summaryrefslogtreecommitdiffstats
path: root/cm-container/scripts/load-plugins.sh
blob: c93f3d99ed2778416f7a5ee5d6f4f44ca10305c9 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121

#!/bin/bash
# ============LICENSE_START=======================================================
# Copyright (c) 2019-2020 AT&T Intellectual Property. All rights reserved.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#      http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# ============LICENSE_END=========================================================
# Runs at deployment time to load the plugins/type files
# that were stored into the container file system at build time

PLUGINS_LOADED=/opt/manager/plugins-loaded
PLUGIN_DIR=/opt/plugins

# Set defaults for CM address, protocol, and port
CMADDR=${CMADDR:-dcae-cloudify-manager}
CMPROTO=${CMPROTO:-https}
CMPORT=${CMPORT:-443}

# Expect Cloudify password to be in file mounted from Kubernetes secret,
# but allow overriding by CMPASS environment variable,
# and if not provided, use the default
CMPASS=${CMPASS:-$(cat /opt/onap/cm-secrets/password 2>/dev/null)}
CMPASS=${CMPASS:-admin}

# Set up additional parameters for using HTTPS
CACERT="/opt/onap/certs/cacert.pem"
CURLTLS=""
if [ $CMPROTO = "https" ]
then
    CURLTLS="--cacert $CACERT"
fi

### FUNCTION DEFINITIONS ###

# cm_hasany: Query Cloudify Manager and return 0 (true) if there are any entities matching the query
# Used to see if something is already present on CM
# $1 -- query fragment, for instance "plugins?archive_name=xyz.wgn" to get
#  the number of plugins that came from the archive file "xyz.wgn"
function cm_hasany {
    # We use _include=id to limit the amount of data the CM sends back
    # We rely on the "metadata.pagination.total" field in the response
    # for the total number of matching entities
    COUNT=$(curl -Ss -H "Tenant: default_tenant" --user admin:${CMPASS} ${CURLTLS} "${CMPROTO}://${CMADDR}:${CMPORT}/api/v3.1/$1&_include=id" \
             | /bin/jq .metadata.pagination.total)
    if (( $COUNT > 0 ))
    then
        return 0
    else
        return 1
    fi
}

# Install plugin if it's not already installed
# $1 -- path to wagon file for plugin
# $2 -- path to type file for plugin
function install_plugin {
    ARCHIVE=$(basename $1)
    # See if it's already installed
    if cm_hasany "plugins?archive_name=$ARCHIVE"
    then
        echo plugin $1 already installed on ${CMADDR}
    else
        cfy plugin upload  -y $2 $1
    fi
}

### END FUNCTION DEFINTIONS ###

set -ex


# Wait for Cloudify Manager to come up
while ! /scripts/cloudify-ready.sh
do
    echo "Waiting for CM to come up"
    sleep 15
done

if [[ ! -f ${PLUGINS_LOADED} ]]
then

  # Each subdirectory of ${PLUGIN_DIR} contains a wagon (.wgn) and type file (.yaml)
  for p in ${PLUGIN_DIR}/*
  do
    # Expecting exactly 1 .wgn and 1 .yaml
    # But just in case, taking only the first of each
    # (If either is missing, will fail on install_plugin)
    wagons=($p/*.wgn)
    types=($p/*.yaml)
    install_plugin ${wagons[0]} ${types[0]}
  done

  # The cfy plugin upload commands issued above will return
  # before all of the processing is complete.  The processing
  # occurs in what Cloudify calls "system workflows", and if a
  # system workflow is pending or running, other operations such
  # as uploading a blueprint will fail.  So we wait for any
  # system workflows to finish before we create the PLUGINS_LOADED
  # file and exit the script.   That way, the bootstrap container
  # (which waits for k8s to declare the CM container to be ready)
  # will not try to upload blueprints while a system execution is
  # underway.  (See Jira DCAEGEN2-2430.)
  while cm_hasany "executions?is_system_workflow=true&status=pending&status=started&status=queued&status=scheduled"
  do
    echo "Waiting for running system workflows to complete"
    sleep 15
  done

