aboutsummaryrefslogtreecommitdiffstats
path: root/kubernetes/common
diff options
context:
space:
mode:
Diffstat (limited to 'kubernetes/common')
-rw-r--r--kubernetes/common/cassandra/templates/backup/cronjob.yaml25
-rw-r--r--kubernetes/common/cassandra/templates/backup/pv.yaml32
-rw-r--r--kubernetes/common/cassandra/templates/backup/pvc.yaml41
-rw-r--r--kubernetes/common/cassandra/templates/pv.yaml39
-rw-r--r--kubernetes/common/cassandra/templates/statefulset.yaml21
-rw-r--r--kubernetes/common/cassandra/values.yaml4
-rw-r--r--kubernetes/common/common/templates/_createPassword.tpl62
-rw-r--r--kubernetes/common/common/templates/_ingress.tpl43
-rw-r--r--kubernetes/common/common/templates/_mariadb.tpl59
-rw-r--r--kubernetes/common/common/templates/_name.tpl12
-rw-r--r--kubernetes/common/common/templates/_secret.yaml276
-rw-r--r--kubernetes/common/etcd/templates/pv.yaml40
-rw-r--r--kubernetes/common/etcd/templates/statefulset.yaml10
-rw-r--r--kubernetes/common/etcd/values.yaml3
-rw-r--r--kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml27
-rw-r--r--kubernetes/common/mariadb-galera/templates/backup/pv.yaml40
-rw-r--r--kubernetes/common/mariadb-galera/templates/backup/pvc.yaml50
-rw-r--r--kubernetes/common/mariadb-galera/templates/pv.yaml2
-rw-r--r--kubernetes/common/mariadb-galera/templates/secrets.yaml17
-rw-r--r--kubernetes/common/mariadb-galera/templates/statefulset.yaml16
-rw-r--r--kubernetes/common/mariadb-galera/values.yaml18
-rw-r--r--kubernetes/common/mariadb-init/.helmignore (renamed from kubernetes/common/mysql/.helmignore)2
-rw-r--r--kubernetes/common/mariadb-init/Chart.yaml (renamed from kubernetes/common/nfs-provisioner/Chart.yaml)6
-rw-r--r--kubernetes/common/mariadb-init/requirements.yaml (renamed from kubernetes/common/mysql/requirements.yaml)4
-rwxr-xr-xkubernetes/common/mariadb-init/resources/config/db_init.sh32
-rw-r--r--kubernetes/common/mariadb-init/templates/_configmap.tpl (renamed from kubernetes/common/mongo/templates/storageclass.yaml)20
-rw-r--r--kubernetes/common/mariadb-init/templates/_mariadb.tpl (renamed from kubernetes/common/mysql/Chart.yaml)18
-rw-r--r--kubernetes/common/mariadb-init/templates/configmap.yaml (renamed from kubernetes/common/mysql/templates/secrets.yaml)12
-rw-r--r--kubernetes/common/mariadb-init/templates/job.yaml105
-rw-r--r--kubernetes/common/mariadb-init/templates/secret.yaml (renamed from kubernetes/common/mysql/templates/storageclass.yaml)17
-rw-r--r--kubernetes/common/mariadb-init/tests/configmap_test.yaml114
-rw-r--r--kubernetes/common/mariadb-init/tests/job_test.yaml307
-rw-r--r--kubernetes/common/mariadb-init/tests/secret_test.yaml49
-rw-r--r--kubernetes/common/mariadb-init/values.yaml87
-rw-r--r--kubernetes/common/mongo/templates/nfs-provisoner.yaml78
-rw-r--r--kubernetes/common/mongo/templates/pv.yaml34
-rw-r--r--kubernetes/common/mongo/templates/pvc.yaml43
-rw-r--r--kubernetes/common/mongo/templates/service.yaml23
-rw-r--r--kubernetes/common/mongo/templates/statefulset.yaml46
-rw-r--r--kubernetes/common/mongo/values.yaml7
-rw-r--r--kubernetes/common/music/charts/music-cassandra/templates/pv.yaml46
-rw-r--r--kubernetes/common/music/charts/music-cassandra/templates/statefulset.yaml47
-rw-r--r--kubernetes/common/music/charts/music-cassandra/templates/volumes.yaml52
-rw-r--r--kubernetes/common/music/charts/music-cassandra/values.yaml2
-rw-r--r--kubernetes/common/music/charts/zookeeper/templates/pv.yaml45
-rw-r--r--kubernetes/common/music/charts/zookeeper/templates/statefulset.yaml39
-rw-r--r--kubernetes/common/music/charts/zookeeper/templates/volumes.yaml25
-rw-r--r--kubernetes/common/music/charts/zookeeper/values.yaml2
-rw-r--r--kubernetes/common/mysql/templates/configmap.yaml41
-rw-r--r--kubernetes/common/mysql/templates/nfs-provisoner.yaml78
-rw-r--r--kubernetes/common/mysql/templates/pv.yaml62
-rw-r--r--kubernetes/common/mysql/templates/service.yaml146
-rw-r--r--kubernetes/common/mysql/templates/statefulset.yaml263
-rw-r--r--kubernetes/common/mysql/values.yaml133
-rw-r--r--kubernetes/common/nfs-provisioner/requirements.yaml18
-rw-r--r--kubernetes/common/nfs-provisioner/templates/nfs-provisoner.yaml78
-rw-r--r--kubernetes/common/nfs-provisioner/templates/service.yaml39
-rw-r--r--kubernetes/common/nfs-provisioner/values.yaml50
-rw-r--r--kubernetes/common/postgres/templates/pv.yaml53
-rw-r--r--kubernetes/common/postgres/templates/statefulset.yaml40
60 files changed, 1526 insertions, 1574 deletions
diff --git a/kubernetes/common/cassandra/templates/backup/cronjob.yaml b/kubernetes/common/cassandra/templates/backup/cronjob.yaml
index 630ac43ba3..0d06318422 100644
--- a/kubernetes/common/cassandra/templates/backup/cronjob.yaml
+++ b/kubernetes/common/cassandra/templates/backup/cronjob.yaml
@@ -75,7 +75,7 @@ spec:
echo "Executing cleanup!!"
command="nodetool cleanup"
- /root/exec.py -p "cassandra" -c "$command"
+ /root/exec.py -p "cassandra" -c "$command"
echo "Cleaned Node!! Backing up database now!!!"
command="nodetool snapshot -t $curr_time"
@@ -97,7 +97,7 @@ spec:
if [ 1 ] {{- range $t, $keyspace := $root.Values.backup.keyspacesToSkip }} && [ "{{ $keyspace.name }}" != "$keyspace_name" ] {{- end }}; then
/root/restore.sh -b $backup_dir/cassandra-{{ $i }}/data -s /onap-data/cassandra-{{ $i }}/data/$keyspace_name -k $keyspace_name -t $curr_time &
pids="$pids $!"
- fi
+ fi
done
{{- end }}
@@ -121,7 +121,7 @@ spec:
echo "Failed" > /backup/backup.log
exit 0
fi
-
+
mv /backup/temp /backup/backup-${curr_time}
echo "Success" > /backup/backup.log
echo "Cassandra Backup Succeeded"
@@ -135,8 +135,10 @@ spec:
- mountPath: /etc/localtime
name: localtime
readOnly: true
- - mountPath: /onap-data
- name: data-dir
+ {{- range $i := until (int .Values.replicaCount)}}
+ - mountPath: /onap-data/cassandra-{{ $i }}
+ name: data-dir-{{ $i }}
+ {{- end }}
- mountPath: /backup
name: backup-dir
- name: scripts
@@ -144,7 +146,7 @@ spec:
subPath: restore.sh
- name: scripts
mountPath: /root/exec.py
- subPath: exec.py
+ subPath: exec.py
containers:
- name: cassandra-backup-validate
image: "{{ .Values.image }}"
@@ -200,7 +202,7 @@ spec:
done
kill -9 $CASS_PID
{{- end }}
- echo "Validation Successful!!!"
+ echo "Validation Successful!!!"
cd /backup
totalFiles=`ls -t | grep "backup-" | wc -l`
if [ $totalFiles -gt {{ .Values.backup.retentionPeriod }} ]; then
@@ -230,13 +232,14 @@ spec:
path: /etc/localtime
- name: scripts
configMap:
- name: {{ include "common.fullname" $ }}-configmap
+ name: {{ include "common.fullname" . }}-configmap
defaultMode: 0755
- - name: data-dir
+ {{- range $i := until (int .Values.replicaCount)}}
+ - name: data-dir-{{ $i }}
persistentVolumeClaim:
- claimName: {{ include "common.fullname" . }}-db-data
+ claimName: {{ include "common.fullname" . }}-data-{{ $i }}
+ {{- end }}
- name: backup-dir
persistentVolumeClaim:
claimName: {{ include "common.fullname" . }}-backup-data
{{- end -}}
-
diff --git a/kubernetes/common/cassandra/templates/backup/pv.yaml b/kubernetes/common/cassandra/templates/backup/pv.yaml
index 332dc95e05..10c310077b 100644
--- a/kubernetes/common/cassandra/templates/backup/pv.yaml
+++ b/kubernetes/common/cassandra/templates/backup/pv.yaml
@@ -1,5 +1,5 @@
{{/*
-# Copyright © 2019 Amdocs, Bell Canada, AT&T
+# Copyright © 2019 Amdocs, Bell Canada, AT&T, Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -14,25 +14,8 @@
# limitations under the License.
*/}}
{{- if .Values.backup.enabled }}
-{{ if .Values.persistence.enabled }}
-apiVersion: v1
-kind: PersistentVolume
-metadata:
- name: {{ include "common.fullname" . }}-db-data
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- heritage: {{ .Release.Service }}
- name: {{ include "common.fullname" . }}-db-data
-spec:
- capacity:
- storage: {{ .Values.persistence.size }}
- accessModes:
- - {{ .Values.persistence.accessMode }}
- hostPath:
- path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}
- persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
+{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
+{{- if eq "True" (include "common.needPV" .) -}}
---
apiVersion: v1
kind: PersistentVolume
@@ -49,9 +32,10 @@ spec:
storage: {{ .Values.persistence.size }}
accessModes:
- {{ .Values.persistence.accessMode }}
- hostPath:
- path: {{ .Values.global.persistence.backup.mountPath | default .Values.persistence.backup.mountPath }}/{{ include "common.namespace" $ }}/{{ include "common.fullname" $ }}
persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
-{{ end }}
+ storageClassName: "{{ include "common.fullname" . }}-data"
+ hostPath:
+ path: {{ .Values.global.persistence.backup.mountPath | default .Values.persistence.backup.mountPath }}/{{ include "common.namespace" . }}/{{ include "common.fullname" . }}
+{{- end -}}
+{{- end -}}
{{- end -}}
-
diff --git a/kubernetes/common/cassandra/templates/backup/pvc.yaml b/kubernetes/common/cassandra/templates/backup/pvc.yaml
index 1f848c3315..dd7f3810a0 100644
--- a/kubernetes/common/cassandra/templates/backup/pvc.yaml
+++ b/kubernetes/common/cassandra/templates/backup/pvc.yaml
@@ -15,36 +15,6 @@
*/}}
{{- if .Values.backup.enabled }}
{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
-kind: PersistentVolumeClaim
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}-db-data
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}-backup
- chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
-{{- if .Values.persistence.annotations }}
- annotations:
-{{ toYaml .Values.persistence.annotations | indent 4 }}
-{{- end }}
-spec:
- selector:
- matchLabels:
- name: {{ include "common.fullname" . }}-db-data
- accessModes:
- - {{ .Values.persistence.accessMode }}
- resources:
- requests:
- storage: {{ .Values.persistence.size }}
-{{- if .Values.persistence.storageClass }}
-{{- if (eq "-" .Values.persistence.storageClass) }}
- storageClassName: ""
-{{- else }}
- storageClassName: "{{ .Values.persistence.storageClass }}"
-{{- end }}
-{{- end }}
---
kind: PersistentVolumeClaim
apiVersion: v1
@@ -61,20 +31,11 @@ metadata:
{{ toYaml .Values.persistence.annotations | indent 4 }}
{{- end }}
spec:
- selector:
- matchLabels:
- name: {{ include "common.fullname" . }}-backup-data
accessModes:
- {{ .Values.persistence.accessMode }}
resources:
requests:
storage: {{ .Values.persistence.size }}
-{{- if .Values.persistence.storageClass }}
-{{- if (eq "-" .Values.persistence.storageClass) }}
- storageClassName: ""
-{{- else }}
- storageClassName: "{{ .Values.persistence.storageClass }}"
-{{- end }}
-{{- end }}
+ storageClassName: {{ include "common.storageClass" . }}
{{- end -}}
{{- end -}}
diff --git a/kubernetes/common/cassandra/templates/pv.yaml b/kubernetes/common/cassandra/templates/pv.yaml
index 06f41e7683..fbbb5ba105 100644
--- a/kubernetes/common/cassandra/templates/pv.yaml
+++ b/kubernetes/common/cassandra/templates/pv.yaml
@@ -12,28 +12,35 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-{{ if .Values.persistence.enabled }}
-{{- $root := . -}}
-{{ range $i, $e := until (int $root.Values.replicaCount) }}
+{{- $global := . }}
+{{- if and $global.Values.persistence.enabled (not $global.Values.persistence.existingClaim) }}
+{{- if eq "True" (include "common.needPV" .) -}}
+{{- range $i := until (int $global.Values.replicaCount)}}
---
apiVersion: v1
kind: PersistentVolume
metadata:
- name: {{ $root.Release.Name }}-{{ $root.Values.service.name }}-{{ $i }}
- namespace: {{ $root.Release.Namespace }}
+ name: {{ $global.Release.Name }}-{{ $global.Values.service.name }}-{{ $i }}
+ namespace: {{ $global.Release.Namespace }}
labels:
- type: {{ $root.Values.persistence.storageType }}
- app: {{ $root.Values.service.name }}
- chart: {{ $root.Chart.Name }}-{{ $root.Chart.Version | replace "+" "_" }}
- release: {{ $root.Release.Name }}
- heritage: {{ $root.Release.Service }}
+ type: {{ $global.Values.persistence.storageType }}
+ app: {{ $global.Values.service.name }}
+ chart: {{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}
+ release: {{ $global.Release.Name }}
+ heritage: {{ $global.Release.Service }}
spec:
capacity:
- storage: {{ $root.Values.persistence.size }}
+ storage: {{ $global.Values.persistence.size }}
accessModes:
- - {{ $root.Values.persistence.accessMode }}
+ {{- if $global.Values.backup.enabled }}
+ - ReadWriteMany
+ {{- else }}
+ - ReadWriteOnce
+ {{- end }}
+ persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }}
+ storageClassName: "{{ include "common.fullname" $global }}-data"
hostPath:
- path: {{ $root.Values.persistence.mountPath }}/{{ $root.Release.Name }}/{{ $root.Values.persistence.mountSubPath }}-{{ $i }}
- persistentVolumeReclaimPolicy: {{ $root.Values.persistence.volumeReclaimPolicy }}
-{{ end }}
-{{ end }}
+ path: {{ $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.mountSubPath }}-{{ $i }}
+{{- end -}}
+{{- end -}}
+{{- end -}}
diff --git a/kubernetes/common/cassandra/templates/statefulset.yaml b/kubernetes/common/cassandra/templates/statefulset.yaml
index 4be3570851..72e886d4d1 100644
--- a/kubernetes/common/cassandra/templates/statefulset.yaml
+++ b/kubernetes/common/cassandra/templates/statefulset.yaml
@@ -49,7 +49,7 @@ spec:
- containerPort: {{ $ports.port }}
{{- end }}
volumeMounts:
- - name: cassandra-data
+ - name: {{ include "common.fullname" . }}-data
mountPath: /var/lib/cassandra
- name: localtime
mountPath: /etc/localtime
@@ -151,25 +151,26 @@ spec:
name: {{ include "common.fullname" . }}-entrypoint
defaultMode: 0755
{{- if not .Values.persistence.enabled }}
- - name: cassandra-data
+ - name: {{ include "common.fullname" . }}-data
emptyDir: {}
{{- else }}
volumeClaimTemplates:
- metadata:
- name: cassandra-data
+ name: {{ include "common.fullname" . }}-data
labels:
- app: {{ template "common.fullname" . }}
+ name: {{ include "common.fullname" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
- annotations:
- volume.beta.kubernetes.io/storage-class: {{ .Values.persistence.storageClass }}
spec:
accessModes:
- - {{ .Values.persistence.accessMode | quote }}
+ {{- if .Values.backup.enabled }}
+ - ReadWriteMany
+ {{- else }}
+ - ReadWriteOnce
+ {{- end }}
+ storageClassName: {{ include "common.storageClass" . }}
resources:
requests:
storage: {{ .Values.persistence.size | quote }}
- selector:
- matchLabels:
- release: "{{ .Release.Name }}"
{{- end }}
diff --git a/kubernetes/common/cassandra/values.yaml b/kubernetes/common/cassandra/values.yaml
index e568996b15..c3af7e59b2 100644
--- a/kubernetes/common/cassandra/values.yaml
+++ b/kubernetes/common/cassandra/values.yaml
@@ -115,12 +115,12 @@ persistence:
## GKE, AWS & OpenStack)
##
## storageClass: "-"
- accessMode: ReadWriteOnce
+ ## Not set as it depends of the backup enabledment or not.
