summaryrefslogtreecommitdiffstats
path: root/kubernetes/clamp/components/clamp-dash-kibana
diff options
context:
space:
mode:
authorChrisC <christophe.closset@intl.att.com>2020-09-11 18:39:23 +0200
committerChrisC <christophe.closset@intl.att.com>2020-09-17 15:15:13 +0200
commit2325efd0b6f8b094f6a801bf55d6ff6f53e9cbfa (patch)
treeca6323d4e590c648b333cfc87122018d3e273323 /kubernetes/clamp/components/clamp-dash-kibana
parent98efeea41f5617760fcc5fdb6718409b69684db9 (diff)
[CLAMP] AAF certificate using certinializer
use of auto-generated certificates via AAF side-car at OOM deployment time for CLAMP. Issue-ID: CLAMP-884 Change-Id: I24f5a119714a5e46c4d0c152c03b6bc545135b8e Signed-off-by: osgn422w <gervais-martial.ngueko@intl.att.com> Signed-off-by: ChrisC <christophe.closset@intl.att.com>
Diffstat (limited to 'kubernetes/clamp/components/clamp-dash-kibana')
-rw-r--r--kubernetes/clamp/components/clamp-dash-kibana/Chart.yaml19
-rw-r--r--kubernetes/clamp/components/clamp-dash-kibana/requirements.yaml19
-rw-r--r--kubernetes/clamp/components/clamp-dash-kibana/resources/config/kibana.yml35
-rw-r--r--kubernetes/clamp/components/clamp-dash-kibana/templates/configmap.yaml36
-rw-r--r--kubernetes/clamp/components/clamp-dash-kibana/templates/deployment.yaml104
-rw-r--r--kubernetes/clamp/components/clamp-dash-kibana/templates/ingress.yaml15
-rw-r--r--kubernetes/clamp/components/clamp-dash-kibana/templates/service.yaml41
-rw-r--r--kubernetes/clamp/components/clamp-dash-kibana/values.yaml122
8 files changed, 391 insertions, 0 deletions
diff --git a/kubernetes/clamp/components/clamp-dash-kibana/Chart.yaml b/kubernetes/clamp/components/clamp-dash-kibana/Chart.yaml
new file mode 100644
index 0000000000..5d897d96eb
--- /dev/null
+++ b/kubernetes/clamp/components/clamp-dash-kibana/Chart.yaml
@@ -0,0 +1,19 @@
+# Copyright © 2017 Amdocs, Bell Canada
+# Modifications Copyright © 2018 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+description: ONAP Clamp Dashboard Kibana
+name: clamp-dash-kibana
+version: 6.0.0
diff --git a/kubernetes/clamp/components/clamp-dash-kibana/requirements.yaml b/kubernetes/clamp/components/clamp-dash-kibana/requirements.yaml
new file mode 100644
index 0000000000..caff1e5dc4
--- /dev/null
+++ b/kubernetes/clamp/components/clamp-dash-kibana/requirements.yaml
@@ -0,0 +1,19 @@
+# Copyright © 2017 Amdocs, Bell Canada
+# Modifications Copyright © 2018 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+dependencies:
+ - name: common
+ version: ~6.x-0
+ repository: '@local'
diff --git a/kubernetes/clamp/components/clamp-dash-kibana/resources/config/kibana.yml b/kubernetes/clamp/components/clamp-dash-kibana/resources/config/kibana.yml
new file mode 100644
index 0000000000..db81e3da00
--- /dev/null
+++ b/kubernetes/clamp/components/clamp-dash-kibana/resources/config/kibana.yml
@@ -0,0 +1,35 @@
+# Copyright © 2020 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.# Default Kibana configuration from kibana-docker.
+
+server.name: "Clamp CL Dashboard"
+server.host: "0"
+# Kibana is served by a back end server. This setting specifies the port to use.
+server.port: {{.Values.service.externalPort}}
+
+server.ssl.enabled: {{.Values.config.sslEnabled}}
+server.ssl.certificate: {{.Values.config.sslPemCertFilePath}}
+server.ssl.key: {{.Values.config.sslPemkeyFilePath}}
+
+# The URL of the Elasticsearch instance to use for all your queries.