  touch ${PLUGINS_LOADED}
else
  echo "Plugins already loaded"
fi
al.String.Symbol */ .highlight .bp { color: #003388 } /* Name.Builtin.Pseudo */ .highlight .fm { color: #0066bb; font-weight: bold } /* Name.Function.Magic */ .highlight .vc { color: #336699 } /* Name.Variable.Class */ .highlight .vg { color: #dd7700 } /* Name.Variable.Global */ .highlight .vi { color: #3333bb } /* Name.Variable.Instance */ .highlight .vm { color: #336699 } /* Name.Variable.Magic */ .highlight .il { color: #0000DD; font-weight: bold } /* Literal.Number.Integer.Long */ } 
# Copyright © 2017 Amdocs, Bell Canada
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#       http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

#################################################################
# Global configuration defaults.
#################################################################
global: # global defaults
  nodePortPrefix: 302
  ubuntuInitRepository: registry.hub.docker.com
  persistence: {}

# application image
repository: nexus3.onap.org:10001
image: onap/testsuite:1.8.0
pullPolicy: Always

ubuntuInitImage: oomk8s/ubuntu-init:2.0.0

# flag to enable debugging - application support required
debugEnabled: false

#################################################################
# Application configuration defaults.
#################################################################
config:
  useIngressHost:
      enabled: false
      aaf_service:
        enabled: true
        https: true
        hostname: aafservice
      aai:
        enabled: true
        https: true
        hostname: aai.api.sparky
      appc:
        enabled: true
        https: true
        hostname: appc.api
      appc_cdt:
        enabled: true
        https: true
        hostname: appccdt
      clamp:
        enabled: true
        https: true
      cli:
        enabled: true
        https: true
      dcae_healthcheck:
        enabled: false
      dcae_ves_collector:
        enabled: false
      dcae_ves_colector_https:
        enabled: false
        https: true
      dmaap_dr_prov:
        enabled: true
        https: true
        hostname: dmaapdrprov
      dmaap_dr_node:
        enabled: true
        https: true
        hostname: dmaapdrnode
      log_es:
        enabled: false
      log_kibana:
        enabled: false
      log_ls_http:
        enabled: false
      pomba_aaictxbuilder:
        enabled: false
      pomba_sdctxbuilder:
        enabled: false
      pomba_networkdiscoveryctxbuilder:
        enabled: false
      pomba_servicedecomposition:
        enabled: false
      pomba_sdncctxbuilder:
        enabled: false
      pomba_networkdiscovery:
        enabled: false
      pomba_validation_service:
        enabled: false
      pomba_kibana:
        enabled: false
      pomba_es:
        enabled: false
      pomba_contextaggregator:
        enabled: false
      message_router:
        enabled: false
        https: true
      dmaap_bc:
        enabled: true
        https: true
        hostname: dmaapbc
      music:
        enabled: false
        https: true
      nbi:
        enabled: false
        https: true
      oof_has_api:
        enabled: true
        https: true
      oof_osdf:
        enabled: true
        https: true
        hostname: oofsdf
      oof_cmso:
        enabled: false
        https: true
      msb_iag:
        enabled: false
      pdp:
        enabled: false
      drools:
        enabled: false
      policy_api:
        enabled: false
      policy_pap:
        enabled: false
      policy_distribution:
        enabled: false
      policy_xacml_pdp:
        enabled: false
      policy_apex_pdp:
        enabled: false
      policy_distribution:
        enabled: false
      portal_app:
        enabled: false
        https: true
        hostname: portal.api
      sdc_be:
        enabled: true
        https: true
      sdc_onboarding_be:
        enabled: false
        https: true
      sdc_fe:
        enabled: true
        hostname: sdc.api.fe
        https: true
      sdc_dcae_be:
        enabled: false
        https: true
      sdnc:
        enabled: false
        https: true
      sdnc_portal:
        enabled: false
        https: true
      so:
        enabled: true
        hostname: so.api
      so_sdc_controller:
        enabled: false
      so_pbmn_infra:
        enabled: false
      so_catalog_db_adapter:
        enabled: false
      so_openstack_adapter:
        enabled: false
      so_request_db_adapter:
        enabled: false
      so_sdnc_adapter:
        enabled: false
      so_vfc_adapter:
        enabled: false
      so_vnfm_adapter:
        enabled: false
      so_nssmf_adapter:
        enabled: false
      vid:
        enabled: false
      refrepo:
        enabled: true
        https: true
      cds_blueprints_processor_http:
        enabled: true
        hostname: blueprintsprocessorhttp
      dcae_hv_ves_collector:
        enabled: false
      message_router_kafka:
        enabled: false
      inventory:
        enabled: false
        https: true
      deployment-handler:
        enabled: false
        https: true
      aaf_sms:
        enabled: false
        https: true

