diff options
Diffstat (limited to 'kubernetes/sdnc/templates')
-rwxr-xr-x | kubernetes/sdnc/templates/job.yaml | 6 | ||||
-rwxr-xr-x | kubernetes/sdnc/templates/sdnrdb-init-job.yaml | 104 | ||||
-rw-r--r-- | kubernetes/sdnc/templates/secrets.yaml | 1 | ||||
-rw-r--r-- | kubernetes/sdnc/templates/service.yaml | 16 | ||||
-rw-r--r-- | kubernetes/sdnc/templates/statefulset.yaml | 128 |
5 files changed, 225 insertions, 30 deletions
diff --git a/kubernetes/sdnc/templates/job.yaml b/kubernetes/sdnc/templates/job.yaml index bce94f3008..e0f0e55252 100755 --- a/kubernetes/sdnc/templates/job.yaml +++ b/kubernetes/sdnc/templates/job.yaml @@ -1,3 +1,4 @@ +{{- if .Values.dgbuilder.enabled -}} {{/* # Copyright © 2017 Amdocs, Bell Canada, AT&T # @@ -81,7 +82,7 @@ spec: - name: {{ include "common.name" . }}-readiness command: - - /root/ready.py + - /app/ready.py args: - --container-name - {{ include "common.mariadbService" . }} @@ -91,7 +92,7 @@ spec: fieldRef: apiVersion: v1 fieldPath: metadata.namespace - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} containers: - name: {{ include "common.name" . }} @@ -165,3 +166,4 @@ spec: restartPolicy: Never imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" +{{- end -}} diff --git a/kubernetes/sdnc/templates/sdnrdb-init-job.yaml b/kubernetes/sdnc/templates/sdnrdb-init-job.yaml new file mode 100755 index 0000000000..7975b70ed2 --- /dev/null +++ b/kubernetes/sdnc/templates/sdnrdb-init-job.yaml @@ -0,0 +1,104 @@ +{{/* +# Copyright © 2020 highstreet technologies GmbH +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} +{{ if .Values.config.sdnr.enabled -}} +apiVersion: batch/v1 +kind: Job +metadata: {{- include "common.resourceMetadata" (dict "suffix" "sdnrdb-init-job" "dot" . ) | nindent 2 }} +spec: + backoffLimit: 20 + template: + metadata: {{ include "common.templateMetadata" . | indent 6}} + spec: + initContainers: + {{ include "common.certInitializer.initContainer" . | indent 6 }} + {{ if .Values.global.aafEnabled }} + - name: {{ include "common.name" . }}-chown + image: {{ .Values.global.busyboxRepository | default .Values.busyboxRepository }}/{{ .Values.global.busyboxImage | default .Values.busyboxImage }} + command: ["sh", "-c", "chown -R {{ .Values.config.odlUid }}:{{ .Values.config.odlGid}} {{ .Values.certInitializer.credsPath }}"] + volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }} + {{ end }} + - name: {{ include "common.name" . }}-readiness + command: + - /app/ready.py + args: + - --container-name + - {{.Values.elasticsearch.nameOverride}}-elasticsearch + - --container-name + - {{.Values.elasticsearch.nameOverride}}-nginx + - --container-name + - {{.Values.elasticsearch.nameOverride}}-master + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + containers: + - name: {{ include "common.name" . }}-sdnrdb-init-job + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: ["/bin/bash"] + args: ["-c", "{{ .Values.config.binDir }}/startODL.sh"] + env: + - name: SDNC_AAF_ENABLED + value: "{{ .Values.global.aafEnabled}}" + - name: SDNC_HOME + value: "{{.Values.config.sdncHome}}" + - name: ETC_DIR + value: "{{.Values.config.etcDir}}" + - name: BIN_DIR + value: "{{.Values.config.binDir}}" + ## start sdnrdb parameter + - name: SDNRINIT + value: "true" + - name: SDNRDBURL + {{ if .Values.global.aafEnabled -}} + value: "https://{{ .Values.elasticsearch.service.name | default "sdnrdb"}}.{{.Release.Namespace}}:{{.Values.elasticsearch.service.port | default "9200"}}" + {{- else -}} + value: "http://{{ .Values.elasticsearch.service.name | default "sdnrdb"}}.{{.Release.Namespace}}:{{.Values.elasticsearch.service.port | default "9200"}}" + {{- end }} + - name: SDNRDBPARAMETER + value: "-k" + volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }} + resources: {{ include "common.resources" . | nindent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: {{ toYaml .Values.nodeSelector | nindent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: {{ toYaml .Values.affinity | nindent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: docker-entrypoint-initdb-d + emptyDir: {} + - name: bin + configMap: + name: {{ include "common.fullname" . }}-bin + defaultMode: 0755 + - name: properties + configMap: + name: {{ include "common.fullname" . }}-properties + defaultMode: 0644 +{{ include "common.certInitializer.volumes" . | nindent 6 }} + restartPolicy: Never + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" + +{{ end -}} diff --git a/kubernetes/sdnc/templates/secrets.yaml