diff options
author | Sylvain Desbureaux <sylvain.desbureaux@orange.com> | 2020-03-26 14:55:33 +0100 |
---|---|---|
committer | Sylvain Desbureaux <sylvain.desbureaux@orange.com> | 2020-04-03 14:13:17 +0200 |
commit | 7896cf270efe0dbbf0aff8ced88aaffa7a5ebf15 (patch) | |
tree | 4099202790ce31ed27663aa083831990e717a3a7 | |
parent | 223cdf25ba1f04634d8cc31ccceb7a449395a01c (diff) |
[COMMON] Faster aafConfig template
"index" function is bad in term of performance in Helm.
Reworked the templates in order to avoid it.
as certificates are retrieved at every boot (and as already present
certs are deleted before), we don't need persistent storage
Also set aafImage as a global variable in order to have a consistent use
accross ONAP
Issue-ID: EXTAPI-375
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: Ie3f5ae5c2a37d816afc42d2c67ebe8e40e749c79
-rw-r--r-- | kubernetes/common/common/templates/_aafconfig.tpl | 168 | ||||
-rwxr-xr-x | kubernetes/onap/values.yaml | 4 |
2 files changed, 48 insertions, 124 deletions
diff --git a/kubernetes/common/common/templates/_aafconfig.tpl b/kubernetes/common/common/templates/_aafconfig.tpl index db7cbe8d8d..0c78cc11b9 100644 --- a/kubernetes/common/common/templates/_aafconfig.tpl +++ b/kubernetes/common/common/templates/_aafconfig.tpl @@ -18,11 +18,10 @@ common templates to enable aaf configs for applictaions Parameter for aafConfig to be defined in values.yaml - aafConfig: --> if a different key is used, call templates with argument (dict "aafRoot" "<yourkey>" "dot" .) + aafConfig: --> if a different key is used, call templates with argument (dict "aafRoot" .Values.<yourkey> "dot" .) # additional scripts can be defined to handle certs addconfig: true|false fqdn: "sdnc" - image: onap/aaf/aaf_agent:2.1.15 app_ns: "org.osaaf.aaf" fqi: "sdnc@sdnc.onap.org" fqi_namespace: org.onap.sdnc @@ -31,19 +30,13 @@ aafDeployPass: demo123456! cadi_latitude: "38.0" cadi_longitude: "-72.0" - persistence: - enabled: true - config.volumeReclaimPolicy: Delete - config.accessMode: ReadWriteMany - config.size: 40M - config.storageClass: "manual" - config.mountPath: "/dockerdata-nfs" - config.mountSubPath: "sdnc/aaf" + secret_uid: &aaf_secret_uid my-component-aaf-deploy-creds + # secrets configuration, Note: create a secrets template secrets: - - uid: aaf-deploy-creds + - uid: *aaf_secret_uid type: basicAuth - externalSecret: '{{ ternary (tpl (default "" .Values.aafConfig.aafDeployCredsExternalSecret) .) "aafIsDiabled" .Values.global.aafEnabled }}' + externalSecret: '{{ ternary (tpl (default "" .Values.aafConfig.aafDeployCredsExternalSecret) .) "aafIsDisabled" .Values.global.aafEnabled }}' login: '{{ .Values.aafConfig.aafDeployFqi }}' password: '{{ .Values.aafConfig.aafDeployPass }}' passwordPolicy: required @@ -56,25 +49,18 @@ volumeMounts: {{- if .Values.global.aafEnabled }} - mountPath: "/opt/app/osaaf" - name: {{ include "common.fullname" . }}-aaf-config-vol + name: {{ include "common.fullname" . }}-aaf-config {{- end }} volumes: {{- include "common.aaf-config-volumes" . | nindent XX}} - - If persistence.enabled = true - Create pvc: - {{ include "common.aaf-config-pvc" . }} - Create pv - {{ include "common.aaf-config-pv" . }} - */}} {{- define "common.aaf-config" -}} -{{- $dot := default . .dot -}} -{{- $aafRoot := default "aafConfig" .aafRoot -}} -{{ if .Values.global.aafEnabled }} -- name: {{ include "common.name" . }}-aaf-readiness - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} +{{- $dot := default . .dot -}} +{{- $aafRoot := default $dot.Values.aafConfig .aafRoot -}} +{{- if $dot.Values.global.aafEnabled -}} +- name: {{ include "common.name" $dot }}-aaf-readiness + image: "{{ $dot.Values.global.readinessRepository }}/{{ $dot.Values.global.readinessImage }}" + imagePullPolicy: {{ $dot.Values.global.pullPolicy | default $dot.Values.pullPolicy }} command: - /root/ready.py args: @@ -84,143 +70,79 @@ - aaf-cm - --container-name - aaf-service - env: - name: NAMESPACE valueFrom: fieldRef: apiVersion: v1 fieldPath: metadata.namespace -- name: {{ include "common.name" . }}-aaf-config - image: {{ .Values.global.repository }}/{{index .Values $aafRoot "image" }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} +- name: {{ include "common.name" $dot }}-aaf-config + image: {{ (default $dot.Values.repository $dot.Values.global.repository) }}/{{ $dot.Values.global.aafAgentImage }} + imagePullPolicy: {{ $dot.Values.global.pullPolicy | default $dot.Values.pullPolicy }} volumeMounts: - mountPath: "/opt/app/osaaf" - name: {{ include "common.fullname" . }}-aaf-config-vol - {{- if (index .Values $aafRoot "addconfig") }} + name: {{ include "common.fullname" $dot }}-aaf-config +{{- if $aafRoot.addconfig }} - name: aaf-add-config mountPath: /opt/app/aaf_config/bin/aaf-add-config.sh subPath: aaf-add-config.sh - {{- end }} +{{- end }} command: - sh - -c - | #!/usr/bin/env bash /opt/app/aaf_config/bin/agent.sh - {{- if (index .Values $aafRoot "addconfig") }} +{{- if $aafRoot.addconfig }} /opt/app/aaf_config/bin/aaf-add-config.sh - {{- end }} +{{- end }} env: - name: APP_FQI - value: "{{ index .Values $aafRoot "fqi" }}" + value: "{{ $aafRoot.fqi }}" - name: aaf_locate_url - value: "https://aaf-locate.{{ .Release.Namespace}}:8095" + value: "https://aaf-locate.{{ $dot.Release.Namespace}}:8095" - name: aaf_locator_container value: "oom" - name: aaf_locator_container_ns - value: "{{ .Release.Namespace }}" + value: "{{ $dot.Release.Namespace }}" - name: aaf_locator_fqdn - value: "{{ index .Values $aafRoot "fqdn" }}" + value: "{{ $aafRoot.fqdn }}" - name: aaf_locator_app_ns - value: "{{ index .Values $aafRoot "app_ns" }}" + value: "{{ $aafRoot.app_ns }}" - name: DEPLOY_FQI - {{- include "common.secret.envFromSecret" (dict "global" . "uid" "aaf-deploy-creds" "key" "login") | indent 6 }} + {{- include "common.secret.envFromSecret" (dict "global" $dot "uid" $aafRoot.secret_uid "key" "login") | indent 6 }} - name: DEPLOY_PASSWORD - {{- include "common.secret.envFromSecret" (dict "global" . "uid" "aaf-deploy-creds" "key" "password") | indent 6 }} - #Note: want to put this on Nodes, evenutally + {{- include "common.secret.envFromSecret" (dict "global" $dot "uid" $aafRoot.secret_uid "key" "password") | indent 6 }} + #Note: want to put this on Nodes, eventually - name: cadi_longitude - value: "{{ default "52.3" (index .Values $aafRoot "cadi_longitude") }}" + value: "{{ default "52.3" $aafRoot.cadi_longitude }}" - name: cadi_latitude - value: "{{ default "13.2" (index .Values $aafRoot "cadi_latitude") }}" + value: "{{ default "13.2" $aafRoot.cadi_latitude }}" #Hello specific. Clients don't don't need this, unless Registering with AAF Locator - name: aaf_locator_public_fqdn - value: "{{ (index .Values $aafRoot "public_fqdn") | default "" }}" -{{- end -}} + value: "{{ $aafRoot.public_fqdn | default "" }}" +{{- end -}} {{- end -}} - {{- define "common.aaf-config-volume-mountpath" -}} -{{ if .Values.global.aafEnabled }} +{{- if .Values.global.aafEnabled -}} - mountPath: "/opt/app/osaaf" - name: {{ include "common.fullname" . }}-aaf-config-vol -{{- end -}} + name: {{ include "common.fullname" . }}-aaf-config +{{- end -}} {{- end -}} {{- define "common.aaf-config-volumes" -}} -{{ if .Values.global.aafEnabled }} -{{- $dot := default . .dot -}} -{{- $aafRoot := default "aafConfig" .aafRoot -}} -- name: {{ include "common.fullname" . }}-aaf-config-vol - persistentVolumeClaim: - claimName: {{ include "common.fullname" . }}-aaf-config-pvc -{{- if (index .Values $aafRoot "addconfig") }} +{{- $dot := default . .dot -}} +{{- $aafRoot := default $dot.Values.aafConfig .aafRoot -}} +{{- if $dot.Values.global.aafEnabled -}} +- name: {{ include "common.fullname" $dot }}-aaf-config + emptyDir: + medium: Memory +{{- if $aafRoot.addconfig }} - name: aaf-add-config configMap: - name: {{ include "common.fullname" . }}-aaf-add-config + name: {{ include "common.fullname" $dot }}-aaf-add-config defaultMode: 0700 -{{- end }} -{{- end -}} -{{- end }} - -{{- define "common.aaf-config-pv" -}} -{{- $dot := default . .dot -}} -{{- $aafRoot := default "aafConfig" .aafRoot -}} -metadata: - name: {{ include "common.fullname" . }}-aaf-config-pv - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }}-aaf-config-pv - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }} -spec: - capacity: - storage: {{ index .Values $aafRoot "persistence" "config" "size"}} - accessModes: - - {{ index .Values $aafRoot "persistence" "config" "accessMode" }} - persistentVolumeReclaimPolicy: {{ index .Values $aafRoot "persistence" "config" "volumeReclaimPolicy" }} - hostPath: - path: {{ index .Values $aafRoot "persistence" "config" "mountPath" }}/{{ .Release.Name }}/{{ index .Values $aafRoot "persistence" "config" "mountSubPath" }} -{{- if (index .Values $aafRoot "persistence" "config" "storageClass") }} -{{- if (eq "-" (index .Values $aafRoot "persistence" "config" "storageClass")) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ index .Values $aafRoot "persistence" "config" "storageClass" }}" -{{- end }} -{{- end }} -{{- end -}} - -{{- define "common.aaf-config-pvc" -}} -{{- $dot := default . .dot -}} -{{- $aafRoot := default "aafConfig" .aafRoot -}} -metadata: - name: {{ include "common.fullname" . }}-aaf-config-pvc - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" -{{- if (index .Values $aafRoot "persistence" "annotations") }} - annotations: -{{ toYaml (index .Values $aafRoot "persistence" "annotations" ) | indent 4 }} -{{- end }} -spec: - selector: - matchLabels: - app: {{ include "common.name" . }}-aaf-config-pv - accessModes: - - {{ index .Values $aafRoot "persistence" "config" "accessMode" }} - resources: - requests: - storage: {{ index .Values $aafRoot "persistence" "config" "size" }} -{{- if (index .Values $aafRoot "persistence" "config" "storageClass") }} -{{- if (eq "-" (index .Values $aafRoot "persistence" "config" "storageClass")) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ index .Values $aafRoot "persistence" "config" "storageClass" }}" -{{- end }} -{{- end }} +{{- end -}} +{{- end -}} {{- end -}} diff --git a/kubernetes/onap/values.yaml b/kubernetes/onap/values.yaml index 4d69b9d3cb..40275a5696 100755 --- a/kubernetes/onap/values.yaml +++ b/kubernetes/onap/values.yaml @@ -71,8 +71,10 @@ global: tls: true # Disabling AAF - # POC Mode, don't use it in production + # POC Mode, only for use in development environment + # Keep it enabled in production aafEnabled: true + aafAgentImage: onap/aaf/aaf_agent:2.1.20 # TLS # Set to false if you want to disable TLS for NodePorts. Be aware that this |