summaryrefslogtreecommitdiffstats
path: root/kubernetes/onap
diff options
context:
space:
mode:
authorSylvain Desbureaux <sylvain.desbureaux@orange.com>2020-11-19 16:22:39 +0100
committerSylvain Desbureaux <sylvain.desbureaux@orange.com>2020-11-20 14:38:34 +0000
commit2b2aa11021114438591d184af19fde6bbf06950a (patch)
tree7e690b3a1a1f8595a0fdb8502faafeee73187de6 /kubernetes/onap
parent23a38b37056055a293cd3e92fb0de8efbd23ded0 (diff)
[COMMON] New templates to handle repositories
Current repository templates handles only ONAP "nexus" repository configuration. So, all images coming from another repository (currently, OOM is using 4 repository, including nexus one) cannot simply be retrieved from another one. This commit add new templates, in a specific chart, in order to change that. Now, each for repository can be overidden and all 4 can have a credentials. Also, in order to minimize global variables, templates aimed to retrieve usual utility images (busybox, envsubst, readiness, ...) are created. Issue-ID: OOM-2634 Change-Id: I27eb33d830d56ec28f9de68599f5108a262983b3 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> [Reduce code size, add missing busyboxRepository] Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Diffstat (limited to 'kubernetes/onap')
-rwxr-xr-xkubernetes/onap/requirements.yaml3
-rw-r--r--kubernetes/onap/templates/secrets.yaml29
-rwxr-xr-xkubernetes/onap/values.yaml77
3 files changed, 62 insertions, 47 deletions
diff --git a/kubernetes/onap/requirements.yaml b/kubernetes/onap/requirements.yaml
index daa2b1e9ca..51f1743773 100755
--- a/kubernetes/onap/requirements.yaml
+++ b/kubernetes/onap/requirements.yaml
@@ -114,6 +114,9 @@ dependencies:
version: ~6.x-0
repository: '@local'
condition: oof.enabled
+ - name: repository-wrapper
+ version: ~6.x-0
+ repository: '@local'
- name: robot
version: ~6.x-0
repository: '@local'
diff --git a/kubernetes/onap/templates/secrets.yaml b/kubernetes/onap/templates/secrets.yaml
deleted file mode 100644
index 725b6d1d41..0000000000
--- a/kubernetes/onap/templates/secrets.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{ include "common.namespace" . }}-docker-registry-key
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-data:
- .dockercfg: {{ include "common.repository.secret" . }}
-type: kubernetes.io/dockercfg
diff --git a/kubernetes/onap/values.yaml b/kubernetes/onap/values.yaml
index 9473a6abcb..5e5e249f71 100755
--- a/kubernetes/onap/values.yaml
+++ b/kubernetes/onap/values.yaml
@@ -40,34 +40,73 @@ global:
addTestingComponents: &testing false
# ONAP Repository
- # Uncomment the following to enable the use of a single docker
- # repository but ONLY if your repository mirrors all ONAP
- # docker images. This includes all images from dockerhub and
- # any other repository that hosts images for ONAP components.
- #repository: nexus3.onap.org:10001
+ # Four different repositories are used
+ # You can change individually these repositories to ones that will serve the
+ # right images. If credentials are needed for one of them, see below.
+ repository: nexus3.onap.org:10001
+ dockerHubRepository: &dockerHubRepository docker.io
+ elasticRepository: &elasticRepository docker.elastic.co
+ googleK8sRepository: k8s.gcr.io
+
+
+ #/!\ DEPRECATED /!\
+ # Legacy repositories which will be removed at the end of migration.
+ # Please don't use
+ loggingRepository: *elasticRepository
+ busyboxRepository: *dockerHubRepository
+
+ # Default credentials
+ # they're optional. If the target repository doesn't need them, comment them
repositoryCred:
user: docker
password: docker
- dockerHubRepository: docker.io
-
- # readiness check
- readinessImage: onap/oom/readiness:3.0.1
+ # If you want / need authentication on the repositories, please set
+ # Don't set them if the target repo is the same than others
+ # so id you've set repository to value `my.private.repo` and same for
+ # dockerHubRepository, you'll have to configure only repository (exclusive) OR
+ # dockerHubCred.
+ # dockerHubCred:
+ # user: myuser
+ # password: mypassord
+ # elasticCred:
+ # user: myuser
+ # password: mypassord
+ # googleK8sCred:
+ # user: myuser
+ # password: mypassord
+
+
+ # common global images
+ # Busybox for simple shell manipulation
+ busyboxImage: busybox:1.32
# curl image
curlImage: curlimages/curl:7.69.1
- # logging agent - temporary repo until images migrated to nexus3
- loggingRepository: docker.elastic.co
+ # env substitution image
+ envsubstImage: dibi/envsubst:1
+
+ # generate htpasswd files image
+ # there's only latest image for htpasswd
+ htpasswdImage: xmartlabs/htpasswd:latest
+
+ # kubenretes client image
+ kubectlImage: bitnami/kubectl:1.19
- # dockerHub main repository
- dockerHubRepository: docker.io
+ # logging agent
+ loggingImage: beats/filebeat:5.5.0
- # busybox repo and image
- busyboxRepository: docker.io
- busyboxImage: busybox:1.30
+ # mariadb client image
+ mariadbImage: mariadb:10.1.48
- # kubeclt image
- kubectlImage: "bitnami/kubectl:1.15"
+ # nginx server image
+ nginxImage: bitnami/nginx:1.18-debian-10
+
+ # postgreSQL client and server image
+ postgresImage: crunchydata/crunchy-postgres:centos7-10.11-4.2.1
+
+ # readiness check image
+ readinessImage: onap/oom/readiness:3.0.1
# image pull policy
pullPolicy: Always
@@ -320,3 +359,5 @@ a1policymanagement:
cert-wrapper:
enabled: true
+repository-wrapper:
+ enabled: true