diff options
author | Sylvain Desbureaux <sylvain.desbureaux@orange.com> | 2020-11-21 21:22:18 +0100 |
---|---|---|
committer | Sylvain Desbureaux <sylvain.desbureaux@orange.com> | 2020-11-24 16:50:10 +0000 |
commit | 93ed075394f96106433fec580fabb6a066ed10dd (patch) | |
tree | f32143cdd167f70290f6ce76521dbc34bf5abef4 /kubernetes/pomba/components | |
parent | 6adcaae69b01452140e20d6bf76c8cc5e17fd2c5 (diff) |
[POMBA] Uses new tpls for repos / images
This commit makes Pomba chart to use the new generator for repositories and
images.
As new templates doesn't work well with "sub charts", we move also
subcharts to components folder.
Issue-ID: OOM-2364
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: Ib94d70d7eb0af5835774719851046ada0af96202
Diffstat (limited to 'kubernetes/pomba/components')
150 files changed, 7421 insertions, 0 deletions
diff --git a/kubernetes/pomba/components/Makefile b/kubernetes/pomba/components/Makefile new file mode 100644 index 0000000000..bf267b7720 --- /dev/null +++ b/kubernetes/pomba/components/Makefile @@ -0,0 +1,51 @@ +# Copyright © 2020 Samsung Electronics +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST)))) +OUTPUT_DIR := $(ROOT_DIR)/../../dist +PACKAGE_DIR := $(OUTPUT_DIR)/packages +SECRET_DIR := $(OUTPUT_DIR)/secrets + +EXCLUDES := +HELM_BIN := helm +HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.)))) + +.PHONY: $(EXCLUDES) $(HELM_CHARTS) + +all: $(HELM_CHARTS) + +$(HELM_CHARTS): + @echo "\n[$@]" + @make package-$@ + +make-%: + @if [ -f $*/Makefile ]; then make -C $*; fi + +dep-%: make-% + @if [ -f $*/requirements.yaml ]; then $(HELM_BIN) dep up $*; fi + +lint-%: dep-% + @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) lint $*; fi + +package-%: lint-% + @mkdir -p $(PACKAGE_DIR) + @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) package -d $(PACKAGE_DIR) $*; fi + @$(HELM_BIN) repo index $(PACKAGE_DIR) + +clean: + @rm -f */requirements.lock + @rm -f *tgz */charts/*tgz + @rm -rf $(PACKAGE_DIR) +%: + @: diff --git a/kubernetes/pomba/components/pomba-aaictxbuilder/Chart.yaml b/kubernetes/pomba/components/pomba-aaictxbuilder/Chart.yaml new file mode 100644 index 0000000000..92f1596141 --- /dev/null +++ b/kubernetes/pomba/components/pomba-aaictxbuilder/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: ONAP POMBA AAI Context Builder +name: pomba-aaictxbuilder +version: 6.0.0 diff --git a/kubernetes/pomba/components/pomba-aaictxbuilder/requirements.yaml b/kubernetes/pomba/components/pomba-aaictxbuilder/requirements.yaml new file mode 100644 index 0000000000..fbe51550f0 --- /dev/null +++ b/kubernetes/pomba/components/pomba-aaictxbuilder/requirements.yaml @@ -0,0 +1,21 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~6.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~6.x-0 + repository: '@local' diff --git a/kubernetes/pomba/components/pomba-aaictxbuilder/resources/config/application.properties b/kubernetes/pomba/components/pomba-aaictxbuilder/resources/config/application.properties new file mode 100644 index 0000000000..fb27d9ce80 --- /dev/null +++ b/kubernetes/pomba/components/pomba-aaictxbuilder/resources/config/application.properties @@ -0,0 +1,51 @@ +{{/* +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License +*/}} + +spring.jersey.type=filter +spring.mvc.urls=swagger,docs,prometheus,auditevents,info,heapdump,autoconfig,beans,loggers,dump,env,trace,health,configprops,mappings,metrics,webjars + +server.contextPath=/aaicontextbuilder +spring.autoconfigure.exclude=org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration,org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration + +#This property is used to set the Tomcat connector attributes.developers can define multiple attributes separated by comma +#tomcat.connector.attributes=allowTrace-true +#The max number of active threads in this pool +server.tomcat.max-threads=200 +#The minimum number of threads always kept alive +server.tomcat.min-spare-threads=25 + +# AAI REST Client Configuration +aai.serviceName={{ .Values.config.aaiServiceName }}.{{.Release.Namespace}} +aai.servicePort={{ .Values.config.aaiPort }} +# AAI APIs authentication mode. Valid values: [basic_auth, client_cert] +aai.authentication=basic_auth +aai.trustStorePath=n/a +aai.keyStorePath=n/a +aai.keyStorePassword=n/a +aai.username={{ .Values.config.aaiUsername }} +aai.password={{ .Values.config.aaiPassword }} +aai.httpProtocol={{ .Values.config.aaiHttpProtocol }} +aai.connectionTimeout={{ .Values.config.aaiConnectionTimeout }} +aai.readTimeout={{ .Values.config.aaiReadTimeout }} + +# HTTP Basic Authorization credentials for Rest Service API +http.userId={{ .Values.config.httpUserId }} +http.password={{ .Values.config.httpPassword }} + +aai.searchNodeQuery=/aai/v13/nodes/service-instance/{0} + +#Servlet context parameters +server.context_parameters.p-name=value #context parameter with p-name as key and value as value. diff --git a/kubernetes/pomba/components/pomba-aaictxbuilder/resources/config/logback.xml b/kubernetes/pomba/components/pomba-aaictxbuilder/resources/config/logback.xml new file mode 100644 index 0000000000..0a4b616453 --- /dev/null +++ b/kubernetes/pomba/components/pomba-aaictxbuilder/resources/config/logback.xml @@ -0,0 +1,31 @@ +<configuration > + <property name="p_tim" value="%d{"yyyy-MM-dd'T'HH:mm:ss.SSSXXX", UTC}"/> + <property name="p_lvl" value="%level"/> + <property name="p_log" value="%logger"/> + <property name="p_mdc" value="%replace(%replace(%mdc){'\t','\\\\t'}){'\n', '\\\\n'}"/> + <property name="p_msg" value="%replace(%replace(%msg){'\t', '\\\\t'}){'\n','\\\\n'}"/> + <property name="p_exc" value="%replace(%replace(%rootException){'\t', '\\\\t'}){'\n','\\\\n'}"/> + <!-- tabs --> + <property name="p_mak" value="%replace(%replace(%marker){'\t', '\\\\t'}){'\n','\\\\n'}"/> + <property name="p_thr" value="%thread"/> + <property name="pattern" value="%nopexception${p_tim}\t${p_thr}\t${p_lvl}\t${p_log}\t${p_mdc}\t${p_msg}\t${p_exc}\t${p_mak}\t%n"/> + <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> + <encoder> + <pattern>${pattern}</pattern> + </encoder> + </appender> + <appender name="FILE" class="ch.qos.logback.core.FileAppender"> + <file>/opt/app/logs/EELF/output.log</file> + <encoder> + <pattern>${pattern}</pattern> + </encoder> + </appender> + <logger level="INFO" name="org.onap.logging.ref.slf4j" additivity="false"> + <appender-ref ref="STDOUT" /> + <appender-ref ref="FILE" /> + </logger> + <root level="info"> + <appender-ref ref="STDOUT" /> + <appender-ref ref="FILE" /> + </root> +</configuration> diff --git a/kubernetes/pomba/components/pomba-aaictxbuilder/templates/configmap.yaml b/kubernetes/pomba/components/pomba-aaictxbuilder/templates/configmap.yaml new file mode 100644 index 0000000000..d0e26326ce --- /dev/null +++ b/kubernetes/pomba/components/pomba-aaictxbuilder/templates/configmap.yaml @@ -0,0 +1,32 @@ +{{/* +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +*/}} + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-log + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/logback.xml").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-configmap + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/application.properties").AsConfig . | indent 2 }} diff --git a/kubernetes/pomba/components/pomba-aaictxbuilder/templates/deployment.yaml b/kubernetes/pomba/components/pomba-aaictxbuilder/templates/deployment.yaml new file mode 100644 index 0000000000..d657215315 --- /dev/null +++ b/kubernetes/pomba/components/pomba-aaictxbuilder/templates/deployment.yaml @@ -0,0 +1,120 @@ +{{/* +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ include "common.release" . }} + spec: + containers: + - name: {{ include "common.name" . }} + image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.internalPort }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{ if .Values.liveness.enabled }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end }} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + env: + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - name: {{ include "common.fullname" . }}-logs + mountPath: /opt/app/logs + readOnly: false + - mountPath: /opt/app/config/logback.xml + name: {{ include "common.fullname" . }}-log-conf + subPath: logback.xml + - name: {{ include "common.fullname" . }}-logs-eelf + mountPath: /opt/app/logs/EELF + readOnly: false + - mountPath: /opt/app/config/application.properties + name: {{ include "common.fullname" . }}-config + subPath: application.properties + readOnly: true + + + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + + # Filebeat sidecar container + - name: {{ include "common.name" . }}-filebeat-onap + image: {{ include "repositoryGenerator.image.logging" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - name: {{ include "common.fullname" . }}-filebeat-conf + mountPath: /usr/share/filebeat/filebeat.yml + subPath: filebeat.yml + - name: {{ include "common.fullname" . }}-data-filebeat + mountPath: /usr/share/filebeat/data + - name: {{ include "common.fullname" . }}-logs + mountPath: /opt/app/logs + + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: {{ include "common.fullname" . }}-config + configMap: + name: {{ include "common.fullname" . }}-configmap + - name: {{ include "common.fullname" . }}-log-conf + configMap: + name: {{ include "common.fullname" . }}-log + - name: {{ include "common.fullname" . }}-filebeat-conf + configMap: + name: {{ include "common.release" . }}-pomba-filebeat-configmap + - name: {{ include "common.fullname" . }}-data-filebeat + emptyDir: {} + - name: {{ include "common.fullname" . }}-logs + emptyDir: {} + - name: {{ include "common.fullname" . }}-logs-eelf + emptyDir: {} + + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/pomba/components/pomba-aaictxbuilder/templates/service.yaml b/kubernetes/pomba/components/pomba-aaictxbuilder/templates/service.yaml new file mode 100644 index 0000000000..2ebd6758a0 --- /dev/null +++ b/kubernetes/pomba/components/pomba-aaictxbuilder/templates/service.yaml @@ -0,0 +1,43 @@ +{{/* +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort }} + #Example internal target port if required + #targetPort: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName | default "http" }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName | default "http" }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ include "common.release" . }} diff --git a/kubernetes/pomba/components/pomba-aaictxbuilder/values.yaml b/kubernetes/pomba/components/pomba-aaictxbuilder/values.yaml new file mode 100644 index 0000000000..89cfd4d8d9 --- /dev/null +++ b/kubernetes/pomba/components/pomba-aaictxbuilder/values.yaml @@ -0,0 +1,125 @@ +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + +################################################################# +# Secrets metaconfig +################################################################# +secrets: + - uid: db-secret + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.db.credsExternalSecret) . }}' + login: '{{ .Values.db.user }}' + password: '{{ .Values.db.password }}' + passwordPolicy: required + - uid: pdp-http-creds + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.pdp.pdpCredsExternalSecret) . }}' + login: '{{ .Values.pdp.pdphttpuserid }}' + password: '{{ .Values.pdp.pdphttppassword }}' + passwordPolicy: required + - uid: pap-http-creds + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.pap.papCredsExternalSecret) . }}' + login: '{{ .Values.pap.pdppappdphttpuserid }}' + password: '{{ .Values.pap.pdppappdphttppassword }}' + passwordPolicy: required + +################################################################# +# Application configuration defaults. +################################################################# +# application image +image: onap/pomba-aai-context-builder:1.5.1 +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration +# Example: +config: + aaiServiceName: aai + aaiPort: 8443 + aaiUsername: AAI + aaiPassword: OBF:1gfr1ev31gg7 + aaiHttpProtocol: https + aaiConnectionTimeout: 60000 + aaiReadTimeout: 60000 + # HTTP Basic Authorization credentials for Rest Service API + httpUserId: admin + httpPassword: OBF:1u2a1toa1w8v1tok1u30 + + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 30 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 30 + periodSeconds: 10 + +#Example service definition with external, internal and node ports. +service: + # The default service name (exposed in the service.yaml) will be the same + # name as the chart. If the service name needs to be overriden (such as + # when a subchart is shared), uncomment the value below. + #name: <service-name-override> + + #Services may use any combination of ports depending on the 'type' of + #service being defined. + type: ClusterIP + externalPort: 9530 + internalPort: 8080 +# nodePort: <replace with unused node port suffix eg. 23> + # optional port name override - default can be defined in service.yaml + #portName: http + +ingress: + enabled: false + +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 1 + memory: 800Mi + requests: + cpu: 100m + memory: 400Mi + large: + limits: + cpu: 2 + memory: 1600Mi + requests: + cpu: 200m + memory: 800Mi + unlimited: {} diff --git a/kubernetes/pomba/components/pomba-contextaggregator/.helmignore b/kubernetes/pomba/components/pomba-contextaggregator/.helmignore new file mode 100755 index 0000000000..f0c1319444 --- /dev/null +++ b/kubernetes/pomba/components/pomba-contextaggregator/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/kubernetes/pomba/components/pomba-contextaggregator/Chart.yaml b/kubernetes/pomba/components/pomba-contextaggregator/Chart.yaml new file mode 100644 index 0000000000..10dfcd743a --- /dev/null +++ b/kubernetes/pomba/components/pomba-contextaggregator/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2018 Amdocs, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: ONAP POMBA Context Aggregator +name: pomba-contextaggregator +version: 6.0.0 diff --git a/kubernetes/pomba/components/pomba-contextaggregator/requirements.yaml b/kubernetes/pomba/components/pomba-contextaggregator/requirements.yaml new file mode 100644 index 0000000000..fbe51550f0 --- /dev/null +++ b/kubernetes/pomba/components/pomba-contextaggregator/requirements.yaml @@ -0,0 +1,21 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~6.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~6.x-0 + repository: '@local' diff --git a/kubernetes/pomba/components/pomba-contextaggregator/resources/config/application.properties b/kubernetes/pomba/components/pomba-contextaggregator/resources/config/application.properties new file mode 100755 index 0000000000..cddeeb3128 --- /dev/null +++ b/kubernetes/pomba/components/pomba-contextaggregator/resources/config/application.properties @@ -0,0 +1,55 @@ +{{/* +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} +server.port=9529 +server.ssl.key-store=/auth/tomcat_keystore +server.ssl.key-store-password=onapSecret +server.ssl.key-password=onapSecret + +builders.properties.path=config/builders/ + +# Transport Configuration +transport.consume.host=message-router +transport.consume.port=3904 +transport.consume.topic=POA-AUDIT-INIT +transport.consume.motsid=motsid@motsid.com +transport.consume.pass=1234 +transport.consume.consumergroup=audit1 +transport.consume.consumerid=audit1 +transport.consume.timeout=15000 +transport.consume.batchsize=8 +transport.consume.type=HTTPAUTH +transport.message-router.apiKey=apiKeyTemp123 +transport.message-router.apiSecret=apiSecretTemp123 +transport.message-router.requiredPombaTopics=POA-AUDIT-INIT,POA-AUDIT-RESULT,POA-RULE-VALIDATION + +transport.publish.host=message-router +transport.publish.port=3904 +transport.publish.topic=POA-RULE-VALIDATION +transport.publish.motsid=motsid@motsid.com +transport.publish.pass=1234 +transport.publish.batchsize=8 +transport.publish.maxage=1000 +transport.publish.delay=1000 +transport.publish.type=HTTPAUTH +transport.publish.partition=1 +transport.publish.retries=4 + +event.header.domain=onap +event.header.source-name=RO +event.header.event-type=POA-EVENT +event.header.entity-type=poa-entity +event.header.top-entity-type=poa-entity +event.header.topic-name=POA-RULE-VALIDATION diff --git a/kubernetes/pomba/components/pomba-contextaggregator/resources/config/builders/aai.properties b/kubernetes/pomba/components/pomba-contextaggregator/resources/config/builders/aai.properties new file mode 100755 index 0000000000..a7dfa1adb8 --- /dev/null +++ b/kubernetes/pomba/components/pomba-contextaggregator/resources/config/builders/aai.properties @@ -0,0 +1,30 @@ +{{/* +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +server.host={{ .Values.config.aaiCtxBuilderHost }} +basicauth.username={{ .Values.config.aaiCtxBuilderUsername }} +basicauth.password={{ .Values.config.aaiCtxBuilderPassword }} +server.port={{ .Values.config.ctxBuilderExternalPort }} +server.protocol=http +trust.store.path=/auth/tomcat_keystore +key.store.path=/auth/aai-client-cert.p12 +key.store.password=70c87528c88dcd9f9c2558d30e817868 +key.store.type=PKCS12 +key.manager.factory.algorithm=SunX509 +security.protocol=TLS +connection.timeout.ms=60000 +read.timeout.ms=60000 +base.uri=/aaicontextbuilder/v2/service/context diff --git a/kubernetes/pomba/components/pomba-contextaggregator/resources/config/builders/ndcb.properties b/kubernetes/pomba/components/pomba-contextaggregator/resources/config/builders/ndcb.properties new file mode 100644 index 0000000000..c8daafc6e8 --- /dev/null +++ b/kubernetes/pomba/components/pomba-contextaggregator/resources/config/builders/ndcb.properties @@ -0,0 +1,30 @@ +{{/* +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +server.host={{ .Values.global.networkdiscoveryCtxBuilderHost }} +basicauth.username={{ .Values.config.networkdiscoveryCtxBuilderUsername }} +basicauth.password={{ .Values.config.networkdiscoveryCtxBuilderPassword }} +server.port={{ .Values.config.ctxBuilderExternalPort }} +server.protocol=http +trust.store.path=/auth/tomcat_keystore +key.store.path=/auth/aai-client-cert.p12 +key.store.password=70c87528c88dcd9f9c2558d30e817868 +key.store.type=PKCS12 +key.manager.factory.algorithm=SunX509 +security.protocol=TLS +connection.timeout.ms=60000 +read.timeout.ms=60000 +base.uri=/ndcontextbuilder/service/context diff --git a/kubernetes/pomba/components/pomba-contextaggregator/resources/config/builders/sdc.properties b/kubernetes/pomba/components/pomba-contextaggregator/resources/config/builders/sdc.properties new file mode 100755 index 0000000000..7cf98b1ddd --- /dev/null +++ b/kubernetes/pomba/components/pomba-contextaggregator/resources/config/builders/sdc.properties @@ -0,0 +1,29 @@ +{{/* +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} +server.host={{ .Values.config.sdcCtxBuilderHost }} +basicauth.username={{ .Values.config.sdcCtxBuilderUsername }} +basicauth.password={{ .Values.config.sdcCtxBuilderPassword }} +server.port={{ .Values.config.ctxBuilderExternalPort }} +server.protocol=http +trust.store.path=/auth/tomcat_keystore +key.store.path=/auth/aai-client-cert.p12 +key.store.password=70c87528c88dcd9f9c2558d30e817868 +key.store.type=PKCS12 +key.manager.factory.algorithm=SunX509 +security.protocol=TLS +connection.timeout.ms=60000 +read.timeout.ms=60000 +base.uri=/sdccontextbuilder/v2/service/context diff --git a/kubernetes/pomba/components/pomba-contextaggregator/resources/config/builders/sdnc.properties b/kubernetes/pomba/components/pomba-contextaggregator/resources/config/builders/sdnc.properties new file mode 100644 index 0000000000..85c213e966 --- /dev/null +++ b/kubernetes/pomba/components/pomba-contextaggregator/resources/config/builders/sdnc.properties @@ -0,0 +1,29 @@ +{{/* +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} +server.host={{ .Values.config.sdncCtxBuilderHost }} +basicauth.username={{ .Values.config.sdncCtxBuilderUsername }} +basicauth.password={{ .Values.config.sdncCtxBuilderPassword }} +server.port={{ .Values.config.ctxBuilderExternalPort }} +server.protocol=http +trust.store.path=/auth/tomcat_keystore +key.store.path=/auth/aai-client-cert.p12 +key.store.password=70c87528c88dcd9f9c2558d30e817868 +key.store.type=PKCS12 +key.manager.factory.algorithm=SunX509 +security.protocol=TLS +connection.timeout.ms=60000 +read.timeout.ms=60000 +base.uri=/sdnccontextbuilder/v1/service/context diff --git a/kubernetes/pomba/components/pomba-contextaggregator/resources/config/logback.xml b/kubernetes/pomba/components/pomba-contextaggregator/resources/config/logback.xml new file mode 100644 index 0000000000..0a4b616453 --- /dev/null +++ b/kubernetes/pomba/components/pomba-contextaggregator/resources/config/logback.xml @@ -0,0 +1,31 @@ +<configuration > + <property name="p_tim" value="%d{"yyyy-MM-dd'T'HH:mm:ss.SSSXXX", UTC}"/> + <property name="p_lvl" value="%level"/> + <property name="p_log" value="%logger"/> + <property name="p_mdc" value="%replace(%replace(%mdc){'\t','\\\\t'}){'\n', '\\\\n'}"/> + <property name="p_msg" value="%replace(%replace(%msg){'\t', '\\\\t'}){'\n','\\\\n'}"/> + <property name="p_exc" value="%replace(%replace(%rootException){'\t', '\\\\t'}){'\n','\\\\n'}"/> + <!-- tabs --> + <property name="p_mak" value="%replace(%replace(%marker){'\t', '\\\\t'}){'\n','\\\\n'}"/> + <property name="p_thr" value="%thread"/> + <property name="pattern" value="%nopexception${p_tim}\t${p_thr}\t${p_lvl}\t${p_log}\t${p_mdc}\t${p_msg}\t${p_exc}\t${p_mak}\t%n"/> + <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> + <encoder> + <pattern>${pattern}</pattern> + </encoder> + </appender> + <appender name="FILE" class="ch.qos.logback.core.FileAppender"> + <file>/opt/app/logs/EELF/output.log</file> + <encoder> + <pattern>${pattern}</pattern> + </encoder> + </appender> + <logger level="INFO" name="org.onap.logging.ref.slf4j" additivity="false"> + <appender-ref ref="STDOUT" /> + <appender-ref ref="FILE" /> + </logger> + <root level="info"> + <appender-ref ref="STDOUT" /> + <appender-ref ref="FILE" /> + </root> +</configuration> diff --git a/kubernetes/pomba/components/pomba-contextaggregator/templates/configmap.yaml b/kubernetes/pomba/components/pomba-contextaggregator/templates/configmap.yaml new file mode 100755 index 0000000000..0af3832c49 --- /dev/null +++ b/kubernetes/pomba/components/pomba-contextaggregator/templates/configmap.yaml @@ -0,0 +1,39 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-configmap + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/application.properties").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-configmap-builders + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/builders/*").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-log + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/logback.xml").AsConfig . | indent 2 }} diff --git a/kubernetes/pomba/components/pomba-contextaggregator/templates/deployment.yaml b/kubernetes/pomba/components/pomba-contextaggregator/templates/deployment.yaml new file mode 100755 index 0000000000..a8cab88b6a --- /dev/null +++ b/kubernetes/pomba/components/pomba-contextaggregator/templates/deployment.yaml @@ -0,0 +1,140 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ include "common.release" . }} + spec: + initContainers: + - command: + - /app/ready.py + args: + - --container-name + - message-router + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: {{ include "repositoryGenerator.image.readiness" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness + containers: + - name: {{ include "common.name" . }} + image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.internalPort }} + {{- if .Values.liveness.enabled }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{- end }} + {{- if .Values.readiness.enabled }} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + {{- end }} + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /opt/app/config/application.properties + name: {{ include "common.fullname" . }}-config + subPath: application.properties + readOnly: true + - mountPath: /opt/app/config/builders + name: {{ include "common.fullname" . }}-config-builders + readOnly: true + - name: {{ include "common.fullname" . }}-logs + mountPath: /opt/app/logs + readOnly: false + - mountPath: /opt/app/config/logback.xml + name: {{ include "common.fullname" . }}-log-conf + subPath: logback.xml + - name: {{ include "common.fullname" . }}-logs-eelf + mountPath: /opt/app/logs/EELF + readOnly: false + + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{- toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{- toYaml .Values.affinity | indent 10 }} + {{- end }} + + # Filebeat sidecar container + - name: {{ include "common.name" . }}-filebeat-onap + image: {{ include "repositoryGenerator.image.logging" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - name: {{ include "common.fullname" . }}-filebeat-conf + mountPath: /usr/share/filebeat/filebeat.yml + subPath: filebeat.yml + - name: {{ include "common.fullname" . }}-data-filebeat + mountPath: /usr/share/filebeat/data + - name: {{ include "common.fullname" . }}-logs + mountPath: /opt/app/logs + + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: {{ include "common.fullname" . }}-config + configMap: + name: {{ include "common.fullname" . }}-configmap + - name: {{ include "common.fullname" . }}-config-builders + configMap: + name: {{ include "common.fullname" . }}-configmap-builders + - name: {{ include "common.fullname" . }}-filebeat-conf + configMap: + name: {{ include "common.release" . }}-pomba-filebeat-configmap + - name: {{ include "common.fullname" . }}-data-filebeat + emptyDir: {} + - name: {{ include "common.fullname" . }}-logs + emptyDir: {} + - name: {{ include "common.fullname" . }}-log-conf + configMap: + name: {{ include "common.fullname" . }}-log + - name: {{ include "common.fullname" . }}-logs-eelf + emptyDir: {} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/pomba/components/pomba-contextaggregator/templates/service.yaml b/kubernetes/pomba/components/pomba-contextaggregator/templates/service.yaml new file mode 100644 index 0000000000..2ebd6758a0 --- /dev/null +++ b/kubernetes/pomba/components/pomba-contextaggregator/templates/service.yaml @@ -0,0 +1,43 @@ +{{/* +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort }} + #Example internal target port if required + #targetPort: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName | default "http" }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName | default "http" }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ include "common.release" . }} diff --git a/kubernetes/pomba/components/pomba-contextaggregator/values.yaml b/kubernetes/pomba/components/pomba-contextaggregator/values.yaml new file mode 100755 index 0000000000..6745f00b41 --- /dev/null +++ b/kubernetes/pomba/components/pomba-contextaggregator/values.yaml @@ -0,0 +1,103 @@ +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + +################################################################# +# Application configuration defaults. +################################################################# +# application image +image: onap/pomba-context-aggregator:1.5.1 +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration +config: + aaiCtxBuilderHost: pomba-aaictxbuilder + aaiCtxBuilderUsername: admin + aaiCtxBuilderPassword: OBF:1u2a1toa1w8v1tok1u30 + sdcCtxBuilderHost: pomba-sdcctxbuilder + sdcCtxBuilderUsername: admin + sdcCtxBuilderPassword: OBF:1u2a1toa1w8v1tok1u30 + sdncCtxBuilderHost: pomba-sdncctxbuilder + sdncCtxBuilderUsername: admin + sdncCtxBuilderPassword: OBF:1u2a1toa1w8v1tok1u30 + networkdiscoveryCtxBuilderUsername: admin + networkdiscoveryCtxBuilderPassword: OBF:1u2a1toa1w8v1tok1u30 + ctxBuilderExternalPort: 9530 + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 30 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 30 + periodSeconds: 10 + enabled: false + +#Example service definition with external, internal and node ports. +service: + # The default service name (exposed in the service.yaml) will be the same + # name as the chart. If the service name needs to be overriden (such as + # when a subchart is shared), uncomment the value below. + #name: <service-name-override> + + #Services may use any combination of ports depending on the 'type' of + #service being defined. + type: ClusterIP + externalPort: 9529 + internalPort: 9529 + #nodePort: <replace with unused node port suffix eg. 23> + # optional port name override - default can be defined in service.yaml + #portName: http + +ingress: + enabled: false + +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 1 + memory: 800Mi + requests: + cpu: 10m + memory: 400Mi + large: + limits: + cpu: 2 + memory: 1600Mi + requests: + cpu: 20m + memory: 800Mi + unlimited: {} diff --git a/kubernetes/pomba/components/pomba-data-router/.helmignore b/kubernetes/pomba/components/pomba-data-router/.helmignore new file mode 100644 index 0000000000..f0c1319444 --- /dev/null +++ b/kubernetes/pomba/components/pomba-data-router/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/kubernetes/pomba/components/pomba-data-router/Chart.yaml b/kubernetes/pomba/components/pomba-data-router/Chart.yaml new file mode 100644 index 0000000000..ce2fbacfa6 --- /dev/null +++ b/kubernetes/pomba/components/pomba-data-router/Chart.yaml @@ -0,0 +1,17 @@ +# Copyright © 2018 +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: v1 +description: ONAP POMBA Data-Router +name: pomba-data-router +version: 6.0.0 diff --git a/kubernetes/pomba/components/pomba-data-router/requirements.yaml b/kubernetes/pomba/components/pomba-data-router/requirements.yaml new file mode 100644 index 0000000000..fbe51550f0 --- /dev/null +++ b/kubernetes/pomba/components/pomba-data-router/requirements.yaml @@ -0,0 +1,21 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~6.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~6.x-0 + repository: '@local' diff --git a/kubernetes/pomba/components/pomba-data-router/resources/config/auth/client-cert-onap.p12 b/kubernetes/pomba/components/pomba-data-router/resources/config/auth/client-cert-onap.p12 Binary files differnew file mode 100644 index 0000000000..dbf4fcacec --- /dev/null +++ b/kubernetes/pomba/components/pomba-data-router/resources/config/auth/client-cert-onap.p12 diff --git a/kubernetes/pomba/components/pomba-data-router/resources/config/auth/data-router_policy.json b/kubernetes/pomba/components/pomba-data-router/resources/config/auth/data-router_policy.json new file mode 100644 index 0000000000..18659a5d4d --- /dev/null +++ b/kubernetes/pomba/components/pomba-data-router/resources/config/auth/data-router_policy.json @@ -0,0 +1,18 @@ +{ + "roles": [ + { + "name": "admin", + "functions": [ + { + "name": "search", "methods": [ { "name": "GET" },{ "name": "DELETE" }, { "name": "PUT" }, { "name": "POST" } ] + } + ], + + "users": [ + { + "username": "CN=ONAP, OU=ONAP, O=ONAP, L=Ottawa, ST=Ontario, C=CA" + } + ] + } + ] +} diff --git a/kubernetes/pomba/components/pomba-data-router/resources/config/auth/tomcat_keystore b/kubernetes/pomba/components/pomba-data-router/resources/config/auth/tomcat_keystore Binary files differnew file mode 100644 index 0000000000..9eec841aa2 --- /dev/null +++ b/kubernetes/pomba/components/pomba-data-router/resources/config/auth/tomcat_keystore diff --git a/kubernetes/pomba/components/pomba-data-router/resources/config/data-router.properties b/kubernetes/pomba/components/pomba-data-router/resources/config/data-router.properties new file mode 100644 index 0000000000..e69de29bb2 --- /dev/null +++ b/kubernetes/pomba/components/pomba-data-router/resources/config/data-router.properties diff --git a/kubernetes/pomba/components/pomba-data-router/resources/config/schemaIngest.properties b/kubernetes/pomba/components/pomba-data-router/resources/config/schemaIngest.properties new file mode 100644 index 0000000000..ca9c4e557f --- /dev/null +++ b/kubernetes/pomba/components/pomba-data-router/resources/config/schemaIngest.properties @@ -0,0 +1,26 @@ +{{/* +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + + +# Properties for the SchemaLocationsBean +# The AAI Schema jar will be unpacked to bundleconfig/etc +schemaConfig=NA +# OXM files named aai_oxm_v*.xml are unpacked here: +nodeDir=/opt/app/data-router/bundleconfig/etc/oxm +# DB Edge Rules are unpacked here: +edgeDir= +# DB Edge Property files are copied here: +edgePropsDir= diff --git a/kubernetes/pomba/components/pomba-data-router/resources/dynamic/conf/audit-bean.xml b/kubernetes/pomba/components/pomba-data-router/resources/dynamic/conf/audit-bean.xml new file mode 100644 index 0000000000..3f22a8b701 --- /dev/null +++ b/kubernetes/pomba/components/pomba-data-router/resources/dynamic/conf/audit-bean.xml @@ -0,0 +1,23 @@ +<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="
+ http://www.springframework.org/schema/beans
+ http://www.springframework.org/schema/beans/spring-beans.xsd">
+
+
+ <bean id="eventPublisher" class="org.onap.aai.event.client.DMaaPEventPublisher" >
+ <constructor-arg name="host" value="message-router.{{.Release.Namespace}}:3904" />
+ <constructor-arg name="topic" value="POA-AUDIT-INIT" />
+ <constructor-arg name="username" value="" />
+ <constructor-arg name="password" value="" />
+ <constructor-arg name="maxBatchSize" value="100" />
+ <constructor-arg name="maxAgeMs" value="250" />
+ <constructor-arg name="delayBetweenBatchesMs" value="50" />
+ <constructor-arg name="transportType" value="HTTPAUTH" />
+ </bean>
+
+ <bean id="auditService" class="org.onap.aai.datarouter.service.AuditService" >
+ <constructor-arg ref="eventPublisher" />
+ </bean>
+
+</beans>
diff --git a/kubernetes/pomba/components/pomba-data-router/resources/dynamic/conf/poa-validation-bean.xml b/kubernetes/pomba/components/pomba-data-router/resources/dynamic/conf/poa-validation-bean.xml new file mode 100644 index 0000000000..c5c8d615e4 --- /dev/null +++ b/kubernetes/pomba/components/pomba-data-router/resources/dynamic/conf/poa-validation-bean.xml @@ -0,0 +1,29 @@ +<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="
+ http://www.springframework.org/schema/beans
+ http://www.springframework.org/schema/beans/spring-beans.xsd">
+
+ <bean id="poaPolicy" class="org.onap.aai.datarouter.policy.ServiceIntegrityValidationPolicy" init-method="startup" >
+ <constructor-arg name="searchCertPath" value="client-cert-onap.p12" />
+ <constructor-arg name="searchCertPassword" value="OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10" />
+ <constructor-arg name="searchCertTruststore" value="tomcat_keystore" />
+ <constructor-arg name="searchBaseURL" value="https://pomba-search-data.{{.Release.Namespace}}:9509" />
+ <constructor-arg name="endpoint" value="services/search-data-service/v1/search/indexes/" />
+ <constructor-arg name="validationIndexName" value="service-validations" />
+ <constructor-arg name="violationIndexName" value="service-violations" />
+ </bean>
+
+ <bean id="consumerBean" class="org.onap.aai.event.client.DMaaPEventConsumer" >
+ <constructor-arg name="host" value="message-router.{{.Release.Namespace}}:3904" />
+ <constructor-arg name="topic" value="POA-AUDIT-RESULT" />
+ <constructor-arg name="username" value="OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10" />
+ <constructor-arg name="password" value="OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10" />
