aboutsummaryrefslogtreecommitdiffstats
path: root/kubernetes/common
diff options
context:
space:
mode:
Diffstat (limited to 'kubernetes/common')
-rw-r--r--kubernetes/common/cassandra/resources/config/docker-entrypoint.sh2
-rw-r--r--kubernetes/common/cassandra/resources/restore.sh2
-rw-r--r--kubernetes/common/cmpv2Certificate/templates/_certServiceClient.tpl189
-rw-r--r--kubernetes/common/cmpv2Config/values.yaml12
-rw-r--r--kubernetes/common/dgbuilder/requirements.yaml3
-rw-r--r--kubernetes/common/dgbuilder/templates/deployment.yaml1
-rw-r--r--kubernetes/common/dgbuilder/values.yaml5
-rw-r--r--kubernetes/common/etcd-init/.helmignore21
-rw-r--r--kubernetes/common/etcd-init/Chart.yaml (renamed from kubernetes/common/cmpv2Certificate/Chart.yaml)6
-rw-r--r--kubernetes/common/etcd-init/requirements.yaml (renamed from kubernetes/common/cmpv2Certificate/requirements.yaml)5
-rw-r--r--kubernetes/common/etcd-init/templates/job.yaml104
-rw-r--r--kubernetes/common/etcd-init/templates/secret.yaml (renamed from kubernetes/common/cmpv2Certificate/values.yaml)6
-rw-r--r--kubernetes/common/etcd-init/values.yaml74
-rw-r--r--kubernetes/common/etcd/templates/statefulset.yaml2
-rw-r--r--kubernetes/common/repositoryGenerator/templates/_repository.tpl6
-rw-r--r--kubernetes/common/repositoryGenerator/values.yaml2
16 files changed, 221 insertions, 219 deletions
diff --git a/kubernetes/common/cassandra/resources/config/docker-entrypoint.sh b/kubernetes/common/cassandra/resources/config/docker-entrypoint.sh
index ff1908c1bb..5f23a89867 100644
--- a/kubernetes/common/cassandra/resources/config/docker-entrypoint.sh
+++ b/kubernetes/common/cassandra/resources/config/docker-entrypoint.sh
@@ -12,7 +12,7 @@ fi
if [ "$1" = 'cassandra' -a "$(id -u)" = '0' ]; then
find /var/lib/cassandra /var/log/cassandra "$CASSANDRA_CONFIG" \
\! -user cassandra -exec chown cassandra '{}' +
- exec gosu cassandra "$BASH_SOURCE" "$@"
+ exec gosu cassandra "$0" "$@"
fi
_ip_address() {
diff --git a/kubernetes/common/cassandra/resources/restore.sh b/kubernetes/common/cassandra/resources/restore.sh
index a8105345f7..7f271d262f 100644
--- a/kubernetes/common/cassandra/resources/restore.sh
+++ b/kubernetes/common/cassandra/resources/restore.sh
@@ -41,7 +41,7 @@ then
print_usage
fi
-while [[ $# -gt 0 ]]
+while [ $# -gt 0 ]
do
key="$1"
shift
diff --git a/kubernetes/common/cmpv2Certificate/templates/_certServiceClient.tpl b/kubernetes/common/cmpv2Certificate/templates/_certServiceClient.tpl
deleted file mode 100644
index f80b06b4d3..0000000000
--- a/kubernetes/common/cmpv2Certificate/templates/_certServiceClient.tpl
+++ /dev/null
@@ -1,189 +0,0 @@
-{{/*
-# Copyright © 2021 Nokia
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{/*
-In order to use certServiceClient it is needed do define certificates array in target component values.yaml. Each
-certificate will be requested from separate init container
-
-Minimum example of array in target component values.yaml:
-certificates:
- - mountPath: /var/custom-certs
- commonName: common-name
-
-Full example (other fields are ignored):
-certificates:
- - mountPath: /var/custom-certs
- caName: RA
- keystore:
- outputType:
- - jks
- commonName: common-name
- dnsNames:
- - dns-name-1
- - dns-name-2
- ipAddresses:
- - 192.168.0.1
- - 192.168.0.2
