From 906b67060c1f062816b9baa91d5c9845dad41dab Mon Sep 17 00:00:00 2001 From: Dusan Rozman Date: Tue, 26 Sep 2017 16:04:12 -0400 Subject: Added AAF containers to ONAP Kubernetes Created the initial deployment yamls for AAF project Issue-ID: OOM-11 Change-Id: I3c60185d78e8ce5596791624086f7cf32b3c3c38 Signed-off-by: Dusan Rozman --- Chart.yaml | 4 +++ templates/aaf-cs-deployment.yaml | 36 +++++++++++++++++++++++++ templates/aaf-deployment.yaml | 57 ++++++++++++++++++++++++++++++++++++++++ templates/all-services.yaml | 36 +++++++++++++++++++++++++ values.yaml | 9 +++++++ 5 files changed, 142 insertions(+) create mode 100644 Chart.yaml create mode 100644 templates/aaf-cs-deployment.yaml create mode 100644 templates/aaf-deployment.yaml create mode 100644 templates/all-services.yaml create mode 100644 values.yaml diff --git a/Chart.yaml b/Chart.yaml new file mode 100644 index 0000000..60e4370 --- /dev/null +++ b/Chart.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +description: A Helm chart for Kubernetes +name: aaf +version: 1.1.0 diff --git a/templates/aaf-cs-deployment.yaml b/templates/aaf-cs-deployment.yaml new file mode 100644 index 0000000..f240150 --- /dev/null +++ b/templates/aaf-cs-deployment.yaml @@ -0,0 +1,36 @@ +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: aaf-cs + namespace: "{{ .Values.nsPrefix }}-aaf" +spec: + replicas: 1 + selector: + matchLabels: + app: aaf-cs + template: + metadata: + labels: + app: aaf-cs + name: aaf-cs + spec: + hostname: aaf-cs + containers: + - args: + image: {{ .Values.image.csImage }}:{{ .Values.image.csVersion }} + imagePullPolicy: {{ .Values.pullPolicy }} + name: "aaf-cs" + volumeMounts: + - mountPath: /data + name: aaf-data + readinessProbe: + tcpSocket: + port: 7000 + initialDelaySeconds: 5 + periodSeconds: 10 + volumes: + - name: aaf-data + hostPath: + path: /dockerdata-nfs/{{ .Values.nsPrefix }}/aaf/data + imagePullSecrets: + - name: {{ .Values.nsPrefix }}-docker-registry-key diff --git a/templates/aaf-deployment.yaml b/templates/aaf-deployment.yaml new file mode 100644 index 0000000..20e21c4 --- /dev/null +++ b/templates/aaf-deployment.yaml @@ -0,0 +1,57 @@ +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + labels: + app: aaf + name: aaf + namespace: "{{ .Values.nsPrefix }}-aaf" +spec: + selector: + matchLabels: + app: aaf + template: + metadata: + labels: + app: aaf + name: aaf + annotations: + pod.beta.kubernetes.io/init-containers: '[ + { + "args": [ + "--container-name", + "aaf-cs" + ], + "command": [ + "/root/ready.py" + ], + "env": [ + { + "name": "NAMESPACE", + "valueFrom": { + "fieldRef": { + "apiVersion": "v1", + "fieldPath": "metadata.namespace" + } + } + } + ], + "image": "{{ .Values.image.readiness }}", + "imagePullPolicy": "{{ .Values.pullPolicy }}", + "name": "aaf-readiness" + } + ]' + spec: + containers: + - env: + - name: CASSANDRA_CLUSTER + value: cassandra_container + image: {{ .Values.image.aafImage }}:{{ .Values.image.aafVersion }} + imagePullPolicy: {{ .Values.pullPolicy }} + name: aaf + readinessProbe: + tcpSocket: + port: 8101 + initialDelaySeconds: 5 + periodSeconds: 10 + imagePullSecrets: + - name: {{ .Values.nsPrefix }}-docker-registry-key diff --git a/templates/all-services.yaml b/templates/all-services.yaml new file mode 100644 index 0000000..0d1dc22 --- /dev/null +++ b/templates/all-services.yaml @@ -0,0 +1,36 @@ +apiVersion: v1 +kind: Service +metadata: + name: aaf-cs + namespace: "{{ .Values.nsPrefix }}-aaf" + labels: + app: aaf-cs +spec: + ports: + - name: aaf-cs-port-7000 + port: 7000 + - name: aaf-cs-port-7001 + port: 7001 + - name: aaf-cs-port-9042 + port: 9042 + - name: aaf-cs-port-9160 + port: 9160 + selector: + app: aaf-cs + clusterIP: None +--- +apiVersion: v1 +kind: Service +metadata: + name: aaf-authz-service + namespace: "{{ .Values.nsPrefix }}-aaf" + labels: + app: aaf-authz-service +spec: + ports: + - name: aaf-authz-service + port: 8101 + nodePort: {{ .Values.nodePortPrefix }}99 + selector: + app: clamp + type: NodePort diff --git a/values.yaml b/values.yaml new file mode 100644 index 0000000..a8589a3 --- /dev/null +++ b/values.yaml @@ -0,0 +1,9 @@ +nsPrefix: onap +pullPolicy: Always +nodePortPrefix: 302 +image: + readiness: oomk8s/readiness-check:1.0.0 + aafImage: nexus3.onap.org:10001/onap/aaf/authz-service + aafVersion: latest + csImage: nexus3.onap.org:10001/library/cassandra + csVersion: 2.1.17 -- cgit 1.2.3-korg From d29156116c93e33ecbaa9f9ea867b6e9c102d989 Mon Sep 17 00:00:00 2001 From: Dusan Rozman Date: Mon, 2 Oct 2017 09:55:04 -0400 Subject: Added missing mount to aaf deployment yaml Created mount /data2/ needed for aaf Change-Id: I050579e42afce9dc29c4c7a3cfdfb05ddb4d4217 Issue-ID: OOM-331 Signed-off-by: Dusan Rozman --- templates/aaf-cs-deployment.yaml | 4 ++-- templates/aaf-deployment.yaml | 7 +++++++ 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/templates/aaf-cs-deployment.yaml b/templates/aaf-cs-deployment.yaml index f240150..23968f9 100644 --- a/templates/aaf-cs-deployment.yaml +++ b/templates/aaf-cs-deployment.yaml @@ -22,14 +22,14 @@ spec: name: "aaf-cs" volumeMounts: - mountPath: /data - name: aaf-data + name: aaf-cs-data readinessProbe: tcpSocket: port: 7000 initialDelaySeconds: 5 periodSeconds: 10 volumes: - - name: aaf-data + - name: aaf-cs-data hostPath: path: /dockerdata-nfs/{{ .Values.nsPrefix }}/aaf/data imagePullSecrets: diff --git a/templates/aaf-deployment.yaml b/templates/aaf-deployment.yaml index 20e21c4..5950b92 100644 --- a/templates/aaf-deployment.yaml +++ b/templates/aaf-deployment.yaml @@ -47,11 +47,18 @@ spec: value: cassandra_container image: {{ .Values.image.aafImage }}:{{ .Values.image.aafVersion }} imagePullPolicy: {{ .Values.pullPolicy }} + volumeMounts: + - mountPath: /data + name: aaf-data name: aaf readinessProbe: tcpSocket: port: 8101 initialDelaySeconds: 5 periodSeconds: 10 + volumes: + - name: aaf-data + hostPath: + path: /dockerdata-nfs/{{ .Values.nsPrefix }}/aaf/data2 imagePullSecrets: - name: {{ .Values.nsPrefix }}-docker-registry-key -- cgit 1.2.3-korg From 9f27c6a76de94e34db446affab23f0979bb55766 Mon Sep 17 00:00:00 2001 From: yuryn Date: Thu, 26 Oct 2017 17:10:50 +0300 Subject: Add option to disable specific deployments Add option to disable any deployment by using conditions in helm templates. Each deployment will get helm parameter - boolean flag allowing to disable it. The flags can be listed in the custom values.yaml file that can be passed to the createAll script with '-v' command line option. Change-Id: I32b795de46c72915c2201c94c23f4e061971bb56 Issue-ID: OOM-380 Signed-off-by: yuryn --- templates/aaf-cs-deployment.yaml | 2 ++ templates/aaf-deployment.yaml | 2 ++ templates/all-services.yaml | 4 ++++ 3 files changed, 8 insertions(+) diff --git a/templates/aaf-cs-deployment.yaml b/templates/aaf-cs-deployment.yaml index 23968f9..acd6a7a 100644 --- a/templates/aaf-cs-deployment.yaml +++ b/templates/aaf-cs-deployment.yaml @@ -1,3 +1,4 @@ +#{{ if not .Values.disableAafAafCs }} apiVersion: extensions/v1beta1 kind: Deployment metadata: @@ -34,3 +35,4 @@ spec: path: /dockerdata-nfs/{{ .Values.nsPrefix }}/aaf/data imagePullSecrets: - name: {{ .Values.nsPrefix }}-docker-registry-key +#{{ end }} \ No newline at end of file diff --git a/templates/aaf-deployment.yaml b/templates/aaf-deployment.yaml index 5950b92..56c99ea 100644 --- a/templates/aaf-deployment.yaml +++ b/templates/aaf-deployment.yaml @@ -1,3 +1,4 @@ +#{{ if not .Values.disableAafAaf }} apiVersion: extensions/v1beta1 kind: Deployment metadata: @@ -62,3 +63,4 @@ spec: path: /dockerdata-nfs/{{ .Values.nsPrefix }}/aaf/data2 imagePullSecrets: - name: {{ .Values.nsPrefix }}-docker-registry-key +#{{ end }} \ No newline at end of file diff --git a/templates/all-services.yaml b/templates/all-services.yaml index 0d1dc22..be04180 100644 --- a/templates/all-services.yaml +++ b/templates/all-services.yaml @@ -1,3 +1,4 @@ +#{{ if not .Values.disableAafAafCs }} apiVersion: v1 kind: Service metadata: @@ -18,6 +19,8 @@ spec: selector: app: aaf-cs clusterIP: None +#{{ end }} +#{{ if not .Values.disableAafAaf }} --- apiVersion: v1 kind: Service @@ -34,3 +37,4 @@ spec: selector: app: clamp type: NodePort +#{{ end }} \ No newline at end of file -- cgit 1.2.3-korg From 961d78ab2a21c46b91602cfe70d3fa2db6c44ce3 Mon Sep 17 00:00:00 2001 From: kiranya Date: Thu, 23 Nov 2017 07:31:19 +0000 Subject: Update annotations to spec for aaf Issue-ID: OOM-457 Change-Id: I556adf3714119d8ab8515d36303809b36cbe65f4 Signed-off-by: kiranya --- templates/aaf-deployment.yaml | 43 ++++++++++++++++--------------------------- 1 file changed, 16 insertions(+), 27 deletions(-) diff --git a/templates/aaf-deployment.yaml b/templates/aaf-deployment.yaml index 56c99ea..6664f18 100644 --- a/templates/aaf-deployment.yaml +++ b/templates/aaf-deployment.yaml @@ -15,33 +15,22 @@ spec: labels: app: aaf name: aaf - annotations: - pod.beta.kubernetes.io/init-containers: '[ - { - "args": [ - "--container-name", - "aaf-cs" - ], - "command": [ - "/root/ready.py" - ], - "env": [ - { - "name": "NAMESPACE", - "valueFrom": { - "fieldRef": { - "apiVersion": "v1", - "fieldPath": "metadata.namespace" - } - } - } - ], - "image": "{{ .Values.image.readiness }}", - "imagePullPolicy": "{{ .Values.pullPolicy }}", - "name": "aaf-readiness" - } - ]' spec: + initContainers: + - command: + - /root/ready.py + args: + - --container-name + - aaf-cs + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: {{ .Values.image.readiness }} + imagePullPolicy: {{ .Values.pullPolicy }} + name: aaf-readiness containers: - env: - name: CASSANDRA_CLUSTER @@ -63,4 +52,4 @@ spec: path: /dockerdata-nfs/{{ .Values.nsPrefix }}/aaf/data2 imagePullSecrets: - name: {{ .Values.nsPrefix }}-docker-registry-key -#{{ end }} \ No newline at end of file +#{{ end }} -- cgit 1.2.3-korg From 59a7e3c5ad7aa94a354d1d811eede7e5af3e795f Mon Sep 17 00:00:00 2001 From: vaibhav_16dec Date: Wed, 17 Jan 2018 12:42:39 +0000 Subject: AAF config seggregation Issue-ID: OOM-554 Change-Id: I24367eac50b3d46be964a6d60e24b317af376c3e Signed-off-by: vaibhav_16dec --- resources/config/aaf-cs-data/ecomp.cql | 169 +++++++++++++++++++ resources/config/aaf-cs-data/identities.dat | 7 + resources/config/aaf-cs-data/identities.idx | Bin 0 -> 56 bytes resources/config/aaf-cs-data/init.cql | 242 ++++++++++++++++++++++++++++ resources/config/aaf-data/identities.dat | 9 ++ templates/aaf-configmap.yaml | 9 ++ templates/aaf-cs-deployment.yaml | 6 +- templates/aaf-deployment.yaml | 4 +- templates/aaf-secret.yaml | 10 ++ 9 files changed, 451 insertions(+), 5 deletions(-) create mode 100644 resources/config/aaf-cs-data/ecomp.cql create mode 100644 resources/config/aaf-cs-data/identities.dat create mode 100644 resources/config/aaf-cs-data/identities.idx create mode 100644 resources/config/aaf-cs-data/init.cql create mode 100644 resources/config/aaf-data/identities.dat create mode 100644 templates/aaf-configmap.yaml create mode 100644 templates/aaf-secret.yaml diff --git a/resources/config/aaf-cs-data/ecomp.cql b/resources/config/aaf-cs-data/ecomp.cql new file mode 100644 index 0000000..6fddf65 --- /dev/null +++ b/resources/config/aaf-cs-data/ecomp.cql @@ -0,0 +1,169 @@ +USE authz; + +// Create Root pass +INSERT INTO cred (id,ns,type,cred,expires) + VALUES ('dgl@openecomp.org','org.openecomp',1,0xab3831f27b39d7a039f9a92aa2bbfe51,'2020-12-31'); + +INSERT INTO cred (id,ns,type,cred,expires) + VALUES ('m99751@dmaapBC.openecomp.org','org.openecomp.dmaapBC',1,0xab3831f27b39d7a039f9a92aa2bbfe51,'2020-12-31'); + +INSERT INTO cred (id,ns,type,cred,expires) + VALUES ('m99501@dmaapBC.openecomp.org','org.openecomp.dmaapBC',1,0xab3831f27b39d7a039f9a92aa2bbfe51,'2020-12-31'); + + +// Create 'com' root NS +INSERT INTO ns (name,scope,description,parent,type) + VALUES('com',1,'Root Namespace',null,1); + +INSERT INTO role(ns, name, perms, description) + VALUES('com','admin',{'com.access|*|*'},'Com Admins'); + +INSERT INTO role(ns, name, perms, description) + VALUES('com','owner',{'com.access|*|read'},'Com Owners'); + +INSERT INTO perm(ns, type, instance, action, roles, description) + VALUES ('com','access','*','read',{'com.owner'},'Com Read Access'); + +INSERT INTO perm(ns, type, instance, action, roles, description) + VALUES ('com','access','*','*',{'com.admin'},'Com Write Access'); + +INSERT INTO user_role(user,role,expires,ns,rname) + VALUES ('dgl@openecomp.org','com.owner','2020-12-31','com','owner'); + +INSERT INTO user_role(user,role,expires,ns,rname) + VALUES ('dgl@openecomp.org','com.admin','2020-12-31','com','admin'); + +// Create org root NS +INSERT INTO ns (name,scope,description,parent,type) + VALUES('org',1,'Root Namespace Org',null,1); + +INSERT INTO ns (name,scope,description,parent,type) + VALUES('org.openecomp.dcae',3,'DCAE Namespace Org','org.openecomp',3); + +INSERT INTO ns (name,scope,description,parent,type) + VALUES('org.openecomp.dmaapBC',3,'DMaaP BC Namespace Org','org.openecomp',3); + +INSERT INTO role(ns, name, perms, description) + VALUES('org','admin',{'org.access|*|*'},'Com Admins'); + +INSERT INTO role(ns, name, perms, description) + VALUES('org','owner',{'org.access|*|read'},'Com Owners'); + +INSERT INTO perm(ns, type, instance, action, roles, description) + VALUES ('org','access','*','read',{'org.owner'},'Com Read Access'); + +INSERT INTO perm(ns, type, instance, action, roles, description) + VALUES ('org','access','*','*',{'org.admin'},'Com Write Access'); + +INSERT INTO user_role(user,role,expires,ns,rname) + VALUES ('dgl@openecomp.org','org.owner','2020-12-31','org','owner'); + +INSERT INTO user_role(user,role,expires,ns,rname) + VALUES ('dgl@openecomp.org','org.admin','2020-12-31','org','admin'); + + +// Create com.att + +INSERT INTO ns (name,scope,description,parent,type) + VALUES('com.att',2,'AT&T Namespace','com',2); + +INSERT INTO role(ns, name, perms,description) + VALUES('com.att','admin',{'com.att.access|*|*'},'AT&T Admins'); + +INSERT INTO role(ns, name, perms,description) + VALUES('com.att','owner',{'com.att.access|*|read'},'AT&T Owners'); + +INSERT INTO perm(ns, type, instance, action, roles,description) + VALUES ('com.att','access','*','read',{'com.att.owner'},'AT&T Read Access'); + +INSERT INTO perm(ns, type, instance, action, roles,description) + VALUES ('com.att','access','*','*',{'com.att.admin'},'AT&T Write Access'); + +INSERT INTO user_role(user,role,expires,ns,rname) + VALUES ('dgl@openecomp.org','com.att.owner','2020-12-31','com.att','owner'); + +INSERT INTO user_role(user,role,expires,ns,rname) + VALUES ('dgl@openecomp.org','com.att.admin','2020-12-31','com.att','admin'); + +// Create com.att.aaf + +INSERT INTO ns (name,scope,description,parent,type) + VALUES('com.att.aaf',3,'Application Authorization Framework','com.att',3); + +INSERT INTO role(ns, name, perms, description) + VALUES('com.att.aaf','admin',{'com.att.aaf.access|*|*'},'AAF Admins'); + +INSERT INTO role(ns, name, perms, description) + VALUES('com.att.aaf','owner',{'com.att.aaf.access|*|read'},'AAF Owners'); + +INSERT INTO perm(ns, type, instance, action, roles, description) + VALUES ('com.att.aaf','access','*','read',{'com.att.aaf.owner'},'AAF Read Access'); + +INSERT INTO perm(ns, type, instance, action, roles, description) + VALUES ('com.att.aaf','access','*','*',{'com.att.aaf.admin'},'AAF Write Access'); + +INSERT INTO user_role(user,role,expires,ns,rname) + VALUES ('dgl@openecomp.org','com.att.aaf.admin','2020-12-31','com.att.aaf','admin'); +INSERT INTO user_role(user,role,expires,ns,rname) + VALUES ('dgl@openecomp.org','com.att.aaf.owner','2020-12-31','com.att.aaf','owner'); + + +// Create org.openecomp +INSERT INTO ns (name,scope,description,parent,type) + VALUES('org.openecomp',2,'Open EComp NS','com.att',2); + +INSERT INTO role(ns, name, perms, description) + VALUES('org.openecomp','admin',{'org.openecomp.access|*|*'},'OpenEcomp Admins'); + +INSERT INTO role(ns, name, perms, description) + VALUES('org.openecomp','owner',{'org.openecomp.access|*|read'},'OpenEcomp Owners'); + +INSERT INTO perm(ns, type, instance, action, roles, description) + VALUES ('org.openecomp','access','*','read',{'org.openecomp.owner'},'OpenEcomp Read Access'); + +INSERT INTO perm(ns, type, instance, action, roles, description) + VALUES ('org.openecomp','access','*','*',{'org.openecomp.admin'},'OpenEcomp Write Access'); + +INSERT INTO user_role(user,role,expires,ns,rname) + VALUES ('dgl@openecomp.org','org.openecomp.admin','2020-12-31','org.openecomp','admin'); + +// Create org.openecomp.dmaapBC + +INSERT INTO ns (name,scope,description,parent,type) + VALUES('org.openecomp.dmaapBC',3,'Application Authorization Framework','org.openecomp',3); + +//INSERT INTO role(ns, name, perms, description) +// VALUES('org.openecomp.dmaapBC','admin',{'org.openecomp.dmaapBC.access|*|*'},'AAF Admins'); + +INSERT INTO role(ns, name, perms, description) +VALUES('org.openecomp.dmaapBC','admin',{'org.openecomp.dmaapBC.access|*|*','org.openecomp.dmaapBC.topicFactory|:org.openecomp.dmaapBC.topic:org.openecomp.dmaapBC|create','org.openecomp.dmaapBC.mr.topic|:topic.org.openecomp.dmaapBC.newtopic|sub','org.openecomp.dmaapBC.mr.topic|:topic.org.openecomp.dmaapBC.newtopic|pub'},'AAF Admins'); + +//INSERT INTO role(ns, name, perms, description) +//VALUES('org.openecomp.dmaapBC','admin',{'org.openecomp.dmaapBC.access|*|*','org.openecomp.dmaapBC.mr.topic|:topic.org.openecomp.dmaapBC.newtopic|sub'},'AAF Admins'); + +//INSERT INTO role(ns, name, perms, description) +//VALUES('org.openecomp.dmaapBC','admin',{'org.openecomp.dmaapBC.access|*|*','org.openecomp.dmaapBC.mr.topic|:topic.org.openecomp.dmaapBC.newtopic|pub'},'AAF Admins'); + + + +INSERT INTO role(ns, name, perms, description) + VALUES('org.openecomp.dmaapBC','owner',{'org.openecomp.dmaapBC.access|*|read'},'AAF Owners'); + +INSERT INTO perm(ns, type, instance, action, roles, description) + VALUES ('org.openecomp.dmaapBC','access','*','read',{'org.openecomp.dmaapBC.owner'},'AAF Read Access'); + +INSERT INTO perm(ns, type, instance, action, roles, description) + VALUES ('org.openecomp.dmaapBC','access','*','*',{'org.openecomp.dmaapBC.admin'},'AAF Write Access'); + +INSERT INTO user_role(user,role,expires,ns,rname) + VALUES ('dgl@openecomp.org','org.openecomp.dmaapBC.admin','2020-12-31','org.openecomp.dmaapBC','admin'); +INSERT INTO user_role(user,role,expires,ns,rname) + VALUES ('dgl@openecomp.org','org.openecomp.dmaapBC.owner','2020-12-31','org.openecomp.dmaapBC','owner'); +INSERT INTO user_role(user,role,expires,ns,rname) + VALUES ('m99751@dmaapBC.openecomp.org','org.openecomp.dmaapBC.admin','2020-12-31','org.openecomp.dmaapBC','admin'); +INSERT INTO user_role(user,role,expires,ns,rname) + VALUES ('m99751@dmaapBC.openecomp.org','org.openecomp.dmaapBC.owner','2020-12-31','org.openecomp.dmaapBC','owner'); +INSERT INTO user_role(user,role,expires,ns,rname) + VALUES ('m99501@dmaapBC.openecomp.org','org.openecomp.dmaapBC.admin','2020-12-31','org.openecomp.dmaapBC','admin'); +INSERT INTO user_role(user,role,expires,ns,rname) + VALUES ('m99501@dmaapBC.openecomp.org','org.openecomp.dmaapBC.owner','2020-12-31','org.openecomp.dmaapBC','owner'); diff --git a/resources/config/aaf-cs-data/identities.dat b/resources/config/aaf-cs-data/identities.dat new file mode 100644 index 0000000..98bf99a --- /dev/null +++ b/resources/config/aaf-cs-data/identities.dat @@ -0,0 +1,7 @@ +iowna|Ima D. Owner|Ima|Owner|314-123-2000|ima.d.owner@osaaf.com|e| +mmanager|Mark D. Manager|Mark|Manager|314-123-1234|mark.d.manager@osaaf.com|e|iowna +bdevl|Robert D. Developer|Bob|Developer|314-123-1235|bob.d.develper@osaaf.com|e|mmanager +mmarket|Mary D. Marketer|Mary|Marketer|314-123-1236|mary.d.marketer@osaaf.com|e|mmanager +ccontra|Clarice D. Contractor|Clarice|Contractor|314-123-1237|clarice.d.contractor@osaaf.com|c|mmanager +iretired|Ira Lee M. Retired|Ira|Retired|314-123-1238|clarice.d.contractor@osaaf.com|n|mmanager +osaaf|ID of AAF|||||a|bdevl diff --git a/resources/config/aaf-cs-data/identities.idx b/resources/config/aaf-cs-data/identities.idx new file mode 100644 index 0000000..78fc0a5 Binary files /dev/null and b/resources/config/aaf-cs-data/identities.idx differ diff --git a/resources/config/aaf-cs-data/init.cql b/resources/config/aaf-cs-data/init.cql new file mode 100644 index 0000000..81700f8 --- /dev/null +++ b/resources/config/aaf-cs-data/init.cql @@ -0,0 +1,242 @@ +// For Developer Machine single instance +// +CREATE KEYSPACE authz +WITH REPLICATION = {'class' : 'SimpleStrategy','replication_factor':1}; +// +// From Ravi, 6-17-2014. User for DEVL->TEST +// +// CREATE KEYSPACE authz WITH replication = { 'class': 'NetworkTopologyStrategy', 'HYWRCA02': '2', 'BRHMALDC': '2' }; +// +// PROD +// +// CREATE KEYSPACE authz WITH replication = {'class': 'NetworkTopologyStrategy','ALPSGACT': '2','STLSMORC': '2','BRHMALDC': '2' }; +// +// create user authz with password '' superuser; +// grant all on keyspace authz to authz; +// +// For TEST (aaf_test) +// CREATE KEYSPACE authz WITH replication = { 'class': 'NetworkTopologyStrategy', 'BRHMALDC': '1' }; +// +// DEVL +// CREATE KEYSPACE authz WITH replication = {'class': 'NetworkTopologyStrategy','STLSMORC': '2' }; +// +// TEST / PERF +// CREATE KEYSPACE authz WITH replication = {'class': 'NetworkTopologyStrategy','STLSMORC': '3','KGMTNC20': '3' }; +// +// IST +// CREATE KEYSPACE authz WITH replication = {'class': 'NetworkTopologyStrategy','STLSMORC':'3', +// 'DLLSTXCF':'3','KGMTNC20':'3','SFLDMIBB':'3','HYWRCA02':'3' }; +// +// with 6 localized with ccm +// CREATE KEYSPACE authz WITH replication = { 'class': 'NetworkTopologyStrategy', 'dc1': '2', 'dc2': '2' }; +// + +USE authz; + +// +// CORE Table function +// + +// Namespace - establish hierarchical authority to modify +// Permissions and Roles +// "scope" is flag to determine Policy. Typical important scope +// is "company" (1) +CREATE TABLE ns ( + name varchar, + scope int, // deprecated 2.0.11 + description varchar, + parent varchar, + type int, + PRIMARY KEY (name) +); +CREATE INDEX ns_parent on ns(parent); + + +// Oct 2015, not performant. Made Owner and Attrib first class Roles, +// April, 2015. Originally, the plan was to utilize Cassandra 2.1.2, however, other team's preferences were to remain at current levels. +// Therefore, we are taking the separate table approach. (coder Jeremiah Rohwedder) +// We had dropped this by making first class objects of Responsible (Owner) and Admin. We need this again to mark namespaces +// as having certain tools, like SWM, etc. +CREATE TABLE ns_attrib ( + ns varchar, + key varchar, + value varchar, + PRIMARY KEY (ns,key) +); +create index ns_attrib_key on ns_attrib(key); + +// Will be cached +CREATE TABLE role ( + ns varchar, + name varchar, + perms set, // Use "Key" of "name|type|action" + description varchar, + PRIMARY KEY (ns,name) +); +CREATE INDEX role_name ON role(name); + +// Will be cached +CREATE TABLE perm ( + ns varchar, + type varchar, + instance varchar, + action varchar, + roles set, // Need to find Roles given Permissions + description varchar, + PRIMARY KEY (ns,type,instance,action) +); + +// This table is user for Authorization +CREATE TABLE user_role ( + user varchar, + role varchar, // deprecated: change to ns/rname after 2.0.11 + ns varchar, + rname varchar, + expires timestamp, + PRIMARY KEY(user,role) + ); +CREATE INDEX user_role_ns ON user_role(ns); +CREATE INDEX user_role_role ON user_role(role); + +// This table is only for the case where return User Credential (MechID) Authentication +CREATE TABLE cred ( + id varchar, + type int, + expires timestamp, + ns varchar, + other int, + notes varchar, + cred blob, + prev blob, + PRIMARY KEY (id,type,expires) + ); +CREATE INDEX cred_ns ON cred(ns); + +// Certificate Cross Table +// coordinated with CRED type 2 +CREATE TABLE cert ( + fingerprint blob, + id varchar, + x500 varchar, + expires timestamp, + PRIMARY KEY (fingerprint) + ); +CREATE INDEX cert_id ON cert(id); +CREATE INDEX cert_x500 ON cert(x500); + +CREATE TABLE notify ( + user text, + type int, + last timestamp, + checksum int, + PRIMARY KEY (user,type) +); + +CREATE TABLE x509 ( + ca text, + serial blob, + id text, + x500 text, + x509 text, + PRIMARY KEY (ca,serial) +); + + +CREATE INDEX x509_id ON x509 (id); +CREATE INDEX x509_x500 ON x509 (x500); + +// +// Deployment Artifact (for Certman) +// +CREATE TABLE artifact ( + mechid text, + machine text, + type Set, + sponsor text, + ca text, + dir text, + appName text, + os_user text, + notify text, + expires timestamp, + renewDays int, + PRIMARY KEY (mechid,machine) +); +CREATE INDEX artifact_machine ON artifact(machine); + +// +// Non-Critical Table functions +// +// Table Info - for Caching +CREATE TABLE cache ( + name varchar, + seg int, // cache Segment + touched timestamp, + PRIMARY KEY(name,seg) +); + +CREATE TABLE history ( + id timeuuid, + yr_mon int, + user varchar, + action varchar, + target varchar, // user, user_role, + subject varchar, // field for searching main portion of target key + memo varchar, //description of the action + reconstruct blob, //serialized form of the target + // detail Map, // additional information + PRIMARY KEY (id) +); +CREATE INDEX history_yr_mon ON history(yr_mon); +CREATE INDEX history_user ON history(user); +CREATE INDEX history_subject ON history(subject); + +// +// A place to hold objects to be created at a future time. +// +CREATE TABLE future ( + id uuid, // uniquify + target varchar, // Target Table + memo varchar, // Description + start timestamp, // When it should take effect + expires timestamp, // When not longer valid + construct blob, // How to construct this object (like History) + PRIMARY KEY(id) +); +CREATE INDEX future_idx ON future(target); +CREATE INDEX future_start_idx ON future(start); + + +CREATE TABLE approval ( + id timeuuid, // unique Key + ticket uuid, // Link to Future Record + user varchar, // the user who needs to be approved + approver varchar, // user approving + type varchar, // approver types i.e. Supervisor, Owner + status varchar, // approval status. pending, approved, denied + memo varchar, // Text for Approval to know what's going on + operation varchar, // List operation to perform + PRIMARY KEY(id) + ); +CREATE INDEX appr_approver_idx ON approval(approver); +CREATE INDEX appr_user_idx ON approval(user); +CREATE INDEX appr_ticket_idx ON approval(ticket); +CREATE INDEX appr_status_idx ON approval(status); + +CREATE TABLE delegate ( + user varchar, + delegate varchar, + expires timestamp, + PRIMARY KEY (user) +); +CREATE INDEX delg_delg_idx ON delegate(delegate); + +// +// Used by authz-batch processes to ensure only 1 runs at a time +// +CREATE TABLE run_lock ( + class text, + host text, + start timestamp, + PRIMARY KEY ((class)) +); diff --git a/resources/config/aaf-data/identities.dat b/resources/config/aaf-data/identities.dat new file mode 100644 index 0000000..95eb51d --- /dev/null +++ b/resources/config/aaf-data/identities.dat @@ -0,0 +1,9 @@ +iowna|Ima D. Owner|Ima|Owner|314-123-2000|ima.d.owner@osaaf.com|e| +mmanager|Mark D. Manager|Mark|Manager|314-123-1234|mark.d.manager@osaaf.com|e|iowna +bdevl|Robert D. Developer|Bob|Developer|314-123-1235|bob.d.develper@osaaf.com|e|mmanager +mmarket|Mary D. Marketer|Mary|Marketer|314-123-1236|mary.d.marketer@osaaf.com|e|mmanager +ccontra|Clarice D. Contractor|Clarice|Contractor|314-123-1237|clarice.d.contractor@osaaf.com|c|mmanager +iretired|Ira Lee M. Retired|Ira|Retired|314-123-1238|clarice.d.contractor@osaaf.com|n|mmanager +osaaf|ID of AAF|||||a|bdevl +m99751|ID of AAF|||||a|bdevl +m99501|ID of AAF|||||a|bdevl diff --git a/templates/aaf-configmap.yaml b/templates/aaf-configmap.yaml new file mode 100644 index 0000000..c8565f2 --- /dev/null +++ b/templates/aaf-configmap.yaml @@ -0,0 +1,9 @@ +#{{ if not .Values.disableAafAaf }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: aaf-data-configmap + namespace: {{ .Values.nsPrefix }}-aaf +data: +{{ (.Files.Glob "resources/config/aaf-data/*").AsConfig | indent 2 }} +#{{ end }} diff --git a/templates/aaf-cs-deployment.yaml b/templates/aaf-cs-deployment.yaml index acd6a7a..55619b3 100644 --- a/templates/aaf-cs-deployment.yaml +++ b/templates/aaf-cs-deployment.yaml @@ -31,8 +31,8 @@ spec: periodSeconds: 10 volumes: - name: aaf-cs-data - hostPath: - path: /dockerdata-nfs/{{ .Values.nsPrefix }}/aaf/data + secret: + secretName: aaf-cs-data-secret imagePullSecrets: - name: {{ .Values.nsPrefix }}-docker-registry-key -#{{ end }} \ No newline at end of file +#{{ end }} diff --git a/templates/aaf-deployment.yaml b/templates/aaf-deployment.yaml index 6664f18..4f64048 100644 --- a/templates/aaf-deployment.yaml +++ b/templates/aaf-deployment.yaml @@ -48,8 +48,8 @@ spec: periodSeconds: 10 volumes: - name: aaf-data - hostPath: - path: /dockerdata-nfs/{{ .Values.nsPrefix }}/aaf/data2 + configMap: + name: aaf-data-configmap imagePullSecrets: - name: {{ .Values.nsPrefix }}-docker-registry-key #{{ end }} diff --git a/templates/aaf-secret.yaml b/templates/aaf-secret.yaml new file mode 100644 index 0000000..705d050 --- /dev/null +++ b/templates/aaf-secret.yaml @@ -0,0 +1,10 @@ +#{{ if not .Values.disableAafAafCs }} +apiVersion: v1 +kind: Secret +metadata: + name: aaf-cs-data-secret + namespace: {{ .Values.nsPrefix }}-aaf +type: Opaque +data: +{{ (.Files.Glob "resources/config/aaf-cs-data/*").AsSecrets | indent 2 }} +#{{ end }} -- cgit 1.2.3-korg From 2ae26ab7b72bfae8395c0de807c0384f8d7b458b Mon Sep 17 00:00:00 2001 From: kerenj Date: Thu, 22 Feb 2018 11:25:48 +0000 Subject: AAF - readiness image update Issue-ID: OOM-514 Change-Id: I3533bafa88341e6895132ba8fda2fb8fc4e27210 Signed-off-by: kerenj --- values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/values.yaml b/values.yaml index a8589a3..7a3f6c6 100644 --- a/values.yaml +++ b/values.yaml @@ -2,7 +2,7 @@ nsPrefix: onap pullPolicy: Always nodePortPrefix: 302 image: - readiness: oomk8s/readiness-check:1.0.0 + readiness: oomk8s/readiness-check:1.1.0 aafImage: nexus3.onap.org:10001/onap/aaf/authz-service aafVersion: latest csImage: nexus3.onap.org:10001/library/cassandra -- cgit 1.2.3-korg From df274d21cbc5c809f2445e64e233b8892d4a1e08 Mon Sep 17 00:00:00 2001 From: BorislavG Date: Tue, 27 Feb 2018 15:04:26 +0000 Subject: Run all components in one namespace Change-Id: I5fcd4d577c1fda4de27842807c7cf7a5d372756e Issue-ID: OOM-722 Signed-off-by: BorislavG --- templates/aaf-configmap.yaml | 2 +- templates/aaf-cs-deployment.yaml | 2 +- templates/aaf-deployment.yaml | 2 +- templates/aaf-secret.yaml | 2 +- templates/all-services.yaml | 4 ++-- 5 files changed, 6 insertions(+), 6 deletions(-) diff --git a/templates/aaf-configmap.yaml b/templates/aaf-configmap.yaml index c8565f2..b6e494d 100644 --- a/templates/aaf-configmap.yaml +++ b/templates/aaf-configmap.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: aaf-data-configmap - namespace: {{ .Values.nsPrefix }}-aaf + namespace: {{ .Values.nsPrefix }} data: {{ (.Files.Glob "resources/config/aaf-data/*").AsConfig | indent 2 }} #{{ end }} diff --git a/templates/aaf-cs-deployment.yaml b/templates/aaf-cs-deployment.yaml index 55619b3..be5f6c1 100644 --- a/templates/aaf-cs-deployment.yaml +++ b/templates/aaf-cs-deployment.yaml @@ -3,7 +3,7 @@ apiVersion: extensions/v1beta1 kind: Deployment metadata: name: aaf-cs - namespace: "{{ .Values.nsPrefix }}-aaf" + namespace: "{{ .Values.nsPrefix }}" spec: replicas: 1 selector: diff --git a/templates/aaf-deployment.yaml b/templates/aaf-deployment.yaml index 4f64048..50c3e5a 100644 --- a/templates/aaf-deployment.yaml +++ b/templates/aaf-deployment.yaml @@ -5,7 +5,7 @@ metadata: labels: app: aaf name: aaf - namespace: "{{ .Values.nsPrefix }}-aaf" + namespace: "{{ .Values.nsPrefix }}" spec: selector: matchLabels: diff --git a/templates/aaf-secret.yaml b/templates/aaf-secret.yaml index 705d050..4b6984a 100644 --- a/templates/aaf-secret.yaml +++ b/templates/aaf-secret.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: Secret metadata: name: aaf-cs-data-secret - namespace: {{ .Values.nsPrefix }}-aaf + namespace: {{ .Values.nsPrefix }} type: Opaque data: {{ (.Files.Glob "resources/config/aaf-cs-data/*").AsSecrets | indent 2 }} diff --git a/templates/all-services.yaml b/templates/all-services.yaml index be04180..0a06d1d 100644 --- a/templates/all-services.yaml +++ b/templates/all-services.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: Service metadata: name: aaf-cs - namespace: "{{ .Values.nsPrefix }}-aaf" + namespace: "{{ .Values.nsPrefix }}" labels: app: aaf-cs spec: @@ -26,7 +26,7 @@ apiVersion: v1 kind: Service metadata: name: aaf-authz-service - namespace: "{{ .Values.nsPrefix }}-aaf" + namespace: "{{ .Values.nsPrefix }}" labels: app: aaf-authz-service spec: -- cgit 1.2.3-korg From 2f19548346c5907b565056b6e077659bb42d14e4 Mon Sep 17 00:00:00 2001 From: vaibhav_16dec Date: Fri, 16 Feb 2018 06:58:06 +0000 Subject: Replica scaling of Clamp and AAF conatiner Issue-ID: OOM-691 Change-Id: Idea9ebc33310cbaf823163cccd6c816477661118 Signed-off-by: vaibhav_16dec --- templates/aaf-cs-deployment.yaml | 2 +- templates/aaf-deployment.yaml | 1 + values.yaml | 2 ++ 3 files changed, 4 insertions(+), 1 deletion(-) diff --git a/templates/aaf-cs-deployment.yaml b/templates/aaf-cs-deployment.yaml index be5f6c1..817f876 100644 --- a/templates/aaf-cs-deployment.yaml +++ b/templates/aaf-cs-deployment.yaml @@ -5,7 +5,7 @@ metadata: name: aaf-cs namespace: "{{ .Values.nsPrefix }}" spec: - replicas: 1 + replicas: {{ .Values.aafcsReplicas }} selector: matchLabels: app: aaf-cs diff --git a/templates/aaf-deployment.yaml b/templates/aaf-deployment.yaml index 50c3e5a..c084cd3 100644 --- a/templates/aaf-deployment.yaml +++ b/templates/aaf-deployment.yaml @@ -7,6 +7,7 @@ metadata: name: aaf namespace: "{{ .Values.nsPrefix }}" spec: + replicas: {{ .Values.aafReplicas }} selector: matchLabels: app: aaf diff --git a/values.yaml b/values.yaml index 7a3f6c6..eac5d00 100644 --- a/values.yaml +++ b/values.yaml @@ -1,6 +1,8 @@ nsPrefix: onap pullPolicy: Always nodePortPrefix: 302 +aafcsReplicas: 1 +aafReplicas: 1 image: readiness: oomk8s/readiness-check:1.1.0 aafImage: nexus3.onap.org:10001/onap/aaf/authz-service -- cgit 1.2.3-korg From 34582cdf3fbde02e660c5c5104771a07235fe572 Mon Sep 17 00:00:00 2001 From: vaibhav_16dec Date: Thu, 22 Mar 2018 09:07:12 +0000 Subject: License addition in all yamls Issue-ID: OOM-821 Change-Id: I627ac962afe8cd6bf2859a30a0e88f6c9ac89d34 Signed-off-by: vaibhav_16dec --- Chart.yaml | 14 ++++++++++++++ templates/aaf-configmap.yaml | 14 ++++++++++++++ templates/aaf-cs-deployment.yaml | 14 ++++++++++++++ templates/aaf-deployment.yaml | 14 ++++++++++++++ templates/aaf-secret.yaml | 14 ++++++++++++++ templates/all-services.yaml | 14 ++++++++++++++ values.yaml | 14 ++++++++++++++ 7 files changed, 98 insertions(+) diff --git a/Chart.yaml b/Chart.yaml index 60e4370..24cb7fd 100644 --- a/Chart.yaml +++ b/Chart.yaml @@ -1,3 +1,17 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + apiVersion: v1 description: A Helm chart for Kubernetes name: aaf diff --git a/templates/aaf-configmap.yaml b/templates/aaf-configmap.yaml index b6e494d..f89ccec 100644 --- a/templates/aaf-configmap.yaml +++ b/templates/aaf-configmap.yaml @@ -1,3 +1,17 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + #{{ if not .Values.disableAafAaf }} apiVersion: v1 kind: ConfigMap diff --git a/templates/aaf-cs-deployment.yaml b/templates/aaf-cs-deployment.yaml index 817f876..7f8cdb6 100644 --- a/templates/aaf-cs-deployment.yaml +++ b/templates/aaf-cs-deployment.yaml @@ -1,3 +1,17 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + #{{ if not .Values.disableAafAafCs }} apiVersion: extensions/v1beta1 kind: Deployment diff --git a/templates/aaf-deployment.yaml b/templates/aaf-deployment.yaml index c084cd3..0341344 100644 --- a/templates/aaf-deployment.yaml +++ b/templates/aaf-deployment.yaml @@ -1,3 +1,17 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + #{{ if not .Values.disableAafAaf }} apiVersion: extensions/v1beta1 kind: Deployment diff --git a/templates/aaf-secret.yaml b/templates/aaf-secret.yaml index 4b6984a..842d0c4 100644 --- a/templates/aaf-secret.yaml +++ b/templates/aaf-secret.yaml @@ -1,3 +1,17 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + #{{ if not .Values.disableAafAafCs }} apiVersion: v1 kind: Secret diff --git a/templates/all-services.yaml b/templates/all-services.yaml index 0a06d1d..5ccbd25 100644 --- a/templates/all-services.yaml +++ b/templates/all-services.yaml @@ -1,3 +1,17 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + #{{ if not .Values.disableAafAafCs }} apiVersion: v1 kind: Service diff --git a/values.yaml b/values.yaml index eac5d00..088adfe 100644 --- a/values.yaml +++ b/values.yaml @@ -1,3 +1,17 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + nsPrefix: onap pullPolicy: Always nodePortPrefix: 302 -- cgit 1.2.3-korg From e371d049390220a25901481e62b51d91c7c338ec Mon Sep 17 00:00:00 2001 From: kj Date: Tue, 27 Mar 2018 15:50:39 +0300 Subject: Add standardized helm chart for aaf AAF crashes due to "could not find or load main class org.onap.aaf.authz.service.AuthAPI" see https://jira.onap.org/browse/OOM-324 Issue-ID: OOM-732 Change-Id: I1c5f93d6e9a4d91224bfc0df2894ca7ab7d1de38 Signed-off-by: kj --- Chart.yaml | 4 +- charts/aaf-cs/.helmignore | 21 +++++ charts/aaf-cs/Chart.yaml | 4 + .../resources/config/aaf-data/identities.dat | 9 +++ charts/aaf-cs/templates/deployment.yaml | 75 +++++++++++++++++ charts/aaf-cs/templates/secret.yaml | 22 +++++ charts/aaf-cs/templates/service.yaml | 60 ++++++++++++++ charts/aaf-cs/values.yaml | 94 ++++++++++++++++++++++ requirements.yaml | 7 ++ resources/config/aaf-data/identities.dat | 9 --- templates/aaf-configmap.yaml | 23 ------ templates/aaf-cs-deployment.yaml | 52 ------------ templates/aaf-deployment.yaml | 70 ---------------- templates/aaf-secret.yaml | 24 ------ templates/all-services.yaml | 54 ------------- templates/configmap.yaml | 21 +++++ templates/deployment.yaml | 91 +++++++++++++++++++++ templates/service.yaml | 41 ++++++++++ values.yaml | 86 +++++++++++++++++--- 19 files changed, 523 insertions(+), 244 deletions(-) create mode 100644 charts/aaf-cs/.helmignore create mode 100644 charts/aaf-cs/Chart.yaml create mode 100644 charts/aaf-cs/resources/config/aaf-data/identities.dat create mode 100644 charts/aaf-cs/templates/deployment.yaml create mode 100644 charts/aaf-cs/templates/secret.yaml create mode 100644 charts/aaf-cs/templates/service.yaml create mode 100644 charts/aaf-cs/values.yaml create mode 100644 requirements.yaml delete mode 100644 resources/config/aaf-data/identities.dat delete mode 100644 templates/aaf-configmap.yaml delete mode 100644 templates/aaf-cs-deployment.yaml delete mode 100644 templates/aaf-deployment.yaml delete mode 100644 templates/aaf-secret.yaml delete mode 100644 templates/all-services.yaml create mode 100644 templates/configmap.yaml create mode 100644 templates/deployment.yaml create mode 100644 templates/service.yaml diff --git a/Chart.yaml b/Chart.yaml index 24cb7fd..438835d 100644 --- a/Chart.yaml +++ b/Chart.yaml @@ -13,6 +13,6 @@ # limitations under the License. apiVersion: v1 -description: A Helm chart for Kubernetes +description: ONAP Application Authorization Framework name: aaf -version: 1.1.0 +version: 2.0.0 diff --git a/charts/aaf-cs/.helmignore b/charts/aaf-cs/.helmignore new file mode 100644 index 0000000..f0c1319 --- /dev/null +++ b/charts/aaf-cs/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/charts/aaf-cs/Chart.yaml b/charts/aaf-cs/Chart.yaml new file mode 100644 index 0000000..a0f05c4 --- /dev/null +++ b/charts/aaf-cs/Chart.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +description: ONAP AAF cassandra +name: aaf-cs +version: 2.0.0 diff --git a/charts/aaf-cs/resources/config/aaf-data/identities.dat b/charts/aaf-cs/resources/config/aaf-data/identities.dat new file mode 100644 index 0000000..95eb51d --- /dev/null +++ b/charts/aaf-cs/resources/config/aaf-data/identities.dat @@ -0,0 +1,9 @@ +iowna|Ima D. Owner|Ima|Owner|314-123-2000|ima.d.owner@osaaf.com|e| +mmanager|Mark D. Manager|Mark|Manager|314-123-1234|mark.d.manager@osaaf.com|e|iowna +bdevl|Robert D. Developer|Bob|Developer|314-123-1235|bob.d.develper@osaaf.com|e|mmanager +mmarket|Mary D. Marketer|Mary|Marketer|314-123-1236|mary.d.marketer@osaaf.com|e|mmanager +ccontra|Clarice D. Contractor|Clarice|Contractor|314-123-1237|clarice.d.contractor@osaaf.com|c|mmanager +iretired|Ira Lee M. Retired|Ira|Retired|314-123-1238|clarice.d.contractor@osaaf.com|n|mmanager +osaaf|ID of AAF|||||a|bdevl +m99751|ID of AAF|||||a|bdevl +m99501|ID of AAF|||||a|bdevl diff --git a/charts/aaf-cs/templates/deployment.yaml b/charts/aaf-cs/templates/deployment.yaml new file mode 100644 index 0000000..80b99b2 --- /dev/null +++ b/charts/aaf-cs/templates/deployment.yaml @@ -0,0 +1,75 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + selector: + matchLabels: + app: {{ include "common.name" . }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + name: {{ .Release.Name }} + spec: + hostname: {{ include "common.name" . }} + containers: + - args: + image: "{{ .Values.repository | default .Values.global.repository }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }} + volumeMounts: + - mountPath: /data + name: aaf-cs-data + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + resources: +{{ toYaml .Values.resources | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + + volumes: + - name: aaf-cs-data + secret: + secretName: {{ include "common.fullname" . }} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/charts/aaf-cs/templates/secret.yaml b/charts/aaf-cs/templates/secret.yaml new file mode 100644 index 0000000..4ae60f1 --- /dev/null +++ b/charts/aaf-cs/templates/secret.yaml @@ -0,0 +1,22 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} +type: Opaque +data: +{{ (.Files.Glob "resources/config/aaf-cs-data/*").AsSecrets | indent 2 }} diff --git a/charts/aaf-cs/templates/service.yaml b/charts/aaf-cs/templates/service.yaml new file mode 100644 index 0000000..facf3ce --- /dev/null +++ b/charts/aaf-cs/templates/service.yaml @@ -0,0 +1,60 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort }} + #Example internal target port if required + #targetPort: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.name }} + - port: {{ .Values.service.externalPort2 }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }} + name: {{ .Values.service.name }}2 + - port: {{ .Values.service.externalPort3 }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort3 }} + name: {{ .Values.service.name }}3 + - port: {{ .Values.service.externalPort4 }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort4 }} + name: {{ .Values.service.name }}4 + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.name }} + - port: {{ .Values.service.externalPort2 }} + targetPort: {{ .Values.service.internalPort2 }} + name: {{ .Values.service.name }}2 + - port: {{ .Values.service.externalPort3 }} + targetPort: {{ .Values.service.internalPort3 }} + name: {{ .Values.service.name }}3 + - port: {{ .Values.service.externalPort4 }} + targetPort: {{ .Values.service.internalPort4 }} + name: {{ .Values.service.name }}4 + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + clusterIP: None diff --git a/charts/aaf-cs/values.yaml b/charts/aaf-cs/values.yaml new file mode 100644 index 0000000..ea5445f --- /dev/null +++ b/charts/aaf-cs/values.yaml @@ -0,0 +1,94 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== + +# If mountPath is over NFS (e.g. /dockerdata-nfs is NFS mounted between the nodes), uncomment following lines. +# persistence: +# mountPath: /dockerdata + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: library/cassandra:2.1.17 +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration +config: {} + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + +service: + type: ClusterIP + name: aaf-cs + #targetPort + internalPort: 7000 + #port + externalPort: 7000 + + internalPort2: 7001 + externalPort2: 7001 + internalPort3: 9042 + externalPort3: 9042 + internalPort4: 9160 + externalPort4: 9160 + +ingress: + enabled: false + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # + # Example: + # Configure resource requests and limits + # ref: http://kubernetes.io/docs/user-guide/compute-resources/ + # Minimum memory for development is 2 CPU cores and 4GB memory + # Minimum memory for production is 4 CPU cores and 8GB memory +#resources: +# limits: +# cpu: 2 +# memory: 4Gi +# requests: +# cpu: 2 +# memory: 4Gi diff --git a/requirements.yaml b/requirements.yaml new file mode 100644 index 0000000..fb4321d --- /dev/null +++ b/requirements.yaml @@ -0,0 +1,7 @@ +dependencies: + - name: common + version: ~2.0.0 + # local reference to common chart, as it is + # a part of this chart's package and will not + # be published independently to a repo (at this point) + repository: '@local' diff --git a/resources/config/aaf-data/identities.dat b/resources/config/aaf-data/identities.dat deleted file mode 100644 index 95eb51d..0000000 --- a/resources/config/aaf-data/identities.dat +++ /dev/null @@ -1,9 +0,0 @@ -iowna|Ima D. Owner|Ima|Owner|314-123-2000|ima.d.owner@osaaf.com|e| -mmanager|Mark D. Manager|Mark|Manager|314-123-1234|mark.d.manager@osaaf.com|e|iowna -bdevl|Robert D. Developer|Bob|Developer|314-123-1235|bob.d.develper@osaaf.com|e|mmanager -mmarket|Mary D. Marketer|Mary|Marketer|314-123-1236|mary.d.marketer@osaaf.com|e|mmanager -ccontra|Clarice D. Contractor|Clarice|Contractor|314-123-1237|clarice.d.contractor@osaaf.com|c|mmanager -iretired|Ira Lee M. Retired|Ira|Retired|314-123-1238|clarice.d.contractor@osaaf.com|n|mmanager -osaaf|ID of AAF|||||a|bdevl -m99751|ID of AAF|||||a|bdevl -m99501|ID of AAF|||||a|bdevl diff --git a/templates/aaf-configmap.yaml b/templates/aaf-configmap.yaml deleted file mode 100644 index f89ccec..0000000 --- a/templates/aaf-configmap.yaml +++ /dev/null @@ -1,23 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -#{{ if not .Values.disableAafAaf }} -apiVersion: v1 -kind: ConfigMap -metadata: - name: aaf-data-configmap - namespace: {{ .Values.nsPrefix }} -data: -{{ (.Files.Glob "resources/config/aaf-data/*").AsConfig | indent 2 }} -#{{ end }} diff --git a/templates/aaf-cs-deployment.yaml b/templates/aaf-cs-deployment.yaml deleted file mode 100644 index 7f8cdb6..0000000 --- a/templates/aaf-cs-deployment.yaml +++ /dev/null @@ -1,52 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -#{{ if not .Values.disableAafAafCs }} -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: aaf-cs - namespace: "{{ .Values.nsPrefix }}" -spec: - replicas: {{ .Values.aafcsReplicas }} - selector: - matchLabels: - app: aaf-cs - template: - metadata: - labels: - app: aaf-cs - name: aaf-cs - spec: - hostname: aaf-cs - containers: - - args: - image: {{ .Values.image.csImage }}:{{ .Values.image.csVersion }} - imagePullPolicy: {{ .Values.pullPolicy }} - name: "aaf-cs" - volumeMounts: - - mountPath: /data - name: aaf-cs-data - readinessProbe: - tcpSocket: - port: 7000 - initialDelaySeconds: 5 - periodSeconds: 10 - volumes: - - name: aaf-cs-data - secret: - secretName: aaf-cs-data-secret - imagePullSecrets: - - name: {{ .Values.nsPrefix }}-docker-registry-key -#{{ end }} diff --git a/templates/aaf-deployment.yaml b/templates/aaf-deployment.yaml deleted file mode 100644 index 0341344..0000000 --- a/templates/aaf-deployment.yaml +++ /dev/null @@ -1,70 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -#{{ if not .Values.disableAafAaf }} -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - labels: - app: aaf - name: aaf - namespace: "{{ .Values.nsPrefix }}" -spec: - replicas: {{ .Values.aafReplicas }} - selector: - matchLabels: - app: aaf - template: - metadata: - labels: - app: aaf - name: aaf - spec: - initContainers: - - command: - - /root/ready.py - args: - - --container-name - - aaf-cs - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: {{ .Values.image.readiness }} - imagePullPolicy: {{ .Values.pullPolicy }} - name: aaf-readiness - containers: - - env: - - name: CASSANDRA_CLUSTER - value: cassandra_container - image: {{ .Values.image.aafImage }}:{{ .Values.image.aafVersion }} - imagePullPolicy: {{ .Values.pullPolicy }} - volumeMounts: - - mountPath: /data - name: aaf-data - name: aaf - readinessProbe: - tcpSocket: - port: 8101 - initialDelaySeconds: 5 - periodSeconds: 10 - volumes: - - name: aaf-data - configMap: - name: aaf-data-configmap - imagePullSecrets: - - name: {{ .Values.nsPrefix }}-docker-registry-key -#{{ end }} diff --git a/templates/aaf-secret.yaml b/templates/aaf-secret.yaml deleted file mode 100644 index 842d0c4..0000000 --- a/templates/aaf-secret.yaml +++ /dev/null @@ -1,24 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -#{{ if not .Values.disableAafAafCs }} -apiVersion: v1 -kind: Secret -metadata: - name: aaf-cs-data-secret - namespace: {{ .Values.nsPrefix }} -type: Opaque -data: -{{ (.Files.Glob "resources/config/aaf-cs-data/*").AsSecrets | indent 2 }} -#{{ end }} diff --git a/templates/all-services.yaml b/templates/all-services.yaml deleted file mode 100644 index 5ccbd25..0000000 --- a/templates/all-services.yaml +++ /dev/null @@ -1,54 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -#{{ if not .Values.disableAafAafCs }} -apiVersion: v1 -kind: Service -metadata: - name: aaf-cs - namespace: "{{ .Values.nsPrefix }}" - labels: - app: aaf-cs -spec: - ports: - - name: aaf-cs-port-7000 - port: 7000 - - name: aaf-cs-port-7001 - port: 7001 - - name: aaf-cs-port-9042 - port: 9042 - - name: aaf-cs-port-9160 - port: 9160 - selector: - app: aaf-cs - clusterIP: None -#{{ end }} -#{{ if not .Values.disableAafAaf }} ---- -apiVersion: v1 -kind: Service -metadata: - name: aaf-authz-service - namespace: "{{ .Values.nsPrefix }}" - labels: - app: aaf-authz-service -spec: - ports: - - name: aaf-authz-service - port: 8101 - nodePort: {{ .Values.nodePortPrefix }}99 - selector: - app: clamp - type: NodePort -#{{ end }} \ No newline at end of file diff --git a/templates/configmap.yaml b/templates/configmap.yaml new file mode 100644 index 0000000..c7cf9ae --- /dev/null +++ b/templates/configmap.yaml @@ -0,0 +1,21 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} +data: +{{ (.Files.Glob "resources/config/aaf-data/*").AsConfig | indent 2 }} diff --git a/templates/deployment.yaml b/templates/deployment.yaml new file mode 100644 index 0000000..03506b5 --- /dev/null +++ b/templates/deployment.yaml @@ -0,0 +1,91 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} +spec: + replicas: {{ .Values.replicaCount }} + selector: + matchLabels: + app: {{ include "common.name" . }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + name: {{ include "common.fullname" . }} + spec: + initContainers: + - command: + - /root/ready.py + args: + - --container-name + - aaf-cs + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness + containers: + - env: + - name: CASSANDRA_CLUSTER + value: cassandra_container + image: "{{ .Values.global.repository | default .Values.repository }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - mountPath: /data + name: aaf-data + name: {{ include "common.name" . }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + resources: +{{ toYaml .Values.resources | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + + volumes: + - name: aaf-data + configMap: + name: {{ include "common.fullname" . }} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/templates/service.yaml b/templates/service.yaml new file mode 100644 index 0000000..3f6e1f0 --- /dev/null +++ b/templates/service.yaml @@ -0,0 +1,41 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort }} + #Example internal target port if required + #targetPort: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.name }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.name }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + type: {{ .Values.service.type }} diff --git a/values.yaml b/values.yaml index 088adfe..4f9c1c6 100644 --- a/values.yaml +++ b/values.yaml @@ -12,14 +12,80 @@ # See the License for the specific language governing permissions and # limitations under the License. -nsPrefix: onap +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + repository: nexus3.onap.org:10001 + repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== + readinessRepository: oomk8s + readinessImage: readiness-check:1.1.0 + +# If mountPath is over NFS (e.g. /dockerdata-nfs is NFS mounted between the nodes), uncomment following lines. +# persistence: +# mountPath: /dockerdata + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/aaf/authz-service:latest pullPolicy: Always -nodePortPrefix: 302 -aafcsReplicas: 1 -aafReplicas: 1 -image: - readiness: oomk8s/readiness-check:1.1.0 - aafImage: nexus3.onap.org:10001/onap/aaf/authz-service - aafVersion: latest - csImage: nexus3.onap.org:10001/library/cassandra - csVersion: 2.1.17 + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration +config: {} + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + +service: + type: NodePort + name: aaf-authz + #targetPort + internalPort: 8101 + #port + externalPort: 8101 + nodePort: 99 + +ingress: + enabled: false + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # + # Example: + # Configure resource requests and limits + # ref: http://kubernetes.io/docs/user-guide/compute-resources/ + # Minimum memory for development is 2 CPU cores and 4GB memory + # Minimum memory for production is 4 CPU cores and 8GB memory +#resources: +# limits: +# cpu: 2 +# memory: 4Gi +# requests: +# cpu: 2 +# memory: 4Gi -- cgit 1.2.3-korg From cb38238247608ba5db7e7112735d76f12bdc4af1 Mon Sep 17 00:00:00 2001 From: Kiran Kamineni Date: Wed, 21 Mar 2018 14:58:11 -0700 Subject: Add support for secret management service Adding Helm charts for deployment of secret management service. Adding them as a subchart under aaf. Solved the values problem by using env variable to pass values to SMS about the backend service URL Issue-ID: AAF-162 Change-Id: Iac7973fdf38281a1d1b6ccb0fbfb5c3a052ac7ae Signed-off-by: Kiran Kamineni Signed-off-by: Mike Elliott --- charts/aaf-cs/templates/deployment.yaml | 2 +- charts/aaf-cs/values.yaml | 5 +- charts/sms/Chart.yaml | 18 ++++ charts/sms/charts/vault/Chart.yaml | 19 ++++ charts/sms/charts/vault/templates/configmap.yaml | 41 ++++++++ charts/sms/charts/vault/templates/pv.yaml | 37 +++++++ charts/sms/charts/vault/templates/pvc.yaml | 48 +++++++++ charts/sms/charts/vault/templates/service.yaml | 39 +++++++ charts/sms/charts/vault/templates/statefulset.yaml | 78 ++++++++++++++ charts/sms/charts/vault/values.yaml | 112 +++++++++++++++++++++ charts/sms/templates/configmap.yaml | 27 +++++ charts/sms/templates/deployment.yaml | 81 +++++++++++++++ charts/sms/templates/service.yaml | 39 +++++++ charts/sms/values.yaml | 95 +++++++++++++++++ templates/deployment.yaml | 2 +- values.yaml | 1 - 16 files changed, 637 insertions(+), 7 deletions(-) create mode 100644 charts/sms/Chart.yaml create mode 100644 charts/sms/charts/vault/Chart.yaml create mode 100644 charts/sms/charts/vault/templates/configmap.yaml create mode 100644 charts/sms/charts/vault/templates/pv.yaml create mode 100644 charts/sms/charts/vault/templates/pvc.yaml create mode 100644 charts/sms/charts/vault/templates/service.yaml create mode 100644 charts/sms/charts/vault/templates/statefulset.yaml create mode 100644 charts/sms/charts/vault/values.yaml create mode 100644 charts/sms/templates/configmap.yaml create mode 100644 charts/sms/templates/deployment.yaml create mode 100644 charts/sms/templates/service.yaml create mode 100644 charts/sms/values.yaml diff --git a/charts/aaf-cs/templates/deployment.yaml b/charts/aaf-cs/templates/deployment.yaml index 80b99b2..15e574f 100644 --- a/charts/aaf-cs/templates/deployment.yaml +++ b/charts/aaf-cs/templates/deployment.yaml @@ -36,7 +36,7 @@ spec: hostname: {{ include "common.name" . }} containers: - args: - image: "{{ .Values.repository | default .Values.global.repository }}/{{ .Values.image }}" + image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }} volumeMounts: diff --git a/charts/aaf-cs/values.yaml b/charts/aaf-cs/values.yaml index ea5445f..89b83cd 100644 --- a/charts/aaf-cs/values.yaml +++ b/charts/aaf-cs/values.yaml @@ -18,10 +18,7 @@ global: nodePortPrefix: 302 repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== - -# If mountPath is over NFS (e.g. /dockerdata-nfs is NFS mounted between the nodes), uncomment following lines. -# persistence: -# mountPath: /dockerdata + ################################################################# # Application configuration defaults. diff --git a/charts/sms/Chart.yaml b/charts/sms/Chart.yaml new file mode 100644 index 0000000..962ef38 --- /dev/null +++ b/charts/sms/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: ONAP Secret Management Service +name: sms +version: 2.0.0 diff --git a/charts/sms/charts/vault/Chart.yaml b/charts/sms/charts/vault/Chart.yaml new file mode 100644 index 0000000..bf1af99 --- /dev/null +++ b/charts/sms/charts/vault/Chart.yaml @@ -0,0 +1,19 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: Chart to launch Vault as SMS backend +name: vault +appVersion: 0.9.5 +version: 2.0.0 diff --git a/charts/sms/charts/vault/templates/configmap.yaml b/charts/sms/charts/vault/templates/configmap.yaml new file mode 100644 index 0000000..daf8cad --- /dev/null +++ b/charts/sms/charts/vault/templates/configmap.yaml @@ -0,0 +1,41 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-vault + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: + config.json: | + {{ .Values.config.vault | toJson }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-consul + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: + config.json: | + {{ .Values.config.consul | toJson }} diff --git a/charts/sms/charts/vault/templates/pv.yaml b/charts/sms/charts/vault/templates/pv.yaml new file mode 100644 index 0000000..37ed28e --- /dev/null +++ b/charts/sms/charts/vault/templates/pv.yaml @@ -0,0 +1,37 @@ +{{/* +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} +spec: + capacity: + storage: {{ .Values.persistence.size}} + accessModes: + - {{ .Values.persistence.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} +{{- end -}} \ No newline at end of file diff --git a/charts/sms/charts/vault/templates/pvc.yaml b/charts/sms/charts/vault/templates/pvc.yaml new file mode 100644 index 0000000..e6aacd1 --- /dev/null +++ b/charts/sms/charts/vault/templates/pvc.yaml @@ -0,0 +1,48 @@ +{{/* +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + selector: + matchLabels: + name: {{ include "common.fullname" . }} + accessModes: + - {{ .Values.persistence.accessMode }} + resources: + requests: + storage: {{ .Values.persistence.size }} +{{- if .Values.persistence.storageClass }} +{{- if (eq "-" .Values.persistence.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.storageClass }}" +{{- end }} +{{- end }} +{{- end -}} diff --git a/charts/sms/charts/vault/templates/service.yaml b/charts/sms/charts/vault/templates/service.yaml new file mode 100644 index 0000000..cb2f286 --- /dev/null +++ b/charts/sms/charts/vault/templates/service.yaml @@ -0,0 +1,39 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.fullname" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + - name: {{ .Values.service.name }} + {{if eq .Values.service.type "NodePort" -}} + port: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default "302" }}{{ .Values.service.nodePort }} + {{- else -}} + port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + {{- end}} + protocol: TCP + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} diff --git a/charts/sms/charts/vault/templates/statefulset.yaml b/charts/sms/charts/vault/templates/statefulset.yaml new file mode 100644 index 0000000..26f0304 --- /dev/null +++ b/charts/sms/charts/vault/templates/statefulset.yaml @@ -0,0 +1,78 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: apps/v1beta1 +kind: StatefulSet +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + serviceName: + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + containers: + - image: "{{ include "common.repository" . }}/{{ .Values.image.vault }}" + name: {{ include "common.name" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: ["vault","server","-config","/vault/config/config.json"] + ports: + - containerPort: {{ .Values.service.internalPort }} + volumeMounts: + - mountPath: /vault/config/config.json + name: {{ include "common.fullname" . }}-vault + subPath: config.json + - mountPath: /etc/localtime + name: localtime + readOnly: true + + - image: "{{ include "common.repository" . }}/{{ .Values.image.consul }}" + name: {{ include "common.name" . }}-backend + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: ["consul","agent","-server","-client","0.0.0.0","-bootstrap-expect=1","-config-file","/consul/config/config.json"] + ports: + - name: http + containerPort: 8500 + volumeMounts: + - mountPath: /consul/data + name: {{ include "common.fullname" . }}-consuldata + - mountPath: /consul/config/config.json + name: {{ include "common.fullname" . }}-consulconfiguration + subPath: config.json + - mountPath: /etc/localtime + name: localtime + readOnly: true + volumes: + - name: {{ include "common.fullname" . }}-consuldata + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }} + - name: {{ include "common.fullname" . }}-consulconfiguration + configMap: + name: {{ include "common.fullname" . }}-consul + - name: {{ include "common.fullname" . }}-vault + configMap: + name: {{ include "common.fullname" . }}-vault + - name: localtime + hostPath: + path: /etc/localtime + diff --git a/charts/sms/charts/vault/values.yaml b/charts/sms/charts/vault/values.yaml new file mode 100644 index 0000000..c65e6e1 --- /dev/null +++ b/charts/sms/charts/vault/values.yaml @@ -0,0 +1,112 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== + persistence: {} + +# application image +repository: docker.io +image: + consul: consul:1.0.6 + vault: vault:0.9.6 +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +################################################################# +# Application configuration defaults. +################################################################# +config: + consul: + server: true + log_level: INFO + server: true + data_dir: '/consul/data' + ports: + http: 8500 + https: -1 + + vault: + storage: + consul: + address: localhost:8500 + path: smsvault + listener: + tcp: + address: '[::]:8200' + tls_disable: true + disable_mlock: true + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + +persistence: + enabled: true + + volumeReclaimPolicy: Retain + + accessMode: ReadWriteMany + size: 2Gi + mountPath: /dockerdata-nfs + mountSubPath: sms/consul/data + +service: + type: NodePort + name: vault + internalPort: 8200 + nodePort: 44 + +ingress: + enabled: false + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # + # Example: + # Configure resource requests and limits + # ref: http://kubernetes.io/docs/user-guide/compute-resources/ + # Minimum memory for development is 2 CPU cores and 4GB memory + # Minimum memory for production is 4 CPU cores and 8GB memory +#resources: +# limits: +# cpu: 2 +# memory: 4Gi +# requests: +# cpu: 2 +# memory: 4Gi diff --git a/charts/sms/templates/configmap.yaml b/charts/sms/templates/configmap.yaml new file mode 100644 index 0000000..72ce6fb --- /dev/null +++ b/charts/sms/templates/configmap.yaml @@ -0,0 +1,27 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: + smsconfig.json: | + {{ .Values.config | toJson }} diff --git a/charts/sms/templates/deployment.yaml b/charts/sms/templates/deployment.yaml new file mode 100644 index 0000000..66c649c --- /dev/null +++ b/charts/sms/templates/deployment.yaml @@ -0,0 +1,81 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + containers: + - image: "{{ .Values.repository }}/{{ .Values.image }}" + name: {{ include "common.name" . }} + imagePullPolicy: {{ .Values.pullPolicy }} + command: ["/sms/bin/sms"] + workingDir: /sms/ + env: + - name: {{ .Values.config.smsdburlenv }} + value: "http://{{ include "common.namespace" . }}-smsdb:8200" + ports: + - containerPort: {{ .Values.service.internalPort }} + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /sms/smsconfig.json + name: {{ include "common.name" .}} + subPath: smsconfig.json + resources: +{{ toYaml .Values.resources | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name : {{ include "common.name" . }} + configMap: + name: {{ include "common.fullname" . }} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/charts/sms/templates/service.yaml b/charts/sms/templates/service.yaml new file mode 100644 index 0000000..cb2f286 --- /dev/null +++ b/charts/sms/templates/service.yaml @@ -0,0 +1,39 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.fullname" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + - name: {{ .Values.service.name }} + {{if eq .Values.service.type "NodePort" -}} + port: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default "302" }}{{ .Values.service.nodePort }} + {{- else -}} + port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + {{- end}} + protocol: TCP + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} diff --git a/charts/sms/values.yaml b/charts/sms/values.yaml new file mode 100644 index 0000000..3db9b9a --- /dev/null +++ b/charts/sms/values.yaml @@ -0,0 +1,95 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== + readinessRepository: oomk8s + readinessImage: readiness-check:1.1.1 + loggingRepository: docker.elastic.co + loggingImage: beats/filebeat:5.5.0 + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/aaf/sms +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration +# Example: +config: + smsdburlenv: "SMSDB_URL" + cafile: "/sms/auth/selfsignedca.pem" + servercert: "/sms/auth/server.cert" + serverkey: "/sms/auth/server.key" + disable_tls: true + +# subchart configuration +vault: + nameOverride: smsdb + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 20 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 20 + +service: + type: NodePort + name: sms + internalPort: 10443 + nodePort: 43 + +ingress: + enabled: false + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # + # Example: + # Configure resource requests and limits + # ref: http://kubernetes.io/docs/user-guide/compute-resources/ + # Minimum memory for development is 2 CPU cores and 4GB memory + # Minimum memory for production is 4 CPU cores and 8GB memory +#resources: +# limits: +# cpu: 2 +# memory: 4Gi +# requests: +# cpu: 2 +# memory: 4Gi diff --git a/templates/deployment.yaml b/templates/deployment.yaml index 03506b5..2a4e7d2 100644 --- a/templates/deployment.yaml +++ b/templates/deployment.yaml @@ -52,7 +52,7 @@ spec: - env: - name: CASSANDRA_CLUSTER value: cassandra_container - image: "{{ .Values.global.repository | default .Values.repository }}/{{ .Values.image }}" + image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: - mountPath: /data diff --git a/values.yaml b/values.yaml index 4f9c1c6..ffdfaa5 100644 --- a/values.yaml +++ b/values.yaml @@ -17,7 +17,6 @@ ################################################################# global: nodePortPrefix: 302 - repository: nexus3.onap.org:10001 repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== readinessRepository: oomk8s readinessImage: readiness-check:1.1.0 -- cgit 1.2.3-korg From 80e1647892dc4f815017c83dd9c6e36d60803ad4 Mon Sep 17 00:00:00 2001 From: Keren Joseph Date: Sun, 8 Apr 2018 13:20:09 +0300 Subject: aaf mapping fix Issue-ID: OOM-888 Change-Id: I005c686239e366318f08ec3b810ca2b1d3dbda56 Signed-off-by: Keren Joseph --- .../aaf-cs/resources/config/aaf-cs-data/ecomp.cql | 169 ++++++++++++++ .../resources/config/aaf-cs-data/identities.dat | 7 + .../resources/config/aaf-cs-data/identities.idx | Bin 0 -> 56 bytes .../aaf-cs/resources/config/aaf-cs-data/init.cql | 242 +++++++++++++++++++++ .../resources/config/aaf-data/identities.dat | 9 - resources/config/aaf-cs-data/ecomp.cql | 169 -------------- resources/config/aaf-cs-data/identities.dat | 7 - resources/config/aaf-cs-data/identities.idx | Bin 56 -> 0 bytes resources/config/aaf-cs-data/init.cql | 242 --------------------- resources/config/aaf-data/identities.dat | 9 + 10 files changed, 427 insertions(+), 427 deletions(-) create mode 100644 charts/aaf-cs/resources/config/aaf-cs-data/ecomp.cql create mode 100644 charts/aaf-cs/resources/config/aaf-cs-data/identities.dat create mode 100644 charts/aaf-cs/resources/config/aaf-cs-data/identities.idx create mode 100644 charts/aaf-cs/resources/config/aaf-cs-data/init.cql delete mode 100644 charts/aaf-cs/resources/config/aaf-data/identities.dat delete mode 100644 resources/config/aaf-cs-data/ecomp.cql delete mode 100644 resources/config/aaf-cs-data/identities.dat delete mode 100644 resources/config/aaf-cs-data/identities.idx delete mode 100644 resources/config/aaf-cs-data/init.cql create mode 100644 resources/config/aaf-data/identities.dat diff --git a/charts/aaf-cs/resources/config/aaf-cs-data/ecomp.cql b/charts/aaf-cs/resources/config/aaf-cs-data/ecomp.cql new file mode 100644 index 0000000..6fddf65 --- /dev/null +++ b/charts/aaf-cs/resources/config/aaf-cs-data/ecomp.cql @@ -0,0 +1,169 @@ +USE authz; + +// Create Root pass +INSERT INTO cred (id,ns,type,cred,expires) + VALUES ('dgl@openecomp.org','org.openecomp',1,0xab3831f27b39d7a039f9a92aa2bbfe51,'2020-12-31'); + +INSERT INTO cred (id,ns,type,cred,expires) + VALUES ('m99751@dmaapBC.openecomp.org','org.openecomp.dmaapBC',1,0xab3831f27b39d7a039f9a92aa2bbfe51,'2020-12-31'); + +INSERT INTO cred (id,ns,type,cred,expires) + VALUES ('m99501@dmaapBC.openecomp.org','org.openecomp.dmaapBC',1,0xab3831f27b39d7a039f9a92aa2bbfe51,'2020-12-31'); + + +// Create 'com' root NS +INSERT INTO ns (name,scope,description,parent,type) + VALUES('com',1,'Root Namespace',null,1); + +INSERT INTO role(ns, name, perms, description) + VALUES('com','admin',{'com.access|*|*'},'Com Admins'); + +INSERT INTO role(ns, name, perms, description) + VALUES('com','owner',{'com.access|*|read'},'Com Owners'); + +INSERT INTO perm(ns, type, instance, action, roles, description) + VALUES ('com','access','*','read',{'com.owner'},'Com Read Access'); + +INSERT INTO perm(ns, type, instance, action, roles, description) + VALUES ('com','access','*','*',{'com.admin'},'Com Write Access'); + +INSERT INTO user_role(user,role,expires,ns,rname) + VALUES ('dgl@openecomp.org','com.owner','2020-12-31','com','owner'); + +INSERT INTO user_role(user,role,expires,ns,rname) + VALUES ('dgl@openecomp.org','com.admin','2020-12-31','com','admin'); + +// Create org root NS +INSERT INTO ns (name,scope,description,parent,type) + VALUES('org',1,'Root Namespace Org',null,1); + +INSERT INTO ns (name,scope,description,parent,type) + VALUES('org.openecomp.dcae',3,'DCAE Namespace Org','org.openecomp',3); + +INSERT INTO ns (name,scope,description,parent,type) + VALUES('org.openecomp.dmaapBC',3,'DMaaP BC Namespace Org','org.openecomp',3); + +INSERT INTO role(ns, name, perms, description) + VALUES('org','admin',{'org.access|*|*'},'Com Admins'); + +INSERT INTO role(ns, name, perms, description) + VALUES('org','owner',{'org.access|*|read'},'Com Owners'); + +INSERT INTO perm(ns, type, instance, action, roles, description) + VALUES ('org','access','*','read',{'org.owner'},'Com Read Access'); + +INSERT INTO perm(ns, type, instance, action, roles, description) + VALUES ('org','access','*','*',{'org.admin'},'Com Write Access'); + +INSERT INTO user_role(user,role,expires,ns,rname) + VALUES ('dgl@openecomp.org','org.owner','2020-12-31','org','owner'); + +INSERT INTO user_role(user,role,expires,ns,rname) + VALUES ('dgl@openecomp.org','org.admin','2020-12-31','org','admin'); + + +// Create com.att + +INSERT INTO ns (name,scope,description,parent,type) + VALUES('com.att',2,'AT&T Namespace','com',2); + +INSERT INTO role(ns, name, perms,description) + VALUES('com.att','admin',{'com.att.access|*|*'},'AT&T Admins'); + +INSERT INTO role(ns, name, perms,description) + VALUES('com.att','owner',{'com.att.access|*|read'},'AT&T Owners'); + +INSERT INTO perm(ns, type, instance, action, roles,description) + VALUES ('com.att','access','*','read',{'com.att.owner'},'AT&T Read Access'); + +INSERT INTO perm(ns, type, instance, action, roles,description) + VALUES ('com.att','access','*','*',{'com.att.admin'},'AT&T Write Access'); + +INSERT INTO user_role(user,role,expires,ns,rname) + VALUES ('dgl@openecomp.org','com.att.owner','2020-12-31','com.att','owner'); + +INSERT INTO user_role(user,role,expires,ns,rname) + VALUES ('dgl@openecomp.org','com.att.admin','2020-12-31','com.att','admin'); + +// Create com.att.aaf + +INSERT INTO ns (name,scope,description,parent,type) + VALUES('com.att.aaf',3,'Application Authorization Framework','com.att',3); + +INSERT INTO role(ns, name, perms, description) + VALUES('com.att.aaf','admin',{'com.att.aaf.access|*|*'},'AAF Admins'); + +INSERT INTO role(ns, name, perms, description) + VALUES('com.att.aaf','owner',{'com.att.aaf.access|*|read'},'AAF Owners'); + +INSERT INTO perm(ns, type, instance, action, roles, description) + VALUES ('com.att.aaf','access','*','read',{'com.att.aaf.owner'},'AAF Read Access'); + +INSERT INTO perm(ns, type, instance, action, roles, description) + VALUES ('com.att.aaf','access','*','*',{'com.att.aaf.admin'},'AAF Write Access'); + +INSERT INTO user_role(user,role,expires,ns,rname) + VALUES ('dgl@openecomp.org','com.att.aaf.admin','2020-12-31','com.att.aaf','admin'); +INSERT INTO user_role(user,role,expires,ns,rname) + VALUES ('dgl@openecomp.org','com.att.aaf.owner','2020-12-31','com.att.aaf','owner'); + + +// Create org.openecomp +INSERT INTO ns (name,scope,description,parent,type) + VALUES('org.openecomp',2,'Open EComp NS','com.att',2); + +INSERT INTO role(ns, name, perms, description) + VALUES('org.openecomp','admin',{'org.openecomp.access|*|*'},'OpenEcomp Admins'); + +INSERT INTO role(ns, name, perms, description) + VALUES('org.openecomp','owner',{'org.openecomp.access|*|read'},'OpenEcomp Owners'); + +INSERT INTO perm(ns, type, instance, action, roles, description) + VALUES ('org.openecomp','access','*','read',{'org.openecomp.owner'},'OpenEcomp Read Access'); + +INSERT INTO perm(ns, type, instance, action, roles, description) + VALUES ('org.openecomp','access','*','*',{'org.openecomp.admin'},'OpenEcomp Write Access'); + +INSERT INTO user_role(user,role,expires,ns,rname) + VALUES ('dgl@openecomp.org','org.openecomp.admin','2020-12-31','org.openecomp','admin'); + +// Create org.openecomp.dmaapBC + +INSERT INTO ns (name,scope,description,parent,type) + VALUES('org.openecomp.dmaapBC',3,'Application Authorization Framework','org.openecomp',3); + +//INSERT INTO role(ns, name, perms, description) +// VALUES('org.openecomp.dmaapBC','admin',{'org.openecomp.dmaapBC.access|*|*'},'AAF Admins'); + +INSERT INTO role(ns, name, perms, description) +VALUES('org.openecomp.dmaapBC','admin',{'org.openecomp.dmaapBC.access|*|*','org.openecomp.dmaapBC.topicFactory|:org.openecomp.dmaapBC.topic:org.openecomp.dmaapBC|create','org.openecomp.dmaapBC.mr.topic|:topic.org.openecomp.dmaapBC.newtopic|sub','org.openecomp.dmaapBC.mr.topic|:topic.org.openecomp.dmaapBC.newtopic|pub'},'AAF Admins'); + +//INSERT INTO role(ns, name, perms, description) +//VALUES('org.openecomp.dmaapBC','admin',{'org.openecomp.dmaapBC.access|*|*','org.openecomp.dmaapBC.mr.topic|:topic.org.openecomp.dmaapBC.newtopic|sub'},'AAF Admins'); + +//INSERT INTO role(ns, name, perms, description) +//VALUES('org.openecomp.dmaapBC','admin',{'org.openecomp.dmaapBC.access|*|*','org.openecomp.dmaapBC.mr.topic|:topic.org.openecomp.dmaapBC.newtopic|pub'},'AAF Admins'); + + + +INSERT INTO role(ns, name, perms, description) + VALUES('org.openecomp.dmaapBC','owner',{'org.openecomp.dmaapBC.access|*|read'},'AAF Owners'); + +INSERT INTO perm(ns, type, instance, action, roles, description) + VALUES ('org.openecomp.dmaapBC','access','*','read',{'org.openecomp.dmaapBC.owner'},'AAF Read Access'); + +INSERT INTO perm(ns, type, instance, action, roles, description) + VALUES ('org.openecomp.dmaapBC','access','*','*',{'org.openecomp.dmaapBC.admin'},'AAF Write Access'); + +INSERT INTO user_role(user,role,expires,ns,rname) + VALUES ('dgl@openecomp.org','org.openecomp.dmaapBC.admin','2020-12-31','org.openecomp.dmaapBC','admin'); +INSERT INTO user_role(user,role,expires,ns,rname) + VALUES ('dgl@openecomp.org','org.openecomp.dmaapBC.owner','2020-12-31','org.openecomp.dmaapBC','owner'); +INSERT INTO user_role(user,role,expires,ns,rname) + VALUES ('m99751@dmaapBC.openecomp.org','org.openecomp.dmaapBC.admin','2020-12-31','org.openecomp.dmaapBC','admin'); +INSERT INTO user_role(user,role,expires,ns,rname) + VALUES ('m99751@dmaapBC.openecomp.org','org.openecomp.dmaapBC.owner','2020-12-31','org.openecomp.dmaapBC','owner'); +INSERT INTO user_role(user,role,expires,ns,rname) + VALUES ('m99501@dmaapBC.openecomp.org','org.openecomp.dmaapBC.admin','2020-12-31','org.openecomp.dmaapBC','admin'); +INSERT INTO user_role(user,role,expires,ns,rname) + VALUES ('m99501@dmaapBC.openecomp.org','org.openecomp.dmaapBC.owner','2020-12-31','org.openecomp.dmaapBC','owner'); diff --git a/charts/aaf-cs/resources/config/aaf-cs-data/identities.dat b/charts/aaf-cs/resources/config/aaf-cs-data/identities.dat new file mode 100644 index 0000000..98bf99a --- /dev/null +++ b/charts/aaf-cs/resources/config/aaf-cs-data/identities.dat @@ -0,0 +1,7 @@ +iowna|Ima D. Owner|Ima|Owner|314-123-2000|ima.d.owner@osaaf.com|e| +mmanager|Mark D. Manager|Mark|Manager|314-123-1234|mark.d.manager@osaaf.com|e|iowna +bdevl|Robert D. Developer|Bob|Developer|314-123-1235|bob.d.develper@osaaf.com|e|mmanager +mmarket|Mary D. Marketer|Mary|Marketer|314-123-1236|mary.d.marketer@osaaf.com|e|mmanager +ccontra|Clarice D. Contractor|Clarice|Contractor|314-123-1237|clarice.d.contractor@osaaf.com|c|mmanager +iretired|Ira Lee M. Retired|Ira|Retired|314-123-1238|clarice.d.contractor@osaaf.com|n|mmanager +osaaf|ID of AAF|||||a|bdevl diff --git a/charts/aaf-cs/resources/config/aaf-cs-data/identities.idx b/charts/aaf-cs/resources/config/aaf-cs-data/identities.idx new file mode 100644 index 0000000..78fc0a5 Binary files /dev/null and b/charts/aaf-cs/resources/config/aaf-cs-data/identities.idx differ diff --git a/charts/aaf-cs/resources/config/aaf-cs-data/init.cql b/charts/aaf-cs/resources/config/aaf-cs-data/init.cql new file mode 100644 index 0000000..81700f8 --- /dev/null +++ b/charts/aaf-cs/resources/config/aaf-cs-data/init.cql @@ -0,0 +1,242 @@ +// For Developer Machine single instance +// +CREATE KEYSPACE authz +WITH REPLICATION = {'class' : 'SimpleStrategy','replication_factor':1}; +// +// From Ravi, 6-17-2014. User for DEVL->TEST +// +// CREATE KEYSPACE authz WITH replication = { 'class': 'NetworkTopologyStrategy', 'HYWRCA02': '2', 'BRHMALDC': '2' }; +// +// PROD +// +// CREATE KEYSPACE authz WITH replication = {'class': 'NetworkTopologyStrategy','ALPSGACT': '2','STLSMORC': '2','BRHMALDC': '2' }; +// +// create user authz with password '' superuser; +// grant all on keyspace authz to authz; +// +// For TEST (aaf_test) +// CREATE KEYSPACE authz WITH replication = { 'class': 'NetworkTopologyStrategy', 'BRHMALDC': '1' }; +// +// DEVL +// CREATE KEYSPACE authz WITH replication = {'class': 'NetworkTopologyStrategy','STLSMORC': '2' }; +// +// TEST / PERF +// CREATE KEYSPACE authz WITH replication = {'class': 'NetworkTopologyStrategy','STLSMORC': '3','KGMTNC20': '3' }; +// +// IST +// CREATE KEYSPACE authz WITH replication = {'class': 'NetworkTopologyStrategy','STLSMORC':'3', +// 'DLLSTXCF':'3','KGMTNC20':'3','SFLDMIBB':'3','HYWRCA02':'3' }; +// +// with 6 localized with ccm +// CREATE KEYSPACE authz WITH replication = { 'class': 'NetworkTopologyStrategy', 'dc1': '2', 'dc2': '2' }; +// + +USE authz; + +// +// CORE Table function +// + +// Namespace - establish hierarchical authority to modify +// Permissions and Roles +// "scope" is flag to determine Policy. Typical important scope +// is "company" (1) +CREATE TABLE ns ( + name varchar, + scope int, // deprecated 2.0.11 + description varchar, + parent varchar, + type int, + PRIMARY KEY (name) +); +CREATE INDEX ns_parent on ns(parent); + + +// Oct 2015, not performant. Made Owner and Attrib first class Roles, +// April, 2015. Originally, the plan was to utilize Cassandra 2.1.2, however, other team's preferences were to remain at current levels. +// Therefore, we are taking the separate table approach. (coder Jeremiah Rohwedder) +// We had dropped this by making first class objects of Responsible (Owner) and Admin. We need this again to mark namespaces +// as having certain tools, like SWM, etc. +CREATE TABLE ns_attrib ( + ns varchar, + key varchar, + value varchar, + PRIMARY KEY (ns,key) +); +create index ns_attrib_key on ns_attrib(key); + +// Will be cached +CREATE TABLE role ( + ns varchar, + name varchar, + perms set, // Use "Key" of "name|type|action" + description varchar, + PRIMARY KEY (ns,name) +); +CREATE INDEX role_name ON role(name); + +// Will be cached +CREATE TABLE perm ( + ns varchar, + type varchar, + instance varchar, + action varchar, + roles set, // Need to find Roles given Permissions + description varchar, + PRIMARY KEY (ns,type,instance,action) +); + +// This table is user for Authorization +CREATE TABLE user_role ( + user varchar, + role varchar, // deprecated: change to ns/rname after 2.0.11 + ns varchar, + rname varchar, + expires timestamp, + PRIMARY KEY(user,role) + ); +CREATE INDEX user_role_ns ON user_role(ns); +CREATE INDEX user_role_role ON user_role(role); + +// This table is only for the case where return User Credential (MechID) Authentication +CREATE TABLE cred ( + id varchar, + type int, + expires timestamp, + ns varchar, + other int, + notes varchar, + cred blob, + prev blob, + PRIMARY KEY (id,type,expires) + ); +CREATE INDEX cred_ns ON cred(ns); + +// Certificate Cross Table +// coordinated with CRED type 2 +CREATE TABLE cert ( + fingerprint blob, + id varchar, + x500 varchar, + expires timestamp, + PRIMARY KEY (fingerprint) + ); +CREATE INDEX cert_id ON cert(id); +CREATE INDEX cert_x500 ON cert(x500); + +CREATE TABLE notify ( + user text, + type int, + last timestamp, + checksum int, + PRIMARY KEY (user,type) +); + +CREATE TABLE x509 ( + ca text, + serial blob, + id text, + x500 text, + x509 text, + PRIMARY KEY (ca,serial) +); + + +CREATE INDEX x509_id ON x509 (id); +CREATE INDEX x509_x500 ON x509 (x500); + +// +// Deployment Artifact (for Certman) +// +CREATE TABLE artifact ( + mechid text, + machine text, + type Set, + sponsor text, + ca text, + dir text, + appName text, + os_user text, + notify text, + expires timestamp, + renewDays int, + PRIMARY KEY (mechid,machine) +); +CREATE INDEX artifact_machine ON artifact(machine); + +// +// Non-Critical Table functions +// +// Table Info - for Caching +CREATE TABLE cache ( + name varchar, + seg int, // cache Segment + touched timestamp, + PRIMARY KEY(name,seg) +); + +CREATE TABLE history ( + id timeuuid, + yr_mon int, + user varchar, + action varchar, + target varchar, // user, user_role, + subject varchar, // field for searching main portion of target key + memo varchar, //description of the action + reconstruct blob, //serialized form of the target + // detail Map, // additional information + PRIMARY KEY (id) +); +CREATE INDEX history_yr_mon ON history(yr_mon); +CREATE INDEX history_user ON history(user); +CREATE INDEX history_subject ON history(subject); + +// +// A place to hold objects to be created at a future time. +// +CREATE TABLE future ( + id uuid, // uniquify + target varchar, // Target Table + memo varchar, // Description + start timestamp, // When it should take effect + expires timestamp, // When not longer valid + construct blob, // How to construct this object (like History) + PRIMARY KEY(id) +); +CREATE INDEX future_idx ON future(target); +CREATE INDEX future_start_idx ON future(start); + + +CREATE TABLE approval ( + id timeuuid, // unique Key + ticket uuid, // Link to Future Record + user varchar, // the user who needs to be approved + approver varchar, // user approving + type varchar, // approver types i.e. Supervisor, Owner + status varchar, // approval status. pending, approved, denied + memo varchar, // Text for Approval to know what's going on + operation varchar, // List operation to perform + PRIMARY KEY(id) + ); +CREATE INDEX appr_approver_idx ON approval(approver); +CREATE INDEX appr_user_idx ON approval(user); +CREATE INDEX appr_ticket_idx ON approval(ticket); +CREATE INDEX appr_status_idx ON approval(status); + +CREATE TABLE delegate ( + user varchar, + delegate varchar, + expires timestamp, + PRIMARY KEY (user) +); +CREATE INDEX delg_delg_idx ON delegate(delegate); + +// +// Used by authz-batch processes to ensure only 1 runs at a time +// +CREATE TABLE run_lock ( + class text, + host text, + start timestamp, + PRIMARY KEY ((class)) +); diff --git a/charts/aaf-cs/resources/config/aaf-data/identities.dat b/charts/aaf-cs/resources/config/aaf-data/identities.dat deleted file mode 100644 index 95eb51d..0000000 --- a/charts/aaf-cs/resources/config/aaf-data/identities.dat +++ /dev/null @@ -1,9 +0,0 @@ -iowna|Ima D. Owner|Ima|Owner|314-123-2000|ima.d.owner@osaaf.com|e| -mmanager|Mark D. Manager|Mark|Manager|314-123-1234|mark.d.manager@osaaf.com|e|iowna -bdevl|Robert D. Developer|Bob|Developer|314-123-1235|bob.d.develper@osaaf.com|e|mmanager -mmarket|Mary D. Marketer|Mary|Marketer|314-123-1236|mary.d.marketer@osaaf.com|e|mmanager -ccontra|Clarice D. Contractor|Clarice|Contractor|314-123-1237|clarice.d.contractor@osaaf.com|c|mmanager -iretired|Ira Lee M. Retired|Ira|Retired|314-123-1238|clarice.d.contractor@osaaf.com|n|mmanager -osaaf|ID of AAF|||||a|bdevl -m99751|ID of AAF|||||a|bdevl -m99501|ID of AAF|||||a|bdevl diff --git a/resources/config/aaf-cs-data/ecomp.cql b/resources/config/aaf-cs-data/ecomp.cql deleted file mode 100644 index 6fddf65..0000000 --- a/resources/config/aaf-cs-data/ecomp.cql +++ /dev/null @@ -1,169 +0,0 @@ -USE authz; - -// Create Root pass -INSERT INTO cred (id,ns,type,cred,expires) - VALUES ('dgl@openecomp.org','org.openecomp',1,0xab3831f27b39d7a039f9a92aa2bbfe51,'2020-12-31'); - -INSERT INTO cred (id,ns,type,cred,expires) - VALUES ('m99751@dmaapBC.openecomp.org','org.openecomp.dmaapBC',1,0xab3831f27b39d7a039f9a92aa2bbfe51,'2020-12-31'); - -INSERT INTO cred (id,ns,type,cred,expires) - VALUES ('m99501@dmaapBC.openecomp.org','org.openecomp.dmaapBC',1,0xab3831f27b39d7a039f9a92aa2bbfe51,'2020-12-31'); - - -// Create 'com' root NS -INSERT INTO ns (name,scope,description,parent,type) - VALUES('com',1,'Root Namespace',null,1); - -INSERT INTO role(ns, name, perms, description) - VALUES('com','admin',{'com.access|*|*'},'Com Admins'); - -INSERT INTO role(ns, name, perms, description) - VALUES('com','owner',{'com.access|*|read'},'Com Owners'); - -INSERT INTO perm(ns, type, instance, action, roles, description) - VALUES ('com','access','*','read',{'com.owner'},'Com Read Access'); - -INSERT INTO perm(ns, type, instance, action, roles, description) - VALUES ('com','access','*','*',{'com.admin'},'Com Write Access'); - -INSERT INTO user_role(user,role,expires,ns,rname) - VALUES ('dgl@openecomp.org','com.owner','2020-12-31','com','owner'); - -INSERT INTO user_role(user,role,expires,ns,rname) - VALUES ('dgl@openecomp.org','com.admin','2020-12-31','com','admin'); - -// Create org root NS -INSERT INTO ns (name,scope,description,parent,type) - VALUES('org',1,'Root Namespace Org',null,1); - -INSERT INTO ns (name,scope,description,parent,type) - VALUES('org.openecomp.dcae',3,'DCAE Namespace Org','org.openecomp',3); - -INSERT INTO ns (name,scope,description,parent,type) - VALUES('org.openecomp.dmaapBC',3,'DMaaP BC Namespace Org','org.openecomp',3); - -INSERT INTO role(ns, name, perms, description) - VALUES('org','admin',{'org.access|*|*'},'Com Admins'); - -INSERT INTO role(ns, name, perms, description) - VALUES('org','owner',{'org.access|*|read'},'Com Owners'); - -INSERT INTO perm(ns, type, instance, action, roles, description) - VALUES ('org','access','*','read',{'org.owner'},'Com Read Access'); - -INSERT INTO perm(ns, type, instance, action, roles, description) - VALUES ('org','access','*','*',{'org.admin'},'Com Write Access'); - -INSERT INTO user_role(user,role,expires,ns,rname) - VALUES ('dgl@openecomp.org','org.owner','2020-12-31','org','owner'); - -INSERT INTO user_role(user,role,expires,ns,rname) - VALUES ('dgl@openecomp.org','org.admin','2020-12-31','org','admin'); - - -// Create com.att - -INSERT INTO ns (name,scope,description,parent,type) - VALUES('com.att',2,'AT&T Namespace','com',2); - -INSERT INTO role(ns, name, perms,description) - VALUES('com.att','admin',{'com.att.access|*|*'},'AT&T Admins'); - -INSERT INTO role(ns, name, perms,description) - VALUES('com.att','owner',{'com.att.access|*|read'},'AT&T Owners'); - -INSERT INTO perm(ns, type, instance, action, roles,description) - VALUES ('com.att','access','*','read',{'com.att.owner'},'AT&T Read Access'); - -INSERT INTO perm(ns, type, instance, action, roles,description) - VALUES ('com.att','access','*','*',{'com.att.admin'},'AT&T Write Access'); - -INSERT INTO user_role(user,role,expires,ns,rname) - VALUES ('dgl@openecomp.org','com.att.owner','2020-12-31','com.att','owner'); - -INSERT INTO user_role(user,role,expires,ns,rname) - VALUES ('dgl@openecomp.org','com.att.admin','2020-12-31','com.att','admin'); - -// Create com.att.aaf - -INSERT INTO ns (name,scope,description,parent,type) - VALUES('com.att.aaf',3,'Application Authorization Framework','com.att',3); - -INSERT INTO role(ns, name, perms, description) - VALUES('com.att.aaf','admin',{'com.att.aaf.access|*|*'},'AAF Admins'); - -INSERT INTO role(ns, name, perms, description) - VALUES('com.att.aaf','owner',{'com.att.aaf.access|*|read'},'AAF Owners'); - -INSERT INTO perm(ns, type, instance, action, roles, description) - VALUES ('com.att.aaf','access','*','read',{'com.att.aaf.owner'},'AAF Read Access'); - -INSERT INTO perm(ns, type, instance, action, roles, description) - VALUES ('com.att.aaf','access','*','*',{'com.att.aaf.admin'},'AAF Write Access'); - -INSERT INTO user_role(user,role,expires,ns,rname) - VALUES ('dgl@openecomp.org','com.att.aaf.admin','2020-12-31','com.att.aaf','admin'); -INSERT INTO user_role(user,role,expires,ns,rname) - VALUES ('dgl@openecomp.org','com.att.aaf.owner','2020-12-31','com.att.aaf','owner'); - - -// Create org.openecomp -INSERT INTO ns (name,scope,description,parent,type) - VALUES('org.openecomp',2,'Open EComp NS','com.att',2); - -INSERT INTO role(ns, name, perms, description) - VALUES('org.openecomp','admin',{'org.openecomp.access|*|*'},'OpenEcomp Admins'); - -INSERT INTO role(ns, name, perms, description) - VALUES('org.openecomp','owner',{'org.openecomp.access|*|read'},'OpenEcomp Owners'); - -INSERT INTO perm(ns, type, instance, action, roles, description) - VALUES ('org.openecomp','access','*','read',{'org.openecomp.owner'},'OpenEcomp Read Access'); - -INSERT INTO perm(ns, type, instance, action, roles, description) - VALUES ('org.openecomp','access','*','*',{'org.openecomp.admin'},'OpenEcomp Write Access'); - -INSERT INTO user_role(user,role,expires,ns,rname) - VALUES ('dgl@openecomp.org','org.openecomp.admin','2020-12-31','org.openecomp','admin'); - -// Create org.openecomp.dmaapBC - -INSERT INTO ns (name,scope,description,parent,type) - VALUES('org.openecomp.dmaapBC',3,'Application Authorization Framework','org.openecomp',3); - -//INSERT INTO role(ns, name, perms, description) -// VALUES('org.openecomp.dmaapBC','admin',{'org.openecomp.dmaapBC.access|*|*'},'AAF Admins'); - -INSERT INTO role(ns, name, perms, description) -VALUES('org.openecomp.dmaapBC','admin',{'org.openecomp.dmaapBC.access|*|*','org.openecomp.dmaapBC.topicFactory|:org.openecomp.dmaapBC.topic:org.openecomp.dmaapBC|create','org.openecomp.dmaapBC.mr.topic|:topic.org.openecomp.dmaapBC.newtopic|sub','org.openecomp.dmaapBC.mr.topic|:topic.org.openecomp.dmaapBC.newtopic|pub'},'AAF Admins'); - -//INSERT INTO role(ns, name, perms, description) -//VALUES('org.openecomp.dmaapBC','admin',{'org.openecomp.dmaapBC.access|*|*','org.openecomp.dmaapBC.mr.topic|:topic.org.openecomp.dmaapBC.newtopic|sub'},'AAF Admins'); - -//INSERT INTO role(ns, name, perms, description) -//VALUES('org.openecomp.dmaapBC','admin',{'org.openecomp.dmaapBC.access|*|*','org.openecomp.dmaapBC.mr.topic|:topic.org.openecomp.dmaapBC.newtopic|pub'},'AAF Admins'); - - - -INSERT INTO role(ns, name, perms, description) - VALUES('org.openecomp.dmaapBC','owner',{'org.openecomp.dmaapBC.access|*|read'},'AAF Owners'); - -INSERT INTO perm(ns, type, instance, action, roles, description) - VALUES ('org.openecomp.dmaapBC','access','*','read',{'org.openecomp.dmaapBC.owner'},'AAF Read Access'); - -INSERT INTO perm(ns, type, instance, action, roles, description) - VALUES ('org.openecomp.dmaapBC','access','*','*',{'org.openecomp.dmaapBC.admin'},'AAF Write Access'); - -INSERT INTO user_role(user,role,expires,ns,rname) - VALUES ('dgl@openecomp.org','org.openecomp.dmaapBC.admin','2020-12-31','org.openecomp.dmaapBC','admin'); -INSERT INTO user_role(user,role,expires,ns,rname) - VALUES ('dgl@openecomp.org','org.openecomp.dmaapBC.owner','2020-12-31','org.openecomp.dmaapBC','owner'); -INSERT INTO user_role(user,role,expires,ns,rname) - VALUES ('m99751@dmaapBC.openecomp.org','org.openecomp.dmaapBC.admin','2020-12-31','org.openecomp.dmaapBC','admin'); -INSERT INTO user_role(user,role,expires,ns,rname) - VALUES ('m99751@dmaapBC.openecomp.org','org.openecomp.dmaapBC.owner','2020-12-31','org.openecomp.dmaapBC','owner'); -INSERT INTO user_role(user,role,expires,ns,rname) - VALUES ('m99501@dmaapBC.openecomp.org','org.openecomp.dmaapBC.admin','2020-12-31','org.openecomp.dmaapBC','admin'); -INSERT INTO user_role(user,role,expires,ns,rname) - VALUES ('m99501@dmaapBC.openecomp.org','org.openecomp.dmaapBC.owner','2020-12-31','org.openecomp.dmaapBC','owner'); diff --git a/resources/config/aaf-cs-data/identities.dat b/resources/config/aaf-cs-data/identities.dat deleted file mode 100644 index 98bf99a..0000000 --- a/resources/config/aaf-cs-data/identities.dat +++ /dev/null @@ -1,7 +0,0 @@ -iowna|Ima D. Owner|Ima|Owner|314-123-2000|ima.d.owner@osaaf.com|e| -mmanager|Mark D. Manager|Mark|Manager|314-123-1234|mark.d.manager@osaaf.com|e|iowna -bdevl|Robert D. Developer|Bob|Developer|314-123-1235|bob.d.develper@osaaf.com|e|mmanager -mmarket|Mary D. Marketer|Mary|Marketer|314-123-1236|mary.d.marketer@osaaf.com|e|mmanager -ccontra|Clarice D. Contractor|Clarice|Contractor|314-123-1237|clarice.d.contractor@osaaf.com|c|mmanager -iretired|Ira Lee M. Retired|Ira|Retired|314-123-1238|clarice.d.contractor@osaaf.com|n|mmanager -osaaf|ID of AAF|||||a|bdevl diff --git a/resources/config/aaf-cs-data/identities.idx b/resources/config/aaf-cs-data/identities.idx deleted file mode 100644 index 78fc0a5..0000000 Binary files a/resources/config/aaf-cs-data/identities.idx and /dev/null differ diff --git a/resources/config/aaf-cs-data/init.cql b/resources/config/aaf-cs-data/init.cql deleted file mode 100644 index 81700f8..0000000 --- a/resources/config/aaf-cs-data/init.cql +++ /dev/null @@ -1,242 +0,0 @@ -// For Developer Machine single instance -// -CREATE KEYSPACE authz -WITH REPLICATION = {'class' : 'SimpleStrategy','replication_factor':1}; -// -// From Ravi, 6-17-2014. User for DEVL->TEST -// -// CREATE KEYSPACE authz WITH replication = { 'class': 'NetworkTopologyStrategy', 'HYWRCA02': '2', 'BRHMALDC': '2' }; -// -// PROD -// -// CREATE KEYSPACE authz WITH replication = {'class': 'NetworkTopologyStrategy','ALPSGACT': '2','STLSMORC': '2','BRHMALDC': '2' }; -// -// create user authz with password '' superuser; -// grant all on keyspace authz to authz; -// -// For TEST (aaf_test) -// CREATE KEYSPACE authz WITH replication = { 'class': 'NetworkTopologyStrategy', 'BRHMALDC': '1' }; -// -// DEVL -// CREATE KEYSPACE authz WITH replication = {'class': 'NetworkTopologyStrategy','STLSMORC': '2' }; -// -// TEST / PERF -// CREATE KEYSPACE authz WITH replication = {'class': 'NetworkTopologyStrategy','STLSMORC': '3','KGMTNC20': '3' }; -// -// IST -// CREATE KEYSPACE authz WITH replication = {'class': 'NetworkTopologyStrategy','STLSMORC':'3', -// 'DLLSTXCF':'3','KGMTNC20':'3','SFLDMIBB':'3','HYWRCA02':'3' }; -// -// with 6 localized with ccm -// CREATE KEYSPACE authz WITH replication = { 'class': 'NetworkTopologyStrategy', 'dc1': '2', 'dc2': '2' }; -// - -USE authz; - -// -// CORE Table function -// - -// Namespace - establish hierarchical authority to modify -// Permissions and Roles -// "scope" is flag to determine Policy. Typical important scope -// is "company" (1) -CREATE TABLE ns ( - name varchar, - scope int, // deprecated 2.0.11 - description varchar, - parent varchar, - type int, - PRIMARY KEY (name) -); -CREATE INDEX ns_parent on ns(parent); - - -// Oct 2015, not performant. Made Owner and Attrib first class Roles, -// April, 2015. Originally, the plan was to utilize Cassandra 2.1.2, however, other team's preferences were to remain at current levels. -// Therefore, we are taking the separate table approach. (coder Jeremiah Rohwedder) -// We had dropped this by making first class objects of Responsible (Owner) and Admin. We need this again to mark namespaces -// as having certain tools, like SWM, etc. -CREATE TABLE ns_attrib ( - ns varchar, - key varchar, - value varchar, - PRIMARY KEY (ns,key) -); -create index ns_attrib_key on ns_attrib(key); - -// Will be cached -CREATE TABLE role ( - ns varchar, - name varchar, - perms set, // Use "Key" of "name|type|action" - description varchar, - PRIMARY KEY (ns,name) -); -CREATE INDEX role_name ON role(name); - -// Will be cached -CREATE TABLE perm ( - ns varchar, - type varchar, - instance varchar, - action varchar, - roles set, // Need to find Roles given Permissions - description varchar, - PRIMARY KEY (ns,type,instance,action) -); - -// This table is user for Authorization -CREATE TABLE user_role ( - user varchar, - role varchar, // deprecated: change to ns/rname after 2.0.11 - ns varchar, - rname varchar, - expires timestamp, - PRIMARY KEY(user,role) - ); -CREATE INDEX user_role_ns ON user_role(ns); -CREATE INDEX user_role_role ON user_role(role); - -// This table is only for the case where return User Credential (MechID) Authentication -CREATE TABLE cred ( - id varchar, - type int, - expires timestamp, - ns varchar, - other int, - notes varchar, - cred blob, - prev blob, - PRIMARY KEY (id,type,expires) - ); -CREATE INDEX cred_ns ON cred(ns); - -// Certificate Cross Table -// coordinated with CRED type 2 -CREATE TABLE cert ( - fingerprint blob, - id varchar, - x500 varchar, - expires timestamp, - PRIMARY KEY (fingerprint) - ); -CREATE INDEX cert_id ON cert(id); -CREATE INDEX cert_x500 ON cert(x500); - -CREATE TABLE notify ( - user text, - type int, - last timestamp, - checksum int, - PRIMARY KEY (user,type) -); - -CREATE TABLE x509 ( - ca text, - serial blob, - id text, - x500 text, - x509 text, - PRIMARY KEY (ca,serial) -); - - -CREATE INDEX x509_id ON x509 (id); -CREATE INDEX x509_x500 ON x509 (x500); - -// -// Deployment Artifact (for Certman) -// -CREATE TABLE artifact ( - mechid text, - machine text, - type Set, - sponsor text, - ca text, - dir text, - appName text, - os_user text, - notify text, - expires timestamp, - renewDays int, - PRIMARY KEY (mechid,machine) -); -CREATE INDEX artifact_machine ON artifact(machine); - -// -// Non-Critical Table functions -// -// Table Info - for Caching -CREATE TABLE cache ( - name varchar, - seg int, // cache Segment - touched timestamp, - PRIMARY KEY(name,seg) -); - -CREATE TABLE history ( - id timeuuid, - yr_mon int, - user varchar, - action varchar, - target varchar, // user, user_role, - subject varchar, // field for searching main portion of target key - memo varchar, //description of the action - reconstruct blob, //serialized form of the target - // detail Map, // additional information - PRIMARY KEY (id) -); -CREATE INDEX history_yr_mon ON history(yr_mon); -CREATE INDEX history_user ON history(user); -CREATE INDEX history_subject ON history(subject); - -// -// A place to hold objects to be created at a future time. -// -CREATE TABLE future ( - id uuid, // uniquify - target varchar, // Target Table - memo varchar, // Description - start timestamp, // When it should take effect - expires timestamp, // When not longer valid - construct blob, // How to construct this object (like History) - PRIMARY KEY(id) -); -CREATE INDEX future_idx ON future(target); -CREATE INDEX future_start_idx ON future(start); - - -CREATE TABLE approval ( - id timeuuid, // unique Key - ticket uuid, // Link to Future Record - user varchar, // the user who needs to be approved - approver varchar, // user approving - type varchar, // approver types i.e. Supervisor, Owner - status varchar, // approval status. pending, approved, denied - memo varchar, // Text for Approval to know what's going on - operation varchar, // List operation to perform - PRIMARY KEY(id) - ); -CREATE INDEX appr_approver_idx ON approval(approver); -CREATE INDEX appr_user_idx ON approval(user); -CREATE INDEX appr_ticket_idx ON approval(ticket); -CREATE INDEX appr_status_idx ON approval(status); - -CREATE TABLE delegate ( - user varchar, - delegate varchar, - expires timestamp, - PRIMARY KEY (user) -); -CREATE INDEX delg_delg_idx ON delegate(delegate); - -// -// Used by authz-batch processes to ensure only 1 runs at a time -// -CREATE TABLE run_lock ( - class text, - host text, - start timestamp, - PRIMARY KEY ((class)) -); diff --git a/resources/config/aaf-data/identities.dat b/resources/config/aaf-data/identities.dat new file mode 100644 index 0000000..95eb51d --- /dev/null +++ b/resources/config/aaf-data/identities.dat @@ -0,0 +1,9 @@ +iowna|Ima D. Owner|Ima|Owner|314-123-2000|ima.d.owner@osaaf.com|e| +mmanager|Mark D. Manager|Mark|Manager|314-123-1234|mark.d.manager@osaaf.com|e|iowna +bdevl|Robert D. Developer|Bob|Developer|314-123-1235|bob.d.develper@osaaf.com|e|mmanager +mmarket|Mary D. Marketer|Mary|Marketer|314-123-1236|mary.d.marketer@osaaf.com|e|mmanager +ccontra|Clarice D. Contractor|Clarice|Contractor|314-123-1237|clarice.d.contractor@osaaf.com|c|mmanager +iretired|Ira Lee M. Retired|Ira|Retired|314-123-1238|clarice.d.contractor@osaaf.com|n|mmanager +osaaf|ID of AAF|||||a|bdevl +m99751|ID of AAF|||||a|bdevl +m99501|ID of AAF|||||a|bdevl -- cgit 1.2.3-korg From faa0c9cd583e97af349aa8ecbbac93638185b373 Mon Sep 17 00:00:00 2001 From: Kiran Kamineni Date: Fri, 6 Apr 2018 15:42:40 -0700 Subject: Using .values.service.name for service URL Use .values.service.name to get the service URL prefix Using common.namepace was an error Issue-ID: AAF-162 Change-Id: I11daa933b9f3a767aea7eac512bd09f4589fcde5 Signed-off-by: Kiran Kamineni --- charts/sms/charts/vault/templates/service.yaml | 2 +- charts/sms/charts/vault/values.yaml | 2 +- charts/sms/templates/deployment.yaml | 3 --- charts/sms/templates/service.yaml | 2 +- charts/sms/values.yaml | 4 ++-- 5 files changed, 5 insertions(+), 8 deletions(-) diff --git a/charts/sms/charts/vault/templates/service.yaml b/charts/sms/charts/vault/templates/service.yaml index cb2f286..1ba8580 100644 --- a/charts/sms/charts/vault/templates/service.yaml +++ b/charts/sms/charts/vault/templates/service.yaml @@ -15,7 +15,7 @@ apiVersion: v1 kind: Service metadata: - name: {{ include "common.fullname" . }} + name: {{ .Values.service.name }} namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.fullname" . }} diff --git a/charts/sms/charts/vault/values.yaml b/charts/sms/charts/vault/values.yaml index c65e6e1..331bc43 100644 --- a/charts/sms/charts/vault/values.yaml +++ b/charts/sms/charts/vault/values.yaml @@ -85,7 +85,7 @@ persistence: service: type: NodePort - name: vault + name: aaf-sms-db internalPort: 8200 nodePort: 44 diff --git a/charts/sms/templates/deployment.yaml b/charts/sms/templates/deployment.yaml index 66c649c..e5381a0 100644 --- a/charts/sms/templates/deployment.yaml +++ b/charts/sms/templates/deployment.yaml @@ -36,9 +36,6 @@ spec: imagePullPolicy: {{ .Values.pullPolicy }} command: ["/sms/bin/sms"] workingDir: /sms/ - env: - - name: {{ .Values.config.smsdburlenv }} - value: "http://{{ include "common.namespace" . }}-smsdb:8200" ports: - containerPort: {{ .Values.service.internalPort }} {{- if eq .Values.liveness.enabled true }} diff --git a/charts/sms/templates/service.yaml b/charts/sms/templates/service.yaml index cb2f286..1ba8580 100644 --- a/charts/sms/templates/service.yaml +++ b/charts/sms/templates/service.yaml @@ -15,7 +15,7 @@ apiVersion: v1 kind: Service metadata: - name: {{ include "common.fullname" . }} + name: {{ .Values.service.name }} namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.fullname" . }} diff --git a/charts/sms/values.yaml b/charts/sms/values.yaml index 3db9b9a..92ef2ac 100644 --- a/charts/sms/values.yaml +++ b/charts/sms/values.yaml @@ -37,7 +37,7 @@ debugEnabled: false # application configuration # Example: config: - smsdburlenv: "SMSDB_URL" + smsdbaddress: "http://aaf-sms-db:8200" cafile: "/sms/auth/selfsignedca.pem" servercert: "/sms/auth/server.cert" serverkey: "/sms/auth/server.key" @@ -68,7 +68,7 @@ readiness: service: type: NodePort - name: sms + name: aaf-sms internalPort: 10443 nodePort: 43 -- cgit 1.2.3-korg From a337552ff2e3a286915162478f4bb075ce4fa519 Mon Sep 17 00:00:00 2001 From: BorislavG Date: Sun, 15 Apr 2018 11:55:39 +0000 Subject: Update readiness-check version Readiness check version is not sinchronized in many pods This causing deployment failures. Issue-ID: OOM-936 Change-Id: Ieef91df17836adcdf24db536440d0a1624a50591 Signed-off-by: BorislavG --- charts/sms/values.yaml | 2 +- values.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/sms/values.yaml b/charts/sms/values.yaml index 92ef2ac..0c537c5 100644 --- a/charts/sms/values.yaml +++ b/charts/sms/values.yaml @@ -19,7 +19,7 @@ global: nodePortPrefix: 302 repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== readinessRepository: oomk8s - readinessImage: readiness-check:1.1.1 + readinessImage: readiness-check:2.0.0 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 diff --git a/values.yaml b/values.yaml index ffdfaa5..5f23100 100644 --- a/values.yaml +++ b/values.yaml @@ -19,7 +19,7 @@ global: nodePortPrefix: 302 repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== readinessRepository: oomk8s - readinessImage: readiness-check:1.1.0 + readinessImage: readiness-check:2.0.0 # If mountPath is over NFS (e.g. /dockerdata-nfs is NFS mounted between the nodes), uncomment following lines. # persistence: -- cgit 1.2.3-korg From 3ca39179f090b4e1fcdebdcd64c8b39bbb7135d3 Mon Sep 17 00:00:00 2001 From: BorislavG Date: Tue, 24 Apr 2018 07:56:27 +0000 Subject: Make all services independent of helm Release.Name Issue-ID: OOM-906 Change-Id: Ic65127d3981cb0a696c784392cab59fbf06b1e66 Signed-off-by: BorislavG --- charts/aaf-cs/templates/service.yaml | 2 +- charts/sms/charts/vault/templates/service.yaml | 4 ++-- charts/sms/charts/vault/values.yaml | 1 + charts/sms/templates/service.yaml | 4 ++-- charts/sms/values.yaml | 1 + templates/service.yaml | 2 +- 6 files changed, 8 insertions(+), 6 deletions(-) diff --git a/charts/aaf-cs/templates/service.yaml b/charts/aaf-cs/templates/service.yaml index facf3ce..2e4a619 100644 --- a/charts/aaf-cs/templates/service.yaml +++ b/charts/aaf-cs/templates/service.yaml @@ -15,7 +15,7 @@ apiVersion: v1 kind: Service metadata: - name: {{ include "common.fullname" . }} + name: {{ include "common.servicename" . }} namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} diff --git a/charts/sms/charts/vault/templates/service.yaml b/charts/sms/charts/vault/templates/service.yaml index 1ba8580..18334a3 100644 --- a/charts/sms/charts/vault/templates/service.yaml +++ b/charts/sms/charts/vault/templates/service.yaml @@ -15,7 +15,7 @@ apiVersion: v1 kind: Service metadata: - name: {{ .Values.service.name }} + name: {{ include "common.servicename" . }} namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.fullname" . }} @@ -25,7 +25,7 @@ metadata: spec: type: {{ .Values.service.type }} ports: - - name: {{ .Values.service.name }} + - name: {{ .Values.service.PortName }} {{if eq .Values.service.type "NodePort" -}} port: {{ .Values.service.internalPort }} nodePort: {{ .Values.global.nodePortPrefix | default "302" }}{{ .Values.service.nodePort }} diff --git a/charts/sms/charts/vault/values.yaml b/charts/sms/charts/vault/values.yaml index 331bc43..2bce181 100644 --- a/charts/sms/charts/vault/values.yaml +++ b/charts/sms/charts/vault/values.yaml @@ -86,6 +86,7 @@ persistence: service: type: NodePort name: aaf-sms-db + portName: aaf-sms-db internalPort: 8200 nodePort: 44 diff --git a/charts/sms/templates/service.yaml b/charts/sms/templates/service.yaml index 1ba8580..04e9a5a 100644 --- a/charts/sms/templates/service.yaml +++ b/charts/sms/templates/service.yaml @@ -15,7 +15,7 @@ apiVersion: v1 kind: Service metadata: - name: {{ .Values.service.name }} + name: {{ include "common.servicename" . }} namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.fullname" . }} @@ -25,7 +25,7 @@ metadata: spec: type: {{ .Values.service.type }} ports: - - name: {{ .Values.service.name }} + - name: {{ .Values.service.portName }} {{if eq .Values.service.type "NodePort" -}} port: {{ .Values.service.internalPort }} nodePort: {{ .Values.global.nodePortPrefix | default "302" }}{{ .Values.service.nodePort }} diff --git a/charts/sms/values.yaml b/charts/sms/values.yaml index 0c537c5..05d4e79 100644 --- a/charts/sms/values.yaml +++ b/charts/sms/values.yaml @@ -69,6 +69,7 @@ readiness: service: type: NodePort name: aaf-sms + portName: aaf-sms internalPort: 10443 nodePort: 43 diff --git a/templates/service.yaml b/templates/service.yaml index 3f6e1f0..587e07a 100644 --- a/templates/service.yaml +++ b/templates/service.yaml @@ -15,7 +15,7 @@ apiVersion: v1 kind: Service metadata: - name: {{ include "common.fullname" . }} + name: {{ include "common.servicename" . }} namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} -- cgit 1.2.3-korg From d635bdb06f30d243d0a2bfba82f68273143b5e85 Mon Sep 17 00:00:00 2001 From: Kiran Kamineni Date: Mon, 9 Apr 2018 10:14:32 -0700 Subject: Adding Quorum client sub chart for sms SMS uses vault for its backend which needs an unseal operation to proceed. Quorumclient provides the unseal operation via 3 replicas that store each unseal shard and provide it during unseal. Issue-ID: AAF-255 Change-Id: I62db7a450e1e81aa6bfb2cc5b9da29ce99efd24b Signed-off-by: Kiran Kamineni --- charts/aaf-sms/Chart.yaml | 18 ++++ .../aaf-sms/charts/aaf-sms-quorumclient/Chart.yaml | 18 ++++ .../aaf-sms-quorumclient/templates/configmap.yaml | 27 +++++ .../charts/aaf-sms-quorumclient/templates/pv.yaml | 37 +++++++ .../charts/aaf-sms-quorumclient/templates/pvc.yaml | 48 +++++++++ .../templates/statefulset.yaml | 70 +++++++++++++ .../charts/aaf-sms-quorumclient/values.yaml | 83 +++++++++++++++ charts/aaf-sms/charts/aaf-sms-vault/Chart.yaml | 19 ++++ .../charts/aaf-sms-vault/templates/configmap.yaml | 41 ++++++++ .../aaf-sms/charts/aaf-sms-vault/templates/pv.yaml | 37 +++++++ .../charts/aaf-sms-vault/templates/pvc.yaml | 48 +++++++++ .../charts/aaf-sms-vault/templates/service.yaml | 39 +++++++ .../aaf-sms-vault/templates/statefulset.yaml | 78 ++++++++++++++ charts/aaf-sms/charts/aaf-sms-vault/values.yaml | 111 ++++++++++++++++++++ charts/aaf-sms/templates/configmap.yaml | 27 +++++ charts/aaf-sms/templates/deployment.yaml | 83 +++++++++++++++ charts/aaf-sms/templates/pv.yaml | 37 +++++++ charts/aaf-sms/templates/pvc.yaml | 48 +++++++++ charts/aaf-sms/templates/service.yaml | 39 +++++++ charts/aaf-sms/values.yaml | 105 +++++++++++++++++++ charts/sms/Chart.yaml | 18 ---- charts/sms/charts/vault/Chart.yaml | 19 ---- charts/sms/charts/vault/templates/configmap.yaml | 41 -------- charts/sms/charts/vault/templates/pv.yaml | 37 ------- charts/sms/charts/vault/templates/pvc.yaml | 48 --------- charts/sms/charts/vault/templates/service.yaml | 39 ------- charts/sms/charts/vault/templates/statefulset.yaml | 78 -------------- charts/sms/charts/vault/values.yaml | 113 --------------------- charts/sms/templates/configmap.yaml | 27 ----- charts/sms/templates/deployment.yaml | 78 -------------- charts/sms/templates/service.yaml | 39 ------- charts/sms/values.yaml | 96 ----------------- 32 files changed, 1013 insertions(+), 633 deletions(-) create mode 100644 charts/aaf-sms/Chart.yaml create mode 100644 charts/aaf-sms/charts/aaf-sms-quorumclient/Chart.yaml create mode 100644 charts/aaf-sms/charts/aaf-sms-quorumclient/templates/configmap.yaml create mode 100644 charts/aaf-sms/charts/aaf-sms-quorumclient/templates/pv.yaml create mode 100644 charts/aaf-sms/charts/aaf-sms-quorumclient/templates/pvc.yaml create mode 100644 charts/aaf-sms/charts/aaf-sms-quorumclient/templates/statefulset.yaml create mode 100644 charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml create mode 100644 charts/aaf-sms/charts/aaf-sms-vault/Chart.yaml create mode 100644 charts/aaf-sms/charts/aaf-sms-vault/templates/configmap.yaml create mode 100644 charts/aaf-sms/charts/aaf-sms-vault/templates/pv.yaml create mode 100644 charts/aaf-sms/charts/aaf-sms-vault/templates/pvc.yaml create mode 100644 charts/aaf-sms/charts/aaf-sms-vault/templates/service.yaml create mode 100644 charts/aaf-sms/charts/aaf-sms-vault/templates/statefulset.yaml create mode 100644 charts/aaf-sms/charts/aaf-sms-vault/values.yaml create mode 100644 charts/aaf-sms/templates/configmap.yaml create mode 100644 charts/aaf-sms/templates/deployment.yaml create mode 100644 charts/aaf-sms/templates/pv.yaml create mode 100644 charts/aaf-sms/templates/pvc.yaml create mode 100644 charts/aaf-sms/templates/service.yaml create mode 100644 charts/aaf-sms/values.yaml delete mode 100644 charts/sms/Chart.yaml delete mode 100644 charts/sms/charts/vault/Chart.yaml delete mode 100644 charts/sms/charts/vault/templates/configmap.yaml delete mode 100644 charts/sms/charts/vault/templates/pv.yaml delete mode 100644 charts/sms/charts/vault/templates/pvc.yaml delete mode 100644 charts/sms/charts/vault/templates/service.yaml delete mode 100644 charts/sms/charts/vault/templates/statefulset.yaml delete mode 100644 charts/sms/charts/vault/values.yaml delete mode 100644 charts/sms/templates/configmap.yaml delete mode 100644 charts/sms/templates/deployment.yaml delete mode 100644 charts/sms/templates/service.yaml delete mode 100644 charts/sms/values.yaml diff --git a/charts/aaf-sms/Chart.yaml b/charts/aaf-sms/Chart.yaml new file mode 100644 index 0000000..7141875 --- /dev/null +++ b/charts/aaf-sms/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: ONAP Secret Management Service +name: aaf-sms +version: 2.0.0 diff --git a/charts/aaf-sms/charts/aaf-sms-quorumclient/Chart.yaml b/charts/aaf-sms/charts/aaf-sms-quorumclient/Chart.yaml new file mode 100644 index 0000000..4e279e7 --- /dev/null +++ b/charts/aaf-sms/charts/aaf-sms-quorumclient/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: ONAP Secret Management Service Quorum Client +name: aaf-sms-quorumclient +version: 2.0.0 diff --git a/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/configmap.yaml b/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/configmap.yaml new file mode 100644 index 0000000..cacc368 --- /dev/null +++ b/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/configmap.yaml @@ -0,0 +1,27 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: + config.json: | + {{ .Values.config | toJson }} diff --git a/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/pv.yaml b/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/pv.yaml new file mode 100644 index 0000000..da09498 --- /dev/null +++ b/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/pv.yaml @@ -0,0 +1,37 @@ +{{/* +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} +spec: + capacity: + storage: {{ .Values.persistence.size}} + accessModes: + - {{ .Values.persistence.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} +{{- end -}} diff --git a/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/pvc.yaml b/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/pvc.yaml new file mode 100644 index 0000000..e6aacd1 --- /dev/null +++ b/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/pvc.yaml @@ -0,0 +1,48 @@ +{{/* +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + selector: + matchLabels: + name: {{ include "common.fullname" . }} + accessModes: + - {{ .Values.persistence.accessMode }} + resources: + requests: + storage: {{ .Values.persistence.size }} +{{- if .Values.persistence.storageClass }} +{{- if (eq "-" .Values.persistence.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.storageClass }}" +{{- end }} +{{- end }} +{{- end -}} diff --git a/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/statefulset.yaml b/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/statefulset.yaml new file mode 100644 index 0000000..483d6c5 --- /dev/null +++ b/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/statefulset.yaml @@ -0,0 +1,70 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: apps/v1beta1 +kind: StatefulSet +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + serviceName: + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + containers: + - image: "{{ include "common.repository" . }}/{{ .Values.image }}" + name: {{ include "common.name" . }} + imagePullPolicy: {{ .Values.pullPolicy }} + command: ["/quorumclient/bin/quorumclient"] + workingDir: /quorumclient/ + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /quorumclient/config.json + name: {{ include "common.name" .}} + subPath: config.json + - mountPath: /quorumclient/auth + name: {{ include "common.fullname" . }}-auth + resources: +{{ toYaml .Values.resources | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name : {{ include "common.name" . }} + configMap: + name: {{ include "common.fullname" . }} + - name: {{ include "common.fullname" . }}-auth + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml b/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml new file mode 100644 index 0000000..d09d492 --- /dev/null +++ b/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml @@ -0,0 +1,83 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== + readinessRepository: oomk8s + readinessImage: readiness-check:1.1.1 + loggingRepository: docker.elastic.co + loggingImage: beats/filebeat:5.5.0 + persistence: {} + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/aaf/smsquorumclient +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration +# Example: +config: + url: "http://aaf-sms:10443" + cafile: "selfsignedca.pem" + clientcert: "server.cert" + clientkey: "server.key" + timeout: "60s" + disable_tls: true + +# default number of instances +replicaCount: 3 + +nodeSelector: {} + +affinity: {} + +persistence: + enabled: true + volumeReclaimPolicy: Retain + accessMode: ReadWriteOnce + size: 10Mi + mountPath: /dockerdata-nfs + mountSubPath: sms/quorum/data + +ingress: + enabled: false + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # + # Example: + # Configure resource requests and limits + # ref: http://kubernetes.io/docs/user-guide/compute-resources/ + # Minimum memory for development is 2 CPU cores and 4GB memory + # Minimum memory for production is 4 CPU cores and 8GB memory +#resources: +# limits: +# cpu: 2 +# memory: 4Gi +# requests: +# cpu: 2 +# memory: 4Gi diff --git a/charts/aaf-sms/charts/aaf-sms-vault/Chart.yaml b/charts/aaf-sms/charts/aaf-sms-vault/Chart.yaml new file mode 100644 index 0000000..3f0b93e --- /dev/null +++ b/charts/aaf-sms/charts/aaf-sms-vault/Chart.yaml @@ -0,0 +1,19 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: Chart to launch Vault as SMS backend +name: aaf-sms-vault +appVersion: 0.9.5 +version: 2.0.0 diff --git a/charts/aaf-sms/charts/aaf-sms-vault/templates/configmap.yaml b/charts/aaf-sms/charts/aaf-sms-vault/templates/configmap.yaml new file mode 100644 index 0000000..daf8cad --- /dev/null +++ b/charts/aaf-sms/charts/aaf-sms-vault/templates/configmap.yaml @@ -0,0 +1,41 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-vault + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: + config.json: | + {{ .Values.config.vault | toJson }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-consul + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: + config.json: | + {{ .Values.config.consul | toJson }} diff --git a/charts/aaf-sms/charts/aaf-sms-vault/templates/pv.yaml b/charts/aaf-sms/charts/aaf-sms-vault/templates/pv.yaml new file mode 100644 index 0000000..da09498 --- /dev/null +++ b/charts/aaf-sms/charts/aaf-sms-vault/templates/pv.yaml @@ -0,0 +1,37 @@ +{{/* +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} +spec: + capacity: + storage: {{ .Values.persistence.size}} + accessModes: + - {{ .Values.persistence.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} +{{- end -}} diff --git a/charts/aaf-sms/charts/aaf-sms-vault/templates/pvc.yaml b/charts/aaf-sms/charts/aaf-sms-vault/templates/pvc.yaml new file mode 100644 index 0000000..e6aacd1 --- /dev/null +++ b/charts/aaf-sms/charts/aaf-sms-vault/templates/pvc.yaml @@ -0,0 +1,48 @@ +{{/* +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + selector: + matchLabels: + name: {{ include "common.fullname" . }} + accessModes: + - {{ .Values.persistence.accessMode }} + resources: + requests: + storage: {{ .Values.persistence.size }} +{{- if .Values.persistence.storageClass }} +{{- if (eq "-" .Values.persistence.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.storageClass }}" +{{- end }} +{{- end }} +{{- end -}} diff --git a/charts/aaf-sms/charts/aaf-sms-vault/templates/service.yaml b/charts/aaf-sms/charts/aaf-sms-vault/templates/service.yaml new file mode 100644 index 0000000..04e9a5a --- /dev/null +++ b/charts/aaf-sms/charts/aaf-sms-vault/templates/service.yaml @@ -0,0 +1,39 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.fullname" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + - name: {{ .Values.service.portName }} + {{if eq .Values.service.type "NodePort" -}} + port: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default "302" }}{{ .Values.service.nodePort }} + {{- else -}} + port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + {{- end}} + protocol: TCP + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} diff --git a/charts/aaf-sms/charts/aaf-sms-vault/templates/statefulset.yaml b/charts/aaf-sms/charts/aaf-sms-vault/templates/statefulset.yaml new file mode 100644 index 0000000..26f0304 --- /dev/null +++ b/charts/aaf-sms/charts/aaf-sms-vault/templates/statefulset.yaml @@ -0,0 +1,78 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: apps/v1beta1 +kind: StatefulSet +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + serviceName: + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + containers: + - image: "{{ include "common.repository" . }}/{{ .Values.image.vault }}" + name: {{ include "common.name" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: ["vault","server","-config","/vault/config/config.json"] + ports: + - containerPort: {{ .Values.service.internalPort }} + volumeMounts: + - mountPath: /vault/config/config.json + name: {{ include "common.fullname" . }}-vault + subPath: config.json + - mountPath: /etc/localtime + name: localtime + readOnly: true + + - image: "{{ include "common.repository" . }}/{{ .Values.image.consul }}" + name: {{ include "common.name" . }}-backend + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: ["consul","agent","-server","-client","0.0.0.0","-bootstrap-expect=1","-config-file","/consul/config/config.json"] + ports: + - name: http + containerPort: 8500 + volumeMounts: + - mountPath: /consul/data + name: {{ include "common.fullname" . }}-consuldata + - mountPath: /consul/config/config.json + name: {{ include "common.fullname" . }}-consulconfiguration + subPath: config.json + - mountPath: /etc/localtime + name: localtime + readOnly: true + volumes: + - name: {{ include "common.fullname" . }}-consuldata + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }} + - name: {{ include "common.fullname" . }}-consulconfiguration + configMap: + name: {{ include "common.fullname" . }}-consul + - name: {{ include "common.fullname" . }}-vault + configMap: + name: {{ include "common.fullname" . }}-vault + - name: localtime + hostPath: + path: /etc/localtime + diff --git a/charts/aaf-sms/charts/aaf-sms-vault/values.yaml b/charts/aaf-sms/charts/aaf-sms-vault/values.yaml new file mode 100644 index 0000000..07b8c33 --- /dev/null +++ b/charts/aaf-sms/charts/aaf-sms-vault/values.yaml @@ -0,0 +1,111 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== + persistence: {} + +# application image +repository: docker.io +image: + consul: consul:1.0.6 + vault: vault:0.10.0 +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +################################################################# +# Application configuration defaults. +################################################################# +config: + consul: + server: true + log_level: INFO + server: true + data_dir: '/consul/data' + ports: + http: 8500 + https: -1 + + vault: + storage: + consul: + address: localhost:8500 + path: smsvault + listener: + tcp: + address: '[::]:8200' + tls_disable: true + disable_mlock: true + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + +persistence: + enabled: true + volumeReclaimPolicy: Retain + accessMode: ReadWriteOnce + size: 2Gi + mountPath: /dockerdata-nfs + mountSubPath: sms/consul/data + +service: + type: NodePort + name: aaf-sms-db + portName: aaf-sms-db + internalPort: 8200 + nodePort: 44 + +ingress: + enabled: false + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # + # Example: + # Configure resource requests and limits + # ref: http://kubernetes.io/docs/user-guide/compute-resources/ + # Minimum memory for development is 2 CPU cores and 4GB memory + # Minimum memory for production is 4 CPU cores and 8GB memory +#resources: +# limits: +# cpu: 2 +# memory: 4Gi +# requests: +# cpu: 2 +# memory: 4Gi diff --git a/charts/aaf-sms/templates/configmap.yaml b/charts/aaf-sms/templates/configmap.yaml new file mode 100644 index 0000000..72ce6fb --- /dev/null +++ b/charts/aaf-sms/templates/configmap.yaml @@ -0,0 +1,27 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: + smsconfig.json: | + {{ .Values.config | toJson }} diff --git a/charts/aaf-sms/templates/deployment.yaml b/charts/aaf-sms/templates/deployment.yaml new file mode 100644 index 0000000..4235ad0 --- /dev/null +++ b/charts/aaf-sms/templates/deployment.yaml @@ -0,0 +1,83 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + containers: + - image: "{{ include "common.repository" . }}/{{ .Values.image }}" + name: {{ include "common.name" . }} + imagePullPolicy: {{ .Values.pullPolicy }} + command: ["/sms/bin/sms"] + workingDir: /sms/ + ports: + - containerPort: {{ .Values.service.internalPort }} + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /sms/smsconfig.json + name: {{ include "common.name" .}} + subPath: smsconfig.json + - mountPath: /sms/auth + name: {{ include "common.fullname" . }}-auth + resources: +{{ toYaml .Values.resources | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name : {{ include "common.name" . }} + configMap: + name: {{ include "common.fullname" . }} + - name: {{ include "common.fullname" . }}-auth + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/charts/aaf-sms/templates/pv.yaml b/charts/aaf-sms/templates/pv.yaml new file mode 100644 index 0000000..37ed28e --- /dev/null +++ b/charts/aaf-sms/templates/pv.yaml @@ -0,0 +1,37 @@ +{{/* +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} +spec: + capacity: + storage: {{ .Values.persistence.size}} + accessModes: + - {{ .Values.persistence.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} +{{- end -}} \ No newline at end of file diff --git a/charts/aaf-sms/templates/pvc.yaml b/charts/aaf-sms/templates/pvc.yaml new file mode 100644 index 0000000..e6aacd1 --- /dev/null +++ b/charts/aaf-sms/templates/pvc.yaml @@ -0,0 +1,48 @@ +{{/* +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + selector: + matchLabels: + name: {{ include "common.fullname" . }} + accessModes: + - {{ .Values.persistence.accessMode }} + resources: + requests: + storage: {{ .Values.persistence.size }} +{{- if .Values.persistence.storageClass }} +{{- if (eq "-" .Values.persistence.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.storageClass }}" +{{- end }} +{{- end }} +{{- end -}} diff --git a/charts/aaf-sms/templates/service.yaml b/charts/aaf-sms/templates/service.yaml new file mode 100644 index 0000000..18334a3 --- /dev/null +++ b/charts/aaf-sms/templates/service.yaml @@ -0,0 +1,39 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.fullname" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + - name: {{ .Values.service.PortName }} + {{if eq .Values.service.type "NodePort" -}} + port: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default "302" }}{{ .Values.service.nodePort }} + {{- else -}} + port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + {{- end}} + protocol: TCP + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} diff --git a/charts/aaf-sms/values.yaml b/charts/aaf-sms/values.yaml new file mode 100644 index 0000000..cd32539 --- /dev/null +++ b/charts/aaf-sms/values.yaml @@ -0,0 +1,105 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + loggingRepository: docker.elastic.co + loggingImage: beats/filebeat:5.5.0 + persistence: {} + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/aaf/sms +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration +# Example: +config: + smsdbaddress: "http://aaf-sms-db:8200" + cafile: "/sms/auth/selfsignedca.pem" + servercert: "/sms/auth/server.cert" + serverkey: "/sms/auth/server.key" + disable_tls: true + +# subchart configuration +vault: + nameOverride: smsdb + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 20 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 20 + +service: + type: NodePort + name: aaf-sms + portName: aaf-sms + internalPort: 10443 + nodePort: 43 + +persistence: + enabled: true + volumeReclaimPolicy: Retain + accessMode: ReadWriteOnce + size: 1Gi + mountPath: /dockerdata-nfs + mountSubPath: sms/auth + +ingress: + enabled: false + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # + # Example: + # Configure resource requests and limits + # ref: http://kubernetes.io/docs/user-guide/compute-resources/ + # Minimum memory for development is 2 CPU cores and 4GB memory + # Minimum memory for production is 4 CPU cores and 8GB memory +#resources: +# limits: +# cpu: 2 +# memory: 4Gi +# requests: +# cpu: 2 +# memory: 4Gi diff --git a/charts/sms/Chart.yaml b/charts/sms/Chart.yaml deleted file mode 100644 index 962ef38..0000000 --- a/charts/sms/Chart.yaml +++ /dev/null @@ -1,18 +0,0 @@ -# Copyright 2018 Intel Corporation, Inc -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -description: ONAP Secret Management Service -name: sms -version: 2.0.0 diff --git a/charts/sms/charts/vault/Chart.yaml b/charts/sms/charts/vault/Chart.yaml deleted file mode 100644 index bf1af99..0000000 --- a/charts/sms/charts/vault/Chart.yaml +++ /dev/null @@ -1,19 +0,0 @@ -# Copyright 2018 Intel Corporation, Inc -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -description: Chart to launch Vault as SMS backend -name: vault -appVersion: 0.9.5 -version: 2.0.0 diff --git a/charts/sms/charts/vault/templates/configmap.yaml b/charts/sms/charts/vault/templates/configmap.yaml deleted file mode 100644 index daf8cad..0000000 --- a/charts/sms/charts/vault/templates/configmap.yaml +++ /dev/null @@ -1,41 +0,0 @@ -# Copyright 2018 Intel Corporation, Inc -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-vault - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: - config.json: | - {{ .Values.config.vault | toJson }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-consul - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: - config.json: | - {{ .Values.config.consul | toJson }} diff --git a/charts/sms/charts/vault/templates/pv.yaml b/charts/sms/charts/vault/templates/pv.yaml deleted file mode 100644 index 37ed28e..0000000 --- a/charts/sms/charts/vault/templates/pv.yaml +++ /dev/null @@ -1,37 +0,0 @@ -{{/* -# Copyright 2018 Intel Corporation, Inc -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }} -spec: - capacity: - storage: {{ .Values.persistence.size}} - accessModes: - - {{ .Values.persistence.accessMode }} - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} -{{- end -}} \ No newline at end of file diff --git a/charts/sms/charts/vault/templates/pvc.yaml b/charts/sms/charts/vault/templates/pvc.yaml deleted file mode 100644 index e6aacd1..0000000 --- a/charts/sms/charts/vault/templates/pvc.yaml +++ /dev/null @@ -1,48 +0,0 @@ -{{/* -# Copyright 2018 Intel Corporation, Inc -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" -{{- if .Values.persistence.annotations }} - annotations: -{{ toYaml .Values.persistence.annotations | indent 4 }} -{{- end }} -spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }} - accessModes: - - {{ .Values.persistence.accessMode }} - resources: - requests: - storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} -{{- end -}} diff --git a/charts/sms/charts/vault/templates/service.yaml b/charts/sms/charts/vault/templates/service.yaml deleted file mode 100644 index 18334a3..0000000 --- a/charts/sms/charts/vault/templates/service.yaml +++ /dev/null @@ -1,39 +0,0 @@ -# Copyright 2018 Intel Corporation, Inc -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.fullname" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - type: {{ .Values.service.type }} - ports: - - name: {{ .Values.service.PortName }} - {{if eq .Values.service.type "NodePort" -}} - port: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default "302" }}{{ .Values.service.nodePort }} - {{- else -}} - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - {{- end}} - protocol: TCP - selector: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} diff --git a/charts/sms/charts/vault/templates/statefulset.yaml b/charts/sms/charts/vault/templates/statefulset.yaml deleted file mode 100644 index 26f0304..0000000 --- a/charts/sms/charts/vault/templates/statefulset.yaml +++ /dev/null @@ -1,78 +0,0 @@ -# Copyright 2018 Intel Corporation, Inc -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1beta1 -kind: StatefulSet -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - replicas: {{ .Values.replicaCount }} - serviceName: - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} - spec: - containers: - - image: "{{ include "common.repository" . }}/{{ .Values.image.vault }}" - name: {{ include "common.name" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: ["vault","server","-config","/vault/config/config.json"] - ports: - - containerPort: {{ .Values.service.internalPort }} - volumeMounts: - - mountPath: /vault/config/config.json - name: {{ include "common.fullname" . }}-vault - subPath: config.json - - mountPath: /etc/localtime - name: localtime - readOnly: true - - - image: "{{ include "common.repository" . }}/{{ .Values.image.consul }}" - name: {{ include "common.name" . }}-backend - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: ["consul","agent","-server","-client","0.0.0.0","-bootstrap-expect=1","-config-file","/consul/config/config.json"] - ports: - - name: http - containerPort: 8500 - volumeMounts: - - mountPath: /consul/data - name: {{ include "common.fullname" . }}-consuldata - - mountPath: /consul/config/config.json - name: {{ include "common.fullname" . }}-consulconfiguration - subPath: config.json - - mountPath: /etc/localtime - name: localtime - readOnly: true - volumes: - - name: {{ include "common.fullname" . }}-consuldata - persistentVolumeClaim: - claimName: {{ include "common.fullname" . }} - - name: {{ include "common.fullname" . }}-consulconfiguration - configMap: - name: {{ include "common.fullname" . }}-consul - - name: {{ include "common.fullname" . }}-vault - configMap: - name: {{ include "common.fullname" . }}-vault - - name: localtime - hostPath: - path: /etc/localtime - diff --git a/charts/sms/charts/vault/values.yaml b/charts/sms/charts/vault/values.yaml deleted file mode 100644 index 2bce181..0000000 --- a/charts/sms/charts/vault/values.yaml +++ /dev/null @@ -1,113 +0,0 @@ -# Copyright 2018 Intel Corporation, Inc -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration defaults. -################################################################# -global: - nodePortPrefix: 302 - repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== - persistence: {} - -# application image -repository: docker.io -image: - consul: consul:1.0.6 - vault: vault:0.9.6 -pullPolicy: Always - -# flag to enable debugging - application support required -debugEnabled: false - -################################################################# -# Application configuration defaults. -################################################################# -config: - consul: - server: true - log_level: INFO - server: true - data_dir: '/consul/data' - ports: - http: 8500 - https: -1 - - vault: - storage: - consul: - address: localhost:8500 - path: smsvault - listener: - tcp: - address: '[::]:8200' - tls_disable: true - disable_mlock: true - -# default number of instances -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 10 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 10 - periodSeconds: 10 - -persistence: - enabled: true - - volumeReclaimPolicy: Retain - - accessMode: ReadWriteMany - size: 2Gi - mountPath: /dockerdata-nfs - mountSubPath: sms/consul/data - -service: - type: NodePort - name: aaf-sms-db - portName: aaf-sms-db - internalPort: 8200 - nodePort: 44 - -ingress: - enabled: false - -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # - # Example: - # Configure resource requests and limits - # ref: http://kubernetes.io/docs/user-guide/compute-resources/ - # Minimum memory for development is 2 CPU cores and 4GB memory - # Minimum memory for production is 4 CPU cores and 8GB memory -#resources: -# limits: -# cpu: 2 -# memory: 4Gi -# requests: -# cpu: 2 -# memory: 4Gi diff --git a/charts/sms/templates/configmap.yaml b/charts/sms/templates/configmap.yaml deleted file mode 100644 index 72ce6fb..0000000 --- a/charts/sms/templates/configmap.yaml +++ /dev/null @@ -1,27 +0,0 @@ -# Copyright 2018 Intel Corporation, Inc -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: - smsconfig.json: | - {{ .Values.config | toJson }} diff --git a/charts/sms/templates/deployment.yaml b/charts/sms/templates/deployment.yaml deleted file mode 100644 index e5381a0..0000000 --- a/charts/sms/templates/deployment.yaml +++ /dev/null @@ -1,78 +0,0 @@ -# Copyright 2018 Intel Corporation, Inc -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - replicas: {{ .Values.replicaCount }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} - spec: - containers: - - image: "{{ .Values.repository }}/{{ .Values.image }}" - name: {{ include "common.name" . }} - imagePullPolicy: {{ .Values.pullPolicy }} - command: ["/sms/bin/sms"] - workingDir: /sms/ - ports: - - containerPort: {{ .Values.service.internalPort }} - {{- if eq .Values.liveness.enabled true }} - livenessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - {{ end -}} - readinessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - volumeMounts: - - mountPath: /etc/localtime - name: localtime - readOnly: true - - mountPath: /sms/smsconfig.json - name: {{ include "common.name" .}} - subPath: smsconfig.json - resources: -{{ toYaml .Values.resources | indent 12 }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 10 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 10 }} - {{- end }} - volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name : {{ include "common.name" . }} - configMap: - name: {{ include "common.fullname" . }} - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/charts/sms/templates/service.yaml b/charts/sms/templates/service.yaml deleted file mode 100644 index 04e9a5a..0000000 --- a/charts/sms/templates/service.yaml +++ /dev/null @@ -1,39 +0,0 @@ -# Copyright 2018 Intel Corporation, Inc -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.fullname" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - type: {{ .Values.service.type }} - ports: - - name: {{ .Values.service.portName }} - {{if eq .Values.service.type "NodePort" -}} - port: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default "302" }}{{ .Values.service.nodePort }} - {{- else -}} - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - {{- end}} - protocol: TCP - selector: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} diff --git a/charts/sms/values.yaml b/charts/sms/values.yaml deleted file mode 100644 index 05d4e79..0000000 --- a/charts/sms/values.yaml +++ /dev/null @@ -1,96 +0,0 @@ -# Copyright 2018 Intel Corporation, Inc -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration defaults. -################################################################# -global: - nodePortPrefix: 302 - repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 - loggingRepository: docker.elastic.co - loggingImage: beats/filebeat:5.5.0 - -################################################################# -# Application configuration defaults. -################################################################# -# application image -repository: nexus3.onap.org:10001 -image: onap/aaf/sms -pullPolicy: Always - -# flag to enable debugging - application support required -debugEnabled: false - -# application configuration -# Example: -config: - smsdbaddress: "http://aaf-sms-db:8200" - cafile: "/sms/auth/selfsignedca.pem" - servercert: "/sms/auth/server.cert" - serverkey: "/sms/auth/server.key" - disable_tls: true - -# subchart configuration -vault: - nameOverride: smsdb - -# default number of instances -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 10 - periodSeconds: 20 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 10 - periodSeconds: 20 - -service: - type: NodePort - name: aaf-sms - portName: aaf-sms - internalPort: 10443 - nodePort: 43 - -ingress: - enabled: false - -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # - # Example: - # Configure resource requests and limits - # ref: http://kubernetes.io/docs/user-guide/compute-resources/ - # Minimum memory for development is 2 CPU cores and 4GB memory - # Minimum memory for production is 4 CPU cores and 8GB memory -#resources: -# limits: -# cpu: 2 -# memory: 4Gi -# requests: -# cpu: 2 -# memory: 4Gi -- cgit 1.2.3-korg From f92ec3038efcb0d6f22e04be713a9d44708753d9 Mon Sep 17 00:00:00 2001 From: Mahendra Raghuwanshi Date: Thu, 3 May 2018 12:15:03 +0000 Subject: AAF Charts -PS3-MK -renaming charts to remove hyphen -refactoring service name configuration. It wasn't quite correct the way it was. It was taking the chart name as the service name and not using the values.yaml from the top level chart as intended. -Jonathan asked to name the main app service "aaf-service and cassandra to "aaf-cass" as this is what is in the cert -squashed https://gerrit.onap.org/r/#/c/45923/1 into this commit. -updated robot to the latest settings Robot tests are failing but all pods come up. I think this can be merged and the AAF team investigate the robot health issue in a running system -PS4-MK -reverting sms changes and taking the latest from master -removing repository from the global section of the aaf values. -this was causing all images to be pulled from nexus3.onap.org which was failing to pull images that come from docker hub. There is supposed to be a proxy through nexus3 to dockerhub but maybe we are missing something. -PS5-MK -removing nodeports from non gui related charts. There are conflicts -PS6-Kiran -Adding imagepullsecrets for aaf-sms-vault subchart -updated image repository to pull from nexus3 -tested and works now and should fix the pull errors -PS7-Kiran -Previous patch picked up a couple of unintended changes -Reverting them -PS8-MK -removing names from identities -using https for robot test Issue-ID: OOM-930 Change-Id: I98f40ef5af03dda73aebf12f6fa48d928915ab34 Signed-off-by: Mahendra Raghuwanshi Add Beijing CQLs into OOM Issue-ID: AAF-114 Change-Id: I2c2d46738ba0885c41f710997d4b212b6ce4d2de Signed-off-by: Instrumental Signed-off-by: Mandeep Khinda Signed-off-by: Kiran Kamineni --- .helmignore | 21 + charts/aaf-cm/.helmignore | 21 + charts/aaf-cm/Chart.yaml | 18 + charts/aaf-cm/templates/NOTES.txt | 19 + charts/aaf-cm/templates/deployment.yaml | 114 +++++ charts/aaf-cm/templates/service.yaml | 41 ++ charts/aaf-cm/values.yaml | 86 ++++ .../aaf-cs/resources/config/aaf-cs-data/ecomp.cql | 169 ------- .../resources/config/aaf-cs-data/identities.dat | 7 - .../resources/config/aaf-cs-data/identities.idx | Bin 56 -> 0 bytes .../aaf-cs/resources/config/aaf-cs-data/init.cql | 112 +++-- .../resources/config/aaf-cs-data/keyspace.cql | 11 + .../aaf-cs/resources/config/aaf-cs-data/osaaf.cql | 122 +++++ .../resources/config/aaf-cs-data/temp_identity.cql | 8 + charts/aaf-cs/templates/NOTES.txt | 19 + charts/aaf-cs/templates/deployment.yaml | 36 +- charts/aaf-cs/templates/service.yaml | 18 +- charts/aaf-cs/values.yaml | 5 +- charts/aaf-fs/.helmignore | 21 + charts/aaf-fs/Chart.yaml | 18 + charts/aaf-fs/templates/NOTES.txt | 19 + charts/aaf-fs/templates/deployment.yaml | 114 +++++ charts/aaf-fs/templates/service.yaml | 41 ++ charts/aaf-fs/values.yaml | 86 ++++ charts/aaf-gui/.helmignore | 21 + charts/aaf-gui/Chart.yaml | 18 + charts/aaf-gui/templates/NOTES.txt | 19 + charts/aaf-gui/templates/deployment.yaml | 114 +++++ charts/aaf-gui/templates/service.yaml | 41 ++ charts/aaf-gui/values.yaml | 87 ++++ charts/aaf-hello/.helmignore | 21 + charts/aaf-hello/Chart.yaml | 18 + charts/aaf-hello/templates/NOTES.txt | 19 + charts/aaf-hello/templates/deployment.yaml | 114 +++++ charts/aaf-hello/templates/service.yaml | 41 ++ charts/aaf-hello/values.yaml | 86 ++++ charts/aaf-locate/.helmignore | 21 + charts/aaf-locate/Chart.yaml | 18 + charts/aaf-locate/templates/NOTES.txt | 19 + charts/aaf-locate/templates/deployment.yaml | 112 +++++ charts/aaf-locate/templates/service.yaml | 41 ++ charts/aaf-locate/values.yaml | 90 ++++ charts/aaf-oauth/.helmignore | 21 + charts/aaf-oauth/Chart.yaml | 18 + charts/aaf-oauth/templates/NOTES.txt | 19 + charts/aaf-oauth/templates/deployment.yaml | 114 +++++ charts/aaf-oauth/templates/service.yaml | 41 ++ charts/aaf-oauth/values.yaml | 86 ++++ charts/aaf-service/Chart.yaml | 18 + charts/aaf-service/templates/deployment.yaml | 114 +++++ charts/aaf-service/templates/service.yaml | 41 ++ charts/aaf-service/values.yaml | 87 ++++ .../aaf-sms-vault/templates/statefulset.yaml | 3 +- charts/aaf-sms/charts/aaf-sms-vault/values.yaml | 6 +- requirements.yaml | 19 +- resources/config/aaf-data/identities.dat | 9 - resources/config/backup/backup.sh | 32 ++ resources/config/backup/cbackup.sh | 8 + resources/config/data/identities.dat | 27 ++ resources/config/data/sample.identities.dat | 27 ++ resources/config/etc/org.osaaf.cm.props | 14 + resources/config/etc/org.osaaf.common.props | 29 ++ resources/config/etc/org.osaaf.fs.props | 10 + resources/config/etc/org.osaaf.gui.props | 31 ++ resources/config/etc/org.osaaf.hello.props | 8 + resources/config/etc/org.osaaf.locate.props | 8 + resources/config/etc/org.osaaf.log4j.props | 51 ++ resources/config/etc/org.osaaf.oauth.props | 8 + resources/config/etc/org.osaaf.orgs.props | 11 + resources/config/etc/org.osaaf.service.props | 8 + resources/config/local/org.osaaf.aaf.cm.p12 | Bin 0 -> 2818 bytes resources/config/local/org.osaaf.aaf.keyfile | 27 ++ resources/config/local/org.osaaf.aaf.p12 | Bin 0 -> 4140 bytes resources/config/local/org.osaaf.aaf.props | 17 + resources/config/local/org.osaaf.aaf.trust.p12 | Bin 0 -> 4180 bytes ...af.aaf_new-24e41f2f436018568cbdecdc1edbd605.p12 | Bin 0 -> 4140 bytes resources/config/local/org.osaaf.cassandra.props | 29 ++ resources/config/local/org.osaaf.cm.ca.props | 11 + resources/config/local/org.osaaf.location.props | 12 + resources/config/public/AAF_RootCA.cer | 31 ++ resources/config/public/aaf_2_0.xsd | 527 +++++++++++++++++++++ resources/config/public/iframe_denied_test.html | 10 + resources/config/public/truststoreONAP.p12 | Bin 0 -> 4180 bytes resources/config/public/truststoreONAPall.jks | Bin 0 -> 117990 bytes templates/configmap.yaml | 39 +- templates/deployment.yaml | 91 ---- templates/job.yaml | 132 ++++++ templates/pv.yaml | 37 ++ templates/pvc.yaml | 48 ++ templates/secrets.yaml | 47 ++ templates/service.yaml | 41 -- values.yaml | 55 ++- 92 files changed, 3636 insertions(+), 412 deletions(-) create mode 100644 .helmignore create mode 100644 charts/aaf-cm/.helmignore create mode 100644 charts/aaf-cm/Chart.yaml create mode 100644 charts/aaf-cm/templates/NOTES.txt create mode 100644 charts/aaf-cm/templates/deployment.yaml create mode 100644 charts/aaf-cm/templates/service.yaml create mode 100644 charts/aaf-cm/values.yaml delete mode 100644 charts/aaf-cs/resources/config/aaf-cs-data/ecomp.cql delete mode 100644 charts/aaf-cs/resources/config/aaf-cs-data/identities.dat delete mode 100644 charts/aaf-cs/resources/config/aaf-cs-data/identities.idx create mode 100644 charts/aaf-cs/resources/config/aaf-cs-data/keyspace.cql create mode 100644 charts/aaf-cs/resources/config/aaf-cs-data/osaaf.cql create mode 100644 charts/aaf-cs/resources/config/aaf-cs-data/temp_identity.cql create mode 100644 charts/aaf-cs/templates/NOTES.txt create mode 100644 charts/aaf-fs/.helmignore create mode 100644 charts/aaf-fs/Chart.yaml create mode 100644 charts/aaf-fs/templates/NOTES.txt create mode 100644 charts/aaf-fs/templates/deployment.yaml create mode 100644 charts/aaf-fs/templates/service.yaml create mode 100644 charts/aaf-fs/values.yaml create mode 100644 charts/aaf-gui/.helmignore create mode 100644 charts/aaf-gui/Chart.yaml create mode 100644 charts/aaf-gui/templates/NOTES.txt create mode 100644 charts/aaf-gui/templates/deployment.yaml create mode 100644 charts/aaf-gui/templates/service.yaml create mode 100644 charts/aaf-gui/values.yaml create mode 100644 charts/aaf-hello/.helmignore create mode 100644 charts/aaf-hello/Chart.yaml create mode 100644 charts/aaf-hello/templates/NOTES.txt create mode 100644 charts/aaf-hello/templates/deployment.yaml create mode 100644 charts/aaf-hello/templates/service.yaml create mode 100644 charts/aaf-hello/values.yaml create mode 100644 charts/aaf-locate/.helmignore create mode 100644 charts/aaf-locate/Chart.yaml create mode 100644 charts/aaf-locate/templates/NOTES.txt create mode 100644 charts/aaf-locate/templates/deployment.yaml create mode 100644 charts/aaf-locate/templates/service.yaml create mode 100644 charts/aaf-locate/values.yaml create mode 100644 charts/aaf-oauth/.helmignore create mode 100644 charts/aaf-oauth/Chart.yaml create mode 100644 charts/aaf-oauth/templates/NOTES.txt create mode 100644 charts/aaf-oauth/templates/deployment.yaml create mode 100644 charts/aaf-oauth/templates/service.yaml create mode 100644 charts/aaf-oauth/values.yaml create mode 100644 charts/aaf-service/Chart.yaml create mode 100644 charts/aaf-service/templates/deployment.yaml create mode 100644 charts/aaf-service/templates/service.yaml create mode 100644 charts/aaf-service/values.yaml delete mode 100644 resources/config/aaf-data/identities.dat create mode 100644 resources/config/backup/backup.sh create mode 100644 resources/config/backup/cbackup.sh create mode 100644 resources/config/data/identities.dat create mode 100644 resources/config/data/sample.identities.dat create mode 100644 resources/config/etc/org.osaaf.cm.props create mode 100644 resources/config/etc/org.osaaf.common.props create mode 100644 resources/config/etc/org.osaaf.fs.props create mode 100644 resources/config/etc/org.osaaf.gui.props create mode 100644 resources/config/etc/org.osaaf.hello.props create mode 100644 resources/config/etc/org.osaaf.locate.props create mode 100644 resources/config/etc/org.osaaf.log4j.props create mode 100644 resources/config/etc/org.osaaf.oauth.props create mode 100644 resources/config/etc/org.osaaf.orgs.props create mode 100644 resources/config/etc/org.osaaf.service.props create mode 100644 resources/config/local/org.osaaf.aaf.cm.p12 create mode 100644 resources/config/local/org.osaaf.aaf.keyfile create mode 100644 resources/config/local/org.osaaf.aaf.p12 create mode 100644 resources/config/local/org.osaaf.aaf.props create mode 100644 resources/config/local/org.osaaf.aaf.trust.p12 create mode 100644 resources/config/local/org.osaaf.aaf_new-24e41f2f436018568cbdecdc1edbd605.p12 create mode 100644 resources/config/local/org.osaaf.cassandra.props create mode 100644 resources/config/local/org.osaaf.cm.ca.props create mode 100644 resources/config/local/org.osaaf.location.props create mode 100644 resources/config/public/AAF_RootCA.cer create mode 100644 resources/config/public/aaf_2_0.xsd create mode 100644 resources/config/public/iframe_denied_test.html create mode 100644 resources/config/public/truststoreONAP.p12 create mode 100644 resources/config/public/truststoreONAPall.jks delete mode 100644 templates/deployment.yaml create mode 100644 templates/job.yaml create mode 100644 templates/pv.yaml create mode 100644 templates/pvc.yaml create mode 100644 templates/secrets.yaml delete mode 100644 templates/service.yaml diff --git a/.helmignore b/.helmignore new file mode 100644 index 0000000..f0c1319 --- /dev/null +++ b/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/charts/aaf-cm/.helmignore b/charts/aaf-cm/.helmignore new file mode 100644 index 0000000..f0c1319 --- /dev/null +++ b/charts/aaf-cm/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/charts/aaf-cm/Chart.yaml b/charts/aaf-cm/Chart.yaml new file mode 100644 index 0000000..00832d6 --- /dev/null +++ b/charts/aaf-cm/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: ONAP AAF Certificate Manager +name: aaf-cm +version: 2.0.0 \ No newline at end of file diff --git a/charts/aaf-cm/templates/NOTES.txt b/charts/aaf-cm/templates/NOTES.txt new file mode 100644 index 0000000..c60c745 --- /dev/null +++ b/charts/aaf-cm/templates/NOTES.txt @@ -0,0 +1,19 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} +{{- end }} diff --git a/charts/aaf-cm/templates/deployment.yaml b/charts/aaf-cm/templates/deployment.yaml new file mode 100644 index 0000000..652e2ac --- /dev/null +++ b/charts/aaf-cm/templates/deployment.yaml @@ -0,0 +1,114 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - command: + - /root/job_complete.py + args: + - -j + - {{ .Release.Name }}-aaf-create-config + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-job-complete + - command: + - /root/ready.py + args: + - --container-name + - aaf-cs + - --container-name + - aaf-locate + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness + containers: + - env: + - name: CASSANDRA_CLUSTER + value: cassandra_container + name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/cm/bin/cm >> /opt/app/osaaf/logs/cm/stdout`date -I` 2>> /opt/app/osaaf/logs/cm/stderr`date -I`"] + volumeMounts: + - mountPath: /opt/app/osaaf + name: aaf-persistent-vol + - mountPath: /etc/localtime + name: localtime + readOnly: true + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + resources: +{{ toYaml .Values.resources | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: aaf-persistent-vol + {{- if .Values.global.