+ #accessMode: ReadWriteOnce
size: 2Gi
mountPath: /dockerdata-nfs
mountSubPath: cassandra
storageType: local
- storageClass: ""
backup:
mountPath: /dockerdata-nfs/backup
diff --git a/kubernetes/common/common/templates/_createPassword.tpl b/kubernetes/common/common/templates/_createPassword.tpl
new file mode 100644
index 0000000000..938b0ee514
--- /dev/null
+++ b/kubernetes/common/common/templates/_createPassword.tpl
@@ -0,0 +1,62 @@
+{{/*
+# Copyright © 2019 Samsung Electronics
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{/*
+ Resolve the master password to be used to derive other passwords. The value of
+ .Values.masterPassword is used by default, unless either override mechanism is
+ used:
+
+ - .Values.global.masterPassword : override default master password for all charts
+ - .Values.masterPasswordOverride : override global and default masterPassword on a per chart basis
+*/}}
+{{- define "common.masterPassword" -}}
+ {{ if .Values.masterPasswordOverride }}
+ {{- printf "%d" .Values.masterPasswordOverride -}}
+ {{ else if .Values.global.masterPassword }}
+ {{- printf "%d" .Values.global.masterPassword -}}
+ {{ else if .Values.masterPassword }}
+ {{- printf "%d" .Values.masterPassword -}}
+ {{ else }}
+ {{ fail "masterPassword not provided" }}
+ {{ end }}
+{{- end -}}
+
+{{/*
+ Generate a new password based on masterPassword. The new password is not
+ random, it is derived from masterPassword, fully qualified chart name and
+ additional uid provided by the user. This ensures that every time when we
+ run this function from the same place, with the same password and uid we
+ get the same results. This allows to avoid password changes while you are
+ doing upgrade.
+
+ The function can take from one to three arguments (inside a dictionary):
+ - .dot : environment (.)
+ - .uid : unique identifier of password to be generated within this particular chart. Use only when you create more than a single password within one chart
+ - .strength : complexity of derived password. See derivePassword documentation for more details
+
+ Example calls:
+
+ {{ include "common.createPassword" . }}
+ {{ include "common.createPassword" (dict "dot" . "uid" "mysqlRootPasswd") }}
+
+*/}}
+{{- define "common.createPassword" -}}
+ {{- $dot := default . .dot -}}
+ {{- $uid := default "onap" .uid -}}
+ {{- $strength := default "long" .strength -}}
+ {{- $mp := include "common.masterPassword" $dot -}}
+ {{- derivePassword 1 $strength $mp (include "common.fullname" $dot) $uid -}}
+{{- end -}}
diff --git a/kubernetes/common/common/templates/_ingress.tpl b/kubernetes/common/common/templates/_ingress.tpl
index 49d7eeb415..b4afe6309d 100644
--- a/kubernetes/common/common/templates/_ingress.tpl
+++ b/kubernetes/common/common/templates/_ingress.tpl
@@ -1,12 +1,24 @@
{{- define "ingress.config.port" -}}
{{- if .Values.ingress -}}
-{{- if .Values.ingress.service -}}
+{{- if or (not .Values.global.ingress.virtualhost) (not .Values.global.ingress.virtualhost.enabled) -}}
+ - http:
+ paths:
{{- range .Values.ingress.service }}
- - path: {{ .path }}
+ - path: {{ printf "/%s" (required "baseaddr" .baseaddr) }}
backend:
serviceName: {{ .name }}
servicePort: {{ .port }}
{{- end -}}
+{{- else if .Values.ingress.service -}}
+{{- $burl := (required "baseurl" .Values.global.ingress.virtualhost.baseurl) -}}
+{{ range .Values.ingress.service }}
+ - host: {{ printf "%s.%s" (required "baseaddr" .baseaddr) $burl }}
+ http:
+ paths:
+ - backend:
+ serviceName: {{ .name }}
+ servicePort: {{ .port }}
+{{- end -}}
{{- else -}}
- path: {{ printf "/%s" .Chart.Name }}
backend:
@@ -17,18 +29,37 @@
{{- end -}}
+{{- define "ingress.config.annotations.ssl" -}}
+{{- if .Values.ingress.config -}}
+{{- if .Values.ingress.config.ssl -}}
+{{- if eq .Values.ingress.config.ssl "redirect" -}}
+kubernetes.io/ingress.class: nginx
+nginx.ingress.kubernetes.io/ssl-passthrough: "true"
+nginx.ingress.kubernetes.io/ssl-redirect: "true"
+{{- else if eq .Values.ingress.config.ssl "native" -}}
+nginx.ingress.kubernetes.io/ssl-redirect: "true"
+{{- else if eq .Values.ingress.config.ssl "none" -}}
+nginx.ingress.kubernetes.io/ssl-redirect: "false"
+{{- end -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+
+
{{- define "ingress.config.annotations" -}}
{{- if .Values.ingress -}}
{{- if .Values.ingress.annotations -}}
{{ toYaml .Values.ingress.annotations | indent 4 | trim }}
{{- end -}}
{{- end -}}
+{{ include "ingress.config.annotations.ssl" . | indent 4 | trim }}
{{- end -}}
{{- define "common.ingress" -}}
{{- if .Values.ingress -}}
-{{- if .Values.ingress.enabled -}}
+{{- if .Values.global.ingress -}}
+{{- if and .Values.ingress.enabled .Values.global.ingress.enabled -}}
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
@@ -42,9 +73,7 @@ metadata:
heritage: {{ .Release.Service }}
spec:
rules:
- - http:
- paths:
- {{- include "ingress.config.port" . }}
+ {{ include "ingress.config.port" . | trim }}
{{- if .Values.ingress.tls }}
tls:
{{ toYaml .Values.ingress.tls | indent 4 }}
@@ -52,4 +81,4 @@ spec:
{{- end -}}
{{- end -}}
{{- end -}}
-
+{{- end -}} \ No newline at end of file
diff --git a/kubernetes/common/common/templates/_mariadb.tpl b/kubernetes/common/common/templates/_mariadb.tpl
new file mode 100644
index 0000000000..15fb5a4225
--- /dev/null
+++ b/kubernetes/common/common/templates/_mariadb.tpl
@@ -0,0 +1,59 @@
+{{/*
+# Copyright © 2019 Orange
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{/*
+ Choose the name of the mariadb service to use.
+*/}}
+{{- define "common.mariadbService" -}}
+ {{- if .Values.global.mariadbGalera.localCluster -}}
+ {{- index .Values "mariadb-galera" "service" "name" -}}
+ {{- else -}}
+ {{- .Values.global.mariadbGalera.service -}}
+ {{- end -}}
+{{- end -}}
+
+{{/*
+ Choose the value of mariadb port to use.
+*/}}
+{{- define "common.mariadbPort" -}}
+ {{- if .Values.global.mariadbGalera.localCluster -}}
+ {{- index .Values "mariadb-galera" "service" "internalPort" -}}
+ {{- else -}}
+ {{- .Values.global.mariadbGalera.internalPort -}}
+ {{- end -}}
+{{- end -}}
+
+{{/*
+ Choose the value of secret to retrieve user value.
+*/}}
+{{- define "common.mariadbSecret" -}}
+ {{- if .Values.global.mariadbGalera.localCluster -}}
+ {{ printf "%s-%s-db-user-credentials" (include "common.fullname" .) (index .Values "mariadb-galera" "nameOverride") -}}
+ {{- else -}}
+ {{ printf "%s-%s" (.Release.Name) (index .Values "mariadb-init" "nameOverride") -}}
+ {{- end -}}
+{{- end -}}
+
+{{/*
+ Choose the value of secret param to retrieve user value.
+*/}}
+{{- define "common.mariadbSecretParam" -}}
+ {{- if .Values.global.mariadbGalera.localCluster -}}
+ {{ printf "password" -}}
+ {{- else -}}
+ {{ printf "db-user-password" -}}
+ {{- end -}}
+{{- end -}}
diff --git a/kubernetes/common/common/templates/_name.tpl b/kubernetes/common/common/templates/_name.tpl
index 4299984673..f84ca21f3a 100644
--- a/kubernetes/common/common/templates/_name.tpl
+++ b/kubernetes/common/common/templates/_name.tpl
@@ -28,4 +28,14 @@
{{- define "common.fullname" -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
-{{- end -}} \ No newline at end of file
+{{- end -}}
+
+{{/*
+ Retrieve the "original" release from the component release:
+ if ONAP is deploy with "helm deploy --name toto", then cassandra components
+ will have "toto-cassandra" as release name.
+ this function would answer back "toto".
+*/}}
+{{- define "common.release" -}}
+ {{- regexReplaceAll "-[a-zA-Z0-9]*$" .Release.Name "" }}
+{{- end -}}
diff --git a/kubernetes/common/common/templates/_secret.yaml b/kubernetes/common/common/templates/_secret.yaml
new file mode 100644
index 0000000000..523d7880f0
--- /dev/null
+++ b/kubernetes/common/common/templates/_secret.yaml
@@ -0,0 +1,276 @@
+{{/*
+# Copyright © 2019 AT&T, Samsung Electronics
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{/*
+ For internal use only!
+
+ Generates a secret header with given name and desired labels.
+
+ The template takes two arguments:
+ - .global: environment (.)
+ - .name: name of the secret
+
+ Example call:
+ {{ include "common.secret._header" (dict "global" . "name" "myFancyName") }}
+*/}}
+{{- define "common.secret._header" -}}
+{{- $global := .global }}
+{{- $name := .name }}
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ $name }}
+ namespace: {{ include "common.namespace" $global }}
+ labels:
+ app: {{ include "common.name" $global }}
+ chart: {{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}
+ release: {{ $global.Release.Name }}
+ heritage: {{ $global.Release.Service }}
+type: Opaque
+{{- end -}}
+
+{{/*
+ For internal use only!
+
+ Pick a value based on "user input" and generation policy.
+
+ The template takes below arguments:
+ - .global: environment (.)
+ - .secretName: name of the secret where the value will be placed
+ - .secretEnv: map of values which configures this secret. This can contain below keys:
+ - value: Value of secret key provided by user (can be a template inside a string)
+ - policy: What to do if value is missing or empty. Possible options are:
+ - generate: Generate a new password deriving it from master password
+ - required: Fail the deployment if value has not been provided
+ Defaults to generate.
+ - name: Name of the key to which this value should be assigned
+*/}}
+{{- define "common.secret._value" -}}
+ {{- $global := .global }}
+ {{- $name := .secretName }}
+ {{- $secretEnv := .secretEnv }}
+ {{- $value := tpl $secretEnv.value $global }}
+ {{- $policy := default "generate" $secretEnv.policy }}
+
+ {{- if $value }}
+ {{- $value | quote }}
+ {{- else if eq $policy "generate" }}
+ {{- include "common.createPassword" (dict "dot" $global "uid" $name) | quote }}
+ {{- else }}
+ {{- fail (printf "Value for %s secret %s key not provided" $name $secretEnv.name) }}
+ {{- end }}
+{{- end -}}
+
+
+{{/*
+ For internal use only!
+
+ Generate a secret name based on provided name or UID.
+ If UID is provided then the name is generated by appending this UID right after
+ the chart name. If name is provided, it overrides the name generation algorith
+ and is used right away. Both name and uid strings may contain a template to be
+ resolved.
+
+ The template takes below arguments:
+ - .global: environment (.)
+ - .uid: string that uniquely identifies this secret within a helm chart
+ - .name: string that can be used to override default name generation algorithm
+ and provide a custom name for the secret
+*/}}
+{{- define "common.secret._genName" -}}
+ {{- $global := .global }}
+ {{- $uid := tpl (default "" .uid) $global }}
+ {{- $name := tpl (default "" .name) $global }}
+ {{- default (printf "%s-%s" (include "common.fullname" $global) $uid) $name }}
+{{- end -}}
+
+{{/*
+ Get the real secret name by UID or name, based on the configuration provided by user.
+ User may decide to not create a new secret but reuse existing one for this deployment
+ (aka externalSecret). In this case the real name of secret to be used is different
+ than the one declared in secret definition. This easily retrieve current secret real
+ name based on declared name or UID even if it has been overrided by the user using
+ externalSecret option. You should use this template always when you need to reference
+ a secret created using common.secret template by name.
+
+ The template takes below arguments:
+ - .global: environment (.)
+ - .uid: string that uniquely identifies this secret within a helm chart
+ (can be omitted if name has been provided)
+ - .name: name which was used to declare a secret
+ (can be omitted if uid has been provided)
+*/}}
+{{- define "common.secret.getSecretName" -}}
+ {{- $global := .global }}
+ {{- $targetName := include "common.secret._genName" (dict "global" $global "uid" .uid "name" .name) }}
+ {{- range $secret := $global.Values.secrets }}
+ {{- $currName := include "common.secret._genName" (dict "global" $global "uid" $secret.uid "name" $secret.name) }}
+ {{- if eq $currName $targetName }}
+ {{- $externalSecret := tpl (default "" $secret.externalSecret) $global }}
+ {{- default $currName $externalSecret }}
+ {{- end }}
+ {{- end }}
+{{- end -}}
+
+{{/*
+ Convenience template which can be used to easily set the value of environment variable
+ to the value of a key in a secret.
+
+ It takes care of all name mangling, usage of external secrets etc.
+
+ The template takes below arguments:
+ - .global: environment (.)
+ - .uid: string that uniquely identifies this secret within a helm chart
+ (can be omitted if name has been provided)
+ - .name: name which was used to declare a secret
+ (can be omitted if uid has been provided)
+ - .key: Key within this secret which value should be assigned to this variable
+
+ Example usage:
+ env:
+ - name: SECRET_PASSWORD
+ {{- include "common.secret.envFromSecret" (dict "global" . "uid" "secret" "key" "password") | indent 8}}
+*/}}
+{{- define "common.secret.envFromSecret" -}}
+ {{- $key := .key }}
+valueFrom:
+ secretKeyRef:
+ name: {{ include "common.secret.getSecretName" . }}
+ key: {{ $key }}
+{{- end -}}
+
+{{/*
+ Define secrets to be used by chart.
+ Every secret has a type which is one of:
+ - generic:
+ Generic secret template that allows to input some raw data (from files).
+ File Input can be passed as list of files (filePaths) or as a single string
+ (filePath)
+ - genericKV:
+ Type of secret which allows you to define a list of key value pairs.
+ The list is assiged to envs value. Every item may define below items:
+ - name:
+ Identifier of this value within secret
+ - value:
+ String that defines a value associated with given key.
+ This can be a simple string or a template.
+ - policy:
+ Defines what to do if value is not provided by the user.
+ Available options are:
+ - generate:
+ Generate a value by derriving it from master password
+ - required:
+ Fail the deployment
+ - password:
+ Type of secret that holds only the password.
