ansible/roles/chart_repo/templates/chart-repo.yml

   1 {#
   2 Copyright 2019 Nokia
   3
   4 Licensed under the Apache License, Version 2.0 (the "License");
   5 you may not use this file except in compliance with the License.
   6 You may obtain a copy of the License at
   7
   8     http://www.apache.org/licenses/LICENSE-2.0
   9
  10 Unless required by applicable law or agreed to in writing, software
  11 distributed under the License is distributed on an "AS IS" BASIS,
  12 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13 See the License for the specific language governing permissions and
  14 limitations under the License.
  15 #}
  16 ---
  17 apiVersion: apps/v1
  18 kind: Deployment
  19 metadata:
  20   name: chart-repo
  21   namespace: kube-system
  22 spec:
  23   replicas: 1
  24   selector:
  25     matchLabels:
  26       {{ caas.kubernetes_component_label }}: chart-repo
  27   template:
  28     metadata:
  29       labels:
  30         {{ caas.kubernetes_component_label }}: chart-repo
  31     spec:
  32       priorityClassName: "system-cluster-critical"
  33       dnsPolicy: ClusterFirst
  34       nodeSelector:
  35         nodetype: caas_master
  36       securityContext:
  37         runAsUser: {{ caas.uid.chartrepo }}
  38       containers:
  39         - name: chart-repo-handler
  40           image: {{ container_image_names | select('search', '/chartrepo') | list | last }}
  41           imagePullPolicy: IfNotPresent
  42           resources:
  43             requests:
  44               cpu: "10m"
  45               memory: "128Mi"
  46           command:
  47             - "/usr/bin/mainstart.sh"
  48           env:
  49             - name: CHARTREPOHANDLER_AUTHURL
  50               value: {{ caas.swift }}/auth/v1.0
  51             - name: CHARTREPOHANDLER_AUTHUSER
  52               value: admin:admin
  53             - name: CHARTREPOHANDLER_LISTENONPORT
  54               value: "{{ caas.chart_repo_port }}"
  55             - name: CHARTREPOHANDLER_LISTENONINTERFACE
  56               value: "{{ caas.internal_flannel_interface }}"
  57             - name: CHARTREPOHANDLER_AUTHKEY
  58               value: "{{ caas.swift_credential.password }}"
  59             - name: CHARTREPOHANDLER_CONTAINER
  60               value: packages
  61             - name: CHARTREPOHANDLER_REPOURL
  62               value: https://{{ caas.chart_repo_url }}
  63             - name: CHARTREPOHANDLER_INDEXPATH
  64               value: charts
  65             - name: CHARTREPOHANDLER_TLSCERTPATH
  66               value: /etc/chart-repo/ssl/chart-repo.pem
  67             - name: CHARTREPOHANDLER_TLSKEYPATH
  68               value: /etc/chart-repo/ssl/chart-repo-key.pem
  69             - name: CHARTREPOHANDLER_TLSCAPATH
  70               value: /etc/chart-repo/ssl/ca.pem
  71           volumeMounts:
  72             - name: time-mount
  73               mountPath: /etc/localtime
  74               readOnly: true
  75             - name: chart-repo-cert
  76               mountPath: /etc/chart-repo/ssl
  77               readOnly: true
  78       volumes:
  79         - name: time-mount
  80           hostPath:
  81             path: /etc/localtime
  82         - name: chart-repo-cert
  83           hostPath:
  84             path: /etc/chart-repo/ssl