summaryrefslogtreecommitdiffstats
path: root/kubernetes/so/templates/deployment.yaml
diff options
context:
space:
mode:
Diffstat (limited to 'kubernetes/so/templates/deployment.yaml')
-rwxr-xr-x[-rw-r--r--]kubernetes/so/templates/deployment.yaml269
1 files changed, 107 insertions, 162 deletions
diff --git a/kubernetes/so/templates/deployment.yaml b/kubernetes/so/templates/deployment.yaml
index 0f907372a3..a69c189c5b 100644..100755
--- a/kubernetes/so/templates/deployment.yaml
+++ b/kubernetes/so/templates/deployment.yaml
@@ -1,4 +1,4 @@
-# Copyright © 2017 Amdocs, Bell Canada
+# Copyright © 2018 AT&T USA
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -11,19 +11,23 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: {{ include "common.fullname" . }}
namespace: {{ include "common.namespace" . }}
labels:
- app: {{ include "common.name" . }}
+ app: {{ include "common.fullname" . }}
chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
spec:
- replicas: {{ .Values.replicaCount }}
+ replicas: {{ index .Values.replicaCount }}
+ minReadySeconds: {{ index .Values.minReadySeconds }}
+ strategy:
+ type: {{ index .Values.updateStrategy.type }}
+ rollingUpdate:
+ maxUnavailable: {{ index .Values.updateStrategy.maxUnavailable }}
+ maxSurge: {{ index .Values.updateStrategy.maxSurge }}
template:
metadata:
labels:
@@ -31,164 +35,105 @@ spec:
release: {{ .Release.Name }}
spec:
initContainers:
- - command:
- - /root/ready.py
- args:
- - --container-name
- - {{ .Values.mariadb.nameOverride }}
+ - name: so-chown
+ image: alpine:3.6
+ volumeMounts:
+ - name: logs
+ mountPath: /app/logs
+ imagePullPolicy: {{ index .Values.pullPolicy }}
+ command: ["/bin/sh", "-c", "chown -Rf 1000:1000 /app/logs"]
+ restartPolicy: Always
+ containers:
+ - name: {{ include "common.name" . }}
+ image: {{ include "common.repository" . }}/{{ .Values.image }}
+ resources:
+{{ toYaml (pluck .Values.flavor .Values.resources| first) | indent 12 }}
env:
- - name: NAMESPACE
+ - name: DB_HOST
valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-readiness
- containers:
- - name: {{ .Chart.Name }}
- command:
- - /tmp/start-jboss-server.sh
- image: "{{ include "common.repository" . }}/{{ .Values.image }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- ports:
- - containerPort: {{ .Values.service.internalPort }}
- - containerPort: {{ .Values.service.internalPort2 }}
- - containerPort: {{ .Values.service.internalPort3 }}
- - containerPort: {{ .Values.service.internalPort4 }}
- - containerPort: {{ .Values.service.internalPort5 }}
- # disable liveness probe when breakpoints set in debugger
- # so K8s doesn't restart unresponsive container
- {{ if .Values.liveness.enabled }}
- livenessProbe:
- tcpSocket:
- port: {{ .Values.service.internalPort }}
- initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
- periodSeconds: {{ .Values.liveness.periodSeconds }}
- {{ end }}
- readinessProbe:
- tcpSocket:
- port: {{ .Values.service.internalPort }}
- initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
- periodSeconds: {{ .Values.readiness.periodSeconds }}
- env:
- - name: JBOSS_DEBUG
- value: {{ .Values.global.debugEnabled | default .Values.debugEnabled | quote }}
- volumeMounts:
- - mountPath: /etc/localtime
- name: localtime
- readOnly: true
- - mountPath: /shared/
- name: so
- - mountPath: /tmp/start-jboss-server.sh
- name: so-docker-files
- subPath: start-jboss-server.sh
- - mountPath: /opt/jboss/standalone/configuration/standalone-full-ha-mso.xml
- name: so-config
- subPath: standalone-full-ha-mso.xml
- - mountPath: /var/log/onap
- name: so-logs
- - mountPath: /var/berks-cookbooks/mso-config/files/default/mso-po-adapter-config/logback.network.xml
- name: so-logback
- subPath: logback.network.xml
- - mountPath: /var/berks-cookbooks/mso-config/files/default/mso-po-adapter-config/logback.tenant.xml
- name: so-logback
- subPath: logback.tenant.xml
- - mountPath: /var/berks-cookbooks/mso-config/files/default/mso-po-adapter-config/logback.vnf.xml
- name: so-logback
- subPath: logback.vnf.xml
- - mountPath: /var/berks-cookbooks/mso-config/files/default/mso-po-adapter-config/logback.vfc.xml
- name: so-logback
- subPath: logback.vfc.xml
- - mountPath: /var/berks-cookbooks/mso-config/files/default/mso-api-handler-infra-config/logback.apihandler-infra.xml
- name: so-logback
- subPath: logback.apihandler-infra.xml
- - mountPath: /var/berks-cookbooks/mso-config/files/default/mso-appc-adapter-config/logback.appc.xml
- name: so-logback
- subPath: logback.appc.xml
- - mountPath: /var/berks-cookbooks/mso-config/files/default/mso-requests-db-adapter-config/logback.msorequestsdbadapter.xml
- name: so-logback
- subPath: logback.msorequestsdbadapter.xml