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ .Release.Name }}-aaf-pvc + {{- else }} + emptyDir: {} + {{- end }} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/charts/aaf-cm/templates/service.yaml b/charts/aaf-cm/templates/service.yaml new file mode 100644 index 0000000..281aa1c --- /dev/null +++ b/charts/aaf-cm/templates/service.yaml @@ -0,0 +1,41 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort }} + #Example internal target port if required + #targetPort: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + type: {{ .Values.service.type }} diff --git a/charts/aaf-cm/values.yaml b/charts/aaf-cm/values.yaml new file mode 100644 index 0000000..75b1a7b --- /dev/null +++ b/charts/aaf-cm/values.yaml @@ -0,0 +1,86 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== + readinessRepository: oomk8s + readinessImage: readiness-check:1.1.0 + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/aaf/aaf_cm:2.1.0-SNAPSHOT +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration +config: {} + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + +service: + name: aaf-cm + type: ClusterIP + portName: aaf-cm + #targetPort + internalPort: 8150 + #port + externalPort: 8150 + +ingress: + enabled: false + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # + # Example: + # Configure resource requests and limits + # ref: http://kubernetes.io/docs/user-guide/compute-resources/ + # Minimum memory for development is 2 CPU cores and 4GB memory + # Minimum memory for production is 4 CPU cores and 8GB memory +#resources: +# limits: +# cpu: 2 +# memory: 4Gi +# requests: +# cpu: 2 +# memory: 4Gi diff --git a/charts/aaf-cs/resources/config/aaf-cs-data/ecomp.cql b/charts/aaf-cs/resources/config/aaf-cs-data/ecomp.cql deleted file mode 100644 index 6fddf65..0000000 --- a/charts/aaf-cs/resources/config/aaf-cs-data/ecomp.cql +++ /dev/null @@ -1,169 +0,0 @@ -USE authz; - -// Create Root pass -INSERT INTO cred (id,ns,type,cred,expires) - VALUES ('dgl@openecomp.org','org.openecomp',1,0xab3831f27b39d7a039f9a92aa2bbfe51,'2020-12-31'); - -INSERT INTO cred (id,ns,type,cred,expires) - VALUES ('m99751@dmaapBC.openecomp.org','org.openecomp.dmaapBC',1,0xab3831f27b39d7a039f9a92aa2bbfe51,'2020-12-31'); - -INSERT INTO cred (id,ns,type,cred,expires) - VALUES ('m99501@dmaapBC.openecomp.org','org.openecomp.dmaapBC',1,0xab3831f27b39d7a039f9a92aa2bbfe51,'2020-12-31'); - - -// Create 'com' root NS -INSERT INTO ns (name,scope,description,parent,type) - VALUES('com',1,'Root Namespace',null,1); - -INSERT INTO role(ns, name, perms, description) - VALUES('com','admin',{'com.access|*|*'},'Com Admins'); - -INSERT INTO role(ns, name, perms, description) - VALUES('com','owner',{'com.access|*|read'},'Com Owners'); - -INSERT INTO perm(ns, type, instance, action, roles, description) - VALUES ('com','access','*','read',{'com.owner'},'Com Read Access'); - -INSERT INTO perm(ns, type, instance, action, roles, description) - VALUES ('com','access','*','*',{'com.admin'},'Com Write Access'); - -INSERT INTO user_role(user,role,expires,ns,rname) - VALUES ('dgl@openecomp.org','com.owner','2020-12-31','com','owner'); - -INSERT INTO user_role(user,role,expires,ns,rname) - VALUES ('dgl@openecomp.org','com.admin','2020-12-31','com','admin'); - -// Create org root NS -INSERT INTO ns (name,scope,description,parent,type) - VALUES('org',1,'Root Namespace Org',null,1); - -INSERT INTO ns (name,scope,description,parent,type) - VALUES('org.openecomp.dcae',3,'DCAE Namespace Org','org.openecomp',3); - -INSERT INTO ns (name,scope,description,parent,type) - VALUES('org.openecomp.dmaapBC',3,'DMaaP BC Namespace Org','org.openecomp',3); - -INSERT INTO role(ns, name, perms, description) - VALUES('org','admin',{'org.access|*|*'},'Com Admins'); - -INSERT INTO role(ns, name, perms, description) - VALUES('org','owner',{'org.access|*|read'},'Com Owners'); - -INSERT INTO perm(ns, type, instance, action, roles, description) - VALUES ('org','access','*','read',{'org.owner'},'Com Read Access'); - -INSERT INTO perm(ns, type, instance, action, roles, description) - VALUES ('org','access','*','*',{'org.admin'},'Com Write Access'); - -INSERT INTO user_role(user,role,expires,ns,rname) - VALUES ('dgl@openecomp.org','org.owner','2020-12-31','org','owner'); - -INSERT INTO user_role(user,role,expires,ns,rname) - VALUES ('dgl@openecomp.org','org.admin','2020-12-31','org','admin'); - - -// Create com.att - -INSERT INTO ns (name,scope,description,parent,type) - VALUES('com.att',2,'AT&T Namespace','com',2); - -INSERT INTO role(ns, name, perms,description) - VALUES('com.att','admin',{'com.att.access|*|*'},'AT&T Admins'); - -INSERT INTO role(ns, name, perms,description) - VALUES('com.att','owner',{'com.att.access|*|read'},'AT&T Owners'); - -INSERT INTO perm(ns, type, instance, action, roles,description) - VALUES ('com.att','access','*','read',{'com.att.owner'},'AT&T Read Access'); - -INSERT INTO perm(ns, type, instance, action, roles,description) - VALUES ('com.att','access','*','*',{'com.att.admin'},'AT&T Write Access'); - -INSERT INTO user_role(user,role,expires,ns,rname) - VALUES ('dgl@openecomp.org','com.att.owner','2020-12-31','com.att','owner'); - -INSERT INTO user_role(user,role,expires,ns,rname) - VALUES ('dgl@openecomp.org','com.att.admin','2020-12-31','com.att','admin'); - -// Create com.att.aaf - -INSERT INTO ns (name,scope,description,parent,type) - VALUES('com.att.aaf',3,'Application Authorization Framework','com.att',3); - -INSERT INTO role(ns, name, perms, description) - VALUES('com.att.aaf','admin',{'com.att.aaf.access|*|*'},'AAF Admins'); - -INSERT INTO role(ns, name, perms, description) - VALUES('com.att.aaf','owner',{'com.att.aaf.access|*|read'},'AAF Owners'); - -INSERT INTO perm(ns, type, instance, action, roles, description) - VALUES ('com.att.aaf','access','*','read',{'com.att.aaf.owner'},'AAF Read Access'); - -INSERT INTO perm(ns, type, instance, action, roles, description) - VALUES ('com.att.aaf','access','*','*',{'com.att.aaf.admin'},'AAF Write Access'); - -INSERT INTO user_role(user,role,expires,ns,rname) - VALUES ('dgl@openecomp.org','com.att.aaf.admin','2020-12-31','com.att.aaf','admin'); -INSERT INTO user_role(user,role,expires,ns,rname) - VALUES ('dgl@openecomp.org','com.att.aaf.owner','2020-12-31','com.att.aaf','owner'); - - -// Create org.openecomp -INSERT INTO ns (name,scope,description,parent,type) - VALUES('org.openecomp',2,'Open EComp NS','com.att',2); - -INSERT INTO role(ns, name, perms, description) - VALUES('org.openecomp','admin',{'org.openecomp.access|*|*'},'OpenEcomp Admins'); - -INSERT INTO role(ns, name, perms, description) - VALUES('org.openecomp','owner',{'org.openecomp.access|*|read'},'OpenEcomp Owners'); - -INSERT INTO perm(ns, type, instance, action, roles, description) - VALUES ('org.openecomp','access','*','read',{'org.openecomp.owner'},'OpenEcomp Read Access'); - -INSERT INTO perm(ns, type, instance, action, roles, description) - VALUES ('org.openecomp','access','*','*',{'org.openecomp.admin'},'OpenEcomp Write Access'); - -INSERT INTO user_role(user,role,expires,ns,rname) - VALUES ('dgl@openecomp.org','org.openecomp.admin','2020-12-31','org.openecomp','admin'); - -// Create org.openecomp.dmaapBC - -INSERT INTO ns (name,scope,description,parent,type) - VALUES('org.openecomp.dmaapBC',3,'Application Authorization Framework','org.openecomp',3); - -//INSERT INTO role(ns, name, perms, description) -// VALUES('org.openecomp.dmaapBC','admin',{'org.openecomp.dmaapBC.access|*|*'},'AAF Admins'); - -INSERT INTO role(ns, name, perms, description) -VALUES('org.openecomp.dmaapBC','admin',{'org.openecomp.dmaapBC.access|*|*','org.openecomp.dmaapBC.topicFactory|:org.openecomp.dmaapBC.topic:org.openecomp.dmaapBC|create','org.openecomp.dmaapBC.mr.topic|:topic.org.openecomp.dmaapBC.newtopic|sub','org.openecomp.dmaapBC.mr.topic|:topic.org.openecomp.dmaapBC.newtopic|pub'},'AAF Admins'); - -//INSERT INTO role(ns, name, perms, description) -//VALUES('org.openecomp.dmaapBC','admin',{'org.openecomp.dmaapBC.access|*|*','org.openecomp.dmaapBC.mr.topic|:topic.org.openecomp.dmaapBC.newtopic|sub'},'AAF Admins'); - -//INSERT INTO role(ns, name, perms, description) -//VALUES('org.openecomp.dmaapBC','admin',{'org.openecomp.dmaapBC.access|*|*','org.openecomp.dmaapBC.mr.topic|:topic.org.openecomp.dmaapBC.newtopic|pub'},'AAF Admins'); - - - -INSERT INTO role(ns, name, perms, description) - VALUES('org.openecomp.dmaapBC','owner',{'org.openecomp.dmaapBC.access|*|read'},'AAF Owners'); - -INSERT INTO perm(ns, type, instance, action, roles, description) - VALUES ('org.openecomp.dmaapBC','access','*','read',{'org.openecomp.dmaapBC.owner'},'AAF Read Access'); - -INSERT INTO perm(ns, type, instance, action, roles, description) - VALUES ('org.openecomp.dmaapBC','access','*','*',{'org.openecomp.dmaapBC.admin'},'AAF Write Access'); - -INSERT INTO user_role(user,role,expires,ns,rname) - VALUES ('dgl@openecomp.org','org.openecomp.dmaapBC.admin','2020-12-31','org.openecomp.dmaapBC','admin'); -INSERT INTO user_role(user,role,expires,ns,rname) - VALUES ('dgl@openecomp.org','org.openecomp.dmaapBC.owner','2020-12-31','org.openecomp.dmaapBC','owner'); -INSERT INTO user_role(user,role,expires,ns,rname) - VALUES ('m99751@dmaapBC.openecomp.org','org.openecomp.dmaapBC.admin','2020-12-31','org.openecomp.dmaapBC','admin'); -INSERT INTO user_role(user,role,expires,ns,rname) - VALUES ('m99751@dmaapBC.openecomp.org','org.openecomp.dmaapBC.owner','2020-12-31','org.openecomp.dmaapBC','owner'); -INSERT INTO user_role(user,role,expires,ns,rname) - VALUES ('m99501@dmaapBC.openecomp.org','org.openecomp.dmaapBC.admin','2020-12-31','org.openecomp.dmaapBC','admin'); -INSERT INTO user_role(user,role,expires,ns,rname) - VALUES ('m99501@dmaapBC.openecomp.org','org.openecomp.dmaapBC.owner','2020-12-31','org.openecomp.dmaapBC','owner'); diff --git a/charts/aaf-cs/resources/config/aaf-cs-data/identities.dat b/charts/aaf-cs/resources/config/aaf-cs-data/identities.dat deleted file mode 100644 index 98bf99a..0000000 --- a/charts/aaf-cs/resources/config/aaf-cs-data/identities.dat +++ /dev/null @@ -1,7 +0,0 @@ -iowna|Ima D. Owner|Ima|Owner|314-123-2000|ima.d.owner@osaaf.com|e| -mmanager|Mark D. Manager|Mark|Manager|314-123-1234|mark.d.manager@osaaf.com|e|iowna -bdevl|Robert D. Developer|Bob|Developer|314-123-1235|bob.d.develper@osaaf.com|e|mmanager -mmarket|Mary D. Marketer|Mary|Marketer|314-123-1236|mary.d.marketer@osaaf.com|e|mmanager -ccontra|Clarice D. Contractor|Clarice|Contractor|314-123-1237|clarice.d.contractor@osaaf.com|c|mmanager -iretired|Ira Lee M. Retired|Ira|Retired|314-123-1238|clarice.d.contractor@osaaf.com|n|mmanager -osaaf|ID of AAF|||||a|bdevl diff --git a/charts/aaf-cs/resources/config/aaf-cs-data/identities.idx b/charts/aaf-cs/resources/config/aaf-cs-data/identities.idx deleted file mode 100644 index 78fc0a5..0000000 Binary files a/charts/aaf-cs/resources/config/aaf-cs-data/identities.idx and /dev/null differ diff --git a/charts/aaf-cs/resources/config/aaf-cs-data/init.cql b/charts/aaf-cs/resources/config/aaf-cs-data/init.cql index 81700f8..c06e5ee 100644 --- a/charts/aaf-cs/resources/config/aaf-cs-data/init.cql +++ b/charts/aaf-cs/resources/config/aaf-cs-data/init.cql @@ -1,35 +1,6 @@ -// For Developer Machine single instance -// -CREATE KEYSPACE authz -WITH REPLICATION = {'class' : 'SimpleStrategy','replication_factor':1}; -// -// From Ravi, 6-17-2014. User for DEVL->TEST -// -// CREATE KEYSPACE authz WITH replication = { 'class': 'NetworkTopologyStrategy', 'HYWRCA02': '2', 'BRHMALDC': '2' }; -// -// PROD -// -// CREATE KEYSPACE authz WITH replication = {'class': 'NetworkTopologyStrategy','ALPSGACT': '2','STLSMORC': '2','BRHMALDC': '2' }; -// -// create user authz with password '' superuser; -// grant all on keyspace authz to authz; -// -// For TEST (aaf_test) -// CREATE KEYSPACE authz WITH replication = { 'class': 'NetworkTopologyStrategy', 'BRHMALDC': '1' }; -// -// DEVL -// CREATE KEYSPACE authz WITH replication = {'class': 'NetworkTopologyStrategy','STLSMORC': '2' }; -// -// TEST / PERF -// CREATE KEYSPACE authz WITH replication = {'class': 'NetworkTopologyStrategy','STLSMORC': '3','KGMTNC20': '3' }; -// -// IST -// CREATE KEYSPACE authz WITH replication = {'class': 'NetworkTopologyStrategy','STLSMORC':'3', -// 'DLLSTXCF':'3','KGMTNC20':'3','SFLDMIBB':'3','HYWRCA02':'3' }; -// -// with 6 localized with ccm -// CREATE KEYSPACE authz WITH replication = { 'class': 'NetworkTopologyStrategy', 'dc1': '2', 'dc2': '2' }; -// + +// Table Initialization +// First make sure the keyspace exists. USE authz; @@ -51,12 +22,6 @@ CREATE TABLE ns ( ); CREATE INDEX ns_parent on ns(parent); - -// Oct 2015, not performant. Made Owner and Attrib first class Roles, -// April, 2015. Originally, the plan was to utilize Cassandra 2.1.2, however, other team's preferences were to remain at current levels. -// Therefore, we are taking the separate table approach. (coder Jeremiah Rohwedder) -// We had dropped this by making first class objects of Responsible (Owner) and Admin. We need this again to mark namespaces -// as having certain tools, like SWM, etc. CREATE TABLE ns_attrib ( ns varchar, key varchar, @@ -125,10 +90,10 @@ CREATE INDEX cert_id ON cert(id); CREATE INDEX cert_x500 ON cert(x500); CREATE TABLE notify ( - user text, - type int, - last timestamp, - checksum int, + user text, + type int, + last timestamp, + checksum int, PRIMARY KEY (user,type) ); @@ -155,14 +120,16 @@ CREATE TABLE artifact ( sponsor text, ca text, dir text, - appName text, os_user text, + ns text, notify text, expires timestamp, - renewDays int, + renewDays int, + sans Set, PRIMARY KEY (mechid,machine) ); CREATE INDEX artifact_machine ON artifact(machine); +CREATE INDEX artifact_ns ON artifact(ns); // // Non-Critical Table functions @@ -216,6 +183,7 @@ CREATE TABLE approval ( status varchar, // approval status. pending, approved, denied memo varchar, // Text for Approval to know what's going on operation varchar, // List operation to perform + last_notified timestamp, // Timestamp for the last time approver was notified PRIMARY KEY(id) ); CREATE INDEX appr_approver_idx ON approval(approver); @@ -223,6 +191,19 @@ CREATE INDEX appr_user_idx ON approval(user); CREATE INDEX appr_ticket_idx ON approval(ticket); CREATE INDEX appr_status_idx ON approval(status); +CREATE TABLE approved ( + id timeuuid, // unique Key + user varchar, // the user who needs to be approved + approver varchar, // user approving + type varchar, // approver types i.e. Supervisor, Owner + status varchar, // approval status. pending, approved, denied + memo varchar, // Text for Approval to know what's going on + operation varchar, // List operation to perform + PRIMARY KEY(id) + ); +CREATE INDEX approved_approver_idx ON approved(approver); +CREATE INDEX approved_user_idx ON approved(user); + CREATE TABLE delegate ( user varchar, delegate varchar, @@ -231,6 +212,49 @@ CREATE TABLE delegate ( ); CREATE INDEX delg_delg_idx ON delegate(delegate); +// OAuth Tokens +CREATE TABLE oauth_token ( + id text, // Reference + client_id text, // Creating Client ID + user text, // User requesting + active boolean, // Active or not + type int, // Type of Token + refresh text, // Refresh Token + expires timestamp, // Expiration time/Date (signed long) + exp_sec bigint, // Seconds from Jan 1, 1970 + content text, // Content of Token + scopes Set, // Scopes + state text, // Context string (Optional) + req_ip text, // Requesting IP (for logging purpose) + PRIMARY KEY(id) +) with default_time_to_live = 21600; // 6 hours +CREATE INDEX oauth_token_user_idx ON oauth_token(user); + +CREATE TABLE locate ( + name text, // Component/Server name + hostname text, // FQDN of Service/Component + port int, // Port of Service + major int, // Version, Major + minor int, // Version, Minor + patch int, // Version, Patch + pkg int, // Version, Package (if available) + latitude float, // Latitude + longitude float, // Longitude + protocol text, // Protocol (i.e. http https) + subprotocol set, // Accepted SubProtocols, ie. TLS1.1 for https + port_key uuid, // Key into locate_ports + PRIMARY KEY(name,hostname,port) +) with default_time_to_live = 1200; // 20 mins + +CREATE TABLE locate_ports ( + id uuid, // Id into locate + port int, // SubPort + name text, // Name of Other Port + protocol text, // Protocol of Other (i.e. JMX, DEBUG) + subprotocol set, // Accepted sub protocols or versions + PRIMARY KEY(id, port) +) with default_time_to_live = 1200; // 20 mins; + // // Used by authz-batch processes to ensure only 1 runs at a time // diff --git a/charts/aaf-cs/resources/config/aaf-cs-data/keyspace.cql b/charts/aaf-cs/resources/config/aaf-cs-data/keyspace.cql new file mode 100644 index 0000000..52dc5ea --- /dev/null +++ b/charts/aaf-cs/resources/config/aaf-cs-data/keyspace.cql @@ -0,0 +1,11 @@ +// For Developer Machine single instance +// CREATE KEYSPACE authz +// WITH REPLICATION = {'class' : 'SimpleStrategy','replication_factor':1}; +// +// + +// Example of Network Topology, with Datacenter dc1 & dc2 +// CREATE KEYSPACE authz WITH replication = { 'class': 'NetworkTopologyStrategy', 'dc1': '2', 'dc2': '2' }; +// Out of the box Docker Cassandra comes with "datacenter1", one instance +CREATE KEYSPACE authz WITH replication = { 'class': 'NetworkTopologyStrategy', 'datacenter1': '1' }; +// diff --git a/charts/aaf-cs/resources/config/aaf-cs-data/osaaf.cql b/charts/aaf-cs/resources/config/aaf-cs-data/osaaf.cql new file mode 100644 index 0000000..e7385ab --- /dev/null +++ b/charts/aaf-cs/resources/config/aaf-cs-data/osaaf.cql @@ -0,0 +1,122 @@ +USE authz; + +// Create 'org' root NS +INSERT INTO ns (name,description,parent,scope,type) + VALUES('org','Root Namespace','.',1,1); + +INSERT INTO role(ns, name, perms, description) + VALUES('org','admin',{'org.access|*|*'},'Org Admins'); + +INSERT INTO role(ns, name, perms, description) + VALUES('org','owner',{'org.access|*|read,approve'},'Org Owners'); + +INSERT INTO perm(ns, type, instance, action, roles, description) + VALUES ('org','access','*','read,approve',{'org.owner'},'Org Read Access'); + +INSERT INTO perm(ns, type, instance, action, roles, description) + VALUES ('org','access','*','*',{'org.admin'},'Org Write Access'); + +// Create Root pass +INSERT INTO cred (id,ns,type,cred,expires) + VALUES ('initial@osaaf.org','org.osaaf',1,0x008c5926ca861023c1d2a36653fd88e2,'2099-12-31') using TTL 14400; + +INSERT INTO user_role(user,role,expires,ns,rname) + VALUES ('initial@osaaf.org','org.admin','2099-12-31','org','admin') using TTL 14400; + + +// Create org.osaaf +INSERT INTO ns (name,description,parent,scope,type) + VALUES('org.osaaf','OSAAF Namespace','org',2,2); + +INSERT INTO role(ns, name, perms,description) + VALUES('org.osaaf','admin',{'org.osaaf.access|*|*'},'OSAAF Admins'); + +INSERT INTO perm(ns, type, instance, action, roles,description) + VALUES ('org.osaaf','access','*','*',{'org.osaaf.admin'},'OSAAF Write Access'); + +INSERT INTO role(ns, name, perms,description) + VALUES('org.osaaf','owner',{'org.osaaf.access|*|read,approve'},'OSAAF Owners'); + +INSERT INTO perm(ns, type, instance, action, roles,description) + VALUES ('org.osaaf','access','*','read,appove',{'org.osaaf.owner'},'OSAAF Read Access'); + +// Create org.osaaf.aaf +INSERT INTO ns (name,description,parent,scope,type) + VALUES('org.osaaf.aaf','Application Authorization Framework','org.osaaf',3,3); + +INSERT INTO role(ns, name, perms, description) + VALUES('org.osaaf.aaf','admin',{'org.osaaf.aaf.access|*|*'},'AAF Admins'); + +INSERT INTO perm(ns, type, instance, action, roles, description) + VALUES ('org.osaaf.aaf','access','*','*',{'org.osaaf.aaf.admin'},'AAF Write Access'); + +INSERT INTO perm(ns, type, instance, action, roles, description) + VALUES ('org.osaaf.aaf','access','*','read,approve',{'org.osaaf.aaf.owner'},'AAF Read Access'); + +INSERT INTO role(ns, name, perms, description) + VALUES('org.osaaf.aaf','owner',{'org.osaaf.aaf.access|*|read,approve'},'AAF Owners'); + +INSERT INTO user_role(user,role,expires,ns,rname) + VALUES ('initial@osaaf.org','org.osaaf.aaf.admin','2099-12-31','org.osaaf.aaf','admin') using TTL 14400; + + +// ONAP Specific Entities +// ONAP initial env Namespace +INSERT INTO ns (name,description,parent,scope,type) + VALUES('org.onap','ONAP','org',2,2); + +INSERT INTO ns (name,description,parent,scope,type) + VALUES('org.onap.portal','ONAP Portal','org.onap.portal',3,3); + +INSERT INTO perm(ns, type, instance, action, roles, description) + VALUES ('org.onap.portal','access','*','read',{ + 'org.onap.portal.owner','org.onap.portal.designer','org.onap.portal.tester','org.onap.portal.ops','org.onap.portal.governor' + },'Portal Read Access'); + +INSERT INTO role(ns, name, perms, description) + VALUES('org.onap.portal','owner',{'org.onap.portal.access|*|read'},'Portal Owner'); + +INSERT INTO perm(ns, type, instance, action, roles, description) + VALUES ('org.onap.portal','access','*','*',{'org.onap.portal.admin'},'Portal Write Access'); + +INSERT INTO role(ns, name, perms, description) + VALUES('org.onap.portal','admin',{'org.onap.portal.access|*|*'},'Portal Admins'); + +// DEMO ID (OPS) +insert into cred (id,type,expires,cred,notes,ns,other) values('demo@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344); +INSERT INTO user_role(user,role,expires,ns,rname) + VALUES ('demo@people.osaaf.org','org.onap.portal.admin','2018-10-31','org.onap.portal','admin'); + +// ADMIN +insert into cred (id,type,expires,cred,notes,ns,other) values('jh0003@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344); +INSERT INTO user_role(user,role,expires,ns,rname) + VALUES ('jh0003@people.osaaf.org','org.onap.portal.admin','2018-10-31','org.onap.portal','admin'); + +// DESIGNER +INSERT INTO cred (id,type,expires,cred,notes,ns,other) values('cs0008@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344); +INSERT INTO role(ns, name, perms, description) + VALUES('org.onap.portal','designer',{'org.onap.portal.access|*|read'},'Portal Designer'); +INSERT INTO user_role(user,role,expires,ns,rname) + VALUES ('cs0008@people.osaaf.org','org.onap.portal.designer','2018-10-31','org.onap.portal','designer'); + +// TESTER +INSERT INTO cred (id,type,expires,cred,notes,ns,other) values('jm0007@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344); +INSERT INTO role(ns, name, perms, description) + VALUES('org.onap.portal','tester',{'org.onap.portal.access|*|read'},'Portal Tester'); +INSERT INTO user_role(user,role,expires,ns,rname) + VALUES ('jm0007@people.osaaf.org','org.onap.portal.tester','2018-10-31','org.onap.portal','tester'); + +// OPS +INSERT INTO cred (id,type,expires,cred,notes,ns,other) values('op0001@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344); +INSERT INTO role(ns, name, perms, description) + VALUES('org.onap.portal','ops',{'org.onap.portal.access|*|read'},'Portal Operations'); +INSERT INTO user_role(user,role,expires,ns,rname) + VALUES ('op0001@people.osaaf.org','org.onap.portal.ops','2018-10-31','org.onap.portal','ops'); + +// GOVERNOR +INSERT INTO cred (id,type,expires,cred,notes,ns,other) values('gv0001@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344); +INSERT INTO role(ns, name, perms, description) + VALUES('org.onap.portal','governor',{'org.onap.portal.access|*|read'},'Portal Governor'); +INSERT INTO user_role(user,role,expires,ns,rname) + VALUES ('gv0001@people.osaaf.org','org.onap.portal.governor','2018-10-31','org.onap.portal','governor'); + diff --git a/charts/aaf-cs/resources/config/aaf-cs-data/temp_identity.cql b/charts/aaf-cs/resources/config/aaf-cs-data/temp_identity.cql new file mode 100644 index 0000000..5e7cfe1 --- /dev/null +++ b/charts/aaf-cs/resources/config/aaf-cs-data/temp_identity.cql @@ -0,0 +1,8 @@ +USE authz; + +INSERT INTO user_role(user,role,expires,ns,rname) + VALUES ('demo@people.osaaf.org','org.admin','2099-12-31','org','admin') ; + +INSERT INTO user_role(user,role,expires,ns,rname) + VALUES ('demo@people.osaaf.org','org.osaaf.aaf.admin','2099-12-31','org.osaaf.aaf','admin') ; + diff --git a/charts/aaf-cs/templates/NOTES.txt b/charts/aaf-cs/templates/NOTES.txt new file mode 100644 index 0000000..c60c745 --- /dev/null +++ b/charts/aaf-cs/templates/NOTES.txt @@ -0,0 +1,19 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} +{{- end }} diff --git a/charts/aaf-cs/templates/deployment.yaml b/charts/aaf-cs/templates/deployment.yaml index 15e574f..4253d2f 100644 --- a/charts/aaf-cs/templates/deployment.yaml +++ b/charts/aaf-cs/templates/deployment.yaml @@ -24,14 +24,11 @@ metadata: heritage: {{ .Release.Service }} spec: replicas: {{ .Values.replicaCount }} - selector: - matchLabels: - app: {{ include "common.name" . }} template: metadata: labels: app: {{ include "common.name" . }} - name: {{ .Release.Name }} + release: {{ .Release.Name }} spec: hostname: {{ include "common.name" . }} containers: @@ -39,24 +36,45 @@ spec: image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }} + ports: + - containerPort: {{ .Values.service.externalPort }} + - containerPort: {{ .Values.service.externalPort2 }} + - containerPort: {{ .Values.service.externalPort3 }} + - containerPort: {{ .Values.service.externalPort4 }} volumeMounts: - mountPath: /data name: aaf-cs-data + - mountPath: /etc/localtime + name: localtime + readOnly: true # disable liveness probe when breakpoints set in debugger # so K8s doesn't restart unresponsive container {{- if eq .Values.liveness.enabled true }} livenessProbe: tcpSocket: - port: {{ .Values.service.internalPort }} + port: {{ .Values.service.internalPort3 }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} {{ end -}} readinessProbe: tcpSocket: - port: {{ .Values.service.internalPort }} + port: {{ .Values.service.internalPort3 }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} - resources: + lifecycle: + postStart: + exec: + command: + - /bin/sh + - -c + - > + /bin/sleep 30; + cd /data/; + cqlsh -u root -p root -f keyspace.cql ; + cqlsh -u root -p root -f init.cql ; + cqlsh -u root -p root -f osaaf.cql ; + cqlsh -u root -p root -f temp_identity.cql + resources: {{ toYaml .Values.resources | indent 12 }} {{- if .Values.nodeSelector }} nodeSelector: @@ -66,8 +84,10 @@ spec: affinity: {{ toYaml .Values.affinity | indent 10 }} {{- end }} - volumes: + - name: localtime + hostPath: + path: /etc/localtime - name: aaf-cs-data secret: secretName: {{ include "common.fullname" . }} diff --git a/charts/aaf-cs/templates/service.yaml b/charts/aaf-cs/templates/service.yaml index 2e4a619..b1716e4 100644 --- a/charts/aaf-cs/templates/service.yaml +++ b/charts/aaf-cs/templates/service.yaml @@ -22,6 +22,8 @@ metadata: chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} +# annotations: +# service.alpha.kubernetes.io/tolerate-unready-endpoints: "true" spec: type: {{ .Values.service.type }} ports: @@ -30,29 +32,29 @@ spec: #Example internal target port if required #targetPort: {{ .Values.service.internalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.name }} + name: {{ .Values.service.portName }} - port: {{ .Values.service.externalPort2 }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }} - name: {{ .Values.service.name }}2 + name: {{ .Values.service.portName }}2 - port: {{ .Values.service.externalPort3 }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort3 }} - name: {{ .Values.service.name }}3 + name: {{ .Values.service.portName }}3 - port: {{ .Values.service.externalPort4 }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort4 }} - name: {{ .Values.service.name }}4 + name: {{ .Values.service.portName }}4 {{- else -}} - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.name }} + name: {{ .Values.service.portName }} - port: {{ .Values.service.externalPort2 }} targetPort: {{ .Values.service.internalPort2 }} - name: {{ .Values.service.name }}2 + name: {{ .Values.service.portName }}2 - port: {{ .Values.service.externalPort3 }} targetPort: {{ .Values.service.internalPort3 }} - name: {{ .Values.service.name }}3 + name: {{ .Values.service.portName }}3 - port: {{ .Values.service.externalPort4 }} targetPort: {{ .Values.service.internalPort4 }} - name: {{ .Values.service.name }}4 + name: {{ .Values.service.portName }}4 {{- end}} selector: app: {{ include "common.name" . }} diff --git a/charts/aaf-cs/values.yaml b/charts/aaf-cs/values.yaml index 89b83cd..83bc972 100644 --- a/charts/aaf-cs/values.yaml +++ b/charts/aaf-cs/values.yaml @@ -25,7 +25,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: library/cassandra:2.1.17 +image: library/cassandra:3.11 pullPolicy: Always # flag to enable debugging - application support required @@ -54,8 +54,9 @@ readiness: periodSeconds: 10 service: + name: aaf-cass type: ClusterIP - name: aaf-cs + portName: aaf-cs #targetPort internalPort: 7000 #port diff --git a/charts/aaf-fs/.helmignore b/charts/aaf-fs/.helmignore new file mode 100644 index 0000000..f0c1319 --- /dev/null +++ b/charts/aaf-fs/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/charts/aaf-fs/Chart.yaml b/charts/aaf-fs/Chart.yaml new file mode 100644 index 0000000..6b0fdcb --- /dev/null +++ b/charts/aaf-fs/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: ONAP AAF File Server +name: aaf-fs +version: 2.0.0 \ No newline at end of file diff --git a/charts/aaf-fs/templates/NOTES.txt b/charts/aaf-fs/templates/NOTES.txt new file mode 100644 index 0000000..c60c745 --- /dev/null +++ b/charts/aaf-fs/templates/NOTES.txt @@ -0,0 +1,19 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} +{{- end }} diff --git a/charts/aaf-fs/templates/deployment.yaml b/charts/aaf-fs/templates/deployment.yaml new file mode 100644 index 0000000..0bbd6a5 --- /dev/null +++ b/charts/aaf-fs/templates/deployment.yaml @@ -0,0 +1,114 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - command: + - /root/job_complete.py + args: + - -j + - {{ .Release.Name }}-aaf-create-config + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-job-complete + - command: + - /root/ready.py + args: + - --container-name + - aaf-cs + - --container-name + - aaf-locate + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness + containers: + - env: + - name: CASSANDRA_CLUSTER + value: cassandra_container + name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: ["/bin/bash","-c","echo hello >> /opt/app/osaaf/logs/fs/stdout`date -I`;ln -s /opt/app/osaaf/data /data;/opt/app/aaf/fs/bin/fs >> /opt/app/osaaf/logs/fs/stdout`date -I` 2>> /opt/app/osaaf/logs/fs/stderr`date -I`"] + volumeMounts: + - mountPath: /opt/app/osaaf + name: aaf-persistent-vol + - mountPath: /etc/localtime + name: localtime + readOnly: true + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + resources: +{{ toYaml .Values.resources | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: aaf-persistent-vol + {{- if .Values.global.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ .Release.Name }}-aaf-pvc + {{- else }} + emptyDir: {} + {{- end }} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/charts/aaf-fs/templates/service.yaml b/charts/aaf-fs/templates/service.yaml new file mode 100644 index 0000000..281aa1c --- /dev/null +++ b/charts/aaf-fs/templates/service.yaml @@ -0,0 +1,41 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort }} + #Example internal target port if required + #targetPort: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + type: {{ .Values.service.type }} diff --git a/charts/aaf-fs/values.yaml b/charts/aaf-fs/values.yaml new file mode 100644 index 0000000..be0f53d --- /dev/null +++ b/charts/aaf-fs/values.yaml @@ -0,0 +1,86 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== + readinessRepository: oomk8s + readinessImage: readiness-check:1.1.0 + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/aaf/aaf_fs:2.1.0-SNAPSHOT +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration +config: {} + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + +service: + name: aaf-fs + type: ClusterIP + portName: aaf-fs + #targetPort + internalPort: 8096 + #port + externalPort: 8096 + +ingress: + enabled: false + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # + # Example: + # Configure resource requests and limits + # ref: http://kubernetes.io/docs/user-guide/compute-resources/ + # Minimum memory for development is 2 CPU cores and 4GB memory + # Minimum memory for production is 4 CPU cores and 8GB memory +#resources: +# limits: +# cpu: 2 +# memory: 4Gi +# requests: +# cpu: 2 +# memory: 4Gi diff --git a/charts/aaf-gui/.helmignore b/charts/aaf-gui/.helmignore new file mode 100644 index 0000000..f0c1319 --- /dev/null +++ b/charts/aaf-gui/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/charts/aaf-gui/Chart.yaml b/charts/aaf-gui/Chart.yaml new file mode 100644 index 0000000..d0aea0b --- /dev/null +++ b/charts/aaf-gui/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: ONAP AAF GUI +name: aaf-gui +version: 2.0.0 \ No newline at end of file diff --git a/charts/aaf-gui/templates/NOTES.txt b/charts/aaf-gui/templates/NOTES.txt new file mode 100644 index 0000000..c60c745 --- /dev/null +++ b/charts/aaf-gui/templates/NOTES.txt @@ -0,0 +1,19 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} +{{- end }} diff --git a/charts/aaf-gui/templates/deployment.yaml b/charts/aaf-gui/templates/deployment.yaml new file mode 100644 index 0000000..ee503ca --- /dev/null +++ b/charts/aaf-gui/templates/deployment.yaml @@ -0,0 +1,114 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - command: + - /root/job_complete.py + args: + - -j + - {{ .Release.Name }}-aaf-create-config + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-job-complete + - command: + - /root/ready.py + args: + - --container-name + - aaf-cs + - --container-name + - aaf-locate + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness + containers: + - env: + - name: CASSANDRA_CLUSTER + value: cassandra_container + name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/gui/bin/gui >> /opt/app/osaaf/logs/gui/stdout`date -I` 2>> /opt/app/osaaf/logs/gui/stderr`date -I`"] + volumeMounts: + - mountPath: /opt/app/osaaf + name: aaf-persistent-vol + - mountPath: /etc/localtime + name: localtime + readOnly: true + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + resources: +{{ toYaml .Values.resources | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: aaf-persistent-vol + {{- if .Values.global.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ .Release.Name }}-aaf-pvc + {{- else }} + emptyDir: {} + {{- end }} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/charts/aaf-gui/templates/service.yaml b/charts/aaf-gui/templates/service.yaml new file mode 100644 index 0000000..281aa1c --- /dev/null +++ b/charts/aaf-gui/templates/service.yaml @@ -0,0 +1,41 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort }} + #Example internal target port if required + #targetPort: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + type: {{ .Values.service.type }} diff --git a/charts/aaf-gui/values.yaml b/charts/aaf-gui/values.yaml new file mode 100644 index 0000000..02c572f --- /dev/null +++ b/charts/aaf-gui/values.yaml @@ -0,0 +1,87 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== + readinessRepository: oomk8s + readinessImage: readiness-check:1.1.0 + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/aaf/aaf_gui:2.1.0-SNAPSHOT +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration +config: {} + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + +service: + name: aaf-gui + type: NodePort + portName: aaf-gui + #targetPort + internalPort: 8200 + #port + externalPort: 8200 + nodePort: 51 + +ingress: + enabled: false + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # + # Example: + # Configure resource requests and limits + # ref: http://kubernetes.io/docs/user-guide/compute-resources/ + # Minimum memory for development is 2 CPU cores and 4GB memory + # Minimum memory for production is 4 CPU cores and 8GB memory +#resources: +# limits: +# cpu: 2 +# memory: 4Gi +# requests: +# cpu: 2 +# memory: 4Gi diff --git a/charts/aaf-hello/.helmignore b/charts/aaf-hello/.helmignore new file mode 100644 index 0000000..f0c1319 --- /dev/null +++ b/charts/aaf-hello/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/charts/aaf-hello/Chart.yaml b/charts/aaf-hello/Chart.yaml new file mode 100644 index 0000000..c4029ba --- /dev/null +++ b/charts/aaf-hello/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: ONAP AAF Hello +name: aaf-hello +version: 2.0.0 \ No newline at end of file diff --git a/charts/aaf-hello/templates/NOTES.txt b/charts/aaf-hello/templates/NOTES.txt new file mode 100644 index 0000000..c60c745 --- /dev/null +++ b/charts/aaf-hello/templates/NOTES.txt @@ -0,0 +1,19 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} +{{- end }} diff --git a/charts/aaf-hello/templates/deployment.yaml b/charts/aaf-hello/templates/deployment.yaml new file mode 100644 index 0000000..b47d878 --- /dev/null +++ b/charts/aaf-hello/templates/deployment.yaml @@ -0,0 +1,114 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - command: + - /root/job_complete.py + args: + - -j + - {{ .Release.Name }}-aaf-create-config + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-job-complete + - command: + - /root/ready.py + args: + - --container-name + - aaf-cs + - --container-name + - aaf-locate + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness + containers: + - env: + - name: CASSANDRA_CLUSTER + value: cassandra_container + name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/hello/bin/hello >> /opt/app/osaaf/logs/hello/stdout`date -I` 2>> /opt/app/osaaf/logs/hello/stderr`date -I`"] + volumeMounts: + - mountPath: /opt/app/osaaf + name: aaf-persistent-vol + - mountPath: /etc/localtime + name: localtime + readOnly: true + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + resources: +{{ toYaml .Values.resources | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: aaf-persistent-vol + {{- if .Values.global.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ .Release.Name }}-aaf-pvc + {{- else }} + emptyDir: {} + {{- end }} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/charts/aaf-hello/templates/service.yaml b/charts/aaf-hello/templates/service.yaml new file mode 100644 index 0000000..281aa1c --- /dev/null +++ b/charts/aaf-hello/templates/service.yaml @@ -0,0 +1,41 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort }} + #Example internal target port if required + #targetPort: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + type: {{ .Values.service.type }} diff --git a/charts/aaf-hello/values.yaml b/charts/aaf-hello/values.yaml new file mode 100644 index 0000000..ad95b07 --- /dev/null +++ b/charts/aaf-hello/values.yaml @@ -0,0 +1,86 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== + readinessRepository: oomk8s + readinessImage: readiness-check:1.1.0 + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/aaf/aaf_hello:2.1.0-SNAPSHOT +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration +config: {} + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + +service: + name: aaf-hello + type: ClusterIP + portName: aaf-hello + #targetPort + internalPort: 8130 + #port + externalPort: 8130 + +ingress: + enabled: false + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # + # Example: + # Configure resource requests and limits + # ref: http://kubernetes.io/docs/user-guide/compute-resources/ + # Minimum memory for development is 2 CPU cores and 4GB memory + # Minimum memory for production is 4 CPU cores and 8GB memory +#resources: +# limits: +# cpu: 2 +# memory: 4Gi +# requests: +# cpu: 2 +# memory: 4Gi diff --git a/charts/aaf-locate/.helmignore b/charts/aaf-locate/.helmignore new file mode 100644 index 0000000..f0c1319 --- /dev/null +++ b/charts/aaf-locate/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/charts/aaf-locate/Chart.yaml b/charts/aaf-locate/Chart.yaml new file mode 100644 index 0000000..db50ec3 --- /dev/null +++ b/charts/aaf-locate/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: ONAP AAF Locate +name: aaf-locate +version: 2.0.0 \ No newline at end of file diff --git a/charts/aaf-locate/templates/NOTES.txt b/charts/aaf-locate/templates/NOTES.txt new file mode 100644 index 0000000..c60c745 --- /dev/null +++ b/charts/aaf-locate/templates/NOTES.txt @@ -0,0 +1,19 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} +{{- end }} diff --git a/charts/aaf-locate/templates/deployment.yaml b/charts/aaf-locate/templates/deployment.yaml new file mode 100644 index 0000000..de5a46e --- /dev/null +++ b/charts/aaf-locate/templates/deployment.yaml @@ -0,0 +1,112 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - command: + - /root/job_complete.py + args: + - -j + - {{ .Release.Name }}-aaf-create-config + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-job-complete + - command: + - /root/ready.py + args: + - --container-name + - aaf-cs + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness + containers: + - env: + - name: CASSANDRA_CLUSTER + value: cassandra_container + name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/locate/bin/locate >> /opt/app/osaaf/logs/locate/stdout`date -I` 2>> /opt/app/osaaf/logs/locate/stderr`date -I`"] + volumeMounts: + - mountPath: /opt/app/osaaf + name: aaf-persistent-vol + - mountPath: /etc/localtime + name: localtime + readOnly: true + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + resources: +{{ toYaml .Values.resources | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: aaf-persistent-vol + {{- if .Values.global.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ .Release.Name }}-aaf-pvc + {{- else }} + emptyDir: {} + {{- end }} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/charts/aaf-locate/templates/service.yaml b/charts/aaf-locate/templates/service.yaml new file mode 100644 index 0000000..281aa1c --- /dev/null +++ b/charts/aaf-locate/templates/service.yaml @@ -0,0 +1,41 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort }} + #Example internal target port if required + #targetPort: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + type: {{ .Values.service.type }} diff --git a/charts/aaf-locate/values.yaml b/charts/aaf-locate/values.yaml new file mode 100644 index 0000000..fbed947 --- /dev/null +++ b/charts/aaf-locate/values.yaml @@ -0,0 +1,90 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== + readinessRepository: oomk8s + readinessImage: readiness-check:1.1.0 + +# If mountPath is over NFS (e.g. /dockerdata-nfs is NFS mounted between the nodes), uncomment following lines. +# persistence: +# mountPath: /dockerdata + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/aaf/aaf_locate:2.1.0-SNAPSHOT +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration +config: {} + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + +service: + name: aaf-locate + type: ClusterIP + portName: aaf-locate + #targetPort + internalPort: 8095 + #port + externalPort: 8095 + +ingress: + enabled: false + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # + # Example: + # Configure resource requests and limits + # ref: http://kubernetes.io/docs/user-guide/compute-resources/ + # Minimum memory for development is 2 CPU cores and 4GB memory + # Minimum memory for production is 4 CPU cores and 8GB memory +#resources: +# limits: +# cpu: 2 +# memory: 4Gi +# requests: +# cpu: 2 +# memory: 4Gi diff --git a/charts/aaf-oauth/.helmignore b/charts/aaf-oauth/.helmignore new file mode 100644 index 0000000..f0c1319 --- /dev/null +++ b/charts/aaf-oauth/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/charts/aaf-oauth/Chart.yaml b/charts/aaf-oauth/Chart.yaml new file mode 100644 index 0000000..bcb135b --- /dev/null +++ b/charts/aaf-oauth/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: ONAP AAF OAuth +name: aaf-oauth +version: 2.0.0 \ No newline at end of file diff --git a/charts/aaf-oauth/templates/NOTES.txt b/charts/aaf-oauth/templates/NOTES.txt new file mode 100644 index 0000000..c60c745 --- /dev/null +++ b/charts/aaf-oauth/templates/NOTES.txt @@ -0,0 +1,19 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} +{{- end }} diff --git a/charts/aaf-oauth/templates/deployment.yaml b/charts/aaf-oauth/templates/deployment.yaml new file mode 100644 index 0000000..00d6ee0 --- /dev/null +++ b/charts/aaf-oauth/templates/deployment.yaml @@ -0,0 +1,114 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - command: + - /root/job_complete.py + args: + - -j + - {{ .Release.Name }}-aaf-create-config + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-job-complete + - command: + - /root/ready.py + args: + - --container-name + - aaf-cs + - --container-name + - aaf-locate + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness + containers: + - env: + - name: CASSANDRA_CLUSTER + value: cassandra_container + name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/oauth/bin/oauth >> /opt/app/osaaf/logs/oauth/stdout`date -I` 2>> /opt/app/osaaf/logs/oauth/stderr`date -I`"] + volumeMounts: + - mountPath: /opt/app/osaaf + name: aaf-persistent-vol + - mountPath: /etc/localtime + name: localtime + readOnly: true + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + resources: +{{ toYaml .Values.resources | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: aaf-persistent-vol + {{- if .Values.global.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ .Release.Name }}-aaf-pvc + {{- else }} + emptyDir: {} + {{- end }} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/charts/aaf-oauth/templates/service.yaml b/charts/aaf-oauth/templates/service.yaml new file mode 100644 index 0000000..281aa1c --- /dev/null +++ b/charts/aaf-oauth/templates/service.yaml @@ -0,0 +1,41 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort }} + #Example internal target port if required + #targetPort: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + type: {{ .Values.service.type }} diff --git a/charts/aaf-oauth/values.yaml b/charts/aaf-oauth/values.yaml new file mode 100644 index 0000000..4311696 --- /dev/null +++ b/charts/aaf-oauth/values.yaml @@ -0,0 +1,86 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== + readinessRepository: oomk8s + readinessImage: readiness-check:1.1.0 + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/aaf/aaf_oauth:2.1.0-SNAPSHOT +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration +config: {} + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + +service: + name: aaf-oauth + type: ClusterIP + portName: aaf-oauth + #targetPort + internalPort: 8140 + #port + externalPort: 8140 + +ingress: + enabled: false + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # + # Example: + # Configure resource requests and limits + # ref: http://kubernetes.io/docs/user-guide/compute-resources/ + # Minimum memory for development is 2 CPU cores and 4GB memory + # Minimum memory for production is 4 CPU cores and 8GB memory +#resources: +# limits: +# cpu: 2 +# memory: 4Gi +# requests: +# cpu: 2 +# memory: 4Gi diff --git a/charts/aaf-service/Chart.yaml b/charts/aaf-service/Chart.yaml new file mode 100644 index 0000000..3461f1a --- /dev/null +++ b/charts/aaf-service/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: ONAP AAF Service +name: aaf-service +version: 2.0.0 diff --git a/charts/aaf-service/templates/deployment.yaml b/charts/aaf-service/templates/deployment.yaml new file mode 100644 index 0000000..9fd6eba --- /dev/null +++ b/charts/aaf-service/templates/deployment.yaml @@ -0,0 +1,114 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - command: + - /root/job_complete.py + args: + - -j + - {{ .Release.Name }}-aaf-create-config + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-job-complete + - command: + - /root/ready.py + args: + - --container-name + - aaf-cs + - --container-name + - aaf-locate + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness + containers: + - env: + - name: CASSANDRA_CLUSTER + value: cassandra_container + name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/service/bin/service >> /opt/app/osaaf/logs/service/stdout`date -I` 2>> /opt/app/osaaf/logs/service/stderr`date -I`"] + volumeMounts: + - mountPath: /opt/app/osaaf + name: aaf-persistent-vol + - mountPath: /etc/localtime + name: localtime + readOnly: true + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + resources: +{{ toYaml .Values.resources | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: aaf-persistent-vol + {{- if .Values.global.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ .Release.Name }}-aaf-pvc + {{- else }} + emptyDir: {} + {{- end }} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/charts/aaf-service/templates/service.yaml b/charts/aaf-service/templates/service.yaml new file mode 100644 index 0000000..281aa1c --- /dev/null +++ b/charts/aaf-service/templates/service.yaml @@ -0,0 +1,41 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort }} + #Example internal target port if required + #targetPort: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + type: {{ .Values.service.type }} diff --git a/charts/aaf-service/values.yaml b/charts/aaf-service/values.yaml new file mode 100644 index 0000000..33c1644 --- /dev/null +++ b/charts/aaf-service/values.yaml @@ -0,0 +1,87 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/aaf/aaf_service:2.1.0-SNAPSHOT +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration +config: {} + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + +service: + name: aaf-service + type: NodePort + portName: aaf-service + #targetPort + internalPort: 8100 + #port + externalPort: 8100 + nodePort: 50 + +ingress: + enabled: false + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # + # Example: + # Configure resource requests and limits + # ref: http://kubernetes.io/docs/user-guide/compute-resources/ + # Minimum memory for development is 2 CPU cores and 4GB memory + # Minimum memory for production is 4 CPU cores and 8GB memory +#resources: +# limits: +# cpu: 2 +# memory: 4Gi +# requests: +# cpu: 2 +# memory: 4Gi diff --git a/charts/aaf-sms/charts/aaf-sms-vault/templates/statefulset.yaml b/charts/aaf-sms/charts/aaf-sms-vault/templates/statefulset.yaml index 26f0304..ddfc7c6 100644 --- a/charts/aaf-sms/charts/aaf-sms-vault/templates/statefulset.yaml +++ b/charts/aaf-sms/charts/aaf-sms-vault/templates/statefulset.yaml @@ -75,4 +75,5 @@ spec: - name: localtime hostPath: path: /etc/localtime - + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" \ No newline at end of file diff --git a/charts/aaf-sms/charts/aaf-sms-vault/values.yaml b/charts/aaf-sms/charts/aaf-sms-vault/values.yaml index 07b8c33..53e7286 100644 --- a/charts/aaf-sms/charts/aaf-sms-vault/values.yaml +++ b/charts/aaf-sms/charts/aaf-sms-vault/values.yaml @@ -21,10 +21,10 @@ global: persistence: {} # application image -repository: docker.io +repository: nexus3.onap.org:10001 image: - consul: consul:1.0.6 - vault: vault:0.10.0 + consul: library/consul:1.0.6 + vault: library/vault:0.10.0 pullPolicy: Always # flag to enable debugging - application support required diff --git a/requirements.yaml b/requirements.yaml index fb4321d..1e8f788 100644 --- a/requirements.yaml +++ b/requirements.yaml @@ -1,7 +1,18 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + dependencies: - name: common version: ~2.0.0 - # local reference to common chart, as it is - # a part of this chart's package and will not - # be published independently to a repo (at this point) - repository: '@local' + repository: '@local' \ No newline at end of file diff --git a/resources/config/aaf-data/identities.dat b/resources/config/aaf-data/identities.dat deleted file mode 100644 index 95eb51d..0000000 --- a/resources/config/aaf-data/identities.dat +++ /dev/null @@ -1,9 +0,0 @@ -iowna|Ima D. Owner|Ima|Owner|314-123-2000|ima.d.owner@osaaf.com|e| -mmanager|Mark D. Manager|Mark|Manager|314-123-1234|mark.d.manager@osaaf.com|e|iowna -bdevl|Robert D. Developer|Bob|Developer|314-123-1235|bob.d.develper@osaaf.com|e|mmanager -mmarket|Mary D. Marketer|Mary|Marketer|314-123-1236|mary.d.marketer@osaaf.com|e|mmanager -ccontra|Clarice D. Contractor|Clarice|Contractor|314-123-1237|clarice.d.contractor@osaaf.com|c|mmanager -iretired|Ira Lee M. Retired|Ira|Retired|314-123-1238|clarice.d.contractor@osaaf.com|n|mmanager -osaaf|ID of AAF|||||a|bdevl -m99751|ID of AAF|||||a|bdevl -m99501|ID of AAF|||||a|bdevl diff --git a/resources/config/backup/backup.sh b/resources/config/backup/backup.sh new file mode 100644 index 0000000..1359d3d --- /dev/null +++ b/resources/config/backup/backup.sh @@ -0,0 +1,32 @@ +# BEGIN Store prev +BD=/opt/app/osaaf/backup +if [ -e "$BD/6day" ]; then + rm -Rf $BD/6day +fi + +PREV=$BD/6day +for D in $BD/5day $BD/4day $BD/3day $BD/2day $BD/yesterday; do + if [ -e "$D" ]; then + mv "$D" "$PREV" + fi + PREV="$D" +done + +if [ -e "$BD/today" ]; then + if [ -e "$BD/backup.log" ]; then + mv $BD/backup.log $BD/today + fi + gzip $BD/today/* + mv $BD/today $BD/yesterday +fi + +mkdir $BD/today + +# END Store prev +date +docker exec -t aaf_cass bash -c "mkdir -p /opt/app/cass_backup" +docker container cp $BD/cbackup.sh aaf_cass:/opt/app/cass_backup/backup.sh +# echo "login as Root, then run \nbash /opt/app/cass_backup/backup.sh" +docker exec -t aaf_cass bash /opt/app/cass_backup/backup.sh +docker container cp aaf_cass:/opt/app/cass_backup/. $BD/today +date diff --git a/resources/config/backup/cbackup.sh b/resources/config/backup/cbackup.sh new file mode 100644 index 0000000..9c91d0c --- /dev/null +++ b/resources/config/backup/cbackup.sh @@ -0,0 +1,8 @@ +cd /opt/app/cass_backup +DATA="ns role perm ns_attrib user_role cred cert x509 delegate approval approved future notify artifact health history" +PWD=cassandra +CQLSH="cqlsh -u cassandra -k authz -p $PWD" +for T in $DATA ; do + echo "Creating $T.dat" + $CQLSH -e "COPY authz.$T TO '$T.dat' WITH DELIMITER='|'" +done diff --git a/resources/config/data/identities.dat b/resources/config/data/identities.dat new file mode 100644 index 0000000..39d18a1 --- /dev/null +++ b/resources/config/data/identities.dat @@ -0,0 +1,27 @@ +# +# Sample Identities.dat +# This file is for use with the "Default Organization". It is a simple mechanism to have a basic ILM structure to use with +# out-of-the-box tire-kicking, or even for Small companies +# +# For Larger Companies, you will want to create a new class implementing the "Organization" interface, making calls to your ILM, or utilizing +# batch feeds, as is appropriate for your company. +# +# Example Field Layout. note, in this example, Application IDs and People IDs are mixed. You may want to split +# out AppIDs, choose your own status indicators, or whatever you use. +# 0 - unique ID +# 1 - full name +# 2 - first name +# 3 - last name +# 4 - phone +# 5 - official email +# 6 - employment status e=employee, c=contractor, a=application, n=no longer with company +# 7 - responsible to (i.e Supervisor for People, or AppOwner, if it's an App ID) +# + +iowna|Ima D. Owner|Ima|Owner|314-123-2000|ima.d.owner@osaaf.com|e| +mmanager|Mark D. Manager|Mark|Manager|314-123-1234|mark.d.manager@osaaf.com|e|iowna +bdevl|Robert D. Developer|Bob|Developer|314-123-1235|bob.d.develper@osaaf.com|e|mmanager +mmarket|Mary D. Marketer|Mary|Marketer|314-123-1236|mary.d.marketer@osaaf.com|e|mmanager +ccontra|Clarice D. Contractor|Clarice|Contractor|314-123-1237|clarice.d.contractor@osaaf.com|c|mmanager +iretired|Ira Lee M. Retired|Ira|Retired|314-123-1238|clarice.d.contractor@osaaf.com|n|mmanager +osaaf|ID of AAF|||||a|bdevl diff --git a/resources/config/data/sample.identities.dat b/resources/config/data/sample.identities.dat new file mode 100644 index 0000000..39d18a1 --- /dev/null +++ b/resources/config/data/sample.identities.dat @@ -0,0 +1,27 @@ +# +# Sample Identities.dat +# This file is for use with the "Default Organization". It is a simple mechanism to have a basic ILM structure to use with +# out-of-the-box tire-kicking, or even for Small companies +# +# For Larger Companies, you will want to create a new class implementing the "Organization" interface, making calls to your ILM, or utilizing +# batch feeds, as is appropriate for your company. +# +# Example Field Layout. note, in this example, Application IDs and People IDs are mixed. You may want to split +# out AppIDs, choose your own status indicators, or whatever you use. +# 0 - unique ID +# 1 - full name +# 2 - first name +# 3 - last name +# 4 - phone +# 5 - official email +# 6 - employment status e=employee, c=contractor, a=application, n=no longer with company +# 7 - responsible to (i.e Supervisor for People, or AppOwner, if it's an App ID) +# + +iowna|Ima D. Owner|Ima|Owner|314-123-2000|ima.d.owner@osaaf.com|e| +mmanager|Mark D. Manager|Mark|Manager|314-123-1234|mark.d.manager@osaaf.com|e|iowna +bdevl|Robert D. Developer|Bob|Developer|314-123-1235|bob.d.develper@osaaf.com|e|mmanager +mmarket|Mary D. Marketer|Mary|Marketer|314-123-1236|mary.d.marketer@osaaf.com|e|mmanager +ccontra|Clarice D. Contractor|Clarice|Contractor|314-123-1237|clarice.d.contractor@osaaf.com|c|mmanager +iretired|Ira Lee M. Retired|Ira|Retired|314-123-1238|clarice.d.contractor@osaaf.com|n|mmanager +osaaf|ID of AAF|||||a|bdevl diff --git a/resources/config/etc/org.osaaf.cm.props b/resources/config/etc/org.osaaf.cm.props new file mode 100644 index 0000000..d634cfe --- /dev/null +++ b/resources/config/etc/org.osaaf.cm.props @@ -0,0 +1,14 @@ +## +## org.osaaf.cm.props +## AAF Certificate Manager properties +## Note: Link to CA Properties in "local" dir +## +cadi_prop_files=/opt/app/osaaf/etc/org.osaaf.common.props:/opt/app/osaaf/local/org.osaaf.cassandra.props:/opt/app/osaaf/local/org.osaaf.cm.ca.props +aaf_component=AAF_NS.cm:2.1.0.0 +port=8150 +cadi_registration_hostname={{.Values.config.cmServiceName}} +#Certman +cm_public_dir=/opt/app/osaaf/public +cm_trust_cas=AAF_RootCA.cer + + diff --git a/resources/config/etc/org.osaaf.common.props b/resources/config/etc/org.osaaf.common.props new file mode 100644 index 0000000..8b75e70 --- /dev/null +++ b/resources/config/etc/org.osaaf.common.props @@ -0,0 +1,29 @@ +############################################################ +# Common properties for all AAF Components +# on 2018-03-02 06:59.628-0500 +############################################################ +# Pull in Global Coordinates and Certificate Information +aaf_root_ns=org.osaaf.aaf +aaf_trust_perm=org.osaaf.aaf|org.onap|trust + +cadi_prop_files=/opt/app/osaaf/local/org.osaaf.location.props:/opt/app/osaaf/local/org.osaaf.aaf.props +cadi_protocols=TLSv1.1,TLSv1.2 + +aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.0 +cadi_loginpage_url=https://AAF_LOCATE_URL/AAF_NS.gui:2.0/login + +# Standard for this App/Machine +aaf_env=DEV +aaf_data_dir=/opt/app/osaaf/data +cadi_loglevel=DEBUG + +# Domain Support (which will accept) +aaf_domain_support=.com:.org + +# Basic Auth +aaf_default_realm=people.osaaf.org + +# OAuth2 +aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.0/token +aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.0/introspect + diff --git a/resources/config/etc/org.osaaf.fs.props b/resources/config/etc/org.osaaf.fs.props new file mode 100644 index 0000000..d499f97 --- /dev/null +++ b/resources/config/etc/org.osaaf.fs.props @@ -0,0 +1,10 @@ +## +## org.osaaf.locator +## AAF Locator Properties +## +cadi_prop_files=/opt/app/osaaf/etc/org.osaaf.common.props +aaf_component=AAF_NS.fs:2.1.0.0 +port=8096 +cadi_registration_hostname={{.Values.config.fsServiceName}} + +aaf_public_dir=/opt/app/osaaf/public diff --git a/resources/config/etc/org.osaaf.gui.props b/resources/config/etc/org.osaaf.gui.props new file mode 100644 index 0000000..86b3aa6 --- /dev/null +++ b/resources/config/etc/org.osaaf.gui.props @@ -0,0 +1,31 @@ +## +## org.osaaf.locator +## AAF Locator Properties +## +cadi_prop_files=/opt/app/osaaf/etc/org.osaaf.common.props:/opt/app/osaaf/etc/org.osaaf.orgs.props +aaf_component=AAF_NS.gui:2.1.0.0 +port=8200 +cadi_registration_hostname={{.Values.config.guiServiceName}} + +aaf_gui_title=AAF +aaf_gui_copyright=(c) 2018 AT&T Intellectual Property. All rights reserved. +aaf_gui_theme=theme/onap +cadi_loginpage_url=https://AAF_LOCATE_URL/com.att.aaf.gui:2.0/login + +# GUI URLS and Help URLS +cm_url=https://{{.Values.config.cmServiceName}}:8150 +gw_url=https://{{.Values.config.locateServiceName}}:8095 +fs_url=http://{{.Values.config.fsServiceName}}:8096 + +aaf_url.gui_onboard=https://wiki.web.att.com/display/aaf/OnBoarding +aaf_url.cuigui=https://wiki.web.att.com/display/aaf/Using+the+Command+Prompt + +aaf_url.aaf_help=https://wiki.onap.org/display/DW/Application+Authorization+Framework+Documentation +aaf_url.aaf_help.sub=Bootstrapping+AAF,Installation+Guide +aaf_url.aaf_help.sub.Bootstrapping+AAF=https://wiki.onap.org/display/DW/Bootstrapping+AAF +aaf_url.aaf_help.sub.Installation+Guide=https://wiki.onap.org/display/DW/AAF+Installation+Guide +#aaf_url.cadi_help= +aaf_url.tools=AAF+Projects,AAF+Jira,AAF+Calendar +aaf_url.tool=AAF+Jira=https://jira.onap.org/secure/RapidBoard.jspa?rapidView=69&projectKey=AAF&view=detail&selectedIssue=AAF-134 +aaf_url.tool.AAF+Projects=https://gerrit.onap.org/r/#/admin/projects/?filter=aaf%2F +aaf_url.tool.AAF+Calendar=https://wiki.onap.org/pages/viewpage.action?pageId=6587439 diff --git a/resources/config/etc/org.osaaf.hello.props b/resources/config/etc/org.osaaf.hello.props new file mode 100644 index 0000000..d832aaf --- /dev/null +++ b/resources/config/etc/org.osaaf.hello.props @@ -0,0 +1,8 @@ +## +## org.osaaf.locator +## AAF Locator Properties +## +cadi_prop_files=/opt/app/osaaf/etc/org.osaaf.common.props +aaf_component=AAF_NS.hello:2.1.0.0 +port=8130 +cadi_registration_hostname={{.Values.config.helloServiceName}} diff --git a/resources/config/etc/org.osaaf.locate.props b/resources/config/etc/org.osaaf.locate.props new file mode 100644 index 0000000..47a174e --- /dev/null +++ b/resources/config/etc/org.osaaf.locate.props @@ -0,0 +1,8 @@ +## +## org.osaaf.locator +## AAF Locator Properties +## +cadi_prop_files=/opt/app/osaaf/etc/org.osaaf.common.props:/opt/app/osaaf/local/org.osaaf.cassandra.props +aaf_component=AAF_NS.locator:2.1.0.0 +port=8095 +cadi_registration_hostname={{.Values.config.locateServiceName}} diff --git a/resources/config/etc/org.osaaf.log4j.props b/resources/config/etc/org.osaaf.log4j.props new file mode 100644 index 0000000..9f10802 --- /dev/null +++ b/resources/config/etc/org.osaaf.log4j.props @@ -0,0 +1,51 @@ +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +# +log4j.appender.INIT=org.apache.log4j.DailyRollingFileAppender +log4j.appender.INIT.File=${LOG4J_FILENAME_init} +log4j.appender.INIT.DatePattern='.'yyyy-MM-dd +log4j.appender.INIT.layout=org.apache.log4j.PatternLayout +log4j.appender.INIT.layout.ConversionPattern=%d{yyyy-MM-dd HH:mm:ss,SSSZ} %m %n + +log4j.appender.SRVR=org.apache.log4j.DailyRollingFileAppender +log4j.appender.SRVR.File=${LOG4J_FILENAME_service} +log4j.appender.SRVR.DatePattern='.'yyyy-MM-dd +log4j.appender.SRVR.layout=org.apache.log4j.PatternLayout +log4j.appender.SRVR.layout.ConversionPattern=%d{yyyy-MM-dd HH:mm:ss,SSSZ} %p [%c] %m %n + +log4j.appender.AUDIT=org.apache.log4j.DailyRollingFileAppender +log4j.appender.AUDIT.File=${LOG4J_FILENAME_audit} +log4j.appender.AUDIT.DatePattern='.'yyyy-MM-dd +log4j.appender.AUDIT.layout=org.apache.log4j.PatternLayout +log4j.appender.AUDIT.layout.ConversionPattern=%d{yyyy-MM-dd HH:mm:ss,SSSZ} %m %n + +log4j.appender.stdout=org.apache.log4j.ConsoleAppender +log4j.appender.stdout.layout=org.apache.log4j.PatternLayout +log4j.appender.stdout.layout.ConversionPattern=%d %p [%c] %m %n + +# General Apache libraries +log4j.rootLogger=WARN.SRVR +log4j.logger.org.apache=WARN,SRVR +log4j.logger.com.datastax=WARN,SRVR +log4j.logger.init=INFO,INIT +log4j.logger.service=${LOGGING_LEVEL},SRVR +log4j.logger.audit=INFO,AUDIT +# Additional configs, not cauth with Root Logger +log4j.logger.io.netty=INFO,SRVR +log4j.logger.org.eclipse=INFO,SRVR + + diff --git a/resources/config/etc/org.osaaf.oauth.props b/resources/config/etc/org.osaaf.oauth.props new file mode 100644 index 0000000..82e80c7 --- /dev/null +++ b/resources/config/etc/org.osaaf.oauth.props @@ -0,0 +1,8 @@ +## +## org.osaaf.locator +## AAF Locator Properties +## +cadi_prop_files=/opt/app/osaaf/etc/org.osaaf.common.props:/opt/app/osaaf/local/org.osaaf.cassandra.props +aaf_component=AAF_NS.oauth:2.1.0.0 +port=8140 +cadi_registration_hostname={{.Values.config.oauthServiceName}} diff --git a/resources/config/etc/org.osaaf.orgs.props b/resources/config/etc/org.osaaf.orgs.props new file mode 100644 index 0000000..66bfd2f --- /dev/null +++ b/resources/config/etc/org.osaaf.orgs.props @@ -0,0 +1,11 @@ +# +# Define Organizations for use in some of the components. Not all use them +# +Organization.org.osaaf=org.onap.aaf.org.DefaultOrg +org.osaaf.mailHost=smtp.mail.att.com +org.osaaf.mailFrom=DL-aaf-support@aaf.att.com +org.osaaf.default=true +org.osaaf.also_supports=org.osaaf.people + + + diff --git a/resources/config/etc/org.osaaf.service.props b/resources/config/etc/org.osaaf.service.props new file mode 100644 index 0000000..ff3e0b5 --- /dev/null +++ b/resources/config/etc/org.osaaf.service.props @@ -0,0 +1,8 @@ +## +## org.osaaf.service +## AAF Service Properties +## +cadi_prop_files=/opt/app/osaaf/etc/org.osaaf.common.props:/opt/app/osaaf/local/org.osaaf.cassandra.props:/opt/app/osaaf/etc/org.osaaf.orgs.props +aaf_component=AAF_NS.service:2.1.0.0 +port=8100 +cadi_registration_hostname={{.Values.config.serviceServiceName}} diff --git a/resources/config/local/org.osaaf.aaf.cm.p12 b/resources/config/local/org.osaaf.aaf.cm.p12 new file mode 100644 index 0000000..63aedd2 Binary files /dev/null and b/resources/config/local/org.osaaf.aaf.cm.p12 differ diff --git a/resources/config/local/org.osaaf.aaf.keyfile b/resources/config/local/org.osaaf.aaf.keyfile new file mode 100644 index 0000000..7206ad9 --- /dev/null +++ b/resources/config/local/org.osaaf.aaf.keyfile @@ -0,0 +1,27 @@ +rmaOaytuFLnhz07oilUO0nO_mZ18XInIi56OoezdUTR5f1GR45lp_nX7marcYv7j2ZS-dpWOSur0 +sK5M-ByrgxfUPyk749Ex4nGSMLnAq-nFMaREpGZPmNP-ul_vCxCmaHUnWKPJB4jx_K_osKPb0-ng +tqX0hnpbmcq4okV94MUdUs084ymM5LU-qVU_oYbLUM4dXatobe1go8eX2umrutZbQTjz75i4UEcF +Dv9nDwVqHRGUFMU0NeJlrSlRSO-eiDgVtoSCBGtIkDdKPBTUT3wachHmUBiSBJ3GF05yQP1CwWzz +AQRSwphP11xKI7tSViT5RoxjxfQZiVEbeyg9g9BROe_pLyIDskoW_ujdnPOWRcSIx6Q4J0eew3kb +yqcWUPf1K2nSyBSshlsQ6A9NSOLz_KhyIvP_1OG82m1gir3I77Usl7QqMF8IBXCjJ-H_qqR1u-By +qm_AFjagYA2TgF2YQN-fcneom_5_cA74_xwJ41juhOP72ZWGkX1bAdbiKf85uYo2H3g5HeNWijQL +y4wJ4qFrSptQRyV2Ntf9OLgpOsKsPPiLlNBugmCjHBMaPMbQAYRbsyCH2nKdjjTG3c6iF5Cj9Jco +6McvcrYYuq3ynH-2HoL-T-Zgl2AXLxqK4_dl_H243H-GutoJsmIkELLGS_pCpSt4t7xaDvzqxrTj +4qZ1OjozcpnsqM8HebS28IgoqFaOmrCMqO1MLM_CjAyliTy31P28XEbcYvjEY-FWmnJRSpMLc1Pz +-KOH-2V8uTqn5YlUsFt2TNnc8lEwMH6GSV1vkgxwPQaMUgWV2svc0FfBmTLZI4zNmpMu4cGjaG-f +Z8r_hX7pDPANBTaqFxTp999dnaS3lLdZMNbJNEKFF0xxdRuBzsPKDiLa7ItixInZlUcEnwJVWOhC +kcI2J0cEFGxHxWYmYdqyJIvQzjebk6iDqB-mLi0ai-_XYm1niCxZizT_XJADo9LQtTzq1V6pMgYR +PPfbDKoiYRK6D8nbWsGNOh6xOS7zs8qrnTPxwu5CuZX_EFoejmooHTrXEqw2RzRFw9XqXM8p50C3 +YrwI2lA6kTQItGm0yftAxqfbhbjJp_K1P91ckOYL3ZSYze_hXRmguwYuT5NWlKhBtm5aawuDjXEg +yn7PnRTT0smW40hbYbks5L-2VVxTd3tith6Ltqh95miL6vpG5ByDDQlZCWwkq7XH7iScejDvT6UN +jF1K86mNa8CLXuuSzGl1li1CMxoVzW55G3s0-ICDHqjytiUkiUen2V9VzGT9h4BgDfzbShf31M4_ +biO4NL-mkqlDBbh-KcrYjvNj5qQwHSiLSLuQQBoBtJ3hG9jCu4YBYVWJYctV8r3Js_sGDH4rl5w1 +ujEF6QHWZIF73-u53G_LtvoXBnQcrBW8oLpqP-1Pz5d1bio--bRsNa5qAAilNbYmttiKYOYJn4My +c6QvzF81SqTRZy0Fd0NK_hMCglPkH7sd32UX-LBquvQ_yDqB_ml_pADJhWcfuD4iPAQjR2Vgclxf +GPCDva6YpJDzjjnaExDYmGFVFpbIPLfvGUCit_9zAycx0nW1J_cVT1BWFHijjAh_gnIpa6MtY3BE +G3d8ee6_LAQvvVdBwZ955UwyRd-C7Buc7Xcccw-8hcNBKqOCDlE9j4tie2SdO9m53vZRzcLY6Aiw +BiulIAllqHZQYs0OBcaYgbNgJU-gn9ZMWgS9i3ijPvTTBSNX7y7k4L1a4QOceyuOtt7nkv024YUS +acTRmaGotRBuVfI-C0L4Q9NL56_nUATB5ca2GqgLEKnWKsiN3T9cBg4Ji88E8OdiVcoO8segB-0d +QwWCqCZ8_z_R7zBMlDqpfu5wbvoVx0w9JhLgO9f7eoRozqA3qGLv94i1pN6LuU-Q7YPz4jVxmbb_ +2CHyP1n-o1ZWHfWdz6aByXEzrAZdvjfEWwwMYV5l5jFilTXaCNOCjr9S4YjNn0HITdl7E64C06Im +3QWOsnDv9z1APjnFo12KH_1yWscU0t9gx7FG210Ug6C-G3Bko_tm_YOp0Lkum4qrnxgHMf_a \ No newline at end of file diff --git a/resources/config/local/org.osaaf.aaf.p12 b/resources/config/local/org.osaaf.aaf.p12 new file mode 100644 index 0000000..f40a755 Binary files /dev/null and b/resources/config/local/org.osaaf.aaf.p12 differ diff --git a/resources/config/local/org.osaaf.aaf.props b/resources/config/local/org.osaaf.aaf.props new file mode 100644 index 0000000..37a9d62 --- /dev/null +++ b/resources/config/local/org.osaaf.aaf.props @@ -0,0 +1,17 @@ +############################################################ +# Properties Generated by AT&T Certificate Manager +# by jg1555 +# on 2018-02-21T10:28:08.909-0600 +# @copyright 2016, AT&T +############################################################ +cm_url=https://{{.Values.config.cmServiceName}}:8150 +#hostname=aaf.osaaf.org +aaf_env=DEV +cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US +cadi_keyfile=/opt/app/osaaf/local/org.osaaf.aaf.keyfile +cadi_keystore=/opt/app/osaaf/local/org.osaaf.aaf.p12 +cadi_keystore_password=enc:fDY3WPPqHCMQaZdox2UfpRoEq6b9wUqS-aepo0NiqEFa2t7uYHBdxfQAuEwj9Lwb +#cadi_key_password=enc: +cadi_alias=aaf-authz@aaf.osaaf.org +cadi_truststore=/opt/app/osaaf/local/org.osaaf.aaf.trust.p12 +cadi_truststore_password=enc:5nzj6v3Rb0oZPV1zCxg8EJFfkFvWFGJflLB0i_FN0Np diff --git a/resources/config/local/org.osaaf.aaf.trust.p12 b/resources/config/local/org.osaaf.aaf.trust.p12 new file mode 100644 index 0000000..d01e856 Binary files /dev/null and b/resources/config/local/org.osaaf.aaf.trust.p12 differ diff --git a/resources/config/local/org.osaaf.aaf_new-24e41f2f436018568cbdecdc1edbd605.p12 b/resources/config/local/org.osaaf.aaf_new-24e41f2f436018568cbdecdc1edbd605.p12 new file mode 100644 index 0000000..f40a755 Binary files /dev/null and b/resources/config/local/org.osaaf.aaf_new-24e41f2f436018568cbdecdc1edbd605.p12 differ diff --git a/resources/config/local/org.osaaf.cassandra.props b/resources/config/local/org.osaaf.cassandra.props new file mode 100644 index 0000000..17f238b --- /dev/null +++ b/resources/config/local/org.osaaf.cassandra.props @@ -0,0 +1,29 @@ +############################################################ +# Cassandra properties for AAF Components needing +# on 2018-03-02 06:59.628-0500 +############################################################ +# LOCAL Cassandra +cassandra.clusters={{.Values.config.csServiceName}} +cassandra.clusters.port=9042 +#need this to be fully qualified name when REAL AAF integration +cassandra.clusters.user=cassandra +cassandra.clusters.password=enc:gF_I93pTRMIvj3rof-dx-yK84XYT1UKGf98s1LAJyWV + +# Name for exception that has happened in the past +cassandra.reset.exceptions=com.datastax.driver.core.exceptions.NoHostAvailableException:"no host was tried":"Connection has been closed" + +# Example Consistency Settings for Clusters with at least instances +#cassandra.writeConsistency.ns=LOCAL_QUORUM +#cassandra.writeConsistency.perm=LOCAL_QUORUM +#cassandra.writeConsistency.role=LOCAL_QUORUM +#cassandra.writeConsistency.user_role=LOCAL_QUORUM +#cassandra.writeConsistency.cred=LOCAL_QUORUM +#cassandra.writeConsistency.ns_attrib=LOCAL_QUORUM + +# Consistency Settings when Single Instance +cassandra.writeConsistency.ns=ONE +cassandra.writeConsistency.perm=ONE +cassandra.writeConsistency.role=ONE +cassandra.writeConsistency.user_role=ONE +cassandra.writeConsistency.cred=ONE +cassandra.writeConsistency.ns_attrib=ONE diff --git a/resources/config/local/org.osaaf.cm.ca.props b/resources/config/local/org.osaaf.cm.ca.props new file mode 100644 index 0000000..8843705 --- /dev/null +++ b/resources/config/local/org.osaaf.cm.ca.props @@ -0,0 +1,11 @@ +## +## org.osaaf.cm.ca.props +## Properties to access Certifiate Authority +## + +#Certman +cm_ca.local=org.onap.aaf.auth.cm.ca.LocalCA,/opt/app/osaaf/local/org.osaaf.aaf.cm.p12;aaf_cm_ca;enc:asFEWMNqjH7GktBLb9EGl6L1zfS2qMH5ZS5Zd90KVT5B9ZyRsqx7Gb73YllO8Hyw +cm_ca.local.idDomains=org.osaaf +cm_ca.local.baseSubject=/OU=OSAAF/O=ONAP/C=US +cm_ca.local.perm_type=org.osaaf.aaf.ca + diff --git a/resources/config/local/org.osaaf.location.props b/resources/config/local/org.osaaf.location.props new file mode 100644 index 0000000..fd52d6d --- /dev/null +++ b/resources/config/local/org.osaaf.location.props @@ -0,0 +1,12 @@ +## +## org.osaaf.location.props +## +## Localized Machine Information +## +# Almeda California +cadi_latitude=37.78187 +cadi_longitude=-122.26147 + +#cadi_registration_hostname=aaf-onap-beijing-test.osaaf.org +cadi_trust_masks=10.12.6/24 +aaf_locate_url=https://{{.Values.config.locateServiceName}}:8095 diff --git a/resources/config/public/AAF_RootCA.cer b/resources/config/public/AAF_RootCA.cer new file mode 100644 index 0000000..e9a50d7 --- /dev/null +++ b/resources/config/public/AAF_RootCA.cer @@ -0,0 +1,31 @@ +-----BEGIN CERTIFICATE----- +MIIFPjCCAyagAwIBAgIJAJ6u7cCnzrWdMA0GCSqGSIb3DQEBCwUAMCwxDjAMBgNV +BAsMBU9TQUFGMQ0wCwYDVQQKDARPTkFQMQswCQYDVQQGEwJVUzAeFw0xODA0MDUx +NDE1MjhaFw0zODAzMzExNDE1MjhaMCwxDjAMBgNVBAsMBU9TQUFGMQ0wCwYDVQQK +DARPTkFQMQswCQYDVQQGEwJVUzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC +ggIBAMA5pkgRs7NhGG4ew5JouhyYakgYUyFaG121+/h8qbSdt0hVQv56+EA41Yq7 +XGie7RYDQK9NmAFF3gruE+6X7wvJiChp+Cyd7sFMnb65uWhxEdxWTM2BJFrgfzUn +H8ZCxgaCo3XH4PzlKRy2LQQJEJECwl/RZmRCXijMt5e9h8XoZY/fKkKcZZUsWNCM +pTo266wjvA9MXLmdgReRj0+vrCjrNqy+htwJDztoiHWiYPqT6o8EvGcgjNqjlZx7 +NUNf8MfLDByqKF6+wRbHv1GKjn3/Vijd45Fv8riyRYROiFanvbV6jIfBkv8PZbXg +2VDWsYsgp8NAvMxK+iV8cO+Ck3lBI2GOPZbCEqpPVTYbLUz6sczAlCXwQoPzDIZY +wYa3eR/gYLY1gP2iEVHORag3bLPap9ZX5E8DZkzTNTjovvLk8KaCmfcaUMJsBtDd +ApcUitz10cnRyZc1sX3gE1f3DpzQM6t9C5sOVyRhDcSrKqqwb9m0Ss04XAS9FsqM +P3UWYQyqDXSxlUAYaX892u8mV1hxnt2gjb22RloXMM6TovM3sSrJS0wH+l1nznd6 +aFXftS/G4ZVIVZ/LfT1is4StoyPWZCwwwly1z8qJQ/zhip5NgZTxQw4mi7ww35DY +PdAQOCoajfSvFjqslQ/cPRi/MRCu079heVb5fQnnzVtnpFQRAgMBAAGjYzBhMB0G +A1UdDgQWBBRTVTPyS+vQUbHBeJrBKDF77+rtSTAfBgNVHSMEGDAWgBRTVTPyS+vQ +UbHBeJrBKDF77+rtSTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAN +BgkqhkiG9w0BAQsFAAOCAgEAPx/IaK94n02wPxpnYTy+LVLIxwdq/kawNd6IbiMz +L87zmNMDmHcGbfoRCj8OkhuggX9Lx1/CkhpXimuYsZOFQi5blr/u+v4mIbsgbmi9 +7j+cUHDP0zLycvSvxKHty51LwmaX9a4wkJl5zBU4O1sd/H9tWcEmwJ39ltKoBKBx +c94Zc3iMm5ytRWGj+0rKzLDAXEWpoZ5bE5PLJauA6UDCxDLfs3FwhbS7uDggxYvf +jySF5FCNET94oJ+m8s7VeHvoa8iPGKvXrIqdd7XDHnqJJlVKr7m9S0fMbyEB8ci2 +RtOXDt93ifY1uhoEtEykn4dqBSp8ezvNMnwoXdYPDvTd9uCAFeWFLVreBAWxd25h +PsBTkZA5hpa/rA+mKv6Af4VBViYr8cz4dZCsFChuioVebe9ighrfjB//qKepFjPF +CyjzKN1u0JKm/2x/ORqxkTONG8p3uDwoIOyimUcTtTMv42bfYD88RKakqSFXE9G+ +Z0LlaKABqfjK49o/tsAp+c5LoNlYllKhnetO3QAdraHwdmC36BhoghzR1jpX751A +cZn2VH3Q4XKyp01cJNCJIrua+A+bx6zh3RyW6zIIkbRCbET+UD+4mr8WIcSE3mtR +ZVlnhUDO4z9//WKMVzwS9Rh8/kuszrGFI1KQozXCHLrce3YP6RYZfOed79LXaRwX +dYY= +-----END CERTIFICATE----- diff --git a/resources/config/public/aaf_2_0.xsd b/resources/config/public/aaf_2_0.xsd new file mode 100644 index 0000000..59d4331 --- /dev/null +++ b/resources/config/public/aaf_2_0.xsd @@ -0,0 +1,527 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/resources/config/public/iframe_denied_test.html b/resources/config/public/iframe_denied_test.html new file mode 100644 index 0000000..613e9c7 --- /dev/null +++ b/resources/config/public/iframe_denied_test.html @@ -0,0 +1,10 @@ + + + + + + + + diff --git a/resources/config/public/truststoreONAP.p12 b/resources/config/public/truststoreONAP.p12 new file mode 100644 index 0000000..d01e856 Binary files /dev/null and b/resources/config/public/truststoreONAP.p12 differ diff --git a/resources/config/public/truststoreONAPall.jks b/resources/config/public/truststoreONAPall.jks new file mode 100644 index 0000000..ff844b1 Binary files /dev/null and b/resources/config/public/truststoreONAPall.jks differ diff --git a/templates/configmap.yaml b/templates/configmap.yaml index c7cf9ae..cfa57f7 100644 --- a/templates/configmap.yaml +++ b/templates/configmap.yaml @@ -15,7 +15,42 @@ apiVersion: v1 kind: ConfigMap metadata: - name: {{ include "common.fullname" . }} + name: {{ .Release.Name }}-aaf-backup namespace: {{ include "common.namespace" . }} data: -{{ (.Files.Glob "resources/config/aaf-data/*").AsConfig | indent 2 }} +{{ tpl (.Files.Glob "resources/config/backup/*").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Release.Name }}-aaf-public + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/public/*").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Release.Name }}-aaf-local + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/local/org.osaaf.location.props").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/config/local/org.osaaf.cm.ca.props").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/config/local/org.osaaf.cassandra.props").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/config/local/org.osaaf.aaf.props").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Release.Name }}-aaf-etc + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/etc/*").