summaryrefslogtreecommitdiffstats
path: root/kubernetes/oof/components
diff options
context:
space:
mode:
authorFiachra Corcoran <fiachra.corcoran@est.tech>2023-02-23 22:24:54 +0000
committerGerrit Code Review <gerrit@onap.org>2023-02-23 22:24:54 +0000
commitf212f12bedbde5141aba654d57ea34d2e0c3547f (patch)
treec378bdd73a223432baef8e18f7ab5bed7f4851f1 /kubernetes/oof/components
parent23f5499dad42a1147b4edbd6d7b6480895d985bc (diff)
parent0fcefb64c2bd0be21f0d20b1d6fa6a4600a51a37 (diff)
Merge "[OOF] Make OOF ServiceMesh compatible"
Diffstat (limited to 'kubernetes/oof/components')
-rwxr-xr-xkubernetes/oof/components/oof-has/Chart.yaml4
-rwxr-xr-xkubernetes/oof/components/oof-has/components/oof-has-api/Chart.yaml7
-rwxr-xr-xkubernetes/oof/components/oof-has/components/oof-has-api/templates/deployment.yaml83
-rwxr-xr-xkubernetes/oof/components/oof-has/components/oof-has-api/templates/service.yaml28
-rwxr-xr-xkubernetes/oof/components/oof-has/components/oof-has-api/values.yaml35
-rwxr-xr-xkubernetes/oof/components/oof-has/components/oof-has-controller/Chart.yaml3
-rwxr-xr-xkubernetes/oof/components/oof-has/components/oof-has-controller/templates/deployment.yaml66
-rwxr-xr-xkubernetes/oof/components/oof-has/components/oof-has-controller/values.yaml9
-rwxr-xr-xkubernetes/oof/components/oof-has/components/oof-has-data/Chart.yaml3
-rwxr-xr-xkubernetes/oof/components/oof-has/components/oof-has-data/templates/deployment.yaml75
-rwxr-xr-xkubernetes/oof/components/oof-has/components/oof-has-data/values.yaml9
-rwxr-xr-xkubernetes/oof/components/oof-has/components/oof-has-reservation/Chart.yaml3
-rwxr-xr-xkubernetes/oof/components/oof-has/components/oof-has-reservation/templates/deployment.yaml63
-rwxr-xr-xkubernetes/oof/components/oof-has/components/oof-has-reservation/values.yaml9
-rwxr-xr-xkubernetes/oof/components/oof-has/components/oof-has-solver/Chart.yaml3
-rwxr-xr-xkubernetes/oof/components/oof-has/components/oof-has-solver/templates/deployment.yaml63
-rwxr-xr-xkubernetes/oof/components/oof-has/components/oof-has-solver/values.yaml9
-rwxr-xr-xkubernetes/oof/components/oof-has/resources/config/aai_cert.cer25
-rwxr-xr-xkubernetes/oof/components/oof-has/resources/config/aai_key.key30
-rwxr-xr-xkubernetes/oof/components/oof-has/resources/config/bundle.pem26
-rwxr-xr-xkubernetes/oof/components/oof-has/resources/config/conductor.conf122
-rw-r--r--kubernetes/oof/components/oof-has/resources/config/nginx.conf9
-rwxr-xr-xkubernetes/oof/components/oof-has/values.yaml27
-rw-r--r--kubernetes/oof/components/oof-templates/templates/_certificate.tpl11
24 files changed, 83 insertions, 639 deletions
diff --git a/kubernetes/oof/components/oof-has/Chart.yaml b/kubernetes/oof/components/oof-has/Chart.yaml
index 0b3a324c9a..8fd5dbd2ad 100755
--- a/kubernetes/oof/components/oof-has/Chart.yaml
+++ b/kubernetes/oof/components/oof-has/Chart.yaml
@@ -24,10 +24,6 @@ dependencies:
- name: common
version: ~12.x-0
repository: '@local'
- - name: music
- version: ~12.x-0
- repository: '@local'
- condition: music.enabled
- name: etcd
version: ~12.x-0
repository: '@local'
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-api/Chart.yaml b/kubernetes/oof/components/oof-has/components/oof-has-api/Chart.yaml
index 39d3f0c89f..a7a1d1f172 100755
--- a/kubernetes/oof/components/oof-has/components/oof-has-api/Chart.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-api/Chart.yaml
@@ -24,9 +24,6 @@ dependencies:
- name: common
version: ~12.x-0
repository: '@local'
- - name: certInitializer
- version: ~12.x-0
- repository: '@local'
- name: oof-templates
version: ~12.x-0
repository: 'file://../../../oof-templates'
@@ -36,3 +33,7 @@ dependencies:
- name: serviceAccount
version: ~12.x-0
repository: '@local'
+ - name: readinessCheck
+ version: ~12.x-0
+ repository: '@local'
+
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-api/templates/deployment.yaml b/kubernetes/oof/components/oof-has/components/oof-has-api/templates/deployment.yaml
index 4e38c830f0..10793cafc6 100755
--- a/kubernetes/oof/components/oof-has/components/oof-has-api/templates/deployment.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-api/templates/deployment.yaml
@@ -18,67 +18,15 @@
apiVersion: apps/v1
kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
+metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
spec:
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
+ selector: {{- include "common.selectors" . | nindent 4 }}
replicas: {{ .Values.replicaCount }}
template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
+ metadata: {{- include "common.templateMetadata" . | nindent 6 }}
spec:
initContainers:
- - name: {{ include "common.name" . }}-readiness
- command:
- - /app/ready.py
- args:
- - --container-name
- - oof-has-controller
- {{- if (include "common.needTLS" .) }}
- - --container-name
- - aaf-service
- {{- end }}
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- image: {{ include "repositoryGenerator.image.readiness" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-
- {{- if (include "common.needTLS" .) }}
- - name: {{ include "common.name" . }}-has-sms-readiness
- command:
- - sh
- - -c
- - resp="FAILURE";
- until [ $resp = "200" ]; do
