blob: 173b868cd3ce4d1cb8e748bb3126399966160537 [file] [log] [blame]
{{/*
Copyright 2019-present Open Networking Foundation
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- $releaseName := .Release.Name }}
{{- $namespace := .Release.Namespace }}
{{- $name := .Values.config.enb.name }}
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ $releaseName }}-{{ $name }}
namespace: {{ $namespace }}
---
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: {{ $releaseName }}-{{ $name }}
namespace: {{ $namespace }}
rules:
- apiGroups:
- ""
- extensions
- batch
- apps
verbs:
- get
- list
resources:
- daemonsets
- jobs
- pods
- services
- endpoints
---
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: {{ $releaseName }}-{{ $name }}
namespace: {{ $namespace }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: {{ $releaseName }}-{{ $name }}
subjects:
- kind: ServiceAccount
name: {{ $releaseName }}-{{ $name }}
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: {{ $name }}
namespace: {{ $namespace }}
labels:
app: oai-enb
spec:
replicas: 1
selector:
matchLabels:
app: oai-enb
serviceName: {{ $name | quote }}
template:
metadata:
labels:
app: oai-enb
spec:
{{- if .Values.nodeSelectors.enabled }}
nodeSelector:
{{ .Values.nodeSelectors.enb.label }}: {{ .Values.nodeSelectors.enb.value }}
{{- end }}
serviceAccountName: {{ $releaseName }}-{{ $name }}
hostNetwork: true
initContainers:
- name: enb-dep-check
image: {{ .Values.images.tags.dep_check | quote }}
imagePullPolicy: {{ .Values.images.pullPolicy }}
securityContext:
allowPrivilegeEscalation: false
readOnlyRootFilesystem: false
runAsUser: 0
env:
- name: POD_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.name
- name: NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
- name: PATH
value: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/
- name: COMMAND
value: "echo done"
- name: DEPENDENCY_POD_JSON
value: '[{"labels": {"app": "mme"}, "requireSameNode": false}]'
command:
- kubernetes-entrypoint
volumeMounts:
[]
- name: enb-init
image: {{ .Values.images.tags.enb | quote }}
imagePullPolicy: {{ .Values.images.pullPolicy }}
securityContext:
capabilities:
add:
- NET_ADMIN
command:
- /opt/oaisim/enb/scripts/enb-init.sh
env:
- name: ENB_LOCAL_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
volumeMounts:
- name: script
mountPath: /opt/oaisim/enb/scripts/enb-init.sh
subPath: enb-init.sh
- name: config
mountPath: /opt/oaisim/enb/config
- name: pod-share
mountPath: /etc/oaisim/enb
containers:
- name: {{ $name }}
image: {{ .Values.images.tags.enb | quote }}
imagePullPolicy: {{ .Values.images.pullPolicy }}
securityContext:
privileged: true
command:
- /opt/oaisim/enb/scripts/enb-run.sh
- start
lifecycle:
preStop:
exec:
command:
- /opt/oaisim/enb/scripts/enb-run.sh
- stop
env:
- name: ENB_LOCAL_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
volumeMounts:
- name: script
mountPath: /opt/oaisim/enb/scripts/enb-run.sh
subPath: enb-run.sh
- name: pod-share
mountPath: /etc/oaisim/enb
volumes:
- name: config
configMap:
name: {{ $name }}
defaultMode: 420
- name: script
configMap:
name: {{ $name }}
defaultMode: 493
- name: pod-share
emptyDir: {}