subscriber-proxy/templates/deployment.yaml - roc-helm-charts - Gitiles

 # SPDX-FileCopyrightText: 2020-present Open Networking Foundation <info@opennetworking.org>
 #
 # SPDX-License-Identifier: LicenseRef-ONF-Member-Only-1.0

 apiVersion: apps/v1
 kind: Deployment
 metadata:
   name: {{ template "subscriber-proxy.fullname" . }}
   namespace: {{ .Release.Namespace }}
   labels:
     name: {{ template "subscriber-proxy.fullname" . }}
 spec:
   replicas: {{ .Values.replicaCount }}
   selector:
     matchLabels:
       {{- include "subscriber-proxy.selectorLabels" . | nindent 6 }}
   template:
     metadata:
       labels:
         name: {{ template "subscriber-proxy.fullname" . }}
         {{- include "subscriber-proxy.selectorLabels" . | nindent 8 }}
     spec:
       serviceAccountName: subscriber-proxy
     {{- with .Values.imagePullSecrets }}
       imagePullSecrets:
         {{- toYaml . | nindent 6 }}
     {{- end }}
       securityContext:
         {{- toYaml .Values.podSecurityContext | nindent 8 }}
       containers:
         - name: {{ .Chart.Name }}
           image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
           imagePullPolicy: {{ .Values.image.pullPolicy }}
           env:
             - name: POD_NAMESPACE
               valueFrom:
                 fieldRef:
                   fieldPath: metadata.namespace
             - name: POD_NAME
               valueFrom:
                 fieldRef:
                   fieldPath: metadata.name
             - name: NODE_NAME
               valueFrom:
                 fieldRef:
                   fieldPath: spec.nodeName
             - name: OIDC_SERVER_URL
               value: {{ .Values.config.openidc.issuer }}
           args:
             - "/usr/local/bin/subscriber-proxy"
             - "-bind_port=:{{ .Values.config.port }}"
             - "-client_key=/etc/subscriber-proxy/certs/tls.key"
             - "-client_crt=/etc/subscriber-proxy/certs/tls.crt"
             - "-ca_crt=/etc/subscriber-proxy/certs/tls.cacert"
             - "-alsologtostderr"
             - "-hostCheckDisabled"
             - "-webconsole_url=http://{{ .Values.config.webui_endpt.addr}}:{{ .Values.config.webui_endpt.port}}"
             - "-onos_config_url={{ .Values.config.aether_config_endpt.addr}}:{{ .Values.config.aether_config_endpt.port}}"
           ports:
             - containerPort: {{.Values.config.port}}
           readinessProbe:
             tcpSocket:
               port: {{ .Values.config.port }}
             initialDelaySeconds: 5
             periodSeconds: 10
           livenessProbe:
             tcpSocket:
               port: {{ .Values.config.port }}
             initialDelaySeconds: 15
             periodSeconds: 20
           volumeMounts:
             - name: secret
               mountPath: /etc/subscriber-proxy/certs
               readOnly: true
             - name: logconfig
               mountPath: /etc/onos/config
               readOnly: true
       volumes:
         - name: logconfig
           configMap:
             name: {{ template "subscriber-proxy.fullname" . }}-logconfig
         - name: secret
           secret:
             secretName: {{ template "subscriber-proxy.fullname" . }}-secret
	# SPDX-FileCopyrightText: 2020-present Open Networking Foundation <info@opennetworking.org>
	#
	# SPDX-License-Identifier: LicenseRef-ONF-Member-Only-1.0

	apiVersion: apps/v1
	kind: Deployment
	metadata:
	name: {{ template "subscriber-proxy.fullname" . }}
	namespace: {{ .Release.Namespace }}
	labels:
	name: {{ template "subscriber-proxy.fullname" . }}
	spec:
	replicas: {{ .Values.replicaCount }}
	selector:
	matchLabels:
	{{- include "subscriber-proxy.selectorLabels" . \| nindent 6 }}
	template:
	metadata:
	labels:
	name: {{ template "subscriber-proxy.fullname" . }}
	{{- include "subscriber-proxy.selectorLabels" . \| nindent 8 }}
	spec:
	serviceAccountName: subscriber-proxy
	{{- with .Values.imagePullSecrets }}
	imagePullSecrets:
	{{- toYaml . \| nindent 6 }}
	{{- end }}
	securityContext:
	{{- toYaml .Values.podSecurityContext \| nindent 8 }}
	containers:
	- name: {{ .Chart.Name }}
	image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
	imagePullPolicy: {{ .Values.image.pullPolicy }}
	env:
	- name: POD_NAMESPACE
	valueFrom:
	fieldRef:
	fieldPath: metadata.namespace
	- name: POD_NAME
	valueFrom:
	fieldRef:
	fieldPath: metadata.name
	- name: NODE_NAME
	valueFrom:
	fieldRef:
	fieldPath: spec.nodeName
	- name: OIDC_SERVER_URL
	value: {{ .Values.config.openidc.issuer }}
	args:
	- "/usr/local/bin/subscriber-proxy"
	- "-bind_port=:{{ .Values.config.port }}"
	- "-client_key=/etc/subscriber-proxy/certs/tls.key"
	- "-client_crt=/etc/subscriber-proxy/certs/tls.crt"
	- "-ca_crt=/etc/subscriber-proxy/certs/tls.cacert"
	- "-alsologtostderr"
	- "-hostCheckDisabled"
	- "-webconsole_url=http://{{ .Values.config.webui_endpt.addr}}:{{ .Values.config.webui_endpt.port}}"
	- "-onos_config_url={{ .Values.config.aether_config_endpt.addr}}:{{ .Values.config.aether_config_endpt.port}}"
	ports:
	- containerPort: {{.Values.config.port}}
	readinessProbe:
	tcpSocket:
	port: {{ .Values.config.port }}
	initialDelaySeconds: 5
	periodSeconds: 10
	livenessProbe:
	tcpSocket:
	port: {{ .Values.config.port }}
	initialDelaySeconds: 15
	periodSeconds: 20
	volumeMounts:
	- name: secret
	mountPath: /etc/subscriber-proxy/certs
	readOnly: true
	- name: logconfig
	mountPath: /etc/onos/config
	readOnly: true
	volumes:
	- name: logconfig
	configMap:
	name: {{ template "subscriber-proxy.fullname" . }}-logconfig
	- name: secret
	secret:
	secretName: {{ template "subscriber-proxy.fullname" . }}-secret