+ Only two items can be defined for this type:
+ - password:
+ Equivalent of value field from genericKV
+ - policy:
+ The same meaning as for genericKV policy field
+ - basicAuth:
+ Type of secret that holds both username and password.
+ Below fields are available:
+ - login:
+ The value for login key.
+ This can be a simple string or a template.
+ Providing a value for login is always required.
+ - password:
+ The value for password key.
+ This can be a simple string or a template.
+ - passwordPolicy:
+ The same meaning as the policy field in genericKV.
+ Only the policy for password can be set.
+
+ Every secret can be identified using:
+ - uid:
+ A string to be appended to the chart fullname to generate a secret name.
+ - name:
+ Overrides default secret name generation and allows to set immutable
+ and globaly unique name
+
+ To allow sharing a secret between the components and allow to pre-deploy secrets
+ before ONAP deployment it is possible to use already existing secret instead of
+ creating a new one. For this purpose externalSecret field can be used. If value of
+ this field is evaluated to true no new secret is created, only the name of the
+ secret is aliased to the external one.
+
+ Example usage:
+ secrets.yaml:
+ {{ include "common.secret" . }}
+
+ values.yaml:
+ mysqlLogin: "root"
+
+ mysqlExternalSecret: "some-other-secret-name"
+
+ secrets:
+ - uid: "mysql"
+ externalSecret: '{{ tpl .Values.passExternalSecret . }}'
+ type: basicAuth
+ login: '{{ .Values.mysqlLogin }}'
+ mysqlPassword: '{{ .Values.mysqlPassword }}'
+ passwordPolicy: generate
+
+ In the above example new secret is not going to be created.
+ Already existing one (some-other-secret-name) is going to be used.
+ To force creating a new one, just make sure that mysqlExternalSecret
+ is not set.
+
+*/}}
+{{- define "common.secret" -}}
+ {{- $global := . }}
+ {{- range $secret := .Values.secrets }}
+ {{- $name := include "common.secret._genName" (dict "global" $global "uid" $secret.uid "name" $secret.name) }}
+ {{- $type := default "generic" $secret.type }}
+ {{- $externalSecret := tpl (default "" $secret.externalSecret) $global }}
+ {{- if not $externalSecret }}
+---
+ {{ include "common.secret._header" (dict "global" $global "name" $name) }}
+
+ {{- if eq $type "generic" }}
+data:
+ {{- range $curFilePath := $secret.filePaths }}
+ {{ tpl ($global.Files.Glob $curFilePath).AsSecrets $global | indent 2 }}
+ {{- end }}
+ {{- if $secret.filePath }}
+ {{ tpl ($global.Files.Glob $secret.filePath).AsSecrets $global | indent 2 }}
+ {{- end }}
+ {{- else if eq $type "genericKV" }}
+stringData:
+ {{- if $secret.envs }}
+ {{- range $secretEnv := $secret.envs }}
+ {{- $valueDesc := (dict "global" $global "secretName" $name "secretEnv" $secretEnv) }}
+ {{ $secretEnv.name }}: {{ include "common.secret._value" $valueDesc }}
+ {{- end }}
+ {{- end }}
+ {{- else if eq $type "password" }}
+ {{- $secretEnv := (dict "policy" (default "generate" $secret.policy) "name" "password" "value" $secret.password) }}
+ {{- $valueDesc := (dict "global" $global "secretName" $name "secretEnv" $secretEnv) }}
+stringData:
+ password: {{ include "common.secret._value" $valueDesc }}
+ {{- else if eq $type "basicAuth" }}
+stringData:
+ {{- $secretEnv := (dict "policy" "required" "name" "login" "value" $secret.login) }}
+ {{- $valueDesc := (dict "global" $global "secretName" $name "secretEnv" $secretEnv) }}
+ login: {{ include "common.secret._value" $valueDesc }}
+ {{- $secretEnv := (dict "policy" (default "generate" $secret.passwordPolicy) "name" "password" "value" $secret.password) }}
+ {{- $valueDesc := (dict "global" $global "secretName" $name "secretEnv" $secretEnv) }}
+ password: {{ include "common.secret._value" $valueDesc }}
+ {{- end }}
+ {{- end }}
+ {{- end }}
+{{- end -}}
diff --git a/kubernetes/common/etcd/templates/pv.yaml b/kubernetes/common/etcd/templates/pv.yaml
index 65993e5f2a..da8dfb8a22 100644
--- a/kubernetes/common/etcd/templates/pv.yaml
+++ b/kubernetes/common/etcd/templates/pv.yaml
@@ -12,30 +12,34 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-{{ if .Values.persistence.enabled }}
-{{- $root := . -}}
-{{ range $i, $e := until (int $root.Values.replicaCount) }}
+{{- $global := . }}
+{{- if and $global.Values.persistence.enabled (not $global.Values.persistence.existingClaim) }}
+{{- if eq "True" (include "common.needPV" .) -}}
+{{- range $i := until (int $global.Values.replicaCount)}}
---
apiVersion: v1
kind: PersistentVolume
metadata:
- name: {{ include "common.fullname" $root }}-data-{{ $i }}
- namespace: {{ $root.Release.Namespace }}
+ name: {{ include "common.fullname" $global }}-data-{{ $i }}
+ namespace: {{ include "common.namespace" $global }}
labels:
- type: {{ $root.Values.persistence.storageType }}
- app: {{ include "common.fullname" $root }}
- chart: {{ $root.Chart.Name }}-{{ $root.Chart.Version | replace "+" "_" }}
- release: {{ $root.Release.Name }}
- heritage: {{ $root.Release.Service }}
+ app: {{ include "common.fullname" $global }}
+ chart: "{{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}"
+ release: "{{ $global.Release.Name }}"
+ heritage: "{{ $global.Release.Service }}"
+ name: {{ include "common.fullname" $global }}
spec:
capacity:
- storage: {{ $root.Values.persistence.storage }}
+ storage: {{ $global.Values.persistence.storage }}
accessModes:
- - {{ $root.Values.persistence.accessMode }}
- storageClassName: "{{ include "common.fullname" $root }}-data"
+ - {{ $global.Values.persistence.accessMode }}
+ persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }}
+ storageClassName: "{{ include "common.fullname" $global }}-data"
hostPath:
- path: {{ $root.Values.persistence.mountPath }}/{{ $root.Release.Name }}/{{ $root.Values.persistence.mountSubPath }}-{{ $i }}
- persistentVolumeReclaimPolicy: {{ $root.Values.persistence.volumeReclaimPolicy }}
-{{ end }}
-{{ end }}
-
+ path: {{ $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.mountSubPath }}-{{ $i }}
+{{if ne $i (int $global.Values.replicaCount) }}
+---
+{{- end -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
diff --git a/kubernetes/common/etcd/templates/statefulset.yaml b/kubernetes/common/etcd/templates/statefulset.yaml
index 7190c5bca0..cef1a48c2a 100644
--- a/kubernetes/common/etcd/templates/statefulset.yaml
+++ b/kubernetes/common/etcd/templates/statefulset.yaml
@@ -213,14 +213,19 @@ spec:
volumeClaimTemplates:
- metadata:
name: {{ include "common.fullname" . }}-data
+ labels:
+ name: {{ include "common.fullname" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
spec:
accessModes:
- - "{{ .Values.persistence.accessMode }}"
+ - "{{ .Values.persistence.accessMode }}"
+ storageClassName: {{ include "common.storageClass" . }}
resources:
requests:
# upstream recommended max is 700M
storage: "{{ .Values.persistence.storage }}"
- storageClassName: {{ include "common.fullname" . }}-data
{{- else }}
volumes:
- name: {{ include "common.fullname" . }}-data
@@ -231,4 +236,3 @@ spec:
emptyDir: {}
{{- end }}
{{- end }}
-
diff --git a/kubernetes/common/etcd/values.yaml b/kubernetes/common/etcd/values.yaml
index 7f53d22248..d994f87ea4 100644
--- a/kubernetes/common/etcd/values.yaml
+++ b/kubernetes/common/etcd/values.yaml
@@ -45,7 +45,7 @@ liveness:
enabled: true
persistence:
- enabled: false
+ enabled: true
## etcd data Persistent Volume Storage Class
## If defined, storageClassName: <storageClass>
## If set to "-", storageClassName: "", which disables dynamic provisioning
@@ -79,4 +79,3 @@ tolerations: []
affinity: {}
extraEnv: []
resources: {}
-
diff --git a/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml b/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml
index 7d3ec75c00..408bd1814c 100644
--- a/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml
+++ b/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml
@@ -1,5 +1,5 @@
{{/*
-# Copyright © 2019 Amdocs, Bell Canada
+# Copyright © 2019 Amdocs, Bell Canada, Samsung Electronics
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -86,25 +86,17 @@ spec:
echo "Backup Successful!!!"
env:
- name: DB_PASS
- valueFrom:
- secretKeyRef:
- name: {{ include "common.fullname" . }}
- key: db-root-password
+ {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-root-password" "key" "password") | indent 14}}
volumeMounts:
- - name: backup-data
+ - name: backup-dir
mountPath: /backup
- - name: db-data
- mountPath: /var/lib/mysql
containers:
- name: mariadb-backup-validate
image: "{{ include "common.repository" . }}/{{ .Values.backupImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
env:
- name: MYSQL_ROOT_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ include "common.fullname" . }}
- key: db-root-password
+ {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-root-password" "key" "password") | indent 14}}
command:
- /bin/bash
- -c
@@ -130,7 +122,7 @@ spec:
remove_dir $target_dir
exit 0
fi
-
+
/docker-entrypoint.sh mysqld &
count=0
@@ -163,16 +155,13 @@ spec:
- mountPath: /etc/localtime
name: localtime
readOnly: true
- - name: backup-data
+ - name: backup-dir
mountPath: /backup
volumes:
- name: localtime
hostPath:
path: /etc/localtime
- - name: db-data
- persistentVolumeClaim:
- claimName: {{ include "common.fullname" . }}-db-data
- - name: backup-data
+ - name: backup-dir
persistentVolumeClaim:
- claimName: {{ include "common.fullname" . }}-backup
+ claimName: {{ include "common.fullname" . }}-backup-data
{{- end }}
diff --git a/kubernetes/common/mariadb-galera/templates/backup/pv.yaml b/kubernetes/common/mariadb-galera/templates/backup/pv.yaml
index 2972191563..ec6f44d955 100644
--- a/kubernetes/common/mariadb-galera/templates/backup/pv.yaml
+++ b/kubernetes/common/mariadb-galera/templates/backup/pv.yaml
@@ -1,5 +1,5 @@
{{/*
-# Copyright © 2019 Amdocs, Bell Canada
+# Copyright © 2019 Amdocs, Bell Canada, Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -15,45 +15,27 @@
*/}}
{{- if .Values.backup.enabled }}
{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
-kind: PersistentVolume
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}-backup
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
- name: {{ include "common.fullname" . }}-backup
-spec:
- capacity:
- storage: {{ .Values.persistence.size}}
- accessModes:
- - {{ .Values.persistence.accessMode }}
- persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
- hostPath:
- path: {{ .Values.global.persistence.backup.mountPath | default .Values.persistence.backup.mountPath }}/{{ include "common.namespace" . }}/{{include "common.name" . }}
+{{- if eq "True" (include "common.needPV" .) -}}
---
-kind: PersistentVolume
apiVersion: v1
+kind: PersistentVolume
metadata:
- name: {{ include "common.fullname" . }}-db-data
+ name: {{ include "common.fullname" . }}-backup-data
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
- name: {{ include "common.fullname" . }}-db-data
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ heritage: {{ .Release.Service }}
+ name: {{ include "common.fullname" . }}-backup-data
spec:
capacity:
- storage: {{ .Values.persistence.size}}
+ storage: {{ .Values.persistence.size }}
accessModes:
- {{ .Values.persistence.accessMode }}
persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
+ storageClassName: "{{ include "common.fullname" . }}-data-backup"
hostPath:
- path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}{{ sub .Values.replicaCount 1 }}
+ path: {{ .Values.global.persistence.backup.mountPath | default .Values.persistence.backup.mountPath }}/{{ include "common.namespace" $ }}/{{ include "common.fullname" $ }}
+{{- end -}}
{{- end -}}
{{- end -}}
-
diff --git a/kubernetes/common/mariadb-galera/templates/backup/pvc.yaml b/kubernetes/common/mariadb-galera/templates/backup/pvc.yaml
index a983c8af98..06b590c7fd 100644
--- a/kubernetes/common/mariadb-galera/templates/backup/pvc.yaml
+++ b/kubernetes/common/mariadb-galera/templates/backup/pvc.yaml
@@ -1,5 +1,5 @@
{{/*
-# Copyright © 2019 Amdocs, Bell Canada
+# Copyright © 2019 Amdocs, Bell Canada, Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -15,44 +15,14 @@
*/}}
{{- if .Values.backup.enabled }}
{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
-kind: PersistentVolumeClaim
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}-backup
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}-backup
- chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
-{{- if .Values.persistence.annotations }}
- annotations:
-{{ toYaml .Values.persistence.annotations | indent 4 }}
-{{- end }}
-spec:
- selector:
- matchLabels:
- name: {{ include "common.fullname" . }}-backup
- accessModes:
- - {{ .Values.persistence.accessMode }}
- resources:
- requests:
- storage: {{ .Values.persistence.size }}
-{{- if .Values.persistence.storageClass }}
-{{- if (eq "-" .Values.persistence.storageClass) }}
- storageClassName: ""
-{{- else }}
- storageClassName: "{{ .Values.persistence.storageClass }}"
-{{- end }}
-{{- end }}
---
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
- name: {{ include "common.fullname" . }}-db-data
+ name: {{ include "common.fullname" . }}-backup-data
namespace: {{ include "common.namespace" . }}
labels:
- app: {{ include "common.name" . }}-db-data
+ app: {{ include "common.name" . }}-backup
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
@@ -61,21 +31,15 @@ metadata:
{{ toYaml .Values.persistence.annotations | indent 4 }}
{{- end }}
spec:
- selector:
- matchLabels:
- name: {{ include "common.fullname" . }}-db-data
accessModes:
- {{ .Values.persistence.accessMode }}
resources:
requests:
storage: {{ .Values.persistence.size }}
-{{- if .Values.persistence.storageClass }}
-{{- if (eq "-" .Values.persistence.storageClass) }}
- storageClassName: ""
+{{- if eq "True" (include "common.needPV" .) -}}
+ storageClassName: "{{ include "common.fullname" . }}-data-backup"
{{- else }}
- storageClassName: "{{ .Values.persistence.storageClass }}"
-{{- end }}
-{{- end }}
+ storageClassName: {{ include "common.storageClass" . }}
+{{- end -}}
{{- end -}}
{{- end -}}
-
diff --git a/kubernetes/common/mariadb-galera/templates/pv.yaml b/kubernetes/common/mariadb-galera/templates/pv.yaml
index 96bd94ee3a..795ad3188b 100644
--- a/kubernetes/common/mariadb-galera/templates/pv.yaml
+++ b/kubernetes/common/mariadb-galera/templates/pv.yaml
@@ -20,7 +20,7 @@
kind: PersistentVolume
apiVersion: v1
metadata:
- name: {{ include "common.fullname" $global }}-data-{{$i}}
+ name: {{ include "common.fullname" $global }}-data-{{ $i }}
namespace: {{ include "common.namespace" $global }}
labels:
app: {{ include "common.fullname" $global }}
diff --git a/kubernetes/common/mariadb-galera/templates/secrets.yaml b/kubernetes/common/mariadb-galera/templates/secrets.yaml
index 233158f791..3f8eb0b6de 100644
--- a/kubernetes/common/mariadb-galera/templates/secrets.yaml
+++ b/kubernetes/common/mariadb-galera/templates/secrets.yaml
@@ -1,4 +1,5 @@
# Copyright © 2018 Amdocs, Bell Canada
+# Copyright © 2019 Samsung Electronics
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -11,18 +12,4 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
-type: Opaque
-data:
- db-root-password: {{ .Values.config.mariadbRootPassword | b64enc | quote }}
- user-password: {{ default "" .Values.config.userPassword | b64enc | quote }} \ No newline at end of file
+{{ include "common.secret" . }}
diff --git a/kubernetes/common/mariadb-galera/templates/statefulset.yaml b/kubernetes/common/mariadb-galera/templates/statefulset.yaml
index 2e770367b3..a9f1fb37b7 100644
--- a/kubernetes/common/mariadb-galera/templates/statefulset.yaml
+++ b/kubernetes/common/mariadb-galera/templates/statefulset.yaml
@@ -1,4 +1,4 @@
-# Copyright © 2018 Amdocs, Bell Canada
+# Copyright © 2019 Amdocs, Bell Canada, Orange, Samsung Electronics
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -61,19 +61,13 @@ spec:
apiVersion: v1
fieldPath: metadata.namespace
- name: MYSQL_USER
- value: {{ default "" .Values.config.userName | quote }}
+ {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-user-credentials" "key" "login") | indent 14}}
- name: MYSQL_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ template "common.fullname" . }}
- key: user-password
+ {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-user-credentials" "key" "password") | indent 14}}
- name: MYSQL_DATABASE
value: {{ default "" .Values.config.mysqlDatabase | quote }}
- name: MYSQL_ROOT_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ template "common.fullname" . }}
- key: db-root-password
+ {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-root-password" "key" "password") | indent 14}}
ports:
- containerPort: {{ .Values.service.internalPort }}
name: {{ .Values.service.portName }}
@@ -112,7 +106,7 @@ spec:
- mountPath: /var/lib/mysql
name: {{ include "common.fullname" . }}-data
initContainers:
- - name: mariadb-galera-prepare
+ - name: {{ include "common.name" . }}-prepare
image: "{{ include "common.repository" . }}/{{ .Values.imageInit }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy | quote}}
command: ["sh", "-c", "chown -R 27:27 /var/lib/mysql"]
diff --git a/kubernetes/common/mariadb-galera/values.yaml b/kubernetes/common/mariadb-galera/values.yaml
