-locate/templates/service.yaml b/kubernetes/aaf/charts/aaf-locate/templates/service.yaml index 8aead90d29..e54c4f3057 100644 --- a/kubernetes/aaf/charts/aaf-locate/templates/service.yaml +++ b/kubernetes/aaf/charts/aaf-locate/templates/service.yaml @@ -1,4 +1,5 @@ -# Copyright © 2017 Amdocs, Bell Canada +# Copyright © 2017 Amdocs, Orange +# Modifications © 2020 Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -12,22 +13,4 @@ # See the License for the specific language governing permissions and # limitations under the License. -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - ports: - - port: {{ .Values.global.aaf.locate.internal_port }} - nodePort: {{ .Values.global.aaf.locate.public_port }} - name: aaf-locate - selector: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} - type: "NodePort" +{{ include "common.service" . }} diff --git a/kubernetes/aaf/charts/aaf-locate/values.yaml b/kubernetes/aaf/charts/aaf-locate/values.yaml index 2083f1af3d..47b2f205e5 100644 --- a/kubernetes/aaf/charts/aaf-locate/values.yaml +++ b/kubernetes/aaf/charts/aaf-locate/values.yaml @@ -18,6 +18,12 @@ flavor: small # Application configuration defaults. ################################################################# # application image +replicaCount: 1 + +binary: locate + +sequence_order: + - service nodeSelector: {} @@ -25,24 +31,25 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 120 + initialDelaySeconds: 30 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true + port: api readiness: initialDelaySeconds: 5 periodSeconds: 10 + port: api service: name: aaf-locate type: ClusterIP - portName: aaf-locate - #targetPort - internalPort: 8095 - #port - externalPort: 31111 + ports: + - name: api + protocol: http + port: 8095 ingress: enabled: false @@ -51,22 +58,22 @@ ingress: name: "aaf-locate" port: 8095 config: - ssl: "none" + ssl: "redirect" # Configure resource requests and limits resources: - small: - limits: - cpu: 100m - memory: 320Mi - requests: - cpu: 1m - memory: 210Mi - large: - limits: - cpu: 400m - memory: 1Gi - requests: - cpu: 40m - memory: 500Mi - unlimited: {} + small: + limits: + cpu: 100m + memory: 320Mi + requests: + cpu: 1m + memory: 210Mi + large: + limits: + cpu: 400m + memory: 1Gi + requests: + cpu: 40m + memory: 500Mi + unlimited: {} diff --git a/kubernetes/aaf/charts/aaf-oauth/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-oauth/templates/deployment.yaml index 6ce3abd241..5074c8bc08 100644 --- a/kubernetes/aaf/charts/aaf-oauth/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-oauth/templates/deployment.yaml @@ -1,4 +1,5 @@ -# Copyright © 2017 Amdocs, Bell Canada +# Copyright © 2017 Amdocs +# Modifications © 2020 Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -12,128 +13,4 @@ # See the License for the specific language governing permissions and # limitations under the License. -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} -spec: - replicas: {{ .Values.global.aaf.oauth.replicas }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} - spec: - initContainers: - - name: fix-permission - command: - - /bin/sh - args: - - -c - - | - chmod -R 775 /opt/app/aaf/status - chown -R 1000:1000 /opt/app/aaf/status - chmod -R 775 /opt/app/osaaf - chown -R 1000:1000 /opt/app/osaaf - image: "{{ .Values.global.busyboxRepository }}/{{ .Values.global.busyboxImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - - mountPath: /opt/app/aaf/status - name: aaf-status-vol - - mountPath: /opt/app/osaaf - name: aaf-config-vol - - name: {{ include "common.name" . }}-config-container - image: {{ .Values.global.repository }}/{{.Values.global.aaf.config.image}} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: ["bash","-c","cd /opt/app/aaf_config && bin/pod_wait.sh config aaf-service remove && bin/agent.sh"] - volumeMounts: - - mountPath: "/opt/app/osaaf" - name: aaf-config-vol - - mountPath: "/opt/app/aaf/status" - name: aaf-status-vol - env: - - name: aaf_env - value: "{{ .Values.global.aaf.aaf_env }}" - - name: cadi_latitude - value: "{{ .Values.global.aaf.cadi_latitude }}" - - name: cadi_longitude - value: "{{ .Values.global.aaf.cadi_longitude }}" - - name: cadi_x509_issuers - value: "{{ .Values.global.aaf.cadi_x509_issuers }}" - - name: aaf_locate_url - value: "https://aaf-locate.