Migrate ott-services to member-only
Change-Id: Ia9e849e60143e9394605c5a7ec528486ea86de8e
diff --git a/aether-apps/ott-services/cdn-local/templates/_helpers.tpl b/aether-apps/ott-services/cdn-local/templates/_helpers.tpl
new file mode 100644
index 0000000..fc1894f
--- /dev/null
+++ b/aether-apps/ott-services/cdn-local/templates/_helpers.tpl
@@ -0,0 +1,95 @@
+{{- /*
+Copyright 2019-present Open Networking Foundation
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/ -}}
+
+{{/*
+Renders a set of standardised labels
+*/}}
+{{- define "cdn-local.metadata_labels" -}}
+{{- $application := index . 0 -}}
+{{- $context := index . 1 -}}
+release: {{ $context.Release.Name }}
+app: {{ $application }}
+{{- end -}}
+
+{{/*
+Render the given template.
+*/}}
+{{- define "cdn-local.template" -}}
+{{- $name := index . 0 -}}
+{{- $context := index . 1 -}}
+{{- $last := base $context.Template.Name }}
+{{- $wtf := $context.Template.Name | replace $last $name -}}
+{{ include $wtf $context }}
+{{- end -}}
+
+{{/*
+Render ServiceAccount, Role, and RoleBinding required for kubernetes-entrypoint.
+*/}}
+{{- define "cdn-local.service_account" -}}
+{{- $saName := index . 0 -}}
+{{- $context := index . 1 -}}
+{{- $saNamespace := $context.Release.Namespace }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: {{ $saName }}
+ namespace: {{ $saNamespace }}
+ labels:
+{{ tuple $saName $context | include "cdn-local.metadata_labels" | indent 4 }}
+---
+apiVersion: rbac.authorization.k8s.io/v1beta1
+kind: RoleBinding
+metadata:
+ name: {{ $saName }}
+ namespace: {{ $saNamespace }}
+ labels:
+{{ tuple $saName $context | include "cdn-local.metadata_labels" | indent 4 }}
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: Role
+ name: {{ $saName }}
+subjects:
+ - kind: ServiceAccount
+ name: {{ $saName }}
+ namespace: {{ $saNamespace }}
+---
+apiVersion: rbac.authorization.k8s.io/v1beta1
+kind: Role
+metadata:
+ name: {{ $saName }}
+ namespace: {{ $saNamespace }}
+ labels:
+{{ tuple $saName $context | include "cdn-local.metadata_labels" | indent 4 }}
+rules:
+ - apiGroups:
+ - ""
+ - extensions
+ - batch
+ - apps
+ verbs:
+ - get
+ - list
+ - patch
+ resources:
+ - statefulsets
+ - daemonsets
+ - jobs
+ - pods
+ - services
+ - endpoints
+ - configmaps
+{{- end -}}
\ No newline at end of file
diff --git a/aether-apps/ott-services/cdn-local/templates/bin/_run-nginx.sh.tpl b/aether-apps/ott-services/cdn-local/templates/bin/_run-nginx.sh.tpl
new file mode 100644
index 0000000..ffe7916
--- /dev/null
+++ b/aether-apps/ott-services/cdn-local/templates/bin/_run-nginx.sh.tpl
@@ -0,0 +1,25 @@
+#!/bin/bash
+#
+# Copyright 2019-present Open Networking Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Assume that SGI network gateway knows routes to UE pool
+{{- if .Values.config.sriov.enabled }}
+ip route add {{ .Values.networks.ue.subnet }} via {{ .Values.networks.sgi.gateway }}
+{{- end }}
+
+ip link set {{ .Values.config.nginx.sgiInterface.name }} mtu {{ .Values.config.nginx.sgiInterface.mtu }}
+
+cp /conf/nginx.conf /etc/nginx/
+nginx -g "daemon off;"
diff --git a/aether-apps/ott-services/cdn-local/templates/configmap-nginx.yaml b/aether-apps/ott-services/cdn-local/templates/configmap-nginx.yaml
new file mode 100644
index 0000000..75db4d6
--- /dev/null
+++ b/aether-apps/ott-services/cdn-local/templates/configmap-nginx.yaml
@@ -0,0 +1,94 @@
+{{/*
+Copyright 2019-present Open Networking Foundation
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/}}
+
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: nginx-net-config