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Release.Name }}-aaf-data + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/data/*").AsConfig . | indent 2 }} diff --git a/templates/deployment.yaml b/templates/deployment.yaml deleted file mode 100644 index 2a4e7d2..0000000 --- a/templates/deployment.yaml +++ /dev/null @@ -1,91 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} -spec: - replicas: {{ .Values.replicaCount }} - selector: - matchLabels: - app: {{ include "common.name" . }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - name: {{ include "common.fullname" . }} - spec: - initContainers: - - command: - - /root/ready.py - args: - - --container-name - - aaf-cs - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness - containers: - - env: - - name: CASSANDRA_CLUSTER - value: cassandra_container - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - - mountPath: /data - name: aaf-data - name: {{ include "common.name" . }} - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container - {{- if eq .Values.liveness.enabled true }} - livenessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - {{ end -}} - readinessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - resources: -{{ toYaml .Values.resources | indent 12 }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 10 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 10 }} - {{- end }} - - volumes: - - name: aaf-data - configMap: - name: {{ include "common.fullname" . }} - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/templates/job.yaml b/templates/job.yaml new file mode 100644 index 0000000..7ce871e --- /dev/null +++ b/templates/job.yaml @@ -0,0 +1,132 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ include "common.fullname" . }}-create-config + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + template: + metadata: + labels: + app: aaf-init-job + release: {{ .Release.Name }} + spec: + containers: + - command: ["/bin/bash","-c","if [ ! -d /data/backup ]; then mkdir /data/data && cp -Ra /data1/data/..data/* /data/data/ && mkdir /data/etc && cp -Ra /data1/etc/..data/* data/etc/ && mkdir /data/backup && cp -Ra /data1/backup/..data/* /data/backup/ && cp -Ra /data1/public /data/ && cp -Ra /data1/local /data && mkdir -p /data/logs/oauth && mkdir -p /data/logs/hello && mkdir -p /data/logs/fs && mkdir -p /data/logs/gui && mkdir -p /data/logs/locate && mkdir -p /data/logs/cm && mkdir -p /data/logs/service; fi; exit 0"] + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: aaf-init-job + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /data + name: aaf-persistent-data + - mountPath: /data1/etc + name: aaf-etc + - mountPath: /data1/data + name: aaf-data + - mountPath: /data1/public/iframe_denied_test.html + name: aaf-public + subPath: iframe_denied_test.html + - mountPath: /data1/public/aaf_2_0.xsd + name: aaf-public + subPath: aaf_2_0.xsd + - mountPath: /data1/public/truststoreONAP.p12 + name: aaf-public-secret + subPath: truststoreONAP.p12 + - mountPath: /data1/public/AAF_RootCA.cer + name: aaf-public-secret + subPath: AAF_RootCA.cer + - mountPath: /data1/public/truststoreONAPall.jks + name: aaf-public-secret + subPath: truststoreONAPall.jks + - mountPath: /data1/local/org.osaaf.location.props + name: aaf-local + subPath: org.osaaf.location.props + - mountPath: /data1/local/org.osaaf.cm.ca.props + name: aaf-local + subPath: org.osaaf.cm.ca.props + - mountPath: /data1/local/org.osaaf.cassandra.props + name: aaf-local + subPath: org.osaaf.cassandra.props + - mountPath: /data1/local/org.osaaf.aaf.props + name: aaf-local + subPath: org.osaaf.aaf.props + - mountPath: /data1/local/org.osaaf.aaf.trust.p12 + name: aaf-local-secret + subPath: org.osaaf.aaf.trust.p12 + - mountPath: /data1/local/org.osaaf.aaf.p12 + name: aaf-local-secret + subPath: org.osaaf.aaf.p12 + - mountPath: /data1/local/org.osaaf.aaf.keyfile + name: aaf-local-secret + subPath: org.osaaf.aaf.keyfile + - mountPath: /data1/local/org.osaaf.aaf.cm.p12 + name: aaf-local-secret + subPath: org.osaaf.aaf.cm.p12 + - mountPath: /data1/backup + name: aaf-backup + resources: +{{ toYaml .Values.resources | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: aaf-local-secret + secret: + secretName: {{ .Release.Name }}-aaf-local-secret + - name: aaf-public-secret + secret: + secretName: {{ .Release.Name }}-aaf-public-secret + - name: aaf-etc + configMap: + name: {{ .Release.Name }}-aaf-etc + - name: aaf-local + configMap: + name: {{ .Release.Name }}-aaf-local + - name: aaf-backup + configMap: + name: {{ .Release.Name }}-aaf-backup + - name: aaf-public + configMap: + name: {{ .Release.Name }}-aaf-public + - name: aaf-data + configMap: + name: {{ .Release.Name }}-aaf-data + - name: aaf-persistent-data + {{- if .Values.global.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ .Release.Name }}-aaf-pvc + {{- else }} + emptyDir: {} + {{- end }} + restartPolicy: OnFailure + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/templates/pv.yaml b/templates/pv.yaml new file mode 100644 index 0000000..d9b58f6 --- /dev/null +++ b/templates/pv.yaml @@ -0,0 +1,37 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} +spec: + capacity: + storage: {{ .Values.persistence.size}} + accessModes: + - {{ .Values.persistence.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} +{{- end -}} diff --git a/templates/pvc.yaml b/templates/pvc.yaml new file mode 100644 index 0000000..255c277 --- /dev/null +++ b/templates/pvc.yaml @@ -0,0 +1,48 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ .Release.Name }}-aaf-pvc + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + selector: + matchLabels: + name: {{ include "common.fullname" . }} + accessModes: + - {{ .Values.persistence.accessMode }} + resources: + requests: + storage: {{ .Values.persistence.size }} +{{- if .Values.persistence.storageClass }} +{{- if (eq "-" .Values.persistence.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.storageClass }}" +{{- end }} +{{- end }} +{{- end -}} diff --git a/templates/secrets.yaml b/templates/secrets.yaml new file mode 100644 index 0000000..d67601c --- /dev/null +++ b/templates/secrets.yaml @@ -0,0 +1,47 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Secret +metadata: + name: {{ .Release.Name}}-aaf-local-secret + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ (.Files.Glob "resources/config/local/org.osaaf.aaf.trust.p12").AsSecrets | indent 2 }} +{{ (.Files.Glob "resources/config/local/org.osaaf.aaf.p12").AsSecrets | indent 2 }} +{{ (.Files.Glob "resources/config/local/org.osaaf.aaf.keyfile").AsSecrets | indent 2 }} +{{ (.Files.Glob "resources/config/local/org.osaaf.aaf.cm.p12").AsSecrets | indent 2 }} +type: Opaque +--- +apiVersion: v1 +kind: Secret +metadata: + name: {{ .Release.Name}}-aaf-public-secret + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ (.Files.Glob "resources/config/public/truststoreONAP.p12").AsSecrets | indent 2 }} +{{ (.Files.Glob "resources/config/public/AAF_RootCA.cer").AsSecrets | indent 2 }} +{{ (.Files.Glob "resources/config/public/truststoreONAPall.jks").AsSecrets | indent 2 }} +type: Opaque + diff --git a/templates/service.yaml b/templates/service.yaml deleted file mode 100644 index 587e07a..0000000 --- a/templates/service.yaml +++ /dev/null @@ -1,41 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.externalPort }} - #Example internal target port if required - #targetPort: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.name }} - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.name }} - {{- end}} - selector: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} - type: {{ .Values.service.type }} diff --git a/values.yaml b/values.yaml index 5f23100..805d3d1 100644 --- a/values.yaml +++ b/values.yaml @@ -20,24 +20,21 @@ global: repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== readinessRepository: oomk8s readinessImage: readiness-check:2.0.0 - -# If mountPath is over NFS (e.g. /dockerdata-nfs is NFS mounted between the nodes), uncomment following lines. -# persistence: -# mountPath: /dockerdata + persistence: + enabled: true ################################################################# # Application configuration defaults. ################################################################# -# application image -repository: nexus3.onap.org:10001 -image: onap/aaf/authz-service:latest -pullPolicy: Always - -# flag to enable debugging - application support required -debugEnabled: false - -# application configuration -config: {} +config: + serviceServiceName: aaf-service + locateServiceName: aaf-locate + cmServiceName: aaf-cm + fsServiceName: aaf-fs + guiServiceName: aaf-gui + helloServiceName: aaf-hello + oauthServiceName: aaf-oauth + csServiceName: aaf-cass # default number of instances replicaCount: 1 @@ -58,18 +55,30 @@ readiness: initialDelaySeconds: 10 periodSeconds: 10 -service: - type: NodePort - name: aaf-authz - #targetPort - internalPort: 8101 - #port - externalPort: 8101 - nodePort: 99 - ingress: enabled: false +## Persist data to a persitent volume +persistence: + ## A manually managed Persistent Volume and Claim + ## Requires persistence.enabled: true + ## If defined, PVC must be created manually before volume will be bound + # existingClaim: + volumeReclaimPolicy: Retain + + ## database data Persistent Volume Storage Class + ## If defined, storageClassName: + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is + ## set, choosing the default provisioner. (gp2 on AWS, standard on + ## GKE, AWS & OpenStack) + ## + # storageClass: "-" + accessMode: ReadWriteMany + size: 2Gi + mountPath: /dockerdata-nfs + mountSubPath: aaf/data + resources: {} # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little -- cgit 1.2.3-korg From ba105d5ba1e14eb48bad004e25940530923da7ee Mon Sep 17 00:00:00 2001 From: Mandeep Khinda Date: Tue, 8 May 2018 00:35:56 +0000 Subject: fixing duplicate nodeport with SO 47 is free.. Issue-ID: OOM-930 Change-Id: I90d008bb77cfa1107f85d10c96482fe2693c400a Signed-off-by: Mandeep Khinda --- charts/aaf-service/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/aaf-service/values.yaml b/charts/aaf-service/values.yaml index 33c1644..b53e7a2 100644 --- a/charts/aaf-service/values.yaml +++ b/charts/aaf-service/values.yaml @@ -62,7 +62,7 @@ service: internalPort: 8100 #port externalPort: 8100 - nodePort: 50 + nodePort: 47 ingress: enabled: false -- cgit 1.2.3-korg From 92e9569f5fe2885a71c2cf73aa4d597ebfd6d6d3 Mon Sep 17 00:00:00 2001 From: Gary Wu Date: Tue, 8 May 2018 07:21:20 -0700 Subject: Sync docker image images with docker-manifest.csv Update the docker image versions in the OOM helm charts with the versions specified in the docker-manifest.csv in the integration repo. Change-Id: I38bd9e98ae1b15ed4bbc68051b8516f311aa8db0 Issue-ID: OOM-1053 Signed-off-by: Gary Wu --- charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml | 2 +- charts/aaf-sms/values.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml b/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml index d09d492..bb0f470 100644 --- a/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml +++ b/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml @@ -29,7 +29,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/smsquorumclient +image: onap/aaf/smsquorumclient:latest pullPolicy: Always # flag to enable debugging - application support required diff --git a/charts/aaf-sms/values.yaml b/charts/aaf-sms/values.yaml index cd32539..0686ddb 100644 --- a/charts/aaf-sms/values.yaml +++ b/charts/aaf-sms/values.yaml @@ -29,7 +29,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/sms +image: onap/aaf/sms:latest pullPolicy: Always # flag to enable debugging - application support required -- cgit 1.2.3-korg From 77a201bf8b09dba3ab89cc635ec8fa0efcaa11c4 Mon Sep 17 00:00:00 2001 From: Mike Elliott Date: Tue, 8 May 2018 14:22:13 -0400 Subject: Remove AAF truststore files from configmap Moved security-related files from the configmap to an init container, to dramatically reduce the overall size of the ONAP deployment configmap. Change-Id: I5e1c176f14d2e010c69e6c1e86c487583ed18f59 Issue-ID: OOM-1061 Signed-off-by: Mike Elliott --- resources/config/public/AAF_RootCA.cer | 31 -- resources/config/public/README.txt | 1 + resources/config/public/aaf_2_0.xsd | 527 ------------------------ resources/config/public/iframe_denied_test.html | 10 - resources/config/public/truststoreONAP.p12 | Bin 4180 -> 0 bytes resources/config/public/truststoreONAPall.jks | Bin 117990 -> 0 bytes templates/configmap.yaml | 8 - templates/job.yaml | 31 +- templates/secrets.yaml | 17 - values.yaml | 5 + 10 files changed, 28 insertions(+), 602 deletions(-) delete mode 100644 resources/config/public/AAF_RootCA.cer create mode 100644 resources/config/public/README.txt delete mode 100644 resources/config/public/aaf_2_0.xsd delete mode 100644 resources/config/public/iframe_denied_test.html delete mode 100644 resources/config/public/truststoreONAP.p12 delete mode 100644 resources/config/public/truststoreONAPall.jks diff --git a/resources/config/public/AAF_RootCA.cer b/resources/config/public/AAF_RootCA.cer deleted file mode 100644 index e9a50d7..0000000 --- a/resources/config/public/AAF_RootCA.cer +++ /dev/null @@ -1,31 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIFPjCCAyagAwIBAgIJAJ6u7cCnzrWdMA0GCSqGSIb3DQEBCwUAMCwxDjAMBgNV -BAsMBU9TQUFGMQ0wCwYDVQQKDARPTkFQMQswCQYDVQQGEwJVUzAeFw0xODA0MDUx -NDE1MjhaFw0zODAzMzExNDE1MjhaMCwxDjAMBgNVBAsMBU9TQUFGMQ0wCwYDVQQK -DARPTkFQMQswCQYDVQQGEwJVUzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC -ggIBAMA5pkgRs7NhGG4ew5JouhyYakgYUyFaG121+/h8qbSdt0hVQv56+EA41Yq7 -XGie7RYDQK9NmAFF3gruE+6X7wvJiChp+Cyd7sFMnb65uWhxEdxWTM2BJFrgfzUn -H8ZCxgaCo3XH4PzlKRy2LQQJEJECwl/RZmRCXijMt5e9h8XoZY/fKkKcZZUsWNCM -pTo266wjvA9MXLmdgReRj0+vrCjrNqy+htwJDztoiHWiYPqT6o8EvGcgjNqjlZx7 -NUNf8MfLDByqKF6+wRbHv1GKjn3/Vijd45Fv8riyRYROiFanvbV6jIfBkv8PZbXg -2VDWsYsgp8NAvMxK+iV8cO+Ck3lBI2GOPZbCEqpPVTYbLUz6sczAlCXwQoPzDIZY -wYa3eR/gYLY1gP2iEVHORag3bLPap9ZX5E8DZkzTNTjovvLk8KaCmfcaUMJsBtDd -ApcUitz10cnRyZc1sX3gE1f3DpzQM6t9C5sOVyRhDcSrKqqwb9m0Ss04XAS9FsqM -P3UWYQyqDXSxlUAYaX892u8mV1hxnt2gjb22RloXMM6TovM3sSrJS0wH+l1nznd6 -aFXftS/G4ZVIVZ/LfT1is4StoyPWZCwwwly1z8qJQ/zhip5NgZTxQw4mi7ww35DY -PdAQOCoajfSvFjqslQ/cPRi/MRCu079heVb5fQnnzVtnpFQRAgMBAAGjYzBhMB0G -A1UdDgQWBBRTVTPyS+vQUbHBeJrBKDF77+rtSTAfBgNVHSMEGDAWgBRTVTPyS+vQ -UbHBeJrBKDF77+rtSTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAN -BgkqhkiG9w0BAQsFAAOCAgEAPx/IaK94n02wPxpnYTy+LVLIxwdq/kawNd6IbiMz -L87zmNMDmHcGbfoRCj8OkhuggX9Lx1/CkhpXimuYsZOFQi5blr/u+v4mIbsgbmi9 -7j+cUHDP0zLycvSvxKHty51LwmaX9a4wkJl5zBU4O1sd/H9tWcEmwJ39ltKoBKBx -c94Zc3iMm5ytRWGj+0rKzLDAXEWpoZ5bE5PLJauA6UDCxDLfs3FwhbS7uDggxYvf -jySF5FCNET94oJ+m8s7VeHvoa8iPGKvXrIqdd7XDHnqJJlVKr7m9S0fMbyEB8ci2 -RtOXDt93ifY1uhoEtEykn4dqBSp8ezvNMnwoXdYPDvTd9uCAFeWFLVreBAWxd25h -PsBTkZA5hpa/rA+mKv6Af4VBViYr8cz4dZCsFChuioVebe9ighrfjB//qKepFjPF -CyjzKN1u0JKm/2x/ORqxkTONG8p3uDwoIOyimUcTtTMv42bfYD88RKakqSFXE9G+ -Z0LlaKABqfjK49o/tsAp+c5LoNlYllKhnetO3QAdraHwdmC36BhoghzR1jpX751A -cZn2VH3Q4XKyp01cJNCJIrua+A+bx6zh3RyW6zIIkbRCbET+UD+4mr8WIcSE3mtR -ZVlnhUDO4z9//WKMVzwS9Rh8/kuszrGFI1KQozXCHLrce3YP6RYZfOed79LXaRwX -dYY= ------END CERTIFICATE----- diff --git a/resources/config/public/README.txt b/resources/config/public/README.txt new file mode 100644 index 0000000..48aaa96 --- /dev/null +++ b/resources/config/public/README.txt @@ -0,0 +1 @@ +Public directory left empty on purpose. Content of https://gerrit.onap.org/r/gitweb?p=aaf/authz.git;a=tree;f=auth/sample/public;h=1b387b7858134f80446f006b6d570fa534da3153;hb=refs/heads/master is cloned and mounted into AAF container volume via init container. This is done to dramatically reduce the size of configuration that was being put into a configmap that was exceeding helm configmap limit of 1MB per deployment. diff --git a/resources/config/public/aaf_2_0.xsd b/resources/config/public/aaf_2_0.xsd deleted file mode 100644 index 59d4331..0000000 --- a/resources/config/public/aaf_2_0.xsd +++ /dev/null @@ -1,527 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - \ No newline at end of file diff --git a/resources/config/public/iframe_denied_test.html b/resources/config/public/iframe_denied_test.html deleted file mode 100644 index 613e9c7..0000000 --- a/resources/config/public/iframe_denied_test.html +++ /dev/null @@ -1,10 +0,0 @@ - - - - - - - - diff --git a/resources/config/public/truststoreONAP.p12 b/resources/config/public/truststoreONAP.p12 deleted file mode 100644 index d01e856..0000000 Binary files a/resources/config/public/truststoreONAP.p12 and /dev/null differ diff --git a/resources/config/public/truststoreONAPall.jks b/resources/config/public/truststoreONAPall.jks deleted file mode 100644 index ff844b1..0000000 Binary files a/resources/config/public/truststoreONAPall.jks and /dev/null differ diff --git a/templates/configmap.yaml b/templates/configmap.yaml index cfa57f7..9d21e05 100644 --- a/templates/configmap.yaml +++ b/templates/configmap.yaml @@ -22,14 +22,6 @@ data: --- apiVersion: v1 kind: ConfigMap -metadata: - name: {{ .Release.Name }}-aaf-public - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/config/public/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap metadata: name: {{ .Release.Name }}-aaf-local namespace: {{ include "common.namespace" . }} diff --git a/templates/job.yaml b/templates/job.yaml index 7ce871e..85c0940 100644 --- a/templates/job.yaml +++ b/templates/job.yaml @@ -29,6 +29,21 @@ spec: app: aaf-init-job release: {{ .Release.Name }} spec: + initContainers: + - name: {{ include "common.name" . }}-inject-config + command: + - /bin/bash + - -c + - > + git clone -b {{ .Values.config.gerritBranch }} --single-branch {{ .Values.config.gerritProject }} /tmp/gerrit; + echo "Clone complete. Copying from /tmp/gerrit/ to /public"; + cp -rf /tmp/gerrit/auth/sample/public/* /public; + echo "Done."; + image: "{{ .Values.global.ubuntuInitRepository }}/{{ .Values.global.ubuntuInitImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - name: aaf-public + mountPath: "/public" containers: - command: ["/bin/bash","-c","if [ ! -d /data/backup ]; then mkdir /data/data && cp -Ra /data1/data/..data/* /data/data/ && mkdir /data/etc && cp -Ra /data1/etc/..data/* data/etc/ && mkdir /data/backup && cp -Ra /data1/backup/..data/* /data/backup/ && cp -Ra /data1/public /data/ && cp -Ra /data1/local /data && mkdir -p /data/logs/oauth && mkdir -p /data/logs/hello && mkdir -p /data/logs/fs && mkdir -p /data/logs/gui && mkdir -p /data/logs/locate && mkdir -p /data/logs/cm && mkdir -p /data/logs/service; fi; exit 0"] image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" @@ -51,13 +66,13 @@ spec: name: aaf-public subPath: aaf_2_0.xsd - mountPath: /data1/public/truststoreONAP.p12 - name: aaf-public-secret + name: aaf-public subPath: truststoreONAP.p12 - mountPath: /data1/public/AAF_RootCA.cer - name: aaf-public-secret + name: aaf-public subPath: AAF_RootCA.cer - mountPath: /data1/public/truststoreONAPall.jks - name: aaf-public-secret + name: aaf-public subPath: truststoreONAPall.jks - mountPath: /data1/local/org.osaaf.location.props name: aaf-local @@ -85,6 +100,8 @@ spec: subPath: org.osaaf.aaf.cm.p12 - mountPath: /data1/backup name: aaf-backup + - mountPath: /share + name: aaf-public resources: {{ toYaml .Values.resources | indent 12 }} {{- if .Values.nodeSelector }} @@ -102,9 +119,6 @@ spec: - name: aaf-local-secret secret: secretName: {{ .Release.Name }}-aaf-local-secret - - name: aaf-public-secret - secret: - secretName: {{ .Release.Name }}-aaf-public-secret - name: aaf-etc configMap: name: {{ .Release.Name }}-aaf-etc @@ -114,9 +128,6 @@ spec: - name: aaf-backup configMap: name: {{ .Release.Name }}-aaf-backup - - name: aaf-public - configMap: - name: {{ .Release.Name }}-aaf-public - name: aaf-data configMap: name: {{ .Release.Name }}-aaf-data @@ -127,6 +138,8 @@ spec: {{- else }} emptyDir: {} {{- end }} + - name: aaf-public + emptyDir: {} restartPolicy: OnFailure imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/templates/secrets.yaml b/templates/secrets.yaml index d67601c..fe876e1 100644 --- a/templates/secrets.yaml +++ b/templates/secrets.yaml @@ -28,20 +28,3 @@ data: {{ (.Files.Glob "resources/config/local/org.osaaf.aaf.keyfile").AsSecrets | indent 2 }} {{ (.Files.Glob "resources/config/local/org.osaaf.aaf.cm.p12").AsSecrets | indent 2 }} type: Opaque ---- -apiVersion: v1 -kind: Secret -metadata: - name: {{ .Release.Name}}-aaf-public-secret - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ (.Files.Glob "resources/config/public/truststoreONAP.p12").AsSecrets | indent 2 }} -{{ (.Files.Glob "resources/config/public/AAF_RootCA.cer").AsSecrets | indent 2 }} -{{ (.Files.Glob "resources/config/public/truststoreONAPall.jks").AsSecrets | indent 2 }} -type: Opaque - diff --git a/values.yaml b/values.yaml index 805d3d1..1724be8 100644 --- a/values.yaml +++ b/values.yaml @@ -20,6 +20,8 @@ global: repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== readinessRepository: oomk8s readinessImage: readiness-check:2.0.0 + ubuntuInitRepository: registry.hub.docker.com + ubuntuInitImage: oomk8s/ubuntu-init:2.0.0 persistence: enabled: true @@ -35,6 +37,9 @@ config: helloServiceName: aaf-hello oauthServiceName: aaf-oauth csServiceName: aaf-cass + # gerrit branch where the latest aaf/auth/sample/public code exists + gerritProject: http://gerrit.onap.org/r/aaf/authz.git + gerritBranch: master # default number of instances replicaCount: 1 -- cgit 1.2.3-korg From 9e0f128057f60aba559fac6d0487520eb9f61cb1 Mon Sep 17 00:00:00 2001 From: BorislavG Date: Wed, 9 May 2018 14:34:14 +0000 Subject: Improve docker registry secret management Change-Id: I2d1ff878c215becc9856af184eb0b11defd75e1d Issue-ID: OOM-1064 Signed-off-by: BorislavG --- charts/aaf-cm/values.yaml | 1 - charts/aaf-cs/values.yaml | 1 - charts/aaf-fs/values.yaml | 1 - charts/aaf-gui/values.yaml | 1 - charts/aaf-hello/values.yaml | 1 - charts/aaf-locate/values.yaml | 1 - charts/aaf-oauth/values.yaml | 1 - charts/aaf-service/values.yaml | 1 - charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml | 1 - charts/aaf-sms/charts/aaf-sms-vault/values.yaml | 1 - charts/aaf-sms/values.yaml | 1 - values.yaml | 1 - 12 files changed, 12 deletions(-) diff --git a/charts/aaf-cm/values.yaml b/charts/aaf-cm/values.yaml index 75b1a7b..af28475 100644 --- a/charts/aaf-cm/values.yaml +++ b/charts/aaf-cm/values.yaml @@ -17,7 +17,6 @@ ################################################################# global: nodePortPrefix: 302 - repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== readinessRepository: oomk8s readinessImage: readiness-check:1.1.0 diff --git a/charts/aaf-cs/values.yaml b/charts/aaf-cs/values.yaml index 83bc972..6d5ed6c 100644 --- a/charts/aaf-cs/values.yaml +++ b/charts/aaf-cs/values.yaml @@ -17,7 +17,6 @@ ################################################################# global: nodePortPrefix: 302 - repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== ################################################################# diff --git a/charts/aaf-fs/values.yaml b/charts/aaf-fs/values.yaml index be0f53d..de16c63 100644 --- a/charts/aaf-fs/values.yaml +++ b/charts/aaf-fs/values.yaml @@ -17,7 +17,6 @@ ################################################################# global: nodePortPrefix: 302 - repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== readinessRepository: oomk8s readinessImage: readiness-check:1.1.0 diff --git a/charts/aaf-gui/values.yaml b/charts/aaf-gui/values.yaml index 02c572f..3e4a8f3 100644 --- a/charts/aaf-gui/values.yaml +++ b/charts/aaf-gui/values.yaml @@ -17,7 +17,6 @@ ################################################################# global: nodePortPrefix: 302 - repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== readinessRepository: oomk8s readinessImage: readiness-check:1.1.0 diff --git a/charts/aaf-hello/values.yaml b/charts/aaf-hello/values.yaml index ad95b07..b10483c 100644 --- a/charts/aaf-hello/values.yaml +++ b/charts/aaf-hello/values.yaml @@ -17,7 +17,6 @@ ################################################################# global: nodePortPrefix: 302 - repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== readinessRepository: oomk8s readinessImage: readiness-check:1.1.0 diff --git a/charts/aaf-locate/values.yaml b/charts/aaf-locate/values.yaml index fbed947..4b44b73 100644 --- a/charts/aaf-locate/values.yaml +++ b/charts/aaf-locate/values.yaml @@ -17,7 +17,6 @@ ################################################################# global: nodePortPrefix: 302 - repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== readinessRepository: oomk8s readinessImage: readiness-check:1.1.0 diff --git a/charts/aaf-oauth/values.yaml b/charts/aaf-oauth/values.yaml index 4311696..c637cc3 100644 --- a/charts/aaf-oauth/values.yaml +++ b/charts/aaf-oauth/values.yaml @@ -17,7 +17,6 @@ ################################################################# global: nodePortPrefix: 302 - repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== readinessRepository: oomk8s readinessImage: readiness-check:1.1.0 diff --git a/charts/aaf-service/values.yaml b/charts/aaf-service/values.yaml index b53e7a2..361aa47 100644 --- a/charts/aaf-service/values.yaml +++ b/charts/aaf-service/values.yaml @@ -17,7 +17,6 @@ ################################################################# global: nodePortPrefix: 302 - repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== readinessRepository: oomk8s readinessImage: readiness-check:2.0.0 diff --git a/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml b/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml index bb0f470..f7ce9f6 100644 --- a/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml +++ b/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml @@ -17,7 +17,6 @@ ################################################################# global: nodePortPrefix: 302 - repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== readinessRepository: oomk8s readinessImage: readiness-check:1.1.1 loggingRepository: docker.elastic.co diff --git a/charts/aaf-sms/charts/aaf-sms-vault/values.yaml b/charts/aaf-sms/charts/aaf-sms-vault/values.yaml index 53e7286..317abcd 100644 --- a/charts/aaf-sms/charts/aaf-sms-vault/values.yaml +++ b/charts/aaf-sms/charts/aaf-sms-vault/values.yaml @@ -17,7 +17,6 @@ ################################################################# global: nodePortPrefix: 302 - repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== persistence: {} # application image diff --git a/charts/aaf-sms/values.yaml b/charts/aaf-sms/values.yaml index 0686ddb..fa01b38 100644 --- a/charts/aaf-sms/values.yaml +++ b/charts/aaf-sms/values.yaml @@ -17,7 +17,6 @@ ################################################################# global: nodePortPrefix: 302 - repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== readinessRepository: oomk8s readinessImage: readiness-check:2.0.0 loggingRepository: docker.elastic.co diff --git a/values.yaml b/values.yaml index 1724be8..19250d8 100644 --- a/values.yaml +++ b/values.yaml @@ -17,7 +17,6 @@ ################################################################# global: nodePortPrefix: 302 - repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== readinessRepository: oomk8s readinessImage: readiness-check:2.0.0 ubuntuInitRepository: registry.hub.docker.com -- cgit 1.2.3-korg From 97ec49ba52bb8ef817768628fee3a73479a0e4d2 Mon Sep 17 00:00:00 2001 From: Gary Wu Date: Fri, 11 May 2018 13:26:30 -0700 Subject: Update readiness-check to 2.0.0 Change-Id: I3477393d2ba98fe1d48561efc6991e88d8e03793 Issue-ID: OOM-1076 Signed-off-by: Gary Wu --- charts/aaf-cm/values.yaml | 2 +- charts/aaf-fs/values.yaml | 2 +- charts/aaf-gui/values.yaml | 2 +- charts/aaf-hello/values.yaml | 2 +- charts/aaf-locate/values.yaml | 2 +- charts/aaf-oauth/values.yaml | 2 +- charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml | 2 +- 7 files changed, 7 insertions(+), 7 deletions(-) diff --git a/charts/aaf-cm/values.yaml b/charts/aaf-cm/values.yaml index af28475..b6f7034 100644 --- a/charts/aaf-cm/values.yaml +++ b/charts/aaf-cm/values.yaml @@ -18,7 +18,7 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s - readinessImage: readiness-check:1.1.0 + readinessImage: readiness-check:2.0.0 ################################################################# # Application configuration defaults. diff --git a/charts/aaf-fs/values.yaml b/charts/aaf-fs/values.yaml index de16c63..b8a2663 100644 --- a/charts/aaf-fs/values.yaml +++ b/charts/aaf-fs/values.yaml @@ -18,7 +18,7 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s - readinessImage: readiness-check:1.1.0 + readinessImage: readiness-check:2.0.0 ################################################################# # Application configuration defaults. diff --git a/charts/aaf-gui/values.yaml b/charts/aaf-gui/values.yaml index 3e4a8f3..9aa79fd 100644 --- a/charts/aaf-gui/values.yaml +++ b/charts/aaf-gui/values.yaml @@ -18,7 +18,7 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s - readinessImage: readiness-check:1.1.0 + readinessImage: readiness-check:2.0.0 ################################################################# # Application configuration defaults. diff --git a/charts/aaf-hello/values.yaml b/charts/aaf-hello/values.yaml index b10483c..c05ab56 100644 --- a/charts/aaf-hello/values.yaml +++ b/charts/aaf-hello/values.yaml @@ -18,7 +18,7 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s - readinessImage: readiness-check:1.1.0 + readinessImage: readiness-check:2.0.0 ################################################################# # Application configuration defaults. diff --git a/charts/aaf-locate/values.yaml b/charts/aaf-locate/values.yaml index 4b44b73..e9b42cb 100644 --- a/charts/aaf-locate/values.yaml +++ b/charts/aaf-locate/values.yaml @@ -18,7 +18,7 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s - readinessImage: readiness-check:1.1.0 + readinessImage: readiness-check:2.0.0 # If mountPath is over NFS (e.g. /dockerdata-nfs is NFS mounted between the nodes), uncomment following lines. # persistence: diff --git a/charts/aaf-oauth/values.yaml b/charts/aaf-oauth/values.yaml index c637cc3..344d138 100644 --- a/charts/aaf-oauth/values.yaml +++ b/charts/aaf-oauth/values.yaml @@ -18,7 +18,7 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s - readinessImage: readiness-check:1.1.0 + readinessImage: readiness-check:2.0.0 ################################################################# # Application configuration defaults. diff --git a/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml b/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml index f7ce9f6..b528270 100644 --- a/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml +++ b/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml @@ -18,7 +18,7 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s - readinessImage: readiness-check:1.1.1 + readinessImage: readiness-check:2.0.0 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 persistence: {} -- cgit 1.2.3-korg From 0b55eba46b9986ae4b3e5287b674a9624021a813 Mon Sep 17 00:00:00 2001 From: Kiran Kamineni Date: Mon, 14 May 2018 16:59:55 -0700 Subject: Enable https endpoint for SMS SMS got a new SAN certificate and we are using that in this deployment now. Applications will now query on https://aaf-sms.onap This should also fix the failing healthcheck for SMS -P3: Changing liveness and readiness probes to use https instead of tcp which was throwing up TLS error spam on the server Issue-ID: AAF-284 Change-Id: I654eced0bb75c8b5c807c45773f308d824dfb571 Signed-off-by: Kiran Kamineni --- .../charts/aaf-sms-quorumclient/resources/config/config.json | 7 +++++++ .../charts/aaf-sms-quorumclient/templates/configmap.yaml | 3 +-- .../charts/aaf-sms-quorumclient/templates/statefulset.yaml | 4 ++++ charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml | 8 -------- charts/aaf-sms/templates/deployment.yaml | 8 ++++++-- charts/aaf-sms/values.yaml | 12 ++++++------ 6 files changed, 24 insertions(+), 18 deletions(-) create mode 100644 charts/aaf-sms/charts/aaf-sms-quorumclient/resources/config/config.json diff --git a/charts/aaf-sms/charts/aaf-sms-quorumclient/resources/config/config.json b/charts/aaf-sms/charts/aaf-sms-quorumclient/resources/config/config.json new file mode 100644 index 0000000..3a43f00 --- /dev/null +++ b/charts/aaf-sms/charts/aaf-sms-quorumclient/resources/config/config.json @@ -0,0 +1,7 @@ +{ + "url":"https://aaf-sms.{{ include "common.namespace" . }}:10443", + "cafile": "/quorumclient/certs/aaf_root_ca.cer", + "clientcert":"client.cert", + "clientkey":"client.key", + "timeout":"10s" +} \ No newline at end of file diff --git a/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/configmap.yaml b/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/configmap.yaml index cacc368..9905a3c 100644 --- a/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/configmap.yaml +++ b/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/configmap.yaml @@ -23,5 +23,4 @@ metadata: release: {{ .Release.Name }} heritage: {{ .Release.Service }} data: - config.json: | - {{ .Values.config | toJson }} +{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} \ No newline at end of file diff --git a/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/statefulset.yaml b/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/statefulset.yaml index 483d6c5..281229f 100644 --- a/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/statefulset.yaml +++ b/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/statefulset.yaml @@ -63,6 +63,10 @@ spec: - name : {{ include "common.name" . }} configMap: name: {{ include "common.fullname" . }} + items: + - key: config.json + path: config.json + mode: 0755 - name: {{ include "common.fullname" . }}-auth persistentVolumeClaim: claimName: {{ include "common.fullname" . }} diff --git a/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml b/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml index b528270..768f89f 100644 --- a/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml +++ b/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml @@ -36,14 +36,6 @@ debugEnabled: false # application configuration # Example: -config: - url: "http://aaf-sms:10443" - cafile: "selfsignedca.pem" - clientcert: "server.cert" - clientkey: "server.key" - timeout: "60s" - disable_tls: true - # default number of instances replicaCount: 3 diff --git a/charts/aaf-sms/templates/deployment.yaml b/charts/aaf-sms/templates/deployment.yaml index 4235ad0..4bdb84f 100644 --- a/charts/aaf-sms/templates/deployment.yaml +++ b/charts/aaf-sms/templates/deployment.yaml @@ -40,14 +40,18 @@ spec: - containerPort: {{ .Values.service.internalPort }} {{- if eq .Values.liveness.enabled true }} livenessProbe: - tcpSocket: + httpGet: port: {{ .Values.service.internalPort }} + scheme: HTTPS + path: /v1/sms/quorum/status initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} {{ end -}} readinessProbe: - tcpSocket: + httpGet: port: {{ .Values.service.internalPort }} + scheme: HTTPS + path: /v1/sms/quorum/status initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} volumeMounts: diff --git a/charts/aaf-sms/values.yaml b/charts/aaf-sms/values.yaml index fa01b38..df2b6ab 100644 --- a/charts/aaf-sms/values.yaml +++ b/charts/aaf-sms/values.yaml @@ -38,10 +38,10 @@ debugEnabled: false # Example: config: smsdbaddress: "http://aaf-sms-db:8200" - cafile: "/sms/auth/selfsignedca.pem" - servercert: "/sms/auth/server.cert" - serverkey: "/sms/auth/server.key" - disable_tls: true + cafile: "/sms/certs/aaf_root_ca.cer" + servercert: "/sms/certs/aaf-sms.pub" + serverkey: "/sms/certs/aaf-sms.pr" + password: "c2VjcmV0bWFuYWdlbWVudHNlcnZpY2VzZWNyZXRwYXNzd29yZA==" # subchart configuration vault: @@ -57,14 +57,14 @@ affinity: {} # probe configuration parameters liveness: initialDelaySeconds: 10 - periodSeconds: 20 + periodSeconds: 30 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: initialDelaySeconds: 10 - periodSeconds: 20 + periodSeconds: 30 service: type: NodePort -- cgit 1.2.3-korg From 37f8bb2841ac7c88a7ce670370525738f840da5b Mon Sep 17 00:00:00 2001 From: Instrumental Date: Tue, 5 Jun 2018 06:28:10 -0500 Subject: Replace AAF Certs Issue-ID: AAF-346 Change-Id: Ie56c187e4c8ca7a0abad170a7b3a5571084ff566 Signed-off-by: Instrumental --- resources/config/local/org.osaaf.aaf.p12 | Bin 4140 -> 4180 bytes ...osaaf.aaf_new-24e41f2f436018568cbdecdc1edbd605.p12 | Bin 4140 -> 0 bytes 2 files changed, 0 insertions(+), 0 deletions(-) delete mode 100644 resources/config/local/org.osaaf.aaf_new-24e41f2f436018568cbdecdc1edbd605.p12 diff --git a/resources/config/local/org.osaaf.aaf.p12 b/resources/config/local/org.osaaf.aaf.p12 index f40a755..ac1dece 100644 Binary files a/resources/config/local/org.osaaf.aaf.p12 and b/resources/config/local/org.osaaf.aaf.p12 differ diff --git a/resources/config/local/org.osaaf.aaf_new-24e41f2f436018568cbdecdc1edbd605.p12 b/resources/config/local/org.osaaf.aaf_new-24e41f2f436018568cbdecdc1edbd605.p12 deleted file mode 100644 index f40a755..0000000 Binary files a/resources/config/local/org.osaaf.aaf_new-24e41f2f436018568cbdecdc1edbd605.p12 and /dev/null differ -- cgit 1.2.3-korg From b0c2705472f0f7965738302550bc345f26d30523 Mon Sep 17 00:00:00 2001 From: Gary Wu Date: Tue, 5 Jun 2018 15:31:23 -0700 Subject: Sync docker image versions from manifest Sync docker image versions from docker manifest commit fa290e17ced19e893b3f7cf8e070f459c3aeea07 Change-Id: Id185e51667d9b2dd8f0f77046ac044690d09b0ea Issue-ID: OOM-1053 Signed-off-by: Gary Wu --- charts/aaf-cm/values.yaml | 2 +- charts/aaf-fs/values.yaml | 2 +- charts/aaf-gui/values.yaml | 2 +- charts/aaf-hello/values.yaml | 2 +- charts/aaf-locate/values.yaml | 2 +- charts/aaf-oauth/values.yaml | 2 +- charts/aaf-service/values.yaml | 2 +- 7 files changed, 7 insertions(+), 7 deletions(-) diff --git a/charts/aaf-cm/values.yaml b/charts/aaf-cm/values.yaml index b6f7034..24fe23e 100644 --- a/charts/aaf-cm/values.yaml +++ b/charts/aaf-cm/values.yaml @@ -25,7 +25,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_cm:2.1.0-SNAPSHOT +image: onap/aaf/aaf_cm:2.1.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/charts/aaf-fs/values.yaml b/charts/aaf-fs/values.yaml index b8a2663..1613a4f 100644 --- a/charts/aaf-fs/values.yaml +++ b/charts/aaf-fs/values.yaml @@ -25,7 +25,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_fs:2.1.0-SNAPSHOT +image: onap/aaf/aaf_fs:2.1.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/charts/aaf-gui/values.yaml b/charts/aaf-gui/values.yaml index 9aa79fd..f87ec5c 100644 --- a/charts/aaf-gui/values.yaml +++ b/charts/aaf-gui/values.yaml @@ -25,7 +25,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_gui:2.1.0-SNAPSHOT +image: onap/aaf/aaf_gui:2.1.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/charts/aaf-hello/values.yaml b/charts/aaf-hello/values.yaml index c05ab56..ca19298 100644 --- a/charts/aaf-hello/values.yaml +++ b/charts/aaf-hello/values.yaml @@ -25,7 +25,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_hello:2.1.0-SNAPSHOT +image: onap/aaf/aaf_hello:2.1.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/charts/aaf-locate/values.yaml b/charts/aaf-locate/values.yaml index e9b42cb..675a4ad 100644 --- a/charts/aaf-locate/values.yaml +++ b/charts/aaf-locate/values.yaml @@ -29,7 +29,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_locate:2.1.0-SNAPSHOT +image: onap/aaf/aaf_locate:2.1.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/charts/aaf-oauth/values.yaml b/charts/aaf-oauth/values.yaml index 344d138..293505b 100644 --- a/charts/aaf-oauth/values.yaml +++ b/charts/aaf-oauth/values.yaml @@ -25,7 +25,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_oauth:2.1.0-SNAPSHOT +image: onap/aaf/aaf_oauth:2.1.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/charts/aaf-service/values.yaml b/charts/aaf-service/values.yaml index 361aa47..d5356d7 100644 --- a/charts/aaf-service/values.yaml +++ b/charts/aaf-service/values.yaml @@ -25,7 +25,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_service:2.1.0-SNAPSHOT +image: onap/aaf/aaf_service:2.1.1 pullPolicy: Always # flag to enable debugging - application support required -- cgit 1.2.3-korg From c84adbb5be45ede3e567560a0b7ec8a566180a29 Mon Sep 17 00:00:00 2001 From: Gary Wu Date: Wed, 6 Jun 2018 10:33:08 -0700 Subject: Sync docker image versions from manifest Sync docker image versions from docker manifest commit b075c2738d81c258f2157eb329241b00e27938ec Change-Id: I3aab98252d3318431cc4ce49221f552d7bc57b7d Issue-ID: OOM-1053 Signed-off-by: Gary Wu --- charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml | 2 +- charts/aaf-sms/values.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml b/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml index 768f89f..c5fd489 100644 --- a/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml +++ b/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml @@ -28,7 +28,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/smsquorumclient:latest +image: onap/aaf/smsquorumclient:2.0.0 pullPolicy: Always # flag to enable debugging - application support required diff --git a/charts/aaf-sms/values.yaml b/charts/aaf-sms/values.yaml index df2b6ab..b75038c 100644 --- a/charts/aaf-sms/values.yaml +++ b/charts/aaf-sms/values.yaml @@ -28,7 +28,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/sms:latest +image: onap/aaf/sms:2.0.0 pullPolicy: Always # flag to enable debugging - application support required -- cgit 1.2.3-korg From 2c90cb94f861727fa8bec029d167b05a965326ef Mon Sep 17 00:00:00 2001 From: BorislavG Date: Thu, 7 Jun 2018 08:34:52 +0000 Subject: Fix AAF CS startup timeouts Change-Id: I8140e6c392726e78e0a2c9b18337fa712eb9d944 Issue-ID: OOM-1128 Signed-off-by: BorislavG --- charts/aaf-cs/templates/deployment.yaml | 2 +- charts/aaf-cs/values.yaml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/aaf-cs/templates/deployment.yaml b/charts/aaf-cs/templates/deployment.yaml index 4253d2f..893c5ac 100644 --- a/charts/aaf-cs/templates/deployment.yaml +++ b/charts/aaf-cs/templates/deployment.yaml @@ -68,7 +68,7 @@ spec: - /bin/sh - -c - > - /bin/sleep 30; + /bin/sleep {{ .Values.readiness.initialDelaySeconds }}; cd /data/; cqlsh -u root -p root -f keyspace.cql ; cqlsh -u root -p root -f init.cql ; diff --git a/charts/aaf-cs/values.yaml b/charts/aaf-cs/values.yaml index 6d5ed6c..2131e85 100644 --- a/charts/aaf-cs/values.yaml +++ b/charts/aaf-cs/values.yaml @@ -42,14 +42,14 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 10 + initialDelaySeconds: 180 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: - initialDelaySeconds: 10 + initialDelaySeconds: 180 periodSeconds: 10 service: -- cgit 1.2.3-korg From 44fc09288d92009579f4b5e76faa05c264e158b2 Mon Sep 17 00:00:00 2001 From: Instrumental Date: Thu, 7 Jun 2018 08:27:26 -0500 Subject: Remove stderr/stdout redirection from Command Issue-ID: AAF-353 Change-Id: Ief7a3dda7160e385c15ed0be7e158c7de3af8cdd Signed-off-by: Instrumental --- charts/aaf-cm/templates/deployment.yaml | 2 +- charts/aaf-fs/templates/deployment.yaml | 2 +- charts/aaf-gui/templates/deployment.yaml | 2 +- charts/aaf-hello/templates/deployment.yaml | 2 +- charts/aaf-locate/templates/deployment.yaml | 2 +- charts/aaf-oauth/templates/deployment.yaml | 2 +- charts/aaf-service/templates/deployment.yaml | 2 +- 7 files changed, 7 insertions(+), 7 deletions(-) diff --git a/charts/aaf-cm/templates/deployment.yaml b/charts/aaf-cm/templates/deployment.yaml index 652e2ac..50c617e 100644 --- a/charts/aaf-cm/templates/deployment.yaml +++ b/charts/aaf-cm/templates/deployment.yaml @@ -68,7 +68,7 @@ spec: name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/cm/bin/cm >> /opt/app/osaaf/logs/cm/stdout`date -I` 2>> /opt/app/osaaf/logs/cm/stderr`date -I`"] + command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/cm/bin/cm"] volumeMounts: - mountPath: /opt/app/osaaf name: aaf-persistent-vol diff --git a/charts/aaf-fs/templates/deployment.yaml b/charts/aaf-fs/templates/deployment.yaml index 0bbd6a5..b100bc4 100644 --- a/charts/aaf-fs/templates/deployment.yaml +++ b/charts/aaf-fs/templates/deployment.yaml @@ -68,7 +68,7 @@ spec: name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: ["/bin/bash","-c","echo hello >> /opt/app/osaaf/logs/fs/stdout`date -I`;ln -s /opt/app/osaaf/data /data;/opt/app/aaf/fs/bin/fs >> /opt/app/osaaf/logs/fs/stdout`date -I` 2>> /opt/app/osaaf/logs/fs/stderr`date -I`"] + command: ["/bin/bash","-c","ln -s /opt/app/osaaf/data /data;/opt/app/aaf/fs/bin/fs "] volumeMounts: - mountPath: /opt/app/osaaf name: aaf-persistent-vol diff --git a/charts/aaf-gui/templates/deployment.yaml b/charts/aaf-gui/templates/deployment.yaml index ee503ca..1aa632b 100644 --- a/charts/aaf-gui/templates/deployment.yaml +++ b/charts/aaf-gui/templates/deployment.yaml @@ -68,7 +68,7 @@ spec: name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/gui/bin/gui >> /opt/app/osaaf/logs/gui/stdout`date -I` 2>> /opt/app/osaaf/logs/gui/stderr`date -I`"] + command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/gui/bin/gui "] volumeMounts: - mountPath: /opt/app/osaaf name: aaf-persistent-vol diff --git a/charts/aaf-hello/templates/deployment.yaml b/charts/aaf-hello/templates/deployment.yaml index b47d878..c9c8223 100644 --- a/charts/aaf-hello/templates/deployment.yaml +++ b/charts/aaf-hello/templates/deployment.yaml @@ -68,7 +68,7 @@ spec: name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/hello/bin/hello >> /opt/app/osaaf/logs/hello/stdout`date -I` 2>> /opt/app/osaaf/logs/hello/stderr`date -I`"] + command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/hello/bin/hello "] volumeMounts: - mountPath: /opt/app/osaaf name: aaf-persistent-vol diff --git a/charts/aaf-locate/templates/deployment.yaml b/charts/aaf-locate/templates/deployment.yaml index de5a46e..2adb92d 100644 --- a/charts/aaf-locate/templates/deployment.yaml +++ b/charts/aaf-locate/templates/deployment.yaml @@ -66,7 +66,7 @@ spec: name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/locate/bin/locate >> /opt/app/osaaf/logs/locate/stdout`date -I` 2>> /opt/app/osaaf/logs/locate/stderr`date -I`"] + command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/locate/bin/locate "] volumeMounts: - mountPath: /opt/app/osaaf name: aaf-persistent-vol diff --git a/charts/aaf-oauth/templates/deployment.yaml b/charts/aaf-oauth/templates/deployment.yaml index 00d6ee0..f236185 100644 --- a/charts/aaf-oauth/templates/deployment.yaml +++ b/charts/aaf-oauth/templates/deployment.yaml @@ -68,7 +68,7 @@ spec: name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/oauth/bin/oauth >> /opt/app/osaaf/logs/oauth/stdout`date -I` 2>> /opt/app/osaaf/logs/oauth/stderr`date -I`"] + command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/oauth/bin/oauth "] volumeMounts: - mountPath: /opt/app/osaaf name: aaf-persistent-vol diff --git a/charts/aaf-service/templates/deployment.yaml b/charts/aaf-service/templates/deployment.yaml index 9fd6eba..cff8fb2 100644 --- a/charts/aaf-service/templates/deployment.yaml +++ b/charts/aaf-service/templates/deployment.yaml @@ -68,7 +68,7 @@ spec: name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/service/bin/service >> /opt/app/osaaf/logs/service/stdout`date -I` 2>> /opt/app/osaaf/logs/service/stderr`date -I`"] + command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/service/bin/service "] volumeMounts: - mountPath: /opt/app/osaaf name: aaf-persistent-vol -- cgit 1.2.3-korg From 045b56e7ae1b38cf3b70789066e39e1af5337ea2 Mon Sep 17 00:00:00 2001 From: Gary Wu Date: Thu, 7 Jun 2018 05:26:25 -0700 Subject: Change gerrit branches to beijing Change-Id: I840e9aada77fa297273ef5b32663f70ca4aac371 Issue-ID: INT-506 Signed-off-by: Gary Wu --- values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/values.yaml b/values.yaml index 19250d8..9d48935 100644 --- a/values.yaml +++ b/values.yaml @@ -38,7 +38,7 @@ config: csServiceName: aaf-cass # gerrit branch where the latest aaf/auth/sample/public code exists gerritProject: http://gerrit.onap.org/r/aaf/authz.git - gerritBranch: master + gerritBranch: beijing # default number of instances replicaCount: 1 -- cgit 1.2.3-korg From e32d02498749b9243a981b571ead8a9ff79debee Mon Sep 17 00:00:00 2001 From: Gary Wu Date: Mon, 11 Jun 2018 09:25:34 -0700 Subject: Use 2.0.0-ONAP tag instead beijing branch To ensure reproducible deployments, change gerrit branches to 2.0.0-ONAP tag instead of using the beijing branch since the beijing branches are not locked. Change-Id: I30bbece5fa2e0b8622db948d45e08a46ecf43ece Issue-ID: INT-506 Signed-off-by: Gary Wu --- values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/values.yaml b/values.yaml index 9d48935..9a51839 100644 --- a/values.yaml +++ b/values.yaml @@ -38,7 +38,7 @@ config: csServiceName: aaf-cass # gerrit branch where the latest aaf/auth/sample/public code exists gerritProject: http://gerrit.onap.org/r/aaf/authz.git - gerritBranch: beijing + gerritBranch: 2.0.0-ONAP # default number of instances replicaCount: 1 -- cgit 1.2.3-korg From 8b7dcadeed7d680730a5adf85a06d8169680a035 Mon Sep 17 00:00:00 2001 From: Kiran Kamineni Date: Thu, 2 Aug 2018 17:19:27 -0700 Subject: Add readiness step for deployment Using an initContainer and to start SMS only after vault and consul have already started. This prevents restarts of the sms container. Issue-ID: AAF-421 Change-Id: Ied3264711d5d931a1d18523eadcc84e188ededa5 Signed-off-by: Kiran Kamineni --- .../aaf-sms/charts/aaf-sms-quorumclient/values.yaml | 2 +- charts/aaf-sms/templates/deployment.yaml | 19 ++++++++++++++++++- charts/aaf-sms/values.yaml | 2 +- 3 files changed, 20 insertions(+), 3 deletions(-) diff --git a/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml b/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml index c5fd489..768f89f 100644 --- a/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml +++ b/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml @@ -28,7 +28,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/smsquorumclient:2.0.0 +image: onap/aaf/smsquorumclient:latest pullPolicy: Always # flag to enable debugging - application support required diff --git a/charts/aaf-sms/templates/deployment.yaml b/charts/aaf-sms/templates/deployment.yaml index 4bdb84f..58fe72f 100644 --- a/charts/aaf-sms/templates/deployment.yaml +++ b/charts/aaf-sms/templates/deployment.yaml @@ -30,10 +30,27 @@ spec: app: {{ include "common.name" . }} release: {{ .Release.Name }} spec: + initContainers: + - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness + command: + - /root/ready.py + args: + - --container-name + - "aaf-sms-vault" + - --container-name + - "aaf-sms-vault-backend" + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace containers: - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - name: {{ include "common.name" . }} imagePullPolicy: {{ .Values.pullPolicy }} + name: {{ include "common.name" . }} command: ["/sms/bin/sms"] workingDir: /sms/ ports: diff --git a/charts/aaf-sms/values.yaml b/charts/aaf-sms/values.yaml index b75038c..df2b6ab 100644 --- a/charts/aaf-sms/values.yaml +++ b/charts/aaf-sms/values.yaml @@ -28,7 +28,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/sms:2.0.0 +image: onap/aaf/sms:latest pullPolicy: Always # flag to enable debugging - application support required -- cgit 1.2.3-korg From 6717b86c7e952cd4a2b3f25a3e7dff5e4297cc0e Mon Sep 17 00:00:00 2001 From: vaibhavjayas Date: Tue, 31 Jul 2018 09:23:16 +0000 Subject: License Task for VID,AAF,CLI,SNIRO Issue-ID: OOM-1304 Signed-off-by: vaibhavjayas Change-Id: I601eaabf6e4487a5eda90f6117d55fcbfe0e7d6b --- charts/aaf-cm/templates/NOTES.txt | 14 ++++++++++++++ charts/aaf-cs/Chart.yaml | 14 ++++++++++++++ charts/aaf-cs/resources/config/aaf-cs-data/init.cql | 13 +++++++++++++ .../aaf-cs/resources/config/aaf-cs-data/keyspace.cql | 14 ++++++++++++++ charts/aaf-cs/resources/config/aaf-cs-data/osaaf.cql | 14 ++++++++++++++ .../resources/config/aaf-cs-data/temp_identity.cql | 14 ++++++++++++++ charts/aaf-cs/templates/NOTES.txt | 14 ++++++++++++++ charts/aaf-fs/templates/NOTES.txt | 14 ++++++++++++++ charts/aaf-gui/templates/NOTES.txt | 14 ++++++++++++++ charts/aaf-hello/templates/NOTES.txt | 14 ++++++++++++++ charts/aaf-locate/templates/NOTES.txt | 14 ++++++++++++++ charts/aaf-oauth/templates/NOTES.txt | 14 ++++++++++++++ resources/config/backup/backup.sh | 14 ++++++++++++++ resources/config/backup/cbackup.sh | 14 ++++++++++++++ resources/config/data/identities.dat | 14 ++++++++++++++ resources/config/data/sample.identities.dat | 13 +++++++++++++ resources/config/etc/org.osaaf.cm.props | 14 ++++++++++++++ resources/config/etc/org.osaaf.common.props | 14 ++++++++++++++ resources/config/etc/org.osaaf.fs.props | 15 +++++++++++++++ resources/config/etc/org.osaaf.gui.props | 15 +++++++++++++++ resources/config/etc/org.osaaf.hello.props | 15 +++++++++++++++ resources/config/etc/org.osaaf.locate.props | 15 +++++++++++++++ resources/config/etc/org.osaaf.oauth.props | 14 ++++++++++++++ resources/config/etc/org.osaaf.orgs.props | 14 ++++++++++++++ resources/config/etc/org.osaaf.service.props | 15 +++++++++++++++ resources/config/local/org.osaaf.aaf.props | 20 ++++++++++++++------ 26 files changed, 367 insertions(+), 6 deletions(-) diff --git a/charts/aaf-cm/templates/NOTES.txt b/charts/aaf-cm/templates/NOTES.txt index c60c745..bd74a42 100644 --- a/charts/aaf-cm/templates/NOTES.txt +++ b/charts/aaf-cm/templates/NOTES.txt @@ -1,3 +1,17 @@ +# Copyright © 2018 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + 1. Get the application URL by running these commands: {{- if .Values.ingress.enabled }} {{- range .Values.ingress.hosts }} diff --git a/charts/aaf-cs/Chart.yaml b/charts/aaf-cs/Chart.yaml index a0f05c4..92ea707 100644 --- a/charts/aaf-cs/Chart.yaml +++ b/charts/aaf-cs/Chart.yaml @@ -1,3 +1,17 @@ +# Copyright © 2018 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + apiVersion: v1 description: ONAP AAF cassandra name: aaf-cs diff --git a/charts/aaf-cs/resources/config/aaf-cs-data/init.cql b/charts/aaf-cs/resources/config/aaf-cs-data/init.cql index c06e5ee..c4f77d8 100644 --- a/charts/aaf-cs/resources/config/aaf-cs-data/init.cql +++ b/charts/aaf-cs/resources/config/aaf-cs-data/init.cql @@ -1,3 +1,16 @@ +/* # Copyright © 2018 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. */ // Table Initialization // First make sure the keyspace exists. diff --git a/charts/aaf-cs/resources/config/aaf-cs-data/keyspace.cql b/charts/aaf-cs/resources/config/aaf-cs-data/keyspace.cql index 52dc5ea..2951b2a 100644 --- a/charts/aaf-cs/resources/config/aaf-cs-data/keyspace.cql +++ b/charts/aaf-cs/resources/config/aaf-cs-data/keyspace.cql @@ -1,3 +1,17 @@ +/* # Copyright © 2018 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. */ + // For Developer Machine single instance // CREATE KEYSPACE authz // WITH REPLICATION = {'class' : 'SimpleStrategy','replication_factor':1}; diff --git a/charts/aaf-cs/resources/config/aaf-cs-data/osaaf.cql b/charts/aaf-cs/resources/config/aaf-cs-data/osaaf.cql index e7385ab..89da60f 100644 --- a/charts/aaf-cs/resources/config/aaf-cs-data/osaaf.cql +++ b/charts/aaf-cs/resources/config/aaf-cs-data/osaaf.cql @@ -1,3 +1,17 @@ +/* # Copyright © 2018 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. */ + USE authz; // Create 'org' root NS diff --git a/charts/aaf-cs/resources/config/aaf-cs-data/temp_identity.cql b/charts/aaf-cs/resources/config/aaf-cs-data/temp_identity.cql index 5e7cfe1..4b6bf44 100644 --- a/charts/aaf-cs/resources/config/aaf-cs-data/temp_identity.cql +++ b/charts/aaf-cs/resources/config/aaf-cs-data/temp_identity.cql @@ -1,3 +1,17 @@ +/* # Copyright © 2018 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. */ + USE authz; INSERT INTO user_role(user,role,expires,ns,rname) diff --git a/charts/aaf-cs/templates/NOTES.txt b/charts/aaf-cs/templates/NOTES.txt index c60c745..bd74a42 100644 --- a/charts/aaf-cs/templates/NOTES.txt +++ b/charts/aaf-cs/templates/NOTES.txt @@ -1,3 +1,17 @@ +# Copyright © 2018 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + 1. Get the application URL by running these commands: {{- if .Values.ingress.enabled }} {{- range .Values.ingress.hosts }} diff --git a/charts/aaf-fs/templates/NOTES.txt b/charts/aaf-fs/templates/NOTES.txt index c60c745..bd74a42 100644 --- a/charts/aaf-fs/templates/NOTES.txt +++ b/charts/aaf-fs/templates/NOTES.txt @@ -1,3 +1,17 @@ +# Copyright © 2018 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + 1. Get the application URL by running these commands: {{- if .Values.ingress.enabled }} {{- range .Values.ingress.hosts }} diff --git a/charts/aaf-gui/templates/NOTES.txt b/charts/aaf-gui/templates/NOTES.txt index c60c745..bd74a42 100644 --- a/charts/aaf-gui/templates/NOTES.txt +++ b/charts/aaf-gui/templates/NOTES.txt @@ -1,3 +1,17 @@ +# Copyright © 2018 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + 1. Get the application URL by running these commands: {{- if .Values.ingress.enabled }} {{- range .Values.ingress.hosts }} diff --git a/charts/aaf-hello/templates/NOTES.txt b/charts/aaf-hello/templates/NOTES.txt index c60c745..bd74a42 100644 --- a/charts/aaf-hello/templates/NOTES.txt +++ b/charts/aaf-hello/templates/NOTES.txt @@ -1,3 +1,17 @@ +# Copyright © 2018 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + 1. Get the application URL by running these commands: {{- if .Values.ingress.enabled }} {{- range .Values.ingress.hosts }} diff --git a/charts/aaf-locate/templates/NOTES.txt b/charts/aaf-locate/templates/NOTES.txt index c60c745..bd74a42 100644 --- a/charts/aaf-locate/templates/NOTES.txt +++ b/charts/aaf-locate/templates/NOTES.txt @@ -1,3 +1,17 @@ +# Copyright © 2018 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + 1. Get the application URL by running these commands: {{- if .Values.ingress.enabled }} {{- range .Values.ingress.hosts }} diff --git a/charts/aaf-oauth/templates/NOTES.txt b/charts/aaf-oauth/templates/NOTES.txt index c60c745..bd74a42 100644 --- a/charts/aaf-oauth/templates/NOTES.txt +++ b/charts/aaf-oauth/templates/NOTES.txt @@ -1,3 +1,17 @@ +# Copyright © 2018 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + 1. Get the application URL by running these commands: {{- if .Values.ingress.enabled }} {{- range .Values.ingress.hosts }} diff --git a/resources/config/backup/backup.sh b/resources/config/backup/backup.sh index 1359d3d..0cc2f62 100644 --- a/resources/config/backup/backup.sh +++ b/resources/config/backup/backup.sh @@ -1,3 +1,17 @@ +# Copyright © 2018 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + # BEGIN Store prev BD=/opt/app/osaaf/backup if [ -e "$BD/6day" ]; then diff --git a/resources/config/backup/cbackup.sh b/resources/config/backup/cbackup.sh index 9c91d0c..de91852 100644 --- a/resources/config/backup/cbackup.sh +++ b/resources/config/backup/cbackup.sh @@ -1,3 +1,17 @@ +# Copyright © 2018 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + cd /opt/app/cass_backup DATA="ns role perm ns_attrib user_role cred cert x509 delegate approval approved future notify artifact health history" PWD=cassandra diff --git a/resources/config/data/identities.dat b/resources/config/data/identities.dat index 39d18a1..cb7f01d 100644 --- a/resources/config/data/identities.dat +++ b/resources/config/data/identities.dat @@ -1,3 +1,17 @@ +# Copyright © 2018 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + # # Sample Identities.dat # This file is for use with the "Default Organization". It is a simple mechanism to have a basic ILM structure to use with diff --git a/resources/config/data/sample.identities.dat b/resources/config/data/sample.identities.dat index 39d18a1..cf2ca6d 100644 --- a/resources/config/data/sample.identities.dat +++ b/resources/config/data/sample.identities.dat @@ -1,3 +1,16 @@ +# Copyright © 2018 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. # # Sample Identities.dat # This file is for use with the "Default Organization". It is a simple mechanism to have a basic ILM structure to use with diff --git a/resources/config/etc/org.osaaf.cm.props b/resources/config/etc/org.osaaf.cm.props index d634cfe..ccd8a33 100644 --- a/resources/config/etc/org.osaaf.cm.props +++ b/resources/config/etc/org.osaaf.cm.props @@ -1,3 +1,17 @@ +# Copyright © 2018 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + ## ## org.osaaf.cm.props ## AAF Certificate Manager properties diff --git a/resources/config/etc/org.osaaf.common.props b/resources/config/etc/org.osaaf.common.props index 8b75e70..052a2ec 100644 --- a/resources/config/etc/org.osaaf.common.props +++ b/resources/config/etc/org.osaaf.common.props @@ -1,3 +1,17 @@ +# Copyright © 2018 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + ############################################################ # Common properties for all AAF Components # on 2018-03-02 06:59.628-0500 diff --git a/resources/config/etc/org.osaaf.fs.props b/resources/config/etc/org.osaaf.fs.props index d499f97..266e08e 100644 --- a/resources/config/etc/org.osaaf.fs.props +++ b/resources/config/etc/org.osaaf.fs.props @@ -1,3 +1,18 @@ +# Copyright © 2018 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + ## ## org.osaaf.locator ## AAF Locator Properties diff --git a/resources/config/etc/org.osaaf.gui.props b/resources/config/etc/org.osaaf.gui.props index 86b3aa6..6c40b40 100644 --- a/resources/config/etc/org.osaaf.gui.props +++ b/resources/config/etc/org.osaaf.gui.props @@ -1,3 +1,18 @@ +# Copyright © 2018 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + ## ## org.osaaf.locator ## AAF Locator Properties diff --git a/resources/config/etc/org.osaaf.hello.props b/resources/config/etc/org.osaaf.hello.props index d832aaf..eeacc1d 100644 --- a/resources/config/etc/org.osaaf.hello.props +++ b/resources/config/etc/org.osaaf.hello.props @@ -1,3 +1,18 @@ +# Copyright © 2018 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + ## ## org.osaaf.locator ## AAF Locator Properties diff --git a/resources/config/etc/org.osaaf.locate.props b/resources/config/etc/org.osaaf.locate.props index 47a174e..1026dd8 100644 --- a/resources/config/etc/org.osaaf.locate.props +++ b/resources/config/etc/org.osaaf.locate.props @@ -1,3 +1,18 @@ +# Copyright © 2018 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + ## ## org.osaaf.locator ## AAF Locator Properties diff --git a/resources/config/etc/org.osaaf.oauth.props b/resources/config/etc/org.osaaf.oauth.props index 82e80c7..d2a5b97 100644 --- a/resources/config/etc/org.osaaf.oauth.props +++ b/resources/config/etc/org.osaaf.oauth.props @@ -1,3 +1,17 @@ +# Copyright © 2018 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + ## ## org.osaaf.locator ## AAF Locator Properties diff --git a/resources/config/etc/org.osaaf.orgs.props b/resources/config/etc/org.osaaf.orgs.props index 66bfd2f..c609de2 100644 --- a/resources/config/etc/org.osaaf.orgs.props +++ b/resources/config/etc/org.osaaf.orgs.props @@ -1,3 +1,17 @@ +# Copyright © 2018 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + # # Define Organizations for use in some of the components. Not all use them # diff --git a/resources/config/etc/org.osaaf.service.props b/resources/config/etc/org.osaaf.service.props index ff3e0b5..adb9032 100644 --- a/resources/config/etc/org.osaaf.service.props +++ b/resources/config/etc/org.osaaf.service.props @@ -1,3 +1,18 @@ +# Copyright © 2018 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + ## ## org.osaaf.service ## AAF Service Properties diff --git a/resources/config/local/org.osaaf.aaf.props b/resources/config/local/org.osaaf.aaf.props index 37a9d62..21910eb 100644 --- a/resources/config/local/org.osaaf.aaf.props +++ b/resources/config/local/org.osaaf.aaf.props @@ -1,9 +1,17 @@ -############################################################ -# Properties Generated by AT&T Certificate Manager -# by jg1555 -# on 2018-02-21T10:28:08.909-0600 -# @copyright 2016, AT&T -############################################################ +# Copyright © 2018 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + cm_url=https://{{.Values.config.cmServiceName}}:8150 #hostname=aaf.osaaf.org aaf_env=DEV -- cgit 1.2.3-korg From a0518e0e796cca747e5c1a122adf191887941f0e Mon Sep 17 00:00:00 2001 From: Manjunath Ranganathaiah Date: Wed, 29 Aug 2018 16:10:32 -0700 Subject: Add config file for pkcs11 This file will be used by ca property file to trigger pkcs11 keystore to be used by local CA Change-Id: I7dd5d668bbf438d4a0e347835ca92ae9202f3a50 Issue-ID: AAF-413 Signed-off-by: Manjunath Ranganathaiah --- resources/config/local/org.osaaf.aaf.cm.pkcs11 | 1 + 1 file changed, 1 insertion(+) create mode 100644 resources/config/local/org.osaaf.aaf.cm.pkcs11 diff --git a/resources/config/local/org.osaaf.aaf.cm.pkcs11 b/resources/config/local/org.osaaf.aaf.cm.pkcs11 new file mode 100644 index 0000000..05fe60f --- /dev/null +++ b/resources/config/local/org.osaaf.aaf.cm.pkcs11 @@ -0,0 +1 @@ +name = localca -- cgit 1.2.3-korg From f8f6a6a7175b8f49846607741fdc741a3411806b Mon Sep 17 00:00:00 2001 From: toshrajbhardwaj Date: Mon, 6 Aug 2018 07:35:14 +0000 Subject: Apache2 License addition Issue-ID: OOM-1306 Change-Id: I1a617718006ee845d675fead74ce075c3390ac2f Signed-off-by: toshrajbhardwaj --- .helmignore | 42 +++++++++++++++++++++--------------------- Chart.yaml | 3 ++- charts/aaf-cm/.helmignore | 42 +++++++++++++++++++++--------------------- charts/aaf-cm/Chart.yaml | 3 ++- charts/aaf-cs/.helmignore | 42 +++++++++++++++++++++--------------------- 5 files changed, 67 insertions(+), 65 deletions(-) diff --git a/.helmignore b/.helmignore index f0c1319..daebc7d 100644 --- a/.helmignore +++ b/.helmignore @@ -1,21 +1,21 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/Chart.yaml b/Chart.yaml index 438835d..449fbe4 100644 --- a/Chart.yaml +++ b/Chart.yaml @@ -1,4 +1,5 @@ -# Copyright © 2017 Amdocs, Bell Canada +# Copyright © 2018 ZTE +# Modifications Copyright © 2018 AT&T, Amdocs, Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/charts/aaf-cm/.helmignore b/charts/aaf-cm/.helmignore index f0c1319..daebc7d 100644 --- a/charts/aaf-cm/.helmignore +++ b/charts/aaf-cm/.helmignore @@ -1,21 +1,21 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/charts/aaf-cm/Chart.yaml b/charts/aaf-cm/Chart.yaml index 00832d6..828142f 100644 --- a/charts/aaf-cm/Chart.yaml +++ b/charts/aaf-cm/Chart.yaml @@ -1,4 +1,5 @@ # Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T, ZTE # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -15,4 +16,4 @@ apiVersion: v1 description: ONAP AAF Certificate Manager name: aaf-cm -version: 2.0.0 \ No newline at end of file +version: 2.0.0 diff --git a/charts/aaf-cs/.helmignore b/charts/aaf-cs/.helmignore index f0c1319..daebc7d 100644 --- a/charts/aaf-cs/.helmignore +++ b/charts/aaf-cs/.helmignore @@ -1,21 +1,21 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj -- cgit 1.2.3-korg From 46ee6d50fe3f1798bcd313eb192dbe003945cec8 Mon Sep 17 00:00:00 2001 From: Alexis de Talhouët Date: Wed, 19 Sep 2018 11:58:29 -0400 Subject: Sync values from docker-manifest-staging file MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Change-Id: Ic8f11dc20c425aab144fe28a5e761552eb7b025b Issue-ID: OOM-1422 Signed-off-by: Alexis de Talhouët --- charts/aaf-cm/values.yaml | 2 +- charts/aaf-fs/values.yaml | 2 +- charts/aaf-gui/values.yaml | 2 +- charts/aaf-hello/values.yaml | 2 +- charts/aaf-locate/values.yaml | 2 +- charts/aaf-oauth/values.yaml | 2 +- charts/aaf-service/values.yaml | 2 +- charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml | 2 +- charts/aaf-sms/values.yaml | 2 +- 9 files changed, 9 insertions(+), 9 deletions(-) diff --git a/charts/aaf-cm/values.yaml b/charts/aaf-cm/values.yaml index 24fe23e..0f52182 100644 --- a/charts/aaf-cm/values.yaml +++ b/charts/aaf-cm/values.yaml @@ -25,7 +25,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_cm:2.1.1 +image: onap/aaf/aaf_cm:2.1.2-SNAPSHOT pullPolicy: Always # flag to enable debugging - application support required diff --git a/charts/aaf-fs/values.yaml b/charts/aaf-fs/values.yaml index 1613a4f..74fdc68 100644 --- a/charts/aaf-fs/values.yaml +++ b/charts/aaf-fs/values.yaml @@ -25,7 +25,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_fs:2.1.1 +image: onap/aaf/aaf_fs:2.1.2-SNAPSHOT pullPolicy: Always # flag to enable debugging - application support required diff --git a/charts/aaf-gui/values.yaml b/charts/aaf-gui/values.yaml index f87ec5c..92faa6c 100644 --- a/charts/aaf-gui/values.yaml +++ b/charts/aaf-gui/values.yaml @@ -25,7 +25,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_gui:2.1.1 +image: onap/aaf/aaf_gui:2.1.2-SNAPSHOT pullPolicy: Always # flag to enable debugging - application support required diff --git a/charts/aaf-hello/values.yaml b/charts/aaf-hello/values.yaml index ca19298..5a41bb3 100644 --- a/charts/aaf-hello/values.yaml +++ b/charts/aaf-hello/values.yaml @@ -25,7 +25,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_hello:2.1.1 +image: onap/aaf/aaf_hello:2.1.2-SNAPSHOT pullPolicy: Always # flag to enable debugging - application support required diff --git a/charts/aaf-locate/values.yaml b/charts/aaf-locate/values.yaml index 675a4ad..f31a2ca 100644 --- a/charts/aaf-locate/values.yaml +++ b/charts/aaf-locate/values.yaml @@ -29,7 +29,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_locate:2.1.1 +image: onap/aaf/aaf_locate:2.1.2-SNAPSHOT pullPolicy: Always # flag to enable debugging - application support required diff --git a/charts/aaf-oauth/values.yaml b/charts/aaf-oauth/values.yaml index 293505b..6ac90e1 100644 --- a/charts/aaf-oauth/values.yaml +++ b/charts/aaf-oauth/values.yaml @@ -25,7 +25,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_oauth:2.1.1 +image: onap/aaf/aaf_oauth:2.1.2-SNAPSHOT pullPolicy: Always # flag to enable debugging - application support required diff --git a/charts/aaf-service/values.yaml b/charts/aaf-service/values.yaml index d5356d7..3e0ed61 100644 --- a/charts/aaf-service/values.yaml +++ b/charts/aaf-service/values.yaml @@ -25,7 +25,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_service:2.1.1 +image: onap/aaf/aaf_service:2.1.2-SNAPSHOT pullPolicy: Always # flag to enable debugging - application support required diff --git a/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml b/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml index 768f89f..c5fd489 100644 --- a/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml +++ b/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml @@ -28,7 +28,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/smsquorumclient:latest +image: onap/aaf/smsquorumclient:2.0.0 pullPolicy: Always # flag to enable debugging - application support required diff --git a/charts/aaf-sms/values.yaml b/charts/aaf-sms/values.yaml index df2b6ab..b75038c 100644 --- a/charts/aaf-sms/values.yaml +++ b/charts/aaf-sms/values.yaml @@ -28,7 +28,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/sms:latest +image: onap/aaf/sms:2.0.0 pullPolicy: Always # flag to enable debugging - application support required -- cgit 1.2.3-korg From 82f624160c2302991a4bfcbbaf7b61b3a4d802d3 Mon Sep 17 00:00:00 2001 From: Mandeep Khinda Date: Wed, 19 Sep 2018 18:18:04 +0000 Subject: updating gerritBranch to master some charts internally pull config/scripts from gerrit to bootstrap. They are currently bootstrapping with the beijing branch. Issue-ID: OOM-1425 Change-Id: I0ab0a054e9cc6ed6b23704404d80588f53530fa2 Signed-off-by: Mandeep Khinda --- values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/values.yaml b/values.yaml index 9a51839..19250d8 100644 --- a/values.yaml +++ b/values.yaml @@ -38,7 +38,7 @@ config: csServiceName: aaf-cass # gerrit branch where the latest aaf/auth/sample/public code exists gerritProject: http://gerrit.onap.org/r/aaf/authz.git - gerritBranch: 2.0.0-ONAP + gerritBranch: master # default number of instances replicaCount: 1 -- cgit 1.2.3-korg From 568e13446f4413bd0ce504392d1acfcbd64aabbb Mon Sep 17 00:00:00 2001 From: Mike Elliott Date: Mon, 24 Sep 2018 10:01:14 -0400 Subject: Update Chart versions to 3.0 All Chart versions and requirement dependencies have been updated to 3.0 for Casablanca release. Change-Id: Iea57e5da09ea8a8bac0a415b9a6196151cbea10b Issue-ID: OOM-1354 Signed-off-by: Mike Elliott --- Chart.yaml | 2 +- charts/aaf-cm/Chart.yaml | 2 +- charts/aaf-cs/Chart.yaml | 2 +- charts/aaf-fs/Chart.yaml | 2 +- charts/aaf-gui/Chart.yaml | 2 +- charts/aaf-hello/Chart.yaml | 2 +- charts/aaf-locate/Chart.yaml | 2 +- charts/aaf-oauth/Chart.yaml | 2 +- charts/aaf-service/Chart.yaml | 2 +- charts/aaf-sms/Chart.yaml | 2 +- charts/aaf-sms/charts/aaf-sms-quorumclient/Chart.yaml | 2 +- charts/aaf-sms/charts/aaf-sms-vault/Chart.yaml | 2 +- requirements.yaml | 2 +- 13 files changed, 13 insertions(+), 13 deletions(-) diff --git a/Chart.yaml b/Chart.yaml index 449fbe4..6de2f28 100644 --- a/Chart.yaml +++ b/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP Application Authorization Framework name: aaf -version: 2.0.0 +version: 3.0.0 diff --git a/charts/aaf-cm/Chart.yaml b/charts/aaf-cm/Chart.yaml index 828142f..68c5ca2 100644 --- a/charts/aaf-cm/Chart.yaml +++ b/charts/aaf-cm/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP AAF Certificate Manager name: aaf-cm -version: 2.0.0 +version: 3.0.0 diff --git a/charts/aaf-cs/Chart.yaml b/charts/aaf-cs/Chart.yaml index 92ea707..e3197f2 100644 --- a/charts/aaf-cs/Chart.yaml +++ b/charts/aaf-cs/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP AAF cassandra name: aaf-cs -version: 2.0.0 +version: 3.0.0 diff --git a/charts/aaf-fs/Chart.yaml b/charts/aaf-fs/Chart.yaml index 6b0fdcb..eada78b 100644 --- a/charts/aaf-fs/Chart.yaml +++ b/charts/aaf-fs/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP AAF File Server name: aaf-fs -version: 2.0.0 \ No newline at end of file +version: 3.0.0 \ No newline at end of file diff --git a/charts/aaf-gui/Chart.yaml b/charts/aaf-gui/Chart.yaml index d0aea0b..26d4a91 100644 --- a/charts/aaf-gui/Chart.yaml +++ b/charts/aaf-gui/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP AAF GUI name: aaf-gui -version: 2.0.0 \ No newline at end of file +version: 3.0.0 \ No newline at end of file diff --git a/charts/aaf-hello/Chart.yaml b/charts/aaf-hello/Chart.yaml index c4029ba..734cf14 100644 --- a/charts/aaf-hello/Chart.yaml +++ b/charts/aaf-hello/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP AAF Hello name: aaf-hello -version: 2.0.0 \ No newline at end of file +version: 3.0.0 \ No newline at end of file diff --git a/charts/aaf-locate/Chart.yaml b/charts/aaf-locate/Chart.yaml index db50ec3..0f4bfd9 100644 --- a/charts/aaf-locate/Chart.yaml +++ b/charts/aaf-locate/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP AAF Locate name: aaf-locate -version: 2.0.0 \ No newline at end of file +version: 3.0.0 \ No newline at end of file diff --git a/charts/aaf-oauth/Chart.yaml b/charts/aaf-oauth/Chart.yaml index bcb135b..a587881 100644 --- a/charts/aaf-oauth/Chart.yaml +++ b/charts/aaf-oauth/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP AAF OAuth name: aaf-oauth -version: 2.0.0 \ No newline at end of file +version: 3.0.0 \ No newline at end of file diff --git a/charts/aaf-service/Chart.yaml b/charts/aaf-service/Chart.yaml index 3461f1a..42a3394 100644 --- a/charts/aaf-service/Chart.yaml +++ b/charts/aaf-service/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP AAF Service name: aaf-service -version: 2.0.0 +version: 3.0.0 diff --git a/charts/aaf-sms/Chart.yaml b/charts/aaf-sms/Chart.yaml index 7141875..ad633c5 100644 --- a/charts/aaf-sms/Chart.yaml +++ b/charts/aaf-sms/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP Secret Management Service name: aaf-sms -version: 2.0.0 +version: 3.0.0 diff --git a/charts/aaf-sms/charts/aaf-sms-quorumclient/Chart.yaml b/charts/aaf-sms/charts/aaf-sms-quorumclient/Chart.yaml index 4e279e7..d8f957e 100644 --- a/charts/aaf-sms/charts/aaf-sms-quorumclient/Chart.yaml +++ b/charts/aaf-sms/charts/aaf-sms-quorumclient/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP Secret Management Service Quorum Client name: aaf-sms-quorumclient -version: 2.0.0 +version: 3.0.0 diff --git a/charts/aaf-sms/charts/aaf-sms-vault/Chart.yaml b/charts/aaf-sms/charts/aaf-sms-vault/Chart.yaml index 3f0b93e..44a5a6b 100644 --- a/charts/aaf-sms/charts/aaf-sms-vault/Chart.yaml +++ b/charts/aaf-sms/charts/aaf-sms-vault/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: Chart to launch Vault as SMS backend name: aaf-sms-vault appVersion: 0.9.5 -version: 2.0.0 +version: 3.0.0 diff --git a/requirements.yaml b/requirements.yaml index 1e8f788..896eaf4 100644 --- a/requirements.yaml +++ b/requirements.yaml @@ -14,5 +14,5 @@ dependencies: - name: common - version: ~2.0.0 + version: ~3.0.0 repository: '@local' \ No newline at end of file -- cgit 1.2.3-korg From e63ee8b4ea5f380425dd7905fb4efd0211ba3fee Mon Sep 17 00:00:00 2001 From: Mandeep Khinda Date: Mon, 24 Sep 2018 15:15:48 +0000 Subject: adding unlimited resource limit Adds the ability to turn them off if they are found to cause issues also cleaning up some whitespace Issue-ID: OOM-1145 Change-Id: Idf0ee21f70e1bf65813b7f51ea028f2783a01cf8 Signed-off-by: Mandeep Khinda --- charts/aaf-cm/values.yaml | 2 +- charts/aaf-cs/values.yaml | 2 +- charts/aaf-fs/values.yaml | 2 +- charts/aaf-hello/values.yaml | 2 +- charts/aaf-locate/values.yaml | 2 +- charts/aaf-oauth/values.yaml | 2 +- values.yaml | 4 ++-- 7 files changed, 8 insertions(+), 8 deletions(-) diff --git a/charts/aaf-cm/values.yaml b/charts/aaf-cm/values.yaml index 0f52182..1cd5cb4 100644 --- a/charts/aaf-cm/values.yaml +++ b/charts/aaf-cm/values.yaml @@ -19,7 +19,7 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s readinessImage: readiness-check:2.0.0 - + ################################################################# # Application configuration defaults. ################################################################# diff --git a/charts/aaf-cs/values.yaml b/charts/aaf-cs/values.yaml index 2131e85..83eaf15 100644 --- a/charts/aaf-cs/values.yaml +++ b/charts/aaf-cs/values.yaml @@ -60,7 +60,7 @@ service: internalPort: 7000 #port externalPort: 7000 - + internalPort2: 7001 externalPort2: 7001 internalPort3: 9042 diff --git a/charts/aaf-fs/values.yaml b/charts/aaf-fs/values.yaml index 74fdc68..f484883 100644 --- a/charts/aaf-fs/values.yaml +++ b/charts/aaf-fs/values.yaml @@ -19,7 +19,7 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s readinessImage: readiness-check:2.0.0 - + ################################################################# # Application configuration defaults. ################################################################# diff --git a/charts/aaf-hello/values.yaml b/charts/aaf-hello/values.yaml index 5a41bb3..27f59d1 100644 --- a/charts/aaf-hello/values.yaml +++ b/charts/aaf-hello/values.yaml @@ -19,7 +19,7 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s readinessImage: readiness-check:2.0.0 - + ################################################################# # Application configuration defaults. ################################################################# diff --git a/charts/aaf-locate/values.yaml b/charts/aaf-locate/values.yaml index f31a2ca..86d67fc 100644 --- a/charts/aaf-locate/values.yaml +++ b/charts/aaf-locate/values.yaml @@ -19,7 +19,7 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s readinessImage: readiness-check:2.0.0 - + # If mountPath is over NFS (e.g. /dockerdata-nfs is NFS mounted between the nodes), uncomment following lines. # persistence: # mountPath: /dockerdata diff --git a/charts/aaf-oauth/values.yaml b/charts/aaf-oauth/values.yaml index 6ac90e1..c349814 100644 --- a/charts/aaf-oauth/values.yaml +++ b/charts/aaf-oauth/values.yaml @@ -19,7 +19,7 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s readinessImage: readiness-check:2.0.0 - + ################################################################# # Application configuration defaults. ################################################################# diff --git a/values.yaml b/values.yaml index 19250d8..c8f0484 100644 --- a/values.yaml +++ b/values.yaml @@ -21,13 +21,13 @@ global: readinessImage: readiness-check:2.0.0 ubuntuInitRepository: registry.hub.docker.com ubuntuInitImage: oomk8s/ubuntu-init:2.0.0 - persistence: + persistence: enabled: true ################################################################# # Application configuration defaults. ################################################################# -config: +config: serviceServiceName: aaf-service locateServiceName: aaf-locate cmServiceName: aaf-cm -- cgit 1.2.3-korg From f5719737938a4011e2be546bb088570150543085 Mon Sep 17 00:00:00 2001 From: Mandeep Khinda Date: Mon, 24 Sep 2018 15:25:42 +0000 Subject: Updating charts to use common resource template Issue-ID: OOM-1145 Change-Id: I1510339a820802554b6e8b9a201619ef66be17a0 Signed-off-by: Mandeep Khinda --- charts/aaf-cm/templates/deployment.yaml | 2 +- charts/aaf-cs/templates/deployment.yaml | 6 +++--- charts/aaf-fs/templates/deployment.yaml | 2 +- charts/aaf-gui/templates/deployment.yaml | 2 +- charts/aaf-hello/templates/deployment.yaml | 2 +- charts/aaf-locate/templates/deployment.yaml | 2 +- charts/aaf-oauth/templates/deployment.yaml | 2 +- charts/aaf-service/templates/deployment.yaml | 2 +- .../aaf-sms/charts/aaf-sms-quorumclient/templates/statefulset.yaml | 2 +- charts/aaf-sms/templates/deployment.yaml | 2 +- templates/job.yaml | 6 +++--- 11 files changed, 15 insertions(+), 15 deletions(-) diff --git a/charts/aaf-cm/templates/deployment.yaml b/charts/aaf-cm/templates/deployment.yaml index 50c617e..11b0811 100644 --- a/charts/aaf-cm/templates/deployment.yaml +++ b/charts/aaf-cm/templates/deployment.yaml @@ -90,7 +90,7 @@ spec: initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} resources: -{{ toYaml .Values.resources | indent 12 }} +{{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/charts/aaf-cs/templates/deployment.yaml b/charts/aaf-cs/templates/deployment.yaml index 893c5ac..cfece70 100644 --- a/charts/aaf-cs/templates/deployment.yaml +++ b/charts/aaf-cs/templates/deployment.yaml @@ -64,7 +64,7 @@ spec: lifecycle: postStart: exec: - command: + command: - /bin/sh - -c - > @@ -74,8 +74,8 @@ spec: cqlsh -u root -p root -f init.cql ; cqlsh -u root -p root -f osaaf.cql ; cqlsh -u root -p root -f temp_identity.cql - resources: -{{ toYaml .Values.resources | indent 12 }} + resources: +{{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/charts/aaf-fs/templates/deployment.yaml b/charts/aaf-fs/templates/deployment.yaml index b100bc4..d269dc6 100644 --- a/charts/aaf-fs/templates/deployment.yaml +++ b/charts/aaf-fs/templates/deployment.yaml @@ -90,7 +90,7 @@ spec: initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} resources: -{{ toYaml .Values.resources | indent 12 }} +{{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/charts/aaf-gui/templates/deployment.yaml b/charts/aaf-gui/templates/deployment.yaml index 1aa632b..b24a008 100644 --- a/charts/aaf-gui/templates/deployment.yaml +++ b/charts/aaf-gui/templates/deployment.yaml @@ -90,7 +90,7 @@ spec: initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} resources: -{{ toYaml .Values.resources | indent 12 }} +{{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/charts/aaf-hello/templates/deployment.yaml b/charts/aaf-hello/templates/deployment.yaml index c9c8223..c76c084 100644 --- a/charts/aaf-hello/templates/deployment.yaml +++ b/charts/aaf-hello/templates/deployment.yaml @@ -90,7 +90,7 @@ spec: initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} resources: -{{ toYaml .Values.resources | indent 12 }} +{{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/charts/aaf-locate/templates/deployment.yaml b/charts/aaf-locate/templates/deployment.yaml index 2adb92d..6e69f2c 100644 --- a/charts/aaf-locate/templates/deployment.yaml +++ b/charts/aaf-locate/templates/deployment.yaml @@ -88,7 +88,7 @@ spec: initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} resources: -{{ toYaml .Values.resources | indent 12 }} +{{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/charts/aaf-oauth/templates/deployment.yaml b/charts/aaf-oauth/templates/deployment.yaml index f236185..fd4ae21 100644 --- a/charts/aaf-oauth/templates/deployment.yaml +++ b/charts/aaf-oauth/templates/deployment.yaml @@ -90,7 +90,7 @@ spec: initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} resources: -{{ toYaml .Values.resources | indent 12 }} +{{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/charts/aaf-service/templates/deployment.yaml b/charts/aaf-service/templates/deployment.yaml index cff8fb2..a07d06f 100644 --- a/charts/aaf-service/templates/deployment.yaml +++ b/charts/aaf-service/templates/deployment.yaml @@ -90,7 +90,7 @@ spec: initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} resources: -{{ toYaml .Values.resources | indent 12 }} +{{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/statefulset.yaml b/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/statefulset.yaml index 281229f..5eb7b33 100644 --- a/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/statefulset.yaml +++ b/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/statefulset.yaml @@ -47,7 +47,7 @@ spec: - mountPath: /quorumclient/auth name: {{ include "common.fullname" . }}-auth resources: -{{ toYaml .Values.resources | indent 12 }} +{{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/charts/aaf-sms/templates/deployment.yaml b/charts/aaf-sms/templates/deployment.yaml index 58fe72f..189cc0d 100644 --- a/charts/aaf-sms/templates/deployment.yaml +++ b/charts/aaf-sms/templates/deployment.yaml @@ -81,7 +81,7 @@ spec: - mountPath: /sms/auth name: {{ include "common.fullname" . }}-auth resources: -{{ toYaml .Values.resources | indent 12 }} +{{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/templates/job.yaml b/templates/job.yaml index 85c0940..719b6dc 100644 --- a/templates/job.yaml +++ b/templates/job.yaml @@ -56,7 +56,7 @@ spec: - mountPath: /data name: aaf-persistent-data - mountPath: /data1/etc - name: aaf-etc + name: aaf-etc - mountPath: /data1/data name: aaf-data - mountPath: /data1/public/iframe_denied_test.html @@ -102,8 +102,8 @@ spec: name: aaf-backup - mountPath: /share name: aaf-public - resources: -{{ toYaml .Values.resources | indent 12 }} + resources: +{{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} -- cgit 1.2.3-korg From 449af556fdf4dce596d585dc23d6fc16f880edde Mon Sep 17 00:00:00 2001 From: "dsingh.278" Date: Fri, 21 Sep 2018 05:11:00 -0400 Subject: commiting resource limit for onap-aaf component cleaning up merge conflict implementing template reducing overly large resource limits adding limits to aaf-sms. Issue-ID: OOM-1146 Change-Id: Idac679dc9be94ab92ea95c38f9f237af65307131 Signed-off-by: dsingh.278 Signed-off-by: Mandeep Khinda --- charts/aaf-cm/values.yaml | 38 ++++++++++----------- charts/aaf-cs/values.yaml | 37 ++++++++++---------- charts/aaf-fs/values.yaml | 39 +++++++++++----------- charts/aaf-gui/values.yaml | 39 +++++++++++----------- charts/aaf-hello/values.yaml | 37 ++++++++++---------- charts/aaf-locate/values.yaml | 39 +++++++++++----------- charts/aaf-oauth/values.yaml | 39 +++++++++++----------- charts/aaf-service/values.yaml | 39 +++++++++++----------- .../templates/statefulset.yaml | 2 +- .../charts/aaf-sms-quorumclient/values.yaml | 39 +++++++++++----------- .../aaf-sms-vault/templates/statefulset.yaml | 5 ++- charts/aaf-sms/charts/aaf-sms-vault/values.yaml | 37 ++++++++++---------- charts/aaf-sms/templates/deployment.yaml | 2 +- charts/aaf-sms/values.yaml | 39 +++++++++++----------- values.yaml | 39 +++++++++++----------- 15 files changed, 233 insertions(+), 237 deletions(-) diff --git a/charts/aaf-cm/values.yaml b/charts/aaf-cm/values.yaml index 1cd5cb4..a149f06 100644 --- a/charts/aaf-cm/values.yaml +++ b/charts/aaf-cm/values.yaml @@ -19,13 +19,14 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s readinessImage: readiness-check:2.0.0 +flavor: small ################################################################# # Application configuration defaults. ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_cm:2.1.2-SNAPSHOT +image: onap/aaf/aaf_cm:2.1.1 pullPolicy: Always # flag to enable debugging - application support required @@ -65,21 +66,20 @@ service: ingress: enabled: false -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # - # Example: - # Configure resource requests and limits - # ref: http://kubernetes.io/docs/user-guide/compute-resources/ - # Minimum memory for development is 2 CPU cores and 4GB memory - # Minimum memory for production is 4 CPU cores and 8GB memory -#resources: -# limits: -# cpu: 2 -# memory: 4Gi -# requests: -# cpu: 2 -# memory: 4Gi +# Configure resource requests and limits +resources: + small: + limits: + cpu: 200m + memory: 800Mi + requests: + cpu: 20m + memory: 500Mi + large: + limits: + cpu: 400m + memory: 1Gi + requests: + cpu: 40m + memory: 600Mi + unlimited: {} \ No newline at end of file diff --git a/charts/aaf-cs/values.yaml b/charts/aaf-cs/values.yaml index 83eaf15..73dac29 100644 --- a/charts/aaf-cs/values.yaml +++ b/charts/aaf-cs/values.yaml @@ -17,7 +17,7 @@ ################################################################# global: nodePortPrefix: 302 - +flavor: small ################################################################# # Application configuration defaults. @@ -71,21 +71,20 @@ service: ingress: enabled: false -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # - # Example: - # Configure resource requests and limits - # ref: http://kubernetes.io/docs/user-guide/compute-resources/ - # Minimum memory for development is 2 CPU cores and 4GB memory - # Minimum memory for production is 4 CPU cores and 8GB memory -#resources: -# limits: -# cpu: 2 -# memory: 4Gi -# requests: -# cpu: 2 -# memory: 4Gi +# Configure resource requests and limits +resources: + small: + limits: + cpu: 200m + memory: 10000Mi + requests: + cpu: 10m + memory: 8500Mi + large: + limits: + cpu: 400m + memory: 12000Mi + requests: + cpu: 40m + memory: 9000Mi + unlimited: {} \ No newline at end of file diff --git a/charts/aaf-fs/values.yaml b/charts/aaf-fs/values.yaml index f484883..0e3a81a 100644 --- a/charts/aaf-fs/values.yaml +++ b/charts/aaf-fs/values.yaml @@ -19,13 +19,13 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s readinessImage: readiness-check:2.0.0 - +flavor: small ################################################################# # Application configuration defaults. ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_fs:2.1.2-SNAPSHOT +image: onap/aaf/aaf_fs:2.1.1 pullPolicy: Always # flag to enable debugging - application support required @@ -65,21 +65,20 @@ service: ingress: enabled: false -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # - # Example: - # Configure resource requests and limits - # ref: http://kubernetes.io/docs/user-guide/compute-resources/ - # Minimum memory for development is 2 CPU cores and 4GB memory - # Minimum memory for production is 4 CPU cores and 8GB memory -#resources: -# limits: -# cpu: 2 -# memory: 4Gi -# requests: -# cpu: 2 -# memory: 4Gi +# Configure resource requests and limits +resources: + small: + limits: + cpu: 200m + memory: 600Mi + requests: + cpu: 10m + memory: 300Mi + large: + limits: + cpu: 500m + memory: 700Mi + requests: + cpu: 100m + memory: 400Mi + unlimited: {} \ No newline at end of file diff --git a/charts/aaf-gui/values.yaml b/charts/aaf-gui/values.yaml index 92faa6c..5665d1d 100644 --- a/charts/aaf-gui/values.yaml +++ b/charts/aaf-gui/values.yaml @@ -19,13 +19,13 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s readinessImage: readiness-check:2.0.0 - +flavor: small ################################################################# # Application configuration defaults. ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_gui:2.1.2-SNAPSHOT +image: onap/aaf/aaf_gui:2.1.1 pullPolicy: Always # flag to enable debugging - application support required @@ -66,21 +66,20 @@ service: ingress: enabled: false -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # - # Example: - # Configure resource requests and limits - # ref: http://kubernetes.io/docs/user-guide/compute-resources/ - # Minimum memory for development is 2 CPU cores and 4GB memory - # Minimum memory for production is 4 CPU cores and 8GB memory -#resources: -# limits: -# cpu: 2 -# memory: 4Gi -# requests: -# cpu: 2 -# memory: 4Gi +# Configure resource requests and limits +resources: + small: + limits: + cpu: 100m + memory: 500Mi + requests: + cpu: 10m + memory: 200Mi + large: + limits: + cpu: 200m + memory: 1Gi + requests: + cpu: 100m + memory: 500Mi + unlimited: {} \ No newline at end of file diff --git a/charts/aaf-hello/values.yaml b/charts/aaf-hello/values.yaml index 27f59d1..6fcf861 100644 --- a/charts/aaf-hello/values.yaml +++ b/charts/aaf-hello/values.yaml @@ -25,7 +25,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_hello:2.1.2-SNAPSHOT +image: onap/aaf/aaf_hello:2.1.1 pullPolicy: Always # flag to enable debugging - application support required @@ -65,21 +65,20 @@ service: ingress: enabled: false -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # - # Example: - # Configure resource requests and limits - # ref: http://kubernetes.io/docs/user-guide/compute-resources/ - # Minimum memory for development is 2 CPU cores and 4GB memory - # Minimum memory for production is 4 CPU cores and 8GB memory -#resources: -# limits: -# cpu: 2 -# memory: 4Gi -# requests: -# cpu: 2 -# memory: 4Gi +# Configure resource requests and limits +resources: + small: + limits: + cpu: 200m + memory: 500Mi + requests: + cpu: 10m + memory: 200Mi + large: + limits: + cpu: 400m + memory: 1Gi + requests: + cpu: 20m + memory: 500Mi + unlimited: {} \ No newline at end of file diff --git a/charts/aaf-locate/values.yaml b/charts/aaf-locate/values.yaml index 86d67fc..c924002 100644 --- a/charts/aaf-locate/values.yaml +++ b/charts/aaf-locate/values.yaml @@ -23,13 +23,13 @@ global: # If mountPath is over NFS (e.g. /dockerdata-nfs is NFS mounted between the nodes), uncomment following lines. # persistence: # mountPath: /dockerdata - +flavor: small ################################################################# # Application configuration defaults. ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_locate:2.1.2-SNAPSHOT +image: onap/aaf/aaf_locate:2.1.1 pullPolicy: Always # flag to enable debugging - application support required @@ -69,21 +69,20 @@ service: ingress: enabled: false -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # - # Example: - # Configure resource requests and limits - # ref: http://kubernetes.io/docs/user-guide/compute-resources/ - # Minimum memory for development is 2 CPU cores and 4GB memory - # Minimum memory for production is 4 CPU cores and 8GB memory -#resources: -# limits: -# cpu: 2 -# memory: 4Gi -# requests: -# cpu: 2 -# memory: 4Gi +# Configure resource requests and limits +resources: + small: + limits: + cpu: 200m + memory: 600Mi + requests: + cpu: 20m + memory: 300Mi + large: + limits: + cpu: 400m + memory: 1Gi + requests: + cpu: 40m + memory: 500Mi + unlimited: {} \ No newline at end of file diff --git a/charts/aaf-oauth/values.yaml b/charts/aaf-oauth/values.yaml index c349814..943ad16 100644 --- a/charts/aaf-oauth/values.yaml +++ b/charts/aaf-oauth/values.yaml @@ -19,13 +19,13 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s readinessImage: readiness-check:2.0.0 - +flavor: small ################################################################# # Application configuration defaults. ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_oauth:2.1.2-SNAPSHOT +image: onap/aaf/aaf_oauth:2.1.1 pullPolicy: Always # flag to enable debugging - application support required @@ -65,21 +65,20 @@ service: ingress: enabled: false -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # - # Example: - # Configure resource requests and limits - # ref: http://kubernetes.io/docs/user-guide/compute-resources/ - # Minimum memory for development is 2 CPU cores and 4GB memory - # Minimum memory for production is 4 CPU cores and 8GB memory -#resources: -# limits: -# cpu: 2 -# memory: 4Gi -# requests: -# cpu: 2 -# memory: 4Gi +# Configure resource requests and limits +resources: + small: + limits: + cpu: 200m + memory: 400Mi + requests: + cpu: 20m + memory: 200Mi + large: + limits: + cpu: 400m + memory: 600Mi + requests: + cpu: 40m + memory: 200Mi + unlimited: {} \ No newline at end of file diff --git a/charts/aaf-service/values.yaml b/charts/aaf-service/values.yaml index 3e0ed61..5ad31ff 100644 --- a/charts/aaf-service/values.yaml +++ b/charts/aaf-service/values.yaml @@ -19,13 +19,13 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s readinessImage: readiness-check:2.0.0 - +flavor: small ################################################################# # Application configuration defaults. ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_service:2.1.2-SNAPSHOT +image: onap/aaf/aaf_service:2.1.1 pullPolicy: Always # flag to enable debugging - application support required @@ -66,21 +66,20 @@ service: ingress: enabled: false -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # - # Example: - # Configure resource requests and limits - # ref: http://kubernetes.io/docs/user-guide/compute-resources/ - # Minimum memory for development is 2 CPU cores and 4GB memory - # Minimum memory for production is 4 CPU cores and 8GB memory -#resources: -# limits: -# cpu: 2 -# memory: 4Gi -# requests: -# cpu: 2 -# memory: 4Gi +# Configure resource requests and limits +resources: + small: + limits: + cpu: 200m + memory: 600Mi + requests: + cpu: 20m + memory: 300Mi + large: + limits: + cpu: 400m + memory: 1Gi + requests: + cpu: 40m + memory: 300Mi + unlimited: {} \ No newline at end of file diff --git a/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/statefulset.yaml b/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/statefulset.yaml index 5eb7b33..0a83e85 100644 --- a/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/statefulset.yaml +++ b/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/statefulset.yaml @@ -47,7 +47,7 @@ spec: - mountPath: /quorumclient/auth name: {{ include "common.fullname" . }}-auth resources: -{{ include "common.resources" . | indent 12 }} +{{ include "common.resources" . | indent 10 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml b/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml index c5fd489..d6ac1cb 100644 --- a/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml +++ b/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml @@ -28,7 +28,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/smsquorumclient:2.0.0 +image: onap/aaf/smsquorumclient:latest pullPolicy: Always # flag to enable debugging - application support required @@ -54,21 +54,22 @@ persistence: ingress: enabled: false -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # - # Example: - # Configure resource requests and limits - # ref: http://kubernetes.io/docs/user-guide/compute-resources/ - # Minimum memory for development is 2 CPU cores and 4GB memory - # Minimum memory for production is 4 CPU cores and 8GB memory -#resources: -# limits: -# cpu: 2 -# memory: 4Gi -# requests: -# cpu: 2 -# memory: 4Gi +flavor: small + +# Configure resource requests and limits +resources: + small: + limits: + cpu: 200m + memory: 500Mi + requests: + cpu: 10m + memory: 10Mi + large: + limits: + cpu: 400m + memory: 700Mi + requests: + cpu: 10m + memory: 100Mi + unlimited: {} \ No newline at end of file diff --git a/charts/aaf-sms/charts/aaf-sms-vault/templates/statefulset.yaml b/charts/aaf-sms/charts/aaf-sms-vault/templates/statefulset.yaml index ddfc7c6..ab0ad17 100644 --- a/charts/aaf-sms/charts/aaf-sms-vault/templates/statefulset.yaml +++ b/charts/aaf-sms/charts/aaf-sms-vault/templates/statefulset.yaml @@ -45,7 +45,8 @@ spec: - mountPath: /etc/localtime name: localtime readOnly: true - + resources: +{{ include "common.resources" . | indent 10 }} - image: "{{ include "common.repository" . }}/{{ .Values.image.consul }}" name: {{ include "common.name" . }}-backend imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} @@ -62,6 +63,8 @@ spec: - mountPath: /etc/localtime name: localtime readOnly: true + resources: +{{ include "common.resources" . | indent 10 }} volumes: - name: {{ include "common.fullname" . }}-consuldata persistentVolumeClaim: diff --git a/charts/aaf-sms/charts/aaf-sms-vault/values.yaml b/charts/aaf-sms/charts/aaf-sms-vault/values.yaml index 317abcd..58017bd 100644 --- a/charts/aaf-sms/charts/aaf-sms-vault/values.yaml +++ b/charts/aaf-sms/charts/aaf-sms-vault/values.yaml @@ -90,21 +90,22 @@ service: ingress: enabled: false -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # - # Example: - # Configure resource requests and limits - # ref: http://kubernetes.io/docs/user-guide/compute-resources/ - # Minimum memory for development is 2 CPU cores and 4GB memory - # Minimum memory for production is 4 CPU cores and 8GB memory -#resources: -# limits: -# cpu: 2 -# memory: 4Gi -# requests: -# cpu: 2 -# memory: 4Gi +flavor: small + +# Configure resource requests and limits +resources: + small: + limits: + cpu: 200m + memory: 500Mi + requests: + cpu: 10m + memory: 10Mi + large: + limits: + cpu: 400m + memory: 700Mi + requests: + cpu: 10m + memory: 100Mi + unlimited: {} \ No newline at end of file diff --git a/charts/aaf-sms/templates/deployment.yaml b/charts/aaf-sms/templates/deployment.yaml index 189cc0d..ed24f67 100644 --- a/charts/aaf-sms/templates/deployment.yaml +++ b/charts/aaf-sms/templates/deployment.yaml @@ -81,7 +81,7 @@ spec: - mountPath: /sms/auth name: {{ include "common.fullname" . }}-auth resources: -{{ include "common.resources" . | indent 12 }} +{{ include "common.resources" . | indent 10 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/charts/aaf-sms/values.yaml b/charts/aaf-sms/values.yaml index b75038c..7a25581 100644 --- a/charts/aaf-sms/values.yaml +++ b/charts/aaf-sms/values.yaml @@ -22,13 +22,13 @@ global: loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 persistence: {} - +flavor: small ################################################################# # Application configuration defaults. ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/sms:2.0.0 +image: onap/aaf/sms:latest pullPolicy: Always # flag to enable debugging - application support required @@ -84,21 +84,20 @@ persistence: ingress: enabled: false -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # - # Example: - # Configure resource requests and limits - # ref: http://kubernetes.io/docs/user-guide/compute-resources/ - # Minimum memory for development is 2 CPU cores and 4GB memory - # Minimum memory for production is 4 CPU cores and 8GB memory -#resources: -# limits: -# cpu: 2 -# memory: 4Gi -# requests: -# cpu: 2 -# memory: 4Gi +# Configure resource requests and limits +resources: + small: + limits: + cpu: 200m + memory: 500Mi + requests: + cpu: 10m + memory: 10Mi + large: + limits: + cpu: 400m + memory: 1Gi + requests: + cpu: 10m + memory: 100Mi + unlimited: {} \ No newline at end of file diff --git a/values.yaml b/values.yaml index c8f0484..931a31d 100644 --- a/values.yaml +++ b/values.yaml @@ -23,7 +23,6 @@ global: ubuntuInitImage: oomk8s/ubuntu-init:2.0.0 persistence: enabled: true - ################################################################# # Application configuration defaults. ################################################################# @@ -38,8 +37,9 @@ config: csServiceName: aaf-cass # gerrit branch where the latest aaf/auth/sample/public code exists gerritProject: http://gerrit.onap.org/r/aaf/authz.git - gerritBranch: master + gerritBranch: 2.0.0-ONAP +flavor: small # default number of instances replicaCount: 1 @@ -83,21 +83,20 @@ persistence: mountPath: /dockerdata-nfs mountSubPath: aaf/data -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # - # Example: - # Configure resource requests and limits - # ref: http://kubernetes.io/docs/user-guide/compute-resources/ - # Minimum memory for development is 2 CPU cores and 4GB memory - # Minimum memory for production is 4 CPU cores and 8GB memory -#resources: -# limits: -# cpu: 2 -# memory: 4Gi -# requests: -# cpu: 2 -# memory: 4Gi +# Configure resource requests and limits +resources: + small: + limits: + cpu: 2 + memory: 3Gi + requests: + cpu: 2 + memory: 3Gi + large: + limits: + cpu: 4 + memory: 6Gi + requests: + cpu: 4 + memory: 6Gi + unlimited: {} -- cgit 1.2.3-korg From faf65d5b4be50e47c61bde1c38a1b976ba05c3c9 Mon Sep 17 00:00:00 2001 From: Kiran Kamineni Date: Mon, 8 Oct 2018 15:44:37 -0700 Subject: Add sms preload job that preloads secrets Add a preload job that loads secrets from config files into secret management service after it comes up. P1: Includes osdf.json which contains secrets for oof-osdf P2: Add has.json for oof-has Issue-ID: AAF-548 Change-Id: Ib03cf6771a445be8ab00621cf26ca0e902af4ab3 Signed-off-by: Kiran Kamineni --- charts/aaf-sms/resources/config/has.json | 36 ++++++++++++ charts/aaf-sms/resources/config/osdf.json | 98 +++++++++++++++++++++++++++++++ charts/aaf-sms/templates/configmap.yaml | 15 +++++ charts/aaf-sms/templates/job.yaml | 92 +++++++++++++++++++++++++++++ 4 files changed, 241 insertions(+) create mode 100644 charts/aaf-sms/resources/config/has.json create mode 100644 charts/aaf-sms/resources/config/osdf.json create mode 100644 charts/aaf-sms/templates/job.yaml diff --git a/charts/aaf-sms/resources/config/has.json b/charts/aaf-sms/resources/config/has.json new file mode 100644 index 0000000..9d017f9 --- /dev/null +++ b/charts/aaf-sms/resources/config/has.json @@ -0,0 +1,36 @@ +{ + "domain": { + "name": "has", + "secrets": [ + { + "name": "aai", + "values": { + "username": "OOF", + "password": "OOF" + } + }, + { + "name": "conductor_api", + "values": { + "username": "admin1", + "password": "plan.15" + } + }, + { + "name": "sdnc", + "values": { + "username": "admin", + "password": "Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U" + } + }, + { + "name": "music_api", + "values": { + "aafuser": "conductor", + "aafpass": "c0nduct0r", + "aafns": "conductor" + } + } + ] + } +} diff --git a/charts/aaf-sms/resources/config/osdf.json b/charts/aaf-sms/resources/config/osdf.json new file mode 100644 index 0000000..0950957 --- /dev/null +++ b/charts/aaf-sms/resources/config/osdf.json @@ -0,0 +1,98 @@ +{ + "domain": { + "name": "osdf", + "secrets": [ + { + "name": "so", + "values": { + "UserName": "", + "Password": "" + } + }, + { + "name": "conductor", + "values": { + "UserName": "admin1", + "Password": "plan.15" + } + }, + { + "name": "policyPlatform", + "values": { + "UserName": "testpdp", + "Password": "alpha123" + } + }, + { + "name": "policyClient", + "values": { + "UserName": "python", + "Password": "test" + } + }, + { + "name": "dmaap", + "values": { + "UserName": "NA", + "Password": "NA" + } + }, + { + "name": "sdc", + "values": { + "UserName": "NA", + "Password": "NA" + } + }, + { + "name": "osdfPlacement", + "values": { + "UserName": "test", + "Password": "testpwd" + } + }, + { + "name": "osdfPlacementSO", + "values": { + "UserName": "so_test", + "Password": "so_testpwd" + } + }, + { + "name": "osdfPlacementVFC", + "values": { + "UserName": "vfc_test", + "Password": "vfc_testpwd" + } + }, + { + "name": "osdfCMScheduler", + "values": { + "UserName": "test1", + "Password": "testpwd1" + } + }, + { + "name": "configDb", + "values": { + "UserName": "osdf", + "Password": "passwd" + } + }, + { + "name": "pciHMS", + "values": { + "UserName": "", + "Password": "" + } + }, + { + "name": "osdfPCIOpt", + "values": { + "UserName": "pci_test", + "Password": "pci_testpwd" + } + } + ] + } +} \ No newline at end of file diff --git a/charts/aaf-sms/templates/configmap.yaml b/charts/aaf-sms/templates/configmap.yaml index 72ce6fb..b513d99 100644 --- a/charts/aaf-sms/templates/configmap.yaml +++ b/charts/aaf-sms/templates/configmap.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright 2018 Intel Corporation, Inc # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -11,6 +12,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} apiVersion: v1 kind: ConfigMap @@ -25,3 +27,16 @@ metadata: data: smsconfig.json: | {{ .Values.config | toJson }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-preload + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }}-preload + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} diff --git a/charts/aaf-sms/templates/job.yaml b/charts/aaf-sms/templates/job.yaml new file mode 100644 index 0000000..2cee8d5 --- /dev/null +++ b/charts/aaf-sms/templates/job.yaml @@ -0,0 +1,92 @@ +{{/* +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ include "common.fullname" . }}-preload + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness + command: + - /root/ready.py + args: + - --container-name + - "aaf-sms" + - --container-name + - "aaf-sms-quorumclient" + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + containers: + - image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.pullPolicy }} + name: {{ include "common.name" . }}-preload + command: + - "/sms/bin/preload" + - "-cacert" + - "/sms/certs/aaf_root_ca.cer" + - "-jsondir" + - "/preload/config" + - "-serviceport" + - "{{ .Values.service.internalPort }}" + - "-serviceurl" + - "https://aaf-sms.{{ include "common.namespace" . }}" + workingDir: /sms + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /preload/config + name: {{ include "common.name" . }}-preload + resources: +{{ include "common.resources" . | indent 10 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name : {{ include "common.name" . }}-preload + configMap: + name: {{ include "common.fullname" . }}-preload + restartPolicy: OnFailure + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" -- cgit 1.2.3-korg From d7fd1875b1a8fd34547173296339be5a8c5d28ae Mon Sep 17 00:00:00 2001 From: Mandeep Khinda Date: Tue, 9 Oct 2018 14:47:35 +0000 Subject: refactor AAF casablanca charts Issue-ID: AAF-539 Change-Id: Id1f263d526ef5fa88c6cd25f7ed1779d3a0cd2ee Signed-off-by: Mandeep Khinda --- .helmignore | 2 +- charts/aaf-cm/templates/deployment.yaml | 33 +-- charts/aaf-cm/values.yaml | 12 +- .../aaf-cs/resources/config/aaf-cs-data/init.cql | 279 --------------------- .../resources/config/aaf-cs-data/keyspace.cql | 25 -- .../aaf-cs/resources/config/aaf-cs-data/osaaf.cql | 136 ---------- .../resources/config/aaf-cs-data/temp_identity.cql | 22 -- charts/aaf-cs/templates/deployment.yaml | 57 ++--- charts/aaf-cs/templates/pv.yaml | 44 ++++ charts/aaf-cs/templates/pvc.yaml | 48 ++++ charts/aaf-cs/templates/secret.yaml | 22 -- charts/aaf-cs/values.yaml | 21 +- charts/aaf-fs/templates/deployment.yaml | 33 +-- charts/aaf-fs/values.yaml | 11 +- charts/aaf-gui/templates/deployment.yaml | 35 ++- charts/aaf-gui/values.yaml | 11 +- charts/aaf-hello/templates/deployment.yaml | 33 +-- charts/aaf-hello/values.yaml | 13 +- charts/aaf-locate/templates/deployment.yaml | 33 ++- charts/aaf-locate/values.yaml | 15 +- charts/aaf-oauth/templates/deployment.yaml | 35 ++- charts/aaf-oauth/templates/service.yaml | 2 - charts/aaf-oauth/values.yaml | 11 +- charts/aaf-service/.helmignore | 21 ++ charts/aaf-service/templates/deployment.yaml | 33 +-- charts/aaf-service/values.yaml | 11 +- resources/config/backup/backup.sh | 46 ---- resources/config/backup/cbackup.sh | 22 -- resources/config/data/identities.dat | 41 --- resources/config/data/sample.identities.dat | 40 --- resources/config/etc/org.osaaf.cm.props | 28 --- resources/config/etc/org.osaaf.common.props | 43 ---- resources/config/etc/org.osaaf.fs.props | 25 -- resources/config/etc/org.osaaf.gui.props | 46 ---- resources/config/etc/org.osaaf.hello.props | 23 -- resources/config/etc/org.osaaf.locate.props | 23 -- resources/config/etc/org.osaaf.log4j.props | 51 ---- resources/config/etc/org.osaaf.oauth.props | 22 -- resources/config/etc/org.osaaf.orgs.props | 25 -- resources/config/etc/org.osaaf.service.props | 23 -- resources/config/local/org.osaaf.aaf.cm.p12 | Bin 2818 -> 0 bytes resources/config/local/org.osaaf.aaf.cm.pkcs11 | 1 - resources/config/local/org.osaaf.aaf.keyfile | 27 -- resources/config/local/org.osaaf.aaf.p12 | Bin 4180 -> 0 bytes resources/config/local/org.osaaf.aaf.props | 25 -- resources/config/local/org.osaaf.aaf.trust.p12 | Bin 4180 -> 0 bytes resources/config/local/org.osaaf.cassandra.props | 29 --- resources/config/local/org.osaaf.cm.ca.props | 11 - resources/config/local/org.osaaf.location.props | 12 - resources/config/public/README.txt | 1 - templates/configmap.yaml | 48 ---- templates/job.yaml | 115 ++------- templates/pv.yaml | 52 +++- templates/pvc.yaml | 57 ++++- templates/secrets.yaml | 30 --- values.yaml | 85 +++---- 56 files changed, 421 insertions(+), 1528 deletions(-) delete mode 100644 charts/aaf-cs/resources/config/aaf-cs-data/init.cql delete mode 100644 charts/aaf-cs/resources/config/aaf-cs-data/keyspace.cql delete mode 100644 charts/aaf-cs/resources/config/aaf-cs-data/osaaf.cql delete mode 100644 charts/aaf-cs/resources/config/aaf-cs-data/temp_identity.cql create mode 100644 charts/aaf-cs/templates/pv.yaml create mode 100644 charts/aaf-cs/templates/pvc.yaml delete mode 100644 charts/aaf-cs/templates/secret.yaml create mode 100644 charts/aaf-service/.helmignore delete mode 100644 resources/config/backup/backup.sh delete mode 100644 resources/config/backup/cbackup.sh delete mode 100644 resources/config/data/identities.dat delete mode 100644 resources/config/data/sample.identities.dat delete mode 100644 resources/config/etc/org.osaaf.cm.props delete mode 100644 resources/config/etc/org.osaaf.common.props delete mode 100644 resources/config/etc/org.osaaf.fs.props delete mode 100644 resources/config/etc/org.osaaf.gui.props delete mode 100644 resources/config/etc/org.osaaf.hello.props delete mode 100644 resources/config/etc/org.osaaf.locate.props delete mode 100644 resources/config/etc/org.osaaf.log4j.props delete mode 100644 resources/config/etc/org.osaaf.oauth.props delete mode 100644 resources/config/etc/org.osaaf.orgs.props delete mode 100644 resources/config/etc/org.osaaf.service.props delete mode 100644 resources/config/local/org.osaaf.aaf.cm.p12 delete mode 100644 resources/config/local/org.osaaf.aaf.cm.pkcs11 delete mode 100644 resources/config/local/org.osaaf.aaf.keyfile delete mode 100644 resources/config/local/org.osaaf.aaf.p12 delete mode 100644 resources/config/local/org.osaaf.aaf.props delete mode 100644 resources/config/local/org.osaaf.aaf.trust.p12 delete mode 100644 resources/config/local/org.osaaf.cassandra.props delete mode 100644 resources/config/local/org.osaaf.cm.ca.props delete mode 100644 resources/config/local/org.osaaf.location.props delete mode 100644 resources/config/public/README.txt delete mode 100644 templates/configmap.yaml delete mode 100644 templates/secrets.yaml diff --git a/.helmignore b/.helmignore index daebc7d..542b339 100644 --- a/.helmignore +++ b/.helmignore @@ -18,4 +18,4 @@ # Various IDEs .project .idea/ -*.tmproj +*.tmproj \ No newline at end of file diff --git a/charts/aaf-cm/templates/deployment.yaml b/charts/aaf-cm/templates/deployment.yaml index 11b0811..3954425 100644 --- a/charts/aaf-cm/templates/deployment.yaml +++ b/charts/aaf-cm/templates/deployment.yaml @@ -31,11 +31,12 @@ spec: release: {{ .Release.Name }} spec: initContainers: - - command: + - name: {{ include "common.name" . }}-job-complete + command: - /root/job_complete.py args: - - -j - - {{ .Release.Name }}-aaf-create-config + - --job-name + - {{ .Release.Name }}-create-config env: - name: NAMESPACE valueFrom: @@ -44,13 +45,11 @@ spec: fieldPath: metadata.namespace image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-job-complete - - command: + - name: {{ include "common.name" . }}-readiness + command: - /root/ready.py args: - --container-name - - aaf-cs - - --container-name - aaf-locate env: - name: NAMESPACE @@ -60,23 +59,17 @@ spec: fieldPath: metadata.namespace image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness containers: - - env: - - name: CASSANDRA_CLUSTER - value: cassandra_container - name: {{ include "common.name" . }} + - name: {{ include "common.name" . }} + command: ["/bin/bash","/opt/app/aaf/bin/cm"] image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/cm/bin/cm"] volumeMounts: - - mountPath: /opt/app/osaaf - name: aaf-persistent-vol + - mountPath: "/opt/app/osaaf" + name: shared-config-volume - mountPath: /etc/localtime name: localtime readOnly: true - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container {{- if eq .Values.liveness.enabled true }} livenessProbe: tcpSocket: @@ -103,12 +96,12 @@ spec: - name: localtime hostPath: path: /etc/localtime - - name: aaf-persistent-vol + - name: shared-config-volume {{- if .Values.global.persistence.enabled }} persistentVolumeClaim: - claimName: {{ .Release.Name }}-aaf-pvc + claimName: {{ .Release.Name }}-config {{- else }} emptyDir: {} {{- end }} imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" + - name: "{{ include "common.namespace" . }}-docker-registry-key" \ No newline at end of file diff --git a/charts/aaf-cm/values.yaml b/charts/aaf-cm/values.yaml index a149f06..9ddb366 100644 --- a/charts/aaf-cm/values.yaml +++ b/charts/aaf-cm/values.yaml @@ -20,20 +20,14 @@ global: readinessRepository: oomk8s readinessImage: readiness-check:2.0.0 flavor: small - ################################################################# # Application configuration defaults. ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_cm:2.1.1 +image: onap/aaf/aaf_cm:2.1.2-SNAPSHOT pullPolicy: Always -# flag to enable debugging - application support required -debugEnabled: false - -# application configuration -config: {} # default number of instances replicaCount: 1 @@ -44,14 +38,14 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 10 + initialDelaySeconds: 300 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: - initialDelaySeconds: 10 + initialDelaySeconds: 30 periodSeconds: 10 service: diff --git a/charts/aaf-cs/resources/config/aaf-cs-data/init.cql b/charts/aaf-cs/resources/config/aaf-cs-data/init.cql deleted file mode 100644 index c4f77d8..0000000 --- a/charts/aaf-cs/resources/config/aaf-cs-data/init.cql +++ /dev/null @@ -1,279 +0,0 @@ -/* # Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. */ - -// Table Initialization -// First make sure the keyspace exists. - -USE authz; - -// -// CORE Table function -// - -// Namespace - establish hierarchical authority to modify -// Permissions and Roles -// "scope" is flag to determine Policy. Typical important scope -// is "company" (1) -CREATE TABLE ns ( - name varchar, - scope int, // deprecated 2.0.11 - description varchar, - parent varchar, - type int, - PRIMARY KEY (name) -); -CREATE INDEX ns_parent on ns(parent); - -CREATE TABLE ns_attrib ( - ns varchar, - key varchar, - value varchar, - PRIMARY KEY (ns,key) -); -create index ns_attrib_key on ns_attrib(key); - -// Will be cached -CREATE TABLE role ( - ns varchar, - name varchar, - perms set, // Use "Key" of "name|type|action" - description varchar, - PRIMARY KEY (ns,name) -); -CREATE INDEX role_name ON role(name); - -// Will be cached -CREATE TABLE perm ( - ns varchar, - type varchar, - instance varchar, - action varchar, - roles set, // Need to find Roles given Permissions - description varchar, - PRIMARY KEY (ns,type,instance,action) -); - -// This table is user for Authorization -CREATE TABLE user_role ( - user varchar, - role varchar, // deprecated: change to ns/rname after 2.0.11 - ns varchar, - rname varchar, - expires timestamp, - PRIMARY KEY(user,role) - ); -CREATE INDEX user_role_ns ON user_role(ns); -CREATE INDEX user_role_role ON user_role(role); - -// This table is only for the case where return User Credential (MechID) Authentication -CREATE TABLE cred ( - id varchar, - type int, - expires timestamp, - ns varchar, - other int, - notes varchar, - cred blob, - prev blob, - PRIMARY KEY (id,type,expires) - ); -CREATE INDEX cred_ns ON cred(ns); - -// Certificate Cross Table -// coordinated with CRED type 2 -CREATE TABLE cert ( - fingerprint blob, - id varchar, - x500 varchar, - expires timestamp, - PRIMARY KEY (fingerprint) - ); -CREATE INDEX cert_id ON cert(id); -CREATE INDEX cert_x500 ON cert(x500); - -CREATE TABLE notify ( - user text, - type int, - last timestamp, - checksum int, - PRIMARY KEY (user,type) -); - -CREATE TABLE x509 ( - ca text, - serial blob, - id text, - x500 text, - x509 text, - PRIMARY KEY (ca,serial) -); - - -CREATE INDEX x509_id ON x509 (id); -CREATE INDEX x509_x500 ON x509 (x500); - -// -// Deployment Artifact (for Certman) -// -CREATE TABLE artifact ( - mechid text, - machine text, - type Set, - sponsor text, - ca text, - dir text, - os_user text, - ns text, - notify text, - expires timestamp, - renewDays int, - sans Set, - PRIMARY KEY (mechid,machine) -); -CREATE INDEX artifact_machine ON artifact(machine); -CREATE INDEX artifact_ns ON artifact(ns); - -// -// Non-Critical Table functions -// -// Table Info - for Caching -CREATE TABLE cache ( - name varchar, - seg int, // cache Segment - touched timestamp, - PRIMARY KEY(name,seg) -); - -CREATE TABLE history ( - id timeuuid, - yr_mon int, - user varchar, - action varchar, - target varchar, // user, user_role, - subject varchar, // field for searching main portion of target key - memo varchar, //description of the action - reconstruct blob, //serialized form of the target - // detail Map, // additional information - PRIMARY KEY (id) -); -CREATE INDEX history_yr_mon ON history(yr_mon); -CREATE INDEX history_user ON history(user); -CREATE INDEX history_subject ON history(subject); - -// -// A place to hold objects to be created at a future time. -// -CREATE TABLE future ( - id uuid, // uniquify - target varchar, // Target Table - memo varchar, // Description - start timestamp, // When it should take effect - expires timestamp, // When not longer valid - construct blob, // How to construct this object (like History) - PRIMARY KEY(id) -); -CREATE INDEX future_idx ON future(target); -CREATE INDEX future_start_idx ON future(start); - - -CREATE TABLE approval ( - id timeuuid, // unique Key - ticket uuid, // Link to Future Record - user varchar, // the user who needs to be approved - approver varchar, // user approving - type varchar, // approver types i.e. Supervisor, Owner - status varchar, // approval status. pending, approved, denied - memo varchar, // Text for Approval to know what's going on - operation varchar, // List operation to perform - last_notified timestamp, // Timestamp for the last time approver was notified - PRIMARY KEY(id) - ); -CREATE INDEX appr_approver_idx ON approval(approver); -CREATE INDEX appr_user_idx ON approval(user); -CREATE INDEX appr_ticket_idx ON approval(ticket); -CREATE INDEX appr_status_idx ON approval(status); - -CREATE TABLE approved ( - id timeuuid, // unique Key - user varchar, // the user who needs to be approved - approver varchar, // user approving - type varchar, // approver types i.e. Supervisor, Owner - status varchar, // approval status. pending, approved, denied - memo varchar, // Text for Approval to know what's going on - operation varchar, // List operation to perform - PRIMARY KEY(id) - ); -CREATE INDEX approved_approver_idx ON approved(approver); -CREATE INDEX approved_user_idx ON approved(user); - -CREATE TABLE delegate ( - user varchar, - delegate varchar, - expires timestamp, - PRIMARY KEY (user) -); -CREATE INDEX delg_delg_idx ON delegate(delegate); - -// OAuth Tokens -CREATE TABLE oauth_token ( - id text, // Reference - client_id text, // Creating Client ID - user text, // User requesting - active boolean, // Active or not - type int, // Type of Token - refresh text, // Refresh Token - expires timestamp, // Expiration time/Date (signed long) - exp_sec bigint, // Seconds from Jan 1, 1970 - content text, // Content of Token - scopes Set, // Scopes - state text, // Context string (Optional) - req_ip text, // Requesting IP (for logging purpose) - PRIMARY KEY(id) -) with default_time_to_live = 21600; // 6 hours -CREATE INDEX oauth_token_user_idx ON oauth_token(user); - -CREATE TABLE locate ( - name text, // Component/Server name - hostname text, // FQDN of Service/Component - port int, // Port of Service - major int, // Version, Major - minor int, // Version, Minor - patch int, // Version, Patch - pkg int, // Version, Package (if available) - latitude float, // Latitude - longitude float, // Longitude - protocol text, // Protocol (i.e. http https) - subprotocol set, // Accepted SubProtocols, ie. TLS1.1 for https - port_key uuid, // Key into locate_ports - PRIMARY KEY(name,hostname,port) -) with default_time_to_live = 1200; // 20 mins - -CREATE TABLE locate_ports ( - id uuid, // Id into locate - port int, // SubPort - name text, // Name of Other Port - protocol text, // Protocol of Other (i.e. JMX, DEBUG) - subprotocol set, // Accepted sub protocols or versions - PRIMARY KEY(id, port) -) with default_time_to_live = 1200; // 20 mins; - -// -// Used by authz-batch processes to ensure only 1 runs at a time -// -CREATE TABLE run_lock ( - class text, - host text, - start timestamp, - PRIMARY KEY ((class)) -); diff --git a/charts/aaf-cs/resources/config/aaf-cs-data/keyspace.cql b/charts/aaf-cs/resources/config/aaf-cs-data/keyspace.cql deleted file mode 100644 index 2951b2a..0000000 --- a/charts/aaf-cs/resources/config/aaf-cs-data/keyspace.cql +++ /dev/null @@ -1,25 +0,0 @@ -/* # Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. */ - -// For Developer Machine single instance -// CREATE KEYSPACE authz -// WITH REPLICATION = {'class' : 'SimpleStrategy','replication_factor':1}; -// -// - -// Example of Network Topology, with Datacenter dc1 & dc2 -// CREATE KEYSPACE authz WITH replication = { 'class': 'NetworkTopologyStrategy', 'dc1': '2', 'dc2': '2' }; -// Out of the box Docker Cassandra comes with "datacenter1", one instance -CREATE KEYSPACE authz WITH replication = { 'class': 'NetworkTopologyStrategy', 'datacenter1': '1' }; -// diff --git a/charts/aaf-cs/resources/config/aaf-cs-data/osaaf.cql b/charts/aaf-cs/resources/config/aaf-cs-data/osaaf.cql deleted file mode 100644 index 89da60f..0000000 --- a/charts/aaf-cs/resources/config/aaf-cs-data/osaaf.cql +++ /dev/null @@ -1,136 +0,0 @@ -/* # Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. */ - -USE authz; - -// Create 'org' root NS -INSERT INTO ns (name,description,parent,scope,type) - VALUES('org','Root Namespace','.',1,1); - -INSERT INTO role(ns, name, perms, description) - VALUES('org','admin',{'org.access|*|*'},'Org Admins'); - -INSERT INTO role(ns, name, perms, description) - VALUES('org','owner',{'org.access|*|read,approve'},'Org Owners'); - -INSERT INTO perm(ns, type, instance, action, roles, description) - VALUES ('org','access','*','read,approve',{'org.owner'},'Org Read Access'); - -INSERT INTO perm(ns, type, instance, action, roles, description) - VALUES ('org','access','*','*',{'org.admin'},'Org Write Access'); - -// Create Root pass -INSERT INTO cred (id,ns,type,cred,expires) - VALUES ('initial@osaaf.org','org.osaaf',1,0x008c5926ca861023c1d2a36653fd88e2,'2099-12-31') using TTL 14400; - -INSERT INTO user_role(user,role,expires,ns,rname) - VALUES ('initial@osaaf.org','org.admin','2099-12-31','org','admin') using TTL 14400; - - -// Create org.osaaf -INSERT INTO ns (name,description,parent,scope,type) - VALUES('org.osaaf','OSAAF Namespace','org',2,2); - -INSERT INTO role(ns, name, perms,description) - VALUES('org.osaaf','admin',{'org.osaaf.access|*|*'},'OSAAF Admins'); - -INSERT INTO perm(ns, type, instance, action, roles,description) - VALUES ('org.osaaf','access','*','*',{'org.osaaf.admin'},'OSAAF Write Access'); - -INSERT INTO role(ns, name, perms,description) - VALUES('org.osaaf','owner',{'org.osaaf.access|*|read,approve'},'OSAAF Owners'); - -INSERT INTO perm(ns, type, instance, action, roles,description) - VALUES ('org.osaaf','access','*','read,appove',{'org.osaaf.owner'},'OSAAF Read Access'); - -// Create org.osaaf.aaf -INSERT INTO ns (name,description,parent,scope,type) - VALUES('org.osaaf.aaf','Application Authorization Framework','org.osaaf',3,3); - -INSERT INTO role(ns, name, perms, description) - VALUES('org.osaaf.aaf','admin',{'org.osaaf.aaf.access|*|*'},'AAF Admins'); - -INSERT INTO perm(ns, type, instance, action, roles, description) - VALUES ('org.osaaf.aaf','access','*','*',{'org.osaaf.aaf.admin'},'AAF Write Access'); - -INSERT INTO perm(ns, type, instance, action, roles, description) - VALUES ('org.osaaf.aaf','access','*','read,approve',{'org.osaaf.aaf.owner'},'AAF Read Access'); - -INSERT INTO role(ns, name, perms, description) - VALUES('org.osaaf.aaf','owner',{'org.osaaf.aaf.access|*|read,approve'},'AAF Owners'); - -INSERT INTO user_role(user,role,expires,ns,rname) - VALUES ('initial@osaaf.org','org.osaaf.aaf.admin','2099-12-31','org.osaaf.aaf','admin') using TTL 14400; - - -// ONAP Specific Entities -// ONAP initial env Namespace -INSERT INTO ns (name,description,parent,scope,type) - VALUES('org.onap','ONAP','org',2,2); - -INSERT INTO ns (name,description,parent,scope,type) - VALUES('org.onap.portal','ONAP Portal','org.onap.portal',3,3); - -INSERT INTO perm(ns, type, instance, action, roles, description) - VALUES ('org.onap.portal','access','*','read',{ - 'org.onap.portal.owner','org.onap.portal.designer','org.onap.portal.tester','org.onap.portal.ops','org.onap.portal.governor' - },'Portal Read Access'); - -INSERT INTO role(ns, name, perms, description) - VALUES('org.onap.portal','owner',{'org.onap.portal.access|*|read'},'Portal Owner'); - -INSERT INTO perm(ns, type, instance, action, roles, description) - VALUES ('org.onap.portal','access','*','*',{'org.onap.portal.admin'},'Portal Write Access'); - -INSERT INTO role(ns, name, perms, description) - VALUES('org.onap.portal','admin',{'org.onap.portal.access|*|*'},'Portal Admins'); - -// DEMO ID (OPS) -insert into cred (id,type,expires,cred,notes,ns,other) values('demo@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344); -INSERT INTO user_role(user,role,expires,ns,rname) - VALUES ('demo@people.osaaf.org','org.onap.portal.admin','2018-10-31','org.onap.portal','admin'); - -// ADMIN -insert into cred (id,type,expires,cred,notes,ns,other) values('jh0003@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344); -INSERT INTO user_role(user,role,expires,ns,rname) - VALUES ('jh0003@people.osaaf.org','org.onap.portal.admin','2018-10-31','org.onap.portal','admin'); - -// DESIGNER -INSERT INTO cred (id,type,expires,cred,notes,ns,other) values('cs0008@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344); -INSERT INTO role(ns, name, perms, description) - VALUES('org.onap.portal','designer',{'org.onap.portal.access|*|read'},'Portal Designer'); -INSERT INTO user_role(user,role,expires,ns,rname) - VALUES ('cs0008@people.osaaf.org','org.onap.portal.designer','2018-10-31','org.onap.portal','designer'); - -// TESTER -INSERT INTO cred (id,type,expires,cred,notes,ns,other) values('jm0007@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344); -INSERT INTO role(ns, name, perms, description) - VALUES('org.onap.portal','tester',{'org.onap.portal.access|*|read'},'Portal Tester'); -INSERT INTO user_role(user,role,expires,ns,rname) - VALUES ('jm0007@people.osaaf.org','org.onap.portal.tester','2018-10-31','org.onap.portal','tester'); - -// OPS -INSERT INTO cred (id,type,expires,cred,notes,ns,other) values('op0001@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344); -INSERT INTO role(ns, name, perms, description) - VALUES('org.onap.portal','ops',{'org.onap.portal.access|*|read'},'Portal Operations'); -INSERT INTO user_role(user,role,expires,ns,rname) - VALUES ('op0001@people.osaaf.org','org.onap.portal.ops','2018-10-31','org.onap.portal','ops'); - -// GOVERNOR -INSERT INTO cred (id,type,expires,cred,notes,ns,other) values('gv0001@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344); -INSERT INTO role(ns, name, perms, description) - VALUES('org.onap.portal','governor',{'org.onap.portal.access|*|read'},'Portal Governor'); -INSERT INTO user_role(user,role,expires,ns,rname) - VALUES ('gv0001@people.osaaf.org','org.onap.portal.governor','2018-10-31','org.onap.portal','governor'); - diff --git a/charts/aaf-cs/resources/config/aaf-cs-data/temp_identity.cql b/charts/aaf-cs/resources/config/aaf-cs-data/temp_identity.cql deleted file mode 100644 index 4b6bf44..0000000 --- a/charts/aaf-cs/resources/config/aaf-cs-data/temp_identity.cql +++ /dev/null @@ -1,22 +0,0 @@ -/* # Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. */ - -USE authz; - -INSERT INTO user_role(user,role,expires,ns,rname) - VALUES ('demo@people.osaaf.org','org.admin','2099-12-31','org','admin') ; - -INSERT INTO user_role(user,role,expires,ns,rname) - VALUES ('demo@people.osaaf.org','org.osaaf.aaf.admin','2099-12-31','org.osaaf.aaf','admin') ; - diff --git a/charts/aaf-cs/templates/deployment.yaml b/charts/aaf-cs/templates/deployment.yaml index cfece70..e0d500c 100644 --- a/charts/aaf-cs/templates/deployment.yaml +++ b/charts/aaf-cs/templates/deployment.yaml @@ -30,25 +30,31 @@ spec: app: {{ include "common.name" . }} release: {{ .Release.Name }} spec: - hostname: {{ include "common.name" . }} containers: - - args: + - name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }} + command: ["/bin/bash","/opt/app/aaf/cass_init/cmd.sh","onap"] ports: - containerPort: {{ .Values.service.externalPort }} - containerPort: {{ .Values.service.externalPort2 }} - containerPort: {{ .Values.service.externalPort3 }} - containerPort: {{ .Values.service.externalPort4 }} + env: + - name: CASSANDRA_CLUSTER_NAME + value: "osaaf" + - name: CASSANDRA_DC + value: "dc1" + - name: HEAP_NEWSIZE + value: "512M" + - name: MAX_HEAP_SIZE + value: "1024M" volumeMounts: - - mountPath: /data - name: aaf-cs-data + - mountPath: /var/lib/cassandra + name: cassandra-storage - mountPath: /etc/localtime name: localtime readOnly: true - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container {{- if eq .Values.liveness.enabled true }} livenessProbe: tcpSocket: @@ -57,25 +63,12 @@ spec: periodSeconds: {{ .Values.liveness.periodSeconds }} {{ end -}} readinessProbe: - tcpSocket: - port: {{ .Values.service.internalPort3 }} + exec: + command: ["/bin/bash","/opt/app/aaf/cass_init/cmd.sh","wait"] initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} - lifecycle: - postStart: - exec: - command: - - /bin/sh - - -c - - > - /bin/sleep {{ .Values.readiness.initialDelaySeconds }}; - cd /data/; - cqlsh -u root -p root -f keyspace.cql ; - cqlsh -u root -p root -f init.cql ; - cqlsh -u root -p root -f osaaf.cql ; - cqlsh -u root -p root -f temp_identity.cql resources: -{{ include "common.resources" . | indent 12 }} +{{ include "common.resources" . | indent 10 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} @@ -85,11 +78,15 @@ spec: {{ toYaml .Values.affinity | indent 10 }} {{- end }} volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name: aaf-cs-data - secret: - secretName: {{ include "common.fullname" . }} + - name: localtime + hostPath: + path: /etc/localtime + - name: cassandra-storage + {{- if .Values.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }} + {{- else }} + emptyDir: {} + {{- end }} imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" + - name: "{{ include "common.namespace" . }}-docker-registry-key" \ No newline at end of file diff --git a/charts/aaf-cs/templates/pv.yaml b/charts/aaf-cs/templates/pv.yaml new file mode 100644 index 0000000..4209179 --- /dev/null +++ b/charts/aaf-cs/templates/pv.yaml @@ -0,0 +1,44 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} +spec: + capacity: + storage: {{ .Values.persistence.size}} + accessModes: + - {{ .Values.persistence.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} +{{- if .Values.persistence.storageClass }} +{{- if (eq "-" .Values.persistence.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.storageClass }}" +{{- end }} +{{- end }} +{{- end -}} \ No newline at end of file diff --git a/charts/aaf-cs/templates/pvc.yaml b/charts/aaf-cs/templates/pvc.yaml new file mode 100644 index 0000000..b102ffa --- /dev/null +++ b/charts/aaf-cs/templates/pvc.yaml @@ -0,0 +1,48 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + selector: + matchLabels: + app: {{ include "common.name" . }} + accessModes: + - {{ .Values.persistence.accessMode }} + resources: + requests: + storage: {{ .Values.persistence.size }} +{{- if .Values.persistence.storageClass }} +{{- if (eq "-" .Values.persistence.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.storageClass }}" +{{- end }} +{{- end }} +{{- end -}} \ No newline at end of file diff --git a/charts/aaf-cs/templates/secret.yaml b/charts/aaf-cs/templates/secret.yaml deleted file mode 100644 index 4ae60f1..0000000 --- a/charts/aaf-cs/templates/secret.yaml +++ /dev/null @@ -1,22 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} -type: Opaque -data: -{{ (.Files.Glob "resources/config/aaf-cs-data/*").AsSecrets | indent 2 }} diff --git a/charts/aaf-cs/values.yaml b/charts/aaf-cs/values.yaml index 73dac29..a914b54 100644 --- a/charts/aaf-cs/values.yaml +++ b/charts/aaf-cs/values.yaml @@ -24,12 +24,9 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: library/cassandra:3.11 +image: onap/aaf/aaf_cass:2.1.2-SNAPSHOT pullPolicy: Always -# flag to enable debugging - application support required -debugEnabled: false - # application configuration config: {} @@ -42,14 +39,14 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 180 + initialDelaySeconds: 300 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: - initialDelaySeconds: 180 + initialDelaySeconds: 120 periodSeconds: 10 service: @@ -87,4 +84,14 @@ resources: requests: cpu: 40m memory: 9000Mi - unlimited: {} \ No newline at end of file + unlimited: {} + +persistence: + enabled: true + #existingClaim: + mountPath: /dockerdata-nfs + mountSubPath: "cass" + volumeReclaimPolicy: Retain + accessMode: ReadWriteOnce + size: 10Gi + storageClass: "manual" \ No newline at end of file diff --git a/charts/aaf-fs/templates/deployment.yaml b/charts/aaf-fs/templates/deployment.yaml index d269dc6..5125eb1 100644 --- a/charts/aaf-fs/templates/deployment.yaml +++ b/charts/aaf-fs/templates/deployment.yaml @@ -31,11 +31,12 @@ spec: release: {{ .Release.Name }} spec: initContainers: - - command: + - name: {{ include "common.name" . }}-job-complete + command: - /root/job_complete.py args: - - -j - - {{ .Release.Name }}-aaf-create-config + - --job-name + - {{ .Release.Name }}-create-config env: - name: NAMESPACE valueFrom: @@ -44,13 +45,11 @@ spec: fieldPath: metadata.namespace image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-job-complete - - command: + - name: {{ include "common.name" . }}-readiness + command: - /root/ready.py args: - --container-name - - aaf-cs - - --container-name - aaf-locate env: - name: NAMESPACE @@ -60,23 +59,17 @@ spec: fieldPath: metadata.namespace image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness containers: - - env: - - name: CASSANDRA_CLUSTER - value: cassandra_container - name: {{ include "common.name" . }} + - name: {{ include "common.name" . }} + command: ["/bin/bash","/opt/app/aaf/bin/fs"] image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: ["/bin/bash","-c","ln -s /opt/app/osaaf/data /data;/opt/app/aaf/fs/bin/fs "] volumeMounts: - - mountPath: /opt/app/osaaf - name: aaf-persistent-vol + - mountPath: "/opt/app/osaaf" + name: shared-config-volume - mountPath: /etc/localtime name: localtime readOnly: true - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container {{- if eq .Values.liveness.enabled true }} livenessProbe: tcpSocket: @@ -103,12 +96,12 @@ spec: - name: localtime hostPath: path: /etc/localtime - - name: aaf-persistent-vol + - name: shared-config-volume {{- if .Values.global.persistence.enabled }} persistentVolumeClaim: - claimName: {{ .Release.Name }}-aaf-pvc + claimName: {{ .Release.Name }}-config {{- else }} emptyDir: {} {{- end }} imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" + - name: "{{ include "common.namespace" . }}-docker-registry-key" \ No newline at end of file diff --git a/charts/aaf-fs/values.yaml b/charts/aaf-fs/values.yaml index 0e3a81a..0f0d7c4 100644 --- a/charts/aaf-fs/values.yaml +++ b/charts/aaf-fs/values.yaml @@ -25,14 +25,9 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_fs:2.1.1 +image: onap/aaf/aaf_fs:2.1.2-SNAPSHOT pullPolicy: Always -# flag to enable debugging - application support required -debugEnabled: false - -# application configuration -config: {} # default number of instances replicaCount: 1 @@ -43,14 +38,14 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 10 + initialDelaySeconds: 300 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: - initialDelaySeconds: 10 + initialDelaySeconds: 30 periodSeconds: 10 service: diff --git a/charts/aaf-gui/templates/deployment.yaml b/charts/aaf-gui/templates/deployment.yaml index b24a008..24c8e68 100644 --- a/charts/aaf-gui/templates/deployment.yaml +++ b/charts/aaf-gui/templates/deployment.yaml @@ -31,11 +31,12 @@ spec: release: {{ .Release.Name }} spec: initContainers: - - command: + - name: {{ include "common.name" . }}-job-complete + command: - /root/job_complete.py args: - - -j - - {{ .Release.Name }}-aaf-create-config + - --job-name + - {{ .Release.Name }}-create-config env: - name: NAMESPACE valueFrom: @@ -44,14 +45,12 @@ spec: fieldPath: metadata.namespace image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-job-complete - - command: + - name: {{ include "common.name" . }}-readiness + command: - /root/ready.py args: - --container-name - - aaf-cs - - --container-name - - aaf-locate + - aaf-cm env: - name: NAMESPACE valueFrom: @@ -60,23 +59,17 @@ spec: fieldPath: metadata.namespace image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness containers: - - env: - - name: CASSANDRA_CLUSTER - value: cassandra_container - name: {{ include "common.name" . }} + - name: {{ include "common.name" . }} + command: ["/bin/bash","/opt/app/aaf/bin/gui"] image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/gui/bin/gui "] volumeMounts: - - mountPath: /opt/app/osaaf - name: aaf-persistent-vol + - mountPath: "/opt/app/osaaf" + name: shared-config-volume - mountPath: /etc/localtime name: localtime readOnly: true - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container {{- if eq .Values.liveness.enabled true }} livenessProbe: tcpSocket: @@ -103,12 +96,12 @@ spec: - name: localtime hostPath: path: /etc/localtime - - name: aaf-persistent-vol + - name: shared-config-volume {{- if .Values.global.persistence.enabled }} persistentVolumeClaim: - claimName: {{ .Release.Name }}-aaf-pvc + claimName: {{ .Release.Name }}-config {{- else }} emptyDir: {} {{- end }} imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" + - name: "{{ include "common.namespace" . }}-docker-registry-key" \ No newline at end of file diff --git a/charts/aaf-gui/values.yaml b/charts/aaf-gui/values.yaml index 5665d1d..d44ac5e 100644 --- a/charts/aaf-gui/values.yaml +++ b/charts/aaf-gui/values.yaml @@ -25,14 +25,9 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_gui:2.1.1 +image: onap/aaf/aaf_gui:2.1.2-SNAPSHOT pullPolicy: Always -# flag to enable debugging - application support required -debugEnabled: false - -# application configuration -config: {} # default number of instances replicaCount: 1 @@ -43,14 +38,14 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 10 + initialDelaySeconds: 300 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: - initialDelaySeconds: 10 + initialDelaySeconds: 30 periodSeconds: 10 service: diff --git a/charts/aaf-hello/templates/deployment.yaml b/charts/aaf-hello/templates/deployment.yaml index c76c084..f932228 100644 --- a/charts/aaf-hello/templates/deployment.yaml +++ b/charts/aaf-hello/templates/deployment.yaml @@ -31,11 +31,12 @@ spec: release: {{ .Release.Name }} spec: initContainers: - - command: + - name: {{ include "common.name" . }}-job-complete + command: - /root/job_complete.py args: - - -j - - {{ .Release.Name }}-aaf-create-config + - --job-name + - {{ .Release.Name }}-create-config env: - name: NAMESPACE valueFrom: @@ -44,13 +45,11 @@ spec: fieldPath: metadata.namespace image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-job-complete - - command: + - name: {{ include "common.name" . }}-readiness + command: - /root/ready.py args: - --container-name - - aaf-cs - - --container-name - aaf-locate env: - name: NAMESPACE @@ -60,23 +59,17 @@ spec: fieldPath: metadata.namespace image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness containers: - - env: - - name: CASSANDRA_CLUSTER - value: cassandra_container - name: {{ include "common.name" . }} + - name: {{ include "common.name" . }} + command: ["/bin/bash","/opt/app/aaf/bin/hello"] image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/hello/bin/hello "] volumeMounts: - - mountPath: /opt/app/osaaf - name: aaf-persistent-vol + - mountPath: "/opt/app/osaaf" + name: shared-config-volume - mountPath: /etc/localtime name: localtime readOnly: true - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container {{- if eq .Values.liveness.enabled true }} livenessProbe: tcpSocket: @@ -103,12 +96,12 @@ spec: - name: localtime hostPath: path: /etc/localtime - - name: aaf-persistent-vol + - name: shared-config-volume {{- if .Values.global.persistence.enabled }} persistentVolumeClaim: - claimName: {{ .Release.Name }}-aaf-pvc + claimName: {{ .Release.Name }}-config {{- else }} emptyDir: {} {{- end }} imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" + - name: "{{ include "common.namespace" . }}-docker-registry-key" \ No newline at end of file diff --git a/charts/aaf-hello/values.yaml b/charts/aaf-hello/values.yaml index 6fcf861..9f694be 100644 --- a/charts/aaf-hello/values.yaml +++ b/charts/aaf-hello/values.yaml @@ -19,20 +19,15 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s readinessImage: readiness-check:2.0.0 - +flavor: small ################################################################# # Application configuration defaults. ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_hello:2.1.1 +image: onap/aaf/aaf_hello:2.1.2-SNAPSHOT pullPolicy: Always -# flag to enable debugging - application support required -debugEnabled: false - -# application configuration -config: {} # default number of instances replicaCount: 1 @@ -43,14 +38,14 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 10 + initialDelaySeconds: 300 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: - initialDelaySeconds: 10 + initialDelaySeconds: 30 periodSeconds: 10 service: diff --git a/charts/aaf-locate/templates/deployment.yaml b/charts/aaf-locate/templates/deployment.yaml index 6e69f2c..a3a9e28 100644 --- a/charts/aaf-locate/templates/deployment.yaml +++ b/charts/aaf-locate/templates/deployment.yaml @@ -31,11 +31,12 @@ spec: release: {{ .Release.Name }} spec: initContainers: - - command: + - name: {{ include "common.name" . }}-job-complete + command: - /root/job_complete.py args: - - -j - - {{ .Release.Name }}-aaf-create-config + - --job-name + - {{ .Release.Name }}-create-config env: - name: NAMESPACE valueFrom: @@ -44,12 +45,12 @@ spec: fieldPath: metadata.namespace image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-job-complete - - command: + - name: {{ include "common.name" . }}-readiness + command: - /root/ready.py args: - --container-name - - aaf-cs + - aaf-service env: - name: NAMESPACE valueFrom: @@ -58,23 +59,17 @@ spec: fieldPath: metadata.namespace image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness containers: - - env: - - name: CASSANDRA_CLUSTER - value: cassandra_container - name: {{ include "common.name" . }} + - name: {{ include "common.name" . }} + command: ["/bin/bash","/opt/app/aaf/bin/locate"] image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/locate/bin/locate "] volumeMounts: - - mountPath: /opt/app/osaaf - name: aaf-persistent-vol + - mountPath: "/opt/app/osaaf" + name: shared-config-volume - mountPath: /etc/localtime name: localtime readOnly: true - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container {{- if eq .Values.liveness.enabled true }} livenessProbe: tcpSocket: @@ -101,12 +96,12 @@ spec: - name: localtime hostPath: path: /etc/localtime - - name: aaf-persistent-vol + - name: shared-config-volume {{- if .Values.global.persistence.enabled }} persistentVolumeClaim: - claimName: {{ .Release.Name }}-aaf-pvc + claimName: {{ .Release.Name }}-config {{- else }} emptyDir: {} {{- end }} imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" + - name: "{{ include "common.namespace" . }}-docker-registry-key" \ No newline at end of file diff --git a/charts/aaf-locate/values.yaml b/charts/aaf-locate/values.yaml index c924002..ba1e563 100644 --- a/charts/aaf-locate/values.yaml +++ b/charts/aaf-locate/values.yaml @@ -19,24 +19,15 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s readinessImage: readiness-check:2.0.0 - -# If mountPath is over NFS (e.g. /dockerdata-nfs is NFS mounted between the nodes), uncomment following lines. -# persistence: -# mountPath: /dockerdata flavor: small ################################################################# # Application configuration defaults. ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_locate:2.1.1 +image: onap/aaf/aaf_locate:2.1.2-SNAPSHOT pullPolicy: Always -# flag to enable debugging - application support required -debugEnabled: false - -# application configuration -config: {} # default number of instances replicaCount: 1 @@ -47,14 +38,14 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 10 + initialDelaySeconds: 300 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: - initialDelaySeconds: 10 + initialDelaySeconds: 30 periodSeconds: 10 service: diff --git a/charts/aaf-oauth/templates/deployment.yaml b/charts/aaf-oauth/templates/deployment.yaml index fd4ae21..06cf273 100644 --- a/charts/aaf-oauth/templates/deployment.yaml +++ b/charts/aaf-oauth/templates/deployment.yaml @@ -31,11 +31,12 @@ spec: release: {{ .Release.Name }} spec: initContainers: - - command: + - name: {{ include "common.name" . }}-job-complete + command: - /root/job_complete.py args: - - -j - - {{ .Release.Name }}-aaf-create-config + - --job-name + - {{ .Release.Name }}-create-config env: - name: NAMESPACE valueFrom: @@ -44,13 +45,11 @@ spec: fieldPath: metadata.namespace image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-job-complete - - command: - - /root/ready.py + - name: {{ include "common.name" . }}-readiness + command: + - /root/ready.py args: - --container-name - - aaf-cs - - --container-name - aaf-locate env: - name: NAMESPACE @@ -60,23 +59,17 @@ spec: fieldPath: metadata.namespace image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness containers: - - env: - - name: CASSANDRA_CLUSTER - value: cassandra_container - name: {{ include "common.name" . }} + - name: {{ include "common.name" . }} + command: ["/bin/bash","/opt/app/aaf/bin/oauth"] image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/oauth/bin/oauth "] volumeMounts: - - mountPath: /opt/app/osaaf - name: aaf-persistent-vol + - mountPath: "/opt/app/osaaf" + name: shared-config-volume - mountPath: /etc/localtime name: localtime readOnly: true - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container {{- if eq .Values.liveness.enabled true }} livenessProbe: tcpSocket: @@ -103,12 +96,12 @@ spec: - name: localtime hostPath: path: /etc/localtime - - name: aaf-persistent-vol + - name: shared-config-volume {{- if .Values.global.persistence.enabled }} persistentVolumeClaim: - claimName: {{ .Release.Name }}-aaf-pvc + claimName: {{ .Release.Name }}-config {{- else }} emptyDir: {} {{- end }} imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" + - name: "{{ include "common.namespace" . }}-docker-registry-key" \ No newline at end of file diff --git a/charts/aaf-oauth/templates/service.yaml b/charts/aaf-oauth/templates/service.yaml index 281aa1c..d94bcae 100644 --- a/charts/aaf-oauth/templates/service.yaml +++ b/charts/aaf-oauth/templates/service.yaml @@ -26,8 +26,6 @@ spec: ports: {{if eq .Values.service.type "NodePort" -}} - port: {{ .Values.service.externalPort }} - #Example internal target port if required - #targetPort: {{ .Values.service.internalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} name: {{ .Values.service.portName }} {{- else -}} diff --git a/charts/aaf-oauth/values.yaml b/charts/aaf-oauth/values.yaml index 943ad16..e52075a 100644 --- a/charts/aaf-oauth/values.yaml +++ b/charts/aaf-oauth/values.yaml @@ -25,14 +25,9 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_oauth:2.1.1 +image: onap/aaf/aaf_oauth:2.1.2-SNAPSHOT pullPolicy: Always -# flag to enable debugging - application support required -debugEnabled: false - -# application configuration -config: {} # default number of instances replicaCount: 1 @@ -43,14 +38,14 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 10 + initialDelaySeconds: 300 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: - initialDelaySeconds: 10 + initialDelaySeconds: 30 periodSeconds: 10 service: diff --git a/charts/aaf-service/.helmignore b/charts/aaf-service/.helmignore new file mode 100644 index 0000000..f0c1319 --- /dev/null +++ b/charts/aaf-service/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/charts/aaf-service/templates/deployment.yaml b/charts/aaf-service/templates/deployment.yaml index a07d06f..c3c140a 100644 --- a/charts/aaf-service/templates/deployment.yaml +++ b/charts/aaf-service/templates/deployment.yaml @@ -31,11 +31,12 @@ spec: release: {{ .Release.Name }} spec: initContainers: - - command: + - name: {{ include "common.name" . }}-job-complete + command: - /root/job_complete.py args: - - -j - - {{ .Release.Name }}-aaf-create-config + - --job-name + - {{ .Release.Name }}-create-config env: - name: NAMESPACE valueFrom: @@ -44,14 +45,12 @@ spec: fieldPath: metadata.namespace image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-job-complete - - command: + - name: {{ include "common.name" . }}-readiness + command: - /root/ready.py args: - --container-name - aaf-cs - - --container-name - - aaf-locate env: - name: NAMESPACE valueFrom: @@ -60,23 +59,17 @@ spec: fieldPath: metadata.namespace image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness containers: - - env: - - name: CASSANDRA_CLUSTER - value: cassandra_container - name: {{ include "common.name" . }} + - name: {{ include "common.name" . }} + command: ["/bin/bash","/opt/app/aaf/bin/service"] image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/service/bin/service "] volumeMounts: - - mountPath: /opt/app/osaaf - name: aaf-persistent-vol + - mountPath: "/opt/app/osaaf" + name: shared-config-volume - mountPath: /etc/localtime name: localtime readOnly: true - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container {{- if eq .Values.liveness.enabled true }} livenessProbe: tcpSocket: @@ -103,12 +96,12 @@ spec: - name: localtime hostPath: path: /etc/localtime - - name: aaf-persistent-vol + - name: shared-config-volume {{- if .Values.global.persistence.enabled }} persistentVolumeClaim: - claimName: {{ .Release.Name }}-aaf-pvc + claimName: {{ .Release.Name }}-config {{- else }} emptyDir: {} {{- end }} imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" + - name: "{{ include "common.namespace" . }}-docker-registry-key" \ No newline at end of file diff --git a/charts/aaf-service/values.yaml b/charts/aaf-service/values.yaml index 5ad31ff..7ec6364 100644 --- a/charts/aaf-service/values.yaml +++ b/charts/aaf-service/values.yaml @@ -25,14 +25,9 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_service:2.1.1 +image: onap/aaf/aaf_service:2.1.2-SNAPSHOT pullPolicy: Always -# flag to enable debugging - application support required -debugEnabled: false - -# application configuration -config: {} # default number of instances replicaCount: 1 @@ -43,14 +38,14 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 10 + initialDelaySeconds: 300 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: - initialDelaySeconds: 10 + initialDelaySeconds: 30 periodSeconds: 10 service: diff --git a/resources/config/backup/backup.sh b/resources/config/backup/backup.sh deleted file mode 100644 index 0cc2f62..0000000 --- a/resources/config/backup/backup.sh +++ /dev/null @@ -1,46 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# BEGIN Store prev -BD=/opt/app/osaaf/backup -if [ -e "$BD/6day" ]; then - rm -Rf $BD/6day -fi - -PREV=$BD/6day -for D in $BD/5day $BD/4day $BD/3day $BD/2day $BD/yesterday; do - if [ -e "$D" ]; then - mv "$D" "$PREV" - fi - PREV="$D" -done - -if [ -e "$BD/today" ]; then - if [ -e "$BD/backup.log" ]; then - mv $BD/backup.log $BD/today - fi - gzip $BD/today/* - mv $BD/today $BD/yesterday -fi - -mkdir $BD/today - -# END Store prev -date -docker exec -t aaf_cass bash -c "mkdir -p /opt/app/cass_backup" -docker container cp $BD/cbackup.sh aaf_cass:/opt/app/cass_backup/backup.sh -# echo "login as Root, then run \nbash /opt/app/cass_backup/backup.sh" -docker exec -t aaf_cass bash /opt/app/cass_backup/backup.sh -docker container cp aaf_cass:/opt/app/cass_backup/. $BD/today -date diff --git a/resources/config/backup/cbackup.sh b/resources/config/backup/cbackup.sh deleted file mode 100644 index de91852..0000000 --- a/resources/config/backup/cbackup.sh +++ /dev/null @@ -1,22 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -cd /opt/app/cass_backup -DATA="ns role perm ns_attrib user_role cred cert x509 delegate approval approved future notify artifact health history" -PWD=cassandra -CQLSH="cqlsh -u cassandra -k authz -p $PWD" -for T in $DATA ; do - echo "Creating $T.dat" - $CQLSH -e "COPY authz.