X-Git-Url: https://gerrit.o-ran-sc.org/r/gitweb?p=it%2Fotf.git;a=blobdiff_plain;f=otf-camunda%2Fhelm%2Fotf-camunda%2Ftemplates%2Fdeployment.yaml;fp=otf-camunda%2Fhelm%2Fotf-camunda%2Ftemplates%2Fdeployment.yaml;h=89f751ea7ec4caa6b2d0cc15e42ed082107d4045;hp=0000000000000000000000000000000000000000;hb=14f6f95c84a4a1fa8774190db4a03fd0214ec55f;hpb=f49bd1efeaaddd4891c1f329b18d8cfb28b3e75b diff --git a/otf-camunda/helm/otf-camunda/templates/deployment.yaml b/otf-camunda/helm/otf-camunda/templates/deployment.yaml new file mode 100644 index 0000000..89f751e --- /dev/null +++ b/otf-camunda/helm/otf-camunda/templates/deployment.yaml @@ -0,0 +1,314 @@ +apiVersion: apps/v1beta1 +kind: StatefulSet +metadata: + name: {{ .Values.appName}}-{{ .Values.env }} + namespace: {{.Values.namespace}} + labels: + app: {{ .Values.appName}} + version: {{.Values.version}} +spec: + revisionHistoryLimit: 1 + minReadySeconds: 10 + strategy: + # indicate which strategy we want for rolling update + type: RollingUpdate + rollingUpdate: + maxSurge: 3 + maxUnavailable: 1 + replicas: {{ .Values.replicas}} + selector: + matchLabels: + app: {{ .Values.appName}} + version: {{.Values.version}} + template: + metadata: + labels: + app: {{ .Values.appName}} + version: {{.Values.version}} + spec: + serviceAccount: default + volumes: + - name: {{ .Values.appName}}-aaf-volume + secret: + secretName: {{.Values.sharedSecret}} + - name: {{ .Values.appName}}-keyfile-volume + secret: + secretName: {{.Values.sharedSecret}} + optional: true + items: + - key: cadi_keyfile + path: keyfile + - name: {{ .Values.appName}}-cert-volume + secret: + secretName: {{.Values.sharedCert}} + optional: true + items: + - key: PKCS12_CERT + {{if or (eq .Values.env "prod") (eq .Values.env "prod-dr")}} + path: {{ .Values.cert.prod.name | quote }} + {{ else if eq .Values.env "st" }} + path: {{ .Values.cert.st.name | quote }} + {{ else }} + path: {{ .Values.cert.dev.name | quote }} + {{ end }} + - key: private_key + path: {{ .Values.Secret.privateKey.name }} + - name: {{.Values.appName}}-config-volume + configMap: + name: {{.Values.appName}}-config + items: + - key: router_config + path: config.ini + {{ if or (eq .Values.env "st") (eq .Values.env "prod-dr")}} + {{else}} + - name: logging-pvc + persistentVolumeClaim: + {{if eq .Values.env "prod"}} + claimName: {{ .Values.pvc.prod | quote }} + {{ else }} + claimName: {{ .Values.pvc.dev | quote }} + {{ end }} + {{end}} + containers: + - name: mysql-router + image: {{ .Values.otf.camunda.router.image }} + imagePullPolicy: Always + ports: + - name: http + containerPort: {{ .Values.otf.camunda.router.port }} + protocol: TCP + {{ if eq .Values.env "st"}} + resources: + limits: + memory: "1Gi" + cpu: "500m" + requests: + memory: "512Mi" + cpu: "100m" + {{else}} + resources: + limits: + memory: "4Gi" + cpu: "2" + requests: + memory: "2Gi" + cpu: "1" + {{end}} + args: ["--config=/opt/config/config.ini"] + lifecycle: + preStop: + exec: + command: ["/bin/sh", "-c", {{ "sleep 0" | replace "0" (.Values.terminationGracePeriodSeconds | toString) | quote}} ] + volumeMounts: + - name: {{.Values.appName}}-config-volume + mountPath: /opt/config + - name: {{ .Values.appName}} + image: {{ .Values.image}} + imagePullPolicy: Always + ports: + - name: http + containerPort: {{ .Values.otf.camunda.tcu.port }} + nodePort: {{.Values.nodePort}} + protocol: TCP + {{ if eq .Values.env "st"}} + resources: + limits: + memory: "6Gi" + cpu: "2.8" + requests: + memory: "2Gi" + cpu: "1.5" + {{else}} + resources: + limits: + memory: "10Gi" + cpu: "6" + requests: + memory: "4Gi" + cpu: "2" + {{end}} + env: + - name: ENV + {{if or (eq .Values.env "prod") (eq .Values.env "prod-dr")}} + value: "production" + {{ else if eq .Values.env "st" }} + value: "system_test" + {{ else }} + value: "development" + {{ end }} + - name: NAMESPACE + value: {{.Values.namespace}} + - name: APP_NAME + value: {{ .Values.appName}} + - name: EXECUTORS_ACTIVE + {{if eq .Values.env "prod"}} + value: {{ .Values.otf.camunda.executors_active.prod | quote }} + {{else if eq .Values.env "prod-dr"}} + value: {{ .Values.otf.camunda.executors_active.prod_dr | quote }} + {{else if eq .Values.env "st"}} + value: {{ .Values.otf.camunda.executors_active.st | quote }} + {{ else }} + value: {{ .Values.otf.camunda.executors_active.dev | quote }} + {{ end }} + - name: OTF_MONGO_USERNAME + valueFrom: + secretKeyRef: + name: {{ .Values.appName}} + key: mongo_username + optional: true + - name: OTF_MONGO_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Values.appName}} + key: mongo_password + optional: true + - name: OTF_MONGO_HOSTS + {{if or (eq .Values.env "prod") (eq .Values.env "prod-dr")}} + value: {{ .Values.otf.mongo.prod.host | quote }} + {{ else if eq .Values.env "st" }} + value: {{ .Values.otf.mongo.st.host | quote }} + {{ else }} + value: {{.Values.otf.mongo.dev.host | quote }} + {{ end }} + - name: OTF_MONGO_REPLICASET + {{if or (eq .Values.env "prod") (eq .Values.env "prod-dr")}} + value: {{ .Values.otf.mongo.prod.replicaSet | quote }} + {{ else if eq .Values.env "st"}} + value: {{ .Values.otf.mongo.st.replicaSet | quote }} + {{ else }} + value: {{ .Values.otf.mongo.dev.replicaSet | quote }} + {{ end }} + - name: OTF_MONGO_DATABASE + {{if or (eq .Values.env "prod") (eq .Values.env "prod-dr")}} + value: {{ .Values.otf.mongo.prod.database | quote }} + {{else if eq .Values.env "st"}} + value: {{ .Values.otf.mongo.st.database | quote }} + {{ else }} + value: {{ .Values.otf.mongo.dev.database | quote }} + {{ end }} + - name: OTF_CAMUNDA_DB_URL + {{if or (eq .Values.env "prod") (eq .Values.env "prod-dr")}} + value: {{ .Values.otf.camunda.db.prod.url}} + {{else if eq .Values.env "st"}} + value: {{ .Values.otf.camunda.db.st.url}} + {{ else }} + value: {{ .Values.otf.camunda.db.dev.url}} + {{ end }} + - name: OTF_CAMUNDA_DB_USERNAME + valueFrom: + secretKeyRef: + name: {{ .Values.appName}} + key: camunda_db_username + optional: true + - name: OTF_CAMUNDA_DB_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Values.appName}} + key: camunda_db_password + optional: true + - name: AAF_PERM_TYPE + {{if or (eq .Values.env "prod") (eq .Values.env "prod-dr")}} + value: {{ .Values.aafPermType.prod | quote }} + {{ else if eq .Values.env "st"}} + value: {{ .Values.aafPermType.st | quote }} + {{ else }} + value: {{ .Values.aafPermType.dev | quote }} + {{ end }} + - name: CADI_HOSTNAME + {{if eq .Values.env "prod"}} + value: {{ .Values.cadiHostname.prod | quote }} + {{else if eq .Values.env "prod-dr"}} + value: {{ .Values.cadiHostname.prod_dr | quote }} + {{else if eq .Values.env "st"}} + value: {{ .Values.cadiHostname.st | quote }} + {{ else }} + value: {{ .Values.cadiHostname.dev | quote }} + {{ end }} + - name: AAF_ID + valueFrom: + secretKeyRef: + name: {{ .Values.sharedSecret}} + key: aaf_id + optional: true + - name: AAF_MECH_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Values.sharedSecret}} + key: aaf_mech_password + optional: true + - name: AAF_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Values.sharedSecret}} + key: aaf_password + optional: true + - name: CADI_KEYFILE + valueFrom: + secretKeyRef: + name: {{ .Values.sharedSecret}} + key: keyfile_secret_path + optional: true + - name: OTF_CERT_PATH + {{if or (eq .Values.env "prod") (eq .Values.env "prod-dr")}} + value: {{ .Values.cert.prod.path | quote }} + {{ else if eq .Values.env "st" }} + value: {{ .Values.cert.st.path | quote }} + {{ else }} + value: {{ .Values.cert.dev.path | quote }} + {{ end }} + - name: OTF_CERT_PASS + valueFrom: + secretKeyRef: + name: {{ .Values.sharedCert}} + key: PKCS12_KEY + optional: true + - name: APP_VERSION + value: {{.Values.version}} + - name: PRIVATE_KEY + value: {{ .Values.Secret.privateKey.path }} + - name: PRIVATE_KEY_USERNAME + valueFrom: + secretKeyRef: + name: {{.Values.sharedCert}} + key: private_key_username + optional: true + - name: PRIVATE_KEY_PASSPHRASE + valueFrom: + secretKeyRef: + name: {{.Values.sharedCert}} + key: private_key_passphrase + optional: true + volumeMounts: + - name: {{.Values.appName}}-keyfile-volume + mountPath: /opt/secret + - name: {{.Values.appName}}-cert-volume + mountPath: /opt/cert + {{ if or (eq .Values.env "st") (eq .Values.env "prod-dr")}} + {{else}} + - name: logging-pvc + mountPath: "/otf/logs" + {{end}} + livenessProbe: + httpGet: + path: /otf/health/v1 + port: http + scheme: HTTPS + httpHeaders: + - name: X-Custom-Header + value: Alive + initialDelaySeconds: 30 + timeoutSeconds: 30 + periodSeconds: 30 + readinessProbe: + httpGet: + path: /otf/health/v1 + port: http + scheme: HTTPS + httpHeaders: + - name: X-Custom-Header + value: Ready + initialDelaySeconds: 30 + timeoutSeconds: 30 + periodSeconds: 30 + restartPolicy: Always + terminationGracePeriodSeconds: {{ .Values.terminationGracePeriodSeconds}}