+elasticsearch.hosts: ${elasticsearch_base_url}
+
+elasticsearch.ssl.verificationMode: none
+elasticsearch.username: {{.Values.config.elasticUSR}}
+elasticsearch.password: {{.Values.config.elasticPWD}}
+
+elasticsearch.requestHeadersWhitelist: ["securitytenant","Authorization"]
+
+opendistro_security.multitenancy.enabled: true
+opendistro_security.multitenancy.tenants.preferred: ["Private", "Global"]
+opendistro_security.readonly_mode.roles: ["kibana_read_only"] \ No newline at end of file
diff --git a/kubernetes/clamp/components/clamp-dash-kibana/templates/configmap.yaml b/kubernetes/clamp/components/clamp-dash-kibana/templates/configmap.yaml
new file mode 100644
index 0000000000..5d1b32258c
--- /dev/null
+++ b/kubernetes/clamp/components/clamp-dash-kibana/templates/configmap.yaml
@@ -0,0 +1,36 @@
+# Copyright © 2017 Amdocs, Bell Canada
+# Modifications Copyright © 2018 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ include "common.release" . }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "common.fullname" . }}-aaf-pem-keys
+ namespace: {{ include "common.namespace" . }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/certs/*").AsSecrets . | indent 2 }}
diff --git a/kubernetes/clamp/components/clamp-dash-kibana/templates/deployment.yaml b/kubernetes/clamp/components/clamp-dash-kibana/templates/deployment.yaml
new file mode 100644
index 0000000000..0e5f65cabb
--- /dev/null
+++ b/kubernetes/clamp/components/clamp-dash-kibana/templates/deployment.yaml
@@ -0,0 +1,104 @@
+# Copyright © 2017 Amdocs, Bell Canada
+# Modifications Copyright © 2018 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ include "common.release" . }}
+ heritage: {{ .Release.Service }}
+spec:
+ replicas: {{ .Values.replicaCount }}
+ selector:
+ matchLabels:
+ app: {{ include "common.name" . }}
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ include "common.release" . }}
+ spec:
+ initContainers:
+ - command:
+ - /app/ready.py
+ args:
+ - --container-name
+ - clamp-dash-es
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ name: {{ include "common.name" . }}-readiness
+ containers:
+ - name: {{ include "common.name" . }}
+ image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ ports:
+ - containerPort: {{ .Values.service.internalPort }}
+ name: {{ include "common.servicename" . }}
+ readinessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.readiness.periodSeconds }}
+# disable liveness probe when breakpoints set in debugger
+ # so K8s doesn't restart unresponsive container
+ {{- if eq .Values.liveness.enabled true }}
+ livenessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ {{ end -}}
+ env:
+ - name: elasticsearch_base_url
+ value: "{{ternary "https" "http" .Values.security.ssl.enabled}}://{{.Values.config.elasticsearchServiceName}}.{{.Release.Namespace}}.svc.cluster.local:{{.Values.config.elasticsearchPort}}"
+ volumeMounts:
+ - mountPath: /etc/localtime
+ name: localtime
+ readOnly: true
+ - mountPath: /usr/share/kibana/config/kibana.yml
+ name: {{ include "common.fullname" . }}
+ subPath: kibana.yml
+ resources:
+{{ include "common.resources" . | indent 12 }}
+ {{- if .Values.nodeSelector }}
+ nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 10 }}
+ {{- end -}}
+ {{- if .Values.affinity }}
+ affinity:
+{{ toYaml .Values.affinity | indent 10 }}
+ {{- end }}
+ volumes:
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+ - name: {{ include "common.fullname" . }}
+ configMap:
+ name: {{ include "common.fullname" . }}
+ items:
+ - key: kibana.yml
+ path: kibana.yml
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/clamp/components/clamp-dash-kibana/templates/ingress.yaml b/kubernetes/clamp/components/clamp-dash-kibana/templates/ingress.yaml
new file mode 100644
index 0000000000..0cd8cfbd36
--- /dev/null
+++ b/kubernetes/clamp/components/clamp-dash-kibana/templates/ingress.yaml
@@ -0,0 +1,15 @@
+# Copyright © 2020 Samsung, Orange
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+{{ include "common.ingress" . }}
