aboutsummaryrefslogtreecommitdiffstats
path: root/kubernetes/oof/components/oof-has/components/oof-has-api
diff options
context:
space:
mode:
Diffstat (limited to 'kubernetes/oof/components/oof-has/components/oof-has-api')
-rwxr-xr-xkubernetes/oof/components/oof-has/components/oof-has-api/Chart.yaml7
-rwxr-xr-xkubernetes/oof/components/oof-has/components/oof-has-api/templates/deployment.yaml83
-rwxr-xr-xkubernetes/oof/components/oof-has/components/oof-has-api/templates/service.yaml28
-rwxr-xr-xkubernetes/oof/components/oof-has/components/oof-has-api/values.yaml35
4 files changed, 19 insertions, 134 deletions
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-api/Chart.yaml b/kubernetes/oof/components/oof-has/components/oof-has-api/Chart.yaml
index 39d3f0c89f..a7a1d1f172 100755
--- a/kubernetes/oof/components/oof-has/components/oof-has-api/Chart.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-api/Chart.yaml
@@ -24,9 +24,6 @@ dependencies:
- name: common
version: ~12.x-0
repository: '@local'
- - name: certInitializer
- version: ~12.x-0
- repository: '@local'
- name: oof-templates
version: ~12.x-0
repository: 'file://../../../oof-templates'
@@ -36,3 +33,7 @@ dependencies:
- name: serviceAccount
version: ~12.x-0
repository: '@local'
+ - name: readinessCheck
+ version: ~12.x-0
+ repository: '@local'
+
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-api/templates/deployment.yaml b/kubernetes/oof/components/oof-has/components/oof-has-api/templates/deployment.yaml
index 4e38c830f0..10793cafc6 100755
--- a/kubernetes/oof/components/oof-has/components/oof-has-api/templates/deployment.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-api/templates/deployment.yaml
@@ -18,67 +18,15 @@
apiVersion: apps/v1
kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
+metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
spec:
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
+ selector: {{- include "common.selectors" . | nindent 4 }}
replicas: {{ .Values.replicaCount }}
template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
+ metadata: {{- include "common.templateMetadata" . | nindent 6 }}
spec:
initContainers:
- - name: {{ include "common.name" . }}-readiness
- command:
- - /app/ready.py
- args:
- - --container-name
- - oof-has-controller
- {{- if (include "common.needTLS" .) }}
- - --container-name
- - aaf-service
- {{- end }}
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- image: {{ include "repositoryGenerator.image.readiness" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-
- {{- if (include "common.needTLS" .) }}
- - name: {{ include "common.name" . }}-has-sms-readiness
- command:
- - sh
- - -c
- - resp="FAILURE";
- until [ $resp = "200" ]; do
- resp=$(curl -s -o /dev/null -k --write-out %{http_code} https://aaf-sms.{{ include "common.namespace" . }}:10443/v1/sms/domain/has/secret);
- echo $resp;
- sleep 2;
- done
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- image: {{ include "repositoryGenerator.image.curl" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- {{- end }}
-{{ include "common.certInitializer.initContainer" . | indent 6 }}
-
+ {{ include "common.readinessCheck.waitFor" . | nindent 6 }}
containers:
- name: {{ include "common.name" . }}
image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.image.optf_has }}
@@ -112,11 +60,6 @@ spec:
- mountPath: /usr/local/bin/log.conf
name: {{ .Values.global.commonConfigPrefix }}-config
subPath: log.conf
- {{- if (include "common.needTLS" .) }}
- - mountPath: /usr/local/bin/AAF_RootCA.cer
- name: {{ include "common.fullname" . }}-onap-certs
- subPath: aaf_root_ca.cer
- {{- end }}
resources:
{{ include "common.resources" . | indent 12 }}
- name: {{ include "common.name" . }}-nginx
@@ -127,13 +70,10 @@ spec:
args:
- "-c"
- |
- {{- if (include "common.needTLS" .) }}
- grep -v '^$' /opt/bitnami/nginx/ssl/local/org.onap.oof.crt > /tmp/oof.crt
- cat /tmp/oof.crt /tmp/intermediate_root_ca.pem /tmp/AAF_RootCA.cer >> /opt/bitnami/nginx/org.onap.oof.crt
- {{- end }}
/opt/bitnami/scripts/nginx/entrypoint.sh /opt/bitnami/scripts/nginx/run.sh
ports:
- containerPort: {{ .Values.service.internalPort }}
+ name: http
