mirror of
https://github.com/Telecominfraproject/wlan-cloud-helm.git
synced 2026-03-20 19:39:08 +00:00
Compare commits
3 Commits
feature/up
...
WIFI-990-d
| Author | SHA1 | Date | |
|---|---|---|---|
|
86fbe7d12e | ||
|
|
0c6f53eb9e | ||
|
|
b5ff727d92 |
@@ -4,14 +4,17 @@
|
||||
*/}}
|
||||
|
||||
{{- define "container.dev.debugport" -}}
|
||||
{{- if .Values.debug.enabled }}
|
||||
{{- range $index, $portid := .Values.debugPorts }}
|
||||
- name: debugport-{{ $index }}
|
||||
containerPort: {{ $portid }}
|
||||
protocol: TCP
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end -}}
|
||||
|
||||
{{- define "service.dev.debugport" -}}
|
||||
{{- if .Values.debug.enabled }}
|
||||
{{- range $index, $portid := .Values.debugPorts }}
|
||||
- port: {{ $portid }}
|
||||
targetPort: {{ $portid }}
|
||||
@@ -21,4 +24,5 @@
|
||||
nodePort: {{ $portid }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end -}}
|
||||
@@ -27,43 +27,13 @@ spec:
|
||||
securityContext:
|
||||
{{- toYaml .Values.podSecurityContext | nindent 8 }}
|
||||
initContainers:
|
||||
- name: {{ include "common.name" . }}-mqtt-readiness
|
||||
image: eclipse-mosquitto:latest
|
||||
imagePullPolicy: {{ .Values.global.pullPolicy }}
|
||||
command:
|
||||
- sh
|
||||
- -c
|
||||
- |
|
||||
mosquitto_pub -h {{ $mqtt }} -p 1883 --cafile /certs/cacert.pem --cert /certs/clientcert.pem --key /certs/clientkey.pem --insecure -t "/ap/test" -q 0 -m "CheckingMQTTAliveness"
|
||||
status=$(echo $?)
|
||||
echo mosquitto_pub response of the request = $status
|
||||
counter=0
|
||||
while [ $counter -lt 10 ] && [ $status -ne 0 ]
|
||||
do
|
||||
echo {{ $mqtt }} service isnt ready. Tried $counter times
|
||||
sleep 2
|
||||
counter=`expr $counter + 1`
|
||||
mosquitto_pub -h {{ $mqtt }} -p 1883 --cafile /certs/cacert.pem --cert /certs/clientcert.pem --key /certs/clientkey.pem --insecure -t "/ap/test" -q 0 -m "CheckingMQTTAliveness"
|
||||
status=$(echo $?)
|
||||
echo mosquitto_pub response of the request = $status
|
||||
done
|
||||
if [ $status -eq 0 ]
|
||||
then
|
||||
echo {{ $mqtt }} service is ready!
|
||||
else
|
||||
echo {{ $mqtt }} service failed to respond after 20 secs
|
||||
exit 1
|
||||
fi
|
||||
volumeMounts:
|
||||
- mountPath: /certs/cacert.pem
|
||||
name: certificates
|
||||
subPath: cacert.pem
|
||||
- mountPath: /certs/clientcert.pem
|
||||
name: certificates
|
||||
subPath: clientcert.pem
|
||||
- mountPath: /certs/clientkey.pem
|
||||
name: certificates
|
||||
subPath: clientkey.pem
|
||||
- name: wait-for-services
|
||||
image: opsfleet/depends-on:latest
|
||||
args:
|
||||
- "-service={{ .Release.Name }}-opensync-mqtt-broker"
|
||||
- "-service={{ .Release.Name }}-wlan-prov-service"
|
||||
- "-service={{ .Release.Name }}-wlan-ssc-service"
|
||||
- -check_interval=5
|
||||
{{- if .Values.global.integratedDeployment }}
|
||||
- name: {{ include "common.name" . }}-readiness-int-cloud
|
||||
image: alpine
|
||||
@@ -85,65 +55,12 @@ spec:
|
||||
echo Http Response code of ping request = $status
|
||||
done
|
||||
if [ $status -eq 200 ]
|
||||
then
|
||||
echo ${url} service is ready!
