diff options
author | sebdet <sebastien.determe@intl.att.com> | 2019-11-07 17:27:46 +0100 |
---|---|---|
committer | sebdet <sebastien.determe@intl.att.com> | 2019-11-07 17:31:56 +0100 |
commit | 123ac5729bcb5cfbdc2a17c767edf0c499a8a8cd (patch) | |
tree | db3be1e89123679158e26e30c3381b08b1c99a94 | |
parent | b16280fa018d42597429ff95817cea9e4645cc89 (diff) |
Move OOM clamp code to its own repository
Issue-ID: CLAMP-548
Change-Id: Ibf61f82a7ed3f7f778882c5ecf24da946ca92751
Signed-off-by: sebdet <sebastien.determe@intl.att.com>
59 files changed, 3859 insertions, 0 deletions
diff --git a/Chart.yaml b/Chart.yaml new file mode 100644 index 0000000..54f2df1 --- /dev/null +++ b/Chart.yaml @@ -0,0 +1,19 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: ONAP Clamp +name: clamp +version: 5.0.0 diff --git a/charts/clamp-backend/Chart.yaml b/charts/clamp-backend/Chart.yaml new file mode 100644 index 0000000..a6aec46 --- /dev/null +++ b/charts/clamp-backend/Chart.yaml @@ -0,0 +1,19 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: ONAP Clamp +name: clamp-backend +version: 5.0.0 diff --git a/charts/clamp-backend/requirements.yaml b/charts/clamp-backend/requirements.yaml new file mode 100644 index 0000000..05d49a8 --- /dev/null +++ b/charts/clamp-backend/requirements.yaml @@ -0,0 +1,22 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~5.x-0 + # local reference to common chart, as it is + # a part of this chart's package and will not + # be published independently to a repo (at this point) + repository: '@local' diff --git a/charts/clamp-backend/resources/config/log/filebeat/filebeat.yml b/charts/clamp-backend/resources/config/log/filebeat/filebeat.yml new file mode 100644 index 0000000..dab2e44 --- /dev/null +++ b/charts/clamp-backend/resources/config/log/filebeat/filebeat.yml @@ -0,0 +1,53 @@ +# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +filebeat.prospectors: +#it is mandatory, in our case it's log +- input_type: log + #This is the canolical path as mentioned in logback.xml, *.* means it will monitor all files in the directory. + paths: + - /var/log/onap/*/*/*/*.log + - /var/log/onap/*/*/*.log + - /var/log/onap/*/*.log + #Files older than this should be ignored.In our case it will be 48 hours i.e. 2 days. It is a helping flag for clean_inactive + ignore_older: 48h + # Remove the registry entry for a file that is more than the specified time. In our case it will be 96 hours, i.e. 4 days. It will help to keep registry records with in limit + clean_inactive: 96h + +# Name of the registry file. If a relative path is used, it is considered relative to the +# data path. Else full qualified file name. +#filebeat.registry_file: ${path.data}/registry + + +output.logstash: + #List of logstash server ip addresses with port number. + #But, in our case, this will be the loadbalancer IP address. + #For the below property to work the loadbalancer or logstash should expose 5044 port to listen the filebeat events or port in the property should be changed appropriately. + hosts: ["{{.Values.config.log.logstashServiceName}}:{{.Values.config.log.logstashPort}}"] + #If enable will do load balancing among availabe Logstash, automatically. + loadbalance: true + + #The list of root certificates for server verifications. + #If certificate_authorities is empty or not set, the trusted + #certificate authorities of the host system are used. + #ssl.certificate_authorities: $ssl.certificate_authorities + + #The path to the certificate for SSL client authentication. If the certificate is not specified, + #client authentication is not available. + #ssl.certificate: $ssl.certificate + + #The client certificate key used for client authentication. + #ssl.key: $ssl.key + + #The passphrase used to decrypt an encrypted key stored in the configured key file + #ssl.key_passphrase: $ssl.key_passphrase diff --git a/charts/clamp-backend/resources/config/logback.xml b/charts/clamp-backend/resources/config/logback.xml new file mode 100644 index 0000000..551ed34 --- /dev/null +++ b/charts/clamp-backend/resources/config/logback.xml @@ -0,0 +1,316 @@ +<?xml version = "1.0" encoding = "UTF-8" ?> +<!-- +# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--> +<included> + <jmxConfigurator /> + <!-- Example evaluator filter applied against console appender --> + <property + name="p_tim" + value="%d{"yyyy-MM-dd'T'HH:mm:ss.SSSXXX", UTC}" /> + <property + name="p_lvl" + value="%level" /> + <property + name="p_log" + value="%logger" /> + <property + name="p_mdc" + value="%replace(%replace(%mdc){'\t','\\\\t'}){'\n', '\\\\n'}" /> + <property + name="p_msg" + value="%replace(%replace(%msg){'\t', '\\\\t'}){'\n','\\\\n'}" /> + <property + name="p_exc" + value="%replace(%replace(%rootException){'\t', '\\\\t'}){'\n','\\\\n'}" /> + <property + name="p_mak" + value="%replace(%replace(%marker){'\t', '\\\\t'}){'\n','\\\\n'}" /> + <property + name="p_thr" + value="%thread" /> + <property + name="defaultPattern" + value="%nopexception${p_tim}\t${p_thr}\t${p_lvl}\t${p_log}\t${p_mdc}\t${p_msg}\t${p_exc}\t${p_mak}\t%n" /> + <property + name="debugPattern" + value="%nopexception${p_tim}|${p_lvl}|${p_mdc}|${p_exc}|%msg%n" /> + + <!-- Example evaluator filter applied against console appender --> + <appender + name="STDOUT" + class="ch.qos.logback.core.ConsoleAppender"> + <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> + <level>INFO</level> + </filter> + <encoder> + <pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n + </pattern> + </encoder> + </appender> + + <appender + name="ERROR" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> + <level>INFO</level> + </filter> + <file>${logDirectory}/error.log</file> + <append>true</append> + <encoder> + <pattern>${defaultPattern}</pattern> + </encoder> + <rollingPolicy + class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy"> + <fileNamePattern>${outputDirectory}/clamp/error.%d{yyyy-MM-dd}.%i.log.zip + </fileNamePattern> + <maxFileSize>50MB</maxFileSize> + <maxHistory>30</maxHistory> + <totalSizeCap>10GB</totalSizeCap> + </rollingPolicy> + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>10MB</maxFileSize> + </triggeringPolicy> + </appender> + + <appender + name="DEBUG" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/debug.log</file> + <append>true</append> + <encoder> + <pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n + </pattern> + </encoder> + <rollingPolicy + class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy"> + <fileNamePattern>${outputDirectory}/clamp/debug.%d{yyyy-MM-dd}.%i.log.zip + </fileNamePattern> + <maxFileSize>50MB</maxFileSize> + <maxHistory>30</maxHistory> + <totalSizeCap>10GB</totalSizeCap> + </rollingPolicy> + </appender> + + + <appender + name="AUDIT" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/audit.log</file> + <append>true</append> + <encoder> + <pattern>%X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|%msg%n + </pattern> + </encoder> + <rollingPolicy + class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <maxIndex>10</maxIndex> + <FileNamePattern>${logDirectory}/audit.%i.log.zip + </FileNamePattern> + </rollingPolicy> + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>10MB</maxFileSize> + </triggeringPolicy> + </appender> + <appender + name="asyncEELFAudit" + class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>256</queueSize> + <appender-ref ref="AUDIT" /> + </appender> + + <appender + name="METRIC" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/metric.log</file> + <append>true</append> + <encoder> + <pattern>%X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{TargetEntity}|%X{TargetServiceName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{TargetVirtualEntity}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}| + %msg%n</pattern> + </encoder> + <rollingPolicy + class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <maxIndex>10</maxIndex> + <FileNamePattern>${logDirectory}/metric.%i.log.zip + </FileNamePattern> + </rollingPolicy> + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>10MB</maxFileSize> + </triggeringPolicy> + </appender> + <appender + name="asyncEELFMetrics" + class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>256</queueSize> + <appender-ref ref="METRIC" /> + </appender> + + <!-- SECURITY related loggers --> + <appender + name="SECURITY" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/security.log</file> + <append>true</append> + <encoder> + <pattern>%X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|%msg%n + </pattern> + </encoder> + <rollingPolicy + class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <maxIndex>10</maxIndex> + <FileNamePattern>${logDirectory}/security.%i.log.zip + </FileNamePattern> + </rollingPolicy> + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>10MB</maxFileSize> + </triggeringPolicy> + </appender> + <appender + name="asyncEELFSecurity" + class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>256</queueSize> + <appender-ref ref="SECURITY" /> + </appender> + <!-- logback jms appenders & loggers definition starts here --> + <appender + name="auditLogs" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> + </filter> + <file>${logDirectory}/Audit-${lrmRVer}-${lrmRO}-${Pid}.log</file> + <rollingPolicy + class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <fileNamePattern>${logDirectory}/Audit-${lrmRVer}-${lrmRO}-${Pid}.%i.log.zip + </fileNamePattern> + <minIndex>1</minIndex> + <maxIndex>9</maxIndex> + </rollingPolicy> + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>5MB</maxFileSize> + </triggeringPolicy> + <encoder> + <pattern>"%d [%thread] %-5level %logger{1024} - %msg%n"</pattern> + </encoder> + </appender> + <appender + name="perfLogs" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> + </filter> + <file>${logDirectory}/Perform-${lrmRVer}-${lrmRO}-${Pid}.log</file> + <rollingPolicy + class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <fileNamePattern>${logDirectory}/Perform-${lrmRVer}-${lrmRO}-${Pid}.%i.log.zip + </fileNamePattern> + <minIndex>1</minIndex> + <maxIndex>9</maxIndex> + </rollingPolicy> + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>5MB</maxFileSize> + </triggeringPolicy> + <encoder> + <pattern>"%d [%thread] %-5level %logger{1024} - %msg%n"</pattern> + </encoder> + </appender> + + <logger + name="org.onap.aaf" + level="DEBUG"> + <appender-ref ref="DEBUG" /> + </logger> + <logger + name="org.apache" + level="DEBUG"> + <appender-ref ref="DEBUG" /> + </logger> + <!-- Spring related loggers --> + <logger + name="org.springframework" + level="DEBUG"> + <appender-ref ref="DEBUG" /> + </logger> + + <!-- CLDS related loggers --> + <logger + name="org.onap.clamp" + level="DEBUG"> + <appender-ref ref="ERROR" /> + <appender-ref ref="DEBUG" /> + </logger> + + <!-- CLDS related loggers --> + <logger + name="com.att.eelf.error" + level="OFF"> + <appender-ref ref="ERROR" /> + </logger> + <!