+ <constructor-arg name="consumerGroup" value="poaConsumer" />
+ <constructor-arg name="consumerId" value="poaConsumer" />
+ <constructor-arg name="timeoutMs" value="15000" />
+ <constructor-arg name="messageLimit" value="1000" />
+ <constructor-arg name="transportType" value="HTTPAUTH" />
+ </bean>
+
+</beans>
diff --git a/kubernetes/pomba/components/pomba-data-router/resources/dynamic/routes/audit.route b/kubernetes/pomba/components/pomba-data-router/resources/dynamic/routes/audit.route new file mode 100644 index 0000000000..db631a84fe --- /dev/null +++ b/kubernetes/pomba/components/pomba-data-router/resources/dynamic/routes/audit.route @@ -0,0 +1,5 @@ +<route xmlns="http://camel.apache.org/schema/spring" trace="true">
+ <from uri="servlet:///data-router/v1/orchestration-event-service/?matchOnUriPrefix=true" />
+ <to uri="cxfbean:auditService" />
+</route>
+
diff --git a/kubernetes/pomba/components/pomba-data-router/resources/dynamic/routes/poaValidation.route b/kubernetes/pomba/components/pomba-data-router/resources/dynamic/routes/poaValidation.route new file mode 100644 index 0000000000..655d436c9d --- /dev/null +++ b/kubernetes/pomba/components/pomba-data-router/resources/dynamic/routes/poaValidation.route @@ -0,0 +1,4 @@ +<route xmlns="http://camel.apache.org/schema/spring" trace="true">
+ <from uri="event-bus:mybus/?eventTopic=POA-AUDIT-RESULT&consumer=#consumerBean" />
+ <to uri="bean:poaPolicy?method=process"/>
+</route>
diff --git a/kubernetes/pomba/components/pomba-data-router/templates/configmap.yaml b/kubernetes/pomba/components/pomba-data-router/templates/configmap.yaml new file mode 100644 index 0000000000..97b9e8389a --- /dev/null +++ b/kubernetes/pomba/components/pomba-data-router/templates/configmap.yaml @@ -0,0 +1,34 @@ +{{/* +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-prop + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-dynamic + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/dynamic/routes/audit.route").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/dynamic/conf/audit-bean.xml").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/dynamic/routes/poaValidation.route").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/dynamic/conf/poa-validation-bean.xml").AsConfig . | indent 2 }} diff --git a/kubernetes/pomba/components/pomba-data-router/templates/deployment.yaml b/kubernetes/pomba/components/pomba-data-router/templates/deployment.yaml new file mode 100644 index 0000000000..7b080ea6c7 --- /dev/null +++ b/kubernetes/pomba/components/pomba-data-router/templates/deployment.yaml @@ -0,0 +1,177 @@ +{{/* +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + selector: + matchLabels: + app: {{ include "common.name" . }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ include "common.release" . }} + name: {{ include "common.name" . }} + spec: + initContainers: + - command: + - /app/ready.py + args: + - --container-name + - pomba-search-data + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: {{ include "repositoryGenerator.image.readiness" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness + - command: + - /bin/sh + - -c + - | + mkdir -p /logroot/data-router/logs + chmod -R 777 /logroot/data-router/logs + chown -R root:root /logroot + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + securityContext: + privileged: true + image: {{ include "repositoryGenerator.image.busybox" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: init-sysctl + volumeMounts: + - name: {{ include "common.fullname" . }}-logs + mountPath: /logroot/ + containers: + - name: {{ include "common.name" . }} + image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + env: + - name: SERVICE_BEANS + value: /opt/app/data-router/dynamic/conf + - name: CONFIG_HOME + value: /opt/app/data-router/config/ + - name: KEY_STORE_PASSWORD + value: {{ .Values.config.keyStorePassword }} + - name: DYNAMIC_ROUTES + value: /opt/app/data-router/dynamic/routes + - name: KEY_MANAGER_PASSWORD + value: {{ .Values.config.keyManagerPassword }} + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /opt/app/data-router/config/auth + name: {{ include "common.fullname" . }}-auth + - mountPath: /opt/app/data-router/config/data-router.properties + subPath: data-router.properties + name: {{ include "common.fullname" . }}-properties + - mountPath: /opt/app/data-router/config/schemaIngest.properties + subPath: schemaIngest.properties + name: {{ include "common.fullname" . }}-properties + - mountPath: /opt/app/data-router/dynamic/routes/audit.route + subPath: audit.route + name: {{ include "common.fullname" . }}-dynamic-route + - mountPath: /opt/app/data-router/dynamic/routes/poaValidation.route + subPath: poaValidation.route + name: {{ include "common.fullname" . }}-dynamic-route + - mountPath: /opt/app/data-router/dynamic/conf/audit-bean.xml + subPath: audit-bean.xml + name: {{ include "common.fullname" . }}-dynamic-policy + - mountPath: /opt/app/data-router/dynamic/conf/poa-validation-bean.xml + subPath: poa-validation-bean.xml + name: {{ include "common.fullname" . }}-dynamic-policy + - mountPath: /logs/ + name: {{ include "common.fullname" . }}-logs + resources: +{{ include "common.resources" . | indent 10 }} + ports: + - containerPort: {{ .Values.service.internalPort }} + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + + # Filebeat sidecar container + - name: {{ include "common.name" . }}-filebeat-onap + image: {{ include "repositoryGenerator.image.logging" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - name: {{ include "common.fullname" . }}-filebeat-conf + mountPath: /usr/share/filebeat/filebeat.yml + subPath: filebeat.yml + - name: {{ include "common.fullname" . }}-data-filebeat + mountPath: /usr/share/filebeat/data + - name: {{ include "common.fullname" . }}-logs + mountPath: /opt/app/logs + + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: {{ include "common.fullname" . }}-auth + secret: + secretName: {{ include "common.fullname" . }} + - name: {{ include "common.fullname" . }}-properties + configMap: + name: {{ include "common.fullname" . }}-prop + items: + - key: data-router.properties + path: data-router.properties + - key: schemaIngest.properties + path: schemaIngest.properties + - name: {{ include "common.fullname" . }}-filebeat-conf + configMap: + name: {{ include "common.release" . }}-pomba-filebeat-configmap + - name: {{ include "common.fullname" . }}-data-filebeat + emptyDir: {} + - name: {{ include "common.fullname" . }}-dynamic-route + configMap: + name: {{ include "common.fullname" . }}-dynamic + - name: {{ include "common.fullname" . }}-dynamic-policy + configMap: + name: {{ include "common.fullname" . }}-dynamic + - name: {{ include "common.fullname" . }}-logs + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }} + restartPolicy: {{ .Values.global.restartPolicy | default .Values.restartPolicy }} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/pomba/components/pomba-data-router/templates/ingress.yaml b/kubernetes/pomba/components/pomba-data-router/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/pomba/components/pomba-data-router/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/pomba/components/pomba-data-router/templates/pv.yaml b/kubernetes/pomba/components/pomba-data-router/templates/pv.yaml new file mode 100644 index 0000000000..bab5f83d85 --- /dev/null +++ b/kubernetes/pomba/components/pomba-data-router/templates/pv.yaml @@ -0,0 +1,40 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if eq "True" (include "common.needPV" .) -}} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ include "common.release" . }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} +spec: + capacity: + storage: {{ .Values.persistence.size}} + accessModes: + - {{ .Values.persistence.accessMode }} + storageClassName: "{{ include "common.fullname" . }}-data" + persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ include "common.release" . }}/{{ .Values.persistence.mountSubPath }} +{{- end -}} +{{- end -}} diff --git a/kubernetes/pomba/components/pomba-data-router/templates/pvc.yaml b/kubernetes/pomba/components/pomba-data-router/templates/pvc.yaml new file mode 100644 index 0000000000..64d5d3d46a --- /dev/null +++ b/kubernetes/pomba/components/pomba-data-router/templates/pvc.yaml @@ -0,0 +1,40 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ include "common.release" . }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + accessModes: + - {{ .Values.persistence.accessMode }} + storageClassName: {{ include "common.storageClass" . }} + resources: + requests: + storage: {{ .Values.persistence.size }} +{{- end -}} diff --git a/kubernetes/pomba/components/pomba-data-router/templates/secret.yaml b/kubernetes/pomba/components/pomba-data-router/templates/secret.yaml new file mode 100644 index 0000000000..e655997a19 --- /dev/null +++ b/kubernetes/pomba/components/pomba-data-router/templates/secret.yaml @@ -0,0 +1,24 @@ +{{/* +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} +type: Opaque +data: +{{ tpl (.Files.Glob "resources/config/auth/*").AsSecrets . | indent 2 }} diff --git a/kubernetes/pomba/components/pomba-data-router/templates/service.yaml b/kubernetes/pomba/components/pomba-data-router/templates/service.yaml new file mode 100644 index 0000000000..decee40960 --- /dev/null +++ b/kubernetes/pomba/components/pomba-data-router/templates/service.yaml @@ -0,0 +1,42 @@ +{{/* +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.service.name }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} + annotations: +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.name }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.name }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ include "common.release" . }} diff --git a/kubernetes/pomba/components/pomba-data-router/values.yaml b/kubernetes/pomba/components/pomba-data-router/values.yaml new file mode 100644 index 0000000000..aed767c9e2 --- /dev/null +++ b/kubernetes/pomba/components/pomba-data-router/values.yaml @@ -0,0 +1,117 @@ +# Copyright © 2018 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +# Default values for data-router. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + + +# Global configuration defaults +global: + nodePortPrefix: 302 + persistence: {} + +# application image +image: onap/data-router:1.3.3 +pullPolicy: Always +restartPolicy: Always + +# BusyBox image +busyboxRepository: docker.io +busyboxImage: library/busybox:latest + + +# application configuration +config: + keyStorePassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 + keyManagerPassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 + + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 60 + periodSeconds: 30 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 60 + periodSeconds: 30 + +service: + name: pomba-data-router + type: NodePort + externalPort: 9502 + internalPort: 9502 + nodePort: 49 + +ingress: + enabled: false + service: + - baseaddr: "pombadatarouter" + name: "pomba-data-router" + port: 9502 + config: + ssl: "none" + +persistence: + enabled: true + + ## A manually managed Persistent Volume and Claim + ## Requires persistence.enabled: true + ## If defined, PVC must be created manually before volume will be bound + # existingClaim: + volumeReclaimPolicy: Retain + + ## database data Persistent Volume Storage Class + ## If defined, storageClassName: <storageClass> + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is + ## set, choosing the default provisioner. (gp2 on AWS, standard on + ## GKE, AWS & OpenStack) + ## + ## storageClass: "-" + accessMode: ReadWriteOnce + size: 2Gi + mountPath: /dockerdata-nfs + mountSubPath: pomba/data-router/logs + +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 1 + memory: 1400Mi + requests: + cpu: 100m + memory: 700Mi + large: + limits: + cpu: 2 + memory: 2800Mi + requests: + cpu: 200m + memory: 1400Mi + unlimited: {} diff --git a/kubernetes/pomba/components/pomba-elasticsearch/Chart.yaml b/kubernetes/pomba/components/pomba-elasticsearch/Chart.yaml new file mode 100644 index 0000000000..70efb7e2b4 --- /dev/null +++ b/kubernetes/pomba/components/pomba-elasticsearch/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: ONAP POMBA Elasticsearch +name: pomba-elasticsearch +version: 6.0.0 diff --git a/kubernetes/pomba/components/pomba-elasticsearch/requirements.yaml b/kubernetes/pomba/components/pomba-elasticsearch/requirements.yaml new file mode 100644 index 0000000000..fbe51550f0 --- /dev/null +++ b/kubernetes/pomba/components/pomba-elasticsearch/requirements.yaml @@ -0,0 +1,21 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~6.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~6.x-0 + repository: '@local' diff --git a/kubernetes/pomba/components/pomba-elasticsearch/resources/config/elasticsearch.yml b/kubernetes/pomba/components/pomba-elasticsearch/resources/config/elasticsearch.yml new file mode 100644 index 0000000000..2ffa686ba5 --- /dev/null +++ b/kubernetes/pomba/components/pomba-elasticsearch/resources/config/elasticsearch.yml @@ -0,0 +1,134 @@ +# ======================== Elasticsearch Configuration ========================= +# +# NOTE: Elasticsearch comes with reasonable defaults for most settings. +# Before you set out to tweak and tune the configuration, make sure you +# understand what are you trying to accomplish and the consequences. +# +# The primary way of configuring a node is via this file. This template lists +# the most important settings you may want to configure for a production cluster. +# +# Please consult the documentation for further information on configuration options: +# https://www.elastic.co/guide/en/elasticsearch/reference/index.html +# +# ---------------------------------- Cluster ----------------------------------- +# +# Name of the Elasticsearch cluster. +# A node can only join a cluster when it shares its cluster.name with all the other nodes in the cluster. +# The default name is elasticsearch, but you should change it to an appropriate name which describes the +# purpose of the cluster. +# +cluster.name: POMBA_ES +# +# The port that other nodes in the cluster should use when communicating with this node. +# Required for Elasticsearch's nodes running on different cluster nodes. +# More : https://www.elastic.co/guide/en/elasticsearch/reference/current/modules-transport.html +#transport.publish_port:$transport.publish_port +# +# The host address to publish for nodes in the cluster to connect to. +# Required for Elasticsearch's nodes running on different cluster nodes. +# More : https://www.elastic.co/guide/en/elasticsearch/reference/current/modules-transport.html +#transport.publish_host:$transport.publish_host +# +# ------------------------------------ Node ------------------------------------ +# +# It is better to provide different meaningfull names fot different elastic nodes. +# By default, Elasticsearch will take the 7 first character of the randomly generated uuid used as the node id. +# Note that the node id is persisted and does not change when a node restarts +# +#node.name: $node.name +# +# Add custom attributes to the node: +# +#node.attr.rack: r1 +# +# ----------------------------------- Paths ------------------------------------ +# +# The location of the data files of each index / shard allocated on the node. Can hold multiple locations separated by coma. +# In production, we should not keep this default to "/elasticsearch/data", as on upgrading Elasticsearch, directory structure +# may change & can deal to data loss. +path.data: /usr/share/elasticsearch/data +# +# Elasticsearch's log files location. In production, we should not keep this default to "/elasticsearch/logs", +# as on upgrading Elasticsearch, directory structure may change. +path.logs: /usr/share/elasticsearch/logs +# +# ----------------------------------- Memory ----------------------------------- +# +# It is vitally important to the health of your node that none of the JVM is ever swapped out to disk. +# Lock the memory on startup. +# +bootstrap.memory_lock: false +# +# Make sure that the heap size is set to about half the memory available +# on the system and that the owner of the process is allowed to use this +# limit. +# +# Elasticsearch performs poorly when the system is swapping the memory. +# +# ---------------------------------- Network ----------------------------------- +# +# Set the bind address to a specific IP (IPv4 or IPv6): +# In order to communicate and to form a cluster with nodes on other servers, your node will need to bind to a +# non-loopback address. +network.host: 0.0.0.0 +# +# Set a custom port for HTTP: If required, default is 9200-9300 +# +#http.port: $http.port +# +# For more information, consult the network module documentation. +# +# --------------------------------- Discovery ---------------------------------- +# +# Pass an initial list of hosts to perform discovery when new node is started +# To form a cluster with nodes on other servers, you have to provide a seed list of other nodes in the cluster +# that are likely to be live and contactable. +# By default, Elasticsearch will bind to the available loopback addresses and will scan ports 9300 to 9305 to try +# to connect to other nodes running on the same server. +# +#$discovery.zen.ping.unicast.hosts +# +# This setting tells Elasticsearch to not elect a master unless there are enough master-eligible nodes +# available. Only then will an election take place. +# Prevent the "split brain" by configuring the majority of nodes (total number of master-eligible nodes / 2 + 1): +discovery.zen.minimum_master_nodes: 1 +# +# For more information, consult the zen discovery module documentation. +# +# ---------------------------------- Gateway ----------------------------------- +# +# Block initial recovery after a full cluster restart until N nodes are started: +# +#gateway.recover_after_nodes: 3 +# +# For more information, consult the gateway module documentation. +# +# ---------------------------------- Various ----------------------------------- +# +# Require explicit names when deleting indices: +# +#action.destructive_requires_name: true +# Set a custom port for HTTP: If required, default is 9200-9300 +# This is used for REST APIs +http.port: {{.Values.service.externalPort}} +# Port to bind for communication between nodes. Accepts a single value or a range. +# If a range is specified, the node will bind to the first available port in the range. +# Defaults to 9300-9400. +# More info: +transport.tcp.port: {{.Values.service.externalPort2}} + +xpack.graph.enabled: false +#Set to false to disable X-Pack graph features. + +xpack.ml.enabled: false +#Set to false to disable X-Pack machine learning features. + +xpack.monitoring.enabled: false +#Set to false to disable X-Pack monitoring features. + +xpack.security.enabled: false +#Set to false to disable X-Pack security features. + +xpack.watcher.enabled: false +#Set to false to disable Watcher. + diff --git a/kubernetes/pomba/components/pomba-elasticsearch/templates/configmap.yaml b/kubernetes/pomba/components/pomba-elasticsearch/templates/configmap.yaml new file mode 100644 index 0000000000..8ca06753fd --- /dev/null +++ b/kubernetes/pomba/components/pomba-elasticsearch/templates/configmap.yaml @@ -0,0 +1,23 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-configmap + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
