diff options
author | Krzysztof Opasiak <k.opasiak@samsung.com> | 2020-02-19 01:44:30 +0100 |
---|---|---|
committer | Krzysztof Opasiak <k.opasiak@samsung.com> | 2020-03-13 02:22:34 +0100 |
commit | 967946cac8b5885baae4532cfee88f0ce7ae7aac (patch) | |
tree | 7cb5ed73a42b2dd29fbd896bae9d8d240c7e1f2a /kubernetes/appc | |
parent | 367b492a7fab6170e726b24e39fe82d0c19358ae (diff) |
[APPC] Use common secret tamplate for mariadb-galera credentials
Use init container construction & common secret template to remove
hardcoded mysql db credentials.
For now credentials are still hardcoded in the values file to avoid
making too many changes at once.
I also had to make properties files writeable because appc uses some
weird design and modifies them inside main container while starting
odl.
Issue-ID: OOM-2275
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: Ie36522fc1fdf92a382d5f25a54d4cb150b57ea35
Diffstat (limited to 'kubernetes/appc')
13 files changed, 146 insertions, 62 deletions
diff --git a/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/installAppcDb.sh b/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/installAppcDb.sh index 1b951d0406..46d0e119be 100755 --- a/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/installAppcDb.sh +++ b/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/installAppcDb.sh @@ -23,9 +23,10 @@ SDNC_HOME=${SDNC_HOME:-/opt/onap/ccsdk} APPC_HOME=${APPC_HOME:-/opt/onap/appc} MYSQL_PASSWD=${MYSQL_ROOT_PASSWORD} -APPC_DB_USER=${APPC_DB_USER:-appcctl} -APPC_DB_PASSWD=${APPC_DB_PASSWD:-appcctl} -APPC_DB_DATABASE=${SDN_DB_DATABASE:-appcctl} +APPC_DB_USER=${APPC_DB_USER} +APPC_DB_PASSWD=${APPC_DB_PASSWD} +APPC_DB_DATABASE={{.Values.config.appcdb.dbName}} +SDNC_DB_DATABASE={{.Values.config.sdncdb.dbName}} # Create tablespace and user account @@ -40,15 +41,15 @@ END if [ -f ${APPC_HOME}/data/appcctl.dump ] then - mysql -h {{.Values.config.mariadbGaleraSVCName}}.{{.Release.Namespace}} -u root -p${MYSQL_PASSWD} appcctl < ${APPC_HOME}/data/appcctl.dump + mysql -h {{.Values.config.mariadbGaleraSVCName}}.{{.Release.Namespace}} -u root -p${MYSQL_PASSWD} ${APPC_DB_DATABASE} < ${APPC_HOME}/data/appcctl.dump fi if [ -f ${APPC_HOME}/data/sdnctl.dump ] then - mysql -h {{.Values.config.mariadbGaleraSVCName}}.{{.Release.Namespace}} -u root -p${MYSQL_PASSWD} sdnctl < ${APPC_HOME}/data/sdnctl.dump + mysql -h {{.Values.config.mariadbGaleraSVCName}}.{{.Release.Namespace}} -u root -p${MYSQL_PASSWD} ${SDNC_DB_DATABASE} < ${APPC_HOME}/data/sdnctl.dump fi if [ -f ${APPC_HOME}/data/sqlData.dump ] then - mysql -h {{.Values.config.mariadbGaleraSVCName}}.{{.Release.Namespace}} -u root -p${MYSQL_PASSWD} sdnctl < ${APPC_HOME}/data/sqlData.dump + mysql -h {{.Values.config.mariadbGaleraSVCName}}.