- emailAddresses:
- - email-1@onap.org
- - email-2@onap.org
- uris:
- - http://uri-1.onap.org
- - http://uri-2.onap.org
- subject:
- organization: Linux-Foundation
- country: US
- locality: San Francisco
- province: California
- organizationalUnit: ONAP
-
-There also need to be some includes used in a target component deployment (indent values may need to be adjusted):
- 1. In initContainers section:
- {{ include "common.certServiceClient.initContainer" . | indent 6 }}
- 2. In volumeMounts section of container using certificates:
- {{ include "common.certServiceClient.volumeMounts" . | indent 10 }}
- 3. In volumes section:
- {{ include "common.certServiceClient.volumes" . | indent 8 }}
-
-*/}}
-
-{{- define "common.certServiceClient.initContainer" -}}
-{{- $dot := default . .dot -}}
-{{- $initRoot := default $dot.Values.cmpv2Certificate.cmpv2Config .initRoot -}}
-{{- $subchartGlobal := mergeOverwrite (deepCopy $initRoot.global) $dot.Values.global -}}
-{{- if and $subchartGlobal.cmpv2Enabled (not $subchartGlobal.CMPv2CertManagerIntegration) -}}
-{{- range $index, $certificate := $dot.Values.certificates -}}
-{{/*# General certifiacate attributes #*/}}
-{{- $commonName := (required "'commonName' for Certificate is required." $certificate.commonName) -}}
-{{/*# SAN's #*/}}
-{{- $dnsNames := default (list) $certificate.dnsNames -}}
-{{- $ipAddresses := default (list) $certificate.ipAddresses -}}
-{{- $uris := default (list) $certificate.uris -}}
-{{- $emailAddresses := default (list) $certificate.emailAddresses -}}
-{{- $sansList := concat $dnsNames $ipAddresses $uris $emailAddresses -}}
-{{- $sans := join "," $sansList }}
-{{/*# Subject #*/}}
-{{- $organization := $subchartGlobal.certificate.default.subject.organization -}}
-{{- $country := $subchartGlobal.certificate.default.subject.country -}}
-{{- $locality := $subchartGlobal.certificate.default.subject.locality -}}
-{{- $province := $subchartGlobal.certificate.default.subject.province -}}
-{{- $orgUnit := $subchartGlobal.certificate.default.subject.organizationalUnit -}}
-{{- if $certificate.subject -}}
-{{- $organization := $certificate.subject.organization -}}
-{{- $country := $certificate.subject.country -}}
-{{- $locality := $certificate.subject.locality -}}
-{{- $province := $certificate.subject.province -}}
-{{- $orgUnit := $certificate.subject.organizationalUnit -}}
-{{- end -}}
-{{- $caName := default $subchartGlobal.platform.certServiceClient.envVariables.caName $certificate.caName -}}
-{{- $outputType := $subchartGlobal.platform.certServiceClient.envVariables.outputType -}}
-{{- if $certificate.keystore -}}
-{{- $outputTypeList := (required "'outputType' in 'keystore' section is required." $certificate.keystore.outputType) -}}
-{{- $outputType = mustFirst ($outputTypeList) | upper -}}
-{{- end -}}
-{{- $requestUrl := $subchartGlobal.platform.certServiceClient.envVariables.requestURL -}}
-{{- $certPath := $subchartGlobal.platform.certServiceClient.envVariables.certPath -}}
-{{- $requestTimeout := $subchartGlobal.platform.certServiceClient.envVariables.requestTimeout -}}
-{{- $certificatesSecret:= $subchartGlobal.platform.certServiceClient.clientSecretName -}}
-{{- $certificatesSecretMountPath := $subchartGlobal.platform.certServiceClient.certificatesSecretMountPath -}}