|
||||
else
|
||||
echo ${url} service failed to respond after 50 secs
|
||||
exit 1
|
||||
fi
|
||||
{{- else }}
|
||||
- name: {{ include "common.name" . }}-readiness-prov
|
||||
image: alpine
|
||||
imagePullPolicy: {{ .Values.global.pullPolicy }}
|
||||
command:
|
||||
- sh
|
||||
- -c
|
||||
- |
|
||||
apk add curl
|
||||
url=https://{{ $prov }}/ping
|
||||
counter=0
|
||||
status=$(curl --insecure --head --location --connect-timeout 5 --write-out %{http_code} --silent --output /dev/null ${url});
|
||||
while [ $counter -lt 10 ] && [ $status -ne 200 ]
|
||||
do
|
||||
echo ${url} service isnt ready. Tried $counter times
|
||||
sleep 5
|
||||
counter=`expr $counter + 1`
|
||||
status=$(curl --insecure --head --location --connect-timeout 5 --write-out %{http_code} --silent --output /dev/null ${url});
|
||||
echo Http Response code of ping request = $status
|
||||
done
|
||||
if [ $status -eq 200 ]
|
||||
then
|
||||
echo ${url} service is ready!
|
||||
else
|
||||
echo ${url} service failed to respond after 50 secs
|
||||
exit 1
|
||||
fi
|
||||
- name: {{ include "common.name" . }}-readiness-ssc
|
||||
image: alpine
|
||||
imagePullPolicy: {{ .Values.global.pullPolicy }}
|
||||
command:
|
||||
- sh
|
||||
- -c
|
||||
- |
|
||||
apk add curl
|
||||
url=https://{{ $ssc }}/ping
|
||||
counter=0
|
||||
status=$(curl --insecure --head --location --connect-timeout 5 --write-out %{http_code} --silent --output /dev/null ${url});
|
||||
while [ $counter -lt 10 ] && [ $status -ne 200 ]
|
||||
do
|
||||
echo ${url} service isnt ready. Tried $counter times
|
||||
sleep 5
|
||||
counter=`expr $counter + 1`
|
||||
status=$(curl --insecure --head --location --connect-timeout 5 --write-out %{http_code} --silent --output /dev/null ${url});
|
||||
echo Http Response code of ping request = $status
|
||||
done
|
||||
if [ $status -eq 200 ]
|
||||
then
|
||||
echo ${url} service is ready!
|
||||
else
|
||||
echo ${url} service failed to respond after 50 secs
|
||||
exit 1
|
||||
fi
|
||||
{{- end }}
|
||||
containers:
|
||||
- name: {{ .Chart.Name }}
|
||||
|
||||
24
tip-wlan/charts/opensync-gw-cloud/templates/rbac.yaml
Normal file
24
tip-wlan/charts/opensync-gw-cloud/templates/rbac.yaml
Normal file
@@ -0,0 +1,24 @@
|
||||
---
|
||||
kind: Role
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
metadata:
|
||||
name: {{ include "common.fullname" . }}-depends-on
|
||||
namespace: {{ include "common.namespace" . }}
|
||||
rules:
|
||||
- apiGroups: ["batch", "apps", ""]
|
||||
resources: ["pods", "services", "jobs"]
|
||||
verbs: ["get", "list", "watch"]
|
||||
|
||||
---
|
||||
kind: RoleBinding
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
metadata:
|
||||
name: {{ include "common.fullname" . }}-depends-on
|
||||
namespace: {{ include "common.namespace" . }}
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: {{ include "common.serviceAccountName" . }}
|
||||
roleRef:
|
||||
kind: Role
|
||||
name: {{ include "common.fullname" . }}-depends-on
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
@@ -5,6 +5,10 @@ metadata:
|
||||
namespace: {{ include "common.namespace" . }}
|
||||
labels:
|
||||
{{- include "common.labels" . | nindent 4 }}
|
||||
{{- with .Values.service.annotations }}
|
||||
annotations:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
type: {{ .Values.service.type }}
|
||||
ports:
|
||||
@@ -12,28 +16,38 @@ spec:
|
||||
targetPort: {{ .Values.service.port1 }}
|
||||
protocol: TCP
|
||||
name: {{ .Values.service.name1 }}
|
||||
{{- if and .Values.service.nodePortStatic (eq .Values.service.type "NodePort") }}
|
||||
