aboutsummaryrefslogtreecommitdiffstats
path: root/docs/deployment.rst
AgeCommit message (Collapse)AuthorFilesLines
2023-03-15Enable all Sphinx build warnings as errorsCédric Ollivier1-1/+1
It also fixes several issues to pass the gate. Please note that .. code-block :: json content must be json. Issue-ID: DOC-798 Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com> Change-Id: I38a751b67ab70a5ed5d61cdd49fe914c7b9270cd
2022-11-24Documentation update for enabled dataspace filterseanbeirne1-2/+2
Issue-ID: CPS-1361 Signed-off-by: seanbeirne <sean.beirne@est.tech> Change-Id: I988350289a02e44515aeb2acfe6a83845d66e0d9
2022-11-09Fix RTD broken linksmpriyank1-1/+1
- Broken link for logback xml file - Broken link for oom_user_guide Issue-ID: CPS-1378 Change-Id: I071d5ad890c1471b50a43517427eeab27631fd52 Signed-off-by: mpriyank <priyank.maheshwari@est.tech>
2022-09-22Update Release Notes for Kohnlukegleeson1-11/+11
Added Jira tickets completed Updated Log Example in admin guide Updated timer property names for ncmp in deployment guide Issue-ID: CPS-1251 Signed-off-by: lukegleeson <luke.gleeson@est.tech> Change-Id: I20933d7d113bfa57937ec7f13ba3eb0ab6bc675a
2022-09-01Fixing RTD warningsemaclee1-5/+5
Issue-ID: CPS-1237 Signed-off-by: emaclee <lee.anjella.macabuhay@est.tech> Change-Id: I0f09d6355d23451207d2d937fbda155b1407fb5a
2022-08-09Module Sync, Data Sync, Retry Mechanism RTDDylanB95EST1-1/+12
- Add Documentation for Module Sync, Data Sync, and Retry Mechanism Proccesses for RTD - Update CPS-Core header on the Index to just CPS - Add Cps-NCMP Customizations for retry mechanism and data sync Issue-ID: CPS-1181 Change-Id: Idb76de380e49e42ca337cabcf2708b940e15f46f Signed-off-by: DylanB95EST <dylan.byrne@est.tech>
2022-06-30Kafka consumer can not be turned offJosephKeenan1-5/+2
-NOTE: Build will fail until docker-compose version issues on build server are fixed --Ticket raised https://jira.linuxfoundation.org/plugins/servlet/theme/portal/2/IT-24219 -added flag for async -added response if async is triggered without being enabled & associated test -modified to use one global flag for notifications Issue-ID: CPS-1088 Signed-off-by: JosephKeenan <joseph.keenan@est.tech> Change-Id: If9d988b4dcb71bf37c1b1bf9464090782708ffc2
2022-05-10Watchdog Process-Make ConfigurableDylanB95EST1-9/+19
Make time configurable for the watchdog process. Add documentation outlining this. Issue-ID: CPS-875 Change-Id: I1307c82d02789097efda1ba981eb1fd36c9efc38 Signed-off-by: DylanB95EST <dylan.byrne@est.tech>
2022-04-29Merge "[STRIMZI] Add strimzi kafka notes"Toine Siebelink1-8/+11
2022-03-22Update docs to add info on providing additional configRenu Kumari1-2/+7
- Added information on overriding values of spring-supported properties Issue-ID: CPS-918 Signed-off-by: Renu Kumari <renu.kumari@bell.ca> Change-Id: I660cd9ea0c4c73d972f9c1645f5ed28308282fdc
2022-03-15Create primary documentation for Jakarta releaseBruno Sakoto1-5/+6
* Update release notes * Update openapi documentation * Fix section title hierarchy * Fix admin container directive not found Issue-ID: CPS-935 Signed-off-by: Bruno Sakoto <bruno.sakoto@bell.ca> Change-Id: Iabdc357aa0168c1becafd6de1ac7703ec3bd1afa
2022-03-15[STRIMZI] Add strimzi kafka notesefiacor1-8/+11
Signed-off-by: efiacor <fiachra.corcoran@est.tech> Change-Id: Id85d2708bdb2eb1ddfaa72740a5a9df5599f298b Issue-ID: DMAAP-1681
2021-11-08Improve internal documentation linkslukegleeson1-3/+3
Issue-ID: CPS-749 Signed-off-by: lukegleeson <luke.gleeson@est.tech> Change-Id: I449d14cfb6b5463394a80a8ef23180dd31a1ad50
2021-10-21Prepare for links accross different name-spacesToineSiebelink1-1/+2
-add intersphinx mapping -add labels for re-use in other CPS components Issue-ID: CPS-721 Signed-off-by: ToineSiebelink <toine.siebelink@est.tech> Change-Id: Ib45716e75f85bd3ba28295ffe79db95e3575daaa
2021-10-12cps-core deployment documentputhuparambil.aditya1-5/+274
Issue-ID: CPS-687 Signed-off-by: puthuparambil.aditya <aditya.puthuparambil@bell.ca> Change-Id: I3df9994259c1bbd2173d6aa178c7f5b6d3d4498e
2021-09-22openapi.yaml should not be modified when the application is compiledDylanB95EST1-1/+1
Make Changes to ignore generated yml files for API Specification for CPS-Core Issue-ID: CPS-674 Signed-off-by: DylanB95EST <dylan.byrne@est.tech> Change-Id: I0bff21ccf0353ebf5d0e3e3ffbf0aa9e9c141376 Signed-off-by: DylanB95EST <dylan.byrne@est.tech>
2021-09-14Create Preliminary Documentation for CPS-Core & NCMPshivasubedi1-0/+15
Create Preliminary documentation for Istanbul release of the CPS-Core. Added new plugins in POM to generate swagger doc for design page. Added latest conf.py file from http://gerrit.onap.org/r/doc Followed template from work done by Chaker here https://wiki.onap.org/display/DW/Component+Documentation+Template Issue-ID: CPS-633 Change-Id: I431776e4d052ec65bf1e1d7709d12d0100592cd5 Signed-off-by: DylanB95EST <dylan.byrne@est.tech> Signed-off-by: shivasubedi <shiva.subedi@est.tech>
they go away. .. code-block:: bash helm del --purge <my-helm-release>-<cps-component-name> kubectl get pods -n <namespace> | grep <cps-component-name> **Step 4** Make sure there is no orphan database persistent volume or claim. First, find if there is an orphan database PV or PVC with the following commands: .. note:: This step does not apply to ncmp-dmi-plugin. .. code-block:: bash kubectl get pvc -n <namespace> | grep <cps-component-name> kubectl get pv -n <namespace> | grep <cps-component-name> If there are any orphan resources, delete them with .. code-block:: bash kubectl delete pvc <orphan-cps-core-pvc-name> kubectl delete pv <orphan-cps-core-pv-name> **Step 5** Delete NFS persisted data for CPS components Connect to the machine where the file system is persisted and then execute the below command .. code-block:: bash rm -fr /dockerdata-nfs/<my-helm-release>/<cps-component-name> **Step 6** Re-Deploy cps pods After deploying cps, keep monitoring the cps pods until they come up. .. code-block:: bash helm deploy <my-helm-release> local/cps --namespace <namespace> kubectl get pods -n <namespace> | grep <cps-component-name> Restarting a faulty component ============================= Each cps component can be restarted independently by issuing the following command: .. code-block:: bash kubectl delete pod <cps-component-pod-name> -n <namespace> .. Below Label is used by documentation for other CPS components to link here, do not remove even if it gives a warning .. _cps_common_credentials_retrieval: Credentials Retrieval ===================== Application and database credentials are kept in Kubernetes secrets. They are defined as external secrets in the values.yaml file to be used across different components as : .. container:: ulist - `cps-core <https://github.com/onap/oom/blob/master/kubernetes/cps/components/cps-core/values.yaml#L18>`_ - `cps-temporal <https://github.com/onap/oom/blob/master/kubernetes/cps/components/cps-temporal/values.yaml#L28>`_ - `ncmp-dmi-plugin <https://github.com/onap/oom/blob/master/kubernetes/cps/components/ncmp-dmi-plugin/values.yaml#L22>`_ Below are the list of secrets for different cps components. +--------------------------+---------------------------------+---------------------------------------------------+ | Component | Secret type | Secret Name | +==========================+=================================+===================================================+ | cps-core | Database authentication | <my-helm-release>-cps-core-pg-user-creds | +--------------------------+---------------------------------+---------------------------------------------------+ | cps-core | Rest API Authentication | <my-helm-release>-cps-core-app-user-creds | +--------------------------+---------------------------------+---------------------------------------------------+ | cps-temporal | Rest API Authentication | <my-helm-release>-cps-temporal-app-user-creds | +--------------------------+---------------------------------+---------------------------------------------------+ | cps-temporal | Database authentication | <my-helm-release>-cps-temporal-pg-user-creds | +--------------------------+---------------------------------+---------------------------------------------------+ | ncmp-dmi-plugin | Rest API Authentication | <my-helm-release>-cps-dmi-plugin-user-creds | +--------------------------+---------------------------------+---------------------------------------------------+ | ncmp-dmi-plugin | SDNC authentication | <my-helm-release>-ncmp-dmi-plugin-sdnc-creds | +--------------------------+---------------------------------+---------------------------------------------------+ The credential values from these secrets are configured in running container as environment variables. Eg: `cps core deployment.yaml <https://github.com/onap/oom/blob/master/kubernetes/cps/components/cps-core/templates/deployment.yaml#L46>`_ If no specific passwords are provided to the chart as override values for deployment, then passwords are automatically generated when deploying the Helm release. Below command can be used to retrieve application property credentials .. code:: kubectl get secret <my-helm-release>-<secret-name> -n <namespace> -o json | jq '.data | map_values(@base64d)' .. note:: base64d works only with jq version 1.6 or above. CPS Core Pods ============= To get a listing of the cps-core Pods, run the following command: .. code-block:: bash kubectl get pods -n <namespace> | grep cps-core dev-cps-core-ccd4cc956-r98pv 1/1 Running 0 24h dev-cps-core-postgres-primary-f7766d46c-s9d5b 1/1 Running 0 24h dev-cps-core-postgres-replica-84659d68f9-6qnt4 1/1 Running 0 24h Additional Cps-Core Customizations ================================== The following table lists some properties that can be specified as Helm chart values to configure the application to be deployed. This list is not exhaustive. Any spring supported property can be configured by providing in ``config.additional.<spring-supported-property-name>: value`` Example: config.additional.spring.datasource.hikari.maximumPoolSize: 30 +---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+ | Property | Description | Default Value | +=======================================+=========================================================================================================+===============================+ | config.appUserName | User name used by cps-core service to configure the authentication for REST API it exposes. | ``cpsuser`` | | | | | | | This is the user name to be used by cps-core REST clients to authenticate themselves. | | +---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+ | config.appUserPassword | Password used by cps-core service to configure the authentication for REST API it exposes. | Not defined | | | | | | | This is the password to be used by CPS Temporal REST clients to authenticate themselves. | | | | | | | | If not defined, the password is generated when deploying the application. | | | | | | | | See also :ref:`cps_common_credentials_retrieval`. | | +---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+ | config.dmiPluginUserName | User name used by cps-core to authenticate themselves for using ncmp-dmi-plugin service. | ``dmiuser`` | +---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+ | config.dmiPluginUserPassword | Internal password used by cps-core to connect to ncmp-dmi-plugin service. | Not defined | | | | | | | If not defined, the password is generated when deploying the application. | | | | | | | | See also :ref:`cps_common_credentials_retrieval`. | | +---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+ | postgres.config.pgUserName | Internal user name used by cps-core to connect to its own database. | ``cps`` | +---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+ | postgres.config.pgUserPassword | Internal password used by cps-core to connect to its own database. | Not defined | | | | | | | If not defined, the password is generated when deploying the application. | | | | | | | | See also :ref:`cps_common_credentials_retrieval`. | | +---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+ | postgres.config.pgDatabase | Database name used by cps-core | ``cpsdb`` | | | | | +---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+ | logging.level | Logging level set in cps-core | info | | | | | +---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+ | config.eventPublisher. | Kafka hostname and port | ``message-router-kafka:9092`` | | spring.kafka.bootstrap-servers | | | +---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+ | config.eventPublisher. | Kafka consumer client id | ``cps-core`` | | spring.kafka.consumer.client-id | | | +---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+ | config.publisher. | Kafka security protocol. | ``PLAINTEXT`` | | spring.kafka.security.protocol | Some possible values are: | | | | | | | | * ``PLAINTEXT`` | | | | * ``SASL_PLAINTEXT``, for authentication | | | | * ``SASL_SSL``, for authentication and encryption | | +---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+ | config.publisher. | Kafka security SASL mechanism. Required for SASL_PLAINTEXT and SASL_SSL protocols. | Not defined | | spring.kafka.properties. | Some possible values are: | | | sasl.mechanism | | | | | * ``PLAIN``, for PLAINTEXT | | | | * ``SCRAM-SHA-512``, for SSL | | +---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+ | config.publisher. | Kafka security SASL JAAS configuration. Required for SASL_PLAINTEXT and SASL_SSL protocols. | Not defined | | spring.kafka.properties. | Some possible values are: | | | sasl.jaas.config | | | | | * ``org.apache.kafka.common.security.plain.PlainLoginModule required username="..." password="...";``, | | | | for PLAINTEXT | | | | * ``org.apache.kafka.common.security.scram.ScramLoginModule required username="..." password="...";``, | | | | for SSL | | +---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+ | config.publisher. | Kafka security SASL SSL store type. Required for SASL_SSL protocol. | Not defined | | spring.kafka.ssl.trust-store-type | Some possible values are: | | | | | | | | * ``JKS`` | | +---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+ | config.publisher. | Kafka security SASL SSL store file location. Required for SASL_SSL protocol. | Not defined | | spring.kafka.ssl.trust-store-location | | | +---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+ | config.publisher. | Kafka security SASL SSL store password. Required for SASL_SSL protocol. | Not defined | | spring.kafka.ssl.trust-store-password | | | +---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+ | config.publisher. | Kafka security SASL SSL broker hostname identification verification. Required for SASL_SSL protocol. | Not defined | | spring.kafka.properties. | Possible value is: | | | ssl.endpoint.identification.algorithm | | | | | * ``""``, empty string to disable | | +---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+ | config.additional. | Kafka topic to publish to cps-temporal | ``cps.data-updated-events`` | | notification.data-updated.topic | | | +---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+ | config.additional. | If notification from cps-core to cps-temporal is enabled or not. | ``true`` | | notification.data-updated.enabled | If this is set to false, then the config.publisher properties could be skipped. | | +---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+ | config.additional. | Dataspaces to be enabled for publishing events to cps-temporal | ```` | | notification.data-updated.filters. | | | | enabled-dataspaces | | | +---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+ | config.additional. | If notifications should be processed in synchronous or asynchronous manner | ``false`` | | notification.async.enabled | | | +---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+ | config.additional. | Core pool size in asynchronous execution of notification. | ``2`` | | notification.async.executor. | | | | core-pool-size | | | +---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+ | config.additional. | Max pool size in asynchronous execution of notification. | ``1`` | | notification.async.executor. | | | | max-pool-size | | | +---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+ | config.additional. | Queue Capacity in asynchronous execution of notification. | ``500`` | | notification.async.executor. | | | | queue-capacity | | | +---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+ | config.additional. | If the executor should wait for the tasks to be completed on shutdown | ``true`` | | notification.async.executor. | | | | wait-for-tasks-to-complete-on-shutdown| | | +---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+ | config.additional. | Prefix to be added to the thread name in asynchronous execution of notifications. | ``async_`` | | notification.async.executor. | | | | thread-name-prefix | | | +---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+ | config.additional. | Specifies number of database connections between database and application. | ``10`` | | spring.datasource.hikari. | This property controls the maximum size that the pool is allowed to reach, | | | maximumPoolSize | including both idle and in-use connections. | | +---------------------------------------+---------------------------------------------------------------------------------------------------------+-------------------------------+ CPS-Core Docker Installation ============================ CPS-Core can also be installed in a docker environment. Latest `docker-compose <https://github.com/onap/cps/blob/master/docker-compose/docker-compose.yml>`_ is included in the repo to start all the relevant services. The latest instructions are covered in the `README <https://github.com/onap/cps/blob/master/docker-compose/README.md>`_.