\ No newline at end of file diff --git a/kubernetes/pomba/components/pomba-elasticsearch/templates/deployment.yaml b/kubernetes/pomba/components/pomba-elasticsearch/templates/deployment.yaml new file mode 100644 index 0000000000..578a5cd723 --- /dev/null +++ b/kubernetes/pomba/components/pomba-elasticsearch/templates/deployment.yaml @@ -0,0 +1,127 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ include "common.release" . }} + spec: + initContainers: + - command: + - /bin/sh + - -c + - | + sysctl -w vm.max_map_count=262144 + mkdir -p /logroot/elasticsearch/logs + mkdir -p /logroot/elasticsearch/data + chmod -R 777 /logroot/elasticsearch + chown -R root:root /logroot + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + securityContext: + privileged: true + image: {{ include "repositoryGenerator.image.busybox" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: init-sysctl + volumeMounts: + - name: {{ include "common.fullname" . }}-logs + mountPath: /logroot/ + containers: + - name: {{ include "common.name" . }} + image: {{ include "repositoryGenerator.elasticRepository" . }}/{{ .Values.image }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.name }} + - containerPort: {{ .Values.service.internalPort2 }} + name: {{ .Values.service.name2 }} +# disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort2 }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + env: + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /usr/share/elasticsearch/config/elasticsearch.yml + name: {{ include "common.fullname" . }}-config + subPath: elasticsearch.yml + - mountPath: /usr/share/elasticsearch/data/ + name: {{ include "common.fullname" . }}-data + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: {{ include "common.fullname" . }}-config + configMap: + name: {{ include "common.fullname" . }}-configmap + items: + - key: elasticsearch.yml + path: elasticsearch.yml + - name: {{ include "common.fullname" . }}-data + {{- if .Values.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }} + {{- else }} + emptyDir: {} + {{- end }} + - name: {{ include "common.fullname" . }}-logs + {{- if .Values.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }}-logs + {{- else }} + emptyDir: {} + {{- end }} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/pomba/components/pomba-elasticsearch/templates/pv-data.yaml b/kubernetes/pomba/components/pomba-elasticsearch/templates/pv-data.yaml new file mode 100644 index 0000000000..18994300db --- /dev/null +++ b/kubernetes/pomba/components/pomba-elasticsearch/templates/pv-data.yaml @@ -0,0 +1,40 @@ +{{/* +# Copyright © 2019 Amdocs, Orange +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if eq "True" (include "common.needPV" .) -}} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ include "common.release" . }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} +spec: + capacity: + storage: {{ .Values.persistence.size}} + accessModes: + - {{ .Values.persistence.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" . }}-data" + hostPath: + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ include "common.release" . }}/{{ .Values.persistence.mountSubPath }} +{{- end -}} +{{- end -}} diff --git a/kubernetes/pomba/components/pomba-elasticsearch/templates/pv-logs.yaml b/kubernetes/pomba/components/pomba-elasticsearch/templates/pv-logs.yaml new file mode 100644 index 0000000000..705ea83984 --- /dev/null +++ b/kubernetes/pomba/components/pomba-elasticsearch/templates/pv-logs.yaml @@ -0,0 +1,40 @@ +{{/* +# Copyright © 2019 Amdocs, Orange +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if eq "True" (include "common.needPV" .) -}} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }}-logs + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ include "common.release" . }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }}-logs +spec: + capacity: + storage: {{ .Values.persistence.size}} + accessModes: + - {{ .Values.persistence.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + storageClassName: "{{ include "common.fullname" . }}-logs" + hostPath: + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ include "common.release" . }}/{{ .Values.persistence.mountSubPathLogs }} +{{- end -}} +{{- end -}} diff --git a/kubernetes/pomba/components/pomba-elasticsearch/templates/pvc-data.yaml b/kubernetes/pomba/components/pomba-elasticsearch/templates/pvc-data.yaml new file mode 100644 index 0000000000..4004e00f7e --- /dev/null +++ b/kubernetes/pomba/components/pomba-elasticsearch/templates/pvc-data.yaml @@ -0,0 +1,40 @@ +{{/* +# Copyright © 2019 Amdocs, Bell Canada, Orange +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ include "common.release" . }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + accessModes: + - {{ .Values.persistence.accessMode }} + storageClassName: {{ include "common.storageClass" . }} + resources: + requests: + storage: {{ .Values.persistence.size }} +{{- end -}} diff --git a/kubernetes/pomba/components/pomba-elasticsearch/templates/pvc-logs.yaml b/kubernetes/pomba/components/pomba-elasticsearch/templates/pvc-logs.yaml new file mode 100644 index 0000000000..f5898c129f --- /dev/null +++ b/kubernetes/pomba/components/pomba-elasticsearch/templates/pvc-logs.yaml @@ -0,0 +1,44 @@ +{{/* +# Copyright © 2019 Amdocs, Bell Canada, Orange +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }}-logs + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ include "common.release" . }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }}-logs +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + accessModes: + - {{ .Values.persistence.accessMode }} +{{- if eq "True" (include "common.needPV" .) }} + storageClassName: "{{ include "common.fullname" . }}-logs" +{{- else }} + storageClassName: {{ include "common.storageClass" . }} +{{- end }} + resources: + requests: + storage: {{ .Values.persistence.size }} +{{- end -}} diff --git a/kubernetes/pomba/components/pomba-elasticsearch/templates/service.yaml b/kubernetes/pomba/components/pomba-elasticsearch/templates/service.yaml new file mode 100644 index 0000000000..0a12afb609 --- /dev/null +++ b/kubernetes/pomba/components/pomba-elasticsearch/templates/service.yaml @@ -0,0 +1,69 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.service.name }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} + annotations: +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.name }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.name }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ include "common.release" . }} +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.service.name2 }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} + annotations: +spec: + type: {{ .Values.service.type2 }} + ports: + {{if eq .Values.service.type2 "NodePort" -}} + - port: {{ .Values.service.internalPort2 }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }} + name: {{ .Values.service.name2 }} + {{- else -}} + - port: {{ .Values.service.externalPort2 }} + targetPort: {{ .Values.service.internalPort2 }} + name: {{ .Values.service.name2 }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ include "common.release" . }} diff --git a/kubernetes/pomba/components/pomba-elasticsearch/values.yaml b/kubernetes/pomba/components/pomba-elasticsearch/values.yaml new file mode 100644 index 0000000000..04b9434e02 --- /dev/null +++ b/kubernetes/pomba/components/pomba-elasticsearch/values.yaml @@ -0,0 +1,109 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + persistence: {} + +################################################################# +# Application configuration defaults. +################################################################# + +# application image +image: elasticsearch/elasticsearch:6.6.2 +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration +# Example: +config: {} + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 120 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 120 + periodSeconds: 10 + +## Persist data to a persitent volume +persistence: + enabled: true + + ## A manually managed Persistent Volume and Claim + ## Requires persistence.enabled: true + ## If defined, PVC must be created manually before volume will be bound + # existingClaim: + volumeReclaimPolicy: Retain + + ## database data Persistent Volume Storage Class + ## If defined, storageClassName: <storageClass> + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is + ## set, choosing the default provisioner. (gp2 on AWS, standard on + ## GKE, AWS & OpenStack) + accessMode: ReadWriteOnce + size: 1Gi + mountPath: /dockerdata-nfs + mountSubPath: pomba/elasticsearch/data + mountSubPathLogs: pomba + +service: + type: ClusterIP + name: pomba-es + externalPort: 9200 + internalPort: 9200 + type2: ClusterIP + name2: pomba-es-tcp + externalPort2: 9300 + internalPort2: 9300 + +ingress: + enabled: false + +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 2 + memory: 3Gi + requests: + cpu: 1 + memory: 1.5Gi + large: + limits: + cpu: 4 + memory: 6Gi + requests: + cpu: 2 + memory: 3Gi + unlimited: {} diff --git a/kubernetes/pomba/components/pomba-kibana/Chart.yaml b/kubernetes/pomba/components/pomba-kibana/Chart.yaml new file mode 100644 index 0000000000..111730ce49 --- /dev/null +++ b/kubernetes/pomba/components/pomba-kibana/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: ONAP POMBA Kibana +name: pomba-kibana +version: 6.0.0 diff --git a/kubernetes/pomba/components/pomba-kibana/requirements.yaml b/kubernetes/pomba/components/pomba-kibana/requirements.yaml new file mode 100644 index 0000000000..fbe51550f0 --- /dev/null +++ b/kubernetes/pomba/components/pomba-kibana/requirements.yaml @@ -0,0 +1,21 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~6.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~6.x-0 + repository: '@local' diff --git a/kubernetes/pomba/components/pomba-kibana/resources/auth/pomba.crt.pem b/kubernetes/pomba/components/pomba-kibana/resources/auth/pomba.crt.pem new file mode 100644 index 0000000000..11125eaef7 --- /dev/null +++ b/kubernetes/pomba/components/pomba-kibana/resources/auth/pomba.crt.pem @@ -0,0 +1,24 @@ +-----BEGIN CERTIFICATE----- +MIID/TCCAuWgAwIBAgIJALVJyrUvH8uGMA0GCSqGSIb3DQEBCwUAMIGUMQswCQYD +VQQGEwJBVTERMA8GA1UECAwIVmljdG9yaWExEjAQBgNVBAcMCU1lbGJvdXJuZTEd +MBsGA1UECgwURXhhbXBsZSBPcmdhbml6YXRpb24xGzAZBgNVBAMMEmtpYmFuYS5l +eGFtcGxlLm9yZzEiMCAGCSqGSIb3DQEJARYTZXhhbXBsZUBleGFtcGxlLm9yZzAe +Fw0xNjA5MTgwMzU4NTNaFw0yNjA5MTYwMzU4NTNaMIGUMQswCQYDVQQGEwJBVTER +MA8GA1UECAwIVmljdG9yaWExEjAQBgNVBAcMCU1lbGJvdXJuZTEdMBsGA1UECgwU +RXhhbXBsZSBPcmdhbml6YXRpb24xGzAZBgNVBAMMEmtpYmFuYS5leGFtcGxlLm9y +ZzEiMCAGCSqGSIb3DQEJARYTZXhhbXBsZUBleGFtcGxlLm9yZzCCASIwDQYJKoZI +hvcNAQEBBQADggEPADCCAQoCggEBAK3AKz7Jq8CGR75NcbuUKiLTJhSS0/TBGA9M +k+OmradT5qWhFKbxUDoMwT4YpUTzkUGUzkGEVbUsrKK4XaYXldRoHOm8mS0aBErk +g2ffmpi+TiGk5LHykZ0avmYeEsqVESAjVEMuU3fWJzZd4NfUcTKsBA7Ccqfnb3CB +TS5fbAz/zw1K//XR5ZNCEBOsFD+0oFGKTNLCeMBCwccFNyVI2mNZpDA++HilNiQj +TEJytBXGcMVZaS+Tc0vENfVWHAAtVdk8+dd6jkpNnDhK1W1TB7HvhScewyEGh9yb +cK5asE8TBebEvUIrPaVFz+ef/o3lRev0Gq1QUYAoaG7ps9JlDcsCAwEAAaNQME4w +HQYDVR0OBBYEFIKSLrYMY9fXpCS7OGnyxhS7JzRrMB8GA1UdIwQYMBaAFIKSLrYM +Y9fXpCS7OGnyxhS7JzRrMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEB +ABiu7+GH8WGNPqPUUHP17HHYK41xAyYoKSzCrELKmFLphYhnUQA6EeBY8rjYr3X0 +Z2O0F9J6Cik/kG/uBYW0Oi8PQ0EeSZwzvd+CsAc2EJAryOBpafWRXa2XrOtFkKjq +jKWHSa0QJsBALiu8+JVfcwXYshbhmdVBxrktxMoY9WpGI7EcZkf77SW5enY4LtSF +wuRr2lv29YADsa/Q7JV2I4oAbWUjW3513mR5JsefHPk7hXZbRCXqUxFTmWpnDomF +HDeEDAdSgMgzODnbU/qHI9tmP6iDaCTz/eVfyCMKGYA0oIX1j5GdJ6HXK1OHafJK +W/M9gDRhQKU0bTXC2CoEOAs= +-----END CERTIFICATE----- diff --git a/kubernetes/pomba/components/pomba-kibana/resources/auth/pomba.key.pem b/kubernetes/pomba/components/pomba-kibana/resources/auth/pomba.key.pem new file mode 100644 index 0000000000..db46f0d462 --- /dev/null +++ b/kubernetes/pomba/components/pomba-kibana/resources/auth/pomba.key.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCtwCs+yavAhke+ +TXG7lCoi0yYUktP0wRgPTJPjpq2nU+aloRSm8VA6DME+GKVE85FBlM5BhFW1LKyi +uF2mF5XUaBzpvJktGgRK5INn35qYvk4hpOSx8pGdGr5mHhLKlREgI1RDLlN31ic2 +XeDX1HEyrAQOwnKn529wgU0uX2wM/88NSv/10eWTQhATrBQ/tKBRikzSwnjAQsHH +BTclSNpjWaQwPvh4pTYkI0xCcrQVxnDFWWkvk3NLxDX1VhwALVXZPPnXeo5KTZw4 +StVtUwex74UnHsMhBofcm3CuWrBPEwXmxL1CKz2lRc/nn/6N5UXr9BqtUFGAKGhu +6bPSZQ3LAgMBAAECggEAKE5S+d7ItAGydOf8QTpux+NZix5Agx+kGDB4gi/xSsbA +051ZcBy8sqqwzVnkROmHwcHmUvaC92NkrN6+AsCn5j08r9ArbHYDlugJv7f0YgiL +kWxyDQGrW9mPX5sMWuhXr6/iZS9C96K7N/ZxKUBD/jA/RLlA5chfZqboI6DJLP5s +u03ZW4toaGItLZtPxF07eElE4MGG/TbkoBZ5t79Y98TJP2oO95IpPQa8omqQcDEM +w0DsbV/dJV9AtyZBfmIRNaG5beiIUH26OQzUJP7FP2eIN4F/CAXLdlMnHtQA1XJz +QRwMxbfBQ+JfKD7YWedqivrjR0iPMx80M4HSU9DFaQKBgQDa+7F7zDRy4WU0GtfP +g+ArDUMjQv5pTXA0b2hKjHJRXM3LVo5qNJYWlirHtPjkVL4BJSY+iVl9/lfV2Xrf +gDXQLcUhABx5HNzZ5p+NyDHWrpZamFkfw9wLwQHXZGG8I+dla/iToHRWEH2QYxdz +VvfntpyE7XbxzhPPiS5haHGerwKBgQDLHxPn/jm2dSHa6jAidJXFJCMblcDuwIBy +7Cm7vnRro9Mbx/hZkRPXYWHQ/4WEVlWO9Sgkf4ambPSmdFg8ksQwBBd+l3K5K4Un +2AIL/PqgZg+anoEYYn1sqiWSc+YiO2GiRaHh5wOWtekEBBH9HcYkmKIXm3JHVdSw +SpQsryxppQKBgDi7qqDLJ+93a7PTHIRbwzEEL5esHKOFd4NuNZPSzS89HugGVcE4 +PIY/g3fX7/+f4NYFHOJozTGyOmlh/c53tfloUkEZeUb7blBZyo5+BkN7WeLAw55S +LOkyqNp33EZU+vcwwObmVB2UCiPlOEceif2TNvvNVdqRrFpBTS3ZVE5rAoGAJivk +9cgU2HESt60i9paqPq4X2us9oqCSgwZWoW2dO01CMwpVZZ+Z9vPaCgi68q+2zHLN +5G4Cw+vd3honKtr5+3wJXkTfzmSbVW2GlPIpt1L2w7vdztNTdsRS4z7clLpMEs67 +KVTcm8n7zEFnkAW0YtQ8Qet4gmdi3O5nAi65TfECgYEA0Pw2X4R37IrYM7tFDJSz +zDF4mRmk2qfhHBd8IaIDBpsXSgLcVRduro4HBzf/JeCt8rvw3VMLEFyqwyszpHro +xNnqPvbMPMCtOvUcr1VtXnO7CzaFNCJrfjYdV8vmDgvbYmBEHzG+LGbnVZIBUhQa +igVjtqU1uT83+VpR703IcBI= +-----END PRIVATE KEY----- diff --git a/kubernetes/pomba/components/pomba-kibana/resources/bin/kibana_start.sh b/kubernetes/pomba/components/pomba-kibana/resources/bin/kibana_start.sh new file mode 100644 index 0000000000..781a4b7f67 --- /dev/null +++ b/kubernetes/pomba/components/pomba-kibana/resources/bin/kibana_start.sh @@ -0,0 +1,26 @@ +#!/bin/bash +{{/* + +# Copyright � 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +mkdir -p /usr/share/kibana/auth +chmod 0777 /usr/share/kibana/auth + +cp /opt/app/auth/* /usr/share/kibana/auth/. + +chmod 0400 /usr/share/kibana/auth/* + +/usr/share/kibana/node/bin/node --no-warnings /usr/share/kibana/src/cli --cpu.cgroup.path.override=/ --cpuacct.cgroup.path.override=/ diff --git a/kubernetes/pomba/components/pomba-kibana/resources/config/default-mapping.json b/kubernetes/pomba/components/pomba-kibana/resources/config/default-mapping.json new file mode 100644 index 0000000000..77afee7a03 --- /dev/null +++ b/kubernetes/pomba/components/pomba-kibana/resources/config/default-mapping.json @@ -0,0 +1,247 @@ +{ + ".kibana": { + "mappings": { + "doc": { + "dynamic": "strict", + "properties": { + "config": { + "dynamic": "true", + "properties": { + "buildNum": { + "type": "keyword" + }, + "defaultIndex": { + "type": "text", + "fields": { + "keyword": { + "type": "keyword", + "ignore_above": 256 + } + } + }, + "telemetry:optIn": { + "type": "boolean" + } + } + }, + "dashboard": { + "properties": { + "description": { + "type": "text" + }, + "hits": { + "type": "integer" + }, + "kibanaSavedObjectMeta": { + "properties": { + "searchSourceJSON": { + "type": "text" + } + } + }, + "optionsJSON": { + "type": "text" + }, + "panelsJSON": { + "type": "text" + }, + "refreshInterval": { + "properties": { + "display": { + "type": "keyword" + }, + "pause": { + "type": "boolean" + }, + "section": { + "type": "integer" + }, + "value": { + "type": "integer" + } + } + }, + "timeFrom": { + "type": "keyword" + }, + "timeRestore": { + "type": "boolean" + }, + "timeTo": { + "type": "keyword" + }, + "title": { + "type": "text" + }, + "uiStateJSON": { + "type": "text" + }, + "version": { + "type": "integer" + } + } + }, + "index-pattern": { + "properties": { + "fieldFormatMap": { + "type": "text" + }, + "fields": { + "type": "text" + }, + "intervalName": { + "type": "keyword" + }, + "notExpandable": { + "type": "boolean" + }, + "sourceFilters": { + "type": "text" + }, + "timeFieldName": { + "type": "keyword" + }, + "title": { + "type": "text" + } + } + }, + "search": { + "properties": { + "columns": { + "type": "keyword" + }, + "description": { + "type": "text" + }, + "hits": { + "type": "integer" + }, + "kibanaSavedObjectMeta": { + "properties": { + "searchSourceJSON": { + "type": "text" + } + } + }, + "sort": { + "type": "keyword" + }, + "title": { + "type": "text" + }, + "version": { + "type": "integer" + } + } + }, + "server": { + "properties": { + "uuid": { + "type": "keyword" + } + } + }, + "timelion-sheet": { + "properties": { + "description": { + "type": "text" + }, + "hits": { + "type": "integer" + }, + "kibanaSavedObjectMeta": { + "properties": { + "searchSourceJSON": { + "type": "text" + } + } + }, + "timelion_chart_height": { + "type": "integer" + }, + "timelion_columns": { + "type": "integer" + }, + "timelion_interval": { + "type": "keyword" + }, + "timelion_other_interval": { + "type": "keyword" + }, + "timelion_rows": { + "type": "integer" + }, + "timelion_sheet": { + "type": "text" + }, + "title": { + "type": "text" + }, + "version": { + "type": "integer" + } + } + }, + "type": { + "type": "keyword" + }, + "updated_at": { + "type": "date" + }, + "url": { + "properties": { + "accessCount": { + "type": "long" + }, + "accessDate": { + "type": "date" + }, + "createDate": { + "type": "date" + }, + "url": { + "type": "text", + "fields": { + "keyword": { + "type": "keyword", + "ignore_above": 2048 + } + } + } + } + }, + "visualization": { + "properties": { + "description": { + "type": "text" + }, + "kibanaSavedObjectMeta": { + "properties": { + "searchSourceJSON": { + "type": "text" + } + } + }, + "savedSearchId": { + "type": "keyword" + }, + "title": { + "type": "text" + }, + "uiStateJSON": { + "type": "text" + }, + "version": { + "type": "integer" + }, + "visState": { + "type": "text" + } + } + } + } + } + } + } +}