- resp=$(curl -s -o /dev/null -k --write-out %{http_code} https://aaf-sms.{{ include "common.namespace" . }}:10443/v1/sms/domain/has/secret);
- echo $resp;
- sleep 2;
- done
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- image: {{ include "repositoryGenerator.image.curl" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- {{- end }}
-{{ include "common.certInitializer.initContainer" . | indent 6 }}
-
+ {{ include "common.readinessCheck.waitFor" . | nindent 6 }}
containers:
- name: {{ include "common.name" . }}
image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.image.optf_has }}
@@ -112,11 +60,6 @@ spec:
- mountPath: /usr/local/bin/log.conf
name: {{ .Values.global.commonConfigPrefix }}-config
subPath: log.conf
- {{- if (include "common.needTLS" .) }}
- - mountPath: /usr/local/bin/AAF_RootCA.cer
- name: {{ include "common.fullname" . }}-onap-certs
- subPath: aaf_root_ca.cer
- {{- end }}
resources:
{{ include "common.resources" . | indent 12 }}
- name: {{ include "common.name" . }}-nginx
@@ -127,13 +70,10 @@ spec:
args:
- "-c"
- |
- {{- if (include "common.needTLS" .) }}
- grep -v '^$' /opt/bitnami/nginx/ssl/local/org.onap.oof.crt > /tmp/oof.crt
- cat /tmp/oof.crt /tmp/intermediate_root_ca.pem /tmp/AAF_RootCA.cer >> /opt/bitnami/nginx/org.onap.oof.crt
- {{- end }}
/opt/bitnami/scripts/nginx/entrypoint.sh /opt/bitnami/scripts/nginx/run.sh
ports:
- containerPort: {{ .Values.service.internalPort }}
+ name: http
{{- if .Values.liveness.enabled }}
livenessProbe:
tcpSocket:
@@ -147,21 +87,12 @@ spec:
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
volumeMounts:
-{{ include "common.certInitializer.volumeMount" . | indent 10 }}
- mountPath: /etc/localtime
name: localtime
readOnly: true
- mountPath: /opt/bitnami/nginx/conf/nginx.conf
name: {{ .Values.global.commonConfigPrefix }}-config
subPath: nginx.conf
- {{- if (include "common.needTLS" .) }}
- - mountPath: /tmp/AAF_RootCA.cer
- name: {{ include "common.fullname" . }}-onap-certs
- subPath: aaf_root_ca.cer
- - mountPath: /tmp/intermediate_root_ca.pem
- name: {{ include "common.fullname" . }}-onap-certs
- subPath: intermediate_root_ca.pem
- {{- end }}
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
@@ -174,7 +105,6 @@ spec:
{{- end }}
serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes:
- {{ include "common.certInitializer.volumes" . | nindent 8 }}
- name: localtime
hostPath:
path: /etc/localtime
@@ -188,8 +118,5 @@ spec:
path: conductor.conf
- key: log.conf
path: log.conf
-{{- if (include "common.needTLS" .) }}
-{{ include "oof.certificate.volume" . | indent 8 }}
-{{- end }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-api/templates/service.yaml b/kubernetes/oof/components/oof-has/components/oof-has-api/templates/service.yaml
index f13e7cea9b..b77b592c08 100755
--- a/kubernetes/oof/components/oof-has/components/oof-has-api/templates/service.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-api/templates/service.yaml
@@ -1,6 +1,7 @@
{{/*
# Copyright © 2017 Amdocs, Bell Canada
# Modifications Copyright © 2018 AT&T,VMware
+# Modifications Copyright © 2023 Deutsche Telekom
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -15,29 +16,4 @@
# limitations under the License.
*/}}
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "common.servicename" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
- annotations:
-spec:
- type: {{ .Values.service.type }}
- ports:
- {{if eq .Values.service.type "NodePort" -}}
- - port: {{ .Values.service.externalPort }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
- {{- else -}}
- - port: {{ .Values.service.externalPort }}
- targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
- {{- end}}
- selector:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
+{{ include "common.service" . }}
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-api/values.yaml b/kubernetes/oof/components/oof-has/components/oof-has-api/values.yaml
index c850cb7752..8b2ebdd23c 100755
--- a/kubernetes/oof/components/oof-has/components/oof-has-api/values.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-api/values.yaml
@@ -22,10 +22,6 @@ global: # global defaults
# secrets metaconfig
#################################################################
secrets:
- - uid: oof-onap-certs
- externalSecret: '{{ tpl (default "" .Values.certSecret) . }}'
- type: generic
- filePaths: '{{ .Values.secretsFilePaths }}'
- uid: oof-has-etcd-secret
name: &user-creds '{{ include "common.release" . }}-oof-has-etcd-secret'
type: basicAuth
@@ -42,16 +38,15 @@ config:
service:
type: NodePort
name: oof-has-api
- externalPort: 8091
internalPort: 8091
- nodePort: 75
- portName: http
+ ports:
+ - name: http
+ port: 8091
+ nodePort: '75'
#backend container info
uwsgi:
internalPort: 8080
-ingress:
- enabled: false
replicaCount: 1
nodeSelector: {}
affinity: {}
@@ -85,24 +80,6 @@ readiness:
initialDelaySeconds: 10
periodSeconds: 10
-#sub-charts configuration
-certInitializer:
- nameOverride: oof-has-cert-initializer
- fqdn: "oof.onap"
- app_ns: "org.osaaf.aaf"
- fqi: "oof@oof.onap.org"
- fqi_namespace: org.onap.oof
- public_fqdn: "oof.onap.org"
- aafDeployFqi: "deployer@people.osaaf.org"
- aafDeployPass: demo123456!