nodePort: {{ .Values.global.nodePortPrefix }}{{ .Values.service.nodePort1 }}
|
||||
{{- end }}
|
||||
- port: {{ .Values.service.port2 }}
|
||||
targetPort: {{ .Values.service.port2 }}
|
||||
protocol: TCP
|
||||
name: {{ .Values.service.name2 }}
|
||||
{{- if and .Values.service.nodePortStatic (eq .Values.service.type "NodePort") }}
|
||||
nodePort: {{ .Values.global.nodePortPrefix }}{{ .Values.service.nodePort2 }}
|
||||
{{- end }}
|
||||
- port: {{ .Values.service.port3 }}
|
||||
targetPort: {{ .Values.service.port3 }}
|
||||
protocol: TCP
|
||||
name: {{ .Values.service.name3 }}
|
||||
{{- if and .Values.service.nodePortStatic (eq .Values.service.type "NodePort") }}
|
||||
nodePort: {{ .Values.global.nodePortPrefix }}{{ .Values.service.nodePort3 }}
|
||||
{{- end }}
|
||||
- port: {{ .Values.service.port4 }}
|
||||
targetPort: {{ .Values.service.port4 }}
|
||||
protocol: TCP
|
||||
name: {{ .Values.service.name4 }}
|
||||
{{- if and .Values.service.nodePortStatic (eq .Values.service.type "NodePort") }}
|
||||
nodePort: {{ .Values.global.nodePortPrefix }}{{ .Values.service.nodePort4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.debug.enabled }}
|
||||
- port: {{ .Values.service.port5 }}
|
||||
targetPort: {{ .Values.service.port5 }}
|
||||
protocol: TCP
|
||||
name: {{ .Values.service.name5 }}
|
||||
{{- if and .Values.service.nodePortStatic (eq .Values.service.type "NodePort") }}
|
||||
nodePort: {{ .Values.global.nodePortPrefix }}{{ .Values.service.nodePort5 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
selector:
|
||||
{{- include "common.selectorLabels" . | nindent 4 }}
|
||||
|
||||
@@ -77,6 +77,8 @@ service:
|
||||
port5: 5005
|
||||
name5: debug
|
||||
nodePort5: 26
|
||||
annotations: {}
|
||||
nodePortStatic: true ## if true, nodePort ports are statically defined effectively prohibiting multiple deployments on the same cluster; if false, nodePort ports are chosen dynamically by k8s
|
||||
|
||||
persistence:
|
||||
enabled: false
|
||||
|
||||
@@ -5,6 +5,10 @@ metadata:
|
||||
namespace: {{ include "common.namespace" . }}
|
||||
labels:
|
||||
{{- include "common.labels" . | nindent 4 }}
|
||||
{{- with .Values.service.annotations }}
|
||||
annotations:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
type: {{ .Values.service.type }}
|
||||
ports:
|
||||
@@ -12,11 +16,15 @@ spec:
|
||||
targetPort: {{ .Values.service.port1 }}
|
||||
protocol: TCP
|
||||
name: {{ .Values.service.name1 }}
|
||||
{{- if and .Values.service.nodePortStatic (eq .Values.service.type "NodePort") }}
|
||||
nodePort: {{ .Values.global.nodePortPrefix }}{{ .Values.service.nodePort1 }}
|
||||
{{- end }}
|
||||
- port: {{ .Values.service.port2 }}
|
||||
targetPort: {{ .Values.service.port2 }}
|
||||
protocol: TCP
|
||||
name: {{ .Values.service.name2 }}
|
||||
{{- if and .Values.service.nodePortStatic (eq .Values.service.type "NodePort") }}
|
||||
nodePort: {{ .Values.global.nodePortPrefix }}{{ .Values.service.nodePort2 }}
|
||||
{{- end }}
|
||||
selector:
|
||||
{{- include "common.selectorLabels" . | nindent 4 }}
|
||||
|
||||
@@ -61,6 +61,8 @@ service:
|
||||
port2: 9001
|
||||
name2: debug
|
||||
nodePort2: 32
|
||||
annotations: {}
|
||||
nodePortStatic: true ## if true, nodePort ports are statically defined effectively prohibiting multiple deployments on the same cluster; if false, nodePort ports are chosen dynamically by k8s
|
||||
|
||||
ingress:
|
||||
enabled: false
|
||||
|
||||
@@ -32,6 +32,12 @@ spec:
|
||||
- host: {{ .host | quote }}
|
||||
http:
|
||||
paths:
|
||||
{{- if $.Values.ingress.lb_https_redirect }}
|
||||
- path: /*
|
||||
backend:
|
