aboutsummaryrefslogtreecommitdiffstats
path: root/kubernetes/policy/components/policy-drools-pdp
diff options
context:
space:
mode:
authorAndreas Geissler <andreas-geissler@telekom.de>2023-03-21 18:09:46 +0100
committerAndreas Geissler <andreas-geissler@telekom.de>2023-03-23 18:33:22 +0100
commitf10c5555b94780a402c5d62dce1e60dfe12390ec (patch)
tree0a9f54172cc89f68e4a04c43b23503b15eedef6f /kubernetes/policy/components/policy-drools-pdp
parentae76d2e31d845728ad34ea599a2254b77fd87132 (diff)
[POLICY] Cleanup of Helmcharts from AAF/TLS options
Remove AAF options and Certificate settings Disable Istio Sidecar injection for DB jobs due to problems during DB Migration Extended the timeouts for clamp-runtime-acm Issue-ID: OOM-3120 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de> Change-Id: I802fa2038535524f4696513acd5aa7772e0a3f35
Diffstat (limited to 'kubernetes/policy/components/policy-drools-pdp')
-rwxr-xr-xkubernetes/policy/components/policy-drools-pdp/Chart.yaml3
-rwxr-xr-xkubernetes/policy/components/policy-drools-pdp/resources/configmaps/base.conf10
-rwxr-xr-xkubernetes/policy/components/policy-drools-pdp/resources/secrets/credentials.conf6
-rwxr-xr-xkubernetes/policy/components/policy-drools-pdp/templates/service.yaml33
-rwxr-xr-xkubernetes/policy/components/policy-drools-pdp/templates/statefulset.yaml32
-rwxr-xr-xkubernetes/policy/components/policy-drools-pdp/values.yaml43
6 files changed, 16 insertions, 111 deletions
diff --git a/kubernetes/policy/components/policy-drools-pdp/Chart.yaml b/kubernetes/policy/components/policy-drools-pdp/Chart.yaml
index 465d16bdf0..37a8f85c15 100755
--- a/kubernetes/policy/components/policy-drools-pdp/Chart.yaml
+++ b/kubernetes/policy/components/policy-drools-pdp/Chart.yaml
@@ -24,9 +24,6 @@ dependencies:
- name: common
version: ~12.x-0
repository: '@local'
- - name: certInitializer
- version: ~12.x-0
- repository: '@local'
- name: repositoryGenerator
version: ~12.x-0
repository: '@local'
diff --git a/kubernetes/policy/components/policy-drools-pdp/resources/configmaps/base.conf b/kubernetes/policy/components/policy-drools-pdp/resources/configmaps/base.conf
index a0b8bc7c4a..cf3c54aab4 100755
--- a/kubernetes/policy/components/policy-drools-pdp/resources/configmaps/base.conf
+++ b/kubernetes/policy/components/policy-drools-pdp/resources/configmaps/base.conf
@@ -49,15 +49,9 @@ MYSQL_CMD=
# Liveness
LIVENESS_CONTROLLERS=*
-# AAF
-
-AAF={{.Values.aaf.enabled}}
-AAF_NAMESPACE=org.onap.policy
-AAF_HOST=aaf-locate.{{.Release.Namespace}}
-
# HTTP Servers
-HTTP_SERVER_HTTPS={{ (eq "true" (include "common.needTLS" .)) | ternary "true" "false" }}
+HTTP_SERVER_HTTPS="false"
PROMETHEUS=true
# PDP-D DMaaP configuration channel
@@ -103,7 +97,7 @@ DMAAP_HTTPS="false"
# AAI
AAI_HOST=aai.{{.Release.Namespace}}
-AAI_PORT={{ (eq "true" (include "common.needTLS" .)) | ternary 8443 8080 }}
+AAI_PORT=8080
AAI_CONTEXT_URI=
# MSO
diff --git a/kubernetes/policy/components/policy-drools-pdp/resources/secrets/credentials.conf b/kubernetes/policy/components/policy-drools-pdp/resources/secrets/credentials.conf
index a2a34056f1..c535a950b5 100755
--- a/kubernetes/policy/components/policy-drools-pdp/resources/secrets/credentials.conf
+++ b/kubernetes/policy/components/policy-drools-pdp/resources/secrets/credentials.conf
@@ -18,12 +18,6 @@
# ============LICENSE_END=========================================================
*/}}
-{{- if not .Values.global.aafEnabled }}
-KEYSTORE_PASSWD={{.Values.keystore.password}}
-{{- end }}
-
-TRUSTSTORE_PASSWD={{.Values.truststore.password}}
-
TELEMETRY_USER={{.Values.telemetry.user}}
TELEMETRY_PASSWORD={{.Values.telemetry.password}}
diff --git a/kubernetes/policy/components/policy-drools-pdp/templates/service.yaml b/kubernetes/policy/components/policy-drools-pdp/templates/service.yaml
