From ff738b7bf9085437a2f9f94a13e944d83e5b7e43 Mon Sep 17 00:00:00 2001
From: Sagar Arora <sagar.arora@eurecom.fr>
Date: Thu, 10 Nov 2022 11:20:54 +0100
Subject: [PATCH] (fix): Remove sudo privilege from helm-charts
- Change security context to anyuid
- Changed from deployment to job, now the pods will be in completed
---
charts/physims/Chart.yaml | 2 +-
.../templates/{deployment.yaml => job.yaml} | 21 +----
.../charts/dlsim.100rb+tm2/values.yaml | 8 +-
.../templates/{deployment.yaml => job.yaml} | 30 +++----
charts/physims/charts/dlsim.basic/values.yaml | 28 +++---
.../templates/{deployment.yaml => job.yaml} | 21 +----
charts/physims/charts/ldpctest/values.yaml | 8 +-
.../templates/{deployment.yaml => job.yaml} | 21 +----
charts/physims/charts/nr-dlschsim/values.yaml | 8 +-
.../templates/{deployment.yaml => job.yaml} | 21 +----
.../physims/charts/nr-dlsim.basic/values.yaml | 8 +-
.../templates/{deployment.yaml => job.yaml} | 21 +----
.../charts/nr-dlsim.dmrs+ptrs/values.yaml | 8 +-
.../templates/{deployment.yaml => job.yaml} | 21 +----
.../charts/nr-dlsim.mcs+mimo/values.yaml | 8 +-
.../templates/{deployment.yaml => job.yaml} | 21 +----
.../charts/nr-dlsim.offset/values.yaml | 8 +-
.../templates/{deployment.yaml => job.yaml} | 18 +---
.../charts/nr-pbchsim.106rb/values.yaml | 8 +-
.../templates/{deployment.yaml => job.yaml} | 21 +----
.../charts/nr-pbchsim.217rb/values.yaml | 8 +-
.../templates/{deployment.yaml => job.yaml} | 21 +----
.../charts/nr-pbchsim.273rb/values.yaml | 8 +-
.../templates/{deployment.yaml => job.yaml} | 21 +----
charts/physims/charts/nr-prachsim/values.yaml | 8 +-
.../templates/{deployment.yaml => job.yaml} | 21 +----
charts/physims/charts/nr-pucchsim/values.yaml | 8 +-
.../templates/{deployment.yaml => job.yaml} | 21 +----
charts/physims/charts/nr-ulschsim/values.yaml | 8 +-
.../templates/{deployment.yaml => job.yaml} | 21 +----
.../physims/charts/nr-ulsim.3gpp/values.yaml | 8 +-
.../templates/{deployment.yaml => job.yaml} | 21 +----
.../physims/charts/nr-ulsim.mimo/values.yaml | 8 +-
.../templates/{deployment.yaml => job.yaml} | 21 +----
.../physims/charts/nr-ulsim.misc/values.yaml | 8 +-
.../templates/{deployment.yaml => job.yaml} | 19 +---
.../charts/nr-ulsim.sc-fdma/values.yaml | 8 +-
.../templates/{deployment.yaml => job.yaml} | 21 +----
charts/physims/charts/polartest/values.yaml | 8 +-
.../templates/{deployment.yaml => job.yaml} | 21 +----
.../physims/charts/smallblocktest/values.yaml | 8 +-
.../templates/{deployment.yaml => job.yaml} | 21 +----
charts/physims/charts/ulsim/values.yaml | 8 +-
charts/physims/templates/rbac.yaml | 2 +-
charts/physims/templates/serviceaccount.yaml | 2 +-
charts/physims/values.yaml | 88 +------------------
46 files changed, 189 insertions(+), 538 deletions(-)
rename charts/physims/charts/dlsim.100rb+tm2/templates/{deployment.yaml => job.yaml} (65%)
rename charts/physims/charts/dlsim.basic/templates/{deployment.yaml => job.yaml} (61%)
rename charts/physims/charts/ldpctest/templates/{deployment.yaml => job.yaml} (66%)
rename charts/physims/charts/nr-dlschsim/templates/{deployment.yaml => job.yaml} (65%)
rename charts/physims/charts/nr-dlsim.basic/templates/{deployment.yaml => job.yaml} (65%)
rename charts/physims/charts/nr-dlsim.dmrs+ptrs/templates/{deployment.yaml => job.yaml} (64%)
rename charts/physims/charts/nr-dlsim.mcs+mimo/templates/{deployment.yaml => job.yaml} (65%)
rename charts/physims/charts/nr-dlsim.offset/templates/{deployment.yaml => job.yaml} (65%)
rename charts/physims/charts/nr-pbchsim.106rb/templates/{deployment.yaml => job.yaml} (72%)
rename charts/physims/charts/nr-pbchsim.217rb/templates/{deployment.yaml => job.yaml} (65%)
rename charts/physims/charts/nr-pbchsim.273rb/templates/{deployment.yaml => job.yaml} (65%)
rename charts/physims/charts/nr-prachsim/templates/{deployment.yaml => job.yaml} (65%)
rename charts/physims/charts/nr-pucchsim/templates/{deployment.yaml => job.yaml} (65%)
rename charts/physims/charts/nr-ulschsim/templates/{deployment.yaml => job.yaml} (65%)
rename charts/physims/charts/nr-ulsim.3gpp/templates/{deployment.yaml => job.yaml} (65%)
rename charts/physims/charts/nr-ulsim.mimo/templates/{deployment.yaml => job.yaml} (65%)
rename charts/physims/charts/nr-ulsim.misc/templates/{deployment.yaml => job.yaml} (65%)
rename charts/physims/charts/nr-ulsim.sc-fdma/templates/{deployment.yaml => job.yaml} (68%)
rename charts/physims/charts/polartest/templates/{deployment.yaml => job.yaml} (65%)
rename charts/physims/charts/smallblocktest/templates/{deployment.yaml => job.yaml} (65%)
rename charts/physims/charts/ulsim/templates/{deployment.yaml => job.yaml} (66%)
diff --git a/charts/physims/Chart.yaml b/charts/physims/Chart.yaml
index bef28aac275..0a6abe4caaa 100644
--- a/charts/physims/Chart.yaml
+++ b/charts/physims/Chart.yaml
@@ -16,7 +16,7 @@ icon: http://www.openairinterface.org/wp-content/uploads/2015/06/cropped-oai_fin
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
-version: 0.1.1
+version: 1.0.0
# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application.
