From 5ee4dd4bb9e96ae21ac5b37453e3d1d8c674c966 Mon Sep 17 00:00:00 2001 From: Sylvain Desbureaux Date: Sat, 21 Nov 2020 22:52:46 +0100 Subject: [CONTRIB] Uses new tpls for repos / images This commit makes Contrib chart to use the new generator for repositories and images. As new templates doesn't work well with "sub charts", we move also subcharts to components folder. Issue-ID: OOM-2364 Signed-off-by: Sylvain Desbureaux Change-Id: I33ca36a2b25e67fd9f74ae408cd34f58405d6b80 --- .../components/awx/templates/configmap.yaml | 146 ++++++++++++++ .../contrib/components/awx/templates/job.yaml | 125 ++++++++++++ .../contrib/components/awx/templates/secret.yaml | 31 +++ .../contrib/components/awx/templates/service.yaml | 80 ++++++++ .../components/awx/templates/serviceaccout.yaml | 47 +++++ .../components/awx/templates/statefulset.yaml | 213 +++++++++++++++++++++ 6 files changed, 642 insertions(+) create mode 100644 kubernetes/contrib/components/awx/templates/configmap.yaml create mode 100644 kubernetes/contrib/components/awx/templates/job.yaml create mode 100644 kubernetes/contrib/components/awx/templates/secret.yaml create mode 100755 kubernetes/contrib/components/awx/templates/service.yaml create mode 100644 kubernetes/contrib/components/awx/templates/serviceaccout.yaml create mode 100644 kubernetes/contrib/components/awx/templates/statefulset.yaml (limited to 'kubernetes/contrib/components/awx/templates') diff --git a/kubernetes/contrib/components/awx/templates/configmap.yaml b/kubernetes/contrib/components/awx/templates/configmap.yaml new file mode 100644 index 0000000000..9bc62b0856 --- /dev/null +++ b/kubernetes/contrib/components/awx/templates/configmap.yaml @@ -0,0 +1,146 @@ +{{/* +# Copyright © 2019 Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-init-mgnt + namespace: {{ include "common.namespace" . }} +data: + entrypoint: | + #/bin/sh + + awx-manage migrate --noinput + if [[ `echo 'from django.contrib.auth.models import User; nsu = User.objects.filter(is_superuser=True).count(); exit(0 if nsu > 0 else 1)' | awx-manage shell` > 0 ]] + then + echo 'from django.contrib.auth.models import User; User.objects.create_superuser('{{ .Values.config.awxAdminUser }}', '{{ .Values.config.awxAdminEmail }}', '{{ .Values.config.awxAdminPassword }}')' | awx-manage shell + awx-manage update_password --username='{{ .Values.config.awxAdminUser }}' --password='{{ .Values.config.awxAdminPassword }}' + fi +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-settings + namespace: {{ include "common.namespace" . }} +data: + awx_settings: | + import os + import socket + ADMINS = () + + AWX_PROOT_ENABLED = True + + # Automatically deprovision pods that go offline + AWX_AUTO_DEPROVISION_INSTANCES = True + + SYSTEM_TASK_ABS_CPU = 6 + SYSTEM_TASK_ABS_MEM = 20 + + INSIGHTS_URL_BASE = "https://example.org" + + #Autoprovisioning should replace this + CLUSTER_HOST_ID = socket.gethostname() + SYSTEM_UUID = '00000000-0000-0000-0000-000000000000' + + SESSION_COOKIE_SECURE = False + CSRF_COOKIE_SECURE = False + + REMOTE_HOST_HEADERS = ['HTTP_X_FORWARDED_FOR'] + + STATIC_ROOT = '/var/lib/awx/public/static' + PROJECTS_ROOT = '/var/lib/awx/projects' + JOBOUTPUT_ROOT = '/var/lib/awx/job_status' + SECRET_KEY = open('/etc/tower/SECRET_KEY', 'rb').read().strip() + ALLOWED_HOSTS = ['*'] + INTERNAL_API_URL = 'http://127.0.0.1:8052' + SERVER_EMAIL = 'root@localhost' + DEFAULT_FROM_EMAIL = 'webmaster@localhost' + EMAIL_SUBJECT_PREFIX = '[AWX] ' + EMAIL_HOST = 'localhost' + EMAIL_PORT = 25 + EMAIL_HOST_USER = '' + EMAIL_HOST_PASSWORD = '' + EMAIL_USE_TLS = False + + LOGGING['handlers']['console'] = { + '()': 'logging.StreamHandler', + 'level': 'DEBUG', + 'formatter': 'simple', + } + + LOGGING['loggers']['django.request']['handlers'] = ['console'] + LOGGING['loggers']['rest_framework.request']['handlers'] = ['console'] + LOGGING['loggers']['awx']['handlers'] = ['console'] + LOGGING['loggers']['awx.main.commands.run_callback_receiver']['handlers'] = ['console'] + LOGGING['loggers']['awx.main.commands.inventory_import']['handlers'] = ['console'] + LOGGING['loggers']['awx.main.tasks']['handlers'] = ['console'] + LOGGING['loggers']['awx.main.scheduler']['handlers'] = ['console'] + LOGGING['loggers']['django_auth_ldap']['handlers'] = ['console'] + LOGGING['loggers']['social']['handlers'] = ['console'] + LOGGING['loggers']['system_tracking_migrations']['handlers'] = ['console'] + LOGGING['loggers']['rbac_migrations']['handlers'] = ['console'] + LOGGING['loggers']['awx.isolated.manager.playbooks']['handlers'] = ['console'] + LOGGING['handlers']['callback_receiver'] = {'class': 