VOL-3145 - remove etcd operator usage
- removed dependencies as they are not part of VOLTHA
- removed RBAC config (no longer used)
- put each resources in separate file (best practice)
- added security context for containers (best practice)
Change-Id: If9e250ebe998369cb973561d1406517ea622e670
diff --git a/voltha/templates/core-deploy.yaml b/voltha/templates/core-deploy.yaml
new file mode 100644
index 0000000..1a805ec
--- /dev/null
+++ b/voltha/templates/core-deploy.yaml
@@ -0,0 +1,116 @@
+# Copyright 2019-present Open Networking Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+{{- $log_level := tpl .Values.rw_core.log_level . | upper }}
+---
+apiVersion: apps/v1beta1
+kind: Deployment
+metadata:
+ name: voltha-rw-core
+ {{- if or (hasKey .Values "extra_deployment_labels") (hasKey .Values "rw_core_deployment_labels") }}
+ labels:
+ {{- if hasKey .Values "extra_deployment_labels" }}
+ {{- range $key, $val := .Values.extra_deployment_labels }}
+ {{ $key }}: {{ $val | quote }}
+ {{- end }}
+ {{- end }}
+ {{- if hasKey .Values "rw_core_deployment_labels" }}
+ {{- range $key, $val := .Values.rw_core_deployment_labels }}
+ {{ $key }}: {{ $val | quote }}
+ {{- end }}
+ {{- end }}
+ {{- end }}
+spec:
+ replicas: 1
+ template:
+ metadata:
+ labels:
+ app: rw-core
+ app.kubernetes.io/name: "read-write-core"
+ app.kubernetes.io/version: {{ quote .Chart.AppVersion }}
+ app.kubernetes.io/component: "core"
+ app.kubernetes.io/part-of: "voltha"
+ app.kubernetes.io/managed-by: {{ quote .Release.Service }}
+ helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+ {{- if hasKey .Values "extra_pod_labels" }}
+ {{- range $key, $val := .Values.extra_pod_labels }}
+ {{ $key }}: {{ $val | quote }}
+ {{- end }}
+ {{- end }}
+ {{- if hasKey .Values "rw_core_pod_labels" }}
+ {{- range $key, $val := .Values.rw_core_pod_labels }}
+ {{ $key }}: {{ $val | quote }}
+ {{- end }}
+ {{- end }}
+ spec:
+ {{- if .Values.securityContext.enabled }}
+ securityContext:
+ runAsUser: {{ .Values.securityContext.runAsUser }}
+ runAsGroup: {{ .Values.securityContext.runAsGroup }}
+ fsGroup: {{ .Values.securityContext.fsGroup }}
+ {{- end }}
+ containers:
+ - name: voltha
+ image: '{{ tpl .Values.images.rw_core.registry . }}{{ tpl .Values.images.rw_core.repository . }}:{{ tpl .Values.images.rw_core.tag . }}'
+ imagePullPolicy: {{ tpl .Values.images.rw_core.pullPolicy . }}
+ env:
+ - name: NAMESPACE
+ value: voltha
+ - name: POD_IP
+ valueFrom:
+ fieldRef:
+ fieldPath: status.podIP
+ - name: COMPONENT_NAME
+ valueFrom:
+ fieldRef:
+ fieldPath: metadata.labels['app.kubernetes.io/name']
+ args:
+ - "/app/rw_core"
+ - "-kv_store_type=etcd"
+ - "-kv_store_host={{ .Values.services.etcd.service }}"
+ - "-kv_store_port={{ .Values.services.etcd.port }}"
+ - "-grpc_host=0.0.0.0"
+ - "-grpc_port=50057"
+ - "-banner=true"
+ - "-kafka_adapter_host={{ .Values.services.kafka.adapter.service }}"
+ - "-kafka_adapter_port={{ .Values.services.kafka.adapter.port }}"
+ - "-kafka_cluster_host={{ .Values.services.kafka.cluster.service }}"
+ - "-kafka_cluster_port={{ .Values.services.kafka.cluster.port }}"
+ - "-rw_core_topic=rwcore"
+ - "-core_pair_topic=core-pair-1"
+ - "-kv_store_data_prefix=service/voltha"
+ - "-in_competing_mode=false"
+ - "-core_timeout=10s"
+ - "-timeout_long_request=10s"
+ - "-timeout_request=10s"
+ - "-log_level={{ $log_level }}"
+ - "-probe_port=8080"
+ ports:
+ - containerPort: 50057
+ name: grpc
+ {{- if .Values.securityContext.enabled }}
+ securityContext:
+ allowPrivilegeEscalation: false
+ {{- end }}
+ livenessProbe:
+ httpGet:
+ path: /healthz
+ port: 8080
+ initialDelaySeconds: 3
+ periodSeconds: 3
+ readinessProbe:
+ httpGet:
+ path: /readz
+ port: 8080
+ initialDelaySeconds: 3
+ periodSeconds: 3