\ No newline at end of file diff --git a/kubernetes/pomba/components/pomba-kibana/resources/config/default.json b/kubernetes/pomba/components/pomba-kibana/resources/config/default.json new file mode 100644 index 0000000000..d54dbfe686 --- /dev/null +++ b/kubernetes/pomba/components/pomba-kibana/resources/config/default.json @@ -0,0 +1,239 @@ +{ + "_index": ".kibana", + "_type": "doc", + "_id": "index-pattern:f4978470-8fa0-11e8-bf59-199e245501e4", + "_score": 1, + "_source": { + "type": "index-pattern", + "updated_at": "2018-07-25T00:23:33.543Z", + "index-pattern": { + "title": "service-viol*", + "timeFieldName": "violationTimestamp", + "fields": "[{\"name\":\"_id\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"_index\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"_score\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_source\",\"type\":\"_source\",\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_type\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"category\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"message\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"modelInvariantId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"modelVersionId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"serviceInstanceId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"severity\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"validationId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"validationRule\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"validationTimestamp\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"violationId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violationTimestamp\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"violationType\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false}]" + } + } +}{ + "_index": ".kibana", + "_type": "doc", + "_id": "dashboard:Audit-Dashboard", + "_score": 1, + "_source": { + "type": "dashboard", + "updated_at": "2018-07-25T01:08:47.377Z", + "dashboard": { + "title": "Audit Dashboard", + "hits": 0, + "description": "", + "panelsJSON": "[{\"id\":\"Count-Visualization\",\"type\":\"visualization\",\"panelIndex\":1,\"size_x\":12,\"size_y\":3,\"col\":1,\"row\":1},{\"id\":\"Validation-Records\",\"type\":\"search\",\"panelIndex\":2,\"size_x\":12,\"size_y\":5,\"col\":1,\"row\":4,\"columns\":[\"validationId\",\"modelInvariantId\",\"serviceInstanceId\",\"result\"],\"sort\":[\"validationTimestamp\",\"desc\"]}]", + "optionsJSON": "{\"darkTheme\":false}", + "uiStateJSON": "{}", + "version": 1, + "timeRestore": true, + "timeTo": "now", + "timeFrom": "now-30d", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[{\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}}}]}" + } + } + } +}{ + "_index": ".kibana", + "_type": "doc", + "_id": "search:test", + "_score": 1, + "_source": { + "type": "search", + "updated_at": "2018-07-25T01:12:03.481Z", + "search": { + "title": "test", + "description": "", + "hits": 0, + "columns": [ + "serviceInstanceId", + "validationId" + ], + "sort": [ + "validationTimestamp", + "desc" + ], + "version": 1, + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"index\":\"2fa1bf80-8fa7-11e8-b5d4-cb06e6cca380\",\"query\":{\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}},\"language\":\"lucene\"},\"filter\":[],\"highlight\":{\"pre_tags\":[\"@kibana-highlighted-field@\"],\"post_tags\":[\"@/kibana-highlighted-field@\"],\"fields\":{\"*\":{}},\"require_field_match\":false,\"fragment_size\":2147483647}}" + } + } + } +}{ + "_index": ".kibana", + "_type": "doc", + "_id": "visualization:Violations-Over-Time", + "_score": 1, + "_source": { + "type": "visualization", + "updated_at": "2018-07-25T01:08:47.645Z", + "visualization": { + "title": "Violations Over Time", + "visState": "{\"title\":\"Violations Over Time\",\"type\":\"histogram\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"scale\":\"linear\",\"mode\":\"stacked\",\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":false,\"setYExtents\":false,\"yAxis\":{}},\"aggs\":[{\"id\":\"1\",\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Violation Events\"}},{\"id\":\"2\",\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"violationTimestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{}}}],\"listeners\":{}}", + "uiStateJSON": "{}", + "description": "", + "savedSearchId": "Violation-Search", + "version": 1, + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[]}" + } + } + } +}{ + "_index": ".kibana", + "_type": "doc", + "_id": "dashboard:Audit-Violations-Dashboard", + "_score": 1, + "_source": { + "type": "dashboard", + "updated_at": "2018-07-25T01:08:47.382Z", + "dashboard": { + "title": "Audit Violations Dashboard", + "hits": 0, + "description": "", + "panelsJSON": "[{\"id\":\"Violations-Over-Time\",\"type\":\"visualization\",\"panelIndex\":1,\"size_x\":12,\"size_y\":3,\"col\":1,\"row\":1},{\"id\":\"Violation-Search\",\"type\":\"search\",\"panelIndex\":2,\"size_x\":12,\"size_y\":5,\"col\":1,\"row\":4,\"columns\":[\"validationId\",\"violationId\",\"violationType\",\"message\",\"severity\"],\"sort\":[\"validationTimestamp\",\"desc\"]}]", + "optionsJSON": "{\"darkTheme\":false}", + "uiStateJSON": "{}", + "version": 1, + "timeRestore": false, + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[{\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}}}]}" + } + } + } +}{ + "_index": ".kibana", + "_type": "doc", + "_id": "visualization:Count-Visualization", + "_score": 1, + "_source": { + "type": "visualization", + "updated_at": "2018-07-25T01:12:03.484Z", + "visualization": { + "title": "Validations Over Time", + "visState": "{\"aggs\":[{\"id\":\"1\",\"params\":{\"customLabel\":\"Validation Events\"},\"schema\":\"metric\",\"type\":\"count\"},{\"id\":\"2\",\"params\":{\"customInterval\":\"2h\",\"customLabel\":\"\",\"extended_bounds\":{},\"field\":\"validationTimestamp\",\"interval\":\"auto\",\"min_doc_count\":1},\"schema\":\"segment\",\"type\":\"date_histogram\"}],\"listeners\":{},\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"defaultYExtents\":false,\"mode\":\"stacked\",\"scale\":\"linear\",\"setYExtents\":false,\"shareYAxis\":true,\"times\":[],\"yAxis\":{}},\"title\":\"Count Visualization\",\"type\":\"histogram\"}", + "uiStateJSON": "{}", + "description": "", + "version": 1, + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"index\":\"2fa1bf80-8fa7-11e8-b5d4-cb06e6cca380\",\"query\":{\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}},\"language\":\"lucene\"},\"filter\":[]}" + } + } + } +}{ + "_index": ".kibana", + "_type": "doc", + "_id": "config:6.3.1", + "_score": 1, + "_source": { + "type": "config", + "updated_at": "2018-07-25T00:25:06.654Z", + "config": { + "buildNum": 17276, + "defaultIndex": "f4978470-8fa0-11e8-bf59-199e245501e4", + "telemetry:optIn": false + } + } +}{ + "_index": ".kibana", + "_type": "doc", + "_id": "search:Validation-Records", + "_score": 1, + "_source": { + "type": "search", + "updated_at": "2018-07-25T01:12:03.478Z", + "search": { + "title": "Validation Records", + "description": "", + "hits": 0, + "columns": [ + "validationId", + "modelInvariantId", + "serviceInstanceId", + "result" + ], + "sort": [ + "validationTimestamp", + "desc" + ], + "version": 1, + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"index\":\"2fa1bf80-8fa7-11e8-b5d4-cb06e6cca380\",\"query\":{\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}},\"language\":\"lucene\"},\"filter\":[],\"highlight\":{\"pre_tags\":[\"@kibana-highlighted-field@\"],\"post_tags\":[\"@/kibana-highlighted-field@\"],\"fields\":{\"*\":{}},\"require_field_match\":false,\"fragment_size\":2147483647}}" + } + } + } +}{ + "_index": ".kibana", + "_type": "doc", + "_id": "search:Main-View", + "_score": 1, + "_source": { + "type": "search", + "updated_at": "2018-07-25T01:12:03.480Z", + "search": { + "title": "Main View", + "description": "", + "hits": 0, + "columns": [ + "validationId", + "modelInvariantId", + "serviceInstanceId", + "result" + ], + "sort": [ + "validationTimestamp", + "desc" + ], + "version": 1, + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"index\":\"2fa1bf80-8fa7-11e8-b5d4-cb06e6cca380\",\"query\":{\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}},\"language\":\"lucene\"},\"filter\":[],\"highlight\":{\"pre_tags\":[\"@kibana-highlighted-field@\"],\"post_tags\":[\"@/kibana-highlighted-field@\"],\"fields\":{\"*\":{}},\"require_field_match\":false,\"fragment_size\":2147483647}}" + } + } + } +}{ + "_index": ".kibana", + "_type": "doc", + "_id": "index-pattern:2fa1bf80-8fa7-11e8-b5d4-cb06e6cca380", + "_score": 1, + "_source": { + "type": "index-pattern", + "updated_at": "2018-07-25T01:08:06.474Z", + "index-pattern": { + "title": "service-validations*", + "timeFieldName": "validationTimestamp", + "fields": "[{\"name\":\"_id\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"_index\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"_score\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_source\",\"type\":\"_source\",\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_type\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"modelInvariantId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"modelName\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"modelVersionId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"result\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"serviceInstanceId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"validationId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"validationTimestamp\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"violations.category\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.errorMessage\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.modelName\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.severity\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.validationRule\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.violationDetails.context-list-aai-vf-list[*]-name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.violationDetails.context-list-aai-vf-list[*]-type\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.violationDetails.context-list-aai-vf-list[*].invariant-id\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.violationDetails.context-list-aai-vf-list[*].name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.violationDetails.context-list-aai-vf-list[*].nf-naming-code\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.violationDetails.context-list-aai-vf-list[*].type\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.violationDetails.context-list-aai-vf-list[*].uuid\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.violationDetails.context-list-aai-vf-list[*].vf-module-list.invariant-id\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.violationDetails.context-list-aai-vf-list[*].vf-module-list.max-instances\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"violations.violationDetails.context-list-aai-vf-list[*].vf-module-list.min-instances\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"violations.violationDetails.context-list-aai-vf-list[*].vf-module-list.uuid\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.violationDetails.context-list-aai-vf-list[*].vnfc-list.name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.violationDetails.context-list-aai-vf-list[*].vnfc-list.nfc-naming-code\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.violationDetails.context-list-aai-vf[*]-name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.violationDetails.context-list-aai-vf[*]-type\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.violationDetails.context-list-sdc-service-name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.violationDetails.context-list-sdc-vf-list[*].invariant-id\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.violationDetails.context-list-sdc-vf-list[*].name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.violationDetails.context-list-sdc-vf-list[*].type\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.violationDetails.context-list-sdc-vf-list[*].uuid\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.violationDetails.context-list-sdc-vf-list[*].vf-module-list.invariant-id\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.violationDetails.context-list-sdc-vf-list[*].vf-module-list.max-instances\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"violations.violationDetails.context-list-sdc-vf-list[*].vf-module-list.min-instances\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"violations.violationDetails.context-list-sdc-vf-list[*].vf-module-list.uuid\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.violationDetails.context-list-sdc-vf-list[*].vnfc-list.invariant-id\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.violationDetails.context-list-sdc-vf-list[*].vnfc-list.name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.violationDetails.context-list-sdc-vf-list[*].vnfc-list.nfc-naming-code\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.violationDetails.context-list-sdc-vf-list[*].vnfc-list.uuid\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.violationDetails.context-list-sdnc-vf-list[*]-name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.violationDetails.context-list-sdnc-vf-list[*]-type\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.violationDetails.context-list-sdnc-vf[*]-name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.violationDetails.context-list-sdnc-vf[*]-type\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.violationId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"violations.violationTimestamp\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"violations.violationType\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"client\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"requestId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false}]" + } + } +}{ + "_index": ".kibana", + "_type": "doc", + "_id": "search:Violation-Search", + "_score": 1, + "_source": { + "type": "search", + "updated_at": "2018-07-25T01:12:03.486Z", + "search": { + "title": "Violation Search", + "description": "", + "hits": 0, + "columns": [ + "validationId", + "violationId", + "violationType", + "message", + "severity" + ], + "sort": [ + "validationTimestamp", + "desc" + ], + "version": 1, + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"index\":\"f4978470-8fa0-11e8-bf59-199e245501e4\",\"query\":{\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}},\"language\":\"lucene\"},\"filter\":[],\"highlight\":{\"pre_tags\":[\"@kibana-highlighted-field@\"],\"post_tags\":[\"@/kibana-highlighted-field@\"],\"fields\":{\"*\":{}},\"require_field_match\":false,\"fragment_size\":2147483647}}" + } + } + } +} diff --git a/kubernetes/pomba/components/pomba-kibana/resources/config/kibana.yml b/kubernetes/pomba/components/pomba-kibana/resources/config/kibana.yml new file mode 100644 index 0000000000..fdcdd02cc7 --- /dev/null +++ b/kubernetes/pomba/components/pomba-kibana/resources/config/kibana.yml @@ -0,0 +1,114 @@ +xpack.graph.enabled: false +#Set to false to disable X-Pack graph features. +xpack.ml.enabled: false +#Set to false to disable X-Pack machine learning features. +xpack.monitoring.enabled: false +#Set to false to disable X-Pack monitoring features. +xpack.reporting.enabled: false +#Set to false to disable X-Pack reporting features. +xpack.security.enabled: false +#Set to false to disable X-Pack security features. +xpack.watcher.enabled: false +#Set to false to disable Watcher. +# Kibana is served by a back end server. This setting specifies the port to use. +server.port: {{.Values.service.externalPort}} + +# Specifies the address to which the Kibana server will bind. IP addresses and host names are both valid values. +# The default is 'localhost', which usually means remote machines will not be able to connect. +# To allow connections from remote users, set this parameter to a non-loopback address. +server.host: "0" + +# Enables you to specify a path to mount Kibana at if you are running behind a proxy. This only affects +# the URLs generated by Kibana, your proxy is expected to remove the basePath value before forwarding requests +# to Kibana. This setting cannot end in a slash. +#server.basePath: "" + +# The maximum payload size in bytes for incoming server requests. +#server.maxPayloadBytes: 1048576 + +# The Kibana server's name. This is used for display purposes. +server.name: "POMBA Reports" + +# The URL of the Elasticsearch instance to use for all your queries. +elasticsearch.url: "http://{{.Values.config.elasticsearchServiceName}}.{{.Release.Namespace}}:{{.Values.config.elasticsearchPort}}" +# When this setting's value is true Kibana uses the hostname specified in the server.host +# setting. When the value of this setting is false, Kibana uses the hostname of the host +# that connects to this Kibana instance. +#elasticsearch.preserveHost: true + +# Kibana uses an index in Elasticsearch to store saved searches, visualizations and +# dashboards. Kibana creates a new index if the index doesn't already exist. +#kibana.index: ".kibana" + +# The default application to load. +#kibana.defaultAppId: "discover" + +# If your Elasticsearch is protected with basic authentication, these settings provide +# the username and password that the Kibana server uses to perform maintenance on the Kibana +# index at startup. Your Kibana users still need to authenticate with Elasticsearch, which +# is proxied through the Kibana server. +elasticsearch.username: "elastic" +elasticsearch.password: "changeme" +# Enables SSL and paths to the PEM-format SSL certificate and SSL key files, respectively. +# These settings enable SSL for outgoing requests from the Kibana server to the browser. +server.ssl.enabled: {{.Values.config.serverSslEnabled}} +server.ssl.certificate: {{.Values.config.serverSslCertificate}} +server.ssl.key: {{.Values.config.serverSslKey}} + +# Optional settings that provide the paths to the PEM-format SSL certificate and key files. +# These files validate that your Elasticsearch backend uses the same key files. +#elasticsearch.ssl.certificate: $elasticsearch_ssl_certificate +#elasticsearch.ssl.key: $elasticsearch_ssl_key + +# Optional setting that enables you to specify a path to the PEM file for the certificate +# authority for your Elasticsearch instance. +#elasticsearch.ssl.certificateAuthorities: $elasticsearch_ssl_certificateAuthorities + +# To disregard the validity of SSL certificates, change this setting's value to 'none'. +#elasticsearch.ssl.verificationMode: $elasticsearch_ssl_verificationMode + +# Time in milliseconds to wait for Elasticsearch to respond to pings. Defaults to the value of +# the elasticsearch.requestTimeout setting. +#elasticsearch.pingTimeout: 1500 + +# Time in milliseconds to wait for responses from the back end or Elasticsearch. This value +# must be a positive integer. +#elasticsearch.requestTimeout: 30000 + +# List of Kibana client-side headers to send to Elasticsearch. To send *no* client-side +# headers, set this value to [] (an empty list). +#elasticsearch.requestHeadersWhitelist: [ authorization ] + +# Header names and values that are sent to Elasticsearch. Any custom headers cannot be overwritten +# by client-side headers, regardless of the elasticsearch.requestHeadersWhitelist configuration. +#elasticsearch.customHeaders: {} + +# Time in milliseconds for Elasticsearch to wait for responses from shards. Set to 0 to disable. +#elasticsearch.shardTimeout: 0 + +# Time in milliseconds to wait for Elasticsearch at Kibana startup before retrying. +#elasticsearch.startupTimeout: 5000 + +# Specifies the path where Kibana creates the process ID file. +#pid.file: /var/run/kibana.pid + +# Enables you specify a file where Kibana stores log output. +#logging.dest: stdout + +# Set the value of this setting to true to suppress all logging output. +#logging.silent: false + +# Set the value of this setting to true to suppress all logging output other than error messages. +#logging.quiet: false + +# Set the value of this setting to true to log all events, including system usage information +# and all requests. +#logging.verbose: false + +# Set the interval in milliseconds to sample system and process performance +# metrics. Minimum is 100ms. Defaults to 5000. +#ops.interval: 5000 + +# The default locale. This locale can be used in certain circumstances to substitute any missing +# translations. +#i18n.defaultLocale: "en" diff --git a/kubernetes/pomba/components/pomba-kibana/templates/configmap.yaml b/kubernetes/pomba/components/pomba-kibana/templates/configmap.yaml new file mode 100644 index 0000000000..8facf30c14 --- /dev/null +++ b/kubernetes/pomba/components/pomba-kibana/templates/configmap.yaml @@ -0,0 +1,39 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-auth + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/auth/*").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-bin + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/bin/*").AsConfig . | indent 2 }} diff --git a/kubernetes/pomba/components/pomba-kibana/templates/deployment.yaml b/kubernetes/pomba/components/pomba-kibana/templates/deployment.yaml new file mode 100644 index 0000000000..7258784f09 --- /dev/null +++ b/kubernetes/pomba/components/pomba-kibana/templates/deployment.yaml @@ -0,0 +1,157 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ include "common.release" . }} + spec: + initContainers: + - command: + - /app/ready.py + args: + - --container-name + - pomba-elasticsearch + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: {{ include "repositoryGenerator.image.readiness" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness + - args: + - --output=http://{{.Values.config.elasticsearchServiceName}}.{{ include "common.namespace" . }}:{{.Values.config.elasticsearchPort}}/.kibana + - --input=/config/default-mapping.json + - --type=mapping + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.configImage }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-config-map + volumeMounts: + - mountPath: /config/default-mapping.json + name: {{ include "common.fullname" . }} + subPath: default-mapping.json + - args: + - --output=http://{{.Values.config.elasticsearchServiceName}}.{{ include "common.namespace" . }}:{{.Values.config.elasticsearchPort}}/.kibana + - --input=/config/default.json + - --type=data + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.configImage }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-config + volumeMounts: + - mountPath: /config/default.json + name: {{ include "common.fullname" . }} + subPath: default.json + containers: + - name: {{ include "common.name" . }} + image: {{ include "repositoryGenerator.elasticRepository" . }}/{{ .Values.image }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: ["/bin/bash"] + args: ["-c", "/opt/app/bin/kibana_start.sh"] + ports: + - containerPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.name }} + readinessProbe: + httpGet: + path: "/" + scheme: "HTTPS" + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + timeoutSeconds: {{ .Values.readiness.timeoutSeconds }} +# disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + httpGet: + path: "/" + scheme: "HTTPS" + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} + {{ end -}} + env: + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /usr/share/kibana/config + name: {{ include "common.fullname" . }} + - mountPath: /opt/app/auth + name: {{ include "common.fullname" . }}-auth + - mountPath: /opt/app/bin + name: {{ include "common.fullname" . }}-bin + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: {{ include "common.fullname" . }} + configMap: + name: {{ include "common.fullname" . }} + items: + - key: kibana.yml + path: kibana.yml + - key: default.json + path: default.json + - key: default-mapping.json + path: default-mapping.json + - name: {{ include "common.fullname" . }}-auth + configMap: + name: {{ include "common.fullname" . }}-auth + defaultMode: 0777 + - name: {{ include "common.fullname" . }}-bin + configMap: + name: {{ include "common.fullname" . }}-bin + defaultMode: 0777 + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/pomba/components/pomba-kibana/templates/ingress.yaml b/kubernetes/pomba/components/pomba-kibana/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/pomba/components/pomba-kibana/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/pomba/components/pomba-kibana/templates/service.yaml b/kubernetes/pomba/components/pomba-kibana/templates/service.yaml new file mode 100644 index 0000000000..decd606f35 --- /dev/null +++ b/kubernetes/pomba/components/pomba-kibana/templates/service.yaml @@ -0,0 +1,42 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.service.name }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} + annotations: +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.name }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.name }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ include "common.release" . }} diff --git a/kubernetes/pomba/components/pomba-kibana/values.yaml b/kubernetes/pomba/components/pomba-kibana/values.yaml new file mode 100644 index 0000000000..deed02fd18 --- /dev/null +++ b/kubernetes/pomba/components/pomba-kibana/values.yaml @@ -0,0 +1,103 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + persistence: {} + +################################################################# +# Application configuration defaults. +################################################################# +# Configuration image +configImage: taskrabbit/elasticsearch-dump + +# application image +image: kibana/kibana:6.6.2 +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration +config: + elasticsearchServiceName: pomba-es + elasticsearchPort: 9200 + + #Enable HTTPS + serverSslEnabled: true + serverSslCertificate: /usr/share/kibana/auth/pomba.crt.pem + serverSslKey: /usr/share/kibana/auth/pomba.key.pem + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 300 + periodSeconds: 10 + timeoutSeconds: 1 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 300 + periodSeconds: 10 + timeoutSeconds: 1 + +service: + #Example service definition with external, internal and node ports. + #Services may use any combination of ports depending on the 'type' of + #service being defined. + type: NodePort + name: pomba-kibana + externalPort: 5601 + internalPort: 5601 + nodePort: 34 + +ingress: + enabled: false + service: + - baseaddr: "pombakibana" + name: "pomba-kibana" + port: 5601 + config: + ssl: "none" + +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 2 + memory: 1600Mi + requests: + cpu: 1 + memory: 800Mi + large: + limits: + cpu: 4 + memory: 3200Mi + requests: + cpu: 2 + memory: 1600Mi + unlimited: {} diff --git a/kubernetes/pomba/components/pomba-networkdiscovery/Chart.yaml b/kubernetes/pomba/components/pomba-networkdiscovery/Chart.yaml new file mode 100644 index 0000000000..9f8d3651b8 --- /dev/null +++ b/kubernetes/pomba/components/pomba-networkdiscovery/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2018 Amdocs
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+description: ONAP POMBA Network Discovery
+name: pomba-networkdiscovery
+version: 6.0.0
diff --git a/kubernetes/pomba/components/pomba-networkdiscovery/requirements.yaml b/kubernetes/pomba/components/pomba-networkdiscovery/requirements.yaml new file mode 100644 index 0000000000..fbe51550f0 --- /dev/null +++ b/kubernetes/pomba/components/pomba-networkdiscovery/requirements.yaml @@ -0,0 +1,21 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~6.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~6.x-0 + repository: '@local' diff --git a/kubernetes/pomba/components/pomba-networkdiscovery/resources/config/application.properties b/kubernetes/pomba/components/pomba-networkdiscovery/resources/config/application.properties new file mode 100644 index 0000000000..19f9690f73 --- /dev/null +++ b/kubernetes/pomba/components/pomba-networkdiscovery/resources/config/application.properties @@ -0,0 +1,41 @@ +{{/* +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License +*/}} + +spring.jersey.type=filter + +#Enable HTTPS +server.port={{ .Values.config.serverSslPort }} +server.ssl.key-store={{ .Values.config.serverSslKeyStore }} +server.ssl.key-store-password={{ .Values.config.serverSslKeyStorePassword }} +server.ssl.client-auth={{ .Values.config.serverSslClientAuth }} +server.ssl.enabled={{ .Values.config.serverSslEnabled }} +server.ssl.enabled-protocols={{ .Values.config.serverSslEnabledProtocols }} + +# Basic Authentication +basicAuth.username={{ .Values.config.networkDiscoveryUserId }} +basicAuth.password={{ .Values.config.networkDiscoveryPassword }} + +openstack.identity.url ={{ .Values.config.openstackIdentityUrl }} +openstack.identity.user ={{ .Values.config.openstackUserId }} +openstack.identity.password ={{ .Values.config.openstackPassword }} + +openstack.types = vserver, l3-network, port +openstack.type.vserver.url = {{ .Values.config.openstackTypeVserverUrl }} +openstack.type.l3-network.url = {{ .Values.config.openstackTypeL3NetworkUrl }} +openstack.type.port.url = {{ .Values.config.openstackTypePortUrl }} + +openstack.api.microversion = 2.42 + diff --git a/kubernetes/pomba/components/pomba-networkdiscovery/resources/config/auth/client-cert-onap.p12 b/kubernetes/pomba/components/pomba-networkdiscovery/resources/config/auth/client-cert-onap.p12 Binary files differnew file mode 100644 index 0000000000..dbf4fcacec --- /dev/null +++ b/kubernetes/pomba/components/pomba-networkdiscovery/resources/config/auth/client-cert-onap.p12 diff --git a/kubernetes/pomba/components/pomba-networkdiscovery/resources/config/auth/tomcat_keystore b/kubernetes/pomba/components/pomba-networkdiscovery/resources/config/auth/tomcat_keystore Binary files differnew file mode 100644 index 0000000000..9eec841aa2 --- /dev/null +++ b/kubernetes/pomba/components/pomba-networkdiscovery/resources/config/auth/tomcat_keystore diff --git a/kubernetes/pomba/components/pomba-networkdiscovery/resources/config/logback.xml b/kubernetes/pomba/components/pomba-networkdiscovery/resources/config/logback.xml new file mode 100644 index 0000000000..0a4b616453 --- /dev/null +++ b/kubernetes/pomba/components/pomba-networkdiscovery/resources/config/logback.xml @@ -0,0 +1,31 @@ +<configuration > + <property name="p_tim" value="%d{"yyyy-MM-dd'T'HH:mm:ss.SSSXXX", UTC}"/> + <property name="p_lvl" value="%level"/> + <property name="p_log" value="%logger"/> + <property name="p_mdc" value="%replace(%replace(%mdc){'\t','\\\\t'}){'\n', '\\\\n'}"/> + <property name="p_msg" value="%replace(%replace(%msg){'\t', '\\\\t'}){'\n','\\\\n'}"/> + <property name="p_exc" value="%replace(%replace(%rootException){'\t', '\\\\t'}){'\n','\\\\n'}"/> + <!-- tabs --> + <property name="p_mak" value="%replace(%replace(%marker){'\t', '\\\\t'}){'\n','\\\\n'}"/> + <property name="p_thr" value="%thread"/> + <property name="pattern" value="%nopexception${p_tim}\t${p_thr}\t${p_lvl}\t${p_log}\t${p_mdc}\t${p_msg}\t${p_exc}\t${p_mak}\t%n"/> + <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> + <encoder> + <pattern>${pattern}</pattern> + </encoder> + </appender> + <appender name="FILE" class="ch.qos.logback.core.FileAppender"> + <file>/opt/app/logs/EELF/output.log</file> + <encoder> + <pattern>${pattern}</pattern> + </encoder> + </appender> + <logger level="INFO" name="org.onap.logging.ref.slf4j" additivity="false"> + <appender-ref ref="STDOUT" /> + <appender-ref ref="FILE" /> + </logger> + <root level="info"> + <appender-ref ref="STDOUT" /> + <appender-ref ref="FILE" /> + </root> +</configuration> diff --git a/kubernetes/pomba/components/pomba-networkdiscovery/templates/configmap.yaml b/kubernetes/pomba/components/pomba-networkdiscovery/templates/configmap.yaml new file mode 100644 index 0000000000..2e1a4387e2 --- /dev/null +++ b/kubernetes/pomba/components/pomba-networkdiscovery/templates/configmap.yaml @@ -0,0 +1,31 @@ +{{/* +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +*/}} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-log + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/logback.xml").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-configmap + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/application.properties").AsConfig . | indent 2 }} diff --git a/kubernetes/pomba/components/pomba-networkdiscovery/templates/deployment.yaml b/kubernetes/pomba/components/pomba-networkdiscovery/templates/deployment.yaml new file mode 100644 index 0000000000..be6c7c423a --- /dev/null +++ b/kubernetes/pomba/components/pomba-networkdiscovery/templates/deployment.yaml @@ -0,0 +1,129 @@ +{{/* +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ include "common.release" . }} + spec: + containers: + - name: {{ include "common.name" . }} + image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.internalPort }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{ if .Values.liveness.enabled }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end }} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + env: + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - name: {{ include "common.fullname" . }}-logs + mountPath: /opt/app/logs + readOnly: false + - mountPath: /opt/app/config/logback.xml + name: {{ include "common.fullname" . }}-log-conf + subPath: logback.xml + - mountPath: /opt/app/config/application.properties + name: {{ include "common.fullname" . }}-config + subPath: application.properties + readOnly: true + - mountPath: /opt/app/config/auth/client-cert-onap.p12 + name: {{ include "common.fullname" . }}-auth-secret + subPath: client-cert-onap.p12 + readOnly: true + - mountPath: /opt/app/config/auth/tomcat_keystore + name: {{ include "common.fullname" . }}-auth-secret + subPath: tomcat_keystore + readOnly: true + - name: {{ include "common.fullname" . }}-logs-eelf + mountPath: /opt/app/logs/EELF + readOnly: false + + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + + # Filebeat sidecar container + - name: {{ include "common.name" . }}-filebeat-onap + image: {{ include "repositoryGenerator.image.logging" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - name: {{ include "common.fullname" . }}-filebeat-conf + mountPath: /usr/share/filebeat/filebeat.yml + subPath: filebeat.yml + - name: {{ include "common.fullname" . }}-data-filebeat + mountPath: /usr/share/filebeat/data + - name: {{ include "common.fullname" . }}-logs + mountPath: /opt/app/logs + + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: {{ include "common.fullname" . }}-logs + emptyDir: {} + - name: {{ include "common.fullname" . }}-log-conf + configMap: + name: {{ include "common.fullname" . }}-log + - name: {{ include "common.fullname" . }}-config + configMap: + name: {{ include "common.fullname" . }}-configmap + - name: {{ include "common.fullname" . }}-auth-secret + secret: + secretName: {{ include "common.fullname" . }}-auth + - name: {{ include "common.fullname" . }}-filebeat-conf + configMap: + name: {{ include "common.release" . }}-pomba-filebeat-configmap + - name: {{ include "common.fullname" . }}-data-filebeat + emptyDir: {} + - name: {{ include "common.fullname" . }}-logs-eelf + emptyDir: {} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/pomba/components/pomba-networkdiscovery/templates/ingress.yaml b/kubernetes/pomba/components/pomba-networkdiscovery/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/pomba/components/pomba-networkdiscovery/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/pomba/components/pomba-networkdiscovery/templates/secrets.yaml b/kubernetes/pomba/components/pomba-networkdiscovery/templates/secrets.yaml new file mode 100644 index 0000000000..6d357c496d --- /dev/null +++ b/kubernetes/pomba/components/pomba-networkdiscovery/templates/secrets.yaml @@ -0,0 +1,28 @@ +{{/* +# Copyright © 2018 Amdocs, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}} +
