Merge "Adding NSSMF adapter chart"

10 files changed, 561 insertions, 0 deletions

diff --git a/kubernetes/so/charts/so-nssmf-adapter/Chart.yaml b/kubernetes/so/charts/so-nssmf-adapter/Chart.yaml
new file mode 100755
index 0000000000..b3311d1c8c
--- /dev/null
+++ b/kubernetes/so/charts/so-nssmf-adapter/Chart.yaml
@@ -0,0 +1,18 @@
+# Copyright © 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+apiVersion: v1
+appVersion: "1.0"
+description: A Helm chart for Kubernetes
+name: so-nssmf-adapter
+version: 6.0.0
\ No newline at end of file
diff --git a/kubernetes/so/charts/so-nssmf-adapter/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-nssmf-adapter/resources/config/overrides/override.yaml
new file mode 100755
index 0000000000..10741b75e7
--- /dev/null
+++ b/kubernetes/so/charts/so-nssmf-adapter/resources/config/overrides/override.yaml
@@ -0,0 +1,66 @@
+# Copyright © 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+aai:
+  auth: {{ include "helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.aai.auth )}}
+  endpoint: https://aai.{{ include "common.namespace" . }}:8443
+logging:
+  path: logs
+spring:
+  datasource:
+    jdbc-url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/requestdb
+    username: ${DB_USERNAME}
+    password: ${DB_PASSWORD}
+    driver-class-name: org.mariadb.jdbc.Driver
+  jpa:
+    show-sql: false
+    hibernate:
+      dialect: org.hibernate.dialect.MySQL5Dialect
+      ddl-auto: validate
+      naming-strategy: org.hibernate.cfg.ImprovedNamingStrategy
+      enable-lazy-load-no-trans: true
+  security:
+    usercredentials:
+      - username: ${BPEL_USERNAME}
+        password: ${BPEL_PASSWORD}
+        role: BPEL-Client
+      - username: ${ACTUATOR_USERNAME}
+        password: ${ACTUATOR_PASSWORD}
+        role: ACTUATOR
+server:
+  port: {{ index .Values.containerPort }}
+  tomcat:
+    max-threads: 50
+
+mso:
+  site-name: localSite
+  logPath: ./logs/nssmf
+  msb-ip: msb-iag.{{ include "common.namespace" . }}
+  msb-port: 80
+  adapters:
+    requestDb:
+      endpoint: https://so-request-db-adapter.{{ include "common.namespace" . }}:8083
+      auth: {{ include "helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.mso.adapters.requestDb.auth )}}
+#Actuator
+management:
+  endpoints:
+    web:
+      base-path: /manage
+      exposure:
+        include: "*"
+  metrics:
+    se-global-registry: false
+    export:
+      prometheus:
+        enabled: true # Whether exporting of metrics to Prometheus is enabled.
+        step: 1m # Step size (i.e. reporting frequency) to use.
