summaryrefslogtreecommitdiffstats
path: root/kubernetes/sdc
diff options
context:
space:
mode:
Diffstat (limited to 'kubernetes/sdc')
-rw-r--r--kubernetes/sdc/charts/sdc-dcae-be/templates/configmap.yaml5
-rw-r--r--kubernetes/sdc/charts/sdc-dcae-dt/templates/configmap.yaml5
-rw-r--r--kubernetes/sdc/charts/sdc-dcae-fe/templates/configmap.yaml5
-rw-r--r--kubernetes/sdc/charts/sdc-wfd-be/templates/_helper.tpl29
-rw-r--r--kubernetes/sdc/charts/sdc-wfd-be/templates/deployment.yaml23
-rw-r--r--kubernetes/sdc/charts/sdc-wfd-be/templates/job.yaml4
-rw-r--r--kubernetes/sdc/charts/sdc-wfd-be/values.yaml14
-rw-r--r--kubernetes/sdc/charts/sdc-wfd-fe/templates/ingress.yaml39
-rw-r--r--kubernetes/sdc/charts/sdc-wfd-fe/values.yaml9
9 files changed, 131 insertions, 2 deletions
diff --git a/kubernetes/sdc/charts/sdc-dcae-be/templates/configmap.yaml b/kubernetes/sdc/charts/sdc-dcae-be/templates/configmap.yaml
index 1d0751a01b..5c922783a4 100644
--- a/kubernetes/sdc/charts/sdc-dcae-be/templates/configmap.yaml
+++ b/kubernetes/sdc/charts/sdc-dcae-be/templates/configmap.yaml
@@ -17,5 +17,10 @@ kind: ConfigMap
metadata:
name: {{ include "common.fullname" . }}-logging-configmap
namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
data:
{{ tpl (.Files.Glob "resources/config/logging/*").AsConfig . | indent 2 }} \ No newline at end of file
diff --git a/kubernetes/sdc/charts/sdc-dcae-dt/templates/configmap.yaml b/kubernetes/sdc/charts/sdc-dcae-dt/templates/configmap.yaml
index 144bdb719f..a96f3c8902 100644
--- a/kubernetes/sdc/charts/sdc-dcae-dt/templates/configmap.yaml
+++ b/kubernetes/sdc/charts/sdc-dcae-dt/templates/configmap.yaml
@@ -17,5 +17,10 @@ kind: ConfigMap
metadata:
name: {{ include "common.fullname" . }}-logging-configmap
namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
data:
{{ tpl (.Files.Glob "resources/config/logging/*").AsConfig . | indent 2 }}
diff --git a/kubernetes/sdc/charts/sdc-dcae-fe/templates/configmap.yaml b/kubernetes/sdc/charts/sdc-dcae-fe/templates/configmap.yaml
index 144bdb719f..a96f3c8902 100644
--- a/kubernetes/sdc/charts/sdc-dcae-fe/templates/configmap.yaml
+++ b/kubernetes/sdc/charts/sdc-dcae-fe/templates/configmap.yaml
@@ -17,5 +17,10 @@ kind: ConfigMap
metadata:
name: {{ include "common.fullname" . }}-logging-configmap
namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
data:
{{ tpl (.Files.Glob "resources/config/logging/*").AsConfig . | indent 2 }}
diff --git a/kubernetes/sdc/charts/sdc-wfd-be/templates/_helper.tpl b/kubernetes/sdc/charts/sdc-wfd-be/templates/_helper.tpl
new file mode 100644
index 0000000000..c69fb7c81c
--- /dev/null
+++ b/kubernetes/sdc/charts/sdc-wfd-be/templates/_helper.tpl
@@ -0,0 +1,29 @@
+{{- define "sdc-wfd-be.volumes" }}
+ {{ if .Values.config.cassandraSSLEnabled }}
+ - name: {{ include "common.fullname" . }}-cassandra-client-truststore
+ hostPath:
+ path: /etc/cassandra-client-truststore/truststore
+ type: File
+ {{- end }}
+ {{ if .Values.config.serverSSLEnabled }}
+ - name: {{ include "common.fullname" . }}-server-https-keystore
+ hostPath:
+ path: /config/server-https-keystore/keystore
+ type: File