- cadi_latitude: "0.0"
- cadi_longitude: "0.0"
- credsPath: /opt/app/osaaf/local
- appMountPath: /opt/bitnami/nginx/ssl
- aaf_add_config: >
- chmod 444 {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.key;
-
-
ingress:
enabled: false
service:
@@ -112,6 +89,10 @@ ingress:
config:
ssl: "redirect"
+readinessCheck:
+ wait_for:
+ - oof-has-controller
+
#Pods Service Account
serviceAccount:
nameOverride: oof-has-api
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-controller/Chart.yaml b/kubernetes/oof/components/oof-has/components/oof-has-controller/Chart.yaml
index 9713d7a497..cfa4c5e37b 100755
--- a/kubernetes/oof/components/oof-has/components/oof-has-controller/Chart.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-controller/Chart.yaml
@@ -33,3 +33,6 @@ dependencies:
- name: serviceAccount
version: ~12.x-0
repository: '@local'
+ - name: readinessCheck
+ version: ~12.x-0
+ repository: '@local'
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-controller/templates/deployment.yaml b/kubernetes/oof/components/oof-has/components/oof-has-controller/templates/deployment.yaml
index 92be670db6..ba7d462f6c 100755
--- a/kubernetes/oof/components/oof-has/components/oof-has-controller/templates/deployment.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-controller/templates/deployment.yaml
@@ -17,65 +17,15 @@
apiVersion: apps/v1
kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
+metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
spec:
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
+ selector: {{- include "common.selectors" . | nindent 4 }}
replicas: {{ .Values.replicaCount }}
template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
+ metadata: {{- include "common.templateMetadata" . | nindent 6 }}
spec:
initContainers:
- - name: {{ include "common.name" . }}-readiness
- command:
- - /app/ready.py
- args:
- - --job-name
- - {{ include "common.release" . }}-{{ .Values.config.etcd.configJobNameOverride }}-job
- {{- if (include "common.needTLS" .) }}
- - --container-name
- - aaf-sms
- {{- end }}
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- image: {{ include "repositoryGenerator.image.readiness" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-
- {{- if (include "common.needTLS" .) }}
- - name: {{ include "common.name" . }}-cont-sms-readiness
- command:
- - sh
- - -c
- - resp="FAILURE";
- until [ $resp = "200" ]; do
- resp=$(curl -s -o /dev/null -k --write-out %{http_code} https://aaf-sms.{{ include "common.namespace" . }}:10443/v1/sms/domain/has/secret);
- echo $resp;
- sleep 2;
- done
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- image: {{ include "repositoryGenerator.image.curl" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- {{- end }}
+ {{ include "common.readinessCheck.waitFor" . | nindent 6 }}
containers:
- name: {{ include "common.name" . }}
image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.image.optf_has }}
@@ -117,11 +67,6 @@ spec:
- mountPath: /usr/local/bin/healthy.sh
name: {{ .Values.global.commonConfigPrefix }}-config
subPath: healthy.sh
- {{- if (include "common.needTLS" .) }}
- - mountPath: /usr/local/bin/AAF_RootCA.cer
- name: {{ include "common.fullname" . }}-onap-certs
- subPath: aaf_root_ca.cer
- {{- end }}
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
@@ -147,8 +92,5 @@ spec:
path: log.conf
- key: healthy.sh
path: healthy.sh
-{{- if (include "common.needTLS" .) }}
-{{ include "oof.certificate.volume" . | indent 8 }}
-{{- end }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-controller/values.yaml b/kubernetes/oof/components/oof-has/components/oof-has-controller/values.yaml
index d6da75fd18..c72dc6c516 100755
--- a/kubernetes/oof/components/oof-has/components/oof-has-controller/values.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-controller/values.yaml
@@ -20,10 +20,6 @@ global:
# Secrets metaconfig
#################################################################
secrets:
- - uid: oof-onap-certs
- externalSecret: '{{ tpl (default "" .Values.certSecret) . }}'
- type: generic
- filePaths: '{{ .Values.secretsFilePaths }}'
- uid: oof-has-etcd-secret
name: &user-creds '{{ include "common.release" . }}-oof-has-etcd-secret'
type: basicAuth
@@ -72,6 +68,11 @@ readiness:
initialDelaySeconds: 10
periodSeconds: 10
+readinessCheck:
+ wait_for:
+ jobs:
+ - '{{ include "common.release" . }}-{{ .Values.config.etcd.configJobNameOverride }}-job'
+
#Pods Service Account
serviceAccount:
nameOverride: oof-has-controller
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-data/Chart.yaml b/kubernetes/oof/components/oof-has/components/oof-has-data/Chart.yaml
index 725545159c..0b0b6e7abe 100755
--- a/kubernetes/oof/components/oof-has/components/oof-has-data/Chart.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-data/Chart.yaml
@@ -33,3 +33,6 @@ dependencies:
- name: serviceAccount
version: ~12.x-0
repository: '@local'
+ - name: readinessCheck
+ version: ~12.x-0
+ repository: '@local'
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-data/templates/deployment.yaml b/kubernetes/oof/components/oof-has/components/oof-has-data/templates/deployment.yaml
index 72ecd7db2d..6319c99b25 100755
--- a/kubernetes/oof/components/oof-has/components/oof-has-data/templates/deployment.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-data/templates/deployment.yaml