diff --git a/kubernetes/so/charts/so-nssmf-adapter/templates/configmap.yaml b/kubernetes/so/charts/so-nssmf-adapter/templates/configmap.yaml
new file mode 100755
index 0000000000..85d00fddf3
--- /dev/null
+++ b/kubernetes/so/charts/so-nssmf-adapter/templates/configmap.yaml
@@ -0,0 +1,26 @@
+# Copyright © 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+apiVersion: v1
+kind: ConfigMap
+metadata: {{- include "common.resourceMetadata" (dict "dot" . "suffix" "env") | nindent 2 }}
+data:
+  LOG_PATH: {{ index .Values.logPath }}
+  APP: {{ index .Values.app }}
+  ACTIVE_PROFILE: {{ include "helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" "aaf" "value2" "basic")}}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
+data:
+{{ tpl (.Files.Glob "resources/config/overrides/*").AsConfig . | indent 2 }}
diff --git a/kubernetes/so/charts/so-nssmf-adapter/templates/deployment.yaml b/kubernetes/so/charts/so-nssmf-adapter/templates/deployment.yaml
new file mode 100755
index 0000000000..8d1eaf8ea4
--- /dev/null
+++ b/kubernetes/so/charts/so-nssmf-adapter/templates/deployment.yaml
@@ -0,0 +1,131 @@
+# Copyright © 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+apiVersion: apps/v1
+kind: Deployment
+metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
+spec:
+  selector: {{- include "common.selectors" . | nindent 4 }}
+  replicas: {{ index .Values.replicaCount }}
+  minReadySeconds: {{ index .Values.minReadySeconds }}
+  strategy:
+    type: {{ index .Values.updateStrategy.type }}
+    rollingUpdate:
+      maxUnavailable: {{ index .Values.updateStrategy.maxUnavailable }}
+      maxSurge: {{ index .Values.updateStrategy.maxSurge }}
+  template:
+    metadata:
+      labels: {{- include "common.labels" . | nindent 8 }}
+    spec:
+      initContainers: {{ include "so.certificate.container_importer" . | nindent 8 }}
+        - name: {{ include "common.name" . }}-readiness
+          command:
+            - /root/job_complete.py
+          args:
+            - --job-name
+            - {{ include "common.release" . }}-so-mariadb-config-job
+          env:
+            - name: NAMESPACE
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: metadata.namespace
+          image: {{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}
+          imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+      containers:
+        - name: {{ include "common.name" . }}
+          command:
+            - sh
+          args:
+            - -c
+            - export BPEL_PASSWORD=`htpasswd -bnBC 10 "" $BPEL_PASSWORD_INPUT | tr -d ':\n' | sed 's/\$2y/\$2a/'`; export ACTUATOR_PASSWORD=`htpasswd -bnBC 10 "" $ACTUATOR_PASSWORD_INPUT | tr -d ':\n' | sed 's/\$2y/\$2a/'`; ./start-app.sh
+          image: {{ include "common.repository" . }}/{{ .Values.image }}
+          resources: {{ include "common.resources" . | nindent 12 }}
+          ports: {{- include "common.containerPorts" . | nindent 12  }}
+          env:
+            - name: DB_HOST
+              valueFrom:
+                secretKeyRef:
+                  name: {{ include "common.release" . }}-so-db-secrets
+                  key: mariadb.readwrite.host
+            - name: DB_PORT
+              valueFrom:
+                secretKeyRef:
+                  name: {{ include "common.release" . }}-so-db-secrets
+                  key: mariadb.readwrite.port
+            - name: DB_USERNAME
+              {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-user-creds" "key" "login") | indent 14 }}
+            - name: DB_PASSWORD
+              {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-user-creds" "key" "password") | indent 14 }}
+            - name: DB_ADMIN_USERNAME
+              {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-admin-creds" "key" "login") | indent 14 }}
+            - name: DB_ADMIN_PASSWORD
