From e493a9213def73b2615c8cc13c8accbe576bce39 Mon Sep 17 00:00:00 2001 From: Tomasz Wrobel Date: Fri, 4 Sep 2020 12:28:06 +0200 Subject: Update bootstrap container blueprints 1. Update HV-VES and PRH default image tag - HV-VES top up to 1.5.0 - PRH top up to 1.5.4 Issue-ID: DCAEGEN2-2242 2. [DCAE] Adapt DCAE blueprints to CFY DCAE K8S plugin version 3.x.x - fix for static FQDN override Issue-ID: DCAEGEN2-2386 3. Update VES CFY blueprint Updated VES image version to 1.7.4. Updated some properties format to match supported format in VES. Issue-ID: DCAEGEN2-2264 4. Adjust VES and HV-VES collectors to use certificates from CMPv2 - Modify VES blueprint - Modify HV-VES blueprint Issue-ID: DCAEGEN2-1794 Issue-ID: DCAEGEN2-2195 Signed-off-by: Krzysztof Kuzmicki Change-Id: I6abadcaa0bd8a51f1f4bba7923c382312baa4224 Signed-off-by: Joanna Jeremicz --- blueprints/k8s-holmes-engine.yaml | 4 ++++ blueprints/k8s-holmes-rules.yaml | 4 ++++ blueprints/k8s-hv-ves.yaml | 36 ++++++++++++++++++++++++++++++++++- blueprints/k8s-prh.yaml | 10 +++++++--- blueprints/k8s-tcagen2.yaml | 4 ++++ blueprints/k8s-ves.yaml | 40 ++++++++++++++++++++++++++++++++++++--- pom.xml | 2 +- version.properties | 2 +- 8 files changed, 93 insertions(+), 9 deletions(-) diff --git a/blueprints/k8s-holmes-engine.yaml b/blueprints/k8s-holmes-engine.yaml index 8b4c3e0..64474c2 100644 --- a/blueprints/k8s-holmes-engine.yaml +++ b/blueprints/k8s-holmes-engine.yaml @@ -51,6 +51,9 @@ inputs: service_id: type: string default: "holmes-engine-mgmt" + service_component_name_override: + type: string + default: "holmes-engine-mgmt" node_templates: pgaasvm: @@ -81,6 +84,7 @@ node_templates: properties: service_component_type: { get_input: service_component_type } service_id: { get_input: service_id } + service_component_name_override: { get_input: service_component_name_override } application_config: msb.hostname: get_input: msb_hostname diff --git a/blueprints/k8s-holmes-rules.yaml b/blueprints/k8s-holmes-rules.yaml index 7df3ab6..2431131 100644 --- a/blueprints/k8s-holmes-rules.yaml +++ b/blueprints/k8s-holmes-rules.yaml @@ -44,6 +44,9 @@ inputs: service_id: type: string default: "holmes-rule-mgmt" + service_component_name_override: + type: string + default: "holmes-rule-mgmt" node_templates: pgaasvm: type: dcae.nodes.pgaas.database @@ -72,6 +75,7 @@ node_templates: properties: service_component_type: { get_input: service_component_type } service_id: { get_input: service_id } + service_component_name_override: { get_input: service_component_name_override } application_config: holmes.default.rule.volte.scenario1: "ControlLoop-VOLTE-2179b738-fd36-4843-a71a-a8c24c70c55b$$$package org.onap.holmes.droolsRule;\n\nimport org.onap.holmes.common.dmaap.DmaapService;\nimport org.onap.holmes.common.api.stat.VesAlarm;\nimport org.onap.holmes.common.aai.CorrelationUtil;\nimport org.onap.holmes.common.dmaap.entity.PolicyMsg;\nimport org.onap.holmes.common.dropwizard.ioc.utils.ServiceLocatorHolder;\nimport org.onap.holmes.common.utils.DroolsLog;\n \n\nrule \"Relation_analysis_Rule\"\nsalience 200\nno-loop true\n when\n $root : VesAlarm(alarmIsCleared == 0,\n $sourceId: sourceId, sourceId != null && !sourceId.equals(\"\"),\n\t\t\t$sourceName: sourceName, sourceName != null && !sourceName.equals(\"\"),\n\t\t\t$startEpochMicrosec: startEpochMicrosec,\n eventName in (\"Fault_MultiCloud_VMFailure\"),\n $eventId: eventId)\n $child : VesAlarm( eventId != $eventId, parentId == null,\n CorrelationUtil.getInstance().isTopologicallyRelated(sourceId, $sourceId, $sourceName),\n eventName in (\"Fault_MME_eNodeB out