-{{- $keystorePath := (printf "%s%s" $subchartGlobal.platform.certServiceClient.certificatesSecretMountPath $subchartGlobal.platform.certificates.keystoreKeyRef ) -}}
-{{- $keystorePasswordSecret := $subchartGlobal.platform.certificates.keystorePasswordSecretName -}}
-{{- $keystorePasswordSecretKey := $subchartGlobal.platform.certificates.keystorePasswordSecretKey -}}
-{{- $truststorePath := (printf "%s%s" $subchartGlobal.platform.certServiceClient.certificatesSecretMountPath $subchartGlobal.platform.certificates.truststoreKeyRef ) -}}
-{{- $truststorePasswordSecret := $subchartGlobal.platform.certificates.truststorePasswordSecretName -}}
-{{- $truststorePasswordSecretKey := $subchartGlobal.platform.certificates.truststorePasswordSecretKey -}}
-- name: certs-init-{{ $index }}
- image: {{ include "repositoryGenerator.image.certserviceclient" $dot }}
- imagePullPolicy: {{ $dot.Values.global.pullPolicy | default $dot.Values.pullPolicy }}
- env:
- - name: REQUEST_URL
- value: {{ $requestUrl | quote }}
- - name: REQUEST_TIMEOUT
- value: {{ $requestTimeout | quote }}
- - name: OUTPUT_PATH
- value: {{ $certPath | quote }}
- - name: OUTPUT_TYPE
- value: {{ $outputType | quote }}
- - name: CA_NAME
- value: {{ $caName | quote }}
- - name: COMMON_NAME
- value: {{ $commonName | quote }}
- - name: SANS
- value: {{ $sans | quote }}
- - name: ORGANIZATION
- value: {{ $organization | quote }}
- - name: ORGANIZATION_UNIT
- value: {{ $orgUnit | quote }}
- - name: LOCATION
- value: {{ $locality | quote }}
- - name: STATE
- value: {{ $province | quote }}
- - name: COUNTRY
- value: {{ $country | quote }}
- - name: KEYSTORE_PATH
- value: {{ $keystorePath | quote }}
- - name: KEYSTORE_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ $keystorePasswordSecret | quote}}
- key: {{ $keystorePasswordSecretKey | quote}}
- - name: TRUSTSTORE_PATH
- value: {{ $truststorePath | quote }}
- - name: TRUSTSTORE_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ $truststorePasswordSecret | quote}}
- key: {{ $truststorePasswordSecretKey | quote}}
- terminationMessagePath: /dev/termination-log
- terminationMessagePolicy: File
- volumeMounts:
- - mountPath: {{ $certPath }}
- name: cmpv2-certs-volume-{{ $index }}
- - mountPath: {{ $certificatesSecretMountPath }}
- name: certservice-tls-volume
-{{- end -}}
-{{- end -}}
-{{- end -}}
-
-{{- define "common.certServiceClient.volumes" -}}
-{{- $dot := default . .dot -}}
-{{- $initRoot := default $dot.Values.cmpv2Certificate.cmpv2Config .initRoot -}}
-{{- $subchartGlobal := mergeOverwrite (deepCopy $initRoot.global) $dot.Values.global -}}
-{{- if and $subchartGlobal.cmpv2Enabled (not $subchartGlobal.CMPv2CertManagerIntegration) -}}
-{{- $certificatesSecretName := $subchartGlobal.platform.certificates.clientSecretName -}}
-- name: certservice-tls-volume
- secret:
- secretName: {{ $certificatesSecretName }}
-{{ range $index, $certificate := $dot.Values.certificates -}}
-- name: cmpv2-certs-volume-{{ $index }}
- emptyDir:
- medium: Memory
-{{- end -}}
-{{- end -}}
-{{- end -}}
-
-{{- define "common.certServiceClient.volumeMounts" -}}
-{{- $dot := default . .dot -}}
-{{- $initRoot := default $dot.Values.cmpv2Certificate.cmpv2Config .initRoot -}}
-{{- $subchartGlobal := mergeOverwrite (deepCopy $initRoot.global) $dot.Values.global -}}
