From 59ffd500ea34c201fbb3edc39e64655fa8381be0 Mon Sep 17 00:00:00 2001
From: Keren Joseph <keren.joseph@amdocs.com>
Date: Tue, 12 Sep 2017 10:13:15 +0300
Subject: moving certs and keys to k8s secrets

changed location of used certs and keys files, updated deploy yamls and create/delete all
Issue-ID: OOM-293
Change-Id: I53766b7028d6b725bf381875105b196246ff2ee1
Signed-off-by: Keren Joseph <keren.joseph@amdocs.com>
---
 kubernetes/aai/templates/data-router-deployment.yaml      | 10 ++++++++++
 kubernetes/aai/templates/modelloader-deployment.yaml      |  5 +++++
 .../aai/templates/search-data-service-deployment.yaml     |  5 +++++
 kubernetes/aai/templates/sparky-be-deployment.yaml        | 15 +++++++++++++++
 4 files changed, 35 insertions(+)

(limited to 'kubernetes/aai')

diff --git a/kubernetes/aai/templates/data-router-deployment.yaml b/kubernetes/aai/templates/data-router-deployment.yaml
index f823061c33..0033208642 100644
--- a/kubernetes/aai/templates/data-router-deployment.yaml
+++ b/kubernetes/aai/templates/data-router-deployment.yaml
@@ -35,6 +35,10 @@ spec:
         volumeMounts:
         - mountPath: /opt/app/data-router/config/
           name: data-router-config
+        - mountPath: /opt/app/data-router/config/auth/tomcat_keystore
+          name: data-router-tomcat-key
+        - mountPath: /opt/app/data-router/config/auth/client-cert-onap.p12 
+          name: data-router-client-cert
         - mountPath: /opt/app/data-router/dynamic/
           name: data-router-dynamic
         - mountPath: /logs/
@@ -56,6 +60,12 @@ spec:
       - name: data-router-logs
         hostPath:
           path: "/dockerdata-nfs/{{ .Values.nsPrefix }}/aai/data-router/logs/"
+      - name: data-router-tomcat-key
+        secret:
+          secretName: secret-{{ .Values.nsPrefix }}-aai
+      - name: data-router-client-cert
+        secret:
+          secretName: secret-{{ .Values.nsPrefix }}-aai
       restartPolicy: Always
       imagePullSecrets:
       - name: "{{ .Values.nsPrefix }}-docker-registry-key"
diff --git a/kubernetes/aai/templates/modelloader-deployment.yaml b/kubernetes/aai/templates/modelloader-deployment.yaml
index 5391273d9d..ec6a9178a7 100644
--- a/kubernetes/aai/templates/modelloader-deployment.yaml
+++ b/kubernetes/aai/templates/modelloader-deployment.yaml
@@ -20,6 +20,8 @@ spec:
         volumeMounts:
         - mountPath: /opt/app/model-loader/config/
           name: aai-model-loader-config
+        - mountPath: /opt/app/model-loader/config/auth/aai-os-cert.p12
+          name: aai-os-cert
         - mountPath: /logs/
           name: aai-model-loader-logs
         image: "{{ .Values.image.modelLoaderImage }}:{{ .Values.image.modelLoaderVersion }}"
@@ -35,6 +37,9 @@ spec:
       - name: aai-model-loader-logs
         hostPath:
           path: "/dockerdata-nfs/{{ .Values.nsPrefix }}/aai/model-loader/logs/"
+      - name: aai-os-cert
+        secret:
+          secretName: secret-{{ .Values.nsPrefix }}-aai
       restartPolicy: Always
       imagePullSecrets:
       - name: "{{ .Values.nsPrefix }}-docker-registry-key"
diff --git a/kubernetes/aai/templates/search-data-service-deployment.yaml b/kubernetes/aai/templates/search-data-service-deployment.yaml
index f2db9370fd..8f4acef7cb 100644
--- a/kubernetes/aai/templates/search-data-service-deployment.yaml
+++ b/kubernetes/aai/templates/search-data-service-deployment.yaml
@@ -27,6 +27,8 @@ spec:
         volumeMounts:
         - mountPath: /opt/app/search-data-service/config/
           name: aai-search-data-service-config
+        - mountPath: /opt/app/search-data-service/config/auth/tomcat_keystore
+          name: aai-tomcat-key
         - mountPath: /logs/
           name: aai-search-data-service-logs
         ports:
@@ -40,6 +42,9 @@ spec:
       - name: aai-search-data-service-config
         hostPath:
           path: "/dockerdata-nfs/{{ .Values.nsPrefix }}/aai/search-data-service/appconfig/"
+      - name: aai-tomcat-key
+        secret:
+          secretName: secret-{{ .Values.nsPrefix }}-aai
       - name: aai-search-data-service-logs
         hostPath:
           path: "/dockerdata-nfs/{{ .Values.nsPrefix }}/aai/search-data-service/logs/"
diff --git a/kubernetes/aai/templates/sparky-be-deployment.yaml b/kubernetes/aai/templates/sparky-be-deployment.yaml
index 6a8ff9308d..f4c44e28ed 100644
--- a/kubernetes/aai/templates/sparky-be-deployment.yaml
+++ b/kubernetes/aai/templates/sparky-be-deployment.yaml
@@ -27,6 +27,12 @@ spec:
         volumeMounts:
         - mountPath: /opt/app/sparky/config/
           name: aai-sparky-be-config
+        - mountPath: /opt/app/sparky/config/auth/client-cert-onap.p12 
+          name: aai-sparky-be-client-cert
+        - mountPath: /opt/app/sparky/config/auth/aai-os-cert.p12
+          name: aai-sparky-be-aai-os-cert
+        - mountPath: /opt/app/sparky/config/auth/inventory-ui-keystore
+          name: aai-sparky-be-inventory-key
         - mountPath: /logs/
           name: aai-sparky-be-logs
         ports:
@@ -43,6 +49,15 @@ spec:
       - name: aai-sparky-be-logs
         hostPath:
           path: "/dockerdata-nfs/{{ .Values.nsPrefix }}/aai/sparky-be/logs/"
+      - name: aai-sparky-be-client-cert
+        secret:
+          secretName: secret-{{ .Values.nsPrefix }}-aai
+      - name: aai-sparky-be-aai-os-cert
+        secret:
+          secretName: secret-{{ .Values.nsPrefix }}-aai
+      - name: aai-sparky-be-inventory-key
+        secret:
+          secretName: secret-{{ .Values.nsPrefix }}-aai
       restartPolicy: Always
       imagePullSecrets:
       - name: "{{ .Values.nsPrefix }}-docker-registry-key"
-- 
cgit 1.2.3-korg