diff --git a/charts/physims/charts/dlsim.100rb+tm2/templates/deployment.yaml b/charts/physims/charts/dlsim.100rb+tm2/templates/job.yaml
similarity index 65%
rename from charts/physims/charts/dlsim.100rb+tm2/templates/deployment.yaml
rename to charts/physims/charts/dlsim.100rb+tm2/templates/job.yaml
index 88bf277a033..03a0813d794 100644
--- a/charts/physims/charts/dlsim.100rb+tm2/templates/deployment.yaml
+++ b/charts/physims/charts/dlsim.100rb+tm2/templates/job.yaml
@@ -1,20 +1,9 @@
-apiVersion: apps/v1
-kind: Deployment
+apiVersion: batch/v1
+kind: Job
metadata:
name: {{ .Chart.Name }}
- labels:
- {{- include "oai-dlsim-100rb-tm2.labels" . | nindent 4 }}
spec:
- replicas: {{ .Values.replicaCount }}
- selector:
- matchLabels:
- {{- include "oai-dlsim-100rb-tm2.selectorLabels" . | nindent 6 }}
- strategy:
- type: Recreate
template:
- metadata:
- labels:
- {{- include "oai-dlsim-100rb-tm2.selectorLabels" . | nindent 8 }}
spec:
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
@@ -28,8 +17,6 @@ spec:
imagePullPolicy: {{ .Values.image.pullPolicy }}
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
- ports:
- - containerPort: 80
env:
- name: OPENAIR_DIR
value: /opt/oai-physim
@@ -37,9 +24,9 @@ spec:
args:
- >
cmake_targets/autotests/run_exec_autotests.bash -g "dlsim.100rb+tm2" -d bin/ &&
- echo "FINISHED" && sleep infinity
+ echo "FINISHED"
dnsPolicy: ClusterFirst
- restartPolicy: Always
+ restartPolicy: Never
schedulerName: default-scheduler
serviceAccountName: {{ .Values.global.serviceAccountName }}
terminationGracePeriodSeconds: 30
diff --git a/charts/physims/charts/dlsim.100rb+tm2/values.yaml b/charts/physims/charts/dlsim.100rb+tm2/values.yaml
index f3d1aa3d743..35614bc844d 100644
--- a/charts/physims/charts/dlsim.100rb+tm2/values.yaml
+++ b/charts/physims/charts/dlsim.100rb+tm2/values.yaml
@@ -27,10 +27,10 @@ podSecurityContext:
runAsGroup: 0
securityContext:
- privileged: true
- capabilities:
- add:
- - SYS_CAP_PTRACE
+ privileged: false
+# capabilities:
+# add:
+# - SYS_CAP_PTRACE
# drop:
# - ALL
# readOnlyRootFilesystem: true
diff --git a/charts/physims/charts/dlsim.basic/templates/deployment.yaml b/charts/physims/charts/dlsim.basic/templates/job.yaml
similarity index 61%
rename from charts/physims/charts/dlsim.basic/templates/deployment.yaml
rename to charts/physims/charts/dlsim.basic/templates/job.yaml
index f74f5047275..4edd9a5f2ff 100644
--- a/charts/physims/charts/dlsim.basic/templates/deployment.yaml
+++ b/charts/physims/charts/dlsim.basic/templates/job.yaml
@@ -1,20 +1,9 @@
-apiVersion: apps/v1
-kind: Deployment
+apiVersion: batch/v1
+kind: Job
metadata:
name: {{ .Chart.Name }}
- labels:
- {{- include "oai-dlsim-basic.labels" . | nindent 4 }}
spec:
- replicas: {{ .Values.replicaCount }}
- selector:
- matchLabels:
- {{- include "oai-dlsim-basic.selectorLabels" . | nindent 6 }}
- strategy:
- type: Recreate
template:
- metadata:
- labels:
- {{- include "oai-dlsim-basic.selectorLabels" . | nindent 8 }}
spec:
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
@@ -26,10 +15,15 @@ spec:
- name: physim
image: "{{ .Values.global.image.repository }}:{{ .Values.global.image.version }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
+# resources:
+# requests:
+# memory: "4096Mi"
+# cpu: "4000m"
+# limits:
+# memory: "4096Mi"
+# cpu: "4000m"
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
- ports:
- - containerPort: 80
env:
- name: OPENAIR_DIR
value: /opt/oai-physim
@@ -37,9 +31,9 @@ spec:
args:
- >
cmake_targets/autotests/run_exec_autotests.bash -g "dlsim.basic" -d bin/ &&
- echo "FINISHED" && sleep infinity
+ echo "FINISHED"
dnsPolicy: ClusterFirst
- restartPolicy: Always
+ restartPolicy: Never
schedulerName: default-scheduler
- serviceAccountName: {{ .Values.global.serviceAccountName }}
+ serviceAccountName: oai-physim-sa
terminationGracePeriodSeconds: 30
diff --git a/charts/physims/charts/dlsim.basic/values.yaml b/charts/physims/charts/dlsim.basic/values.yaml
index e36679ec2b7..91b9eed407e 100644
--- a/charts/physims/charts/dlsim.basic/values.yaml
+++ b/charts/physims/charts/dlsim.basic/values.yaml
@@ -20,17 +20,17 @@ serviceAccount:
annotations: {}
# The name of the service account to use.
# If not set and create is true, a name is generated using the fullname template
- name: "oai-dlsim-basic"
+ name: "oai-physim-sa" #"oai-dlsim-basic"
podSecurityContext:
runAsUser: 0
runAsGroup: 0
securityContext:
- privileged: true
- capabilities:
- add:
- - SYS_CAP_PTRACE
+ privileged: false
+ #capabilities:
+ # add:
+ # - SYS_CAP_PTRACE
# drop:
# - ALL
# readOnlyRootFilesystem: true
@@ -41,17 +41,13 @@ service:
type: ClusterIP
port: 80
-resources: {}
- # We usually recommend not to specify default resources and to leave this as a conscious
- # choice for the user. This also increases chances charts run on environments with little
- # resources, such as Minikube. If you do want to specify resources, uncomment the following
- # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
- # limits:
- # cpu: 100m
- # memory: 128Mi
- # requests:
- # cpu: 100m
- # memory: 128Mi
+resources:
+ limits:
+ cpu: 100m
+ memory: 128Mi
+ requests:
+ cpu: 100m
+ memory: 128Mi
nodeSelector: {}
diff --git a/charts/physims/charts/ldpctest/templates/deployment.yaml b/charts/physims/charts/ldpctest/templates/job.yaml
similarity index 66%
rename from charts/physims/charts/ldpctest/templates/deployment.yaml
rename to charts/physims/charts/ldpctest/templates/job.yaml
index 8df3df5c462..1d1dc2c886b 100644
--- a/charts/physims/charts/ldpctest/templates/deployment.yaml
+++ b/charts/physims/charts/ldpctest/templates/job.yaml
@@ -1,20 +1,9 @@
-apiVersion: apps/v1
-kind: Deployment
+apiVersion: batch/v1
+kind: Job
metadata:
name: {{ .Chart.Name }}
- labels:
- {{- include "oai-ldpctest.labels" . | nindent 4 }}
spec:
- replicas: {{ .Values.replicaCount }}
- selector:
- matchLabels:
- {{- include "oai-ldpctest.selectorLabels" . | nindent 6 }}
- strategy:
- type: Recreate
template:
- metadata:
- labels:
- {{- include "oai-ldpctest.selectorLabels" . | nindent 8 }}
spec:
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
@@ -28,8 +17,6 @@ spec:
imagePullPolicy: {{ .Values.image.pullPolicy }}
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
- ports:
- - containerPort: 80
env:
- name: OPENAIR_DIR
value: /opt/oai-physim
@@ -37,9 +24,9 @@ spec:
args:
- >
cmake_targets/autotests/run_exec_autotests.bash -g "ldpctest" -d bin/ &&
- echo "FINISHED" && sleep infinity
+ echo "FINISHED"
dnsPolicy: ClusterFirst
- restartPolicy: Always
+ restartPolicy: Never
schedulerName: default-scheduler
serviceAccountName: {{ .Values.global.serviceAccountName }}
terminationGracePeriodSeconds: 30
