aboutsummaryrefslogtreecommitdiffstats
path: root/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/init.cql
diff options
context:
space:
mode:
authorMahendra Raghuwanshi <mahendra.raghuwanshi@amdocs.com>2018-05-03 12:15:03 +0000
committerMandeep Khinda <mandeep.khinda@amdocs.com>2018-05-07 14:55:26 -0400
commitafb1e2a536aecbbf0a90155749a23eb2de54f223 (patch)
treebc17887d30dc4b01a72fd32270513dec32b8d77f /kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/init.cql
parent89dbd64a432ccb3c08b8c6303d53d80c3d9fe3a6 (diff)
AAF Charts
-PS3-MK -renaming charts to remove hyphen -refactoring service name configuration. It wasn't quite correct the way it was. It was taking the chart name as the service name and not using the values.yaml from the top level chart as intended. -Jonathan asked to name the main app service "aaf-service and cassandra to "aaf-cass" as this is what is in the cert -squashed https://gerrit.onap.org/r/#/c/45923/1 into this commit. -updated robot to the latest settings Robot tests are failing but all pods come up. I think this can be merged and the AAF team investigate the robot health issue in a running system -PS4-MK -reverting sms changes and taking the latest from master -removing repository from the global section of the aaf values. -this was causing all images to be pulled from nexus3.onap.org which was failing to pull images that come from docker hub. There is supposed to be a proxy through nexus3 to dockerhub but maybe we are missing something. -PS5-MK -removing nodeports from non gui related charts. There are conflicts -PS6-Kiran -Adding imagepullsecrets for aaf-sms-vault subchart -updated image repository to pull from nexus3 -tested and works now and should fix the pull errors -PS7-Kiran -Previous patch picked up a couple of unintended changes -Reverting them -PS8-MK -removing names from identities -using https for robot test Issue-ID: OOM-930 Change-Id: I98f40ef5af03dda73aebf12f6fa48d928915ab34 Signed-off-by: Mahendra Raghuwanshi <mahendra.raghuwanshi@amdocs.com> Add Beijing CQLs into OOM Issue-ID: AAF-114 Change-Id: I2c2d46738ba0885c41f710997d4b212b6ce4d2de Signed-off-by: Instrumental <jonathan.gathman@att.com> Signed-off-by: Mandeep Khinda <mandeep.khinda@amdocs.com> Signed-off-by: Kiran Kamineni <kiran.k.kamineni@intel.com>
Diffstat (limited to 'kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/init.cql')
-rw-r--r--kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/init.cql112
1 files changed, 68 insertions, 44 deletions
diff --git a/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/init.cql b/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/init.cql
index 81700f830c..c06e5ee952 100644
--- a/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/init.cql
+++ b/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/init.cql
@@ -1,35 +1,6 @@
-// For Developer Machine single instance
-//
-CREATE KEYSPACE authz
-WITH REPLICATION = {'class' : 'SimpleStrategy','replication_factor':1};
-//
-// From Ravi, 6-17-2014. User for DEVL->TEST
-//
-// CREATE KEYSPACE authz WITH replication = { 'class': 'NetworkTopologyStrategy', 'HYWRCA02': '2', 'BRHMALDC': '2' };
-//
-// PROD
-//
-// CREATE KEYSPACE authz WITH replication = {'class': 'NetworkTopologyStrategy','ALPSGACT': '2','STLSMORC': '2','BRHMALDC': '2' };
-//
-// create user authz with password '<AUTHZ PASSWORD>' superuser;
-// grant all on keyspace authz to authz;
-//
-// For TEST (aaf_test)
-// CREATE KEYSPACE authz WITH replication = { 'class': 'NetworkTopologyStrategy', 'BRHMALDC': '1' };
-//
-// DEVL
-// CREATE KEYSPACE authz WITH replication = {'class': 'NetworkTopologyStrategy','STLSMORC': '2' };
-//
-// TEST / PERF
-// CREATE KEYSPACE authz WITH replication = {'class': 'NetworkTopologyStrategy','STLSMORC': '3','KGMTNC20': '3' };
-//
-// IST
-// CREATE KEYSPACE authz WITH replication = {'class': 'NetworkTopologyStrategy','STLSMORC':'3',
-// 'DLLSTXCF':'3','KGMTNC20':'3','SFLDMIBB':'3','HYWRCA02':'3' };
-//
-// with 6 localized with ccm
-// CREATE KEYSPACE authz WITH replication = { 'class': 'NetworkTopologyStrategy', 'dc1': '2', 'dc2': '2' };
-//
+
+// Table Initialization
+// First make sure the keyspace exists.
