diff options
Diffstat (limited to 'kubernetes/policy')
12 files changed, 124 insertions, 11 deletions
diff --git a/kubernetes/policy/charts/drools/charts/nexus/templates/deployment.yaml b/kubernetes/policy/charts/drools/charts/nexus/templates/deployment.yaml index c4cc253b7f..c59ed08f3f 100644 --- a/kubernetes/policy/charts/drools/charts/nexus/templates/deployment.yaml +++ b/kubernetes/policy/charts/drools/charts/nexus/templates/deployment.yaml @@ -30,6 +30,14 @@ spec: app: {{ include "common.name" . }} release: {{ .Release.Name }} spec: + initContainers: + - command: ["sh", "-c", "chown -R 200:200 /share"] + image: "{{ .Values.global.ubuntuInitRepository }}/{{ .Values.global.ubuntuInitImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-init + volumeMounts: + - mountPath: /share + name: nexus-data containers: - name: {{ include "common.name" . }} image: "{{ .Values.global.repository | default .Values.repository }}/{{ .Values.image }}" @@ -53,6 +61,8 @@ spec: - mountPath: /etc/localtime name: localtime readOnly: true + - mountPath: /sonatype-work + name: nexus-data resources: {{ toYaml .Values.resources | indent 12 }} {{- if .Values.nodeSelector }} @@ -67,5 +77,12 @@ spec: - name: localtime hostPath: path: /etc/localtime + - name: nexus-data + {{- if .Values.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }} + {{- else }} + emptyDir: {} + {{- end }} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/policy/charts/drools/charts/nexus/templates/pv.yaml b/kubernetes/policy/charts/drools/charts/nexus/templates/pv.yaml new file mode 100644 index 0000000000..8be3d4c9cb --- /dev/null +++ b/kubernetes/policy/charts/drools/charts/nexus/templates/pv.yaml @@ -0,0 +1,37 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} +spec: + capacity: + storage: {{ .Values.persistence.size }} + accessModes: + - {{ .Values.persistence.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Namespace }}/{{ .Values.persistence.mountSubPath }} +{{- end -}} diff --git a/kubernetes/policy/charts/drools/charts/nexus/templates/pvc.yaml b/kubernetes/policy/charts/drools/charts/nexus/templates/pvc.yaml new file mode 100644 index 0000000000..e27c3311e9 --- /dev/null +++ b/kubernetes/policy/charts/drools/charts/nexus/templates/pvc.yaml @@ -0,0 +1,48 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + selector: + matchLabels: + name: {{ include "common.fullname" . }} + accessModes: + - {{ .Values.persistence.accessMode }} + resources: + requests: + storage: {{ .Values.persistence.size }} +{{- if .Values.persistence.storageClass }} +{{- if (eq "-" .Values.persistence.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.storageClass }}" +{{- end }} +{{- end }} +{{- end -}} diff --git a/kubernetes/policy/charts/drools/charts/nexus/values.yaml b/kubernetes/policy/charts/drools/charts/nexus/values.yaml index 250f0a70f8..667987640b 100644 --- a/kubernetes/policy/charts/drools/charts/nexus/values.yaml +++ b/kubernetes/policy/charts/drools/charts/nexus/values.yaml @@ -20,6 +20,9 @@ global: repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== readinessRepository: oomk8s readinessImage: readiness-check:2.0.0 + ubuntuInitRepository: oomk8s + ubuntuInitImage: ubuntu-init:1.0.0 + persistence: {} ################################################################# # Application configuration defaults. @@ -64,6 +67,15 @@ service: ingress: enabled: false +## Persist data to a persitent volume +persistence: + enabled: true + volumeReclaimPolicy: Retain + accessMode: ReadWriteMany + size: 2Gi + mountPath: /dockerdata-nfs + mountSubPath: nexus/data + resources: {} # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little diff --git a/kubernetes/policy/charts/drools/templates/statefulset.yaml b/kubernetes/policy/charts/drools/templates/statefulset.yaml index 7a616d71e6..5dd49edfec 100644 --- a/kubernetes/policy/charts/drools/templates/statefulset.yaml +++ b/kubernetes/policy/charts/drools/templates/statefulset.yaml @@ -23,7 +23,7 @@ metadata: release: {{ .Release.Name }} heritage: {{ .Release.Service }} spec: - serviceName: {{ include "common.fullname" . }} + serviceName: {{ include "common.servicename" . }} replicas: {{ .Values.replicaCount }} selector: matchLabels: diff --git a/kubernetes/policy/charts/pdp/resources/config/pe/pdp.conf b/kubernetes/policy/charts/pdp/resources/config/pe/pdp.conf index 48fafcb45f..7b13116e34 100644 --- a/kubernetes/policy/charts/pdp/resources/config/pe/pdp.conf +++ b/kubernetes/policy/charts/pdp/resources/config/pe/pdp.conf @@ -30,7 +30,7 @@ TOMCAT_X_MX_MB=1024 UEB_CLUSTER=message-router REST_PAP_URL=http://{{ .Values.global.pap.nameOverride }}:{{.Values.config.papPort}}/pap/ -REST_PDP_ID=http://{{ include "common.fullname" . }}:{{.Values.service.externalPort}}/pdp/ +REST_PDP_ID=http://{{ include "common.servicename" . }}:{{.Values.service.externalPort}}/pdp/ REST_PDP_CONFIG=/opt/app/policy/servers/pdp/bin/config REST_PDP_WEBAPPS=/opt/app/policy/servers/pdp/webapps REST_PDP_REGISTER=true diff --git a/kubernetes/policy/charts/pdp/resources/config/pe/pdplp.conf b/kubernetes/policy/charts/pdp/resources/config/pe/pdplp.conf index 2021c09439..f5f4060aad 100644 --- a/kubernetes/policy/charts/pdp/resources/config/pe/pdplp.conf +++ b/kubernetes/policy/charts/pdp/resources/config/pe/pdplp.conf @@ -17,7 +17,7 @@ LOGPARSER_JMX_PORT=9997 LOGPARSER_X_MS_MB=1024 LOGPARSER_X_MX_MB=1024 -SERVER=http://{{ include "common.fullname" . }}:{{.Values.service.externalPort}}/pdp/ +SERVER=http://{{ include "common.servicename" . }}:{{.Values.service.externalPort}}/pdp/ LOGPATH=/opt/app/policy/servers/pdp/logs/pdp-rest.log PARSERLOGPATH=IntegrityMonitor.log diff --git a/kubernetes/policy/charts/pdp/templates/service.yaml b/kubernetes/policy/charts/pdp/templates/service.yaml index fc608d5ab8..d44fbb9f28 100644 --- a/kubernetes/policy/charts/pdp/templates/service.yaml +++ b/kubernetes/policy/charts/pdp/templates/service.yaml @@ -49,3 +49,4 @@ spec: app: {{ include "common.name" . }} release: {{ .Release.Name }} sessionAffinity: None + clusterIP: None diff --git a/kubernetes/policy/charts/pdp/templates/statefulset.yaml b/kubernetes/policy/charts/pdp/templates/statefulset.yaml index d09c446381..29ded61ffa 100644 --- a/kubernetes/policy/charts/pdp/templates/statefulset.yaml +++ b/kubernetes/policy/charts/pdp/templates/statefulset.yaml @@ -23,7 +23,7 @@ metadata: release: {{ .Release.Name }} heritage: {{ .Release.Service }} spec: - serviceName: {{ include "common.fullname" . }} + serviceName: {{ include "common.servicename" . }} replicas: {{ .Values.replicaCount }} selector: matchLabels: diff --git a/kubernetes/policy/charts/pdp/values.yaml b/kubernetes/policy/charts/pdp/values.yaml index 4f63e3222f..3287c9f321 100644 --- a/kubernetes/policy/charts/pdp/values.yaml +++ b/kubernetes/policy/charts/pdp/values.yaml @@ -58,13 +58,11 @@ readiness: periodSeconds: 10 service: - type: NodePort + type: ClusterIP name: pdp portName: pdp + internalPort: 8081 externalPort: 8081 - #Example internal target port if required - #internalPort: <80> - nodePort: 20 ingress: enabled: false diff --git a/kubernetes/policy/resources/config/pe/pap.conf b/kubernetes/policy/resources/config/pe/pap.conf index 768ebc9d23..39199d7f1a 100644 --- a/kubernetes/policy/resources/config/pe/pap.conf +++ b/kubernetes/policy/resources/config/pe/pap.conf @@ -28,7 +28,7 @@ TOMCAT_X_MX_MB=1024 # pap properties PAP_PDPS=/opt/app/policy/servers/pap/bin/pdps -PAP_URL=http://{{ include "common.fullname" . }}:{{.Values.service.externalPort2}}/pap/ +PAP_URL=http://{{ include "common.servicename" . }}:{{.Values.service.externalPort2}}/pap/ PAP_INITIATE_PDP=true PAP_HEARTBEAT_INTERVAL=10000 @@ -39,7 +39,7 @@ REST_ADMIN_REPOSITORY=repository REST_ADMIN_WORKSPACE=workspace # PDP related properties -PAP_PDP_URL=http://{{ .Release.Name }}-{{ .Values.global.pdp.nameOverride }}-0.{{ .Release.Name }}-{{ .Values.global.pdp.nameOverride }}:{{ .Values.config.pdpPort }}/pdp/,http://{{ .Release.Name }}-{{ .Values.global.pdp.nameOverride }}-1.{{ .Release.Name }}-{{ .Values.global.pdp.nameOverride }}:{{ .Values.config.pdpPort }}/pdp/ +PAP_PDP_URL=http://{{ .Release.Name }}-{{ .Values.global.pdp.nameOverride }}-0.{{ .Values.global.pdp.nameOverride }}:{{ .Values.config.pdpPort }}/pdp/,http://{{ .Release.Name }}-{{ .Values.global.pdp.nameOverride }}-1.{{ .Values.global.pdp.nameOverride }}:{{ .Values.config.pdpPort }}/pdp/ PAP_PDP_HTTP_USER_ID=testpdp PAP_PDP_HTTP_PASSWORD=alpha123 diff --git a/kubernetes/policy/resources/config/pe/paplp.conf b/kubernetes/policy/resources/config/pe/paplp.conf index 430feb4064..205497c35d 100644 --- a/kubernetes/policy/resources/config/pe/paplp.conf +++ b/kubernetes/policy/resources/config/pe/paplp.conf @@ -17,7 +17,7 @@ LOGPARSER_JMX_PORT=9996 LOGPARSER_X_MS_MB=1024 LOGPARSER_X_MX_MB=1024 -SERVER=http://{{ include "common.fullname" . }}:{{.Values.service.externalPort2}}/pap/ +SERVER=http://{{ include "common.servicename" . }}:{{.Values.service.externalPort2}}/pap/ LOGPATH=/opt/app/policy/servers/pap/logs/pap-rest.log PARSERLOGPATH=IntegrityMonitor.log |