{{.Release.Namespace}} -u root -p${MYSQL_PASSWD} ${SDNC_DB_DATABASE} < ${APPC_HOME}/data/sqlData.dump fi diff --git a/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/appc.properties b/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/appc.properties index 914d60850b..978dead538 100644 --- a/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/appc.properties +++ b/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/appc.properties @@ -42,13 +42,13 @@ appc.topology.dg.method=topology-operation-all appc.topology.dg.version=2.0.0 # TEMP - Properties that might be needed to make the AAI-APPC connection -org.onap.appc.db.url.appcctl=jdbc:mysql://{{.Values.config.mariadbGaleraSVCName}}:3306/appcctl -org.onap.appc.db.user.appcctl=appcctl -org.onap.appc.db.pass.appcctl=appcctl +org.onap.appc.db.url.appcctl=jdbc:mysql://{{.Values.config.mariadbGaleraSVCName}}:3306/{{.Values.config.appcdb.dbName}} +org.onap.appc.db.user.appcctl=${APPC_DB_USER} +org.onap.appc.db.pass.appcctl=${APPC_DB_PASSWD} -org.onap.appc.db.url.sdnctl=jdbc:mysql://{{.Values.config.mariadbGaleraSVCName}}:3306/sdnctl -org.onap.appc.db.user.sdnctl=sdnctl -org.onap.appc.db.pass.sdnctl=gamma +org.onap.appc.db.url.sdnctl=jdbc:mysql://{{.Values.config.mariadbGaleraSVCName}}:3306/{{.Values.config.sdncdb.dbName}} +org.onap.appc.db.user.sdnctl=${SDNC_DB_USER} +org.onap.appc.db.pass.sdnctl=${SDNC_DB_PASSWD} ### ### diff --git a/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/dblib.properties b/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/dblib.properties index a5660522af..0c54883cd2 100644 --- a/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/dblib.properties +++ b/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/dblib.properties @@ -23,11 +23,11 @@ org.onap.ccsdk.sli.dbtype=jdbc org.onap.ccsdk.sli.jdbc.hosts=dbhost -org.onap.ccsdk.sli.jdbc.url=jdbc:mysql://{{.Values.config.mariadbGaleraSVCName}}.{{.Release.Namespace}}:3306/sdnctl +org.onap.ccsdk.sli.jdbc.url=jdbc:mysql://{{.Values.config.mariadbGaleraSVCName}}.{{.Release.Namespace}}:3306/{{.Values.config.sdncdb.dbName}} org.onap.ccsdk.sli.jdbc.driver=org.mariadb.jdbc.Driver -org.onap.ccsdk.sli.jdbc.database=sdnctl -org.onap.ccsdk.sli.jdbc.user=sdnctl -org.onap.ccsdk.sli.jdbc.password=gamma +org.onap.ccsdk.sli.jdbc.database={{.Values.config.sdncdb.dbName}} +org.onap.ccsdk.sli.jdbc.user=${SDNC_DB_USER} +org.onap.ccsdk.sli.jdbc.password=${SDNC_DB_PASSWD} org.onap.ccsdk.sli.jdbc.connection.name=sdnctldb01 org.onap.ccsdk.sli.jdbc.connection.timeout=50 org.onap.ccsdk.sli.jdbc.request.timeout=100 @@ -35,4 +35,3 @@ org.onap.ccsdk.sli.jdbc.limit.init=10 org.onap.ccsdk.sli.jdbc.limit.min=10 org.onap.ccsdk.sli.jdbc.limit.max=20 org.onap.dblib.connection.recovery=false - diff --git a/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/svclogic.properties b/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/svclogic.properties index 5b22ccbba6..7bec30d11e 100644 --- a/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/svclogic.properties +++ b/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/svclogic.properties @@ -21,10 +21,9 @@ org.onap.ccsdk.sli.dbtype = dblib #Note : the next 4 fields are only used if org.onap.ccsdk.sli.dbtype = jdbc -org.onap.ccsdk.sli.jdbc.url=jdbc:mysql://{{.Values.config.mariadbGaleraSVCName}}.