@@ -17,62 +17,15 @@
apiVersion: apps/v1
kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
+metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
spec:
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
+ selector: {{- include "common.selectors" . | nindent 4 }}
replicas: {{ .Values.replicaCount }}
template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
+ metadata: {{- include "common.templateMetadata" . | nindent 6 }}
spec:
initContainers:
- - name: {{ include "common.name" . }}-readiness
- command:
- - /app/ready.py
- args:
- - --job-name
- - {{ include "common.release" . }}-{{ .Values.config.etcd.configJobNameOverride }}-job
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- image: {{ include "repositoryGenerator.image.readiness" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-
- {{- if (include "common.needTLS" .) }}
- - name: {{ include "common.name" . }}-data-sms-readiness
- command:
- - sh
- - -c
- - resp="FAILURE";
- until [ $resp = "200" ]; do
- resp=$(curl -s -o /dev/null -k --write-out %{http_code} https://aaf-sms.{{ include "common.namespace" . }}:10443/v1/sms/domain/has/secret);
- echo $resp;
- sleep 2;
- done
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- image: {{ include "repositoryGenerator.image.curl" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- {{- end }}
-
+ {{ include "common.readinessCheck.waitFor" . | nindent 6 }}
containers:
- name: {{ include "common.name" . }}
image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.image.optf_has }}
@@ -114,17 +67,6 @@ spec:
- mountPath: /usr/local/bin/healthy.sh
name: {{ .Values.global.commonConfigPrefix }}-config
subPath: healthy.sh
- {{- if (include "common.needTLS" .) }}
- - mountPath: /usr/local/bin/aai_cert.cer
- name: {{ .Values.global.commonConfigPrefix }}-config
- subPath: aai_cert.cer
- - mountPath: /usr/local/bin/aai_key.key
- name: {{ .Values.global.commonConfigPrefix }}-config
- subPath: aai_key.key
- - mountPath: /usr/local/bin/AAF_RootCA.cer
- name: {{ include "common.fullname" . }}-onap-certs
- subPath: aaf_root_ca.cer
- {{- end }}
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
@@ -150,14 +92,5 @@ spec:
path: log.conf
- key: healthy.sh
path: healthy.sh
- {{- if (include "common.needTLS" .) }}
- - key: aai_cert.cer
- path: aai_cert.cer
- - key: aai_key.key
- path: aai_key.key
- {{- end }}
-{{- if (include "common.needTLS" .) }}
-{{ include "oof.certificate.volume" . | indent 8 }}
-{{- end }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-data/values.yaml b/kubernetes/oof/components/oof-has/components/oof-has-data/values.yaml
index 93a335d29d..166b1a4099 100755
--- a/kubernetes/oof/components/oof-has/components/oof-has-data/values.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-data/values.yaml
@@ -20,10 +20,6 @@ global:
# secrets metaconfig
#################################################################
secrets:
- - uid: oof-onap-certs
- externalSecret: '{{ tpl (default "" .Values.certSecret) . }}'
- type: generic
- filePaths: '{{ .Values.secretsFilePaths }}'
- uid: oof-has-etcd-secret
name: &user-creds '{{ include "common.release" . }}-oof-has-etcd-secret'
type: basicAuth
@@ -72,6 +68,11 @@ readiness:
initialDelaySeconds: 10
periodSeconds: 10
+readinessCheck:
+ wait_for:
+ jobs:
+ - '{{ include "common.release" . }}-{{ .Values.config.etcd.configJobNameOverride }}-job'
+
#Pods Service Account
serviceAccount:
nameOverride: oof-has-data
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-reservation/Chart.yaml b/kubernetes/oof/components/oof-has/components/oof-has-reservation/Chart.yaml
index b8e5521b93..9f60691b5e 100755
--- a/kubernetes/oof/components/oof-has/components/oof-has-reservation/Chart.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-reservation/Chart.yaml
@@ -33,3 +33,6 @@ dependencies:
- name: serviceAccount
version: ~12.x-0
repository: '@local'
+ - name: readinessCheck
+ version: ~12.x-0
+ repository: '@local'
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-reservation/templates/deployment.yaml b/kubernetes/oof/components/oof-has/components/oof-has-reservation/templates/deployment.yaml
index b90a6f6e89..e7c5d7c9fa 100755
--- a/kubernetes/oof/components/oof-has/components/oof-has-reservation/templates/deployment.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-reservation/templates/deployment.yaml
@@ -17,62 +17,15 @@
apiVersion: apps/v1
kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
+metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
spec:
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
+ selector: {{- include "common.selectors" . | nindent 4 }}
replicas: {{ .Values.replicaCount }}
template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
+ metadata: {{- include "common.templateMetadata" . | nindent 6 }}
spec:
initContainers:
- - name: {{ include "common.name" . }}-readiness
- command:
- - /app/ready.py
- args:
- - --job-name
- - {{ include "common.release" . }}-{{ .Values.config.etcd.configJobNameOverride }}-job
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- image: {{ include "repositoryGenerator.image.readiness" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-
- {{- if (include "common.needTLS" .) }}
- - name: {{ include "common.name" . }}-resrv-sms-readiness
