diff options
| author |   Andreas Geissler <andreas-geissler@telekom.de> | 2023-05-17 16:55:06 +0200 |
|---|---|---|
| committer | Andreas Geissler <andreas-geissler@telekom.de> | 2023-05-24 13:22:40 +0200 |
| commit | b02ece8cc20c610c82fbb09dd0e54e58ce22c93e (patch) | |
| tree | d9756eddc355d46de94597a1513b5988e369627f /kubernetes/contrib | |
| parent | 10024a30f97cdb5742dced3f260a8feab094633b (diff) | |
[COMMON] Remove not supported components
Remove the following component charts:
- AAF
- CONSUL
- CONTRIB
- PORTAL
- LOG
- SNIRO-EMULATOR
correct the helm deploy plugin
Issue-ID: OOM-3074
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: I93cd32d9a9dabbc4cdeda63d8c7b669a79cdea8a
Diffstat (limited to 'kubernetes/contrib')
94 files changed, 0 insertions, 7504 deletions
diff --git a/kubernetes/contrib/.gitignore b/kubernetes/contrib/.gitignore deleted file mode 100644 index 7020381894..0000000000 --- a/kubernetes/contrib/.gitignore +++ /dev/null @@ -1 +0,0 @@ -components/dist diff --git a/kubernetes/contrib/.helmignore b/kubernetes/contrib/.helmignore deleted file mode 100644 index 68ffb32406..0000000000 --- a/kubernetes/contrib/.helmignore +++ /dev/null @@ -1 +0,0 @@ -components/ diff --git a/kubernetes/contrib/Chart.yaml b/kubernetes/contrib/Chart.yaml deleted file mode 100755 index b8e3f69c0e..0000000000 --- a/kubernetes/contrib/Chart.yaml +++ /dev/null @@ -1,40 +0,0 @@ -# Copyright © 2017 Bell Canada -# Modifications Copyright © 2021 Orange -# Modifications Copyright © 2021 Nordix Foundation -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v2 -description: ONAP optional tools -name: contrib -version: 12.0.0 - -dependencies: - - name: common - version: ~12.x-0 - repository: '@local' - - name: awx - version: ~12.x-0 - repository: 'file://components/awx' - condition: awx.enabled - - name: ejbca - version: ~12.x-0 - repository: 'file://components/ejbca' - condition: global.cmpv2Enabled - - name: netbox - version: ~12.x-0 - repository: 'file://components/netbox' - condition: netbox.enabled - - name: repositoryGenerator - version: ~12.x-0 - repository: '@local'
\ No newline at end of file diff --git a/kubernetes/contrib/Makefile b/kubernetes/contrib/Makefile deleted file mode 100644 index c3bbfa57b9..0000000000 --- a/kubernetes/contrib/Makefile +++ /dev/null @@ -1,58 +0,0 @@ -# Copyright © 2020 Samsung Electronics -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST)))) -OUTPUT_DIR := $(ROOT_DIR)/../../dist -PACKAGE_DIR := $(OUTPUT_DIR)/packages -SECRET_DIR := $(OUTPUT_DIR)/secrets - -EXCLUDES := dns-server-for-vhost-ingress-testing ingress-nginx-post-inst metallb-loadbalancer-inst tools -HELM_BIN := helm -ifneq ($(SKIP_LINT),TRUE) - HELM_LINT_CMD := $(HELM_BIN) lint -else - HELM_LINT_CMD := echo "Skipping linting of" -endif - -HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.)))) - -.PHONY: $(EXCLUDES) $(HELM_CHARTS) - -all: $(HELM_CHARTS) - -$(HELM_CHARTS): - @echo "\n[$@]" - @make package-$@ - -make-%: - @if [ -f $*/Makefile ]; then make -C $*; fi - -dep-%: make-% - @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) dep up $*; fi - -lint-%: dep-% - @if [ -f $*/Chart.yaml ]; then $(HELM_LINT_CMD) $*; fi - -package-%: lint-% - @mkdir -p $(PACKAGE_DIR) - @if [ -f $*/Chart.yaml ]; then PACKAGE_NAME=$$($(HELM_BIN) package -d $(PACKAGE_DIR) $* | cut -d":" -f2) && $(HELM_BIN) cm-push -f $$PACKAGE_NAME local; fi - @sleep 3 - #@$(HELM_BIN) repo index $(PACKAGE_DIR) - -clean: - @rm -f */Chart.lock - @rm -f *tgz */charts/*tgz - @rm -rf $(PACKAGE_DIR) -%: - @: diff --git a/kubernetes/contrib/components/Makefile b/kubernetes/contrib/components/Makefile deleted file mode 100644 index 9544d70f33..0000000000 --- a/kubernetes/contrib/components/Makefile +++ /dev/null @@ -1,58 +0,0 @@ -# Copyright © 2020 Samsung Electronics -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST)))) -OUTPUT_DIR := $(ROOT_DIR)/../../dist -PACKAGE_DIR := $(OUTPUT_DIR)/packages -SECRET_DIR := $(OUTPUT_DIR)/secrets - -EXCLUDES := -HELM_BIN := helm -ifneq ($(SKIP_LINT),TRUE) - HELM_LINT_CMD := $(HELM_BIN) lint -else - HELM_LINT_CMD := echo "Skipping linting of" -endif - -HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.)))) - -.PHONY: $(EXCLUDES) $(HELM_CHARTS) - -all: $(HELM_CHARTS) - -$(HELM_CHARTS): - @echo "\n[$@]" - @make package-$@ - -make-%: - @if [ -f $*/Makefile ]; then make -C $*; fi - -dep-%: make-% - @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) dep up $*; fi - -lint-%: dep-% - @if [ -f $*/Chart.yaml ]; then $(HELM_LINT_CMD) $*; fi - -package-%: lint-% - @mkdir -p $(PACKAGE_DIR) - @if [ -f $*/Chart.yaml ]; then PACKAGE_NAME=$$($(HELM_BIN) package -d $(PACKAGE_DIR) $* | cut -d":" -f2) && $(HELM_BIN) cm-push -f $$PACKAGE_NAME local; fi - @sleep 3 - #@$(HELM_BIN) repo index $(PACKAGE_DIR) - -clean: - @rm -f */Chart.lock - @rm -f *tgz */charts/*tgz - @rm -rf $(PACKAGE_DIR) -%: - @: diff --git a/kubernetes/contrib/components/awx/Chart.yaml b/kubernetes/contrib/components/awx/Chart.yaml deleted file mode 100755 index 38689dee53..0000000000 --- a/kubernetes/contrib/components/awx/Chart.yaml +++ /dev/null @@ -1,36 +0,0 @@ -# Copyright © 2019 Bell Canada -# Modifications Copyright © 2021 Orange -# Modifications Copyright © 2021 Nordix Foundation -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v2 -description: Ansible AWX -name: awx -sources: - - https://github.com/ansible/awx -version: 12.0.0 - -dependencies: - - name: common - version: ~12.x-0 - repository: '@local' - - name: repositoryGenerator - version: ~12.x-0 - repository: '@local' - - name: awx-postgres - version: ~12.x-0 - repository: 'file://components/awx-postgres' - - name: serviceAccount - version: ~12.x-0 - repository: '@local'
\ No newline at end of file diff --git a/kubernetes/contrib/components/awx/Makefile b/kubernetes/contrib/components/awx/Makefile deleted file mode 100644 index ef273d0e9b..0000000000 --- a/kubernetes/contrib/components/awx/Makefile +++ /dev/null @@ -1,58 +0,0 @@ -# Copyright © 2020 Samsung Electronics -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST)))) -OUTPUT_DIR := $(ROOT_DIR)/../dist -PACKAGE_DIR := $(OUTPUT_DIR)/packages -SECRET_DIR := $(OUTPUT_DIR)/secrets - -EXCLUDES := dist resources templates charts docker -HELM_BIN := helm -ifneq ($(SKIP_LINT),TRUE) - HELM_LINT_CMD := $(HELM_BIN) lint -else - HELM_LINT_CMD := echo "Skipping linting of" -endif - -HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.)))) - -.PHONY: $(EXCLUDES) $(HELM_CHARTS) - -all: $(HELM_CHARTS) - -$(HELM_CHARTS): - @echo "\n[$@]" - @make package-$@ - -make-%: - @if [ -f $*/Makefile ]; then make -C $*; fi - -dep-%: make-% - @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) dep up $*; fi - -lint-%: dep-% - @if [ -f $*/Chart.yaml ]; then $(HELM_LINT_CMD) $*; fi - -package-%: lint-% - @mkdir -p $(PACKAGE_DIR) - @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) package -d $(PACKAGE_DIR) $*; fi - @sleep 3 - #@$(HELM_BIN) repo index $(PACKAGE_DIR) - -clean: - @rm -f */Chart.lock - @rm -f *tgz */charts/*tgz - @rm -rf $(PACKAGE_DIR) -%: - @: diff --git a/kubernetes/contrib/components/awx/components/Makefile b/kubernetes/contrib/components/awx/components/Makefile deleted file mode 100644 index 79ba2fb47e..0000000000 --- a/kubernetes/contrib/components/awx/components/Makefile +++ /dev/null @@ -1,58 +0,0 @@ -# Copyright © 2020 Samsung Electronics -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST)))) -OUTPUT_DIR := $(ROOT_DIR)/../../dist -PACKAGE_DIR := $(OUTPUT_DIR)/packages -SECRET_DIR := $(OUTPUT_DIR)/secrets - -EXCLUDES := -HELM_BIN := helm -ifneq ($(SKIP_LINT),TRUE) - HELM_LINT_CMD := $(HELM_BIN) lint -else - HELM_LINT_CMD := echo "Skipping linting of" -endif - -HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.)))) - -.PHONY: $(EXCLUDES) $(HELM_CHARTS) - -all: $(HELM_CHARTS) - -$(HELM_CHARTS): - @echo "\n[$@]" - @make package-$@ - -make-%: - @if [ -f $*/Makefile ]; then make -C $*; fi - -dep-%: make-% - @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) dep up $*; fi - -lint-%: dep-% - @if [ -f $*/Chart.yaml ]; then $(HELM_LINT_CMD) $*; fi - -package-%: lint-% - @mkdir -p $(PACKAGE_DIR) - @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) package -d $(PACKAGE_DIR) $*; fi - @sleep 3 - #@$(HELM_BIN) repo index $(PACKAGE_DIR) - -clean: - @rm -f */Chart.lock - @rm -f *tgz */charts/*tgz - @rm -rf $(PACKAGE_DIR) -%: - @: diff --git a/kubernetes/contrib/components/awx/components/awx-postgres/Chart.yaml b/kubernetes/contrib/components/awx/components/awx-postgres/Chart.yaml deleted file mode 100755 index 7d6045642f..0000000000 --- a/kubernetes/contrib/components/awx/components/awx-postgres/Chart.yaml +++ /dev/null @@ -1,31 +0,0 @@ -# Copyright © 2019 Bell Canada -# Modifications Copyright © 2021 Orange -# Modifications Copyright © 2021 Nordix Foundation -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v2 -description: Ansible AWX database -name: awx-postgres -version: 12.0.0 - -dependencies: - - name: common - version: ~12.x-0 - repository: '@local' - - name: repositoryGenerator - version: ~12.x-0 - repository: '@local' - - name: serviceAccount - version: ~12.x-0 - repository: '@local' diff --git a/kubernetes/contrib/components/awx/components/awx-postgres/templates/NOTES.txt b/kubernetes/contrib/components/awx/components/awx-postgres/templates/NOTES.txt deleted file mode 100755 index 3ab092e848..0000000000 --- a/kubernetes/contrib/components/awx/components/awx-postgres/templates/NOTES.txt +++ /dev/null @@ -1,33 +0,0 @@ -# Copyright © 2019 Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -1. Get the application URL by running these commands: -{{- if .Values.ingress.enabled }} -{{- range .Values.ingress.hosts }} - http://{{ . }} -{{- end }} -{{- else if contains "NodePort" .Values.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT -{{- else if contains "LoadBalancer" .Values.service.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - echo http://$SERVICE_IP:{{ .Values.service.externalPort }} -{{- else if contains "ClusterIP" .Values.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - echo "Visit http://127.0.0.1:8080 to use your application" - kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} -{{- end }} diff --git a/kubernetes/contrib/components/awx/components/awx-postgres/templates/deployment.yaml b/kubernetes/contrib/components/awx/components/awx-postgres/templates/deployment.yaml deleted file mode 100755 index 61c0457712..0000000000 --- a/kubernetes/contrib/components/awx/components/awx-postgres/templates/deployment.yaml +++ /dev/null @@ -1,89 +0,0 @@ -{{/* -# Copyright © 2019 Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - replicas: {{ .Values.replicaCount }} - selector: - matchLabels: - app: {{ include "common.name" . }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} - spec: - containers: - - name: {{ include "common.name" . }} - image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - ports: - - containerPort: {{ .Values.service.internalPort }} - readinessProbe: - exec: - command: - - /bin/sh - - -i - - -c - - psql -h 127.0.0.1 -U $POSTGRES_USER -q -d {{ .Values.config.postgresDB }} - -c 'SELECT 1' - initialDelaySeconds: 5 - timeoutSeconds: 1 - env: - - name: POSTGRES_USER - value: "{{ .Values.config.postgresUser }}" - - name: POSTGRES_PASSWORD - value: "{{ .Values.config.postgresPassword }}" - - name: POSTGRES_DB - value: "{{ .Values.config.postgresDB }}" - volumeMounts: - - mountPath: /etc/localtime - name: localtime - readOnly: true - - name: {{ include "common.fullname" . }}-data - mountPath: /var/lib/postgresql/ - resources: {{ include "common.resources" . | nindent 10 }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 10 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 10 }} - {{- end }} - serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} - volumes: - - name: localtime - hostPath: - path: /etc/localtime - {{- if .Values.persistence.enabled }} - - name: {{ include "common.fullname" . }}-data - persistentVolumeClaim: - claimName: {{ include "common.fullname" . }} - {{- else }} - emptyDir: {} - {{- end }} - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/contrib/components/awx/components/awx-postgres/templates/pv.yaml b/kubernetes/contrib/components/awx/components/awx-postgres/templates/pv.yaml deleted file mode 100755 index bfe63abafe..0000000000 --- a/kubernetes/contrib/components/awx/components/awx-postgres/templates/pv.yaml +++ /dev/null @@ -1,40 +0,0 @@ -{{/* -# Copyright © 2019 Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} -{{- if eq "True" (include "common.needPV" .) -}} -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ include "common.release" . }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }} -spec: - capacity: - storage: {{ .Values.persistence.size}} - accessModes: - - {{ .Values.persistence.accessMode }} - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} - storageClassName: "{{ include "common.fullname" . }}-data" - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ include "common.release" . }}/{{ .Values.persistence.mountSubPath }} -{{- end -}} -{{- end -}} diff --git a/kubernetes/contrib/components/awx/components/awx-postgres/templates/pvc.yaml b/kubernetes/contrib/components/awx/components/awx-postgres/templates/pvc.yaml deleted file mode 100755 index e12dabf175..0000000000 --- a/kubernetes/contrib/components/awx/components/awx-postgres/templates/pvc.yaml +++ /dev/null @@ -1,39 +0,0 @@ -{{/* -# Copyright © 2019 Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ include "common.release" . }}" - heritage: "{{ .Release.Service }}" -{{- if .Values.persistence.annotations }} - annotations: -{{ .Values.persistence.annotations | indent 4 }} -{{- end }} -spec: - accessModes: - - {{ .Values.persistence.accessMode }} - storageClassName: {{ include "common.storageClass" . }} - resources: - requests: - storage: {{ .Values.persistence.size }} -{{- end -}} diff --git a/kubernetes/contrib/components/awx/components/awx-postgres/templates/service.yaml b/kubernetes/contrib/components/awx/components/awx-postgres/templates/service.yaml deleted file mode 100755 index f560417425..0000000000 --- a/kubernetes/contrib/components/awx/components/awx-postgres/templates/service.yaml +++ /dev/null @@ -1,42 +0,0 @@ -{{/* -# Copyright © 2019 Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - type: {{ .Values.service.type }} - ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - {{- end}} - selector: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} diff --git a/kubernetes/contrib/components/awx/components/awx-postgres/values.yaml b/kubernetes/contrib/components/awx/components/awx-postgres/values.yaml deleted file mode 100755 index a6dc5ff90a..0000000000 --- a/kubernetes/contrib/components/awx/components/awx-postgres/values.yaml +++ /dev/null @@ -1,88 +0,0 @@ -# Copyright © 2019 Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Default values for mariadb. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. - -global: # global defaults - nodePortPrefixExt: 304 - persistence: {} - -# application image -image: postgres:10.4-alpine -pullPolicy: Always - -# application configuration -config: - postgresUser: awx - postgresPassword: awx - postgresDB: awx - -ingress: - enabled: false - -# default number of instances -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 10 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 10 - periodSeconds: 10 - -## Persist data to a persitent volume -persistence: - enabled: true - volumeReclaimPolicy: Retain - - # Uncomment the storageClass parameter to use an existing PV - # that will match the following class. - # When uncomment the storageClass, the PV is not created anymore. - - # storageClass: "nfs-dev-sc" - - accessMode: ReadWriteOnce - size: 1Gi - - # When using storage class, mountPath and mountSubPath are - # simply ignored. - - mountPath: /dockerdata-nfs - mountSubPath: awx/pgdata - -service: - type: ClusterIP - name: awx-postgresql - portName: tcp-postgresql - internalPort: 5432 - externalPort: 5432 - -resources: {} - -#Pods Service Account -serviceAccount: - nameOverride: awx-postgres - roles: - - read diff --git a/kubernetes/contrib/components/awx/resources/config/credentials.py b/kubernetes/contrib/components/awx/resources/config/credentials.py deleted file mode 100644 index 85808d10d4..0000000000 --- a/kubernetes/contrib/components/awx/resources/config/credentials.py +++ /dev/null @@ -1,38 +0,0 @@ -{{/* -# Copyright © 2019 Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -DATABASES = { - 'default': { - 'ATOMIC_REQUESTS': True, - 'ENGINE': 'awx.main.db.profiled_pg', - 'NAME': "{{ .Values.config.postgresDB }}", - 'USER': "{{ .Values.config.postgresUser }}", - 'PASSWORD': "{{ .Values.config.postgresPassword }}", - 'HOST': "awx-postgresql", - 'PORT': "5432", - } -} -BROKER_URL = 'amqp://{}:{}@{}:{}/{}'.format( - "{{ .Values.config.rabbitmqUser }}", - "{{ .Values.config.rabbitmqPassword }}", - "localhost", - "5672", - "{{ .Values.config.rabbitmqVhost }}") -CHANNEL_LAYERS = { - 'default': {'BACKEND': 'asgi_amqp.AMQPChannelLayer', - 'ROUTING': 'awx.main.routing.channel_routing', - 'CONFIG': {'url': BROKER_URL}} -}
\ No newline at end of file diff --git a/kubernetes/contrib/components/awx/resources/config/environment.sh b/kubernetes/contrib/components/awx/resources/config/environment.sh deleted file mode 100644 index cbfe2857ba..0000000000 --- a/kubernetes/contrib/components/awx/resources/config/environment.sh +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh - -{{/* -# Copyright © 2019 Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -DATABASE_USER={{ .Values.config.postgresUser }} -DATABASE_NAME={{ .Values.config.postgresDB }} -DATABASE_HOST=awx-postgresql -DATABASE_PORT=5432 -DATABASE_PASSWORD={{ .Values.config.postgresPassword }} -MEMCACHED_HOST=localhost -RABBITMQ_HOST=localhost -AWX_ADMIN_USER={{ .Values.config.awxAdminUser }} -AWX_ADMIN_PASSWORD={{ .Values.config.awxAdminPassword }}
\ No newline at end of file diff --git a/kubernetes/contrib/components/awx/templates/configmap.yaml b/kubernetes/contrib/components/awx/templates/configmap.yaml deleted file mode 100644 index 59900f1c64..0000000000 --- a/kubernetes/contrib/components/awx/templates/configmap.yaml +++ /dev/null @@ -1,238 +0,0 @@ -{{/* -# Copyright © 2019 Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-init-mgnt - namespace: {{ include "common.namespace" . }} -data: - entrypoint: | - #/bin/sh - - awx-manage migrate --noinput - if [[ `echo 'from django.contrib.auth.models import User; nsu = User.objects.filter(is_superuser=True).count(); exit(0 if nsu > 0 else 1)' | awx-manage shell` > 0 ]] - then - echo 'from django.contrib.auth.models import User; User.objects.create_superuser('{{ .Values.config.awxAdminUser }}', '{{ .Values.config.awxAdminEmail }}', '{{ .Values.config.awxAdminPassword }}')' | awx-manage shell - awx-manage update_password --username='{{ .Values.config.awxAdminUser }}' --password='{{ .Values.config.awxAdminPassword }}' - fi ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-settings - namespace: {{ include "common.namespace" . }} -data: - awx_settings: | - import os - import socket - ADMINS = () - - AWX_PROOT_ENABLED = True - - # Automatically deprovision pods that go offline - AWX_AUTO_DEPROVISION_INSTANCES = True - - SYSTEM_TASK_ABS_CPU = 6 - SYSTEM_TASK_ABS_MEM = 20 - - INSIGHTS_URL_BASE = "https://example.org" - - #Autoprovisioning should replace this - CLUSTER_HOST_ID = socket.gethostname() - SYSTEM_UUID = '00000000-0000-0000-0000-000000000000' - - SESSION_COOKIE_SECURE = False - CSRF_COOKIE_SECURE = False - - REMOTE_HOST_HEADERS = ['HTTP_X_FORWARDED_FOR'] - - STATIC_ROOT = '/var/lib/awx/public/static' - PROJECTS_ROOT = '/var/lib/awx/projects' - JOBOUTPUT_ROOT = '/var/lib/awx/job_status' - SECRET_KEY = open('/etc/tower/SECRET_KEY', 'rb').read().strip() - ALLOWED_HOSTS = ['*'] - INTERNAL_API_URL = 'http://127.0.0.1:8052' - SERVER_EMAIL = 'root@localhost' - DEFAULT_FROM_EMAIL = 'webmaster@localhost' - EMAIL_SUBJECT_PREFIX = '[AWX] ' - EMAIL_HOST = 'localhost' - EMAIL_PORT = 25 - EMAIL_HOST_USER = '' - EMAIL_HOST_PASSWORD = '' - EMAIL_USE_TLS = False - - LOGGING['handlers']['console'] = { - '()': 'logging.StreamHandler', - 'level': 'DEBUG', - 'formatter': 'simple', - } - - LOGGING['loggers']['django.request']['handlers'] = ['console'] - LOGGING['loggers']['rest_framework.request']['handlers'] = ['console'] - LOGGING['loggers']['awx']['handlers'] = ['console'] - LOGGING['loggers']['awx.main.commands.run_callback_receiver']['handlers'] = ['console'] - LOGGING['loggers']['awx.main.commands.inventory_import']['handlers'] = ['console'] - LOGGING['loggers']['awx.main.tasks']['handlers'] = ['console'] - LOGGING['loggers']['awx.main.scheduler']['handlers'] = ['console'] - LOGGING['loggers']['django_auth_ldap']['handlers'] = ['console'] - LOGGING['loggers']['social']['handlers'] = ['console'] - LOGGING['loggers']['system_tracking_migrations']['handlers'] = ['console'] - LOGGING['loggers']['rbac_migrations']['handlers'] = ['console'] - LOGGING['loggers']['awx.isolated.manager.playbooks']['handlers'] = ['console'] - LOGGING['handlers']['callback_receiver'] = {'class': 'logging.NullHandler'} - LOGGING['handlers']['task_system'] = {'class': 'logging.NullHandler'} - LOGGING['handlers']['tower_warnings'] = {'class': 'logging.NullHandler'} - LOGGING['handlers']['rbac_migrations'] = {'class': 'logging.NullHandler'} - LOGGING['handlers']['system_tracking_migrations'] = {'class': 'logging.NullHandler'} - LOGGING['handlers']['management_playbooks'] = {'class': 'logging.NullHandler'} - - CACHES = { - 'default': { - 'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache', - 'LOCATION': '{}:{}'.format("localhost", "11211") - }, - 'ephemeral': { - 'BACKEND': 'django.core.cache.backends.locmem.LocMemCache', - }, - } - - USE_X_FORWARDED_PORT = True ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-rabbitmq - namespace: {{ include "common.namespace" . }} -data: - enabled_plugins: | - [rabbitmq_management,rabbitmq_peer_discovery_k8s]. - rabbitmq.conf: | - ## Clustering - management.load_definitions = /etc/rabbitmq/rabbitmq_definitions.json - cluster_formation.peer_discovery_backend = rabbit_peer_discovery_k8s - cluster_formation.k8s.host = kubernetes.default.svc - cluster_formation.k8s.address_type = ip - cluster_formation.node_cleanup.interval = 10 - cluster_formation.node_cleanup.only_log_warning = false - cluster_partition_handling = autoheal - ## queue master locator - queue_master_locator=min-masters - ## enable guest user - loopback_users.guest = false - rabbitmq_definitions.json: | - { - "users":[{"name": "{{ .Values.config.rabbitmqUser }}", "password": "{{ .Values.config.rabbitmqPassword }}", "tags": ""}], - "permissions":[ - {"user":"{{ .Values.config.rabbitmqUser }}","vhost":"{{ .Values.config.rabbitmqVhost }}","configure":".*","write":".*","read":".*"} - ], - "vhosts":[{"name":"{{ .Values.config.rabbitmqVhost }}"}], - "policies":[ - {"vhost":"{{ .Values.config.rabbitmqVhost }}","name":"ha-all","pattern":".