+ {{- end }}
+{{- end }}
+
+{{- define "sdc-wfd-be.volumeMounts" }}
+ {{ if .Values.config.cassandraSSLEnabled }}
+ - name: {{ include "common.fullname" . }}-cassandra-client-truststore
+ mountPath: /etc/cassandra-client-truststore/truststore
+ subPath: truststore
+ readOnly: true
+ {{- end }}
+ {{ if .Values.config.serverSSLEnabled }}
+ - name: {{ include "common.fullname" . }}-server-https-keystore
+ mountPath: /etc/server-https-keystore/keystore
+ subPath: keystore
+ readOnly: true
+ {{- end }}
+{{- end }} \ No newline at end of file
diff --git a/kubernetes/sdc/charts/sdc-wfd-be/templates/deployment.yaml b/kubernetes/sdc/charts/sdc-wfd-be/templates/deployment.yaml
index 50062a1b9b..bb96d342f7 100644
--- a/kubernetes/sdc/charts/sdc-wfd-be/templates/deployment.yaml
+++ b/kubernetes/sdc/charts/sdc-wfd-be/templates/deployment.yaml
@@ -32,6 +32,7 @@ spec:
release: {{ .Release.Name }}
spec:
initContainers:
+ {{- if .Values.initJob.enabled }}
- name: {{ include "common.name" . }}-job-completion
image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
imagePullPolicy: "{{ .Values.global.pullPolicy | default .Values.pullPolicy }}"
@@ -46,12 +47,14 @@ spec:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
+ {{ end }}
containers:
- name: {{ include "common.name" . }}
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
ports:
- containerPort: {{ .Values.service.internalPort }}
+ - containerPort: {{ .Values.service.internalPort2 }}
# disable liveness probe when breakpoints set in debugger
# so K8s doesn't restart unresponsive container
{{ if .Values.liveness.enabled }}
@@ -73,12 +76,20 @@ spec:
value: "{{ .Values.config.cassandraHosts }}"
- name: CS_PORT
value: "{{ .Values.config.cassandraClientPort }}"
+ - name: CS_AUTHENTICATE
+ value: "{{ .Values.config.cassandraAuthenticationEnabled }}"
- name: CS_USER
valueFrom:
secretKeyRef: {name: {{ .Release.Name }}-sdc-cs-secrets, key: sdc_user}
- name: CS_PASSWORD
valueFrom:
secretKeyRef: {name: {{ .Release.Name }}-sdc-cs-secrets, key: sdc_password}
+ - name: CS_SSL_ENABLED
+ value: "{{ .Values.config.cassandraSSLEnabled }}"
+ - name: CS_TRUST_STORE_PATH
+ value: "{{ .Values.config.cassandraTrustStorePath }}"
+ - name: CS_TRUST_STORE_PASSWORD
+ value: "{{ .Values.config.cassandraTrustStorePassword }}"
- name: SDC_PROTOCOL
value: "{{ .Values.config.sdcProtocol }}"
- name: SDC_ENDPOINT
@@ -87,5 +98,17 @@ spec:
value: "{{ .Values.config.sdcExternalUser }}"
- name: SDC_PASSWORD
value: "{{ .Values.config.sdcExternalUserPassword }}"
+ - name: SERVER_SSL_ENABLED
+ value: "{{ .Values.config.serverSSLEnabled }}"
+ - name: SERVER_SSL_KEYSTORE_TYPE
+ value: "{{ .Values.config.serverSSLKeyStoreType }}"
+ - name: SERVER_SSL_KEYSTORE_PATH
+ value: "{{ .Values.config.serverSSLKeyStorePath }}"
+ - name: SERVER_SSL_KEY_PASSWORD
+ value: "{{ .Values.config.serverSSLKeyPassword }}"
+ volumeMounts:
+ {{- template "sdc-wfd-be.volumeMounts" . }}
+ volumes:
+ {{- template "sdc-wfd-be.volumes" . }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/sdc/charts/sdc-wfd-be/templates/job.yaml b/kubernetes/sdc/charts/sdc-wfd-be/templates/job.yaml