diff --git a/charts/physims/charts/ldpctest/values.yaml b/charts/physims/charts/ldpctest/values.yaml
index 0ac20e6dd37..964878baadf 100644
--- a/charts/physims/charts/ldpctest/values.yaml
+++ b/charts/physims/charts/ldpctest/values.yaml
@@ -27,10 +27,10 @@ podSecurityContext:
runAsGroup: 0
securityContext:
- privileged: true
- capabilities:
- add:
- - SYS_CAP_PTRACE
+ privileged: false
+# capabilities:
+# add:
+# - SYS_CAP_PTRACE
# drop:
# - ALL
# readOnlyRootFilesystem: true
diff --git a/charts/physims/charts/nr-dlschsim/templates/deployment.yaml b/charts/physims/charts/nr-dlschsim/templates/job.yaml
similarity index 65%
rename from charts/physims/charts/nr-dlschsim/templates/deployment.yaml
rename to charts/physims/charts/nr-dlschsim/templates/job.yaml
index 1016dbef560..9141c93644b 100644
--- a/charts/physims/charts/nr-dlschsim/templates/deployment.yaml
+++ b/charts/physims/charts/nr-dlschsim/templates/job.yaml
@@ -1,20 +1,9 @@
-apiVersion: apps/v1
-kind: Deployment
+apiVersion: batch/v1
+kind: Job
metadata:
name: {{ .Chart.Name }}
- labels:
- {{- include "oai-nr-dlschsim.labels" . | nindent 4 }}
spec:
- replicas: {{ .Values.replicaCount }}
- selector:
- matchLabels:
- {{- include "oai-nr-dlschsim.selectorLabels" . | nindent 6 }}
- strategy:
- type: Recreate
template:
- metadata:
- labels:
- {{- include "oai-nr-dlschsim.selectorLabels" . | nindent 8 }}
spec:
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
@@ -28,8 +17,6 @@ spec:
imagePullPolicy: {{ .Values.image.pullPolicy }}
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
- ports:
- - containerPort: 80
env:
- name: OPENAIR_DIR
value: /opt/oai-physim
@@ -37,9 +24,9 @@ spec:
args:
- >
cmake_targets/autotests/run_exec_autotests.bash -g "nr_dlschsim" -d bin/ &&
- echo "FINISHED" && sleep infinity
+ echo "FINISHED"
dnsPolicy: ClusterFirst
- restartPolicy: Always
+ restartPolicy: Never
schedulerName: default-scheduler
serviceAccountName: {{ .Values.global.serviceAccountName }}
terminationGracePeriodSeconds: 30
diff --git a/charts/physims/charts/nr-dlschsim/values.yaml b/charts/physims/charts/nr-dlschsim/values.yaml
index cb32095f764..05b775444a8 100644
--- a/charts/physims/charts/nr-dlschsim/values.yaml
+++ b/charts/physims/charts/nr-dlschsim/values.yaml
@@ -27,10 +27,10 @@ podSecurityContext:
runAsGroup: 0
securityContext:
- privileged: true
- capabilities:
- add:
- - SYS_CAP_PTRACE
+ privileged: false
+# capabilities:
+# add:
+# - SYS_CAP_PTRACE
# drop:
# - ALL
# readOnlyRootFilesystem: true
diff --git a/charts/physims/charts/nr-dlsim.basic/templates/deployment.yaml b/charts/physims/charts/nr-dlsim.basic/templates/job.yaml
similarity index 65%
rename from charts/physims/charts/nr-dlsim.basic/templates/deployment.yaml
rename to charts/physims/charts/nr-dlsim.basic/templates/job.yaml
index 72ae0406d0f..b998f6f1846 100644
--- a/charts/physims/charts/nr-dlsim.basic/templates/deployment.yaml
+++ b/charts/physims/charts/nr-dlsim.basic/templates/job.yaml
@@ -1,20 +1,9 @@
-apiVersion: apps/v1
-kind: Deployment
+apiVersion: batch/v1
+kind: Job
metadata:
name: {{ .Chart.Name }}
- labels:
- {{- include "oai-nr-dlsim-basic.labels" . | nindent 4 }}
spec:
- replicas: {{ .Values.replicaCount }}
- selector:
- matchLabels:
- {{- include "oai-nr-dlsim-basic.selectorLabels" . | nindent 6 }}
- strategy:
- type: Recreate
template:
- metadata:
- labels:
- {{- include "oai-nr-dlsim-basic.selectorLabels" . | nindent 8 }}
spec:
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
@@ -28,8 +17,6 @@ spec:
imagePullPolicy: {{ .Values.image.pullPolicy }}
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
- ports:
- - containerPort: 80
env:
- name: OPENAIR_DIR
value: /opt/oai-physim
@@ -37,9 +24,9 @@ spec:
args:
- >
cmake_targets/autotests/run_exec_autotests.bash -g "nr_dlsim.basic" -d bin/ &&
- echo "FINISHED" && sleep infinity
+ echo "FINISHED"
dnsPolicy: ClusterFirst
- restartPolicy: Always
+ restartPolicy: Never
schedulerName: default-scheduler
serviceAccountName: {{ .Values.global.serviceAccountName }}
terminationGracePeriodSeconds: 30
diff --git a/charts/physims/charts/nr-dlsim.basic/values.yaml b/charts/physims/charts/nr-dlsim.basic/values.yaml
index 4b9db13d7ee..4bd0f822945 100644
--- a/charts/physims/charts/nr-dlsim.basic/values.yaml
+++ b/charts/physims/charts/nr-dlsim.basic/values.yaml
@@ -27,10 +27,10 @@ podSecurityContext:
runAsGroup: 0
securityContext:
- privileged: true
- capabilities:
- add:
- - SYS_CAP_PTRACE
+ privileged: false
+# capabilities:
+# add:
+# - SYS_CAP_PTRACE
# drop:
# - ALL
# readOnlyRootFilesystem: true
diff --git a/charts/physims/charts/nr-dlsim.dmrs+ptrs/templates/deployment.yaml b/charts/physims/charts/nr-dlsim.dmrs+ptrs/templates/job.yaml
similarity index 64%
rename from charts/physims/charts/nr-dlsim.dmrs+ptrs/templates/deployment.yaml
rename to charts/physims/charts/nr-dlsim.dmrs+ptrs/templates/job.yaml
index 847a1e1aee0..4e4948c7c9f 100644
--- a/charts/physims/charts/nr-dlsim.dmrs+ptrs/templates/deployment.yaml
+++ b/charts/physims/charts/nr-dlsim.dmrs+ptrs/templates/job.yaml
@@ -1,20 +1,9 @@
-apiVersion: apps/v1
-kind: Deployment
+apiVersion: batch/v1
+kind: Job
metadata:
name: {{ .Chart.Name }}
- labels:
- {{- include "oai-nr-dlsim-dmrs-ptrs.labels" . | nindent 4 }}
spec:
- replicas: {{ .Values.replicaCount }}
- selector:
- matchLabels:
- {{- include "oai-nr-dlsim-dmrs-ptrs.selectorLabels" . | nindent 6 }}
- strategy:
- type: Recreate
template:
- metadata:
- labels:
- {{- include "oai-nr-dlsim-dmrs-ptrs.selectorLabels" . | nindent 8 }}
spec:
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
@@ -28,8 +17,6 @@ spec:
imagePullPolicy: {{ .Values.image.pullPolicy }}
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
- ports:
- - containerPort: 80
env:
- name: OPENAIR_DIR
value: /opt/oai-physim
@@ -37,9 +24,9 @@ spec:
args:
- >
cmake_targets/autotests/run_exec_autotests.bash -g "nr_dlsim.dmrs+ptrs" -d bin/ &&
- echo "FINISHED" && sleep infinity
+ echo "FINISHED"
dnsPolicy: ClusterFirst
- restartPolicy: Always
+ restartPolicy: Never
schedulerName: default-scheduler
serviceAccountName: {{ .Values.global.serviceAccountName }}
terminationGracePeriodSeconds: 30
diff --git a/charts/physims/charts/nr-dlsim.dmrs+ptrs/values.yaml b/charts/physims/charts/nr-dlsim.dmrs+ptrs/values.yaml
index 8c1814f19dc..dffc4433980 100644
--- a/charts/physims/charts/nr-dlsim.dmrs+ptrs/values.yaml
+++ b/charts/physims/charts/nr-dlsim.dmrs+ptrs/values.yaml
@@ -27,10 +27,10 @@ podSecurityContext:
runAsGroup: 0
securityContext:
- privileged: true
- capabilities:
- add:
- - SYS_CAP_PTRACE
+ privileged: false
+# capabilities:
+# add:
+# - SYS_CAP_PTRACE