+              {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-admin-creds" "key" "password") | indent 14 }}
+            - name: TRUSTSTORE
+              value: {{ .Values.global.client.certs.truststore }}
+            - name: TRUSTSTORE_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: {{ .Release.Name}}-so-client-certs-secret
+                  key: trustStorePassword
+            - name: BPEL_USERNAME
+              {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "server-bpel-creds" "key" "login") | indent 14 }}
+            - name: BPEL_PASSWORD_INPUT
+              {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "server-bpel-creds" "key" "password") | indent 14 }}
+            - name: ACTUATOR_USERNAME
+              {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "server-actuator-creds" "key" "login") | indent 14 }}
+            - name: ACTUATOR_PASSWORD_INPUT
+              {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "server-actuator-creds" "key" "password") | indent 14 }}
+            {{- if eq .Values.global.security.aaf.enabled true }}
+            - name: KEYSTORE
+              value: {{ .Values.global.client.certs.keystore }}
+            - name: KEYSTORE_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: {{ .Release.Name}}-so-client-certs-secret
+                  key: keyStorePassword
+            {{- end }}
+          envFrom:
+            - configMapRef:
+                name: {{ include "common.fullname" . }}-env
+          imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+          volumeMounts: {{ include "so.certificate.volume-mounts" . | nindent 12 }}
+            - name: logs
+              mountPath: /app/logs
+            - name: config
+              mountPath: /app/config
+              readOnly: true
+            - name: {{ include "common.fullname" . }}-truststore
+              mountPath: /app/client
+              readOnly: true
+          livenessProbe:
+            httpGet:
+              path: {{ index .Values.livenessProbe.path}}
+              port: {{ index .Values.containerPort }}
+              scheme: {{ index .Values.livenessProbe.scheme}}
+            initialDelaySeconds: {{ index .Values.livenessProbe.initialDelaySeconds}}
+            periodSeconds: {{ index .Values.livenessProbe.periodSeconds}}
+            timeoutSeconds: {{ index .Values.livenessProbe.timeoutSeconds}}
+            successThreshold: {{ index .Values.livenessProbe.successThreshold}}
+            failureThreshold: {{ index .Values.livenessProbe.failureThreshold}}
+      volumes: {{ include "so.certificate.volumes" . | nindent 8 }}
+        - name: logs
+          emptyDir: {}
+        - name: config
+          configMap:
+            name: {{ include "common.fullname" . }}
+        - name:  {{ include "common.fullname" . }}-truststore
+          secret:
+            secretName: {{ include "common.release" . }}-so-truststore-secret
+      imagePullSecrets:
+        - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/so/charts/so-nssmf-adapter/templates/secret.yaml b/kubernetes/so/charts/so-nssmf-adapter/templates/secret.yaml
new file mode 100644
index 0000000000..a39363ffdd
--- /dev/null
+++ b/kubernetes/so/charts/so-nssmf-adapter/templates/secret.yaml
@@ -0,0 +1,15 @@
+# Copyright © 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+{{ include "common.secretFast" . }}
diff --git a/kubernetes/so/charts/so-nssmf-adapter/templates/service.yaml b/kubernetes/so/charts/so-nssmf-adapter/templates/service.yaml
new file mode 100755
index 0000000000..cf08482ad2
--- /dev/null
+++ b/kubernetes/so/charts/so-nssmf-adapter/templates/service.yaml
@@ -0,0 +1,15 @@
+# Copyright © 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+{{ include "common.service" . }}
diff --git a/kubernetes/so/charts/so-nssmf-adapter/values.yaml b/kubernetes/so/charts/so-nssmf-adapter/values.yaml