index 14215e46de..a6dd1ca359 100644
--- a/kubernetes/common/mariadb-galera/values.yaml
+++ b/kubernetes/common/mariadb-galera/values.yaml
@@ -1,4 +1,5 @@
# Copyright © 2018 Amdocs, Bell Canada
+# Copyright © 2019 Samsung Electronics
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -13,6 +14,21 @@
# limitations under the License.
#################################################################
+# Secrets metaconfig
+#################################################################
+secrets:
+ - uid: "db-root-password"
+ type: password
+ externalSecret: '{{ tpl (default "" .Values.config.mariadbRootPasswordExternalSecret) . }}'
+ password: '{{ .Values.config.mariadbRootPassword }}'
+ - uid: "db-user-credentials"
+ type: basicAuth
+ externalSecret: '{{ tpl (default "" .Values.config.userCredentialsExternalSecret) . }}'
+ login: '{{ .Values.config.userName }}'
+ password: '{{ .Values.config.userPassword }}'
+
+
+#################################################################
# Global configuration defaults.
#################################################################
global:
@@ -41,7 +57,9 @@ pullPolicy: IfNotPresent
# application configuration
config:
+ # .mariadbRootPasswordExternalSecret: 'some-external-secret'
mariadbRootPassword: secretpassword
+ # .userCredentialsExternalSecret: 'some-external-secret'
userName: my-user
userPassword: my-password
mysqlDatabase: my-database
diff --git a/kubernetes/common/mysql/.helmignore b/kubernetes/common/mariadb-init/.helmignore
index f0c1319444..dadf202953 100644
--- a/kubernetes/common/mysql/.helmignore
+++ b/kubernetes/common/mariadb-init/.helmignore
@@ -19,3 +19,5 @@
.project
.idea/
*.tmproj
+
+tests
diff --git a/kubernetes/common/nfs-provisioner/Chart.yaml b/kubernetes/common/mariadb-init/Chart.yaml
index ad16ed747b..47b8b8f11c 100644
--- a/kubernetes/common/nfs-provisioner/Chart.yaml
+++ b/kubernetes/common/mariadb-init/Chart.yaml
@@ -1,4 +1,4 @@
-# Copyright © 2019 Amdocs, Bell Canada
+# Copyright © 2018 Amdocs, Bell Canada
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -13,6 +13,6 @@
# limitations under the License.
apiVersion: v1
-description: NFS provisioner
-name: nfs-provisioner
+description: Chart for MariaDB Galera init job
+name: mariadb-init
version: 5.0.0
diff --git a/kubernetes/common/mysql/requirements.yaml b/kubernetes/common/mariadb-init/requirements.yaml
index 79d7de4dd3..d323ddaa2b 100644
--- a/kubernetes/common/mysql/requirements.yaml
+++ b/kubernetes/common/mariadb-init/requirements.yaml
@@ -1,4 +1,4 @@
-# Copyright © 2017 Amdocs, Bell Canada
+# Copyright © 2018 Amdocs, Bell Canada
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -15,4 +15,4 @@
dependencies:
- name: common
version: ~5.x-0
- repository: '@local'
+ repository: 'file://../common' \ No newline at end of file
diff --git a/kubernetes/common/mariadb-init/resources/config/db_init.sh b/kubernetes/common/mariadb-init/resources/config/db_init.sh
new file mode 100755
index 0000000000..304835bdd5
--- /dev/null
+++ b/kubernetes/common/mariadb-init/resources/config/db_init.sh
@@ -0,0 +1,32 @@
+#!/bin/sh
+# Copyright © 2019 Orange
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+echo "Creating database {{ .Values.config.mysqlDatabase }} and user {{ .Values.config.userName }}..."
+
+mysql -h ${DB_HOST} -P ${DB_PORT} -uroot -p$MYSQL_ROOT_PASSWORD -e "CREATE OR REPLACE USER '{{ .Values.config.userName }}'@'%' IDENTIFIED BY '${MYSQL_PASSWORD}'"
+mysql -h ${DB_HOST} -P ${DB_PORT} -uroot -p$MYSQL_ROOT_PASSWORD -e "CREATE DATABASE IF NOT EXISTS {{ .Values.config.mysqlDatabase }}"
+mysql -h ${DB_HOST} -P ${DB_PORT} -uroot -p$MYSQL_ROOT_PASSWORD -e "GRANT ALL PRIVILEGES ON {{ .Values.config.mysqlDatabase }}.* TO '{{ .Values.config.userName }}'@'%'"
+
+echo "Created database {{ .Values.config.mysqlDatabase }} and user {{ .Values.config.userName }}."
+
+{{ range $db, $dbInfos := .Values.config.mysqlAdditionalDatabases -}}
+echo "Creating database {{ $db }} and user {{ $dbInfos.user }}..."
+
+mysql -h ${DB_HOST} -P ${DB_PORT} -uroot -p$MYSQL_ROOT_PASSWORD -e "CREATE OR REPLACE USER '{{ $dbInfos.user }}'@'%' IDENTIFIED BY '${MYSQL_PASSWORD_{{ $db | upper }}}'"
+mysql -h ${DB_HOST} -P ${DB_PORT} -uroot -p$MYSQL_ROOT_PASSWORD -e "CREATE DATABASE IF NOT EXISTS {{ $db }}"
+mysql -h ${DB_HOST} -P ${DB_PORT} -uroot -p$MYSQL_ROOT_PASSWORD -e "GRANT ALL PRIVILEGES ON {{ $db }}.* TO '{{ $dbInfos.user }}'@'%'"
+
+echo "Created database {{ $db }} and user {{ $dbInfos.user }}."
+{{ end }}
diff --git a/kubernetes/common/mongo/templates/storageclass.yaml b/kubernetes/common/mariadb-init/templates/_configmap.tpl
index 3cd502ea30..ea612a078d 100644
--- a/kubernetes/common/mongo/templates/storageclass.yaml
+++ b/kubernetes/common/mariadb-init/templates/_configmap.tpl
@@ -1,5 +1,5 @@
{{/*
-# Copyright © 2017 Amdocs, Bell Canada
+# Copyright © 2019 Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -14,11 +14,13 @@
# limitations under the License.
*/}}
-{{ if not .Values.disableNfsProvisioner }}
-kind: StorageClass
-apiVersion: storage.k8s.io/v1
-metadata:
- name: "{{ include "common.fullname" . }}-data"
- namespace: {{ include "common.namespace" . }}
-provisioner: {{ include "common.fullname" . }}/nfs
-{{ end }}
+{{/*
+ Choose the name of the configmap to use.
+*/}}
+{{- define "mariadbInit.configMap" -}}
+ {{- if (eq "default" .Values.config.config_map) -}}
+ {{- include "common.fullname" . -}}
+ {{- else -}}
+ {{- printf "%s-%s" (include "common.release" .) .Values.config.config_map -}}
+ {{- end -}}
+{{- end -}}
diff --git a/kubernetes/common/mysql/Chart.yaml b/kubernetes/common/mariadb-init/templates/_mariadb.tpl
index 7f272295ff..fb3f7974b9 100644
--- a/kubernetes/common/mysql/Chart.yaml
+++ b/kubernetes/common/mariadb-init/templates/_mariadb.tpl
@@ -1,4 +1,5 @@
-# Copyright © 2017 Amdocs, Bell Canada
+{{/*
+# Copyright © 2019 Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -11,8 +12,15 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
-apiVersion: v1
-description: MySQL Server
-name: mysql
-version: 5.0.0
+{{/*
+ Choose the name of the mariadb secret to use.
+*/}}
+{{- define "mariadbInit.mariadbClusterSecret" -}}
+ {{- if (eq "default" .Values.global.mariadbGalera.userRootSecret) -}}
+ {{- printf "%s-mariadb-galera-%s-db-root-password" (include "common.release" .) .Values.global.mariadbGalera.nameOverride -}}
+ {{- else -}}
+ {{- .Values.global.mariadbGalera.userRootSecret -}}
+ {{- end -}}
+{{- end -}}
diff --git a/kubernetes/common/mysql/templates/secrets.yaml b/kubernetes/common/mariadb-init/templates/configmap.yaml
index 7f9b1230eb..9da03668f5 100644
--- a/kubernetes/common/mysql/templates/secrets.yaml
+++ b/kubernetes/common/mariadb-init/templates/configmap.yaml
@@ -1,5 +1,5 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
+# Copyright © 2019 Orange
+# Modifications Copyright © 2018 AT&T
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -12,18 +12,16 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-*/}}
apiVersion: v1
-kind: Secret
+kind: ConfigMap
metadata:
name: {{ include "common.fullname" . }}
namespace: {{ include "common.namespace" . }}
labels:
- app: {{ include "common.fullname" . }}
+ app: {{ include "common.name" . }}
chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
-type: Opaque
data:
- db-root-password: {{ .Values.config.dbRootPassword | b64enc | quote }}
+{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
diff --git a/kubernetes/common/mariadb-init/templates/job.yaml b/kubernetes/common/mariadb-init/templates/job.yaml
new file mode 100644
index 0000000000..679c10c9a3
--- /dev/null
+++ b/kubernetes/common/mariadb-init/templates/job.yaml
@@ -0,0 +1,105 @@
+# Copyright © 2019 Orange
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: batch/v1
+kind: Job
+metadata:
+ name: {{ include "common.fullname" . }}-config-job
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ backoffLimit: 20
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ name: {{ include "common.name" . }}
+ spec:
+ initContainers:
+ - name: {{ include "common.name" . }}-readiness
+ command:
+ - /root/ready.py
+ args:
+ - --container-name
+ - {{ .Values.global.mariadbGalera.nameOverride }}
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ containers:
+ - name: {{ include "common.name" . }}
+ image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command:
+ - bash
+ - /db_init/db_init.sh
+ env:
+ - name: DB_HOST
+ value: "{{ .Values.global.mariadbGalera.nameOverride }}"
+ - name: DB_PORT
+ value: "{{ .Values.global.mariadbGalera.servicePort }}"
+ - name: MYSQL_ROOT_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "mariadbInit.mariadbClusterSecret" . }}
+ key: {{ .Values.global.mariadbGalera.userRootSecretKey }}
+ - name: MYSQL_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ template "common.fullname" . }}
+ key: db-user-password
+{{- $root := . }}
+{{ range $db, $_value := .Values.config.mysqlAdditionalDatabases }}
+ - name: {{ printf "MYSQL_PASSWORD_%s" $db | upper }}
+ valueFrom:
+ secretKeyRef:
+ name: {{ template "common.fullname" $root }}-secret
+ key: {{ printf "db-%s-user-password" $db }}
+{{ end }}
+ volumeMounts:
+ - mountPath: /etc/localtime
+ name: localtime
+ readOnly: true
+ - name: mariadb-conf
+ mountPath: /db_init/
+ readOnly: true
+ resources:
+{{ include "common.resources" . | indent 12 }}
+ {{- if .Values.nodeSelector }}
+ nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 10 }}
+ {{- end -}}
+ {{- if .Values.affinity }}
+ affinity:
+{{ toYaml .Values.affinity | indent 10 }}
+ {{- end }}
+ volumes:
+ - name: mariadb-conf
+ configMap:
+ name: {{ include "mariadbInit.configMap" . }}
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+ restartPolicy: Never
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/common/mysql/templates/storageclass.yaml b/kubernetes/common/mariadb-init/templates/secret.yaml
index bbe4562d0a..f30d582110 100644
--- a/kubernetes/common/mysql/templates/storageclass.yaml
+++ b/kubernetes/common/mariadb-init/templates/secret.yaml
@@ -1,5 +1,4 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
+# Copyright © 2017 Amdocs, Bell Canada, Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -12,18 +11,20 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-*/}}
-{{ if not .Values.disableNfsProvisioner }}
-kind: StorageClass
-apiVersion: storage.k8s.io/v1
+apiVersion: v1
+kind: Secret
metadata:
- name: "{{ include "common.fullname" . }}-mysql"
+ name: {{ include "common.fullname" . }}
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
-provisioner: {{ include "common.fullname" . }}/nfs
+type: Opaque
+data:
+ db-user-password: {{ index .Values.config.userPassword | b64enc | quote }}
+{{ range $db, $dbInfos := .Values.config.mysqlAdditionalDatabases }}
+ {{ printf "db-%s-user-password" $db}}: {{ $dbInfos.password | b64enc | quote }}
{{ end }}
diff --git a/kubernetes/common/mariadb-init/tests/configmap_test.yaml b/kubernetes/common/mariadb-init/tests/configmap_test.yaml
new file mode 100644
index 0000000000..34914cdb3e
--- /dev/null
+++ b/kubernetes/common/mariadb-init/tests/configmap_test.yaml
@@ -0,0 +1,114 @@
+---
+suite: test configmap behavior
+templates:
+ - configmap.yaml
+tests:
+ - it: "should render with default value"
+ asserts:
+ - isKind:
+ of: ConfigMap
+ - equal:
+ path: metadata.name
+ value: RELEASE-NAME-mariadb-init
+ - equal:
+ path: metadata.namespace
+ value: NAMESPACE
+ - matchRegex:
+ path: metadata.labels.app
+ pattern: mariadb-init
+ - equal:
+ path: data
+ value:
+ db_init.sh: |
+ #!/bin/sh
+ # Copyright © 2019 Orange
+ #
+ # Licensed under the Apache License, Version 2.0 (the "License");
+ # you may not use this file except in compliance with the License.
+ # You may obtain a copy of the License at
+ #
+ # http://www.apache.org/licenses/LICENSE-2.0
+ #
+ # Unless required by applicable law or agreed to in writing, software
+ # distributed under the License is distributed on an "AS IS" BASIS,
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ # See the License for the specific language governing permissions and
+ # limitations under the License.
+
+ echo "Creating database ynsaUCru6mUNwGal and user u5WZ1GMSIS1wHZF..."
