helm/appmgr/templates/deployment.yaml

   1 ################################################################################
   2 #   Copyright (c) 2019 AT&T Intellectual Property.                             #
   3 #   Copyright (c) 2019 Nokia.                                                  #
   4 #                                                                              #
   5 #   Licensed under the Apache License, Version 2.0 (the "License");            #
   6 #   you may not use this file except in compliance with the License.           #
   7 #   You may obtain a copy of the License at                                    #
   8 #                                                                              #
   9 #       http://www.apache.org/licenses/LICENSE-2.0                             #
  10 #                                                                              #
  11 #   Unless required by applicable law or agreed to in writing, software        #
  12 #   distributed under the License is distributed on an "AS IS" BASIS,          #
  13 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.   #
  14 #   See the License for the specific language governing permissions and        #
  15 #   limitations under the License.                                             #
  16 ################################################################################
  17 {{- $tillerKey := .Values.appmgr.tillerkey | default "ricxapp" }}
  18 {{- $topCtx :=  . }}
  19 {{- $ctx := dict "ctx" $topCtx "key" $tillerKey }}
  20 {{- $secretPath := .Values.appmgr.appsecretpath | default "/opt/ric/secret" }}
  21 {{- $certName := include "common.tillerHelmClientTLSSecret" $ctx }}
  22 apiVersion: apps/v1
  23 kind: Deployment
  24 metadata:
  25   name: {{ include "common.deploymentname.appmgr" . }}
  26   namespace: {{ include "common.namespace.platform" . }}
  27   labels:
  28     app: {{ include "common.namespace.platform" . }}-{{ include "common.name.appmgr" . }}
  29     chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
  30     release: {{ .Release.Name }}
  31     heritage: {{ .Release.Service }}
  32 spec:
  33   replicas: {{ .Values.appmgr.replicaCount }}
  34   selector:
  35     matchLabels:
  36       app: {{ include "common.namespace.platform" . }}-{{ include "common.name.appmgr" . }}
  37       release: {{ .Release.Name }}
  38   template:
  39     metadata:
  40       {{- if .Values.appmgr.annotations }}
  41       annotations:
  42         {{- .Values.appmgr.annotations | nindent 8 -}}
  43       {{ end }}
  44       labels:
  45         app: {{ include "common.namespace.platform" . }}-{{ include "common.name.appmgr" . }}
  46         release: {{ .Release.Name }}
  47     spec:
  48       hostname: {{ include "common.name.appmgr" . }}
  49       serviceAccountName: {{ include "common.serviceaccountname.appmgr" . }}
  50       imagePullSecrets:
  51         {{- $newctx := dict "ctx" $topCtx "defaultregistry" .Values.appmgr.image.init.registry }}
  52         - name: {{ include "common.dockerregistry.credential" $newctx -}}
  53 {{- if or (eq ( include "common.tillerTLSVerify" $ctx ) "true" )  (eq ( include "common.tillerTLSAuthenticate" $ctx ) "true") }}
  54       initContainers:
  55         - name: {{ include "common.containername.appmgr" . }}-copy-tiller-secret
  56           {{- $newctx := dict "ctx" $topCtx "defaultregistry" .Values.appmgr.image.init.registry }}
  57           image: {{ include "common.dockerregistry.url" $newctx }}/{{ .Values.appmgr.image.init.name }}:{{ .Values.appmgr.image.init.tag }}
  58           {{- $newctx := dict "ctx" $topCtx "defaultpullpolicy" .Values.appmgr.imagePullPolicy }}
  59           imagePullPolicy: {{ include "common.dockerregistry.pullpolicy" $newctx }}
  60           env:
  61             - name: SVCACCT_NAME
  62               value: {{ include "common.serviceaccountname.appmgr" . }}
  63             - name: CLUSTER_NAME
  64               value: {{ default "kubernetes" .Values.appmgr.clusterName }}
  65             - name: KUBECONFIG
  66               value: /tmp/kubeconfig
  67             - name: K8S_API_HOST
  68               value: {{ default "https://kubernetes.default.svc.cluster.local/" .Values.common.k8sAPIHost }}
  69             - name: SECRET_NAMESPACE
  70               value: {{ include "common.tillerDeployNameSpace" $ctx }}
  71             - name: SECRET_NAME
  72               value: {{ include "common.tillerHelmClientTLSSecret" $ctx }}