new file mode 100755
index 0000000000..44536a8a33
--- /dev/null
+++ b/kubernetes/so/charts/so-nssmf-adapter/values.yaml
@@ -0,0 +1,136 @@
+# Copyright © 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+  nodePortPrefix: 302
+  nodePortPrefixExt: 304
+  repository: nexus3.onap.org:10001
+  readinessRepository: oomk8s
+  readinessImage: readiness-check:2.0.2
+  persistence:
+    mountPath: /dockerdata-nfs
+
+#################################################################
+# Secrets metaconfig
+#################################################################
+secrets:
+  - uid: db-user-creds
+    name: '{{ include "common.release" . }}-so-bpmn-infra-db-user-creds'
+    type: basicAuth
+    externalSecret: '{{ tpl (default "" .Values.db.userCredsExternalSecret) . }}'
+    login: '{{ .Values.db.userName }}'
+    password: '{{ .Values.db.userPassword }}'
+    passwordPolicy: required
+  - uid: db-admin-creds
+    name: '{{ include "common.release" . }}-so-bpmn-infra-db-admin-creds'
+    type: basicAuth
+    externalSecret: '{{ tpl (default "" .Values.db.adminCredsExternalSecret) . }}'
+    login: '{{ .Values.db.adminName }}'
+    password: '{{ .Values.db.adminPassword }}'
+    passwordPolicy: required
+  - uid: "so-onap-certs"
+    externalSecret: '{{ tpl (default "" .Values.certSecret) . }}'
+    type: generic
+    filePaths: '{{ .Values.secretsFilePaths }}'
+  - uid: server-bpel-creds
+    name: '{{ include "common.release" . }}-so-server-bpel-creds'
+    type: basicAuth
+    externalSecret: '{{ tpl (default "" .Values.server.bpelCredsExternalSecret) . }}'
+    login: '{{ .Values.server.bpel.username }}'
+    password: '{{ .Values.server.bpel.password }}'
+    passwordPolicy: required
+  - uid: server-actuator-creds
+    name: '{{ include "common.release" . }}-so-server-actuator-creds'
+    type: basicAuth
+    externalSecret: '{{ tpl (default "" .Values.server.actuatorCredsExternalSecret) . }}'
+    login: '{{ .Values.server.actuator.username }}'
+    password: '{{ .Values.server.actuator.password }}'
+    passwordPolicy: required
+
+
+#secretsFilePaths: |
+#  - 'my file 1'
+#  - '{{ include "templateThatGeneratesFileName" . }}'
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+repository: nexus3.onap.org:10001
+image: onap/so/nssmf-adapter:1.6.0
+pullPolicy: Always
+
+db:
+  userName: so_user
+  userPassword: so_User123
+  # userCredsExternalSecret: some secret
+  adminName: so_admin
+  adminPassword: so_Admin123
+  # adminCredsExternalSecret: some secret
+server:
+  actuator:
+    username: mso_admin
+    password: password1$
+  bpel:
+    username: bpel
+    password: password1$
+
+replicaCount: 1
+minReadySeconds: 10
+containerPort: 8088
+logPath: ./logs/nssmf/
+app: nssmf-adapter
+service:
+  type: ClusterIP
+  ports:
+    - name: api
+      port: 8088
+updateStrategy:
+    type: RollingUpdate
+    maxUnavailable: 1
+    maxSurge: 1
+# Resource Limit flavor -By Default using small
+flavor: small
+# Segregation for Different environment (Small and Large)
+resources:
+  small:
+    limits:
+      memory: 4Gi
+      cpu: 2000m
+    requests:
+      memory: 1Gi
+      cpu: 500m
+  large:
+    limits:
+      memory: 8Gi
+      cpu: 4000m
+    requests:
+      memory: 2Gi
+      cpu: 1000m
+  unlimited: {}
+livenessProbe:
+    path: /manage/health
+    port: 8088
+    scheme: HTTP
+    initialDelaySeconds: 600
+    periodSeconds: 60
+    timeoutSeconds: 10
+    successThreshold: 1
+    failureThreshold: 3
+ingress:
+  enabled: false
+nodeSelector: {}
+tolerations: []
+affinity: {}
diff --git a/kubernetes/so/charts/so-secrets/resources/certs/org.onap.so.trust.jks b/kubernetes/so/charts/so-secrets/resources/certs/org.onap.so.trust.jks
index 96931ce168..9ebe9a8041 100644
--- a/kubernetes/so/charts/so-secrets/resources/certs/org.onap.so.trust.jks