index 619d0d4441..c7322b1f94 100755
--- a/kubernetes/policy/components/policy-drools-pdp/templates/service.yaml
+++ b/kubernetes/policy/components/policy-drools-pdp/templates/service.yaml
@@ -15,34 +15,5 @@
# limitations under the License.
*/}}
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "common.servicename" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-spec:
- type: {{ .Values.service.type }}
- ports:
- {{if eq .Values.service.type "NodePort" -}}
- - port: {{ .Values.service.externalPort }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.portName }}{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}-{{ .Values.service.externalPort }}
- - port: {{ .Values.service.externalPort2 }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }}
- name: {{ .Values.service.portName }}{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}-{{ .Values.service.externalPort2 }}
- {{- else -}}
- - port: {{ .Values.service.externalPort }}
- targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}-{{ .Values.service.externalPort }}
- - port: {{ .Values.service.externalPort2 }}
- targetPort: {{ .Values.service.internalPort2 }}
- name: {{ .Values.service.portName }}{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}-{{ .Values.service.externalPort2 }}
- {{- end}}
- selector:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
+{{ include "common.service" . }}
+
diff --git a/kubernetes/policy/components/policy-drools-pdp/templates/statefulset.yaml b/kubernetes/policy/components/policy-drools-pdp/templates/statefulset.yaml
index b11dedf201..4ce90dad1a 100755
--- a/kubernetes/policy/components/policy-drools-pdp/templates/statefulset.yaml
+++ b/kubernetes/policy/components/policy-drools-pdp/templates/statefulset.yaml
@@ -17,25 +17,13 @@
apiVersion: apps/v1
kind: StatefulSet
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
+metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
spec:
+ selector: {{- include "common.selectors" . | nindent 4 }}
serviceName: {{ include "common.servicename" . }}
replicas: {{ .Values.replicaCount }}
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
+ metadata: {{- include "common.templateMetadata" . | nindent 6 }}
spec:
initContainers:
- command:
@@ -68,19 +56,13 @@ spec:
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
name: {{ include "common.name" . }}-readiness
{{- end }}
-{{ include "common.certInitializer.initContainer" . | indent 6 }}
containers:
- name: {{ include "common.name" . }}
image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
command: ["sh","-c"]
- args: ["if [ -f {{ .Values.certInitializer.credsPath }}/.ci ]; then \
- source {{ .Values.certInitializer.credsPath }}/.ci; fi;\
- cp {{ .Values.certInitializer.credsPath }}/org.onap.policy.p12 ${POLICY_HOME}/etc/ssl/policy-keystore;\
- /opt/app/policy/bin/pdpd-cl-entrypoint.sh boot"]
- ports:
- - containerPort: {{ .Values.service.externalPort }}
- - containerPort: {{ .Values.service.externalPort2 }}
+ args: ["/opt/app/policy/bin/pdpd-cl-entrypoint.sh boot"]
+ ports: {{ include "common.containerPorts" . | nindent 12 }}
{{- if eq .Values.liveness.enabled true }}
livenessProbe:
httpGet:
@@ -92,7 +74,7 @@ spec:
{{- end }}
readinessProbe:
tcpSocket:
- port: {{ .Values.service.externalPort }}
+ port: {{ .Values.service.internalPort }}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
env:
@@ -103,7 +85,6 @@ spec:
- name: SQL_PASSWORD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 12 }}
volumeMounts:
-{{ include "common.certInitializer.volumeMount" . | indent 10 }}
- mountPath: /etc/localtime
name: localtime
readOnly: true
@@ -128,7 +109,6 @@ spec:
{{- end }}
serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes:
-{{ include "common.certInitializer.volumes" . | indent 8 }}
- name: localtime
hostPath:
path: /etc/localtime
diff --git a/kubernetes/policy/components/policy-drools-pdp/values.yaml b/kubernetes/policy/components/policy-drools-pdp/values.yaml
index ec31bfb7d9..7cc347c519 100755
--- a/kubernetes/policy/components/policy-drools-pdp/values.yaml
+++ b/kubernetes/policy/components/policy-drools-pdp/values.yaml
@@ -70,50 +70,19 @@ readiness:
service:
type: ClusterIP
name: policy-drools-pdp
- portName: http
internalPort: 6969
- externalPort: 6969
- nodePort: 17
- internalPort2: 9696
- externalPort2: 9696
- nodePort2: 21
+ ports:
+ - name: http
+ port: 6969
+ - name: http-2
+ port: 9696
ingress:
enabled: false
-# Default installation values to be overridden
-
-certInitializer:
- nameOverride: policy-drools-pdp-cert-initializer
- aafDeployFqi: deployer@people.osaaf.org
- aafDeployPass: demo123456!
- fqdn: policy
- fqi: policy@policy.onap.org
- public_fqdn: policy.onap.org
- cadi_latitude: "0.0"
- cadi_longitude: "0.0"
- credsPath: /opt/app/osaaf/local
- app_ns: org.osaaf.aaf
- uid: 100
- gid: 101
- aaf_add_config: >
- echo "export KEYSTORE='{{ .Values.credsPath }}/org.onap.policy.p12'" >> {{ .Values.credsPath }}/.ci;
- echo "export KEYSTORE_PASSWD='${cadi_keystore_password_p12}'" >> {{ .Values.credsPath }}/.ci;
- echo "export CADI_KEYFILE='{{ .Values.credsPath }}/org.onap.policy.keyfile'" >> {{ .Values.credsPath }}/.ci;
- chown -R {{ .Values.uid }}:{{ .Values.gid }} $(dirname {{ .Values.credsPath }});
-
server:
jvmOpts: -server -XshowSettings:vm
-aaf:
- enabled: "false"
-
-keystore:
- password: Pol1cy_0nap
-
-truststore:
- password: Pol1cy_0nap
-
telemetry:
user: demo@people.osaaf.org
password: demo123456!
@@ -212,7 +181,7 @@ metrics:
enabled: true
port: policy-drools-pdp-9696
interval: 60s
- isHttps: true
+ isHttps: false
basicAuth:
enabled: true
externalSecretNameSuffix: policy-drools-pdp-telemetry-creds