  73           envFrom:
  74             - configMapRef:
  75                 name: {{ include "common.configmapname.appmgr" . }}-env
  76           command: ["/appmgr-tiller-secret-copier.sh"]
  77           volumeMounts:
  78             - name: helm-secret-volume
  79               mountPath: {{ $secretPath }}
  80               readOnly: false
  81             - name: appmgr-bin-volume
  82               mountPath: /svcacct-to-kubeconfig.sh
  83               subPath: svcacct-to-kubeconfig.sh
  84             - name: appmgr-bin-volume
  85               mountPath: /appmgr-tiller-secret-copier.sh
  86               subPath: appmgr-tiller-secret-copier.sh
  87 {{- end }}
  88       containers:
  89         - name: {{ include "common.containername.appmgr.chartmuseum" . }}
  90           {{- $newctx := dict "ctx" $topCtx "defaultregistry" .Values.appmgr.image.chartmuseum.registry }}
  91           image: {{ include "common.dockerregistry.url" $newctx }}/{{ .Values.appmgr.image.chartmuseum.name }}:{{ .Values.appmgr.image.chartmuseum.tag }}
  92           {{- $newctx := dict "ctx" $topCtx "defaultpullpolicy" .Values.appmgr.imagePullPolicy }}
  93           imagePullPolicy: {{ include "common.dockerregistry.pullpolicy" $newctx }}
  94           envFrom:
  95             - configMapRef:
  96                 name: {{ include "common.configmapname.appmgr" . }}-chartmuseum-env
  97           ports:
  98             - name: chartmuseum
  99               containerPort: {{ include "common.serviceport.appmgr.chartmuseum.http" . }}
 100               protocol: TCP
 101         - name: {{ include "common.containername.appmgr" . }}
 102           {{- $newctx := dict "ctx" $topCtx "defaultregistry" .Values.appmgr.image.appmgr.registry }}
 103           image: {{ include "common.dockerregistry.url" $newctx }}/{{ .Values.appmgr.image.appmgr.name }}:{{ .Values.appmgr.image.appmgr.tag }}
 104           {{- $newctx := dict "ctx" $topCtx "defaultpullpolicy" .Values.appmgr.imagePullPolicy }}
 105           imagePullPolicy: {{ include "common.dockerregistry.pullpolicy" $newctx }}
 106           ports:
 107             - name: http
 108               containerPort: {{ include "common.serviceport.appmgr.http" . }}
 109               protocol: TCP
 110             - name: rmrroute
 111               containerPort: {{ include "common.serviceport.appmgr.rmr.route" . }}
 112               protocol: TCP
 113             - name: rmrdata
 114               containerPort: {{ include "common.serviceport.appmgr.rmr.data" . }}
 115               protocol: TCP
 116           volumeMounts:
 117             - name: config-volume
 118               mountPath: {{ .Values.appmgr.appconfigpath }}/appmgr.yaml
 119               subPath: appmgr.yaml
 120             - name: helm-secret-volume
 121               mountPath: {{ $secretPath }}
 122               readOnly: false
 123             - name: secret-volume
 124               mountPath: {{ $secretPath }}/helm_repo_username
 125               subPath: helm_repo_username
 126             - name: secret-volume
 127               mountPath: {{ $secretPath }}/helm_repo_password
 128               subPath: helm_repo_password
 129           envFrom:
 130             - configMapRef:
 131                 name: {{ include "common.configmapname.appmgr" . }}-env
 132           livenessProbe:
 133             #exec:
 134             #  command:
 135             #    - /bin/bash
 136             #    - -c
 137             #    - ps -ef | grep {{ .Values.livenessprocessname }}| grep -v "grep"
 138             #initialDelaySeconds: 120
 139             #periodSeconds: 30
 140           readinessProbe:
 141           #  httpGet:
 142           #    path: /
 143           #    port: http
 144           restartPolicy: Always
 145           securityContext:
 146             # ubuntu
 147             #runAsUser: 1000
 148             #allowPrivilegeEscalation: false
 149       volumes:
 150         - name: config-volume
 151           configMap:
 152             name: {{ include "common.configmapname.appmgr" . }}-appconfig
 153         - name: secret-volume
 154           secret:
 155             secretName: {{ include "common.secretname.appmgr" . }}
 156         - name: helm-secret-volume
 157           emptyDir: {}
 158         - name: appmgr-bin-volume
 159           configMap:
 160             name: {{ include "common.configmapname.appmgr" . }}-bin
 161             defaultMode: 0755