-{{- if and $subchartGlobal.cmpv2Enabled (not $subchartGlobal.CMPv2CertManagerIntegration) -}}
-{{- range $index, $certificate := $dot.Values.certificates -}}
-{{- $mountPath := $certificate.mountPath -}}
-- mountPath: {{ $mountPath }}
- name: cmpv2-certs-volume-{{ $index }}
-{{ end -}}
-{{- end -}}
-{{- end -}}
diff --git a/kubernetes/common/cmpv2Config/values.yaml b/kubernetes/common/cmpv2Config/values.yaml
index 695e40616c..02595b348d 100644
--- a/kubernetes/common/cmpv2Config/values.yaml
+++ b/kubernetes/common/cmpv2Config/values.yaml
@@ -15,7 +15,6 @@ global:
# Enabling CMPv2
cmpv2Enabled: true
- CMPv2CertManagerIntegration: false
certificate:
default:
@@ -35,17 +34,6 @@ global:
keystorePasswordSecretKey: password
truststorePasswordSecretName: oom-cert-service-truststore-password
truststorePasswordSecretKey: password
- certServiceClient:
- image: onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.3.3
- certificatesSecretMountPath: /etc/onap/oom/certservice/certs/
- envVariables:
- certPath: "/var/custom-certs"
- # Certificate related
- caName: "RA"
- # Client configuration related
- requestURL: "https://oom-cert-service:8443/v1/certificate/"
- requestTimeout: "30000"
- outputType: "P12"
certPostProcessor:
image: onap/org.onap.oom.platform.cert-service.oom-certservice-post-processor:2.3.3
diff --git a/kubernetes/common/dgbuilder/requirements.yaml b/kubernetes/common/dgbuilder/requirements.yaml
index 0157b7063e..1bbab11af4 100644
--- a/kubernetes/common/dgbuilder/requirements.yaml
+++ b/kubernetes/common/dgbuilder/requirements.yaml
@@ -22,3 +22,6 @@ dependencies:
- name: repositoryGenerator
version: ~8.x-0
repository: 'file://../repositoryGenerator'
+ - name: serviceAccount
+ version: ~8.x-0
+ repository: 'file://../serviceAccount'
diff --git a/kubernetes/common/dgbuilder/templates/deployment.yaml b/kubernetes/common/dgbuilder/templates/deployment.yaml
index ad3e4cf128..6538ad0836 100644
--- a/kubernetes/common/dgbuilder/templates/deployment.yaml
+++ b/kubernetes/common/dgbuilder/templates/deployment.yaml
@@ -128,6 +128,7 @@ spec:
affinity:
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
+ serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes:
{{ include "common.certInitializer.volumes" . | nindent 8 }}
- name: localtime
diff --git a/kubernetes/common/dgbuilder/values.yaml b/kubernetes/common/dgbuilder/values.yaml
index ae1d85795d..0f91bbd882 100644
--- a/kubernetes/common/dgbuilder/values.yaml
+++ b/kubernetes/common/dgbuilder/values.yaml
@@ -186,3 +186,8 @@ resources:
memory: 4Gi
unlimited: {}
+#Pods Service Account
+serviceAccount:
+ nameOverride: dgbuilder
+ roles:
+ - read
diff --git a/kubernetes/common/etcd-init/.helmignore b/kubernetes/common/etcd-init/.helmignore
new file mode 100644
index 0000000000..f0c1319444
--- /dev/null
+++ b/kubernetes/common/etcd-init/.helmignore
@@ -0,0 +1,21 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
diff --git a/kubernetes/common/cmpv2Certificate/Chart.yaml b/kubernetes/common/etcd-init/Chart.yaml
index 6641ec6954..20f5ac40cc 100644
--- a/kubernetes/common/cmpv2Certificate/Chart.yaml
+++ b/kubernetes/common/etcd-init/Chart.yaml
@@ -1,4 +1,4 @@
-# Copyright © 2021 Nokia
+# Copyright (C) 2021 Wipro Limited.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -13,6 +13,6 @@
