aboutsummaryrefslogtreecommitdiffstats
path: root/ansible/roles/ansible-vvp-templates/templates/deployments
diff options
context:
space:
mode:
Diffstat (limited to 'ansible/roles/ansible-vvp-templates/templates/deployments')
-rw-r--r--ansible/roles/ansible-vvp-templates/templates/deployments/10-gitlab-deployment.yaml.j24
-rw-r--r--ansible/roles/ansible-vvp-templates/templates/deployments/10-postgresql-deployment.yaml.j24
-rw-r--r--ansible/roles/ansible-vvp-templates/templates/deployments/20-ci-uwsgi-deployment.yaml.j214
-rw-r--r--ansible/roles/ansible-vvp-templates/templates/deployments/20-cms-uwsgi-deployment.yaml.j26
-rw-r--r--ansible/roles/ansible-vvp-templates/templates/deployments/20-em-uwsgi-deployment.yaml.j214
-rw-r--r--ansible/roles/ansible-vvp-templates/templates/deployments/20-imagescanner.yaml.j252
-rw-r--r--ansible/roles/ansible-vvp-templates/templates/deployments/20-jenkins-deployment.yaml.j24
-rw-r--r--ansible/roles/ansible-vvp-templates/templates/deployments/30-portal-deployment.yaml.j211
8 files changed, 93 insertions, 16 deletions
diff --git a/ansible/roles/ansible-vvp-templates/templates/deployments/10-gitlab-deployment.yaml.j2 b/ansible/roles/ansible-vvp-templates/templates/deployments/10-gitlab-deployment.yaml.j2
index 6771b1f..8b14661 100644
--- a/ansible/roles/ansible-vvp-templates/templates/deployments/10-gitlab-deployment.yaml.j2
+++ b/ansible/roles/ansible-vvp-templates/templates/deployments/10-gitlab-deployment.yaml.j2
@@ -48,9 +48,11 @@ spec:
labels:
run: gitlab
spec:
+ imagePullSecrets:
+ - name: onapkey
containers:
- name: gitlab
- image: {{container_uri}}rkt-gitlab:{{container_tag}}
+ image: {{container_uri}}gitlab:{{container_tag}}
ports:
- containerPort: 80
- containerPort: 22
diff --git a/ansible/roles/ansible-vvp-templates/templates/deployments/10-postgresql-deployment.yaml.j2 b/ansible/roles/ansible-vvp-templates/templates/deployments/10-postgresql-deployment.yaml.j2
index e78bfc9..bd5c10f 100644
--- a/ansible/roles/ansible-vvp-templates/templates/deployments/10-postgresql-deployment.yaml.j2
+++ b/ansible/roles/ansible-vvp-templates/templates/deployments/10-postgresql-deployment.yaml.j2
@@ -48,9 +48,11 @@ spec:
labels:
run: postgresql
spec:
+ imagePullSecrets:
+ - name: onapkey
containers:
- name: postgresql
- image: {{container_uri}}rkt-postgresql:{{container_tag}}
+ image: {{container_uri}}postgresql:{{container_tag}}
ports:
- containerPort: 5432
volumeMounts:
diff --git a/ansible/roles/ansible-vvp-templates/templates/deployments/20-ci-uwsgi-deployment.yaml.j2 b/ansible/roles/ansible-vvp-templates/templates/deployments/20-ci-uwsgi-deployment.yaml.j2
index 98a04b5..44e78e1 100644
--- a/ansible/roles/ansible-vvp-templates/templates/deployments/20-ci-uwsgi-deployment.yaml.j2
+++ b/ansible/roles/ansible-vvp-templates/templates/deployments/20-ci-uwsgi-deployment.yaml.j2
@@ -57,9 +57,11 @@ spec:
hostPath:
path: /var/devenv/ice-ci/
{% endif %}
+ imagePullSecrets:
+ - name: onapkey
containers:
- name: ci-uwsgi
- image: {{container_uri}}rkt-ice-ci:{{container_tag}}
+ image: {{container_uri}}test-engine:{{container_tag}}
ports:
- containerPort: 80
- containerPort: 8282
@@ -77,7 +79,13 @@ spec:
- name: ICE_ENVIRONMENT
value: "{{ice_environment}}"
- name: PROGRAM_NAME_URL_PREFIX
- value: "ice"
+ value: "{{program_name_url_prefix}}"
+ - name: SERVICE_PROVIDER
+ value: "{{service_provider}}"
+ - name: PROGRAM_NAME
+ value: "{{program_name}}"
+ - name: SERVICE_PROVIDER_DOMAIN
+ value: "{{service_provider_domain}}"
- name: SECRET_KEY
valueFrom:
secretKeyRef: {name: em-secret, key: key}
@@ -158,7 +166,7 @@ spec:
initialDelaySeconds: 90
periodSeconds: 15
{% endif %}
- command: ["/app/docker-entrypoint.sh", "/usr/local/bin/uwsgi", "--ini", "/opt/configmaps/settings/uwsgi.ini", "--static-map", "/static=/app/htdocs" {% if devenv is defined %}, "--py-auto-reload" , "3"{% endif %}]