# for access to test logs
  robotWebUser: "test"
  robotWebPassword: "test"

# openStackEncryptedPasswordHere should match the encrypted string used in SO and APPC and overridden per environment
  openStackEncryptedPasswordHere: "c124921a3a0efbe579782cde8227681e"
  openStackSoEncryptedPassword: "SAME_STRING_AS_SO_JAVA_ENCRYPTED_PASSWORD"

# Demo configuration
# Nexus demo artifact version.  Maps to GLOBAL_INJECTED_ARTIFACTS_VERSION
#    1.6.0 Frankfurt change or override for your release to match demo:vnfs/vFW/scripts/pom.xml version
demoArtifactsVersion: "1.7.0"
# Nexus demo artifact URL.
demoArtifactsRepoUrl: "https://nexus.onap.org/content/repositories/releases"
# Openstack medium sized flavour name.  Maps GLOBAL_INJECTED_VM_FLAVOR
openStackFlavourMedium: "m1.medium"

#################  Openstack .RC Parameters ################################333
# KEYSTONE Version 3  Required for Rocky and beyond
# Openstack Keystone API version. Valid values are [ v2.0, v3 ]. Maps to GLOBAL_INJECTED_OPENSTACK_KEYSTONE_API_VERSION
openStackKeystoneAPIVersion: "v2.0"

# OS_AUTH_URL without the /v3 or /v2.0 from the openstack .RC file
# Openstack keystone URL.  Maps to GLOBAL_INJECTED_KEYSTONE
openStackKeyStoneUrl: "http://1.2.3.4:5000"

# OS_PROJECT_ID from the openstack .RC file
# Openstack tenant UUID where VNFs will be spawned. Maps to GLOBAL_INJECTED_OPENSTACK_TENANT_ID
openStackTenantId: "47899782ed714295b1151681fdfd51f5"

#  OS_PROJECT_NAME from the openstack .RC file
# Project name of Openstack where VNFs will be spawned. Maps to GLOBAL_INJECTED_OPENSTACK_PROJECT_NAME
openStackProjectName: "onap"

# OS_USERNAME from the openstack .RC file
# username for Openstack tenant where VNFs will be spawned.  Maps to GLOBAL_INJECTED_OPENSTACK_USERNAME
openStackUserName: "tenantUsername"

#  OS_PROJECT_DOMAIN_ID from the openstack .RC file
#  in some environments it is a string but in other environmens it may be a numeric
# Domain id of openstack where VNFs will be deployed. Maps to GLOBAL_INJECTED_OPENSTACK_DOMAIN_ID
openStackDomainId: "default"

#  OS_USER_DOMAIN from the openstack .RC file
# Use Domain of openstack where VNFs will be deployed. Maps to GLOBAL_INJECTED_OPENSTACK_USER_DOMAIN
openStackUserDomain:  "Default"


# UUID of the Openstack network that can assign floating ips.  Maps to GLOBAL_INJECTED_PUBLIC_NET_ID
openStackPublicNetId: "e8f51958045716781ffc"
openStackPublicNetworkName: "public"
# Openstack region.  Maps to GLOBAL_INJECTED_REGION
openStackRegion: "RegionOne"