||||
serviceName: ssl-redirect
|
||||
servicePort: use-annotation
|
||||
{{- end }}
|
||||
{{- range .paths }}
|
||||
- path: {{ . }}
|
||||
backend:
|
||||
|
||||
@@ -12,6 +12,8 @@ spec:
|
||||
targetPort: {{ .Values.service.port }}
|
||||
protocol: TCP
|
||||
name: {{ .Values.service.name }}
|
||||
{{- if and .Values.service.nodePortStatic (eq .Values.service.type "NodePort") }}
|
||||
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
|
||||
{{- end }}
|
||||
selector:
|
||||
{{- include "common.selectorLabels" . | nindent 4 }}
|
||||
|
||||
@@ -51,9 +51,11 @@ service:
|
||||
port: 4000
|
||||
name: graphui
|
||||
nodePort: 23
|
||||
nodePortStatic: true ## if true, nodePort ports are statically defined effectively prohibiting multiple deployments on the same cluster; if false, nodePort ports are chosen dynamically by k8s
|
||||
|
||||
ingress:
|
||||
enabled: true
|
||||
lb_https_redirect: false ## if set to true, enables http->https redirect on cloud load balancer
|
||||
annotations: {}
|
||||
# kubernetes.io/ingress.class: nginx
|
||||
# kubernetes.io/tls-acme: "true"
|
||||
|
||||
@@ -32,6 +32,12 @@ spec:
|
||||
- host: {{ .host | quote }}
|
||||
http:
|
||||
paths:
|
||||
{{- if $.Values.ingress.lb_https_redirect }}
|
||||
- path: /*
|
||||
backend:
|
||||
serviceName: ssl-redirect
|
||||
servicePort: use-annotation
|
||||
{{- end }}
|
||||
{{- range .paths }}
|
||||
- path: {{ . }}
|
||||
backend:
|
||||
|
||||
@@ -5,6 +5,10 @@ metadata:
|
||||
namespace: {{ include "common.namespace" . }}
|
||||
labels:
|
||||
{{- include "common.labels" . | nindent 4 }}
|
||||
{{- with .Values.service.annotations }}
|
||||
annotations:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
type: {{ .Values.service.type }}
|
||||
ports:
|
||||
|
||||
@@ -50,6 +50,7 @@ service:
|
||||
|
||||
ingress:
|
||||
enabled: true
|
||||
lb_https_redirect: false ## if set to true, enables http->https redirect on cloud load balancer
|
||||
annotations: {}
|
||||
# kubernetes.io/ingress.class: nginx
|
||||
# kubernetes.io/tls-acme: "true"
|
||||
|
||||
@@ -12,14 +12,14 @@ spec:
|
||||
targetPort: {{ .Values.service.port1 }}
|
||||
protocol: TCP
|
||||
name: {{ .Values.service.name1 }}
|
||||
{{- if eq .Values.service.type "NodePort" }}
|
||||
{{- if and .Values.service.nodePortStatic (eq .Values.service.type "NodePort") }}
|
||||
nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{ .Values.service.nodePort1 }}
|
||||
{{- end }}
|
||||
- port: {{ .Values.service.port2 }}
|
||||
targetPort: {{ .Values.service.port2 }}
|
||||
protocol: TCP
|
||||
name: {{ .Values.service.name2 }}
|
||||
{{- if eq .Values.service.type "NodePort" }}
|
||||
{{- if and .Values.service.nodePortStatic (eq .Values.service.type "NodePort") }}
|
||||
nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{ .Values.service.nodePort2 }}
|
||||
{{- end }}
|
||||
{{- if .Values.debug.enabled }}
|
||||
@@ -27,7 +27,7 @@ spec:
|
||||
targetPort: {{ .Values.service.port3 }}
|
||||
protocol: TCP
|
||||
name: {{ .Values.service.name3 }}
|
||||
{{- if eq .Values.service.type "NodePort" }}
|
||||
{{- if and .Values.service.nodePortStatic (eq .Values.service.type "NodePort") }}
|
||||
nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{ .Values.service.nodePort3 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
@@ -78,6 +78,7 @@ service:
|
||||
port3: 5010
|
||||
name3: debug-appl
|
||||
nodePort3: '03'
|
||||
nodePortStatic: true ## if true, nodePort ports are statically defined effectively prohibiting multiple deployments on the same cluster; if false, nodePort ports are chosen dynamically by k8s