{{ .Release.Namespace}}:{{.Values.global.aaf.locate.internal_port}}" - - name: aaf_locator_container - value: "oom" - - name: aaf_release - value: "{{ .Values.global.aaf.aaf_release }}" - - name: aaf_locator_container_ns - value: "{{ .Release.Namespace }}" - - name: aaf_locator_public_fqdn - value: "{{.Values.global.aaf.public_fqdn}}" - - name: aaf_locator_name - value: "{{.Values.global.aaf.aaf_locator_name}}" - - name: aaf_locator_name_oom - value: "{{.Values.global.aaf.aaf_locator_name_oom}}" - - name: cm_always_ignore_ips - value: "true" - - name: CASSANDRA_CLUSTER - value: "{{.Values.global.aaf.cass.fqdn}}.{{ .Release.Namespace }}" -# - name: CASSANDRA_USER -# value: "" -# - name: CASSANDRA_PASSWORD -# value: "" -# - name: CASSANDRA_PORT -# value: "" - containers: - - name: {{ include "common.name" . }} - command: ["/bin/bash","-c","cd /opt/app/aaf && /bin/bash bin/pod_wait.sh aaf-oauth aaf-service && exec bin/oauth"] - image: {{ .Values.global.repository }}/{{.Values.global.aaf.image}} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - - mountPath: "/opt/app/osaaf" - name: aaf-config-vol - - mountPath: "/opt/app/aaf/status" - name: aaf-status-vol - - mountPath: /etc/localtime - name: localtime - readOnly: true - {{- if eq .Values.liveness.enabled true }} - livenessProbe: - tcpSocket: - port: {{ .Values.global.aaf.oauth.internal_port }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - {{ end -}} - readinessProbe: - tcpSocket: - port: {{ .Values.global.aaf.oauth.internal_port }} - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - resources: -{{ include "common.resources" . | indent 12 }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 10 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 10 }} - {{- end }} - volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name: aaf-status-vol - persistentVolumeClaim: - claimName: {{ include "common.release" . }}-aaf-status - - name: aaf-config-vol - persistentVolumeClaim: - claimName: {{ include "common.release" . }}-aaf-config - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" +{{ include "aaf.deployment" . }} diff --git a/kubernetes/aaf/charts/aaf-oauth/templates/ingress.yaml b/kubernetes/aaf/charts/aaf-oauth/templates/ingress.yaml new file mode 100644 index 0000000000..1b33c1f8d1 --- /dev/null +++ b/kubernetes/aaf/charts/aaf-oauth/templates/ingress.yaml @@ -0,0 +1,2 @@ + +{{ include "common.ingress" . }} diff --git a/kubernetes/aaf/charts/aaf-oauth/templates/service.yaml b/kubernetes/aaf/charts/aaf-oauth/templates/service.yaml index 52c2d10568..e54c4f3057 100644 --- a/kubernetes/aaf/charts/aaf-oauth/templates/service.yaml +++ b/kubernetes/aaf/charts/aaf-oauth/templates/service.yaml @@ -1,4 +1,5 @@ -# Copyright © 2017 Amdocs, Bell Canada +# Copyright © 2017 Amdocs, Orange +# Modifications © 2020 Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -12,22 +13,4 @@ # See the License for the specific language governing permissions and # limitations under the License. -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - ports: - - port: {{ .Values.global.aaf.oauth.internal_port }} - nodePort: {{ .Values.global.aaf.oauth.public_port }} - name: aaf-oauth - selector: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} - type: "NodePort" +{{ include "common.service" . }} diff --git a/kubernetes/aaf/charts/aaf-oauth/values.yaml b/kubernetes/aaf/charts/aaf-oauth/values.yaml index deadf2976f..7604b86393 100644 --- a/kubernetes/aaf/charts/aaf-oauth/values.yaml +++ b/kubernetes/aaf/charts/aaf-oauth/values.yaml @@ -19,30 +19,40 @@ flavor: small # Application configuration defaults. ################################################################# # application