-- EELF related loggers --> + <logger + name="com.att.eelf.audit" + level="INFO" + additivity="false"> + <appender-ref ref="asyncEELFAudit" /> + </logger> + <logger + name="com.att.eelf.metrics" + level="DEBUG" + additivity="false"> + <appender-ref ref="asyncEELFMetrics" /> + </logger> + <logger + name="com.att.eelf.security" + level="DEBUG" + additivity="false"> + <appender-ref ref="asyncEELFSecurity" /> + </logger> + + <!-- logback internals logging --> + <logger + name="ch.qos.logback.classic" + level="INFO" /> + <logger + name="ch.qos.logback.core" + level="INFO" /> + <logger + name="AuditRecord" + level="INFO" + additivity="false"> + <appender-ref ref="auditLogs" /> + </logger> + <logger + name="AuditRecord_DirectCall" + level="INFO" + additivity="false"> + <appender-ref ref="auditLogs" /> + </logger> + <logger + name="PerfTrackerRecord" + level="INFO" + additivity="false"> + <appender-ref ref="perfLogs" /> + </logger> + <!-- logback jms appenders & loggers definition ends here --> + + <root level="DEBUG"> + <appender-ref ref="DEBUG" /> + <appender-ref ref="STDOUT" /> + </root> +</included> diff --git a/charts/clamp-backend/resources/config/sdc-controllers-config.json b/charts/clamp-backend/resources/config/sdc-controllers-config.json new file mode 100644 index 0000000..3adda95 --- /dev/null +++ b/charts/clamp-backend/resources/config/sdc-controllers-config.json @@ -0,0 +1,18 @@ +{ + "sdc-connections":{ + "sdc-controller":{ + "user": "clamp", + "consumerGroup": "clamp", + "consumerId": "clamp", + "environmentName": "AUTO", + "sdcAddress": "sdc-be.{{ include "common.namespace" . }}:8443", + "password": "b7acccda32b98c5bb7acccda32b98c5b05D511BD6D93626E90D18E9D24D9B78CD34C7EE8012F0A189A28763E82271E50A5D4EC10C7D93E06E0A2D27CAE66B981", + "pollingInterval":30, + "pollingTimeout":30, + "activateServerTLSAuth":"false", + "keyStorePassword":"", + "keyStorePath":"", + "messageBusAddresses":["message-router.{{ include "common.namespace" . }}"] + } + } +} diff --git a/charts/clamp-backend/templates/NOTES.txt b/charts/clamp-backend/templates/NOTES.txt new file mode 100644 index 0000000..e36d6a5 --- /dev/null +++ b/charts/clamp-backend/templates/NOTES.txt @@ -0,0 +1,32 @@ +# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit https://127.0.0.1:8443 to use your application" + kubectl port-forward $POD_NAME 8443:{{ .Values.service.internalPort }} +{{- end }} diff --git a/charts/clamp-backend/templates/configmap.yaml b/charts/clamp-backend/templates/configmap.yaml new file mode 100644 index 0000000..21df037 --- /dev/null +++ b/charts/clamp-backend/templates/configmap.yaml @@ -0,0 +1,41 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} + spring_application_json: {{ tpl .Values.config.springApplicationJson . | quote }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Release.Name }}-clamp-filebeat-configmap + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/log/filebeat/*").AsConfig . | indent 2 }} diff --git a/charts/clamp-backend/templates/deployment.yaml b/charts/clamp-backend/templates/deployment.yaml new file mode 100644 index 0000000..6b6fcc7 --- /dev/null +++ b/charts/clamp-backend/templates/deployment.yaml @@ -0,0 +1,126 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - command: + - /root/ready.py + args: + - --container-name + - mariadb + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness + containers: + # side car containers + - name: {{ include "common.name" . }}-filebeat-onap + image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - name: {{ include "common.fullname" . }}-filebeat-conf + mountPath: /usr/share/filebeat/filebeat.yml + subPath: filebeat.yml + - name: {{ include "common.fullname" . }}-data-filebeat + mountPath: /usr/share/filebeat/data + - name: {{ include "common.fullname" . }}-logs + mountPath: /var/log/onap + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + args: + - "-Dcom.att.eelf.logging.file=file:/opt/clamp/logback.xml" + - "" + ports: + - containerPort: {{ .Values.service.internalPort }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + volumeMounts: + - name: {{ include "common.fullname" . }}-logs + mountPath: /var/log/onap + - mountPath: /opt/clamp/sdc-controllers-config.json + name: {{ include "common.fullname" . }}-config + subPath: sdc-controllers-config.json + - mountPath: /opt/clamp/logback.xml + name: {{ include "common.fullname" . }}-config + subPath: logback.xml + env: + - name: SPRING_APPLICATION_JSON + valueFrom: + configMapKeyRef: + name: {{ template "common.fullname" . }} + key: spring_application_json + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: {{ include "common.fullname" . }}-config + configMap: + name: {{ include "common.fullname" . }} + items: + - key: sdc-controllers-config.json + path: sdc-controllers-config.json + - key: logback.xml + path: logback.xml + - name: {{ include "common.fullname" . }}-filebeat-conf + configMap: + name: {{ .Release.Name }}-clamp-filebeat-configmap + - name: {{ include "common.fullname" . }}-data-filebeat + emptyDir: {} + - name: {{ include "common.fullname" . }}-logs + emptyDir: {} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/charts/clamp-backend/templates/service.yaml b/charts/clamp-backend/templates/service.yaml new file mode 100644 index 0000000..f1438a4 --- /dev/null +++ b/charts/clamp-backend/templates/service.yaml @@ -0,0 +1,40 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} diff --git a/charts/clamp-backend/values.yaml b/charts/clamp-backend/values.yaml new file mode 100644 index 0000000..4981494 --- /dev/null +++ b/charts/clamp-backend/values.yaml @@ -0,0 +1,131 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018-2019 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: # global defaults + nodePortPrefix: 302 + repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + persistence: {} + +flavor: small + +# application image +repository: nexus3.onap.org:10001 +image: onap/clamp-backend:4.1.3 +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +################################################################# +# Application configuration defaults. +################################################################# +config: + log: + logstashServiceName: log-ls + logstashPort: 5044 + mysqlPassword: strong_pitchou + dataRootDir: /dockerdata-nfs + springApplicationJson: > + { + "spring.datasource.cldsdb.url": "jdbc:mariadb:sequential://clampdb.{{ include "common.namespace" . }}:3306/cldsdb4?autoReconnect=true&connectTimeout=10000&socketTimeout=10000&retriesAllDown=3", + "spring.profiles.active": "clamp-default,clamp-default-user,clamp-sdc-controller-new", + "clamp.config.sdc.catalog.url": "http://sdc-be.{{ include "common.namespace" . }}:8080/sdc/v1/catalog/", + "clamp.config.sdc.hostUrl": "http://sdc-be.{{ include "common.namespace" . }}:8080/", + "clamp.config.sdc.serviceUrl": "http://sdc-be.{{ include "common.namespace" . }}:8080/sdc/v1/catalog/services", + "clamp.config.sdc.serviceUsername": "clamp", + "clamp.config.sdc.servicePassword": "b7acccda32b98c5bb7acccda32b98c5b05D511BD6D93626E90D18E9D24D9B78CD34C7EE8012F0A189A28763E82271E50A5D4EC10C7D93E06E0A2D27CAE66B981", + "clamp.config.files.sdcController": "file:/opt/clamp/sdc-controllers-config.json", + "clamp.config.dcae.inventory.url": "https4://inventory.{{ include "common.namespace" . }}:8080", + "clamp.config.dcae.dispatcher.url": "https4://deployment-handler.{{ include "common.namespace" . }}:8443", + "clamp.config.dcae.deployment.url": "https4://deployment-handler.{{ include "common.namespace" . }}:8443", + "clamp.config.dcae.deployment.userName": "none", + "clamp.config.dcae.deployment.password": "none", + "clamp.config.policy.api.url": "https4://policy-api.{{ include "common.namespace" . }}:6969", + "clamp.config.policy.api.userName": "healthcheck", + "clamp.config.policy.api.password": "zb!XztG34", + "clamp.config.policy.pap.url": "https4://policy-pap.{{ include "common.namespace" . }}:6969", + "clamp.config.policy.pap.userName": "healthcheck", + "clamp.config.policy.pap.password": "zb!XztG34", + "clamp.config.policy.pdpUrl1": "https://pdp.{{ include "common.namespace" . }}:8081/pdp/ , testpdp, alpha123", + "clamp.config.policy.pdpUrl2": "https://pdp.{{ include "common.namespace" . }}:8081/pdp/ , testpdp, alpha123", + "clamp.config.policy.papUrl": "https://pap.{{ include "common.namespace" . }}:9091/pap/ , testpap, alpha123", + "clamp.config.policy.clientKey": "dGVzdA==", + "clamp.config.cadi.aafLocateUrl": "https://aaf-locate.{{ include "common.namespace" . }}:8095", + "com.att.eelf.logging.path": "/opt/clamp", + "com.att.eelf.logging.file": "logback.xml" + } + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 120 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + + +service: + type: ClusterIP + name: clamp-backend + portName: clamp-backend + internalPort: 8443 + externalPort: 443 + +ingress: + enabled: false + +#resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # + # Example: + # Configure resource requests and limits + # ref: http://kubernetes.io/docs/user-guide/compute-resources/ + # Minimum memory for development is 2 CPU cores and 4GB memory + # Minimum memory for production is 4 CPU cores and 8GB memory +resources: + small: + limits: + cpu: 1 + memory: 1.2Gi + requests: + cpu: 10m + memory: 800Mi + large: + limits: + cpu: 1 + memory: 1.2Gi + requests: + cpu: 10m + memory: 800Mi + unlimited: {} diff --git a/charts/clamp-dash-es/Chart.yaml b/charts/clamp-dash-es/Chart.yaml new file mode 100644 index 0000000..c43b7f3 --- /dev/null +++ b/charts/clamp-dash-es/Chart.yaml @@ -0,0 +1,19 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: ONAP Clamp Dashboard Elasticsearch +name: clamp-dash-es +version: 5.0.0 diff --git a/charts/clamp-dash-es/requirements.yaml b/charts/clamp-dash-es/requirements.yaml new file mode 100644 index 0000000..57ee781 --- /dev/null +++ b/charts/clamp-dash-es/requirements.yaml @@ -0,0 +1,19 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~5.x-0 + repository: '@local' diff --git a/charts/clamp-dash-es/resources/config/elasticsearch.yml b/charts/clamp-dash-es/resources/config/elasticsearch.yml new file mode 100644 index 0000000..26affe6 --- /dev/null +++ b/charts/clamp-dash-es/resources/config/elasticsearch.yml @@ -0,0 +1,154 @@ +# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ======================== Elasticsearch Configuration ========================= +# +# NOTE: Elasticsearch comes with reasonable defaults for most settings. +# Before you set out to tweak and tune the configuration, make sure you +# understand what are you trying to accomplish and the consequences. +# +# The primary way of configuring a node is via this file. This template lists +# the most important settings you may want to configure for a production cluster. +# +# Please consult the documentation for further information on configuration options: +# https://www.elastic.co/guide/en/elasticsearch/reference/index.html +# +# ---------------------------------- Cluster ----------------------------------- +# +# Name