index 2b142533c7..38f526d215 100644
--- a/kubernetes/sdc/charts/sdc-wfd-be/templates/job.yaml
+++ b/kubernetes/sdc/charts/sdc-wfd-be/templates/job.yaml
@@ -13,6 +13,7 @@
# See the License for the specific language governing permissions and
# limitations under the License.
+{{ if .Values.initJob.enabled }}
apiVersion: batch/v1
kind: Job
metadata:
@@ -57,7 +58,7 @@ spec:
- name: CS_PORT
value: "{{ .Values.config.cassandraThriftClientPort }}"
- name: CS_AUTHENTICATE
- value: "{{ .Values.config.cassandaAuthenticationEnabled }}"
+ value: "{{ .Values.config.cassandraAuthenticationEnabled }}"
- name: CS_USER
valueFrom:
secretKeyRef: {name: {{ .Release.Name }}-sdc-cs-secrets, key: sdc_user}
@@ -66,3 +67,4 @@ spec:
secretKeyRef: {name: {{ .Release.Name }}-sdc-cs-secrets, key: sdc_password}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
+{{ end }} \ No newline at end of file
diff --git a/kubernetes/sdc/charts/sdc-wfd-be/values.yaml b/kubernetes/sdc/charts/sdc-wfd-be/values.yaml
index 1e0ea51764..63554369ed 100644
--- a/kubernetes/sdc/charts/sdc-wfd-be/values.yaml
+++ b/kubernetes/sdc/charts/sdc-wfd-be/values.yaml
@@ -35,9 +35,12 @@ pullPolicy: Always
# flag to enable debugging - application support required
debugEnabled: false
+initJob:
+ enabled: true
+
config:
javaOptions: "-Xdebug -agentlib:jdwp=transport=dt_socket,address=7001,server=y,suspend=n -Xmx1536m -Xms1536m"
- cassandaAuthenticationEnabled: true
+ cassandraAuthenticationEnabled: true
cassandraHosts: sdc-cs
cassandraThriftClientPort: 9160
cassandraClientPort: 9042
@@ -45,6 +48,13 @@ config:
sdcEndpoint: sdc-be:8080
sdcExternalUser: workflow
sdcExternalUserPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
+ serverSSLEnabled: false
+ serverSSLKeyStoreType: jks
+ serverSSLKeyStorePath: /etc/server-https-keystore/keystore
+ serverSSLKeyPassword: password
+ cassandraSSLEnabled: false
+ cassandraTrustStorePath: /etc/cassandra-client-truststore/truststore
+ cassandraTrustStorePassword: password
# default number of instances
replicaCount: 1
@@ -69,6 +79,8 @@ service:
type: NodePort
internalPort: 8080
externalPort: 8080
+ internalPort2: 8443
+ externalPort2: 8443
portName: sdc-wfd-be
nodePort: "57"
diff --git a/kubernetes/sdc/charts/sdc-wfd-fe/templates/ingress.yaml b/kubernetes/sdc/charts/sdc-wfd-fe/templates/ingress.yaml
new file mode 100644
index 0000000000..d051eafead
--- /dev/null
+++ b/kubernetes/sdc/charts/sdc-wfd-fe/templates/ingress.yaml
@@ -0,0 +1,39 @@
+# Copyright © 2018 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+{{- if .Values.ingress.enabled }}
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+ name: {{ include "common.fullname" . }}-ingress
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+{{- with .Values.ingress.annotations }}
+ annotations:
+{{ toYaml . | indent 4 }}
+{{- end }}
+spec:
+ rules:
+ - http:
+ paths:
+ - path: /workflows/
+ backend:
+ serviceName: {{.Values.service.name}}
+ servicePort: {{.Values.service.internalPort}}
+{{ end }}
+
diff --git a/kubernetes/sdc/charts/sdc-wfd-fe/values.yaml b/kubernetes/sdc/charts/sdc-wfd-fe/values.yaml
index 8c002af181..d9b4dee17e 100644
--- a/kubernetes/sdc/charts/sdc-wfd-fe/values.yaml
+++ b/kubernetes/sdc/charts/sdc-wfd-fe/values.yaml
@@ -65,6 +65,15 @@ service:
ingress:
enabled: false
+ annotations:
+ ingress.kubernetes.io/secure-backends: "false"
+ nginx.ingress.kubernetes.io/secure-backends: "false"
+ nginx.ingress.kubernetes.io/proxy-body-size: "0"
+ nginx.ingress.kubernetes.io/ssl-redirect: "true"
+ nginx.ingress.kubernetes.io/backend-protocol: "HTTP"
+ nginx.ingress.kubernetes.io/rewrite-target: /workflows/
+ nginx.ingress.kubernetes.io/server-snippet: |
+ underscores_in_headers on;
resources: {}
# We usually recommend not to specify default resources and to leave this as a conscious