installers/helm/osm/templates/keystone/keystone-deployment.yaml

   1 {{- if .Values.keystone.enabled -}}
   2 #######################################################################################
   3 # Copyright ETSI Contributors and Others.
   4 #
   5 # Licensed under the Apache License, Version 2.0 (the "License");
   6 # you may not use this file except in compliance with the License.
   7 # You may obtain a copy of the License at
   8 #
   9 #    http://www.apache.org/licenses/LICENSE-2.0
  10 #
  11 # Unless required by applicable law or agreed to in writing, software
  12 # distributed under the License is distributed on an "AS IS" BASIS,
  13 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
  14 # implied.
  15 # See the License for the specific language governing permissions and
  16 # limitations under the License.
  17 #######################################################################################
  18 apiVersion: apps/v1
  19 kind: Deployment
  20 metadata:
  21   name: keystone
  22   labels:
  23     {{- include "osm.labels" . | nindent 4 }}
  24 spec:
  25   replicas: {{ .Values.keystone.replicaCount | default .Values.global.replicaCount }}
  26   selector:
  27     matchLabels:
  28       app.kubernetes.io/component: keystone
  29       {{- include "osm.selectorLabels" . | nindent 6 }}
  30   template:
  31     metadata:
  32       {{- with .Values.global.podAnnotations }}
  33       annotations:
  34         {{- toYaml . | nindent 8 }}
  35       {{- end }}
  36       labels:
  37         app.kubernetes.io/component: keystone
  38         {{- include "osm.selectorLabels" . | nindent 8 }}
  39     spec:
  40       {{- with .Values.global.imagePullSecrets }}
  41       imagePullSecrets:
  42         {{- toYaml . | nindent 8 }}
  43       {{- end }}
  44       serviceAccountName: {{ include "osm.serviceAccountName" . }}
  45       securityContext:
  46         {{- toYaml .Values.global.podSecurityContext | nindent 8 }}
  47       containers:
  48         - name: keystone
  49           securityContext:
  50             # readOnlyRootFilesystem: true
  51             allowPrivilegeEscalation: false
  52             runAsNonRoot: true
  53             {{- toYaml .Values.global.securityContext | nindent 12 }}
  54           image: {{ include "osm.keystone.image" . }}
  55           imagePullPolicy: {{ .Values.global.image.pullPolicy }}
  56           ports:
  57             - containerPort: 5000
  58               protocol: TCP
  59           resources:
  60             limits:
  61               memory: 1024Mi
  62             requests:
  63               memory: 128Mi
  64           envFrom:
  65             - configMapRef:
  66                 name: {{ include "osm.fullname" . }}-keystone-configmap
  67           {{- if not .Values.keystone.useOsmSecret }}
  68             - secretRef:
  69                 name: {{ .Values.keystone.secretName | default "keystone-secret" }}
  70           {{- else }}
  71           env:
  72             - name: ROOT_DB_PASSWORD
  73               valueFrom:
  74                 secretKeyRef:
  75                   name: mysql
  76                   key: mysql-root-password
  77             - name: KEYSTONE_DB_PASSWORD
  78               valueFrom:
  79                 secretKeyRef:
  80                   name: {{ include "osm.fullname" . }}-secret
  81                   key: OSM_KEYSTONE_DB_PASSWORD
  82             - name: SERVICE_PASSWORD
  83               valueFrom:
  84                 secretKeyRef:
  85                   name: {{ include "osm.fullname" . }}-secret
  86                   key: OSM_SERVICE_PASSWORD
  87           {{- end }}
  88       {{- with .Values.global.nodeSelector }}
  89       nodeSelector:
  90         {{- toYaml . | nindent 8 }}
  91       {{- end }}
  92       {{- with .Values.global.affinity }}
  93       affinity:
  94         {{- toYaml . | nindent 8 }}
  95       {{- end }}
  96       {{- with .Values.global.tolerations }}
  97       tolerations:
  98         {{- toYaml . | nindent 8 }}
  99       {{- end }}
 100 {{- end }}