USE authz;
@@ -51,12 +22,6 @@ CREATE TABLE ns (
);
CREATE INDEX ns_parent on ns(parent);
-
-// Oct 2015, not performant. Made Owner and Attrib first class Roles,
-// April, 2015. Originally, the plan was to utilize Cassandra 2.1.2, however, other team's preferences were to remain at current levels.
-// Therefore, we are taking the separate table approach. (coder Jeremiah Rohwedder)
-// We had dropped this by making first class objects of Responsible (Owner) and Admin. We need this again to mark namespaces
-// as having certain tools, like SWM, etc.
CREATE TABLE ns_attrib (
ns varchar,
key varchar,
@@ -125,10 +90,10 @@ CREATE INDEX cert_id ON cert(id);
CREATE INDEX cert_x500 ON cert(x500);
CREATE TABLE notify (
- user text,
- type int,
- last timestamp,
- checksum int,
+ user text,
+ type int,
+ last timestamp,
+ checksum int,
PRIMARY KEY (user,type)
);
@@ -155,14 +120,16 @@ CREATE TABLE artifact (
sponsor text,
ca text,
dir text,
- appName text,
os_user text,
+ ns text,
notify text,
expires timestamp,
- renewDays int,
+ renewDays int,
+ sans Set<text>,
PRIMARY KEY (mechid,machine)
);
CREATE INDEX artifact_machine ON artifact(machine);
+CREATE INDEX artifact_ns ON artifact(ns);
//
// Non-Critical Table functions
@@ -216,6 +183,7 @@ CREATE TABLE approval (
status varchar, // approval status. pending, approved, denied
memo varchar, // Text for Approval to know what's going on
operation varchar, // List operation to perform
+ last_notified timestamp, // Timestamp for the last time approver was notified
PRIMARY KEY(id)
);
CREATE INDEX appr_approver_idx ON approval(approver);
@@ -223,6 +191,19 @@ CREATE INDEX appr_user_idx ON approval(user);
CREATE INDEX appr_ticket_idx ON approval(ticket);
CREATE INDEX appr_status_idx ON approval(status);
+CREATE TABLE approved (
+ id timeuuid, // unique Key
+ user varchar, // the user who needs to be approved
+ approver varchar, // user approving
+ type varchar, // approver types i.e. Supervisor, Owner
+ status varchar, // approval status. pending, approved, denied
+ memo varchar, // Text for Approval to know what's going on
+ operation varchar, // List operation to perform
+ PRIMARY KEY(id)
+ );
+CREATE INDEX approved_approver_idx ON approved(approver);
+CREATE INDEX approved_user_idx ON approved(user);
+
CREATE TABLE delegate (
user varchar,
delegate varchar,
@@ -231,6 +212,49 @@ CREATE TABLE delegate (
);
CREATE INDEX delg_delg_idx ON delegate(delegate);
+// OAuth Tokens
+CREATE TABLE oauth_token (
+ id text, // Reference
+ client_id text, // Creating Client ID
+ user text, // User requesting
+ active boolean, // Active or not
+ type int, // Type of Token
+ refresh text, // Refresh Token
+ expires timestamp, // Expiration time/Date (signed long)
+ exp_sec bigint, // Seconds from Jan 1, 1970
+ content text, // Content of Token
+ scopes Set<text>, // Scopes
+ state text, // Context string (Optional)
+ req_ip text, // Requesting IP (for logging purpose)
+ PRIMARY KEY(id)
+) with default_time_to_live = 21600; // 6 hours
+CREATE INDEX oauth_token_user_idx ON oauth_token(user);
+
+CREATE TABLE locate (
+ name text, // Component/Server name
+ hostname text, // FQDN of Service/Component
+ port int, // Port of Service
+ major int, // Version, Major
+ minor int, // Version, Minor
+ patch int, // Version, Patch
+ pkg int, // Version, Package (if available)
+ latitude float, // Latitude
+ longitude float, // Longitude
+ protocol text, // Protocol (i.e. http https)
+ subprotocol set<text>, // Accepted SubProtocols, ie. TLS1.1 for https
+ port_key uuid, // Key into locate_ports
+ PRIMARY KEY(name,hostname,port)
+) with default_time_to_live = 1200; // 20 mins
+
+CREATE TABLE locate_ports (
+ id uuid, // Id into locate
+ port int, // SubPort
+ name text, // Name of Other Port
+ protocol text, // Protocol of Other (i.e. JMX, DEBUG)
+ subprotocol set<text>, // Accepted sub protocols or versions
+ PRIMARY KEY(id, port)
+) with default_time_to_live = 1200; // 20 mins;
+
//
// Used by authz-batch processes to ensure only 1 runs at a time
//