*","definition":{"ha-mode":"all","ha-sync-mode":"automatic"}} - ] - } ---- - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-nginx-conf - namespace: {{ include "common.namespace" . }} - labels: - app.kubernetes.io/name: {{ include "common.name" . }} - helm.sh/chart: {{ include "common.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} -data: - nginx.conf: | - worker_processes 1; - pid /tmp/nginx.pid; - events { - worker_connections 1024; - } - http { - include /etc/nginx/mime.types; - default_type application/octet-stream; - server_tokens off; - log_format main '$remote_addr - $remote_user [$time_local] "$request" ' - '$status $body_bytes_sent "$http_referer" ' - '"$http_user_agent" "$http_x_forwarded_for"'; - access_log /dev/stdout main; - map $http_upgrade $connection_upgrade { - default upgrade; - '' close; - } - sendfile on; - #tcp_nopush on; - #gzip on; - upstream uwsgi { - server 127.0.0.1:8050; - } - upstream daphne { - server 127.0.0.1:8051; - } - server { - listen 8052 default_server; - # If you have a domain name, this is where to add it - server_name _; - keepalive_timeout 65; - # HSTS (ngx_http_headers_module is required) (15768000 seconds = 6 months) - add_header Strict-Transport-Security max-age=15768000; - add_header Content-Security-Policy "default-src 'self'; connect-src 'self' ws: wss:; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.pendo.io; img-src 'self' *.pendo.io data:; report-uri /csp-violation/"; - add_header X-Content-Security-Policy "default-src 'self'; connect-src 'self' ws: wss:; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.pendo.io; img-src 'self' *.pendo.io data:; report-uri /csp-violation/"; - # Protect against click-jacking https://www.owasp.org/index.php/Testing_for_Clickjacking_(OTG-CLIENT-009) - add_header X-Frame-Options "DENY"; - location /nginx_status { - stub_status on; - access_log off; - allow 127.0.0.1; - deny all; - } - location /static/ { - alias /var/lib/awx/public/static/; - } - location /favicon.ico { alias /var/lib/awx/public/static/favicon.ico; } - location /websocket { - # Pass request to the upstream alias - proxy_pass http://daphne; - # Require http version 1.1 to allow for upgrade requests - proxy_http_version 1.1; - # We want proxy_buffering off for proxying to websockets. - proxy_buffering off; - # http://en.wikipedia.org/wiki/X-Forwarded-For - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - # enable this if you use HTTPS: - proxy_set_header X-Forwarded-Proto https; - # pass the Host: header from the client for the sake of redirects - proxy_set_header Host $http_host; - # We've set the Host header, so we don't need Nginx to muddle - # about with redirects - proxy_redirect off; - # Depending on the request value, set the Upgrade and - # connection headers - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection $connection_upgrade; - } - location / { - # Add trailing / if missing - rewrite ^(.*)$http_host(.*[^/])$ $1$http_host$2/ permanent; - uwsgi_read_timeout 120s; - uwsgi_pass uwsgi; - include /etc/nginx/uwsgi_params; - proxy_set_header X-Forwarded-Port 443; - } - } - } diff --git a/kubernetes/contrib/components/awx/templates/job.yaml b/kubernetes/contrib/components/awx/templates/job.yaml deleted file mode 100644 index 1ebe340a68..0000000000 --- a/kubernetes/contrib/components/awx/templates/job.yaml +++ /dev/null @@ -1,130 +0,0 @@ -{{/* -# Copyright © 2019 Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: batch/v1 -kind: Job -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - backoffLimit: 5 - template: - metadata: - labels: - app: {{ include "common.name" . }}-mgnt - release: {{ include "common.release" . }} - spec: - serviceAccount: {{ include "common.fullname" . }} - serviceAccountName: {{ include "common.fullname" . }} - restartPolicy: Never - initContainers: - - name: {{ include "common.name" . }}-init-readiness - image: {{ include "repositoryGenerator.image.readiness" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: - - /app/ready.py - args: - - --container-name - - awx-postgres - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - containers: - - name: {{ include "common.name" . }}-mgnt - command: - - /bin/sh - - -cx - - | - {{- if include "common.onServiceMesh" . }} - echo "waiting 15s for istio side cars to be up"; sleep 15s;{{- end }} - /etc/tower/job-entrypoint.sh - image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image.task }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - resources: - requests: - cpu: 1500m - memory: 2Gi - securityContext: - privileged: true - volumeMounts: - - mountPath: /etc/tower/job-entrypoint.sh - name: awx-mgnt - readOnly: true - subPath: job-entrypoint.py - - mountPath: /etc/tower/settings.py - name: awx-application-config - readOnly: true - subPath: settings.py - - mountPath: /etc/tower/conf.d/ - name: awx-application-credentials - readOnly: true - - mountPath: /etc/tower/SECRET_KEY - name: awx-secret-key - readOnly: true - subPath: SECRET_KEY - {{ include "common.waitForJobContainer" . | indent 6 | trim }} - volumes: - - configMap: - defaultMode: 0777 - items: - - key: entrypoint - path: job-entrypoint.py - name: {{ include "common.fullname" . }}-init-mgnt - name: awx-mgnt - - configMap: - defaultMode: 420 - items: - - key: awx_settings - path: settings.py - name: {{ include "common.fullname" . }}-settings - name: awx-application-config - - name: awx-application-credentials - secret: - defaultMode: 420 - items: - - key: credentials_py - path: credentials.py - - key: environment_sh - path: environment.sh - secretName: {{ include "common.fullname" . }}-secrets - - name: awx-secret-key - secret: - defaultMode: 420 - items: - - key: secret_key - path: SECRET_KEY - secretName: {{ include "common.fullname" . }}-secrets - - configMap: - defaultMode: 420 - items: - - key: rabbitmq.conf - path: rabbitmq.conf - - key: enabled_plugins - path: enabled_plugins - - key: rabbitmq_definitions.json - path: rabbitmq_definitions.json - name: {{ include "common.fullname" . }}-rabbitmq - name: rabbitmq-config - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/contrib/components/awx/templates/secret.yaml b/kubernetes/contrib/components/awx/templates/secret.yaml deleted file mode 100644 index 642f779214..0000000000 --- a/kubernetes/contrib/components/awx/templates/secret.yaml +++ /dev/null @@ -1,31 +0,0 @@ -{{/* -# Copyright © 2019 Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} -apiVersion: v1 -kind: Secret -type: Opaque -metadata: - name: {{ include "common.fullname" . }}-secrets - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.fullname" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -data: - credentials_py: {{ tpl (.Files.Get "resources/config/credentials.py") . | b64enc }} - environment_sh: {{ tpl (.Files.Get "resources/config/environment.sh") . | b64enc }} - rabbitmq_erlang_cookie: {{ .Values.config.rabbitmqErlangCookie | b64enc | quote }} - secret_key: {{ .Values.config.secretKey | b64enc | quote }}
\ No newline at end of file diff --git a/kubernetes/contrib/components/awx/templates/service.yaml b/kubernetes/contrib/components/awx/templates/service.yaml deleted file mode 100755 index 85ec8c8428..0000000000 --- a/kubernetes/contrib/components/awx/templates/service.yaml +++ /dev/null @@ -1,79 +0,0 @@ -{{/* -# Copyright © 2019 Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }}-rmq-mgmt - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - type: {{ .Values.service.rmqmgmt.type }} - ports: - - port: {{ .Values.service.rmqmgmt.externalPort }} - targetPort: {{ .Values.service.rmqmgmt.internalPort }} - name: {{ .Values.service.rmqmgmt.portName }} - selector: - app: {{ include "common.fullname" . }} - release: {{ include "common.release" . }} ---- -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }}-web - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - type: {{ .Values.service.web.type }} - ports: - - port: {{ .Values.service.web.externalPort }} - targetPort: {{ .Values.service.web.internalPort }} - name: {{ .Values.service.web.portName }} - selector: - app: {{ include "common.fullname" . }} - release: {{ include "common.release" . }} ---- -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }}-rabbitmq - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.fullname" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} - type: LoadBalancer -spec: - type: {{ .Values.service.rabbitmq.type }} - ports: - - port: {{ .Values.service.rabbitmq.http.externalPort }} - targetPort: {{ .Values.service.rabbitmq.http.internalPort }} - name: {{ .Values.service.rabbitmq.http.portName }} - - port: {{ .Values.service.rabbitmq.amqp.externalPort }} - targetPort: {{ .Values.service.rabbitmq.amqp.internalPort }} - name: {{ .Values.service.rabbitmq.amqp.portName }} - selector: - app: {{ include "common.fullname" . }} - release: {{ include "common.release" . }}
\ No newline at end of file diff --git a/kubernetes/contrib/components/awx/templates/serviceaccount.yaml b/kubernetes/contrib/components/awx/templates/serviceaccount.yaml deleted file mode 100644 index 15baf0e308..0000000000 --- a/kubernetes/contrib/components/awx/templates/serviceaccount.yaml +++ /dev/null @@ -1,44 +0,0 @@ -{{/* -# Copyright © 2019 Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: {{ include "common.fullname" . }}-endpoint-reader - namespace: {{ include "common.namespace" . }} -rules: -- apiGroups: ["", "extensions", "apps", "batch"] - resources: ["endpoints", "deployments", "pods", "replicasets/status", "jobs/status"] - verbs: ["get", "list"] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: {{ include "common.fullname" . }}-endpoint-reader - namespace: {{ include "common.namespace" . }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: {{ include "common.fullname" . }}-endpoint-reader -subjects: -- kind: ServiceAccount - name: {{ include "common.fullname" . }}
\ No newline at end of file diff --git a/kubernetes/contrib/components/awx/templates/statefulset.yaml b/kubernetes/contrib/components/awx/templates/statefulset.yaml deleted file mode 100644 index 1f2c093742..0000000000 --- a/kubernetes/contrib/components/awx/templates/statefulset.yaml +++ /dev/null @@ -1,227 +0,0 @@ -{{/* -# Copyright © 2019 Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - podManagementPolicy: OrderedReady - replicas: {{ .Values.replicaCount }} - serviceName: {{ include "common.fullname" . }} - selector: - matchLabels: - app: {{ include "common.fullname" . }} - name: {{ include "common.name" . }}-web-deploy - service: django - template: - metadata: - labels: - app: {{ include "common.fullname" . }} - name: {{ include "common.name" . }}-web-deploy - release: {{ include "common.release" . }} - service: django - spec: - - initContainers: - - name: {{ include "common.name" . }}-init-readiness - image: {{ include "repositoryGenerator.image.readiness" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: - - /app/ready.py - args: - - --container-name - - {{ include "common.name" . }}-mgnt - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - containers: - - - image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image.web }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-web - ports: - - containerPort: {{ .Values.service.web.internalPort }} - protocol: TCP - resources: - requests: - cpu: 500m - memory: 1Gi - volumeMounts: - - mountPath: /etc/tower/settings.py - name: awx-application-config - readOnly: true - subPath: settings.py - - mountPath: /etc/tower/conf.d/ - name: awx-application-credentials - readOnly: true - - mountPath: /etc/tower/SECRET_KEY - name: awx-secret-key - readOnly: true - subPath: SECRET_KEY - - mountPath: /etc/nginx/nginx.conf - name: awx-nginx-conf - subPath: "nginx.conf" - - - command: ["/bin/sh","-c"] - args: ["/usr/bin/launch_awx_task.sh"] - env: - - name: AWX_SKIP_MIGRATIONS - value: "1" - - image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image.task }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-celery - resources: - requests: - cpu: 1500m - memory: 2Gi - securityContext: - privileged: true - volumeMounts: - - mountPath: /etc/tower/settings.py - name: awx-application-config - readOnly: true - subPath: settings.py - - mountPath: /etc/tower/conf.d/ - name: awx-application-credentials - readOnly: true - - mountPath: /etc/tower/SECRET_KEY - name: awx-secret-key - readOnly: true - subPath: SECRET_KEY - - mountPath: /etc/nginx/nginx.conf - name: awx-nginx-conf - subPath: "nginx.conf" - - env: - - name: MY_POD_IP - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: status.podIP - - name: RABBITMQ_USE_LONGNAME - value: "true" - - name: RABBITMQ_NODENAME - value: rabbit@$(MY_POD_IP) - - name: RABBITMQ_ERLANG_COOKIE - valueFrom: - secretKeyRef: - key: rabbitmq_erlang_cookie - name: {{ include "common.fullname" . }}-secrets - - name: K8S_SERVICE_NAME - value: {{ include "common.servicename" . }}-rabbitmq - - image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image.rabbitmq }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-rabbit - livenessProbe: - exec: - command: - - rabbitmqctl - - status - failureThreshold: 3 - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - successThreshold: 1 - timeoutSeconds: 10 - ports: - - containerPort: {{ .Values.service.rabbitmq.http.internalPort }} - name: {{ .Values.service.rabbitmq.http.portName }} - protocol: TCP - - containerPort: {{ .Values.service.rabbitmq.amqp.internalPort }} - name: {{ .Values.service.rabbitmq.amqp.portName }} - protocol: TCP - readinessProbe: - exec: - command: - - rabbitmqctl - - status - failureThreshold: 3 - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - successThreshold: 1 - timeoutSeconds: 10 - resources: - requests: - cpu: 500m - memory: 2Gi - volumeMounts: - - mountPath: /etc/rabbitmq - name: rabbitmq-config - - - image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image.memcached }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-memcached - resources: - requests: - cpu: 500m - memory: 1Gi - serviceAccount: {{ include "common.fullname" . }} - serviceAccountName: {{ include "common.fullname" . }} - volumes: - - configMap: - defaultMode: 420 - items: - - key: awx_settings - path: settings.py - name: {{ include "common.fullname" . }}-settings - name: awx-application-config - - name: awx-application-credentials - secret: - defaultMode: 420 - items: - - key: credentials_py - path: credentials.py - - key: environment_sh - path: environment.sh - secretName: {{ include "common.fullname" . }}-secrets - - name: awx-secret-key - secret: - defaultMode: 420 - items: - - key: secret_key - path: SECRET_KEY - secretName: {{ include "common.fullname" . }}-secrets - - configMap: - defaultMode: 420 - items: - - key: rabbitmq.conf - path: rabbitmq.conf - - key: enabled_plugins - path: enabled_plugins - - key: rabbitmq_definitions.json - path: rabbitmq_definitions.json - name: {{ include "common.fullname" . }}-rabbitmq - name: rabbitmq-config - - configMap: - defaultMode: 420 - items: - - key: nginx.conf - path: nginx.conf - name: {{ include "common.fullname" . }}-nginx-conf - name: awx-nginx-conf - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/contrib/components/awx/values.yaml b/kubernetes/contrib/components/awx/values.yaml deleted file mode 100755 index c30999fa6d..0000000000 --- a/kubernetes/contrib/components/awx/values.yaml +++ /dev/null @@ -1,120 +0,0 @@ -# Copyright © 2019 Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Default values for mariadb. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. - -global: # global defaults - nodePortPrefixExt: 304 - commonConfigPrefix: awx - persistence: {} - -# application image -image: - web: ansible/awx_web:9.0.1 - task: ansible/awx_task:9.0.1 - rabbitmq: ansible/awx_rabbitmq:3.7.4 - memcached: memcached:1.5.20 -pullPolicy: Always - -# application configuration -config: - postgresUser: awx - postgresPassword: awx - postgresDB: awx -# RabbitMQ Configuration - rabbitmqUser: awx - rabbitmqPassword: awxpass - rabbitmqVhost: awx - rabbitmqErlangCookie: cookiemonster3 -# This will create or update a default admin (superuser) account in AWX, if not provided -# then these default values are used - awxAdminUser: admin - awxAdminPassword: password - awxAdminEmail: cds@onap.org -# AWX Secret key -# It's *very* important that this stay the same between upgrades or you will lose the ability to decrypt -# your credentials - secretKey: awxsecret - -ingress: - enabled: false - -# default number of instances -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 10 - periodSeconds: 10 - enabled: true - -## Persist data to a persitent volume -persistence: - enabled: true - volumeReclaimPolicy: Retain - - # Uncomment the storageClass parameter to use an existing PV - # that will match the following class. - # When uncomment the storageClass, the PV is not created anymore. - - # storageClass: "nfs-dev-sc" - - accessMode: ReadWriteOnce - size: 5Gi - - # When using storage class, mountPath and mountSubPath are - # simply ignored. - - mountPath: /dockerdata-nfs - mountSubPath: awx/pgdata - -service: - rmqmgmt: - type: ClusterIP - portName: http-rmqmgmt - internalPort: 15672 - externalPort: 15672 - web: - type: ClusterIP - portName: http-web - internalPort: 8052 - externalPort: 8052 - rabbitmq: - type: ClusterIP - http: - portName: http-rmq - internalPort: 15672 - externalPort: 15672 - amqp: - portName: tcp-amqp - internalPort: 5672 - externalPort: 5672 - -resources: {} - -#Pods Service Account -serviceAccount: - nameOverride: awx - roles: - - read - -wait_for_job_container: - containers: - - '{{ include "common.name" . }}-mgnt' diff --git a/kubernetes/contrib/components/ejbca/Chart.yaml b/kubernetes/contrib/components/ejbca/Chart.yaml deleted file mode 100644 index 5c7ec253ed..0000000000 --- a/kubernetes/contrib/components/ejbca/Chart.yaml +++ /dev/null @@ -1,42 +0,0 @@ -# Copyright © 2020 Nokia -# Modifications Copyright © 2021 Orange -# Modifications Copyright © 2021 Nordix Foundation -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v2 -description: ONAP EJBCA test server -name: ejbca -version: 12.0.0 - -dependencies: - - name: common - version: ~12.x-0 - repository: '@local' - - name: mariadb-galera - version: ~12.x-0 - repository: '@local' - condition: global.mariadbGalera.localCluster - - name: mariadb-init - version: ~12.x-0 - repository: '@local' - condition: global.mariadbGalera.globalCluster - - name: repositoryGenerator - version: ~12.x-0 - repository: '@local' - - name: cmpv2Config - version: ~12.x-0 - repository: '@local' - - name: serviceAccount - version: ~12.x-0 - repository: '@local'
\ No newline at end of file diff --git a/kubernetes/contrib/components/ejbca/resources/certprofile_CUSTOM_ENDUSER-1834889499.xml b/kubernetes/contrib/components/ejbca/resources/certprofile_CUSTOM_ENDUSER-1834889499.xml deleted file mode 100644 index e163aed82a..0000000000 --- a/kubernetes/contrib/components/ejbca/resources/certprofile_CUSTOM_ENDUSER-1834889499.xml +++ /dev/null @@ -1,595 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<java version="1.8.0_242" class="java.beans.XMLDecoder"> - <object class="java.util.LinkedHashMap"> - <void method="put"> - <string>version</string> - <float>46.0</float> - </void> - <void method="put"> - <string>type</string> - <int>1</int> - </void> - <void method="put"> - <string>certversion</string> - <string>X509v3</string> - </void> - <void method="put"> - <string>encodedvalidity</string> - <string>2y</string> - </void> - <void method="put"> - <string>usecertificatevalidityoffset</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>certificatevalidityoffset</string> - <string>-10m</string> - </void> - <void method="put"> - <string>useexpirationrestrictionforweekdays</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>expirationrestrictionforweekdaysbefore</string> - <boolean>true</boolean> - </void> - <void method="put"> - <string>expirationrestrictionweekdays</string> - <object class="java.util.ArrayList"> - <void method="add"> - <boolean>true</boolean> - </void> - <void method="add"> - <boolean>true</boolean> - </void> - <void method="add"> - <boolean>false</boolean> - </void> - <void method="add"> - <boolean>false</boolean> - </void> - <void method="add"> - <boolean>false</boolean> - </void> - <void method="add"> - <boolean>true</boolean> - </void> - <void method="add"> - <boolean>true</boolean> - </void> - </object> - </void> - <void method="put"> - <string>allowvalidityoverride</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>allowextensionoverride</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>allowdnoverride</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>allowdnoverridebyeei</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>allowbackdatedrevokation</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>usecertificatestorage</string> - <boolean>true</boolean> - </void> - <void method="put"> - <string>storecertificatedata</string> - <boolean>true</boolean> - </void> - <void method="put"> - <string>storesubjectaltname</string> - <boolean>true</boolean> - </void> - <void method="put"> - <string>usebasicconstrants</string> - <boolean>true</boolean> - </void> - <void method="put"> - <string>basicconstraintscritical</string> - <boolean>true</boolean> - </void> - <void method="put"> - <string>usesubjectkeyidentifier</string> - <boolean>true</boolean> - </void> - <void method="put"> - <string>subjectkeyidentifiercritical</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>useauthoritykeyidentifier</string> - <boolean>true</boolean> - </void> - <void method="put"> - <string>authoritykeyidentifiercritical</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>usesubjectalternativename</string> - <boolean>true</boolean> - </void> - <void method="put"> - <string>subjectalternativenamecritical</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>useissueralternativename</string> - <boolean>true</boolean> - </void> - <void method="put"> - <string>issueralternativenamecritical</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>usecrldistributionpoint</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>usedefaultcrldistributionpoint</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>crldistributionpointcritical</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>crldistributionpointuri</string> - <string></string> - </void> - <void method="put"> - <string>usefreshestcrl</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>usecadefinedfreshestcrl</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>freshestcrluri</string> - <string></string> - </void> - <void method="put"> - <string>crlissuer</string> - <string></string> - </void> - <void method="put"> - <string>usecertificatepolicies</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>certificatepoliciescritical</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>certificatepolicies</string> - <object class="java.util.ArrayList"/> - </void> - <void method="put"> - <string>availablekeyalgorithms</string> - <object