diff options
Diffstat (limited to 'kubernetes/sdc/charts/sdc-wfd-be')
4 files changed, 68 insertions, 2 deletions
diff --git a/kubernetes/sdc/charts/sdc-wfd-be/templates/_helper.tpl b/kubernetes/sdc/charts/sdc-wfd-be/templates/_helper.tpl new file mode 100644 index 0000000000..c69fb7c81c --- /dev/null +++ b/kubernetes/sdc/charts/sdc-wfd-be/templates/_helper.tpl @@ -0,0 +1,29 @@ +{{- define "sdc-wfd-be.volumes" }} + {{ if .Values.config.cassandraSSLEnabled }} + - name: {{ include "common.fullname" . }}-cassandra-client-truststore + hostPath: + path: /etc/cassandra-client-truststore/truststore + type: File + {{- end }} + {{ if .Values.config.serverSSLEnabled }} + - name: {{ include "common.fullname" . }}-server-https-keystore + hostPath: + path: /config/server-https-keystore/keystore + type: File + {{- end }} +{{- end }} + +{{- define "sdc-wfd-be.volumeMounts" }} + {{ if .Values.config.cassandraSSLEnabled }} + - name: {{ include "common.fullname" . }}-cassandra-client-truststore + mountPath: /etc/cassandra-client-truststore/truststore + subPath: truststore + readOnly: true + {{- end }} + {{ if .Values.config.serverSSLEnabled }} + - name: {{ include "common.fullname" . }}-server-https-keystore + mountPath: /etc/server-https-keystore/keystore + subPath: keystore + readOnly: true + {{- end }} +{{- end }}
\ No newline at end of file diff --git a/kubernetes/sdc/charts/sdc-wfd-be/templates/deployment.yaml b/kubernetes/sdc/charts/sdc-wfd-be/templates/deployment.yaml index 50062a1b9b..bb96d342f7 100644 --- a/kubernetes/sdc/charts/sdc-wfd-be/templates/deployment.yaml +++ b/kubernetes/sdc/charts/sdc-wfd-be/templates/deployment.yaml @@ -32,6 +32,7 @@ spec: release: {{ .Release.Name }} spec: initContainers: + {{- if .Values.initJob.enabled }} - name: {{ include "common.name" . }}-job-completion image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: "{{ .Values.global.pullPolicy | default .Values.pullPolicy }}" @@ -46,12 +47,14 @@ spec: fieldRef: apiVersion: v1 fieldPath: metadata.namespace + {{ end }} containers: - name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} ports: - containerPort: {{ .Values.service.internalPort }} + - containerPort: {{ .Values.service.internalPort2 }} # disable liveness probe when breakpoints set in debugger # so K8s doesn't restart unresponsive container {{ if .Values.liveness.enabled }} @@ -73,12 +76,20 @@ spec: value: "{{ .Values.config.cassandraHosts }}" - name: CS_PORT value: "{{ .Values.config.cassandraClientPort }}" + - name: CS_AUTHENTICATE + value: "{{ .Values.config.cassandraAuthenticationEnabled }}" - name: CS_USER valueFrom: secretKeyRef: {name: {{ .Release.Name }}-sdc-cs-secrets, key: sdc_user} - name: CS_PASSWORD valueFrom: secretKeyRef: {name: {{ .Release.Name }}-sdc-cs-secrets, key: sdc_password} + - name: CS_SSL_ENABLED + value: "{{ .Values.config.cassandraSSLEnabled }}" + - name: CS_TRUST_STORE_PATH + value: "{{ .Values.config.cassandraTrustStorePath }}" + - name: CS_TRUST_STORE_PASSWORD + value: "{{ .Values.config.cassandraTrustStorePassword }}" - name: SDC_PROTOCOL value: "{{ .Values.config.sdcProtocol }}" - name: SDC_ENDPOINT @@ -87,5 +98,17 @@ spec: value: "{{ .Values.config.sdcExternalUser }}" - name: SDC_PASSWORD value: "{{ .Values.config.sdcExternalUserPassword }}" + - name: SERVER_SSL_ENABLED + value: "{{ .Values.config.serverSSLEnabled }}" + - name: SERVER_SSL_KEYSTORE_TYPE + value: "{{ .Values.config.serverSSLKeyStoreType }}" + - name: SERVER_SSL_KEYSTORE_PATH + value: "{{ .Values.config.serverSSLKeyStorePath }}" + - name: SERVER_SSL_KEY_PASSWORD + value: "{{ .Values.config.serverSSLKeyPassword }}" + volumeMounts: + {{- template "sdc-wfd-be.volumeMounts" . }} + volumes: + {{- template "sdc-wfd-be.volumes" . }} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/sdc/charts/sdc-wfd-be/templates/job.yaml b/kubernetes/sdc/charts/sdc-wfd-be/templates/job.yaml index 2b142533c7..38f526d215 100644 --- a/kubernetes/sdc/charts/sdc-wfd-be/templates/job.yaml +++ b/kubernetes/sdc/charts/sdc-wfd-be/templates/job.yaml @@ -13,6 +13,7 @@ # See the License for the specific language governing permissions and # limitations under the License. +{{ if .Values.initJob.enabled }} apiVersion: batch/v1 kind: Job metadata: @@ -57,7 +58,7 @@ spec: - name: CS_PORT value: "{{ .Values.config.cassandraThriftClientPort }}" - name: CS_AUTHENTICATE - value: "{{ .Values.config.cassandaAuthenticationEnabled }}" + value: "{{ .Values.config.cassandraAuthenticationEnabled }}" - name: CS_USER valueFrom: secretKeyRef: {name: {{ .Release.Name }}-sdc-cs-secrets, key: sdc_user} @@ -66,3 +67,4 @@ spec: secretKeyRef: {name: {{ .Release.Name }}-sdc-cs-secrets, key: sdc_password} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" +{{ end }}
\ No newline at end of file diff --git a/kubernetes/sdc/charts/sdc-wfd-be/values.yaml b/kubernetes/sdc/charts/sdc-wfd-be/values.yaml index 1e0ea51764..63554369ed 100644 --- a/kubernetes/sdc/charts/sdc-wfd-be/values.yaml +++ b/kubernetes/sdc/charts/sdc-wfd-be/values.yaml @@ -35,9 +35,12 @@ pullPolicy: Always # flag to enable debugging - application support required debugEnabled: false +initJob: + enabled: true + config: javaOptions: "-Xdebug -agentlib:jdwp=transport=dt_socket,address=7001,server=y,suspend=n -Xmx1536m -Xms1536m" - cassandaAuthenticationEnabled: true + cassandraAuthenticationEnabled: true cassandraHosts: sdc-cs cassandraThriftClientPort: 9160 cassandraClientPort: 9042 @@ -45,6 +48,13 @@ config: sdcEndpoint: sdc-be:8080 sdcExternalUser: workflow sdcExternalUserPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U + serverSSLEnabled: false + serverSSLKeyStoreType: jks + serverSSLKeyStorePath: /etc/server-https-keystore/keystore + serverSSLKeyPassword: password + cassandraSSLEnabled: false + cassandraTrustStorePath: /etc/cassandra-client-truststore/truststore + cassandraTrustStorePassword: password # default number of instances replicaCount: 1 @@ -69,6 +79,8 @@ service: type: NodePort internalPort: 8080 externalPort: 8080 + internalPort2: 8443 + externalPort2: 8443 portName: sdc-wfd-be nodePort: "57" |