ansible/roles/chart_repo/templates/chart-repo.yml

   1 {#
   2 Copyright 2019 Nokia
   3
   4 Licensed under the Apache License, Version 2.0 (the "License");
   5 you may not use this file except in compliance with the License.
   6 You may obtain a copy of the License at
   7
   8     http://www.apache.org/licenses/LICENSE-2.0
   9
  10 Unless required by applicable law or agreed to in writing, software
  11 distributed under the License is distributed on an "AS IS" BASIS,
  12 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13 See the License for the specific language governing permissions and
  14 limitations under the License.
  15 #}
  16 ---
  17 apiVersion: apps/v1
  18 kind: Deployment
  19 metadata:
  20   name: chart-repo
  21   namespace: kube-system
  22 spec:
  23   replicas: 1
  24   selector:
  25     matchLabels:
  26       {{ caas.kubernetes_component_label }}: chart-repo
  27   template:
  28     metadata:
  29       labels:
  30         {{ caas.kubernetes_component_label }}: chart-repo
  31     spec:
  32       priorityClassName: "system-cluster-critical"
  33       dnsPolicy: ClusterFirst
  34       nodeSelector:
  35         nodetype: caas_master
  36       tolerations:
  37       - key: "node-maintenancemode"
  38         value: "enabled"
  39         operator: "Equal"
  40         effect: "NoExecute"
  41       securityContext:
  42         runAsUser: {{ caas.uid.chartrepo }}
  43       containers:
  44         - name: chart-repo-handler
  45           image: {{ container_image_names | select('search', '/chartrepo') | list | last }}
  46           imagePullPolicy: IfNotPresent
  47           resources:
  48             requests:
  49               cpu: "10m"
  50               memory: "128Mi"
  51           command:
  52             - "/usr/bin/mainstart.sh"
  53           env:
  54             - name: CHARTREPOHANDLER_AUTHURL
  55               value: {{ caas.swift }}/auth/v1.0
  56             - name: CHARTREPOHANDLER_AUTHUSER
  57               value: admin:admin
  58             - name: CHARTREPOHANDLER_LISTENONPORT
  59               value: "{{ caas.chart_repo_port }}"
  60             - name: CHARTREPOHANDLER_LISTENONINTERFACE
  61               value: "{{ caas.internal_flannel_interface }}"
  62             - name: CHARTREPOHANDLER_AUTHKEY
  63               value: "{{ caas.swift_credential.password }}"
  64             - name: CHARTREPOHANDLER_CONTAINER
  65               value: packages
  66             - name: CHARTREPOHANDLER_REPOURL
  67               value: https://{{ caas.chart_repo_url }}
  68             - name: CHARTREPOHANDLER_INDEXPATH
  69               value: charts
  70             - name: CHARTREPOHANDLER_TLSCERTPATH
  71               value: /etc/chart-repo/ssl/chart-repo.pem
  72             - name: CHARTREPOHANDLER_TLSKEYPATH
  73               value: /etc/chart-repo/ssl/chart-repo-key.pem
  74             - name: CHARTREPOHANDLER_TLSCAPATH
  75               value: /etc/chart-repo/ssl/ca.pem
  76           volumeMounts:
  77             - name: time-mount
  78               mountPath: /etc/localtime
  79               readOnly: true
  80             - name: chart-repo-cert
  81               mountPath: /etc/chart-repo/ssl
  82               readOnly: true
  83       volumes:
  84         - name: time-mount
  85           hostPath:
  86             path: /etc/localtime
  87         - name: chart-repo-cert
  88           hostPath:
  89             path: /etc/chart-repo/ssl