image + +replicaCount: 1 + +binary: oauth + +sequence_order: + - service + - locate + nodeSelector: {} affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 120 + initialDelaySeconds: 30 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true + port: api readiness: initialDelaySeconds: 5 periodSeconds: 10 + port: api service: name: aaf-oauth type: ClusterIP - portName: aaf-oauth - #targetPort - internalPort: 8140 - #port - externalPort: 8140 + ports: + - name: api + protocol: http + port: 8140 ingress: enabled: false @@ -51,22 +61,22 @@ ingress: name: "aaf-oauth" port: 8140 config: - ssl: "none" + ssl: "redirect" # Configure resource requests and limits resources: - small: - limits: - cpu: 40m - memory: 320Mi - requests: - cpu: 1m - memory: 210Mi - large: - limits: - cpu: 400m - memory: 600Mi - requests: - cpu: 40m - memory: 200Mi - unlimited: {} + small: + limits: + cpu: 40m + memory: 320Mi + requests: + cpu: 1m + memory: 210Mi + large: + limits: + cpu: 400m + memory: 600Mi + requests: + cpu: 40m + memory: 200Mi + unlimited: {} diff --git a/kubernetes/aaf/charts/aaf-service/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-service/templates/deployment.yaml index 555f4ac815..5074c8bc08 100644 --- a/kubernetes/aaf/charts/aaf-service/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-service/templates/deployment.yaml @@ -1,4 +1,5 @@ -# Copyright © 2017 Amdocs, Bell Canada +# Copyright © 2017 Amdocs +# Modifications © 2020 Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -12,135 +13,4 @@ # See the License for the specific language governing permissions and # limitations under the License. -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} -spec: - replicas: {{ .Values.global.aaf.service.replicas }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} - spec: - initContainers: - - name: fix-permission - command: - - /bin/sh - args: - - -c - - | - chmod -R 775 /opt/app/aaf/status - chown -R 1000:1000 /opt/app/aaf/status - chmod -R 775 /opt/app/osaaf - chown -R 1000:1000 /opt/app/osaaf - image: "{{ .Values.global.busyboxRepository }}/{{ .Values.global.busyboxImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - - mountPath: /opt/app/aaf/status - name: aaf-status-vol - - mountPath: /opt/app/osaaf - name: aaf-config-vol - - name: {{ include "common.name" . }}-config-container - image: {{ .Values.global.repository }}/{{.Values.global.aaf.config.image}} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: ["bash","-c","cd /opt/app/aaf_config && bin/pod_wait.sh config nc aaf-cass.{{ .Release.Namespace }} 9042 sleep 15 remove && bin/agent.sh"] - volumeMounts: - - mountPath: "/opt/app/osaaf" - name: aaf-config-vol - - mountPath: "/opt/app/aaf/status" - name: aaf-status-vol - env: - - name: aaf_env - value: "{{ .Values.global.aaf.aaf_env }}" - - name: cadi_latitude - value: "{{ .Values.global.aaf.cadi_latitude }}" - - name: cadi_longitude - value: "{{ .Values.global.aaf.cadi_longitude }}" - - name: cadi_x509_issuers - value: "{{ .Values.global.aaf.cadi_x509_issuers }}" - - name: aaf_locate_url - value: "https://aaf-locate.{{ .Release.Namespace}}:{{.Values.global.aaf.locate.internal_port}}" - - name: aaf_locator_container - value: "oom" - - name: aaf_release - value: "{{ .Values.global.aaf.aaf_release }}" - - name: aaf_locator_container_ns - value: "{{ .Release.Namespace }}" - - name: aaf_locator_public_fqdn - value: "{{.Values.global.aaf.public_fqdn}}" - - name: aaf_locator_name - value: "{{.Values.global.aaf.aaf_locator_name}}" - - name: aaf_locator_name_oom - value: "{{.Values.global.aaf.aaf_locator_name_oom}}" - - name: cm_always_ignore_ips - value: "true" - - name: CASSANDRA_CLUSTER - value: "{{.Values.global.aaf.cass.fqdn}}.