class="java.util.ArrayList"> - <void method="add"> - <string>DSA</string> - </void> - <void method="add"> - <string>ECDSA</string> - </void> - <void method="add"> - <string>RSA</string> - </void> - </object> - </void> - <void method="put"> - <string>availableeccurves</string> - <object class="java.util.ArrayList"> - <void method="add"> - <string>ANY_EC_CURVE</string> - </void> - </object> - </void> - <void method="put"> - <string>availablebitlengths</string> - <object class="java.util.ArrayList"> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>192</int> - </void> - <void method="add"> - <int>224</int> - </void> - <void method="add"> - <int>239</int> - </void> - <void method="add"> - <int>256</int> - </void> - <void method="add"> - <int>384</int> - </void> - <void method="add"> - <int>512</int> - </void> - <void method="add"> - <int>521</int> - </void> - <void method="add"> - <int>1024</int> - </void> - <void method="add"> - <int>1536</int> - </void> - <void method="add"> - <int>2048</int> - </void> - <void method="add"> - <int>3072</int> - </void> - <void method="add"> - <int>4096</int> - </void> - <void method="add"> - <int>6144</int> - </void> - <void method="add"> - <int>8192</int> - </void> - </object> - </void> - <void method="put"> - <string>minimumavailablebitlength</string> - <int>0</int> - </void> - <void method="put"> - <string>maximumavailablebitlength</string> - <int>8192</int> - </void> - <void method="put"> - <string>signaturealgorithm</string> - <null/> - </void> - <void method="put"> - <string>usekeyusage</string> - <boolean>true</boolean> - </void> - <void method="put"> - <string>keyusage</string> - <object class="java.util.ArrayList"> - <void method="add"> - <boolean>true</boolean> - </void> - <void method="add"> - <boolean>true</boolean> - </void> - <void method="add"> - <boolean>true</boolean> - </void> - <void method="add"> - <boolean>false</boolean> - </void> - <void method="add"> - <boolean>false</boolean> - </void> - <void method="add"> - <boolean>false</boolean> - </void> - <void method="add"> - <boolean>false</boolean> - </void> - <void method="add"> - <boolean>false</boolean> - </void> - <void method="add"> - <boolean>false</boolean> - </void> - </object> - </void> - <void method="put"> - <string>allowkeyusageoverride</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>keyusagecritical</string> - <boolean>true</boolean> - </void> - <void method="put"> - <string>useextendedkeyusage</string> - <boolean>true</boolean> - </void> - <void method="put"> - <string>extendedkeyusage</string> - <object class="java.util.ArrayList"> - <void method="add"> - <string>1.3.6.1.5.5.7.3.2</string> - </void> - <void method="add"> - <string>1.3.6.1.5.5.7.3.4</string> - </void> - <void method="add"> - <string>1.3.6.1.5.5.7.3.1</string> - </void> - </object> - </void> - <void method="put"> - <string>extendedkeyusagecritical</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>usedocumenttypelist</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>documenttypelistcritical</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>documenttypelist</string> - <object class="java.util.ArrayList"/> - </void> - <void method="put"> - <string>availablecas</string> - <object class="java.util.ArrayList"> - <void method="add"> - <int>-1</int> - </void> - </object> - </void> - <void method="put"> - <string>usedpublishers</string> - <object class="java.util.ArrayList"/> - </void> - <void method="put"> - <string>useocspnocheck</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>useldapdnorder</string> - <boolean>true</boolean> - </void> - <void method="put"> - <string>usecustomdnorder</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>usemicrosofttemplate</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>microsofttemplate</string> - <string></string> - </void> - <void method="put"> - <string>usecardnumber</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>usecnpostfix</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>cnpostfix</string> - <string></string> - </void> - <void method="put"> - <string>usesubjectdnsubset</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>subjectdnsubset</string> - <object class="java.util.ArrayList"/> - </void> - <void method="put"> - <string>usesubjectaltnamesubset</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>subjectaltnamesubset</string> - <object class="java.util.ArrayList"/> - </void> - <void method="put"> - <string>usepathlengthconstraint</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>pathlengthconstraint</string> - <int>0</int> - </void> - <void method="put"> - <string>useqcstatement</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>usepkixqcsyntaxv2</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>useqcstatementcritical</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>useqcstatementraname</string> - <string></string> - </void> - <void method="put"> - <string>useqcsematicsid</string> - <string></string> - </void> - <void method="put"> - <string>useqcetsiqccompliance</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>useqcetsisignaturedevice</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>useqcetsivaluelimit</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>qcetsivaluelimit</string> - <int>0</int> - </void> - <void method="put"> - <string>qcetsivaluelimitexp</string> - <int>0</int> - </void> - <void method="put"> - <string>qcetsivaluelimitcurrency</string> - <string></string> - </void> - <void method="put"> - <string>useqcetsiretentionperiod</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>qcetsiretentionperiod</string> - <int>0</int> - </void> - <void method="put"> - <string>useqccustomstring</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>qccustomstringoid</string> - <string></string> - </void> - <void method="put"> - <string>qccustomstringtext</string> - <string></string> - </void> - <void method="put"> - <string>qcetsipds</string> - <null/> - </void> - <void method="put"> - <string>qcetsitype</string> - <null/> - </void> - <void method="put"> - <string>usecertificatetransparencyincerts</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>usecertificatetransparencyinocsp</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>usecertificatetransparencyinpublisher</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>usesubjectdirattributes</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>usenameconstraints</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>useauthorityinformationaccess</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>caissuers</string> - <object class="java.util.ArrayList"/> - </void> - <void method="put"> - <string>usedefaultcaissuer</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>usedefaultocspservicelocator</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>ocspservicelocatoruri</string> - <string></string> - </void> - <void method="put"> - <string>cvcaccessrights</string> - <int>3</int> - </void> - <void method="put"> - <string>usedcertificateextensions</string> - <object class="java.util.ArrayList"/> - </void> - <void method="put"> - <string>approvals</string> - <object class="java.util.LinkedHashMap"> - <void method="put"> - <object class="java.lang.Enum" method="valueOf"> - <class>org.cesecore.certificates.ca.ApprovalRequestType</class> - <string>REVOCATION</string> - </object> - <int>-1</int> - </void> - <void method="put"> - <object class="java.lang.Enum" method="valueOf"> - <class>org.cesecore.certificates.ca.ApprovalRequestType</class> - <string>KEYRECOVER</string> - </object> - <int>-1</int> - </void> - <void method="put"> - <object class="java.lang.Enum" method="valueOf"> - <class>org.cesecore.certificates.ca.ApprovalRequestType</class> - <string>ADDEDITENDENTITY</string> - </object> - <int>-1</int> - </void> - </object> - </void> - <void method="put"> - <string>useprivkeyusageperiodnotbefore</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>useprivkeyusageperiod</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>useprivkeyusageperiodnotafter</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>privkeyusageperiodstartoffset</string> - <long>0</long> - </void> - <void method="put"> - <string>privkeyusageperiodlength</string> - <long>63072000</long> - </void> - <void method="put"> - <string>usesingleactivecertificateconstraint</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>overridableextensionoids</string> - <object class="java.util.LinkedHashSet"/> - </void> - <void method="put"> - <string>nonoverridableextensionoids</string> - <object class="java.util.LinkedHashSet"/> - </void> - <void method="put"> - <string>allowcertsnoverride</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>usecustomdnorderldap</string> - <boolean>false</boolean> - </void> - </object> -</java> diff --git a/kubernetes/contrib/components/ejbca/resources/ejbca-config.sh b/kubernetes/contrib/components/ejbca/resources/ejbca-config.sh deleted file mode 100755 index a538238151..0000000000 --- a/kubernetes/contrib/components/ejbca/resources/ejbca-config.sh +++ /dev/null @@ -1,58 +0,0 @@ -#!/bin/sh - -waitForEjbcaToStart() { - until $(curl -kI https://localhost:8443/ejbca/publicweb/healthcheck/ejbcahealth --output /dev/null --silent --head --fail) - do - sleep 5 - done -} - -configureEjbca() { - ejbca.sh ca init \ - --caname ManagementCA \ - --dn "O=EJBCA Container Quickstart,CN=ManagementCA,UID=12345" \ - --tokenType soft \ - --keyspec 3072 \ - --keytype RSA \ - -v 3652 \ - --policy null \ - -s SHA256WithRSA \ - -type "x509" - ejbca.sh config cmp addalias --alias cmpRA - ejbca.sh config cmp updatealias --alias cmpRA --key operationmode --value ra - ejbca.sh ca editca --caname ManagementCA --field cmpRaAuthSecret --value ${RA_IAK} - ejbca.sh config cmp updatealias --alias cmpRA --key responseprotection --value signature - ejbca.sh config cmp updatealias --alias cmpRA --key authenticationmodule --value 'HMAC;EndEntityCertificate' - ejbca.sh config cmp updatealias --alias cmpRA --key authenticationparameters --value '-;ManagementCA' - ejbca.sh config cmp updatealias --alias cmpRA --key allowautomatickeyupdate --value true - #Custom EJBCA cert profile and endentity are imported to allow issuing certificates with correct extended usage (containing serverAuth) - ejbca.sh ca importprofiles -d /opt/primekey/custom_profiles - #Profile name taken from certprofile filename (certprofile_<profile-name>-<id>.xml) - ejbca.sh config cmp updatealias --alias cmpRA --key ra.certificateprofile --value CUSTOM_ENDUSER - #ID taken from entityprofile filename (entityprofile_<profile-name>-<id>.xml) - ejbca.sh config cmp updatealias --alias cmpRA --key ra.endentityprofileid --value 1356531849 - caSubject=$(ejbca.sh ca getcacert --caname ManagementCA -f /dev/stdout | grep 'Subject' | sed -e "s/^Subject: //" | sed -n '1p') - ejbca.sh config cmp updatealias --alias cmpRA --key defaultca --value "$caSubject" - ejbca.sh config cmp dumpalias --alias cmpRA - ejbca.sh config cmp addalias --alias cmp - ejbca.sh config cmp updatealias --alias cmp --key allowautomatickeyupdate --value true - ejbca.sh config cmp updatealias --alias cmp --key responseprotection --value pbe - ejbca.sh ra addendentity --username Node123 --dn "CN=Node123" --caname ManagementCA --password ${CLIENT_IAK} --type 1 --token USERGENERATED - ejbca.sh ra setclearpwd --username Node123 --password ${CLIENT_IAK} - ejbca.sh config cmp updatealias --alias cmp --key extractusernamecomponent --value CN - ejbca.sh config cmp dumpalias --alias cmp - ejbca.sh ca getcacert --caname ManagementCA -f /dev/stdout > cacert.pem - #Add "Certificate Update Admin" role to allow performing KUR/CR for certs within specific organization (e.g. Linux-Foundation) - ejbca.sh roles addrole "Certificate Update Admin" - ejbca.sh roles changerule "Certificate Update Admin" /ca/ManagementCA/ ACCEPT - ejbca.sh roles changerule "Certificate Update Admin" /ca_functionality/create_certificate/ ACCEPT - ejbca.sh roles changerule "Certificate Update Admin" /endentityprofilesrules/Custom_EndEntity/ ACCEPT - ejbca.sh roles changerule "Certificate Update Admin" /ra_functionality/edit_end_entity/ ACCEPT - ejbca.sh roles addrolemember "Certificate Update Admin" ManagementCA WITH_ORGANIZATION --value "{{ .Values.cmpv2Config.global.certificate.default.subject.organization }}" - # workarround to exit successfully, as a reexecution of "addrolemember" returns an error - exit 0 -} - - -waitForEjbcaToStart -configureEjbca diff --git a/kubernetes/contrib/components/ejbca/resources/entityprofile_Custom_EndEntity-1356531849.xml b/kubernetes/contrib/components/ejbca/resources/entityprofile_Custom_EndEntity-1356531849.xml deleted file mode 100644 index ec51a80d5e..0000000000 --- a/kubernetes/contrib/components/ejbca/resources/entityprofile_Custom_EndEntity-1356531849.xml +++ /dev/null @@ -1,1107 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<java version="1.8.0_242" class="java.beans.XMLDecoder"> - <object class="java.util.LinkedHashMap"> - <void method="put"> - <string>version</string> - <float>14.0</float> - </void> - <void method="put"> - <string>NUMBERARRAY</string> - <object class="java.util.ArrayList"> - <void method="add"> - <int>1</int> - </void> - <void method="add"> - <int>1</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>1</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>1</int> - </void> - <void method="add"> - <int>1</int> - </void> - <void method="add"> - <int>1</int> - </void> - <void method="add"> - <int>1</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>1</int> - </void> - <void method="add"> - <int>3</int> - </void> - <void method="add"> - <int>3</int> - </void> - <void method="add"> - <int>3</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>3</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>1</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>1</int> - </void> - <void method="add"> - <int>1</int> - </void> - <void method="add"> - <int>1</int> - </void> - <void method="add"> - <int>1</int> - </void> - <void method="add"> - <int>1</int> - </void> - <void method="add"> - <int>1</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>1</int> - </void> - <void method="add"> - <int>1</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>1</int> - </void> - <void method="add"> - <int>1</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>1</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>1</int> - </void> - <void method="add"> - <int>1</int> - </void> - <void method="add"> - <int>1</int> - </void> - <void method="add"> - <int>1</int> - </void> - <void method="add"> - <int>1</int> - </void> - <void method="add"> - <int>1</int> - </void> - <void method="add"> - <int>1</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - </object> - </void> - <void method="put"> - <string>SUBJECTDNFIELDORDER</string> - <object class="java.util.ArrayList"> - <void method="add"> - <int>500</int> - </void> - <void method="add"> - <int>1100</int> - </void> - <void method="add"> - <int>1200</int> - </void> - <void method="add"> - <int>1300</int> - </void> - <void method="add"> - <int>1400</int> - </void> - <void method="add"> - <int>1600</int> - </void> - </object> - </void> - <void method="put"> - <string>SUBJECTALTNAMEFIELDORDER</string> - <object class="java.util.ArrayList"> - <void method="add"> - <int>1800</int> - </void> - <void method="add"> - <int>1801</int> - </void> - <void method="add"> - <int>1802</int> - </void> - <void method="add"> - <int>1700</int> - </void> - <void method="add"> - <int>1701</int> - </void> - <void method="add"> - <int>1702</int> - </void> - <void method="add"> - <int>1900</int> - </void> - <void method="add"> - <int>1901</int> - </void> - <void method="add"> - <int>1902</int> - </void> - <void method="add"> - <int>2100</int> - </void> - <void method="add"> - <int>2101</int> - </void> - <void method="add"> - <int>2102</int> - </void> - </object> - </void> - <void method="put"> - <string>SUBJECTDIRATTRFIELDORDER</string> - <object class="java.util.ArrayList"/> - </void> - <void method="put"> - <int>0</int> - <string></string> - </void> - <void method="put"> - <int>20000</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>10000</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>30000</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>1</int> - <string></string> - </void> - <void method="put"> - <int>20001</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>10001</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>30001</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>95</int> - <string></string> - </void> - <void method="put"> - <int>20095</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>10095</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>30095</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>96</int> - <string></string> - </void> - <void method="put"> - <int>20096</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>10096</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>30096</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>5</int> - <string></string> - </void> - <void method="put"> - <int>20005</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>10005</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>30005</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>26</int> - <string></string> - </void> - <void method="put"> - <int>20026</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>10026</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>30026</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>29</int> - <string>1834889499</string> - </void> - <void method="put"> - <int>20029</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>10029</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>30029</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>30</int> - <string>1834889499</string> - </void> - <void method="put"> - <int>20030</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>10030</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>30030</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>31</int> - <string>1</string> - </void> - <void method="put"> - <int>20031</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>10031</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>30031</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>32</int> - <string>1;2;3;4</string> - </void> - <void method="put"> - <int>20032</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>10032</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>30032</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>33</int> - <string></string> - </void> - <void method="put"> - <int>20033</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>10033</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>30033</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>34</int> - <string></string> - </void> - <void method="put"> - <int>20034</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>10034</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>30034</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>38</int> - <string>1</string> - </void> - <void method="put"> - <int>20038</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>10038</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>30038</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>37</int> - <string>-29939301</string> - </void> - <void method="put"> - <int>20037</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>10037</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>30037</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>98</int> - <string></string> - </void> - <void method="put"> - <int>20098</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>10098</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>30098</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>99</int> - <string></string> - </void> - <void method="put"> - <int>20099</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>10099</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>30099</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>97</int> - <string></string> - </void> - <void method="put"> - <int>20097</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>10097</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>30097</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>91</int> - <string>false</string> - </void> - <void method="put"> - <int>20091</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>10091</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>30091</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>94</int> - <string>-1</string> - </void> - <void method="put"> - <int>20094</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>10094</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>30094</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>93</int> - <string>-1</string> - </void> - <void method="put"> - <int>20093</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>10093</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>30093</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>89</int> - <string></string> - </void> - <void method="put"> - <int>20089</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>10089</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>30089</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>88</int> - <string></string> - </void> - <void method="put"> - <int>20088</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>10088</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>30088</int> - <boolean>true</boolean> - </void> - <void method="put"> - <string>ALLOW_MERGEDN_WEBSERVICES</string> - <boolean>false</boolean> - </void> - <void method="put"> - <int>2</int> - <string></string> - </void> - <void method="put"> - <int>20002</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>10002</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>10090</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>90</int> - <string>0</string> - </void> - <void method="put"> - <string>REVERSEFFIELDCHECKS</string> - <boolean>false</boolean> - </void> - <void method="put"> - <int>28</int> - <string>false</string> - </void> - <void method="put"> - <int>20028</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>10028</int> - <boolean>false</boolean> - </void> - <void method="put"> - <string>REUSECERTIFICATE</string> - <boolean>false</boolean> - </void> - <void method="put"> - <int>35</int> - <string>false</string> - </void> - <void method="put"> - <int>20035</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>10035</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>10092</int> - <boolean>false</boolean> - </void> - <void method="put"> - <string>USEEXTENSIONDATA</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>PRINTINGUSE</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>PRINTINGDEFAULT</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>PRINTINGREQUIRED</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>PRINTINGCOPIES</string> - <int>1</int> - </void> - <void