+
+ mysql -h ${DB_HOST} -P ${DB_PORT} -uroot -p$MYSQL_ROOT_PASSWORD << 'EOF' || exit 1
+ CREATE OR REPLACE USER 'u5WZ1GMSIS1wHZF'@'localhost' IDENTIFIED BY '${MYSQL_PASSWORD}';
+ CREATE OR REPLACE USER 'u5WZ1GMSIS1wHZF'@'%' IDENTIFIED BY '${MYSQL_PASSWORD}';
+ CREATE DATABASE IF NOT EXISTS ynsaUCru6mUNwGal;
+ GRANT ALL PRIVILEGES ON ynsaUCru6mUNwGal.* TO 'u5WZ1GMSIS1wHZF'@'%';
+ GRANT ALL PRIVILEGES ON ynsaUCru6mUNwGal.* TO 'u5WZ1GMSIS1wHZF'@'localhost';
+ EOF
+
+ echo "Created database ynsaUCru6mUNwGal and user u5WZ1GMSIS1wHZF."
+ - it: "shoud render with other databases"
+ set:
+ config:
+ userName: testUser
+ mysqlDatabase: testDB
+ mysqlAdditionalDatabases:
+ dbOne:
+ user: one
+ password: pwd1
+ dbTwo:
+ user: two
+ password: pwd2
+ asserts:
+ - equal:
+ path: data
+ value:
+ db_init.sh: |
+ #!/bin/sh
+ # Copyright © 2019 Orange
+ #
+ # Licensed under the Apache License, Version 2.0 (the "License");
+ # you may not use this file except in compliance with the License.
+ # You may obtain a copy of the License at
+ #
+ # http://www.apache.org/licenses/LICENSE-2.0
+ #
+ # Unless required by applicable law or agreed to in writing, software
+ # distributed under the License is distributed on an "AS IS" BASIS,
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ # See the License for the specific language governing permissions and
+ # limitations under the License.
+
+ echo "Creating database testDB and user testUser..."
+
+ mysql -h ${DB_HOST} -P ${DB_PORT} -uroot -p$MYSQL_ROOT_PASSWORD << 'EOF' || exit 1
+ CREATE OR REPLACE USER 'testUser'@'localhost' IDENTIFIED BY '${MYSQL_PASSWORD}';
+ CREATE OR REPLACE USER 'testUser'@'%' IDENTIFIED BY '${MYSQL_PASSWORD}';
+ CREATE DATABASE IF NOT EXISTS testDB;
+ GRANT ALL PRIVILEGES ON testDB.* TO 'testUser'@'%';
+ GRANT ALL PRIVILEGES ON testDB.* TO 'testUser'@'localhost';
+ EOF
+
+ echo "Created database testDB and user testUser."
+
+ echo "Creating database dbOne and user one..."
+
+ mysql -h ${DB_HOST} -P ${DB_PORT} -uroot -p$MYSQL_ROOT_PASSWORD << 'EOF' || exit 1
+ CREATE OR REPLACE USER 'one'@'localhost' IDENTIFIED BY '${MYSQL_PASSWORD_DBONE}';
+ CREATE OR REPLACE USER 'one'@'%' IDENTIFIED BY '${MYSQL_PASSWORD_DBONE}';
+ CREATE DATABASE IF NOT EXISTS dbOne;
+ GRANT ALL PRIVILEGES ON dbOne.* TO 'one'@'%';
+ GRANT ALL PRIVILEGES ON dbOne.* TO 'one'@'localhost';
+ EOF
+
+ echo "Created database dbOne and user one."
+ echo "Creating database dbTwo and user two..."
+
+ mysql -h ${DB_HOST} -P ${DB_PORT} -uroot -p$MYSQL_ROOT_PASSWORD << 'EOF' || exit 1
+ CREATE OR REPLACE USER 'two'@'localhost' IDENTIFIED BY '${MYSQL_PASSWORD_DBTWO}';
+ CREATE OR REPLACE USER 'two'@'%' IDENTIFIED BY '${MYSQL_PASSWORD_DBTWO}';
+ CREATE DATABASE IF NOT EXISTS dbTwo;
+ GRANT ALL PRIVILEGES ON dbTwo.* TO 'two'@'%';
+ GRANT ALL PRIVILEGES ON dbTwo.* TO 'two'@'localhost';
+ EOF
+
+ echo "Created database dbTwo and user two."
diff --git a/kubernetes/common/mariadb-init/tests/job_test.yaml b/kubernetes/common/mariadb-init/tests/job_test.yaml
new file mode 100644
index 0000000000..7523ee1c6e
--- /dev/null
+++ b/kubernetes/common/mariadb-init/tests/job_test.yaml
@@ -0,0 +1,307 @@
+---
+suite: test job behavior
+templates:
+ - job.yaml
+tests:
+ - it: "should render with default value (global)"
+ asserts:
+ - isKind:
+ of: Job
+ - matchRegex:
+ path: metadata.name
+ pattern: -mariadb-init-config-job$
+ - equal:
+ path: metadata.namespace
+ value: NAMESPACE
+ - matchRegex:
+ path: metadata.labels.app
+ pattern: mariadb-init
+ - matchRegex:
+ path: spec.template.metadata.labels.app
+ pattern: mariadb-init
+ - matchRegex:
+ path: spec.template.metadata.name
+ pattern: mariadb-init
+ - isNull:
+ path: spec.template.spec.nodeSelector
+ - isNull:
+ path: spec.template.spec.affinity
+ - it: "should render with default value (init container)"
+ asserts:
+ - matchRegex:
+ path: spec.template.spec.initContainers[0].name
+ pattern: mariadb-init-readiness
+ - contains:
+ path: spec.template.spec.initContainers[0].args
+ content: mariadb-galera
+ - equal:
+ path: spec.template.spec.initContainers[0].image
+ value: oomk8s/readiness-check:2.0.2
+ - equal:
+ path: spec.template.spec.initContainers[0].imagePullPolicy
+ value: IfNotPresent
+ - it: "should render with default value (container)"
+ asserts:
+ - matchRegex:
+ path: spec.template.spec.containers[0].name
+ pattern: mariadb-init
+ - equal:
+ path: spec.template.spec.containers[0].image
+ value: nexus3.onap.org:10001/mariadb:10.1.38
+ - equal:
+ path: spec.template.spec.containers[0].imagePullPolicy
+ value: IfNotPresent
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: DB_HOST
+ value: mariadb-galera
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: DB_PORT
+ value: "3306"
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: MYSQL_ROOT_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: RELEASE-NAME-mariadb-galera-mariadb-galera
+ key: db-root-password
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: MYSQL_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: RELEASE-NAME-mariadb-init-secret
+ key: db-user-password
+ - contains:
+ path: spec.template.spec.containers[0].volumeMounts
+ content:
+ name: mariadb-conf
+ mountPath: /db_init/
+ readOnly: true
+ - equal:
+ path: spec.template.spec.containers[0].resources.limits.cpu
+ value: 100m
+ - equal:
+ path: spec.template.spec.containers[0].resources.limits.memory
+ value: 500Mbi
+ - equal:
+ path: spec.template.spec.containers[0].resources.requests.cpu
+ value: 10m
+ - equal:
+ path: spec.template.spec.containers[0].resources.requests.memory
+ value: 10Mbi
+ - it: "should render with default value (volumes)"
+ asserts:
+ - contains:
+ path: spec.template.spec.volumes
+ content:
+ name: mariadb-conf
+ configMap:
+ name: RELEASE-NAME-mariadb-init
+
+ - it: "should render with nameOverride set"
+ set:
+ nameOverride: myJob
+ asserts:
+ - matchRegex:
+ path: metadata.name
+ pattern: -myJob-config-job$
+ - matchRegex:
+ path: metadata.labels.app
+ pattern: myJob
+ - matchRegex:
+ path: spec.template.metadata.labels.app
+ pattern: myJob
+ - matchRegex:
+ path: spec.template.metadata.name
+ pattern: myJob
+ - matchRegex:
+ path: spec.template.spec.initContainers[0].name
+ pattern: myJob-readiness
+ - matchRegex:
+ path: spec.template.spec.containers[0].name
+ pattern: myJob
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: MYSQL_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ # replicating name from mariadb galera cluster, kind of hardcoded...
+ name: RELEASE-NAME-myJob-secret
+ key: db-user-password
+ - contains:
+ path: spec.template.spec.volumes
+ content:
+ name: mariadb-conf
+ configMap:
+ name: RELEASE-NAME-myJob
+
+ - it: "should render with configmap set"
+ set:
+ config:
+ config_map: myCM
+ asserts:
+ - contains:
+ path: spec.template.spec.volumes
+ content:
+ name: mariadb-conf
+ configMap:
+ name: RELEASE-NAME-myCM
+
+ - it: "should render with mariadbGalera changes"
+ set:
+ global:
+ mariadbGalera:
+ nameOverride: myMaria
+ servicePort: 545
+ asserts:
+ - contains:
+ path: spec.template.spec.initContainers[0].args
+ content: myMaria
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: DB_HOST
+ value: myMaria
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: DB_PORT
+ value: "545"
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: MYSQL_ROOT_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: RELEASE-NAME-mariadb-galera-myMaria
+ key: db-root-password
+
+ - it: "should render with full mariadbGalera changes"
+ set:
+ global:
+ mariadbGalera:
+ nameOverride: myMaria
+ servicePort: 545
+ userRootSecret: galera-secret
+ userRootSecretKey: root-password
+ asserts:
+ - contains:
+ path: spec.template.spec.initContainers[0].args
+ content: myMaria
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: DB_HOST
+ value: myMaria
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: DB_PORT
+ value: "545"
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: MYSQL_ROOT_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: galera-secret
+ key: root-password
+
+ - it: "should set the right nodeSelector"
+ set:
+ nodeSelector:
+ disktype: ssd
+ asserts:
+ - equal:
+ path: spec.template.spec.nodeSelector.disktype
+ value: ssd
+
+ - it: "should set the right affinity"
+ set:
+ affinity:
+ nodeAffinity:
+ requiredDuringSchedulingIgnoredDuringExecution:
+ nodeSelectorTerms:
+ - matchExpressions:
+ - key: kubernetes.io/e2e-az-name
+ operator: In
+ values:
+ - e2e-az1
+ - e2e-az2
+ asserts:
+ - equal:
+ path: spec.template.spec.affinity
+ value:
+ nodeAffinity:
+ requiredDuringSchedulingIgnoredDuringExecution:
+ nodeSelectorTerms:
+ - matchExpressions:
+ - key: kubernetes.io/e2e-az-name
+ operator: In
+ values:
+ - e2e-az1
+ - e2e-az2
+ - it: "should use large flavor"
+ set:
+ flavor: large
+ asserts:
+ - equal:
+ path: spec.template.spec.containers[0].resources.limits.cpu
+ value: 200m
+ - equal:
+ path: spec.template.spec.containers[0].resources.limits.memory
+ value: 500Mbi
+ - equal:
+ path: spec.template.spec.containers[0].resources.requests.cpu
+ value: 20m
+ - equal:
+ path: spec.template.spec.containers[0].resources.requests.memory
+ value: 20Mbi
+ - it: "should use unlimited flavor"
+ set:
+ flavor: unlimited
+ asserts:
+ - isEmpty:
+ path: spec.template.spec.containers[0].resources
+ - it: "shoud render with other databases"
+ set:
+ config:
+ mysqlAdditionalDatabases:
+ dbOne:
+ user: one
+ password: pwd1
+ dbTwo:
+ user: two
+ password: pwd2
+ asserts:
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: MYSQL_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: RELEASE-NAME-mariadb-init-secret
+ key: db-user-password
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: MYSQL_PASSWORD_DBONE
+ valueFrom:
+ secretKeyRef:
+ name: RELEASE-NAME-mariadb-init-secret
+ key: db-dbOne-user-password
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: MYSQL_PASSWORD_DBTWO
+ valueFrom:
+ secretKeyRef:
+ name: RELEASE-NAME-mariadb-init-secret
+ key: db-dbTwo-user-password
diff --git a/kubernetes/common/mariadb-init/tests/secret_test.yaml b/kubernetes/common/mariadb-init/tests/secret_test.yaml
new file mode 100644
index 0000000000..ef0565d6c0
--- /dev/null
+++ b/kubernetes/common/mariadb-init/tests/secret_test.yaml
@@ -0,0 +1,49 @@
+---
+suite: test secret behavior
+templates:
+ - secret.yaml
+tests:
+ - it: "should render with default values"
+ asserts:
+ - isKind:
+ of: Secret
+ - equal:
+ path: metadata.name
+ value: RELEASE-NAME-mariadb-init
+ - equal:
+ path: metadata.namespace
+ value: NAMESPACE
+ - matchRegex:
+ path: metadata.labels.app
+ pattern: mariadb-init-config-job
+ - equal:
+ path: data.db-user-password
+ value: Q2lAc2hzT2QzcGt5MVZqaQ==
+ - it: "should render specific password value base64 encoded"
+ set:
+ config:
+ userPassword: yolo
+ asserts:
+ - equal:
+ path: data.db-user-password
+ value: eW9sbw==
+ - it: "shoud render with other databases"
+ set:
+ config:
+ mysqlAdditionalDatabases:
+ dbOne:
+ user: one
+ password: pwd1
+ dbTwo:
+ user: two
+ password: pwd2
+ asserts:
+ - equal:
+ path: data.db-user-password
+ value: Q2lAc2hzT2QzcGt5MVZqaQ==
+ - equal:
+ path: data.db-dbOne-user-password
+ value: cHdkMQ==
+ - equal:
+ path: data.db-dbTwo-user-password
+ value: cHdkMg==
diff --git a/kubernetes/common/mariadb-init/values.yaml b/kubernetes/common/mariadb-init/values.yaml
new file mode 100644
index 0000000000..d148ba6888
--- /dev/null
+++ b/kubernetes/common/mariadb-init/values.yaml
@@ -0,0 +1,87 @@
+# Copyright © 2018 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ repository: nexus3.onap.org:10001
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:2.0.2
+ mariadbGalera:
+ nameOverride: mariadb-galera
+ servicePort: 3306
+ # set these two values if you want to access an 'out of ONAP' mariadb
+ userRootSecret: default
+ userRootSecretKey: password
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+
+image: mariadb:10.1.38
+pullPolicy: IfNotPresent
+
+# Set it if you want to change the name of the different components
+# nameOverride:
+
+config:
+ userPassword: Ci@shsOd3pky1Vji
+ userName: u5WZ1GMSIS1wHZF
+ mysqlDatabase: ynsaUCru6mUNwGal
+ mysqlAdditionalDatabases: {}
+ # add addtional dabases
+ # this is an dict
+ # Example:
+ # mysqlAdditionalDatabases:
+ # dbOne:
+ # user: one
+ # password: pwd1
+ # dbTwo:
+ # user: two
+ # password: pwd2
+ config_map: default
+
+nodeSelector: {}
+
+affinity: {}
+
+#resources: {}
+ # We usually recommend not to specify default resources and to leave this as a conscious
+ # choice for the user. This also increases chances charts run on environments with little
+ # resources, such as Minikube. If you do want to specify resources, uncomment the following
+ # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+ #
+ # Example:
+ # Configure resource requests and limits
+ # ref: http://kubernetes.io/docs/user-guide/compute-resources/
+ # Minimum memory for development is 2 CPU cores and 4GB memory
+ # Minimum memory for production is 4 CPU cores and 8GB memory
+flavor: small
+resources:
+ small:
+ limits:
+ cpu: 100m
+ memory: 500Mi
+ requests:
+ cpu: 10m
+ memory: 10Mi
+ large:
+ limits:
+ cpu: 200m
+ memory: 500Mi
+ requests:
+ cpu: 20m
+ memory: 20Mi
+ unlimited: {}
diff --git a/kubernetes/common/mongo/templates/nfs-provisoner.yaml b/kubernetes/common/mongo/templates/nfs-provisoner.yaml
deleted file mode 100644
index 355ad38235..0000000000
--- a/kubernetes/common/mongo/templates/nfs-provisoner.yaml
+++ /dev/null
@@ -1,78 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{ if not .Values.disableNfsProvisioner }}
-apiVersion: extensions/v1beta1
-kind: Deployment
-metadata:
- name: {{ .Values.nfsprovisionerPrefix }}-nfs-provisioner
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
-spec:
- #replicas: {{ .Values.replicaCount }}
- strategy:
- type: Recreate
- template:
- metadata:
- labels:
- app: {{ .Values.nfsprovisionerPrefix }}-nfs-provisioner
- release: {{ .Release.Name }}
- spec:
- containers:
- - name: {{ .Values.nfsprovisionerPrefix }}-nfs-provisioner
- image: "{{ .Values.global.nfsprovisionerRepository | default .Values.nfsprovisionerRepository }}/{{ .Values.nfsprovisionerImage }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- ports:
- - name: nfs
- containerPort: {{ .Values.service.nfsPort }}
- - name: mountd
- containerPort: {{ .Values.service.mountdPort }}
- - name: rpcbind
- containerPort: {{ .Values.service.rpcbindPort }}
- - name: rpcbind-udp
- containerPort: {{ .Values.service.rpcbindUdpPort }}
- protocol: UDP
- securityContext:
- capabilities:
- add:
- - DAC_READ_SEARCH
- - SYS_RESOURCE
- args:
- - "-provisioner={{ include "common.fullname" . }}/nfs"
- env:
- - name: POD_IP
- valueFrom:
- fieldRef:
- fieldPath: status.podIP
- - name: SERVICE_NAME
- value: {{ .Values.nfsprovisionerPrefix }}-nfs-provisioner
- - name: POD_NAMESPACE
- valueFrom:
- fieldRef:
- fieldPath: metadata.namespace
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- volumeMounts:
- - name: export-volume
- mountPath: /export
- volumes:
- - name: export-volume
- hostPath:
- path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
-{{ end }}
diff --git a/kubernetes/common/mongo/templates/pv.yaml b/kubernetes/common/mongo/templates/pv.yaml