# Values for second cloud instante for VNF instantiatioen testing and keystone v3
openStackRegionRegionThree: "RegionThree"
openStackKeyStoneUrlRegionThree: "http://1.2.3.4:5000"
openStackKeystoneAPIVersionRegionThree: "v3"
openStackUserNameRegionThree: "demo"
# this is the java encrypted password that is needed for SO
openSackMsoEncryptdPasswordRegionThree: "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
openStackTenantIdRegionThree: "3583253e932845a09cd4c8ca2f31d095"
openStackProjectNameRegionThree: "Integration-SB-RegionThree"
openStackDomainIdRegionThree: "Default"
#
# Openstack glance image name for Ubuntu 14.  Maps to GLOBAL_INJECTED_UBUNTU_1404_IMAGE
ubuntu14Image: "Ubuntu_14_trusty"
# Openstack glance image name for Ubuntu 16.  Maps to GLOBAL_INJECTED_UBUNTU_1604_IMAGE
ubuntu16Image: "Ubuntu_16_xenial"
# DANOS image and flavor references
danosImage: "danos-ves-image"
danosFlavor: "danos"
# GLOBAL_INJECTED_SCRIPT_VERSION.  Maps to GLOBAL_INJECTED_SCRIPT_VERSION
#    1.6.0 Frankfurt change or override for your release to match demo:vnfs/vFW/scripts/pom.xml version
scriptVersion: "1.7.0"
# Openstack network to which VNFs will bind their primary (first) interface.  Maps to GLOBAL_INJECTED_NETWORK
openStackPrivateNetId: "e8f51956-00dd-4425-af36-045716781ffc"
# Openstack security group for instantiating VNFs
openStackSecurityGroup: "onap_sg"
# SDNC Preload configuration
# Openstack subnet UUID for the network defined by openStackPrivateNetId.  Maps to onap_private_subnet_id
openStackPrivateSubnetId: "e8f51956-00dd-4425-af36-045716781ffc"
# CIDR notation for the Openstack private network where VNFs will be spawned.  Maps to onap_private_net_cidr
openStackPrivateNetCidr: "10.0.0.0/8"
# The first 2 octets of the private Openstack subnet where VNFs will be spawned.
# Needed because sdnc preload templates hardcodes things like this 10.0.${ecompnet}.X
openStackOamNetworkCidrPrefix: "10.0"
# If you network allowed a /16 for the ONAP OAM then leave blank and robot will assign
# a random variable to be able to instantiate multple vFWCL, vLB etc in your environemtn
# if you only provided a /24 then provide the 3rd octet you use for your /24
openStackOamNetwork3rdOctet: ""
# VID protocol/port until Selenium issue with SSL resolved
# https/8443 vs http/8080
vidServerProtocol:  "https"
vidServerPort:  "8443"
# Override with Pub Key for access to VNF
vnfPubKey: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDKXDgoo3+WOqcUG8/5uUbk81+yczgwC4Y8ywTmuQqbNxlY1oQ0YxdMUqUnhitSXs5S/yRuAVOYHwGg2mCs20oAINrP+mxBI544AMIb9itPjCtgqtE2EWo6MmnFGbHB4Sx3XioE7F4VPsh7japsIwzOjbrQe+Mua1TGQ5d4nfEOQaaglXLLPFfuc7WbhbJbK6Q7rHqZfRcOwAMXgDoBqlyqKeiKwnumddo2RyNT8ljYmvB6buz7KnMinzo7qB0uktVT05FH9Rg0CTWH5norlG5qXgP2aukL0gk1ph8iAt7uYLf1ktp+LJI2gaF6L0/qli9EmVCSLr1uJ38Q8CBflhkh imported-openssh-key"
# Override with Private Key for access to VNF
vnfPrivateKey: "onap_dev.yaml"
# Override with DCAE VES Collector external IP
dcaeCollectorIp: "FILL_IN_WITH_DCAE_VES_COLLECTOR_IP"
# kubernetes external IP for Portal GUI tests
kubernetesExternalIp: "10.0.0.14"