method="put"> - <string>PRINTINGPRINTERNAME</string> - <string></string> - </void> - <void method="put"> - <string>PRINTINGSVGDATA</string> - <string></string> - </void> - <void method="put"> - <string>PRINTINGSVGFILENAME</string> - <string></string> - </void> - <void method="put"> - <int>11</int> - <string></string> - </void> - <void method="put"> - <int>20011</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>10011</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>30011</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>12</int> - <string></string> - </void> - <void method="put"> - <int>20012</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>10012</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>30012</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>13</int> - <string></string> - </void> - <void method="put"> - <int>20013</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>10013</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>30013</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>14</int> - <string></string> - </void> - <void method="put"> - <int>20014</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>10014</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>30014</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>16</int> - <string></string> - </void> - <void method="put"> - <int>20016</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>10016</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>30016</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>18</int> - <string></string> - </void> - <void method="put"> - <int>20018</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>10018</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>30018</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>118</int> - <string></string> - </void> - <void method="put"> - <int>20118</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>10118</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>30118</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>218</int> - <string></string> - </void> - <void method="put"> - <int>20218</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>10218</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>30218</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>17</int> - <string></string> - </void> - <void method="put"> - <int>20017</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>10017</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>30017</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>117</int> - <string></string> - </void> - <void method="put"> - <int>20117</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>10117</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>30117</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>217</int> - <string></string> - </void> - <void method="put"> - <int>20217</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>10217</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>30217</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>19</int> - <string></string> - </void> - <void method="put"> - <int>20019</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>10019</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>30019</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>119</int> - <string></string> - </void> - <void method="put"> - <int>20119</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>10119</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>30119</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>219</int> - <string></string> - </void> - <void method="put"> - <int>20219</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>10219</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>30219</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>21</int> - <string></string> - </void> - <void method="put"> - <int>20021</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>10021</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>30021</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>121</int> - <string></string> - </void> - <void method="put"> - <int>20121</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>10121</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>30121</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>221</int> - <string></string> - </void> - <void method="put"> - <int>20221</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>10221</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>30221</int> - <boolean>true</boolean> - </void> - </object> -</java> diff --git a/kubernetes/contrib/components/ejbca/templates/configmap.yaml b/kubernetes/contrib/components/ejbca/templates/configmap.yaml deleted file mode 100644 index 093657dfe0..0000000000 --- a/kubernetes/contrib/components/ejbca/templates/configmap.yaml +++ /dev/null @@ -1,30 +0,0 @@ -{{/* -# Copyright © 2020, Nordix Foundation -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: v1 -kind: ConfigMap -metadata: - name: "{{ include "common.fullname" . }}-config-script" -data: -{{ tpl (.Files.Glob "resources/ejbca-config.sh").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: "{{ include "common.fullname" . }}-profiles" -data: -{{ tpl (.Files.Glob "resources/certprofile_CUSTOM_ENDUSER-1834889499.xml").AsConfig . | indent 2 }} -{{ tpl (.Files.Glob "resources/entityprofile_Custom_EndEntity-1356531849.xml").AsConfig . | indent 2 }} diff --git a/kubernetes/contrib/components/ejbca/templates/deployment.yaml b/kubernetes/contrib/components/ejbca/templates/deployment.yaml deleted file mode 100644 index a36dcacb23..0000000000 --- a/kubernetes/contrib/components/ejbca/templates/deployment.yaml +++ /dev/null @@ -1,120 +0,0 @@ -{{/* -# Copyright © 2020, Nordix Foundation -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: apps/v1 -kind: Deployment -metadata: {{- include "common.resourceMetadata" . | nindent 2 }} -spec: - replicas: {{ .Values.replicaCount }} - selector: {{- include "common.selectors" . | nindent 4 }} - template: - metadata: {{- include "common.templateMetadata" . | nindent 6 }} - {{- if (include "common.onServiceMesh" . ) }} - annotations: - {{- if eq ( .Values.global.serviceMesh.engine ) "linkerd" }} - linkerd.io/inject: disabled - {{- end }} - {{- if eq ( .Values.global.serviceMesh.engine ) "istio" }} - sidecar.istio.io/rewriteAppHTTPProbers: "false" - proxy.istio.io/config: '{ "holdApplicationUntilProxyStarts": true }' - {{- end }} - {{- end }} - spec: - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" - initContainers: - - name: {{ include "common.name" . }}-db-readiness - command: - - /app/ready.py - args: - - --container-name - {{- if .Values.global.mariadbGalera.localCluster }} - - ejbca-galera - {{- else }} - - ejbca-config - {{- end }} - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: {{ include "repositoryGenerator.image.readiness" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - containers: - - name: {{ include "common.name" . }}-ejbca - image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.ejbca.image }} - imagePullPolicy: {{ .Values.pullPolicy }} - lifecycle: - postStart: - exec: - command: - - sh - - -c - - | - sleep 60; /opt/primekey/scripts/ejbca-config.sh - volumeMounts: - - name: "{{ include "common.fullname" . }}-volume" - mountPath: /opt/primekey/scripts/ - - name: "{{ include "common.fullname" . }}-profiles-volume" - mountPath: /opt/primekey/custom_profiles/ - ports: {{ include "common.containerPorts" . | nindent 10 }} - env: - - name: INITIAL_ADMIN - value: ";PublicAccessAuthenticationToken:TRANSPORT_ANY;" - - name: NO_CREATE_CA - value: "true" - - name: DATABASE_JDBC_URL - value: jdbc:mariadb://{{ include "common.mariadbService" . }}:{{ include "common.mariadbPort" . }}/{{ .Values.mysqlDatabase }} - - name: DATABASE_USER - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "ejbca-db-secret" "key" "login") | indent 10 }} - - name: DATABASE_PASSWORD - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "ejbca-db-secret" "key" "password") | indent 10 }} - - name: RA_IAK - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "ejbca-server-ra-iak" "key" "password") | indent 10 }} - - name: CLIENT_IAK - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "ejbca-server-client-iak" "key" "password") | indent 10 }} - livenessProbe: - httpGet: - port: {{ .Values.liveness.port }} - path: {{ .Values.liveness.path }} - scheme: HTTPS - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - readinessProbe: - httpGet: - port: {{ .Values.readiness.port }} - path: {{ .Values.readiness.path }} - scheme: HTTPS - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - {{- if .Values.nodeSelector }} - nodeSelector: {{ toYaml .Values.nodeSelector | nindent 10 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: {{ toYaml .Values.affinity | nindent 10 }} - {{- end }} - resources: {{ include "common.resources" . | nindent 10 }} - serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} - volumes: - - configMap: - name: "{{ include "common.fullname" . }}-config-script" - defaultMode: 0755 - name: "{{ include "common.fullname" . }}-volume" - - configMap: - name: "{{ include "common.fullname" . }}-profiles" - defaultMode: 0755 - name: "{{ include "common.fullname" . }}-profiles-volume" diff --git a/kubernetes/contrib/components/ejbca/templates/secret.yaml b/kubernetes/contrib/components/ejbca/templates/secret.yaml deleted file mode 100644 index 837da0959b..0000000000 --- a/kubernetes/contrib/components/ejbca/templates/secret.yaml +++ /dev/null @@ -1,17 +0,0 @@ -{{/* -# Copyright © 2020, Nordix Foundation -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{ include "common.secretFast" . }} diff --git a/kubernetes/contrib/components/ejbca/templates/service.yaml b/kubernetes/contrib/components/ejbca/templates/service.yaml deleted file mode 100644 index 46eed4264c..0000000000 --- a/kubernetes/contrib/components/ejbca/templates/service.yaml +++ /dev/null @@ -1,17 +0,0 @@ -{{/* -# Copyright © 2020, Nordix Foundation -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{ include "common.service" . }} diff --git a/kubernetes/contrib/components/ejbca/values.yaml b/kubernetes/contrib/components/ejbca/values.yaml deleted file mode 100644 index c223f41f79..0000000000 --- a/kubernetes/contrib/components/ejbca/values.yaml +++ /dev/null @@ -1,135 +0,0 @@ -# Copyright © 2020, Nordix Foundation, Orange -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -global: - mariadbGalera: &mariadbGalera - #This flag allows SO to instantiate its own mariadb-galera cluster - #When changing it to "true", also set "globalCluster: false" - #as the dependency check will not work otherwise (Chart.yaml) - localCluster: false - globalCluster: true - service: mariadb-galera - internalPort: 3306 - nameOverride: mariadb-galera - -secrets: - - uid: ejbca-db-secret - name: &ejbca-db-secret '{{ include "common.release" . }}-ejbca-db-secret' - type: basicAuth - externalSecret: '{{ tpl (default "" .Values.config.db.userCredentialsExternalSecret) . }}' - login: '{{ .Values.config.db.userName }}' - password: '{{ .Values.config.db.userPassword }}' - - uid: ejbca-server-ra-iak - name: '{{ include "common.release" . }}-ejbca-ra-iak' - type: password - password: '{{ .Values.config.ejbca.raIak }}' - - uid: ejbca-server-client-iak - name: '{{ include "common.release" . }}-ejbca-client-iak' - type: password - password: '{{ .Values.config.ejbca.clientIak }}' - -# application configuration -config: - db: - userName: ejbca - # userPassword: password - # userCredentialsExternalSecret: some-secret - ejbca: {} - # raIak: mypassword - # clientIak: mypassword - -mysqlDatabase: &dbName ejbca - -################################################################# -# Application configuration defaults. -################################################################# -# application configuration -replicaCount: 1 - -ejbca: - image: primekey/ejbca-ce:7.4.3.2 -pullPolicy: Always - -mariadb-galera: - db: - externalSecret: *ejbca-db-secret - name: *dbName - nameOverride: &ejbca-galera ejbca-galera - service: - name: ejbca-galera - portName: ejbca-galera - internalPort: 3306 - replicaCount: 1 - persistence: - enabled: true - mountSubPath: ejbca/maria/data - serviceAccount: - nameOverride: *ejbca-galera - -mariadb-init: - config: - userCredentialsExternalSecret: *ejbca-db-secret - mysqlDatabase: *dbName - nameOverride: ejbca-config - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - path: /ejbca/publicweb/healthcheck/ejbcahealth - port: 8443 - initialDelaySeconds: 180 - periodSeconds: 30 - -readiness: - path: /ejbca/publicweb/healthcheck/ejbcahealth - port: 8443 - initialDelaySeconds: 180 - periodSeconds: 30 - -service: - type: ClusterIP - both_tls_and_plain: true - ports: - - name: api - port: 8443 - plain_port: 8080 - port_protocol: http - -# Resource Limit flavor -By Default using small -flavor: unlimited -# Segregation for Different environment (Small and Large) -resources: - small: - limits: - cpu: 1500m - memory: 1536Mi - requests: - cpu: 10m - memory: 750Mi - large: - limits: - cpu: 2 - memory: 2Gi - requests: - cpu: 20m - memory: 1Gi - unlimited: {} - -#Pods Service Account -serviceAccount: - nameOverride: ejbca - roles: - - read diff --git a/kubernetes/contrib/components/netbox/.helmignore b/kubernetes/contrib/components/netbox/.helmignore deleted file mode 100755 index f0c1319444..0000000000 --- a/kubernetes/contrib/components/netbox/.helmignore +++ /dev/null @@ -1,21 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj diff --git a/kubernetes/contrib/components/netbox/Chart.yaml b/kubernetes/contrib/components/netbox/Chart.yaml deleted file mode 100755 index 2454db227b..0000000000 --- a/kubernetes/contrib/components/netbox/Chart.yaml +++ /dev/null @@ -1,37 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada -# Modifications Copyright © 2021 Orange -# Modifications Copyright © 2021 Nordix Foundation -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v2 -description: Netbox IPAM -name: netbox -version: 12.0.0 - -dependencies: - - name: common - version: ~12.x-0 - repository: '@local' - - name: repositoryGenerator - version: ~12.x-0 - repository: '@local' - - name: netbox-app - version: ~12.x-0 - repository: 'file://components/netbox-app' - - name: netbox-nginx - version: ~12.x-0 - repository: 'file://components/netbox-nginx' - - name: netbox-postgres - version: ~12.x-0 - repository: 'file://components/netbox-postgres'
\ No newline at end of file diff --git a/kubernetes/contrib/components/netbox/Makefile b/kubernetes/contrib/components/netbox/Makefile deleted file mode 100644 index ef273d0e9b..0000000000 --- a/kubernetes/contrib/components/netbox/Makefile +++ /dev/null @@ -1,58 +0,0 @@ -# Copyright © 2020 Samsung Electronics -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST)))) -OUTPUT_DIR := $(ROOT_DIR)/../dist -PACKAGE_DIR := $(OUTPUT_DIR)/packages -SECRET_DIR := $(OUTPUT_DIR)/secrets - -EXCLUDES := dist resources templates charts docker -HELM_BIN := helm -ifneq ($(SKIP_LINT),TRUE) - HELM_LINT_CMD := $(HELM_BIN) lint -else - HELM_LINT_CMD := echo "Skipping linting of" -endif - -HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.)))) - -.PHONY: $(EXCLUDES) $(HELM_CHARTS) - -all: $(HELM_CHARTS) - -$(HELM_CHARTS): - @echo "\n[$@]" - @make package-$@ - -make-%: - @if [ -f $*/Makefile ]; then make -C $*; fi - -dep-%: make-% - @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) dep up $*; fi - -lint-%: dep-% - @if [ -f $*/Chart.yaml ]; then $(HELM_LINT_CMD) $*; fi - -package-%: lint-% - @mkdir -p $(PACKAGE_DIR) - @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) package -d $(PACKAGE_DIR) $*; fi - @sleep 3 - #@$(HELM_BIN) repo index $(PACKAGE_DIR) - -clean: - @rm -f */Chart.lock - @rm -f *tgz */charts/*tgz - @rm -rf $(PACKAGE_DIR) -%: - @: diff --git a/kubernetes/contrib/components/netbox/components/Makefile b/kubernetes/contrib/components/netbox/components/Makefile deleted file mode 100644 index 79ba2fb47e..0000000000 --- a/kubernetes/contrib/components/netbox/components/Makefile +++ /dev/null @@ -1,58 +0,0 @@ -# Copyright © 2020 Samsung Electronics -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST)))) -OUTPUT_DIR := $(ROOT_DIR)/../../dist -PACKAGE_DIR := $(OUTPUT_DIR)/packages -SECRET_DIR := $(OUTPUT_DIR)/secrets - -EXCLUDES := -HELM_BIN := helm -ifneq ($(SKIP_LINT),TRUE) - HELM_LINT_CMD := $(HELM_BIN) lint -else - HELM_LINT_CMD := echo "Skipping linting of" -endif - -HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.)))) - -.PHONY: $(EXCLUDES) $(HELM_CHARTS) - -all: $(HELM_CHARTS) - -$(HELM_CHARTS): - @echo "\n[$@]" - @make package-$@ - -make-%: - @if [ -f $*/Makefile ]; then make -C $*; fi - -dep-%: make-% - @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) dep up $*; fi - -lint-%: dep-% - @if [ -f $*/Chart.yaml ]; then $(HELM_LINT_CMD) $*; fi - -package-%: lint-% - @mkdir -p $(PACKAGE_DIR) - @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) package -d $(PACKAGE_DIR) $*; fi - @sleep 3 - #@$(HELM_BIN) repo index $(PACKAGE_DIR) - -clean: - @rm -f */Chart.lock - @rm -f *tgz */charts/*tgz - @rm -rf $(PACKAGE_DIR) -%: - @: diff --git a/kubernetes/contrib/components/netbox/components/netbox-app/.helmignore b/kubernetes/contrib/components/netbox/components/netbox-app/.helmignore deleted file mode 100755 index f0c1319444..0000000000 --- a/kubernetes/contrib/components/netbox/components/netbox-app/.helmignore +++ /dev/null @@ -1,21 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj diff --git a/kubernetes/contrib/components/netbox/components/netbox-app/Chart.yaml b/kubernetes/contrib/components/netbox/components/netbox-app/Chart.yaml deleted file mode 100755 index 0bbe2d2e3c..0000000000 --- a/kubernetes/contrib/components/netbox/components/netbox-app/Chart.yaml +++ /dev/null @@ -1,31 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada -# Modifications Copyright © 2021 Orange -# Modifications Copyright © 2021 Nordix Foundation -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v2 -description: Netbox - Application (WSGI + Gunicorn) -name: netbox-app -version: 12.0.0 - -dependencies: - - name: common - version: ~12.x-0 - repository: '@local' - - name: repositoryGenerator - version: ~12.x-0 - repository: '@local' - - name: serviceAccount - version: ~12.x-0 - repository: '@local' diff --git a/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/configuration/configuration.py b/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/configuration/configuration.py deleted file mode 100755 index 7d704ae762..0000000000 --- a/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/configuration/configuration.py +++ /dev/null @@ -1,156 +0,0 @@ -import os -import socket - -# For reference see http://netbox.readthedocs.io/en/latest/configuration/mandatory-settings/ -# Based on https://github.com/digitalocean/netbox/blob/develop/netbox/netbox/configuration.example.py - -# Read secret from file -def read_secret(secret_name): - try: - f = open('/run/secrets/' + secret_name, 'r', encoding='utf-8') - except EnvironmentError: - return '' - else: - with f: - return f.readline().strip() - -BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) - -######################### -# # -# Required settings # -# # -######################### - -# This is a list of valid fully-qualified domain names (FQDNs) for the NetBox server. NetBox will not permit write -# access to the server via any other hostnames. The first FQDN in the list will be treated as the preferred name. -# -# Example: ALLOWED_HOSTS = ['netbox.example.com', 'netbox.internal.local'] -ALLOWED_HOSTS = os.environ.get('ALLOWED_HOSTS', socket.gethostname()).split(' ') - -# PostgreSQL database configuration. -DATABASE = { - 'NAME': os.environ.get('DB_NAME', 'netbox'), # Database name - 'USER': os.environ.get('DB_USER', ''), # PostgreSQL username - 'PASSWORD': os.environ.get('DB_PASSWORD', read_secret('db_password')), - # PostgreSQL password - 'HOST': os.environ.get('DB_HOST', 'localhost'), # Database server - 'PORT': os.environ.get('DB_PORT', ''), # Database port (leave blank for default) -} - -# This key is used for secure generation of random numbers and strings. It must never be exposed outside of this file. -# For optimal security, SECRET_KEY should be at least 50 characters in length and contain a mix of letters, numbers, and -# symbols. NetBox will not run without this defined. For more information, see -# https://docs.djangoproject.com/en/dev/ref/settings/#std:setting-SECRET_KEY -SECRET_KEY = os.environ.get('SECRET_KEY', read_secret('secret_key')) - -######################### -# # -# Optional settings # -# # -######################### - -# Specify one or more name and email address tuples representing NetBox administrators. These people will be notified of -# application errors (assuming correct email settings are provided). -ADMINS = [ - # ['John Doe', 'jdoe@example.com'], -] - -# Optionally display a persistent banner at the top and/or bottom of every page. HTML is allowed. To display the same -# content in both banners, define BANNER_TOP and set BANNER_BOTTOM = BANNER_TOP. -BANNER_TOP = os.environ.get('BANNER_TOP', '') -BANNER_BOTTOM = os.environ.get('BANNER_BOTTOM', '') - -# Text to include on the login page above the login form. HTML is allowed. -BANNER_LOGIN = os.environ.get('BANNER_LOGIN', '') - -# Base URL path if accessing NetBox within a directory. For example, if installed at http://example.com/netbox/, set: -# BASE_PATH = 'netbox/' -BASE_PATH = os.environ.get('BASE_PATH', '') - -# API Cross-Origin Resource Sharing (CORS) settings. If CORS_ORIGIN_ALLOW_ALL is set to True, all origins will be -# allowed. Otherwise, define a list of allowed origins using either CORS_ORIGIN_WHITELIST or -# CORS_ORIGIN_REGEX_WHITELIST. For more information, see https://github.com/ottoyiu/django-cors-headers -CORS_ORIGIN_ALLOW_ALL = os.environ.get('CORS_ORIGIN_ALLOW_ALL', 'False').lower() == 'true' -CORS_ORIGIN_WHITELIST = os.environ.get('CORS_ORIGIN_WHITELIST', '').split(' ') -CORS_ORIGIN_REGEX_WHITELIST = [ - # r'^(https?://)?(\w+\.)