$T TO '$T.dat' WITH DELIMITER='|'" -done diff --git a/resources/config/data/identities.dat b/resources/config/data/identities.dat deleted file mode 100644 index cb7f01d..0000000 --- a/resources/config/data/identities.dat +++ /dev/null @@ -1,41 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# -# Sample Identities.dat -# This file is for use with the "Default Organization". It is a simple mechanism to have a basic ILM structure to use with -# out-of-the-box tire-kicking, or even for Small companies -# -# For Larger Companies, you will want to create a new class implementing the "Organization" interface, making calls to your ILM, or utilizing -# batch feeds, as is appropriate for your company. -# -# Example Field Layout. note, in this example, Application IDs and People IDs are mixed. You may want to split -# out AppIDs, choose your own status indicators, or whatever you use. -# 0 - unique ID -# 1 - full name -# 2 - first name -# 3 - last name -# 4 - phone -# 5 - official email -# 6 - employment status e=employee, c=contractor, a=application, n=no longer with company -# 7 - responsible to (i.e Supervisor for People, or AppOwner, if it's an App ID) -# - -iowna|Ima D. Owner|Ima|Owner|314-123-2000|ima.d.owner@osaaf.com|e| -mmanager|Mark D. Manager|Mark|Manager|314-123-1234|mark.d.manager@osaaf.com|e|iowna -bdevl|Robert D. Developer|Bob|Developer|314-123-1235|bob.d.develper@osaaf.com|e|mmanager -mmarket|Mary D. Marketer|Mary|Marketer|314-123-1236|mary.d.marketer@osaaf.com|e|mmanager -ccontra|Clarice D. Contractor|Clarice|Contractor|314-123-1237|clarice.d.contractor@osaaf.com|c|mmanager -iretired|Ira Lee M. Retired|Ira|Retired|314-123-1238|clarice.d.contractor@osaaf.com|n|mmanager -osaaf|ID of AAF|||||a|bdevl diff --git a/resources/config/data/sample.identities.dat b/resources/config/data/sample.identities.dat deleted file mode 100644 index cf2ca6d..0000000 --- a/resources/config/data/sample.identities.dat +++ /dev/null @@ -1,40 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Sample Identities.dat -# This file is for use with the "Default Organization". It is a simple mechanism to have a basic ILM structure to use with -# out-of-the-box tire-kicking, or even for Small companies -# -# For Larger Companies, you will want to create a new class implementing the "Organization" interface, making calls to your ILM, or utilizing -# batch feeds, as is appropriate for your company. -# -# Example Field Layout. note, in this example, Application IDs and People IDs are mixed. You may want to split -# out AppIDs, choose your own status indicators, or whatever you use. -# 0 - unique ID -# 1 - full name -# 2 - first name -# 3 - last name -# 4 - phone -# 5 - official email -# 6 - employment status e=employee, c=contractor, a=application, n=no longer with company -# 7 - responsible to (i.e Supervisor for People, or AppOwner, if it's an App ID) -# - -iowna|Ima D. Owner|Ima|Owner|314-123-2000|ima.d.owner@osaaf.com|e| -mmanager|Mark D. Manager|Mark|Manager|314-123-1234|mark.d.manager@osaaf.com|e|iowna -bdevl|Robert D. Developer|Bob|Developer|314-123-1235|bob.d.develper@osaaf.com|e|mmanager -mmarket|Mary D. Marketer|Mary|Marketer|314-123-1236|mary.d.marketer@osaaf.com|e|mmanager -ccontra|Clarice D. Contractor|Clarice|Contractor|314-123-1237|clarice.d.contractor@osaaf.com|c|mmanager -iretired|Ira Lee M. Retired|Ira|Retired|314-123-1238|clarice.d.contractor@osaaf.com|n|mmanager -osaaf|ID of AAF|||||a|bdevl diff --git a/resources/config/etc/org.osaaf.cm.props b/resources/config/etc/org.osaaf.cm.props deleted file mode 100644 index ccd8a33..0000000 --- a/resources/config/etc/org.osaaf.cm.props +++ /dev/null @@ -1,28 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -## -## org.osaaf.cm.props -## AAF Certificate Manager properties -## Note: Link to CA Properties in "local" dir -## -cadi_prop_files=/opt/app/osaaf/etc/org.osaaf.common.props:/opt/app/osaaf/local/org.osaaf.cassandra.props:/opt/app/osaaf/local/org.osaaf.cm.ca.props -aaf_component=AAF_NS.cm:2.1.0.0 -port=8150 -cadi_registration_hostname={{.Values.config.cmServiceName}} -#Certman -cm_public_dir=/opt/app/osaaf/public -cm_trust_cas=AAF_RootCA.cer - - diff --git a/resources/config/etc/org.osaaf.common.props b/resources/config/etc/org.osaaf.common.props deleted file mode 100644 index 052a2ec..0000000 --- a/resources/config/etc/org.osaaf.common.props +++ /dev/null @@ -1,43 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -############################################################ -# Common properties for all AAF Components -# on 2018-03-02 06:59.628-0500 -############################################################ -# Pull in Global Coordinates and Certificate Information -aaf_root_ns=org.osaaf.aaf -aaf_trust_perm=org.osaaf.aaf|org.onap|trust - -cadi_prop_files=/opt/app/osaaf/local/org.osaaf.location.props:/opt/app/osaaf/local/org.osaaf.aaf.props -cadi_protocols=TLSv1.1,TLSv1.2 - -aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.0 -cadi_loginpage_url=https://AAF_LOCATE_URL/AAF_NS.gui:2.0/login - -# Standard for this App/Machine -aaf_env=DEV -aaf_data_dir=/opt/app/osaaf/data -cadi_loglevel=DEBUG - -# Domain Support (which will accept) -aaf_domain_support=.com:.org - -# Basic Auth -aaf_default_realm=people.osaaf.org - -# OAuth2 -aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.0/token -aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.0/introspect - diff --git a/resources/config/etc/org.osaaf.fs.props b/resources/config/etc/org.osaaf.fs.props deleted file mode 100644 index 266e08e..0000000 --- a/resources/config/etc/org.osaaf.fs.props +++ /dev/null @@ -1,25 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - - -## -## org.osaaf.locator -## AAF Locator Properties -## -cadi_prop_files=/opt/app/osaaf/etc/org.osaaf.common.props -aaf_component=AAF_NS.fs:2.1.0.0 -port=8096 -cadi_registration_hostname={{.Values.config.fsServiceName}} - -aaf_public_dir=/opt/app/osaaf/public diff --git a/resources/config/etc/org.osaaf.gui.props b/resources/config/etc/org.osaaf.gui.props deleted file mode 100644 index 6c40b40..0000000 --- a/resources/config/etc/org.osaaf.gui.props +++ /dev/null @@ -1,46 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - - -## -## org.osaaf.locator -## AAF Locator Properties -## -cadi_prop_files=/opt/app/osaaf/etc/org.osaaf.common.props:/opt/app/osaaf/etc/org.osaaf.orgs.props -aaf_component=AAF_NS.gui:2.1.0.0 -port=8200 -cadi_registration_hostname={{.Values.config.guiServiceName}} - -aaf_gui_title=AAF -aaf_gui_copyright=(c) 2018 AT&T Intellectual Property. All rights reserved. -aaf_gui_theme=theme/onap -cadi_loginpage_url=https://AAF_LOCATE_URL/com.att.aaf.gui:2.0/login - -# GUI URLS and Help URLS -cm_url=https://{{.Values.config.cmServiceName}}:8150 -gw_url=https://{{.Values.config.locateServiceName}}:8095 -fs_url=http://{{.Values.config.fsServiceName}}:8096 - -aaf_url.gui_onboard=https://wiki.web.att.com/display/aaf/OnBoarding -aaf_url.cuigui=https://wiki.web.att.com/display/aaf/Using+the+Command+Prompt - -aaf_url.aaf_help=https://wiki.onap.org/display/DW/Application+Authorization+Framework+Documentation -aaf_url.aaf_help.sub=Bootstrapping+AAF,Installation+Guide -aaf_url.aaf_help.sub.Bootstrapping+AAF=https://wiki.onap.org/display/DW/Bootstrapping+AAF -aaf_url.aaf_help.sub.Installation+Guide=https://wiki.onap.org/display/DW/AAF+Installation+Guide -#aaf_url.cadi_help= -aaf_url.tools=AAF+Projects,AAF+Jira,AAF+Calendar -aaf_url.tool=AAF+Jira=https://jira.onap.org/secure/RapidBoard.jspa?rapidView=69&projectKey=AAF&view=detail&selectedIssue=AAF-134 -aaf_url.tool.AAF+Projects=https://gerrit.onap.org/r/#/admin/projects/?filter=aaf%2F -aaf_url.tool.AAF+Calendar=https://wiki.onap.org/pages/viewpage.action?pageId=6587439 diff --git a/resources/config/etc/org.osaaf.hello.props b/resources/config/etc/org.osaaf.hello.props deleted file mode 100644 index eeacc1d..0000000 --- a/resources/config/etc/org.osaaf.hello.props +++ /dev/null @@ -1,23 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - - -## -## org.osaaf.locator -## AAF Locator Properties -## -cadi_prop_files=/opt/app/osaaf/etc/org.osaaf.common.props -aaf_component=AAF_NS.hello:2.1.0.0 -port=8130 -cadi_registration_hostname={{.Values.config.helloServiceName}} diff --git a/resources/config/etc/org.osaaf.locate.props b/resources/config/etc/org.osaaf.locate.props deleted file mode 100644 index 1026dd8..0000000 --- a/resources/config/etc/org.osaaf.locate.props +++ /dev/null @@ -1,23 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - - -## -## org.osaaf.locator -## AAF Locator Properties -## -cadi_prop_files=/opt/app/osaaf/etc/org.osaaf.common.props:/opt/app/osaaf/local/org.osaaf.cassandra.props -aaf_component=AAF_NS.locator:2.1.0.0 -port=8095 -cadi_registration_hostname={{.Values.config.locateServiceName}} diff --git a/resources/config/etc/org.osaaf.log4j.props b/resources/config/etc/org.osaaf.log4j.props deleted file mode 100644 index 9f10802..0000000 --- a/resources/config/etc/org.osaaf.log4j.props +++ /dev/null @@ -1,51 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. -# -log4j.appender.INIT=org.apache.log4j.DailyRollingFileAppender -log4j.appender.INIT.File=${LOG4J_FILENAME_init} -log4j.appender.INIT.DatePattern='.'yyyy-MM-dd -log4j.appender.INIT.layout=org.apache.log4j.PatternLayout -log4j.appender.INIT.layout.ConversionPattern=%d{yyyy-MM-dd HH:mm:ss,SSSZ} %m %n - -log4j.appender.SRVR=org.apache.log4j.DailyRollingFileAppender -log4j.appender.SRVR.File=${LOG4J_FILENAME_service} -log4j.appender.SRVR.DatePattern='.'yyyy-MM-dd -log4j.appender.SRVR.layout=org.apache.log4j.PatternLayout -log4j.appender.SRVR.layout.ConversionPattern=%d{yyyy-MM-dd HH:mm:ss,SSSZ} %p [%c] %m %n - -log4j.appender.AUDIT=org.apache.log4j.DailyRollingFileAppender -log4j.appender.AUDIT.File=${LOG4J_FILENAME_audit} -log4j.appender.AUDIT.DatePattern='.'yyyy-MM-dd -log4j.appender.AUDIT.layout=org.apache.log4j.PatternLayout -log4j.appender.AUDIT.layout.ConversionPattern=%d{yyyy-MM-dd HH:mm:ss,SSSZ} %m %n - -log4j.appender.stdout=org.apache.log4j.ConsoleAppender -log4j.appender.stdout.layout=org.apache.log4j.PatternLayout -log4j.appender.stdout.layout.ConversionPattern=%d %p [%c] %m %n - -# General Apache libraries -log4j.rootLogger=WARN.SRVR -log4j.logger.org.apache=WARN,SRVR -log4j.logger.com.datastax=WARN,SRVR -log4j.logger.init=INFO,INIT -log4j.logger.service=${LOGGING_LEVEL},SRVR -log4j.logger.audit=INFO,AUDIT -# Additional configs, not cauth with Root Logger -log4j.logger.io.netty=INFO,SRVR -log4j.logger.org.eclipse=INFO,SRVR - - diff --git a/resources/config/etc/org.osaaf.oauth.props b/resources/config/etc/org.osaaf.oauth.props deleted file mode 100644 index d2a5b97..0000000 --- a/resources/config/etc/org.osaaf.oauth.props +++ /dev/null @@ -1,22 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -## -## org.osaaf.locator -## AAF Locator Properties -## -cadi_prop_files=/opt/app/osaaf/etc/org.osaaf.common.props:/opt/app/osaaf/local/org.osaaf.cassandra.props -aaf_component=AAF_NS.oauth:2.1.0.0 -port=8140 -cadi_registration_hostname={{.Values.config.oauthServiceName}} diff --git a/resources/config/etc/org.osaaf.orgs.props b/resources/config/etc/org.osaaf.orgs.props deleted file mode 100644 index c609de2..0000000 --- a/resources/config/etc/org.osaaf.orgs.props +++ /dev/null @@ -1,25 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# -# Define Organizations for use in some of the components. Not all use them -# -Organization.org.osaaf=org.onap.aaf.org.DefaultOrg -org.osaaf.mailHost=smtp.mail.att.com -org.osaaf.mailFrom=DL-aaf-support@aaf.att.com -org.osaaf.default=true -org.osaaf.also_supports=org.osaaf.people - - - diff --git a/resources/config/etc/org.osaaf.service.props b/resources/config/etc/org.osaaf.service.props deleted file mode 100644 index adb9032..0000000 --- a/resources/config/etc/org.osaaf.service.props +++ /dev/null @@ -1,23 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - - -## -## org.osaaf.service -## AAF Service Properties -## -cadi_prop_files=/opt/app/osaaf/etc/org.osaaf.common.props:/opt/app/osaaf/local/org.osaaf.cassandra.props:/opt/app/osaaf/etc/org.osaaf.orgs.props -aaf_component=AAF_NS.service:2.1.0.0 -port=8100 -cadi_registration_hostname={{.Values.config.serviceServiceName}} diff --git a/resources/config/local/org.osaaf.aaf.cm.p12 b/resources/config/local/org.osaaf.aaf.cm.p12 deleted file mode 100644 index 63aedd2..0000000 Binary files a/resources/config/local/org.osaaf.aaf.cm.p12 and /dev/null differ diff --git a/resources/config/local/org.osaaf.aaf.cm.pkcs11 b/resources/config/local/org.osaaf.aaf.cm.pkcs11 deleted file mode 100644 index 05fe60f..0000000 --- a/resources/config/local/org.osaaf.aaf.cm.pkcs11 +++ /dev/null @@ -1 +0,0 @@ -name = localca diff --git a/resources/config/local/org.osaaf.aaf.keyfile b/resources/config/local/org.osaaf.aaf.keyfile deleted file mode 100644 index 7206ad9..0000000 --- a/resources/config/local/org.osaaf.aaf.keyfile +++ /dev/null @@ -1,27 +0,0 @@ -rmaOaytuFLnhz07oilUO0nO_mZ18XInIi56OoezdUTR5f1GR45lp_nX7marcYv7j2ZS-dpWOSur0 -sK5M-ByrgxfUPyk749Ex4nGSMLnAq-nFMaREpGZPmNP-ul_vCxCmaHUnWKPJB4jx_K_osKPb0-ng -tqX0hnpbmcq4okV94MUdUs084ymM5LU-qVU_oYbLUM4dXatobe1go8eX2umrutZbQTjz75i4UEcF -Dv9nDwVqHRGUFMU0NeJlrSlRSO-eiDgVtoSCBGtIkDdKPBTUT3wachHmUBiSBJ3GF05yQP1CwWzz -AQRSwphP11xKI7tSViT5RoxjxfQZiVEbeyg9g9BROe_pLyIDskoW_ujdnPOWRcSIx6Q4J0eew3kb -yqcWUPf1K2nSyBSshlsQ6A9NSOLz_KhyIvP_1OG82m1gir3I77Usl7QqMF8IBXCjJ-H_qqR1u-By -qm_AFjagYA2TgF2YQN-fcneom_5_cA74_xwJ41juhOP72ZWGkX1bAdbiKf85uYo2H3g5HeNWijQL -y4wJ4qFrSptQRyV2Ntf9OLgpOsKsPPiLlNBugmCjHBMaPMbQAYRbsyCH2nKdjjTG3c6iF5Cj9Jco -6McvcrYYuq3ynH-2HoL-T-Zgl2AXLxqK4_dl_H243H-GutoJsmIkELLGS_pCpSt4t7xaDvzqxrTj -4qZ1OjozcpnsqM8HebS28IgoqFaOmrCMqO1MLM_CjAyliTy31P28XEbcYvjEY-FWmnJRSpMLc1Pz --KOH-2V8uTqn5YlUsFt2TNnc8lEwMH6GSV1vkgxwPQaMUgWV2svc0FfBmTLZI4zNmpMu4cGjaG-f -Z8r_hX7pDPANBTaqFxTp999dnaS3lLdZMNbJNEKFF0xxdRuBzsPKDiLa7ItixInZlUcEnwJVWOhC -kcI2J0cEFGxHxWYmYdqyJIvQzjebk6iDqB-mLi0ai-_XYm1niCxZizT_XJADo9LQtTzq1V6pMgYR -PPfbDKoiYRK6D8nbWsGNOh6xOS7zs8qrnTPxwu5CuZX_EFoejmooHTrXEqw2RzRFw9XqXM8p50C3 -YrwI2lA6kTQItGm0yftAxqfbhbjJp_K1P91ckOYL3ZSYze_hXRmguwYuT5NWlKhBtm5aawuDjXEg -yn7PnRTT0smW40hbYbks5L-2VVxTd3tith6Ltqh95miL6vpG5ByDDQlZCWwkq7XH7iScejDvT6UN -jF1K86mNa8CLXuuSzGl1li1CMxoVzW55G3s0-ICDHqjytiUkiUen2V9VzGT9h4BgDfzbShf31M4_ -biO4NL-mkqlDBbh-KcrYjvNj5qQwHSiLSLuQQBoBtJ3hG9jCu4YBYVWJYctV8r3Js_sGDH4rl5w1 -ujEF6QHWZIF73-u53G_LtvoXBnQcrBW8oLpqP-1Pz5d1bio--bRsNa5qAAilNbYmttiKYOYJn4My -c6QvzF81SqTRZy0Fd0NK_hMCglPkH7sd32UX-LBquvQ_yDqB_ml_pADJhWcfuD4iPAQjR2Vgclxf -GPCDva6YpJDzjjnaExDYmGFVFpbIPLfvGUCit_9zAycx0nW1J_cVT1BWFHijjAh_gnIpa6MtY3BE -G3d8ee6_LAQvvVdBwZ955UwyRd-C7Buc7Xcccw-8hcNBKqOCDlE9j4tie2SdO9m53vZRzcLY6Aiw -BiulIAllqHZQYs0OBcaYgbNgJU-gn9ZMWgS9i3ijPvTTBSNX7y7k4L1a4QOceyuOtt7nkv024YUS -acTRmaGotRBuVfI-C0L4Q9NL56_nUATB5ca2GqgLEKnWKsiN3T9cBg4Ji88E8OdiVcoO8segB-0d -QwWCqCZ8_z_R7zBMlDqpfu5wbvoVx0w9JhLgO9f7eoRozqA3qGLv94i1pN6LuU-Q7YPz4jVxmbb_ -2CHyP1n-o1ZWHfWdz6aByXEzrAZdvjfEWwwMYV5l5jFilTXaCNOCjr9S4YjNn0HITdl7E64C06Im -3QWOsnDv9z1APjnFo12KH_1yWscU0t9gx7FG210Ug6C-G3Bko_tm_YOp0Lkum4qrnxgHMf_a \ No newline at end of file diff --git a/resources/config/local/org.osaaf.aaf.p12 b/resources/config/local/org.osaaf.aaf.p12 deleted file mode 100644 index ac1dece..0000000 Binary files a/resources/config/local/org.osaaf.aaf.p12 and /dev/null differ diff --git a/resources/config/local/org.osaaf.aaf.props b/resources/config/local/org.osaaf.aaf.props deleted file mode 100644 index 21910eb..0000000 --- a/resources/config/local/org.osaaf.aaf.props +++ /dev/null @@ -1,25 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -cm_url=https://{{.Values.config.cmServiceName}}:8150 -#hostname=aaf.osaaf.org -aaf_env=DEV -cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US -cadi_keyfile=/opt/app/osaaf/local/org.osaaf.aaf.keyfile -cadi_keystore=/opt/app/osaaf/local/org.osaaf.aaf.p12 -cadi_keystore_password=enc:fDY3WPPqHCMQaZdox2UfpRoEq6b9wUqS-aepo0NiqEFa2t7uYHBdxfQAuEwj9Lwb -#cadi_key_password=enc: -cadi_alias=aaf-authz@aaf.osaaf.org -cadi_truststore=/opt/app/osaaf/local/org.osaaf.aaf.trust.p12 -cadi_truststore_password=enc:5nzj6v3Rb0oZPV1zCxg8EJFfkFvWFGJflLB0i_FN0Np diff --git a/resources/config/local/org.osaaf.aaf.trust.p12 b/resources/config/local/org.osaaf.aaf.trust.p12 deleted file mode 100644 index d01e856..0000000 Binary files a/resources/config/local/org.osaaf.aaf.trust.p12 and /dev/null differ diff --git a/resources/config/local/org.osaaf.cassandra.props b/resources/config/local/org.osaaf.cassandra.props deleted file mode 100644 index 17f238b..0000000 --- a/resources/config/local/org.osaaf.cassandra.props +++ /dev/null @@ -1,29 +0,0 @@ -############################################################ -# Cassandra properties for AAF Components needing -# on 2018-03-02 06:59.628-0500 -############################################################ -# LOCAL Cassandra -cassandra.clusters={{.Values.config.csServiceName}} -cassandra.clusters.port=9042 -#need this to be fully qualified name when REAL AAF integration -cassandra.clusters.user=cassandra -cassandra.clusters.password=enc:gF_I93pTRMIvj3rof-dx-yK84XYT1UKGf98s1LAJyWV - -# Name for exception that has happened in the past -cassandra.reset.exceptions=com.datastax.driver.core.exceptions.NoHostAvailableException:"no host was tried":"Connection has been closed" - -# Example Consistency Settings for Clusters with at least instances -#cassandra.writeConsistency.ns=LOCAL_QUORUM -#cassandra.writeConsistency.perm=LOCAL_QUORUM -#cassandra.writeConsistency.role=LOCAL_QUORUM -#cassandra.writeConsistency.user_role=LOCAL_QUORUM -#cassandra.writeConsistency.cred=LOCAL_QUORUM -#cassandra.writeConsistency.ns_attrib=LOCAL_QUORUM - -# Consistency Settings when Single Instance -cassandra.writeConsistency.ns=ONE -cassandra.writeConsistency.perm=ONE -cassandra.writeConsistency.role=ONE -cassandra.writeConsistency.user_role=ONE -cassandra.writeConsistency.cred=ONE -cassandra.writeConsistency.ns_attrib=ONE diff --git a/resources/config/local/org.osaaf.cm.ca.props b/resources/config/local/org.osaaf.cm.ca.props deleted file mode 100644 index 8843705..0000000 --- a/resources/config/local/org.osaaf.cm.ca.props +++ /dev/null @@ -1,11 +0,0 @@ -## -## org.osaaf.cm.ca.props -## Properties to access Certifiate Authority -## - -#Certman -cm_ca.local=org.onap.aaf.auth.cm.ca.LocalCA,/opt/app/osaaf/local/org.osaaf.aaf.cm.p12;aaf_cm_ca;enc:asFEWMNqjH7GktBLb9EGl6L1zfS2qMH5ZS5Zd90KVT5B9ZyRsqx7Gb73YllO8Hyw -cm_ca.local.idDomains=org.osaaf -cm_ca.local.baseSubject=/OU=OSAAF/O=ONAP/C=US -cm_ca.local.perm_type=org.osaaf.aaf.ca - diff --git a/resources/config/local/org.osaaf.location.props b/resources/config/local/org.osaaf.location.props deleted file mode 100644 index fd52d6d..0000000 --- a/resources/config/local/org.osaaf.location.props +++ /dev/null @@ -1,12 +0,0 @@ -## -## org.osaaf.location.props -## -## Localized Machine Information -## -# Almeda California -cadi_latitude=37.78187 -cadi_longitude=-122.26147 - -#cadi_registration_hostname=aaf-onap-beijing-test.osaaf.org -cadi_trust_masks=10.12.6/24 -aaf_locate_url=https://{{.Values.config.locateServiceName}}:8095 diff --git a/resources/config/public/README.txt b/resources/config/public/README.txt deleted file mode 100644 index 48aaa96..0000000 --- a/resources/config/public/README.txt +++ /dev/null @@ -1 +0,0 @@ -Public directory left empty on purpose. Content of https://gerrit.onap.org/r/gitweb?p=aaf/authz.git;a=tree;f=auth/sample/public;h=1b387b7858134f80446f006b6d570fa534da3153;hb=refs/heads/master is cloned and mounted into AAF container volume via init container. This is done to dramatically reduce the size of configuration that was being put into a configmap that was exceeding helm configmap limit of 1MB per deployment. diff --git a/templates/configmap.yaml b/templates/configmap.yaml deleted file mode 100644 index 9d21e05..0000000 --- a/templates/configmap.yaml +++ /dev/null @@ -1,48 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ .Release.Name }}-aaf-backup - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/config/backup/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ .Release.Name }}-aaf-local - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/config/local/org.osaaf.location.props").AsConfig . | indent 2 }} -{{ tpl (.Files.Glob "resources/config/local/org.osaaf.cm.ca.props").AsConfig . | indent 2 }} -{{ tpl (.Files.Glob "resources/config/local/org.osaaf.cassandra.props").AsConfig . | indent 2 }} -{{ tpl (.Files.Glob "resources/config/local/org.osaaf.aaf.props").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ .Release.Name }}-aaf-etc - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/config/etc/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ .Release.Name }}-aaf-data - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/config/data/*").AsConfig . | indent 2 }} diff --git a/templates/job.yaml b/templates/job.yaml index 719b6dc..103b908 100644 --- a/templates/job.yaml +++ b/templates/job.yaml @@ -15,7 +15,7 @@ apiVersion: batch/v1 kind: Job metadata: - name: {{ include "common.fullname" . }}-create-config + name: {{ .Release.Name }}-create-config namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} @@ -29,79 +29,28 @@ spec: app: aaf-init-job release: {{ .Release.Name }} spec: - initContainers: - - name: {{ include "common.name" . }}-inject-config - command: - - /bin/bash - - -c - - > - git clone -b {{ .Values.config.gerritBranch }} --single-branch {{ .Values.config.gerritProject }} /tmp/gerrit; - echo "Clone complete. Copying from /tmp/gerrit/ to /public"; - cp -rf /tmp/gerrit/auth/sample/public/* /public; - echo "Done."; - image: "{{ .Values.global.ubuntuInitRepository }}/{{ .Values.global.ubuntuInitImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - - name: aaf-public - mountPath: "/public" containers: - - command: ["/bin/bash","-c","if [ ! -d /data/backup ]; then mkdir /data/data && cp -Ra /data1/data/..data/* /data/data/ && mkdir /data/etc && cp -Ra /data1/etc/..data/* data/etc/ && mkdir /data/backup && cp -Ra /data1/backup/..data/* /data/backup/ && cp -Ra /data1/public /data/ && cp -Ra /data1/local /data && mkdir -p /data/logs/oauth && mkdir -p /data/logs/hello && mkdir -p /data/logs/fs && mkdir -p /data/logs/gui && mkdir -p /data/logs/locate && mkdir -p /data/logs/cm && mkdir -p /data/logs/service; fi; exit 0"] - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + - name: {{ include "common.name" . }}-config-container + image: "{{ include "common.repository" . }}/{{ .Values.aaf_config.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: aaf-init-job volumeMounts: - - mountPath: /etc/localtime - name: localtime - readOnly: true - - mountPath: /data - name: aaf-persistent-data - - mountPath: /data1/etc - name: aaf-etc - - mountPath: /data1/data - name: aaf-data - - mountPath: /data1/public/iframe_denied_test.html - name: aaf-public - subPath: iframe_denied_test.html - - mountPath: /data1/public/aaf_2_0.xsd - name: aaf-public - subPath: aaf_2_0.xsd - - mountPath: /data1/public/truststoreONAP.p12 - name: aaf-public - subPath: truststoreONAP.p12 - - mountPath: /data1/public/AAF_RootCA.cer - name: aaf-public - subPath: AAF_RootCA.cer - - mountPath: /data1/public/truststoreONAPall.jks - name: aaf-public - subPath: truststoreONAPall.jks - - mountPath: /data1/local/org.osaaf.location.props - name: aaf-local - subPath: org.osaaf.location.props - - mountPath: /data1/local/org.osaaf.cm.ca.props - name: aaf-local - subPath: org.osaaf.cm.ca.props - - mountPath: /data1/local/org.osaaf.cassandra.props - name: aaf-local - subPath: org.osaaf.cassandra.props - - mountPath: /data1/local/org.osaaf.aaf.props - name: aaf-local - subPath: org.osaaf.aaf.props - - mountPath: /data1/local/org.osaaf.aaf.trust.p12 - name: aaf-local-secret - subPath: org.osaaf.aaf.trust.p12 - - mountPath: /data1/local/org.osaaf.aaf.p12 - name: aaf-local-secret - subPath: org.osaaf.aaf.p12 - - mountPath: /data1/local/org.osaaf.aaf.keyfile - name: aaf-local-secret - subPath: org.osaaf.aaf.keyfile - - mountPath: /data1/local/org.osaaf.aaf.cm.p12 - name: aaf-local-secret - subPath: org.osaaf.aaf.cm.p12 - - mountPath: /data1/backup - name: aaf-backup - - mountPath: /share - name: aaf-public + - mountPath: "/opt/app/osaaf" + name: {{ include "common.name" . }}-config-vol + env: + - name: HOSTNAME + value: "{{ .Values.global.cadi.hostname }}" + - name: AAF_ENV + value: "{{ .Values.global.cadi.aaf_env }}" + - name: AAF_REGISTER_AS + value: "{{ .Values.global.cadi.aaf_register_as }}" + - name: LATITUDE + value: "{{ .Values.global.cadi.cadi_latitude }}" + - name: LONGITUDE + value: "{{ .Values.global.cadi.cadi_longitude }}" + - name: CASS_HOST + value: "{{ .Values.global.cassandraServiceName }}" + - name: AAF_LOCATOR_AS + value: "{{ .Values.global.locateServiceName }}" resources: {{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} @@ -113,33 +62,13 @@ spec: {{ toYaml .Values.affinity | indent 10 }} {{- end }} volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name: aaf-local-secret - secret: - secretName: {{ .Release.Name }}-aaf-local-secret - - name: aaf-etc - configMap: - name: {{ .Release.Name }}-aaf-etc - - name: aaf-local - configMap: - name: {{ .Release.Name }}-aaf-local - - name: aaf-backup - configMap: - name: {{ .Release.Name }}-aaf-backup - - name: aaf-data - configMap: - name: {{ .Release.Name }}-aaf-data - - name: aaf-persistent-data + - name: {{ include "common.name" . }}-config-vol {{- if .Values.global.persistence.enabled }} persistentVolumeClaim: - claimName: {{ .Release.Name }}-aaf-pvc + claimName: {{ .Release.Name }}-config {{- else }} emptyDir: {} {{- end }} - - name: aaf-public - emptyDir: {} restartPolicy: OnFailure imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/templates/pv.yaml b/templates/pv.yaml index d9b58f6..9d28184 100644 --- a/templates/pv.yaml +++ b/templates/pv.yaml @@ -14,24 +14,60 @@ # limitations under the License. */}} -{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if and .Values.global.persistence.enabled (not .Values.persistence.config.existingClaim) }} kind: PersistentVolume apiVersion: v1 metadata: - name: {{ include "common.fullname" . }} + name: {{ .Release.Name }}-config namespace: {{ include "common.namespace" . }} labels: - app: {{ include "common.name" . }} + app: {{ include "common.name" . }}-config chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" release: "{{ .Release.Name }}" heritage: "{{ .Release.Service }}" name: {{ include "common.fullname" . }} spec: capacity: - storage: {{ .Values.persistence.size}} + storage: {{ .Values.persistence.config.size}} accessModes: - - {{ .Values.persistence.accessMode }} - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + - {{ .Values.persistence.config.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.config.volumeReclaimPolicy }} hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} -{{- end -}} + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.config.mountSubPath }} +{{- if .Values.persistence.config.storageClass }} +{{- if (eq "-" .Values.persistence.config.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.config.storageClass }}" +{{- end }} +{{- end }} +{{- end }} +--- +{{- if and .Values.global.persistence.enabled (not .Values.persistence.logs.existingClaim) }} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ .Release.Name }}-logs + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }}-logs + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} +spec: + capacity: + storage: {{ .Values.persistence.logs.size}} + accessModes: + - {{ .Values.persistence.logs.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.logs.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.logs.mountSubPath }} +{{- if .Values.persistence.logs.storageClass }} +{{- if (eq "-" .Values.persistence.logs.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.logs.storageClass }}" +{{- end }} +{{- end }} +{{- end }} \ No newline at end of file diff --git a/templates/pvc.yaml b/templates/pvc.yaml index 255c277..a9c8b90 100644 --- a/templates/pvc.yaml +++ b/templates/pvc.yaml @@ -14,35 +14,68 @@ # limitations under the License. */}} -{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if and .Values.global.persistence.enabled (not .Values.persistence.config.existingClaim) }} kind: PersistentVolumeClaim apiVersion: v1 metadata: - name: {{ .Release.Name }}-aaf-pvc + name: {{ .Release.Name }}-config namespace: {{ include "common.namespace" . }} labels: - app: {{ include "common.name" . }} + app: {{ include "common.name" . }}-config chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" release: "{{ .Release.Name }}" heritage: "{{ .Release.Service }}" -{{- if .Values.persistence.annotations }} +{{- if .Values.persistence.config.annotations }} annotations: -{{ toYaml .Values.persistence.annotations | indent 4 }} +{{ toYaml .Values.persistence.config.annotations | indent 4 }} {{- end }} spec: selector: matchLabels: - name: {{ include "common.fullname" . }} + app: {{ include "common.name" . }}-config accessModes: - - {{ .Values.persistence.accessMode }} + - {{ .Values.persistence.config.accessMode }} resources: requests: - storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} + storage: {{ .Values.persistence.config.size }} +{{- if .Values.persistence.config.storageClass }} +{{- if (eq "-" .Values.persistence.config.storageClass) }} storageClassName: "" {{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" + storageClassName: "{{ .Values.persistence.config.storageClass }}" {{- end }} {{- end }} -{{- end -}} +{{- end }} +--- +{{- if and .Values.global.persistence.enabled (not .Values.persistence.logs.existingClaim) }} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ .Release.Name }}-logs + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }}-logs + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +{{- if .Values.persistence.logs.annotations }} + annotations: +{{ toYaml .Values.persistence.logs.annotations | indent 4 }} +{{- end }} +spec: + selector: + matchLabels: + app: {{ include "common.name" . }}-logs + accessModes: + - {{ .Values.persistence.logs.accessMode }} + resources: + requests: + storage: {{ .Values.persistence.logs.size }} +{{- if .Values.persistence.logs.storageClass }} +{{- if (eq "-" .Values.persistence.logs.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.logs.storageClass }}" +{{- end }} +{{- end }} +{{- end -}} \ No newline at end of file diff --git a/templates/secrets.yaml b/templates/secrets.yaml deleted file mode 100644 index fe876e1..0000000 --- a/templates/secrets.yaml +++ /dev/null @@ -1,30 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Secret -metadata: - name: {{ .Release.Name}}-aaf-local-secret - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ (.Files.Glob "resources/config/local/org.osaaf.aaf.trust.p12").AsSecrets | indent 2 }} -{{ (.Files.Glob "resources/config/local/org.osaaf.aaf.p12").AsSecrets | indent 2 }} -{{ (.Files.Glob "resources/config/local/org.osaaf.aaf.keyfile").AsSecrets | indent 2 }} -{{ (.Files.Glob "resources/config/local/org.osaaf.aaf.cm.p12").AsSecrets | indent 2 }} -type: Opaque diff --git a/values.yaml b/values.yaml index 931a31d..4cc69c2 100644 --- a/values.yaml +++ b/values.yaml @@ -23,21 +23,22 @@ global: ubuntuInitImage: oomk8s/ubuntu-init:2.0.0 persistence: enabled: true + + cadi: + hostname: "aaf.onap" + cadi_latitude: "38.0" + cadi_longitude: "-72.0" + aaf_env: "DEV" + aaf_register_as: "aaf.onap" + cassandraServiceName: aaf-cass + locateServiceName: aaf-locate + ################################################################# # Application configuration defaults. ################################################################# -config: - serviceServiceName: aaf-service - locateServiceName: aaf-locate - cmServiceName: aaf-cm - fsServiceName: aaf-fs - guiServiceName: aaf-gui - helloServiceName: aaf-hello - oauthServiceName: aaf-oauth - csServiceName: aaf-cass - # gerrit branch where the latest aaf/auth/sample/public code exists - gerritProject: http://gerrit.onap.org/r/aaf/authz.git - gerritBranch: 2.0.0-ONAP +repository: nexus3.onap.org:10001 +aaf_config: + image: onap/aaf/aaf_config:2.1.2-SNAPSHOT flavor: small # default number of instances @@ -64,39 +65,31 @@ ingress: ## Persist data to a persitent volume persistence: - ## A manually managed Persistent Volume and Claim - ## Requires persistence.enabled: true - ## If defined, PVC must be created manually before volume will be bound - # existingClaim: - volumeReclaimPolicy: Retain + mountPath: "/mnt/data/aaf" + enabled: true + config: + #existingClaim: + volumeReclaimPolicy: Retain + accessMode: ReadWriteMany + size: 2Gi + mountSubPath: "config" + storageClass: "manual" + logs: + #existingClaim: + volumeReclaimPolicy: Retain + accessMode: ReadWriteMany + size: 2Gi + mountSubPath: "logs" + storageClass: "manual" - ## database data Persistent Volume Storage Class - ## If defined, storageClassName: - ## If set to "-", storageClassName: "", which disables dynamic provisioning - ## If undefined (the default) or set to null, no storageClassName spec is - ## set, choosing the default provisioner. (gp2 on AWS, standard on - ## GKE, AWS & OpenStack) - ## - # storageClass: "-" - accessMode: ReadWriteMany - size: 2Gi - mountPath: /dockerdata-nfs - mountSubPath: aaf/data +aaf-cs: + persistence: + #existingClaim: + mountPath: /dockerdata-nfs + mountSubPath: "cass" + volumeReclaimPolicy: Retain + accessMode: ReadWriteOnce + size: 10Gi + storageClass: "manual" -# Configure resource requests and limits -resources: - small: - limits: - cpu: 2 - memory: 3Gi - requests: - cpu: 2 - memory: 3Gi - large: - limits: - cpu: 4 - memory: 6Gi - requests: - cpu: 4 - memory: 6Gi - unlimited: {} +resources: {} \ No newline at end of file -- cgit 1.2.3-korg From 0f1521afb11bffbb8e517cc1554463bc7b7abb4d Mon Sep 17 00:00:00 2001 From: Kiran Kamineni Date: Mon, 13 Aug 2018 15:37:40 -0700 Subject: Add sshsm hardware security support charts Add charts that support hardware security in AAF This includes two sub charts, abrmd and distcenter By default tpm requirement is disabled via the global.tpm flag. Issue-ID: AAF-409 Change-Id: Ia3f5948891638bc281ad4585818274fc71564bdd Signed-off-by: Kiran Kamineni --- charts/aaf-sshsm/Chart.yaml | 18 +++ charts/aaf-sshsm/README.md | 24 ++++ charts/aaf-sshsm/charts/aaf-sshsm-abrmd/Chart.yaml | 18 +++ .../aaf-sshsm-abrmd/templates/configmap.yaml | 32 +++++ .../charts/aaf-sshsm-abrmd/templates/job.yaml | 87 ++++++++++++++ .../aaf-sshsm-abrmd/templates/statefulset.yaml | 93 +++++++++++++++ .../aaf-sshsm/charts/aaf-sshsm-abrmd/values.yaml | 60 ++++++++++ .../charts/aaf-sshsm-distcenter/Chart.yaml | 18 +++ .../aaf-sshsm-distcenter/templates/configmap.yaml | 32 +++++ .../charts/aaf-sshsm-distcenter/templates/job.yaml | 105 +++++++++++++++++ .../charts/aaf-sshsm-distcenter/templates/pv.yaml | 41 +++++++ .../charts/aaf-sshsm-distcenter/templates/pvc.yaml | 51 ++++++++ .../charts/aaf-sshsm-distcenter/values.yaml | 69 +++++++++++ .../aaf-sshsm/charts/aaf-sshsm-testca/Chart.yaml | 18 +++ .../charts/aaf-sshsm-testca/templates/job.yaml | 130 +++++++++++++++++++++ .../aaf-sshsm/charts/aaf-sshsm-testca/values.yaml | 61 ++++++++++ charts/aaf-sshsm/requirements.yaml | 18 +++ charts/aaf-sshsm/resources/config/prk_passwd | 1 + charts/aaf-sshsm/resources/config/srk_handle | 1 + charts/aaf-sshsm/templates/pv.yaml | 57 +++++++++ charts/aaf-sshsm/templates/pvc.yaml | 79 +++++++++++++ charts/aaf-sshsm/templates/secret.yaml | 22 ++++ charts/aaf-sshsm/values.yaml | 65 +++++++++++ 23 files changed, 1100 insertions(+) create mode 100644 charts/aaf-sshsm/Chart.yaml create mode 100644 charts/aaf-sshsm/README.md create mode 100644 charts/aaf-sshsm/charts/aaf-sshsm-abrmd/Chart.yaml create mode 100644 charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/configmap.yaml create mode 100644 charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/job.yaml create mode 100644 charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/statefulset.yaml create mode 100644 charts/aaf-sshsm/charts/aaf-sshsm-abrmd/values.yaml create mode 100644 charts/aaf-sshsm/charts/aaf-sshsm-distcenter/Chart.yaml create mode 100644 charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/configmap.yaml create mode 100644 charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/job.yaml create mode 100644 charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pv.yaml create mode 100644 charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pvc.yaml create mode 100644 charts/aaf-sshsm/charts/aaf-sshsm-distcenter/values.yaml create mode 100644 charts/aaf-sshsm/charts/aaf-sshsm-testca/Chart.yaml create mode 100644 charts/aaf-sshsm/charts/aaf-sshsm-testca/templates/job.yaml create mode 100644 charts/aaf-sshsm/charts/aaf-sshsm-testca/values.yaml create mode 100644 charts/aaf-sshsm/requirements.yaml create mode 100644 charts/aaf-sshsm/resources/config/prk_passwd create mode 100644 charts/aaf-sshsm/resources/config/srk_handle create mode 100644 charts/aaf-sshsm/templates/pv.yaml create mode 100644 charts/aaf-sshsm/templates/pvc.yaml create mode 100644 charts/aaf-sshsm/templates/secret.yaml create mode 100644 charts/aaf-sshsm/values.yaml diff --git a/charts/aaf-sshsm/Chart.yaml b/charts/aaf-sshsm/Chart.yaml new file mode 100644 index 0000000..78b10c5 --- /dev/null +++ b/charts/aaf-sshsm/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: ONAP Hardware Security Components +name: aaf-sshsm +version: 3.0.0 diff --git a/charts/aaf-sshsm/README.md b/charts/aaf-sshsm/README.md new file mode 100644 index 0000000..a6f2e62 --- /dev/null +++ b/charts/aaf-sshsm/README.md @@ -0,0 +1,24 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Helm Chart for ONAP Hardware Security Components + +This includes the following Kubernetes services: + +1. dist-center - A service that is used to create and distribute private keys +2. abrmd - A service that manages access to the TPM device + +# Service Dependencies + +All services depend on AAF \ No newline at end of file diff --git a/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/Chart.yaml b/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/Chart.yaml new file mode 100644 index 0000000..9e8b16a --- /dev/null +++ b/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: ONAP Trusted Platform Module Resource Manager +name: aaf-sshsm-abrmd +version: 3.0.0 diff --git a/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/configmap.yaml b/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/configmap.yaml new file mode 100644 index 0000000..61aa095 --- /dev/null +++ b/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/configmap.yaml @@ -0,0 +1,32 @@ +{{/* +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.global.tpm.enabled .Values.global.abrmd.enabled -}} + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} + +{{- end -}} \ No newline at end of file diff --git a/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/job.yaml b/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/job.yaml new file mode 100644 index 0000000..8b2e0b8 --- /dev/null +++ b/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/job.yaml @@ -0,0 +1,87 @@ +{{/* +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.global.tpm.enabled .Values.global.abrmd.enabled -}} + +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ include "common.fullname" . }}-init + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }}-job + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + backoffLimit: 2 + template: + metadata: + labels: + app: {{ include "common.name" . }}-job + release: {{ .Release.Name }} + spec: + restartPolicy: Never + containers: + - name: {{ include "common.name" . }}-job + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.pullPolicy }} + command: ["/abrmd/bin/initialize_tpm.sh"] + workingDir: /abrmd/bin + securityContext: + privileged: true + env: + - name: TPM_NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: ABRMD_DATA + value: /abrmd/data + volumeMounts: + - name: {{ include "common.fullname" . }}-data + mountPath: /abrmd/data + - name: {{ include "common.fullname" . }}-tpm-device + mountPath: /dev/tpm0 + - name: {{ include "common.fullname" . }}-tpmconfig + mountPath: "/abrmd/cred/" + readOnly: true + resources: +{{ toYaml .Values.resources | indent 10 }} + nodeSelector: + {{- if .Values.nodeSelector }} +{{ toYaml .Values.nodeSelector | indent 8 }} + {{- end -}} + {{- if .Values.global.tpm.enabled }} + {{ (printf "%s: \"%s\"" .Values.global.tpm.nodeLabel .Values.global.tpm.nodeLabelValue) }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 8 }} + {{- end }} + volumes: + - name: {{ include "common.fullname" . }}-data + persistentVolumeClaim: + claimName: {{ .Release.Name }}-aaf-sshsm-data + - name: {{ include "common.fullname" . }}-tpm-device + hostPath: + path: /dev/tpm0 + - name: {{ include "common.fullname" . }}-tpmconfig + secret: + secretName: {{ .Release.Name }}-aaf-sshsm + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" + +{{- end -}} diff --git a/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/statefulset.yaml b/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/statefulset.yaml new file mode 100644 index 0000000..a3a2004 --- /dev/null +++ b/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/statefulset.yaml @@ -0,0 +1,93 @@ +{{/* +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.global.tpm.enabled .Values.global.abrmd.enabled -}} + +apiVersion: apps/v1beta1 +kind: StatefulSet +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + serviceName: + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-job-complete + command: + - /root/job_complete.py + args: + - -j + - "{{ include "common.fullname" . }}-init" + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + containers: + - image: "{{ include "common.repository" . }}/{{ .Values.image }}" + name: {{ include "common.name" . }} + imagePullPolicy: {{ .Values.pullPolicy }} + command: ["/abrmd/bin/run_abrmd.sh"] + workingDir: /abrmd/bin + securityContext: + privileged: true + volumeMounts: + - name: {{ include "common.fullname" . }}-dbus + mountPath: /var/run/dbus + - name: {{ include "common.fullname" . }}-tpm-device + mountPath: /dev/tpm0 + - mountPath: /etc/localtime + name: localtime + readOnly: true + resources: +{{ toYaml .Values.resources | indent 10 }} + nodeSelector: + {{- if .Values.nodeSelector }} +{{ toYaml .Values.nodeSelector | indent 8 }} + {{- end -}} + {{- if .Values.global.tpm.enabled }} + {{ (printf "%s: \"%s\"" .Values.global.tpm.nodeLabel .Values.global.tpm.nodeLabelValue) }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 8 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: {{ include "common.fullname" . }}-dbus + persistentVolumeClaim: + claimName: {{ .Release.Name }}-aaf-sshsm-dbus + - name: {{ include "common.fullname" . }}-tpm-device + hostPath: + path: /dev/tpm0 + +{{- end -}} diff --git a/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/values.yaml b/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/values.yaml new file mode 100644 index 0000000..a778cfd --- /dev/null +++ b/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/values.yaml @@ -0,0 +1,60 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/aaf/abrmd:latest +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration +# Example: +# default number of instances +replicaCount: 1 + +# TPM specific node selection is done at parent chart aaf-sshsm +nodeSelector: {} + +affinity: {} + +ingress: + enabled: false + +# Configure resource requests and limits +flavor: small +resources: + small: + limits: + cpu: 200m + memory: 500Mi + requests: + cpu: 10m + memory: 10Mi + large: + limits: + cpu: 400m + memory: 1Gi + requests: + cpu: 10m + memory: 100Mi + unlimited: {} diff --git a/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/Chart.yaml b/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/Chart.yaml new file mode 100644 index 0000000..3bb8846 --- /dev/null +++ b/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: ONAP Trusted Platform Module Distribution Center +name: aaf-sshsm-distcenter +version: 3.0.0 diff --git a/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/configmap.yaml b/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/configmap.yaml new file mode 100644 index 0000000..ea0ea60 --- /dev/null +++ b/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/configmap.yaml @@ -0,0 +1,32 @@ +{{/* +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if .Values.global.distcenter.enabled -}} + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} + +{{- end -}} \ No newline at end of file diff --git a/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/job.yaml b/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/job.yaml new file mode 100644 index 0000000..69a9956 --- /dev/null +++ b/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/job.yaml @@ -0,0 +1,105 @@ +{{/* +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if .Values.global.distcenter.enabled -}} + +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + serviceName: + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + restartPolicy: Never + initContainers: +{{- if .Values.global.tpm.enabled }} + - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness + command: + - /root/job_complete.py + args: + - -j + - "{{ .Release.Name }}-aaf-sshsm-abrmd-init" + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace +{{ else }} + - image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-gen-passphrase + command: ["sh", "-c", "/usr/bin/openssl rand -base64 12 >/distcenter/data/passphrase"] + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - name: {{ include "common.fullname" . }}-data + mountPath: /distcenter/data +{{- end }} + containers: + - image: "{{ include "common.repository" . }}/{{ .Values.image }}" + name: {{ include "common.name" . }} + imagePullPolicy: {{ .Values.pullPolicy }} + command: ["/entrypoint.sh"] + workingDir: /distcenter + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - name: {{ include "common.fullname" . }}-data + mountPath: /distcenter/data + resources: +{{ toYaml .Values.resources | indent 10 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 8 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 8 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: {{ include "common.fullname" . }}-data + persistentVolumeClaim: + claimName: {{ .Release.Name }}-aaf-sshsm-data + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" + +{{- end -}} \ No newline at end of file diff --git a/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pv.yaml b/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pv.yaml new file mode 100644 index 0000000..fa5fd16 --- /dev/null +++ b/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pv.yaml @@ -0,0 +1,41 @@ +{{/* +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if .Values.global.distcenter.enabled -}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} +spec: + capacity: + storage: {{ .Values.persistence.size}} + accessModes: + - {{ .Values.persistence.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} +{{- end -}} + +{{- end -}} \ No newline at end of file diff --git a/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pvc.yaml b/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pvc.yaml new file mode 100644 index 0000000..6497639 --- /dev/null +++ b/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pvc.yaml @@ -0,0 +1,51 @@ +{{/* +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if .Values.global.distcenter.enabled -}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + selector: + matchLabels: + name: {{ include "common.fullname" . }} + accessModes: + - {{ .Values.persistence.accessMode }} + resources: + requests: + storage: {{ .Values.persistence.size }} +{{- if .Values.persistence.storageClass }} +{{- if (eq "-" .Values.persistence.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.storageClass }}" +{{- end }} +{{- end }} +{{- end -}} +{{- end -}} \ No newline at end of file diff --git a/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/values.yaml b/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/values.yaml new file mode 100644 index 0000000..a9ca491 --- /dev/null +++ b/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/values.yaml @@ -0,0 +1,69 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + persistence: {} + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/aaf/distcenter:latest +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration +# Example: +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +persistence: + enabled: true + volumeReclaimPolicy: Retain + accessMode: ReadWriteOnce + size: 10Mi + mountPath: /dockerdata-nfs + mountSubPath: sshsm/distcenter/data + +ingress: + enabled: false + +# Configure resource requests and limits +flavor: small +resources: + small: + limits: + cpu: 200m + memory: 500Mi + requests: + cpu: 10m + memory: 10Mi + large: + limits: + cpu: 400m + memory: 1Gi + requests: + cpu: 10m + memory: 100Mi + unlimited: {} diff --git a/charts/aaf-sshsm/charts/aaf-sshsm-testca/Chart.yaml b/charts/aaf-sshsm/charts/aaf-sshsm-testca/Chart.yaml new file mode 100644 index 0000000..3855b04 --- /dev/null +++ b/charts/aaf-sshsm/charts/aaf-sshsm-testca/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: ONAP Trusted Platform Module Test CA Service +name: aaf-sshsm-testca +version: 3.0.0 diff --git a/charts/aaf-sshsm/charts/aaf-sshsm-testca/templates/job.yaml b/charts/aaf-sshsm/charts/aaf-sshsm-testca/templates/job.yaml new file mode 100644 index 0000000..304f974 --- /dev/null +++ b/charts/aaf-sshsm/charts/aaf-sshsm-testca/templates/job.yaml @@ -0,0 +1,130 @@ +{{/* +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if .Values.global.testca.enabled -}} + +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + serviceName: + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + restartPolicy: Never + initContainers: + - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-distcenter-ready + command: + - /root/job_complete.py + args: + - -j + - "{{ .Release.Name }}-aaf-sshsm-distcenter" + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace +{{- if .Values.global.tpm.enabled }} + - image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-abrmd-ready + command: ["sh", "/sshsm/bin/abrmd_ready.sh", "300"] + workingDir: /testca/bin + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + volumeMounts: + - name: {{ include "common.fullname" . }}-dbus + mountPath: /var/run/dbus +{{- end }} + containers: + - image: "{{ include "common.repository" . }}/{{ .Values.image }}" + name: {{ include "common.name" . }} + imagePullPolicy: {{ .Values.pullPolicy }} + command: ["./import.sh"] + workingDir: /testca/bin + env: +{{- if .Values.global.tpm.enabled }} + - name: TPM_NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: DATA_FOLDER + value: /testca/data/host_$(TPM_NODE_NAME) +{{ else }} + - name: DATA_FOLDER + value: /testca/data +{{- end }} + - name: SECRETS_FOLDER + value: /testca/secrets + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - name: {{ include "common.fullname" . }}-data + mountPath: /testca/data + - name: {{ include "common.fullname" . }}-dbus + mountPath: /var/run/dbus + - name: {{ include "common.fullname" . }}-secrets + mountPath: /testca/secrets + readOnly: true + resources: +{{ toYaml .Values.resources | indent 10 }} + nodeSelector: + {{- if .Values.nodeSelector }} +{{ toYaml .Values.nodeSelector | indent 8 }} + {{- end -}} + {{- if .Values.global.tpm.enabled }} + {{ (printf "%s: \"%s\"" .Values.global.tpm.nodeLabel .Values.global.tpm.nodeLabelValue) }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 8 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: {{ include "common.fullname" . }}-data + persistentVolumeClaim: + claimName: {{ .Release.Name }}-aaf-sshsm-data + - name: {{ include "common.fullname" . }}-dbus + persistentVolumeClaim: + claimName: {{ .Release.Name }}-aaf-sshsm-dbus + - name: {{ include "common.fullname" . }}-secrets + secret: + secretName: {{ .Release.Name }}-aaf-sshsm + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" + +{{- end -}} diff --git a/charts/aaf-sshsm/charts/aaf-sshsm-testca/values.yaml b/charts/aaf-sshsm/charts/aaf-sshsm-testca/values.yaml new file mode 100644 index 0000000..3be2aad --- /dev/null +++ b/charts/aaf-sshsm/charts/aaf-sshsm-testca/values.yaml @@ -0,0 +1,61 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# + +enabled: true + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/aaf/testcaservice:latest +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration +# Example: +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +ingress: + enabled: false + +# Configure resource requests and limits +flavor: small +resources: + small: + limits: + cpu: 200m + memory: 500Mi + requests: + cpu: 10m + memory: 10Mi + large: + limits: + cpu: 400m + memory: 1Gi + requests: + cpu: 10m + memory: 100Mi + unlimited: {} diff --git a/charts/aaf-sshsm/requirements.yaml b/charts/aaf-sshsm/requirements.yaml new file mode 100644 index 0000000..3192c43 --- /dev/null +++ b/charts/aaf-sshsm/requirements.yaml @@ -0,0 +1,18 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~3.0.0 + repository: '@local' diff --git a/charts/aaf-sshsm/resources/config/prk_passwd b/charts/aaf-sshsm/resources/config/prk_passwd new file mode 100644 index 0000000..640b325 --- /dev/null +++ b/charts/aaf-sshsm/resources/config/prk_passwd @@ -0,0 +1 @@ +cHJpbWFyeXBhc3N3b3JkCg== diff --git a/charts/aaf-sshsm/resources/config/srk_handle b/charts/aaf-sshsm/resources/config/srk_handle new file mode 100644 index 0000000..b8b9d8d --- /dev/null +++ b/charts/aaf-sshsm/resources/config/srk_handle @@ -0,0 +1 @@ +MHg4MTAwMDAyMwo= diff --git a/charts/aaf-sshsm/templates/pv.yaml b/charts/aaf-sshsm/templates/pv.yaml new file mode 100644 index 0000000..b4d283f --- /dev/null +++ b/charts/aaf-sshsm/templates/pv.yaml @@ -0,0 +1,57 @@ +{{/* +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }}-data + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }}-data +spec: + capacity: + storage: {{ .Values.persistence.size}} + accessModes: + - {{ .Values.persistence.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.dataMountSubPath }} +--- +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }}-dbus + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }}-dbus +spec: + capacity: + storage: {{ .Values.persistence.size}} + accessModes: + - {{ .Values.persistence.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.dbusMountSubPath }} +{{- end -}} diff --git a/charts/aaf-sshsm/templates/pvc.yaml b/charts/aaf-sshsm/templates/pvc.yaml new file mode 100644 index 0000000..c50a0bc --- /dev/null +++ b/charts/aaf-sshsm/templates/pvc.yaml @@ -0,0 +1,79 @@ +{{/* +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }}-data + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + selector: + matchLabels: + name: {{ include "common.fullname" . }}-data + accessModes: + - {{ .Values.persistence.accessMode }} + resources: + requests: + storage: {{ .Values.persistence.size }} +{{- if .Values.persistence.storageClass }} +{{- if (eq "-" .Values.persistence.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.storageClass }}" +{{- end }} +{{- end }} +--- +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }}-dbus + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + selector: + matchLabels: + name: {{ include "common.fullname" . }}-dbus + accessModes: + - {{ .Values.persistence.accessMode }} + resources: + requests: + storage: {{ .Values.persistence.size }} +{{- if .Values.persistence.storageClass }} +{{- if (eq "-" .Values.persistence.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.storageClass }}" +{{- end }} +{{- end }} +{{- end -}} diff --git a/charts/aaf-sshsm/templates/secret.yaml b/charts/aaf-sshsm/templates/secret.yaml new file mode 100644 index 0000000..50b6f36 --- /dev/null +++ b/charts/aaf-sshsm/templates/secret.yaml @@ -0,0 +1,22 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} +type: Opaque +data: +{{ (.Files.Glob "resources/config/*").AsSecrets | indent 2 }} \ No newline at end of file diff --git a/charts/aaf-sshsm/values.yaml b/charts/aaf-sshsm/values.yaml new file mode 100644 index 0000000..d068846 --- /dev/null +++ b/charts/aaf-sshsm/values.yaml @@ -0,0 +1,65 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + loggingRepository: docker.elastic.co + loggingImage: beats/filebeat:5.5.0 + ubuntuInitRepository: oomk8s + ubuntuInitImage: ubuntu-init:1.0.0 + tpm: + enabled: false + # if enabled, nodeselector will use the below + # values in the nodeselector section of the pod + nodeLabel: "tpm-node" + nodeLabelValue: "true" + abrmd: + enabled: true + distcenter: + enabled: true + testca: + enabled: true + persistence: {} + +persistence: + enabled: true + volumeReclaimPolicy: Retain + accessMode: ReadWriteOnce + size: 10Mi + mountPath: /dockerdata-nfs + dataMountSubPath: sshsm/data + dbusMountSubPath: sshsm/dbus + +# Configure resource requests and limits +resources: + small: + limits: + cpu: 200m + memory: 500Mi + requests: + cpu: 10m + memory: 10Mi + large: + limits: + cpu: 400m + memory: 1Gi + requests: + cpu: 10m + memory: 100Mi + unlimited: {} \ No newline at end of file -- cgit 1.2.3-korg From f4096b44dde3712699fe37a1b035efb8441f9384 Mon Sep 17 00:00:00 2001 From: Mike Elliott Date: Mon, 15 Oct 2018 11:43:53 -0400 Subject: Replace liveness probe & update images Updating to latest snapshot images. File-based "wait" being replaced with standard port-based liveness probe to fix cassandra from not starting for AAF. Change-Id: If08d6bbf766abfcebe14d23894cde9c21c96c510 Issue-ID: AAF-557 Signed-off-by: Mike Elliott --- charts/aaf-cm/values.yaml | 2 +- charts/aaf-cs/templates/deployment.yaml | 4 ++-- charts/aaf-cs/values.yaml | 2 +- charts/aaf-fs/values.yaml | 2 +- charts/aaf-gui/values.yaml | 2 +- charts/aaf-hello/values.yaml | 2 +- charts/aaf-locate/values.yaml | 2 +- charts/aaf-oauth/values.yaml | 2 +- charts/aaf-service/values.yaml | 2 +- values.yaml | 2 +- 10 files changed, 11 insertions(+), 11 deletions(-) diff --git a/charts/aaf-cm/values.yaml b/charts/aaf-cm/values.yaml index 9ddb366..3d6438d 100644 --- a/charts/aaf-cm/values.yaml +++ b/charts/aaf-cm/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_cm:2.1.2-SNAPSHOT +image: onap/aaf/aaf_cm:2.1.4-SNAPSHOT pullPolicy: Always diff --git a/charts/aaf-cs/templates/deployment.yaml b/charts/aaf-cs/templates/deployment.yaml index e0d500c..d52e877 100644 --- a/charts/aaf-cs/templates/deployment.yaml +++ b/charts/aaf-cs/templates/deployment.yaml @@ -63,8 +63,8 @@ spec: periodSeconds: {{ .Values.liveness.periodSeconds }} {{ end -}} readinessProbe: - exec: - command: ["/bin/bash","/opt/app/aaf/cass_init/cmd.sh","wait"] + tcpSocket: + port: {{ .Values.service.internalPort3 }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} resources: diff --git a/charts/aaf-cs/values.yaml b/charts/aaf-cs/values.yaml index a914b54..93dd589 100644 --- a/charts/aaf-cs/values.yaml +++ b/charts/aaf-cs/values.yaml @@ -24,7 +24,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_cass:2.1.2-SNAPSHOT +image: onap/aaf/aaf_cass:2.1.4-SNAPSHOT pullPolicy: Always # application configuration diff --git a/charts/aaf-fs/values.yaml b/charts/aaf-fs/values.yaml index 0f0d7c4..e656c43 100644 --- a/charts/aaf-fs/values.yaml +++ b/charts/aaf-fs/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_fs:2.1.2-SNAPSHOT +image: onap/aaf/aaf_fs:2.1.4-SNAPSHOT pullPolicy: Always diff --git a/charts/aaf-gui/values.yaml b/charts/aaf-gui/values.yaml index d44ac5e..756bf2f 100644 --- a/charts/aaf-gui/values.yaml +++ b/charts/aaf-gui/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_gui:2.1.2-SNAPSHOT +image: onap/aaf/aaf_gui:2.1.4-SNAPSHOT pullPolicy: Always diff --git a/charts/aaf-hello/values.yaml b/charts/aaf-hello/values.yaml index 9f694be..b8bbaed 100644 --- a/charts/aaf-hello/values.yaml +++ b/charts/aaf-hello/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_hello:2.1.2-SNAPSHOT +image: onap/aaf/aaf_hello:2.1.4-SNAPSHOT pullPolicy: Always diff --git a/charts/aaf-locate/values.yaml b/charts/aaf-locate/values.yaml index ba1e563..16c02cd 100644 --- a/charts/aaf-locate/values.yaml +++ b/charts/aaf-locate/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_locate:2.1.2-SNAPSHOT +image: onap/aaf/aaf_locate:2.1.4-SNAPSHOT pullPolicy: Always diff --git a/charts/aaf-oauth/values.yaml b/charts/aaf-oauth/values.yaml index e52075a..72c793a 100644 --- a/charts/aaf-oauth/values.yaml +++ b/charts/aaf-oauth/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_oauth:2.1.2-SNAPSHOT +image: onap/aaf/aaf_oauth:2.1.4-SNAPSHOT pullPolicy: Always diff --git a/charts/aaf-service/values.yaml b/charts/aaf-service/values.yaml index 7ec6364..19daaae 100644 --- a/charts/aaf-service/values.yaml +++ b/charts/aaf-service/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_service:2.1.2-SNAPSHOT +image: onap/aaf/aaf_service:2.1.4-SNAPSHOT pullPolicy: Always diff --git a/values.yaml b/values.yaml index 4cc69c2..258aec5 100644 --- a/values.yaml +++ b/values.yaml @@ -38,7 +38,7 @@ global: ################################################################# repository: nexus3.onap.org:10001 aaf_config: - image: onap/aaf/aaf_config:2.1.2-SNAPSHOT + image: onap/aaf/aaf_config:2.1.4-SNAPSHOT flavor: small # default number of instances -- cgit 1.2.3-korg From e66cb59daf66a28f0dc0aa3999ba4b56fe1765a2 Mon Sep 17 00:00:00 2001 From: Instrumental Date: Tue, 16 Oct 2018 20:40:41 -0500 Subject: Recommended AAF/OOM Changes This incorporats Mike E's changes as well as recommended changes from Abandoned 70511 (merges from multiple machines got too hard.) Made Olaf recommended changes. Changed to non-SNAPSHOT in anticipation of LF releasing this morning Put Versions back to "2.1.5-SNAPSHOT" Brian F reminded me that GWu's scripts handle version changes for Envs. Issue-ID: AAF-557 Change-Id: I3e81a9c65df356d1d27b0d453e09c9ed3a81f803 Signed-off-by: Instrumental --- charts/aaf-cm/templates/deployment.yaml | 44 +++++++-------- charts/aaf-cm/values.yaml | 5 +- charts/aaf-cs/templates/deployment.yaml | 2 +- charts/aaf-cs/values.yaml | 4 +- charts/aaf-fs/templates/deployment.yaml | 44 +++++++-------- charts/aaf-fs/values.yaml | 5 +- charts/aaf-gui/templates/deployment.yaml | 44 +++++++-------- charts/aaf-gui/values.yaml | 6 ++- charts/aaf-hello/templates/deployment.yaml | 45 ++++++++-------- charts/aaf-hello/values.yaml | 5 +- charts/aaf-locate/templates/deployment.yaml | 45 ++++++++-------- charts/aaf-locate/values.yaml | 5 +- charts/aaf-oauth/templates/deployment.yaml | 46 ++++++++-------- charts/aaf-oauth/values.yaml | 5 +- charts/aaf-service/templates/deployment.yaml | 44 +++++++-------- charts/aaf-service/values.yaml | 5 +- templates/job.yaml | 74 ------------------------- templates/pv.yaml | 73 ------------------------- templates/pvc.yaml | 81 ---------------------------- values.yaml | 10 ++-- 20 files changed, 193 insertions(+), 399 deletions(-) delete mode 100644 templates/job.yaml delete mode 100644 templates/pv.yaml delete mode 100644 templates/pvc.yaml diff --git a/charts/aaf-cm/templates/deployment.yaml b/charts/aaf-cm/templates/deployment.yaml index 3954425..8655054 100644 --- a/charts/aaf-cm/templates/deployment.yaml +++ b/charts/aaf-cm/templates/deployment.yaml @@ -31,20 +31,27 @@ spec: release: {{ .Release.Name }} spec: initContainers: - - name: {{ include "common.name" . }}-job-complete - command: - - /root/job_complete.py - args: - - --job-name - - {{ .Release.Name }}-create-config - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + - name: {{ include "common.name" . }}-config-container + image: "{{ include "common.repository" . }}/{{ .Values.global.configImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - mountPath: "/opt/app/osaaf" + name: {{ include "common.name" . }}-config-vol + env: + - name: HOSTNAME + value: "{{ .Values.global.cadi.hostname }}" + - name: AAF_ENV + value: "{{ .Values.global.cadi.aaf_env }}" + - name: AAF_REGISTER_AS + value: "{{ .Values.aaf_register_as }}" + - name: LATITUDE + value: "{{ .Values.global.cadi.cadi_latitude }}" + - name: LONGITUDE + value: "{{ .Values.global.cadi.cadi_longitude }}" + - name: CASS_HOST + value: "{{ .Values.global.cadi.cass_host }}" + - name: AAF_LOCATOR_AS + value: "{{ .Values.global.cadi.cadi_locator_as }}" - name: {{ include "common.name" . }}-readiness command: - /root/ready.py @@ -66,7 +73,7 @@ spec: imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: - mountPath: "/opt/app/osaaf" - name: shared-config-volume + name: {{ include "common.name" . }}-config-vol - mountPath: /etc/localtime name: localtime readOnly: true @@ -96,12 +103,7 @@ spec: - name: localtime hostPath: path: /etc/localtime - - name: shared-config-volume - {{- if .Values.global.persistence.enabled }} - persistentVolumeClaim: - claimName: {{ .Release.Name }}-config - {{- else }} + - name: {{ include "common.name" . }}-config-vol emptyDir: {} - {{- end }} imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" \ No newline at end of file + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/charts/aaf-cm/values.yaml b/charts/aaf-cm/values.yaml index 3d6438d..cb53098 100644 --- a/charts/aaf-cm/values.yaml +++ b/charts/aaf-cm/values.yaml @@ -25,7 +25,8 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_cm:2.1.4-SNAPSHOT +image: onap/aaf/aaf_cm:2.1.5-SNAPSHOT +aaf_register_as: "aaf-cm.onap" pullPolicy: Always @@ -76,4 +77,4 @@ resources: requests: cpu: 40m memory: 600Mi - unlimited: {} \ No newline at end of file + unlimited: {} diff --git a/charts/aaf-cs/templates/deployment.yaml b/charts/aaf-cs/templates/deployment.yaml index d52e877..3abdcb3 100644 --- a/charts/aaf-cs/templates/deployment.yaml +++ b/charts/aaf-cs/templates/deployment.yaml @@ -89,4 +89,4 @@ spec: emptyDir: {} {{- end }} imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" \ No newline at end of file + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/charts/aaf-cs/values.yaml b/charts/aaf-cs/values.yaml index 93dd589..61c0808 100644 --- a/charts/aaf-cs/values.yaml +++ b/charts/aaf-cs/values.yaml @@ -24,7 +24,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_cass:2.1.4-SNAPSHOT +image: onap/aaf/aaf_cass:2.1.5-SNAPSHOT pullPolicy: Always # application configuration @@ -94,4 +94,4 @@ persistence: volumeReclaimPolicy: Retain accessMode: ReadWriteOnce size: 10Gi - storageClass: "manual" \ No newline at end of file + storageClass: "manual" diff --git a/charts/aaf-fs/templates/deployment.yaml b/charts/aaf-fs/templates/deployment.yaml index 5125eb1..cfafba7 100644 --- a/charts/aaf-fs/templates/deployment.yaml +++ b/charts/aaf-fs/templates/deployment.yaml @@ -31,20 +31,27 @@ spec: release: {{ .Release.Name }} spec: initContainers: - - name: {{ include "common.name" . }}-job-complete - command: - - /root/job_complete.py - args: - - --job-name - - {{ .Release.Name }}-create-config - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + - name: {{ include "common.name" . }}-config-container + image: "{{ include "common.repository" . }}/{{ .Values.global.configImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - mountPath: "/opt/app/osaaf" + name: {{ include "common.name" . }}-config-vol + env: + - name: HOSTNAME + value: "{{ .Values.global.cadi.hostname }}" + - name: AAF_ENV + value: "{{ .Values.global.cadi.aaf_env }}" + - name: AAF_REGISTER_AS + value: "{{ .Values.aaf_register_as }}" + - name: LATITUDE + value: "{{ .Values.global.cadi.cadi_latitude }}" + - name: LONGITUDE + value: "{{ .Values.global.cadi.cadi_longitude }}" + - name: CASS_HOST + value: "{{ .Values.global.cadi.cass_host }}" + - name: AAF_LOCATOR_AS + value: "{{ .Values.global.cadi.cadi_locator_as }}" - name: {{ include "common.name" . }}-readiness command: - /root/ready.py @@ -66,7 +73,7 @@ spec: imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: - mountPath: "/opt/app/osaaf" - name: shared-config-volume + name: {{ include "common.name" . }}-config-vol - mountPath: /etc/localtime name: localtime readOnly: true @@ -96,12 +103,7 @@ spec: - name: localtime hostPath: path: /etc/localtime - - name: shared-config-volume - {{- if .Values.global.persistence.enabled }} - persistentVolumeClaim: - claimName: {{ .Release.Name }}-config - {{- else }} + - name: {{ include "common.name" . }}-config-vol emptyDir: {} - {{- end }} imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" \ No newline at end of file + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/charts/aaf-fs/values.yaml b/charts/aaf-fs/values.yaml index e656c43..9352ba9 100644 --- a/charts/aaf-fs/values.yaml +++ b/charts/aaf-fs/values.yaml @@ -25,7 +25,8 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_fs:2.1.4-SNAPSHOT +image: onap/aaf/aaf_fs:2.1.5-SNAPSHOT +aaf_register_as: "aaf-fs.onap" pullPolicy: Always @@ -76,4 +77,4 @@ resources: requests: cpu: 100m memory: 400Mi - unlimited: {} \ No newline at end of file + unlimited: {} diff --git a/charts/aaf-gui/templates/deployment.yaml b/charts/aaf-gui/templates/deployment.yaml index 24c8e68..0342412 100644 --- a/charts/aaf-gui/templates/deployment.yaml +++ b/charts/aaf-gui/templates/deployment.yaml @@ -31,20 +31,27 @@ spec: release: {{ .Release.Name }} spec: initContainers: - - name: {{ include "common.name" . }}-job-complete - command: - - /root/job_complete.py - args: - - --job-name - - {{ .Release.Name }}-create-config - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + - name: {{ include "common.name" . }}-config-container + image: "{{ include "common.repository" . }}/{{ .Values.global.configImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - mountPath: "/opt/app/osaaf" + name: {{ include "common.name" . }}-config-vol + env: + - name: HOSTNAME + value: "{{ .Values.global.cadi.hostname }}" + - name: AAF_ENV + value: "{{ .Values.global.cadi.aaf_env }}" + - name: AAF_REGISTER_AS + value: "{{ .Values.aaf_register_as }}" + - name: LATITUDE + value: "{{ .Values.global.cadi.cadi_latitude }}" + - name: LONGITUDE + value: "{{ .Values.global.cadi.cadi_longitude }}" + - name: CASS_HOST + value: "{{ .Values.global.cadi.cass_host }}" + - name: AAF_LOCATOR_AS + value: "{{ .Values.global.cadi.cadi_locator_as }}" - name: {{ include "common.name" . }}-readiness command: - /root/ready.py @@ -66,7 +73,7 @@ spec: imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: - mountPath: "/opt/app/osaaf" - name: shared-config-volume + name: {{ include "common.name" . }}-config-vol - mountPath: /etc/localtime name: localtime readOnly: true @@ -96,12 +103,7 @@ spec: - name: localtime hostPath: path: /etc/localtime - - name: shared-config-volume - {{- if .Values.global.persistence.enabled }} - persistentVolumeClaim: - claimName: {{ .Release.Name }}-config - {{- else }} + - name: {{ include "common.name" . }}-config-vol emptyDir: {} - {{- end }} imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" \ No newline at end of file + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/charts/aaf-gui/values.yaml b/charts/aaf-gui/values.yaml index 756bf2f..490fc7e 100644 --- a/charts/aaf-gui/values.yaml +++ b/charts/aaf-gui/values.yaml @@ -1,3 +1,4 @@ + # Copyright © 2017 Amdocs, Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -25,7 +26,8 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_gui:2.1.4-SNAPSHOT +image: onap/aaf/aaf_gui:2.1.5-SNAPSHOT +aaf_register_as: "aaf-gui.onap" pullPolicy: Always @@ -77,4 +79,4 @@ resources: requests: cpu: 100m memory: 500Mi - unlimited: {} \ No newline at end of file + unlimited: {} diff --git a/charts/aaf-hello/templates/deployment.yaml b/charts/aaf-hello/templates/deployment.yaml index f932228..d3049e0 100644 --- a/charts/aaf-hello/templates/deployment.yaml +++ b/charts/aaf-hello/templates/deployment.yaml @@ -31,20 +31,28 @@ spec: release: {{ .Release.Name }} spec: initContainers: - - name: {{ include "common.name" . }}-job-complete - command: - - /root/job_complete.py - args: - - --job-name - - {{ .Release.Name }}-create-config - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + - name: {{ include "common.name" . }}-config-container + image: "{{ include "common.repository" . }}/{{ .Values.global.configImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + + volumeMounts: + - mountPath: "/opt/app/osaaf" + name: {{ include "common.name" . }}-config-vol + env: + - name: HOSTNAME + value: "{{ .Values.global.cadi.hostname }}" + - name: AAF_ENV + value: "{{ .Values.global.cadi.aaf_env }}" + - name: AAF_REGISTER_AS + value: "{{ .Values.aaf_register_as }}" + - name: LATITUDE + value: "{{ .Values.global.cadi.cadi_latitude }}" + - name: LONGITUDE + value: "{{ .Values.global.cadi.cadi_longitude }}" + - name: CASS_HOST + value: "{{ .Values.global.cadi.cass_host }}" + - name: AAF_LOCATOR_AS + value: "{{ .Values.global.cadi.cadi_locator_as }}" - name: {{ include "common.name" . }}-readiness command: - /root/ready.py @@ -66,7 +74,7 @@ spec: imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: - mountPath: "/opt/app/osaaf" - name: shared-config-volume + name: {{ include "common.name" . }}-config-vol - mountPath: /etc/localtime name: localtime readOnly: true @@ -96,12 +104,7 @@ spec: - name: localtime hostPath: path: /etc/localtime - - name: shared-config-volume - {{- if .Values.global.persistence.enabled }} - persistentVolumeClaim: - claimName: {{ .Release.Name }}-config - {{- else }} + - name: {{ include "common.name" . }}-config-vol emptyDir: {} - {{- end }} imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" \ No newline at end of file + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/charts/aaf-hello/values.yaml b/charts/aaf-hello/values.yaml index b8bbaed..cccb0b3 100644 --- a/charts/aaf-hello/values.yaml +++ b/charts/aaf-hello/values.yaml @@ -25,7 +25,8 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_hello:2.1.4-SNAPSHOT +image: onap/aaf/aaf_hello:2.1.5-SNAPSHOT +aaf_register_as: "aaf-hello.onap" pullPolicy: Always @@ -76,4 +77,4 @@ resources: requests: cpu: 20m memory: 500Mi - unlimited: {} \ No newline at end of file + unlimited: {} diff --git a/charts/aaf-locate/templates/deployment.yaml b/charts/aaf-locate/templates/deployment.yaml index a3a9e28..ea4e3e8 100644 --- a/charts/aaf-locate/templates/deployment.yaml +++ b/charts/aaf-locate/templates/deployment.yaml @@ -31,20 +31,28 @@ spec: release: {{ .Release.Name }} spec: initContainers: - - name: {{ include "common.name" . }}-job-complete - command: - - /root/job_complete.py - args: - - --job-name - - {{ .Release.Name }}-create-config - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + - name: {{ include "common.name" . }}-config-container + image: "{{ include "common.repository" . }}/{{ .Values.global.configImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + + volumeMounts: + - mountPath: "/opt/app/osaaf" + name: {{ include "common.name" . }}-config-vol + env: + - name: HOSTNAME + value: "{{ .Values.global.cadi.hostname }}" + - name: AAF_ENV + value: "{{ .Values.global.cadi.aaf_env }}" + - name: AAF_REGISTER_AS + value: "{{ .Values.aaf_register_as }}" + - name: LATITUDE + value: "{{ .Values.global.cadi.cadi_latitude }}" + - name: LONGITUDE + value: "{{ .Values.global.cadi.cadi_longitude }}" + - name: CASS_HOST + value: "{{ .Values.global.cadi.cass_host }}" + - name: AAF_LOCATOR_AS + value: "{{ .Values.global.cadi.cadi_locator_as }}" - name: {{ include "common.name" . }}-readiness command: - /root/ready.py @@ -66,7 +74,7 @@ spec: imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: - mountPath: "/opt/app/osaaf" - name: shared-config-volume + name: {{ include "common.name" . }}-config-vol - mountPath: /etc/localtime name: localtime readOnly: true @@ -96,12 +104,7 @@ spec: - name: localtime hostPath: path: /etc/localtime - - name: shared-config-volume - {{- if .Values.global.persistence.enabled }} - persistentVolumeClaim: - claimName: {{ .Release.Name }}-config - {{- else }} + - name: {{ include "common.name" . }}-config-vol emptyDir: {} - {{- end }} imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" \ No newline at end of file + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/charts/aaf-locate/values.yaml b/charts/aaf-locate/values.yaml index 16c02cd..6a75393 100644 --- a/charts/aaf-locate/values.yaml +++ b/charts/aaf-locate/values.yaml @@ -25,7 +25,8 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_locate:2.1.4-SNAPSHOT +image: onap/aaf/aaf_locate:2.1.5-SNAPSHOT +aaf_register_as: "aaf-locate.onap" pullPolicy: Always @@ -76,4 +77,4 @@ resources: requests: cpu: 40m memory: 500Mi - unlimited: {} \ No newline at end of file + unlimited: {} diff --git a/charts/aaf-oauth/templates/deployment.yaml b/charts/aaf-oauth/templates/deployment.yaml index 06cf273..aed0bbe 100644 --- a/charts/aaf-oauth/templates/deployment.yaml +++ b/charts/aaf-oauth/templates/deployment.yaml @@ -31,23 +31,30 @@ spec: release: {{ .Release.Name }} spec: initContainers: - - name: {{ include "common.name" . }}-job-complete - command: - - /root/job_complete.py - args: - - --job-name - - {{ .Release.Name }}-create-config - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + - name: {{ include "common.name" . }}-config-container + image: "{{ include "common.repository" . }}/{{ .Values.global.configImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - mountPath: "/opt/app/osaaf" + name: {{ include "common.name" . }}-config-vol + env: + - name: HOSTNAME + value: "{{ .Values.global.cadi.hostname }}" + - name: AAF_ENV + value: "{{ .Values.global.cadi.aaf_env }}" + - name: AAF_REGISTER_AS + value: "{{ .Values.aaf_register_as }}" + - name: LATITUDE + value: "{{ .Values.global.cadi.cadi_latitude }}" + - name: LONGITUDE + value: "{{ .Values.global.cadi.cadi_longitude }}" + - name: CASS_HOST + value: "{{ .Values.global.cadi.cass_host }}" + - name: AAF_LOCATOR_AS + value: "{{ .Values.global.cadi.cadi_locator_as }}" - name: {{ include "common.name" . }}-readiness command: - - /root/ready.py + - /root/ready.py args: - --container-name - aaf-locate @@ -66,7 +73,7 @@ spec: imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: - mountPath: "/opt/app/osaaf" - name: shared-config-volume + name: {{ include "common.name" . }}-config-vol - mountPath: /etc/localtime name: localtime readOnly: true @@ -96,12 +103,7 @@ spec: - name: localtime hostPath: path: /etc/localtime - - name: shared-config-volume - {{- if .Values.global.persistence.enabled }} - persistentVolumeClaim: - claimName: {{ .Release.Name }}-config - {{- else }} + - name: {{ include "common.name" . }}-config-vol emptyDir: {} - {{- end }} imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" \ No newline at end of file + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/charts/aaf-oauth/values.yaml b/charts/aaf-oauth/values.yaml index 72c793a..651f53e 100644 --- a/charts/aaf-oauth/values.yaml +++ b/charts/aaf-oauth/values.yaml @@ -25,7 +25,8 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_oauth:2.1.4-SNAPSHOT +image: onap/aaf/aaf_oauth:2.1.5-SNAPSHOT +aaf_register_as: "aaf-oauth.onap" pullPolicy: Always @@ -76,4 +77,4 @@ resources: requests: cpu: 40m memory: 200Mi - unlimited: {} \ No newline at end of file + unlimited: {} diff --git a/charts/aaf-service/templates/deployment.yaml b/charts/aaf-service/templates/deployment.yaml index c3c140a..35b17ba 100644 --- a/charts/aaf-service/templates/deployment.yaml +++ b/charts/aaf-service/templates/deployment.yaml @@ -31,20 +31,27 @@ spec: release: {{ .Release.Name }} spec: initContainers: - - name: {{ include "common.name" . }}-job-complete - command: - - /root/job_complete.py - args: - - --job-name - - {{ .Release.Name }}-create-config - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + - name: {{ include "common.name" . }}-config-container + image: "{{ include "common.repository" . }}/{{ .Values.global.configImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - mountPath: "/opt/app/osaaf" + name: {{ include "common.name" . }}-config-vol + env: + - name: HOSTNAME + value: "{{ .Values.global.cadi.hostname }}" + - name: AAF_ENV + value: "{{ .Values.global.cadi.aaf_env }}" + - name: AAF_REGISTER_AS + value: "{{ .Values.aaf_register_as }}" + - name: LATITUDE + value: "{{ .Values.global.cadi.cadi_latitude }}" + - name: LONGITUDE + value: "{{ .Values.global.cadi.cadi_longitude }}" + - name: CASS_HOST + value: "{{ .Values.global.cadi.cass_host }}" + - name: AAF_LOCATOR_AS + value: "{{ .Values.global.cadi.cadi_locator_as }}" - name: {{ include "common.name" . }}-readiness command: - /root/ready.py @@ -66,7 +73,7 @@ spec: imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: - mountPath: "/opt/app/osaaf" - name: shared-config-volume + name: {{ include "common.name" . }}-config-vol - mountPath: /etc/localtime name: localtime readOnly: true @@ -96,12 +103,7 @@ spec: - name: localtime hostPath: path: /etc/localtime - - name: shared-config-volume - {{- if .Values.global.persistence.enabled }} - persistentVolumeClaim: - claimName: {{ .Release.Name }}-config - {{- else }} + - name: {{ include "common.name" . }}-config-vol emptyDir: {} - {{- end }} imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" \ No newline at end of file + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/charts/aaf-service/values.yaml b/charts/aaf-service/values.yaml index 19daaae..e3f81f2 100644 --- a/charts/aaf-service/values.yaml +++ b/charts/aaf-service/values.yaml @@ -25,7 +25,8 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_service:2.1.4-SNAPSHOT +image: onap/aaf/aaf_service:2.1.5-SNAPSHOT +aaf_register_as: "aaf-service.onap" pullPolicy: Always @@ -77,4 +78,4 @@ resources: requests: cpu: 40m memory: 300Mi - unlimited: {} \ No newline at end of file + unlimited: {} diff --git a/templates/job.yaml b/templates/job.yaml deleted file mode 100644 index 103b908..0000000 --- a/templates/job.yaml +++ /dev/null @@ -1,74 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: batch/v1 -kind: Job -metadata: - name: {{ .Release.Name }}-create-config - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - template: - metadata: - labels: - app: aaf-init-job - release: {{ .Release.Name }} - spec: - containers: - - name: {{ include "common.name" . }}-config-container - image: "{{ include "common.repository" . }}/{{ .Values.aaf_config.