diff options
Diffstat (limited to 'kubernetes/nbi/templates/deployment.yaml')
-rw-r--r-- | kubernetes/nbi/templates/deployment.yaml | 42 |
1 files changed, 34 insertions, 8 deletions
diff --git a/kubernetes/nbi/templates/deployment.yaml b/kubernetes/nbi/templates/deployment.yaml index 528a3f7e76..3283239100 100644 --- a/kubernetes/nbi/templates/deployment.yaml +++ b/kubernetes/nbi/templates/deployment.yaml @@ -32,6 +32,9 @@ spec: release: {{ include "common.release" . }} name: {{ include "common.fullname" . }} spec: +{{- if .Values.global.aafEnabled }} + initContainers: {{ include "common.aaf-config" . | nindent 6 }} +{{- end }} containers: - name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" @@ -40,16 +43,39 @@ spec: - containerPort: {{ .Values.service.internalPort }} # disable liveness probe when breakpoints set in debugger # so K8s doesn't restart unresponsive container + {{- if .Values.global.aafEnabled }} + command: + - bash + args: + - -c + - | + export $(grep '^c' {{ .Values.aafConfig.credsPath }}/mycreds.prop | xargs -0) + export JAVA_OPTS="-Djavax.net.ssl.trustStorePassword=$cadi_truststore_password \ + -Dserver.ssl.key-store={{ .Values.aafConfig.credsPath }}/org.onap.nbi.p12 \ + -Dserver.ssl.key-store-type=PKCS12 \ + -Djavax.net.ssl.trustStore={{ .Values.aafConfig.credsPath }}/org.onap.nbi.trust.jks \ + -Dserver.ssl.key-store-password=$cadi_keystore_password_p12 \ + -Djavax.net.ssl.trustStoreType=jks\ + -Djava.security.egd=file:/dev/./urandom -Dserver.port=8443" + {{- if eq "DEBUG" .Values.config.loglevel }} + export JAVA_DEBUG="-Djavax.net.debug=all" + {{- end }} + exec java -XX:+UseContainerSupport $JAVA_DEBUG $JAVA_OPTS -jar /opt/onap/app.jar + {{- end }} {{ if .Values.liveness.enabled }} livenessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} + httpGet: + port: {{ .Values.liveness.port }} + path: {{ .Values.liveness.path }} + scheme: HTTPS initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} {{ end }} readinessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} + httpGet: + port: {{ .Values.readiness.port }} + path: {{ .Values.readiness.path }} + scheme: HTTPS initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} env: @@ -72,7 +98,7 @@ spec: - name: ONAP_CLOUDOWNER value: {{ .Values.config.cloudOwner }} - name: NBI_URL - value: "http://nbi.{{ include "common.namespace" . }}:8080/nbi/api/v4" + value: "https://nbi.{{ include "common.namespace" . }}:8443/nbi/api/v4" - name: SDC_HOST value: "https://sdc-be.{{ include "common.namespace" . }}:8443" - name: SDC_HEADER_ECOMPINSTANCEID @@ -90,7 +116,7 @@ spec: value: {{ .Values.so_authorization }} {{- end }} - name: DMAAP_HOST - value: "https://message-router.{{ include "common.namespace" . }}:3905" + value: "http://message-router.{{ include "common.namespace" . }}:3904" - name: LOGGING_LEVEL_ORG_ONAP_NBI value: {{ .Values.config.loglevel }} - name: MSB_ENABLED @@ -99,7 +125,7 @@ spec: value: "msb-discovery.{{ include "common.namespace" . }}" - name: MSB_DISCOVERY_PORT value: "10081" - volumeMounts: + volumeMounts: {{ include "common.aaf-config-volume-mountpath" . | nindent 12 }} - mountPath: /etc/localtime name: localtime readOnly: true @@ -125,7 +151,7 @@ spec: # name: esr-server-logs # - mountPath: /usr/share/filebeat/data # name: esr-server-filebeat - volumes: + volumes: {{ include "common.aaf-config-volumes" . | nindent 8 }} - name: localtime hostPath: path: /etc/localtime |