?example\.com$', -] - -# Set to True to enable server debugging. WARNING: Debugging introduces a substantial performance penalty and may reveal -# sensitive information about your installation. Only enable debugging while performing testing. Never enable debugging -# on a production system. -DEBUG = os.environ.get('DEBUG', 'False').lower() == 'true' - -# Email settings -EMAIL = { - 'SERVER': os.environ.get('EMAIL_SERVER', 'localhost'), - 'PORT': int(os.environ.get('EMAIL_PORT', 25)), - 'USERNAME': os.environ.get('EMAIL_USERNAME', ''), - 'PASSWORD': os.environ.get('EMAIL_PASSWORD', read_secret('email_password')), - 'TIMEOUT': int(os.environ.get('EMAIL_TIMEOUT', 10)), # seconds - 'FROM_EMAIL': os.environ.get('EMAIL_FROM', ''), -} - -# Enforcement of unique IP space can be toggled on a per-VRF basis. -# To enforce unique IP space within the global table (all prefixes and IP addresses not assigned to a VRF), -# set ENFORCE_GLOBAL_UNIQUE to True. -ENFORCE_GLOBAL_UNIQUE = os.environ.get('ENFORCE_GLOBAL_UNIQUE', 'False').lower() == 'true' - -# Enable custom logging. Please see the Django documentation for detailed guidance on configuring custom logs: -# https://docs.djangoproject.com/en/1.11/topics/logging/ -LOGGING = {} - -# Setting this to True will permit only authenticated users to access any part of NetBox. By default, anonymous users -# are permitted to access most data in NetBox (excluding secrets) but not make any changes. -LOGIN_REQUIRED = os.environ.get('LOGIN_REQUIRED', 'False').lower() == 'true' - -# Base URL path if accessing NetBox within a directory. For example, if installed at http://example.com/netbox/, set: -# BASE_PATH = 'netbox/' -BASE_PATH = os.environ.get('BASE_PATH', '') - -# Setting this to True will display a "maintenance mode" banner at the top of every page. -MAINTENANCE_MODE = os.environ.get('MAINTENANCE_MODE', 'False').lower() == 'true' - -# An API consumer can request an arbitrary number of objects =by appending the "limit" parameter to the URL (e.g. -# "?limit=1000"). This setting defines the maximum limit. Setting it to 0 or None will allow an API consumer to request -# all objects by specifying "?limit=0". -MAX_PAGE_SIZE = int(os.environ.get('MAX_PAGE_SIZE', 1000)) - -# The file path where uploaded media such as image attachments are stored. A trailing slash is not needed. Note that -# the default value of this setting is derived from the installed location. -MEDIA_ROOT = os.environ.get('MEDIA_ROOT', os.path.join(BASE_DIR, 'media')) - -# Credentials that NetBox will use to access live devices. -NAPALM_USERNAME = os.environ.get('NAPALM_USERNAME', '') -NAPALM_PASSWORD = os.environ.get('NAPALM_PASSWORD', read_secret('napalm_password')) - -# NAPALM timeout (in seconds). (Default: 30) -NAPALM_TIMEOUT = int(os.environ.get('NAPALM_TIMEOUT', 30)) - -# NAPALM optional arguments (see http://napalm.readthedocs.io/en/latest/support/#optional-arguments). Arguments must -# be provided as a dictionary. -NAPALM_ARGS = {} - -# Determine how many objects to display per page within a list. (Default: 50) -PAGINATE_COUNT = int(os.environ.get('PAGINATE_COUNT', 50)) - -# When determining the primary IP address for a device, IPv6 is preferred over IPv4 by default. Set this to True to -# prefer IPv4 instead. -PREFER_IPV4 = os.environ.get('PREFER_IPV4', 'False').lower() == 'true' - -# The file path where custom reports will be stored. A trailing slash is not needed. Note that the default value of -# this setting is derived from the installed location. -REPORTS_ROOT = os.environ.get('REPORTS_ROOT', '/etc/netbox/reports') - -# Time zone (default: UTC) -TIME_ZONE = os.environ.get('TIME_ZONE', 'UTC') - -# Date/time formatting. See the following link for supported formats: -# https://docs.djangoproject.com/en/dev/ref/templates/builtins/#date -DATE_FORMAT = os.environ.get('DATE_FORMAT', 'N j, Y') -SHORT_DATE_FORMAT = os.environ.get('SHORT_DATE_FORMAT', 'Y-m-d') -TIME_FORMAT = os.environ.get('TIME_FORMAT', 'g:i a') -SHORT_TIME_FORMAT = os.environ.get('SHORT_TIME_FORMAT', 'H:i:s') -DATETIME_FORMAT = os.environ.get('DATETIME_FORMAT', 'N j, Y g:i a') -SHORT_DATETIME_FORMAT = os.environ.get('SHORT_DATETIME_FORMAT', 'Y-m-d H:i') diff --git a/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/configuration/gunicorn_config.py b/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/configuration/gunicorn_config.py deleted file mode 100755 index c7d9f7b725..0000000000 --- a/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/configuration/gunicorn_config.py +++ /dev/null @@ -1,8 +0,0 @@ -command = '/usr/bin/gunicorn' -pythonpath = '/opt/netbox/netbox' -bind = '0.0.0.0:{{ .Values.service.internalPort }}' -workers = 3 -errorlog = '-' -accesslog = '-' -capture_output = False -loglevel = 'debug' diff --git a/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/configuration/ldap_config.py b/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/configuration/ldap_config.py deleted file mode 100755 index c7e0d3bee9..0000000000 --- a/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/configuration/ldap_config.py +++ /dev/null @@ -1,55 +0,0 @@ -import ldap -import os - -from django_auth_ldap.config import LDAPSearch, GroupOfNamesType - -# Server URI -AUTH_LDAP_SERVER_URI = os.environ.get('AUTH_LDAP_SERVER_URI', '') - -# The following may be needed if you are binding to Active Directory. -AUTH_LDAP_CONNECTION_OPTIONS = { - ldap.OPT_REFERRALS: 0 -} - -# Set the DN and password for the NetBox service account. -AUTH_LDAP_BIND_DN = os.environ.get('AUTH_LDAP_BIND_DN', '') -AUTH_LDAP_BIND_PASSWORD = os.environ.get('AUTH_LDAP_BIND_PASSWORD', '') - -# Include this setting if you want to ignore certificate errors. This might be needed to accept a self-signed cert. -# Note that this is a NetBox-specific setting which sets: -# ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_NEVER) -LDAP_IGNORE_CERT_ERRORS = os.environ.get('LDAP_IGNORE_CERT_ERRORS', 'False').lower() == 'true' - -AUTH_LDAP_USER_SEARCH = LDAPSearch(os.environ.get('AUTH_LDAP_USER_SEARCH_BASEDN', ''), - ldap.SCOPE_SUBTREE, - "(sAMAccountName=%(user)s)") - -# This search ought to return all groups to which the user belongs. django_auth_ldap uses this to determine group -# heirarchy. -AUTH_LDAP_GROUP_SEARCH = LDAPSearch(os.environ.get('AUTH_LDAP_GROUP_SEARCH_BASEDN', ''), ldap.SCOPE_SUBTREE, - "(objectClass=group)") -AUTH_LDAP_GROUP_TYPE = GroupOfNamesType() - -# Define a group required to login. -AUTH_LDAP_REQUIRE_GROUP = os.environ.get('AUTH_LDAP_REQUIRE_GROUP_DN', '') - -# Define special user types using groups. Exercise great caution when assigning superuser status. -AUTH_LDAP_USER_FLAGS_BY_GROUP = { - "is_active": os.environ.get('AUTH_LDAP_REQUIRE_GROUP_DN', ''), - "is_staff": os.environ.get('AUTH_LDAP_IS_ADMIN_DN', ''), - "is_superuser": os.environ.get('AUTH_LDAP_IS_SUPERUSER_DN', '') -} - -# For more granular permissions, we can map LDAP groups to Django groups. -AUTH_LDAP_FIND_GROUP_PERMS = os.environ.get('AUTH_LDAP_FIND_GROUP_PERMS', 'True').lower() == 'true' - -# Cache groups for one hour to reduce LDAP traffic -AUTH_LDAP_CACHE_GROUPS = os.environ.get('AUTH_LDAP_CACHE_GROUPS', 'True').lower() == 'true' -AUTH_LDAP_GROUP_CACHE_TIMEOUT = int(os.environ.get('AUTH_LDAP_CACHE_GROUPS', 3600)) - -# Populate the Django user from the LDAP directory. -AUTH_LDAP_USER_ATTR_MAP = { - "first_name": os.environ.get('AUTH_LDAP_ATTR_FIRSTNAME', 'givenName'), - "last_name": os.environ.get('AUTH_LDAP_ATTR_LASTNAME', 'sn'), - "email": os.environ.get('AUTH_LDAP_ATTR_MAIL', 'mail') -} diff --git a/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/initializers/custom_fields.yml b/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/initializers/custom_fields.yml deleted file mode 100755 index 05bbfc7738..0000000000 --- a/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/initializers/custom_fields.yml +++ /dev/null @@ -1,18 +0,0 @@ -external-key: - description: "The external-key uniquely identify the resources to a service within ONAP." - filterable: true - label: ONAP external key - on_objects: - - ipam.models.IPAddress - required: true - type: text - weight: 0 -resource-name: - description: "The resource-name of the element using this IP." - filterable: true - label: ONAP resource name - on_objects: - - ipam.models.IPAddress - required: true - type: text - weight: 0
\ No newline at end of file diff --git a/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/initializers/groups.yml b/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/initializers/groups.yml deleted file mode 100755 index 1f4a5a7a6e..0000000000 --- a/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/initializers/groups.yml +++ /dev/null @@ -1,9 +0,0 @@ -# applications: -# users: -# - technical_user -# readers: -# users: -# - reader -# writers: -# users: -# - writer diff --git a/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/initializers/users.yml b/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/initializers/users.yml deleted file mode 100755 index 77d330beac..0000000000 --- a/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/initializers/users.yml +++ /dev/null @@ -1,9 +0,0 @@ -onap: - first_name: Steve - last_name: McQueen - email: steve.mcqueen@onap.org - password: onap123$ - api_token: onceuponatimeiplayedwithnetbox20180814 # This API KEY is used by SDNC, if you edit it, make sure to change it in the netbox.properties file - is_staff: true # whether user is admin or not, default = false - is_active: true # whether user is active, default = true - is_superuser: true # Whether user has all edit rights or not, default = false
\ No newline at end of file diff --git a/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/provisioning/provision.sh b/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/provisioning/provision.sh deleted file mode 100755 index 984801decb..0000000000 --- a/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/provisioning/provision.sh +++ /dev/null @@ -1,136 +0,0 @@ -#!/bin/sh - -# Create region - -echo "Create region: RegionOne" -curl --silent -X POST \ - http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/dcim/regions/ \ - -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \ - -H 'Content-Type: application/json' \ - -d '{ - "name": "RegionOne", - "slug": "RegionOne" -}' - -# Create tenant group - -echo "Create tenant group: ONAP group" -curl --silent -X POST \ - http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/tenancy/tenant-groups/ \ - -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \ - -H 'Content-Type: application/json' \ - -d '{ - "name": "ONAP group", - "slug": "onap-group" -}' - -# Create tenant - -echo "Create tenant ONAP in ONAP group" -curl --silent -X POST \ - http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/tenancy/tenants/ \ - -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \ - -H 'Content-Type: application/json' \ - -d '{ - "name": "ONAP", - "slug": "onap", - "group": 1, - "description": "ONAP tenant", - "comments": "Tenant for ONAP demo use cases" -}' - -# Create site - -echo "Create ONAP demo site: Montreal Lab" -curl --silent -X POST \ - http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/dcim/sites/ \ - -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \ - -H 'Content-Type: application/json' \ - -d '{ - "name": "Montreal Lab D3", - "slug": "mtl-lab-d3", - "region": 1, - "tenant": 1, - "facility": "Campus", - "time_zone": "Canada/Atlantic", - "description": "Site hosting the ONAP use cases", - "physical_address": "1 Graham Bell", - "shipping_address": "1 Graham Bell", - "contact_name": "Alexis", - "contact_phone": "0000000000", - "contact_email": "adetalhouet89@gmail.com", - "comments": "ONAP lab" -}' - -# Create prefixes - -echo "Create Prefix for vFW protected network" -curl --silent -X POST \ - http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/ipam/prefixes/ \ - -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \ - -H 'Content-Type: application/json' \ - -d '{ - "prefix": "{{ .Values.service.private2 }}", - "site": 1, - "tenant": 1, - "is_pool": false, - "description": "IP Pool for private network 2" -}' - -echo "Create Prefix for vFW unprotected network" -curl --silent -X POST \ - http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/ipam/prefixes/ \ - -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \ - -H 'Content-Type: application/json' \ - -d '{ - "prefix": "{{ .Values.service.private1 }}", - "site": 1, - "tenant": 1, - "is_pool": false, - "description": "IP Pool for private network 1" -}' - -echo "Create Prefix for ONAP general purpose network" -curl --silent -X POST \ - http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/ipam/prefixes/ \ - -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \ - -H 'Content-Type: application/json' \ - -d '{ - "prefix": "{{ .Values.service.management }}", - "site": 1, - "tenant": 1, - "is_pool": false, - "description": "IP Pool for ONAP - general purpose" -}' - -# Reserve ports, gateway and dhcp, for each protected and unprotected networks. - -curl --silent -X POST \ - http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/ipam/prefixes/1/available-ips/ \ - -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \ - -H 'Content-Type: application/json' - -curl --silent -X POST \ - http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/ipam/prefixes/1/available-ips/ \ - -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \ - -H 'Content-Type: application/json' - -curl --silent -X POST \ - http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/ipam/prefixes/2/available-ips/ \ - -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \ - -H 'Content-Type: application/json' - -curl --silent -X POST \ - http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/ipam/prefixes/2/available-ips/ \ - -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \ - -H 'Content-Type: application/json' - -curl --silent -X POST \ - http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/ipam/prefixes/3/available-ips/ \ - -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \ - -H 'Content-Type: application/json' - -curl --silent -X POST \ - http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/ipam/prefixes/3/available-ips/ \ - -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \ - -H 'Content-Type: application/json' diff --git a/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/startup_scripts/00_users.py b/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/startup_scripts/00_users.py deleted file mode 100755 index 7626058357..0000000000 --- a/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/startup_scripts/00_users.py +++ /dev/null @@ -1,26 +0,0 @@ -from django.contrib.auth.models import Group, User -from users.models import Token - -from ruamel.yaml import YAML - -with open('/opt/netbox/initializers/users.yml', 'r') as stream: - yaml=YAML(typ='safe') - users = yaml.load(stream) - - if users is not None: - for username, user_details in users.items(): - if not User.objects.filter(username=username): - user = User.objects.create_user( - username = username, - password = user_details.get('password', 0) or User.objects.make_random_password, - is_staff = user_details.get('is_staff', 0) or false, - is_superuser = user_details.get('is_superuser', 0) or false, - is_active = user_details.get('is_active', 0) or true, - first_name = user_details.get('first_name', 0), - last_name = user_details.get('last_name', 0), - email = user_details.get('email', 0)) - - print("👤 Created user ",username) - - if user_details.get('api_token', 0): - Token.objects.create(user=user, key=user_details['api_token'])
\ No newline at end of file diff --git a/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/startup_scripts/10_groups.py b/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/startup_scripts/10_groups.py deleted file mode 100755 index 7932874704..0000000000 --- a/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/startup_scripts/10_groups.py +++ /dev/null @@ -1,19 +0,0 @@ -from django.contrib.auth.models import Group, User -from ruamel.yaml import YAML - -with open('/opt/netbox/initializers/groups.yml', 'r') as stream: - yaml=YAML(typ='safe') - groups = yaml.load(stream) - - if groups is not None: - for groupname, group_details in groups.items(): - group, created = Group.objects.get_or_create(name=groupname) - - if created: - print("👥 Created group", groupname) - - for username in group_details['users']: - user = User.objects.get(username=username) - - if user: - user.groups.add(group) diff --git a/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/startup_scripts/20_custom_fields.py b/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/startup_scripts/20_custom_fields.py deleted file mode 100755 index 5c40e37bf2..0000000000 --- a/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/startup_scripts/20_custom_fields.py +++ /dev/null @@ -1,68 +0,0 @@ -from extras.constants import CF_TYPE_TEXT, CF_TYPE_INTEGER, CF_TYPE_BOOLEAN, CF_TYPE_DATE, CF_TYPE_URL, CF_TYPE_SELECT -from extras.models import CustomField, CustomFieldChoice - -from ruamel.yaml import YAML - -text_to_fields = { - 'boolean': CF_TYPE_BOOLEAN, - 'date': CF_TYPE_DATE, - 'integer': CF_TYPE_INTEGER, - 'selection': CF_TYPE_SELECT, - 'text': CF_TYPE_TEXT, - 'url': CF_TYPE_URL, -} - -def get_class_for_class_path(class_path): - import importlib - from django.contrib.contenttypes.models import ContentType - - module_name, class_name = class_path.rsplit(".", 1) - module = importlib.import_module(module_name) - clazz = getattr(module, class_name) - return ContentType.objects.get_for_model(clazz) - -with open('/opt/netbox/initializers/custom_fields.yml', 'r') as stream: - yaml = YAML(typ='safe') - customfields = yaml.load(stream) - - if customfields is not None: - for cf_name, cf_details in customfields.items(): - custom_field, created = CustomField.objects.get_or_create(name = cf_name) - - if created: - if cf_details.get('default', 0): - custom_field.default = cf_details['default'] - - if cf_details.get('description', 0): - custom_field.description = cf_details['description'] - - if cf_details.get('filterable', 0): - custom_field.is_filterables = cf_details['filterable'] - - if cf_details.get('label', 0): - custom_field.label = cf_details['label'] - - for object_type in cf_details.get('on_objects', []): - custom_field.obj_type.add(get_class_for_class_path(object_type)) - - if cf_details.get('required', 0): - custom_field.required = cf_details['required'] - - if cf_details.get('type', 0): - custom_field.type = text_to_fields[cf_details['type']] - - if cf_details.get('weight', 0): - custom_field.weight = cf_details['weight'] - - custom_field.save() - - for choice_details in cf_details.get('choices', []): - choice = CustomFieldChoice.objects.create( - field=custom_field, - value=choice_details['value']) - - if choice_details.get('weight', 0): - choice.weight = choice_details['weight'] - choice.save() - - print("🔧 Created custom field", cf_name) diff --git a/kubernetes/contrib/components/netbox/components/netbox-app/templates/NOTES.txt b/kubernetes/contrib/components/netbox/components/netbox-app/templates/NOTES.txt deleted file mode 100755 index e70c418864..0000000000 --- a/kubernetes/contrib/components/netbox/components/netbox-app/templates/NOTES.txt +++ /dev/null @@ -1,33 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -1. Get the application URL by running these commands: -{{- if .Values.ingress.enabled }} -{{- range .Values.ingress.hosts }} - http://{{ . }} -{{- end }} -{{- else if contains "NodePort" .Values.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.fullname" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT -{{- else if contains "LoadBalancer" .Values.service.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get svc -w {{ include "common.fullname" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - echo http://$SERVICE_IP:{{ .Values.service.externalPort }} -{{- else if contains "ClusterIP" .Values.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.fullname" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - echo "Visit http://127.0.0.1:8080 to use your application" - kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} -{{- end }} diff --git a/kubernetes/contrib/components/netbox/components/netbox-app/templates/configmap.yaml b/kubernetes/contrib/components/netbox/components/netbox-app/templates/configmap.yaml deleted file mode 100755 index f785478e1b..0000000000 --- a/kubernetes/contrib/components/netbox/components/netbox-app/templates/configmap.yaml +++ /dev/null @@ -1,47 +0,0 @@ -{{/* -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-provisioning-configmap - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/config/provisioning/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-configuration-configmap - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/config/configuration/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-initializers-configmap - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/config/initializers/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-startupscripts-configmap - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/config/startup_scripts/*").AsConfig . | indent 2 }} diff --git a/kubernetes/contrib/components/netbox/components/netbox-app/templates/deployment.yaml b/kubernetes/contrib/components/netbox/components/netbox-app/templates/deployment.yaml deleted file mode 100755 index 04abfc26ae..0000000000 --- a/kubernetes/contrib/components/netbox/components/netbox-app/templates/deployment.yaml +++ /dev/null @@ -1,158 +0,0 @@ -{{/* -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - replicas: {{ .Values.replicaCount }} - selector: - matchLabels: - app: {{ include "common.name" . }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} - spec: - containers: - - name: {{ include "common.name" . }} - image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - ports: - - containerPort: {{ .Values.service.internalPort }} - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container - {{ if .Values.liveness.enabled }} - livenessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - {{ end }} - readinessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - env: - - name: DB_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }}-pass - key: DB_PASSWORD - - name: EMAIL_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }}-pass - key: EMAIL_PASSWORD - - name: NAPALM_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }}-pass - key: NAPALM_PASSWORD - - name: SECRET_KEY - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }}-pass - key: SECRET_KEY - - name: SUPERUSER_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }}-pass - key: SUPERUSER_PASSWORD - - name: SUPERUSER_API_TOKEN - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }}-pass - key: SUPERUSER_API_TOKEN - - name: ALLOWED_HOSTS - value: {{ .Values.config.allowedHosts | quote }} - - name: DB_NAME - value: {{ .Values.config.dbName }} - - name: DB_USER - value: {{ .Values.config.dbUser }} - - name: DB_HOST - value: {{ .Values.config.dbHost }} - - name: EMAIL_SERVER - value: {{ .Values.config.emailServer }} - - name: EMAIL_PORT - value: {{ .Values.config.emailPort | quote }} - - name: EMAIL_USERNAME - value: {{ .Values.config.emailUsername }} - - name: EMAIL_TIMEOUT - value: {{ .Values.config.emailTimeout | quote }} - - name: EMAIL_FROM - value: {{ .Values.config.emailFrom }} - - name: MEDIA_ROOT - value: {{ .Values.config.mediaRoot }} - - name: NAPALM_USERNAME - value: {{ .Values.config.napalmUsername }} - - name: NAPALM_TIMEOUT - value: {{ .Values.config.napalmTimeout | quote }} - - name: MAX_PAGE_SIZE - value: {{ .Values.config.maxPageSize | quote }} - - name: SUPERUSER_NAME - value: {{ .Values.config.superuserName }} - - name: SUPERUSER_EMAIL - value: {{ .Values.config.superuserEmail }} - volumeMounts: - - mountPath: /etc/localtime - name: localtime - readOnly: true - - mountPath: /opt/netbox/startup_scripts - name: {{ include "common.fullname" . }}-startupscripts-config - - mountPath: /opt/netbox/initializers - name: {{ include "common.fullname" . }}-initializers-config - - mountPath: /etc/netbox/config - name: {{ include "common.fullname" . }}-configuration-config - - name: {{ include "common.fullname" . }} - mountPath: /opt/netbox/netbox/static - resources: {{ include "common.resources" . | nindent 10 }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 10 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 10 }} - {{- end }} - serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} - volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name: {{ include "common.fullname" . }} - persistentVolumeClaim: - claimName: {{ include "common.release" . }}-{{ .Values.persistence.staticPvName }} - - name: {{ include "common.fullname" . }}-startupscripts-config - configMap: - name: {{ include "common.fullname" . }}-startupscripts-configmap - - name: {{ include "common.fullname" . }}-initializers-config - configMap: - name: {{ include "common.fullname" . }}-initializers-configmap - - name: {{ include "common.fullname" . }}-configuration-config - configMap: - name: {{ include "common.fullname" . }}-configuration-configmap - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/contrib/components/netbox/components/netbox-app/templates/job.yaml b/kubernetes/contrib/components/netbox/components/netbox-app/templates/job.yaml deleted file mode 100644 index 3b367a3d4a..0000000000 --- a/kubernetes/contrib/components/netbox/components/netbox-app/templates/job.yaml +++ /dev/null @@ -1,67 +0,0 @@ -{{/* -# Copyright © 2018 Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: batch/v1 -kind: Job -metadata: - name: {{ include "common.fullname" . }}-provisioning - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }}-job - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - backoffLimit: 5 - template: - metadata: - labels: - app: {{ include "common.name" . }}-provisioning-job - release: {{ include "common.release" . }} - spec: - restartPolicy: Never - initContainers: - - name: {{ include "common.name" . }}-init-readiness - image: {{ include "repositoryGenerator.image.readiness" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: - - /app/ready.py - args: - - --container-name - - netbox-app - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - containers: - - name: {{ include "common.name" . }}-provisioning-job - image: {{ include "repositoryGenerator.image.curl" . }} - volumeMounts: - - name: {{ include "common.fullname" . }}-provisioning - mountPath: /tmp - command: - - /bin/sh - - ./tmp/provision.sh - volumes: - - name: {{ include "common.fullname" . }}-provisioning - configMap: - name: {{ include "common.fullname" . }}-provisioning-configmap - defaultMode: 0755 - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" - restartPolicy: Never diff --git a/kubernetes/contrib/components/netbox/components/netbox-app/templates/pv.yaml b/kubernetes/contrib/components/netbox/components/netbox-app/templates/pv.yaml deleted file mode 100755 index a61217fb94..0000000000 --- a/kubernetes/contrib/components/netbox/components/netbox-app/templates/pv.yaml +++ /dev/null @@ -1,40 +0,0 @@ -{{/* -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} -{{- if not .Values.persistence.storageClass -}} -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }}-data - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ include "common.release" . }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }} -spec: - capacity: - storage: {{ .Values.persistence.size}} - accessModes: - - {{ .Values.persistence.accessMode }} - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} - storageClassName: "{{ include "common.fullname" . }}-data" - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ include "common.release" . }}/{{ .Values.persistence.mountSubPath }}/app -{{- end -}} -{{- end -}} diff --git a/kubernetes/contrib/components/netbox/components/netbox-app/templates/pvc.yaml b/kubernetes/contrib/components/netbox/components/netbox-app/templates/pvc.yaml deleted file mode 100755 index 7e25a0f1ef..0000000000 --- a/kubernetes/contrib/components/netbox/components/netbox-app/templates/pvc.yaml +++ /dev/null @@ -1,39 +0,0 @@ -{{/* -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: {{ include "common.release" . }}-{{ .Values.persistence.staticPvName }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ include "common.release" . }}" - heritage: "{{ .Release.Service }}" - {{- if .Values.persistence.annotations }} - annotations: -{{ .Values.persistence.annotations | indent 4 }} - {{- end }} -spec: - accessModes: - - {{ .Values.persistence.accessMode }} - resources: - requests: - storage: {{ .Values.persistence.size }} - storageClassName: {{ include "common.storageClass" . }} -{{- end -}} diff --git a/kubernetes/contrib/components/netbox/components/netbox-app/templates/secrets.yaml b/kubernetes/contrib/components/netbox/components/netbox-app/templates/secrets.yaml deleted file mode 100755 index c06bc5a333..0000000000 --- a/kubernetes/contrib/components/netbox/components/netbox-app/templates/secrets.yaml +++ /dev/null @@ -1,34 +0,0 @@ -{{/* -# Copyright © 2018 Bell Canada, Amdocs -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.fullname" . }}-pass - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -type: Opaque -data: - DB_PASSWORD: {{ .Values.config.dbPassword | b64enc | quote }} - EMAIL_PASSWORD: {{ .Values.config.emailPassword | b64enc | quote }} - NAPALM_PASSWORD: {{ .Values.config.napalmPassword | b64enc | quote }} - SECRET_KEY: {{ .Values.config.secretKey | b64enc | quote }} - SUPERUSER_PASSWORD: {{ .Values.config.superuserPassword | b64enc | quote }} - SUPERUSER_API_TOKEN: {{ .Values.config.superuserAPIToken | b64enc | quote }}
\ No newline at end of file diff --git a/kubernetes/contrib/components/netbox/components/netbox-app/templates/service.yaml b/kubernetes/contrib/components/netbox/components/netbox-app/templates/service.yaml deleted file mode 100755 index 74d1116f50..0000000000 --- a/kubernetes/contrib/components/netbox/components/netbox-app/templates/service.yaml +++ /dev/null @@ -1,42 +0,0 @@ -{{/* -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} - annotations: -spec: - type: {{ .Values.service.type }} - ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.internalPort }} - name: {{ include "common.name" . }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - {{- else -}} - - port: {{ .Values.service.externalPort }} - name: {{ include "common.name" . }} - targetPort: {{ .Values.service.internalPort }} - {{- end}} - selector: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} diff --git a/kubernetes/contrib/components/netbox/components/netbox-app/values.yaml b/kubernetes/contrib/components/netbox/components/netbox-app/values.yaml deleted file mode 100755 index 27cd811ec1..0000000000 --- a/kubernetes/contrib/components/netbox/components/netbox-app/values.yaml +++ /dev/null @@ -1,120 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -global: # global defaults - nodePortPrefixExt: 304 - persistence: {} - -config: - # Secrets configuration values - dbPassword: J5brHrAXFLQSif0K - emailPassword: password - napalmPassword: password - secretKey: r8OwDznj!!dci#P9ghmRfdu1Ysxm0AiPeDCQhKE+N_rClfWNj - superuserPassword: admin - superuserAPIToken: 0123456789abcdef0123456789abcdef01234567 - - # Remaining environment configuration values - allowedHosts: "*" - dbName: netbox - dbUser: netbox - dbHost: netbox-postgres - emailServer: localhost - emailPort: 25 - emailUsername: netbox - emailTimeout: 5 - emailFrom: netbox@bar.com - mediaRoot: /opt/netbox/netbox/media - napalmUsername: napalm - napalmTimeout: 10 - maxPageSize: 0 - superuserName: admin - superuserEmail: admin@onap.org - -image: netboxcommunity/netbox:v2.5.8 - -# probe configuration parameters -liveness: - initialDelaySeconds: 10 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: false - -readiness: - initialDelaySeconds: 30 - periodSeconds: 10 - -service: - type: ClusterIP - name: netbox-app - externalPort: 8001 - internalPort: 8001 - portName: netbox-app - - # The following subnet pool will be - # configured in Netbox by provisioning script. - private1: 192.168.10.0/24 - private2: 192.168.20.0/24 - management: 10.0.101.0/24 - -ingress: - enabled: false - -# default number of instances -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -## Persist data to a persitent volume -persistence: - enabled: true - volumeReclaimPolicy: Retain - accessMode: ReadWriteMany - size: 100Mi - - # Uncomment the storageClass parameter to use an existing PV - # that will match the following class. - # When uncomment the storageClass, the PV is not created anymore. - - # storageClass: "nfs-dev-sc" - - staticPvName: netbox-static - - # When using storage class, mountPath and mountSubPath are - # simply ignored. - - mountPath: /dockerdata-nfs - mountSubPath: netbox/app - -# probe configuration parameters -liveness: - initialDelaySeconds: 10 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true -readiness: - initialDelaySeconds: 10 - periodSeconds: 10 - -resources: {} - -#Pods Service Account -serviceAccount: - nameOverride: netbox-app - roles: - - read diff --git a/kubernetes/contrib/components/netbox/components/netbox-nginx/.helmignore b/kubernetes/contrib/components/netbox/components/netbox-nginx/.helmignore deleted file mode 100755 index f0c1319444..0000000000 --- a/kubernetes/contrib/components/netbox/components/netbox-nginx/.helmignore +++ /dev/null @@ -1,21 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj diff --git a/kubernetes/contrib/components/netbox/components/netbox-nginx/Chart.yaml b/kubernetes/contrib/components/netbox/components/netbox-nginx/Chart.yaml deleted file mode 100755 index 3d5987928b..0000000000 --- a/kubernetes/contrib/components/netbox/components/netbox-nginx/Chart.yaml +++ /dev/null @@ -1,31 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada -# Modifications Copyright © 2021 Orange -# Modifications Copyright © 2021 Nordix Foundation -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v2 -description: Netbox - Nginx web server -name: netbox-nginx -version: 12.0.0 - -dependencies: - - name: common - version: ~12.x-0 - repository: '@local' - - name: repositoryGenerator - version: ~12.x-0 - repository: '@local' - - name: serviceAccount - version: ~12.x-0 - repository: '@local' diff --git a/kubernetes/contrib/components/netbox/components/netbox-nginx/resources/config/nginx.conf b/kubernetes/contrib/components/netbox/components/netbox-nginx/resources/config/nginx.conf deleted file mode 100755 index 2ef2aca3a1..0000000000 --- a/kubernetes/contrib/components/netbox/components/netbox-nginx/resources/config/nginx.conf +++ /dev/null @@ -1,34 +0,0 @@ -worker_processes 1; - -events { - worker_connections 1024; -} - -http { - include /etc/nginx/mime.types; - default_type application/octet-stream; - sendfile on; - tcp_nopush on; - keepalive_timeout 65; - gzip on; - server_tokens off; - client_max_body_size 10M; - - server { - listen {{ .Values.service.internalPort }}; - server_name {{ .Values.service.portName }}; - access_log off; - - location /static/ { - alias /opt/netbox/netbox/static/; - } - - location / { - proxy_pass http://netbox-app:8001; - proxy_set_header X-Forwarded-Host $http_host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-Proto $scheme; - add_header P3P 'CP="ALL DSP COR PSAa PSDa OUR NOR ONL UNI COM NAV"'; - } - } -} diff --git a/kubernetes/contrib/components/netbox/components/netbox-nginx/templates/NOTES.txt b/kubernetes/contrib/components/netbox/components/netbox-nginx/templates/NOTES.txt deleted file mode 100755 index bd74a42cd5..0000000000 --- a/kubernetes/contrib/components/netbox/components/netbox-nginx/templates/NOTES.txt +++ /dev/null @@ -1,33 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -1. Get the application URL by running these commands: -{{- if .Values.ingress.enabled }} -{{- range .Values.ingress.hosts }} - http://{{ . }} -{{- end }} -{{- else if contains "NodePort" .Values.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT -{{- else if contains "LoadBalancer" .Values.service.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - echo http://$SERVICE_IP:{{ .Values.service.externalPort }} -{{- else if contains "ClusterIP" .Values.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - echo "Visit http://127.0.0.1:8080 to use your application" - kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} -{{- end }} diff --git a/kubernetes/contrib/components/netbox/components/netbox-nginx/templates/configmap.yaml b/kubernetes/contrib/components/netbox/components/netbox-nginx/templates/configmap.yaml deleted file mode 100755 index 26242be8e2..0000000000 --- a/kubernetes/contrib/components/netbox/components/netbox-nginx/templates/configmap.yaml +++ /dev/null @@ -1,23 +0,0 @@ -{{/* -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-config-configmap - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} diff --git a/kubernetes/contrib/components/netbox/components/netbox-nginx/templates/deployment.yaml b/kubernetes/contrib/components/netbox/components/netbox-nginx/templates/deployment.yaml deleted file mode 100755 index 252ba685b6..0000000000 --- a/kubernetes/contrib/components/netbox/components/netbox-nginx/templates/deployment.yaml +++ /dev/null @@ -1,75 +0,0 @@ -{{/* -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - replicas: {{ .Values.replicaCount }} - selector: - matchLabels: - app: {{ include "common.name" . }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} - spec: - containers: - - name: {{ include "common.name" . }} - image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: ["nginx"] - args: ["-c", "/etc/netbox-nginx/nginx.conf","-g", "daemon off;"] - ports: - - containerPort: {{ .Values.service.internalPort }} - volumeMounts: - - mountPath: /etc/localtime - name: localtime - readOnly: true - - name: {{ include "common.fullname" . }} - mountPath: /opt/netbox/netbox/static - - name: {{ include "common.fullname" . }}-config - mountPath: /etc/netbox-nginx - resources: {{ include "common.resources" . | nindent 10 }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 10 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 10 }} - {{- end }} - serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} - volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name: {{ include "common.fullname" . }}-config - configMap: - name: {{ include "common.fullname" . }}-config-configmap - - name: {{ include "common.fullname" . }} - persistentVolumeClaim: - claimName: {{ include "common.release" . }}-{{ .Values.persistence.staticPvName }} - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/contrib/components/netbox/components/netbox-nginx/templates/service.yaml b/kubernetes/contrib/components/netbox/components/netbox-nginx/templates/service.yaml deleted file mode 100755 index c01612e0f4..0000000000 --- a/kubernetes/contrib/components/netbox/components/netbox-nginx/templates/service.yaml +++ /dev/null @@ -1,39 +0,0 @@ -{{/* -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - type: {{ .Values.service.type }} - ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{ .Values.service.nodePort }} - {{- else -}} - - port: {{ .Values.service.internalPort }} - targetPort: {{ .Values.service.internalPort }} - {{- end}} - selector: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} diff --git a/kubernetes/contrib/components/netbox/components/netbox-nginx/values.yaml b/kubernetes/contrib/components/netbox/components/netbox-nginx/values.yaml deleted file mode 100755 index a7d0dadbf1..0000000000 --- a/kubernetes/contrib/components/netbox/components/netbox-nginx/values.yaml +++ /dev/null @@ -1,89 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Default values for mariadb. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. - -global: # global defaults - nodePortPrefixExt: 304 - persistence: {} - pullPolicy: Always - -# application image -image: nginx:1.15-alpine -pullPolicy: Always - -ingress: - enabled: false - -# default number of instances -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 10 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 10 - periodSeconds: 10 - -## Persist data to a persitent volume -persistence: - enabled: true - - ## A manually managed Persistent Volume and Claim - ## Requires persistence.enabled: true - ## If defined, PVC must be created manually before volume will be bound - # existingClaim: - volumeReclaimPolicy: Retain - - ## database data Persistent Volume Storage Class - ## If defined, storageClassName: <storageClass> - ## If set to "-", storageClassName: "", which disables dynamic provisioning - ## If undefined (the default) or set to null, no storageClassName spec is - ## set, choosing the default provisioner. (gp2 on AWS, standard on - ## GKE, AWS & OpenStack) - ## - # storageClass: "-" - accessMode: ReadWriteMany - size: 1Gi - mountPath: /dockerdata-nfs - mountSubPath: netbox/nginx/data - - # Names used for shared pv/pvcs across App & Nginx containers - staticPvName: netbox-static - -service: - type: ClusterIP - name: netbox-nginx - portName: netbox-nginx - internalPort: 8080 - nodePort: 20 - -resources: {} - -#Pods Service Account -serviceAccount: - nameOverride: netbox-nginx - roles: - - read diff --git a/kubernetes/contrib/components/netbox/components/netbox-postgres/.helmignore b/kubernetes/contrib/components/netbox/components/netbox-postgres/.helmignore deleted file mode 100755 index f0c1319444..0000000000 --- a/kubernetes/contrib/components/netbox/components/netbox-postgres/.helmignore +++ /dev/null @@ -1,21 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj diff --git a/kubernetes/contrib/components/netbox/components/netbox-postgres/Chart.yaml b/kubernetes/contrib/components/netbox/components/netbox-postgres/Chart.yaml deleted file mode 100755 index e0bf081960..0000000000 --- a/kubernetes/contrib/components/netbox/components/netbox-postgres/Chart.yaml +++ /dev/null @@ -1,31 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada -# Modifications Copyright © 2021 Orange -# Modifications Copyright © 2021 Nordix Foundation -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v2 -description: Netbox Posgres database -name: netbox-postgres -version: 12.0.0 - -dependencies: - - name: common - version: ~12.x-0 - repository: '@local' - - name: repositoryGenerator - version: ~12.x-0 - repository: '@local' - - name: serviceAccount - version: ~12.x-0 - repository: '@local' diff --git a/kubernetes/contrib/components/netbox/components/netbox-postgres/templates/NOTES.txt b/kubernetes/contrib/components/netbox/components/netbox-postgres/templates/NOTES.txt deleted file mode 100755 index bd74a42cd5..0000000000 --- a/kubernetes/contrib/components/netbox/components/netbox-postgres/templates/NOTES.txt +++ /dev/null @@ -1,33 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -1. Get the application URL by running these commands: -{{- if .Values.ingress.enabled }} -{{- range .Values.ingress.hosts }} - http://{{ . }} -{{- end }} -{{- else if contains "NodePort" .Values.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT -{{- else if contains "LoadBalancer" .Values.service.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - echo http://$SERVICE_IP:{{ .Values.service.externalPort }} -{{- else if contains "ClusterIP" .Values.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - echo "Visit http://127.0.0.1:8080 to use your application" - kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} -{{- end }} diff --git a/kubernetes/contrib/components/netbox/components/netbox-postgres/templates/configmap.yaml b/kubernetes/contrib/components/netbox/components/netbox-postgres/templates/configmap.yaml deleted file mode 100755 index 9bc530577a..0000000000 --- a/kubernetes/contrib/components/netbox/components/netbox-postgres/templates/configmap.yaml +++ /dev/null @@ -1,23 +0,0 @@ -{{/* -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-docker-entry-initd - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/config/cassandra/docker-entrypoint-initdb.d/*").AsConfig . | indent 2 }}