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - - mountPath: "/opt/app/osaaf" - name: {{ include "common.name" . }}-config-vol - env: - - name: HOSTNAME - value: "{{ .Values.global.cadi.hostname }}" - - name: AAF_ENV - value: "{{ .Values.global.cadi.aaf_env }}" - - name: AAF_REGISTER_AS - value: "{{ .Values.global.cadi.aaf_register_as }}" - - name: LATITUDE - value: "{{ .Values.global.cadi.cadi_latitude }}" - - name: LONGITUDE - value: "{{ .Values.global.cadi.cadi_longitude }}" - - name: CASS_HOST - value: "{{ .Values.global.cassandraServiceName }}" - - name: AAF_LOCATOR_AS - value: "{{ .Values.global.locateServiceName }}" - resources: -{{ include "common.resources" . | indent 12 }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 10 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 10 }} - {{- end }} - volumes: - - name: {{ include "common.name" . }}-config-vol - {{- if .Values.global.persistence.enabled }} - persistentVolumeClaim: - claimName: {{ .Release.Name }}-config - {{- else }} - emptyDir: {} - {{- end }} - restartPolicy: OnFailure - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/templates/pv.yaml b/templates/pv.yaml deleted file mode 100644 index 9d28184..0000000 --- a/templates/pv.yaml +++ /dev/null @@ -1,73 +0,0 @@ -{{/* -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{- if and .Values.global.persistence.enabled (not .Values.persistence.config.existingClaim) }} -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ .Release.Name }}-config - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }}-config - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }} -spec: - capacity: - storage: {{ .Values.persistence.config.size}} - accessModes: - - {{ .Values.persistence.config.accessMode }} - persistentVolumeReclaimPolicy: {{ .Values.persistence.config.volumeReclaimPolicy }} - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.config.mountSubPath }} -{{- if .Values.persistence.config.storageClass }} -{{- if (eq "-" .Values.persistence.config.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.config.storageClass }}" -{{- end }} -{{- end }} -{{- end }} ---- -{{- if and .Values.global.persistence.enabled (not .Values.persistence.logs.existingClaim) }} -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ .Release.Name }}-logs - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }}-logs - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }} -spec: - capacity: - storage: {{ .Values.persistence.logs.size}} - accessModes: - - {{ .Values.persistence.logs.accessMode }} - persistentVolumeReclaimPolicy: {{ .Values.persistence.logs.volumeReclaimPolicy }} - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.logs.mountSubPath }} -{{- if .Values.persistence.logs.storageClass }} -{{- if (eq "-" .Values.persistence.logs.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.logs.storageClass }}" -{{- end }} -{{- end }} -{{- end }} \ No newline at end of file diff --git a/templates/pvc.yaml b/templates/pvc.yaml deleted file mode 100644 index a9c8b90..0000000 --- a/templates/pvc.yaml +++ /dev/null @@ -1,81 +0,0 @@ -{{/* -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{- if and .Values.global.persistence.enabled (not .Values.persistence.config.existingClaim) }} -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: {{ .Release.Name }}-config - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }}-config - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" -{{- if .Values.persistence.config.annotations }} - annotations: -{{ toYaml .Values.persistence.config.annotations | indent 4 }} -{{- end }} -spec: - selector: - matchLabels: - app: {{ include "common.name" . }}-config - accessModes: - - {{ .Values.persistence.config.accessMode }} - resources: - requests: - storage: {{ .Values.persistence.config.size }} -{{- if .Values.persistence.config.storageClass }} -{{- if (eq "-" .Values.persistence.config.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.config.storageClass }}" -{{- end }} -{{- end }} -{{- end }} ---- -{{- if and .Values.global.persistence.enabled (not .Values.persistence.logs.existingClaim) }} -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: {{ .Release.Name }}-logs - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }}-logs - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" -{{- if .Values.persistence.logs.annotations }} - annotations: -{{ toYaml .Values.persistence.logs.annotations | indent 4 }} -{{- end }} -spec: - selector: - matchLabels: - app: {{ include "common.name" . }}-logs - accessModes: - - {{ .Values.persistence.logs.accessMode }} - resources: - requests: - storage: {{ .Values.persistence.logs.size }} -{{- if .Values.persistence.logs.storageClass }} -{{- if (eq "-" .Values.persistence.logs.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.logs.storageClass }}" -{{- end }} -{{- end }} -{{- end -}} \ No newline at end of file diff --git a/values.yaml b/values.yaml index 258aec5..d53fe9d 100644 --- a/values.yaml +++ b/values.yaml @@ -21,6 +21,7 @@ global: readinessImage: readiness-check:2.0.0 ubuntuInitRepository: registry.hub.docker.com ubuntuInitImage: oomk8s/ubuntu-init:2.0.0 + configImage: onap/aaf/aaf_config:2.1.5-SNAPSHOT persistence: enabled: true @@ -29,16 +30,13 @@ global: cadi_latitude: "38.0" cadi_longitude: "-72.0" aaf_env: "DEV" - aaf_register_as: "aaf.onap" - cassandraServiceName: aaf-cass - locateServiceName: aaf-locate + cass_host: "aaf-cass.onap" + cadi_locator_as: "aaf-locate.onap" ################################################################# # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 -aaf_config: - image: onap/aaf/aaf_config:2.1.4-SNAPSHOT flavor: small # default number of instances @@ -92,4 +90,4 @@ aaf-cs: size: 10Gi storageClass: "manual" -resources: {} \ No newline at end of file +resources: {} -- cgit 1.2.3-korg From c8085217695f36be966c11b61d6d097d1df72328 Mon Sep 17 00:00:00 2001 From: Gary Wu Date: Thu, 18 Oct 2018 09:48:31 -0700 Subject: Sync docker tags with release manifest Sync docker tags with the release manifest. It is assumed that the release manifest is the "single source of truth" and that the versions in the helm charts are out of date. Change-Id: I2902e60b25f57409dd616780a626e63c92d26769 Issue-ID: INT-663 Signed-off-by: Gary Wu --- charts/aaf-cm/values.yaml | 2 +- charts/aaf-fs/values.yaml | 2 +- charts/aaf-gui/values.yaml | 2 +- charts/aaf-hello/values.yaml | 2 +- charts/aaf-locate/values.yaml | 2 +- charts/aaf-oauth/values.yaml | 2 +- charts/aaf-service/values.yaml | 2 +- charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml | 2 +- charts/aaf-sms/values.yaml | 2 +- 9 files changed, 9 insertions(+), 9 deletions(-) diff --git a/charts/aaf-cm/values.yaml b/charts/aaf-cm/values.yaml index cb53098..6897898 100644 --- a/charts/aaf-cm/values.yaml +++ b/charts/aaf-cm/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_cm:2.1.5-SNAPSHOT +image: onap/aaf/aaf_cm:2.1.5 aaf_register_as: "aaf-cm.onap" pullPolicy: Always diff --git a/charts/aaf-fs/values.yaml b/charts/aaf-fs/values.yaml index 9352ba9..bfa9576 100644 --- a/charts/aaf-fs/values.yaml +++ b/charts/aaf-fs/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_fs:2.1.5-SNAPSHOT +image: onap/aaf/aaf_fs:2.1.5 aaf_register_as: "aaf-fs.onap" pullPolicy: Always diff --git a/charts/aaf-gui/values.yaml b/charts/aaf-gui/values.yaml index 490fc7e..50315db 100644 --- a/charts/aaf-gui/values.yaml +++ b/charts/aaf-gui/values.yaml @@ -26,7 +26,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_gui:2.1.5-SNAPSHOT +image: onap/aaf/aaf_gui:2.1.5 aaf_register_as: "aaf-gui.onap" pullPolicy: Always diff --git a/charts/aaf-hello/values.yaml b/charts/aaf-hello/values.yaml index cccb0b3..35a697b 100644 --- a/charts/aaf-hello/values.yaml +++ b/charts/aaf-hello/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_hello:2.1.5-SNAPSHOT +image: onap/aaf/aaf_hello:2.1.5 aaf_register_as: "aaf-hello.onap" pullPolicy: Always diff --git a/charts/aaf-locate/values.yaml b/charts/aaf-locate/values.yaml index 6a75393..6384395 100644 --- a/charts/aaf-locate/values.yaml +++ b/charts/aaf-locate/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_locate:2.1.5-SNAPSHOT +image: onap/aaf/aaf_locate:2.1.5 aaf_register_as: "aaf-locate.onap" pullPolicy: Always diff --git a/charts/aaf-oauth/values.yaml b/charts/aaf-oauth/values.yaml index 651f53e..874b506 100644 --- a/charts/aaf-oauth/values.yaml +++ b/charts/aaf-oauth/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_oauth:2.1.5-SNAPSHOT +image: onap/aaf/aaf_oauth:2.1.5 aaf_register_as: "aaf-oauth.onap" pullPolicy: Always diff --git a/charts/aaf-service/values.yaml b/charts/aaf-service/values.yaml index e3f81f2..5921ff6 100644 --- a/charts/aaf-service/values.yaml +++ b/charts/aaf-service/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_service:2.1.5-SNAPSHOT +image: onap/aaf/aaf_service:2.1.5 aaf_register_as: "aaf-service.onap" pullPolicy: Always diff --git a/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml b/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml index d6ac1cb..7a24eb7 100644 --- a/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml +++ b/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml @@ -28,7 +28,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/smsquorumclient:latest +image: onap/aaf/smsquorumclient:3.0.0 pullPolicy: Always # flag to enable debugging - application support required diff --git a/charts/aaf-sms/values.yaml b/charts/aaf-sms/values.yaml index 7a25581..5f27f05 100644 --- a/charts/aaf-sms/values.yaml +++ b/charts/aaf-sms/values.yaml @@ -28,7 +28,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/sms:latest +image: onap/aaf/sms:3.0.0 pullPolicy: Always # flag to enable debugging - application support required -- cgit 1.2.3-korg From ff99d602d0978a5a9adecc6f2642748ddee984c0 Mon Sep 17 00:00:00 2001 From: Gary Wu Date: Mon, 22 Oct 2018 20:33:07 -0700 Subject: Sync docker tags with release manifest Sync docker tags with the release manifest from integration repo commit 90e136c83ec5434abaeb9939b995f86aa4089850. Change-Id: I771393adb429087752dc52df2cd2812dc9ff6a11 Issue-ID: INT-663 Signed-off-by: Gary Wu --- charts/aaf-sshsm/charts/aaf-sshsm-abrmd/values.yaml | 2 +- charts/aaf-sshsm/charts/aaf-sshsm-distcenter/values.yaml | 2 +- charts/aaf-sshsm/charts/aaf-sshsm-testca/values.yaml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/values.yaml b/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/values.yaml index a778cfd..bf64c6d 100644 --- a/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/values.yaml +++ b/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/values.yaml @@ -21,7 +21,7 @@ ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/abrmd:latest +image: onap/aaf/abrmd:3.0.0 pullPolicy: Always # flag to enable debugging - application support required diff --git a/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/values.yaml b/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/values.yaml index a9ca491..3993cfc 100644 --- a/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/values.yaml +++ b/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/values.yaml @@ -23,7 +23,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/distcenter:latest +image: onap/aaf/distcenter:3.0.0 pullPolicy: Always # flag to enable debugging - application support required diff --git a/charts/aaf-sshsm/charts/aaf-sshsm-testca/values.yaml b/charts/aaf-sshsm/charts/aaf-sshsm-testca/values.yaml index 3be2aad..3fd53d2 100644 --- a/charts/aaf-sshsm/charts/aaf-sshsm-testca/values.yaml +++ b/charts/aaf-sshsm/charts/aaf-sshsm-testca/values.yaml @@ -23,7 +23,7 @@ enabled: true ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/testcaservice:latest +image: onap/aaf/testcaservice:3.0.0 pullPolicy: Always # flag to enable debugging - application support required -- cgit 1.2.3-korg From 926b8812165b5736babef2166e162134d9315441 Mon Sep 17 00:00:00 2001 From: Instrumental Date: Thu, 25 Oct 2018 04:23:40 +0000 Subject: update OOM for 2.1.6 Issue-ID: AAF-571 Change-Id: I95f1f9c1604c36bc76eb556c7f35fdb8caceba57 Signed-off-by: Instrumental --- charts/aaf-cm/templates/deployment.yaml | 2 +- charts/aaf-cm/values.yaml | 2 +- charts/aaf-cs/values.yaml | 2 +- charts/aaf-fs/templates/deployment.yaml | 2 +- charts/aaf-fs/values.yaml | 2 +- charts/aaf-gui/templates/deployment.yaml | 2 +- charts/aaf-gui/values.yaml | 2 +- charts/aaf-hello/templates/deployment.yaml | 3 +-- charts/aaf-hello/values.yaml | 2 +- charts/aaf-locate/templates/deployment.yaml | 3 +-- charts/aaf-locate/values.yaml | 2 +- charts/aaf-oauth/templates/deployment.yaml | 2 +- charts/aaf-oauth/values.yaml | 2 +- charts/aaf-service/templates/deployment.yaml | 2 +- charts/aaf-service/values.yaml | 2 +- values.yaml | 2 +- 16 files changed, 16 insertions(+), 18 deletions(-) diff --git a/charts/aaf-cm/templates/deployment.yaml b/charts/aaf-cm/templates/deployment.yaml index 8655054..f78dfdc 100644 --- a/charts/aaf-cm/templates/deployment.yaml +++ b/charts/aaf-cm/templates/deployment.yaml @@ -68,7 +68,7 @@ spec: imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} containers: - name: {{ include "common.name" . }} - command: ["/bin/bash","/opt/app/aaf/bin/cm"] + command: ["/bin/bash","/opt/app/aaf/pod/pod_wait.sh","aaf_cm","sleep","0","cd /opt/app/aaf;bin/cm"] image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: diff --git a/charts/aaf-cm/values.yaml b/charts/aaf-cm/values.yaml index 6897898..c838e17 100644 --- a/charts/aaf-cm/values.yaml +++ b/charts/aaf-cm/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_cm:2.1.5 +image: onap/aaf/aaf_cm:2.1.6-SNAPSHOT aaf_register_as: "aaf-cm.onap" pullPolicy: Always diff --git a/charts/aaf-cs/values.yaml b/charts/aaf-cs/values.yaml index 61c0808..9c0b8c0 100644 --- a/charts/aaf-cs/values.yaml +++ b/charts/aaf-cs/values.yaml @@ -24,7 +24,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_cass:2.1.5-SNAPSHOT +image: onap/aaf/aaf_cass:2.1.6-SNAPSHOT pullPolicy: Always # application configuration diff --git a/charts/aaf-fs/templates/deployment.yaml b/charts/aaf-fs/templates/deployment.yaml index cfafba7..b938448 100644 --- a/charts/aaf-fs/templates/deployment.yaml +++ b/charts/aaf-fs/templates/deployment.yaml @@ -68,7 +68,7 @@ spec: imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} containers: - name: {{ include "common.name" . }} - command: ["/bin/bash","/opt/app/aaf/bin/fs"] + command: ["/bin/bash","/opt/app/aaf/pod/pod_wait.sh","aaf_fs","sleep","0","cd /opt/app/aaf;bin/fs"] image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: diff --git a/charts/aaf-fs/values.yaml b/charts/aaf-fs/values.yaml index bfa9576..e4a805f 100644 --- a/charts/aaf-fs/values.yaml +++ b/charts/aaf-fs/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_fs:2.1.5 +image: onap/aaf/aaf_fs:2.1.6-SNAPSHOT aaf_register_as: "aaf-fs.onap" pullPolicy: Always diff --git a/charts/aaf-gui/templates/deployment.yaml b/charts/aaf-gui/templates/deployment.yaml index 0342412..9dd8794 100644 --- a/charts/aaf-gui/templates/deployment.yaml +++ b/charts/aaf-gui/templates/deployment.yaml @@ -68,7 +68,7 @@ spec: imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} containers: - name: {{ include "common.name" . }} - command: ["/bin/bash","/opt/app/aaf/bin/gui"] + command: ["/bin/bash","/opt/app/aaf/pod/pod_wait.sh","aaf_gui","sleep","0","cd /opt/app/aaf;bin/gui"] image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: diff --git a/charts/aaf-gui/values.yaml b/charts/aaf-gui/values.yaml index 50315db..9d391f8 100644 --- a/charts/aaf-gui/values.yaml +++ b/charts/aaf-gui/values.yaml @@ -26,7 +26,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_gui:2.1.5 +image: onap/aaf/aaf_gui:2.1.6-SNAPSHOT aaf_register_as: "aaf-gui.onap" pullPolicy: Always diff --git a/charts/aaf-hello/templates/deployment.yaml b/charts/aaf-hello/templates/deployment.yaml index d3049e0..c57e57f 100644 --- a/charts/aaf-hello/templates/deployment.yaml +++ b/charts/aaf-hello/templates/deployment.yaml @@ -34,7 +34,6 @@ spec: - name: {{ include "common.name" . }}-config-container image: "{{ include "common.repository" . }}/{{ .Values.global.configImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - mountPath: "/opt/app/osaaf" name: {{ include "common.name" . }}-config-vol @@ -69,7 +68,7 @@ spec: imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} containers: - name: {{ include "common.name" . }} - command: ["/bin/bash","/opt/app/aaf/bin/hello"] + command: ["/bin/bash","/opt/app/aaf/pod/pod_wait.sh","aaf_hello","sleep","0","cd /opt/app/aaf;bin/hello"] image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: diff --git a/charts/aaf-hello/values.yaml b/charts/aaf-hello/values.yaml index 35a697b..5955261 100644 --- a/charts/aaf-hello/values.yaml +++ b/charts/aaf-hello/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_hello:2.1.5 +image: onap/aaf/aaf_hello:2.1.6-SNAPSHOT aaf_register_as: "aaf-hello.onap" pullPolicy: Always diff --git a/charts/aaf-locate/templates/deployment.yaml b/charts/aaf-locate/templates/deployment.yaml index ea4e3e8..a2f9f55 100644 --- a/charts/aaf-locate/templates/deployment.yaml +++ b/charts/aaf-locate/templates/deployment.yaml @@ -34,7 +34,6 @@ spec: - name: {{ include "common.name" . }}-config-container image: "{{ include "common.repository" . }}/{{ .Values.global.configImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - mountPath: "/opt/app/osaaf" name: {{ include "common.name" . }}-config-vol @@ -69,7 +68,7 @@ spec: imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} containers: - name: {{ include "common.name" . }} - command: ["/bin/bash","/opt/app/aaf/bin/locate"] + command: ["/bin/bash","/opt/app/aaf/pod/pod_wait.sh","aaf_locate","sleep","0","cd /opt/app/aaf;bin/locate"] image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: diff --git a/charts/aaf-locate/values.yaml b/charts/aaf-locate/values.yaml index 6384395..5a4e749 100644 --- a/charts/aaf-locate/values.yaml +++ b/charts/aaf-locate/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_locate:2.1.5 +image: onap/aaf/aaf_locate:2.1.6-SNAPSHOT aaf_register_as: "aaf-locate.onap" pullPolicy: Always diff --git a/charts/aaf-oauth/templates/deployment.yaml b/charts/aaf-oauth/templates/deployment.yaml index aed0bbe..f7a34f4 100644 --- a/charts/aaf-oauth/templates/deployment.yaml +++ b/charts/aaf-oauth/templates/deployment.yaml @@ -68,7 +68,7 @@ spec: imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} containers: - name: {{ include "common.name" . }} - command: ["/bin/bash","/opt/app/aaf/bin/oauth"] + command: ["/bin/bash","/opt/app/aaf/pod/pod_wait.sh","aaf_oauth","sleep","0","cd /opt/app/aaf;bin/oauth"] image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: diff --git a/charts/aaf-oauth/values.yaml b/charts/aaf-oauth/values.yaml index 874b506..a915fed 100644 --- a/charts/aaf-oauth/values.yaml +++ b/charts/aaf-oauth/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_oauth:2.1.5 +image: onap/aaf/aaf_oauth:2.1.6-SNAPSHOT aaf_register_as: "aaf-oauth.onap" pullPolicy: Always diff --git a/charts/aaf-service/templates/deployment.yaml b/charts/aaf-service/templates/deployment.yaml index 35b17ba..92d2312 100644 --- a/charts/aaf-service/templates/deployment.yaml +++ b/charts/aaf-service/templates/deployment.yaml @@ -68,7 +68,7 @@ spec: imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} containers: - name: {{ include "common.name" . }} - command: ["/bin/bash","/opt/app/aaf/bin/service"] + command: ["/bin/bash","/opt/app/aaf/pod/pod_wait.sh","aaf_service","sleep","0","cd /opt/app/aaf;bin/service"] image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: diff --git a/charts/aaf-service/values.yaml b/charts/aaf-service/values.yaml index 5921ff6..83c6d3a 100644 --- a/charts/aaf-service/values.yaml +++ b/charts/aaf-service/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_service:2.1.5 +image: onap/aaf/aaf_service:2.1.6-SNAPSHOT aaf_register_as: "aaf-service.onap" pullPolicy: Always diff --git a/values.yaml b/values.yaml index d53fe9d..787eb84 100644 --- a/values.yaml +++ b/values.yaml @@ -21,7 +21,7 @@ global: readinessImage: readiness-check:2.0.0 ubuntuInitRepository: registry.hub.docker.com ubuntuInitImage: oomk8s/ubuntu-init:2.0.0 - configImage: onap/aaf/aaf_config:2.1.5-SNAPSHOT + configImage: onap/aaf/aaf_config:2.1.6-SNAPSHOT persistence: enabled: true -- cgit 1.2.3-korg From 65dfc1852bfafd3dbfa69ca096fc0591bc9cf043 Mon Sep 17 00:00:00 2001 From: Dileep Ranganathan Date: Mon, 1 Oct 2018 08:14:16 -0700 Subject: OOF HAS Helm chart updates Helm charts updated for HAS with MUSIC v3. Sync conductor.conf, added dependent containers for AAF. Read config from values.yaml. Disabled AAF authentication. Updated resources for OSDF and HAS charts. Removed hardcoded values for namespace Change-Id: I683cd0b8c86a6cc9a4b4c4793051878e0d0e5b2f Issue-ID: OPTFRA-363 Signed-off-by: Dileep Ranganathan Signed-off-by: Kiran Kamineni --- charts/aaf-sms/resources/config/has.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/aaf-sms/resources/config/has.json b/charts/aaf-sms/resources/config/has.json index 9d017f9..ae990a9 100644 --- a/charts/aaf-sms/resources/config/has.json +++ b/charts/aaf-sms/resources/config/has.json @@ -5,8 +5,8 @@ { "name": "aai", "values": { - "username": "OOF", - "password": "OOF" + "username": "oof@oof.onap.org", + "password": "demo123456!" } }, { -- cgit 1.2.3-korg From 9b0d8fdb593454a402472c95cf0e57e17cbaa87c Mon Sep 17 00:00:00 2001 From: Kiran Kamineni Date: Tue, 30 Oct 2018 15:25:47 -0700 Subject: Update sms version to 3.0.1 Update SMS version to 3.0.1 to reflect latest image Issue-ID: AAF-390 Change-Id: Ie4b6c45bf2dc3e8352810809b2c88523240b6d43 Signed-off-by: Kiran Kamineni --- charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml | 4 ++-- charts/aaf-sms/values.yaml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml b/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml index 7a24eb7..7cd5938 100644 --- a/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml +++ b/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml @@ -28,7 +28,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/smsquorumclient:3.0.0 +image: onap/aaf/smsquorumclient:3.0.1 pullPolicy: Always # flag to enable debugging - application support required @@ -72,4 +72,4 @@ resources: requests: cpu: 10m memory: 100Mi - unlimited: {} \ No newline at end of file + unlimited: {} diff --git a/charts/aaf-sms/values.yaml b/charts/aaf-sms/values.yaml index 5f27f05..8e7ea29 100644 --- a/charts/aaf-sms/values.yaml +++ b/charts/aaf-sms/values.yaml @@ -28,7 +28,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/sms:3.0.0 +image: onap/aaf/sms:3.0.1 pullPolicy: Always # flag to enable debugging - application support required @@ -100,4 +100,4 @@ resources: requests: cpu: 10m memory: 100Mi - unlimited: {} \ No newline at end of file + unlimited: {} -- cgit 1.2.3-korg From ac47d855e9d9707e4fdfcc4f79f2c440dd14ce95 Mon Sep 17 00:00:00 2001 From: sandovalfr Date: Wed, 31 Oct 2018 04:30:02 -0600 Subject: add OOF-HAS AAF integration Issue-ID: OPTFRA-331 Change-Id: I4811511424c42aec0dc98d2dcdf3cce3cc2bd218 Signed-off-by: sandovalfrOAM Signed-off-by: Frank Sandoval --- charts/aaf-sms/resources/config/has.json | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/charts/aaf-sms/resources/config/has.json b/charts/aaf-sms/resources/config/has.json index ae990a9..4f48771 100644 --- a/charts/aaf-sms/resources/config/has.json +++ b/charts/aaf-sms/resources/config/has.json @@ -30,6 +30,14 @@ "aafpass": "c0nduct0r", "aafns": "conductor" } + }, + { + "name": "aaf_api", + "values": { + "username": "aaf_admin@people.osaaf.org", + "password": "demo123456!", + "aaf_conductor_user": "oof@oof.onap.org" + } } ] } -- cgit 1.2.3-korg From 425aa26dec849e44e2cbf66d7c5dac008769ed4d Mon Sep 17 00:00:00 2001 From: Instrumental Date: Mon, 5 Nov 2018 21:38:54 +0000 Subject: update OOM for 2.1.7-SNAPSHOT Issue-ID: AAF-609 Change-Id: Ia3735e269205425e66452701fa15909500e569f7 Signed-off-by: Instrumental --- charts/aaf-cm/values.yaml | 2 +- charts/aaf-cs/values.yaml | 2 +- charts/aaf-fs/values.yaml | 2 +- charts/aaf-gui/values.yaml | 2 +- charts/aaf-hello/values.yaml | 2 +- charts/aaf-locate/values.yaml | 2 +- charts/aaf-oauth/values.yaml | 2 +- charts/aaf-service/values.yaml | 2 +- values.yaml | 2 +- 9 files changed, 9 insertions(+), 9 deletions(-) diff --git a/charts/aaf-cm/values.yaml b/charts/aaf-cm/values.yaml index c838e17..6bd03cf 100644 --- a/charts/aaf-cm/values.yaml +++ b/charts/aaf-cm/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_cm:2.1.6-SNAPSHOT +image: onap/aaf/aaf_cm:2.1.7-SNAPSHOT aaf_register_as: "aaf-cm.onap" pullPolicy: Always diff --git a/charts/aaf-cs/values.yaml b/charts/aaf-cs/values.yaml index 9c0b8c0..a81bfed 100644 --- a/charts/aaf-cs/values.yaml +++ b/charts/aaf-cs/values.yaml @@ -24,7 +24,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_cass:2.1.6-SNAPSHOT +image: onap/aaf/aaf_cass:2.1.7-SNAPSHOT pullPolicy: Always # application configuration diff --git a/charts/aaf-fs/values.yaml b/charts/aaf-fs/values.yaml index e4a805f..07e832b 100644 --- a/charts/aaf-fs/values.yaml +++ b/charts/aaf-fs/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_fs:2.1.6-SNAPSHOT +image: onap/aaf/aaf_fs:2.1.7-SNAPSHOT aaf_register_as: "aaf-fs.onap" pullPolicy: Always diff --git a/charts/aaf-gui/values.yaml b/charts/aaf-gui/values.yaml index 9d391f8..dd8162b 100644 --- a/charts/aaf-gui/values.yaml +++ b/charts/aaf-gui/values.yaml @@ -26,7 +26,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_gui:2.1.6-SNAPSHOT +image: onap/aaf/aaf_gui:2.1.7-SNAPSHOT aaf_register_as: "aaf-gui.onap" pullPolicy: Always diff --git a/charts/aaf-hello/values.yaml b/charts/aaf-hello/values.yaml index 5955261..fb5914d 100644 --- a/charts/aaf-hello/values.yaml +++ b/charts/aaf-hello/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_hello:2.1.6-SNAPSHOT +image: onap/aaf/aaf_hello:2.1.7-SNAPSHOT aaf_register_as: "aaf-hello.onap" pullPolicy: Always diff --git a/charts/aaf-locate/values.yaml b/charts/aaf-locate/values.yaml index 5a4e749..e65d6e3 100644 --- a/charts/aaf-locate/values.yaml +++ b/charts/aaf-locate/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_locate:2.1.6-SNAPSHOT +image: onap/aaf/aaf_locate:2.1.7-SNAPSHOT aaf_register_as: "aaf-locate.onap" pullPolicy: Always diff --git a/charts/aaf-oauth/values.yaml b/charts/aaf-oauth/values.yaml index a915fed..99de329 100644 --- a/charts/aaf-oauth/values.yaml +++ b/charts/aaf-oauth/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_oauth:2.1.6-SNAPSHOT +image: onap/aaf/aaf_oauth:2.1.7-SNAPSHOT aaf_register_as: "aaf-oauth.onap" pullPolicy: Always diff --git a/charts/aaf-service/values.yaml b/charts/aaf-service/values.yaml index 83c6d3a..a3f1545 100644 --- a/charts/aaf-service/values.yaml +++ b/charts/aaf-service/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_service:2.1.6-SNAPSHOT +image: onap/aaf/aaf_service:2.1.7-SNAPSHOT aaf_register_as: "aaf-service.onap" pullPolicy: Always diff --git a/values.yaml b/values.yaml index 787eb84..ea0827f 100644 --- a/values.yaml +++ b/values.yaml @@ -21,7 +21,7 @@ global: readinessImage: readiness-check:2.0.0 ubuntuInitRepository: registry.hub.docker.com ubuntuInitImage: oomk8s/ubuntu-init:2.0.0 - configImage: onap/aaf/aaf_config:2.1.6-SNAPSHOT + configImage: onap/aaf/aaf_config:2.1.7-SNAPSHOT persistence: enabled: true -- cgit 1.2.3-korg From 6c0fc65c199ae68b0eb0d63cd003bb5cbf9faf4e Mon Sep 17 00:00:00 2001 From: Gary Wu Date: Wed, 7 Nov 2018 09:29:24 -0800 Subject: Sync docker tags with release manifest Sync docker tags with the release manifest from integration repo commit 1e16c7e67d1fdeadab3789b07d6d2f47b7d0ffd7. Change-Id: If580d0000108ce9ff70ad128b9bc93bf4364376b Issue-ID: INT-663 Signed-off-by: Gary Wu --- charts/aaf-cm/values.yaml | 2 +- charts/aaf-fs/values.yaml | 2 +- charts/aaf-gui/values.yaml | 2 +- charts/aaf-hello/values.yaml | 2 +- charts/aaf-locate/values.yaml | 2 +- charts/aaf-oauth/values.yaml | 2 +- charts/aaf-service/values.yaml | 2 +- values.yaml | 2 +- 8 files changed, 8 insertions(+), 8 deletions(-) diff --git a/charts/aaf-cm/values.yaml b/charts/aaf-cm/values.yaml index 6bd03cf..117427a 100644 --- a/charts/aaf-cm/values.yaml +++ b/charts/aaf-cm/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_cm:2.1.7-SNAPSHOT +image: onap/aaf/aaf_cm:2.1.6 aaf_register_as: "aaf-cm.onap" pullPolicy: Always diff --git a/charts/aaf-fs/values.yaml b/charts/aaf-fs/values.yaml index 07e832b..ad2e2d7 100644 --- a/charts/aaf-fs/values.yaml +++ b/charts/aaf-fs/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_fs:2.1.7-SNAPSHOT +image: onap/aaf/aaf_fs:2.1.6 aaf_register_as: "aaf-fs.onap" pullPolicy: Always diff --git a/charts/aaf-gui/values.yaml b/charts/aaf-gui/values.yaml index dd8162b..c0dbb53 100644 --- a/charts/aaf-gui/values.yaml +++ b/charts/aaf-gui/values.yaml @@ -26,7 +26,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_gui:2.1.7-SNAPSHOT +image: onap/aaf/aaf_gui:2.1.6 aaf_register_as: "aaf-gui.onap" pullPolicy: Always diff --git a/charts/aaf-hello/values.yaml b/charts/aaf-hello/values.yaml index fb5914d..a21db5e 100644 --- a/charts/aaf-hello/values.yaml +++ b/charts/aaf-hello/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_hello:2.1.7-SNAPSHOT +image: onap/aaf/aaf_hello:2.1.6 aaf_register_as: "aaf-hello.onap" pullPolicy: Always diff --git a/charts/aaf-locate/values.yaml b/charts/aaf-locate/values.yaml index e65d6e3..924eb4d 100644 --- a/charts/aaf-locate/values.yaml +++ b/charts/aaf-locate/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_locate:2.1.7-SNAPSHOT +image: onap/aaf/aaf_locate:2.1.6 aaf_register_as: "aaf-locate.onap" pullPolicy: Always diff --git a/charts/aaf-oauth/values.yaml b/charts/aaf-oauth/values.yaml index 99de329..dce0297 100644 --- a/charts/aaf-oauth/values.yaml +++ b/charts/aaf-oauth/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_oauth:2.1.7-SNAPSHOT +image: onap/aaf/aaf_oauth:2.1.6 aaf_register_as: "aaf-oauth.onap" pullPolicy: Always diff --git a/charts/aaf-service/values.yaml b/charts/aaf-service/values.yaml index a3f1545..e898bb5 100644 --- a/charts/aaf-service/values.yaml +++ b/charts/aaf-service/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_service:2.1.7-SNAPSHOT +image: onap/aaf/aaf_service:2.1.6 aaf_register_as: "aaf-service.onap" pullPolicy: Always diff --git a/values.yaml b/values.yaml index ea0827f..1c4bc5c 100644 --- a/values.yaml +++ b/values.yaml @@ -21,7 +21,7 @@ global: readinessImage: readiness-check:2.0.0 ubuntuInitRepository: registry.hub.docker.com ubuntuInitImage: oomk8s/ubuntu-init:2.0.0 - configImage: onap/aaf/aaf_config:2.1.7-SNAPSHOT + configImage: onap/aaf/aaf_config:2.1.6 persistence: enabled: true -- cgit 1.2.3-korg From 6b59d8ed5b94bc3e9843350641062f4db724cecf Mon Sep 17 00:00:00 2001 From: Instrumental Date: Fri, 9 Nov 2018 08:11:18 -0600 Subject: Move to AAF 2.1.7 Release Issue-ID: AAF-620 Change-Id: Iafdc20818e52dab4b6ab56a8053553d6dfe02e6a Signed-off-by: Instrumental --- charts/aaf-cm/values.yaml | 2 +- charts/aaf-cs/values.yaml | 2 +- charts/aaf-fs/values.yaml | 2 +- charts/aaf-gui/values.yaml | 2 +- charts/aaf-hello/values.yaml | 2 +- charts/aaf-locate/values.yaml | 2 +- charts/aaf-oauth/values.yaml | 2 +- charts/aaf-service/values.yaml | 2 +- values.yaml | 2 +- 9 files changed, 9 insertions(+), 9 deletions(-) diff --git a/charts/aaf-cm/values.yaml b/charts/aaf-cm/values.yaml index 117427a..213a098 100644 --- a/charts/aaf-cm/values.yaml +++ b/charts/aaf-cm/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_cm:2.1.6 +image: onap/aaf/aaf_cm:2.1.7 aaf_register_as: "aaf-cm.onap" pullPolicy: Always diff --git a/charts/aaf-cs/values.yaml b/charts/aaf-cs/values.yaml index a81bfed..7790fd0 100644 --- a/charts/aaf-cs/values.yaml +++ b/charts/aaf-cs/values.yaml @@ -24,7 +24,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_cass:2.1.7-SNAPSHOT +image: onap/aaf/aaf_cass:2.1.7 pullPolicy: Always # application configuration diff --git a/charts/aaf-fs/values.yaml b/charts/aaf-fs/values.yaml index ad2e2d7..0c330a0 100644 --- a/charts/aaf-fs/values.yaml +++ b/charts/aaf-fs/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_fs:2.1.6 +image: onap/aaf/aaf_fs:2.1.7 aaf_register_as: "aaf-fs.onap" pullPolicy: Always diff --git a/charts/aaf-gui/values.yaml b/charts/aaf-gui/values.yaml index c0dbb53..d57e151 100644 --- a/charts/aaf-gui/values.yaml +++ b/charts/aaf-gui/values.yaml @@ -26,7 +26,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_gui:2.1.6 +image: onap/aaf/aaf_gui:2.1.7 aaf_register_as: "aaf-gui.onap" pullPolicy: Always diff --git a/charts/aaf-hello/values.yaml b/charts/aaf-hello/values.yaml index a21db5e..2b76d24 100644 --- a/charts/aaf-hello/values.yaml +++ b/charts/aaf-hello/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_hello:2.1.6 +image: onap/aaf/aaf_hello:2.1.7 aaf_register_as: "aaf-hello.onap" pullPolicy: Always diff --git a/charts/aaf-locate/values.yaml b/charts/aaf-locate/values.yaml index 924eb4d..58a5f05 100644 --- a/charts/aaf-locate/values.yaml +++ b/charts/aaf-locate/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_locate:2.1.6 +image: onap/aaf/aaf_locate:2.1.7 aaf_register_as: "aaf-locate.onap" pullPolicy: Always diff --git a/charts/aaf-oauth/values.yaml b/charts/aaf-oauth/values.yaml index dce0297..e043f46 100644 --- a/charts/aaf-oauth/values.yaml +++ b/charts/aaf-oauth/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_oauth:2.1.6 +image: onap/aaf/aaf_oauth:2.1.7 aaf_register_as: "aaf-oauth.onap" pullPolicy: Always diff --git a/charts/aaf-service/values.yaml b/charts/aaf-service/values.yaml index e898bb5..7684eb0 100644 --- a/charts/aaf-service/values.yaml +++ b/charts/aaf-service/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_service:2.1.6 +image: onap/aaf/aaf_service:2.1.7 aaf_register_as: "aaf-service.onap" pullPolicy: Always diff --git a/values.yaml b/values.yaml index 1c4bc5c..dc87e6f 100644 --- a/values.yaml +++ b/values.yaml @@ -21,7 +21,7 @@ global: readinessImage: readiness-check:2.0.0 ubuntuInitRepository: registry.hub.docker.com ubuntuInitImage: oomk8s/ubuntu-init:2.0.0 - configImage: onap/aaf/aaf_config:2.1.6 + configImage: onap/aaf/aaf_config:2.1.7 persistence: enabled: true -- cgit 1.2.3-korg From 334aac47ab4bc5ffd3a51190841e4dc16f950dfb Mon Sep 17 00:00:00 2001 From: Instrumental Date: Wed, 14 Nov 2018 09:25:59 -0600 Subject: AAF version to 2.1.8 Issue-ID: AAF-630 Change-Id: I26b61e5734a0a0249f66325594dc50e03b613727 Signed-off-by: Instrumental --- charts/aaf-cm/values.yaml | 2 +- charts/aaf-cs/values.yaml | 2 +- charts/aaf-fs/values.yaml | 2 +- charts/aaf-gui/values.yaml | 2 +- charts/aaf-hello/values.yaml | 2 +- charts/aaf-locate/values.yaml | 2 +- charts/aaf-oauth/values.yaml | 2 +- charts/aaf-service/values.yaml | 2 +- values.yaml | 2 +- 9 files changed, 9 insertions(+), 9 deletions(-) diff --git a/charts/aaf-cm/values.yaml b/charts/aaf-cm/values.yaml index 213a098..695e65c 100644 --- a/charts/aaf-cm/values.yaml +++ b/charts/aaf-cm/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_cm:2.1.7 +image: onap/aaf/aaf_cm:2.1.8 aaf_register_as: "aaf-cm.onap" pullPolicy: Always diff --git a/charts/aaf-cs/values.yaml b/charts/aaf-cs/values.yaml index 7790fd0..1d806bc 100644 --- a/charts/aaf-cs/values.yaml +++ b/charts/aaf-cs/values.yaml @@ -24,7 +24,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_cass:2.1.7 +image: onap/aaf/aaf_cass:2.1.8 pullPolicy: Always # application configuration diff --git a/charts/aaf-fs/values.yaml b/charts/aaf-fs/values.yaml index 0c330a0..e18094a 100644 --- a/charts/aaf-fs/values.yaml +++ b/charts/aaf-fs/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_fs:2.1.7 +image: onap/aaf/aaf_fs:2.1.8 aaf_register_as: "aaf-fs.onap" pullPolicy: Always diff --git a/charts/aaf-gui/values.yaml b/charts/aaf-gui/values.yaml index d57e151..7ae0e66 100644 --- a/charts/aaf-gui/values.yaml +++ b/charts/aaf-gui/values.yaml @@ -26,7 +26,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_gui:2.1.7 +image: onap/aaf/aaf_gui:2.1.8 aaf_register_as: "aaf-gui.onap" pullPolicy: Always diff --git a/charts/aaf-hello/values.yaml b/charts/aaf-hello/values.yaml index 2b76d24..3432211 100644 --- a/charts/aaf-hello/values.yaml +++ b/charts/aaf-hello/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_hello:2.1.7 +image: onap/aaf/aaf_hello:2.1.8 aaf_register_as: "aaf-hello.onap" pullPolicy: Always diff --git a/charts/aaf-locate/values.yaml b/charts/aaf-locate/values.yaml index 58a5f05..8cbf7cf 100644 --- a/charts/aaf-locate/values.yaml +++ b/charts/aaf-locate/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_locate:2.1.7 +image: onap/aaf/aaf_locate:2.1.8 aaf_register_as: "aaf-locate.onap" pullPolicy: Always diff --git a/charts/aaf-oauth/values.yaml b/charts/aaf-oauth/values.yaml index e043f46..d90b3d7 100644 --- a/charts/aaf-oauth/values.yaml +++ b/charts/aaf-oauth/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_oauth:2.1.7 +image: onap/aaf/aaf_oauth:2.1.8 aaf_register_as: "aaf-oauth.onap" pullPolicy: Always diff --git a/charts/aaf-service/values.yaml b/charts/aaf-service/values.yaml index 7684eb0..7b730a7 100644 --- a/charts/aaf-service/values.yaml +++ b/charts/aaf-service/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_service:2.1.7 +image: onap/aaf/aaf_service:2.1.8 aaf_register_as: "aaf-service.onap" pullPolicy: Always diff --git a/values.yaml b/values.yaml index dc87e6f..24351da 100644 --- a/values.yaml +++ b/values.yaml @@ -21,7 +21,7 @@ global: readinessImage: readiness-check:2.0.0 ubuntuInitRepository: registry.hub.docker.com ubuntuInitImage: oomk8s/ubuntu-init:2.0.0 - configImage: onap/aaf/aaf_config:2.1.7 + configImage: onap/aaf/aaf_config:2.1.8 persistence: enabled: true -- cgit 1.2.3-korg From fb4e392ad25d765fb68ed2c942f912b9b3090f8e Mon Sep 17 00:00:00 2001 From: Gary Wu Date: Thu, 15 Nov 2018 18:27:40 -0800 Subject: Sync docker tags with release manifest Sync docker tags with the release manifest from integration repo commit b37a3cfdaf92c4855660d2f0c1b20eb482b99bd4. Change-Id: Iabb203836d0c0adb5604a9303d4a108142ec6757 Issue-ID: INT-663 Signed-off-by: Gary Wu --- charts/aaf-cm/values.yaml | 2 +- charts/aaf-fs/values.yaml | 2 +- charts/aaf-gui/values.yaml | 2 +- charts/aaf-hello/values.yaml | 2 +- charts/aaf-locate/values.yaml | 2 +- charts/aaf-oauth/values.yaml | 2 +- charts/aaf-service/values.yaml | 2 +- values.yaml | 2 +- 8 files changed, 8 insertions(+), 8 deletions(-) diff --git a/charts/aaf-cm/values.yaml b/charts/aaf-cm/values.yaml index 213a098..695e65c 100644 --- a/charts/aaf-cm/values.yaml +++ b/charts/aaf-cm/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_cm:2.1.7 +image: onap/aaf/aaf_cm:2.1.8 aaf_register_as: "aaf-cm.onap" pullPolicy: Always diff --git a/charts/aaf-fs/values.yaml b/charts/aaf-fs/values.yaml index 0c330a0..e18094a 100644 --- a/charts/aaf-fs/values.yaml +++ b/charts/aaf-fs/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_fs:2.1.7 +image: onap/aaf/aaf_fs:2.1.8 aaf_register_as: "aaf-fs.onap" pullPolicy: Always diff --git a/charts/aaf-gui/values.yaml b/charts/aaf-gui/values.yaml index d57e151..7ae0e66 100644 --- a/charts/aaf-gui/values.yaml +++ b/charts/aaf-gui/values.yaml @@ -26,7 +26,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_gui:2.1.7 +image: onap/aaf/aaf_gui:2.1.8 aaf_register_as: "aaf-gui.onap" pullPolicy: Always diff --git a/charts/aaf-hello/values.yaml b/charts/aaf-hello/values.yaml index 2b76d24..3432211 100644 --- a/charts/aaf-hello/values.yaml +++ b/charts/aaf-hello/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_hello:2.1.7 +image: onap/aaf/aaf_hello:2.1.8 aaf_register_as: "aaf-hello.onap" pullPolicy: Always diff --git a/charts/aaf-locate/values.yaml b/charts/aaf-locate/values.yaml index 58a5f05..8cbf7cf 100644 --- a/charts/aaf-locate/values.yaml +++ b/charts/aaf-locate/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_locate:2.1.7 +image: onap/aaf/aaf_locate:2.1.8 aaf_register_as: "aaf-locate.onap" pullPolicy: Always diff --git a/charts/aaf-oauth/values.yaml b/charts/aaf-oauth/values.yaml index e043f46..d90b3d7 100644 --- a/charts/aaf-oauth/values.yaml +++ b/charts/aaf-oauth/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_oauth:2.1.7 +image: onap/aaf/aaf_oauth:2.1.8 aaf_register_as: "aaf-oauth.onap" pullPolicy: Always diff --git a/charts/aaf-service/values.yaml b/charts/aaf-service/values.yaml index 7684eb0..7b730a7 100644 --- a/charts/aaf-service/values.yaml +++ b/charts/aaf-service/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_service:2.1.7 +image: onap/aaf/aaf_service:2.1.8 aaf_register_as: "aaf-service.onap" pullPolicy: Always diff --git a/values.yaml b/values.yaml index dc87e6f..24351da 100644 --- a/values.yaml +++ b/values.yaml @@ -21,7 +21,7 @@ global: readinessImage: readiness-check:2.0.0 ubuntuInitRepository: registry.hub.docker.com ubuntuInitImage: oomk8s/ubuntu-init:2.0.0 - configImage: onap/aaf/aaf_config:2.1.7 + configImage: onap/aaf/aaf_config:2.1.8 persistence: enabled: true -- cgit 1.2.3-korg From 3c4efc767047a358b8dc9373e02de6b096f7a973 Mon Sep 17 00:00:00 2001 From: Kiran Kamineni Date: Tue, 18 Dec 2018 13:30:38 -0800 Subject: Reconfigure nodeport usage Removed the nodeport usage for sms-db Converted all multicloud-prometheus charts to use ClusterIP for now. We can allocate nodeports for them later on when the services are requested by other services in multicloud. Also, disabled the multicloud-prometheus charts from starting up by default. Change once dependent charts or services are added. Issue-ID: OOM-1555 Change-Id: I2dddc54015844de3abbbf786f95b8bb6eba92d86 Signed-off-by: Kiran Kamineni --- charts/aaf-sms/charts/aaf-sms-vault/values.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/aaf-sms/charts/aaf-sms-vault/values.yaml b/charts/aaf-sms/charts/aaf-sms-vault/values.yaml index 58017bd..355cd60 100644 --- a/charts/aaf-sms/charts/aaf-sms-vault/values.yaml +++ b/charts/aaf-sms/charts/aaf-sms-vault/values.yaml @@ -81,11 +81,11 @@ persistence: mountSubPath: sms/consul/data service: - type: NodePort + type: ClusterIP name: aaf-sms-db portName: aaf-sms-db internalPort: 8200 - nodePort: 44 + externalPort: 8200 ingress: enabled: false -- cgit 1.2.3-korg From abb13fe77c54bdc876f6b7c4833d113f553c04ac Mon Sep 17 00:00:00 2001 From: dkamdocs Date: Fri, 21 Dec 2018 09:25:53 +0000 Subject: global image pull issue Issue-ID: OOM-1563 Change-Id: I383dbec29291ba5b13d613f60d8eb343b9c59dda Signed-off-by: dkamdocs --- charts/aaf-sms/charts/aaf-sms-quorumclient/templates/statefulset.yaml | 2 +- charts/aaf-sms/templates/deployment.yaml | 2 +- charts/aaf-sms/templates/job.yaml | 2 +- charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/job.yaml | 2 +- charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/statefulset.yaml | 2 +- charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/job.yaml | 4 ++-- charts/aaf-sshsm/charts/aaf-sshsm-testca/templates/job.yaml | 2 +- 7 files changed, 8 insertions(+), 8 deletions(-) diff --git a/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/statefulset.yaml b/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/statefulset.yaml index 0a83e85..16f8092 100644 --- a/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/statefulset.yaml +++ b/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/statefulset.yaml @@ -34,7 +34,7 @@ spec: containers: - image: "{{ include "common.repository" . }}/{{ .Values.image }}" name: {{ include "common.name" . }} - imagePullPolicy: {{ .Values.pullPolicy }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: ["/quorumclient/bin/quorumclient"] workingDir: /quorumclient/ volumeMounts: diff --git a/charts/aaf-sms/templates/deployment.yaml b/charts/aaf-sms/templates/deployment.yaml index ed24f67..ca35fdc 100644 --- a/charts/aaf-sms/templates/deployment.yaml +++ b/charts/aaf-sms/templates/deployment.yaml @@ -49,7 +49,7 @@ spec: fieldPath: metadata.namespace containers: - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.pullPolicy }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }} command: ["/sms/bin/sms"] workingDir: /sms/ diff --git a/charts/aaf-sms/templates/job.yaml b/charts/aaf-sms/templates/job.yaml index 2cee8d5..a5446ab 100644 --- a/charts/aaf-sms/templates/job.yaml +++ b/charts/aaf-sms/templates/job.yaml @@ -51,7 +51,7 @@ spec: fieldPath: metadata.namespace containers: - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.pullPolicy }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }}-preload command: - "/sms/bin/preload" diff --git a/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/job.yaml b/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/job.yaml index 8b2e0b8..5618dd5 100644 --- a/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/job.yaml +++ b/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/job.yaml @@ -38,7 +38,7 @@ spec: containers: - name: {{ include "common.name" . }}-job image: "{{ include "common.repository" . }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.pullPolicy }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: ["/abrmd/bin/initialize_tpm.sh"] workingDir: /abrmd/bin securityContext: diff --git a/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/statefulset.yaml b/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/statefulset.yaml index a3a2004..4a1dd5c 100644 --- a/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/statefulset.yaml +++ b/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/statefulset.yaml @@ -53,7 +53,7 @@ spec: containers: - image: "{{ include "common.repository" . }}/{{ .Values.image }}" name: {{ include "common.name" . }} - imagePullPolicy: {{ .Values.pullPolicy }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: ["/abrmd/bin/run_abrmd.sh"] workingDir: /abrmd/bin securityContext: diff --git a/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/job.yaml b/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/job.yaml index 69a9956..3db88b6 100644 --- a/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/job.yaml +++ b/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/job.yaml @@ -73,7 +73,7 @@ spec: containers: - image: "{{ include "common.repository" . }}/{{ .Values.image }}" name: {{ include "common.name" . }} - imagePullPolicy: {{ .Values.pullPolicy }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: ["/entrypoint.sh"] workingDir: /distcenter volumeMounts: @@ -102,4 +102,4 @@ spec: imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" -{{- end -}} \ No newline at end of file +{{- end -}} diff --git a/charts/aaf-sshsm/charts/aaf-sshsm-testca/templates/job.yaml b/charts/aaf-sshsm/charts/aaf-sshsm-testca/templates/job.yaml index 304f974..fc993df 100644 --- a/charts/aaf-sshsm/charts/aaf-sshsm-testca/templates/job.yaml +++ b/charts/aaf-sshsm/charts/aaf-sshsm-testca/templates/job.yaml @@ -70,7 +70,7 @@ spec: containers: - image: "{{ include "common.repository" . }}/{{ .Values.image }}" name: {{ include "common.name" . }} - imagePullPolicy: {{ .Values.pullPolicy }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: ["./import.sh"] workingDir: /testca/bin env: -- cgit 1.2.3-korg From 3605c84f0b643e995606468cceb957b3ad294325 Mon Sep 17 00:00:00 2001 From: Mike Elliott Date: Sun, 10 Feb 2019 17:52:51 -0500 Subject: Update Chart version for Dublin Release All charts are being bumped from 3.0.0 to 4.0.0 for the Dublin release. In addition the requirement.yaml files have been updated to allow for chart versions that include timestamp suffix. A following on patch will take care of changes to the OOM Makefiles to support injection of the timestamp versions. Change-Id: Ie03d86fad2027e975e8b9106e3a828e4335037cb Issue-ID: OOM-1642 Signed-off-by: Mike Elliott --- Chart.yaml | 2 +- charts/aaf-cm/Chart.yaml | 2 +- charts/aaf-cs/Chart.yaml | 2 +- charts/aaf-fs/Chart.yaml | 2 +- charts/aaf-gui/Chart.yaml | 2 +- charts/aaf-hello/Chart.yaml | 2 +- charts/aaf-locate/Chart.yaml | 2 +- charts/aaf-oauth/Chart.yaml | 2 +- charts/aaf-service/Chart.yaml | 2 +- charts/aaf-sms/Chart.yaml | 2 +- charts/aaf-sms/charts/aaf-sms-quorumclient/Chart.yaml | 2 +- charts/aaf-sms/charts/aaf-sms-vault/Chart.yaml | 2 +- charts/aaf-sshsm/Chart.yaml | 2 +- charts/aaf-sshsm/charts/aaf-sshsm-abrmd/Chart.yaml | 2 +- charts/aaf-sshsm/charts/aaf-sshsm-distcenter/Chart.yaml | 2 +- charts/aaf-sshsm/charts/aaf-sshsm-testca/Chart.yaml | 2 +- charts/aaf-sshsm/requirements.yaml | 2 +- requirements.yaml | 2 +- 18 files changed, 18 insertions(+), 18 deletions(-) diff --git a/Chart.yaml b/Chart.yaml index 6de2f28..b7bfb7f 100644 --- a/Chart.yaml +++ b/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP Application Authorization Framework name: aaf -version: 3.0.0 +version: 4.0.0 diff --git a/charts/aaf-cm/Chart.yaml b/charts/aaf-cm/Chart.yaml index 68c5ca2..3ece45d 100644 --- a/charts/aaf-cm/Chart.yaml +++ b/charts/aaf-cm/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP AAF Certificate Manager name: aaf-cm -version: 3.0.0 +version: 4.0.0 diff --git a/charts/aaf-cs/Chart.yaml b/charts/aaf-cs/Chart.yaml index e3197f2..ff083ac 100644 --- a/charts/aaf-cs/Chart.yaml +++ b/charts/aaf-cs/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP AAF cassandra name: aaf-cs -version: 3.0.0 +version: 4.0.0 diff --git a/charts/aaf-fs/Chart.yaml b/charts/aaf-fs/Chart.yaml index eada78b..5c94aa8 100644 --- a/charts/aaf-fs/Chart.yaml +++ b/charts/aaf-fs/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP AAF File Server name: aaf-fs -version: 3.0.0 \ No newline at end of file +version: 4.0.0 \ No newline at end of file diff --git a/charts/aaf-gui/Chart.yaml b/charts/aaf-gui/Chart.yaml index 26d4a91..3313c66 100644 --- a/charts/aaf-gui/Chart.yaml +++ b/charts/aaf-gui/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP AAF GUI name: aaf-gui -version: 3.0.0 \ No newline at end of file +version: 4.0.0 \ No newline at end of file diff --git a/charts/aaf-hello/Chart.yaml b/charts/aaf-hello/Chart.yaml index 734cf14..89f061b 100644 --- a/charts/aaf-hello/Chart.yaml +++ b/charts/aaf-hello/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP AAF Hello name: aaf-hello -version: 3.0.0 \ No newline at end of file +version: 4.0.0 \ No newline at end of file diff --git a/charts/aaf-locate/Chart.yaml b/charts/aaf-locate/Chart.yaml index 0f4bfd9..10c2b3e 100644 --- a/charts/aaf-locate/Chart.yaml +++ b/charts/aaf-locate/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP AAF Locate name: aaf-locate -version: 3.0.0 \ No newline at end of file +version: 4.0.0 \ No newline at end of file diff --git a/charts/aaf-oauth/Chart.yaml b/charts/aaf-oauth/Chart.yaml index a587881..4ce29df 100644 --- a/charts/aaf-oauth/Chart.yaml +++ b/charts/aaf-oauth/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP AAF OAuth name: aaf-oauth -version: 3.0.0 \ No newline at end of file +version: 4.0.0 \ No newline at end of file diff --git a/charts/aaf-service/Chart.yaml b/charts/aaf-service/Chart.yaml index 42a3394..80b2b8f 100644 --- a/charts/aaf-service/Chart.yaml +++ b/charts/aaf-service/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP AAF Service name: aaf-service -version: 3.0.0 +version: 4.0.0 diff --git a/charts/aaf-sms/Chart.yaml b/charts/aaf-sms/Chart.yaml index ad633c5..9402b00 100644 --- a/charts/aaf-sms/Chart.yaml +++ b/charts/aaf-sms/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP Secret Management Service name: aaf-sms -version: 3.0.0 +version: 4.0.0 diff --git a/charts/aaf-sms/charts/aaf-sms-quorumclient/Chart.yaml b/charts/aaf-sms/charts/aaf-sms-quorumclient/Chart.yaml index d8f957e..88079d2 100644 --- a/charts/aaf-sms/charts/aaf-sms-quorumclient/Chart.yaml +++ b/charts/aaf-sms/charts/aaf-sms-quorumclient/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP Secret Management Service Quorum Client name: aaf-sms-quorumclient -version: 3.0.0 +version: 4.0.0 diff --git a/charts/aaf-sms/charts/aaf-sms-vault/Chart.yaml b/charts/aaf-sms/charts/aaf-sms-vault/Chart.yaml index 44a5a6b..2c8a7a6 100644 --- a/charts/aaf-sms/charts/aaf-sms-vault/Chart.yaml +++ b/charts/aaf-sms/charts/aaf-sms-vault/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: Chart to launch Vault as SMS backend name: aaf-sms-vault appVersion: 0.9.5 -version: 3.0.0 +version: 4.0.0 diff --git a/charts/aaf-sshsm/Chart.yaml b/charts/aaf-sshsm/Chart.yaml index 78b10c5..6ad7e7f 100644 --- a/charts/aaf-sshsm/Chart.yaml +++ b/charts/aaf-sshsm/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP Hardware Security Components name: aaf-sshsm -version: 3.0.0 +version: 4.0.0 diff --git a/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/Chart.yaml b/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/Chart.yaml index 9e8b16a..ce74887 100644 --- a/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/Chart.yaml +++ b/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP Trusted Platform Module Resource Manager name: aaf-sshsm-abrmd -version: 3.0.0 +version: 4.0.0 diff --git a/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/Chart.yaml b/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/Chart.yaml index 3bb8846..14ddd7b 100644 --- a/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/Chart.yaml +++ b/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP Trusted Platform Module Distribution Center name: aaf-sshsm-distcenter -version: 3.0.0 +version: 4.0.0 diff --git a/charts/aaf-sshsm/charts/aaf-sshsm-testca/Chart.yaml b/charts/aaf-sshsm/charts/aaf-sshsm-testca/Chart.yaml index 3855b04..6260cdd 100644 --- a/charts/aaf-sshsm/charts/aaf-sshsm-testca/Chart.yaml +++ b/charts/aaf-sshsm/charts/aaf-sshsm-testca/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP Trusted Platform Module Test CA Service name: aaf-sshsm-testca -version: 3.0.0 +version: 4.0.0 diff --git a/charts/aaf-sshsm/requirements.yaml b/charts/aaf-sshsm/requirements.yaml index 3192c43..7c18fbc 100644 --- a/charts/aaf-sshsm/requirements.yaml +++ b/charts/aaf-sshsm/requirements.yaml @@ -14,5 +14,5 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' diff --git a/requirements.yaml b/requirements.yaml index 896eaf4..1d30dfd 100644 --- a/requirements.yaml +++ b/requirements.yaml @@ -14,5 +14,5 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' \ No newline at end of file -- cgit 1.2.3-korg From f266f9581f9dec3e944ad19e0ad16e03114937fe Mon Sep 17 00:00:00 2001 From: Kiran Kamineni Date: Tue, 19 Mar 2019 13:15:02 -0700 Subject: Remove nodeport for aaf-sms Nodeport exposes aaf-sms outside the cluster which is a security risk without the proper authentication systems in place. We will add external access if needed in the future. Issue-ID: OOM-1739 Change-Id: Ibefbd1c5656262131f00a2e53dbf5804f2ead084 Signed-off-by: Kiran Kamineni --- charts/aaf-sms/values.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/aaf-sms/values.yaml b/charts/aaf-sms/values.yaml index 8e7ea29..28b46c2 100644 --- a/charts/aaf-sms/values.yaml +++ b/charts/aaf-sms/values.yaml @@ -67,11 +67,11 @@ readiness: periodSeconds: 30 service: - type: NodePort + type: ClusterIP name: aaf-sms portName: aaf-sms internalPort: 10443 - nodePort: 43 + externalPort: 10443 persistence: enabled: true -- cgit 1.2.3-korg From 34822d43a5ea5047ec73cc9625757524c631724e Mon Sep 17 00:00:00 2001 From: Yang Xu Date: Wed, 24 Apr 2019 12:25:39 -0400 Subject: Remove DCAE image from update Change-Id: Ifa98f8610b0a96a28f3a3ded7cb65663e9455158 Issue-ID: INT-1042 Signed-off-by: Yang Xu --- charts/aaf-cm/values.yaml | 2 +- charts/aaf-cs/values.yaml | 2 +- charts/aaf-fs/values.yaml | 2 +- charts/aaf-gui/values.yaml | 2 +- charts/aaf-hello/values.yaml | 2 +- charts/aaf-locate/values.yaml | 2 +- charts/aaf-oauth/values.yaml | 2 +- charts/aaf-service/values.yaml | 2 +- values.yaml | 2 +- 9 files changed, 9 insertions(+), 9 deletions(-) diff --git a/charts/aaf-cm/values.yaml b/charts/aaf-cm/values.yaml index 695e65c..ec7de46 100644 --- a/charts/aaf-cm/values.yaml +++ b/charts/aaf-cm/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_cm:2.1.8 +image: onap/aaf/aaf_cm:2.1.9-SNAPSHOT-latest aaf_register_as: "aaf-cm.onap" pullPolicy: Always diff --git a/charts/aaf-cs/values.yaml b/charts/aaf-cs/values.yaml index 1d806bc..7783745 100644 --- a/charts/aaf-cs/values.yaml +++ b/charts/aaf-cs/values.yaml @@ -24,7 +24,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_cass:2.1.8 +image: onap/aaf/aaf_cass:2.1.9-SNAPSHOT-latest pullPolicy: Always # application configuration diff --git a/charts/aaf-fs/values.yaml b/charts/aaf-fs/values.yaml index e18094a..526a9fd 100644 --- a/charts/aaf-fs/values.yaml +++ b/charts/aaf-fs/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_fs:2.1.8 +image: onap/aaf/aaf_fs:2.1.9-SNAPSHOT-latest aaf_register_as: "aaf-fs.onap" pullPolicy: Always diff --git a/charts/aaf-gui/values.yaml b/charts/aaf-gui/values.yaml index 7ae0e66..145dec1 100644 --- a/charts/aaf-gui/values.yaml +++ b/charts/aaf-gui/values.yaml @@ -26,7 +26,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_gui:2.1.8 +image: onap/aaf/aaf_gui:2.1.9-SNAPSHOT-latest aaf_register_as: "aaf-gui.onap" pullPolicy: Always diff --git a/charts/aaf-hello/values.yaml b/charts/aaf-hello/values.yaml index 3432211..8c46b80 100644 --- a/charts/aaf-hello/values.yaml +++ b/charts/aaf-hello/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_hello:2.1.8 +image: onap/aaf/aaf_hello:2.1.9-SNAPSHOT-latest aaf_register_as: "aaf-hello.onap" pullPolicy: Always diff --git a/charts/aaf-locate/values.yaml b/charts/aaf-locate/values.yaml index 8cbf7cf..a323837 100644 --- a/charts/aaf-locate/values.yaml +++ b/charts/aaf-locate/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_locate:2.1.8 +image: onap/aaf/aaf_locate:2.1.9-SNAPSHOT-latest aaf_register_as: "aaf-locate.onap" pullPolicy: Always diff --git a/charts/aaf-oauth/values.yaml b/charts/aaf-oauth/values.yaml index d90b3d7..7cb9f3b 100644 --- a/charts/aaf-oauth/values.yaml +++ b/charts/aaf-oauth/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_oauth:2.1.8 +image: onap/aaf/aaf_oauth:2.1.9-SNAPSHOT-latest aaf_register_as: "aaf-oauth.onap" pullPolicy: Always diff --git a/charts/aaf-service/values.yaml b/charts/aaf-service/values.yaml index 7b730a7..42cebde 100644 --- a/charts/aaf-service/values.yaml +++ b/charts/aaf-service/values.yaml @@ -25,7 +25,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_service:2.1.8 +image: onap/aaf/aaf_service:2.1.9-SNAPSHOT-latest aaf_register_as: "aaf-service.onap" pullPolicy: Always diff --git a/values.yaml b/values.yaml index 24351da..5a095e4 100644 --- a/values.yaml +++ b/values.yaml @@ -21,7 +21,7 @@ global: readinessImage: readiness-check:2.0.0 ubuntuInitRepository: registry.hub.docker.com ubuntuInitImage: oomk8s/ubuntu-init:2.0.0 - configImage: onap/aaf/aaf_config:2.1.8 + configImage: onap/aaf/aaf_config:2.1.9-SNAPSHOT-latest persistence: enabled: true -- cgit 1.2.3-korg From 47ce43884c98186b4e841e3ded9d50777e13ca64 Mon Sep 17 00:00:00 2001 From: Instrumental Date: Wed, 1 May 2019 14:18:49 -0500 Subject: Apply Cert changes Issue-ID: AAF-822 Change-Id: I3185d827f3f67cb177534f7c7f3281375b77c613 Signed-off-by: Instrumental --- .gitignore | 1 + charts/aaf-cass/.helmignore | 21 +++++ charts/aaf-cass/Chart.yaml | 18 ++++ charts/aaf-cass/templates/NOTES.txt | 33 +++++++ charts/aaf-cass/templates/deployment.yaml | 118 ++++++++++++++++++++++++ charts/aaf-cass/templates/pv.yaml | 44 +++++++++ charts/aaf-cass/templates/pvc.yaml | 48 ++++++++++ charts/aaf-cass/templates/service.yaml | 49 ++++++++++ charts/aaf-cass/values.yaml | 90 ++++++++++++++++++ charts/aaf-cm/templates/deployment.yaml | 89 ++++++++++-------- charts/aaf-cm/templates/service.yaml | 16 +--- charts/aaf-cm/values.yaml | 45 ++++----- charts/aaf-cs/.helmignore | 21 ----- charts/aaf-cs/Chart.yaml | 18 ---- charts/aaf-cs/templates/NOTES.txt | 33 ------- charts/aaf-cs/templates/deployment.yaml | 92 ------------------ charts/aaf-cs/templates/pv.yaml | 44 --------- charts/aaf-cs/templates/pvc.yaml | 48 ---------- charts/aaf-cs/templates/service.yaml | 62 ------------- charts/aaf-cs/values.yaml | 97 ------------------- charts/aaf-fs/templates/deployment.yaml | 84 +++++++++-------- charts/aaf-fs/templates/service.yaml | 16 +--- charts/aaf-fs/values.yaml | 43 ++++----- charts/aaf-gui/templates/deployment.yaml | 88 ++++++++++-------- charts/aaf-gui/templates/service.yaml | 16 +--- charts/aaf-gui/values.yaml | 44 ++++----- charts/aaf-hello/templates/deployment.yaml | 89 ++++++++++-------- charts/aaf-hello/templates/service.yaml | 16 +--- charts/aaf-hello/values.yaml | 47 +++++----- charts/aaf-locate/templates/deployment.yaml | 88 ++++++++++-------- charts/aaf-locate/templates/service.yaml | 16 +--- charts/aaf-locate/values.yaml | 48 +++++----- charts/aaf-oauth/templates/deployment.yaml | 88 ++++++++++-------- charts/aaf-oauth/templates/service.yaml | 14 +-- charts/aaf-oauth/values.yaml | 49 +++++----- charts/aaf-service/templates/deployment.yaml | 91 ++++++++++-------- charts/aaf-service/templates/service.yaml | 16 +--- charts/aaf-service/values.yaml | 49 +++++----- charts/aaf-sms/charts/aaf-sms-vault/values.yaml | 2 +- templates/aaf-config-pv.yaml | 48 ++++++++++ templates/aaf-config-pvc.yaml | 52 +++++++++++ templates/aaf-status-pv.yaml | 48 ++++++++++ templates/aaf-status-pvc.yaml | 52 +++++++++++ values.yaml | 100 ++++++++++++++++---- 44 files changed, 1228 insertions(+), 963 deletions(-) create mode 100644 .gitignore create mode 100644 charts/aaf-cass/.helmignore create mode 100644 charts/aaf-cass/Chart.yaml create mode 100644 charts/aaf-cass/templates/NOTES.txt create mode 100644 charts/aaf-cass/templates/deployment.yaml create mode 100644 charts/aaf-cass/templates/pv.yaml create mode 100644 charts/aaf-cass/templates/pvc.yaml create mode 100644 charts/aaf-cass/templates/service.yaml create mode 100644 charts/aaf-cass/values.yaml delete mode 100644 charts/aaf-cs/.helmignore delete mode 100644 charts/aaf-cs/Chart.yaml delete mode 100644 charts/aaf-cs/templates/NOTES.txt delete mode 100644 charts/aaf-cs/templates/deployment.yaml delete mode 100644 charts/aaf-cs/templates/pv.yaml delete mode 100644 charts/aaf-cs/templates/pvc.yaml delete mode 100644 charts/aaf-cs/templates/service.yaml delete mode 100644 charts/aaf-cs/values.yaml create mode 100644 templates/aaf-config-pv.yaml create mode 100644 templates/aaf-config-pvc.yaml create mode 100644 templates/aaf-status-pv.yaml create mode 100644 templates/aaf-status-pvc.yaml diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..3a4f8ba --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +/sms/ diff --git a/charts/aaf-cass/.helmignore b/charts/aaf-cass/.helmignore new file mode 100644 index 0000000..daebc7d --- /dev/null +++ b/charts/aaf-cass/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/charts/aaf-cass/Chart.yaml b/charts/aaf-cass/Chart.yaml new file mode 100644 index 0000000..f06d149 --- /dev/null +++ b/charts/aaf-cass/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2018 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: ONAP AAF cassandra +name: aaf-cass +version: 4.0.0 diff --git a/charts/aaf-cass/templates/NOTES.txt b/charts/aaf-cass/templates/NOTES.txt new file mode 100644 index 0000000..bd74a42 --- /dev/null +++ b/charts/aaf-cass/templates/NOTES.txt @@ -0,0 +1,33 @@ +# Copyright © 2018 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} +{{- end }} diff --git a/charts/aaf-cass/templates/deployment.yaml b/charts/aaf-cass/templates/deployment.yaml new file mode 100644 index 0000000..c664d03 --- /dev/null +++ b/charts/aaf-cass/templates/deployment.yaml @@ -0,0 +1,118 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.global.aaf.cass.replicas }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + containers: + - name: {{ include "common.name" . }} + image: {{ .Values.global.repository }}/onap/aaf/aaf_cass:{{.Values.global.aaf.imageVersion}} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + # installing with cmd "onap" will not only initialize the DB, but add ONAP bootstrap data as well + command: ["/bin/bash","/opt/app/aaf/cass_init/cmd.sh","onap"] + lifecycle: + preStop: + exec: + command: ["/bin/sh","-c","rm /opt/app/aaf/status/aaf-cass"] + ports: + - name: storage + containerPort: {{.Values.global.aaf.cass.storage_port}} + - name: ssl-storage + containerPort: {{.Values.global.aaf.cass.ssl_storage_port}} + - name: native-trans + containerPort: {{.Values.global.aaf.cass.native_trans_port}} + - name: rpc + containerPort: {{.Values.global.aaf.cass.rpc_port}} + env: + - name: CASSANDRA_CLUSTER_NAME + value: {{.Values.global.aaf.cass.cluster_name}} + - name: CASSANDRA_DC + value: {{.Values.global.aaf.cass.dc}} + - name: HEAP_NEWSIZE + value: {{.Values.global.aaf.cass.heap_new_size}} + - name: MAX_HEAP_SIZE + value: {{.Values.global.aaf.cass.max_heap_size}} + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + volumeMounts: + - mountPath: /var/lib/cassandra + name: aaf-cass-vol + - mountPath: /opt/app/aaf/status + name: aaf-status-vol + - mountPath: /etc/localtime + name: localtime + readOnly: true + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{.Values.global.aaf.cass.native_trans_port}} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{.Values.global.aaf.cass.native_trans_port}} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + resources: +{{ include "common.resources" . | indent 10 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: aaf-status-vol + persistentVolumeClaim: + claimName: {{ .Release.Name }}-aaf-status-pvc + - name: aaf-cass-vol + {{- if .Values.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }}-pvc + {{- else }} + emptyDir: {} + {{- end }} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/charts/aaf-cass/templates/pv.yaml b/charts/aaf-cass/templates/pv.yaml new file mode 100644 index 0000000..8249d84 --- /dev/null +++ b/charts/aaf-cass/templates/pv.yaml @@ -0,0 +1,44 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }}-pv + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} +spec: + capacity: + storage: {{ .Values.persistence.size}} + accessModes: + - {{ .Values.persistence.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} +{{- if .Values.persistence.storageClass }} +{{- if (eq "-" .Values.persistence.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.storageClass }}" +{{- end }} +{{- end }} +{{- end -}} diff --git a/charts/aaf-cass/templates/pvc.yaml b/charts/aaf-cass/templates/pvc.yaml new file mode 100644 index 0000000..4f9dac0 --- /dev/null +++ b/charts/aaf-cass/templates/pvc.yaml @@ -0,0 +1,48 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ include "common.fullname" .}}-pvc + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + selector: + matchLabels: + app: {{ include "common.name" . }} + accessModes: + - {{ .Values.persistence.accessMode }} + resources: + requests: + storage: {{ .Values.persistence.size }} +{{- if .Values.persistence.storageClass }} +{{- if (eq "-" .Values.persistence.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.storageClass }}" +{{- end }} +{{- end }} +{{- end -}} diff --git a/charts/aaf-cass/templates/service.yaml b/charts/aaf-cass/templates/service.yaml new file mode 100644 index 0000000..71882b1 --- /dev/null +++ b/charts/aaf-cass/templates/service.yaml @@ -0,0 +1,49 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +# annotations: +# service.alpha.kubernetes.io/tolerate-unready-endpoints: "true" +spec: + type: {{ .Values.service.type }} + ports: + - name: storage + protocol: TCP + port: {{.Values.global.aaf.cass.storage_port}} + containerPort: {{.Values.global.aaf.cass.storage_port}} + - name: ssl-storage + protocol: TCP + port: {{.Values.global.aaf.cass.ssl_storage_port}} + containerPort: {{.Values.global.aaf.cass.ssl_storage_port}} + - name: native-trans + protocol: TCP + port: {{.Values.global.aaf.cass.native_trans_port}} + containerPort: {{.Values.global.aaf.cass.native_trans_port}} + - name: rpc + protocol: TCP + port: {{.Values.global.aaf.cass.rpc_port}} + containerPort: {{.Values.global.aaf.cass.rpc_port}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + clusterIP: None diff --git a/charts/aaf-cass/values.yaml b/charts/aaf-cass/values.yaml new file mode 100644 index 0000000..ee05a19 --- /dev/null +++ b/charts/aaf-cass/values.yaml @@ -0,0 +1,90 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 +flavor: small + +################################################################# +# Application configuration defaults. +################################################################# +# application configuration +config: {} + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 120 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 5 + periodSeconds: 10 + +service: + name: aaf-cass + type: ClusterIP + portName: aaf-cass + #targetPort + internalPort: 7000 + #port + externalPort: 7000 + + internalPort2: 7001 + externalPort2: 7001 + internalPort3: 9042 + externalPort3: 9042 + internalPort4: 9160 + externalPort4: 9160 + +ingress: + enabled: false + +# Configure resource requests and limits +resources: {} + # Following AAI's advice, and not trying to guess on Cass usage. Guessing just makes it slow +# small: +# limits: +# cpu: "1000m" +# memory: 4096Mi +# requests: +# cpu: 20m +# memory: 2048Mi +# large: +# limits: +# cpu: 400m +# memory: 12000Mi +# requests: +# cpu: 40m +# memory: 9000Mi +# unlimited: {} + +persistence: + enabled: true + #existingClaim: + mountPath: /dockerdata-nfs + mountSubPath: "cass" + volumeReclaimPolicy: Retain + accessMode: ReadWriteOnce + size: 20Gi + storageClass: "manual" diff --git a/charts/aaf-cm/templates/deployment.yaml b/charts/aaf-cm/templates/deployment.yaml index f78dfdc..87bcaa4 100644 --- a/charts/aaf-cm/templates/deployment.yaml +++ b/charts/aaf-cm/templates/deployment.yaml @@ -23,7 +23,7 @@ metadata: name: {{ include "common.fullname" . }} namespace: {{ include "common.namespace" . }} spec: - replicas: {{ .Values.replicaCount }} + replicas: {{ .Values.global.aaf.cm.replicas }} template: metadata: labels: @@ -32,61 +32,70 @@ spec: spec: initContainers: - name: {{ include "common.name" . }}-config-container - image: "{{ include "common.repository" . }}/{{ .Values.global.configImage }}" + image: {{ .Values.global.repository }}/onap/aaf/aaf_config:{{.Values.global.aaf.imageVersion}} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: ["bash","-c","cd /opt/app/aaf_config && bin/pod_wait.sh config aaf-service remove && bin/agent.sh"] volumeMounts: - mountPath: "/opt/app/osaaf" - name: {{ include "common.name" . }}-config-vol + name: aaf-config-vol + - mountPath: "/opt/app/aaf/status" + name: aaf-status-vol env: - - name: HOSTNAME - value: "{{ .Values.global.cadi.hostname }}" - - name: AAF_ENV - value: "{{ .Values.global.cadi.aaf_env }}" - - name: AAF_REGISTER_AS - value: "{{ .Values.aaf_register_as }}" - - name: LATITUDE - value: "{{ .Values.global.cadi.cadi_latitude }}" - - name: LONGITUDE - value: "{{ .Values.global.cadi.cadi_longitude }}" - - name: CASS_HOST - value: "{{ .Values.global.cadi.cass_host }}" - - name: AAF_LOCATOR_AS - value: "{{ .Values.global.cadi.cadi_locator_as }}" - - name: {{ include "common.name" . }}-readiness - command: - - /root/ready.py - args: - - --container-name - - aaf-locate - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + - name: aaf_env + value: "{{ .Values.global.aaf.aaf_env }}" + - name: cadi_latitude + value: "{{ .Values.global.aaf.cadi_latitude }}" + - name: cadi_longitude + value: "{{ .Values.global.aaf.cadi_longitude }}" + - name: cadi_x509_issuers + value: "{{ .Values.global.aaf.cadi_x509_issuers }}" + - name: aaf_locate_url + value: "https://aaf-locate.