3 files changed, 36 insertions, 7 deletions

diff --git a/kubernetes/aai/components/aai-traversal/templates/deployment.yaml b/kubernetes/aai/components/aai-traversal/templates/deployment.yaml
index 037f811f44..277fb4bfbb 100644
--- a/kubernetes/aai/components/aai-traversal/templates/deployment.yaml
+++ b/kubernetes/aai/components/aai-traversal/templates/deployment.yaml
@@ -29,6 +29,12 @@ metadata:
     heritage: {{ .Release.Service }}
 spec:
   replicas: {{ .Values.replicaCount }}
+  minReadySeconds: {{ .Values.minReadySeconds }}
+  strategy:
+    type: {{ .Values.updateStrategy.type }}
+    rollingUpdate:
+      maxUnavailable: {{ .Values.updateStrategy.maxUnavailable }}
+      maxSurge: {{ .Values.updateStrategy.maxSurge }}
   selector:
     matchLabels:
       app: {{ include "common.name" . }}
@@ -91,6 +97,7 @@ spec:
       {{- end }}
     spec:
       hostname: aai-traversal
+      terminationGracePeriodSeconds: {{ .Values.service.terminationGracePeriodSeconds }}
       initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }}
       - command:
         - /app/ready.py
@@ -144,6 +151,10 @@ spec:
           value: {{ .Values.global.config.userId | quote }}
         - name: LOCAL_GROUP_ID
           value: {{ .Values.global.config.groupId | quote }}
+        - name: INTERNAL_PORT_1
+          value: {{ .Values.service.internalPort | quote }}
+        - name: INTERNAL_PORT_2
+          value: {{ .Values.service.internalPort2 | quote }}
         volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 8 }}
         - mountPath: /etc/localtime
           name: localtime
@@ -194,6 +205,18 @@ spec:
         ports:
         - containerPort: {{ .Values.service.internalPort }}
         - containerPort: {{ .Values.service.internalPort2 }}
+        lifecycle:
+          # wait for active requests (long-running tasks) to be finished
+          # Before the SIGTERM is invoked, Kubernetes exposes a preStop hook in the Pod.
+          preStop:
+            exec:
+              command:
+                - sh
+                - -c
+                - |
+                  while (netstat -an | grep ESTABLISHED | grep -e $INTERNAL_PORT_1 -e $INTERNAL_PORT_2)
+                  do sleep 10
+                  done
         # disable liveness probe when breakpoints set in debugger
         # so K8s doesn't restart unresponsive container
         {{ if .Values.liveness.enabled }}
diff --git a/kubernetes/aai/components/aai-traversal/templates/job.yaml b/kubernetes/aai/components/aai-traversal/templates/job.yaml
index 2eac7fe722..42f0f47bb0 100644
--- a/kubernetes/aai/components/aai-traversal/templates/job.yaml
+++ b/kubernetes/aai/components/aai-traversal/templates/job.yaml
@@ -69,10 +69,16 @@ spec:
         - bash
         - "-c"
         - |
-          set -x
-          if [ ! -d /opt/aai/logroot/AAI-GQ/misc ]; then mkdir -p /opt/aai/logroot/AAI-GQ/misc; fi
-          until nc -w10 -z -v aai.{{.Release.Namespace}} 8443; do echo "Retrying to reach aai on port 8443"; done;
-          bash -x /opt/app/aai-traversal/docker-entrypoint.sh install/updateQueryData.sh
+           set -x
+           if [ ! -d /opt/aai/logroot/AAI-GQ/misc ]; then mkdir -p /opt/aai/logroot/AAI-GQ/misc; fi
+          {{- if (include "common.needTLS" .) }}
+           until nc -w10 -z -v aai.{{.Release.Namespace}} 8443; do echo "Retrying to reach aai on port 8443"; done;
+           bash -x /opt/app/aai-traversal/docker-entrypoint.sh install/updateQueryData.sh
+          {{- else }}
+           until nc -w10 -z -v aai.{{.Release.Namespace}} 80; do echo "Retrying to reach aai on port 80"; done;
+           bash -x /opt/app/aai-traversal/docker-entrypoint.sh install/updateQueryData.sh ;
+           {{- include "common.serviceMesh.killSidecar" . | indent 11 | trim }}
+          {{- end }}
         env:
         - name: LOCAL_USER_ID
           value: {{ .Values.global.config.userId | quote }}
diff --git a/kubernetes/aai/components/aai-traversal/templates/service.yaml b/kubernetes/aai/components/aai-traversal/templates/service.yaml
index fad857bb41..b54b6be644 100644
--- a/kubernetes/aai/components/aai-traversal/templates/service.yaml
+++ b/kubernetes/aai/components/aai-traversal/templates/service.yaml
@@ -30,16 +30,16 @@ spec:
   {{if eq .Values.service.type "NodePort" -}}
   - port: {{ .Values.service.internalPort }}
     nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
-    name: {{ .Values.service.portName }}
+    name: {{ .Values.service.portName }}{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}
   - port: {{ .Values.service.internalPort2 }}
     nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }}
     name: {{ .Values.service.portName2 }}
   {{- else -}}
   - port: {{ .Values.service.internalPort }}
-    name: {{ .Values.service.portName }}
+    name: {{ .Values.service.portName }}{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}
   - port: {{ .Values.service.internalPort2 }}
     name: {{ .Values.service.portName2 }}
-  {{- end}}
+  {{- end }}
   selector:
     app: {{ include "common.name" . }}
     release: {{ include "common.release" . }}