+ labels:
+{{ tuple "nginx" . | include "cdn-local.metadata_labels" | indent 4 }}
+data:
+ run-nginx.sh: |
+{{ tuple "bin/_run-nginx.sh.tpl" . | include "cdn-local.template" | indent 4 }}
+
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: nginx-rtmp-config
+ labels:
+{{ tuple "nginx" . | include "cdn-local.metadata_labels" | indent 4 }}
+data:
+ nginx.conf: |+
+ worker_processes {{ .Values.config.nginx.events.workerProcesses }};
+
+ events {
+ worker_connections {{ .Values.config.nginx.events.workerConnections }};
+ }
+
+ http {
+ include mime.types;
+
+ default_type {{ .Values.config.nginx.http.defaultType }};
+
+ sendfile {{ .Values.config.nginx.http.sendfile }};
+
+ keepalive_timeout {{ .Values.config.nginx.http.keepaliveTimeout }};
+
+ server {
+ listen {{ .Values.config.nginx.ports.http }};
+
+ server_name {{ .Values.config.nginx.http.server.serverName }};
+
+ location / {
+ root {{ .Values.config.nginx.http.server.location.root }};
+
+ index {{ .Values.config.nginx.http.server.location.index }};
+ }
+
+ error_page {{ .Values.config.nginx.http.server.error.code }} {{ .Values.config.nginx.http.server.error.page }};
+
+ location = {{ .Values.config.nginx.http.server.error.page }} {
+ root {{ .Values.config.nginx.http.server.error.root }};
+ }
+ }
+ }
+
+ rtmp {
+ server{
+ listen {{ .Values.config.nginx.ports.rtmp }};
+
+ chunk_size {{ .Values.config.nginx.rtmp.chunkSize }};
+
+ {{ range .Values.config.cdnRemotes }}
+ {{- $cdnRemote := . -}}
+ # name: {{ .name }}
+ application {{ $.Values.config.nginx.rtmp.appRemote.name }}/{{ $cdnRemote.name }} {
+ live {{ $.Values.config.nginx.rtmp.appRemote.live }};
+
+ {{- range .streams }}
+ pull rtmp://{{ $cdnRemote.ip }}:{{ $cdnRemote.port }}/LiveApp/{{ .value }} name={{ .value }};
+ {{- end }}
+
+ }
+ {{ end }}
+
+ application {{ .Values.config.nginx.rtmp.appLocal.name }} {
+ play {{ .Values.config.nginx.rtmp.appLocal.movieLocation }};
+ }
+ }
+ }
diff --git a/aether-apps/ott-services/cdn-local/templates/networks.yaml b/aether-apps/ott-services/cdn-local/templates/networks.yaml
new file mode 100644
index 0000000..be315f8
--- /dev/null
+++ b/aether-apps/ott-services/cdn-local/templates/networks.yaml
@@ -0,0 +1,32 @@
+{{/*
+Copyright 2019-present Open Networking Foundation
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/}}
+
+{{ if .Values.config.sriov.enabled }}
+---
+apiVersion: "k8s.cni.cncf.io/v1"
+kind: NetworkAttachmentDefinition
+metadata:
+ name: sgi-net-cdn
+ annotations:
+ k8s.v1.cni.cncf.io/resourceName: intel.com/sriov_netdevice
+spec:
+ config: '{
+ "type": {{ .Values.networks.cniPlugin | quote }},
+ "ipam": {
+ "type": {{ .Values.networks.ipam | quote }}
+ }
+ }'
+{{ end }}
diff --git a/aether-apps/ott-services/cdn-local/templates/service-nginx.yaml b/aether-apps/ott-services/cdn-local/templates/service-nginx.yaml
new file mode 100644
index 0000000..08969e9
--- /dev/null
+++ b/aether-apps/ott-services/cdn-local/templates/service-nginx.yaml
@@ -0,0 +1,56 @@
+{{/*
+Copyright 2019-present Open Networking Foundation
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/}}
+
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: cdn-local
+ labels:
+{{ tuple "cdn-local" . | include "cdn-local.metadata_labels" | indent 4 }}
+spec:
+ selector:
+{{ tuple "cdn-local" . | include "cdn-local.metadata_labels" | indent 4 }}
+ ports:
+ - name: http
+ port: {{ .Values.config.nginx.ports.http }}
+ protocol: TCP
+ - name: rtmp
+ port: {{ .Values.config.nginx.ports.rtmp }}
+ protocol: TCP
+
+{{- if .Values.config.nginx.ports.nodePorts.enabled }}