\ No newline at end of file diff --git a/kubernetes/contrib/components/netbox/components/netbox-postgres/templates/deployment.yaml b/kubernetes/contrib/components/netbox/components/netbox-postgres/templates/deployment.yaml deleted file mode 100755 index ce789306ff..0000000000 --- a/kubernetes/contrib/components/netbox/components/netbox-postgres/templates/deployment.yaml +++ /dev/null @@ -1,79 +0,0 @@ -{{/* -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - replicas: {{ .Values.replicaCount }} - selector: - matchLabels: - app: {{ include "common.name" . }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} - spec: - containers: - - name: {{ include "common.name" . }} - image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - ports: - - containerPort: {{ .Values.service.internalPort }} - env: - - name: POSTGRES_USER - value: "{{ .Values.config.postgresUser }}" - - name: POSTGRES_PASSWORD - value: "{{ .Values.config.postgresPassword }}" - - name: POSTGRES_DB - value: "{{ .Values.config.postgresDB }}" - volumeMounts: - - mountPath: /etc/localtime - name: localtime - readOnly: true - - name: {{ include "common.fullname" . }}-data - mountPath: /var/lib/postgresql/ - resources: {{ include "common.resources" . | nindent 10 }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 10 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 10 }} - {{- end }} - serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} - volumes: - - name: localtime - hostPath: - path: /etc/localtime - {{- if .Values.persistence.enabled }} - - name: {{ include "common.fullname" . }}-data - persistentVolumeClaim: - claimName: {{ include "common.fullname" . }} - {{- else }} - emptyDir: {} - {{- end }} - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/contrib/components/netbox/components/netbox-postgres/templates/pv.yaml b/kubernetes/contrib/components/netbox/components/netbox-postgres/templates/pv.yaml deleted file mode 100755 index 37d07f05a1..0000000000 --- a/kubernetes/contrib/components/netbox/components/netbox-postgres/templates/pv.yaml +++ /dev/null @@ -1,40 +0,0 @@ -{{/* -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} -{{- if eq "True" (include "common.needPV" .) -}} -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ include "common.release" . }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }} -spec: - capacity: - storage: {{ .Values.persistence.size}} - accessModes: - - {{ .Values.persistence.accessMode }} - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} - storageClassName: "{{ include "common.fullname" . }}-data" - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ include "common.release" . }}/{{ .Values.persistence.mountSubPath }} -{{- end -}} -{{- end -}} diff --git a/kubernetes/contrib/components/netbox/components/netbox-postgres/templates/pvc.yaml b/kubernetes/contrib/components/netbox/components/netbox-postgres/templates/pvc.yaml deleted file mode 100755 index 30da3add0d..0000000000 --- a/kubernetes/contrib/components/netbox/components/netbox-postgres/templates/pvc.yaml +++ /dev/null @@ -1,39 +0,0 @@ -{{/* -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ include "common.release" . }}" - heritage: "{{ .Release.Service }}" -{{- if .Values.persistence.annotations }} - annotations: -{{ .Values.persistence.annotations | indent 4 }} -{{- end }} -spec: - accessModes: - - {{ .Values.persistence.accessMode }} - resources: - requests: - storage: {{ .Values.persistence.size }} - storageClassName: {{ include "common.storageClass" . }} -{{- end -}} diff --git a/kubernetes/contrib/components/netbox/components/netbox-postgres/templates/service.yaml b/kubernetes/contrib/components/netbox/components/netbox-postgres/templates/service.yaml deleted file mode 100755 index 75335884df..0000000000 --- a/kubernetes/contrib/components/netbox/components/netbox-postgres/templates/service.yaml +++ /dev/null @@ -1,42 +0,0 @@ -{{/* -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - type: {{ .Values.service.type }} - ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - {{- end}} - selector: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} diff --git a/kubernetes/contrib/components/netbox/components/netbox-postgres/values.yaml b/kubernetes/contrib/components/netbox/components/netbox-postgres/values.yaml deleted file mode 100755 index 7e0a324aa1..0000000000 --- a/kubernetes/contrib/components/netbox/components/netbox-postgres/values.yaml +++ /dev/null @@ -1,88 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Default values for mariadb. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. - -global: # global defaults - nodePortPrefixExt: 304 - persistence: {} - -# application image -image: postgres:10.4-alpine -pullPolicy: Always - -# application configuration -config: - postgresUser: netbox - postgresPassword: J5brHrAXFLQSif0K - postgresDB: netbox - -ingress: - enabled: false - -# default number of instances -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 10 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 10 - periodSeconds: 10 - -## Persist data to a persitent volume -persistence: - enabled: true - volumeReclaimPolicy: Retain - - # Uncomment the storageClass parameter to use an existing PV - # that will match the following class. - # When uncomment the storageClass, the PV is not created anymore. - - # storageClass: "nfs-dev-sc" - - accessMode: ReadWriteOnce - size: 1Gi - - # When using storage class, mountPath and mountSubPath are - # simply ignored. - - mountPath: /dockerdata-nfs - mountSubPath: netbox/postgres/data - -service: - type: ClusterIP - name: netbox-postgres - portName: netbox-postgres - internalPort: 5432 - externalPort: 5432 - -resources: {} - -#Pods Service Account -serviceAccount: - nameOverride: netbox-postgres - roles: - - read diff --git a/kubernetes/contrib/components/netbox/templates/ingress.yaml b/kubernetes/contrib/components/netbox/templates/ingress.yaml deleted file mode 100755 index 6f604a79ba..0000000000 --- a/kubernetes/contrib/components/netbox/templates/ingress.yaml +++ /dev/null @@ -1,47 +0,0 @@ -{{/* -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} -{{- if .Values.ingress.enabled -}} -{{- $serviceName := include "common.fullname" . -}} -{{- $servicePort := .Values.service.externalPort -}} -apiVersion: networking.k8s.io/v1beta1 -kind: Ingress -metadata: - name: {{ $serviceName }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} - annotations: - {{- range $key, $value := .Values.ingress.annotations }} - {{ $key }}: {{ $value | quote }} - {{- end }} -spec: - rules: - {{- range $host := .Values.ingress.hosts }} - - host: {{ $host }} - http: - paths: - - path: / - backend: - serviceName: {{ $serviceName }} - servicePort: {{ $servicePort }} - {{- end -}} - {{- if .Values.ingress.tls }} - tls: -{{ toYaml .Values.ingress.tls | indent 4 }} - {{- end -}} -{{- end -}} diff --git a/kubernetes/contrib/components/netbox/values.yaml b/kubernetes/contrib/components/netbox/values.yaml deleted file mode 100755 index 04d2f27c7c..0000000000 --- a/kubernetes/contrib/components/netbox/values.yaml +++ /dev/null @@ -1,36 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration defaults. -################################################################# -global: - nodePortPrefixExt: 304 - commonConfigPrefix: netbox - -################################################################# -# Application configuration defaults. -################################################################# -# application image -pullPolicy: Always - -# default number of instances -replicaCount: 1 -nodeSelector: {} -affinity: {} - -ingress: - enabled: false - -resources: {} diff --git a/kubernetes/contrib/dns-server-for-vhost-ingress-testing/README.md b/kubernetes/contrib/dns-server-for-vhost-ingress-testing/README.md deleted file mode 100644 index 72f522a000..0000000000 --- a/kubernetes/contrib/dns-server-for-vhost-ingress-testing/README.md +++ /dev/null @@ -1,23 +0,0 @@ -# Motivations -Ingress controller implementation in the ONAP cluster is based on the virtual host routing. -Testing ONAP cluster requires a lot of entries on the target machines in the /etc/hosts. -Adding many entries into the configuration files on testing machines is quite problematic and error prone. -The better wait is to create central DNS server with entries for all virtual host pointed to simpledemo.onap.org and add custom DNS server as a target DNS server for testing machines and/or as external DNS for kubernetes cluster. - -# How to deploy test DNS server: -Run script ./deploy\_dns.sh - -# How to add DNS address on testing machines: -See post deploy info - -# Test DNS inside cluster (optional) -1. You can add the following entry after DNS deploy on running cluster at the end of cluster.yaml file (rke) -~~~yaml -dns: - provider: coredns - upstreamnameservers: - - <cluster_ip>:31555 -~~~ -2. You can edit coredns configuration with command: - kubectl -n kube-system edit configmap coredns - diff --git a/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/.helmignore b/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/.helmignore deleted file mode 100644 index dacad44a66..0000000000 --- a/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/.helmignore +++ /dev/null @@ -1,37 +0,0 @@ -# -# Copyright 2020 Samsung Electronics Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj -.vscode/ diff --git a/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/Chart.yaml b/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/Chart.yaml deleted file mode 100644 index dede98e707..0000000000 --- a/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/Chart.yaml +++ /dev/null @@ -1,20 +0,0 @@ -# -# Copyright 2020 Samsung Electronics Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -apiVersion: v2 -appVersion: "1.0" -description: bind9 DNS server for kubernetes cluster -name: bind9dns -version: 0.1.0 diff --git a/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/templates/NOTES.txt b/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/templates/NOTES.txt deleted file mode 100644 index 7211966b89..0000000000 --- a/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/templates/NOTES.txt +++ /dev/null @@ -1,21 +0,0 @@ -1. Get the installed DNS host and port by running this commands: -{{- if .Values.ingress.enabled }} -{{- range $host := .Values.ingress.hosts }} - {{- range $.Values.ingress.paths }} - http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host }}{{ . }} - {{- end }} -{{- end }} -{{- else if contains "NodePort" .Values.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "bind9dns.fullname" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo DNS host: $NODE_IP dns port: $NODE_PORT -{{- else if contains "LoadBalancer" .Values.service.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get svc -w {{ include "bind9dns.fullname" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "bind9dns.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - echo http://$SERVICE_IP:{{ .Values.service.port }} -{{- else if contains "ClusterIP" .Values.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "bind9dns.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - echo "Visit http://127.0.0.1:8080 to use your application" - kubectl port-forward $POD_NAME 8080:80 -{{- end }} diff --git a/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/templates/_helpers.tpl b/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/templates/_helpers.tpl deleted file mode 100644 index 3efbbbf831..0000000000 --- a/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/templates/_helpers.tpl +++ /dev/null @@ -1,49 +0,0 @@ -{{/* - - Copyright 2020 Samsung Electronics Co., Ltd. - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. - -*/}} -{{/* vim: set filetype=mustache: */}} -{{/* -Expand the name of the chart. -*/}} -{{- define "bind9dns.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "bind9dns.fullname" -}} -{{- if .Values.fullnameOverride -}} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- $name := default .Chart.Name .Values.nameOverride -}} -{{- if contains $name .Release.Name -}} -{{- .Release.Name | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} -{{- end -}} -{{- end -}} -{{- end -}} - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "bind9dns.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} -{{- end -}} diff --git a/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/templates/deployment.yaml b/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/templates/deployment.yaml deleted file mode 100644 index 7640be64a6..0000000000 --- a/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/templates/deployment.yaml +++ /dev/null @@ -1,76 +0,0 @@ -{{/* - Copyright 2020 Samsung Electronics Co., Ltd. - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. -*/}} -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "bind9dns.fullname" . }} - labels: - app.kubernetes.io/name: {{ include "bind9dns.name" . }} - helm.sh/chart: {{ include "bind9dns.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} -spec: - replicas: {{ .Values.replicaCount }} - selector: - matchLabels: - app.kubernetes.io/name: {{ include "bind9dns.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - template: - metadata: - labels: - app.kubernetes.io/name: {{ include "bind9dns.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - spec: - containers: - - name: {{ .Chart.Name }} - image: {{ .Values.image.repository }}:{{ .Values.image.tag }} - imagePullPolicy: {{ .Values.image.pullPolicy }} - env: - - name: DNS_FORWARDER - value: {{ .Values.dnsconf.forwarder }} - - name: WILDCARD_DNS - value: {{ .Values.dnsconf.wildcard }} - - name: ALLOW_RECURSION - value: any - - name: ALLOW_QUERY - value: any - ports: - - name: dnsport - containerPort: {{ .Values.service.port }} - livenessProbe: - tcpSocket: - port: {{ .Values.service.port }} - initialDelaySeconds: 15 - periodSeconds: 20 - readinessProbe: - tcpSocket: - port: {{ .Values.service.port }} - initialDelaySeconds: 5 - periodSeconds: 10 - resources: - {{- toYaml .Values.resources | nindent 12 }} - {{- with .Values.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} diff --git a/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/templates/service.yaml b/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/templates/service.yaml deleted file mode 100644 index 715f2ff78e..0000000000 --- a/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/templates/service.yaml +++ /dev/null @@ -1,39 +0,0 @@ -{{/* - Copyright 2020 Samsung Electronics Co., Ltd. - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. - -*/}} -apiVersion: v1 -kind: Service -metadata: - name: {{ include "bind9dns.fullname" . }} - labels: - app.kubernetes.io/name: {{ include "bind9dns.name" . }} - helm.sh/chart: {{ include "bind9dns.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} -spec: - type: {{ .Values.service.type }} - ports: - - port: {{ .Values.service.port }} - nodePort: {{ .Values.service.nodePort }} - protocol: TCP - name: dnstcp - - port: {{ .Values.service.port }} - nodePort: {{ .Values.service.nodePort }} - protocol: UDP - name: dnsudp - selector: - app.kubernetes.io/name: {{ include "bind9dns.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} diff --git a/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/templates/tests/test-connection.yaml b/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/templates/tests/test-connection.yaml deleted file mode 100644 index 4fe5d05b02..0000000000 --- a/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/templates/tests/test-connection.yaml +++ /dev/null @@ -1,34 +0,0 @@ -{{/* - Copyright 2020 Samsung Electronics Co., Ltd. - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. - -*/}} -apiVersion: v1 -kind: Pod -metadata: - name: "{{ include "bind9dns.fullname" . }}-test-connection" - labels: - app.kubernetes.io/name: {{ include "bind9dns.name" . }} - helm.sh/chart: {{ include "bind9dns.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} - annotations: - "helm.sh/hook": test-success -spec: - containers: - - name: wget - image: busybox - command: ['wget'] - args: ['{{ include "bind9dns.fullname" . }}:{{ .Values.service.port }}'] - restartPolicy: Never diff --git a/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/values.yaml b/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/values.yaml deleted file mode 100644 index c9e19f41d0..0000000000 --- a/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/values.yaml +++ /dev/null @@ -1,46 +0,0 @@ -# -# Copyright 2020 Samsung Electronics Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -replicaCount: 1 - -image: - repository: luccksam/docker-bind - tag: 0.1.0 - pullPolicy: IfNotPresent - -nameOverride: "" -fullnameOverride: "" - -service: - type: NodePort - port: 53 - nodePort: 31555 - -ingress: - enabled: false - annotations: {} - paths: [] - hosts: - - dnsserver.local - tls: [] - -resources: {} -nodeSelector: {} -tolerations: [] -affinity: {} - -dnsconf: - forwarder: "8.8.8.8,8.8.4.4" - wildcard: "simpledemo.onap.org=0.0.0.0" diff --git a/kubernetes/contrib/dns-server-for-vhost-ingress-testing/deploy_dns.sh b/kubernetes/contrib/dns-server-for-vhost-ingress-testing/deploy_dns.sh deleted file mode 100755 index 294ae0a55e..0000000000 --- a/kubernetes/contrib/dns-server-for-vhost-ingress-testing/deploy_dns.sh +++ /dev/null @@ -1,106 +0,0 @@ -#!/bin/sh -e - -# Copyright 2020 Samsung Electronics Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -DNS_PORT=31555 -CLUSTER_CONTROL=$( kubectl get no -l node-role.kubernetes.io/controlplane=true -o jsonpath='{.items..metadata.name}') -CLUSTER_IP=$(kubectl get no $CLUSTER_CONTROL -o jsonpath='{.metadata.annotations.rke\.cattle\.io/external-ip }') -SPATH="$( dirname "$( which "$0" )" )" - - - -usage() { -cat << ==usage -$0 [cluster_domain] [lb_ip] [helm_chart_args] ... - [cluster_domain] Default value simpledemo.onap.org - [lb_ip] Default value LoadBalancer IP - [helm_chart_args] ... Optional arguments passed to helm install command -$0 --help This message -$0 --info Display howto configure target machine -==usage -} - - -target_machine_notice_info() -{ -cat << ==infodeploy -Extra DNS server already deployed: -1. You can add the DNS server to the target machine using following commands: - sudo iptables -t nat -A OUTPUT -p tcp -d 192.168.211.211 --dport 53 -j DNAT --to-destination $CLUSTER_IP:$DNS_PORT - sudo iptables -t nat -A OUTPUT -p udp -d 192.168.211.211 --dport 53 -j DNAT --to-destination $CLUSTER_IP:$DNS_PORT - sudo sysctl -w net.ipv4.conf.all.route_localnet=1 - sudo sysctl -w net.ipv4.ip_forward=1 -2. Update /etc/resolv.conf file with nameserver 192.168.211.211 entry on your target machine -==infodeploy -} - - -list_node_with_external_addrs() -{ - local WORKER_NODES - WORKER_NODES=$(kubectl get no -l node-role.kubernetes.io/worker=true -o jsonpath='{.items..metadata.name}') - for worker in $WORKER_NODES; do - local external_ip - external_ip=$(kubectl get no $worker -o jsonpath='{.metadata.annotations.rke\.cattle\.io/external-ip }') - local internal_ip - internal_ip=$(kubectl get no $worker -o jsonpath='{.metadata.annotations.rke\.cattle\.io/internal-ip }') - if [ $internal_ip != $external_ip ]; then - echo $external_ip - break - fi - done -} - -ingress_controller_ip() { - local metal_ns - metal_ns=$(kubectl get ns --no-headers --output=custom-columns=NAME:metadata.name |grep metallb-system) - if [ -z $metal_ns ]; then - echo $CLUSTER_IP - else - list_node_with_external_addrs - fi -} - -deploy() { - local ingress_ip - ingress_ip=$(ingress_controller_ip) - initdir = $(pwd) - cd $SPATH/bind9dns - if [ $# -eq 0 ]; then - local cl_domain - cl_domain="simpledemo.onap.org" - else - local cl_domain - cl_domain=$1 - shift - fi - if [ $# -ne 0 ]; then - ingress_ip=$1 - shift - fi - helm install . --set dnsconf.wildcard="$cl_domain=$ingress_ip" $@ - cd $initdir - target_machine_notice_info -} - -if [ $# -eq 1 ] && [ "$1" = "-h" ]; then - usage -elif [ $# -eq 1 ] && [ "$1" = "--help" ]; then - usage -elif [ $# -eq 1 ] && [ "$1" = "--info" ]; then - target_machine_notice_info -else - deploy $@ -fi diff --git a/kubernetes/contrib/ingress-nginx-post-inst/nginx_ingress_cluster_config.yaml b/kubernetes/contrib/ingress-nginx-post-inst/nginx_ingress_cluster_config.yaml deleted file mode 100644 index d579333157..0000000000 --- a/kubernetes/contrib/ingress-nginx-post-inst/nginx_ingress_cluster_config.yaml +++ /dev/null @@ -1,296 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - name: ingress-nginx - labels: - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/part-of: ingress-nginx - ---- - -kind: ConfigMap -apiVersion: v1 -data: - enable-underscores-in-headers: "true" -metadata: - name: nginx-configuration - namespace: ingress-nginx - labels: - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/part-of: ingress-nginx - ---- -kind: ConfigMap -apiVersion: v1 -metadata: - name: tcp-services - namespace: ingress-nginx - labels: - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/part-of: ingress-nginx - ---- -kind: ConfigMap -apiVersion: v1 -metadata: - name: udp-services - namespace: ingress-nginx - labels: - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/part-of: ingress-nginx - ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: nginx-ingress-serviceaccount - namespace: ingress-nginx - labels: - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/part-of: ingress-nginx - ---- -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: ClusterRole -metadata: - name: nginx-ingress-clusterrole - labels: - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/part-of: ingress-nginx -rules: - - apiGroups: - - "" - resources: - - configmaps - - endpoints - - nodes - - pods - - secrets - verbs: - - list - - watch - - apiGroups: - - "" - resources: - - nodes - verbs: - - get - - apiGroups: - - "" - resources: - - services - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - events - verbs: - - create - - patch - - apiGroups: - - "extensions" - - "networking.k8s.io" - resources: - - ingresses - verbs: - - get - - list - - watch - - apiGroups: - - "extensions" - - "networking.k8s.io" - resources: - - ingresses/status - verbs: - - update - ---- -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: Role -metadata: - name: nginx-ingress-role - namespace: ingress-nginx - labels: - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/part-of: ingress-nginx -rules: - - apiGroups: - - "" - resources: - - configmaps - - pods - - secrets - - namespaces - verbs: - - get - - apiGroups: - - "" - resources: - - configmaps - resourceNames: - # Defaults to "<election-id>-<ingress-class>" - # Here: "<ingress-controller-leader>-<nginx>" - # This has to be adapted if you change either parameter - # when launching the nginx-ingress-controller. - - "ingress-controller-leader-nginx" - verbs: - - get - - update - - apiGroups: - - "" - resources: - - configmaps - verbs: - - create - - apiGroups: - - "" - resources: - - endpoints - verbs: - - get - ---- -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: RoleBinding -metadata: - name: nginx-ingress-role-nisa-binding - namespace: ingress-nginx - labels: - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/part-of: ingress-nginx -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: nginx-ingress-role -subjects: - - kind: ServiceAccount - name: nginx-ingress-serviceaccount - namespace: ingress-nginx - ---- -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: ClusterRoleBinding -metadata: - name: nginx-ingress-clusterrole-nisa-binding - labels: - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/part-of: ingress-nginx -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: nginx-ingress-clusterrole -subjects: - - kind: ServiceAccount - name: nginx-ingress-serviceaccount - namespace: ingress-nginx - ---- - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: nginx-ingress-controller - namespace: ingress-nginx - labels: - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/part-of: ingress-nginx -spec: - replicas: 1 - selector: - matchLabels: - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/part-of: ingress-nginx - template: - metadata: - labels: - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/part-of: ingress-nginx - annotations: - prometheus.io/port: "10254" - prometheus.io/scrape: "true" - spec: - serviceAccountName: nginx-ingress-serviceaccount - containers: - - name: nginx-ingress-controller - image: quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.25.1 - args: - - /nginx-ingress-controller - - --configmap=$(POD_NAMESPACE)/nginx-configuration - - --tcp-services-configmap=$(POD_NAMESPACE)/tcp-services - - --udp-services-configmap=$(POD_NAMESPACE)/udp-services - - --publish-service=$(POD_NAMESPACE)/ingress-nginx - - --annotations-prefix=nginx.ingress.kubernetes.io - - --enable-ssl-passthrough=true - securityContext: - allowPrivilegeEscalation: true - capabilities: - drop: - - ALL - add: - - NET_BIND_SERVICE - # www-data -> 33 - runAsUser: 33 - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - ports: - - name: http - containerPort: 80 - - name: https - containerPort: 443 - livenessProbe: - failureThreshold: 3 - httpGet: - path: /healthz - port: 10254 - scheme: HTTP - initialDelaySeconds: 10 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 10 - readinessProbe: - failureThreshold: 3 - httpGet: - path: /healthz - port: 10254 - scheme: HTTP - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 10 - ---- - -apiVersion: v1 -kind: Service -metadata: - name: ingress-nginx - namespace: ingress-nginx - labels: - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/part-of: ingress-nginx -spec: - type: NodePort - ports: - - name: http - port: 80 - targetPort: 80 - protocol: TCP - - name: https - port: 443 - targetPort: 443 - protocol: TCP - selector: - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/part-of: ingress-nginx - ---- - diff --git a/kubernetes/contrib/ingress-nginx-post-inst/nginx_ingress_enable_optional_load_balacer_service.yaml b/kubernetes/contrib/ingress-nginx-post-inst/nginx_ingress_enable_optional_load_balacer_service.yaml deleted file mode 100644 index 57c0034775..0000000000 --- a/kubernetes/contrib/ingress-nginx-post-inst/nginx_ingress_enable_optional_load_balacer_service.yaml +++ /dev/null @@ -1,22 +0,0 @@ -kind: Service -apiVersion: v1 -metadata: - name: ingress-nginx - namespace: ingress-nginx - labels: - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/part-of: ingress-nginx -spec: - externalTrafficPolicy: Local - type: LoadBalancer - selector: - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/part-of: ingress-nginx - ports: - - name: http - port: 80 - targetPort: http - - name: https - port: 443 - targetPort: https - diff --git a/kubernetes/contrib/metallb-loadbalancer-inst/install-metallb-on-cluster.sh b/kubernetes/contrib/metallb-loadbalancer-inst/install-metallb-on-cluster.sh deleted file mode 100755 index 495d540905..0000000000 --- a/kubernetes/contrib/metallb-loadbalancer-inst/install-metallb-on-cluster.sh +++ /dev/null @@ -1,92 +0,0 @@ -#!