index 824dcbb87b..edc50aedea 100644
--- a/kubernetes/common/mongo/templates/pv.yaml
+++ b/kubernetes/common/mongo/templates/pv.yaml
@@ -14,25 +14,33 @@
# limitations under the License.
*/}}
-{{- if (and (and (.Values.persistence.enabled) (not .Values.persistence.existingClaim)) ( .Values.disableNfsProvisioner)) -}}
+{{- $global := . }}
+{{- if and $global.Values.persistence.enabled (not $global.Values.persistence.existingClaim) }}
+{{- if eq "True" (include "common.needPV" .) -}}
+{{- range $i := until (int $global.Values.replicaCount)}}
kind: PersistentVolume
apiVersion: v1
metadata:
- name: {{ include "common.fullname" . }}-data
- namespace: {{ include "common.namespace" . }}
+ name: {{ include "common.fullname" $global }}-data-{{ $i }}
+ namespace: {{ include "common.namespace" $global }}
labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
- name: {{ include "common.fullname" . }}
+ app: {{ include "common.fullname" $global }}
+ chart: "{{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}"
+ release: "{{ $global.Release.Name }}"
+ heritage: "{{ $global.Release.Service }}"
+ name: {{ include "common.fullname" $global }}
spec:
capacity:
- storage: {{ .Values.persistence.size}}
+ storage: {{ $global.Values.persistence.size}}
accessModes:
- - {{ .Values.persistence.accessMode }}
- storageClassName: "{{ include "common.fullname" . }}-data"
- persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
+ - {{ $global.Values.persistence.accessMode }}
+ persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }}
+ storageClassName: "{{ include "common.fullname" $global }}-data"
hostPath:
- path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
+ path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.mountSubPath }}-{{$i}}
+{{if ne $i (int $global.Values.replicaCount) }}
+---
+{{- end -}}
+{{- end -}}
+{{- end -}}
{{- end -}}
diff --git a/kubernetes/common/mongo/templates/pvc.yaml b/kubernetes/common/mongo/templates/pvc.yaml
deleted file mode 100644
index 372c106800..0000000000
--- a/kubernetes/common/mongo/templates/pvc.yaml
+++ /dev/null
@@ -1,43 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
-kind: PersistentVolumeClaim
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}-data
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.fullname" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
- name: {{ include "common.fullname" . }}
-{{- if .Values.persistence.annotations }}
- annotations:
-{{ toYaml .Values.persistence.annotations | indent 4 }}
-{{- end }}
-spec:
- accessModes:
- - {{ .Values.persistence.accessMode }}
- resources:
- requests:
- storage: {{ .Values.persistence.size }}
- selector:
- matchLabels:
- name: {{ include "common.fullname" . }}
- storageClassName: "{{ include "common.fullname" . }}-data"
-{{- end -}}
diff --git a/kubernetes/common/mongo/templates/service.yaml b/kubernetes/common/mongo/templates/service.yaml
index df55854ee5..d59243f90d 100644
--- a/kubernetes/common/mongo/templates/service.yaml
+++ b/kubernetes/common/mongo/templates/service.yaml
@@ -32,29 +32,6 @@ spec:
app: {{ include "common.name" . }}
release: {{ .Release.Name }}
clusterIP: None
-#{{ if not .Values.disableNfsProvisioner }}
----
-kind: Service
-apiVersion: v1
-metadata:
- name: {{ .Values.nfsprovisionerPrefix }}-nfs-provisioner
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ .Values.nfsprovisionerPrefix }}-nfs-provisioner
-spec:
- ports:
- - name: nfs
- port: {{ .Values.service.nfsPort }}
- - name: mountd
- port: {{ .Values.service.mountdPort }}
- - name: rpcbind
- port: {{ .Values.service.rpcbindPort }}
- - name: rpcbind-udp
- port: {{ .Values.service.rpcbindUdpPort }}
- protocol: UDP
- selector:
- app: {{ .Values.nfsprovisionerPrefix }}-nfs-provisioner
-#{{ end }}
---
# Client service for connecting to any Mongo instance for reads.
apiVersion: v1
diff --git a/kubernetes/common/mongo/templates/statefulset.yaml b/kubernetes/common/mongo/templates/statefulset.yaml
index c79739f5f1..0c6c9f4fd5 100644
--- a/kubernetes/common/mongo/templates/statefulset.yaml
+++ b/kubernetes/common/mongo/templates/statefulset.yaml
@@ -33,24 +33,6 @@ spec:
app: {{ include "common.name" . }}
release: {{ .Release.Name }}
spec:
- initContainers:
-#{{ if not .Values.disableNfsProvisioner }}
- - name: {{ include "common.name" . }}-readiness
- command:
- - /root/ready.py
- args:
- - --container-name
- - {{ .Values.nfsprovisionerPrefix }}-nfs-provisioner
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-#{{ end }}
-
containers:
- name: {{ include "common.name" . }}
image: "{{ .Values.dockerHubRepository }}/{{ .Values.image }}"
@@ -79,8 +61,8 @@ spec:
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
volumeMounts:
- - mountPath: /var/lib/mongo
- name: {{ include "common.fullname" . }}-data
+ - name: {{ include "common.fullname" . }}-data
+ mountPath: /var/lib/mongo
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
@@ -95,10 +77,24 @@ spec:
- name: localtime
hostPath:
path: /etc/localtime
+ {{- if .Values.persistence.enabled }}
+ volumeClaimTemplates:
+ - metadata:
+ name: {{ include "common.fullname" . }}-data
+ labels:
+ name: {{ include "common.fullname" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
+ spec:
+ accessModes:
+ - {{ .Values.persistence.accessMode | quote }}
+ storageClassName: {{ include "common.storageClass" . }}
+ resources:
+ requests:
+ storage: {{ .Values.persistence.size | quote }}
+ {{- else }}
+ volumes:
- name: {{ include "common.fullname" . }}-data
-#{{ if .Values.persistence.enabled }}
- persistentVolumeClaim:
- claimName: {{ include "common.fullname" . }}-data
-#{{ else }}
emptyDir: {}
-#{{ end }}
+ {{- end }}
diff --git a/kubernetes/common/mongo/values.yaml b/kubernetes/common/mongo/values.yaml
index 8a681296ce..3c04b429cd 100644
--- a/kubernetes/common/mongo/values.yaml
+++ b/kubernetes/common/mongo/values.yaml
@@ -40,8 +40,6 @@ nodeSelector: {}
affinity: {}
-disableNfsProvisioner: true
-
# probe configuration parameters
liveness:
initialDelaySeconds: 30
@@ -108,11 +106,6 @@ resources: {}
# cpu: 2
# memory: 4Gi
-
-nfsprovisionerRepository: quay.io
-nfsprovisionerImage: kubernetes_incubator/nfs-provisioner:v1.0.8
-nfsprovisionerPrefix: mongo
-
sdnctlPrefix: mongo
geoEnabled: false
diff --git a/kubernetes/common/music/charts/music-cassandra/templates/pv.yaml b/kubernetes/common/music/charts/music-cassandra/templates/pv.yaml
new file mode 100644
index 0000000000..fb815400da
--- /dev/null
+++ b/kubernetes/common/music/charts/music-cassandra/templates/pv.yaml
@@ -0,0 +1,46 @@
+{{/*
+# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{- $global := . }}
+{{- if and $global.Values.persistence.enabled (not $global.Values.persistence.existingClaim) }}
+{{- if eq "True" (include "common.needPV" .) -}}
+{{- range $i := until (int $global.Values.replicaCount)}}
+kind: PersistentVolume
+apiVersion: v1
+metadata:
+ name: {{ include "common.fullname" $global }}-data-{{ $i }}
+ namespace: {{ include "common.namespace" $global }}
+ labels:
+ app: {{ include "common.fullname" $global }}
+ chart: "{{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}"
+ release: "{{ $global.Release.Name }}"
+ heritage: "{{ $global.Release.Service }}"
+ name: {{ include "common.fullname" $global }}
+spec:
+ capacity:
+ storage: {{ $global.Values.persistence.size}}
+ accessModes:
+ - {{ $global.Values.persistence.accessMode }}
+ persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }}
+ storageClassName: "{{ include "common.fullname" $global }}-data"
+ hostPath:
+ path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.mountSubPath }}-{{$i}}
+{{if ne $i (int $global.Values.replicaCount) }}
+---
+{{- end -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
diff --git a/kubernetes/common/music/charts/music-cassandra/templates/statefulset.yaml b/kubernetes/common/music/charts/music-cassandra/templates/statefulset.yaml
index 514bccc785..c3c56f2282 100644
--- a/kubernetes/common/music/charts/music-cassandra/templates/statefulset.yaml
+++ b/kubernetes/common/music/charts/music-cassandra/templates/statefulset.yaml
@@ -1,5 +1,5 @@
{{/*
-# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved.
+# Copyright © 2019 AT&T, Amdocs, Bell Canada, Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -102,40 +102,33 @@ spec:
valueFrom:
fieldRef:
fieldPath: status.podIP
+{{- if .Values.persistence.enabled }}
volumeMounts:
- - name: {{ template "common.name" . }}-data
+ - name: {{ include "common.fullname" . }}-data
mountPath: /var/lib/cassandra
+{{- end }}
resources:
{{ include "common.resources" . | indent 12 }}
volumes:
- name: localtime
hostPath:
path: /etc/localtime
- {{- if not .Values.persistence.enabled }}
- - name: {{ template "common.name" . }}-data
- emptyDir: {}
- {{- else }}
+{{- if .Values.persistence.enabled }}
volumeClaimTemplates:
- - metadata:
- name: {{ template "common.name" . }}-data
- labels:
- app: {{ template "common.fullname" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
- annotations:
- volume.beta.kubernetes.io/storage-class: {{ .Values.persistence.storageClass }}
- spec:
- storageClassName: {{ .Values.persistence.storageClass }}
- accessModes:
- - {{ .Values.persistence.accessMode | quote }}
- resources:
- requests:
- storage: {{ .Values.persistence.size | quote }}
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
- release: "{{ .Release.Name }}"
- {{- end }}
+ - metadata:
+ name: {{ include "common.fullname" . }}-data
+ labels:
+ name: {{ include "common.fullname" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
+ spec:
+ accessModes:
+ - {{ .Values.persistence.accessMode | quote }}
+ storageClassName: {{ include "common.storageClass" . }}
+ resources:
+ requests:
+ storage: {{ .Values.persistence.size | quote }}
+{{- end }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/common/music/charts/music-cassandra/templates/volumes.yaml b/kubernetes/common/music/charts/music-cassandra/templates/volumes.yaml
deleted file mode 100644
index 83e7e189b5..0000000000
--- a/kubernetes/common/music/charts/music-cassandra/templates/volumes.yaml
+++ /dev/null
@@ -1,52 +0,0 @@
-{{/*
-# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{ if .Values.persistence.enabled }}
-{{- $root := . -}}
-{{ range $i, $e := until (atoi (quote $root.Values.replicaCount) | default 3) }}
----
-apiVersion: v1
-kind: PersistentVolume
-metadata:
- name: {{ $root.Release.Name }}-{{ $root.Values.service.name }}-{{ $i }}
- namespace: {{ $root.Release.Namespace }}
- labels:
- type: {{ $root.Values.persistence.storageType }}
- app: {{ $root.Values.service.name }}
- chart: {{ $root.Chart.Name }}-{{ $root.Chart.Version | replace "+" "_" }}
- release: {{ $root.Release.Name }}
- heritage: {{ $root.Release.Service }}
-spec:
- capacity:
- storage: {{ $root.Values.persistence.size }}
- accessModes:
- - {{ $root.Values.persistence.accessMode }}
- hostPath:
- path: {{ $root.Values.persistence.mountPath }}/{{ $root.Release.Name }}/{{ $root.Values.persistence.mountSubPath }}-{{$i}}
- persistentVolumeReclaimPolicy: {{ $root.Values.persistence.volumeReclaimPolicy }}
- podAntiAffinity:
- preferredDuringSchedulingIgnoredDuringExecution:
- - weight: 1
- podAffinityTerm:
- labelSelector:
- matchExpressions:
- - key: app
- operator: In
- values:
- - "{{ $root.Chart.Name }}"
- topologyKey: kubernetes.io/hostname
-{{ end }}
-{{ end }}
diff --git a/kubernetes/common/music/charts/music-cassandra/values.yaml b/kubernetes/common/music/charts/music-cassandra/values.yaml
index f0888c12e6..460671d839 100644
--- a/kubernetes/common/music/charts/music-cassandra/values.yaml
+++ b/kubernetes/common/music/charts/music-cassandra/values.yaml
@@ -107,8 +107,6 @@ persistence:
size: 2Gi
mountPath: /dockerdata-nfs/
mountSubPath: common/cassandra/data
- storageType: local
- storageClass: ""
# Resource Limit flavor -By Default using small
flavor: small
diff --git a/kubernetes/common/music/charts/zookeeper/templates/pv.yaml b/kubernetes/common/music/charts/zookeeper/templates/pv.yaml
new file mode 100644
index 0000000000..795ad3188b
--- /dev/null
+++ b/kubernetes/common/music/charts/zookeeper/templates/pv.yaml
@@ -0,0 +1,45 @@
+{{/*
+# Copyright © 2019 Amdocs, Bell Canada, Orange
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+{{- $global := . }}
+{{- if and $global.Values.persistence.enabled (not $global.Values.persistence.existingClaim) }}
+{{- if eq "True" (include "common.needPV" .) -}}
+{{- range $i := until (int $global.Values.replicaCount)}}
+kind: PersistentVolume
+apiVersion: v1
+metadata:
+ name: {{ include "common.fullname" $global }}-data-{{ $i }}
+ namespace: {{ include "common.namespace" $global }}
+ labels:
+ app: {{ include "common.fullname" $global }}
+ chart: "{{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}"
+ release: "{{ $global.Release.Name }}"
+ heritage: "{{ $global.Release.Service }}"
+ name: {{ include "common.fullname" $global }}
+spec:
+ capacity:
+ storage: {{ $global.Values.persistence.size}}
+ accessModes:
+ - {{ $global.Values.persistence.accessMode }}
+ persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }}
+ storageClassName: "{{ include "common.fullname" $global }}-data"
+ hostPath:
+ path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.mountSubPath }}-{{$i}}
+{{if ne $i (int $global.Values.replicaCount) }}
+---
+{{- end -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
diff --git a/kubernetes/common/music/charts/zookeeper/templates/statefulset.yaml b/kubernetes/common/music/charts/zookeeper/templates/statefulset.yaml
index 9e3549f20d..580042d090 100644
--- a/kubernetes/common/music/charts/zookeeper/templates/statefulset.yaml
+++ b/kubernetes/common/music/charts/zookeeper/templates/statefulset.yaml
@@ -82,7 +82,7 @@ spec:
resources:
{{ include "common.resources" . }}
volumeMounts:
- - name: zookeeper-data
+ - name: {{ include "common.fullname" . }}-data
mountPath: /var/lib/zookeeper
{{- if .Values.exporters.jmx.enabled }}
@@ -162,30 +162,21 @@ spec:
configMap:
name: {{ .Release.Name }}-jmx-exporter
{{- end }}
- {{- if not .Values.persistence.enabled }}
- - name: zookeeper-data
- emptyDir: {}
- {{- end }}
{{- end }}
{{- if .Values.persistence.enabled }}
volumeClaimTemplates:
- - metadata:
- name: zookeeper-data
- labels:
- app: {{ .Chart.Name }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
- annotations:
- volume.beta.kubernetes.io/storage-class: {{ .Values.persistence.storageClass }}
- spec:
- storageClassName: {{ .Values.persistence.storageClass }}
- accessModes:
- - {{ .Values.persistence.accessMode | quote }}
- resources:
- requests:
- storage: {{ .Values.persistence.size | quote }}
- selector:
- matchLabels:
- release: "{{ .Release.Name }}"
+ - metadata:
+ name: {{ include "common.fullname" . }}-data
+ labels:
+ name: {{ include "common.fullname" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
+ spec:
+ accessModes:
+ - {{ .Values.persistence.accessMode | quote }}
+ storageClassName: {{ include "common.storageClass" . }}
+ resources:
+ requests:
+ storage: {{ .Values.persistence.size | quote }}
{{- end }}
diff --git a/kubernetes/common/music/charts/zookeeper/templates/volumes.yaml b/kubernetes/common/music/charts/zookeeper/templates/volumes.yaml
deleted file mode 100644
index b0c05fdbfd..0000000000
--- a/kubernetes/common/music/charts/zookeeper/templates/volumes.yaml
+++ /dev/null
@@ -1,25 +0,0 @@
-{{ if .Values.persistence.enabled }}
-{{- $root := . -}}
-{{ range $i, $e := until (atoi (quote $root.Values.replicaCount) | default 3) }}
----
-apiVersion: v1
-kind: PersistentVolume
-metadata:
- name: {{ $root.Release.Name }}-{{ $root.Values.service.name }}-{{ $i }}
- namespace: {{ $root.Release.Namespace }}
- labels:
- type: {{ $root.Values.persistence.storageType }}
- app: {{ $root.Values.service.name }}
- chart: {{ $root.Chart.Name }}-{{ $root.Chart.Version | replace "+" "_" }}
- release: {{ $root.Release.Name }}
- heritage: {{ $root.Release.Service }}
-spec:
- capacity:
- storage: {{ $root.Values.persistence.size }}
- accessModes:
- - {{ $root.Values.persistence.accessMode }}
- hostPath:
- path: {{ $root.Values.persistence.mountPath }}/{{ $root.Release.Name }}/{{ $root.Values.persistence.mountSubPath }}-{{$i}}
- persistentVolumeReclaimPolicy: {{ $root.Values.persistence.volumeReclaimPolicy }}
-{{ end }}
-{{ end }}
diff --git a/kubernetes/common/music/charts/zookeeper/values.yaml b/kubernetes/common/music/charts/zookeeper/values.yaml
index 550dbf272b..28c9711e84 100644
--- a/kubernetes/common/music/charts/zookeeper/values.yaml
+++ b/kubernetes/common/music/charts/zookeeper/values.yaml
@@ -119,8 +119,6 @@ persistence:
accessMode: ReadWriteOnce
mountPath: /dockerdata-nfs
mountSubPath: music/zookeeper
- storageType: local
- storageClass: ""
size: 4Gi
## Exporters query apps for metrics and make those metrics available for
diff --git a/kubernetes/common/mysql/templates/configmap.yaml b/kubernetes/common/mysql/templates/configmap.yaml
deleted file mode 100644
index 65ac5f2d1e..0000000000
--- a/kubernetes/common/mysql/templates/configmap.yaml
+++ /dev/null
@@ -1,41 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-db-configmap
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
-data:
- master.cnf: |
- # Apply this config only on the master.