- command:
- - sh
- - -c
- - resp="FAILURE";
- until [ $resp = "200" ]; do
- resp=$(curl -s -o /dev/null -k --write-out %{http_code} https://aaf-sms.{{ include "common.namespace" .}}:10443/v1/sms/domain/has/secret);
- echo $resp;
- sleep 2;
- done
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- image: {{ include "repositoryGenerator.image.curl" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- {{- end }}
-
+ {{ include "common.readinessCheck.waitFor" . | nindent 6 }}
containers:
- name: {{ include "common.name" . }}
image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.image.optf_has }}
@@ -114,11 +67,6 @@ spec:
- mountPath: /usr/local/bin/healthy.sh
name: {{ .Values.global.commonConfigPrefix }}-config
subPath: healthy.sh
- {{- if (include "common.needTLS" .) }}
- - mountPath: /usr/local/bin/AAF_RootCA.cer
- name: {{ include "common.fullname" . }}-onap-certs
- subPath: aaf_root_ca.cer
- {{- end }}
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
@@ -144,8 +92,5 @@ spec:
path: log.conf
- key: healthy.sh
path: healthy.sh
-{{- if (include "common.needTLS" .) }}
-{{ include "oof.certificate.volume" . | indent 8 }}
-{{- end }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-reservation/values.yaml b/kubernetes/oof/components/oof-has/components/oof-has-reservation/values.yaml
index 651e832929..3b4b1e2fe6 100755
--- a/kubernetes/oof/components/oof-has/components/oof-has-reservation/values.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-reservation/values.yaml
@@ -20,10 +20,6 @@ global:
# secrets metaconfig
#################################################################
secrets:
- - uid: oof-onap-certs
- externalSecret: '{{ tpl (default "" .Values.certSecret) . }}'
- type: generic
- filePaths: '{{ .Values.secretsFilePaths }}'
- uid: oof-has-etcd-secret
name: &user-creds '{{ include "common.release" . }}-oof-has-etcd-secret'
type: basicAuth
@@ -72,6 +68,11 @@ readiness:
initialDelaySeconds: 10
periodSeconds: 10
+readinessCheck:
+ wait_for:
+ jobs:
+ - '{{ include "common.release" . }}-{{ .Values.config.etcd.configJobNameOverride }}-job'
+
#Pods Service Account
serviceAccount:
nameOverride: oof-has-reservation
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-solver/Chart.yaml b/kubernetes/oof/components/oof-has/components/oof-has-solver/Chart.yaml
index 9f5381be53..0262f41062 100755
--- a/kubernetes/oof/components/oof-has/components/oof-has-solver/Chart.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-solver/Chart.yaml
@@ -33,3 +33,6 @@ dependencies:
- name: serviceAccount
version: ~12.x-0
repository: '@local'
+ - name: readinessCheck
+ version: ~12.x-0
+ repository: '@local'
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-solver/templates/deployment.yaml b/kubernetes/oof/components/oof-has/components/oof-has-solver/templates/deployment.yaml
index 4499d9806e..3cf0450c06 100755
--- a/kubernetes/oof/components/oof-has/components/oof-has-solver/templates/deployment.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-solver/templates/deployment.yaml
@@ -17,62 +17,15 @@
apiVersion: apps/v1
kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
+metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
spec:
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
+ selector: {{- include "common.selectors" . | nindent 4 }}
replicas: {{ .Values.replicaCount }}
template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
+ metadata: {{- include "common.templateMetadata" . | nindent 6 }}
spec:
initContainers:
- - name: {{ include "common.name" . }}-readiness
- command:
- - /app/ready.py
- args:
- - --job-name
- - {{ include "common.release" . }}-{{ .Values.config.etcd.configJobNameOverride }}-job
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- image: {{ include "repositoryGenerator.image.readiness" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-
- {{- if (include "common.needTLS" .) }}
- - name: {{ include "common.name" . }}-solvr-sms-readiness
- command:
- - sh
- - -c
- - resp="FAILURE";
- until [ $resp = "200" ]; do
- resp=$(curl -s -o /dev/null -k --write-out %{http_code} https://aaf-sms.{{ include "common.namespace" . }}:10443/v1/sms/domain/has/secret);
- echo $resp;
- sleep 2;
- done
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- image: {{ include "repositoryGenerator.image.curl" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- {{- end }}
-
+ {{ include "common.readinessCheck.waitFor" . | nindent 6 }}
containers:
- name: {{ include "common.name" . }}
image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.image.optf_has }}
@@ -114,11 +67,6 @@ spec:
- mountPath: /usr/local/bin/healthy.sh
name: {{ .Values.global.commonConfigPrefix }}-config
subPath: healthy.sh
- {{- if (include "common.needTLS" .) }}
- - mountPath: /usr/local/bin/AAF_RootCA.cer
- name: {{ include "common.fullname" . }}-onap-certs
- subPath: aaf_root_ca.cer
- {{- end }}
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
@@ -144,8 +92,5 @@ spec:
path: log.conf
- key: healthy.sh
path: healthy.sh
-{{- if (include "common.needTLS" .) }}
-{{ include "oof.certificate.volume" . | indent 8 }}
-{{- end }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-solver/values.yaml b/kubernetes/oof/components/oof-has/components/oof-has-solver/values.yaml