/bin/sh -e - -# -# Copyright 2020 Samsung Electronics Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -usage() -{ -cat << ==usage -$0 Automatic configuration using external addresess from nodes -$0 --help This message -$0 -h This message -$0 [cluster_ip1] ... [cluster_ipn] Cluster address or ip ranges -==usage -} - - -find_nodes_with_external_addrs() -{ - local WORKER_NODES - WORKER_NODES=$(kubectl get no -l node-role.kubernetes.io/worker=true -o jsonpath='{.items..metadata.name}') - for worker in $WORKER_NODES; do - local external_ip - external_ip=$(kubectl get no $worker -o jsonpath='{.metadata.annotations.rke\.cattle\.io/external-ip }') - local internal_ip - internal_ip=$(kubectl get no $worker -o jsonpath='{.metadata.annotations.rke\.cattle\.io/internal-ip }') - if [ $internal_ip != $external_ip ]; then - echo $external_ip - fi - done -} - -generate_config_map() -{ -cat <<CNFEOF | kubectl apply -f - -apiVersion: v1 -kind: ConfigMap -metadata: - namespace: metallb-system - name: config -data: - config: | - address-pools: - - name: default - protocol: layer2 - addresses: -$(for value in "$@"; do echo -e " - $value"; done) -CNFEOF -} - -generate_config_from_single_addr() { - generate_config_map "$1 - $1" -} - -install_metallb() { - kubectl apply -f https://raw.githubusercontent.com/google/metallb/v0.9.3/manifests/namespace.yaml - kubectl apply -f https://raw.githubusercontent.com/google/metallb/v0.9.3/manifests/metallb.yaml - # Only when install - kubectl create secret generic -n metallb-system memberlist --from-literal=secretkey="$(openssl rand -base64 128)" -} - -automatic_configuration() { - install_metallb - generate_config_from_single_addr $(find_nodes_with_external_addrs) -} - -manual_configuration() { - install_metallb - generate_config_map $@ -} - -if [ $# -eq 1 ] && [ "$1" = "-h" ]; then - usage -if [ $# -eq 1 ] && [ "$1" = "--help" ]; then - usage -elif [ $# -eq 0 ]; then - automatic_configuration -else - manual_configuration $@ -fi diff --git a/kubernetes/contrib/tools/oomstat.py b/kubernetes/contrib/tools/oomstat.py deleted file mode 100755 index 464290d3f6..0000000000 --- a/kubernetes/contrib/tools/oomstat.py +++ /dev/null @@ -1,256 +0,0 @@ -#!/usr/bin/env python - -# -# Copyright (c) 2018 Orange -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -""" -Provides utilities to display oom (sub)modules resources stats -""" - -import os -import sys -import getopt -from fnmatch import fnmatch as match -import yaml - -def info(thing): - if thing: - sys.stderr.write("{}\n".format(thing)) - -try: - from tabulate import tabulate -except ImportError as e: - info("Warning: cannot import tabulate module (): {}".format(str(e))) - def tabulate(lines, headers, tablefmt=None): - ''' basic tabulate function ''' - fmt = "" - nbco = len(headers) - lenco = map(len, headers) - for line in lines: - for i in range(nbco): - lenco[i] = max(lenco[i], len(str(line[i]))) - - fmt = map(lambda n: "{{:<{}}}".format(n), map(lambda i: i+2, lenco)) - fmt = " ".join(fmt) - sep = map(lambda x: '-'*(x+2), lenco) - - output = [fmt.format(*headers), fmt.format(*sep)] - for line in lines: - output.append(fmt.format(*line)) - return "\n".join(output) - - -def values(root='.'): - ''' Get the list of values.yaml files ''' - a = [] - for dirname, dirnames, filenames in os.walk(root): - for filename in filenames: - if filename == 'values.yaml': - a.append((dirname, filename)) - - if '.git' in dirnames: - # don't go into any .git directories. - dirnames.remove('.git') - return a - - -def keys(dic, prefix=None): - ''' recursively traverse the specified dict to collect existing keys ''' - result = [] - if dic: - for k, v in dic.items(): - if prefix: - k = '.'.join((prefix, k)) - if isinstance(v, dict): - result += keys(v, k) - else: - result.append(k) - return result - - -class Project: - ''' - class to access to oom (sub)module (aka project) resources - ''' - - def __init__(self, dirname, filename): - self.dirname = os.path.normpath(dirname) - self.name = self.explicit() - self.filename = os.path.join(dirname, filename) - self.resources = None - self.load() - - def load(self): - ''' load resources from yaml description ''' - with open(self.filename, 'r') as istream: - try: - v = yaml.load(istream) - if v: - self.resources = v.get('resources', None) - except Exception as e: - print(e) - raise - - def explicit(self): - ''' return an explicit name for the project ''' - path = [] - head, name = os.path.split(self.dirname) - if not name: - return head - while head: - head, tail = os.path.split(head) - if tail: - path.append(tail) - else: - path.append(head) - head = None - path.reverse() - index = path.index('charts') if 'charts' in path else None - if index: - name = os.path.join(path[index-1], name) - return name - - def __contains__(self, key): - params = self.resources - if key: - for k in key.split('.'): - if params and k in params: - params = params[k] - else: - return False - return True - - def __getitem__(self, key): - params = self.resources - for k in key.split('.'): - if k in params: - params = params[k] - if params != self.resources: - return params - - def get(self, key, default="-"): - """ mimic dict method """ - if key in self: - return self[key] - return default - - def keys(self): - """ mimic dict method """ - return keys(self.resources) - - -# -# -# - -def usage(status=None): - """ usage doc """ - arg0 = os.path.basename(os.path.abspath(sys.argv[0])) - print("""Usage: {} [options] <root-directory>""".format(arg0)) - print(( - "\n" - "Options:\n" - "-h, --help Show this help message and exit\n" - "-t, --table <format> Use the specified format to display the result table.\n" - " Valid formats are those from the python `tabulate'\n" - " module. When not available, a basic builtin tabular\n" - " function is used and this field has no effect\n" - "-f, --fields Comma separated list of resources fields to display.\n" - " You may use wildcard patterns, eg small.*. Implicit\n" - " value is *, ie all available fields will be used\n" - "Examples:\n" - " # {0} /opt/oom/kubernetes\n" - " # {0} -f small.\\* /opt/oom/kubernetes\n" - " # {0} -f '*requests.*' -t fancy_grid /opt/oom/kubernetes\n" - " # {0} -f small.requests.cpu,small.requests.memory /opt/oom/kubernetes\n" - ).format(arg0)) - if status is not None: - sys.exit(status) - - -def getopts(): - """ read options from cmdline """ - opts, args = getopt.getopt(sys.argv[1:], - "hf:t:", - ["help", "fields=", "table="]) - if len(args) != 1: - usage(1) - - root = args[0] - table = None - fields = ['*'] - patterns = [] - - for opt, arg in opts: - if opt in ("-h", '--help'): - usage(0) - elif opt in ("-f", "--fields"): - fields = arg.split(',') - elif opt in ("-t", "--table"): - table = arg - - return root, table, fields, patterns - - -def main(): - """ main """ - try: - root, table, fields, patterns = getopts() - except getopt.GetoptError as e: - print("Error: {}".format(e)) - usage(1) - - if not os.path.isdir(root): - info("Cannot open {}: Not a directory".format(root)) - return - - # find projects - projects = [] - for dirname, filename in values(root): - projects.append(Project(dirname, filename)) - if not projects: - info("No projects found in {} directory".format(root)) - return - - # check if we want to use pattern matching (wildcard only) - if fields and reduce(lambda x, y: x or y, - map(lambda string: '*' in string, fields)): - patterns = fields - fields = [] - - # if fields are not specified or patterns are used, discover available fields - # and use them (sort for readability) - if patterns or not fields: - avail = sorted(set(reduce(lambda x, y: x+y, - map(lambda p: p.keys(), projects)))) - if patterns: - for pattern in patterns: - fields += filter(lambda string: match(string, pattern), avail) - else: - fields = avail - - # collect values for each project - results = map(lambda project: [project.name] + map(project.get, - fields), - projects) - - # and then print - if results: - headers = ['project'] + fields - print(tabulate(sorted(results), headers, tablefmt=table)) - - -main() diff --git a/kubernetes/contrib/tools/registry-initialize.sh b/kubernetes/contrib/tools/registry-initialize.sh deleted file mode 100755 index 798f375509..0000000000 --- a/kubernetes/contrib/tools/registry-initialize.sh +++ /dev/null @@ -1,152 +0,0 @@ -#!/bin/sh -x - -# Copyright (c) 2021 AT&T. All rights reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Pre-requisite -# 1. Chart packages available under local directory provided as input/argument -# 2. helm client installed with push plugin -# 3. ONAP chartmuseum service deployed - -usage() -{ - echo "Chart Base directory or helm chart from local repo must be provided as input!!" - echo "Usage: registry-initialize.sh -d chartdirectory \ -<-n namespace override> <-r helmrelease override> <-p chart name prefix> | <-h helm charts from local repo>" - exit 1 -} - -if [ $# -eq 0 ]; then - usage -fi - -# defaults -NAMESPACE=onap -RLS_NAME=onap -LOGIN="" -PASSWORD="" -PREF="" -HELM_REPO=local - -while getopts ":d:n:r:p:h:c:" opt; do - case $opt in - d) BASEDIR="$OPTARG" - ;; - n) NAMESPACE="$OPTARG" - ;; - r) RLS_NAME="$OPTARG" - ;; - p) PREF="$OPTARG" - ;; - h) HELM_CHART="$OPTARG" - ;; - c) HELM_REPO="$OPTARG" - ;; - \?) echo "Invalid option -$OPTARG" >&2 - usage - ;; - esac -done - - -if [ -z "$BASEDIR" ] && [ -z "$HELM_CHART" ] ; then - echo "Chart base directory provided $BASEDIR and helm chart from local repo is empty" - exit -fi - -if [ -n "$BASEDIR" ] && [ -n "$HELM_CHART" ] ; then - echo "Both chart base directory $BASEDIR and helm chart from local repo $HELM_CHART cannot be used at the same time " - exit -fi - -if [ -n "$BASEDIR" ]; then - if [ "$(find $BASEDIR -maxdepth 1 -name '*tgz' -print -quit)" ]; then - echo "$BASEDIR valid" - else - echo "No chart package on $BASEDIR provided" - exit - fi -fi - -if [ -n "$HELM_CHART" ]; then - tmp_location=$(mktemp -d) - helm pull $HELM_REPO/$HELM_CHART -d $tmp_location - if [ $? -eq 0 ]; then - echo "Helm chart $HELM_CHART has been pulled out from in $HELM_REPO repo" - BASEDIR=$tmp_location - else - echo "No chart package $HELM_CHART on $HELM_REPO repo" - exit - fi -fi - -if [ -z "$PREF" ] && [ -z "$HELM_CHART" ] ; then - PREF=dcae -fi - -LOGIN=$(kubectl -n "$NAMESPACE" get secret \ - "${RLS_NAME}-chartmuseum-registrycred" \ - -o jsonpath='{.data.login}' | base64 -d) - -PASSWORD=$(kubectl -n "$NAMESPACE" get secret \ - "${RLS_NAME}-chartmuseum-registrycred" \ - -o jsonpath='{.data.password}' | base64 -d) - -if [ -z "$LOGIN" ] || [ -z "$PASSWORD" ]; then - echo "Login/Password credential for target registry cannot be retrieved" - exit 1 -fi - -# Expose cluster port via port-forwarding -kubectl -n $NAMESPACE port-forward service/chart-museum 27017:80 & -if [ $? -ne 0 ]; then - echo "Error in port forwarding; registry cannot be added!!" - exit 1 -fi - -sleep 5 - -# Add chartmuseum repo as helm repo -# Credentials should match config defined in -# oom\kubernetes\platform\components\chartmuseum\values.yaml -helm repo add k8s-registry http://127.0.0.1:27017 --username "$LOGIN" \ - --password "$PASSWORD" -if [ $? -ne 0 ]; then - echo "registry cannot be added!!" - pkill -f "port-forward service/chart-museum" - exit 1 -fi - -# Initial scope is pushing only dcae charts -# can be expanded to include all onap charts if required -for file in $BASEDIR/$PREF*tgz; do - # use helm plugin to push charts - helm cm-push -f $file k8s-registry - if [ $? -eq 0 ]; then - echo "$file uploaded to registry successfully" - else - echo "registry upload failed!!" - pkill -f "port-forward service/chart-museum" - helm repo remove k8s-registry - exit 1 - fi -done - -echo "All Helm charts successfully uploaded into internal repository" - -# Remove the port-forwarding process -pkill -f "port-forward service/chart-museum" - -# Remove helm registry from local -helm repo remove k8s-registry diff --git a/kubernetes/contrib/tools/rke/rke_setup.sh b/kubernetes/contrib/tools/rke/rke_setup.sh deleted file mode 100755 index a8938a96ee..0000000000 --- a/kubernetes/contrib/tools/rke/rke_setup.sh +++ /dev/null @@ -1,353 +0,0 @@ -#!/bin/sh - -############################################################################# -# Copyright © 2019 Bell. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -############################################################################# -# -# This installation is for an RKE install of kubernetes -# after this run the standard oom install -# this installation can be run on any ubuntu 16.04/18.04 VM, RHEL 7.6 (root only), physical or cloud azure/aws host -# https://wiki.onap.org/display/DW/OOM+RKE+Kubernetes+Deployment -# source from https://jira.onap.org/browse/OOM-1598 -# -# master/dublin -# RKE 0.1.16 Kubernetes 1.11.6, kubectl 1.11.6, Helm 2.9.1, Docker 18.06 -# 20190428 RKE 0.2.1, Kubernetes 1.13.5, kubectl 1.13.5, Helm 2.12.3, Docker 18.09.5 -# single node install, HA pending - -usage() { -cat <<EOF -Usage: $0 [PARAMs] -example -sudo ./rke_setup.sh -b master -s rke.onap.cloud -e onap -l amdocs -v true --u : Display usage --b [branch] : branch = master or dublin (required) --s [server] : server = IP or DNS name (required) --e [environment] : use the default (onap) --k [key] : ssh key name --l [username] : login username account (use ubuntu for example) -EOF -} - -install_onap() { - #constants - PORT=8880 - KUBERNETES_VERSION= - RKE_VERSION=0.2.1 - KUBECTL_VERSION=1.13.5 - HELM_VERSION=2.12.3 - DOCKER_VERSION=18.09 - - # copy your private ssh key and cluster.yml file to the vm - # on your dev machine - #sudo cp ~/.ssh/onap_rsa . - #sudo chmod 777 onap_rsa - #scp onap_rsa ubuntu@192.168.241.132:~/ - # on this vm - #sudo chmod 400 onap_rsa - #sudo cp onap_rsa ~/.ssh - # make sure public key is insetup correctly in - # sudo vi ~/.ssh/authorized_keys - - echo "please supply your ssh key as provided by the -k keyname - it must be be chmod 400 and chown user:user in ~/.ssh/" - echo "The RKE version specific cluster.yaml is already integrated in this script for 0.2.1 no need for below generation..." - echo "rke config --name cluster.yml" - echo "specifically" - echo "address: $SERVER" - echo "user: $USERNAME" - echo "ssh_key_path: $SSHPATH_PREFIX/$SSHKEY" - - RKETOOLS= - HYPERCUBE= - POD_INFRA_CONTAINER= - RKETOOLS=0.1.27 - HYPERCUBE=1.13.5-rancher1 - POD_INFRA_CONTAINER=rancher/pause:3.1 - - cat > cluster.yml <<EOF -# generated from rke_setup.sh -nodes: -- address: $SERVER - port: "22" - internal_address: "" - role: - - controlplane - - worker - - etcd - hostname_override: "" - user: $USERNAME - docker_socket: /var/run/docker.sock - ssh_key: "" - ssh_key_path: $SSHPATH_PREFIX/$SSHKEY - ssh_cert: "" - ssh_cert_path: "" - labels: {} -services: - etcd: - image: "" - extra_args: {} - extra_binds: [] - extra_env: [] - external_urls: [] - ca_cert: "" - cert: "" - key: "" - path: "" - snapshot: null - retention: "" - creation: "" - backup_config: null - kube-api: - image: "" - extra_args: {} - extra_binds: [] - extra_env: [] - service_cluster_ip_range: 10.43.0.0/16 - service_node_port_range: "" - pod_security_policy: false - always_pull_images: false - kube-controller: - image: "" - extra_args: {} - extra_binds: [] - extra_env: [] - cluster_cidr: 10.42.0.0/16 - service_cluster_ip_range: 10.43.0.0/16 - scheduler: - image: "" - extra_args: {} - extra_binds: [] - extra_env: [] - kubelet: - image: "" - extra_args: - max-pods: 900 - extra_binds: [] - extra_env: [] - cluster_domain: cluster.local - infra_container_image: "" - cluster_dns_server: 10.43.0.10 - fail_swap_on: false - kubeproxy: - image: "" - extra_args: {} - extra_binds: [] - extra_env: [] -network: - plugin: canal - options: {} -authentication: - strategy: x509 - sans: [] - webhook: null -system_images: - etcd: rancher/coreos-etcd:v3.2.24-rancher1 - alpine: rancher/rke-tools:v$RKETOOLS - nginx_proxy: rancher/rke-tools:v$RKETOOLS - cert_downloader: rancher/rke-tools:v$RKETOOLS - kubernetes_services_sidecar: rancher/rke-tools:v$RKETOOLS - kubedns: rancher/k8s-dns-kube-dns:1.15.0 - dnsmasq: rancher/k8s-dns-dnsmasq-nanny:1.15.0 - kubedns_sidecar: rancher/k8s-dns-sidecar:1.15.0 - kubedns_autoscaler: rancher/cluster-proportional-autoscaler:1.0.0 - kubernetes: rancher/hyperkube:v$HYPERCUBE - flannel: rancher/coreos-flannel:v0.10.0-rancher1 - flannel_cni: rancher/flannel-cni:v0.3.0-rancher1 - calico_node: rancher/calico-node:v3.4.0 - calico_cni: rancher/calico-cni:v3.4.0 - calico_controllers: "" - calico_ctl: rancher/calico-ctl:v2.0.0 - canal_node: rancher/calico-node:v3.4.0 - canal_cni: rancher/calico-cni:v3.4.0 - canal_flannel: rancher/coreos-flannel:v0.10.0 - wave_node: weaveworks/weave-kube:2.5.0 - weave_cni: weaveworks/weave-npc:2.5.0 - pod_infra_container: $POD_INFRA_CONTAINER - ingress: rancher/nginx-ingress-controller:0.21.0-rancher3 - ingress_backend: rancher/nginx-ingress-controller-defaultbackend:1.4-rancher1 - metrics_server: rancher/metrics-server:v0.3.1 -ssh_key_path: $SSHPATH -ssh_cert_path: "" -ssh_agent_auth: false -authorization: - mode: rbac - options: {} -ignore_docker_version: false -kubernetes_version: "$KUBERNETES_VERSION" -private_registries: [] -ingress: - provider: "" - options: {} - node_selector: {} - extra_args: {} -cluster_name: "" -cloud_provider: - name: "" -prefix_path: "" -addon_job_timeout: 0 -bastion_host: - address: "" - port: "" - user: "" - ssh_key: "" - ssh_key_path: "" - ssh_cert: "" - ssh_cert_path: "" -monitoring: - provider: "" - options: {} -restore: - restore: false - snapshot_name: "" -dns: null -EOF - - - - echo "Installing on ${SERVER} for ${BRANCH}: RKE: ${RKE_VERSION} Kubectl: ${KUBECTL_VERSION} Helm: ${HELM_VERSION} Docker: ${DOCKER_VERSION} username: ${USERNAME}" - sudo echo "127.0.0.1 ${SERVER}" >> /etc/hosts - echo "Install docker - If you must install as non-root - comment out the docker install below - run it separately, run the user mod, logout/login and continue this script" - curl https://releases.rancher.com/install-docker/$DOCKER_VERSION.sh | sh - sudo usermod -aG docker $USERNAME - - echo "Install RKE" - sudo wget https://github.com/rancher/rke/releases/download/v$RKE_VERSION/rke_linux-amd64 - mv rke_linux-amd64 rke - sudo chmod +x rke - sudo mv ./rke /usr/local/bin/rke - - echo "Install make - required for beijing+ - installed via yum groupinstall Development Tools in RHEL" - # ubuntu specific - sudo apt-get install make -y - - sudo curl -LO https://storage.googleapis.com/kubernetes-release/release/v$KUBECTL_VERSION/bin/linux/amd64/kubectl - sudo chmod +x ./kubectl - sudo mv ./kubectl /usr/local/bin/kubectl - sudo mkdir ~/.kube - wget http://storage.googleapis.com/kubernetes-helm/helm-v${HELM_VERSION}-linux-amd64.tar.gz - sudo tar -zxvf helm-v${HELM_VERSION}-linux-amd64.tar.gz - sudo mv linux-amd64/helm /usr/local/bin/helm - - echo "Bringing RKE up - using supplied cluster.yml" - sudo rke up - echo "wait 2 extra min for the cluster" - sleep 60 - echo "1 more min" - sleep 60 - echo "copy kube_config_cluter.yaml generated - to ~/.kube/config" - sudo cp kube_config_cluster.yml ~/.kube/config - # avoid using sudo for kubectl - sudo chmod 777 ~/.kube/config - echo "Verify all pods up on the kubernetes system - will return localhost:8080 until a host is added" - echo "kubectl get pods --all-namespaces" - kubectl get pods --all-namespaces - echo "install tiller/helm" - kubectl -n kube-system create serviceaccount tiller - kubectl create clusterrolebinding tiller --clusterrole=cluster-admin --serviceaccount=kube-system:tiller - helm init --service-account tiller - kubectl -n kube-system rollout status deploy/tiller-deploy - echo "upgrade server side of helm in kubernetes" - if [ "$USERNAME" = "root" ]; then - helm version - else - sudo helm version - fi - echo "sleep 30" - sleep 30 - if [ "$USERNAME" = "root" ]; then - helm init --upgrade - else - sudo helm init --upgrade - fi - echo "sleep 30" - sleep 30 - echo "verify both versions are the same below" - if [ "$USERNAME" = "root" ]; then - helm version - else - sudo helm version - fi - echo "start helm server" - if [ "$USERNAME" = "root" ]; then - helm serve & - else - sudo helm serve & - fi - echo "sleep 30" - sleep 30 - echo "add local helm repo" - if [ "$USERNAME" = "root" ]; then - helm repo add local http://127.0.0.1:8879 - helm repo list - else - sudo helm repo add local http://127.0.0.1:8879 - sudo helm repo list - fi - echo "To enable grafana dashboard - do this after running cd.sh which brings up onap - or you may get a 302xx port conflict" - echo "kubectl expose -n kube-system deployment monitoring-grafana --type=LoadBalancer --name monitoring-grafana-client" - echo "to get the nodeport for a specific VM running grafana" - echo "kubectl get services --all-namespaces | grep graf" - sudo docker version - helm version - kubectl version - kubectl get services --all-namespaces - kubectl get pods --all-namespaces - echo "finished!" -} - -BRANCH= -SERVER= -ENVIRON= -VALIDATE=false -USERNAME=ubuntu -SSHPATH_PREFIX=~/.ssh - -while getopts ":b:s:e:u:l:k:v" PARAM; do - case $PARAM in - u) - usage - exit 1 - ;; - b) - BRANCH=${OPTARG} - ;; - e) - ENVIRON=${OPTARG} - ;; - s) - SERVER=${OPTARG} - ;; - l) - USERNAME=${OPTARG} - ;; - k) - SSHKEY=${OPTARG} - ;; - v) - VALIDATE=${OPTARG} - ;; - ?) - usage - exit - ;; - esac -done - -if [ -z $BRANCH ]; then - usage - exit 1 -fi - -install_onap $BRANCH $SERVER $ENVIRON $USERNAME $SSHPATH_PREFIX $SSHKEY $VALIDATE diff --git a/kubernetes/contrib/values.yaml b/kubernetes/contrib/values.yaml deleted file mode 100644 index 8a44934d8f..0000000000 --- a/kubernetes/contrib/values.yaml +++ /dev/null @@ -1,21 +0,0 @@ -# Copyright © 2019 Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -global: - cmpv2Enabled: true - -awx: - enabled: true -netbox: - enabled: true |