X-Git-Url: https://gerrit.o-ran-sc.org/r/gitweb?a=blobdiff_plain;f=helm%2Finfrastructure%2Fsubcharts%2Fkong%2Ftemplates%2Fdeployment.yaml;fp=helm%2Finfrastructure%2Fsubcharts%2Fkong%2Ftemplates%2Fdeployment.yaml;h=9bcbab076b45229f3c9bf4c22da6428af8346a31;hb=38dc857062b14145f5b9db89d10eba0ae5b90d11;hp=0000000000000000000000000000000000000000;hpb=0c9bc21e8efc4c7205a46ef1456d1f08e65c56f2;p=ric-plt%2Fric-dep.git diff --git a/helm/infrastructure/subcharts/kong/templates/deployment.yaml b/helm/infrastructure/subcharts/kong/templates/deployment.yaml new file mode 100755 index 0000000..9bcbab0 --- /dev/null +++ b/helm/infrastructure/subcharts/kong/templates/deployment.yaml @@ -0,0 +1,281 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: "{{ template "kong.fullname" . }}" + labels: + app: "{{ template "kong.name" . }}" + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + component: app +spec: + replicas: {{ .Values.replicaCount }} + selector: + matchLabels: + app: {{ template "kong.name" . }} + release: {{ .Release.Name }} + component: app + {{- if .Values.updateStrategy }} + strategy: +{{ toYaml .Values.updateStrategy | indent 4 }} + {{- end }} + + template: + metadata: + annotations: + {{- if (and (not .Values.ingressController.enabled) (eq .Values.env.database "off" )) }} + {{- if .Values.dblessConfig.config }} + checksum/dbless.config: {{ toYaml .Values.dblessConfig.config | sha256sum }} + {{- end }} + {{- end }} + {{- if .Values.podAnnotations }} +{{ toYaml .Values.podAnnotations | indent 8 }} + {{- end }} + labels: + app: {{ template "kong.name" . }} + release: {{ .Release.Name }} + component: app + spec: + {{- if (and (.Values.ingressController.enabled) (eq .Values.env.database "off")) }} + serviceAccountName: {{ template "kong.serviceAccountName" . }} + {{ end }} + {{- if .Values.image.pullSecrets }} + imagePullSecrets: + {{- range .Values.image.pullSecrets }} + - name: {{ . }} + {{- end }} + {{- end }} + {{- if not (eq .Values.env.database "off") }} + initContainers: + {{- include "kong.wait-for-db" . | nindent 6 }} + {{ end }} + containers: + {{- if (and (.Values.ingressController.enabled) (eq .Values.env.database "off")) }} + {{- include "kong.controller-container" . | nindent 6 }} + {{ end }} + - name: {{ template "kong.name" . }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + env: + {{- if not .Values.env.admin_listen }} + {{- if .Values.admin.useTLS }} + - name: KONG_ADMIN_LISTEN + value: "0.0.0.0:{{ .Values.admin.containerPort }} ssl" + {{- else }} + - name: KONG_ADMIN_LISTEN + value: 0.0.0.0:{{ .Values.admin.containerPort }} + {{- end }} + {{- end }} + {{- if not .Values.env.proxy_listen }} + - name: KONG_PROXY_LISTEN + value: {{ template "kong.kongProxyListenValue" . }} + {{- end }} + {{- if and (not .Values.env.admin_gui_listen) (.Values.enterprise.enabled) }} + - name: KONG_ADMIN_GUI_LISTEN + value: {{ template "kong.kongManagerListenValue" . }} + {{- end }} + {{- if and (not .Values.env.portal_gui_listen) (.Values.enterprise.enabled) (.Values.enterprise.portal.enabled) }} + - name: KONG_PORTAL_GUI_LISTEN + value: {{ template "kong.kongPortalListenValue" . }} + {{- end }} + {{- if and (not .Values.env.portal_api_listen) (.Values.enterprise.enabled) (.Values.enterprise.portal.enabled) }} + - name: KONG_PORTAL_API_LISTEN + value: {{ template "kong.kongPortalApiListenValue" . }} + {{- end }} + - name: KONG_NGINX_DAEMON + value: "off" + {{- if .Values.enterprise.enabled }} + {{- if .Values.enterprise.vitals.enabled }} + - name: KONG_VITALS + value: "on" + {{- end }} + {{- if .Values.enterprise.portal.enabled }} + - name: KONG_PORTAL + value: "on" + {{- if .Values.enterprise.portal.portal_auth }} + - name: KONG_PORTAL_AUTH + value: {{ .Values.enterprise.portal.portal_auth }} + - name: KONG_PORTAL_SESSION_CONF + valueFrom: + secretKeyRef: + name: {{ .Values.enterprise.portal.session_conf_secret }} + key: portal_session_conf + {{- end }} + {{- end }} + {{- if .Values.enterprise.rbac.enabled }} + - name: KONG_ENFORCE_RBAC + value: "on" + - name: KONG_ADMIN_GUI_AUTH + value: {{ .Values.enterprise.rbac.admin_gui_auth | default "basic-auth" }} + - name: KONG_ADMIN_GUI_AUTH_CONF + value: '{{ toJson .Values.enterprise.rbac.admin_gui_auth_conf }}' + - name: KONG_ADMIN_GUI_SESSION_CONF + valueFrom: + secretKeyRef: + name: {{ .Values.enterprise.rbac.session_conf_secret }} + key: admin_gui_session_conf + {{- end }} + {{- if .Values.enterprise.smtp.enabled }} + - name: KONG_PORTAL_EMAILS_FROM + value: {{ .Values.enterprise.smtp.portal_emails_from }} + - name: KONG_PORTAL_EMAILS_REPLY_TO + value: {{ .Values.enterprise.smtp.portal_emails_reply_to }} + - name: KONG_ADMIN_EMAILS_FROM + value: {{ .Values.enterprise.smtp.admin_emails_from }} + - name: KONG_ADMIN_EMAILS_REPLY_TO + value: {{ .Values.enterprise.smtp.admin_emails_reply_to }} + - name: KONG_SMTP_HOST + value: {{ .Values.enterprise.smtp.smtp_host }} + - name: KONG_SMTP_PORT + value: {{ .Values.enterprise.smtp.smtp_port }} + - name: KONG_SMTP_STARTTLS + value: {{ .Values.enterprise.smtp.smtp_starttls }} + {{- if .Values.enterprise.smtp.auth.smtp_username }} + - name: KONG_SMTP_USERNAME + value: {{ .Values.enterprise.smtp.auth.smtp_username }} + - name: KONG_SMTP_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Values.enterprise.smtp.auth.smtp_password }} + key: smtp_password + {{- end }} + {{- else }} + - name: KONG_SMTP_MOCK + value: "on" + {{- end }} + {{- include "kong.license" . | nindent 8 }} + {{- end }} + - name: KONG_NGINX_HTTP_INCLUDE + value: /kong/servers.conf + {{- if .Values.postgresql.enabled }} + - name: KONG_PG_HOST + value: {{ template "kong.postgresql.fullname" . }} + - name: KONG_PG_PORT + value: "{{ .Values.postgresql.service.port }}" + - name: KONG_PG_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "kong.postgresql.fullname" . }} + key: postgresql-password + {{- end }} + {{- if .Values.cassandra.enabled }} + - name: KONG_CASSANDRA_CONTACT_POINTS + value: {{ template "kong.cassandra.fullname" . }} + {{- end }} + {{- if (and (not .Values.ingressController.enabled) (eq .Values.env.database "off")) }} + - name: KONG_DECLARATIVE_CONFIG + value: "/kong_dbless/kong.yml" + {{- end }} + {{- include "kong.env" . | indent 8 }} + ports: + - name: admin + containerPort: {{ .Values.admin.containerPort }} + {{- if .Values.admin.hostPort }} + hostPort: {{ .Values.admin.hostPort }} + {{- end}} + protocol: TCP + {{- if .Values.proxy.http.enabled }} + - name: proxy + containerPort: {{ .Values.proxy.http.containerPort }} + {{- if .Values.proxy.http.hostPort }} + hostPort: {{ .Values.proxy.http.hostPort }} + {{- end}} + protocol: TCP + {{- end }} + {{- if .Values.proxy.tls.enabled }} + - name: proxy-tls + containerPort: {{ .Values.proxy.tls.containerPort }} + {{- if .Values.proxy.tls.hostPort }} + hostPort: {{ .Values.proxy.tls.hostPort }} + {{- end}} + protocol: TCP + {{- end }} + - name: metrics + containerPort: 9542 + protocol: TCP + {{- if .Values.enterprise.enabled }} + {{- if .Values.manager.http.enabled }} + - name: manager + containerPort: {{ .Values.manager.http.containerPort }} + {{- if .Values.manager.http.hostPort }} + hostPort: {{ .Values.manager.http.hostPort }} + {{- end}} + protocol: TCP + {{- end }} + {{- if .Values.manager.tls.enabled }} + - name: manager-tls + containerPort: {{ .Values.manager.tls.containerPort }} + {{- if .Values.manager.tls.hostPort }} + hostPort: {{ .Values.manager.tls.hostPort }} + {{- end}} + protocol: TCP + {{- end }} + {{- if .Values.portal.http.enabled }} + - name: portal + containerPort: {{ .Values.portal.http.containerPort }} + {{- if .Values.portal.http.hostPort }} + hostPort: {{ .Values.portal.http.hostPort }} + {{- end}} + protocol: TCP + {{- end }} + {{- if .Values.portal.tls.enabled }} + - name: portal-tls + containerPort: {{ .Values.portal.tls.containerPort }} + {{- if .Values.portal.tls.hostPort }} + hostPort: {{ .Values.portal.tls.hostPort }} + {{- end}} + protocol: TCP + {{- end }} + {{- if .Values.portalapi.http.enabled }} + - name: portalapi + containerPort: {{ .Values.portalapi.http.containerPort }} + {{- if .Values.portalapi.http.hostPort }} + hostPort: {{ .Values.portalapi.http.hostPort }} + {{- end}} + protocol: TCP + {{- end }} + {{- if .Values.portalapi.tls.enabled }} + - name: portalapi-tls + containerPort: {{ .Values.portalapi.tls.containerPort }} + {{- if .Values.portalapi.tls.hostPort }} + hostPort: {{ .Values.portalapi.tls.hostPort }} + {{- end}} + protocol: TCP + {{- end }} + {{- end }} + volumeMounts: + - name: custom-nginx-template-volume + mountPath: /kong + {{- if (and (not .Values.ingressController.enabled) (eq .Values.env.database "off")) }} + - name: kong-custom-dbless-config-volume + mountPath: /kong_dbless/ + {{- end }} + readinessProbe: +{{ toYaml .Values.readinessProbe | indent 10 }} + livenessProbe: +{{ toYaml .Values.livenessProbe | indent 10 }} + resources: +{{ toYaml .Values.resources | indent 10 }} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 8 }} + {{- end }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 8 }} + {{- end }} + tolerations: +{{ toYaml .Values.tolerations | indent 8 }} + volumes: + - name: custom-nginx-template-volume + configMap: + name: {{ template "kong.fullname" . }}-default-custom-server-blocks +{{- if (and (not .Values.ingressController.enabled) (eq .Values.env.database "off")) }} + - name: kong-custom-dbless-config-volume + configMap: + {{- if .Values.dblessConfig.configMap }} + name: {{ .Values.dblessConfig.configMap }} + {{- else }} + name: {{ template "kong.dblessConfig.fullname" . }} + {{- end }} +{{- end }}