b/kubernetes/sdnc/templates/secrets.yaml index 34932b713d..916d47d753 100644 --- a/kubernetes/sdnc/templates/secrets.yaml +++ b/kubernetes/sdnc/templates/secrets.yaml @@ -13,5 +13,4 @@ # See the License for the specific language governing permissions and # limitations under the License. */}} - {{ include "common.secretFast" . }} diff --git a/kubernetes/sdnc/templates/service.yaml b/kubernetes/sdnc/templates/service.yaml index 741a15ae53..e3be4bc46a 100644 --- a/kubernetes/sdnc/templates/service.yaml +++ b/kubernetes/sdnc/templates/service.yaml @@ -1,5 +1,6 @@ {{/* # Copyright © 2017 Amdocs, Bell Canada +# Copyright © 2020 highstreet technologies GmbH # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -48,9 +49,12 @@ spec: targetPort: {{ .Values.service.internalPort4 }} {{ end }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort4 }} + {{ if .Values.config.sdnr.enabled }} + sessionAffinity: ClientIP + {{ end }} selector: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} + app.kubernetes.io/name: {{ include "common.name" . }} + app.kubernetes.io/instance: {{ include "common.release" . }} --- apiVersion: v1 kind: Service @@ -77,8 +81,8 @@ spec: port: {{ .Values.service.externalPort2 }} targetPort: {{ .Values.service.internalPort2 }} selector: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} + app.kubernetes.io/name: {{ include "common.name" . }} + app.kubernetes.io/instance: {{ include "common.release" . }} --- apiVersion: v1 kind: Service @@ -96,8 +100,8 @@ spec: port: {{ .Values.service.clusterPort }} clusterIP: None selector: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} + app.kubernetes.io/name: {{ include "common.name" . }} + app.kubernetes.io/instance: {{ include "common.release" . }} sessionAffinity: None type: ClusterIP diff --git a/kubernetes/sdnc/templates/statefulset.yaml b/kubernetes/sdnc/templates/statefulset.yaml index 437cb31a8e..98ad43ed60 100644 --- a/kubernetes/sdnc/templates/statefulset.yaml +++ b/kubernetes/sdnc/templates/statefulset.yaml @@ -17,26 +17,17 @@ apiVersion: apps/v1 kind: StatefulSet -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} +metadata: {{- include "common.resourceMetadata" . | nindent 2 }} spec: selector: matchLabels: app: {{ include "common.name" . }} serviceName: {{ include "common.servicename" . }}-cluster replicas: {{ .Values.replicaCount }} + selector: {{- include "common.selectors" . | nindent 4 }} podManagementPolicy: Parallel template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} + metadata: {{- include "common.templateMetadata" . | nindent 6 }} spec: initContainers: - command: @@ -71,6 +62,11 @@ spec: {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 10 }} - name: SDNC_DB_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 10 }} + - name: ODL_ADMIN_USERNAME + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "login") | indent 10 }} + - name: ODL_ADMIN_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "password") | indent 10 }} + volumeMounts: - mountPath: /config-input name: config-input @@ -79,27 +75,82 @@ spec: image: "{{ .Values.global.envsubstImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }}-update-config - + {{ if .Values.dgbuilder.enabled -}} - command: - - /root/ready.py + - /app/ready.py args: + {{ if or .Values.dgbuilder.enabled .Values.config.sdnr.enabled -}} - --container-name - {{ include "common.mariadbService" . }} + {{ end -}} + {{ if .Values.config.sdnr.enabled -}} + - --container-name + - {{ include "common.name" . }}-sdnrdb-init-job + {{ end -}} env: - name: NAMESPACE valueFrom: fieldRef: apiVersion: v1 fieldPath: metadata.namespace - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }}-readiness - + {{ end -}} {{ include "common.certInitializer.initContainer" . | indent 6 }} + {{ if .Values.global.cmpv2Enabled }} + - name: certs-init + image: "{{ .Values.global.repository }}/{{ .Values.global.platform.certServiceClient.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + env: + - name: REQUEST_URL + value: {{ .Values.global.platform.certServiceClient.envVariables.requestURL }} + - name: REQUEST_TIMEOUT + value: "30000" + - name: OUTPUT_PATH + value: {{ .Values.global.platform.certServiceClient.envVariables.cert_path }} + - name: CA_NAME + value: {{ .Values.global.platform.certServiceClient.envVariables.caName }} + - name: COMMON_NAME + value: {{ .Values.global.platform.certServiceClient.envVariables.common_name }} + - name: ORGANIZATION + value: {{ .Values.global.platform.certServiceClient.envVariables.cmpv2Organization }} + - name: ORGANIZATION_UNIT + value: {{ .Values.global.platform.certServiceClient.envVariables.cmpv2OrganizationalUnit }} + - name: LOCATION + value: {{ .Values.global.platform.certServiceClient.envVariables.cmpv2Location }} + - name: STATE + value: {{ .Values.global.platform.certServiceClient.envVariables.cmpv2State }} + - name: COUNTRY + value: {{ .Values.global.platform.certServiceClient.envVariables.cmpv2Country }} + - name: KEYSTORE_PATH + value: {{ .Values.global.platform.certServiceClient.envVariables.keystorePath }} + - name: KEYSTORE_PASSWORD + value: {{ .Values.global.platform.certServiceClient.envVariables.keystorePassword }} + - name: TRUSTSTORE_PATH + value: {{ .Values.global.platform.certServiceClient.envVariables.truststorePath }} + - name: TRUSTSTORE_PASSWORD + value: {{ .Values.global.platform.certServiceClient.envVariables.truststorePassword }} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: {{ .Values.global.platform.certServiceClient.envVariables.cert_path }} + name: certs + - mountPath: {{ .Values.global.platform.certServiceClient.secret.mountPath }} + name: certservice-tls-volume + {{ end }} + - name: {{ include "common.name" . }}-chown - image: "busybox" - command: ["sh", "-c", "chown -R {{ .Values.config.odlUid }}:{{ .Values.config.odlGid}} {{ .Values.persistence.mdsalPath }} ; chown -R {{ .Values.config.odlUid }}:{{ .Values.config.odlGid}} {{ .Values.certInitializer.credsPath }}"] + image: {{ .Values.global.busyboxRepository | default .Values.busyboxRepository }}/{{ .Values.global.busyboxImage | default .Values.busyboxImage }} + command: + - sh + args: + - -c + - chown -R {{ .Values.config.odlUid }}:{{ .Values.config.odlGid}} {{ .Values.persistence.mdsalPath }} +{{- if .Values.global.aafEnabled }} + - chown -R {{ .Values.config.odlUid }}:{{ .Values.config.odlGid}} {{ .Values.certInitializer.credsPath }} +{{- end }} volumeMounts: {{ include "common.certInitializer.volumeMount" . | indent 10 }} - mountPath: {{ .Values.persistence.mdsalPath }} @@ -151,6 +202,26 @@ spec: value: {{ include "common.mariadbService" . }} - name: JAVA_HOME value: "{{ .Values.config.javaHome}}" + - name: JAVA_OPTS + value: "-Xms{{.Values.config.odl.javaOptions.minMemory}} -Xmx{{.Values.config.odl.javaOptions.maxMemory}}" + - name: KARAF_CONSOLE_LOG_LEVEL + value: "{{ include "common.log.level" . }}" + - name: SDNRWT + value: "{{ .Values.config.sdnr.enabled | default "false"}}" + {{- if eq .Values.config.sdnr.mode "web" }} + - name: SDNRDM + value: "true" + {{- end }} + - name: SDNRONLY + value: "{{ .Values.config.sdnr.sdnronly | default "false" }}" + - name: SDNRDBURL + {{- $prefix := ternary "https" "http" .Values.global.aafEnabled}} + value: "{{$prefix}}://{{ .Values.elasticsearch.service.name | default "sdnrdb"}}.{{.Release.Namespace}}:{{.Values.elasticsearch.service.port | default "9200"}}" + {{- if .Values.config.sdnr.sdnrdbTrustAllCerts }} + - name: SDNRDBTRUSTALLCERTS + value: "true" + {{ end }} + volumeMounts: {{ include "common.certInitializer.volumeMount" . | indent 10 }} - mountPath: /etc/localtime @@ -159,9 +230,6 @@ spec: - mountPath: /opt/opendaylight/current/etc/org.ops4j.pax.logging.cfg name: sdnc-logging-cfg-config subPath: org.ops4j.pax.logging.cfg - - mountPath: {{ .Values.config.binDir }}/startODL.sh - name: bin - subPath: startODL.sh - mountPath: {{ .Values.config.binDir }}/installSdncDb.sh name: bin subPath: installSdncDb.sh @@ -202,6 +270,16 @@ spec: - mountPath: {{ .Values.config.odl.binDir }}/setenv name: properties subPath: setenv + - mountPath: {{ .Values.config.odl.etcDir }}/mountpoint-registrar.properties + name: properties + subPath: mountpoint-registrar.properties + - mountPath: {{ .Values.config.odl.etcDir }}/mountpoint-state-provider.properties + name: properties + subPath: mountpoint-state-provider.properties + {{ if .Values.global.cmpv2Enabled }} + - mountPath: {{ .Values.global.platform.certServiceClient.envVariables.cert_path }} + name: certs + {{- end }} resources: {{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} @@ -252,6 +330,14 @@ spec: - name: properties emptyDir: medium: Memory + {{ if .Values.global.cmpv2Enabled }} + - name: certs + emptyDir: + medium: Memory + - name: certservice-tls-volume + secret: + secretName: {{ .Values.global.platform.certServiceClient.secret.name }} + {{- end }} {{ if not .Values.persistence.enabled }} - name: {{ include "common.fullname" . }}-data emptyDir: {} |