# drop:
# - ALL
# readOnlyRootFilesystem: true
diff --git a/charts/physims/charts/nr-dlsim.mcs+mimo/templates/deployment.yaml b/charts/physims/charts/nr-dlsim.mcs+mimo/templates/job.yaml
similarity index 65%
rename from charts/physims/charts/nr-dlsim.mcs+mimo/templates/deployment.yaml
rename to charts/physims/charts/nr-dlsim.mcs+mimo/templates/job.yaml
index c79eaf01a2d..ff8ec59352a 100644
--- a/charts/physims/charts/nr-dlsim.mcs+mimo/templates/deployment.yaml
+++ b/charts/physims/charts/nr-dlsim.mcs+mimo/templates/job.yaml
@@ -1,20 +1,9 @@
-apiVersion: apps/v1
-kind: Deployment
+apiVersion: batch/v1
+kind: Job
metadata:
name: {{ .Chart.Name }}
- labels:
- {{- include "oai-nr-dlsim-mcs-mimo.labels" . | nindent 4 }}
spec:
- replicas: {{ .Values.replicaCount }}
- selector:
- matchLabels:
- {{- include "oai-nr-dlsim-mcs-mimo.selectorLabels" . | nindent 6 }}
- strategy:
- type: Recreate
template:
- metadata:
- labels:
- {{- include "oai-nr-dlsim-mcs-mimo.selectorLabels" . | nindent 8 }}
spec:
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
@@ -28,8 +17,6 @@ spec:
imagePullPolicy: {{ .Values.image.pullPolicy }}
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
- ports:
- - containerPort: 80
env:
- name: OPENAIR_DIR
value: /opt/oai-physim
@@ -37,9 +24,9 @@ spec:
args:
- >
cmake_targets/autotests/run_exec_autotests.bash -g "nr_dlsim.mcs+mimo" -d bin/ &&
- echo "FINISHED" && sleep infinity
+ echo "FINISHED"
dnsPolicy: ClusterFirst
- restartPolicy: Always
+ restartPolicy: Never
schedulerName: default-scheduler
serviceAccountName: {{ .Values.global.serviceAccountName }}
terminationGracePeriodSeconds: 30
diff --git a/charts/physims/charts/nr-dlsim.mcs+mimo/values.yaml b/charts/physims/charts/nr-dlsim.mcs+mimo/values.yaml
index 5bb48ad15db..8c56f219b4b 100644
--- a/charts/physims/charts/nr-dlsim.mcs+mimo/values.yaml
+++ b/charts/physims/charts/nr-dlsim.mcs+mimo/values.yaml
@@ -27,10 +27,10 @@ podSecurityContext:
runAsGroup: 0
securityContext:
- privileged: true
- capabilities:
- add:
- - SYS_CAP_PTRACE
+ privileged: false
+# capabilities:
+# add:
+# - SYS_CAP_PTRACE
# drop:
# - ALL
# readOnlyRootFilesystem: true
diff --git a/charts/physims/charts/nr-dlsim.offset/templates/deployment.yaml b/charts/physims/charts/nr-dlsim.offset/templates/job.yaml
similarity index 65%
rename from charts/physims/charts/nr-dlsim.offset/templates/deployment.yaml
rename to charts/physims/charts/nr-dlsim.offset/templates/job.yaml
index b952654c932..71a5f885427 100644
--- a/charts/physims/charts/nr-dlsim.offset/templates/deployment.yaml
+++ b/charts/physims/charts/nr-dlsim.offset/templates/job.yaml
@@ -1,20 +1,9 @@
-apiVersion: apps/v1
-kind: Deployment
+apiVersion: batch/v1
+kind: Job
metadata:
name: {{ .Chart.Name }}
- labels:
- {{- include "oai-nr-dlsim-offset.labels" . | nindent 4 }}
spec:
- replicas: {{ .Values.replicaCount }}
- selector:
- matchLabels:
- {{- include "oai-nr-dlsim-offset.selectorLabels" . | nindent 6 }}
- strategy:
- type: Recreate
template:
- metadata:
- labels:
- {{- include "oai-nr-dlsim-offset.selectorLabels" . | nindent 8 }}
spec:
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
@@ -28,8 +17,6 @@ spec:
imagePullPolicy: {{ .Values.image.pullPolicy }}
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
- ports:
- - containerPort: 80
env:
- name: OPENAIR_DIR
value: /opt/oai-physim
@@ -37,9 +24,9 @@ spec:
args:
- >
cmake_targets/autotests/run_exec_autotests.bash -g "nr_dlsim.offset" -d bin/ &&
- echo "FINISHED" && sleep infinity
+ echo "FINISHED"
dnsPolicy: ClusterFirst
- restartPolicy: Always
+ restartPolicy: Never
schedulerName: default-scheduler
serviceAccountName: {{ .Values.global.serviceAccountName }}
terminationGracePeriodSeconds: 30
diff --git a/charts/physims/charts/nr-dlsim.offset/values.yaml b/charts/physims/charts/nr-dlsim.offset/values.yaml
index 40c1a94efe3..8de40ffcaa7 100644
--- a/charts/physims/charts/nr-dlsim.offset/values.yaml
+++ b/charts/physims/charts/nr-dlsim.offset/values.yaml
@@ -27,10 +27,10 @@ podSecurityContext:
runAsGroup: 0
securityContext:
- privileged: true
- capabilities:
- add:
- - SYS_CAP_PTRACE
+ privileged: false
+# capabilities:
+# add:
+# - SYS_CAP_PTRACE
# drop:
# - ALL
# readOnlyRootFilesystem: true
diff --git a/charts/physims/charts/nr-pbchsim.106rb/templates/deployment.yaml b/charts/physims/charts/nr-pbchsim.106rb/templates/job.yaml
similarity index 72%
rename from charts/physims/charts/nr-pbchsim.106rb/templates/deployment.yaml
rename to charts/physims/charts/nr-pbchsim.106rb/templates/job.yaml
index ed0f8f15707..6b560eded2f 100644
--- a/charts/physims/charts/nr-pbchsim.106rb/templates/deployment.yaml
+++ b/charts/physims/charts/nr-pbchsim.106rb/templates/job.yaml
@@ -1,16 +1,8 @@
-apiVersion: apps/v1
-kind: Deployment
+apiVersion: batch/v1
+kind: Job
metadata:
name: {{ .Chart.Name }}
- labels:
- {{- include "oai-nr-pbchsim-106rb.labels" . | nindent 4 }}
spec:
- replicas: {{ .Values.replicaCount }}
- selector:
- matchLabels:
- {{- include "oai-nr-pbchsim-106rb.selectorLabels" . | nindent 6 }}
- strategy:
- type: Recreate
template:
metadata:
labels:
@@ -28,8 +20,6 @@ spec:
imagePullPolicy: {{ .Values.image.pullPolicy }}
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
- ports:
- - containerPort: 80
env:
- name: OPENAIR_DIR
value: /opt/oai-physim
@@ -37,9 +27,9 @@ spec:
args:
- >
cmake_targets/autotests/run_exec_autotests.bash -g "nr_pbchsim.106rb" -d bin/ &&
- echo "FINISHED" && sleep infinity
+ echo "FINISHED"
dnsPolicy: ClusterFirst
- restartPolicy: Always
+ restartPolicy: Never
schedulerName: default-scheduler
serviceAccountName: {{ .Values.global.serviceAccountName }}
terminationGracePeriodSeconds: 30
diff --git a/charts/physims/charts/nr-pbchsim.106rb/values.yaml b/charts/physims/charts/nr-pbchsim.106rb/values.yaml
index 5632762245e..fdeacbc96ec 100644
--- a/charts/physims/charts/nr-pbchsim.106rb/values.yaml
+++ b/charts/physims/charts/nr-pbchsim.106rb/values.yaml
@@ -27,10 +27,10 @@ podSecurityContext:
runAsGroup: 0
securityContext:
- privileged: true
- capabilities:
- add:
- - SYS_CAP_PTRACE
+ privileged: false
+# capabilities:
+# add:
+# - SYS_CAP_PTRACE
# drop:
# - ALL
# readOnlyRootFilesystem: true
diff --git a/charts/physims/charts/nr-pbchsim.217rb/templates/deployment.yaml b/charts/physims/charts/nr-pbchsim.217rb/templates/job.yaml
similarity index 65%
rename from charts/physims/charts/nr-pbchsim.217rb/templates/deployment.yaml
rename to charts/physims/charts/nr-pbchsim.217rb/templates/job.yaml
index 513443deaa3..7f6c11dd436 100644
--- a/charts/physims/charts/nr-pbchsim.217rb/templates/deployment.yaml
+++ b/charts/physims/charts/nr-pbchsim.217rb/templates/job.yaml
@@ -1,20 +1,9 @@
-apiVersion: apps/v1
