summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorKrzysztof Opasiak <k.opasiak@samsung.com>2020-05-07 00:26:00 +0200
committerKrzysztof Opasiak <k.opasiak@samsung.com>2020-05-14 01:47:15 +0200
commitc32ee22a8436a184d710db9d06da85c4ca385efc (patch)
treea192c9922a22bdad26d69948ae86d0a4cef65ae5
parent108483cae4831bb99e11d0c7df9dad8621b202ff (diff)
[DMAAP] Use common aaf template in dmaap-bc
Instead of copy-pasting code around aaf_agent usage let's use a common template that automates this. Issue-ID: AAF-1134 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: I42bb5a8840701dfd99488df9913a5ffd01b17f64
-rw-r--r--kubernetes/dmaap/components/dmaap-bc/requirements.yaml3
-rw-r--r--kubernetes/dmaap/components/dmaap-bc/resources/aaf/org.onap.dmaap-bc.props15
-rw-r--r--kubernetes/dmaap/components/dmaap-bc/templates/configmap.yaml13
-rw-r--r--kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml70
-rw-r--r--kubernetes/dmaap/components/dmaap-bc/templates/secrets.yaml16
-rw-r--r--kubernetes/dmaap/components/dmaap-bc/values.yaml10
6 files changed, 18 insertions, 109 deletions
diff --git a/kubernetes/dmaap/components/dmaap-bc/requirements.yaml b/kubernetes/dmaap/components/dmaap-bc/requirements.yaml
index e0d80e7515..656fee77f8 100644
--- a/kubernetes/dmaap/components/dmaap-bc/requirements.yaml
+++ b/kubernetes/dmaap/components/dmaap-bc/requirements.yaml
@@ -16,6 +16,9 @@ dependencies:
- name: common
version: ~6.x-0
repository: '@local'
+ - name: certInitializer
+ version: ~6.x-0
+ repository: '@local'
- name: postgres
version: ~6.x-0
repository: '@local'
diff --git a/kubernetes/dmaap/components/dmaap-bc/resources/aaf/org.onap.dmaap-bc.props b/kubernetes/dmaap/components/dmaap-bc/resources/aaf/org.onap.dmaap-bc.props
deleted file mode 100644
index 3c29073e7a..0000000000
--- a/kubernetes/dmaap/components/dmaap-bc/resources/aaf/org.onap.dmaap-bc.props
+++ /dev/null
@@ -1,15 +0,0 @@
-############################################################
-# Properties Generated by AT&T Certificate Manager
-# by root
-# on 2019-03-22T17:37:33.690+0000
-# @copyright 2016, AT&T
-############################################################
-aaf_env=DEV
-aaf_id=dmaap-bc@dmaap-bc.onap.org
-aaf_locate_url={{ .Values.aafLocateUrl }}
-aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.1
-cadi_etc_dir=/opt/app/osaaf/local
-cadi_latitude=38.000
-cadi_longitude=-72.000
-cadi_prop_files=/opt/app/osaaf/local/org.onap.dmaap-bc.location.props:/opt/app/osaaf/local/org.onap.dmaap-bc.cred.props
-cm_url=https://AAF_LOCATE_URL/%CNS.%AAF_NS.cm:2.1
diff --git a/kubernetes/dmaap/components/dmaap-bc/templates/configmap.yaml b/kubernetes/dmaap/components/dmaap-bc/templates/configmap.yaml
index 46ef837504..37d39effd6 100644
--- a/kubernetes/dmaap/components/dmaap-bc/templates/configmap.yaml
+++ b/kubernetes/dmaap/components/dmaap-bc/templates/configmap.yaml
@@ -51,16 +51,3 @@ metadata:
heritage: {{ .Release.Service }}
data:
{{ tpl (.Files.Glob "resources/dcaeLocations/*.json").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-aaf-config
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-data:
-{{ tpl (.Files.Glob "resources/aaf/*").AsConfig . | indent 2 }} \ No newline at end of file
diff --git a/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml b/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml
index a957acee9e..2cfa3738b2 100644
--- a/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml
+++ b/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml
@@ -43,63 +43,13 @@ spec:
name: {{ include "common.name" . }}-update-config
{{- if .Values.global.aafEnabled }}
- - name: {{ include "common.name" . }}-aaf-readiness
- command:
- - /root/ready.py
- args:
- - --container-name
- - aaf-locate
- - --container-name
- - aaf-cm
- - --container-name
- - aaf-service
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- - name: {{ include "common.name" . }}-aaf-config
- image: "{{ include "common.repository" . }}/{{ .Values.global.aafAgentImage }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command: ["bash","-c","exec /opt/app/aaf_config/bin/agent.sh"]
- volumeMounts:
- - mountPath: {{ .Values.persistence.aafCredsPath }}
- name: {{ include "common.name" . }}-aaf-config-vol
- env:
- - name: APP_FQI
- value: "{{ .Values.aafConfig.fqi }}"
- - name: aaf_locate_url
- value: "https://aaf-locate.{{ .Release.Namespace }}:8095"
- - name: aaf_locator_container
- value: "{{ .Values.global.aafLocatorContainer }}"
- - name: aaf_locator_container_ns
- value: "{{ .Release.Namespace }}"
- - name: aaf_locator_fqdn
- value: "{{ .Values.aafConfig.fqdn }}"
- - name: aaf_locator_public_fqdn
- value: "{{.Values.aafConfig.publicFqdn}}"
- - name: aaf_locator_app_ns
- value: "{{ .Values.global.aafAppNs }}"
- - name: DEPLOY_FQI
- value: "{{ .Values.aafConfig.aafDeployFqi }}"
- - name: DEPLOY_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ include "common.fullname" . }}-secret
- key: aaf-deploy-password
- - name: cadi_longitude
- value: "{{ .Values.aafConfig.cadiLongitude }}"
- - name: cadi_latitude
- value: "{{ .Values.aafConfig.cadiLatitude }}"
+
+{{ include "common.certInitializer.initContainer" . | nindent 6 }}
+
- name: {{ include "common.name" . }}-permission-fixer
image: "{{ .Values.global.busyBoxRepository }}/{{ .Values.global.busyBoxImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- volumeMounts:
- - mountPath: {{ .Values.persistence.aafCredsPath }}
- name: {{ include "common.name" . }}-aaf-config-vol
+ volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 8 }}
command: ["chown","-Rf","1000:1001", "/opt/app/"]
# See AAF-425 for explanation of why this is needed.
# This artifact is provisioned in AAF for both pks12 and jks format and apparently
@@ -108,9 +58,7 @@ spec:
- name: {{ include "common.name" . }}-cred-fixer
image: "{{ .Values.global.busyBoxRepository }}/{{ .Values.global.busyBoxImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- volumeMounts:
- - mountPath: {{ .Values.persistence.aafCredsPath }}
- name: {{ include "common.name" . }}-aaf-config-vol
+ volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 8 }}
command: ["/bin/sh"]
args: [ "-c", "sed -i -e '/cadi_keystore_password=/d' -e '/cadi_keystore_password_jks/p' -e 's/cadi_keystore_password_jks/cadi_keystore_password/' -e 's/dmaap-bc.p12/dmaap-bc.jks/' /opt/app/osaaf/local/org.onap.dmaap-bc.cred.props" ]
@@ -153,12 +101,10 @@ spec:
scheme: {{ if (include "common.needTLS" .) }}HTTPS{{ else }}HTTP{{ end }}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
- volumeMounts:
+ volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
- mountPath: /etc/localtime
name: localtime
readOnly: true
- - mountPath: {{ .Values.persistence.aafCredsPath }}
- name: {{ include "common.name" . }}-aaf-config-vol
# NOTE: on the following several configMaps, careful to include / at end
# since there may be more than one file in each mountPath
- name: {{ include "common.name" . }}-config
@@ -170,15 +116,13 @@ spec:
{{- if .Values.affinity }}
affinity: {{ toYaml .Values.affinity | nindent 10 }}
{{- end }}
- volumes:
+ volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }}
- name: localtime
hostPath:
path: /etc/localtime
- name: {{ include "common.name" . }}-config-input
configMap:
name: {{ include "common.fullname" . }}-config
- - name: {{ include "common.name" . }}-aaf-config-vol
- emptyDir: {}
- name: {{ include "common.name" . }}-config
emptyDir:
medium: Memory
diff --git a/kubernetes/dmaap/components/dmaap-bc/templates/secrets.yaml b/kubernetes/dmaap/components/dmaap-bc/templates/secrets.yaml
index 25f5e7ad60..7074e4de9a 100644
--- a/kubernetes/dmaap/components/dmaap-bc/templates/secrets.yaml
+++ b/kubernetes/dmaap/components/dmaap-bc/templates/secrets.yaml
@@ -13,20 +13,4 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-{{- if .Values.global.aafEnabled }}
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{ include "common.fullname" . }}-secret
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-type: Opaque
-data:
- aaf-deploy-password: {{ index .Values.aafConfig.aafDeployPass | b64enc | quote }}
-{{- end }}
----
{{ include "common.secretFast" . }}
diff --git a/kubernetes/dmaap/components/dmaap-bc/values.yaml b/kubernetes/dmaap/components/dmaap-bc/values.yaml
index d975dbaad2..d9936d79f4 100644
--- a/kubernetes/dmaap/components/dmaap-bc/values.yaml
+++ b/kubernetes/dmaap/components/dmaap-bc/values.yaml
@@ -64,15 +64,21 @@ topicMgrPwd: demo123456!
adminUser: aaf_admin@people.osaaf.org
adminPwd: demo123456!
-#AAF local config
-aafConfig:
+#################################################################
+# AAF part
+#################################################################
+certInitializer:
+ nameOverride: dmaap-bc-cert-initializer
aafDeployFqi: deployer@people.osaaf.org
aafDeployPass: demo123456!
+ # aafDeployCredsExternalSecret: some secret
fqdn: dmaap-bc
fqi: dmaap-bc@dmaap-bc.onap.org
publicFqdn: dmaap-bc.onap.org
cadiLatitude: 0.0
cadiLongitude: 0.0
+ app_ns: org.osaaf.aaf
+ credsPath: /opt/app/osaaf/local
persistence:
aafCredsPath: /opt/app/osaaf/local/