summaryrefslogtreecommitdiffstats
path: root/kubernetes/common
diff options
context:
space:
mode:
Diffstat (limited to 'kubernetes/common')
-rw-r--r--kubernetes/common/dgbuilder/values.yaml2
-rw-r--r--kubernetes/common/elasticsearch/components/data/templates/statefulset.yaml6
-rw-r--r--kubernetes/common/elasticsearch/components/master/templates/statefulset.yaml6
-rw-r--r--kubernetes/common/elasticsearch/templates/coordinating-deploy.yaml6
-rw-r--r--kubernetes/common/etcd-init/templates/job.yaml3
-rw-r--r--kubernetes/common/etcd-init/values.yaml4
-rw-r--r--kubernetes/common/network-name-gen/templates/deployment.yaml12
-rw-r--r--kubernetes/common/network-name-gen/values.yaml10
-rw-r--r--kubernetes/common/postgres-init/templates/job.yaml3
-rw-r--r--kubernetes/common/postgres-init/values.yaml4
10 files changed, 50 insertions, 6 deletions
diff --git a/kubernetes/common/dgbuilder/values.yaml b/kubernetes/common/dgbuilder/values.yaml
index f23955db2e..ddad8d7360 100644
--- a/kubernetes/common/dgbuilder/values.yaml
+++ b/kubernetes/common/dgbuilder/values.yaml
@@ -130,7 +130,7 @@ readiness:
service:
type: NodePort
name: dgbuilder
- portName: dgbuilder
+ portName: http
externalPort: 3000
internalPort: 3100
nodePort: 28
diff --git a/kubernetes/common/elasticsearch/components/data/templates/statefulset.yaml b/kubernetes/common/elasticsearch/components/data/templates/statefulset.yaml
index ea805c1813..a7278ba104 100644
--- a/kubernetes/common/elasticsearch/components/data/templates/statefulset.yaml
+++ b/kubernetes/common/elasticsearch/components/data/templates/statefulset.yaml
@@ -111,6 +111,12 @@ spec:
value: "yes"
- name: ELASTICSEARCH_NODE_TYPE
value: "data"
+ - name: network.bind_host
+ value: 127.0.0.1
+ - name: network.publish_host
+ valueFrom:
+ fieldRef:
+ fieldPath: status.podIP
ports: {{- include "common.containerPorts" . |indent 12 }}
{{- if .Values.livenessProbe.enabled }}
livenessProbe:
diff --git a/kubernetes/common/elasticsearch/components/master/templates/statefulset.yaml b/kubernetes/common/elasticsearch/components/master/templates/statefulset.yaml
index a35b4bf741..85ea2bbc54 100644
--- a/kubernetes/common/elasticsearch/components/master/templates/statefulset.yaml
+++ b/kubernetes/common/elasticsearch/components/master/templates/statefulset.yaml
@@ -115,6 +115,12 @@ spec:
value: {{ .Values.dedicatednode | quote }}
- name: ELASTICSEARCH_NODE_TYPE
value: "master"
+ - name: network.bind_host
+ value: 127.0.0.1
+ - name: network.publish_host
+ valueFrom:
+ fieldRef:
+ fieldPath: status.podIP
ports: {{- include "common.containerPorts" . |indent 12 }}
{{- if .Values.livenessProbe.enabled }}
livenessProbe:
diff --git a/kubernetes/common/elasticsearch/templates/coordinating-deploy.yaml b/kubernetes/common/elasticsearch/templates/coordinating-deploy.yaml
index 22de4dbf37..05e09cb696 100644
--- a/kubernetes/common/elasticsearch/templates/coordinating-deploy.yaml
+++ b/kubernetes/common/elasticsearch/templates/coordinating-deploy.yaml
@@ -113,6 +113,12 @@ spec:
value: "coordinating"
- name: ELASTICSEARCH_PORT_NUMBER
value: "9000"
+ - name: network.bind_host
+ value: 127.0.0.1
+ - name: network.publish_host
+ valueFrom:
+ fieldRef:
+ fieldPath: status.podIP
{{/*ports: {{- include "common.containerPorts" . | indent 12 -}} */}}
{{- if .Values.livenessProbe.enabled }}
livenessProbe:
diff --git a/kubernetes/common/etcd-init/templates/job.yaml b/kubernetes/common/etcd-init/templates/job.yaml
index 69bcfaaf99..9d7dcc26da 100644
--- a/kubernetes/common/etcd-init/templates/job.yaml
+++ b/kubernetes/common/etcd-init/templates/job.yaml
@@ -55,6 +55,8 @@ spec:
- /bin/sh
- -ec
- |
+ {{- if include "common.onServiceMesh" . }}
+ echo "waiting 15s for istio side cars to be up"; sleep 15s;{{- end }}
# Create users
export ETCDCTL_ENDPOINTS=http://${ETCD_HOST}:${ETCD_PORT}
export ETCDCTL_API=3
@@ -89,6 +91,7 @@ spec:
name: localtime
readOnly: true
resources: {{ include "common.resources" . | nindent 12 }}
+ {{ include "common.waitForJobContainer" . | indent 6 | trim }}