-kind: Deployment
+apiVersion: batch/v1
+kind: Job
metadata:
name: {{ .Chart.Name }}
- labels:
- {{- include "oai-nr-pbchsim-217rb.labels" . | nindent 4 }}
spec:
- replicas: {{ .Values.replicaCount }}
- selector:
- matchLabels:
- {{- include "oai-nr-pbchsim-217rb.selectorLabels" . | nindent 6 }}
- strategy:
- type: Recreate
template:
- metadata:
- labels:
- {{- include "oai-nr-pbchsim-217rb.selectorLabels" . | nindent 8 }}
spec:
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
@@ -28,8 +17,6 @@ spec:
imagePullPolicy: {{ .Values.image.pullPolicy }}
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
- ports:
- - containerPort: 80
env:
- name: OPENAIR_DIR
value: /opt/oai-physim
@@ -37,9 +24,9 @@ spec:
args:
- >
cmake_targets/autotests/run_exec_autotests.bash -g "nr_pbchsim.217rb" -d bin/ &&
- echo "FINISHED" && sleep infinity
+ echo "FINISHED"
dnsPolicy: ClusterFirst
- restartPolicy: Always
+ restartPolicy: Never
schedulerName: default-scheduler
serviceAccountName: {{ .Values.global.serviceAccountName }}
terminationGracePeriodSeconds: 30
diff --git a/charts/physims/charts/nr-pbchsim.217rb/values.yaml b/charts/physims/charts/nr-pbchsim.217rb/values.yaml
index 7b44b982de5..325703f53da 100644
--- a/charts/physims/charts/nr-pbchsim.217rb/values.yaml
+++ b/charts/physims/charts/nr-pbchsim.217rb/values.yaml
@@ -27,10 +27,10 @@ podSecurityContext:
runAsGroup: 0
securityContext:
- privileged: true
- capabilities:
- add:
- - SYS_CAP_PTRACE
+ privileged: false
+# capabilities:
+# add:
+# - SYS_CAP_PTRACE
# drop:
# - ALL
# readOnlyRootFilesystem: true
diff --git a/charts/physims/charts/nr-pbchsim.273rb/templates/deployment.yaml b/charts/physims/charts/nr-pbchsim.273rb/templates/job.yaml
similarity index 65%
rename from charts/physims/charts/nr-pbchsim.273rb/templates/deployment.yaml
rename to charts/physims/charts/nr-pbchsim.273rb/templates/job.yaml
index 512e212c073..5f16b06c1d9 100644
--- a/charts/physims/charts/nr-pbchsim.273rb/templates/deployment.yaml
+++ b/charts/physims/charts/nr-pbchsim.273rb/templates/job.yaml
@@ -1,20 +1,9 @@
-apiVersion: apps/v1
-kind: Deployment
+apiVersion: batch/v1
+kind: Job
metadata:
name: {{ .Chart.Name }}
- labels:
- {{- include "oai-nr-pbchsim-273rb.labels" . | nindent 4 }}
spec:
- replicas: {{ .Values.replicaCount }}
- selector:
- matchLabels:
- {{- include "oai-nr-pbchsim-273rb.selectorLabels" . | nindent 6 }}
- strategy:
- type: Recreate
template:
- metadata:
- labels:
- {{- include "oai-nr-pbchsim-273rb.selectorLabels" . | nindent 8 }}
spec:
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
@@ -28,8 +17,6 @@ spec:
imagePullPolicy: {{ .Values.image.pullPolicy }}
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
- ports:
- - containerPort: 80
env:
- name: OPENAIR_DIR
value: /opt/oai-physim
@@ -37,9 +24,9 @@ spec:
args:
- >
cmake_targets/autotests/run_exec_autotests.bash -g "nr_pbchsim.273rb" -d bin/ &&
- echo "FINISHED" && sleep infinity
+ echo "FINISHED"
dnsPolicy: ClusterFirst
- restartPolicy: Always
+ restartPolicy: Never
schedulerName: default-scheduler
serviceAccountName: {{ .Values.global.serviceAccountName }}
terminationGracePeriodSeconds: 30
diff --git a/charts/physims/charts/nr-pbchsim.273rb/values.yaml b/charts/physims/charts/nr-pbchsim.273rb/values.yaml
index 9cb5f6ebb5f..529cedd5dc9 100644
--- a/charts/physims/charts/nr-pbchsim.273rb/values.yaml
+++ b/charts/physims/charts/nr-pbchsim.273rb/values.yaml
@@ -27,10 +27,10 @@ podSecurityContext:
runAsGroup: 0
securityContext:
- privileged: true
- capabilities:
- add:
- - SYS_CAP_PTRACE
+ privileged: false
+# capabilities:
+# add:
+# - SYS_CAP_PTRACE
# drop:
# - ALL
# readOnlyRootFilesystem: true
diff --git a/charts/physims/charts/nr-prachsim/templates/deployment.yaml b/charts/physims/charts/nr-prachsim/templates/job.yaml
similarity index 65%
rename from charts/physims/charts/nr-prachsim/templates/deployment.yaml
rename to charts/physims/charts/nr-prachsim/templates/job.yaml
index 6bea044b86c..2b366e36550 100644
--- a/charts/physims/charts/nr-prachsim/templates/deployment.yaml
+++ b/charts/physims/charts/nr-prachsim/templates/job.yaml
@@ -1,20 +1,9 @@
-apiVersion: apps/v1
-kind: Deployment
+apiVersion: batch/v1
+kind: Job
metadata:
name: {{ .Chart.Name }}
- labels:
- {{- include "oai-nr-prachsim.labels" . | nindent 4 }}
spec:
- replicas: {{ .Values.replicaCount }}
- selector:
- matchLabels:
- {{- include "oai-nr-prachsim.selectorLabels" . | nindent 6 }}
- strategy:
- type: Recreate
template:
- metadata:
- labels:
- {{- include "oai-nr-prachsim.selectorLabels" . | nindent 8 }}
spec:
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
@@ -28,8 +17,6 @@ spec:
imagePullPolicy: {{ .Values.image.pullPolicy }}
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
- ports:
- - containerPort: 80
env:
- name: OPENAIR_DIR
value: /opt/oai-physim
@@ -37,9 +24,9 @@ spec:
args:
- >
cmake_targets/autotests/run_exec_autotests.bash -g "nr_prachsim" -d bin/ &&
- echo "FINISHED" && sleep infinity
+ echo "FINISHED"
dnsPolicy: ClusterFirst
- restartPolicy: Always
+ restartPolicy: Never
schedulerName: default-scheduler
serviceAccountName: {{ .Values.global.serviceAccountName }}
terminationGracePeriodSeconds: 30
diff --git a/charts/physims/charts/nr-prachsim/values.yaml b/charts/physims/charts/nr-prachsim/values.yaml
index 93789de637e..99b4f70f28d 100644
--- a/charts/physims/charts/nr-prachsim/values.yaml
+++ b/charts/physims/charts/nr-prachsim/values.yaml
@@ -27,10 +27,10 @@ podSecurityContext:
runAsGroup: 0
securityContext:
- privileged: true
- capabilities:
- add:
- - SYS_CAP_PTRACE
+ privileged: false
+# capabilities:
+# add:
+# - SYS_CAP_PTRACE
# drop:
# - ALL
# readOnlyRootFilesystem: true
diff --git a/charts/physims/charts/nr-pucchsim/templates/deployment.yaml b/charts/physims/charts/nr-pucchsim/templates/job.yaml
similarity index 65%
rename from charts/physims/charts/nr-pucchsim/templates/deployment.yaml
rename to charts/physims/charts/nr-pucchsim/templates/job.yaml
index fce72ebc352..2b1d7b016b6 100644
--- a/charts/physims/charts/nr-pucchsim/templates/deployment.yaml
+++ b/charts/physims/charts/nr-pucchsim/templates/job.yaml
@@ -1,20 +1,9 @@
-apiVersion: apps/v1
-kind: Deployment
+apiVersion: batch/v1
+kind: Job
metadata:
name: {{ .Chart.Name }}
- labels:
- {{- include "oai-nr-pucchsim.labels" . | nindent 4 }}
spec:
- replicas: {{ .Values.replicaCount }}
- selector:
- matchLabels:
- {{- include "oai-nr-pucchsim.selectorLabels" . | nindent 6 }}
- strategy:
- type: Recreate
template:
- metadata:
- labels:
- {{- include "oai-nr-pucchsim.selectorLabels" . | nindent 8 }}
spec:
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
@@ -28,8 +17,6 @@ spec:
imagePullPolicy: {{ .Values.image.pullPolicy }}
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
- ports:
- - containerPort: 80
env:
- name: OPENAIR_DIR
value: /opt/oai-physim
@@ -37,9 +24,9 @@ spec:
args:
- >
cmake_targets/autotests/run_exec_autotests.bash -g "nr_pucchsim" -d bin/ &&
- echo "FINISHED" && sleep infinity
+ echo "FINISHED"
dnsPolicy: ClusterFirst
- restartPolicy: Always
+ restartPolicy: Never
schedulerName: default-scheduler
serviceAccountName: {{ .Values.global.serviceAccountName }}
terminationGracePeriodSeconds: 30
diff --git a/charts/physims/charts/nr-pucchsim/values.yaml b/charts/physims/charts/nr-pucchsim/values.yaml
index d4c869278b8..4d7a4b8750c 100644
--- a/charts/physims/charts/nr-pucchsim/values.yaml
+++ b/charts/physims/charts/nr-pucchsim/values.yaml
@@ -27,10 +27,10 @@ podSecurityContext:
runAsGroup: 0
securityContext:
- privileged: true
- capabilities:
- add:
- - SYS_CAP_PTRACE
+ privileged: false
+# capabilities:
+# add:
+# - SYS_CAP_PTRACE
# drop:
# - ALL
# readOnlyRootFilesystem: true
diff --git a/charts/physims/charts/nr-ulschsim/templates/deployment.yaml b/charts/physims/charts/nr-ulschsim/templates/job.yaml
similarity index 65%
rename from charts/physims/charts/nr-ulschsim/templates/deployment.yaml
rename to charts/physims/charts/nr-ulschsim/templates/job.yaml
index d44b2b64635..e54f2095a6f 100644
--- a/charts/physims/charts/nr-ulschsim/templates/deployment.yaml
+++ b/charts/physims/charts/nr-ulschsim/templates/job.yaml
@@ -1,20 +1,9 @@
-apiVersion: apps/v1
-kind: Deployment
+apiVersion: batch/v1
+kind: Job
metadata:
name: {{ .Chart.Name }}
- labels:
- {{- include "oai-nr-ulschsim.labels" . | nindent 4 }}
spec:
- replicas: {{ .Values.replicaCount }}
- selector:
- matchLabels:
- {{- include "oai-nr-ulschsim.selectorLabels" . | nindent 6 }}
- strategy:
- type: Recreate
template:
- metadata:
- labels:
- {{- include "oai-nr-ulschsim.selectorLabels" . | nindent 8 }}
spec:
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
@@ -28,8 +17,6 @@ spec:
imagePullPolicy: {{ .Values.image.pullPolicy }}
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
- ports:
- - containerPort: 80
env:
- name: OPENAIR_DIR
value: /opt/oai-physim
@@ -37,9 +24,9 @@ spec:
args:
- >
cmake_targets/autotests/run_exec_autotests.bash -g "nr_ulschsim" -d bin/ &&
- echo "FINISHED" && sleep infinity
+ echo "FINISHED"
dnsPolicy: ClusterFirst
- restartPolicy: Always
+ restartPolicy: Never
schedulerName: default-scheduler
serviceAccountName: {{ .Values.global.serviceAccountName }}
terminationGracePeriodSeconds: 30
diff --git a/charts/physims/charts/nr-ulschsim/values.yaml b/charts/physims/charts/nr-ulschsim/values.yaml
index b0529c818d9..083f4b43f16 100644
--- a/charts/physims/charts/nr-ulschsim/values.yaml
+++ b/charts/physims/charts/nr-ulschsim/values.yaml
@@ -27,10 +27,10 @@ podSecurityContext:
runAsGroup: 0
securityContext:
- privileged: true
- capabilities:
- add:
- - SYS_CAP_PTRACE
+ privileged: false
+# capabilities:
+# add:
+# - SYS_CAP_PTRACE
# drop:
# - ALL
# readOnlyRootFilesystem: true
diff --git a/charts/physims/charts/nr-ulsim.3gpp/templates/deployment.yaml b/charts/physims/charts/nr-ulsim.3gpp/templates/job.yaml
similarity index 65%
rename from charts/physims/charts/nr-ulsim.3gpp/templates/deployment.yaml
rename to charts/physims/charts/nr-ulsim.3gpp/templates/job.yaml
index 7bf59eed4f9..2c92769c4d5 100644
--- a/charts/physims/charts/nr-ulsim.3gpp/templates/deployment.yaml
+++ b/charts/physims/charts/nr-ulsim.3gpp/templates/job.yaml
@@ -1,20 +1,9 @@
-apiVersion: apps/v1
-kind: Deployment
+apiVersion: batch/v1
+kind: Job
metadata:
name: {{ .Chart.Name }}
- labels:
- {{- include "oai-nr-ulsim-3gpp.labels" . | nindent 4 }}
spec:
- replicas: {{ .Values.replicaCount }}
- selector:
- matchLabels:
- {{- include "oai-nr-ulsim-3gpp.selectorLabels" . | nindent 6 }}
- strategy:
- type: Recreate
template:
- metadata:
- labels:
- {{- include "oai-nr-ulsim-3gpp.selectorLabels" . | nindent 8 }}
spec:
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
@@ -28,8 +17,6 @@ spec:
imagePullPolicy: {{ .Values.image.pullPolicy }}
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
- ports:
- - containerPort: 80
env:
- name: OPENAIR_DIR
value: /opt/oai-physim
@@ -37,9 +24,9 @@ spec:
args:
- >
cmake_targets/autotests/run_exec_autotests.bash -g "nr_ulsim.3gpp" -d bin/ &&
- echo "FINISHED" && sleep infinity
+ echo "FINISHED"
dnsPolicy: ClusterFirst
- restartPolicy: Always
+ restartPolicy: Never
schedulerName: default-scheduler
serviceAccountName: {{ .Values.global.serviceAccountName }}
terminationGracePeriodSeconds: 30
diff --git a/charts/physims/charts/nr-ulsim.3gpp/values.yaml b/charts/physims/charts/nr-ulsim.3gpp/values.yaml
index 3d44bda9b85..adbe1241975 100644
--- a/charts/physims/charts/nr-ulsim.3gpp/values.yaml
+++ b/charts/physims/charts/nr-ulsim.3gpp/values.yaml
@@ -27,10 +27,10 @@ podSecurityContext:
runAsGroup: 0
securityContext:
- privileged: true
- capabilities:
- add:
- - SYS_CAP_PTRACE
+ privileged: false
+# capabilities:
+# add:
+# - SYS_CAP_PTRACE
# drop:
# - ALL
# readOnlyRootFilesystem: true
diff --git a/charts/physims/charts/nr-ulsim.mimo/templates/deployment.yaml b/charts/physims/charts/nr-ulsim.mimo/templates/job.yaml
similarity index 65%
rename from charts/physims/charts/nr-ulsim.mimo/templates/deployment.yaml
rename to charts/physims/charts/nr-ulsim.mimo/templates/job.yaml
index e8d6ecf7ce3..9d6c284b916 100644
--- a/charts/physims/charts/nr-ulsim.mimo/templates/deployment.yaml
+++ b/charts/physims/charts/nr-ulsim.mimo/templates/job.yaml
@@ -1,20 +1,9 @@
-apiVersion: apps/v1
-kind: Deployment
+apiVersion: batch/v1
+kind: Job
metadata:
name: {{ .Chart.Name }}
- labels:
- {{- include "oai-nr-ulsim-mimo.labels" . | nindent 4 }}
spec:
- replicas: {{ .Values.replicaCount }}
- selector:
- matchLabels:
- {{- include "oai-nr-ulsim-mimo.selectorLabels" . | nindent 6 }}
- strategy:
- type: Recreate
template:
- metadata:
- labels:
- {{- include "oai-nr-ulsim-mimo.selectorLabels" . | nindent 8 }}
spec:
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
@@ -28,8 +17,6 @@ spec:
imagePullPolicy: {{ .Values.image.pullPolicy }}
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
- ports:
- - containerPort: 80
env:
- name: OPENAIR_DIR
value: /opt/oai-physim
@@ -37,9 +24,9 @@ spec:
args:
- >
cmake_targets/autotests/run_exec_autotests.bash -g "nr_ulsim.mimo" -d bin/ &&
- echo "FINISHED" && sleep infinity
+ echo "FINISHED"
dnsPolicy: ClusterFirst
- restartPolicy: Always
+ restartPolicy: Never
schedulerName: default-scheduler
serviceAccountName: {{ .Values.global.serviceAccountName }}
terminationGracePeriodSeconds: 30
diff --git a/charts/physims/charts/nr-ulsim.mimo/values.yaml b/charts/physims/charts/nr-ulsim.mimo/values.yaml
index 55bdcd61587..1b527ee5fac 100644
--- a/charts/physims/charts/nr-ulsim.mimo/values.yaml
+++ b/charts/physims/charts/nr-ulsim.mimo/values.yaml
@@ -27,10 +27,10 @@ podSecurityContext:
runAsGroup: 0
securityContext:
- privileged: true
- capabilities:
- add:
- - SYS_CAP_PTRACE
+ privileged: false
+# capabilities:
+# add:
+# - SYS_CAP_PTRACE
# drop:
# - ALL
# readOnlyRootFilesystem: true
diff --git a/charts/physims/charts/nr-ulsim.misc/templates/deployment.yaml b/charts/physims/charts/nr-ulsim.misc/templates/job.yaml
similarity index 65%
rename from charts/physims/charts/nr-ulsim.misc/templates/deployment.yaml
rename to charts/physims/charts/nr-ulsim.misc/templates/job.yaml
index 56c25fbbc36..72ca08712b7 100644
--- a/charts/physims/charts/nr-ulsim.misc/templates/deployment.yaml
+++ b/charts/physims/charts/nr-ulsim.misc/templates/job.yaml
@@ -1,20 +1,9 @@
-apiVersion: apps/v1
-kind: Deployment
+apiVersion: batch/v1
+kind: Job
metadata:
name: {{ .Chart.Name }}
- labels:
- {{- include "oai-nr-ulsim-misc.labels" . | nindent 4 }}
spec:
- replicas: {{ .Values.replicaCount }}
- selector:
- matchLabels:
- {{- include "oai-nr-ulsim-misc.selectorLabels" . | nindent 6 }}
- strategy:
- type: Recreate
template:
- metadata:
- labels:
- {{- include "oai-nr-ulsim-misc.selectorLabels" . | nindent 8 }}
spec:
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
@@ -28,8 +17,6 @@ spec:
imagePullPolicy: {{ .Values.image.pullPolicy }}
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
- ports:
- - containerPort: 80
env:
- name: OPENAIR_DIR
value: /opt/oai-physim
@@ -37,9 +24,9 @@ spec:
args:
- >
cmake_targets/autotests/run_exec_autotests.bash -g "nr_ulsim.misc" -d bin/ &&
- echo "FINISHED" && sleep infinity
+ echo "FINISHED"
dnsPolicy: ClusterFirst
- restartPolicy: Always
+ restartPolicy: Never
schedulerName: default-scheduler
serviceAccountName: {{ .Values.global.serviceAccountName }}
terminationGracePeriodSeconds: 30
diff --git a/charts/physims/charts/nr-ulsim.misc/values.yaml b/charts/physims/charts/nr-ulsim.misc/values.yaml
index dcae7a2b66c..c3e265bf69c 100644
--- a/charts/physims/charts/nr-ulsim.misc/values.yaml
+++ b/charts/physims/charts/nr-ulsim.misc/values.yaml
@@ -27,10 +27,10 @@ podSecurityContext:
runAsGroup: 0
securityContext:
- privileged: true
- capabilities:
- add:
- - SYS_CAP_PTRACE
+ privileged: false
+# capabilities:
+# add:
+# - SYS_CAP_PTRACE
# drop:
# - ALL
# readOnlyRootFilesystem: true
diff --git a/charts/physims/charts/nr-ulsim.sc-fdma/templates/deployment.yaml b/charts/physims/charts/nr-ulsim.sc-fdma/templates/job.yaml
similarity index 68%
rename from charts/physims/charts/nr-ulsim.sc-fdma/templates/deployment.yaml
rename to charts/physims/charts/nr-ulsim.sc-fdma/templates/job.yaml
index 3119950e20c..05dccbf705f 100644
--- a/charts/physims/charts/nr-ulsim.sc-fdma/templates/deployment.yaml
+++ b/charts/physims/charts/nr-ulsim.sc-fdma/templates/job.yaml
@@ -1,20 +1,9 @@
-apiVersion: apps/v1
-kind: Deployment
+apiVersion: batch/v1
+kind: Job
metadata:
name: {{ .Chart.Name }}
- labels:
- {{- include "oai-nr-ulsim-sc-fdma.labels" . | nindent 4 }}
spec:
- replicas: {{ .Values.replicaCount }}
- selector:
- matchLabels:
- {{- include "oai-nr-ulsim-sc-fdma.selectorLabels" . | nindent 6 }}
- strategy:
- type: Recreate
template:
- metadata:
- labels:
- {{- include "oai-nr-ulsim-sc-fdma.selectorLabels" . | nindent 8 }}
spec:
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
@@ -37,9 +26,9 @@ spec:
args:
- >
cmake_targets/autotests/run_exec_autotests.bash -g "nr_ulsim.sc-fdma" -d bin/ &&
- echo "FINISHED" && sleep infinity
+ echo "FINISHED"
dnsPolicy: ClusterFirst
- restartPolicy: Always
+ restartPolicy: Never
schedulerName: default-scheduler
serviceAccountName: {{ .Values.global.serviceAccountName }}
terminationGracePeriodSeconds: 30
diff --git a/charts/physims/charts/nr-ulsim.sc-fdma/values.yaml b/charts/physims/charts/nr-ulsim.sc-fdma/values.yaml
index 0536fb03b6e..05a952a1ac8 100644
--- a/charts/physims/charts/nr-ulsim.sc-fdma/values.yaml
+++ b/charts/physims/charts/nr-ulsim.sc-fdma/values.yaml
@@ -27,10 +27,10 @@ podSecurityContext:
runAsGroup: 0
securityContext:
- privileged: true
- capabilities:
- add:
- - SYS_CAP_PTRACE
+ privileged: false
+# capabilities:
+# add:
+# - SYS_CAP_PTRACE
# drop:
# - ALL
# readOnlyRootFilesystem: true
diff --git a/charts/physims/charts/polartest/templates/deployment.yaml b/charts/physims/charts/polartest/templates/job.yaml
similarity index 65%
rename from charts/physims/charts/polartest/templates/deployment.yaml
rename to charts/physims/charts/polartest/templates/job.yaml
index 20dac8ebf7a..8f0998d9f3b 100644
--- a/charts/physims/charts/polartest/templates/deployment.yaml
+++ b/charts/physims/charts/polartest/templates/job.yaml
@@ -1,20 +1,9 @@
-apiVersion: apps/v1
-kind: Deployment
+apiVersion: batch/v1
+kind: Job
metadata:
name: {{ .Chart.Name }}
- labels:
- {{- include "oai-polartest.labels" . | nindent 4 }}
spec:
- replicas: {{ .Values.replicaCount }}
- selector:
- matchLabels:
- {{- include "oai-polartest.selectorLabels" . | nindent 6 }}
- strategy:
- type: Recreate
template:
- metadata:
- labels:
- {{- include "oai-polartest.selectorLabels" . | nindent 8 }}
spec:
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
@@ -28,8 +17,6 @@ spec:
imagePullPolicy: {{ .Values.image.pullPolicy }}
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
- ports:
- - containerPort: 80
env:
- name: OPENAIR_DIR
value: /opt/oai-physim
@@ -37,9 +24,9 @@ spec:
args:
- >
cmake_targets/autotests/run_exec_autotests.bash -g "polartest" -d bin/ &&
- echo "FINISHED" && sleep infinity
+ echo "FINISHED"
dnsPolicy: ClusterFirst
- restartPolicy: Always
+ restartPolicy: Never
schedulerName: default-scheduler
serviceAccountName: {{ .Values.global.serviceAccountName }}
terminationGracePeriodSeconds: 30
diff --git a/charts/physims/charts/polartest/values.yaml b/charts/physims/charts/polartest/values.yaml
index f7195dd5727..c91ee2bf5b5 100644
--- a/charts/physims/charts/polartest/values.yaml
+++ b/charts/physims/charts/polartest/values.yaml
@@ -27,10 +27,10 @@ podSecurityContext:
runAsGroup: 0
securityContext:
- privileged: true
- capabilities:
- add:
- - SYS_CAP_PTRACE
+ privileged: false
+# capabilities:
+# add:
+# - SYS_CAP_PTRACE
# drop:
# - ALL
# readOnlyRootFilesystem: true
diff --git a/charts/physims/charts/smallblocktest/templates/deployment.yaml b/charts/physims/charts/smallblocktest/templates/job.yaml
similarity index 65%
rename from charts/physims/charts/smallblocktest/templates/deployment.yaml