of the Elasticsearch cluster. +# A node can only join a cluster when it shares its cluster.name with all the other nodes in the cluster. +# The default name is elasticsearch, but you should change it to an appropriate name which describes the +# purpose of the cluster. +# +cluster.name: "clamp-dashboard" +# +# The port that other nodes in the cluster should use when communicating with this node. +# Required for Elasticsearch's nodes running on different cluster nodes. +# More : https://www.elastic.co/guide/en/elasticsearch/reference/current/modules-transport.html +#transport.publish_port:$transport.publish_port +# +# The host address to publish for nodes in the cluster to connect to. +# Required for Elasticsearch's nodes running on different cluster nodes. +# More : https://www.elastic.co/guide/en/elasticsearch/reference/current/modules-transport.html +#transport.publish_host:$transport.publish_host +# +# ------------------------------------ Node ------------------------------------ +# +# It is better to provide different meaningfull names fot different elastic nodes. +# By default, Elasticsearch will take the 7 first character of the randomly generated uuid used as the node id. +# Note that the node id is persisted and does not change when a node restarts +# +#node.name: $node.name +# +# Add custom attributes to the node: +# +#node.attr.rack: r1 +# +# ----------------------------------- Paths ------------------------------------ +# +# The location of the data files of each index / shard allocated on the node. Can hold multiple locations separated by coma. +# In production, we should not keep this default to "/elasticsearch/data", as on upgrading Elasticsearch, directory structure +# may change & can deal to data loss. +path.data: /usr/share/elasticsearch/data +# +# Elasticsearch's log files location. In production, we should not keep this default to "/elasticsearch/logs", +# as on upgrading Elasticsearch, directory structure may change. +path.logs: /usr/share/elasticsearch/logs +# +# ----------------------------------- Memory ----------------------------------- +# +# It is vitally important to the health of your node that none of the JVM is ever swapped out to disk. +# Lock the memory on startup. +# +bootstrap.memory_lock: false +# +# Make sure that the heap size is set to about half the memory available +# on the system and that the owner of the process is allowed to use this +# limit. +# +# Elasticsearch performs poorly when the system is swapping the memory. +# +# ---------------------------------- Network ----------------------------------- +# +# Set the bind address to a specific IP (IPv4 or IPv6): +# In order to communicate and to form a cluster with nodes on other servers, your node will need to bind to a +# non-loopback address. +network.host: 0.0.0.0 +# +# Set a custom port for HTTP: If required, default is 9200-9300 +# +#http.port: $http.port +# +# For more information, consult the network module documentation. +# +# --------------------------------- Discovery ---------------------------------- +# +# Pass an initial list of hosts to perform discovery when new node is started +# To form a cluster with nodes on other servers, you have to provide a seed list of other nodes in the cluster +# that are likely to be live and contactable. +# By default, Elasticsearch will bind to the available loopback addresses and will scan ports 9300 to 9305 to try +# to connect to other nodes running on the same server. +# +#$discovery.zen.ping.unicast.hosts +# +# This setting tells Elasticsearch to not elect a master unless there are enough master-eligible nodes +# available. Only then will an election take place. +# Prevent the "split brain" by configuring the majority of nodes (total number of master-eligible nodes / 2 + 1): +discovery.zen.minimum_master_nodes: 1 +# +# For more information, consult the zen discovery module documentation. +# +# ---------------------------------- Gateway ----------------------------------- +# +# Block initial recovery after a full cluster restart until N nodes are started: +# +#gateway.recover_after_nodes: 3 +# +# For more information, consult the gateway module documentation. +# +# ---------------------------------- Various ----------------------------------- +# +# Require explicit names when deleting indices: +# +#action.destructive_requires_name: true +# Set a custom port for HTTP: If required, default is 9200-9300 +# This is used for REST APIs +http.port: {{.Values.service.externalPort}} +# Port to bind for communication between nodes. Accepts a single value or a range. +# If a range is specified, the node will bind to the first available port in the range. +# Defaults to 9300-9400. +# More info: +transport.tcp.port: {{.Values.service.externalPort2}} +#xpack.graph.enabled: false +#Set to false to disable X-Pack graph features. +#xpack.ml.enabled: false +#Set to false to disable X-Pack machine learning features. +#xpack.monitoring.enabled: false +#Set to false to disable X-Pack monitoring features. + + +#xpack.watcher.enabled: false +#Set to false to disable Watcher. + +#xpack.license.self_generated.type: basic +#xpack.security.enabled: false + +## Search Guard +# +searchguard.enterprise_modules_enabled: false +searchguard.ssl.transport.keystore_filepath: sg/node-0-keystore.jks +searchguard.ssl.transport.truststore_filepath: sg/truststore.jks +searchguard.ssl.transport.enforce_hostname_verification: false + +searchguard.authcz.admin_dn: + - "CN=kirk,OU=client,O=client,l=tEst,C=De" diff --git a/charts/clamp-dash-es/templates/configmap.yaml b/charts/clamp-dash-es/templates/configmap.yaml new file mode 100644 index 0000000..5a5e6db --- /dev/null +++ b/charts/clamp-dash-es/templates/configmap.yaml @@ -0,0 +1,27 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-configmap + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} diff --git a/charts/clamp-dash-es/templates/deployment.yaml b/charts/clamp-dash-es/templates/deployment.yaml new file mode 100644 index 0000000..5070f24 --- /dev/null +++ b/charts/clamp-dash-es/templates/deployment.yaml @@ -0,0 +1,119 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - command: + - /bin/sh + - -c + - | + sysctl -w vm.max_map_count=262144 + mkdir -p /usr/share/elasticsearch/logs + mkdir -p /usr/share/elasticsearch/data + chmod -R 777 /usr/share/elasticsearch + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + securityContext: + privileged: true + image: {{ .Values.global.busyboxRepository | default .Values.busyboxRepository }}/{{ .Values.busyboxImage }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: init-sysctl + volumeMounts: + - name: {{ include "common.fullname" . }}-logs + mountPath: /usr/share/elasticsearch/logs/ + - name: {{ include "common.fullname" . }}-data + mountPath: /usr/share/elasticsearch/data/ + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.internalPort }} + name: {{ include "common.servicename" . }} + - containerPort: {{ .Values.service.internalPort2 }} + name: {{ include "common.servicename" . }}2 +# disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort2 }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + env: + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /usr/share/elasticsearch/config/elasticsearch.yml + name: {{ include "common.fullname" . }}-config + subPath: elasticsearch.yml + - mountPath: /usr/share/elasticsearch/data/ + name: {{ include "common.fullname" . }}-data + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: {{ include "common.fullname" . }}-config + configMap: + name: {{ include "common.fullname" . }}-configmap + items: + - key: elasticsearch.yml + path: elasticsearch.yml + - name: {{ include "common.fullname" . }}-data + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }} + - name: {{ include "common.fullname" . }}-logs + hostPath: + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPathLogs }} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/charts/clamp-dash-es/templates/pv.yaml b/charts/clamp-dash-es/templates/pv.yaml new file mode 100644 index 0000000..fd21cdf --- /dev/null +++ b/charts/clamp-dash-es/templates/pv.yaml @@ -0,0 +1,36 @@ +{{/* +# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} +spec: + capacity: + storage: {{ .Values.persistence.size}} + accessModes: + - {{ .Values.persistence.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} +{{- end -}} diff --git a/charts/clamp-dash-es/templates/pvc.yaml b/charts/clamp-dash-es/templates/pvc.yaml new file mode 100644 index 0000000..abab145 --- /dev/null +++ b/charts/clamp-dash-es/templates/pvc.yaml @@ -0,0 +1,40 @@ +{{/* +# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + selector: + matchLabels: + name: {{ include "common.fullname" . }} + accessModes: + - {{ .Values.persistence.accessMode }} + resources: + requests: + storage: {{ .Values.persistence.size }} +{{- end -}} diff --git a/charts/clamp-dash-es/templates/service.yaml b/charts/clamp-dash-es/templates/service.yaml new file mode 100644 index 0000000..d207471 --- /dev/null +++ b/charts/clamp-dash-es/templates/service.yaml @@ -0,0 +1,68 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + annotations: +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.config.portName }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.config.portName }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }}-tcp + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + annotations: +spec: + type: {{ .Values.service.type2 }} + ports: + {{if eq .Values.service.type2 "NodePort" -}} + - port: {{ .Values.service.externalPort2 }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }} + name: {{ .Values.config.portName2 }} + {{- else -}} + - port: {{ .Values.service.externalPort2 }} + targetPort: {{ .Values.service.internalPort2 }} + name: {{ .Values.config.portName2 }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} diff --git a/charts/clamp-dash-es/values.yaml b/charts/clamp-dash-es/values.yaml new file mode 100644 index 0000000..2d67048 --- /dev/null +++ b/charts/clamp-dash-es/values.yaml @@ -0,0 +1,126 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== + persistence: {} +flavor: small + +################################################################# +# Application configuration defaults. +################################################################# + +# BusyBox image +busyboxRepository: registry.hub.docker.com +busyboxImage: library/busybox:latest + +# application image +repository: nexus3.onap.org:10001 +image: onap/clamp-dashboard-elasticsearch:4.1.1 +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration +# Example: +config: {} + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + +## Persist data to a persitent volume +persistence: + enabled: true + + ## A manually managed Persistent Volume and Claim + ## Requires persistence.enabled: true + ## If defined, PVC must be created manually before volume will be bound + # existingClaim: + volumeReclaimPolicy: Retain + + ## database data Persistent Volume Storage Class + ## If defined, storageClassName: <storageClass> + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is + ## set, choosing the default provisioner. (gp2 on AWS, standard on + ## GKE, AWS & OpenStack) + accessMode: ReadWriteOnce + size: 4Gi + mountPath: /dockerdata-nfs + mountSubPath: clamp/dashboard-elasticsearch/data + mountSubPathLogs: clamp + +service: + type: ClusterIP + name: cdash-es + portName: cdash-es-rest + externalPort: 9200 + internalPort: 9200 + type2: ClusterIP + portName2: cdash-es-tcp + externalPort2: 9300 + internalPort2: 9300 + +ingress: + enabled: false + +#resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # + # Example: + # Configure resource requests and limits + # ref: http://kubernetes.io/docs/user-guide/compute-resources/ + # Minimum memory for development is 2 CPU cores and 4GB memory + # Minimum memory for production is 4 CPU cores and 8GB memory +resources: + small: + limits: + cpu: 1 + memory: 4Gi + requests: + cpu: 10m + memory: 2.5Gi + large: + limits: + cpu: 1 + memory: 4Gi + requests: + cpu: 10m + memory: 2.5Gi + unlimited: {} diff --git a/charts/clamp-dash-kibana/Chart.yaml b/charts/clamp-dash-kibana/Chart.yaml new file mode 100644 index 0000000..954eebc --- /dev/null +++ b/charts/clamp-dash-kibana/Chart.yaml @@ -0,0 +1,19 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: ONAP Clamp Dashboard Kibana +name: clamp-dash-kibana +version: 5.0.0 diff --git a/charts/clamp-dash-kibana/requirements.yaml b/charts/clamp-dash-kibana/requirements.yaml new file mode 100644 index 0000000..57ee781 --- /dev/null +++ b/charts/clamp-dash-kibana/requirements.yaml @@ -0,0 +1,19 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~5.x-0 + repository: '@local' diff --git a/charts/clamp-dash-kibana/resources/certs/org.onap.clamp.crt.pem b/charts/clamp-dash-kibana/resources/certs/org.onap.clamp.crt.pem new file mode 100644 index 0000000..ce630d4 --- /dev/null +++ b/charts/clamp-dash-kibana/resources/certs/org.onap.clamp.crt.pem @@ -0,0 +1,30 @@ +Bag Attributes + friendlyName: clamp@clamp.onap.org + localKeyID: 54 69 6D 65 20 31 35 35 33 37 38 37 35 31 38 33 30 33 +subject=/CN=clamp/emailAddress=/OU=clamp@clamp.onap.org/OU=OSAAF/O=ONAP/C=US +issuer=/C=US/O=ONAP/OU=OSAAF/CN=intermediateCA_9 +-----BEGIN CERTIFICATE----- +MIIEKDCCAxCgAwIBAgIIWY+5kgf/UG4wDQYJKoZIhvcNAQELBQAwRzELMAkGA1UE +BhMCVVMxDTALBgNVBAoMBE9OQVAxDjAMBgNVBAsMBU9TQUFGMRkwFwYDVQQDDBBp +bnRlcm1lZGlhdGVDQV85MB4XDTE5MDMyMTE2MTY1OFoXDTIwMDMyMTE2MTY1OFow +bDEOMAwGA1UEAwwFY2xhbXAxDzANBgkqhkiG9w0BCQEWADEdMBsGA1UECwwUY2xh +bXBAY2xhbXAub25hcC5vcmcxDjAMBgNVBAsMBU9TQUFGMQ0wCwYDVQQKDARPTkFQ +MQswCQYDVQQGEwJVUzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALic +uDccBjOAlOsL1Z1nKnDPRTNxBwIVfARRQDxK3C0zDHQ5qEmIQlF0Vjp+bJ2rgzMW +BnodC38zt1jSXymEsekZNV2sUyBbzJl6vxvA1xJKI9VHLyPSzyUEd1H4qh8b7IDX +3GDqUJgNfvzJ94DaNnnYWFVZq/IYdLjCFaXDxPUQZtlmpdkIWBzvMeNRe4bWajau +immkmSi5/2BYQfZXHXpiKiyBnN+1FbU3consmjNwS1L+PjD+k3JLsc5ANZYZMOTp +Szhu3xmDiB3UV4gPQWacQQZEo/5exywY3Ax3TowGwIA660eSkW1L5RPdyvzEgp7A +vu4+rbhfeR5bXjy2iAUCAwEAAaOB8jCB7zAJBgNVHRMEAjAAMA4GA1UdDwEB/wQE +AwIF4DAgBgNVHSUBAf8EFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwVAYDVR0jBE0w +S4AUgfeZWxC5yIze81Je6k5poEM+rN2hMKQuMCwxDjAMBgNVBAsMBU9TQUFGMQ0w +CwYDVQQKDARPTkFQMQswCQYDVQQGEwJVU4IBBzAdBgNVHQ4EFgQU+GZ6wmWDPrmq +Wd1/NtMYiCQ8Dg4wOwYDVR0RBDQwMoIFY2xhbXCCHWNsYW1wLmFwaS5zaW1wbGVk +ZW1vLm9uYXAub3JnggpjbGFtcC5vbmFwMA0GCSqGSIb3DQEBCwUAA4IBAQCFZdhB +U6xm6l0vj4q89onLx4opTPvwGNRc0n402lifkPYXseFtphZSHIf2Sg0mFTH4KHb4 +FdMyBzq1+f5WLU+xRC1nT4eGJ0FvRR6204/fGVrzJTS67phnRnxr2WZzLPW0wPJe +K8SzN6tkUgE7/a/s0T/htE/blDxWh75+tA2jQlgj1Ri0y9A1J8wx++REKjGlHjFN +53aiipsB+wC/oEMzYL4qEPiYPI0Lr3Lsay1F7f6cvDT4+EYzBLMFuwCvpcnHgSMS +4fFj2ROmUG2+CC23B88Q0WNxjLPq/CrmHZZBsqwruPJ0cSuCQxfshTQ6uZhcjtu8 +6TRYkIcL0x9r/AHP +-----END CERTIFICATE----- diff --git a/charts/clamp-dash-kibana/resources/certs/org.onap.clamp.key.pem b/charts/clamp-dash-kibana/resources/certs/org.onap.clamp.key.pem new file mode 100644 index 0000000..fcf68bf --- /dev/null +++ b/charts/clamp-dash-kibana/resources/certs/org.onap.clamp.key.pem @@ -0,0 +1,32 @@ +Bag Attributes + friendlyName: clamp@clamp.onap.org + localKeyID: 54 69 6D 65 20 31 35 35 33 37 38 37 35 31 38 33 30 33 +Key Attributes: <No Attributes> +-----BEGIN PRIVATE KEY----- +MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQC4nLg3HAYzgJTr +C9WdZypwz0UzcQcCFXwEUUA8StwtMwx0OahJiEJRdFY6fmydq4MzFgZ6HQt/M7dY +0l8phLHpGTVdrFMgW8yZer8bwNcSSiPVRy8j0s8lBHdR+KofG+yA19xg6lCYDX78 +yfeA2jZ52FhVWavyGHS4whWlw8T1EGbZZqXZCFgc7zHjUXuG1mo2ropppJkouf9g +WEH2Vx16YiosgZzftRW1N3KJ7JozcEtS/j4w/pNyS7HOQDWWGTDk6Us4bt8Zg4gd +1FeID0FmnEEGRKP+XscsGNwMd06MBsCAOutHkpFtS+UT3cr8xIKewL7uPq24X3ke +W148togFAgMBAAECggEATncV+R5pKFS7dteV2IvzxvTh1cZxkxoslu0t3zJ2OKPc +5D1pYK+QeGx5Be2cHru6TOlMoXRc4ZjKke8AUXY74/Y573GB91vtL0KznYkuIHDw +oALcb153eqVWTbniHMzSjcSxv2N4E9iQo8L39oVI6CrjCIvPgFuSqMCdUNJPkVTI +4nsarTfLK4fzi7IbWzi9JdE1QRNIxcCMcYJRnLZMdneMLBleR0UL82Xc2KOy5SEt +zyKYCQ8zS247FKolnOrDkhKxXI5fzdDpRK5AQSsAykUPWlYq7pzKjY/dU9rMRohx +YSltFjPZ3sQ3UKqqIqhZS+GoVuZoc925WyhViPsqtQKBgQDsL4LFfPWN8nnsusQp +VR3T7HvvwXuEVAydlaJMwZU0cRYN+L7RHHjDoXZZrNJDIDzNoWnBLKRGx3mtLmgJ +9Pa6SxN6Oc8oo6jzv2D59g1PVjNOMOYTCTb/2Xum4LMLaeeF57HkWxzeA3Ws47++ +gXwzQpbE90tp1Ys4uXD3JoivvwKBgQDIGZTwLGhLSegdAjG83WEgmdtzT1kjvx0Q +A8IR2jkgkTJHdKiuslJ8Z3/XufHEwWMWwfs1XLwxYluoo1y9eNvNeHZXjLqjL62c +I3034F9IvvTUqFcxam2WdoklXbAiSvLUo/9exPgOuVxok6Zv1imRgGb/vYV9vyG7 +86MRuQu5OwKBgQC9E3fcA6JMpY3H3uhEsngzfMDm+fyYvfRvfyezzNFWbyWZv8V6 +gBGJg0vMlFarGDa044BW/hbw9qXI5zqwpeOS1aFdGsRlo0cRAuduk/Spy7c85FZ7 +bMgT4BZmTMHo5DpNb2NxDSO59AkThCuvJde47ZjnS5WavzI6EfKGWNnZ3wKBgQCF +QiwjCp/mS/DtqLFxAsmVSYGROG231aXILYiIFRloa+ndFn7j4NP4D4FfLHErRFL2 +K/ddIUYfaU57b1fqwts26ht90LXWyYDH9AaHOMCcFLe+C+INgcA7rPNG1C7hl6JC +JHmEJo7AV4eICZSU9D44rRdrB08oYCpaHjYiLmb1UwKBgQCWCDJ4p2DrNL9hzj3K +kzvM5saXrfI4aVBXVt9rw9s1d/WG8JOpnmHcnLPb6Tj59rDktrLCLv0sVstMwNVJ +sOO+qsgn1VoZalcVhhjdONm5YvhJQgz0F7Y2xkr6g/AuMPz2YigGfm7fe/z7rc+L +q9Ua2HmUS8DDBy7W89MNZJNkDQ== +-----END PRIVATE KEY----- diff --git a/charts/clamp-dash-kibana/resources/config/kibana.yml b/charts/clamp-dash-kibana/resources/config/kibana.yml new file mode 100644 index 0000000..55df82b --- /dev/null +++ b/charts/clamp-dash-kibana/resources/config/kibana.yml @@ -0,0 +1,135 @@ +# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +#xpack.graph.enabled: false +#Set to false to disable X-Pack graph features. +#xpack.ml.enabled: false +#Set to false to disable X-Pack machine learning features. +#xpack.monitoring.enabled: false +#Set to false to disable X-Pack monitoring features. +#xpack.reporting.enabled: false +#Set to false to disable X-Pack reporting features. +#xpack.security.enabled: false +#Set to false to disable X-Pack security features. +#xpack.watcher.enabled: false +#Set to false to disable Watcher. +# Kibana is served by a back end server. This setting specifies the port to use. +server.port: {{.Values.service.externalPort}} + +# Specifies the address to which the Kibana server will bind. IP addresses and host names are both valid values. +# The default is 'localhost', which usually means remote machines will not be able to connect. +# To allow connections from remote users, set this parameter to a non-loopback address. +server.host: "0.0.0.0" + +# Enables you to specify a path to mount Kibana at if you are running behind a proxy. This only affects +# the URLs generated by Kibana, your proxy is expected to remove the basePath value before forwarding requests +# to Kibana. This setting cannot end in a slash. +#server.basePath: "" + +# The maximum payload size in bytes for incoming server requests. +#server.maxPayloadBytes: 1048576 + +# The Kibana server's name. This is used for display purposes. +server.name: "Clamp Dashboard" + +# The URL of the Elasticsearch instance to use for all your queries. +elasticsearch.url: "http://{{.Values.config.elasticsearchServiceName}}.{{ include "common.namespace" . }}:{{.Values.config.elasticsearchPort}}" +# When this setting's value is true Kibana uses the hostname specified in the server.host +# setting. When the value of this setting is false, Kibana uses the hostname of the host +# that connects to this Kibana instance. +#elasticsearch.preserveHost: true + +# Kibana uses an index in Elasticsearch to store saved searches, visualizations and +# dashboards. Kibana creates a new index if the index doesn't already exist. +#kibana.index: ".kibana" + +# The default application to load. +#kibana.defaultAppId: "discover" + +# If your Elasticsearch is protected with basic authentication, these settings provide +# the username and password that the Kibana server uses to perform maintenance on the Kibana +# index at startup. Your Kibana users still need to authenticate with Elasticsearch, which +# is proxied through the Kibana server. +#elasticsearch.username: "elastic" +#elasticsearch.password: "changeme" +# Enables SSL and paths to the PEM-format SSL certificate and SSL key files, respectively. +# These settings enable SSL for outgoing requests from the Kibana server to the browser. +server.ssl.enabled: {{.Values.config.sslEnabled}} +server.ssl.certificate: {{.Values.config.sslPemCertFilePath}} +server.ssl.key: {{.Values.config.sslPemkeyFilePath}} + +# Optional settings that provide the paths to the PEM-format SSL certificate and key files. +# These files validate that your Elasticsearch backend uses the same key files. +#elasticsearch.ssl.certificate: $elasticsearch_ssl_certificate +#elasticsearch.ssl.key: $elasticsearch_ssl_key + +# Optional setting that enables you to specify a path to the PEM file for the certificate +# authority for your Elasticsearch instance. +#elasticsearch.ssl.certificateAuthorities: $elasticsearch_ssl_certificateAuthorities + +# To disregard the validity of SSL certificates, change this setting's value to 'none'. +#elasticsearch.ssl.verificationMode: $elasticsearch_ssl_verificationMode + +# Time in milliseconds to wait for Elasticsearch to respond to pings. Defaults to the value of +# the elasticsearch.requestTimeout setting. +#elasticsearch.pingTimeout: 1500 + +# Time in milliseconds to wait for responses from the back end or Elasticsearch. This value +# must be a positive integer. +#elasticsearch.requestTimeout: 30000 + +# List of Kibana client-side headers to send to Elasticsearch. To send *no* client-side +# headers, set this value to [] (an empty list). +#elasticsearch.requestHeadersWhitelist: [ authorization ] + +# Header names and values that are sent to Elasticsearch. Any custom headers cannot be overwritten +# by client-side headers, regardless of the elasticsearch.requestHeadersWhitelist configuration. +#elasticsearch.customHeaders: {} + +# Time in milliseconds for Elasticsearch to wait for responses from shards. Set to 0 to disable. +#elasticsearch.shardTimeout: 0 + +# Time in milliseconds to wait for Elasticsearch at Kibana startup before retrying. +#elasticsearch.startupTimeout: 