+++ b/kubernetes/so/charts/so-secrets/resources/certs/org.onap.so.trust.jks
diff --git a/kubernetes/so/resources/config/log/logback.nssmf.xml b/kubernetes/so/resources/config/log/logback.nssmf.xml
new file mode 100755
index 0000000000..b3117ee7a0
--- /dev/null
+++ b/kubernetes/so/resources/config/log/logback.nssmf.xml
@@ -0,0 +1,132 @@
+<configuration scan="false" debug="true">
+  <!--<jmxConfigurator /> -->
+  <!-- directory path for all other type logs -->
+  <property name="logDir" value="/var/log/onap" />
+  <!-- directory path for debugging type logs -->
+  <property name="debugDir" value="/var/log/onap" />
+  <!--  specify the component name
+           <ECOMP-component-name>::= "MSO" | "DCAE" | "ASDC " | "AAI" |"Policy" | "SDNC" | "AC"  -->
+  <property name="componentName" value="MSO"></property>
+  <property name="subComponentName" value="nssmfadapter"></property>
+  <!--  log file names -->
+  <property name="errorLogName" value="error" />
+  <property name="metricsLogName" value="metrics" />
+  <property name="auditLogName" value="audit" />
+  <property name="debugLogName" value="debug" />
+
+  <property name="errorPattern" value="%d{&quot;yyyy-MM-dd'T'HH:mm:ss.SSSXXX&quot;, UTC}|%X{RequestId}|%thread|%X{ServiceName}|%X{PartnerName}|%X{TargetEntity}|%X{TargetServiceName}|%.-5level|%X{ErrorCode}|%X{ErrorDesc}|%msg%n" />
+  <property name="debugPattern" value="%d{&quot;yyyy-MM-dd'T'HH:mm:ss.SSSXXX&quot;, UTC}|%X{RequestId}|%msg%n" />
+
+  <property name="auditPattern" value="%X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%thread||%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDesc}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{Timer}|%X{ServerFQDN}|%X{RemoteHost}||||||||%msg%n" />
+  <property name="metricPattern" value="%X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%thread||%X{ServiceName}|%X{PartnerName}|%X{TargetEntity}|%X{TargetServiceName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDesc}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{Timer}|%X{ServerFQDN}|%X{RemoteHost}||||%X{TargetVirtualEntity}|||||%msg%n" />
+  <property name="logDirectory" value="${logDir}/${componentName}/${subComponentName}" />
+  <property name="debugLogDirectory" value="${debugDir}/${componentName}/${subComponentName}" />
+
+  <!-- ============================================================================ -->
+  <!-- EELF Appenders -->
+  <!-- ============================================================================ -->
+
+  <!-- The EELFAppender is used to record events to the general application
+      log -->
+  <!-- EELF Audit Appender. This appender is used to record audit engine
+    related logging events. The audit logger and appender are specializations
+    of the EELF application root logger and appender. This can be used to segregate
+    Policy engine events from other components, or it can be eliminated to record
+    these events as part of the application root log. -->
+  <appender name="EELFAudit"
+            class="ch.qos.logback.core.rolling.RollingFileAppender">
+    <file>${logDirectory}/${auditLogName}${jboss.server.name}.log</file>
+    <rollingPolicy
+            class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+      <fileNamePattern>${logDirectory}/${auditLogName}${jboss.server.name}.log.%d</fileNamePattern>
+      <!--<maxHistory>30</maxHistory>-->
+    </rollingPolicy>
+    <encoder>
+      <pattern>${auditPattern}</pattern>
+    </encoder>
+  </appender>
+  <appender name="asyncEELFAudit" class="ch.qos.logback.classic.AsyncAppender">
+    <queueSize>256</queueSize>
+    <appender-ref ref="EELFAudit" />
+  </appender>
+
+  <appender name="EELFMetrics"
+            class="ch.qos.logback.core.rolling.RollingFileAppender">
+    <file>${logDirectory}/${metricsLogName}${jboss.server.name}.log</file>