|
||||
|
||||
# The below ports are the ports that Java would choose as Local ports whenever it opens up
|
||||
# a developer session for debug.
|
||||
|
||||
@@ -32,6 +32,12 @@ spec:
|
||||
- host: {{ .host | quote }}
|
||||
http:
|
||||
paths:
|
||||
{{- if $.Values.ingress.lb_https_redirect }}
|
||||
- path: /*
|
||||
backend:
|
||||
serviceName: ssl-redirect
|
||||
servicePort: use-annotation
|
||||
{{- end }}
|
||||
{{- range .paths }}
|
||||
- path: {{ . }}
|
||||
backend:
|
||||
|
||||
@@ -5,6 +5,10 @@ metadata:
|
||||
namespace: {{ include "common.namespace" . }}
|
||||
labels:
|
||||
{{- include "common.labels" . | nindent 4 }}
|
||||
{{- with .Values.service.annotations }}
|
||||
annotations:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
type: {{ .Values.service.type }}
|
||||
ports:
|
||||
@@ -12,14 +16,14 @@ spec:
|
||||
targetPort: {{ .Values.service.port1 }}
|
||||
protocol: TCP
|
||||
name: {{ .Values.service.name1 }}
|
||||
{{- if eq .Values.service.type "NodePort" }}
|
||||
{{- if and .Values.service.nodePortStatic (eq .Values.service.type "NodePort") }}
|
||||
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort1 }}
|
||||
{{- end }}
|
||||
- port: {{ .Values.service.port2 }}
|
||||
targetPort: {{ .Values.service.port2 }}
|
||||
protocol: TCP
|
||||
name: {{ .Values.service.name2 }}
|
||||
{{- if eq .Values.service.type "NodePort" }}
|
||||
{{- if and .Values.service.nodePortStatic (eq .Values.service.type "NodePort") }}
|
||||
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }}
|
||||
{{- end }}
|
||||
{{- if .Values.debug.enabled }}
|
||||
@@ -27,7 +31,7 @@ spec:
|
||||
targetPort: {{ .Values.service.port3 }}
|
||||
protocol: TCP
|
||||
name: {{ .Values.service.name3 }}
|
||||
{{- if eq .Values.service.type "NodePort" }}
|
||||
{{- if and .Values.service.nodePortStatic (eq .Values.service.type "NodePort") }}
|
||||
nodePort: {{ .Values.global.nodePortPrefix }}{{ .Values.service.nodePort3 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
@@ -74,10 +74,12 @@ service:
|
||||
nodePort2: 52
|
||||
port3: 5006
|
||||
name3: debug
|
||||
nodePort3: 15
|
||||
nodePort3: 15
|
||||
nodePortStatic: true ## if true, nodePort ports are statically defined effectively prohibiting multiple deployments on the same cluster; if false, nodePort ports are chosen dynamically by k8s
|
||||
|
||||
ingress:
|
||||
enabled: false
|
||||
lb_https_redirect: false ## if set to true, enables http->https redirect on cloud load balancer
|
||||
annotations: {}
|
||||
# kubernetes.io/ingress.class: nginx
|
||||
# kubernetes.io/tls-acme: "true"
|
||||
|
||||
@@ -23,10 +23,11 @@ spec:
|
||||
securityContext:
|
||||
{{- toYaml .Values.podSecurityContext | nindent 8 }}
|
||||
initContainers:
|
||||
- name: {{ include "common.name" . }}-readiness
|
||||
image: busybox:1.28
|
||||
imagePullPolicy: {{ .Values.global.pullPolicy }}
|
||||
command: ['sh', '-c', "until nslookup {{ $pg }}.{{ $ns }}.svc.cluster.local; do echo waiting for POSTGRES; sleep 2; done"]
|
||||
- name: wait-for-services
|
||||
image: opsfleet/depends-on:latest
|
||||
args:
|
||||
- "-service={{ .Release.Name }}-postgresql"
|
||||
- -check_interval=5
|
||||
- name: {{ include "common.name" . }}-create-db-schema
|
||||
env:
|
||||
- name: POSTGRESQL_PORT_NUMBER
|
||||
|
||||
24
tip-wlan/charts/wlan-prov-service/templates/rbac.yaml
Normal file
24
tip-wlan/charts/wlan-prov-service/templates/rbac.yaml
Normal file
@@ -0,0 +1,24 @@
|
||||
---
|
||||
kind: Role
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
metadata:
|
||||
name: {{ include "common.fullname" . }}-depends-on
|
||||
namespace: {{ include "common.namespace" . }}
|
||||
rules:
|
||||
- apiGroups: ["batch", "apps", ""]
|
||||
resources: ["pods", "services", "jobs"]
|
||||
verbs: ["get", "list", "watch"]
|
||||
|
||||
---
|
||||
kind: RoleBinding
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
metadata:
|
||||
name: {{ include "common.fullname" . }}-depends-on
|
||||
namespace: {{ include "common.namespace" . }}
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: {{ include "common.serviceAccountName" . }}
|
||||
roleRef:
|
||||
kind: Role
|
||||
name: {{ include "common.fullname" . }}-depends-on
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
@@ -12,14 +12,14 @@ spec:
|
||||
targetPort: {{ .Values.service.port1 }}
|
||||
protocol: TCP
|
||||
name: {{ .Values.service.name1 }}
|
||||
{{- if eq .Values.service.type "NodePort" }}
|
||||
{{- if and .Values.service.nodePortStatic (eq .Values.service.type "NodePort") }}
|
||||
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort1 }}
|
||||
{{- end }}
|
||||
- port: {{ .Values.service.port2 }}
|
||||
targetPort: {{ .Values.service.port2 }}
|
||||
protocol: TCP
|
||||
name: {{ .Values.service.name2 }}
|
||||
{{- if eq .Values.service.type "NodePort" }}
|
||||
{{- if and .Values.service.nodePortStatic (eq .Values.service.type "NodePort") }}
|
||||
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }}
|
||||
{{- end }}
|
||||
{{- if .Values.debug.enabled }}
|
||||
@@ -27,7 +27,7 @@ spec:
|
||||
targetPort: {{ .Values.service.port3 }}
|
||||
protocol: TCP
|
||||
name: {{ .Values.service.name3 }}
|
||||
{{- if eq .Values.service.type "NodePort" }}
|
||||
{{- if and .Values.service.nodePortStatic (eq .Values.service.type "NodePort") }}
|
||||
nodePort: {{ .Values.global.nodePortPrefix }}{{ .Values.service.nodePort3 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
@@ -86,6 +86,7 @@ service:
|
||||
name2: secondary-port
|
||||
port3: 5007
|
||||
name3: debug
|
||||
nodePortStatic: true ## if true, nodePort ports are statically defined effectively prohibiting multiple deployments on the same cluster; if false, nodePort ports are chosen dynamically by k8s
|
||||
|
||||
ingress:
|
||||
enabled: false
|
||||
|
||||
@@ -23,10 +23,11 @@ spec:
|
||||
securityContext:
|
||||
{{- toYaml .Values.podSecurityContext | nindent 8 }}
|
||||
initContainers:
|
||||
- name: {{ include "common.name" . }}-readiness
|
||||
image: busybox:1.28
|
||||
imagePullPolicy: {{ .Values.global.pullPolicy }}
|
||||
command: ['sh', '-c', "until nslookup {{ $kafka }}.{{ $ns }}.svc.cluster.local; do echo waiting for Kafka; sleep 2; done"]
|
||||
- name: wait-for-services
|
||||
image: opsfleet/depends-on:latest
|
||||
args:
|
||||
- "-service={{ .Release.Name }}-kafka-headless"
|
||||
- -check_interval=5
|
||||
containers:
|
||||
- name: {{ .Chart.Name }}
|