{{.Release.Namespace}}:3306/sdnctl -org.onap.ccsdk.sli.jdbc.database=sdnctl -org.onap.ccsdk.sli.jdbc.user=sdnctl -org.onap.ccsdk.sli.jdbc.password=gamma +org.onap.ccsdk.sli.jdbc.url=jdbc:mysql://{{.Values.config.mariadbGaleraSVCName}}.{{.Release.Namespace}}:3306/{{.Values.config.sdncdb.dbName}} +org.onap.ccsdk.sli.jdbc.database={{.Values.config.sdncdb.dbName}} +org.onap.ccsdk.sli.jdbc.user=${SDNC_DB_USER} +org.onap.ccsdk.sli.jdbc.password=${SDNC_DB_PASSWD} org.xml.sax.driver=org.apache.xerces.parsers.SAXParser - diff --git a/kubernetes/appc/resources/config/appc/opt/onap/appc/svclogic/bin/showActiveGraphs.sh b/kubernetes/appc/resources/config/appc/opt/onap/appc/svclogic/bin/showActiveGraphs.sh index 92e8a36f3d..79acc4042c 100755 --- a/kubernetes/appc/resources/config/appc/opt/onap/appc/svclogic/bin/showActiveGraphs.sh +++ b/kubernetes/appc/resources/config/appc/opt/onap/appc/svclogic/bin/showActiveGraphs.sh @@ -20,9 +20,9 @@ # ECOMP is a trademark and service mark of AT&T Intellectual Property. ### -MYSQL_USER=${MYSQL_USER:-sdnctl} -MYSQL_PWD=${MYSQL_PWD:-gamma} -MYSQL_DB=${MYSQL_DB:-sdnctl} +MYSQL_USER=${SDNC_DB_USER} +MYSQL_PWD=${SDNC_DB_PASSWD} +MYSQL_DB={{.Values.config.sdncdb.dbName}} MYSQL_HOST=${MYSQL_HOST:-{{.Values.config.mariadbGaleraSVCName}}.{{.Release.Namespace}}} mysql --user=${MYSQL_USER} --password=${MYSQL_PWD} --host=${MYSQL_HOST} ${MYSQL_DB} <<-END diff --git a/kubernetes/appc/resources/config/appc/opt/onap/appc/svclogic/config/svclogic.properties b/kubernetes/appc/resources/config/appc/opt/onap/appc/svclogic/config/svclogic.properties index 247e1ac7c6..2a4b4328f4 100644 --- a/kubernetes/appc/resources/config/appc/opt/onap/appc/svclogic/config/svclogic.properties +++ b/kubernetes/appc/resources/config/appc/opt/onap/appc/svclogic/config/svclogic.properties @@ -21,8 +21,7 @@ ### org.onap.ccsdk.sli.dbtype = jdbc -org.onap.ccsdk.sli.jdbc.url = jdbc:mysql://{{.Values.config.mariadbGaleraSVCName}}.{{.Release.Namespace}}:3306/sdnctl -org.onap.ccsdk.sli.jdbc.database = sdnctl -org.onap.ccsdk.sli.jdbc.user = sdnctl -org.onap.ccsdk.sli.jdbc.password = gamma - +org.onap.ccsdk.sli.jdbc.url = jdbc:mysql://{{.Values.config.mariadbGaleraSVCName}}.{{.Release.Namespace}}:3306/{{.Values.config.sdncdb.dbName}} +org.onap.ccsdk.sli.jdbc.database = {{.Values.config.sdncdb.dbName}} +org.onap.ccsdk.sli.jdbc.user = ${SDNC_DB_USER} +org.onap.ccsdk.sli.jdbc.password = ${SDNC_DB_PASSWD} diff --git a/kubernetes/appc/resources/config/appc/opt/onap/ccsdk/bin/installSdncDb.sh b/kubernetes/appc/resources/config/appc/opt/onap/ccsdk/bin/installSdncDb.sh index c3e692158c..6e9eef33ac 100755 --- a/kubernetes/appc/resources/config/appc/opt/onap/ccsdk/bin/installSdncDb.sh +++ b/kubernetes/appc/resources/config/appc/opt/onap/ccsdk/bin/installSdncDb.sh @@ -25,9 +25,9 @@ SDNC_HOME=${SDNC_HOME:-/opt/onap/ccsdk} MYSQL_PASSWD=${MYSQL_ROOT_PASSWORD} -SDNC_DB_USER=${SDNC_DB_USER:-sdnctl} -SDNC_DB_PASSWD=${SDNC_DB_PASSWD:-gamma} -SDNC_DB_DATABASE=${SDN_DB_DATABASE:-sdnctl} +SDNC_DB_USER=${SDNC_DB_USER} +SDNC_DB_PASSWD=${SDNC_DB_PASSWD} +SDNC_DB_DATABASE={{.Values.config.sdncdb.dbName}} # Create tablespace and user account @@ -42,5 +42,5 @@ END if [ -f ${SDNC_HOME}/data/odlsli.dump ] then -mysql -h {{.Values.config.mariadbGaleraSVCName}}.{{.Release.Namespace}} -u root -p${MYSQL_PASSWD} sdnctl < ${SDNC_HOME}/data/odlsli.dump +mysql -h {{.Values.config.mariadbGaleraSVCName}}.{{.Release.Namespace}} -u root -p${MYSQL_PASSWD} ${SDNC_DB_DATABASE} < ${SDNC_HOME}/data/odlsli.dump fi diff --git a/kubernetes/appc/resources/config/appc/opt/onap/ccsdk/data/properties/dblib.properties b/kubernetes/appc/resources/config/appc/opt/onap/ccsdk/data/properties/dblib.properties index 6142032642..5d65be7c28 100644 --- a/kubernetes/appc/resources/config/appc/opt/onap/ccsdk/data/properties/dblib.properties +++ b/kubernetes/appc/resources/config/appc/opt/onap/ccsdk/data/properties/dblib.properties @@ -24,11 +24,11 @@ org.onap.ccsdk.sli.dbtype=jdbc org.onap.ccsdk.sli.jdbc.hosts=dbhost -org.onap.ccsdk.sli.jdbc.url=jdbc:mysql://{{.Values.config.mariadbGaleraSVCName}}.{{.Release.Namespace}}:3306/sdnctl +org.onap.ccsdk.sli.jdbc.url=jdbc:mysql://{{.Values.config.mariadbGaleraSVCName}}.{{.Release.Namespace}}:3306/{{.Values.config.sdncdb.dbName}} org.onap.ccsdk.sli.jdbc.driver=org.mariadb.jdbc.Driver -org.onap.ccsdk.sli.jdbc.database=sdnctl -org.onap.ccsdk.sli.jdbc.user=sdnctl -org.onap.ccsdk.sli.jdbc.password=gamma +org.onap.ccsdk.sli.jdbc.database={{.Values.config.sdncdb.dbName}} +org.onap.ccsdk.sli.jdbc.user=${SDNC_DB_USER} +org.onap.ccsdk.sli.jdbc.password=${SDNC_DB_PASSWD} org.onap.ccsdk.sli.jdbc.connection.name=sdnctldb01 org.onap.ccsdk.sli.jdbc.connection.timeout=50 org.onap.ccsdk.sli.jdbc.request.timeout=100 @@ -36,4 +36,3 @@ org.onap.ccsdk.sli.jdbc.limit.init=10 org.onap.ccsdk.sli.jdbc.limit.min=10 org.onap.ccsdk.sli.jdbc.limit.max=20 org.onap.dblib.connection.recovery=false - diff --git a/kubernetes/appc/resources/config/appc/opt/onap/ccsdk/data/properties/svclogic.properties b/kubernetes/appc/resources/config/appc/opt/onap/ccsdk/data/properties/svclogic.properties index ed35d5b4d0..485b935459 100644 --- a/kubernetes/appc/resources/config/appc/opt/onap/ccsdk/data/properties/svclogic.properties +++ b/kubernetes/appc/resources/config/appc/opt/onap/ccsdk/data/properties/svclogic.properties @@ -22,10 +22,9 @@ org.onap.ccsdk.sli.dbtype = dblib #Note : the next 4 fields are only used if org.onap.ccsdk.sli.dbtype = jdbc -org.onap.ccsdk.sli.jdbc.url=jdbc:mysql://{{.Values.config.mariadbGaleraSVCName}}.{{.Release.Namespace}}:3306/sdnctl -org.onap.ccsdk.sli.jdbc.database=sdnctl -org.onap.ccsdk.sli.jdbc.user=sdnctl -org.onap.ccsdk.sli.jdbc.password=gamma +org.onap.ccsdk.sli.jdbc.url=jdbc:mysql://{{.Values.config.mariadbGaleraSVCName}}.