+    <rollingPolicy
+            class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+      <fileNamePattern>${logDirectory}/${metricsLogName}${jboss.server.name}.log.%d</fileNamePattern>
+      <!--<maxHistory>30</maxHistory>-->
+    </rollingPolicy>
+    <encoder>
+      <!-- <pattern>"%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} -
+       %msg%n"</pattern> -->
+      <pattern>${metricPattern}</pattern>
+    </encoder>
+  </appender>
+
+  <appender name="asyncEELFMetrics" class="ch.qos.logback.classic.AsyncAppender">
+    <queueSize>256</queueSize>
+    <appender-ref ref="EELFMetrics"/>
+  </appender>
+
+  <appender name="EELFError"
+            class="ch.qos.logback.core.rolling.RollingFileAppender">
+    <file>${logDirectory}/${errorLogName}${jboss.server.name}.log</file>
+    <rollingPolicy
+            class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+      <fileNamePattern>${logDirectory}/${errorLogName}${jboss.server.name}.log.%d</fileNamePattern>
+      <!--<maxHistory>30</maxHistory>-->
+    </rollingPolicy>
+    <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+      <level>INFO</level>
+    </filter>
+    <encoder>
+      <pattern>${errorPattern}</pattern>
+    </encoder>
+  </appender>
+
+  <appender name="asyncEELFError" class="ch.qos.logback.classic.AsyncAppender">
+    <queueSize>256</queueSize>
+    <appender-ref ref="EELFError"/>
+  </appender>
+
+  <appender name="EELFDebug"
+            class="ch.qos.logback.core.rolling.RollingFileAppender">
+    <file>${debugLogDirectory}/${debugLogName}${jboss.server.name}.log</file>
+    <rollingPolicy
+            class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+      <fileNamePattern>${debugLogDirectory}/${debugLogName}${jboss.server.name}.log.%d</fileNamePattern>
+      <!--<maxHistory>30</maxHistory>-->
+    </rollingPolicy>
+    <encoder>
+      <pattern>${debugPattern}</pattern>
+    </encoder>
+  </appender>
+
+  <appender name="asyncEELFDebug" class="ch.qos.logback.classic.AsyncAppender">
+    <queueSize>256</queueSize>
+    <appender-ref ref="EELFDebug" />
+    <includeCallerData>true</includeCallerData>
+  </appender>
+
+  <!-- ============================================================================ -->
+  <!--  EELF loggers -->
+  <!-- ============================================================================ -->
+
+  <logger name="com.att.eelf.audit" level="info" additivity="false">
+    <appender-ref ref="asyncEELFAudit" />
+  </logger>
+
+  <logger name="com.att.eelf.metrics" level="info" additivity="false">
+    <appender-ref ref="asyncEELFMetrics" />
+  </logger>
+
+  <logger name="com.att.eelf.error" level="debug" additivity="false">
+    <appender-ref ref="asyncEELFError" />
+  </logger>
+  <root level="INFO">
+    <appender-ref ref="asyncEELFDebug" />
+  </root>
+
+</configuration>
diff --git a/kubernetes/so/values.yaml b/kubernetes/so/values.yaml
index e9c5637eef..6cbfc74b52 100755
--- a/kubernetes/so/values.yaml
+++ b/kubernetes/so/values.yaml
@@ -407,6 +407,28 @@ so-vfc-adapter:
       requestDb:
         auth: Basic YnBlbDpwYXNzd29yZDEk
 
+so-nssmf-adapter:
+  certSecret: *so-certs
+  db:
+    <<: *dbSecrets
+  aaf:
+    auth:
+      username: so@so.onap.org
+      password: 8DB1C939BFC6A35C3832D0E52E452D0E05AE2537AF142CECD125FF827C05A972FDD0F4700547DA
+  aai:
+    auth: 2A11B07DB6214A839394AA1EC5844695F5114FC407FF5422625FB00175A3DCB8A1FF745F22867EFA72D5369D599BBD88DA8BED4233CF5586
+  mso:
+    key: 07a7159d3bf51a0e53be7a8f89699be7
+    config:
+      cadi:
+        aafId: so@so.onap.org
+        aafPassword: enc:EME-arXn2lx8PO0f2kEtyK7VVGtAGWavXorFoxRmPO9
+        apiEnforcement: org.onap.so.nssmfAdapterPerm
+        noAuthn: /manage/health
+    adapters:
+      requestDb:
+        auth: Basic YnBlbDpwYXNzd29yZDEk
+
 so-vnfm-adapter:
   certSecret: *so-certs
   aaf: