From fabd688c32fd94b2fc08fd91bbfdb112b46e5e73 Mon Sep 17 00:00:00 2001 From: Jakub Latusek Date: Thu, 24 Sep 2020 14:03:44 +0200 Subject: Change aaf-sshsm statefulset to deployment Signed-off-by: Jakub Latusek Issue-ID: OOM-2562 Change-Id: I14bfe09787b59b366472778a5ca5bdc50c3f83f7 --- .../aaf-sshsm-abrmd/templates/deployment.yaml | 89 ++++++++++++++++++++++ 1 file changed, 89 insertions(+) create mode 100644 kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/deployment.yaml (limited to 'kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/deployment.yaml') diff --git a/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/deployment.yaml b/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/deployment.yaml new file mode 100644 index 0000000000..2715120ba9 --- /dev/null +++ b/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/deployment.yaml @@ -0,0 +1,89 @@ +{{/* +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.global.tpm.enabled .Values.global.abrmd.enabled -}} + +apiVersion: apps/v1 +kind: Deployment +metadata: {{- include "common.resourceMetadata" . | nindent 2 }} +spec: + selector: {{- include "common.selectors" . | nindent 4 }} + replicas: {{ .Values.replicaCount }} + serviceName: + template: + metadata: {{- include "common.templateMetadata" . | nindent 6 }} + spec: + initContainers: + - image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-job-complete + command: + - /app/ready.py + args: + - -j + - "{{ include "common.fullname" . }}-init" + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + resources: + limits: + cpu: 100m + memory: 100Mi + requests: + cpu: 3m + memory: 20Mi + containers: + - image: "{{ include "common.repository" . }}/{{ .Values.image }}" + name: {{ include "common.name" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: ["/abrmd/bin/run_abrmd.sh"] + workingDir: /abrmd/bin + securityContext: + privileged: true + volumeMounts: + - name: {{ include "common.fullname" . }}-dbus + mountPath: /var/run/dbus + - name: {{ include "common.fullname" . }}-tpm-device + mountPath: /dev/tpm0 + - mountPath: /etc/localtime + name: localtime + readOnly: true + resources: {{ include "common.resources" . | nindent 10 }} + nodeSelector: + {{- if .Values.nodeSelector }} +{{ toYaml .Values.nodeSelector | indent 8 }} + {{- end -}} + {{- if .Values.global.tpm.enabled }} + {{ (printf "%s: \"%s\"" .Values.global.tpm.nodeLabel .Values.global.tpm.nodeLabelValue) }} + {{- end -}} + {{- if .Values.affinity }} + affinity: {{ toYaml .Values.affinity | nindent 8 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: {{ include "common.fullname" . }}-dbus + persistentVolumeClaim: + claimName: {{ include "common.release" . }}-aaf-sshsm-dbus + - name: {{ include "common.fullname" . }}-tpm-device + hostPath: + path: /dev/tpm0 + +{{- end -}} -- cgit 1.2.3-korg