5000 + +# Specifies the path where Kibana creates the process ID file. +#pid.file: /var/run/kibana.pid + +# Enables you specify a file where Kibana stores log output. +#logging.dest: stdout + +# Set the value of this setting to true to suppress all logging output. +#logging.silent: false + +# Set the value of this setting to true to suppress all logging output other than error messages. +#logging.quiet: false + +# Set the value of this setting to true to log all events, including system usage information +# and all requests. +#logging.verbose: false + +# Set the interval in milliseconds to sample system and process performance +# metrics. Minimum is 100ms. Defaults to 5000. +#ops.interval: 5000 + +# The default locale. This locale can be used in certain circumstances to substitute any missing +# translations. +#i18n.defaultLocale: "en" + +## Search Guard +# +#xpack.security.enabled: false +elasticsearch.username: {{.Values.config.elasticUSR}} +elasticsearch.password: {{.Values.config.elasticPWD}} + +searchguard.cookie.password: 123567818187654rwrwfsfshdhdhtegdhfzftdhncn diff --git a/charts/clamp-dash-kibana/templates/configmap.yaml b/charts/clamp-dash-kibana/templates/configmap.yaml new file mode 100644 index 0000000..8fcd405 --- /dev/null +++ b/charts/clamp-dash-kibana/templates/configmap.yaml @@ -0,0 +1,36 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "common.fullname" . }}-aaf-pem-keys + namespace: {{ include "common.namespace" . }} +type: Opaque +data: +{{ tpl (.Files.Glob "resources/certs/*").AsSecrets . | indent 2 }} diff --git a/charts/clamp-dash-kibana/templates/deployment.yaml b/charts/clamp-dash-kibana/templates/deployment.yaml new file mode 100644 index 0000000..31752fc --- /dev/null +++ b/charts/clamp-dash-kibana/templates/deployment.yaml @@ -0,0 +1,104 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - command: + - /root/ready.py + args: + - --container-name + - clamp-dash-es + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.internalPort }} + name: {{ include "common.servicename" . }} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} +# disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + env: + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /usr/share/kibana/config/kibana.yml + name: {{ include "common.fullname" . }} + subPath: kibana.yml + - name: {{ include "common.fullname" . }}-aaf-pem-certs + mountPath: /usr/share/kibana/config/keystore/ + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: {{ include "common.fullname" . }} + configMap: + name: {{ include "common.fullname" . }} + items: + - key: kibana.yml + path: kibana.yml + - name: {{ include "common.fullname" . }}-aaf-pem-certs + secret: + secretName: {{ include "common.fullname" . }}-aaf-pem-keys + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/charts/clamp-dash-kibana/templates/service.yaml b/charts/clamp-dash-kibana/templates/service.yaml new file mode 100644 index 0000000..5c8b6ba --- /dev/null +++ b/charts/clamp-dash-kibana/templates/service.yaml @@ -0,0 +1,41 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + annotations: +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.config.portName }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.config.portName }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} diff --git a/charts/clamp-dash-kibana/values.yaml b/charts/clamp-dash-kibana/values.yaml new file mode 100644 index 0000000..8858716 --- /dev/null +++ b/charts/clamp-dash-kibana/values.yaml @@ -0,0 +1,111 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + persistence: {} +flavor: small + +################################################################# +# Application configuration defaults. +################################################################# + +# BusyBox image +busyboxRepository: registry.hub.docker.com +busyboxImage: library/busybox:latest + +# application image +repository: nexus3.onap.org:10001 +image: onap/clamp-dashboard-kibana:4.1.3 +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration +config: + elasticsearchServiceName: cdash-es + elasticsearchPort: 9200 + elasticUSR: kibanaserver + elasticPWD: kibanaserver + sslEnabled: true + sslPemCertFilePath: /usr/share/kibana/config/keystore/org.onap.clamp.crt.pem + sslPemkeyFilePath: /usr/share/kibana/config/keystore/org.onap.clamp.key.pem + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 360 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + +service: + #Example service definition with external, internal and node ports. + #Services may use any combination of ports depending on the 'type' of + #service being defined. + type: NodePort + name: cdash-kibana + portName: cdash-kibana-http + externalPort: 5601 + internalPort: 5601 + nodePort: 90 +ingress: + enabled: false + +#resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # + # Example: + # Configure resource requests and limits + # ref: http://kubernetes.io/docs/user-guide/compute-resources/ + # Minimum memory for development is 2 CPU cores and 4GB memory + # Minimum memory for production is 4 CPU cores and 8GB memory +resources: + small: + limits: + cpu: 1 + memory: 2Gi + requests: + cpu: 10m + memory: 750Mi + large: + limits: + cpu: 1 + memory: 2Gi + requests: + cpu: 10m + memory: 750Mi + unlimited: {} diff --git a/charts/clamp-dash-logstash/Chart.yaml b/charts/clamp-dash-logstash/Chart.yaml new file mode 100644 index 0000000..4960a70 --- /dev/null +++ b/charts/clamp-dash-logstash/Chart.yaml @@ -0,0 +1,19 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: ONAP Clamp Dashboard Logstash +name: clamp-dash-logstash +version: 5.0.0 diff --git a/charts/clamp-dash-logstash/requirements.yaml b/charts/clamp-dash-logstash/requirements.yaml new file mode 100644 index 0000000..57ee781 --- /dev/null +++ b/charts/clamp-dash-logstash/requirements.yaml @@ -0,0 +1,19 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~5.x-0 + repository: '@local' diff --git a/charts/clamp-dash-logstash/resources/certs/aafca.pem b/charts/clamp-dash-logstash/resources/certs/aafca.pem new file mode 100644 index 0000000..cf12ec4 --- /dev/null +++ b/charts/clamp-dash-logstash/resources/certs/aafca.pem @@ -0,0 +1,26 @@ +-----BEGIN CERTIFICATE----- +MIIEVDCCAjygAwIBAgIBAjANBgkqhkiG9w0BAQsFADAsMQ4wDAYDVQQLDAVPU0FB +RjENMAsGA1UECgwET05BUDELMAkGA1UEBhMCVVMwHhcNMTgwNjA1MDg1MTQxWhcN +MjMwNjA1MDg1MTQxWjBHMQswCQYDVQQGEwJVUzENMAsGA1UECgwET05BUDEOMAwG +A1UECwwFT1NBQUYxGTAXBgNVBAMMEGludGVybWVkaWF0ZUNBXzEwggEiMA0GCSqG +SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOXCdZIoWM0EnEEw3qPiVMhAgNolWCTaLt +eI2TjlTQdGDIcXdBZukHdNeOKYzOXRsLt6bLRtd5yARpn53EbzS/dgAyHuaz1HjE +5IPWSFRg9SulfHUmcS+GBt1+KiMJTlOsw6wSA73H/PjjXBbWs/uRJTnaNmV3so7W +DhNW6fHOrbom4p+3FucbB/QAM9b/3l/1LKnRgdXx9tekDnaKN5u3HVBmyOlRhaRp +tscLUCT3jijoGAPRcYZybgrpa0z3iCWquibTO/eLwuO/Dn7yHWau9ZZAHGPBSn9f +TiLKRYV55mNjr3zvs8diTPECFPW8w8sRIH3za1aKHgUC1gd87Yr3AgMBAAGjZjBk +MB0GA1UdDgQWBBQa1FdycErTZ6nr4dxiMbKH0P7vqjAfBgNVHSMEGDAWgBRTVTPy +S+vQUbHBeJrBKDF77+rtSTASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQE +AwIBhjANBgkqhkiG9w0BAQsFAAOCAgEAlA/RTPy5i09fJ4ytSAmAdytMwEwRaU9F +dshG7LU9q95ODsuM79yJvV9+ISIJZRsBqf5PDv93bUCKKHIYGvR6kNd+n3yx/fce +txDkC/tMj1T9D8TuDKAclGEO9K5+1roOQQFxr4SE6XKb/wjn8OMrCoJ75S0F3htF +LKL85T77JeGeNgSk8JEsZvQvj32m0gv9rxi5jM/Zi5E2vxrBR9T1v3kVvlt6+PSF +BoHXROk5HQmdHxnH+VYQtDHSwj9Xe9aoJMyL0WjYKd//8NUO+VACDOtK4Nia6gy9 +m/n9kMASMw6f9iF4n6t4902RWrRKTYM1CVu5wyVklVbEdE9i6Db4CpL9E8HpBUAP +t44JiNzuFkDmSE/z5XuQIimDt6nzOaSF8pX2KHY2ICDLwpMNUvxzqXD9ECbdspiy +JC2RGq8uARGGl6kQQBKDNO8SrO7rSBPANd1+LgqrKbCrHYfvFgkZPgT5MlQi+E1G +LNT+i6fzZha9ed/L6yjl5Em71flJGFwRZl2pfErZRxp8pLPcznYyIpSjcwnqNCRC +orhlp8nheiODC3oO3AFHDiFgUqvm8hgpnT2cPk2lpU2VY1TcZ8sW5qUDCxINIPcW +u1SAsa87IJK3vEzPZfTCs/S6XThoqRfXj0c0Rahj7YFRi/PqIPY0ejwdtmZ9m9pZ +8Lb0GYmlo44= +-----END CERTIFICATE----- diff --git a/charts/clamp-dash-logstash/resources/config/logstash.yml b/charts/clamp-dash-logstash/resources/config/logstash.yml new file mode 100644 index 0000000..369b582 --- /dev/null +++ b/charts/clamp-dash-logstash/resources/config/logstash.yml @@ -0,0 +1,29 @@ +# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +http.host: "0.0.0.0" +## Path where pipeline configurations reside +path.config: /usr/share/logstash/pipeline + +## Type of queue : memeory based or file based +#queue.type: persisted +## Size of queue +#queue.max_bytes: 1024mb +## Setting true makes logstash check periodically for change in pipeline configurations +config.reload.automatic: true + +## xpack configurations +#xpack.monitoring.elasticsearch.url: ["http://10.247.186.12:9200", "http://10.247.186.13:9200"] +#xpack.monitoring.elasticsearch.username: elastic +#xpack.monitoring.elasticsearch.password: changeme +#xpack.monitoring.enabled: false diff --git a/charts/clamp-dash-logstash/resources/config/pipeline.conf b/charts/clamp-dash-logstash/resources/config/pipeline.conf new file mode 100644 index 0000000..05d8085 --- /dev/null +++ b/charts/clamp-dash-logstash/resources/config/pipeline.conf @@ -0,0 +1,250 @@ +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +input { + http_poller { + urls => { + event_queue => { + method => get + url => "${dmaap_base_url}/events/${event_topic}/${dmaap_consumer_group}/${dmaap_consumer_id}?timeout=15000" + headers => { + Accept => "application/json" + } + topic => "${event_topic}" + tags => [ "dmaap_source" ] + } + notification_queue => { + method => get + url => "${dmaap_base_url}/events/${notification_topic}/${dmaap_consumer_group}/${dmaap_consumer_id}?timeout=15000" + headers => { + Accept => "application/json" + } + topic => "${notification_topic}" + tags => [ "dmaap_source" ] + } + request_queue => { + method => get + url => "${dmaap_base_url}/events/${request_topic}/${dmaap_consumer_group}/${dmaap_consumer_id}?timeout=15000" + headers => { + Accept => "application/json" + } + topic => "${request_topic}" + tags => [ "dmaap_source" ] + } + } + socket_timeout => 30 + request_timeout => 30 + schedule => { "every" => "1m" } + codec => "plain" + cacert => "/certs.d/aafca.pem" + } +} + + +filter { + # avoid noise if no entry in the list + if [message] == "[]" { + drop { } + } + + if [http_request_failure] or [@metadata][code] != 200 { + mutate { + add_tag => [ "error" ] + } + } + + if "dmaap_source" in [@metadata][request][tags] { + # + # Dmaap provides a json list, whose items are Strings containing the event + # provided to Dmaap, which itself is an escaped json. + # + # We first need to parse the json as we have to use the plaintext as it cannot + # work with list of events, then split that list into multiple string events, + # that we then transform into json. + # + json { + source => "[message]" + target => "message" + } + + split { + field => "message" + } + json { + source => "message" + } + mutate { + remove_field => [ "message" ] + } + } + + # + # Some timestamps are expressed as milliseconds, some are in microseconds + # + if [closedLoopAlarmStart] { + ruby { + code => " + if event.get('closedLoopAlarmStart').to_s.to_i(10) > 9999999999999 + event.set('closedLoopAlarmStart', event.get('closedLoopAlarmStart').to_s.to_i(10) / 1000) + else + event.set('closedLoopAlarmStart', event.get('closedLoopAlarmStart').to_s.to_i(10)) + end + " + } + date { + match => [ "closedLoopAlarmStart", UNIX_MS ] + target => "closedLoopAlarmStart" + } + } + + if [closedLoopAlarmEnd] { + ruby { + code => " + if event.get('closedLoopAlarmEnd').to_s.to_i(10) > 9999999999999 + event.set('closedLoopAlarmEnd', event.get('closedLoopAlarmEnd').to_s.to_i(10) / 1000) + else + event.set('closedLoopAlarmEnd', event.get('closedLoopAlarmEnd').to_s.to_i(10)) + end + " + } + date { + match => [ "closedLoopAlarmEnd", UNIX_MS ] + target => "closedLoopAlarmEnd" + } + + } + + + # + # Notification time are expressed under the form "yyyy-MM-dd HH:mm:ss", which + # is close to ISO8601, but lacks of T as spacer: "yyyy-MM-ddTHH:mm:ss" + # + if [notificationTime] { + mutate { + gsub => [ + "notificationTime", " ", "T" + ] + } + date { + match => [ "notificationTime", ISO8601 ] + target => "notificationTime" + } + } + + + # + # Renaming some fields for readability + # + if [AAI][generic-vnf.vnf-name] { + mutate { + add_field => { "vnfName" => "%{[AAI][generic-vnf.vnf-name]}" } + } + } + if [AAI][generic-vnf.vnf-type] { + mutate { + add_field => { "vnfType" => "%{[AAI][generic-vnf.vnf-type]}" } + } + } + if [AAI][vserver.vserver-name] { + mutate { + add_field => { "vmName" => "%{[AAI][vserver.vserver-name]}" } + } + } + if [AAI][complex.city] { + mutate { + add_field => { "locationCity" => "%{[AAI][complex.city]}" } + } + } + if [AAI][complex.state] { + mutate { + add_field => { "locationState" => "%{[AAI][complex.state]}" } + } + } + + + # + # Adding some flags to ease aggregation + # + if [closedLoopEventStatus] =~ /(?i)ABATED/ { + mutate { + add_field => { "flagAbated" => "1" } + } + } + if [notification] =~ /^.*?(?:\b|_)FINAL(?:\b|_).*?(?:\b|_)FAILURE(?:\b|_).*?$/ { + mutate { + add_field => { "flagFinalFailure" => "1" } + } + } + + + if "error" not in [@metadata][request][tags]{ + # + # Creating data for a secondary index + # + clone { + clones => [ "event-cl-aggs" ] + add_tag => [ "event-cl-aggs" ] + } + + if "event-cl-aggs" in [@metadata][request][tags]{ + # + # we only need a few fields for aggregations; remove all fields from clone except : + # vmName,vnfName,vnfType,requestID,closedLoopAlarmStart, closedLoopControlName,closedLoopAlarmEnd,abated,nbrDmaapevents,finalFailure + # + prune { + whitelist_names => ["^@.*$","^topic$","^type$","^tags$","^flagFinalFailure$","^flagAbated$","^locationState$","^locationCity$","^vmName$","^vnfName$","^vnfType$","^requestID$","^closedLoopAlarmStart$","^closedLoopControlName$","^closedLoopAlarmEnd$","^target$","^target_type$","^triggerSourceName$","^policyScope$","^policyName$","^policyVersion$"] + } + + } + } +} + + +output { + stdout { + codec => rubydebug + } + + if "error" in [tags] { + elasticsearch { + codec => "json" + hosts => ["${elasticsearch_base_url}"] + user => ["${logstash_user}"] + password => ["${logstash_pwd}"] + index => "errors-%{+YYYY.MM.DD}" + doc_as_upsert => true + } + + } else if "event-cl-aggs" in [tags] { + elasticsearch { + codec => "json" + hosts => ["${elasticsearch_base_url}"] + user => ["${logstash_user}"] + password => ["${logstash_pwd}"] + document_id => "%{requestID}" + index => "events-cl-%{+YYYY.MM.DD}" # creates daily indexes for control loop + doc_as_upsert => true + action => "update" + } + + } else { + elasticsearch { + codec => "json" + hosts => ["${elasticsearch_base_url}"] + user => ["${logstash_user}"] + password => ["${logstash_pwd}"] + index => "events-%{+YYYY.MM.DD}" # creates daily indexes + doc_as_upsert => true + } + } +} diff --git a/charts/clamp-dash-logstash/templates/configmap.yaml b/charts/clamp-dash-logstash/templates/configmap.yaml new file mode 100644 index 0000000..350a0e0 --- /dev/null +++ b/charts/clamp-dash-logstash/templates/configmap.yaml @@ -0,0 +1,37 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} + +--- +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "common.fullname" . }}-aaf-keys + namespace: {{ include "common.namespace" . }} +type: Opaque +data: +{{ tpl (.Files.Glob "resources/certs/*").AsSecrets . | indent 2 }} diff --git a/charts/clamp-dash-logstash/templates/deployment.yaml b/charts/clamp-dash-logstash/templates/deployment.yaml new file mode 100644 index 0000000..a72f6b6 --- /dev/null +++ b/charts/clamp-dash-logstash/templates/deployment.yaml @@ -0,0 +1,128 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - command: + - /root/ready.py + args: + - --container-name + - clamp-dash-es + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + env: + - name: dmaap_consumer_group + value: "{{ .Values.config.dmaapConsumerGroup }}" + - name: dmaap_consumer_id + value: "{{ .Values.config.dmaapConsumerId }}" + - name: event_topic + value: "{{ .Values.config.eventTopic }}" + - name: notification_topic + value: "{{ .Values.config.notificationTopic }}" + - name: request_topic + value: "{{ .Values.config.requestTopic }}" + - name: dmaap_base_url + value: {{ .Values.config.dmaapScheme }}://{{ .Values.config.dmaapHost }}.{{ include "common.namespace" . }}:{{ .Values.config.dmaapPort }} + - name: logstash_user + value: "{{ .Values.config.logstash_user }}" + - name: logstash_pwd + value: "{{ .Values.config.logstash_pwd }}" + - name: elasticsearch_base_url + value: "http://{{.Values.config.elasticsearchServiceName}}.{{.Release.Namespace}}.svc.cluster.local:{{.Values.config.elasticsearchPort}}" + ports: + - containerPort: {{ .Values.service.internalPort }} + name: {{ include "common.servicename" . }} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} +# disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /usr/share/logstash/config/logstash.yml + name: {{ include "common.fullname" . }} + subPath: logstash.yml + - mountPath: /usr/share/logstash/pipeline/logstash.conf + name: {{ include "common.fullname" . }} + subPath: pipeline.conf + - name: {{ include "common.fullname" . }}-aaf-certs + mountPath: /certs.d/ + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: {{ include "common.fullname" . }} + configMap: + name: {{ include "common.fullname" . }} + items: + - key: logstash.yml + path: logstash.yml + - key: pipeline.conf + path: pipeline.conf + - name: {{ include "common.fullname" . }}-aaf-certs + secret: + secretName: {{ include "common.fullname" . }}-aaf-keys + + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/charts/clamp-dash-logstash/templates/service.yaml b/charts/clamp-dash-logstash/templates/service.yaml new file mode 100644 index 0000000..5c8b6ba --- /dev/null +++ b/charts/clamp-dash-logstash/templates/service.yaml @@ -0,0 +1,41 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + annotations: +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.config.portName }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.config.portName }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} diff --git a/charts/clamp-dash-logstash/values.yaml b/charts/clamp-dash-logstash/values.yaml new file mode 100644 index 0000000..20bf974 --- /dev/null +++ b/charts/clamp-dash-logstash/values.yaml @@ -0,0 +1,111 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + persistence: {} +flavor: small + +################################################################# +# Application configuration defaults. +################################################################# + +# application image +repository: nexus3.onap.org:10001 +image: onap/clamp-dashboard-logstash:4.1.3 +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration +config: + elasticsearchServiceName: cdash-es + elasticsearchPort: 9200 + dmaapHost: message-router + dmaapScheme: https + dmaapPort: 3905 + dmaapConsumerGroup: "clampdashboard" + dmaapConsumerId: "clampdashboard" + eventTopic: "DCAE-CL-EVENT" + notificationTopic: "POLICY-CL-MGT" + requestTopic: "APPC-CL" + logstash_user: "logstash" + logstash_pwd: "logstash" + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 120 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + +service: + #Example service definition with external, internal and node ports. + #Services may use any combination of ports depending on the 'type' of + #service being defined. + type: ClusterIP + name: cdash-ls + portName: cdash-ls-healthcheck + externalPort: 9600 + internalPort: 9600 +ingress: + enabled: false + +#resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # + # Example: + # Configure resource requests and limits + # ref: http://kubernetes.io/docs/user-guide/compute-resources/ + # Minimum memory for development is 2 CPU cores and 4GB memory + # Minimum memory for production is 4 CPU cores and 8GB memory +resources: + small: + limits: + cpu: 1 + memory: 1.3Gi + requests: + cpu: 10m + memory: 750Mi + large: + limits: + cpu: 1 + memory: 1.3Gi + requests: + cpu: 10m + memory: 750Mi + unlimited: {} diff --git a/charts/mariadb/Chart.yaml b/charts/mariadb/Chart.yaml new file mode 100644 index 0000000..ef12d23 --- /dev/null +++ b/charts/mariadb/Chart.yaml @@ -0,0 +1,19 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: MariaDB Service +name: mariadb +version: 5.0.0 diff --git a/charts/mariadb/NOTES.txt b/charts/mariadb/NOTES.txt new file mode 100644 index 0000000..1103aff --- /dev/null +++ b/charts/mariadb/NOTES.txt @@ -0,0 +1,32 @@ +# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} +{{- end }} diff --git a/charts/mariadb/resources/config/mariadb/conf.d/conf1/my.cnf b/charts/mariadb/resources/config/mariadb/conf.d/conf1/my.cnf new file mode 100644 index 0000000..612590c --- /dev/null +++ b/charts/mariadb/resources/config/mariadb/conf.d/conf1/my.cnf @@ -0,0 +1,207 @@ +# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# Example MySQL config file for medium systems. +# +# This is for a system with memory 8G where MySQL plays +# an important part, or systems up to 128M where MySQL is used together with +# other programs (such as a web server) +# +# In this file, you can use all long options that a program supports. +# If you want to know which options a program supports, run the program +# with the "--help" option. + +# The following options will be passed to all MySQL clients +##[client] +##user = root +##port = 3306 +##socket = //opt/app/mysql/mysql.sock + +# Here follows entries for some specific programs + +# The MySQL server +[mysqld] +##performance_schema + +slow_query_log =ON +long_query_time =2 +slow_query_log_file =//var/lib/mysql/slow_query.log +##basedir = //opt/app/mysql/product/mariadb-10.1.11-linux-x86_64 +##datadir = //opt/app/mysql/data +##port = 3306 +##socket = //opt/app/mysql/mysql.sock +skip-external-locking +explicit_defaults_for_timestamp = true +skip-symbolic-links +local-infile = 0 +#ignore_db_dir=lost+found +key_buffer_size = 16M +max_allowed_packet = 4M +table_open_cache = 100 +sort_buffer_size = 512K +net_buffer_length = 