{{- if .Values.liveness.enabled }}
livenessProbe:
tcpSocket:
@@ -147,21 +87,12 @@ spec:
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
volumeMounts:
-{{ include "common.certInitializer.volumeMount" . | indent 10 }}
- mountPath: /etc/localtime
name: localtime
readOnly: true
- mountPath: /opt/bitnami/nginx/conf/nginx.conf
name: {{ .Values.global.commonConfigPrefix }}-config
subPath: nginx.conf
- {{- if (include "common.needTLS" .) }}
- - mountPath: /tmp/AAF_RootCA.cer
- name: {{ include "common.fullname" . }}-onap-certs
- subPath: aaf_root_ca.cer
- - mountPath: /tmp/intermediate_root_ca.pem
- name: {{ include "common.fullname" . }}-onap-certs
- subPath: intermediate_root_ca.pem
- {{- end }}
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
@@ -174,7 +105,6 @@ spec:
{{- end }}
serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes:
- {{ include "common.certInitializer.volumes" . | nindent 8 }}
- name: localtime
hostPath:
path: /etc/localtime
@@ -188,8 +118,5 @@ spec:
path: conductor.conf
- key: log.conf
path: log.conf
-{{- if (include "common.needTLS" .) }}
-{{ include "oof.certificate.volume" . | indent 8 }}
-{{- end }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-api/templates/service.yaml b/kubernetes/oof/components/oof-has/components/oof-has-api/templates/service.yaml
index f13e7cea9b..b77b592c08 100755
--- a/kubernetes/oof/components/oof-has/components/oof-has-api/templates/service.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-api/templates/service.yaml
@@ -1,6 +1,7 @@
{{/*
# Copyright © 2017 Amdocs, Bell Canada
# Modifications Copyright © 2018 AT&T,VMware
+# Modifications Copyright © 2023 Deutsche Telekom
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -15,29 +16,4 @@
# limitations under the License.
*/}}
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "common.servicename" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
- annotations:
-spec:
- type: {{ .Values.service.type }}
- ports:
- {{if eq .Values.service.type "NodePort" -}}
- - port: {{ .Values.service.externalPort }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
- {{- else -}}
- - port: {{ .Values.service.externalPort }}
- targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
- {{- end}}
- selector:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
+{{ include "common.service" . }}
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-api/values.yaml b/kubernetes/oof/components/oof-has/components/oof-has-api/values.yaml
index c850cb7752..8b2ebdd23c 100755
--- a/kubernetes/oof/components/oof-has/components/oof-has-api/values.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-api/values.yaml
@@ -22,10 +22,6 @@ global: # global defaults
# secrets metaconfig
#################################################################
secrets:
- - uid: oof-onap-certs
- externalSecret: '{{ tpl (default "" .Values.certSecret) . }}'
- type: generic
- filePaths: '{{ .Values.secretsFilePaths }}'
- uid: oof-has-etcd-secret
name: &user-creds '{{ include "common.release" . }}-oof-has-etcd-secret'
type: basicAuth
@@ -42,16 +38,15 @@ config:
service:
type: NodePort
name: oof-has-api
- externalPort: 8091
internalPort: 8091
- nodePort: 75
- portName: http
+ ports:
+ - name: http
+ port: 8091
+ nodePort: '75'
#backend container info
uwsgi:
internalPort: 8080
-ingress:
- enabled: false
replicaCount: 1
nodeSelector: {}
affinity: {}
@@ -85,24 +80,6 @@ readiness:
initialDelaySeconds: 10
periodSeconds: 10
-#sub-charts configuration
-certInitializer:
- nameOverride: oof-has-cert-initializer
- fqdn: "oof.onap"
- app_ns: "org.osaaf.aaf"
- fqi: "oof@oof.onap.org"
- fqi_namespace: org.onap.oof
- public_fqdn: "oof.onap.org"
- aafDeployFqi: "deployer@people.osaaf.org"
- aafDeployPass: demo123456!
- cadi_latitude: "0.0"
- cadi_longitude: "0.0"
- credsPath: /opt/app/osaaf/local
- appMountPath: /opt/bitnami/nginx/ssl
- aaf_add_config: >
- chmod 444 {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.key;
-
-
ingress:
enabled: false
service:
@@ -112,6 +89,10 @@ ingress:
config:
ssl: "redirect"
+readinessCheck:
+ wait_for:
+ - oof-has-controller
+
#Pods Service Account
serviceAccount:
nameOverride: oof-has-api