{{ .Release.Namespace }}" -# - name: CASSANDRA_USER -# value: "" -# - name: CASSANDRA_PASSWORD -# value: "" -# - name: CASSANDRA_PORT -# value: "" - containers: - - name: {{ include "common.name" . }} - command: ["/bin/bash","-c","cd /opt/app/aaf && bin/pod_wait.sh aaf-service aaf-cass && exec bin/service"] - image: {{.Values.global.repository}}/{{.Values.global.aaf.image}} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - env: - - name: cm_always_ignore_ips - value: "true" - lifecycle: - preStop: - exec: - command: ["/bin/sh","-c","rm /opt/app/aaf/status/aaf-service* && echo $HOSTNAME >> aaf-service.hosts"] - volumeMounts: - - mountPath: "/opt/app/osaaf" - name: aaf-config-vol - - mountPath: "/opt/app/aaf/status" - name: aaf-status-vol - - mountPath: /etc/localtime - name: localtime - readOnly: true - {{- if eq .Values.liveness.enabled true }} - livenessProbe: - tcpSocket: - port: {{ .Values.global.aaf.service.internal_port }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - {{ end -}} - readinessProbe: - tcpSocket: - port: {{ .Values.global.aaf.service.internal_port }} - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - resources: -{{ include "common.resources" . | indent 12 }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 10 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 10 }} - {{- end }} - volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name: aaf-status-vol - persistentVolumeClaim: - claimName: {{ include "common.release" . }}-aaf-status - - name: aaf-config-vol - persistentVolumeClaim: - claimName: {{ include "common.release" . }}-aaf-config - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" +{{ include "aaf.deployment" . }} diff --git a/kubernetes/aaf/charts/aaf-service/templates/service.yaml b/kubernetes/aaf/charts/aaf-service/templates/service.yaml index e02c685549..e54c4f3057 100644 --- a/kubernetes/aaf/charts/aaf-service/templates/service.yaml +++ b/kubernetes/aaf/charts/aaf-service/templates/service.yaml @@ -1,4 +1,5 @@ -# Copyright © 2017 Amdocs, Bell Canada +# Copyright © 2017 Amdocs, Orange +# Modifications © 2020 Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -12,22 +13,4 @@ # See the License for the specific language governing permissions and # limitations under the License. -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - ports: - - port: {{ .Values.global.aaf.service.internal_port }} - nodePort: {{ .Values.global.aaf.service.public_port }} - name: aaf-service - selector: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} - type: "NodePort" +{{ include "common.service" . }} diff --git a/kubernetes/aaf/charts/aaf-service/values.yaml b/kubernetes/aaf/charts/aaf-service/values.yaml index 5f3c1878dd..c2d96032cc 100644 --- a/kubernetes/aaf/charts/aaf-service/values.yaml +++ b/kubernetes/aaf/charts/aaf-service/values.yaml @@ -20,30 +20,38 @@ flavor: small ################################################################# # application image +replicaCount: 1 + +binary: service + +sequence_order: + - cass + nodeSelector: {} affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 120 + initialDelaySeconds: 30 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true + port: api readiness: initialDelaySeconds: 5 periodSeconds: 10 + port: api service: name: aaf-service - type: NodePort - portName: aaf-service - #targetPort - internalPort: 8100 - #port - externalPort: 31110 + type: ClusterIP + ports: + - name: api + port: 8100 + protocol: http ingress: enabled: false @@ -52,22 +60,22 @@ ingress: name: "aaf-service" port: 8100 config: - ssl: "none" + ssl: "redirect" # Configure resource requests and limits resources: - small: - limits: - cpu: 250m - memory: 360Mi - requests: - cpu: 10m - memory: 250Mi - large: - limits: - cpu: 400m - memory: 1Gi - requests: - cpu: 40m - memory: 300Mi - unlimited: {} + small: + limits: + cpu: 250m + memory: 360Mi + requests: + cpu: 10m + memory: 250Mi + large: + limits: + cpu: 400m + memory: 1Gi + requests: + cpu: 40m + memory: 300Mi + unlimited: {} diff --git a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/configmap.yaml b/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/configmap.yaml index 5ade9a81d6..8d1faf7e32 100644 --- a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/configmap.yaml +++ b/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/configmap.yaml @@ -18,15 +18,8 @@ apiVersion: v1 kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} +metadata: {{- include "common.resourceMetadata" . | nindent 2 }} data: {{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} -{{- end -}}