# limitations under the License.
apiVersion: v1
-description: Template used to add cmpv2 certificates to components
-name: cmpv2Certificate
+description: Chart for etcd init job
+name: etcd-init
version: 8.0.0
diff --git a/kubernetes/common/cmpv2Certificate/requirements.yaml b/kubernetes/common/etcd-init/requirements.yaml
index b10896d2ce..008789b822 100644
--- a/kubernetes/common/cmpv2Certificate/requirements.yaml
+++ b/kubernetes/common/etcd-init/requirements.yaml
@@ -1,4 +1,4 @@
-# Copyright © 2021 Nokia
+# Copyright (C) 2021 Wipro Limited.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -19,6 +19,3 @@ dependencies:
- name: repositoryGenerator
version: ~8.x-0
repository: 'file://../repositoryGenerator'
- - name: cmpv2Config
- version: ~8.x-0
- repository: 'file://../cmpv2Config'
diff --git a/kubernetes/common/etcd-init/templates/job.yaml b/kubernetes/common/etcd-init/templates/job.yaml
new file mode 100644
index 0000000000..69bcfaaf99
--- /dev/null
+++ b/kubernetes/common/etcd-init/templates/job.yaml
@@ -0,0 +1,104 @@
+{{/*
+# Copyright (C) 2021 Wipro Limited.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+apiVersion: batch/v1
+kind: Job
+metadata:
+ name: {{ include "common.fullname" . }}-job
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ include "common.release" . }}
+ heritage: {{ .Release.Service }}
+spec:
+ backoffLimit: {{ .Values.backoffLimit }}
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ include "common.release" . }}
+ name: {{ include "common.name" . }}
+ spec:
+ initContainers:
+ - name: {{ include "common.name" . }}-readiness
+ command:
+ - /app/ready.py
+ args:
+ - --container-name
+ - {{ .Values.etcd.containerName }}
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ image: {{ include "repositoryGenerator.image.readiness" . }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ containers:
+ - name: {{ include "common.name" . }}
+ image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command:
+ - /bin/sh
+ - -ec
+ - |
+ # Create users
+ export ETCDCTL_ENDPOINTS=http://${ETCD_HOST}:${ETCD_PORT}
+ export ETCDCTL_API=3
+ echo "${ROOT_PASSWORD}" | etcdctl user add root --interactive=false
+ echo "${APP_PASSWORD}" | etcdctl user add ${APP_USER} --interactive=false
+
+ # Create roles
+ etcdctl role add ${APP_ROLE}
+ etcdctl role grant-permission ${APP_ROLE} --prefix=true readwrite ${KEY_PREFIX}
+
+ etcdctl user grant-role ${APP_USER} ${APP_ROLE}
+ etcdctl auth enable
+ env:
+ - name: ALLOW_NONE_AUTHENTICATION
+ value: "yes"
+ - name: ETCD_HOST
+ value: "{{ .Values.etcd.serviceName }}.{{ include "common.namespace" . }}"
+ - name: ETCD_PORT
+ value: "{{ .Values.etcd.port }}"
+ - name: ROOT_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "root-password" "key" "password" ) | indent 10 }}
+ - name: APP_USER
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "app-creds" "key" "login") | indent 10 }}
+ - name: APP_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "app-creds" "key" "password") | indent 10 }}
+ - name: APP_ROLE
+ value: "{{ .Values.config.appRole }}"
+ - name: KEY_PREFIX
+ value: "{{ .Values.config.keyPrefix }}"
+ volumeMounts:
+ - mountPath: /etc/localtime
+ name: localtime
+ readOnly: true
+ resources: {{ include "common.resources" . | nindent 12 }}
+ {{- if .Values.nodeSelector }}
+ nodeSelector: {{ toYaml .Values.nodeSelector | nindent 10 }}
+ {{- end -}}
+ {{- if .Values.affinity }}
+ affinity: {{ toYaml .Values.affinity | nindent 10 }}
+ {{- end }}
+ volumes:
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+ restartPolicy: Never
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/common/cmpv2Certificate/values.yaml b/kubernetes/common/etcd-init/templates/secret.yaml
index 504947525d..e874185693 100644
--- a/kubernetes/common/cmpv2Certificate/values.yaml
+++ b/kubernetes/common/etcd-init/templates/secret.yaml
@@ -1,4 +1,5 @@
-# Copyright © 2021 Nokia
+{{/*
+# Copyright (C) 2021 Wipro Limited.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -11,3 +12,6 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
+
+{{ include "common.secretFast" . }}