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: cdn-local-external
+ labels:
+{{ tuple "cdn-local" . | include "cdn-local.metadata_labels" | indent 4 }}
+spec:
+ selector:
+{{ tuple "cdn-local" . | include "cdn-local.metadata_labels" | indent 4 }}
+ type: NodePort
+ ports:
+ - name: http
+ port: {{ .Values.config.nginx.ports.http }}
+ protocol: TCP
+ nodePort: {{ .Values.config.nginx.ports.nodePorts.http }}
+ - name: rtmp
+ port: {{ .Values.config.nginx.ports.rtmp }}
+ protocol: TCP
+ nodePort: {{ .Values.config.nginx.ports.nodePorts.rtmp }}
+{{- end }}
\ No newline at end of file
diff --git a/aether-apps/ott-services/cdn-local/templates/statefulset-cdn-local.yaml b/aether-apps/ott-services/cdn-local/templates/statefulset-cdn-local.yaml
new file mode 100644
index 0000000..3937078
--- /dev/null
+++ b/aether-apps/ott-services/cdn-local/templates/statefulset-cdn-local.yaml
@@ -0,0 +1,110 @@
+{{/*
+Copyright 2019-present Open Networking Foundation
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/}}
+
+{{ tuple "cdn-local" . | include "cdn-local.service_account" }}
+
+---
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+ name: cdn-local
+ labels:
+{{ tuple "cdn-local" . | include "cdn-local.metadata_labels" | indent 4 }}
+spec:
+ replicas: {{ .Values.config.nginx.replicas }}
+ selector:
+ matchLabels:
+{{ tuple "cdn-local" . | include "cdn-local.metadata_labels" | indent 6 }}
+ serviceName: "cdn-local"
+ template:
+ metadata:
+ labels:
+{{ tuple "cdn-local" . | include "cdn-local.metadata_labels" | indent 8 }}
+{{ if .Values.config.sriov.enabled }}
+ annotations:
+ k8s.v1.cni.cncf.io/networks: '[
+ {
+ "name": "sgi-net-cdn",
+ "interface": {{ .Values.config.nginx.sgiInterface.name | quote }},
+ "ips": {{ .Values.config.nginx.sgiInterface.ip | quote }}
+ }
+ ]'
+{{ end }}
+ spec:
+ {{- if .Values.nodeSelectors.enabled }}
+ nodeSelector:
+ {{ .Values.nodeSelectors.nginx.label }}: {{ .Values.nodeSelectors.nginx.value }}
+ {{- end }}
+ hostNetwork: {{ not .Values.config.sriov.enabled }}
+ serviceAccountName: cdn-local
+ initContainers:
+ - name: cdn-local-init
+ image: {{ .Values.images.tags.nginx }}
+ imagePullPolicy: {{ .Values.images.pullPolicy }}
+ securityContext:
+ allowPrivilegeEscalation: false
+ readOnlyRootFilesystem: false
+ runAsUser: 0
+ command: [ "bash", "-xc"]
+ args:
+ - cp /config/*.sh /shared-vol;cp /conf/* /shared-vol
+ volumeMounts:
+ - name: shared-volume
+ mountPath: /shared-vol
+ - name: nginx-net-config
+ mountPath: /config
+ - name: nginx-rtmp-config
+ mountPath: /conf
+ containers:
+ - name: nginx
+ image: {{ .Values.images.tags.nginx }}
+ imagePullPolicy: {{ .Values.images.pullPolicy }}
+ command: [ "bash", "-xc"]
+ args:
+ - chmod a+x /config/*.sh; /config/run-nginx.sh
+ securityContext:
+ privileged: true
+ volumeMounts:
+ - name: shared-volume
+ mountPath: /config
+ - name: shared-volume
+ mountPath: /conf
+ resources:
+ requests:
+ {{- if .Values.resources.enabled }}
+{{ toYaml .Values.resources.nginx.requests | indent 12 }}
+ {{- end }}
+ {{- if .Values.config.sriov.enabled }}
+ intel.com/sriov_netdevice: 2
+ {{- end }}
+ limits:
+ {{- if .Values.resources.enabled }}
+{{ toYaml .Values.resources.nginx.limits | indent 12 }}
+ {{- end }}
+ {{- if .Values.config.sriov.enabled }}
+ intel.com/sriov_netdevice: 2
+ {{- end }}
+ volumes:
+ - name: nginx-net-config
+ configMap:
+ name: nginx-net-config
+ defaultMode: 493
+ - name: nginx-rtmp-config
+ configMap:
+ name: nginx-rtmp-config
+ defaultMode: 420
+ - name: shared-volume
+ emptyDir: {}