{{.Release.Namespace}}:3306/{{.Values.config.sdncdb.dbName}} +org.onap.ccsdk.sli.jdbc.database={{.Values.config.sdncdb.dbName}} +org.onap.ccsdk.sli.jdbc.user=${SDNC_DB_USER} +org.onap.ccsdk.sli.jdbc.password=${SDNC_DB_PASSWD} org.xml.sax.driver=org.apache.xerces.parsers.SAXParser - diff --git a/kubernetes/appc/resources/config/appc/opt/onap/ccsdk/svclogic/bin/showActiveGraphs.sh b/kubernetes/appc/resources/config/appc/opt/onap/ccsdk/svclogic/bin/showActiveGraphs.sh index 698bbb19ed..9359530a1a 100755 --- a/kubernetes/appc/resources/config/appc/opt/onap/ccsdk/svclogic/bin/showActiveGraphs.sh +++ b/kubernetes/appc/resources/config/appc/opt/onap/ccsdk/svclogic/bin/showActiveGraphs.sh @@ -20,12 +20,11 @@ # ============LICENSE_END========================================================= ### -MYSQL_USER=${MYSQL_USER:-sdnctl} -MYSQL_PWD=${MYSQL_PWD:-gamma} -MYSQL_DB=${MYSQL_DB:-sdnctl} +MYSQL_USER=${SDNC_DB_USER} +MYSQL_PWD=${SDNC_DB_PASSWD} +MYSQL_DB={{.Values.config.sdncdb.dbName}} MYSQL_HOST=${MYSQL_HOST:-{{.Values.config.mariadbGaleraSVCName}}.{{.Release.Namespace}}} mysql --user=${MYSQL_USER} --password=${MYSQL_PWD} --host=${MYSQL_HOST} ${MYSQL_DB} <<-END SELECT module, rpc, version, mode from SVC_LOGIC where active='Y'; END - diff --git a/kubernetes/appc/resources/config/appc/opt/onap/ccsdk/svclogic/config/svclogic.properties b/kubernetes/appc/resources/config/appc/opt/onap/ccsdk/svclogic/config/svclogic.properties index 914a4a1813..1ec9f48758 100644 --- a/kubernetes/appc/resources/config/appc/opt/onap/ccsdk/svclogic/config/svclogic.properties +++ b/kubernetes/appc/resources/config/appc/opt/onap/ccsdk/svclogic/config/svclogic.properties @@ -21,8 +21,7 @@ ### org.onap.ccsdk.sli.dbtype = jdbc -org.onap.ccsdk.sli.jdbc.url = jdbc:mysql://{{.Values.config.mariadbGaleraSVCName}}.{{.Release.Namespace}}:3306/sdnctl -org.onap.ccsdk.sli.jdbc.database = sdnctl -org.onap.ccsdk.sli.jdbc.user = sdnctl -org.onap.ccsdk.sli.jdbc.password = gamma - +org.onap.ccsdk.sli.jdbc.url = jdbc:mysql://{{.Values.config.mariadbGaleraSVCName}}.{{.Release.Namespace}}:3306/{{.Values.config.sdncdb.dbName}} +org.onap.ccsdk.sli.jdbc.database = {{.Values.config.sdncdb.dbName}} +org.onap.ccsdk.sli.jdbc.user = ${SDNC_DB_USER} +org.onap.ccsdk.sli.jdbc.password = ${SDNC_DB_PASSWD} diff --git a/kubernetes/appc/templates/statefulset.yaml b/kubernetes/appc/templates/statefulset.yaml index 5ed2970c45..e219c45fe6 100644 --- a/kubernetes/appc/templates/statefulset.yaml +++ b/kubernetes/appc/templates/statefulset.yaml @@ -33,6 +33,41 @@ spec: release: {{ include "common.release" . }} spec: initContainers: + - command: + - sh + args: + - -c + - "cd /config-input && for PFILE in `find . -not -type d | grep -v -F ..`; do envsubst <${PFILE} >/config/${PFILE}; chmod 0755 /config/${PFILE}; done" + env: + - name: APPC_DB_USER + {{- include "common.secret.envFromSecret" (dict "global" . "uid" "appcdb-user-creds" "key" "login") | indent 10 }} + - name: APPC_DB_PASSWD + {{- include "common.secret.envFromSecret" (dict "global" . "uid" "appcdb-user-creds" "key" "password") | indent 10 }} + - name: SDNC_DB_USER + {{- include "common.secret.envFromSecret" (dict "global" . "uid" "sdncdb-user-creds" "key" "login") | indent 10 }} + - name: SDNC_DB_PASSWD + {{- include "common.secret.envFromSecret" (dict "global" . "uid" "sdncdb-user-creds" "key" "password") | indent 10 }} + volumeMounts: + - mountPath: /config-input/appc-data-properties + name: onap-appc-data-properties-input + - mountPath: /config-input/appc-svclogic-config + name: onap-appc-svclogic-config-input + - mountPath: /config-input/sdnc-data-properties + name: onap-sdnc-data-properties-input + - mountPath: /config-input/sdnc-svclogic-config + name: onap-sdnc-svclogic-config-input + - mountPath: /config/appc-data-properties + name: onap-appc-data-properties + - mountPath: /config/appc-svclogic-config + name: onap-appc-svclogic-config + - mountPath: /config/sdnc-data-properties + name: onap-sdnc-data-properties + - mountPath: /config/sdnc-svclogic-config + name: onap-sdnc-svclogic-config + image: "{{ .Values.global.envsubstImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-update-config + - name: {{ include "common.name" . }}-readiness command: - /root/ready.py @@ -70,6 +105,14 @@ spec: env: - name: MYSQL_ROOT_PASSWORD {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-root-pass" "key" "password") | indent 14}} + - name: APPC_DB_USER + {{- include "common.secret.envFromSecret" (dict "global" . "uid" "appcdb-user-creds" "key" "login") | indent 14 }} + - name: APPC_DB_PASSWD + {{- include "common.secret.envFromSecret" (dict "global" . "uid" "appcdb-user-creds" "key" "password") | indent 14 }} + - name: SDNC_DB_USER + {{- include "common.secret.envFromSecret" (dict "global" . "uid" "sdncdb-user-creds" "key" "login") | indent 14 }} + - name: SDNC_DB_PASSWD + {{- include "common.secret.envFromSecret" (dict "global" . "uid" "sdncdb-user-creds" "key" "password") | indent 14 }} - name: SDNC_CONFIG_DIR value: "{{ .Values.config.configDir }}" - name: APPC_CONFIG_DIR @@ -102,7 +145,7 @@ spec: name: onap-appc-data-properties subPath: cadi.properties - mountPath: /opt/onap/appc/data/properties/aaa-app-config.xml - name: onap-appc-data-properties + name: onap-appc-data-properties-input subPath: aaa-app-config.xml - mountPath: /opt/onap/appc/data/properties/bath_config.csv name: onap-appc-data-properties @@ -184,10 +227,10 @@ spec: emptyDir: {} - name: data-filebeat emptyDir: {} - - name: onap-appc-data-properties + - name: onap-appc-data-properties-input configMap: name: {{ include "common.fullname" . }}-onap-appc-data-properties - - name: onap-appc-svclogic-config + - name: onap-appc-svclogic-config-input configMap: name: {{ include "common.fullname" . }}-onap-appc-svclogic-config - name: onap-appc-svclogic-bin @@ -198,10 +241,10 @@ spec: configMap: name: {{ include "common.fullname" . }}-onap-appc-bin defaultMode: 0755 - - name: onap-sdnc-data-properties + - name: onap-sdnc-data-properties-input configMap: name: {{ include "common.fullname" . }}-onap-sdnc-data-properties - - name: onap-sdnc-svclogic-config + - name: onap-sdnc-svclogic-config-input configMap: name: {{ include "common.fullname" . }}-onap-sdnc-svclogic-config - name: onap-sdnc-svclogic-bin @@ -212,6 +255,18 @@ spec: configMap: name: {{ include "common.fullname" . }}-onap-sdnc-bin defaultMode: 0755 + - name: onap-appc-data-properties + emptyDir: + medium: Memory + - name: onap-appc-svclogic-config + emptyDir: + medium: Memory + - name: onap-sdnc-data-properties + emptyDir: + medium: Memory + - name: onap-sdnc-svclogic-config + emptyDir: + medium: Memory {{ if not .Values.persistence.enabled }} - name: {{ include "common.fullname" . }}-data emptyDir: {} diff --git a/kubernetes/appc/values.yaml b/kubernetes/appc/values.yaml index ac96820c35..fd6e31f133 100644 --- a/kubernetes/appc/values.yaml +++ b/kubernetes/appc/values.yaml @@ -22,6 +22,8 @@ global: readinessImage: readiness-check:2.0.0 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 + # envsusbt + envsubstImage: dibi/envsubst persistence: mountPath: /dockerdata-nfs @@ -30,8 +32,23 @@ global: ################################################################# secrets: - uid: "db-root-pass" - externalSecret: '{{- include "common.mariadb.secret.rootPassSecretName" (dict "dot" . "chartName" (index .Values "mariadb-galera" "nameOverride")) }}' + name: '{{ include "common.release" . }}-appc-db-root-pass' + externalSecret: '{{ .Values.config.dbRootPassExternalSecret }}' type: password + password: '{{ .Values.config.dbRootPass }}' + - uid: 'appcdb-user-creds' + name: '{{ include "common.release" . }}-appcdb-user-creds' + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.config.appcdb.userCredentialsExternalSecret) . }}' + login: '{{ .Values.config.appcdb.userName }}' + password: '{{ .Values.config.appcdb.password }}' + - uid: 'sdncdb-user-creds' + name: '{{ include "common.release" . }}-sdncdb-user-creds' + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.config.sdncdb.userCredentialsExternalSecret) . }}' + login: '{{ .Values.config.sdncdb.userName }}' + password: '{{ .Values.config.sdncdb.password }}' + ################################################################# # Application configuration defaults. @@ -47,13 +64,26 @@ debugEnabled: false # application configuration config: +# dbRootPassExternalSecret: some secret +# dbRootPass: password + appcdb: + # Warning: changing this config option may not work. + # It seems that the DB name is hardcoded. + dbName: appcctl + userName: appcctl + password: appcctl + # userCredsExternalSecret: some secret + sdncdb: + # Warning: changing this config option may not work. + # It seems that the DB name is hardcoded. + dbName: sdnctl + userName: sdnctl + password: gamma + # userCredsExternalSecret: some secret odlUid: 100 odlGid: 101 ansibleServiceName: appc-ansible-server ansiblePort: 8000 - userName: my-user - userPassword: my-password - mysqlDatabase: my-database mariadbGaleraSVCName: appc-dbhost mariadbGaleraContName: appc-db enableAAF: true @@ -85,6 +115,8 @@ appc-ansible-server: mariadb-galera: nameOverride: appc-db + config: + mariadbRootPasswordExternalSecret: '{{ include "common.release" . }}-appc-db-root-pass' service: name: appc-dbhost portName: appc-dbhost @@ -98,6 +130,9 @@ mariadb-galera: dgbuilder: nameOverride: appc-dgbuilder config: + db: + rootPasswordExternalSecret: '{{ include "common.release" . }}-appc-db-root-pass' + userCredentialsExternalSecret: '{{ include "common.release" . }}-sdncdb-user-creds' dbPodName: appc-db dbServiceName: appc-dbhost service: |