# Credentials for ONAP Component
# AAF
aafUsername: "demo@people.osaaf.org"
aafPassword: "demo123456!"
# AAI
aaiUsername: "aai@aai.onap.org"
aaiPassword: "demo123456!"
# APPC
appcUsername: "appc@appc.onap.org"
appcPassword: "demo123456!"
# DCAE
dcaeUsername: "dcae@dcae.onap.org"
dcaePassword: "demo123456!"
dcaeMsUsername: "dcae@dcae.onap.org"
dcaeMsPassword: "demo123456!"
# DROOLS
droolsUsername: "demo@people.osaaf.org"
droolsPassword: "demo123456!"
# OOF
oofCmsoUsername: "oof@oof.onap.org"
oofCmsoPassword: "demo123456!"
# POLICY
policyAuth: "dGVzdHBkcDphbHBoYTEyMw=="
policyClientAuth: "cHl0aG9uOnRlc3Q="
policyUsername: "demo@people.osaaf.org"
policyPassword: "demo123456!"
policyComponentUsername: "healthcheck"
policyComponentPassword: "zb!XztG34"
policyAdminUsername: "policyadmin"
policyAdminPassword: "zb!XztG34"
# PORTAL
portalUsername: "demo"
portalPassword: "Kp8bJ4SXszM0WXlhak3eHlcse"
# SO
soUsername: "InfraPortalClient"
soPassword: "password1$"
soCatdbUsername: "bpel"
soCatdbPassword: "password1$"
# SDNC
sdncUsername: "admin"
sdncPassword: "Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U"
# VID
vidUsername: "demo"
vidPassword: "Kp8bJ4SXszM0WX"
vidHealthUsername: "Default"
vidHealthPassword: "AppPassword!1"
# DMAAP BC
bcUsername: "dmaap-bc@dmaap-bc.onap.org"
bcPassword: "demo123456!"
# DMAAP KAFKA JAAS
kafkaJaasUsername: "admin"
kafkaJaasPassword: "admin_secret"

#OOF
oofUsername: "oof@oof.onap.org"
oofPassword: "demo123456!"
cmsoUsername: "oof@oof.onap.org"
cmsoPassword: "demo123456!"
oofOsdfPciOptUsername: "oof@oof.onap.org"
oofOsdfPciOptPassword: "demo123456!"
oofHomingUsername: "admin1"
oofHomingPassword: "plan.15"


# default number of instances
replicaCount: 1

nodeSelector: {}

affinity: {}

# Resource Limit flavor -By Default using small
flavor: small
# Segregation for Different environment (Small and Large)
resources:
  small:
    limits:
      cpu: 2000m
      memory: 4Gi
    requests:
      cpu: 500m
      memory: 1Gi
  large:
    limits:
      cpu: 4000m
      memory: 8Gi
    requests:
      cpu: 1000m
      memory: 2Gi
  unlimited: {}

# probe configuration parameters
liveness:
  initialDelaySeconds: 180
  periodSeconds: 10
  # necessary to disable liveness probe when setting breakpoints
  # in debugger so K8s doesn't restart unresponsive container
  enabled: true

readiness:
  initialDelaySeconds: 180
  periodSeconds: 10

service:
  name: robot
  type: NodePort
  portName: httpd
  externalPort: 443
  internalPort: 443
  nodePort: "09"

ingress:
  enabled: false
  service:
    - baseaddr: "robot.api"
      name: "robot"
      port: 443
  config:
    ssl: "redirect"


## Persist data to a persitent volume
persistence:
  enabled: true

  ## A manually managed Persistent Volume and Claim
  ## Requires persistence.enabled: true
  ## If defined, PVC must be created manually before volume will be bound
  # existingClaim:
  volumeReclaimPolicy: Retain

  ## database data Persistent Volume Storage Class
  ## If defined, storageClassName: <storageClass>
  ## If set to "-", storageClassName: "", which disables dynamic provisioning
  ## If undefined (the default) or set to null, no storageClassName spec is
  ##   set, choosing the default provisioner.  (gp2 on AWS, standard on
  ##   GKE, AWS & OpenStack)
  ##
  # storageClass: "-"
  accessMode: ReadWriteOnce
  size: 2Gi
  mountPath: /dockerdata-nfs
  mountSubPath: robot/logs