of service alarm\"),\n startEpochMicrosec < $startEpochMicrosec + 60000 && startEpochMicrosec > $startEpochMicrosec - 60000 )\n then\n\t\tDroolsLog.printInfo(\"===========================================================\");\n\t\tDroolsLog.printInfo(\"Relation_analysis_Rule: rootId=\" + $root.getEventId() + \", childId=\" + $child.getEventId());\n\t\t$child.setParentId($root.getEventId());\n\t\tupdate($child);\n\t\t\nend\n\nrule \"root_has_child_handle_Rule\"\nsalience 150\nno-loop true\n\twhen\n\t\t$root : VesAlarm(alarmIsCleared == 0, rootFlag == 0, $eventId: eventId)\n\t\t$child : VesAlarm(eventId != $eventId, parentId == $eventId)\n\tthen\n\t\tDroolsLog.printInfo(\"===========================================================\");\n\t\tDroolsLog.printInfo(\"root_has_child_handle_Rule: rootId=\" + $root.getEventId() + \", childId=\" + $child.getEventId());\n\t\tDmaapService dmaapService = ServiceLocatorHolder.getLocator().getService(DmaapService.class);\n\t\tPolicyMsg policyMsg = dmaapService.getPolicyMsg($root, $child, \"org.onap.holmes.droolsRule\");\n dmaapService.publishPolicyMsg(policyMsg, \"unauthenticated.DCAE_CL_OUTPUT\");\n\t\t$root.setRootFlag(1);\n\t\tupdate($root);\nend\n\nrule \"root_no_child_handle_Rule\"\nsalience 100\nno-loop true\n when\n $root : VesAlarm(alarmIsCleared == 0, rootFlag == 0,\n sourceId != null && !sourceId.equals(\"\"),\n\t\t\tsourceName != null && !sourceName.equals(\"\"),\n eventName in (\"Fault_MultiCloud_VMFailure\"))\n then\n\t\tDroolsLog.printInfo(\"===========================================================\");\n\t\tDroolsLog.printInfo(\"root_no_child_handle_Rule: rootId=\" + $root.getEventId());\n\t\tDmaapService dmaapService = ServiceLocatorHolder.getLocator().getService(DmaapService.class);\n\t\tPolicyMsg policyMsg = dmaapService.getPolicyMsg($root, null, \"org.onap.holmes.droolsRule\");\n dmaapService.publishPolicyMsg(policyMsg, \"unauthenticated.DCAE_CL_OUTPUT\");\n\t\t$root.setRootFlag(1);\n\t\tupdate($root);\nend\n\nrule \"root_cleared_handle_Rule\"\nsalience 100\nno-loop true\n when\n $root : VesAlarm(alarmIsCleared == 1, rootFlag == 1)\n then\n\t\tDroolsLog.printInfo(\"===========================================================\");\n\t\tDroolsLog.printInfo(\"root_cleared_handle_Rule: rootId=\" + $root.getEventId());\n\t\tDmaapService dmaapService = ServiceLocatorHolder.getLocator().getService(DmaapService.class);\n\t\tPolicyMsg policyMsg = dmaapService.getPolicyMsg($root, null, \"org.onap.holmes.droolsRule\");\n dmaapService.publishPolicyMsg(policyMsg, \"unauthenticated.DCAE_CL_OUTPUT\");\n\t\tretract($root);\nend\n\nrule \"child_handle_Rule\"\nsalience 100\nno-loop true\n when\n $child : VesAlarm(alarmIsCleared == 1, rootFlag == 0)\n then\n\t\tDroolsLog.printInfo(\"===========================================================\");\n\t\tDroolsLog.printInfo(\"child_handle_Rule: childId=\" + $child.getEventId());\n\t\tretract($child);\nend" msb.hostname: diff --git a/blueprints/k8s-hv-ves.yaml b/blueprints/k8s-hv-ves.yaml index d76922b..103c964 100644 --- a/blueprints/k8s-hv-ves.yaml +++ b/blueprints/k8s-hv-ves.yaml @@ -27,7 +27,7 @@ imports: inputs: tag_version: type: string - default: 'nexus3.onap.org:10001/onap/org.onap.dcaegen2.collectors.hv-ves.hv-collector-main:1.4.0' + default: 'nexus3.onap.org:10001/onap/org.onap.dcaegen2.collectors.hv-ves.hv-collector-main:1.5.0' service_component_type: type: string default: 'dcae-hv-ves-collector' @@ -85,6 +85,27 @@ inputs: use_tls: type: boolean default: true + service_component_name_override: + type: string + default: "dcae-hv-ves-collector" + external_cert_ca_name: + type: string + description: Name of Certificate Authority configured on CertService side. + default: "RA" + external_cert_common_name: + type: string + description: Common name which should be present in certificate. + default: "dcae-hv-ves-collector" + external_cert_sans: + type: string + description: "List of Subject Alternative Names (SANs) which should be present + in certificate. Delimiter - : Should contain common_name value and other FQDNs + under which given component is accessible." + default: "dcae-hv-ves-collector:hv-ves-collector:hv-ves" + external_cert_use_external_tls: + type: boolean + description: Flag to indicate external tls enable/disable. + default: false node_templates: hv-ves: interfaces: @@ -125,9 +146,22 @@ node_templates: replicas: { get_input: replicas } service_component_type: { get_input: service_component_type } service_id: { get_input: service_id } + service_component_name_override: { get_input: service_component_name_override } log_info: log_directory: { concat: [ '/var/log/ONAP/', { get_input: service_component_type } ] } tls_info: cert_directory: '/etc/ves-hv/ssl' use_tls: { get_input: use_tls } + external_cert: + external_cert_directory: '/etc/ves-hv/ssl' + use_external_tls: + get_input: external_cert_use_external_tls + cert_type: "JKS" + ca_name: + get_input: external_cert_ca_name + external_certificate_parameters: + common_name: + get_input: external_cert_common_name + sans: + get_input: external_cert_sans type: dcae.nodes.ContainerizedServiceComponent diff --git a/blueprints/k8s-prh.yaml b/blueprints/k8s-prh.yaml index f31cf8f..f625912 100644 --- a/blueprints/k8s-prh.yaml +++ b/blueprints/k8s-prh.yaml @@ -2,8 +2,8 @@ # # ============LICENSE_START==================================================== # ============================================================================= -# Copyright (c) 2018-2020 AT&T, NOKIA -# Copyright (c) 2020 NOKIA +# Copyright (c) 2018-2020 AT&T +# Copyright (c) 2018-2020 NOKIA # ============================================================================= # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -63,7 +63,7 @@ inputs: default: "admin" tag_version: type: string - default: "nexus3.onap.org:10001/onap/org.onap.dcaegen2.services.prh.prh-app-server:1.5.2" + default: "nexus3.onap.org:10001/onap/org.onap.dcaegen2.services.prh.prh-app-server:1.5.4" replicas: type: integer description: number of instances @@ -85,6 +85,9 @@ inputs: type: boolean description: enable certificate base connection with AAI and DMaap default: false + service_component_name_override: + type: string + default: "dcae-prh" node_templates: prh: properties: @@ -151,6 +154,7 @@ node_templates: replicas: {get_input: replicas} service_component_type: { get_input: service_component_type } service_id: { get_input: service_id } + service_component_name_override: { get_input: service_component_name_override } log_info: log_directory: "/opt/app/prh/logs" tls_info: diff --git a/blueprints/k8s-tcagen2.yaml b/blueprints/k8s-tcagen2.yaml index d1734fe..3c35b61 100644 --- a/blueprints/k8s-tcagen2.yaml +++ b/blueprints/k8s-tcagen2.yaml @@ -26,6 +26,9 @@ inputs: service_id: type: string default: "dcae-tcagen2" + service_component_name_override: + type: string + default: "dcae-tcagen2" log_directory: type: string default: "/opt/logs/dcae-analytics-tca" @@ -126,3 +129,4 @@ node_templates: get_input: replicas service_component_type: { get_input: service_component_type } service_id: { get_input: service_id } + service_component_name_override: { get_input: service_component_name_override } diff --git a/blueprints/k8s-ves.yaml b/blueprints/k8s-ves.yaml index bf8a855..f83fa3b 100644 --- a/blueprints/k8s-ves.yaml +++ b/blueprints/k8s-ves.yaml @@ -57,7 +57,7 @@ inputs: default: "http://message-router.onap.svc.cluster.local:3904/events/unauthenticated.SEC_3GPP_PERFORMANCEASSURANCE_OUTPUT" tag_version: type: string - default: "nexus3.onap.org:10001/onap/org.onap.dcaegen2.collectors.ves.vescollector:1.7.3" + default: "nexus3.onap.org:10001/onap/org.onap.dcaegen2.collectors.ves.vescollector:1.7.4" internal_port: type: string description: Kubernetes node port on which collector is exposed @@ -89,9 +89,30 @@ inputs: service_id: type: string default: "dcae-ves-collector" + service_component_name_override: + type: string + default: "dcae-ves-collector" enable_tls: type: boolean default: false + external_cert_ca_name: + type: string + description: Name of Certificate Authority configured on CertService side. + default: "RA" + external_cert_common_name: + type: string + description: Common name which should be present in certificate. + default: "dcae-ves-collector" + external_cert_sans: + type: string + description: "List of Subject Alternative Names (SANs) which should be present + in certificate. Delimiter - : Should contain common_name value and other FQDNs + under which given component is accessible." + default: "dcae-ves-collector:ves-collector:ves" + external_cert_use_external_tls: + type: boolean + description: Flag to indicate external tls enable/disable. + default: false replicas: type: integer description: number of instances @@ -134,8 +155,8 @@ node_templates: get_input: collector_externalSchema_schemasLocation collector.externalSchema.mappingFileLocation: get_input: collector_externalSchema_mappingFileLocation - event.externalSchema.schemaRefPath: /event/stndDefinedFields/schemaReference - event.externalSchema.stndDefinedDataPath: /event/stndDefinedFields/data + event.externalSchema.schemaRefPath: $.event.stndDefinedFields.schemaReference + event.externalSchema.stndDefinedDataPath: $.event.stndDefinedFields.data collector.service.port: "8080" collector.service.secure.port: "8443" event.transform.flag: "0" @@ -207,10 +228,23 @@ node_templates: replicas: {get_input: replicas} service_component_type: { get_input: service_component_type } service_id: { get_input: service_id } + service_component_name_override: { get_input: service_component_name_override } log_info: log_directory: "/opt/app/VESCollector/logs" tls_info: cert_directory: '/opt/app/dcae-certificate/' use_tls: get_input: enable_tls + external_cert: + external_cert_directory: '/opt/app/dcae-certificate/' + use_external_tls: + get_input: external_cert_use_external_tls + cert_type: "JKS" + ca_name: + get_input: external_cert_ca_name + external_certificate_parameters: + common_name: + get_input: external_cert_common_name + sans: + get_input: external_cert_sans type: dcae.nodes.ContainerizedServiceComponent diff --git a/pom.xml b/pom.xml index 7703279..e719977 100644 --- a/pom.xml +++ b/pom.xml @@ -29,7 +29,7 @@ ECOMP is a trademark and service mark of AT&T Intellectual Property. org.onap.dcaegen2.deployments k8s-bootstrap-container dcaegen2-deployments-k8s-bootstrap-container - 2.1.3-SNAPSHOT + 2.1.4-SNAPSHOT http://maven.apache.org pom diff --git a/version.properties b/version.properties index 796f86d..8d45f75 100644 --- a/version.properties +++ b/version.properties @@ -1,6 +1,6 @@ major=2 minor=1 -patch=3 +patch=4 base_version=${major}.${minor}.${patch} release_version=${base_version} snapshot_version=${base_version}-SNAPSHOT -- cgit 1.2.3-korg