diff options
author | Sylvain Desbureaux <sylvain.desbureaux@orange.com> | 2020-11-19 16:22:39 +0100 |
---|---|---|
committer | Sylvain Desbureaux <sylvain.desbureaux@orange.com> | 2020-11-20 14:38:34 +0000 |
commit | 2b2aa11021114438591d184af19fde6bbf06950a (patch) | |
tree | 7e690b3a1a1f8595a0fdb8502faafeee73187de6 /kubernetes/onap | |
parent | 23a38b37056055a293cd3e92fb0de8efbd23ded0 (diff) |
[COMMON] New templates to handle repositories
Current repository templates handles only ONAP "nexus" repository
configuration.
So, all images coming from another repository (currently, OOM is using 4
repository, including nexus one) cannot simply be retrieved from another
one.
This commit add new templates, in a specific chart, in order to change
that.
Now, each for repository can be overidden and all 4 can have a
credentials.
Also, in order to minimize global variables, templates aimed to
retrieve usual utility images (busybox, envsubst, readiness, ...) are
created.
Issue-ID: OOM-2634
Change-Id: I27eb33d830d56ec28f9de68599f5108a262983b3
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
[Reduce code size, add missing busyboxRepository]
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Diffstat (limited to 'kubernetes/onap')
-rwxr-xr-x | kubernetes/onap/requirements.yaml | 3 | ||||
-rw-r--r-- | kubernetes/onap/templates/secrets.yaml | 29 | ||||
-rwxr-xr-x | kubernetes/onap/values.yaml | 77 |
3 files changed, 62 insertions, 47 deletions
diff --git a/kubernetes/onap/requirements.yaml b/kubernetes/onap/requirements.yaml index daa2b1e9ca..51f1743773 100755 --- a/kubernetes/onap/requirements.yaml +++ b/kubernetes/onap/requirements.yaml @@ -114,6 +114,9 @@ dependencies: version: ~6.x-0 repository: '@local' condition: oof.enabled + - name: repository-wrapper + version: ~6.x-0 + repository: '@local' - name: robot version: ~6.x-0 repository: '@local' diff --git a/kubernetes/onap/templates/secrets.yaml b/kubernetes/onap/templates/secrets.yaml deleted file mode 100644 index 725b6d1d41..0000000000 --- a/kubernetes/onap/templates/secrets.yaml +++ /dev/null @@ -1,29 +0,0 @@ -{{/* -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.namespace" . }}-docker-registry-key - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -data: - .dockercfg: {{ include "common.repository.secret" . }} -type: kubernetes.io/dockercfg diff --git a/kubernetes/onap/values.yaml b/kubernetes/onap/values.yaml index 9473a6abcb..5e5e249f71 100755 --- a/kubernetes/onap/values.yaml +++ b/kubernetes/onap/values.yaml @@ -40,34 +40,73 @@ global: addTestingComponents: &testing false # ONAP Repository - # Uncomment the following to enable the use of a single docker - # repository but ONLY if your repository mirrors all ONAP - # docker images. This includes all images from dockerhub and - # any other repository that hosts images for ONAP components. - #repository: nexus3.onap.org:10001 + # Four different repositories are used + # You can change individually these repositories to ones that will serve the + # right images. If credentials are needed for one of them, see below. + repository: nexus3.onap.org:10001 + dockerHubRepository: &dockerHubRepository docker.io + elasticRepository: &elasticRepository docker.elastic.co + googleK8sRepository: k8s.gcr.io + + + #/!\ DEPRECATED /!\ + # Legacy repositories which will be removed at the end of migration. + # Please don't use + loggingRepository: *elasticRepository + busyboxRepository: *dockerHubRepository + + # Default credentials + # they're optional. If the target repository doesn't need them, comment them repositoryCred: user: docker password: docker - dockerHubRepository: docker.io - - # readiness check - readinessImage: onap/oom/readiness:3.0.1 + # If you want / need authentication on the repositories, please set + # Don't set them if the target repo is the same than others + # so id you've set repository to value `my.private.repo` and same for + # dockerHubRepository, you'll have to configure only repository (exclusive) OR + # dockerHubCred. + # dockerHubCred: + # user: myuser + # password: mypassord + # elasticCred: + # user: myuser + # password: mypassord + # googleK8sCred: + # user: myuser + # password: mypassord + + + # common global images + # Busybox for simple shell manipulation + busyboxImage: busybox:1.32 # curl image curlImage: curlimages/curl:7.69.1 - # logging agent - temporary repo until images migrated to nexus3 - loggingRepository: docker.elastic.co + # env substitution image + envsubstImage: dibi/envsubst:1 + + # generate htpasswd files image + # there's only latest image for htpasswd + htpasswdImage: xmartlabs/htpasswd:latest + + # kubenretes client image + kubectlImage: bitnami/kubectl:1.19 - # dockerHub main repository - dockerHubRepository: docker.io + # logging agent + loggingImage: beats/filebeat:5.5.0 - # busybox repo and image - busyboxRepository: docker.io - busyboxImage: busybox:1.30 + # mariadb client image + mariadbImage: mariadb:10.1.48 - # kubeclt image - kubectlImage: "bitnami/kubectl:1.15" + # nginx server image + nginxImage: bitnami/nginx:1.18-debian-10 + + # postgreSQL client and server image + postgresImage: crunchydata/crunchy-postgres:centos7-10.11-4.2.1 + + # readiness check image + readinessImage: onap/oom/readiness:3.0.1 # image pull policy pullPolicy: Always @@ -320,3 +359,5 @@ a1policymanagement: cert-wrapper: enabled: true +repository-wrapper: + enabled: true |