\ No newline at end of file +{{- end -}} diff --git a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/job.yaml b/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/job.yaml index c816b16914..23fe79d716 100644 --- a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/job.yaml +++ b/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/job.yaml @@ -18,21 +18,11 @@ apiVersion: batch/v1 kind: Job -metadata: - name: {{ include "common.fullname" . }}-init - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }}-job - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} +metadata: {{- include "common.resourceMetadata" . | nindent 2 }} spec: backoffLimit: 2 template: - metadata: - labels: - app: {{ include "common.name" . }}-job - release: {{ include "common.release" . }} + metadata: {{- include "common.templateMetadata" . | nindent 6 }} spec: restartPolicy: Never containers: @@ -58,19 +48,17 @@ spec: - name: {{ include "common.fullname" . }}-tpmconfig mountPath: "/abrmd/cred/" readOnly: true - resources: -{{ toYaml .Values.resources | indent 10 }} - nodeSelector: - {{- if .Values.nodeSelector }} -{{ toYaml .Values.nodeSelector | indent 8 }} + resources: {{ toYaml .Values.resources | nindent 10 }} + {{- if .Values.nodeSelector }} + nodeSelector: {{ toYaml .Values.nodeSelector | nindent 8 }} {{- end -}} {{- if .Values.global.tpm.enabled }} {{ (printf "%s: \"%s\"" .Values.global.tpm.nodeLabel .Values.global.tpm.nodeLabelValue) }} {{- end -}} {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 8 }} + affinity: {{ toYaml .Values.affinity | nindent 8 }} {{- end }} + resources: {{ include "common.resources" . | nindent 10 }} volumes: - name: {{ include "common.fullname" . }}-data persistentVolumeClaim: diff --git a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/statefulset.yaml b/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/statefulset.yaml index 0beda0fefc..c624ccfc4d 100644 --- a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/statefulset.yaml +++ b/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/statefulset.yaml @@ -16,24 +16,15 @@ {{- if and .Values.global.tpm.enabled .Values.global.abrmd.enabled -}} -apiVersion: apps/v1beta1 +apiVersion: apps/v1 kind: StatefulSet -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} +metadata: {{- include "common.resourceMetadata" . | nindent 2 }} spec: + selector: {{- include "common.selectors" . | nindent 4 }} replicas: {{ .Values.replicaCount }} serviceName: template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} + metadata: {{- include "common.templateMetadata" . | nindent 6 }} spec: initContainers: - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" @@ -50,6 +41,13 @@ spec: fieldRef: apiVersion: v1 fieldPath: metadata.namespace + resources: + limits: + cpu: 100m + memory: 100Mi + requests: + cpu: 3m + memory: 20Mi containers: - image: "{{ include "common.repository" . }}/{{ .Values.image }}" name: {{ include "common.name" . }} @@ -66,8 +64,7 @@ spec: - mountPath: /etc/localtime name: localtime readOnly: true - resources: -{{ toYaml .Values.resources | indent 10 }} + resources: {{ include "common.resources" . | nindent 10 }} nodeSelector: {{- if .Values.nodeSelector }} {{ toYaml .Values.nodeSelector | indent 8 }} @@ -76,8 +73,7 @@ spec: {{ (printf "%s: \"%s\"" .Values.global.tpm.nodeLabel .Values.global.tpm.nodeLabelValue) }} {{- end -}} {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 8 }} + affinity: {{ toYaml .Values.affinity | nindent 8 }} {{- end }} volumes: - name: localtime diff --git a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/configmap.yaml b/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/configmap.yaml index dc5176127a..99176fcdf6 100644 --- a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/configmap.yaml +++ b/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/configmap.yaml @@ -18,15 +18,8 @@ apiVersion: v1 kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} +metadata: {{- include "common.resourceMetadata" . | nindent 2 }} data: {{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} -{{- end -}}