rename to charts/physims/charts/smallblocktest/templates/job.yaml
index aafb16e054f..d136a1fcf31 100644
--- a/charts/physims/charts/smallblocktest/templates/deployment.yaml
+++ b/charts/physims/charts/smallblocktest/templates/job.yaml
@@ -1,20 +1,9 @@
-apiVersion: apps/v1
-kind: Deployment
+apiVersion: batch/v1
+kind: Job
metadata:
name: {{ .Chart.Name }}
- labels:
- {{- include "oai-smallblocktest.labels" . | nindent 4 }}
spec:
- replicas: {{ .Values.replicaCount }}
- selector:
- matchLabels:
- {{- include "oai-smallblocktest.selectorLabels" . | nindent 6 }}
- strategy:
- type: Recreate
template:
- metadata:
- labels:
- {{- include "oai-smallblocktest.selectorLabels" . | nindent 8 }}
spec:
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
@@ -28,8 +17,6 @@ spec:
imagePullPolicy: {{ .Values.image.pullPolicy }}
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
- ports:
- - containerPort: 80
env:
- name: OPENAIR_DIR
value: /opt/oai-physim
@@ -37,9 +24,9 @@ spec:
args:
- >
cmake_targets/autotests/run_exec_autotests.bash -g "smallblocktest" -d bin/ &&
- echo "FINISHED" && sleep infinity
+ echo "FINISHED"
dnsPolicy: ClusterFirst
- restartPolicy: Always
+ restartPolicy: Never
schedulerName: default-scheduler
serviceAccountName: {{ .Values.global.serviceAccountName }}
terminationGracePeriodSeconds: 30
diff --git a/charts/physims/charts/smallblocktest/values.yaml b/charts/physims/charts/smallblocktest/values.yaml
index f08db5501a9..f4d8a31fd96 100644
--- a/charts/physims/charts/smallblocktest/values.yaml
+++ b/charts/physims/charts/smallblocktest/values.yaml
@@ -27,10 +27,10 @@ podSecurityContext:
runAsGroup: 0
securityContext:
- privileged: true
- capabilities:
- add:
- - SYS_CAP_PTRACE
+ privileged: false
+# capabilities:
+# add:
+# - SYS_CAP_PTRACE
# drop:
# - ALL
# readOnlyRootFilesystem: true
diff --git a/charts/physims/charts/ulsim/templates/deployment.yaml b/charts/physims/charts/ulsim/templates/job.yaml
similarity index 66%
rename from charts/physims/charts/ulsim/templates/deployment.yaml
rename to charts/physims/charts/ulsim/templates/job.yaml
index 3185b074b25..f2e904edb83 100644
--- a/charts/physims/charts/ulsim/templates/deployment.yaml
+++ b/charts/physims/charts/ulsim/templates/job.yaml
@@ -1,20 +1,9 @@
-apiVersion: apps/v1
-kind: Deployment
+apiVersion: batch/v1
+kind: Job
metadata:
name: {{ .Chart.Name }}
- labels:
- {{- include "oai-ulsim.labels" . | nindent 4 }}
spec:
- replicas: {{ .Values.replicaCount }}
- selector:
- matchLabels:
- {{- include "oai-ulsim.selectorLabels" . | nindent 6 }}
- strategy:
- type: Recreate
template:
- metadata:
- labels:
- {{- include "oai-ulsim.selectorLabels" . | nindent 8 }}
spec:
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
@@ -28,8 +17,6 @@ spec:
imagePullPolicy: {{ .Values.image.pullPolicy }}
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
- ports:
- - containerPort: 80
env:
- name: OPENAIR_DIR
value: /opt/oai-physim
@@ -37,9 +24,9 @@ spec:
args:
- >
cmake_targets/autotests/run_exec_autotests.bash -g "ulsim" -d bin/ &&
- echo "FINISHED" && sleep infinity
+ echo "FINISHED"
dnsPolicy: ClusterFirst
- restartPolicy: Always
+ restartPolicy: Never
schedulerName: default-scheduler
serviceAccountName: {{ .Values.global.serviceAccountName }}
terminationGracePeriodSeconds: 30
diff --git a/charts/physims/charts/ulsim/values.yaml b/charts/physims/charts/ulsim/values.yaml
index 3e625f02c6e..7ed2c6bed0a 100644
--- a/charts/physims/charts/ulsim/values.yaml
+++ b/charts/physims/charts/ulsim/values.yaml
@@ -27,10 +27,10 @@ podSecurityContext:
runAsGroup: 0
securityContext:
- privileged: true
- capabilities:
- add:
- - SYS_CAP_PTRACE
+ privileged: false
+# capabilities:
+# add:
+# - SYS_CAP_PTRACE
# drop:
# - ALL
# readOnlyRootFilesystem: true
diff --git a/charts/physims/templates/rbac.yaml b/charts/physims/templates/rbac.yaml
index b3417447961..989988bacac 100644
--- a/charts/physims/templates/rbac.yaml
+++ b/charts/physims/templates/rbac.yaml
@@ -6,7 +6,7 @@ rules:
- apiGroups:
- security.openshift.io
resourceNames:
- - privileged
+ - anyuid
resources:
- securitycontextconstraints
verbs:
diff --git a/charts/physims/templates/serviceaccount.yaml b/charts/physims/templates/serviceaccount.yaml
index 21d094ad38b..0810702f4fb 100644
--- a/charts/physims/templates/serviceaccount.yaml
+++ b/charts/physims/templates/serviceaccount.yaml
@@ -1,4 +1,4 @@
apiVersion: v1
kind: ServiceAccount
metadata:
- name: {{ .Values.global.serviceAccountName }}
+ name: oai-physim-sa #{{ .Values.global.serviceAccountName }}
diff --git a/charts/physims/values.yaml b/charts/physims/values.yaml
index 7d0faa33cea..53190daff75 100644
--- a/charts/physims/values.yaml
+++ b/charts/physims/values.yaml
@@ -5,137 +5,53 @@
global:
serviceAccountName: oai-physim-sa
namespace: "OAICICD_PROJECT"
- image:
+ image:
registry: local
repository: image-registry.openshift-image-registry.svc:5000/oaicicd-ran/oai-physim
version: TAG
# pullPolicy: IfNotPresent or Never or Always
pullPolicy: Always
-## Declaring values specific to coressponding physim to overwrite
+## Declaring values specific to coressponding physim to overwrite (At the moment unused)
dlsim.basic:
- replicaCount: 1
- service:
- type: ClusterIP
- port: 80
dlsim.100rb+tm2:
- replicaCount: 1
- service:
- type: ClusterIP
- port: 80
ulsim:
- replicaCount: 1
- service:
- type: ClusterIP
- port: 80
ldpctest:
- replicaCount: 1
- service:
- type: ClusterIP
- port: 80
polartest:
- replicaCount: 1
- service:
- type: ClusterIP
- port: 80
nr-pbchsim.106rb:
- replicaCount: 1
- service:
- type: ClusterIP
- port: 80
nr-pbchsim.217rb:
- replicaCount: 1
- service:
- type: ClusterIP
- port: 80
nr-pbchsim.273rb:
- replicaCount: 1
- service:
- type: ClusterIP
- port: 80
nr-dlsim.basic:
- replicaCount: 1
- service:
- type: ClusterIP
- port: 80
nr-dlsim.dmrs+ptrs:
- replicaCount: 1
- service:
- type: ClusterIP
- port: 80
nr-dlsim.mcs+mimo:
- replicaCount: 1
- service:
- type: ClusterIP
- port: 80
nr-dlsim.offset:
- replicaCount: 1
- service:
- type: ClusterIP
- port: 80
nr-dlschsim:
- replicaCount: 1
- service:
- type: ClusterIP
- port: 80
smallblocktest:
- replicaCount: 1
- service:
- type: ClusterIP
- port: 80
nr-ulschsim:
- replicaCount: 1
- service:
- type: ClusterIP
- port: 80
nr-pucchsim:
- replicaCount: 1
- service:
- type: ClusterIP
- port: 80
nr-ulsim.3gpp:
- replicaCount: 1
- service:
- type: ClusterIP
- port: 80
nr-ulsim.mimo:
- replicaCount: 1
- service:
- type: ClusterIP
- port: 80
nr-ulsim.misc:
- replicaCount: 1
- service:
- type: ClusterIP
- port: 80
nr-ulsim.sc-fdma:
- replicaCount: 1
- service:
- type: ClusterIP
- port: 80
nr-prachsim:
- replicaCount: 1
- service:
- type: ClusterIP
- port: 80
--
GitLab