+ command: ["/app/docker-entrypoint.sh", "/usr/local/bin/gunicorn", "-c", "/opt/configmaps/settings/gunicorn.ini", "web.wsgi:application", {% if devenv is defined %}"--reload"{% endif %}]
metadata:
labels:
run: ci-uwsgi
diff --git a/ansible/roles/ansible-vvp-templates/templates/deployments/20-cms-uwsgi-deployment.yaml.j2 b/ansible/roles/ansible-vvp-templates/templates/deployments/20-cms-uwsgi-deployment.yaml.j2
index 8b601e9..01032d7 100644
--- a/ansible/roles/ansible-vvp-templates/templates/deployments/20-cms-uwsgi-deployment.yaml.j2
+++ b/ansible/roles/ansible-vvp-templates/templates/deployments/20-cms-uwsgi-deployment.yaml.j2
@@ -44,9 +44,11 @@ metadata:
spec:
template:
spec:
+ imagePullSecrets:
+ - name: onapkey
containers:
- name: cms-uwsgi
- image: {{container_uri}}rkt-ice-cms:{{container_tag}}
+ image: {{container_uri}}cms:{{container_tag}}
ports:
- containerPort: 80
- containerPort: 9000
@@ -119,7 +121,7 @@ spec:
periodSeconds: 15
timeoutSeconds: 10
{% endif %}
- command: ["/docker-entrypoint.sh", "/usr/local/bin/uwsgi", "--ini", "/opt/configmaps/settings/uwsgi.ini", {% if devenv is defined %}"--py-auto-reload" , "3",{% endif %}"--static-map", "/static=/app/htdocs"]
+ command: ["/docker-entrypoint.sh", "/usr/local/bin/gunicorn", "-c", "/opt/configmaps/settings/gunicorn.ini", "cms.wsgi:application", {% if devenv is defined %}"--reload"{% endif %}]
volumeMounts:
- name: settings
mountPath: /opt/configmaps/settings/
diff --git a/ansible/roles/ansible-vvp-templates/templates/deployments/20-em-uwsgi-deployment.yaml.j2 b/ansible/roles/ansible-vvp-templates/templates/deployments/20-em-uwsgi-deployment.yaml.j2
index 8cedd29..ceb24c4 100644
--- a/ansible/roles/ansible-vvp-templates/templates/deployments/20-em-uwsgi-deployment.yaml.j2
+++ b/ansible/roles/ansible-vvp-templates/templates/deployments/20-em-uwsgi-deployment.yaml.j2
@@ -56,9 +56,11 @@ spec:
- name: em-settings
configMap:
name: em-settings
+ imagePullSecrets:
+ - name: onapkey
containers:
- name: em-uwsgi
- image: {{container_uri}}rkt-engagementmgr:{{container_tag}}
+ image: {{container_uri}}engagementmgr:{{container_tag}}
ports:
- containerPort: 80
- containerPort: 9000
@@ -75,7 +77,13 @@ spec:
- name: ENVIRONMENT
value: "{{ice_environment}}"
- name: PROGRAM_NAME_URL_PREFIX
- value: "ice"
+ value: "{{program_name_url_prefix}}"
+ - name: SERVICE_PROVIDER
+ value: "{{service_provider}}"
+ - name: PROGRAM_NAME
+ value: "{{program_name}}"
+ - name: SERVICE_PROVIDER_DOMAIN
+ value: "{{service_provider_domain}}"
- name: SECRET_KEY
valueFrom:
secretKeyRef: {name: em-secret, key: key}
@@ -156,7 +164,7 @@ spec:
periodSeconds: 15
timeoutSeconds: 10
{% endif %}
- command: ["/docker-entrypoint.sh", "/usr/local/bin/uwsgi", "--ini", "/opt/configmaps/settings/uwsgi.ini", {% if devenv is defined %}"--py-auto-reload" , "3",{% endif %}"--static-map", "/static=/app/htdocs"]
+ command: ["/docker-entrypoint.sh", "/usr/local/bin/gunicorn", "-c", "/opt/configmaps/settings/gunicorn.ini", "vvp.wsgi:application", {% if devenv is defined %}"--reload"{% endif %}]
metadata:
labels:
run: em-uwsgi
diff --git a/ansible/roles/ansible-vvp-templates/templates/deployments/20-imagescanner.yaml.j2 b/ansible/roles/ansible-vvp-templates/templates/deployments/20-imagescanner.yaml.j2
index 775d341..b8f2f66 100644
--- a/ansible/roles/ansible-vvp-templates/templates/deployments/20-imagescanner.yaml.j2
+++ b/ansible/roles/ansible-vvp-templates/templates/deployments/20-imagescanner.yaml.j2
@@ -44,11 +44,16 @@ metadata:
spec:
template:
spec:
+ imagePullSecrets:
+ - name: onapkey
containers:
- name: imagescanner-worker
- image: {{container_uri}}ice-image-scanner:{{container_tag}}
- command: ["/usr/local/bin/imagescanner-worker"]
+ image: {{container_uri}}image-scanner:{{container_tag}}
+ command:
+ - "sh"
+ - "/opt/site-certificate/wrapper.sh"