- [mysqld]
- sql_mode = "NO_ENGINE_SUBSTITUTION"
- log-bin
- [localpathprefix]
- master
- slave.cnf: |
- # Apply this config only on slaves.
- [mysqld]
- sql_mode = "NO_ENGINE_SUBSTITUTION"
- super-read-only
- [localpathprefix]
- slave
diff --git a/kubernetes/common/mysql/templates/nfs-provisoner.yaml b/kubernetes/common/mysql/templates/nfs-provisoner.yaml
deleted file mode 100644
index 355ad38235..0000000000
--- a/kubernetes/common/mysql/templates/nfs-provisoner.yaml
+++ /dev/null
@@ -1,78 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{ if not .Values.disableNfsProvisioner }}
-apiVersion: extensions/v1beta1
-kind: Deployment
-metadata:
- name: {{ .Values.nfsprovisionerPrefix }}-nfs-provisioner
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
-spec:
- #replicas: {{ .Values.replicaCount }}
- strategy:
- type: Recreate
- template:
- metadata:
- labels:
- app: {{ .Values.nfsprovisionerPrefix }}-nfs-provisioner
- release: {{ .Release.Name }}
- spec:
- containers:
- - name: {{ .Values.nfsprovisionerPrefix }}-nfs-provisioner
- image: "{{ .Values.global.nfsprovisionerRepository | default .Values.nfsprovisionerRepository }}/{{ .Values.nfsprovisionerImage }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- ports:
- - name: nfs
- containerPort: {{ .Values.service.nfsPort }}
- - name: mountd
- containerPort: {{ .Values.service.mountdPort }}
- - name: rpcbind
- containerPort: {{ .Values.service.rpcbindPort }}
- - name: rpcbind-udp
- containerPort: {{ .Values.service.rpcbindUdpPort }}
- protocol: UDP
- securityContext:
- capabilities:
- add:
- - DAC_READ_SEARCH
- - SYS_RESOURCE
- args:
- - "-provisioner={{ include "common.fullname" . }}/nfs"
- env:
- - name: POD_IP
- valueFrom:
- fieldRef:
- fieldPath: status.podIP
- - name: SERVICE_NAME
- value: {{ .Values.nfsprovisionerPrefix }}-nfs-provisioner
- - name: POD_NAMESPACE
- valueFrom:
- fieldRef:
- fieldPath: metadata.namespace
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- volumeMounts:
- - name: export-volume
- mountPath: /export
- volumes:
- - name: export-volume
- hostPath:
- path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
-{{ end }}
diff --git a/kubernetes/common/mysql/templates/pv.yaml b/kubernetes/common/mysql/templates/pv.yaml
deleted file mode 100644
index 3bef651916..0000000000
--- a/kubernetes/common/mysql/templates/pv.yaml
+++ /dev/null
@@ -1,62 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{- if (and (and (.Values.persistence.enabled) (not .Values.persistence.existingClaim)) ( .Values.disableNfsProvisioner)) -}}
-{{ $pvNum := default 1 .Values.replicaCount | int }}
-kind: PersistentVolume
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}-mysql0
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
- name: {{ include "common.fullname" . }}
-spec:
- capacity:
- storage: {{ .Values.persistence.size}}
- accessModes:
- - {{ .Values.persistence.accessMode }}
- storageClassName: "{{ include "common.fullname" . }}-mysql"
- persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
- hostPath:
- path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}0
-{{ if gt $pvNum 1 }}
----
-kind: PersistentVolume
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}-mysql1
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.fullname" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
- name: {{ include "common.fullname" . }}
-spec:
- capacity:
- storage: {{ .Values.persistence.size}}
- accessModes:
- - {{ .Values.persistence.accessMode }}
- storageClassName: "{{ include "common.fullname" . }}-mysql"
- persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
- hostPath:
- path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}1
-{{ end }}
-{{- end -}}
diff --git a/kubernetes/common/mysql/templates/service.yaml b/kubernetes/common/mysql/templates/service.yaml
deleted file mode 100644
index e1771c6054..0000000000
--- a/kubernetes/common/mysql/templates/service.yaml
+++ /dev/null
@@ -1,146 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "common.servicename" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
-spec:
- ports:
- - port: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
- selector:
- app: {{ include "common.name" . }}
- release: {{ .Release.Name }}
- clusterIP: None
-#{{ if not .Values.disableNfsProvisioner }}
----
-kind: Service
-apiVersion: v1
-metadata:
- name: {{ .Values.nfsprovisionerPrefix }}-nfs-provisioner
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ .Values.nfsprovisionerPrefix }}-nfs-provisioner
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
-spec:
- ports:
- - name: nfs
- port: {{ .Values.service.nfsPort }}
- - name: mountd
- port: {{ .Values.service.mountdPort }}
- - name: rpcbind
- port: {{ .Values.service.rpcbindPort }}
- - name: rpcbind-udp
- port: {{ .Values.service.rpcbindUdpPort }}
- protocol: UDP
- selector:
- app: {{ .Values.nfsprovisionerPrefix }}-nfs-provisioner
-#{{ end }}
----
-# Client service for connecting to any MySQL instance for reads.
-# Only master: sdnc-dbhost-0 accepts the write request.
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "common.servicename" . }}-read
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
-spec:
- ports:
- - port: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
- selector:
- app: {{ include "common.name" . }}
- release: {{ .Release.Name }}
----
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ .Values.sdnctlPrefix }}-sdnctldb01
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
-spec:
- ports:
- - port: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
- selector:
- app: {{ include "common.name" . }}
- release: {{ .Release.Name }}
- clusterIP: None
----
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ .Values.sdnctlPrefix }}-sdnctldb02
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
-spec:
- ports:
- - port: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
- selector:
- app: {{ include "common.name" . }}
- release: {{ .Release.Name }}
- clusterIP: None
----
-{{ if .Values.geoEnabled }}
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "common.servicename" . }}-nodeport
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- statefulset.kubernetes.io/pod-name: {{ include "common.fullname" . }}-0
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
-spec:
- ports:
- - name: {{ .Values.service.portName | default .Values.service.name }}-1
- port: {{ .Values.service.internalPort }}
- targetPort: {{ .Values.service.internalPort }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodeport1 }}
- - name: {{ .Values.service.portName | default .Values.service.name }}-2
- port: {{ .Values.xtrabackup.internalPort }}
- targetPort: {{ .Values.xtrabackup.internalPort }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodeport2 }}
- type: {{ .Values.service.type }}
- selector:
- statefulset.kubernetes.io/pod-name: {{ include "common.fullname" . }}-0
- release: {{ .Release.Name }}
-{{ end }}
diff --git a/kubernetes/common/mysql/templates/statefulset.yaml b/kubernetes/common/mysql/templates/statefulset.yaml
deleted file mode 100644
index c3f8ae236f..0000000000
--- a/kubernetes/common/mysql/templates/statefulset.yaml
+++ /dev/null
@@ -1,263 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: apps/v1beta1
-kind: StatefulSet
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
-spec:
- serviceName: {{ .Values.service.name }}
- replicas: {{ .Values.replicaCount }}
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
- spec:
- initContainers:
-#{{ if not .Values.disableNfsProvisioner }}
- - name: {{ include "common.name" . }}-readiness
- command:
- - /root/ready.py
- args:
- - --container-name
- - {{ .Values.nfsprovisionerPrefix }}-nfs-provisioner
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-#{{ end }}
- - name: init-mysql
- image: "{{ .Values.dockerHubRepository }}/{{ .Values.image }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command:
- - bash
- - "-c"
- - |
- set -ex
- # Generate mysql server-id from pod ordinal index.
- [[ `hostname` =~ -([0-9]+)$ ]] || exit 1
- ordinal=${BASH_REMATCH[1]}
- siteId={{ .Values.geoSiteId }}
- echo BASH_REMATCH=${BASH_REMATCH}
- echo [mysqld] > /mnt/conf.d/server-id.cnf
- # Add an offset to avoid reserved server-id=0 value.
- echo server-id=$(($siteId*100 + $ordinal)) >> /mnt/conf.d/server-id.cnf
- # Copy appropriate conf.d files from config-map to emptyDir.
- if [[ $ordinal -eq 0 ]]; then
- cp /mnt/config-map/master.cnf /mnt/conf.d/
- else
- cp /mnt/config-map/slave.cnf /mnt/conf.d/
- fi
- volumeMounts:
- - name: conf
- mountPath: /mnt/conf.d
- - name: config-map
- mountPath: /mnt/config-map
-
- - name: clone-mysql
- image: "{{ .Values.global.xtrabackupRepository | default .Values.xtrabackupRepository }}/{{ .Values.xtrabackupImage }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- env:
- - name: MYSQL_ROOT_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ template "common.fullname" . }}
- key: db-root-password
- command:
- - bash
- - "-c"
- - |
- set -ex
- # Skip the clone if data already exists.
- [[ -d /var/lib/mysql/mysql ]] && exit 0
- # Skip the clone on master (ordinal index 0).
- [[ `hostname` =~ -([0-9]+)$ ]] || exit 1
- ordinal=${BASH_REMATCH[1]}
- echo ${BASH_REMATCH}
- [[ $ordinal -eq 0 ]] && exit 0
- # Clone data from previous peer.
- ncat --recv-only {{ include "common.fullname" . }}-$(($ordinal-1)).{{ .Values.service.name }}.{{ include "common.namespace" . }} 3307 | xbstream -x -C {{ .Values.persistence.mysqlPath }}
- # Prepare the backup.
- xtrabackup --user=root --password=$MYSQL_ROOT_PASSWORD --prepare --target-dir=/var/lib/mysql
- ls -l {{ .Values.persistence.mysqlPath }}
- volumeMounts:
- - name: {{ include "common.fullname" . }}-mysql
- mountPath: {{ .Values.persistence.mysqlPath }}
- - name: conf
- mountPath: /etc/mysql/conf.d
-
- containers:
- - name: {{ include "common.name" . }}
- image: "{{ .Values.dockerHubRepository }}/{{ .Values.image }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- ports:
- - containerPort: {{ .Values.service.internalPort }}
- # disable liveness probe when breakpoints set in debugger
- # so K8s doesn't restart unresponsive container
- {{- if eq .Values.liveness.enabled true }}
- livenessProbe:
- exec:
- command: ["mysqladmin", "ping"]
- initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
- periodSeconds: {{ .Values.liveness.periodSeconds }}
- timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
- {{end -}}
- readinessProbe:
- tcpSocket:
- port: {{ .Values.service.internalPort }}
- initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
- periodSeconds: {{ .Values.readiness.periodSeconds }}
- env:
- - name: MYSQL_ROOT_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ template "common.fullname" . }}
- key: db-root-password
- - name: MYSQL_ROOT_HOST
- value: '%'
- - name: MYSQL_ALLOW_EMPTY_PASSWORD
- value: {{ .Values.config.dbAllowEmptyPassword | default "0" | quote }}
- volumeMounts:
- - mountPath: {{ .Values.persistence.mysqlPath }}
- name: {{ include "common.fullname" . }}-mysql
- - mountPath: /etc/mysql/conf.d
- name: conf
- resources:
-{{ include "common.resources" . | indent 12 }}
- {{- if .Values.nodeSelector }}
- nodeSelector:
-{{ toYaml .Values.nodeSelector | indent 10 }}
- {{- end -}}
- {{- if .Values.affinity }}
- affinity:
-{{ toYaml .Values.affinity | indent 10 }}
- {{- end }}
-
- - name: xtrabackup
- image: "{{ .Values.global.xtrabackupRepository | default .Values.xtrabackupRepository }}/{{ .Values.xtrabackupImage }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- env:
- - name: MYSQL_ROOT_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ template "common.fullname" . }}
- key: db-root-password
- ports:
- - containerPort: {{ .Values.xtrabackup.internalPort }}
- name: xtrabackup
- command:
- - bash
- - "-c"
- - |
- set -ex
- cd {{ .Values.persistence.mysqlPath }}
- ls -l
- # Determine binlog position of cloned data, if any.