8K +read_buffer_size = 256K +read_rnd_buffer_size = 512K +myisam_sort_buffer_size = 8M +max_connections = 500 +lower_case_table_names = 1 +thread_stack = 256K +thread_cache_size = 25 +query_cache_size = 8M +query_cache_type = 0 +query_prealloc_size = 512K +query_cache_limit = 1M + +# Password validation +##plugin-load-add=simple_password_check.so +##simple_password_check_other_characters=0 + +# Audit Log settings +plugin-load-add=server_audit.so +server_audit=FORCE_PLUS_PERMANENT +server_audit_file_path=//var/lib/mysql/audit.log +server_audit_file_rotate_size=50M +server_audit_events=CONNECT,QUERY,TABLE +server_audit_logging=on + +# Don't listen on a TCP/IP port at all. This can be a security enhancement, +# if all processes that need to connect to mysqld run on the same host. +# All interaction with mysqld must be made via Unix sockets or named pipes. +# Note that using this option without enabling named pipes on Windows +# (via the "enable-named-pipe" option) will render mysqld useless! +# +#skip-networking + +# Replication Master Server (default) +# binary logging is required for replication +##log-bin=//var/lib/mysql/mysql-bin + +# binary logging format - mixed recommended +binlog_format=row + +# required unique id between 1 and 2^32 - 1 +# defaults to 1 if master-host is not set +# but will not function as a master if omitted + +# Replication Slave (comment out master section to use this) +# +# To configure this host as a replication slave, you can choose between +# two methods : +# +# 1) Use the CHANGE MASTER TO command (fully described in our manual) - +# the syntax is: +# +# CHANGE MASTER TO MASTER_HOST=<host>, MASTER_PORT=<port>, +# MASTER_USER=<user>, MASTER_PASSWORD=<password> ; +# +# where you replace <host>, <user>, <password> by quoted strings and +# <port> by the master's port number (3306 by default). +# +# Example: +# +# CHANGE MASTER TO MASTER_HOST='125.564.12.1', MASTER_PORT=3306, +# MASTER_USER='joe', MASTER_PASSWORD='secret'; +# +# OR +# +# 2) Set the variables below. However, in case you choose this method, then +# start replication for the first time (even unsuccessfully, for example +# if you mistyped the password in master-password and the slave fails to +# connect), the slave will create a master.info file, and any later +# change in this file to the variables' values below will be ignored and +# overridden by the content of the master.info file, unless you shutdown +# the slave server, delete master.info and restart the slaver server. +# For that reason, you may want to leave the lines below untouched +# (commented) and instead use CHANGE MASTER TO (see above) +# +# required unique id between 2 and 2^32 - 1 +# (and different from the master) +# defaults to 2 if master-host is set +# but will not function as a slave if omitted +#server-id = 2 +# +# The replication master for this slave - required +#master-host = <hostname> +# +# The username the slave will use for authentication when connecting +# to the master - required +#master-user = <username> +# +# The password the slave will authenticate with when connecting to +# the master - required +#master-password = <password> +# +# The port the master is listening on. +# optional - defaults to 3306 +#master-port = <port> +# +# binary logging - not required for slaves, but recommended +#log-bin=mysql-bin + +# Uncomment the following if you are using InnoDB tables +##innodb_data_home_dir = //opt/app/mysql/data +##innodb_data_file_path = ibdata1:20M:autoextend:max:32G +##innodb_log_group_home_dir = //opt/app/mysql/iblogs +# You can set .._buffer_pool_size up to 50 - 80 % +# of RAM but beware of setting memory usage too high +innodb_buffer_pool_size = 128M +#innodb_additional_mem_pool_size = 2M +# Set .._log_file_size to 25 % of buffer pool size +innodb_log_file_size = 10M +innodb_log_files_in_group = 3 +innodb_log_buffer_size = 8M +#innodb_flush_log_at_trx_commit = 1 +innodb_lock_wait_timeout = 50 +innodb_autoextend_increment = 100 +expire_logs_days = 8 +open_files_limit = 2000 +transaction-isolation=READ-COMMITTED +####### Galera parameters ####### +## Galera Provider configuration +wsrep_provider=/usr/lib/galera/libgalera_smm.so +wsrep_provider_options="gcache.size=128M; gcache.page_size=10M" +## Galera Cluster configuration +wsrep_cluster_name="MSO-automated-tests-cluster" +wsrep_cluster_address="gcomm://" +#wsrep_cluster_address="gcomm://mariadb1,mariadb2,mariadb3" +##wsrep_cluster_address="gcomm://192.169.3.184,192.169.3.185,192.169.3.186" +## Galera Synchronization configuration +wsrep_sst_method=rsync +#wsrep_sst_method=xtrabackup-v2 +#wsrep_sst_auth="sstuser:Mon#2o!6" +## Galera Node configuration +wsrep_node_name="mariadb1" +##wsrep_node_address="192.169.3.184" +wsrep_on=OFF +## Status notification +#wsrep_notify_cmd=/opt/app/mysql/bin/wsrep_notify +####### + + +[mysqldump] +quick +max_allowed_packet = 16M + +[mysql] +no-auto-rehash +# Remove the next comment character if you are not familiar with SQL +#safe-updates + +[myisamchk] +key_buffer_size = 20971520 + +##[mysqlhotcopy] +##interactive-timeout +##[mysqld_safe] +##malloc-lib=//opt/app/mysql/local/lib/libjemalloc.so.1 +##log-error=//opt/app/mysql/log/mysqld.log diff --git a/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bootstrap-database.sh b/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bootstrap-database.sh new file mode 100755 index 0000000..224a813 --- /dev/null +++ b/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bootstrap-database.sh @@ -0,0 +1,28 @@ +#!/bin/sh + +### +# ============LICENSE_START======================================================= +# ONAP CLAMP +# ================================================================================ +# Copyright (C) 2017 AT&T Intellectual Property. All rights +# reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END============================================ +# =================================================================== +# +### + +mysql -uroot -p$MYSQL_ROOT_PASSWORD -f < /docker-entrypoint-initdb.d/bulkload/create-db.sql +## New model creation +mysql -uroot -p$MYSQL_ROOT_PASSWORD -f cldsdb4 < /docker-entrypoint-initdb.d/bulkload/create-tables.sql diff --git a/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bulkload/create-db.sql b/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bulkload/create-db.sql new file mode 100644 index 0000000..ea4d97c --- /dev/null +++ b/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bulkload/create-db.sql @@ -0,0 +1,11 @@ +# +# Create CLDS database objects (tables, etc.) +# +# +CREATE DATABASE `cldsdb4`; +USE `cldsdb4`; +DROP USER 'clds'; +CREATE USER 'clds'; +GRANT ALL on cldsdb4.* to 'clds' identified by 'sidnnd83K' with GRANT OPTION; +FLUSH PRIVILEGES; + diff --git a/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bulkload/create-tables.sql b/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bulkload/create-tables.sql new file mode 100644 index 0000000..0e15d4d --- /dev/null +++ b/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/bulkload/create-tables.sql @@ -0,0 +1,73 @@ + + create table hibernate_sequence ( + next_val bigint + ) engine=InnoDB; + + insert into hibernate_sequence values ( 1 ); + + create table loop_logs ( + id bigint not null, + log_component varchar(255) not null, + log_instant datetime(6) not null, + log_type varchar(255) not null, + message MEDIUMTEXT not null, + loop_id varchar(255) not null, + primary key (id) + ) engine=InnoDB; + + create table loops ( + name varchar(255) not null, + blueprint_yaml MEDIUMTEXT not null, + dcae_blueprint_id varchar(255), + dcae_deployment_id varchar(255), + dcae_deployment_status_url varchar(255), + global_properties_json json, + last_computed_state varchar(255) not null, + model_properties_json json, + operational_policy_schema json, + svg_representation MEDIUMTEXT, + primary key (name) + ) engine=InnoDB; + + create table loops_microservicepolicies ( + loop_id varchar(255) not null, + microservicepolicy_id varchar(255) not null, + primary key (loop_id, microservicepolicy_id) + ) engine=InnoDB; + + create table micro_service_policies ( + name varchar(255) not null, + json_representation json not null, + model_type varchar(255) not null, + policy_tosca MEDIUMTEXT not null, + properties json, + shared bit not null, + primary key (name) + ) engine=InnoDB; + + create table operational_policies ( + name varchar(255) not null, + configurations_json json, + loop_id varchar(255) not null, + primary key (name) + ) engine=InnoDB; + + alter table loop_logs + add constraint FK1j0cda46aickcaoxqoo34khg2 + foreign key (loop_id) + references loops (name); + + alter table loops_microservicepolicies + add constraint FKem7tp1cdlpwe28av7ef91j1yl + foreign key (microservicepolicy_id) + references micro_service_policies (name); + + alter table loops_microservicepolicies + add constraint FKsvx91jekgdkfh34iaxtjfgebt + foreign key (loop_id) + references loops (name); + + alter table operational_policies + add constraint FK1ddoggk9ni2bnqighv6ecmuwu + foreign key (loop_id) + references loops (name); diff --git a/charts/mariadb/templates/NOTES.txt b/charts/mariadb/templates/NOTES.txt new file mode 100644 index 0000000..1103aff --- /dev/null +++ b/charts/mariadb/templates/NOTES.txt @@ -0,0 +1,32 @@ +# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} +{{- end }} diff --git a/charts/mariadb/templates/configmap.yaml b/charts/mariadb/templates/configmap.yaml new file mode 100644 index 0000000..8dd2f4e --- /dev/null +++ b/charts/mariadb/templates/configmap.yaml @@ -0,0 +1,68 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +#{{ if not .Values.disableClampClampMariadb }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: clamp-entrypoint-initdb-configmap + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/mariadb/docker-entrypoint-initdb.d/*").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: clamp-entrypoint-drop-configmap + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/mariadb/docker-entrypoint-initdb.d/drop/*").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: clamp-entrypoint-bulkload-configmap + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/mariadb/docker-entrypoint-initdb.d/bulkload/*").