\ No newline at end of file +{{- end -}} diff --git a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/job.yaml b/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/job.yaml index 3d248eef51..fb48c7df4a 100644 --- a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/job.yaml +++ b/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/job.yaml @@ -18,22 +18,12 @@ apiVersion: batch/v1 kind: Job -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} +metadata: {{- include "common.resourceMetadata" . | nindent 2 }} spec: replicas: {{ .Values.replicaCount }} serviceName: template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} + metadata: {{- include "common.templateMetadata" . | nindent 6 }} spec: restartPolicy: Never initContainers: @@ -52,6 +42,13 @@ spec: fieldRef: apiVersion: v1 fieldPath: metadata.namespace + resources: + limits: + cpu: 100m + memory: 100Mi + requests: + cpu: 3m + memory: 20Mi {{ else }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} @@ -69,6 +66,13 @@ spec: readOnly: true - name: {{ include "common.fullname" . }}-data mountPath: /distcenter/data + resources: + limits: + cpu: 1 + memory: 100Mi + requests: + cpu: 3m + memory: 20Mi {{- end }} containers: - image: "{{ include "common.repository" . }}/{{ .Values.image }}" @@ -82,15 +86,12 @@ spec: readOnly: true - name: {{ include "common.fullname" . }}-data mountPath: /distcenter/data - resources: -{{ toYaml .Values.resources | indent 10 }} + resources: {{ include "common.resources" . | nindent 10 }} {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 8 }} + nodeSelector: {{ toYaml .Values.nodeSelector | nindent 8 }} {{- end -}} {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 8 }} + affinity: {{ toYaml .Values.affinity | nindent 8 }} {{- end }} volumes: - name: localtime @@ -98,7 +99,7 @@ spec: path: /etc/localtime - name: {{ include "common.fullname" . }}-data persistentVolumeClaim: - claimName: {{ include "common.release" . }}-aaf-sshsm-data + claimName: {{ include "common.release" . }}-aaf-sshsm imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pv.yaml b/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pv.yaml index 00005a58b1..bf0ef74be2 100644 --- a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pv.yaml +++ b/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pv.yaml @@ -15,28 +15,5 @@ */}} {{- if .Values.global.distcenter.enabled -}} -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} -{{- if eq "True" (include "common.needPV" .) }} -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }}-data - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ include "common.release" . }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }} -spec: - capacity: - storage: {{ .Values.persistence.size}} - accessModes: - - {{ .Values.persistence.accessMode }} - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} - storageClassName: "{{ include "common.fullname" . }}-data" - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ include "common.release" . }}/{{ .Values.persistence.mountSubPath }} -{{- end -}} -{{- end -}} +{{ include "common.PV" . }} {{- end -}} diff --git a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pvc.yaml b/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pvc.yaml index ede08205b5..a13b7f353b 100644 --- a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pvc.yaml +++ b/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pvc.yaml @@ -15,27 +15,5 @@ */}} {{- if .Values.global.distcenter.enabled -}} -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ include "common.release" . }}" - heritage: "{{ .Release.Service }}" -{{- if .Values.persistence.annotations }} - annotations: -{{ toYaml .Values.persistence.annotations | indent 4 }} -{{- end }} -spec: - accessModes: - - {{ .Values.persistence.accessMode }} - resources: - requests: - storage: {{ .Values.persistence.size }} - storageClassName: {{ include "common.storageClass" . }} -{{- end -}} +{{ include "common.PVC" . }} {{- end -}} diff --git a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-testca/templates/job.yaml b/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-testca/templates/job.yaml index a67760c368..a64f483d74 100644 --- a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-testca/templates/job.yaml +++ b/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-testca/templates/job.yaml @@ -18,22 +18,11 @@ apiVersion: batch/v1 kind: Job -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} +metadata: {{- include "common.resourceMetadata" . | nindent 2 }} spec: replicas: {{ .Values.replicaCount }} - serviceName: template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} + metadata: {{- include "common.templateMetadata" . | nindent 6 }} spec: restartPolicy: Never initContainers: @@ -51,6 +40,13 @@ spec: fieldRef: apiVersion: v1 fieldPath: metadata.namespace + resources: + limits: + cpu: 100m + memory: 100Mi + requests: + cpu: 3m + memory: 20Mi {{- if .Values.global.tpm.enabled }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} @@ -66,6 +62,13 @@ spec: volumeMounts: - name: {{ include "common.fullname" . }}-dbus mountPath: /var/run/dbus + resources: + limits: + cpu: 100m + memory: 100Mi + requests: + cpu: 3m + memory: 20Mi {{- end }} containers: - image: "{{ include "common.repository" . }}/{{ .Values.image }}" @@ -98,8 +101,7 @@ spec: - name: {{ include "common.fullname" . }}-secrets mountPath: /testca/secrets readOnly: true - resources: -{{ toYaml .Values.resources | indent 10 }} + resources: {{ include "common.resources" . | nindent 10 }} nodeSelector: {{- if .Values.nodeSelector }} {{ toYaml .Values.nodeSelector | indent 8 }} @@ -108,8 +110,7 @@ spec: {{ (printf "%s: \"%s\"" .Values.global.tpm.nodeLabel .Values.global.tpm.nodeLabelValue) }} {{- end -}} {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 8 }} + affinity: {{ toYaml .Values.affinity | nindent 8 }} {{- end }} volumes: - name: localtime @@ -117,7 +118,7 @@ spec: path: /etc/localtime - name: {{ include "common.fullname" . }}-data persistentVolumeClaim: - claimName: {{ include "common.release" . }}-aaf-sshsm-data + claimName: {{ include "common.release" . }}-aaf-sshsm - name: {{ include "common.fullname" . }}-dbus persistentVolumeClaim: claimName: {{ include "common.release" . }}-aaf-sshsm-dbus diff --git a/kubernetes/aaf/charts/aaf-sshsm/templates/pv-data.yaml b/kubernetes/aaf/charts/aaf-sshsm/templates/pv-data.yaml index 3b50792473..b566b11458 100644 --- a/kubernetes/aaf/charts/aaf-sshsm/templates/pv-data.yaml +++ b/kubernetes/aaf/charts/aaf-sshsm/templates/pv-data.yaml @@ -14,27 +14,4 @@ # limitations under the License. */}} -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} -{{- if eq "True" (include "common.needPV" .) }} -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }}-data - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ include "common.release" . }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }}-data -spec: - capacity: - storage: {{ .Values.persistence.size}} - accessModes: - - {{ .Values.persistence.accessMode }} - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} - storageClassName: "{{ include "common.fullname" . }}-data" - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ include "common.release" . }}/{{ .Values.persistence.dataMountSubPath }} -{{- end -}} -{{- end -}} +{{ include "common.PV" (dict "dot" . "persistenceInfos" .Values.persistence.data) }} diff --git a/kubernetes/aaf/charts/aaf-sshsm/templates/pv-dbus.yaml b/kubernetes/aaf/charts/aaf-sshsm/templates/pv-dbus.yaml index e76baa2d36..b3e7f9fabd 100644 --- a/kubernetes/aaf/charts/aaf-sshsm/templates/pv-dbus.yaml +++ b/kubernetes/aaf/charts/aaf-sshsm/templates/pv-dbus.yaml @@ -14,27 +14,4 @@ # limitations under the License. */}} -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} -{{- if eq "True" (include "common.needPV" .) }} -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }}-dbus - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ include "common.release" . }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }}-dbus -spec: - capacity: - storage: {{ .Values.persistence.size}} - accessModes: - - {{ .Values.persistence.accessMode }} - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} - storageClassName: "{{ include "common.fullname" . }}-dbus" - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ include "common.release" . }}/{{ .Values.persistence.dbusMountSubPath }} -{{- end -}} -{{- end -}} +{{ include "common.PV" (dict "dot" . "suffix" "dbus" "persistenceInfos" .Values.persistence.dbus) }} diff --git a/kubernetes/aaf/charts/aaf-sshsm/templates/pvc-data.yaml b/kubernetes/aaf/charts/aaf-sshsm/templates/pvc-data.yaml index 2a5fc98bfa..b8971cc03c 100644 --- a/kubernetes/aaf/charts/aaf-sshsm/templates/pvc-data.yaml +++ b/kubernetes/aaf/charts/aaf-sshsm/templates/pvc-data.yaml @@ -14,26 +14,4 @@ # limitations under the License. */}} -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }}-data - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ include "common.release" . }}" - heritage: "{{ .Release.Service }}" -{{- if .Values.persistence.annotations }} - annotations: -{{ toYaml .Values.persistence.annotations | indent 4 }} -{{- end }} -spec: - accessModes: - - {{ .Values.persistence.accessMode }} - resources: - requests: - storage: {{ .Values.persistence.size }} - storageClassName: {{ include "common.storageClass" . }} -{{- end -}} +{{ include "common.PVC" (dict "dot" . "persistenceInfos" .Values.persistence.data) }} diff --git a/kubernetes/aaf/charts/aaf-sshsm/templates/pvc-dbus.yaml b/kubernetes/aaf/charts/aaf-sshsm/templates/pvc-dbus.yaml index cf223670b5..7297d6f81d 100644 --- a/kubernetes/aaf/charts/aaf-sshsm/templates/pvc-dbus.yaml +++ b/kubernetes/aaf/charts/aaf-sshsm/templates/pvc-dbus.yaml @@ -14,30 +14,4 @@ # limitations under the License. */}} -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }}-dbus - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ include "common.release" . }}" - heritage: "{{ .Release.Service }}" -{{- if .Values.persistence.annotations }} - annotations: -{{ toYaml .Values.persistence.annotations | indent 4 }} -{{- end }} -spec: - accessModes: - - {{ .Values.persistence.accessMode }} - resources: - requests: - storage: {{ .Values.persistence.size }} -{{- if eq "True" (include "common.needPV" .) }} - storageClassName: "{{ include "common.fullname" . }}-dbus" -{{- else }} - storageClassName: {{ include "common.storageClass" . }} -{{- end }} -{{- end -}} +{{ include "common.PVC" (dict "dot" . "suffix" "dbus" "persistenceInfos" .Values.persistence.dbus) }} diff --git a/kubernetes/aaf/charts/aaf-sshsm/values.yaml b/kubernetes/aaf/charts/aaf-sshsm/values.yaml index 55d38a094c..5600213e11 100644 --- a/kubernetes/aaf/charts/aaf-sshsm/values.yaml +++ b/kubernetes/aaf/charts/aaf-sshsm/values.yaml @@ -32,12 +32,20 @@ global: persistence: enabled: true - volumeReclaimPolicy: Retain - accessMode: ReadWriteOnce - size: 10Mi - mountPath: /dockerdata-nfs - dataMountSubPath: sshsm/data - dbusMountSubPath: sshsm/dbus + data: + enabled: true + size: 10Mi + volumeReclaimPolicy: Retain + accessMode: ReadWriteOnce + mountSubPath: sshsm/data + dbus: + enabled: true + size: 10Mi + volumeReclaimPolicy: Retain + accessMode: ReadWriteOnce + mountSubPath: sshsm/dbus + + # Configure resource requests and limits resources: |