diff options
Diffstat (limited to 'kubernetes/dcaemod/components/dcaemod-nifi-registry/templates/deployment.yaml')
-rw-r--r-- | kubernetes/dcaemod/components/dcaemod-nifi-registry/templates/deployment.yaml | 75 |
1 files changed, 75 insertions, 0 deletions
diff --git a/kubernetes/dcaemod/components/dcaemod-nifi-registry/templates/deployment.yaml b/kubernetes/dcaemod/components/dcaemod-nifi-registry/templates/deployment.yaml new file mode 100644 index 0000000000..7ba2a1202d --- /dev/null +++ b/kubernetes/dcaemod/components/dcaemod-nifi-registry/templates/deployment.yaml @@ -0,0 +1,75 @@ +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2019-2020 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +apiVersion: apps/v1 +kind: Deployment +metadata: {{- include "common.resourceMetadata" . | nindent 2 }} +spec: + replicas: 1 + selector: {{- include "common.selectors" . | nindent 4 }} + template: + metadata: {{- include "common.templateMetadata" . | nindent 6 }} + spec: + initContainers: + # nifi-registry app runs as user "nifi", uid 1000, group "nifi", gid 1000 + # the volume is mounted with root permissions + # this initContainer changes ownership to uid 1000 gid 1000 + # (tried using a securityContext in the pod spec, but it didn't seem to work) + - name: set-permissions + image: busybox:latest + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - sh + - -c + - chown -R 1000:1000 /opt/nifi-registry/nifi-registry-0.4.0/flow_storage + volumeMounts: + - mountPath: /opt/nifi-registry/nifi-registry-0.4.0/flow_storage + name: flow-storage + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: {{ include "common.containerPorts" . | nindent 12 }} + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.liveness.port }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end }} + readinessProbe: + tcpSocket: + port: {{ .Values.readiness.port }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + volumeMounts: + - mountPath: /opt/nifi-registry/nifi-registry-0.4.0/flow_storage + name: flow-storage + resources: {{ include "common.resources" . | nindent 12 }} + env: + - name: NIFI_REGISTRY_DB_URL + value: {{ .Values.config.dbURL }} + - name: NIFI_REGISTRY_DB_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dbsecret" "key" "login") | indent 12 }} + - name: NIFI_REGISTRY_DB_PASS + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dbsecret" "key" "password") | indent 12 }} + volumes: + - name: flow-storage + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" |