- if [[ -f xtrabackup_slave_info ]]; then
- echo "Inside xtrabackup_slave_info"
- # XtraBackup already generated a partial "CHANGE MASTER TO" query
- # because we're cloning from an existing slave.
- mv xtrabackup_slave_info change_master_to.sql.in
- # Ignore xtrabackup_binlog_info in this case (it's useless).
- rm -f xtrabackup_binlog_info
- elif [[ -f xtrabackup_binlog_info ]]; then
- echo "Inside xtrabackup_binlog_info"
- # We're cloning directly from master. Parse binlog position.
- [[ `cat xtrabackup_binlog_info` =~ ^(.*?)[[:space:]]+(.*?)$ ]] || exit 1
- rm xtrabackup_binlog_info
- echo "CHANGE MASTER TO MASTER_LOG_FILE='${BASH_REMATCH[1]}',\
- MASTER_LOG_POS=${BASH_REMATCH[2]}" > change_master_to.sql.in
- fi
-
- [[ `hostname` =~ -([0-9]+)$ ]] || exit 1
- ordinal=${BASH_REMATCH[1]}
- echo $ordinal
-
- mysqlhost={{ include "common.fullname" . }}-$(($ordinal)).{{ .Values.service.name }}.{{ include "common.namespace" . }}
- echo $mysqlhost
-
- # Check if we need to complete a clone by starting replication.
- if [[ -f change_master_to.sql.in ]]; then
- echo "Waiting for mysqld to be ready (accepting connections)"
- until mysql --user=root --password=$MYSQL_ROOT_PASSWORD -h $mysqlhost -e "SELECT 1"; do sleep 1; done
-
- echo "Initializing replication from clone position"
- # In case of container restart, attempt this at-most-once.
- mv change_master_to.sql.in change_master_to.sql.orig
- mysql --user=root --password=$MYSQL_ROOT_PASSWORD -h $mysqlhost <<EOF
- $(<change_master_to.sql.orig),
- MASTER_HOST="{{ include "common.fullname" . }}-0.{{ .Values.service.name }}.{{ include "common.namespace" . }}",
- MASTER_USER="root",
- MASTER_PASSWORD="$MYSQL_ROOT_PASSWORD",
- MASTER_CONNECT_RETRY=10;
- START SLAVE;
- EOF
- fi
-
- # Start a server to send backups when requested by peers.
- exec ncat --listen --keep-open --send-only --max-conns=1 3307 -c \
- "xtrabackup --user=root --password=$MYSQL_ROOT_PASSWORD --backup --slave-info --stream=xbstream --host=$mysqlhost"
- volumeMounts:
- - name: {{ include "common.fullname" . }}-mysql
- mountPath: {{ .Values.persistence.mysqlPath }}
- - name: conf
- mountPath: /etc/mysql/conf.d
- volumes:
- - name: conf
- emptyDir: {}
- - name: config-map
- configMap:
- name: {{ include "common.fullname" . }}-db-configmap
- - name: localtime
- hostPath:
- path: /etc/localtime
- - name: {{ include "common.fullname" . }}-mysql
- {{ if not .Values.persistence.enabled }}
- - name: {{ include "common.fullname" . }}-mysql
- emptyDir: {}
- {{ else }}
- volumeClaimTemplates:
- - metadata:
- name: {{ include "common.fullname" . }}-mysql
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
- name: {{ include "common.fullname" . }}
- spec:
- accessModes: [ {{ .Values.persistence.accessMode }} ]
- storageClassName: {{ include "common.fullname" . }}-mysql
- resources:
- requests:
- storage: {{ .Values.persistence.size }}
- selector:
- matchLabels:
- name: {{ include "common.fullname" . }}
- {{ end }}
diff --git a/kubernetes/common/mysql/values.yaml b/kubernetes/common/mysql/values.yaml
deleted file mode 100644
index 9fd67fcabc..0000000000
--- a/kubernetes/common/mysql/values.yaml
+++ /dev/null
@@ -1,133 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
- nodePortPrefix: 302
- persistence: {}
- readinessRepository: oomk8s
- readinessImage: readiness-check:2.0.0
-
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-
-dockerHubRepository: registry.hub.docker.com
-image: library/mysql:5.7
-pullPolicy: Always
-
-# application configuration
-config:
- dbRootPassword: openECOMP1.0
-
-# default number of instances
-replicaCount: 1
-
-nodeSelector: {}
-
-affinity: {}
-
-disableNfsProvisioner: true
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 30
- periodSeconds: 10
- timeoutSeconds: 5
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: true
-
-readiness:
- initialDelaySeconds: 5
- periodSeconds: 10
-
-## Persist data to a persitent volume
-persistence:
- enabled: true
-
- ## A manually managed Persistent Volume and Claim
- ## Requires persistence.enabled: true
- ## If defined, PVC must be created manually before volume will be bound
- # existingClaim:
- volumeReclaimPolicy: Retain
-
- ## database data Persistent Volume Storage Class
- ## If defined, storageClassName: <storageClass>
- ## If set to "-", storageClassName: "", which disables dynamic provisioning
- ## If undefined (the default) or set to null, no storageClassName spec is
- ## set, choosing the default provisioner. (gp2 on AWS, standard on
- ## GKE, AWS & OpenStack)
- accessMode: ReadWriteOnce
- size: 1Gi
- mountPath: /dockerdata-nfs
- mountSubPath: "mysql/data"
- mysqlPath: /var/lib/mysql
-
-service:
- name: mysql
- portName: mysql
- internalPort: 3306
- # nfs provisioner ports
- nfsPort: 2049
- mountdPort: 20048
- rpcbindPort: 111
- rpcbindUdpPort: 111
- type: NodePort
- nodeport1: 72
- nodeport2: 73
-
-ingress:
- enabled: false
-
-resources: {}
- # We usually recommend not to specify default resources and to leave this as a conscious
- # choice for the user. This also increases chances charts run on environments with little
- # resources, such as Minikube. If you do want to specify resources, uncomment the following
- # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
- #
- # Example:
- # Configure resource requests and limits
- # ref: http://kubernetes.io/docs/user-guide/compute-resources/
- # Minimum memory for development is 2 CPU cores and 4GB memory
- # Minimum memory for production is 4 CPU cores and 8GB memory
-#resources:
-# limits:
-# cpu: 2
-# memory: 4Gi
-# requests:
-# cpu: 2
-# memory: 4Gi
-
-#################################################################
-# Sidecar Configuration.
-#
-# xtrabackup configuration defaults.
-#################################################################
-xtrabackupRepository: gcr.io/google-samples
-xtrabackupImage: xtrabackup:1.0
-xtrabackup:
- internalPort: 3307
-
-nfsprovisionerRepository: quay.io
-nfsprovisionerImage: kubernetes_incubator/nfs-provisioner:v1.0.8
-nfsprovisionerPrefix: mysql
-
-sdnctlPrefix: mysql
-
-geoEnabled: false
-geoSiteId: 1
diff --git a/kubernetes/common/nfs-provisioner/requirements.yaml b/kubernetes/common/nfs-provisioner/requirements.yaml
deleted file mode 100644
index 542c262ef0..0000000000
--- a/kubernetes/common/nfs-provisioner/requirements.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-# Copyright © 2019 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-dependencies:
- - name: common
- version: ~5.x-0
- repository: '@local'
diff --git a/kubernetes/common/nfs-provisioner/templates/nfs-provisoner.yaml b/kubernetes/common/nfs-provisioner/templates/nfs-provisoner.yaml
deleted file mode 100644
index 58cf7a3866..0000000000
--- a/kubernetes/common/nfs-provisioner/templates/nfs-provisoner.yaml
+++ /dev/null
@@ -1,78 +0,0 @@
-{{/*
-# Copyright © 2019 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: extensions/v1beta1
-kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
-spec:
- strategy:
- type: Recreate
- template:
- metadata:
- labels:
- app: {{ include "common.fullname" . }}
- release: {{ .Release.Name }}
- spec:
- containers:
- - name: {{ include "common.fullname" . }}
- image: "{{ .Values.global.nfsprovisionerRepository | default .Values.nfsprovisionerRepository }}/{{ .Values.nfsprovisionerImage }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- ports:
- - name: nfs
- containerPort: {{ .Values.service.nfsPort }}
- - name: mountd
- containerPort: {{ .Values.service.mountdPort }}
- - name: rpcbind
- containerPort: {{ .Values.service.rpcbindPort }}
- - name: rpcbind-udp
- containerPort: {{ .Values.service.rpcbindUdpPort }}
- protocol: UDP
- securityContext:
- capabilities:
- add:
- - DAC_READ_SEARCH
- - SYS_RESOURCE
- args:
- - "-provisioner={{ include "common.namespace" . }}/nfs"
- env:
- - name: POD_IP
- valueFrom:
- fieldRef:
- fieldPath: status.podIP
- - name: SERVICE_NAME
- value: {{ include "common.servicename" . }}
- - name: POD_NAMESPACE
- valueFrom:
- fieldRef:
- fieldPath: metadata.namespace
- volumeMounts:
- - name: export-volume
- mountPath: /export
- {{- if .Values.affinity }}
- affinity:
- {{ toYaml .Values.affinity | indent 8 }}
- {{- end }}
- volumes:
- - name: export-volume
- hostPath:
- path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}
diff --git a/kubernetes/common/nfs-provisioner/templates/service.yaml b/kubernetes/common/nfs-provisioner/templates/service.yaml
deleted file mode 100644
index f9bba0f872..0000000000
--- a/kubernetes/common/nfs-provisioner/templates/service.yaml
+++ /dev/null
@@ -1,39 +0,0 @@
-{{/*
-# Copyright © 2019 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-kind: Service
-apiVersion: v1
-metadata:
- name: {{ include "common.servicename" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.fullname" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
-spec:
- ports:
- - name: nfs
- port: {{ .Values.service.nfsPort }}
- - name: mountd
- port: {{ .Values.service.mountdPort }}
- - name: rpcbind
- port: {{ .Values.service.rpcbindPort }}
- - name: rpcbind-udp
- port: {{ .Values.service.rpcbindUdpPort }}
- protocol: UDP
- selector:
- app: {{ include "common.fullname" . }} \ No newline at end of file
diff --git a/kubernetes/common/nfs-provisioner/values.yaml b/kubernetes/common/nfs-provisioner/values.yaml
deleted file mode 100644
index 687219d680..0000000000
--- a/kubernetes/common/nfs-provisioner/values.yaml
+++ /dev/null
@@ -1,50 +0,0 @@
-# Copyright © 2019 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
- persistence:
- mountPath: /dockerdata-nfs
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-
-dockerHubRepository: registry.hub.docker.com
-pullPolicy: Always
-
-# default number of instances
-
-nodeSelector: {}
-
-affinity: {}
-
-service:
- name: nfs-provisioner
- nfsPort: 2049
- mountdPort: 20048
- rpcbindPort: 111
- rpcbindUdpPort: 111
-
-## Persist data to a persitent volume
-persistence:
- enabled: true
- mountPath: /dockerdata-nfs
-
-## NFS provisioner image properties
-nfsprovisionerRepository: quay.io
-nfsprovisionerImage: kubernetes_incubator/nfs-provisioner:v1.0.8
-
diff --git a/kubernetes/common/postgres/templates/pv.yaml b/kubernetes/common/postgres/templates/pv.yaml
index 144a3f793b..bcd67d79cb 100644
--- a/kubernetes/common/postgres/templates/pv.yaml
+++ b/kubernetes/common/postgres/templates/pv.yaml
@@ -13,46 +13,33 @@
# # See the License for the specific language governing permissions and
# # limitations under the License.
*/}}
-{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
+{{- $global := . }}
+{{- if and $global.Values.persistence.enabled (not $global.Values.persistence.existingClaim) }}
+{{- if eq "True" (include "common.needPV" .) -}}
+{{- range $i := until (int $global.Values.replicaCount)}}
kind: PersistentVolume
apiVersion: v1
metadata:
- name: {{ include "common.fullname" . }}-data0
- namespace: {{ include "common.namespace" . }}
+ name: {{ include "common.fullname" $global }}-data-{{ $i }}
+ namespace: {{ include "common.namespace" $global }}
labels:
- app: {{ include "common.fullname" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
- name: {{ include "common.fullname" . }}
+ app: {{ include "common.fullname" $global }}
+ chart: "{{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}"
+ release: "{{ $global.Release.Name }}"
+ heritage: "{{ $global.Release.Service }}"
+ name: {{ include "common.fullname" $global }}
spec:
capacity:
- storage: {{ .Values.persistence.size}}
+ storage: {{ $global.Values.persistence.size}}
accessModes:
- - {{ .Values.persistence.accessMode }}
- storageClassName: "{{ include "common.fullname" . }}-data"
- persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
+ - {{ $global.Values.persistence.accessMode }}
+ persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }}
+ storageClassName: "{{ include "common.fullname" $global }}-data"
hostPath:
- path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}0
+ path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.mountSubPath }}-{{$i}}
+{{if ne $i (int $global.Values.replicaCount) }}
---
-kind: PersistentVolume
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}-data1
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.fullname" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
- name: {{ include "common.fullname" . }}
-spec:
- capacity:
- storage: {{ .Values.persistence.size}}
- accessModes:
- - {{ .Values.persistence.accessMode }}
- storageClassName: "{{ include "common.fullname" . }}-data"
- persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
- hostPath:
- path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}1
+{{- end -}}
+{{- end -}}
+{{- end -}}
{{- end -}}
diff --git a/kubernetes/common/postgres/templates/statefulset.yaml b/kubernetes/common/postgres/templates/statefulset.yaml
index db4a256f12..7c38d1d9d7 100644
--- a/kubernetes/common/postgres/templates/statefulset.yaml
+++ b/kubernetes/common/postgres/templates/statefulset.yaml
@@ -37,23 +37,13 @@ spec:
- /bin/sh
- -c
- |
- for i in $(seq 0 $(({{ .Values.replicaCount }}-1))); do
- if [ ! -d /podroot/data$i ]; then
- mkdir -p /podroot/data$i;
- chown 26:26 /podroot/data$i;
- chmod 700 /podroot/data$i;
- fi;
- done
- env:
- - name: POD_NAME
- valueFrom: { fieldRef: { fieldPath: metadata.name } }
- securityContext:
- privileged: true
+ chown -R 26:26 /podroot/;
+ chmod 700 /podroot/;
image: {{ .Values.global.busyboxRepository | default .Values.busyboxRepository }}/{{ .Values.busyboxImage }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: init-sysctl
+ name: {{ include "common.name" . }}-prepare
volumeMounts:
- - name: {{ include "common.fullname" . }}-init
+ - name: {{ include "common.fullname" . }}-data
mountPath: /podroot/
containers:
- name: {{ include "common.name" . }}
@@ -129,27 +119,25 @@ spec:
- name: localtime
hostPath:
path: /etc/localtime
- - name: {{ include "common.fullname" . }}-init
- hostPath:
- path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountInitPath }}
- name: {{ include "common.fullname" . }}-backup
emptyDir: {}
-#{{ if not .Values.persistence.enabled }}
+{{- if not .Values.persistence.enabled }}
- name: {{ include "common.fullname" . }}-data
emptyDir: {}
-#{{ else }}
+{{- else }}
volumeClaimTemplates:
- metadata:
name: {{ include "common.fullname" . }}-data
labels:
name: {{ include "common.fullname" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
spec:
- accessModes: [ {{ .Values.persistence.accessMode }} ]
- storageClassName: {{ include "common.fullname" . }}-data
+ accessModes:
+ - {{ .Values.persistence.accessMode | quote }}
+ storageClassName: {{ include "common.storageClass" . }}
resources:
requests:
- storage: {{ .Values.persistence.size }}
- selector:
- matchLabels:
- name: {{ include "common.fullname" . }}
-#{{ end }}
+ storage: {{ .Values.persistence.size | quote }}
+{{- end }}