diff --git a/kubernetes/common/etcd-init/values.yaml b/kubernetes/common/etcd-init/values.yaml
new file mode 100644
index 0000000000..c99c9f1e5b
--- /dev/null
+++ b/kubernetes/common/etcd-init/values.yaml
@@ -0,0 +1,74 @@
+# Copyright (C) 2021 Wipro Limited.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global: {}
+
+#################################################################
+# Secrets metaconfig
+#################################################################
+secrets:
+ - uid: root-password
+ type: password
+ externalSecret: '{{ tpl (default "" .Values.config.userRootSecret) . }}'
+ password: '{{ .Values.config.userRootPassword }}'
+ - uid: app-creds
+ type: basicAuth
+ externalSecret: '{{ tpl (default "" .Values.config.userCredentialsExternalSecret) . }}'
+ login: '{{ .Values.config.appUser }}'
+ password: '{{ .Values.config.appPassword }}'
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+
+image: bitnami/etcd:3.3.15
+pullPolicy: Always
+backoffLimit: 20
+
+nodeSelector: {}
+
+affinity: {}
+
+etcd:
+ serviceName: k8s-etcd
+ port : 2379
+ containerName: k8s-etcd
+
+config:
+ userRootSecret: root
+# userCredentialsExternalSecret:
+ appUser: user
+ appRole: role
+ keyPrefix: key
+
+flavor: small
+resources:
+ small:
+ limits:
+ cpu: 100m
+ memory: 500Mi
+ requests:
+ cpu: 10m
+ memory: 10Mi
+ large:
+ limits:
+ cpu: 200m
+ memory: 500Mi
+ requests:
+ cpu: 20m
+ memory: 20Mi
+ unlimited: {}
diff --git a/kubernetes/common/etcd/templates/statefulset.yaml b/kubernetes/common/etcd/templates/statefulset.yaml
index a343d4fce5..48c8b6d0cc 100644
--- a/kubernetes/common/etcd/templates/statefulset.yaml
+++ b/kubernetes/common/etcd/templates/statefulset.yaml
@@ -49,7 +49,7 @@ spec:
{{ toYaml .Values.tolerations | indent 8 }}
{{- end }}
containers:
- - name: {{ include "common.fullname" . }}
+ - name: {{ include "common.name" . }}
image: {{ include "repositoryGenerator.googleK8sRepository" . }}/{{ .Values.image }}
imagePullPolicy: "{{ .Values.pullPolicy }}"
ports:
diff --git a/kubernetes/common/repositoryGenerator/templates/_repository.tpl b/kubernetes/common/repositoryGenerator/templates/_repository.tpl
index 91f21ab0c9..488db054a0 100644
--- a/kubernetes/common/repositoryGenerator/templates/_repository.tpl
+++ b/kubernetes/common/repositoryGenerator/templates/_repository.tpl
@@ -83,10 +83,6 @@
{{- include "repositoryGenerator.image._helper" (merge (dict "image" "curlImage") .) }}
{{- end -}}
-{{- define "repositoryGenerator.image.certserviceclient" -}}
- {{- include "repositoryGenerator.image._helper" (merge (dict "image" "certServiceClientImage") .) }}
-{{- end -}}
-
{{- define "repositoryGenerator.image.dcaepolicysync" -}}
{{- include "repositoryGenerator.image._helper" (merge (dict "image" "dcaePolicySyncImage") .) }}
{{- end -}}
@@ -143,7 +139,7 @@
{{/* Our version of helm doesn't support deepCopy so we need this nasty trick */}}
{{- $subchartDot := fromJson (include "common.subChartDot" (dict "dot" $dot "initRoot" $initRoot)) }}
{{- $repoCreds := "" }}
- {{- if $subchartDot.Values.global.dockerHubRepositoryCred }}
+ {{- if $subchartDot.Values.global.repositoryCred }}
{{- $repo := $subchartDot.Values.global.repository }}
{{- $cred := $subchartDot.Values.global.repositoryCred }}
{{- $mail := default "@" $cred.mail }}
diff --git a/kubernetes/common/repositoryGenerator/values.yaml b/kubernetes/common/repositoryGenerator/values.yaml
index 8a68f6dd9c..bf21e2da08 100644
--- a/kubernetes/common/repositoryGenerator/values.yaml
+++ b/kubernetes/common/repositoryGenerator/values.yaml
@@ -23,7 +23,6 @@ global:
# common global images
busyboxImage: busybox:1.32
curlImage: curlimages/curl:7.69.1
- certServiceClientImage: onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.3.3
envsubstImage: dibi/envsubst:1
# there's only latest image for htpasswd
htpasswdImage: xmartlabs/htpasswd:latest
@@ -56,7 +55,6 @@ global:
imageRepoMapping:
busyboxImage: dockerHubRepository
curlImage: dockerHubRepository
- certServiceClientImage: repository
envsubstImage: dockerHubRepository
htpasswdImage: dockerHubRepository
jreImage: repository