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: clamp-mariadb-conf-configmap + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/mariadb/conf.d/conf1/*").AsConfig . | indent 2 }} +#{{ end }} diff --git a/charts/mariadb/templates/deployment.yaml b/charts/mariadb/templates/deployment.yaml new file mode 100644 index 0000000..47d37bd --- /dev/null +++ b/charts/mariadb/templates/deployment.yaml @@ -0,0 +1,109 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.internalPort }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + env: + - name: MYSQL_ROOT_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "common.fullname" . }} + key: db-root-password + volumeMounts: + - mountPath: /docker-entrypoint-initdb.d/load-sql-files-tests-automation.sh + name: docker-entrypoint-initdb + subPath: load-sql-files-tests-automation.sh + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /docker-entrypoint-initdb.d/drop/ + name: docker-entrypoint-clds-drop + - mountPath: /docker-entrypoint-initdb.d/bulkload/ + name: docker-entrypoint-bulkload + - mountPath: /etc/mysql/conf.d/conf1/ + name: clamp-mariadb-conf + - mountPath: /var/lib/mysql + name: clamp-mariadb-data + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + {{- if .Values.persistence.enabled }} + - name: clamp-mariadb-data + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }} + {{- else }} + emptyDir: {} + {{- end }} + - name: docker-entrypoint-initdb + configMap: + name: clamp-entrypoint-initdb-configmap + - name: docker-entrypoint-clds-drop + configMap: + name: clamp-entrypoint-drop-configmap + - name: docker-entrypoint-bulkload + configMap: + name: clamp-entrypoint-bulkload-configmap + - name: clamp-mariadb-conf + configMap: + name: clamp-mariadb-conf-configmap + - name: localtime + hostPath: + path: /etc/localtime + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/charts/mariadb/templates/pv.yaml b/charts/mariadb/templates/pv.yaml new file mode 100644 index 0000000..252ca76 --- /dev/null +++ b/charts/mariadb/templates/pv.yaml @@ -0,0 +1,38 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} +spec: + capacity: + storage: {{ .Values.persistence.size}} + accessModes: + - {{ .Values.persistence.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} +{{- end -}} diff --git a/charts/mariadb/templates/pvc.yaml b/charts/mariadb/templates/pvc.yaml new file mode 100644 index 0000000..1deed4e --- /dev/null +++ b/charts/mariadb/templates/pvc.yaml @@ -0,0 +1,49 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + selector: + matchLabels: + name: {{ include "common.fullname" . }} + accessModes: + - {{ .Values.persistence.accessMode }} + resources: + requests: + storage: {{ .Values.persistence.size }} +{{- if .Values.persistence.storageClass }} +{{- if (eq "-" .Values.persistence.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.storageClass }}" +{{- end }} +{{- end }} +{{- end -}} diff --git a/charts/mariadb/templates/secrets.yaml b/charts/mariadb/templates/secrets.yaml new file mode 100644 index 0000000..2ca864e --- /dev/null +++ b/charts/mariadb/templates/secrets.yaml @@ -0,0 +1,28 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +type: Opaque +data: + db-root-password: {{ .Values.config.mysqlPassword | b64enc | quote }} diff --git a/charts/mariadb/templates/service.yaml b/charts/mariadb/templates/service.yaml new file mode 100644 index 0000000..5d9b191 --- /dev/null +++ b/charts/mariadb/templates/service.yaml @@ -0,0 +1,39 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + {{- end}} + name: {{ .Values.service.portName }} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} diff --git a/charts/mariadb/values.yaml b/charts/mariadb/values.yaml new file mode 100644 index 0000000..8bf6100 --- /dev/null +++ b/charts/mariadb/values.yaml @@ -0,0 +1,116 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018-2019 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: # global defaults + nodePortPrefix: 302 + + persistence: {} + +# application image +repository: nexus3.onap.org:10001 +image: mariadb:10.3.12 +pullPolicy: Always +flavor: small + +################################################################# +# Application configuration defaults. +################################################################# +config: + mysqlPassword: strong_pitchou + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + +## Persist data to a persitent volume +persistence: + enabled: true + + ## A manually managed Persistent Volume and Claim + ## Requires persistence.enabled: true + ## If defined, PVC must be created manually before volume will be bound + # existingClaim: + volumeReclaimPolicy: Retain + + ## database data Persistent Volume Storage Class + ## If defined, storageClassName: <storageClass> + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is + ## set, choosing the default provisioner. (gp2 on AWS, standard on + ## GKE, AWS & OpenStack) + ## + # storageClass: "-" + accessMode: ReadWriteOnce + size: 2Gi + mountPath: /dockerdata-nfs + mountSubPath: clamp/mariadb/data + +service: + type: ClusterIP + name: clampdb + portName: clampdb + internalPort: 3306 + externalPort: 3306 + + +ingress: + enabled: false + + +#resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # + # Example: + # Configure resource requests and limits + # ref: http://kubernetes.io/docs/user-guide/compute-resources/ + # Minimum memory for development is 2 CPU cores and 4GB memory + # Minimum memory for production is 4 CPU cores and 8GB memory +resources: + small: + limits: + cpu: 1 + memory: 500Mi + requests: + cpu: 10m + memory: 200Mi + large: + limits: + cpu: 1 + memory: 500Mi + requests: + cpu: 10m + memory: 200Mi + unlimited: {} diff --git a/requirements.yaml b/requirements.yaml new file mode 100644 index 0000000..05d49a8 --- /dev/null +++ b/requirements.yaml @@ -0,0 +1,22 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~5.x-0 + # local reference to common chart, as it is + # a part of this chart's package and will not + # be published independently to a repo (at this point) + repository: '@local' diff --git a/resources/config/nginx.conf b/resources/config/nginx.conf new file mode 100644 index 0000000..da7978a --- /dev/null +++ b/resources/config/nginx.conf @@ -0,0 +1,25 @@ +server { + + listen 443 default ssl; + ssl_protocols TLSv1.2; + ssl_certificate /etc/ssl/clamp.pem; + ssl_certificate_key /etc/ssl/clamp.key; + ssl_verify_client optional_no_ca; + location /restservices/clds/ { + proxy_pass https://clamp-backend:443; + proxy_set_header X-SSL-Cert $ssl_client_escaped_cert; + } + + location / { + root /usr/share/nginx/html; + index index.html index.htm; + try_files $uri $uri/ /index.html; + } + + error_page 500 502 503 504 /50x.html; + + location = /50x.html { + root /usr/share/nginx/html; + } + +} diff --git a/templates/NOTES.txt b/templates/NOTES.txt new file mode 100644 index 0000000..e36d6a5 --- /dev/null +++ b/templates/NOTES.txt @@ -0,0 +1,32 @@ +# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit https://127.0.0.1:8443 to use your application" + kubectl port-forward $POD_NAME 8443:{{ .Values.service.internalPort }} +{{- end }} diff --git a/templates/configmap.yaml b/templates/configmap.yaml new file mode 100644 index 0000000..9186cd9 --- /dev/null +++ b/templates/configmap.yaml @@ -0,0 +1,27 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} diff --git a/templates/deployment.yaml b/templates/deployment.yaml new file mode 100644 index 0000000..9585e1f --- /dev/null +++ b/templates/deployment.yaml @@ -0,0 +1,112 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - command: + - /root/ready.py + args: + - --container-name + - clamp-backend + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness + containers: + # side car containers + - name: {{ include "common.name" . }}-filebeat-onap + image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - name: {{ include "common.fullname" . }}-filebeat-conf + mountPath: /usr/share/filebeat/filebeat.yml + subPath: filebeat.yml + - name: {{ include "common.fullname" . }}-data-filebeat + mountPath: /usr/share/filebeat/data + - name: {{ include "common.fullname" . }}-logs + mountPath: /var/log/nginx/ + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.internalPort }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + volumeMounts: + - name: {{ include "common.fullname" . }}-logs + mountPath: /var/log/nginx/ + - mountPath: /etc/nginx/conf.d/nginx.conf + name: {{ include "common.fullname" . }}-config + subPath: nginx.conf + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: {{ include "common.fullname" . }}-config + configMap: + name: {{ include "common.fullname" . }} + items: + - key: nginx.conf + path: nginx.conf + - name: {{ include "common.fullname" . }}-filebeat-conf + configMap: + name: {{ .Release.Name }}-clamp-filebeat-configmap + - name: {{ include "common.fullname" . }}-data-filebeat + emptyDir: {} + - name: {{ include "common.fullname" . }}-logs + emptyDir: {} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/templates/service.yaml b/templates/service.yaml new file mode 100644 index 0000000..3a08db0 --- /dev/null +++ b/templates/service.yaml @@ -0,0 +1,67 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.service.name }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.service.name2 }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + annotations: +spec: + type: {{ .Values.service.type2 }} + ports: + {{if eq .Values.service.type2 "NodePort" -}} + - port: {{ .Values.service.internalPort2 }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }} + name: {{ .Values.config.portName2 }} + {{- else -}} + - port: {{ .Values.service.externalPort2 }} + targetPort: {{ .Values.service.internalPort2 }} + name: {{ .Values.config.portName2 }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }}
\ No newline at end of file diff --git a/values.yaml b/values.yaml new file mode 100644 index 0000000..92d4bb7 --- /dev/null +++ b/values.yaml @@ -0,0 +1,113 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018-2019 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: # global defaults + nodePortPrefix: 302 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + loggingRepository: docker.elastic.co + loggingImage: beats/filebeat:5.5.0 + +subChartsOnly: + enabled: true + +flavor: small + +# application image +repository: nexus3.onap.org:10001 +image: onap/clamp-frontend:4.1.3 +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +################################################################# +# Application configuration defaults. +################################################################# +config: + log: + logstashServiceName: log-ls + logstashPort: 5044 + dataRootDir: /dockerdata-nfs + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 120 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + + +service: + type: NodePort + name: clamp-external + portName: clamp-external + internalPort: 443 + nodePort: 58 + + # as of 20180904 port 58 is reserved for clamp from log/logdemonode + # see https://wiki.onap.org/display/DW/OOM+NodePort+List + + type2: ClusterIP + name2: clamp + portName2: clamp-internal + internalPort2: 443 + externalPort2: 8443 + +ingress: + enabled: false + +#resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # + # Example: + # Configure resource requests and limits + # ref: http://kubernetes.io/docs/user-guide/compute-resources/ + # Minimum memory for development is 2 CPU cores and 4GB memory + # Minimum memory for production is 4 CPU cores and 8GB memory +resources: + small: + limits: + cpu: 1 + memory: 200Mi + requests: + cpu: 10m + memory: 50Mi + large: + limits: + cpu: 1 + memory: 500Mi + requests: + cpu: 10m + memory: 50Mi + unlimited: {} |