||||
securityContext:
|
||||
|
||||
24
tip-wlan/charts/wlan-spc-service/templates/rbac.yaml
Normal file
24
tip-wlan/charts/wlan-spc-service/templates/rbac.yaml
Normal file
@@ -0,0 +1,24 @@
|
||||
---
|
||||
kind: Role
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
metadata:
|
||||
name: {{ include "common.fullname" . }}-depends-on
|
||||
namespace: {{ include "common.namespace" . }}
|
||||
rules:
|
||||
- apiGroups: ["batch", "apps", ""]
|
||||
resources: ["pods", "services", "jobs"]
|
||||
verbs: ["get", "list", "watch"]
|
||||
|
||||
---
|
||||
kind: RoleBinding
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
metadata:
|
||||
name: {{ include "common.fullname" . }}-depends-on
|
||||
namespace: {{ include "common.namespace" . }}
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: {{ include "common.serviceAccountName" . }}
|
||||
roleRef:
|
||||
kind: Role
|
||||
name: {{ include "common.fullname" . }}-depends-on
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
@@ -12,14 +12,14 @@ spec:
|
||||
targetPort: {{ .Values.service.port1 }}
|
||||
protocol: TCP
|
||||
name: {{ .Values.service.name1 }}
|
||||
{{- if eq .Values.service.type "NodePort" }}
|
||||
{{- if and .Values.service.nodePortStatic (eq .Values.service.type "NodePort") }}
|
||||
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort1 }}
|
||||
{{- end }}
|
||||
- port: {{ .Values.service.port2 }}
|
||||
targetPort: {{ .Values.service.port2 }}
|
||||
protocol: TCP
|
||||
name: {{ .Values.service.name2 }}
|
||||
{{- if eq .Values.service.type "NodePort" }}
|
||||
{{- if and .Values.service.nodePortStatic (eq .Values.service.type "NodePort") }}
|
||||
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }}
|
||||
{{- end }}
|
||||
{{- if .Values.debug.enabled }}
|
||||
@@ -27,7 +27,7 @@ spec:
|
||||
targetPort: {{ .Values.service.port3 }}
|
||||
protocol: TCP
|
||||
name: {{ .Values.service.name3 }}
|
||||
{{- if eq .Values.service.type "NodePort" }}
|
||||
{{- if and .Values.service.nodePortStatic (eq .Values.service.type "NodePort") }}
|
||||
nodePort: {{ .Values.global.nodePortPrefix }}{{ .Values.service.nodePort3 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
@@ -70,6 +70,7 @@ service:
|
||||
name2: secondary-port
|
||||
port3: 5009
|
||||
name3: debug
|
||||
nodePortStatic: true ## if true, nodePort ports are statically defined effectively prohibiting multiple deployments on the same cluster; if false, nodePort ports are chosen dynamically by k8s
|
||||
|
||||
ingress:
|
||||
enabled: false
|
||||
|
||||
@@ -24,14 +24,12 @@ spec:
|
||||
securityContext:
|
||||
{{- toYaml .Values.podSecurityContext | nindent 8 }}
|
||||
initContainers:
|
||||
- name: {{ include "common.name" . }}-kafka-readiness
|
||||
image: busybox:1.28
|
||||
imagePullPolicy: {{ .Values.global.pullPolicy }}
|
||||
command: ['sh', '-c', "until nslookup {{ $kafka }}.{{ $ns }}.svc.cluster.local; do echo waiting for Kafka; sleep 2; done"]
|
||||
- name: {{ include "common.name" . }}-cassandra-readiness
|
||||
image: busybox:1.28
|
||||
imagePullPolicy: {{ .Values.global.pullPolicy }}
|
||||
command: ['sh', '-c', "until nslookup {{ $cassandra }}.{{ $ns }}.svc.cluster.local; do echo waiting for Cassandra; sleep 2; done"]