- - mountPath: /var/berks-cookbooks/mso-config/files/default/mso-asdc-controller-config/logback.asdc.xml
- name: so-logback
- subPath: logback.asdc.xml
- - mountPath: /var/berks-cookbooks/mso-config/files/default/mso-sdnc-adapter-config/logback.sdnc.xml
- name: so-logback
- subPath: logback.sdnc.xml
- - mountPath: /var/berks-cookbooks/mso-config/files/default/mso-bpmn-config/logback.bpmn.xml
- name: so-logback
- subPath: logback.bpmn.xml
- - mountPath: /var/berks-cookbooks/mso-config/files/default/mso-workflow-message-adapter-config/logback.workflow-message-adapter.xml
- name: so-logback
- subPath: logback.workflow-message-adapter.xml
- resources:
-{{ toYaml .Values.resources | indent 12 }}
- {{- if .Values.nodeSelector }}
- nodeSelector:
-{{ toYaml .Values.nodeSelector | indent 10 }}
- {{- end -}}
- {{- if .Values.affinity }}
- affinity:
-{{ toYaml .Values.affinity | indent 10 }}
- {{- end }}
-
- # side car containers
- - name: filebeat-onap
- image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- volumeMounts:
- - mountPath: /usr/share/filebeat/filebeat.yml
- name: filebeat-conf
- subPath: filebeat.yml
- - mountPath: /var/log/onap
- name: so-logs
- - mountPath: /usr/share/filebeat/data
- name: so-data-filebeat
-
+ secretKeyRef:
+ name: {{ .Release.Name}}-so-db-secrets
+ key: mariadb.readwrite.host
+ - name: DB_PORT
+ valueFrom:
+ secretKeyRef:
+ name: {{ .Release.Name}}-so-db-secrets
+ key: mariadb.readwrite.port
+ - name: DB_USERNAME
+ valueFrom:
+ secretKeyRef:
+ name: {{ .Release.Name}}-so-db-secrets
+ key: mariadb.readwrite.rolename
+ - name: DB_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ .Release.Name}}-so-db-secrets
+ key: mariadb.readwrite.password
+ - name: DB_ADMIN_USERNAME
+ valueFrom:
+ secretKeyRef:
+ name: {{ .Release.Name}}-so-db-secrets
+ key: mariadb.admin.rolename
+ - name: DB_ADMIN_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ .Release.Name}}-so-db-secrets
+ key: mariadb.admin.password
+ - name: CADI_KEYSTORE_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ .Release.Name}}-so-ssl-pwd-secret
+ key: cadi_keystore_password
+ - name: CADI_TRUSTSTORE_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ .Release.Name}}-so-ssl-pwd-secret
+ key: cadi_truststore_password
+ - name: MSO_KEYSTORE_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ .Release.Name}}-so-ssl-client-secret
+ key: keystore_password
+ - name: MSO_TRUSTSTORE_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ .Release.Name}}-so-ssl-client-secret
+ key: truststore_password
+ envFrom:
+ - configMapRef:
+ name: {{ include "common.fullname" . }}-configmap
+ imagePullPolicy: {{ index .Values "global" "pullPolicy" }}
+ volumeMounts:
+ - name: logs
+ mountPath: /app/logs
+ - name: certs
+ mountPath: /app/certs/
+ readOnly: true
+ - name: config
+ mountPath: /app/config
+ readOnly: true
+ livenessProbe:
+ httpGet:
+ path: {{- index .Values.livenessProbe.path|indent 2}}
+ port: {{ index .Values.containerPort }}
+ scheme: {{- index .Values.livenessProbe.scheme| indent 2}}
+ initialDelaySeconds: {{ index .Values.livenessProbe.initialDelaySeconds}}
+ periodSeconds: {{ index .Values.livenessProbe.periodSeconds}}
+ timeoutSeconds: {{ index .Values.livenessProbe.timeoutSeconds}}
+ successThreshold: {{ index .Values.livenessProbe.successThreshold}}
+ failureThreshold: {{ index .Values.livenessProbe.failureThreshold}}
+ ports:
+ - containerPort: {{ index .Values.containerPort }}
+ name: {{ .Values.service.portName }}
+ protocol: TCP
volumes:
- - name: localtime
- hostPath:
- path: /etc/localtime
- - name: so-logback
- configMap:
- name: so-log-configmap
- - name: filebeat-conf
- configMap:
- name: so-filebeat-configmap
- - name: so
- configMap:
- name: so-configmap
- items:
- - key: mso-docker.json
- path: mso-docker.json
- mode: 0755
- - key: onap-ca.crt
- path: onap-ca.crt
- mode: 0755
- - key: onap-ca-new.crt
- path: onap-ca-new.crt
- mode: 0755
- - key: encryption.key
- path: encryption.key
- mode: 0644
- - name: so-config
- configMap:
- name: so-configmap
- items:
- - key: standalone-full-ha-mso.xml
- path: standalone-full-ha-mso.xml
- mode: 0644
- - name: so-logs
- emptyDir: {}
- - name: so-data-filebeat
- emptyDir: {}
- - name: so-docker-files
- configMap:
- name: so-docker-file-configmap
- items:
- - key: start-jboss-server.sh
- path: start-jboss-server.sh
- mode: 0755
+ - name: logs
+ emptyDir: {}
+ - name: certs
+ secret:
+ secretName: {{ .Release.Name}}-so-ssl-secret
+ - name: config
+ configMap:
+ name: {{ include "common.fullname" . }}-app-configmap
imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
-
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"