diff --git a/kubernetes/clamp/components/clamp-dash-kibana/templates/service.yaml b/kubernetes/clamp/components/clamp-dash-kibana/templates/service.yaml
new file mode 100644
index 0000000000..07d4a8f8ea
--- /dev/null
+++ b/kubernetes/clamp/components/clamp-dash-kibana/templates/service.yaml
@@ -0,0 +1,41 @@
+# Copyright © 2017 Amdocs, Bell Canada
+# Modifications Copyright © 2018 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "common.servicename" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ include "common.release" . }}
+ heritage: {{ .Release.Service }}
+ annotations:
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ {{if eq .Values.service.type "NodePort" -}}
+ - port: {{ .Values.service.externalPort }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ name: {{ .Values.config.portName }}
+ {{- else -}}
+ - port: {{ .Values.service.externalPort }}
+ targetPort: {{ .Values.service.internalPort }}
+ name: {{ .Values.config.portName }}
+ {{- end}}
+ selector:
+ app: {{ include "common.name" . }}
+ release: {{ include "common.release" . }}
diff --git a/kubernetes/clamp/components/clamp-dash-kibana/values.yaml b/kubernetes/clamp/components/clamp-dash-kibana/values.yaml
new file mode 100644
index 0000000000..11f29570bd
--- /dev/null
+++ b/kubernetes/clamp/components/clamp-dash-kibana/values.yaml
@@ -0,0 +1,122 @@
+# Copyright © 2017 Amdocs, Bell Canada
+# Modifications Copyright © 2018 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ nodePortPrefix: 302
+ repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ==
+ readinessImage: onap/oom/readiness:3.0.1
+ persistence: {}
+flavor: small
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+
+# BusyBox image
+busyboxRepository: registry.hub.docker.com
+busyboxImage: library/busybox:latest
+
+# application image
+repository: nexus3.onap.org:10001
+image: onap/clamp-dashboard-kibana:5.0.3
+pullPolicy: Always
+
+# flag to enable debugging - application support required
+debugEnabled: false
+
+# application configuration
+#the 'sslEnabled flag' here below is for the kibana UI connection (web browser connection to kibana)
+config:
+ elasticsearchServiceName: cdash-es
+ elasticsearchPort: 9200
+ elasticUSR: kibanaserver
+ elasticPWD: kibanaserver
+ sslEnabled: true
+ sslPemCertFilePath: /usr/share/kibana/config/keystore/org.onap.clamp.crt.pem
+ sslPemkeyFilePath: /usr/share/kibana/config/keystore/org.onap.clamp.key.pem
+
+# default number of instances
+replicaCount: 1
+
+nodeSelector: {}
+
+affinity: {}
+
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 360
+ periodSeconds: 30
+ # necessary to disable liveness probe when setting breakpoints
+ # in debugger so K8s doesn't restart unresponsive container
+ enabled: true
+
+readiness:
+ initialDelaySeconds: 360
+ periodSeconds: 30
+
+#internal ssl security scheme for elasticsearch connection mainly
+security:
+ ssl:
+ enabled: true
+
+service:
+ #Example service definition with external, internal and node ports.
+ #Services may use any combination of ports depending on the 'type' of
+ #service being defined.
+ type: NodePort
+ name: cdash-kibana
+ portName: cdash-kibana-http
+ externalPort: 5601
+ internalPort: 5601
+ nodePort: 90
+ingress:
+ enabled: false
+ service:
+ - baseaddr: "cdash-kibana"
+ name: "cdash-kibana"
+ port: 5601
+ config:
+ ssl: "redirect"
+
+#resources: {}
+ # We usually recommend not to specify default resources and to leave this as a conscious
+ # choice for the user. This also increases chances charts run on environments with little
+ # resources, such as Minikube. If you do want to specify resources, uncomment the following
+ # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+ #
+ # Example:
+ # Configure resource requests and limits
+ # ref: http://kubernetes.io/docs/user-guide/compute-resources/
+ # Minimum memory for development is 2 CPU cores and 4GB memory
+ # Minimum memory for production is 4 CPU cores and 8GB memory
+resources:
+ small:
+ limits:
+ cpu: 1
+ memory: 2Gi
+ requests:
+ cpu: 10m
+ memory: 750Mi
+ large:
+ limits:
+ cpu: 1
+ memory: 2Gi
+ requests:
+ cpu: 10m
+ memory: 750Mi
+ unlimited: {}