+ - "/usr/local/bin/imagescanner-worker"
securityContext:
privileged: true
volumeMounts:
@@ -58,9 +63,30 @@ spec:
mountPath: /dev
- name: logs
mountPath: /var/log/imagescanner
+ - name: imagescanner-settings
+ mountPath: /opt/imagescanner-settings
+ - name: site-certificate
+ mountPath: /opt/site-certificate
+ env:
+ - name: PYTHONPATH
+ value: /opt/imagescanner-settings
+ - name: S3_HOST
+ value: "{{s3_dns_name}}"
+ - name: S3_PORT
+ value: "443"
+ - name: AWS_ACCESS_KEY_ID
+ valueFrom:
+ secretKeyRef: {name: em-secret, key: aws_access_key_id}
+ - name: AWS_SECRET_ACCESS_KEY
+ valueFrom:
+ secretKeyRef: {name: em-secret, key: aws_secret_access_key}
+ - name: SECRET_JENKINS_PASSWORD
+ value: ''
+ - name: REQUESTS_CA_BUNDLE
+ value: /etc/ssl/certs/ca-certificates.crt
- name: notifications-worker
- image: {{container_uri}}ice-image-scanner:{{container_tag}}
+ image: {{container_uri}}image-scanner:{{container_tag}}
command: ["/usr/local/bin/notifications-worker"]
securityContext:
privileged: true
@@ -70,9 +96,17 @@ spec:
secretKeyRef: {name: slack-tokens, key: notifications}
- name: DOMAIN
value: "{{em_internal_dns_name}}"
+ - name: PYTHONPATH
+ value: /opt/imagescanner-settings
+ - name: SECRET_JENKINS_PASSWORD
+ valueFrom:
+ secretKeyRef: {name: em-secret, key: jenkins_admin_password}
+ volumeMounts:
+ - name: imagescanner-settings
+ mountPath: /opt/imagescanner-settings
- name: imagescanner-frontend
- image: {{container_uri}}ice-image-scanner:{{container_tag}}
+ image: {{container_uri}}image-scanner:{{container_tag}}
command: ["/usr/local/bin/imagescanner-frontend"]
{#
FIXME: No, the frontend does not require a privileged container.
@@ -87,9 +121,13 @@ spec:
volumeMounts:
- name: logs
mountPath: /var/log/imagescanner
+ - name: imagescanner-settings
+ mountPath: /opt/imagescanner-settings
env:
- name: DEFAULT_SLACK_CHANNEL
value: "#notifications"
+ - name: SECRET_JENKINS_PASSWORD
+ value: ''
volumes:
- name: imagescanner-ssh
@@ -101,6 +139,12 @@ spec:
path: /dev
- name: logs
emptyDir: {}
+ - name: imagescanner-settings
+ configMap:
+ name: imagescanner-settings
+ - name: site-certificate
+ configMap:
+ name: site-certificate
metadata:
labels:
diff --git a/ansible/roles/ansible-vvp-templates/templates/deployments/20-jenkins-deployment.yaml.j2 b/ansible/roles/ansible-vvp-templates/templates/deployments/20-jenkins-deployment.yaml.j2
index 61504f1..1b4289a 100644
--- a/ansible/roles/ansible-vvp-templates/templates/deployments/20-jenkins-deployment.yaml.j2
+++ b/ansible/roles/ansible-vvp-templates/templates/deployments/20-jenkins-deployment.yaml.j2
@@ -44,9 +44,11 @@ metadata:
spec:
template:
spec:
+ imagePullSecrets:
+ - name: onapkey
containers:
- name: jenkins
- image: {{container_uri}}rkt-jenkins:{{container_tag}}
+ image: {{container_uri}}jenkins:{{container_tag}}
ports:
- containerPort: 8080
volumeMounts:
diff --git a/ansible/roles/ansible-vvp-templates/templates/deployments/30-portal-deployment.yaml.j2 b/ansible/roles/ansible-vvp-templates/templates/deployments/30-portal-deployment.yaml.j2
index f3505e5..5c898d3 100644
--- a/ansible/roles/ansible-vvp-templates/templates/deployments/30-portal-deployment.yaml.j2
+++ b/ansible/roles/ansible-vvp-templates/templates/deployments/30-portal-deployment.yaml.j2
@@ -48,9 +48,11 @@ spec:
labels:
run: portal
spec:
+ imagePullSecrets:
+ - name: onapkey
containers:
- name: portal
- image: {{container_uri}}rkt-ice-portal:{{container_tag}}
+ image: {{container_uri}}portal:{{container_tag}}
ports:
- containerPort: 8181
command: ["nginx", "-g", "daemon off;", "-c", "/tmp/nginx.conf"]
@@ -68,3 +70,10 @@ spec:
items:
- key: file
path: nginx.conf
+ - key: service_provider.json
+ path: service_provider.json
+{% if devenv is defined %}
+ - name: portal-rsync
+ hostPath:
+ path: /var/devenv/rkt-ice-portal/d2ice.att.io/app
+{% endif %}