'logging.NullHandler'} + LOGGING['handlers']['task_system'] = {'class': 'logging.NullHandler'} + LOGGING['handlers']['tower_warnings'] = {'class': 'logging.NullHandler'} + LOGGING['handlers']['rbac_migrations'] = {'class': 'logging.NullHandler'} + LOGGING['handlers']['system_tracking_migrations'] = {'class': 'logging.NullHandler'} + LOGGING['handlers']['management_playbooks'] = {'class': 'logging.NullHandler'} + + CACHES = { + 'default': { + 'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache', + 'LOCATION': '{}:{}'.format("localhost", "11211") + }, + 'ephemeral': { + 'BACKEND': 'django.core.cache.backends.locmem.LocMemCache', + }, + } + + USE_X_FORWARDED_PORT = True +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-rabbitmq + namespace: {{ include "common.namespace" . }} +data: + enabled_plugins: | + [rabbitmq_management,rabbitmq_peer_discovery_k8s]. + rabbitmq.conf: | + ## Clustering + management.load_definitions = /etc/rabbitmq/rabbitmq_definitions.json + cluster_formation.peer_discovery_backend = rabbit_peer_discovery_k8s + cluster_formation.k8s.host = kubernetes.default.svc + cluster_formation.k8s.address_type = ip + cluster_formation.node_cleanup.interval = 10 + cluster_formation.node_cleanup.only_log_warning = false + cluster_partition_handling = autoheal + ## queue master locator + queue_master_locator=min-masters + ## enable guest user + loopback_users.guest = false + rabbitmq_definitions.json: | + { + "users":[{"name": "{{ .Values.config.rabbitmqUser }}", "password": "{{ .Values.config.rabbitmqPassword }}", "tags": ""}], + "permissions":[ + {"user":"{{ .Values.config.rabbitmqUser }}","vhost":"{{ .Values.config.rabbitmqVhost }}","configure":".*","write":".*","read":".*"} + ], + "vhosts":[{"name":"{{ .Values.config.rabbitmqVhost }}"}], + "policies":[ + {"vhost":"{{ .Values.config.rabbitmqVhost }}","name":"ha-all","pattern":".*","definition":{"ha-mode":"all","ha-sync-mode":"automatic"}} + ] + } diff --git a/kubernetes/contrib/components/awx/templates/job.yaml b/kubernetes/contrib/components/awx/templates/job.yaml new file mode 100644 index 0000000000..f974f446c2 --- /dev/null +++ b/kubernetes/contrib/components/awx/templates/job.yaml @@ -0,0 +1,125 @@ +{{/* +# Copyright © 2019 Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +spec: + backoffLimit: 5 + template: + metadata: + labels: + app: {{ include "common.name" . }}-mgnt + release: {{ include "common.release" . }} + spec: + serviceAccount: {{ include "common.fullname" . }} + serviceAccountName: {{ include "common.fullname" . }} + restartPolicy: Never + initContainers: + - name: {{ include "common.name" . }}-init-readiness + image: {{ include "repositoryGenerator.image.readiness" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - /app/ready.py + args: + - --container-name + - awx-postgres + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + containers: + - command: ["/bin/sh","-c"] + args: ["/etc/tower/job-entrypoint.sh"] + image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image.task }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-mgnt + resources: + requests: + cpu: 1500m + memory: 2Gi + securityContext: + privileged: true + volumeMounts: + - mountPath: /etc/tower/job-entrypoint.sh + name: awx-mgnt + readOnly: true + subPath: job-entrypoint.py + - mountPath: /etc/tower/settings.py + name: awx-application-config + readOnly: true + subPath: settings.py + - mountPath: /etc/tower/conf.d/ + name: awx-application-credentials + readOnly: true + - mountPath: /etc/tower/SECRET_KEY + name: awx-secret-key + readOnly: true + subPath: SECRET_KEY + + volumes: + - configMap: + defaultMode: 0777 + items: + - key: entrypoint + path: job-entrypoint.py + name: {{ include "common.fullname" . }}-init-mgnt + name: awx-mgnt + - configMap: + defaultMode: 420 + items: + - key: awx_settings + path: settings.py + name: {{ include "common.fullname" . }}-settings + name: awx-application-config + - name: awx-application-credentials + secret: + defaultMode: 420 + items: + - key: credentials_py + path: credentials.py + - key: environment_sh + path: environment.sh + secretName: {{ include "common.fullname" . }}-secrets + - name: awx-secret-key + secret: + defaultMode: 420 + items: + - key: secret_key + path: SECRET_KEY + secretName: {{ include "common.fullname" . }}-secrets + - configMap: + defaultMode: 420 + items: + - key: rabbitmq.conf + path: rabbitmq.conf + - key: enabled_plugins + path: enabled_plugins + - key: rabbitmq_definitions.json + path: rabbitmq_definitions.json + name: {{ include "common.fullname" . }}-rabbitmq + name: rabbitmq-config + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/contrib/components/awx/templates/secret.yaml b/kubernetes/contrib/components/awx/templates/secret.yaml new file mode 100644 index 0000000000..642f779214 --- /dev/null +++ b/kubernetes/contrib/components/awx/templates/secret.yaml @@ -0,0 +1,31 @@ +{{/* +# Copyright © 2019 Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} +apiVersion: v1 +kind: Secret +type: Opaque +metadata: + name: {{ include "common.fullname" . }}-secrets + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.fullname" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +data: + credentials_py: {{ tpl (.Files.Get "resources/config/credentials.py") . | b64enc }} + environment_sh: {{ tpl (.Files.Get "resources/config/environment.sh") . | b64enc }} + rabbitmq_erlang_cookie: {{ .Values.config.rabbitmqErlangCookie | b64enc | quote }} + secret_key: {{ .Values.config.secretKey | b64enc | quote }} \ No newline at end of file diff --git a/kubernetes/contrib/components/awx/templates/service.yaml b/kubernetes/contrib/components/awx/templates/service.yaml new file mode 100755 index 0000000000..10f031da82 --- /dev/null +++ b/kubernetes/contrib/components/awx/templates/service.yaml @@ -0,0 +1,80 @@ +{{/* +# Copyright © 2019 Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }}-rmq-mgmt + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.rmqmgmt.type }} + ports: + - port: {{ .Values.service.rmqmgmt.externalPort }} + targetPort: {{ .Values.service.rmqmgmt.internalPort }} + name: {{ .Values.service.rmqmgmt.portName }} + selector: + app: {{ include "common.fullname" . }} + release: {{ include "common.release" . }} +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }}-web + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.web.type }} + ports: + - port: {{ .Values.service.web.externalPort }} + targetPort: {{ .Values.service.web.internalPort }} + nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{ .Values.service.web.nodePort }} + name: {{ .Values.service.web.portName }} + selector: + app: {{ include "common.fullname" . }} + release: {{ include "common.release" . }} +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }}-rabbitmq + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.fullname" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} + type: LoadBalancer +spec: + type: {{ .Values.service.rabbitmq.type }} + ports: + - port: {{ .Values.service.rabbitmq.http.externalPort }} + targetPort: {{ .Values.service.rabbitmq.http.internalPort }} + name: {{ .Values.service.rabbitmq.http.portName }} + - port: {{ .Values.service.rabbitmq.amqp.externalPort }} + targetPort: {{ .Values.service.rabbitmq.amqp.internalPort }} + name: {{ .Values.service.rabbitmq.amqp.portName }} + selector: + app: {{ include "common.fullname" . }} + release: {{ include "common.release" . }} \ No newline at end of file diff --git a/kubernetes/contrib/components/awx/templates/serviceaccout.yaml b/kubernetes/contrib/components/awx/templates/serviceaccout.yaml new file mode 100644 index 0000000000..0f52ce800a --- /dev/null +++ b/kubernetes/contrib/components/awx/templates/serviceaccout.yaml @@ -0,0 +1,47 @@ +{{/* +# Copyright © 2019 Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ include "common.fullname" . }}-endpoint-reader + namespace: {{ include "common.namespace" . }} +rules: +- apiGroups: ["", "extensions", "apps", "batch"] + resources: ["endpoints", "deployments", "pods", "replicasets/status", "jobs/status"] + verbs: ["get", "list"] +--- +apiVersion: v1 +items: +- apiVersion: rbac.authorization.k8s.io/v1 + kind: RoleBinding + metadata: + name: {{ include "common.fullname" . }}-endpoint-reader + namespace: {{ include "common.namespace" . }} + roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ include "common.fullname" . }}-endpoint-reader + subjects: + - kind: ServiceAccount + name: {{ include "common.fullname" . }} +kind: List \ No newline at end of file diff --git a/kubernetes/contrib/components/awx/templates/statefulset.yaml b/kubernetes/contrib/components/awx/templates/statefulset.yaml new file mode 100644 index 0000000000..46747cd85f --- /dev/null +++ b/kubernetes/contrib/components/awx/templates/statefulset.yaml @@ -0,0 +1,213 @@ +{{/* +# Copyright © 2019 Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +spec: + podManagementPolicy: OrderedReady + replicas: {{ .Values.replicaCount }} + serviceName: {{ include "common.fullname" . }} + selector: + matchLabels: + app: {{ include "common.fullname" . }} + name: {{ include "common.name" . }}-web-deploy + service: django + template: + metadata: + labels: + app: {{ include "common.fullname" . }} + name: {{ include "common.name" . }}-web-deploy + release: {{ include "common.release" . }} + service: django + spec: + + initContainers: + - name: {{ include "common.name" . }}-init-readiness + image: {{ include "repositoryGenerator.image.readiness" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - /app/ready.py + args: + - --container-name + - {{ include "common.name" . }}-mgnt + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + + containers: + + - image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image.web }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-web + ports: + - containerPort: {{ .Values.service.web.internalPort }} + protocol: TCP + resources: + requests: + cpu: 500m + memory: 1Gi + volumeMounts: + - mountPath: /etc/tower/settings.py + name: awx-application-config + readOnly: true + subPath: settings.py + - mountPath: /etc/tower/conf.d/ + name: awx-application-credentials + readOnly: true + - mountPath: /etc/tower/SECRET_KEY + name: awx-secret-key + readOnly: true + subPath: SECRET_KEY + - command: ["/bin/sh","-c"] + args: ["/usr/bin/launch_awx_task.sh"] + env: + - name: AWX_SKIP_MIGRATIONS + value: "1" + + image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image.task }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-celery + resources: + requests: + cpu: 1500m + memory: 2Gi + securityContext: + privileged: true + volumeMounts: + - mountPath: /etc/tower/settings.py + name: awx-application-config + readOnly: true + subPath: settings.py + - mountPath: /etc/tower/conf.d/ + name: awx-application-credentials + readOnly: true + - mountPath: /etc/tower/SECRET_KEY + name: awx-secret-key + readOnly: true + subPath: SECRET_KEY + - env: + - name: MY_POD_IP + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: status.podIP + - name: RABBITMQ_USE_LONGNAME + value: "true" + - name: RABBITMQ_NODENAME + value: rabbit@$(MY_POD_IP) + - name: RABBITMQ_ERLANG_COOKIE + valueFrom: + secretKeyRef: + key: rabbitmq_erlang_cookie + name: {{ include "common.fullname" . }}-secrets + - name: K8S_SERVICE_NAME + value: {{ include "common.servicename" . }}-rabbitmq + + image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image.rabbitmq }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-rabbit + livenessProbe: + exec: + command: + - rabbitmqctl + - status + failureThreshold: 3 + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + successThreshold: 1 + timeoutSeconds: 10 + ports: + - containerPort: {{ .Values.service.rabbitmq.http.internalPort }} + name: {{ .Values.service.rabbitmq.http.portName }} + protocol: TCP + - containerPort: {{ .Values.service.rabbitmq.amqp.internalPort }} + name: {{ .Values.service.rabbitmq.amqp.portName }} + protocol: TCP + readinessProbe: + exec: + command: + - rabbitmqctl + - status + failureThreshold: 3 + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + successThreshold: 1 + timeoutSeconds: 10 + resources: + requests: + cpu: 500m + memory: 2Gi + volumeMounts: + - mountPath: /etc/rabbitmq + name: rabbitmq-config + + - image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image.memcached }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-memcached + resources: + requests: + cpu: 500m + memory: 1Gi + serviceAccount: {{ include "common.fullname" . }} + serviceAccountName: {{ include "common.fullname" . }} + volumes: + - configMap: + defaultMode: 420 + items: + - key: awx_settings + path: settings.py + name: {{ include "common.fullname" . }}-settings + name: awx-application-config + - name: awx-application-credentials + secret: + defaultMode: 420 + items: + - key: credentials_py + path: credentials.py + - key: environment_sh + path: environment.sh + secretName: {{ include "common.fullname" . }}-secrets + - name: awx-secret-key + secret: + defaultMode: 420 + items: + - key: secret_key + path: SECRET_KEY + secretName: {{ include "common.fullname" . }}-secrets + - configMap: + defaultMode: 420 + items: + - key: rabbitmq.conf + path: rabbitmq.conf + - key: enabled_plugins + path: enabled_plugins + - key: rabbitmq_definitions.json + path: rabbitmq_definitions.json + name: {{ include "common.fullname" . }}-rabbitmq + name: rabbitmq-config + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" -- cgit 1.2.3-korg