github.com/verrazzano/verrazzano@v1.7.1/platform-operator/thirdparty/charts/weblogic-operator/templates/_operator-dep.tpl (about) 1 # Copyright (c) 2018, 2023, Oracle and/or its affiliates. 2 # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. 3 4 {{- define "operator.operatorDeployment" }} 5 --- 6 {{- if not .webhookOnly }} 7 apiVersion: "apps/v1" 8 kind: "Deployment" 9 metadata: 10 name: "weblogic-operator" 11 namespace: {{ .Release.Namespace | quote }} 12 labels: 13 weblogic.operatorName: {{ .Release.Namespace | quote }} 14 spec: 15 strategy: 16 type: Recreate 17 selector: 18 matchLabels: 19 weblogic.operatorName: {{ .Release.Namespace | quote }} 20 replicas: 1 21 template: 22 metadata: 23 annotations: 24 prometheus.io/port: '8083' 25 prometheus.io/scrape: 'true' 26 {{- range $key, $value := .annotations }} 27 {{ $key }}: {{ $value | quote }} 28 {{- end }} 29 labels: 30 weblogic.operatorName: {{ .Release.Namespace | quote }} 31 app: "weblogic-operator" 32 {{- range $key, $value := .labels }} 33 {{ $key }}: {{ $value | quote }} 34 {{- end }} 35 spec: 36 serviceAccountName: {{ .serviceAccount | quote }} 37 {{- if (ne ( .kubernetesPlatform | default "Generic" ) "OpenShift") }} 38 securityContext: 39 seccompProfile: 40 type: RuntimeDefault 41 {{- end }} 42 {{- with .nodeSelector }} 43 nodeSelector: 44 {{- toYaml . | nindent 8 }} 45 {{- end }} 46 {{- with .affinity }} 47 affinity: 48 {{- toYaml . | nindent 8 }} 49 {{- end }} 50 {{- with .tolerations }} 51 tolerations: 52 {{- toYaml . | nindent 8 }} 53 {{- end }} 54 containers: 55 - name: "weblogic-operator" 56 image: {{ .image | quote }} 57 imagePullPolicy: {{ .imagePullPolicy | quote }} 58 command: ["/deployment/operator.sh"] 59 lifecycle: 60 preStop: 61 exec: 62 command: ["/deployment/stop.sh"] 63 env: 64 - name: "OPERATOR_NAMESPACE" 65 valueFrom: 66 fieldRef: 67 fieldPath: "metadata.namespace" 68 - name: "OPERATOR_POD_NAME" 69 valueFrom: 70 fieldRef: 71 fieldPath: "metadata.name" 72 - name: "OPERATOR_POD_UID" 73 valueFrom: 74 fieldRef: 75 fieldPath: "metadata.uid" 76 - name: "OPERATOR_VERBOSE" 77 value: "false" 78 {{- if .kubernetesPlatform }} 79 - name: "KUBERNETES_PLATFORM" 80 value: {{ .kubernetesPlatform | quote }} 81 {{- end }} 82 {{- if and (hasKey . "enableRest") .enableRest }} 83 - name: "ENABLE_REST_ENDPOINT" 84 value: "true" 85 {{- end }} 86 - name: "JAVA_LOGGING_LEVEL" 87 value: {{ .javaLoggingLevel | quote }} 88 - name: "JAVA_LOGGING_MAXSIZE" 89 value: {{ int64 .javaLoggingFileSizeLimit | default 20000000 | quote }} 90 - name: "JAVA_LOGGING_COUNT" 91 value: {{ .javaLoggingFileCount | default 10 | quote }} 92 - name: "JVM_OPTIONS" 93 value: {{ .jvmOptions | default "-XshowSettings:vm -XX:MaxRAMPercentage=70" | quote }} 94 {{- if .remoteDebugNodePortEnabled }} 95 - name: "REMOTE_DEBUG_PORT" 96 value: {{ .internalDebugHttpPort | quote }} 97 - name: "DEBUG_SUSPEND" 98 {{- if .suspendOnDebugStartup }} 99 value: "y" 100 {{- else }} 101 value: "n" 102 {{- end }} 103 {{- end }} 104 {{- if .mockWLS }} 105 - name: "MOCK_WLS" 106 value: "true" 107 {{- end }} 108 resources: 109 requests: 110 cpu: {{ .cpuRequests | default "250m" }} 111 memory: {{ .memoryRequests | default "512Mi" }} 112 limits: 113 {{- if .cpuLimits}} 114 cpu: {{ .cpuLimits }} 115 {{- end }} 116 {{- if .memoryLimits}} 117 memory: {{ .memoryLimits }} 118 {{- end }} 119 securityContext: 120 {{- if (ne ( .kubernetesPlatform | default "Generic" ) "OpenShift") }} 121 runAsUser: {{ .runAsUser | default 1000 }} 122 {{- end }} 123 runAsNonRoot: true 124 privileged: false 125 allowPrivilegeEscalation: false 126 capabilities: 127 drop: ["ALL"] 128 volumeMounts: 129 - name: "weblogic-operator-cm-volume" 130 mountPath: "/deployment/config" 131 - name: "weblogic-operator-debug-cm-volume" 132 mountPath: "/deployment/debug-config" 133 - name: "weblogic-operator-secrets-volume" 134 mountPath: "/deployment/secrets" 135 readOnly: true 136 {{- if .elkIntegrationEnabled }} 137 - mountPath: "/logs" 138 name: "log-dir" 139 readOnly: false 140 {{- end }} 141 {{- if not .remoteDebugNodePortEnabled }} 142 livenessProbe: 143 exec: 144 command: ["/probes/livenessProbe.sh"] 145 initialDelaySeconds: 40 146 periodSeconds: 10 147 failureThreshold: 5 148 readinessProbe: 149 exec: 150 command: ["/probes/readinessProbe.sh"] 151 initialDelaySeconds: 2 152 periodSeconds: 10 153 {{- end }} 154 {{- if .elkIntegrationEnabled }} 155 - name: "logstash" 156 image: {{ .logStashImage | quote }} 157 volumeMounts: 158 - name: "log-dir" 159 mountPath: "/logs" 160 - name: "logstash-pipeline-volume" 161 mountPath: "/usr/share/logstash/pipeline" 162 - name: "logstash-config-volume" 163 mountPath: "/usr/share/logstash/config/logstash.yml" 164 subPath: "logstash.yml" 165 - name: "logstash-certs-secret-volume" 166 mountPath: "/usr/share/logstash/config/certs" 167 env: 168 - name: "ELASTICSEARCH_HOST" 169 value: {{ .elasticSearchHost | quote }} 170 - name: "ELASTICSEARCH_PORT" 171 value: {{ .elasticSearchPort | quote }} 172 - name: "ELASTICSEARCH_PROTOCOL" 173 value: {{ .elasticSearchProtocol | quote }} 174 {{- end }} 175 {{- if .imagePullSecrets }} 176 imagePullSecrets: 177 {{ .imagePullSecrets | toYaml }} 178 {{- end }} 179 volumes: 180 - name: "weblogic-operator-cm-volume" 181 configMap: 182 name: "weblogic-operator-cm" 183 - name: "weblogic-operator-debug-cm-volume" 184 configMap: 185 name: "weblogic-operator-debug-cm" 186 optional: true 187 - name: "weblogic-operator-secrets-volume" 188 secret: 189 secretName: "weblogic-operator-secrets" 190 {{- if .elkIntegrationEnabled }} 191 - name: "log-dir" 192 emptyDir: 193 medium: "Memory" 194 - name: "logstash-pipeline-volume" 195 configMap: 196 name: "weblogic-operator-logstash-cm" 197 items: 198 - key: logstash.conf 199 path: logstash.conf 200 - name: "logstash-config-volume" 201 configMap: 202 name: "weblogic-operator-logstash-cm" 203 items: 204 - key: logstash.yml 205 path: logstash.yml 206 - name: "logstash-certs-secret-volume" 207 secret: 208 secretName: "logstash-certs-secret" 209 optional: true 210 {{- end }} 211 {{- end }} 212 --- 213 {{ $chartVersion := .Chart.Version }} 214 {{ $releaseNamespace := .Release.Namespace }} 215 {{ $webhookExists := include "utils.verifyExistingWebhookDeployment" (list $chartVersion $releaseNamespace) | trim }} 216 {{- if and (ne $webhookExists "true") (not .operatorOnly) }} 217 # webhook does not exist or chart version is newer, create a new webhook 218 apiVersion: "v1" 219 kind: "ConfigMap" 220 metadata: 221 labels: 222 weblogic.webhookName: {{ .Release.Namespace | quote }} 223 name: "weblogic-webhook-cm" 224 namespace: {{ .Release.Namespace | quote }} 225 data: 226 serviceaccount: {{ .serviceAccount | quote }} 227 {{- if .featureGates }} 228 featureGates: {{ .featureGates | quote }} 229 {{- end }} 230 {{- if .domainNamespaceSelectionStrategy }} 231 domainNamespaceSelectionStrategy: {{ .domainNamespaceSelectionStrategy | quote }} 232 {{- end }} 233 --- 234 # webhook does not exist or chart version is newer, create a new webhook 235 apiVersion: "apps/v1" 236 kind: "Deployment" 237 metadata: 238 name: "weblogic-operator-webhook" 239 namespace: {{ .Release.Namespace | quote }} 240 labels: 241 weblogic.webhookName: {{ .Release.Namespace | quote }} 242 weblogic.webhookVersion: {{ .Chart.Version }} 243 {{- if and (.preserveWebhook) (not .webhookOnly) }} 244 annotations: 245 "helm.sh/hook": pre-install 246 "helm.sh/resource-policy": keep 247 "helm.sh/hook-delete-policy": "before-hook-creation" 248 {{- end }} 249 spec: 250 strategy: 251 type: Recreate 252 selector: 253 matchLabels: 254 weblogic.webhookName: {{ .Release.Namespace | quote }} 255 replicas: 1 256 template: 257 metadata: 258 annotations: 259 prometheus.io/port: '8083' 260 prometheus.io/scrape: 'true' 261 sidecar.istio.io/inject: 'false' 262 {{- range $key, $value := .annotations }} 263 {{- if ne $key "sidecar.istio.io/inject" }} 264 {{ $key }}: {{ $value | quote }} 265 {{- end }} 266 {{- end }} 267 labels: 268 weblogic.webhookName: {{ .Release.Namespace | quote }} 269 app: "weblogic-operator-webhook" 270 {{- range $key, $value := .labels }} 271 {{ $key }}: {{ $value | quote }} 272 {{- end }} 273 spec: 274 serviceAccountName: {{ .serviceAccount | quote }} 275 {{- if (ne ( .kubernetesPlatform | default "Generic" ) "OpenShift") }} 276 securityContext: 277 seccompProfile: 278 type: RuntimeDefault 279 {{- end }} 280 {{- with .nodeSelector }} 281 nodeSelector: 282 {{- toYaml . | nindent 12 }} 283 {{- end }} 284 {{- with .affinity }} 285 affinity: 286 {{- toYaml . | nindent 12 }} 287 {{- end }} 288 {{- with .tolerations }} 289 tolerations: 290 {{- toYaml . | nindent 12 }} 291 {{- end }} 292 containers: 293 - name: "weblogic-operator-webhook" 294 image: {{ .image | quote }} 295 imagePullPolicy: {{ .imagePullPolicy | quote }} 296 command: ["/deployment/webhook.sh"] 297 lifecycle: 298 preStop: 299 exec: 300 command: ["/deployment/stop.sh"] 301 env: 302 - name: "WEBHOOK_NAMESPACE" 303 valueFrom: 304 fieldRef: 305 fieldPath: "metadata.namespace" 306 - name: "WEBHOOK_POD_NAME" 307 valueFrom: 308 fieldRef: 309 fieldPath: "metadata.name" 310 - name: "WEBHOOK_POD_UID" 311 valueFrom: 312 fieldRef: 313 fieldPath: "metadata.uid" 314 - name: "JAVA_LOGGING_LEVEL" 315 value: {{ .javaLoggingLevel | quote }} 316 - name: "JAVA_LOGGING_MAXSIZE" 317 value: {{ int64 .javaLoggingFileSizeLimit | default 20000000 | quote }} 318 - name: "JAVA_LOGGING_COUNT" 319 value: {{ .javaLoggingFileCount | default 10 | quote }} 320 {{- if .remoteDebugNodePortEnabled }} 321 - name: "REMOTE_DEBUG_PORT" 322 value: {{ .webhookDebugHttpPort | quote }} 323 - name: "DEBUG_SUSPEND" 324 {{- if .suspendOnDebugStartup }} 325 value: "y" 326 {{- else }} 327 value: "n" 328 {{- end }} 329 {{- end }} 330 resources: 331 requests: 332 cpu: {{ .cpuRequests | default "100m" }} 333 memory: {{ .memoryRequests | default "100Mi" }} 334 limits: 335 {{- if .cpuLimits}} 336 cpu: {{ .cpuLimits }} 337 {{- end }} 338 {{- if .memoryLimits}} 339 memory: {{ .memoryLimits }} 340 {{- end }} 341 securityContext: 342 {{- if (ne ( .kubernetesPlatform | default "Generic" ) "OpenShift") }} 343 runAsUser: {{ .runAsUser | default 1000 }} 344 {{- end }} 345 runAsNonRoot: true 346 privileged: false 347 allowPrivilegeEscalation: false 348 capabilities: 349 drop: ["ALL"] 350 volumeMounts: 351 - name: "weblogic-webhook-cm-volume" 352 mountPath: "/deployment/config" 353 - name: "weblogic-webhook-secrets-volume" 354 mountPath: "/deployment/secrets" 355 readOnly: true 356 {{- if .elkIntegrationEnabled }} 357 - mountPath: "/logs" 358 name: "log-dir" 359 readOnly: false 360 {{- end }} 361 {{- if not .remoteDebugNodePortEnabled }} 362 livenessProbe: 363 exec: 364 command: ["/probes/livenessProbe.sh"] 365 initialDelaySeconds: 40 366 periodSeconds: 5 367 readinessProbe: 368 exec: 369 command: ["/probes/readinessProbe.sh"] 370 initialDelaySeconds: 2 371 periodSeconds: 10 372 {{- end }} 373 {{- if .elkIntegrationEnabled }} 374 - name: "logstash" 375 image: {{ .logStashImage | quote }} 376 volumeMounts: 377 - name: "log-dir" 378 mountPath: "/logs" 379 - name: "logstash-pipeline-volume" 380 mountPath: "/usr/share/logstash/pipeline" 381 - name: "logstash-config-volume" 382 mountPath: "/usr/share/logstash/config/logstash.yml" 383 subPath: "logstash.yml" 384 - name: "logstash-certs-secret-volume" 385 mountPath: "/usr/share/logstash/config/certs" 386 env: 387 - name: "ELASTICSEARCH_HOST" 388 value: {{ .elasticSearchHost | quote }} 389 - name: "ELASTICSEARCH_PORT" 390 value: {{ .elasticSearchPort | quote }} 391 - name: "ELASTICSEARCH_PROTOCOL" 392 value: {{ .elasticSearchProtocol | quote }} 393 {{- end }} 394 {{- if .imagePullSecrets }} 395 imagePullSecrets: 396 {{ .imagePullSecrets | toYaml }} 397 {{- end }} 398 volumes: 399 - name: "weblogic-webhook-cm-volume" 400 configMap: 401 name: "weblogic-webhook-cm" 402 - name: "weblogic-webhook-secrets-volume" 403 secret: 404 secretName: "weblogic-webhook-secrets" 405 {{- if .elkIntegrationEnabled }} 406 - name: "log-dir" 407 emptyDir: 408 medium: "Memory" 409 - name: "logstash-pipeline-volume" 410 configMap: 411 name: "weblogic-operator-logstash-cm" 412 items: 413 - key: logstash.conf 414 path: logstash.conf 415 - name: "logstash-config-volume" 416 configMap: 417 name: "weblogic-operator-logstash-cm" 418 items: 419 - key: logstash.yml 420 path: logstash.yml 421 - name: "logstash-certs-secret-volume" 422 secret: 423 secretName: "logstash-certs-secret" 424 optional: true 425 {{- end }} 426 {{- end }} 427 {{- end }}