index 46ff033c82..0bce2bc1ce 100755
--- a/kubernetes/oof/components/oof-has/components/oof-has-solver/values.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-solver/values.yaml
@@ -20,10 +20,6 @@ global:
# secrets metaconfig
#################################################################
secrets:
- - uid: oof-onap-certs
- externalSecret: '{{ tpl (default "" .Values.certSecret) . }}'
- type: generic
- filePaths: '{{ .Values.secretsFilePaths }}'
- uid: oof-has-etcd-secret
name: &user-creds '{{ include "common.release" . }}-oof-has-etcd-secret'
type: basicAuth
@@ -72,6 +68,11 @@ readiness:
initialDelaySeconds: 10
periodSeconds: 10
+readinessCheck:
+ wait_for:
+ jobs:
+ - '{{ include "common.release" . }}-{{ .Values.config.etcd.configJobNameOverride }}-job'
+
#Pods Service Account
serviceAccount:
nameOverride: oof-has-solver
diff --git a/kubernetes/oof/components/oof-has/resources/config/aai_cert.cer b/kubernetes/oof/components/oof-has/resources/config/aai_cert.cer
deleted file mode 100755
index 4c6eb916e6..0000000000
--- a/kubernetes/oof/components/oof-has/resources/config/aai_cert.cer
+++ /dev/null
@@ -1,25 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIEKjCCAxKgAwIBAgIBHjANBgkqhkiG9w0BAQsFADBHMQswCQYDVQQGEwJVUzEN
-MAsGA1UECgwET05BUDEOMAwGA1UECwwFT1NBQUYxGTAXBgNVBAMMEGludGVybWVk
-aWF0ZUNBXzEwHhcNMTgwNDI1MTIxMzAxWhcNMTkwNDIwMTIxMzAxWjBtMQswCQYD
-VQQGEwJVUzENMAsGA1UECgwET05BUDEZMBcGA1UECwwQb29mQG9vZi5vbmFwLm9y
-ZzEOMAwGA1UECwwFT1NBQUYxJDAiBgNVBAMMG29vZi5hcGkuc2ltcGxlZGVtby5v
-bmFwLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANGpQUtgLXG3
-dVikd/QC2Q24wzeTOeZzbx3PnidNYZT5K0sJ/TdnZF6O/4+9gXQ6AQS2Q8wfQ009
-MQAA5vhUaq5yZ2K+XAtEFGln1TxTFpGu3WDOwQ800Vw18Dk8WidrkzDJv489Bn1f
-SSaPC0IaRB0K1d8BD63ZHgsuEY8lt31DX2wFWJcfN9mxNDzuLTZoLxtxKsedoZKH
-rsOOILwXOhwuunfx40i6RQN/pFX6C2i8dtOA5OwUm9Q1RrZ2Tv1Uf4IURriH6bfZ
-5n50yxTuL22TMYXsF/ohrdgwacuC0aV9ZSGhIZUJPyHVg7+QTBioHmoUJInVKuIx
-kkC4lENbLYUCAwEAAaOB+jCB9zAJBgNVHRMEAjAAMBEGCWCGSAGG+EIBAQQEAwIG
-wDAzBglghkgBhvhCAQ0EJhYkT3BlblNTTCBHZW5lcmF0ZWQgU2VydmVyIENlcnRp
-ZmljYXRlMB0GA1UdDgQWBBQwbU5oHU2iYHCoVz4hFCvBW59cdTBUBgNVHSMETTBL
-gBQd5lldG54KOKRipsGF8/PP1vGX6qEwpC4wLDEOMAwGA1UECwwFT1NBQUYxDTAL
-BgNVBAoMBE9OQVAxCzAJBgNVBAYTAlVTggEBMA4GA1UdDwEB/wQEAwIF4DAdBgNV
-HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQADggEBADEa
-0VuxoFIygeQTqlizpHNwfApPmlAVSKDTWuEu4rhJs8GT61EuWZQPygXEUHCYmGvJ
-GMwEGGIDGiQqxMqlqng46gksNJbi1ktXr6Du18qW7gziUd84ve8KcecjZru1Sk1e
-UJ/6WEQVE17CHKcnzQZsMDakgP+61VgKbk5NlkeF/Qh4L6/3jY7g+xoXqaId5RT9
-BetmH/cMsj33lxQTs0fcXTbAQd6BX5ug854OJ1mU4ngJnNBdmn9Ow1bB71ohf5Xv
-OEYX8+khjgjlmM0u1hBRL4qViv3y2Gzhpm1M8cETMDj4g0zIJytzIYMxO8XvDPCF
-YmVZHXJDLsCogSOmmh0=
------END CERTIFICATE----- \ No newline at end of file
diff --git a/kubernetes/oof/components/oof-has/resources/config/aai_key.key b/kubernetes/oof/components/oof-has/resources/config/aai_key.key
deleted file mode 100755
index 246ff6d8cb..0000000000
--- a/kubernetes/oof/components/oof-has/resources/config/aai_key.key
+++ /dev/null
@@ -1,30 +0,0 @@
------BEGIN ENCRYPTED PRIVATE KEY-----
-MIIFDjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIvxjZPeQVkRACAggA
-MBQGCCqGSIb3DQMHBAhWqwQCjZFCrASCBMjWG5wsC1WFJISJ5odMHzYOWOKLpaDP
-7a/dxnBrV6gId/DTmzoqtiBCmQRqhnUuYok98DNUFGjR9JqztNNOf5eslzqCugsh
-zVwCvsJYKvxxJ4Q8tow3DKx28I6EmOvwudMsL9c30OxpEWdlWmyFimu5JDdDvWUH
-S0fWKebQETZ7lptiRX2IXhC3Ye6Wu/DowDYc5L4Z/Q8nwncMB3n2ntMX10pBrura
-15/R18AvG5cDwcasTXz5WKIB/K2onvJfW0so2M8jApu2DF4MpEIN9Z973uTNFXcL
-dgHKWtIl2WO38coedaXUILgsxLSSU27TG4F+7QMGjiKXUSWjN9+TD+8zWye/9OIW
-qfVtoh+n7lWtzC3Axo1OmPInCkFb+I7QaDsJgsUn+ZWap7FVJFrYiz20UTzYYgAK
-OukCgKiJTHOhTT1k0km34ROPmqOk6mH7IkioUSTmoP362RpIVTbKv2e5GKzhYfkk
-27W3RRG/qoZLUTU2AaAyoGZlzXDkBFw2g4vxnhcfHeXX6jyJyQWOOOeRJ5B6uc+Y
-4XmKKJvq5pFlxUDmVCZLRzjwpvYPTQwTQQ9t7kEZFI8B7TMkDqv62YlXyoWNDwPq
-yLvDwPDicx33AZor8N/eDgIOE+TXQ0vEyphf0c9OcgneeJmEtn7IskEahv32ruMQ
-uFAAuIUmQfXPNMXu3MYIUItvZDm3RUk3YJDj9c8YtvxDlzLytHu5QYJ3v7rvo+mG
-XKwmnZouaNRLw5Y7Mff07BuTPuttyNadacuJtUjvv8qVOIeuxQ7nku6yqKKLTeJr
-8E4/tYyZ15FIo3hWi16h3zyZ9LiHhhe7d2XYSVMuzuD4jkIdHbdgiKsCJn9mI5PF
-VpDF34w1Fjwv7Gu32MRMpJijAW10ENaP1O2izr9l8jwo+CLgi5qa6a2YTYAZooqt
-UjTLfEIQKbwFbq5L9Eb1uRw1lRR9SxcxdNQdY+mtx0x2BSmXVUEcyi6OG/8Lzf/1
-9VoE5UPfhSE7ogfbL8eraFlQmKL8f3h3Jx/XDvvKC8YXxgooEhV0BsofXmLdF0BK
-bhXR1/JptLz8CJjtlBWQkmqj+ONOHFA9/4YHMNn5T1PBLNzQCZSjQXrDKxowLDsI
-ozUyZ080c2LrJCf6zj6+fB3LDvHYfJ6LnYASCHJlNS0NVmRPiYB/dmoqF/iyAEjp
-cKUUrbhs6U95aPMo0pPSCuhLKiibCo3Vz/9dvGb7pr6aj/ehOjrtKtGlYukBqNkS
-RQK2kkL8IO+iPWs3aCnEhfeS+wNBMAtI/TEw6As2zseyb3/SylHjek4s1gs9MPdw
-c3o2ArwMzmP0sfFIjYz+AyQm+5i/LSnkNjG0OU9ekGXy7Z4HAcko2Dv8/SmOVapP
-cf8c55RUDlYJh9Ltn0W5fuNA6dykV7f9s8BIrZcnzTN+lifNhNlEYYcmyZwlCcX4
-NBLoH+ENW+Q7+nuhGcf52j/XgTaPZ0Eec8ZJdK7FzVDN4DWKM4KHD7DgpkOR7TZl
-IKGNtdvb3SaGG83YlJhRkkr0C2KvB0Mz2dkAhOKX3NkBr5fY62IvuMdqD7VDjGAw
-h/GBn0k5+gpVP0Uh6yWEla3CjM9GnUuMVcwIUAYSeW2rFu4iapK0gBwguR91cM1N
-MA8=
------END ENCRYPTED PRIVATE KEY-----
diff --git a/kubernetes/oof/components/oof-has/resources/config/bundle.pem b/kubernetes/oof/components/oof-has/resources/config/bundle.pem
deleted file mode 100755
index 60121e751b..0000000000
--- a/kubernetes/oof/components/oof-has/resources/config/bundle.pem
+++ /dev/null
@@ -1,26 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIEVDCCAjygAwIBAgIBATANBgkqhkiG9w0BAQsFADAsMQ4wDAYDVQQLDAVPU0FB