{{- if .Values.nodeSelector }}
nodeSelector: {{ toYaml .Values.nodeSelector | nindent 10 }}
{{- end -}}
diff --git a/kubernetes/common/etcd-init/values.yaml b/kubernetes/common/etcd-init/values.yaml
index c99c9f1e5b..6ccfb3e5d7 100644
--- a/kubernetes/common/etcd-init/values.yaml
+++ b/kubernetes/common/etcd-init/values.yaml
@@ -72,3 +72,7 @@ resources:
cpu: 20m
memory: 20Mi
unlimited: {}
+
+wait_for_job_container:
+ containers:
+ - '{{ include "common.name" . }}'
diff --git a/kubernetes/common/network-name-gen/templates/deployment.yaml b/kubernetes/common/network-name-gen/templates/deployment.yaml
index 9bdf19c7ec..97fece8a54 100644
--- a/kubernetes/common/network-name-gen/templates/deployment.yaml
+++ b/kubernetes/common/network-name-gen/templates/deployment.yaml
@@ -80,7 +80,11 @@ spec:
- name: POL_BASIC_AUTH_PASSWORD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pol-basic-auth-secret" "key" "password") | indent 10}}
- name: POL_URL
- value: "{{ .Values.config.polUrl }}"
+ {{- if (include "common.needTLS" .) }}
+ value: "{{ .Values.config.polUrl.https }}"
+ {{- else }}
+ value: "{{ .Values.config.polUrl.http }}"
+ {{- end }}
- name: POL_ENV
value: "{{ .Values.config.polEnv }}"
- name: POL_REQ_ID
@@ -90,7 +94,11 @@ spec:
- name: AAI_CERT_PATH
value: "{{ .Values.config.aaiCertPath }}"
- name: AAI_URI
- value: "{{ .Values.config.aaiUri }}"
+ {{- if (include "common.needTLS" .) }}
+ value: "{{ .Values.config.aaiUri.https }}"
+ {{- else }}
+ value: "{{ .Values.config.aaiUri.http }}"
+ {{- end }}
- name: AAI_AUTH
value: "{{ .Values.config.aaiAuth }}"
- name: DISABLE_HOST_VERIFICATION
diff --git a/kubernetes/common/network-name-gen/values.yaml b/kubernetes/common/network-name-gen/values.yaml
index 5f864a6555..e5e2a7a338 100644
--- a/kubernetes/common/network-name-gen/values.yaml
+++ b/kubernetes/common/network-name-gen/values.yaml
@@ -87,14 +87,18 @@ config:
polClientAuth: cHl0aG9uOnRlc3Q=
polBasicAuthUser: healthcheck
polBasicAuthPassword: zb!XztG34
- polUrl: https://policy-xacml-pdp:6969/policy/pdpx/v1/decision
+ polUrl:
+ https: https://policy-xacml-pdp:6969/policy/pdpx/v1/decision
+ http: http://policy-xacml-pdp:8080/policy/pdpx/v1/decision
polEnv: TEST
polReqId: xx
disableHostVerification: true
aaiCertPass: changeit
aaiCertPath: /opt/etc/config/aai_keystore
aaiAuth: QUFJOkFBSQ==
- aaiUri: https://aai:8443/aai/v14/
+ aaiUri:
+ https: https://aai:8443/aai/v14/
+ http: http://aai:8080/aai/v14/
# default number of instances
replicaCount: 1
@@ -118,7 +122,7 @@ readiness:
service:
type: ClusterIP
name: neng-serv
- portName: neng-serv-port
+ portName: http
internalPort: 8080
externalPort: 8080
diff --git a/kubernetes/common/postgres-init/templates/job.yaml b/kubernetes/common/postgres-init/templates/job.yaml
index 01151bb4a9..d9a7386f83 100644
--- a/kubernetes/common/postgres-init/templates/job.yaml
+++ b/kubernetes/common/postgres-init/templates/job.yaml
@@ -59,6 +59,8 @@ spec:
}
export PG_PASSWORD=`prepare_password $PG_PASSWORD_INPUT`;
export PG_ROOT_PASSWORD=`prepare_password $PG_ROOT_PASSWORD_INPUT`;
+ {{- if include "common.onServiceMesh" . }}
+ echo "waiting 15s for istio side cars to be up"; sleep 15s;{{- end }}
cd /config-input && for PFILE in `ls -1 .`; do envsubst <${PFILE} >/config/${PFILE}; done;
psql "postgresql://postgres:$PG_ROOT_PASSWORD@$PG_HOST" < /config/setup.sql
env:
@@ -98,6 +100,7 @@ spec:
name: pgconf
resources:
{{ include "common.resources" . | indent 12 }}
+ {{ include "common.waitForJobContainer" . | indent 6 | trim }}
{{- if .Values.nodeSelector }}
nodeSelector:
{{ toYaml .Values.nodeSelector | indent 10 }}
diff --git a/kubernetes/common/postgres-init/values.yaml b/kubernetes/common/postgres-init/values.yaml
index 7bcd8e23b4..d6d51f0b51 100644
--- a/kubernetes/common/postgres-init/values.yaml
+++ b/kubernetes/common/postgres-init/values.yaml
@@ -89,3 +89,7 @@ resources:
cpu: 1
memory: 2Gi
unlimited: {}
+
+wait_for_job_container:
+ containers:
+ - '{{ include "common.name" . }}-update-config' \ No newline at end of file