{{ .Release.Namespace}}:{{.Values.global.aaf.locate.internal_port}}" + - name: aaf_locator_container + value: "oom" + - name: aaf_release + value: "{{ .Values.global.aaf.aaf_release }}" + - name: aaf_locator_container_ns + value: "{{ .Release.Namespace }}" + - name: aaf_locator_container + value: "oom" + - name: aaf_locator_public_fqdn + value: "{{.Values.global.aaf.public_fqdn}}" + - name: aaf_locator_name + value: "{{.Values.global.aaf.aaf_locator_name}}" + - name: aaf_locator_name_oom + value: "{{.Values.global.aaf.aaf_locator_name_oom}}" + - name: CASSANDRA_CLUSTER + value: "{{.Values.global.aaf.cass.fqdn}}.{{ .Release.Namespace }}" +# - name: CASSANDRA_USER +# value: "" +# - name: CASSANDRA_PASSWORD +# value: "" +# - name: CASSANDRA_PORT +# value: "" containers: - name: {{ include "common.name" . }} - command: ["/bin/bash","/opt/app/aaf/pod/pod_wait.sh","aaf_cm","sleep","0","cd /opt/app/aaf;bin/cm"] - image: "{{ include "common.repository" . }}/{{ .Values.image }}" + command: ["/bin/bash","-c","cd /opt/app/aaf && /bin/bash bin/pod_wait.sh aaf-cm aaf-locate && exec bin/cm"] + image: {{ .Values.global.repository }}/onap/aaf/aaf_cm:{{.Values.global.aaf.imageVersion}} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: - mountPath: "/opt/app/osaaf" - name: {{ include "common.name" . }}-config-vol + name: aaf-config-vol + - mountPath: "/opt/app/aaf/status" + name: aaf-status-vol - mountPath: /etc/localtime name: localtime readOnly: true {{- if eq .Values.liveness.enabled true }} livenessProbe: tcpSocket: - port: {{ .Values.service.internalPort }} + port: {{ .Values.global.aaf.cm.internal_port }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} {{ end -}} readinessProbe: tcpSocket: - port: {{ .Values.service.internalPort }} + port: {{ .Values.global.aaf.cm.internal_port }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} resources: @@ -103,7 +112,11 @@ spec: - name: localtime hostPath: path: /etc/localtime - - name: {{ include "common.name" . }}-config-vol - emptyDir: {} + - name: aaf-status-vol + persistentVolumeClaim: + claimName: {{ .Release.Name }}-aaf-status-pvc + - name: aaf-config-vol + persistentVolumeClaim: + claimName: {{ .Release.Name }}-aaf-config-pvc imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/charts/aaf-cm/templates/service.yaml b/charts/aaf-cm/templates/service.yaml index 281aa1c..f54c4d8 100644 --- a/charts/aaf-cm/templates/service.yaml +++ b/charts/aaf-cm/templates/service.yaml @@ -24,18 +24,10 @@ metadata: heritage: {{ .Release.Service }} spec: ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.externalPort }} - #Example internal target port if required - #targetPort: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - {{- end}} + - port: {{ .Values.global.aaf.cm.internal_port }} + nodePort: {{ .Values.global.aaf.cm.public_port }} + name: aaf-cm selector: app: {{ include "common.name" . }} release: {{ .Release.Name }} - type: {{ .Values.service.type }} + type: "NodePort" diff --git a/charts/aaf-cm/values.yaml b/charts/aaf-cm/values.yaml index ec7de46..6ace7d1 100644 --- a/charts/aaf-cm/values.yaml +++ b/charts/aaf-cm/values.yaml @@ -24,14 +24,6 @@ flavor: small # Application configuration defaults. ################################################################# # application image -repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_cm:2.1.9-SNAPSHOT-latest -aaf_register_as: "aaf-cm.onap" -pullPolicy: Always - - -# default number of instances -replicaCount: 1 nodeSelector: {} @@ -39,14 +31,14 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 300 + initialDelaySeconds: 120 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: - initialDelaySeconds: 30 + initialDelaySeconds: 5 periodSeconds: 10 service: @@ -62,19 +54,20 @@ ingress: enabled: false # Configure resource requests and limits -resources: - small: - limits: - cpu: 200m - memory: 800Mi - requests: - cpu: 20m - memory: 500Mi - large: - limits: - cpu: 400m - memory: 1Gi - requests: - cpu: 40m - memory: 600Mi - unlimited: {} +resources: {} +# Allow END users to do this, if they want. Detrimental to Test services +# small: +# limits: +# cpu: 200m +# memory: 800Mi +# requests: +# cpu: 20m +# memory: 500Mi +# large: +# limits: +# cpu: 400m +# memory: 1Gi +# requests: +# cpu: 40m +# memory: 600Mi +# unlimited: {} diff --git a/charts/aaf-cs/.helmignore b/charts/aaf-cs/.helmignore deleted file mode 100644 index daebc7d..0000000 --- a/charts/aaf-cs/.helmignore +++ /dev/null @@ -1,21 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj diff --git a/charts/aaf-cs/Chart.yaml b/charts/aaf-cs/Chart.yaml deleted file mode 100644 index ff083ac..0000000 --- a/charts/aaf-cs/Chart.yaml +++ /dev/null @@ -1,18 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -description: ONAP AAF cassandra -name: aaf-cs -version: 4.0.0 diff --git a/charts/aaf-cs/templates/NOTES.txt b/charts/aaf-cs/templates/NOTES.txt deleted file mode 100644 index bd74a42..0000000 --- a/charts/aaf-cs/templates/NOTES.txt +++ /dev/null @@ -1,33 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -1. Get the application URL by running these commands: -{{- if .Values.ingress.enabled }} -{{- range .Values.ingress.hosts }} - http://{{ . }} -{{- end }} -{{- else if contains "NodePort" .Values.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT -{{- else if contains "LoadBalancer" .Values.service.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - echo http://$SERVICE_IP:{{ .Values.service.externalPort }} -{{- else if contains "ClusterIP" .Values.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - echo "Visit http://127.0.0.1:8080 to use your application" - kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} -{{- end }} diff --git a/charts/aaf-cs/templates/deployment.yaml b/charts/aaf-cs/templates/deployment.yaml deleted file mode 100644 index 3abdcb3..0000000 --- a/charts/aaf-cs/templates/deployment.yaml +++ /dev/null @@ -1,92 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - replicas: {{ .Values.replicaCount }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} - spec: - containers: - - name: {{ include "common.name" . }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: ["/bin/bash","/opt/app/aaf/cass_init/cmd.sh","onap"] - ports: - - containerPort: {{ .Values.service.externalPort }} - - containerPort: {{ .Values.service.externalPort2 }} - - containerPort: {{ .Values.service.externalPort3 }} - - containerPort: {{ .Values.service.externalPort4 }} - env: - - name: CASSANDRA_CLUSTER_NAME - value: "osaaf" - - name: CASSANDRA_DC - value: "dc1" - - name: HEAP_NEWSIZE - value: "512M" - - name: MAX_HEAP_SIZE - value: "1024M" - volumeMounts: - - mountPath: /var/lib/cassandra - name: cassandra-storage - - mountPath: /etc/localtime - name: localtime - readOnly: true - {{- if eq .Values.liveness.enabled true }} - livenessProbe: - tcpSocket: - port: {{ .Values.service.internalPort3 }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - {{ end -}} - readinessProbe: - tcpSocket: - port: {{ .Values.service.internalPort3 }} - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - resources: -{{ include "common.resources" . | indent 10 }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 10 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 10 }} - {{- end }} - volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name: cassandra-storage - {{- if .Values.persistence.enabled }} - persistentVolumeClaim: - claimName: {{ include "common.fullname" . }} - {{- else }} - emptyDir: {} - {{- end }} - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/charts/aaf-cs/templates/pv.yaml b/charts/aaf-cs/templates/pv.yaml deleted file mode 100644 index 4209179..0000000 --- a/charts/aaf-cs/templates/pv.yaml +++ /dev/null @@ -1,44 +0,0 @@ -{{/* -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }} -spec: - capacity: - storage: {{ .Values.persistence.size}} - accessModes: - - {{ .Values.persistence.accessMode }} - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} -{{- end -}} \ No newline at end of file diff --git a/charts/aaf-cs/templates/pvc.yaml b/charts/aaf-cs/templates/pvc.yaml deleted file mode 100644 index b102ffa..0000000 --- a/charts/aaf-cs/templates/pvc.yaml +++ /dev/null @@ -1,48 +0,0 @@ -{{/* -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" -{{- if .Values.persistence.annotations }} - annotations: -{{ toYaml .Values.persistence.annotations | indent 4 }} -{{- end }} -spec: - selector: - matchLabels: - app: {{ include "common.name" . }} - accessModes: - - {{ .Values.persistence.accessMode }} - resources: - requests: - storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} -{{- end -}} \ No newline at end of file diff --git a/charts/aaf-cs/templates/service.yaml b/charts/aaf-cs/templates/service.yaml deleted file mode 100644 index b1716e4..0000000 --- a/charts/aaf-cs/templates/service.yaml +++ /dev/null @@ -1,62 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -# annotations: -# service.alpha.kubernetes.io/tolerate-unready-endpoints: "true" -spec: - type: {{ .Values.service.type }} - ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.externalPort }} - #Example internal target port if required - #targetPort: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} - - port: {{ .Values.service.externalPort2 }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }} - name: {{ .Values.service.portName }}2 - - port: {{ .Values.service.externalPort3 }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort3 }} - name: {{ .Values.service.portName }}3 - - port: {{ .Values.service.externalPort4 }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort4 }} - name: {{ .Values.service.portName }}4 - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - - port: {{ .Values.service.externalPort2 }} - targetPort: {{ .Values.service.internalPort2 }} - name: {{ .Values.service.portName }}2 - - port: {{ .Values.service.externalPort3 }} - targetPort: {{ .Values.service.internalPort3 }} - name: {{ .Values.service.portName }}3 - - port: {{ .Values.service.externalPort4 }} - targetPort: {{ .Values.service.internalPort4 }} - name: {{ .Values.service.portName }}4 - {{- end}} - selector: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} - clusterIP: None diff --git a/charts/aaf-cs/values.yaml b/charts/aaf-cs/values.yaml deleted file mode 100644 index 7783745..0000000 --- a/charts/aaf-cs/values.yaml +++ /dev/null @@ -1,97 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration defaults. -################################################################# -global: - nodePortPrefix: 302 -flavor: small - -################################################################# -# Application configuration defaults. -################################################################# -# application image -repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_cass:2.1.9-SNAPSHOT-latest -pullPolicy: Always - -# application configuration -config: {} - -# default number of instances -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 300 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 120 - periodSeconds: 10 - -service: - name: aaf-cass - type: ClusterIP - portName: aaf-cs - #targetPort - internalPort: 7000 - #port - externalPort: 7000 - - internalPort2: 7001 - externalPort2: 7001 - internalPort3: 9042 - externalPort3: 9042 - internalPort4: 9160 - externalPort4: 9160 - -ingress: - enabled: false - -# Configure resource requests and limits -resources: - small: - limits: - cpu: 200m - memory: 10000Mi - requests: - cpu: 10m - memory: 8500Mi - large: - limits: - cpu: 400m - memory: 12000Mi - requests: - cpu: 40m - memory: 9000Mi - unlimited: {} - -persistence: - enabled: true - #existingClaim: - mountPath: /dockerdata-nfs - mountSubPath: "cass" - volumeReclaimPolicy: Retain - accessMode: ReadWriteOnce - size: 10Gi - storageClass: "manual" diff --git a/charts/aaf-fs/templates/deployment.yaml b/charts/aaf-fs/templates/deployment.yaml index b938448..9f97da9 100644 --- a/charts/aaf-fs/templates/deployment.yaml +++ b/charts/aaf-fs/templates/deployment.yaml @@ -23,7 +23,7 @@ metadata: name: {{ include "common.fullname" . }} namespace: {{ include "common.namespace" . }} spec: - replicas: {{ .Values.replicaCount }} + replicas: {{ .Values.global.aaf.fs.replicas }} template: metadata: labels: @@ -32,48 +32,56 @@ spec: spec: initContainers: - name: {{ include "common.name" . }}-config-container - image: "{{ include "common.repository" . }}/{{ .Values.global.configImage }}" + image: {{ .Values.global.repository }}/onap/aaf/aaf_config:{{.Values.global.aaf.imageVersion}} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: ["bash","-c","cd /opt/app/aaf_config && bin/pod_wait.sh config aaf-service remove && bin/agent.sh"] volumeMounts: - mountPath: "/opt/app/osaaf" - name: {{ include "common.name" . }}-config-vol + name: aaf-config-vol + - mountPath: "/opt/app/aaf/status" + name: aaf-status-vol env: - - name: HOSTNAME - value: "{{ .Values.global.cadi.hostname }}" - - name: AAF_ENV - value: "{{ .Values.global.cadi.aaf_env }}" - - name: AAF_REGISTER_AS - value: "{{ .Values.aaf_register_as }}" - - name: LATITUDE - value: "{{ .Values.global.cadi.cadi_latitude }}" - - name: LONGITUDE - value: "{{ .Values.global.cadi.cadi_longitude }}" - - name: CASS_HOST - value: "{{ .Values.global.cadi.cass_host }}" - - name: AAF_LOCATOR_AS - value: "{{ .Values.global.cadi.cadi_locator_as }}" - - name: {{ include "common.name" . }}-readiness - command: - - /root/ready.py - args: - - --container-name - - aaf-locate - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + - name: aaf_env + value: "{{ .Values.global.aaf.aaf_env }}" + - name: cadi_latitude + value: "{{ .Values.global.aaf.cadi_latitude }}" + - name: cadi_longitude + value: "{{ .Values.global.aaf.cadi_longitude }}" + - name: cadi_x509_issuers + value: "{{ .Values.global.aaf.cadi_x509_issuers }}" + - name: aaf_locate_url + value: "https://aaf-locate.{{ .Release.Namespace}}:{{.Values.global.aaf.locate.internal_port}}" + - name: aaf_locator_container + value: "oom" + - name: aaf_release + value: "{{ .Values.global.aaf.aaf_release }}" + - name: aaf_locator_container_ns + value: "{{ .Release.Namespace }}" + - name: aaf_locator_container + value: "oom" + - name: aaf_locator_public_fqdn + value: "{{.Values.global.aaf.public_fqdn}}" + - name: aaf_locator_name + value: "{{.Values.global.aaf.aaf_locator_name}}" + - name: aaf_locator_name_oom + value: "{{.Values.global.aaf.aaf_locator_name_oom}}" + - name: CASSANDRA_CLUSTER + value: "{{.Values.global.aaf.cass.fqdn}}.{{ .Release.Namespace }}" +# - name: CASSANDRA_USER +# value: "" +# - name: CASSANDRA_PASSWORD +# value: "" +# - name: CASSANDRA_PORT containers: - name: {{ include "common.name" . }} - command: ["/bin/bash","/opt/app/aaf/pod/pod_wait.sh","aaf_fs","sleep","0","cd /opt/app/aaf;bin/fs"] - image: "{{ include "common.repository" . }}/{{ .Values.image }}" + command: ["/bin/bash","-c","cd /opt/app/aaf && /bin/bash bin/pod_wait.sh aaf-fs aaf-locate && exec bin/fs"] + image: {{ .Values.global.repository }}/onap/aaf/aaf_fs:{{.Values.global.aaf.imageVersion}} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: - mountPath: "/opt/app/osaaf" - name: {{ include "common.name" . }}-config-vol + name: aaf-config-vol + - mountPath: "/opt/app/aaf/status" + name: aaf-status-vol - mountPath: /etc/localtime name: localtime readOnly: true @@ -103,7 +111,11 @@ spec: - name: localtime hostPath: path: /etc/localtime - - name: {{ include "common.name" . }}-config-vol - emptyDir: {} + - name: aaf-status-vol + persistentVolumeClaim: + claimName: {{ .Release.Name }}-aaf-status-pvc + - name: aaf-config-vol + persistentVolumeClaim: + claimName: {{ .Release.Name }}-aaf-config-pvc imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/charts/aaf-fs/templates/service.yaml b/charts/aaf-fs/templates/service.yaml index 281aa1c..1042afd 100644 --- a/charts/aaf-fs/templates/service.yaml +++ b/charts/aaf-fs/templates/service.yaml @@ -24,18 +24,10 @@ metadata: heritage: {{ .Release.Service }} spec: ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.externalPort }} - #Example internal target port if required - #targetPort: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - {{- end}} + - port: {{ .Values.global.aaf.fs.internal_port }} + nodePort: {{ .Values.global.aaf.fs.public_port }} + name: aaf-hello selector: app: {{ include "common.name" . }} release: {{ .Release.Name }} - type: {{ .Values.service.type }} + type: "NodePort" diff --git a/charts/aaf-fs/values.yaml b/charts/aaf-fs/values.yaml index 526a9fd..48ad7c1 100644 --- a/charts/aaf-fs/values.yaml +++ b/charts/aaf-fs/values.yaml @@ -24,29 +24,23 @@ flavor: small # Application configuration defaults. ################################################################# # application image -repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_fs:2.1.9-SNAPSHOT-latest -aaf_register_as: "aaf-fs.onap" pullPolicy: Always -# default number of instances -replicaCount: 1 - nodeSelector: {} affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 300 + initialDelaySeconds: 120 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: - initialDelaySeconds: 30 + initialDelaySeconds: 5 periodSeconds: 10 service: @@ -62,19 +56,20 @@ ingress: enabled: false # Configure resource requests and limits -resources: - small: - limits: - cpu: 200m - memory: 600Mi - requests: - cpu: 10m - memory: 300Mi - large: - limits: - cpu: 500m - memory: 700Mi - requests: - cpu: 100m - memory: 400Mi - unlimited: {} +resources: {} +# Allow END users to do this, if they want. Detrimental to Test services +# small: +# limits: +# cpu: 200m +# memory: 800Mi +# requests: +# cpu: 10m +# memory: 300Mi +# large: +# limits: +# cpu: 500m +# memory: 700Mi +# requests: +# cpu: 100m +# memory: 400Mi +# unlimited: {} diff --git a/charts/aaf-gui/templates/deployment.yaml b/charts/aaf-gui/templates/deployment.yaml index 9dd8794..d067b5e 100644 --- a/charts/aaf-gui/templates/deployment.yaml +++ b/charts/aaf-gui/templates/deployment.yaml @@ -23,7 +23,7 @@ metadata: name: {{ include "common.fullname" . }} namespace: {{ include "common.namespace" . }} spec: - replicas: {{ .Values.replicaCount }} + replicas: {{ .Values.global.aaf.gui.replicas }} template: metadata: labels: @@ -32,61 +32,69 @@ spec: spec: initContainers: - name: {{ include "common.name" . }}-config-container - image: "{{ include "common.repository" . }}/{{ .Values.global.configImage }}" + image: {{ .Values.global.repository }}/onap/aaf/aaf_config:{{.Values.global.aaf.imageVersion}} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: ["bash","-c","cd /opt/app/aaf_config && bin/pod_wait.sh config aaf-service remove && bin/agent.sh"] volumeMounts: - mountPath: "/opt/app/osaaf" - name: {{ include "common.name" . }}-config-vol + name: aaf-config-vol + - mountPath: "/opt/app/aaf/status" + name: aaf-status-vol env: - - name: HOSTNAME - value: "{{ .Values.global.cadi.hostname }}" - - name: AAF_ENV - value: "{{ .Values.global.cadi.aaf_env }}" - - name: AAF_REGISTER_AS - value: "{{ .Values.aaf_register_as }}" - - name: LATITUDE - value: "{{ .Values.global.cadi.cadi_latitude }}" - - name: LONGITUDE - value: "{{ .Values.global.cadi.cadi_longitude }}" - - name: CASS_HOST - value: "{{ .Values.global.cadi.cass_host }}" - - name: AAF_LOCATOR_AS - value: "{{ .Values.global.cadi.cadi_locator_as }}" - - name: {{ include "common.name" . }}-readiness - command: - - /root/ready.py - args: - - --container-name - - aaf-cm - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + - name: aaf_env + value: "{{ .Values.global.aaf.aaf_env }}" + - name: cadi_latitude + value: "{{ .Values.global.aaf.cadi_latitude }}" + - name: cadi_longitude + value: "{{ .Values.global.aaf.cadi_longitude }}" + - name: cadi_x509_issuers + value: "{{ .Values.global.aaf.cadi_x509_issuers }}" + - name: aaf_locate_url + value: "https://aaf-locate.{{ .Release.Namespace}}:{{.Values.global.aaf.locate.internal_port}}" + - name: aaf_locator_container + value: "oom" + - name: aaf_release + value: "{{ .Values.global.aaf.aaf_release }}" + - name: aaf_locator_container_ns + value: "{{ .Release.Namespace }}" + - name: aaf_locator_container + value: "oom" + - name: aaf_locator_public_fqdn + value: "{{.Values.global.aaf.public_fqdn}}" + - name: aaf_locator_name + value: "{{.Values.global.aaf.aaf_locator_name}}" + - name: aaf_locator_name_oom + value: "{{.Values.global.aaf.aaf_locator_name_oom}}" + - name: CASSANDRA_CLUSTER + value: "{{.Values.global.aaf.cass.fqdn}}.{{ .Release.Namespace }}" +# - name: CASSANDRA_USER +# value: "" +# - name: CASSANDRA_PASSWORD +# value: "" +# - name: CASSANDRA_PORT containers: - name: {{ include "common.name" . }} - command: ["/bin/bash","/opt/app/aaf/pod/pod_wait.sh","aaf_gui","sleep","0","cd /opt/app/aaf;bin/gui"] - image: "{{ include "common.repository" . }}/{{ .Values.image }}" + command: ["/bin/bash","-c","cd /opt/app/aaf && /bin/bash bin/pod_wait.sh aaf-gui aaf-locate && exec bin/gui"] + image: {{ .Values.global.repository }}/onap/aaf/aaf_gui:{{.Values.global.aaf.imageVersion}} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: - mountPath: "/opt/app/osaaf" - name: {{ include "common.name" . }}-config-vol + name: aaf-config-vol + - mountPath: "/opt/app/aaf/status" + name: aaf-status-vol - mountPath: /etc/localtime name: localtime readOnly: true {{- if eq .Values.liveness.enabled true }} livenessProbe: tcpSocket: - port: {{ .Values.service.internalPort }} + port: {{ .Values.global.aaf.gui.internal_port }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} {{ end -}} readinessProbe: tcpSocket: - port: {{ .Values.service.internalPort }} + port: {{ .Values.global.aaf.gui.internal_port }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} resources: @@ -103,7 +111,11 @@ spec: - name: localtime hostPath: path: /etc/localtime - - name: {{ include "common.name" . }}-config-vol - emptyDir: {} + - name: aaf-status-vol + persistentVolumeClaim: + claimName: {{ .Release.Name }}-aaf-status-pvc + - name: aaf-config-vol + persistentVolumeClaim: + claimName: {{ .Release.Name }}-aaf-config-pvc imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/charts/aaf-gui/templates/service.yaml b/charts/aaf-gui/templates/service.yaml index 281aa1c..ea06925 100644 --- a/charts/aaf-gui/templates/service.yaml +++ b/charts/aaf-gui/templates/service.yaml @@ -24,18 +24,10 @@ metadata: heritage: {{ .Release.Service }} spec: ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.externalPort }} - #Example internal target port if required - #targetPort: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - {{- end}} + - port: {{ .Values.global.aaf.gui.internal_port }} + nodePort: {{ .Values.global.aaf.gui.public_port }} + name: aaf-gui selector: app: {{ include "common.name" . }} release: {{ .Release.Name }} - type: {{ .Values.service.type }} + type: "NodePort" diff --git a/charts/aaf-gui/values.yaml b/charts/aaf-gui/values.yaml index 145dec1..3068f14 100644 --- a/charts/aaf-gui/values.yaml +++ b/charts/aaf-gui/values.yaml @@ -25,29 +25,23 @@ flavor: small # Application configuration defaults. ################################################################# # application image -repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_gui:2.1.9-SNAPSHOT-latest -aaf_register_as: "aaf-gui.onap" pullPolicy: Always -# default number of instances -replicaCount: 1 - nodeSelector: {} affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 300 + initialDelaySeconds: 120 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: - initialDelaySeconds: 30 + initialDelaySeconds: 5 periodSeconds: 10 service: @@ -64,19 +58,21 @@ ingress: enabled: false # Configure resource requests and limits -resources: - small: - limits: - cpu: 100m - memory: 500Mi - requests: - cpu: 10m - memory: 200Mi - large: - limits: - cpu: 200m - memory: 1Gi - requests: - cpu: 100m - memory: 500Mi - unlimited: {} +resources: {} +# Allow END users to do this, if they want. Detrimental to Test services +#resources: +# small: +# limits: +# cpu: 100m +# memory: 500Mi +# requests: +# cpu: 10m +# memory: 200Mi +# large: +# limits: +# cpu: 200m +# memory: 1Gi +# requests: +# cpu: 100m +# memory: 500Mi +# unlimited: {} diff --git a/charts/aaf-hello/templates/deployment.yaml b/charts/aaf-hello/templates/deployment.yaml index c57e57f..9faa580 100644 --- a/charts/aaf-hello/templates/deployment.yaml +++ b/charts/aaf-hello/templates/deployment.yaml @@ -23,7 +23,7 @@ metadata: name: {{ include "common.fullname" . }} namespace: {{ include "common.namespace" . }} spec: - replicas: {{ .Values.replicaCount }} + replicas: {{ .Values.global.aaf.hello.replicas }} template: metadata: labels: @@ -32,48 +32,60 @@ spec: spec: initContainers: - name: {{ include "common.name" . }}-config-container - image: "{{ include "common.repository" . }}/{{ .Values.global.configImage }}" + image: {{ .Values.global.repository }}/onap/aaf/aaf_agent:{{.Values.global.aaf.imageVersion}} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: - - mountPath: "/opt/app/osaaf" - name: {{ include "common.name" . }}-config-vol + - mountPath: "/opt/app/osaaf/local" + name: aaf-hello-vol + command: ["bash","-c","/opt/app/aaf_config/bin/pod_wait.sh config nc aaf-cm.{{.Release.Namespace}} 8150 remove && cd /opt/app/osaaf/local && /opt/app/aaf_config/bin/agent.sh"] env: - - name: HOSTNAME - value: "{{ .Values.global.cadi.hostname }}" - - name: AAF_ENV - value: "{{ .Values.global.cadi.aaf_env }}" - - name: AAF_REGISTER_AS - value: "{{ .Values.aaf_register_as }}" - - name: LATITUDE - value: "{{ .Values.global.cadi.cadi_latitude }}" - - name: LONGITUDE - value: "{{ .Values.global.cadi.cadi_longitude }}" - - name: CASS_HOST - value: "{{ .Values.global.cadi.cass_host }}" - - name: AAF_LOCATOR_AS - value: "{{ .Values.global.cadi.cadi_locator_as }}" - - name: {{ include "common.name" . }}-readiness - command: - - /root/ready.py - args: - - --container-name - - aaf-locate - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + - name: aaf_env + value: "{{ .Values.global.aaf.aaf_env }}" + - name: cadi_latitude + value: "{{ .Values.global.aaf.cadi_latitude }}" + - name: cadi_longitude + value: "{{ .Values.global.aaf.cadi_longitude }}" + - name: aaf_locate_url + value: "https://aaf-locate.{{ .Release.Namespace}}:{{.Values.global.aaf.locate.internal_port}}" + - name: aaf_locator_container + value: "oom" + - name: aaf_release + value: "{{ .Values.global.aaf.aaf_release }}" + - name: aaf_locator_container_ns + value: "{{ .Release.Namespace }}" + - name: aaf_locator_container + value: "oom" + - name: aaf_locator_container_ns + value: "{{ .Release.Namespace }}" + - name: aaf_locator_app_ns + value: "org.osaaf.aaf" + - name: "APP_FQDN" + value: "{{ .Values.global.aaf.hello.fqdn }}" + - name: "APP_FQI" + value: "aaf@aaf.osaaf.org" + - name: "DEPLOY_FQI" + value: "deployer@people.osaaf.org" + - name: "DEPLOY_PASSWORD" + value: "demo123456!" +# Hello specific. Clients don't necessarily need this + - name: aaf_locator_public_fqdn + value: "{{.Values.global.aaf.public_fqdn}}" + - name: aaf_locator_name + value: "{{.Values.global.aaf.aaf_locator_name}}" + - name: aaf_locator_name_oom + value: "{{.Values.global.aaf.aaf_locator_name_oom}}" + - name: aaf_locator_fqdn_oom + value: "%N.%CNS" containers: - name: {{ include "common.name" . }} - command: ["/bin/bash","/opt/app/aaf/pod/pod_wait.sh","aaf_hello","sleep","0","cd /opt/app/aaf;bin/hello"] - image: "{{ include "common.repository" . }}/{{ .Values.image }}" + command: ["/bin/bash","-c","cd /opt/app/aaf && exec bin/hello"] + image: {{ .Values.global.repository }}/onap/aaf/aaf_hello:{{.Values.global.aaf.imageVersion}} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: - - mountPath: "/opt/app/osaaf" - name: {{ include "common.name" . }}-config-vol + - mountPath: "/opt/app/osaaf/local" + name: aaf-hello-vol + - mountPath: "/opt/app/aaf/status" + name: aaf-status-vol - mountPath: /etc/localtime name: localtime readOnly: true @@ -103,7 +115,10 @@ spec: - name: localtime hostPath: path: /etc/localtime - - name: {{ include "common.name" . }}-config-vol + - name: aaf-status-vol + persistentVolumeClaim: + claimName: {{ .Release.Name }}-aaf-status-pvc + - name: aaf-hello-vol emptyDir: {} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/charts/aaf-hello/templates/service.yaml b/charts/aaf-hello/templates/service.yaml index 281aa1c..102e85d 100644 --- a/charts/aaf-hello/templates/service.yaml +++ b/charts/aaf-hello/templates/service.yaml @@ -24,18 +24,10 @@ metadata: heritage: {{ .Release.Service }} spec: ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.externalPort }} - #Example internal target port if required - #targetPort: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - {{- end}} + - port: {{ .Values.global.aaf.hello.internal_port }} + nodePort: {{ .Values.global.aaf.hello.public_port }} + name: aaf-hello selector: app: {{ include "common.name" . }} release: {{ .Release.Name }} - type: {{ .Values.service.type }} + type: "NodePort" diff --git a/charts/aaf-hello/values.yaml b/charts/aaf-hello/values.yaml index 8c46b80..c3ed9e1 100644 --- a/charts/aaf-hello/values.yaml +++ b/charts/aaf-hello/values.yaml @@ -18,35 +18,28 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 flavor: small ################################################################# # Application configuration defaults. ################################################################# # application image -repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_hello:2.1.9-SNAPSHOT-latest -aaf_register_as: "aaf-hello.onap" -pullPolicy: Always -# default number of instances -replicaCount: 1 - nodeSelector: {} affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 300 + initialDelaySeconds: 120 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: - initialDelaySeconds: 30 + initialDelaySeconds: 5 periodSeconds: 10 service: @@ -62,19 +55,21 @@ ingress: enabled: false # Configure resource requests and limits -resources: - small: - limits: - cpu: 200m - memory: 500Mi - requests: - cpu: 10m - memory: 200Mi - large: - limits: - cpu: 400m - memory: 1Gi - requests: - cpu: 20m - memory: 500Mi - unlimited: {} +resources: {} +# Allow END users to do this, if they want. Detrimental to Test services +#resources: +# small: +# limits: +# cpu: 200m +# memory: 500Mi +# requests: +# cpu: 10m +# memory: 200Mi +# large: +# limits: +# cpu: 400m +# memory: 1Gi +# requests: +# cpu: 20m +# memory: 500Mi +# unlimited: {} diff --git a/charts/aaf-locate/templates/deployment.yaml b/charts/aaf-locate/templates/deployment.yaml index a2f9f55..f504063 100644 --- a/charts/aaf-locate/templates/deployment.yaml +++ b/charts/aaf-locate/templates/deployment.yaml @@ -23,7 +23,7 @@ metadata: name: {{ include "common.fullname" . }} namespace: {{ include "common.namespace" . }} spec: - replicas: {{ .Values.replicaCount }} + replicas: {{ .Values.global.aaf.locate.replicas }} template: metadata: labels: @@ -32,61 +32,69 @@ spec: spec: initContainers: - name: {{ include "common.name" . }}-config-container - image: "{{ include "common.repository" . }}/{{ .Values.global.configImage }}" + image: {{ .Values.global.repository }}/onap/aaf/aaf_config:{{.Values.global.aaf.imageVersion}} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: ["bash","-c","cd /opt/app/aaf_config && bin/pod_wait.sh config aaf-service remove && bin/agent.sh"] volumeMounts: - mountPath: "/opt/app/osaaf" - name: {{ include "common.name" . }}-config-vol + name: aaf-config-vol + - mountPath: "/opt/app/aaf/status" + name: aaf-status-vol env: - - name: HOSTNAME - value: "{{ .Values.global.cadi.hostname }}" - - name: AAF_ENV - value: "{{ .Values.global.cadi.aaf_env }}" - - name: AAF_REGISTER_AS - value: "{{ .Values.aaf_register_as }}" - - name: LATITUDE - value: "{{ .Values.global.cadi.cadi_latitude }}" - - name: LONGITUDE - value: "{{ .Values.global.cadi.cadi_longitude }}" - - name: CASS_HOST - value: "{{ .Values.global.cadi.cass_host }}" - - name: AAF_LOCATOR_AS - value: "{{ .Values.global.cadi.cadi_locator_as }}" - - name: {{ include "common.name" . }}-readiness - command: - - /root/ready.py - args: - - --container-name - - aaf-service - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + - name: aaf_env + value: "{{ .Values.global.aaf.aaf_env }}" + - name: cadi_latitude + value: "{{ .Values.global.aaf.cadi_latitude }}" + - name: cadi_longitude + value: "{{ .Values.global.aaf.cadi_longitude }}" + - name: cadi_x509_issuers + value: "{{ .Values.global.aaf.cadi_x509_issuers }}" + - name: aaf_locate_url + value: "https://aaf-locate.{{ .Release.Namespace}}:{{.Values.global.aaf.locate.internal_port}}" + - name: aaf_locator_container + value: "oom" + - name: aaf_release + value: "{{ .Values.global.aaf.aaf_release }}" + - name: aaf_locator_container_ns + value: "{{ .Release.Namespace }}" + - name: aaf_locator_container + value: "oom" + - name: aaf_locator_public_fqdn + value: "{{.Values.global.aaf.public_fqdn}}" + - name: aaf_locator_name + value: "{{.Values.global.aaf.aaf_locator_name}}" + - name: aaf_locator_name_oom + value: "{{.Values.global.aaf.aaf_locator_name_oom}}" + - name: CASSANDRA_CLUSTER + value: "{{.Values.global.aaf.cass.fqdn}}.{{ .Release.Namespace }}" +# - name: CASSANDRA_USER +# value: "" +# - name: CASSANDRA_PASSWORD +# value: "" +# - name: CASSANDRA_PORT containers: - name: {{ include "common.name" . }} - command: ["/bin/bash","/opt/app/aaf/pod/pod_wait.sh","aaf_locate","sleep","0","cd /opt/app/aaf;bin/locate"] - image: "{{ include "common.repository" . }}/{{ .Values.image }}" + command: ["/bin/bash","-c","cd /opt/app/aaf && /bin/bash bin/pod_wait.sh aaf-locate aaf-service && exec bin/locate"] + image: {{ .Values.global.repository }}/onap/aaf/aaf_locate:{{.Values.global.aaf.imageVersion}} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: - mountPath: "/opt/app/osaaf" - name: {{ include "common.name" . }}-config-vol + name: aaf-config-vol + - mountPath: "/opt/app/aaf/status" + name: aaf-status-vol - mountPath: /etc/localtime name: localtime readOnly: true {{- if eq .Values.liveness.enabled true }} livenessProbe: tcpSocket: - port: {{ .Values.service.internalPort }} + port: {{ .Values.global.aaf.locate.internal_port }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} {{ end -}} readinessProbe: tcpSocket: - port: {{ .Values.service.internalPort }} + port: {{ .Values.global.aaf.locate.internal_port }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} resources: @@ -103,7 +111,11 @@ spec: - name: localtime hostPath: path: /etc/localtime - - name: {{ include "common.name" . }}-config-vol - emptyDir: {} + - name: aaf-status-vol + persistentVolumeClaim: + claimName: {{ .Release.Name }}-aaf-status-pvc + - name: aaf-config-vol + persistentVolumeClaim: + claimName: {{ .Release.Name }}-aaf-config-pvc imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/charts/aaf-locate/templates/service.yaml b/charts/aaf-locate/templates/service.yaml index 281aa1c..606d947 100644 --- a/charts/aaf-locate/templates/service.yaml +++ b/charts/aaf-locate/templates/service.yaml @@ -24,18 +24,10 @@ metadata: heritage: {{ .Release.Service }} spec: ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.externalPort }} - #Example internal target port if required - #targetPort: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - {{- end}} + - port: {{ .Values.global.aaf.locate.internal_port }} + nodePort: {{ .Values.global.aaf.locate.public_port }} + name: aaf-locate selector: app: {{ include "common.name" . }} release: {{ .Release.Name }} - type: {{ .Values.service.type }} + type: "NodePort" diff --git a/charts/aaf-locate/values.yaml b/charts/aaf-locate/values.yaml index a323837..c13f834 100644 --- a/charts/aaf-locate/values.yaml +++ b/charts/aaf-locate/values.yaml @@ -24,14 +24,6 @@ flavor: small # Application configuration defaults. ################################################################# # application image -repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_locate:2.1.9-SNAPSHOT-latest -aaf_register_as: "aaf-locate.onap" -pullPolicy: Always - - -# default number of instances -replicaCount: 1 nodeSelector: {} @@ -39,14 +31,14 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 300 + initialDelaySeconds: 120 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: - initialDelaySeconds: 30 + initialDelaySeconds: 5 periodSeconds: 10 service: @@ -56,25 +48,27 @@ service: #targetPort internalPort: 8095 #port - externalPort: 8095 + externalPort: 31111 ingress: enabled: false # Configure resource requests and limits -resources: - small: - limits: - cpu: 200m - memory: 600Mi - requests: - cpu: 20m - memory: 300Mi - large: - limits: - cpu: 400m - memory: 1Gi - requests: - cpu: 40m - memory: 500Mi - unlimited: {} +resources: {} +# Allow END users to do this, if they want. Detrimental to Test services +#resources: +# small: +# limits: +# cpu: 200m +# memory: 600Mi +# requests: +# cpu: 20m +# memory: 300Mi +# large: +# limits: +# cpu: 400m +# memory: 1Gi +# requests: +# cpu: 40m +# memory: 500Mi +# unlimited: {} diff --git a/charts/aaf-oauth/templates/deployment.yaml b/charts/aaf-oauth/templates/deployment.yaml index f7a34f4..cc328d5 100644 --- a/charts/aaf-oauth/templates/deployment.yaml +++ b/charts/aaf-oauth/templates/deployment.yaml @@ -23,7 +23,7 @@ metadata: name: {{ include "common.fullname" . }} namespace: {{ include "common.namespace" . }} spec: - replicas: {{ .Values.replicaCount }} + replicas: {{ .Values.global.aaf.oauth.replicas }} template: metadata: labels: @@ -32,61 +32,69 @@ spec: spec: initContainers: - name: {{ include "common.name" . }}-config-container - image: "{{ include "common.repository" . }}/{{ .Values.global.configImage }}" + image: {{ .Values.global.repository }}/onap/aaf/aaf_config:{{.Values.global.aaf.imageVersion}} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: ["bash","-c","cd /opt/app/aaf_config && bin/pod_wait.sh config aaf-service remove && bin/agent.sh"] volumeMounts: - mountPath: "/opt/app/osaaf" - name: {{ include "common.name" . }}-config-vol + name: aaf-config-vol + - mountPath: "/opt/app/aaf/status" + name: aaf-status-vol env: - - name: HOSTNAME - value: "{{ .Values.global.cadi.hostname }}" - - name: AAF_ENV - value: "{{ .Values.global.cadi.aaf_env }}" - - name: AAF_REGISTER_AS - value: "{{ .Values.aaf_register_as }}" - - name: LATITUDE - value: "{{ .Values.global.cadi.cadi_latitude }}" - - name: LONGITUDE - value: "{{ .Values.global.cadi.cadi_longitude }}" - - name: CASS_HOST - value: "{{ .Values.global.cadi.cass_host }}" - - name: AAF_LOCATOR_AS - value: "{{ .Values.global.cadi.cadi_locator_as }}" - - name: {{ include "common.name" . }}-readiness - command: - - /root/ready.py - args: - - --container-name - - aaf-locate - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + - name: aaf_env + value: "{{ .Values.global.aaf.aaf_env }}" + - name: cadi_latitude + value: "{{ .Values.global.aaf.cadi_latitude }}" + - name: cadi_longitude + value: "{{ .Values.global.aaf.cadi_longitude }}" + - name: cadi_x509_issuers + value: "{{ .Values.global.aaf.cadi_x509_issuers }}" + - name: aaf_locate_url + value: "https://aaf-locate.{{ .Release.Namespace}}:{{.Values.global.aaf.locate.internal_port}}" + - name: aaf_locator_container + value: "oom" + - name: aaf_release + value: "{{ .Values.global.aaf.aaf_release }}" + - name: aaf_locator_container_ns + value: "{{ .Release.Namespace }}" + - name: aaf_locator_container + value: "oom" + - name: aaf_locator_public_fqdn + value: "{{.Values.global.aaf.public_fqdn}}" + - name: aaf_locator_name + value: "{{.Values.global.aaf.aaf_locator_name}}" + - name: aaf_locator_name_oom + value: "{{.Values.global.aaf.aaf_locator_name_oom}}" + - name: CASSANDRA_CLUSTER + value: "{{.Values.global.aaf.cass.fqdn}}.{{ .Release.Namespace }}" +# - name: CASSANDRA_USER +# value: "" +# - name: CASSANDRA_PASSWORD +# value: "" +# - name: CASSANDRA_PORT containers: - name: {{ include "common.name" . }} - command: ["/bin/bash","/opt/app/aaf/pod/pod_wait.sh","aaf_oauth","sleep","0","cd /opt/app/aaf;bin/oauth"] - image: "{{ include "common.repository" . }}/{{ .Values.image }}" + command: ["/bin/bash","-c","cd /opt/app/aaf && /bin/bash bin/pod_wait.sh aaf-oauth aaf-service && exec bin/oauth"] + image: {{ .Values.global.repository }}/onap/aaf/aaf_oauth:{{.Values.global.aaf.imageVersion}} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: - mountPath: "/opt/app/osaaf" - name: {{ include "common.name" . }}-config-vol + name: aaf-config-vol + - mountPath: "/opt/app/aaf/status" + name: aaf-status-vol - mountPath: /etc/localtime name: localtime readOnly: true {{- if eq .Values.liveness.enabled true }} livenessProbe: tcpSocket: - port: {{ .Values.service.internalPort }} + port: {{ .Values.global.aaf.oauth.internal_port }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} {{ end -}} readinessProbe: tcpSocket: - port: {{ .Values.service.internalPort }} + port: {{ .Values.global.aaf.oauth.internal_port }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} resources: @@ -103,7 +111,11 @@ spec: - name: localtime hostPath: path: /etc/localtime - - name: {{ include "common.name" . }}-config-vol - emptyDir: {} + - name: aaf-status-vol + persistentVolumeClaim: + claimName: {{ .Release.Name }}-aaf-status-pvc + - name: aaf-config-vol + persistentVolumeClaim: + claimName: {{ .Release.Name }}-aaf-config-pvc imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/charts/aaf-oauth/templates/service.yaml b/charts/aaf-oauth/templates/service.yaml index d94bcae..bb4a051 100644 --- a/charts/aaf-oauth/templates/service.yaml +++ b/charts/aaf-oauth/templates/service.yaml @@ -24,16 +24,10 @@ metadata: heritage: {{ .Release.Service }} spec: ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.externalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - {{- end}} + - port: {{ .Values.global.aaf.oauth.internal_port }} + nodePort: {{ .Values.global.aaf.oauth.public_port }} + name: aaf-oauth selector: app: {{ include "common.name" . }} release: {{ .Release.Name }} - type: {{ .Values.service.type }} + type: "NodePort" diff --git a/charts/aaf-oauth/values.yaml b/charts/aaf-oauth/values.yaml index 7cb9f3b..3c29a62 100644 --- a/charts/aaf-oauth/values.yaml +++ b/charts/aaf-oauth/values.yaml @@ -18,35 +18,26 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 flavor: small ################################################################# # Application configuration defaults. ################################################################# # application image -repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_oauth:2.1.9-SNAPSHOT-latest -aaf_register_as: "aaf-oauth.onap" -pullPolicy: Always - - -# default number of instances -replicaCount: 1 - nodeSelector: {} affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 300 + initialDelaySeconds: 120 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: - initialDelaySeconds: 30 + initialDelaySeconds: 5 periodSeconds: 10 service: @@ -62,19 +53,21 @@ ingress: enabled: false # Configure resource requests and limits -resources: - small: - limits: - cpu: 200m - memory: 400Mi - requests: - cpu: 20m - memory: 200Mi - large: - limits: - cpu: 400m - memory: 600Mi - requests: - cpu: 40m - memory: 200Mi - unlimited: {} +resources: {} +# Allow END users to do this, if they want. Detrimental to Test services +#resources: +# small: +# limits: +# cpu: 200m +# memory: 400Mi +# requests: +# cpu: 20m +# memory: 200Mi +# large: +# limits: +# cpu: 400m +# memory: 600Mi +# requests: +# cpu: 40m +# memory: 200Mi +# unlimited: {} diff --git a/charts/aaf-service/templates/deployment.yaml b/charts/aaf-service/templates/deployment.yaml index 92d2312..1801bfe 100644 --- a/charts/aaf-service/templates/deployment.yaml +++ b/charts/aaf-service/templates/deployment.yaml @@ -23,7 +23,7 @@ metadata: name: {{ include "common.fullname" . }} namespace: {{ include "common.namespace" . }} spec: - replicas: {{ .Values.replicaCount }} + replicas: {{ .Values.global.aaf.service.replicas }} template: metadata: labels: @@ -32,61 +32,72 @@ spec: spec: initContainers: - name: {{ include "common.name" . }}-config-container - image: "{{ include "common.repository" . }}/{{ .Values.global.configImage }}" + image: {{ .Values.global.repository }}/onap/aaf/aaf_config:{{.Values.global.aaf.imageVersion}} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: ["bash","-c","cd /opt/app/aaf_config && bin/pod_wait.sh config nc aaf-cass.{{ .Release.Namespace }} 9042 sleep 15 remove && bin/agent.sh"] volumeMounts: - mountPath: "/opt/app/osaaf" - name: {{ include "common.name" . }}-config-vol + name: aaf-config-vol + - mountPath: "/opt/app/aaf/status" + name: aaf-status-vol env: - - name: HOSTNAME - value: "{{ .Values.global.cadi.hostname }}" - - name: AAF_ENV - value: "{{ .Values.global.cadi.aaf_env }}" - - name: AAF_REGISTER_AS - value: "{{ .Values.aaf_register_as }}" - - name: LATITUDE - value: "{{ .Values.global.cadi.cadi_latitude }}" - - name: LONGITUDE - value: "{{ .Values.global.cadi.cadi_longitude }}" - - name: CASS_HOST - value: "{{ .Values.global.cadi.cass_host }}" - - name: AAF_LOCATOR_AS - value: "{{ .Values.global.cadi.cadi_locator_as }}" - - name: {{ include "common.name" . }}-readiness - command: - - /root/ready.py - args: - - --container-name - - aaf-cs - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + - name: aaf_env + value: "{{ .Values.global.aaf.aaf_env }}" + - name: cadi_latitude + value: "{{ .Values.global.aaf.cadi_latitude }}" + - name: cadi_longitude + value: "{{ .Values.global.aaf.cadi_longitude }}" + - name: cadi_x509_issuers + value: "{{ .Values.global.aaf.cadi_x509_issuers }}" + - name: aaf_locate_url + value: "https://aaf-locate.{{ .Release.Namespace}}:{{.Values.global.aaf.locate.internal_port}}" + - name: aaf_locator_container + value: "oom" + - name: aaf_release + value: "{{ .Values.global.aaf.aaf_release }}" + - name: aaf_locator_container_ns + value: "{{ .Release.Namespace }}" + - name: aaf_locator_public_fqdn + value: "{{.Values.global.aaf.public_fqdn}}" + - name: aaf_locator_name + value: "{{.Values.global.aaf.aaf_locator_name}}" + - name: aaf_locator_name_oom + value: "{{.Values.global.aaf.aaf_locator_name_oom}}" + - name: CASSANDRA_CLUSTER + value: "{{.Values.global.aaf.cass.fqdn}}.{{ .Release.Namespace }}" +# - name: CASSANDRA_USER +# value: "" +# - name: CASSANDRA_PASSWORD +# value: "" +# - name: CASSANDRA_PORT +# value: "" containers: - name: {{ include "common.name" . }} - command: ["/bin/bash","/opt/app/aaf/pod/pod_wait.sh","aaf_service","sleep","0","cd /opt/app/aaf;bin/service"] - image: "{{ include "common.repository" . }}/{{ .Values.image }}" + command: ["/bin/bash","-c","cd /opt/app/aaf && bin/pod_wait.sh aaf-service aaf-cass && exec bin/service"] + image: {{ .Values.global.repository }}/onap/aaf/aaf_service:{{.Values.global.aaf.imageVersion}} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + lifecycle: + preStop: + exec: + command: ["/bin/sh","-c","rm /opt/app/aaf/status/aaf-service* && echo $HOSTNAME >> aaf-service.hosts"] volumeMounts: - mountPath: "/opt/app/osaaf" - name: {{ include "common.name" . }}-config-vol + name: aaf-config-vol + - mountPath: "/opt/app/aaf/status" + name: aaf-status-vol - mountPath: /etc/localtime name: localtime readOnly: true {{- if eq .Values.liveness.enabled true }} livenessProbe: tcpSocket: - port: {{ .Values.service.internalPort }} + port: {{ .Values.global.aaf.service.internal_port }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} {{ end -}} readinessProbe: tcpSocket: - port: {{ .Values.service.internalPort }} + port: {{ .Values.global.aaf.service.internal_port }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} resources: @@ -103,7 +114,11 @@ spec: - name: localtime hostPath: path: /etc/localtime - - name: {{ include "common.name" . }}-config-vol - emptyDir: {} + - name: aaf-status-vol + persistentVolumeClaim: + claimName: {{ .Release.Name }}-aaf-status-pvc + - name: aaf-config-vol + persistentVolumeClaim: + claimName: {{ .Release.Name }}-aaf-config-pvc imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/charts/aaf-service/templates/service.yaml b/charts/aaf-service/templates/service.yaml index 281aa1c..4a318ff 100644 --- a/charts/aaf-service/templates/service.yaml +++ b/charts/aaf-service/templates/service.yaml @@ -24,18 +24,10 @@ metadata: heritage: {{ .Release.Service }} spec: ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.externalPort }} - #Example internal target port if required - #targetPort: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - {{- end}} + - port: {{ .Values.global.aaf.service.internal_port }} + nodePort: {{ .Values.global.aaf.service.public_port }} + name: aaf-service selector: app: {{ include "common.name" . }} release: {{ .Release.Name }} - type: {{ .Values.service.type }} + type: "NodePort" diff --git a/charts/aaf-service/values.yaml b/charts/aaf-service/values.yaml index 42cebde..8794afe 100644 --- a/charts/aaf-service/values.yaml +++ b/charts/aaf-service/values.yaml @@ -24,14 +24,6 @@ flavor: small # Application configuration defaults. ################################################################# # application image -repository: nexus3.onap.org:10001 -image: onap/aaf/aaf_service:2.1.9-SNAPSHOT-latest -aaf_register_as: "aaf-service.onap" -pullPolicy: Always - - -# default number of instances -replicaCount: 1 nodeSelector: {} @@ -39,14 +31,14 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 300 + initialDelaySeconds: 120 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: - initialDelaySeconds: 30 + initialDelaySeconds: 5 periodSeconds: 10 service: @@ -56,26 +48,27 @@ service: #targetPort internalPort: 8100 #port - externalPort: 8100 - nodePort: 47 + externalPort: 31110 ingress: enabled: false # Configure resource requests and limits -resources: - small: - limits: - cpu: 200m - memory: 600Mi - requests: - cpu: 20m - memory: 300Mi - large: - limits: - cpu: 400m - memory: 1Gi - requests: - cpu: 40m - memory: 300Mi - unlimited: {} +resources: {} +# Allow END users to do this, if they want. Detrimental to Test services +#resources: +# small: +# limits: +# cpu: 200m +# memory: 800Mi +# requests: +# cpu: 20m +# memory: 300Mi +# large: +# limits: +# cpu: 400m +# memory: 1Gi +# requests: +# cpu: 40m +# memory: 300Mi +# unlimited: {} diff --git a/charts/aaf-sms/charts/aaf-sms-vault/values.yaml b/charts/aaf-sms/charts/aaf-sms-vault/values.yaml index 355cd60..360bf42 100644 --- a/charts/aaf-sms/charts/aaf-sms-vault/values.yaml +++ b/charts/aaf-sms/charts/aaf-sms-vault/values.yaml @@ -108,4 +108,4 @@ resources: requests: cpu: 10m memory: 100Mi - unlimited: {} \ No newline at end of file + unlimited: {} diff --git a/templates/aaf-config-pv.yaml b/templates/aaf-config-pv.yaml new file mode 100644 index 0000000..9a1e802 --- /dev/null +++ b/templates/aaf-config-pv.yaml @@ -0,0 +1,48 @@ +{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} +######### +## ============LICENSE_START==================================================== +## org.onap.aaf +## =========================================================================== +## Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. +## =========================================================================== +## Licensed under the Apache License, Version 2.0 (the "License"); +## you may not use this file except in compliance with the License. +## You may obtain a copy of the License at +## +## http://www.apache.org/licenses/LICENSE-2.0 +## +## Unless required by applicable law or agreed to in writing, software +## distributed under the License is distributed on an "AS IS" BASIS, +## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +## See the License for the specific language governing permissions and +## limitations under the License. +## ============LICENSE_END==================================================== +## + +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ .Release.Name }}-aaf-config-pv + namespace: {{ include "common.namespace" . }} + labels: + app: {{ .Chart.Name }}-config + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} +spec: + capacity: + storage: {{ .Values.persistence.config.size}} + accessModes: + - {{ .Values.persistence.config.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.config.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.persistence.config.mountPath }} +{{- if .Values.persistence.config.storageClass }} +{{- if (eq "-" .Values.persistence.config.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.config.storageClass }}" +{{- end }} +{{- end }} +{{- end -}} diff --git a/templates/aaf-config-pvc.yaml b/templates/aaf-config-pvc.yaml new file mode 100644 index 0000000..b22df6d --- /dev/null +++ b/templates/aaf-config-pvc.yaml @@ -0,0 +1,52 @@ +{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} +######### +## ============LICENSE_START==================================================== +## org.onap.aaf +## =========================================================================== +## Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. +## =========================================================================== +## Licensed under the Apache License, Version 2.0 (the "License"); +## you may not use this file except in compliance with the License. +## You may obtain a copy of the License at +## +## http://www.apache.org/licenses/LICENSE-2.0 +## +## Unless required by applicable law or agreed to in writing, software +## distributed under the License is distributed on an "AS IS" BASIS, +## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +## See the License for the specific language governing permissions and +## limitations under the License. +## ============LICENSE_END==================================================== +## +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ .Release.Name }}-aaf-config-pvc + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + selector: + matchLabels: + app: {{ include "common.name" . }}-config + accessModes: + - {{ .Values.persistence.config.accessMode }} + resources: + requests: + storage: {{ .Values.persistence.config.size }} +{{- if .Values.persistence.config.storageClass }} +{{- if (eq "-" .Values.persistence.config.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.config.storageClass }}" +{{- end }} +{{- end }} +{{- end -}} + diff --git a/templates/aaf-status-pv.yaml b/templates/aaf-status-pv.yaml new file mode 100644 index 0000000..b8d12c5 --- /dev/null +++ b/templates/aaf-status-pv.yaml @@ -0,0 +1,48 @@ +{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} +######### +## ============LICENSE_START==================================================== +## org.onap.aaf +## =========================================================================== +## Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. +## =========================================================================== +## Licensed under the Apache License, Version 2.0 (the "License"); +## you may not use this file except in compliance with the License. +## You may obtain a copy of the License at +## +## http://www.apache.org/licenses/LICENSE-2.0 +## +## Unless required by applicable law or agreed to in writing, software +## distributed under the License is distributed on an "AS IS" BASIS, +## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +## See the License for the specific language governing permissions and +## limitations under the License. +## ============LICENSE_END==================================================== +## + +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ .Release.Name }}-aaf-status-pv + namespace: {{ include "common.namespace" . }} + labels: + app: {{ .Chart.Name }}-status + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} +spec: + capacity: + storage: {{ .Values.persistence.status.size}} + accessModes: + - {{ .Values.persistence.status.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.status.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.persistence.status.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.status.mountSubPath }} +{{- if .Values.persistence.status.storageClass }} +{{- if (eq "-" .Values.persistence.status.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.status.storageClass }}" +{{- end }} +{{- end }} +{{- end -}} diff --git a/templates/aaf-status-pvc.yaml b/templates/aaf-status-pvc.yaml new file mode 100644 index 0000000..870ac9c --- /dev/null +++ b/templates/aaf-status-pvc.yaml @@ -0,0 +1,52 @@ +{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} +######### +## ============LICENSE_START==================================================== +## org.onap.aaf +## =========================================================================== +## Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. +## =========================================================================== +## Licensed under the Apache License, Version 2.0 (the "License"); +## you may not use this file except in compliance with the License. +## You may obtain a copy of the License at +## +## http://www.apache.org/licenses/LICENSE-2.0 +## +## Unless required by applicable law or agreed to in writing, software +## distributed under the License is distributed on an "AS IS" BASIS, +## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +## See the License for the specific language governing permissions and +## limitations under the License. +## ============LICENSE_END==================================================== +## +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ .Release.Name }}-aaf-status-pvc + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + selector: + matchLabels: + app: {{ include "common.name" . }}-status + accessModes: + - {{ .Values.persistence.status.accessMode }} + resources: + requests: + storage: {{ .Values.persistence.status.size }} +{{- if .Values.persistence.status.storageClass }} +{{- if (eq "-" .Values.persistence.status.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.status.storageClass }}" +{{- end }} +{{- end }} +{{- end -}} + diff --git a/values.yaml b/values.yaml index 5a095e4..e07f346 100644 --- a/values.yaml +++ b/values.yaml @@ -18,25 +18,83 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 ubuntuInitRepository: registry.hub.docker.com ubuntuInitImage: oomk8s/ubuntu-init:2.0.0 - configImage: onap/aaf/aaf_config:2.1.9-SNAPSHOT-latest persistence: enabled: true + pullPolicy: Always + repository: "nexus3.onap.org:10001" + # pullPolicy: IfNotPresent + # repository: "nexus3.onap.org:10003" - cadi: - hostname: "aaf.onap" + aaf: + imageVersion: 2.1.12-SNAPSHOT + #imageVersion: latest + readiness: false + aaf_env: "DEV" + public_fqdn: "aaf.osaaf.org" + aaf_release: "Dublin" + # DUBLIN ONLY - for M4 compatibility with Casablanca + aaf_locator_name: "public.%NS.%N" + aaf_locator_name_oom: "%NS.%N" + # EL ALTO and Beyond + # aaf_locator_name: "%NS.%N" + # aaf_locator_name_oom: "%CNS.%NS.%N" cadi_latitude: "38.0" cadi_longitude: "-72.0" - aaf_env: "DEV" - cass_host: "aaf-cass.onap" - cadi_locator_as: "aaf-locate.onap" + cadi_x509_issuers: "CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US" + + cass: + replicas: 1 + fqdn: "aaf-cass" + cluster_name: "osaaf" + heap_new_size: "512M" + max_heap_size: "1024M" + storage_port: 7000 + ssl_storage_port: 7001 + native_trans_port: 9042 + rpc_port: 9160 + dc: "dc1" + service: + replicas: 1 + fqdn: "aaf-service" + internal_port: 8100 + public_port: 31110 + locate: + replicas: 1 + fqdn: "aaf-locate" + internal_port: 8095 + public_port: 31111 + oauth: + replicas: 1 + fqdn: "aaf0oauth" + internal_port: 8140 + public_port: 31112 + gui: + replicas: 1 + fqdn: "aaf-gui" + internal_port: 8200 + public_port: 31113 + cm: + replicas: 1 + fqdn: "aaf-cm" + internal_port: 8150 + public_port: 31114 + fs: + replicas: 1 + fqdn: "aaf-fs" + internal_port: 8096 + public_port: 31115 + hello: + replicas: 0 + fqdn: "aaf-hello" + internal_port: 8130 + public_port: 31116 ################################################################# # Application configuration defaults. ################################################################# -repository: nexus3.onap.org:10001 flavor: small # default number of instances @@ -48,14 +106,14 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 10 + initialDelaySeconds: 350 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: - initialDelaySeconds: 10 + initialDelaySeconds: 150 periodSeconds: 10 ingress: @@ -63,31 +121,35 @@ ingress: ## Persist data to a persitent volume persistence: - mountPath: "/mnt/data/aaf" enabled: true config: #existingClaim: - volumeReclaimPolicy: Retain + volumeReclaimPolicy: Delete accessMode: ReadWriteMany size: 2Gi - mountSubPath: "config" storageClass: "manual" + mountPath: "/mnt/data/aaf/config" logs: #existingClaim: volumeReclaimPolicy: Retain accessMode: ReadWriteMany size: 2Gi - mountSubPath: "logs" storageClass: "manual" - -aaf-cs: - persistence: - #existingClaim: + mountPath: "/mnt/data/aaf/logs" + status: + volumeReclaimPolicy: Delete + accessMode: ReadWriteMany + size: 2M + storageClass: "manual" mountPath: /dockerdata-nfs - mountSubPath: "cass" + mountSubPath: "status" + cass: + #existingClaim: volumeReclaimPolicy: Retain accessMode: ReadWriteOnce size: 10Gi storageClass: "manual" + mountPath: /dockerdata-nfs + mountSubPath: "cass" resources: {} -- cgit 1.2.3-korg From 675e83af256608673194ada6ed2f90c6cd687b4b Mon Sep 17 00:00:00 2001 From: "Gathman, Jonathan (jg1555)" Date: Fri, 3 May 2019 08:19:35 -0500 Subject: AAF to Release version 2.1.13 Also upped SMS/SSHSM versions Issue-ID: AAF-823 Change-Id: I27de5079cd678d0206238873b81cb55b5612a67a Signed-off-by: Gathman, Jonathan (jg1555) --- charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml | 2 +- charts/aaf-sms/values.yaml | 2 +- charts/aaf-sshsm/charts/aaf-sshsm-abrmd/values.yaml | 2 +- charts/aaf-sshsm/charts/aaf-sshsm-distcenter/values.yaml | 2 +- charts/aaf-sshsm/charts/aaf-sshsm-testca/values.yaml | 2 +- charts/aaf-sshsm/values.yaml | 2 +- values.yaml | 2 +- 7 files changed, 7 insertions(+), 7 deletions(-) diff --git a/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml b/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml index 7cd5938..c3e4e08 100644 --- a/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml +++ b/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml @@ -28,7 +28,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/smsquorumclient:3.0.1 +image: onap/aaf/smsquorumclient:4.0.0-SNAPSHOT-latest pullPolicy: Always # flag to enable debugging - application support required diff --git a/charts/aaf-sms/values.yaml b/charts/aaf-sms/values.yaml index 28b46c2..c8fd6fd 100644 --- a/charts/aaf-sms/values.yaml +++ b/charts/aaf-sms/values.yaml @@ -28,7 +28,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/sms:3.0.1 +image: onap/aaf/sms:4.0.0-SNAPSHOT-latest pullPolicy: Always # flag to enable debugging - application support required diff --git a/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/values.yaml b/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/values.yaml index bf64c6d..c374074 100644 --- a/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/values.yaml +++ b/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/values.yaml @@ -21,7 +21,7 @@ ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/abrmd:3.0.0 +image: onap/aaf/abrmd:4.0.0-SNAPSHOT-latest pullPolicy: Always # flag to enable debugging - application support required diff --git a/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/values.yaml b/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/values.yaml index 3993cfc..2d874ba 100644 --- a/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/values.yaml +++ b/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/values.yaml @@ -23,7 +23,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/distcenter:3.0.0 +image: onap/aaf/distcenter:4.0.0-SNAPSHOT-latest pullPolicy: Always # flag to enable debugging - application support required diff --git a/charts/aaf-sshsm/charts/aaf-sshsm-testca/values.yaml b/charts/aaf-sshsm/charts/aaf-sshsm-testca/values.yaml index 3fd53d2..2c41f58 100644 --- a/charts/aaf-sshsm/charts/aaf-sshsm-testca/values.yaml +++ b/charts/aaf-sshsm/charts/aaf-sshsm-testca/values.yaml @@ -23,7 +23,7 @@ enabled: true ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/testcaservice:3.0.0 +image: onap/aaf/testcaservice:4.0.0-SNAPSHOT-latest pullPolicy: Always # flag to enable debugging - application support required diff --git a/charts/aaf-sshsm/values.yaml b/charts/aaf-sshsm/values.yaml index d068846..2d20d57 100644 --- a/charts/aaf-sshsm/values.yaml +++ b/charts/aaf-sshsm/values.yaml @@ -62,4 +62,4 @@ resources: requests: cpu: 10m memory: 100Mi - unlimited: {} \ No newline at end of file + unlimited: {} diff --git a/values.yaml b/values.yaml index e07f346..1ddb604 100644 --- a/values.yaml +++ b/values.yaml @@ -29,7 +29,7 @@ global: # repository: "nexus3.onap.org:10003" aaf: - imageVersion: 2.1.12-SNAPSHOT + imageVersion: 2.1.13 #imageVersion: latest readiness: false aaf_env: "DEV" -- cgit 1.2.3-korg From 3b002f52b2daf591ea03e0e550d4a91dd02edc27 Mon Sep 17 00:00:00 2001 From: Instrumental Date: Wed, 8 May 2019 14:11:57 -0500 Subject: SMS and SSHSH (AAF PTL) Release Version Issue-ID: AAF-826 Change-Id: Ia8c23170ccaaa52c528d89417d95ddb3478ab00d Signed-off-by: Instrumental --- charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml | 2 +- charts/aaf-sms/values.yaml | 2 +- charts/aaf-sshsm/charts/aaf-sshsm-abrmd/values.yaml | 2 +- charts/aaf-sshsm/charts/aaf-sshsm-distcenter/values.yaml | 2 +- charts/aaf-sshsm/charts/aaf-sshsm-testca/values.yaml | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml b/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml index c3e4e08..4dc13a5 100644 --- a/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml +++ b/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml @@ -28,7 +28,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/smsquorumclient:4.0.0-SNAPSHOT-latest +image: onap/aaf/smsquorumclient:4.0.0 pullPolicy: Always # flag to enable debugging - application support required diff --git a/charts/aaf-sms/values.yaml b/charts/aaf-sms/values.yaml index c8fd6fd..4a8a9c0 100644 --- a/charts/aaf-sms/values.yaml +++ b/charts/aaf-sms/values.yaml @@ -28,7 +28,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/sms:4.0.0-SNAPSHOT-latest +image: onap/aaf/sms:4.0.0 pullPolicy: Always # flag to enable debugging - application support required diff --git a/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/values.yaml b/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/values.yaml index c374074..1fcc155 100644 --- a/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/values.yaml +++ b/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/values.yaml @@ -21,7 +21,7 @@ ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/abrmd:4.0.0-SNAPSHOT-latest +image: onap/aaf/abrmd:4.0.0 pullPolicy: Always # flag to enable debugging - application support required diff --git a/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/values.yaml b/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/values.yaml index 2d874ba..e8d2f7e 100644 --- a/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/values.yaml +++ b/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/values.yaml @@ -23,7 +23,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/distcenter:4.0.0-SNAPSHOT-latest +image: onap/aaf/distcenter:4.0.0 pullPolicy: Always # flag to enable debugging - application support required diff --git a/charts/aaf-sshsm/charts/aaf-sshsm-testca/values.yaml b/charts/aaf-sshsm/charts/aaf-sshsm-testca/values.yaml index 2c41f58..5c3618d 100644 --- a/charts/aaf-sshsm/charts/aaf-sshsm-testca/values.yaml +++ b/charts/aaf-sshsm/charts/aaf-sshsm-testca/values.yaml @@ -23,7 +23,7 @@ enabled: true ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/testcaservice:4.0.0-SNAPSHOT-latest +image: onap/aaf/testcaservice:4.0.0 pullPolicy: Always # flag to enable debugging - application support required -- cgit 1.2.3-korg From 7ac9cd4d6005e530872255119bcd43db785bb120 Mon Sep 17 00:00:00 2001 From: Kiran Kamineni Date: Mon, 3 Jun 2019 16:17:07 -0700 Subject: Updated certificates for SMS SMS healthcheck breaks because of expired certificates This patch fixes that issue. Issue-ID: AAF-845 Change-Id: I2004e29e3271a829989e1f46ebcd7e07e1b6185a Signed-off-by: Kiran Kamineni --- charts/aaf-sms/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/aaf-sms/values.yaml b/charts/aaf-sms/values.yaml index 4a8a9c0..de005ed 100644 --- a/charts/aaf-sms/values.yaml +++ b/charts/aaf-sms/values.yaml @@ -28,7 +28,7 @@ flavor: small ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/sms:4.0.0 +image: onap/aaf/sms:4.0.1 pullPolicy: Always # flag to enable debugging - application support required -- cgit 1.2.3-korg From 110a99fe302d641cf335232d97caa25b790b101e Mon Sep 17 00:00:00 2001 From: Mike Elliott Date: Thu, 11 Jul 2019 10:59:59 -0400 Subject: Moving Helm Chart version for El Alto Updating all helm chart versions to 5.0.0 for the El Alto release. Merge will be co-ordinated with the merge of a separate aai/oom patch. Please do not merge until this coordination has completed. Issue-ID: OOM-1980 Signed-off-by: Mike Elliott Change-Id: I31daaebeacea33565f13affd2fa28fb15fe948ba --- Chart.yaml | 2 +- charts/aaf-cass/Chart.yaml | 2 +- charts/aaf-cm/Chart.yaml | 2 +- charts/aaf-fs/Chart.yaml | 2 +- charts/aaf-gui/Chart.yaml | 2 +- charts/aaf-hello/Chart.yaml | 2 +- charts/aaf-locate/Chart.yaml | 2 +- charts/aaf-oauth/Chart.yaml | 2 +- charts/aaf-service/Chart.yaml | 2 +- charts/aaf-sms/Chart.yaml | 2 +- charts/aaf-sms/charts/aaf-sms-quorumclient/Chart.yaml | 2 +- charts/aaf-sms/charts/aaf-sms-vault/Chart.yaml | 2 +- charts/aaf-sshsm/Chart.yaml | 2 +- charts/aaf-sshsm/charts/aaf-sshsm-abrmd/Chart.yaml | 2 +- charts/aaf-sshsm/charts/aaf-sshsm-distcenter/Chart.yaml | 2 +- charts/aaf-sshsm/charts/aaf-sshsm-testca/Chart.yaml | 2 +- charts/aaf-sshsm/requirements.yaml | 2 +- requirements.yaml | 2 +- 18 files changed, 18 insertions(+), 18 deletions(-) diff --git a/Chart.yaml b/Chart.yaml index b7bfb7f..5d0582a 100644 --- a/Chart.yaml +++ b/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP Application Authorization Framework name: aaf -version: 4.0.0 +version: 5.0.0 diff --git a/charts/aaf-cass/Chart.yaml b/charts/aaf-cass/Chart.yaml index f06d149..3706810 100644 --- a/charts/aaf-cass/Chart.yaml +++ b/charts/aaf-cass/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP AAF cassandra name: aaf-cass -version: 4.0.0 +version: 5.0.0 diff --git a/charts/aaf-cm/Chart.yaml b/charts/aaf-cm/Chart.yaml index 3ece45d..b284d5b 100644 --- a/charts/aaf-cm/Chart.yaml +++ b/charts/aaf-cm/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP AAF Certificate Manager name: aaf-cm -version: 4.0.0 +version: 5.0.0 diff --git a/charts/aaf-fs/Chart.yaml b/charts/aaf-fs/Chart.yaml index 5c94aa8..3c0a4d1 100644 --- a/charts/aaf-fs/Chart.yaml +++ b/charts/aaf-fs/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP AAF File Server name: aaf-fs -version: 4.0.0 \ No newline at end of file +version: 5.0.0 \ No newline at end of file diff --git a/charts/aaf-gui/Chart.yaml b/charts/aaf-gui/Chart.yaml index 3313c66..fb41c5f 100644 --- a/charts/aaf-gui/Chart.yaml +++ b/charts/aaf-gui/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP AAF GUI name: aaf-gui -version: 4.0.0 \ No newline at end of file +version: 5.0.0 \ No newline at end of file diff --git a/charts/aaf-hello/Chart.yaml b/charts/aaf-hello/Chart.yaml index 89f061b..0ab6de1 100644 --- a/charts/aaf-hello/Chart.yaml +++ b/charts/aaf-hello/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP AAF Hello name: aaf-hello -version: 4.0.0 \ No newline at end of file +version: 5.0.0 \ No newline at end of file diff --git a/charts/aaf-locate/Chart.yaml b/charts/aaf-locate/Chart.yaml index 10c2b3e..c7f5fc3 100644 --- a/charts/aaf-locate/Chart.yaml +++ b/charts/aaf-locate/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP AAF Locate name: aaf-locate -version: 4.0.0 \ No newline at end of file +version: 5.0.0 \ No newline at end of file diff --git a/charts/aaf-oauth/Chart.yaml b/charts/aaf-oauth/Chart.yaml index 4ce29df..c073652 100644 --- a/charts/aaf-oauth/Chart.yaml +++ b/charts/aaf-oauth/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP AAF OAuth name: aaf-oauth -version: 4.0.0 \ No newline at end of file +version: 5.0.0 \ No newline at end of file diff --git a/charts/aaf-service/Chart.yaml b/charts/aaf-service/Chart.yaml index 80b2b8f..a5a38f4 100644 --- a/charts/aaf-service/Chart.yaml +++ b/charts/aaf-service/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP AAF Service name: aaf-service -version: 4.0.0 +version: 5.0.0 diff --git a/charts/aaf-sms/Chart.yaml b/charts/aaf-sms/Chart.yaml index 9402b00..0cb82cb 100644 --- a/charts/aaf-sms/Chart.yaml +++ b/charts/aaf-sms/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP Secret Management Service name: aaf-sms -version: 4.0.0 +version: 5.0.0 diff --git a/charts/aaf-sms/charts/aaf-sms-quorumclient/Chart.yaml b/charts/aaf-sms/charts/aaf-sms-quorumclient/Chart.yaml index 88079d2..876f358 100644 --- a/charts/aaf-sms/charts/aaf-sms-quorumclient/Chart.yaml +++ b/charts/aaf-sms/charts/aaf-sms-quorumclient/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP Secret Management Service Quorum Client name: aaf-sms-quorumclient -version: 4.0.0 +version: 5.0.0 diff --git a/charts/aaf-sms/charts/aaf-sms-vault/Chart.yaml b/charts/aaf-sms/charts/aaf-sms-vault/Chart.yaml index 2c8a7a6..1c3a1af 100644 --- a/charts/aaf-sms/charts/aaf-sms-vault/Chart.yaml +++ b/charts/aaf-sms/charts/aaf-sms-vault/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: Chart to launch Vault as SMS backend name: aaf-sms-vault appVersion: 0.9.5 -version: 4.0.0 +version: 5.0.0 diff --git a/charts/aaf-sshsm/Chart.yaml b/charts/aaf-sshsm/Chart.yaml index 6ad7e7f..5b9b3e5 100644 --- a/charts/aaf-sshsm/Chart.yaml +++ b/charts/aaf-sshsm/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP Hardware Security Components name: aaf-sshsm -version: 4.0.0 +version: 5.0.0 diff --git a/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/Chart.yaml b/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/Chart.yaml index ce74887..3a9b9cd 100644 --- a/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/Chart.yaml +++ b/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP Trusted Platform Module Resource Manager name: aaf-sshsm-abrmd -version: 4.0.0 +version: 5.0.0 diff --git a/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/Chart.yaml b/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/Chart.yaml index 14ddd7b..50ee07c 100644 --- a/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/Chart.yaml +++ b/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP Trusted Platform Module Distribution Center name: aaf-sshsm-distcenter -version: 4.0.0 +version: 5.0.0 diff --git a/charts/aaf-sshsm/charts/aaf-sshsm-testca/Chart.yaml b/charts/aaf-sshsm/charts/aaf-sshsm-testca/Chart.yaml index 6260cdd..bc0f559 100644 --- a/charts/aaf-sshsm/charts/aaf-sshsm-testca/Chart.yaml +++ b/charts/aaf-sshsm/charts/aaf-sshsm-testca/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP Trusted Platform Module Test CA Service name: aaf-sshsm-testca -version: 4.0.0 +version: 5.0.0 diff --git a/charts/aaf-sshsm/requirements.yaml b/charts/aaf-sshsm/requirements.yaml index 7c18fbc..e6ac00b 100644 --- a/charts/aaf-sshsm/requirements.yaml +++ b/charts/aaf-sshsm/requirements.yaml @@ -14,5 +14,5 @@ dependencies: - name: common - version: ~4.x-0 + version: ~5.x-0 repository: '@local' diff --git a/requirements.yaml b/requirements.yaml index 1d30dfd..1063d17 100644 --- a/requirements.yaml +++ b/requirements.yaml @@ -14,5 +14,5 @@ dependencies: - name: common - version: ~4.x-0 + version: ~5.x-0 repository: '@local' \ No newline at end of file -- cgit 1.2.3-korg From 54d16145bc0d5704d1bbc95089f0d86904ef600d Mon Sep 17 00:00:00 2001 From: Pawel Wieczorek Date: Sun, 14 Jul 2019 17:38:23 +0200 Subject: Use nodePortPrefix variable in AAF (aaf-sms) charts Issue-ID: AAF-383 Change-Id: I3e2591ca73c8ba559fd39aa1250471b15d1189d2 Signed-off-by: Pawel Wieczorek --- charts/aaf-sms/charts/aaf-sms-vault/templates/service.yaml | 2 +- charts/aaf-sms/templates/service.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/aaf-sms/charts/aaf-sms-vault/templates/service.yaml b/charts/aaf-sms/charts/aaf-sms-vault/templates/service.yaml index 04e9a5a..de6130c 100644 --- a/charts/aaf-sms/charts/aaf-sms-vault/templates/service.yaml +++ b/charts/aaf-sms/charts/aaf-sms-vault/templates/service.yaml @@ -28,7 +28,7 @@ spec: - name: {{ .Values.service.portName }} {{if eq .Values.service.type "NodePort" -}} port: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default "302" }}{{ .Values.service.nodePort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} {{- else -}} port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} diff --git a/charts/aaf-sms/templates/service.yaml b/charts/aaf-sms/templates/service.yaml index 18334a3..5e6bffb 100644 --- a/charts/aaf-sms/templates/service.yaml +++ b/charts/aaf-sms/templates/service.yaml @@ -28,7 +28,7 @@ spec: - name: {{ .Values.service.PortName }} {{if eq .Values.service.type "NodePort" -}} port: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default "302" }}{{ .Values.service.nodePort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} {{- else -}} port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} -- cgit 1.2.3-korg