-RjENMAsGA1UECgwET05BUDELMAkGA1UEBhMCVVMwHhcNMTgwNDA1MTQxNTQwWhcN
-MTgwNjA0MTQxNTQwWjBHMQswCQYDVQQGEwJVUzENMAsGA1UECgwET05BUDEOMAwG
-A1UECwwFT1NBQUYxGTAXBgNVBAMMEGludGVybWVkaWF0ZUNBXzEwggEiMA0GCSqG
-SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCY3YPA/YQdz4kaZQzdRzWNjmn33WYAWZ8+
-EIz3PhkEzk7M1q9N7Icx2LvozMj4VH0yGz/HYlliHhw26ZRsjYMSR8zATsXl4oW9
-w9BrjuyvM3w8Ptxe8WbUFF9LJDGyXPeVvcXVo0iyh3QYPWC/AWmomN19MvBFN5vH
-AvEG/7qtonViNfISW9Gr9LpXB0foCmUDBu/lV+SwRGajoCPqdZhZ6/L6/yqDvha2
-wsML/UZXlGhXAedt/xOKmT/dSXx/I0vWBVp6Tq4zu87yCvd+I6Tpa5HjttA2I5EV
-zdHX+JYBPBBcVCyO9YQOYjJuoVDE4D5etY6dEipKG/KZF/rqAoqZAgMBAAGjZjBk
-MB0GA1UdDgQWBBQd5lldG54KOKRipsGF8/PP1vGX6jAfBgNVHSMEGDAWgBRTVTPy
-S+vQUbHBeJrBKDF77+rtSTASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQE
-AwIBhjANBgkqhkiG9w0BAQsFAAOCAgEAmgeiitBDi/YEqFh2Cqp0VIEqw8hiuV87
-rADQWMK4hv5WXl3KJTjFAnWsYFUKrm6s1jNH16FyGExUQgwggob0Vt+MHiUs36jU
-kyret/uE5qrjz+/J+i2XG6s1oKcDRVD/jU4qBygZWFBMuwl7sz8IEvaYXGM43s96
-Du3UF9E+V3aMppqkGWz6MnrTmANnWAlDAMeifcoexjrpxiKbp8f49HX1UzwFoeEg
-RnVwNqgDWT66yGV6mbNl6FpE/U81RpCRY1ZJDeVTxbqIaG/UPV4hpQ+BEVBDF+cb
-rGsvsNYYpWx5srIQ7WtGKIlaDFbfWPwnHDHegzr8ypAS3KNWULE+QXCbHWtB+b0Y
-WhP/2F6Jjb+ByvJqQoE+nHEYBeUOZUUZC4IuQFNJ5Wy5P0CNXdheiWhdrBmG02Gy
-KMi0FJx6BEoWM2xcdl6bn5j9mhF4TX7zgepNWlgTra4Z8Oz8iqbQk33/s2OKM4ic
-6ZezUYhNp+MuUt4Se+ufNcGV65jnUKeROtWzNLwP+xwglEFlG8aNiAORthd7QJuT
-Ey2cX7H7f38ENQ5YCriUk1nVLO9F66l/rNRzYZgQzRI3IvDW8vyM2TLW2mcZNsaf
-qjFMcCDweV2FRb8eTbmWzzB2/xTVpGzVJqzwgE+U7UtJx5CZS3wPkvXuEgvcg1tY
-m1r4NGYFvLM=
------END CERTIFICATE----- \ No newline at end of file
diff --git a/kubernetes/oof/components/oof-has/resources/config/conductor.conf b/kubernetes/oof/components/oof-has/resources/config/conductor.conf
index d650808036..511c0cd6de 100755
--- a/kubernetes/oof/components/oof-has/resources/config/conductor.conf
+++ b/kubernetes/oof/components/oof-has/resources/config/conductor.conf
@@ -159,13 +159,13 @@ appkey = ""
#
# is_aaf_enabled. (boolean value)
-is_aaf_enabled = {{ (eq "true" (include "common.needTLS" .)) | ternary true false }}
+is_aaf_enabled = false
# aaf_cache_expiry_hrs. (integer value)
aaf_cache_expiry_hrs = 3
# aaf_url. (string value)
-aaf_url = http{{ if (include "common.needTLS" .) }}s{{ end }}://{{.Values.config.aaf.serviceName}}:{{.Values.config.aaf.port}}/authz/perms/user/
+aaf_url =
# aaf_cert_file. (string value)
#aaf_cert_file = <None>
@@ -175,7 +175,7 @@ aaf_url = http{{ if (include "common.needTLS" .) }}s{{ end }}://{{.Values.config
# aaf_ca_bundle_file. (string value)
#aaf_ca_bundle_file =
-aaf_ca_bundle_file = {{ if (include "common.needTLS" .) }}/usr/local/bin/AAF_RootCA.cer{{ end }}
+aaf_ca_bundle_file =
# aaf_retries. (integer value)
#aaf_retries = 3
@@ -194,11 +194,11 @@ aaf_ca_bundle_file = {{ if (include "common.needTLS" .) }}/usr/local/bin/AAF_Roo
#
# is_enabled. (boolean value)
-is_enabled = {{ (eq "true" (include "common.needTLS" .)) | ternary true false }}
+is_enabled = false
# Base URL for SMS, up to and not including the version, and without a trailing
# slash. (string value)
-aaf_sms_url = http{{ if (include "common.needTLS" .) }}s{{ end }}://{{.Values.config.sms.serviceName}}.{{ include "common.namespace" . }}:{{.Values.config.sms.port}}
+aaf_sms_url =
# Timeout for SMS API Call (integer value)
@@ -234,8 +234,7 @@ complex_cache_refresh_interval = 60
# Base URL for A&AI, up to and not including the version, and without a
# trailing slash. (string value)
-#server_url = https://{{.Values.config.aai.serviceName}}.{{ include "common.namespace" . }}:{{.Values.config.aai.port}}/aai
-server_url = http{{ if (include "common.needTLS" .) }}s{{ end }}://{{.Values.config.aai.serviceName}}.{{ include "common.namespace" . }}:{{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.aai.port .Values.config.aai.plainPort }}/aai
+server_url = http://{{.Values.config.aai.serviceName}}.{{ include "common.namespace" . }}:{{.Values.config.aai.port}}/aai
# Timeout for A&AI Rest Call (string value)
#aai_rest_timeout = 30
@@ -256,7 +255,7 @@ certificate_key_file =
# Certificate Authority Bundle file in pem format. Must contain the appropriate
# trust chain for the Certificate file. (string value)
#certificate_authority_bundle_file = certificate_authority_bundle.pem
-certificate_authority_bundle_file = {{ if (include "common.needTLS" .) }}/usr/local/bin/AAF_RootCA.cer{{ end }}
+certificate_authority_bundle_file =
# Username for AAI. (string value)
username = OOF
@@ -452,102 +451,6 @@ username =
password =
-[music_api]
-
-#
-# From conductor
-#
-
-# Base URL for Music REST API without a trailing slash. (string value)
-#server_url = http://oof-has-music:8080/MUSIC/rest/v2
-server_url = https://{{.Values.config.music.serviceName}}.{{ include "common.namespace" . }}:{{.Values.config.music.port}}/MUSIC/rest/v2
-version = v2
-
-# DEPRECATED: List of hostnames (round-robin access) (list value)
-# This option is deprecated for removal.
-# Its value may be silently ignored in the future.
-# Reason: Use server_url instead
-#hostnames = <None>
-
-# DEPRECATED: Port (integer value)
-# This option is deprecated for removal.
-# Its value may be silently ignored in the future.
-# Reason: Use server_url instead
-#port = <None>
-
-# DEPRECATED: Path (string value)
-# This option is deprecated for removal.
-# Its value may be silently ignored in the future.
