From 55913091b7deb8f73c026c53826608c8f7b51f17 Mon Sep 17 00:00:00 2001 From: Daniel Milaszkiewicz Date: Mon, 16 Nov 2020 13:50:18 +0000 Subject: Revert "[CONSUL] Make consul run as non-root" Revert submission 114556 Reason for revert: Bug - OOM-2630 Reverted Changes: Ic1302ac28:[CONSUL] Make consul server run as non-root I43584b7f0:[CONSUL] Make consul run as non-root Issue-ID: OOM-2630 Change-Id: Ie80d50417418d182f3db54d103bac50dde0c6775 Signed-off-by: Daniel Milaszkiewicz --- kubernetes/consul/templates/deployment.yaml | 37 +++++++---------------------- kubernetes/consul/values.yaml | 7 +----- 2 files changed, 9 insertions(+), 35 deletions(-) diff --git a/kubernetes/consul/templates/deployment.yaml b/kubernetes/consul/templates/deployment.yaml index 6f1c57967f..51c6eb72d5 100644 --- a/kubernetes/consul/templates/deployment.yaml +++ b/kubernetes/consul/templates/deployment.yaml @@ -39,34 +39,15 @@ spec: spec: imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" - initContainers: - - name: {{ include "common.name" . }}-chown - image: {{ .Values.global.busyboxRepository | default .Values.busyboxRepository }}/{{ .Values.global.busyboxImage | default .Values.busyboxImage }} - command: - - sh - args: - - -c - - | - cp -r -L /tmp/consul/config/* /consul/config/ - chown -R {{ .Values.consulUID }}:{{ .Values.consulGID }} /consul/config - ls -la /consul/config - volumeMounts: - - mountPath: /tmp/consul/config - name: consul-agent-config - - mountPath: /consul/config - name: consul-agent-config-dir containers: - image: "{{ include "common.repository" . }}/{{ .Values.image }}" command: - - sh - args: - - /usr/local/bin/docker-entrypoint.sh - - agent - - -client - - 0.0.0.0 - - -enable-script-checks - - -retry-join - - {{ .Values.consulServer.nameOverride }} + - /bin/sh + - "-c" + - | + apk update && apk add jq + cp /tmp/consul/config/* /consul/config + /usr/local/bin/docker-entrypoint.sh agent -client 0.0.0.0 -enable-script-checks -retry-join {{ .Values.consulServer.nameOverride }} name: {{ include "common.name" . }} env: - name: SDNC_ODL_COUNT @@ -74,16 +55,14 @@ spec: - name: SDNC_IS_PRIMARY_CLUSTER value: "{{ .Values.sdnc.config.isPrimaryCluster }}" volumeMounts: - - mountPath: /consul/config - name: consul-agent-config-dir + - mountPath: /tmp/consul/config + name: consul-agent-config - mountPath: /consul/scripts name: consul-agent-scripts-config - mountPath: /consul/certs name: consul-agent-certs-config resources: {{ include "common.resources" . | nindent 10 }} volumes: - - name: consul-agent-config-dir - emptyDir: {} - configMap: name: {{ include "common.fullname" . }}-configmap name: consul-agent-config diff --git a/kubernetes/consul/values.yaml b/kubernetes/consul/values.yaml index 8f17dc637f..512c4c3dac 100644 --- a/kubernetes/consul/values.yaml +++ b/kubernetes/consul/values.yaml @@ -20,24 +20,19 @@ global: readinessImage: onap/oom/readiness:3.0.1 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 - busyboxRepository: registry.hub.docker.com - busyboxImage: library/busybox:latest ################################################################# # Application configuration defaults. ################################################################# # application image repository: docker.io -image: oomk8s/consul:2.0.0 +image: oomk8s/consul:1.0.0 pullPolicy: Always #subchart name consulServer: nameOverride: consul-server -consulUID: 100 -consulGID: 1000 - # flag to enable debugging - application support required debugEnabled: false -- cgit 1.2.3-korg