|
||||
- name: wait-for-services
|
||||
image: opsfleet/depends-on:latest
|
||||
args:
|
||||
- "-service={{ .Release.Name }}-kafka-headless"
|
||||
- "-service={{ .Release.Name }}-cassandra"
|
||||
- -check_interval=5
|
||||
- name: {{ include "common.name" . }}-create-db-schema-cassandra
|
||||
env:
|
||||
- name: CASSANDRA_PORT_NUMBER
|
||||
@@ -218,7 +216,7 @@ spec:
|
||||
- name: {{ .Values.service.name3 }}
|
||||
containerPort: {{ .Values.service.port3 }}
|
||||
protocol: TCP
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
resources:
|
||||
{{- toYaml .Values.resources | nindent 12 }}
|
||||
{{- with .Values.nodeSelector }}
|
||||
|
||||
24
tip-wlan/charts/wlan-ssc-service/templates/rbac.yaml
Normal file
24
tip-wlan/charts/wlan-ssc-service/templates/rbac.yaml
Normal file
@@ -0,0 +1,24 @@
|
||||
---
|
||||
kind: Role
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
metadata:
|
||||
name: {{ include "common.fullname" . }}-depends-on
|
||||
namespace: {{ include "common.namespace" . }}
|
||||
rules:
|
||||
- apiGroups: ["batch", "apps", ""]
|
||||
resources: ["pods", "services", "jobs"]
|
||||
verbs: ["get", "list", "watch"]
|
||||
|
||||
---
|
||||
kind: RoleBinding
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
metadata:
|
||||
name: {{ include "common.fullname" . }}-depends-on
|
||||
namespace: {{ include "common.namespace" . }}
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: {{ include "common.serviceAccountName" . }}
|
||||
roleRef:
|
||||
kind: Role
|
||||
name: {{ include "common.fullname" . }}-depends-on
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
@@ -12,14 +12,14 @@ spec:
|
||||
targetPort: {{ .Values.service.port1 }}
|
||||
protocol: TCP
|
||||
name: {{ .Values.service.name1 }}
|
||||
{{- if eq .Values.service.type "NodePort" }}
|
||||
{{- if and .Values.service.nodePortStatic (eq .Values.service.type "NodePort") }}
|
||||
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort1 }}
|
||||
{{- end }}
|
||||
- port: {{ .Values.service.port2 }}
|
||||
targetPort: {{ .Values.service.port2 }}
|
||||
protocol: TCP
|
||||
name: {{ .Values.service.name2 }}
|
||||
{{- if eq .Values.service.type "NodePort" }}
|
||||
{{- if and .Values.service.nodePortStatic (eq .Values.service.type "NodePort") }}
|
||||
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }}
|
||||
{{- end }}
|
||||
{{- if .Values.debug.enabled }}
|
||||
@@ -27,7 +27,7 @@ spec:
|
||||
targetPort: {{ .Values.service.port3 }}
|
||||
protocol: TCP
|
||||
name: {{ .Values.service.name3 }}
|
||||
{{- if eq .Values.service.type "NodePort" }}
|
||||
{{- if and .Values.service.nodePortStatic (eq .Values.service.type "NodePort") }}
|
||||
nodePort: {{ .Values.global.nodePortPrefix }}{{ .Values.service.nodePort3 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
@@ -70,6 +70,7 @@ service:
|
||||
name2: secondary-port
|
||||
port3: 5008
|
||||
name3: debug
|
||||
nodePortStatic: true ## if true, nodePort ports are statically defined effectively prohibiting multiple deployments on the same cluster; if false, nodePort ports are chosen dynamically by k8s
|
||||
|
||||
ingress:
|
||||
enabled: false
|
||||
|
||||
Reference in New Issue
Block a user