-# Reason: Use server_url instead
-#path = <None>
-
-# Socket connection timeout (floating point value)
-#connect_timeout = 3.05
-
-# Socket read timeout (floating point value)
-#read_timeout = 12.05
-
-# Lock timeout (integer value)
-#lock_timeout = 10
-
-# Replication factor (integer value)
-#replication_factor = 1
-replication_factor = 1
-
-# Use mock API (boolean value)
-#mock = false
-
-# (string value)
-#music_topology = SimpleStrategy
-
-# Name of the first data center (string value)
-#first_datacenter_name = <None>
-
-# Number of replicas in first data center (integer value)
-#first_datacenter_replicas = <None>
-
-# Name of the second data center (string value)
-#second_datacenter_name = <None>
-
-# Number of replicas in second data center (integer value)
-#second_datacenter_replicas = <None>
-
-# Name of the third data center (string value)
-#third_datacenter_name = <None>
-
-# Number of replicas in third data center (integer value)
-#third_datacenter_replicas = <None>
-
-# new or old version (boolean value)
-#music_new_version = <None>
-music_new_version = True
-
-# for version (string value)
-#music_version = <None>
-music_version = "3.2.40"
-
-# username value that used for creating basic authorization header (string
-# value)
-#aafuser = <None>
-aafuser = conductor
-
-# password value that used for creating basic authorization header (string
-# value)
-#aafpass = <None>
-aafpass = c0nduct0r
-
-# AAF namespace field used in MUSIC request header (string value)
-#aafns = <None>
-aafns = conductor
-
-# Enabling HTTPs mode (boolean value)
-enable_https_mode = True
-
-# Certificate Authority Bundle file in pem format. Must contain the appropriate
-# trust chain for the Certificate file. (string value)
-certificate_authority_bundle_file = /usr/local/bin/AAF_RootCA.cer
-
-
[prometheus]
#
@@ -680,8 +583,7 @@ concurrent = true
# Base URL for SDC, up to and not including the version, and without a
# trailing slash. (string value)
#server_url = https://controller:8443/sdc
-#server_url = https://{{.Values.config.sdc.serviceName}}.{{ include "common.namespace" . }}:{{.Values.config.sdc.port}}/sdc
-server_url = http{{ if (include "common.needTLS" .) }}s{{ end }}://{{.Values.config.sdc.serviceName}}.{{ include "common.namespace" . }}:{{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.sdc.port .Values.config.sdc.plainPort }}/sdc
+server_url = http://{{.Values.config.sdc.serviceName}}.{{ include "common.namespace" . }}:{{.Values.config.sdc.port}}/sdc
# Timeout for SDC Rest Call (string value)
#sdc_rest_timeout = 30
@@ -704,7 +606,7 @@ certificate_key_file =
# Certificate Authority Bundle file in pem format. Must contain the appropriate
# trust chain for the Certificate file. (string value)
#certificate_authority_bundle_file = certificate_authority_bundle.pem
-certificate_authority_bundle_file = {{ if (include "common.needTLS" .) }}/usr/local/bin/AAF_RootCA.cer{{ end }}
+certificate_authority_bundle_file =
# Username for SDC. (string value)
#username =
@@ -749,7 +651,7 @@ certificate_key_file =
# Certificate Authority Bundle file in pem format. Must contain the appropriate
# trust chain for the Certificate file. (string value)
#certificate_authority_bundle_file = certificate_authority_bundle.pem
-certificate_authority_bundle_file = {{ if (include "common.needTLS" .) }}/usr/local/bin/AAF_RootCA.cer{{ end }}
+certificate_authority_bundle_file =
# Username for CPS. (string value)
#username =
@@ -770,7 +672,7 @@ get_ta_list_url = "/api/v1/execute/ran-coverage-area/get_ta_list"
# Base URL for DCAE, up to and not including the version, and without a
# trailing slash. (string value)
-server_url = http://{{.Values.config.dcae.service}}.{{ include "common.namespace" . }}:{{.Values.config.dcae.port}}
+server_url = http://{{.Values.config.dcae.serviceName}}.{{ include "common.namespace" . }}:{{.Values.config.dcae.port}}
# Timeout for DCAE Rest Call (string value)
#dcae_rest_timeout = 30
@@ -793,7 +695,7 @@ certificate_key_file =
# Certificate Authority Bundle file in pem format. Must contain the appropriate
# trust chain for the Certificate file. (string value)
#certificate_authority_bundle_file = certificate_authority_bundle.pem
-certificate_authority_bundle_file = {{ if (include "common.needTLS" .) }}/usr/local/bin/AAF_RootCA.cer{{ end }}
+certificate_authority_bundle_file =
# Username for DCAE. (string value)
#username =
diff --git a/kubernetes/oof/components/oof-has/resources/config/nginx.conf b/kubernetes/oof/components/oof-has/resources/config/nginx.conf
index 9272e8581c..1c1094dacb 100644
--- a/kubernetes/oof/components/oof-has/resources/config/nginx.conf
+++ b/kubernetes/oof/components/oof-has/resources/config/nginx.conf
@@ -11,17 +11,8 @@ http {
server {
-{{ if (include "common.needTLS" .) }}
- listen 8091 ssl;
- server_name oof;
- ssl_certificate /opt/bitnami/nginx/org.onap.oof.crt;
- ssl_certificate_key /opt/bitnami/nginx/ssl/local/org.onap.oof.key;
- ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
- ssl_ciphers HIGH:!aNULL:!MD5;
-{{ else }}
listen 8091;
server_name oof;
-{{ end }}
location / {
include /opt/bitnami/nginx/conf/uwsgi_params;
diff --git a/kubernetes/oof/components/oof-has/values.yaml b/kubernetes/oof/components/oof-has/values.yaml
index 0c5397c5a8..219e236fbf 100755
--- a/kubernetes/oof/components/oof-has/values.yaml
+++ b/kubernetes/oof/components/oof-has/values.yaml
@@ -27,11 +27,6 @@ global:
# Secrets metaconfig
#################################################################
secrets:
- - uid: oof-onap-certs
- name: &oof-certs '{{ include "common.release" . }}-oof-onap-certs'
- externalSecret: '{{ tpl (default "" .Values.certSecret) . }}'
- type: generic
- filePaths: '{{ .Values.secretsFilePaths }}'
- uid: oof-has-etcd-root-password
name: &root-password '{{ include "common.release" . }}-has-etcd-root-password'
type: password
@@ -50,31 +45,20 @@ nodePortPrefix: 302
dataRootDir: /dockerdata-nfs
config:
dbBackend: etcd
- aaf:
- serviceName: aaf-service
- port: 8100
aai:
serviceName: aai
- port: 8443
- plainPort: 80
+ port: 80
msb:
serviceName: msb-iag
port: 80
- music:
- serviceName: music
- port: 8443
- sms:
- serviceName: aaf-sms
- port: 10443
sdc:
serviceName: sdc-be
- port: 8443
- plainPort: 8080
+ port: 8080
cps:
- service: cps-tbdmt
+ serviceName: cps-tbdmt
port: 8080
dcae:
- service: dcae-slice-analysis-ms
+ serviceName: dcae-slice-analysis-ms
port: 8080
etcd:
serviceName: &etcd-service oof-has-etcd
@@ -106,7 +90,6 @@ resources:
#component overrides
oof-has-api: &has-config
enabled: true
- certSecret: *oof-certs
config:
etcd:
userCredentialsExternalSecret: *user-creds
@@ -115,8 +98,6 @@ oof-has-controller: *has-config
oof-has-data: *has-config
oof-has-reservation: *has-config
oof-has-solver: *has-config
-music:
- enabled: false
#etcd subchart configurations
etcd:
diff --git a/kubernetes/oof/components/oof-templates/templates/_certificate.tpl b/kubernetes/oof/components/oof-templates/templates/_certificate.tpl
deleted file mode 100644
index 4da128bcbb..0000000000
--- a/kubernetes/oof/components/oof-templates/templates/_certificate.tpl
+++ /dev/null
@@ -1,11 +0,0 @@
-{{- define "oof.certificate.volume" -}}
-- name: {{ include "common.fullname" . }}-onap-certs
- secret:
- secretName: {{ include "common.secret.getSecretNameFast" (dict "global" . "uid" "oof-onap-certs") }}
- items:
- - key: aaf_root_ca.cer
- path: aaf_root_ca.cer
- - key: intermediate_root_ca.pem
- path: intermediate_root_ca.pem
-{{- end -}}
-