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "common.fullname" . }}-auth
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ include "common.release" . }}
+ heritage: {{ .Release.Service }}
+data:
+{{ (.Files.Glob "resources/config/auth/*").AsSecrets | indent 2 }}
diff --git a/kubernetes/pomba/components/pomba-networkdiscovery/templates/service.yaml b/kubernetes/pomba/components/pomba-networkdiscovery/templates/service.yaml new file mode 100644 index 0000000000..a846fe3ec0 --- /dev/null +++ b/kubernetes/pomba/components/pomba-networkdiscovery/templates/service.yaml @@ -0,0 +1,42 @@ +{{/* +# Copyright © 2018 Amdocs
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}} +
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "common.servicename" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ include "common.release" . }}
+ heritage: {{ .Release.Service }}
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ {{if eq .Values.service.type "NodePort" -}}
+ - port: {{ .Values.service.externalPort }}
+ targetPort: {{ .Values.service.internalPort }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.portName | default "http" }}
+ {{- else -}}
+ - port: {{ .Values.service.externalPort }}
+ targetPort: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.portName | default "http" }}
+ {{- end}}
+ selector:
+ app: {{ include "common.name" . }}
+ release: {{ include "common.release" . }}
diff --git a/kubernetes/pomba/components/pomba-networkdiscovery/values.yaml b/kubernetes/pomba/components/pomba-networkdiscovery/values.yaml new file mode 100644 index 0000000000..50c837d27d --- /dev/null +++ b/kubernetes/pomba/components/pomba-networkdiscovery/values.yaml @@ -0,0 +1,120 @@ +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + +################################################################# +# Application configuration defaults. +################################################################# +# application image +image: onap/network-discovery:1.5.1 +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration +# Example: +config: + # Network Discovery Micro Service REST Client Configuration + + #Enable HTTPS + serverSslPort: 8443 + serverSslKeyStore: /opt/app/config/auth/tomcat_keystore + serverSslKeyStorePassword: password(OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10) + serverSslClientAuth: want + serverSslEnabled: true + serverSslEnabledProtocols: TLSv1.1,TLSv1.2 + + # Basic Authorization credentials for Network Discovery Micro Service Rest Service + networkDiscoveryUserId: admin + networkDiscoveryPassword: OBF:1u2a1toa1w8v1tok1u30 + + # Basic Authorization credentials for Openstack Rest APIs + openstackIdentityUrl: http://10.69.36.11:5000/v3/auth/tokens + openstackUserId: admin + openstackPassword: OBF:1w951ugg1vun1uha1w8l + + # Openstack Rest API URLs: + openstackTypeVserverUrl: http://10.69.36.11:8774/v2.1/servers/{0} + openstackTypeL3NetworkUrl: http://10.69.36.11:9696/v2.0/networks/{0} + openstackTypePortUrl: http://10.69.36.11:9696/v2.0/ports/{0} + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 30 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 30 + periodSeconds: 10 + +#Example service definition with external, internal and node ports. +service: + # The default service name (exposed in the service.yaml) will be the same + # name as the chart. If the service name needs to be overriden (such as + # when a subchart is shared), uncomment the value below. + #name: <service-name-override> + + #Services may use any combination of ports depending on the 'type' of + #service being defined. + type: NodePort + name: pomba-networkdiscovery + externalPort: 9531 + internalPort: 8443 + nodePort: 99 + portName: https + +ingress: + enabled: false + service: + - baseaddr: "pombanetworkdiscovery" + name: "pomba-networkdiscovery" + port: 8443 + config: + ssl: "redirect" + +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 1 + memory: 800Mi + requests: + cpu: 10m + memory: 400Mi + large: + limits: + cpu: 2 + memory: 1600Mi + requests: + cpu: 20m + memory: 800Mi + unlimited: {} diff --git a/kubernetes/pomba/components/pomba-networkdiscoveryctxbuilder/Chart.yaml b/kubernetes/pomba/components/pomba-networkdiscoveryctxbuilder/Chart.yaml new file mode 100644 index 0000000000..d7cdd91aa3 --- /dev/null +++ b/kubernetes/pomba/components/pomba-networkdiscoveryctxbuilder/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: ONAP POMBA Network Discovery Context Builder +name: pomba-networkdiscoveryctxbuilder +version: 6.0.0 diff --git a/kubernetes/pomba/components/pomba-networkdiscoveryctxbuilder/requirements.yaml b/kubernetes/pomba/components/pomba-networkdiscoveryctxbuilder/requirements.yaml new file mode 100644 index 0000000000..fbe51550f0 --- /dev/null +++ b/kubernetes/pomba/components/pomba-networkdiscoveryctxbuilder/requirements.yaml @@ -0,0 +1,21 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~6.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~6.x-0 + repository: '@local' diff --git a/kubernetes/pomba/components/pomba-networkdiscoveryctxbuilder/resources/config/application.properties b/kubernetes/pomba/components/pomba-networkdiscoveryctxbuilder/resources/config/application.properties new file mode 100644 index 0000000000..6b43aba20e --- /dev/null +++ b/kubernetes/pomba/components/pomba-networkdiscoveryctxbuilder/resources/config/application.properties @@ -0,0 +1,65 @@ +{{/* +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License +*/}} + +spring.jersey.type=filter +spring.mvc.urls=swagger,docs,prometheus,auditevents,info,heapdump,autoconfig,beans,loggers,dump,env,trace,health,configprops,mappings,metrics,webjars + + +server.contextPath=/ndcontextbuilder +spring.autoconfigure.exclude=org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration,org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration + +#This property is used to set the Tomcat connector attributes.developers can define multiple attributes separated by comma +#tomcat.connector.attributes=allowTrace-true +#The max number of active threads in this pool +server.tomcat.max-threads=200 +#The minimum number of threads always kept alive +server.tomcat.min-Spare-Threads=25 +#The number of milliseconds before an idle thread shutsdown, unless the number of active threads are less or equal to minSpareThreads +server.tomcat.max-idle-time=60000 + + +# Network Discovery Context Builder REST Service +networkDiscoveryCtxBuilder.httpProtocol={{ .Values.config.networkDiscoveryCtxBuilderHttpProtocol }} +networkDiscoveryCtxBuilder.serviceName={{ .Values.global.networkdiscoveryCtxBuilderHost }} +networkDiscoveryCtxBuilder.port={{ .Values.config.networkDiscoveryCtxBuilderPort }} +# Basic Authorization credentials for Network Discovery Context Builder REST Service +networkDiscoveryCtxBuilder.userId={{ .Values.config.networkDiscoveryCtxBuilderUserId }} +networkDiscoveryCtxBuilder.password={{ .Values.config.networkDiscoveryCtxBuilderPassword }} +networkDiscoveryCtxBuilder.resourceList={{ .Values.config.networkDiscoveryCtxBuilderResourceList }} + +# Service Decomposition REST Client Configuration +serviceDecomposition.httpProtocol={{ .Values.config.serviceDecompositionHttpProtocol }} +serviceDecomposition.host={{ .Values.config.serviceDecompositionServiceName }}.{{.Release.Namespace}} +serviceDecomposition.port={{ .Values.config.serviceDecompositionPort }} +serviceDecomposition.serviceInstancePath={{ .Values.config.serviceDecompositionInstancePath }} +#Basic Authorization Client credentials for Service Decomposition REST service +serviceDecomposition.userId={{ .Values.config.serviceDecompositionUserId }} +serviceDecomposition.password={{ .Values.config.serviceDecompositionPassword }} + +# Network Discovery Micro Service REST Client Configuration + +networkDiscoveryMicroService.host={{ .Values.config.networkDiscoveryServiceName }}.{{.Release.Namespace}} +networkDiscoveryMicroService.port={{ .Values.config.networkDiscoveryPort }} +networkDiscoveryMicroService.httpProtocol={{ .Values.config.networkDiscoveryHttpProtocol }} +networkDiscoveryMicroService.networkDiscoveryPath={{ .Values.config.networkDiscoveryPath }} +# Wait for Network Discovery MicroService response in milliseconds +networkDiscoveryMicroService.responseTimeOutInMilliseconds = {{ .Values.config.networkDiscoveryTimeOutInMilliseconds }} +# Basic Authorization credentials for Network Discovery Micro Service Rest Service +networkDiscoveryMicroService.userId={{ .Values.config.networkDiscoveryUserId }} +networkDiscoveryMicroService.password={{ .Values.config.networkDiscoveryPassword }} + +#Servlet context parameters +server.context_parameters.p-name=value diff --git a/kubernetes/pomba/components/pomba-networkdiscoveryctxbuilder/resources/config/logback.xml b/kubernetes/pomba/components/pomba-networkdiscoveryctxbuilder/resources/config/logback.xml new file mode 100644 index 0000000000..0a4b616453 --- /dev/null +++ b/kubernetes/pomba/components/pomba-networkdiscoveryctxbuilder/resources/config/logback.xml @@ -0,0 +1,31 @@ +<configuration > + <property name="p_tim" value="%d{"yyyy-MM-dd'T'HH:mm:ss.SSSXXX", UTC}"/> + <property name="p_lvl" value="%level"/> + <property name="p_log" value="%logger"/> + <property name="p_mdc" value="%replace(%replace(%mdc){'\t','\\\\t'}){'\n', '\\\\n'}"/> + <property name="p_msg" value="%replace(%replace(%msg){'\t', '\\\\t'}){'\n','\\\\n'}"/> + <property name="p_exc" value="%replace(%replace(%rootException){'\t', '\\\\t'}){'\n','\\\\n'}"/> + <!-- tabs --> + <property name="p_mak" value="%replace(%replace(%marker){'\t', '\\\\t'}){'\n','\\\\n'}"/> + <property name="p_thr" value="%thread"/> + <property name="pattern" value="%nopexception${p_tim}\t${p_thr}\t${p_lvl}\t${p_log}\t${p_mdc}\t${p_msg}\t${p_exc}\t${p_mak}\t%n"/> + <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> + <encoder> + <pattern>${pattern}</pattern> + </encoder> + </appender> + <appender name="FILE" class="ch.qos.logback.core.FileAppender"> + <file>/opt/app/logs/EELF/output.log</file> + <encoder> + <pattern>${pattern}</pattern> + </encoder> + </appender> + <logger level="INFO" name="org.onap.logging.ref.slf4j" additivity="false"> + <appender-ref ref="STDOUT" /> + <appender-ref ref="FILE" /> + </logger> + <root level="info"> + <appender-ref ref="STDOUT" /> + <appender-ref ref="FILE" /> + </root> +</configuration> diff --git a/kubernetes/pomba/components/pomba-networkdiscoveryctxbuilder/templates/configmap.yaml b/kubernetes/pomba/components/pomba-networkdiscoveryctxbuilder/templates/configmap.yaml new file mode 100644 index 0000000000..d0e26326ce --- /dev/null +++ b/kubernetes/pomba/components/pomba-networkdiscoveryctxbuilder/templates/configmap.yaml @@ -0,0 +1,32 @@ +{{/* +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +*/}} + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-log + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/logback.xml").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-configmap + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/application.properties").AsConfig . | indent 2 }} diff --git a/kubernetes/pomba/components/pomba-networkdiscoveryctxbuilder/templates/deployment.yaml b/kubernetes/pomba/components/pomba-networkdiscoveryctxbuilder/templates/deployment.yaml new file mode 100644 index 0000000000..32f35b695e --- /dev/null +++ b/kubernetes/pomba/components/pomba-networkdiscoveryctxbuilder/templates/deployment.yaml @@ -0,0 +1,118 @@ +{{/* +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ include "common.release" . }} + spec: + containers: + - name: {{ include "common.name" . }} + image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.internalPort }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{ if .Values.liveness.enabled }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end }} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + env: + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - name: {{ include "common.fullname" . }}-logs + mountPath: /opt/app/logs + readOnly: false + - mountPath: /opt/app/config/logback.xml + name: {{ include "common.fullname" . }}-log-conf + subPath: logback.xml + - mountPath: /opt/app/config/application.properties + name: {{ include "common.fullname" . }}-config + readOnly: true + subPath: application.properties + - name: {{ include "common.fullname" . }}-logs-eelf + mountPath: /opt/app/logs/EELF + readOnly: false + + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + + # Filebeat sidecar container + - name: {{ include "common.name" . }}-filebeat-onap + image: {{ include "repositoryGenerator.image.logging" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - name: {{ include "common.fullname" . }}-filebeat-conf + mountPath: /usr/share/filebeat/filebeat.yml + subPath: filebeat.yml + - name: {{ include "common.fullname" . }}-data-filebeat + mountPath: /usr/share/filebeat/data + - name: {{ include "common.fullname" . }}-logs + mountPath: /opt/app/logs + + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: {{ include "common.fullname" . }}-config + configMap: + name: {{ include "common.fullname" . }}-configmap + - name: {{ include "common.fullname" . }}-log-conf + configMap: + name: {{ include "common.fullname" . }}-log + - name: {{ include "common.fullname" . }}-filebeat-conf + configMap: + name: {{ include "common.release" . }}-pomba-filebeat-configmap + - name: {{ include "common.fullname" . }}-data-filebeat + emptyDir: {} + - name: {{ include "common.fullname" . }}-logs + emptyDir: {} + - name: {{ include "common.fullname" . }}-logs-eelf + emptyDir: {} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/pomba/components/pomba-networkdiscoveryctxbuilder/templates/service.yaml b/kubernetes/pomba/components/pomba-networkdiscoveryctxbuilder/templates/service.yaml new file mode 100644 index 0000000000..2ebd6758a0 --- /dev/null +++ b/kubernetes/pomba/components/pomba-networkdiscoveryctxbuilder/templates/service.yaml @@ -0,0 +1,43 @@ +{{/* +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort }} + #Example internal target port if required + #targetPort: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName | default "http" }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName | default "http" }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ include "common.release" . }} diff --git a/kubernetes/pomba/components/pomba-networkdiscoveryctxbuilder/values.yaml b/kubernetes/pomba/components/pomba-networkdiscoveryctxbuilder/values.yaml new file mode 100644 index 0000000000..3fa4b8b25e --- /dev/null +++ b/kubernetes/pomba/components/pomba-networkdiscoveryctxbuilder/values.yaml @@ -0,0 +1,117 @@ +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + +################################################################# +# Application configuration defaults. +################################################################# +# application image +image: onap/pomba-network-discovery-context-builder:1.5.1 +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration +# Example: +config: + # Network Discovery Context Builder REST Service + networkDiscoveryCtxBuilderHttpProtocol: http + networkDiscoveryCtxBuilderPort: 9530 + networkDiscoveryCtxBuilderUserId: admin + networkDiscoveryCtxBuilderPassword: OBF:1u2a1toa1w8v1tok1u30 + networkDiscoveryCtxBuilderResourceList: vnfcs,vservers,l3-networks + + # Service Decomposition REST Client Configuration + serviceDecompositionHttpProtocol: http + serviceDecompositionServiceName: pomba-servicedecomposition + serviceDecompositionPort: 9532 + serviceDecompositionInstancePath: /service-decomposition/service/context + #Basic Authorization Client credentials for Service Decomposition REST service + serviceDecompositionUserId: admin + serviceDecompositionPassword: OBF:1u2a1toa1w8v1tok1u30 + + # Network Discovery Micro Service REST Client Configuration + networkDiscoveryServiceName: pomba-networkdiscovery + networkDiscoveryPort: 9531 + networkDiscoveryHttpProtocol: https + networkDiscoveryPath: /network-discovery/v1/network/resource + # Wait for Network Discovery MicroService response in milliseconds + networkDiscoveryTimeOutInMilliseconds: 60000 + # Basic Authorization credentials for Network Discovery Micro Service Rest Service + networkDiscoveryUserId: admin + networkDiscoveryPassword: OBF:1u2a1toa1w8v1tok1u30 + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 30 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 30 + periodSeconds: 10 + +#Example service definition with external, internal and node ports. +service: + # The default service name (exposed in the service.yaml) will be the same + # name as the chart. If the service name needs to be overriden (such as + # when a subchart is shared), uncomment the value below. + #name: <service-name-override> + + #Services may use any combination of ports depending on the 'type' of + #service being defined. + type: ClusterIP + externalPort: 9530 + internalPort: 8080 +# nodePort: <replace with unused node port suffix eg. 23> + # optional port name override - default can be defined in service.yaml + #portName: http + +ingress: + enabled: false + +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 1 + memory: 800Mi + requests: + cpu: 100m + memory: 400Mi + large: + limits: + cpu: 2 + memory: 1600Mi + requests: + cpu: 200m + memory: 800Mi + unlimited: {} diff --git a/kubernetes/pomba/components/pomba-sdcctxbuilder/.helmignore b/kubernetes/pomba/components/pomba-sdcctxbuilder/.helmignore new file mode 100644 index 0000000000..f0c1319444 --- /dev/null +++ b/kubernetes/pomba/components/pomba-sdcctxbuilder/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/kubernetes/pomba/components/pomba-sdcctxbuilder/Chart.yaml b/kubernetes/pomba/components/pomba-sdcctxbuilder/Chart.yaml new file mode 100644 index 0000000000..c75c5a2c8f --- /dev/null +++ b/kubernetes/pomba/components/pomba-sdcctxbuilder/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: ONAP POMBA SDC Context Builder +name: pomba-sdcctxbuilder +version: 6.0.0 diff --git a/kubernetes/pomba/components/pomba-sdcctxbuilder/requirements.yaml b/kubernetes/pomba/components/pomba-sdcctxbuilder/requirements.yaml new file mode 100644 index 0000000000..fbe51550f0 --- /dev/null +++ b/kubernetes/pomba/components/pomba-sdcctxbuilder/requirements.yaml @@ -0,0 +1,21 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~6.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~6.x-0 + repository: '@local' diff --git a/kubernetes/pomba/components/pomba-sdcctxbuilder/resources/config/README.txt b/kubernetes/pomba/components/pomba-sdcctxbuilder/resources/config/README.txt new file mode 100644 index 0000000000..5cc01497f5 --- /dev/null +++ b/kubernetes/pomba/components/pomba-sdcctxbuilder/resources/config/README.txt @@ -0,0 +1,10 @@ +This directory contains all external configuration files that +need to be mounted into an application container. + +See the configmap.yaml in the templates directory for an example +of how to load (ie map) config files from this directory, into +Kubernetes, for distribution within the k8s cluster. + +See deployment.yaml in the templates directory for an example +of how the 'config mapped' files are then mounted into the +containers. diff --git a/kubernetes/pomba/components/pomba-sdcctxbuilder/resources/config/application.properties b/kubernetes/pomba/components/pomba-sdcctxbuilder/resources/config/application.properties new file mode 100644 index 0000000000..cfa618dad9 --- /dev/null +++ b/kubernetes/pomba/components/pomba-sdcctxbuilder/resources/config/application.properties @@ -0,0 +1,59 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +spring.jersey.type=filter +spring.mvc.urls=swagger,docs,prometheus,auditevents,info,heapdump,autoconfig,beans,loggers,dump,env,trace,health,configprops,mappings,metrics,webjars + +server.contextPath=/sdccontextbuilder +spring.autoconfigure.exclude=org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration,org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration + +#This property is used to set the Tomcat connector attributes.developers can define multiple attributes separated by comma +#tomcat.connector.attributes=allowTrace-true +#The max number of active threads in this pool +server.tomcat.max-threads=200 +#The minimum number of threads always kept alive +server.tomcat.min-Spare-Threads=25 +#server.port=9191 + +#The number of milliseconds before an idle thread shutsdown, unless the number of active threads are less or equal to minSpareThreads +server.tomcat.max-idle-time=60000 + +#Application properties +sdcConnect.username={{ .Values.config.sdcUsername }} +sdcConnect.password={{ .Values.config.sdcPassword }} +sdcConnect.consumerID={{ .Values.config.sdcConsumerId }} +sdcConnect.sdcAddress={{ .Values.config.sdcServiceName }}.{{.Release.Namespace}}:{{ .Values.config.sdcPort }} + +# Minimum timeout value is 15 seconds; default is 120000s +sdcConnect.timeout.seconds=60000 + +# {0} = UUID +sdc.url.template=/sdc/v1/catalog/services/{0}/toscaModel +sdc.artifact.type=TOSCA_CSAR + +# Intended name for downloaded temporary CSAR files: csar-[UUID].zip +# Only .zip and .csar are accepted extensions, default is .zip +sdc.csar.file.prefix=csar- +sdc.csar.file.suffix=.zip + +# HTTP Basic Authorization credentials for Rest Service API +http.userId={{ .Values.config.sdcCtxBuilderUserId }} +http.password={{ .Values.config.sdcCtxBuilderPassword }} + +#Servlet context parameters +server.context_parameters.p-name=value #context parameter with p-name as key and value as value. + +#test.tosca.csar.file=\\config\\toscaModel.csar.zip diff --git a/kubernetes/pomba/components/pomba-sdcctxbuilder/resources/config/logback.xml b/kubernetes/pomba/components/pomba-sdcctxbuilder/resources/config/logback.xml new file mode 100644 index 0000000000..0a4b616453 --- /dev/null +++ b/kubernetes/pomba/components/pomba-sdcctxbuilder/resources/config/logback.xml @@ -0,0 +1,31 @@ +<configuration > + <property name="p_tim" value="%d{"yyyy-MM-dd'T'HH:mm:ss.SSSXXX", UTC}"/> + <property name="p_lvl" value="%level"/> + <property name="p_log" value="%logger"/> + <property name="p_mdc" value="%replace(%replace(%mdc){'\t','\\\\t'}){'\n', '\\\\n'}"/> + <property name="p_msg" value="%replace(%replace(%msg){'\t', '\\\\t'}){'\n','\\\\n'}"/> + <property name="p_exc" value="%replace(%replace(%rootException){'\t', '\\\\t'}){'\n','\\\\n'}"/> + <!-- tabs --> + <property name="p_mak" value="%replace(%replace(%marker){'\t', '\\\\t'}){'\n','\\\\n'}"/> + <property name="p_thr" value="%thread"/> + <property name="pattern" value="%nopexception${p_tim}\t${p_thr}\t${p_lvl}\t${p_log}\t${p_mdc}\t${p_msg}\t${p_exc}\t${p_mak}\t%n"/> + <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> + <encoder> + <pattern>${pattern}</pattern> + </encoder> + </appender> + <appender name="FILE" class="ch.qos.logback.core.FileAppender"> + <file>/opt/app/logs/EELF/output.log</file> + <encoder> + <pattern>${pattern}</pattern> + </encoder> + </appender> + <logger level="INFO" name="org.onap.logging.ref.slf4j" additivity="false"> + <appender-ref ref="STDOUT" /> + <appender-ref ref="FILE" /> + </logger> + <root level="info"> + <appender-ref ref="STDOUT" /> + <appender-ref ref="FILE" /> + </root> +</configuration> diff --git a/kubernetes/pomba/components/pomba-sdcctxbuilder/templates/configmap.yaml b/kubernetes/pomba/components/pomba-sdcctxbuilder/templates/configmap.yaml new file mode 100644 index 0000000000..ab79c5c24f --- /dev/null +++ b/kubernetes/pomba/components/pomba-sdcctxbuilder/templates/configmap.yaml @@ -0,0 +1,31 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-configmap + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/application.properties").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-log + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/logback.xml").AsConfig . | indent 2 }}
\ No newline at end of file diff --git a/kubernetes/pomba/components/pomba-sdcctxbuilder/templates/deployment.yaml b/kubernetes/pomba/components/pomba-sdcctxbuilder/templates/deployment.yaml new file mode 100644 index 0000000000..67be143cd9 --- /dev/null +++ b/kubernetes/pomba/components/pomba-sdcctxbuilder/templates/deployment.yaml @@ -0,0 +1,117 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ include "common.release" . }} + spec: + containers: + - name: {{ include "common.name" . }} + image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.internalPort }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{ if .Values.liveness.enabled }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end }} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + env: + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /opt/app/config/application.properties + name: {{ include "common.fullname" . }}-config + subPath: application.properties + readOnly: true + - name: {{ include "common.fullname" . }}-logs + mountPath: /opt/app/logs + readOnly: false + - mountPath: /opt/app/config/logback.xml + name: {{ include "common.fullname" . }}-log-conf + subPath: logback.xml + - name: {{ include "common.fullname" . }}-logs-eelf + mountPath: /opt/app/logs/EELF + readOnly: false + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + + # Filebeat sidecar container + - name: {{ include "common.name" . }}-filebeat-onap + image: {{ include "repositoryGenerator.image.logging" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - name: {{ include "common.fullname" . }}-filebeat-conf + mountPath: /usr/share/filebeat/filebeat.yml + subPath: filebeat.yml + - name: {{ include "common.fullname" . }}-data-filebeat + mountPath: /usr/share/filebeat/data + - name: {{ include "common.fullname" . }}-logs + mountPath: /opt/app/logs + + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: {{ include "common.fullname" . }}-config + configMap: + name: {{ include "common.fullname" . }}-configmap + - name: {{ include "common.fullname" . }}-logs + emptyDir: {} + - name: {{ include "common.fullname" . }}-log-conf + configMap: + name: {{ include "common.fullname" . }}-log + - name: {{ include "common.fullname" . }}-filebeat-conf + configMap: + name: {{ include "common.release" . }}-pomba-filebeat-configmap + - name: {{ include "common.fullname" . }}-data-filebeat + emptyDir: {} + - name: {{ include "common.fullname" . }}-logs-eelf + emptyDir: {} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/pomba/components/pomba-sdcctxbuilder/templates/service.yaml b/kubernetes/pomba/components/pomba-sdcctxbuilder/templates/service.yaml new file mode 100644 index 0000000000..8647447dc1 --- /dev/null +++ b/kubernetes/pomba/components/pomba-sdcctxbuilder/templates/service.yaml @@ -0,0 +1,43 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort }} + #Example internal target port if required + #targetPort: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName | default "http" }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName | default "http" }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ include "common.release" . }} diff --git a/kubernetes/pomba/components/pomba-sdcctxbuilder/values.yaml b/kubernetes/pomba/components/pomba-sdcctxbuilder/values.yaml new file mode 100644 index 0000000000..b9502d88c9 --- /dev/null +++ b/kubernetes/pomba/components/pomba-sdcctxbuilder/values.yaml @@ -0,0 +1,100 @@ +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + +################################################################# +# Application configuration defaults. +################################################################# +# application image +image: onap/pomba-sdc-context-builder:1.5.1 +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration +# Example: +config: + #Application properties + sdcUsername: pomba + sdcPassword: OBF:1ks51l8d1o3i1pcc1r2r1e211r391kls1pyj1z7u1njf1lx51go21hnj1y0k1mli1sop1k8o1j651vu91mxw1vun1mze1vv11j8x1k5i1sp11mjc1y161hlr1gm41m111nkj1z781pw31kku1r4p1e391r571pbm1o741l4x1ksp + sdcConsumerId: pomba + sdcServiceName: sdc-be + sdcPort: 8443 + # HTTP Basic Authorization credentials for Rest Service API + sdcCtxBuilderUserId: admin + sdcCtxBuilderPassword: OBF:1u2a1toa1w8v1tok1u30 + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 30 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 30 + periodSeconds: 10 + +#Example service definition with external, internal and node ports. +service: + # The default service name (exposed in the service.yaml) will be the same + # name as the chart. If the service name needs to be overriden (such as + # when a subchart is shared), uncomment the value below. + #name: <service-name-override> + + #Services may use any combination of ports depending on the 'type' of + #service being defined. + type: ClusterIP + externalPort: 9530 + internalPort: 8080 +# nodePort: <replace with unused node port suffix eg. 23> + # optional port name override - default can be defined in service.yaml + #portName: http + +ingress: + enabled: false + +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 1 + memory: 800Mi + requests: + cpu: 100m + memory: 400Mi + large: + limits: + cpu: 2 + memory: 1600Mi + requests: + cpu: 200m + memory: 800Mi + unlimited: {} diff --git a/kubernetes/pomba/components/pomba-sdncctxbuilder/.helmignore b/kubernetes/pomba/components/pomba-sdncctxbuilder/.helmignore new file mode 100644 index 0000000000..f0c1319444 --- /dev/null +++ b/kubernetes/pomba/components/pomba-sdncctxbuilder/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/kubernetes/pomba/components/pomba-sdncctxbuilder/Chart.yaml b/kubernetes/pomba/components/pomba-sdncctxbuilder/Chart.yaml new file mode 100644 index 0000000000..edd2385f55 --- /dev/null +++ b/kubernetes/pomba/components/pomba-sdncctxbuilder/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: ONAP POMBA SDNC Context Builder +name: pomba-sdncctxbuilder +version: 6.0.0 diff --git a/kubernetes/pomba/components/pomba-sdncctxbuilder/requirements.yaml b/kubernetes/pomba/components/pomba-sdncctxbuilder/requirements.yaml new file mode 100644 index 0000000000..fbe51550f0 --- /dev/null +++ b/kubernetes/pomba/components/pomba-sdncctxbuilder/requirements.yaml @@ -0,0 +1,21 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~6.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~6.x-0 + repository: '@local' diff --git a/kubernetes/pomba/components/pomba-sdncctxbuilder/resources/config/application.properties b/kubernetes/pomba/components/pomba-sdncctxbuilder/resources/config/application.properties new file mode 100644 index 0000000000..f95fa85fc1 --- /dev/null +++ b/kubernetes/pomba/components/pomba-sdncctxbuilder/resources/config/application.properties @@ -0,0 +1,73 @@ +{{/* +# Copyright © 2019 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License +*/}} + +spring.jersey.type=filter +spring.mvc.urls=swagger,docs,prometheus,auditevents,info,heapdump,autoconfig,beans,loggers,dump,env,trace,health,configprops,mappings,metrics,webjars +camel.springboot.xmlRoutes = file:config/dynamic/routes/*.route +service.xml.beans = config/dynamic/conf/*.xml + +server.contextPath=/sdnccontextbuilder +spring.autoconfigure.exclude=org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration,org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration + +#This property is used to set the Tomcat connector attributes.developers can define multiple attributes separated by comma +#tomcat.connector.attributes=allowTrace-true +#The max number of active threads in this pool +server.tomcat.max-threads=200 +#The minimum number of threads always kept alive +server.tomcat.min-spare-threads=25 + +# Basic Authorization credentials for SDNC Context Builder REST Service +sdncCtxBuilder.userId={{ .Values.config.sdncCtxBuilderUserId }} +sdncCtxBuilder.password={{ .Values.config.sdncCtxBuilderPassword }} + +# AAI REST Client Configuration +aai.serviceName={{ .Values.config.aaiServiceName }}.{{.Release.Namespace}} +aai.servicePort={{ .Values.config.aaiPort }} +# AAI APIs authentication mode. Valid values: [basic_auth, client_cert] +aai.authentication=basic_auth +aai.trustStorePath=n/a +aai.keyStorePath=n/a +aai.keyStorePassword=n/a +aai.username={{ .Values.config.aaiUsername }} +aai.password={{ .Values.config.aaiPassword }} +aai.httpProtocol={{ .Values.config.aaiHttpProtocol }} +aai.authentication={{ .Values.config.aaiAuthentication }} +aai.trustStorePath={{ .Values.config.aaiTrustStorePath }} +aai.keyStorePath={{ .Values.config.aaiKeyStorePath }} +aai.keyStorePassword={{ .Values.config.aaiKeyStorePassword }} +aai.connectionTimeout={{ .Values.config.aaiConnectionTimeout }} +aai.readTimeout={{ .Values.config.aaiReadTimeout }} + +# HTTP Basic Authorization credentials for AAI Rest Service API +aai.http.userId={{ .Values.config.aaiHttpUserId }} +aai.http.password={{ .Values.config.aaiHttpPassword }} + +aai.serviceInstanceQuery=/aai/v13/nodes/service-instance/{0} + +# SDNC REST Client Configuration +sdnc.serviceName={{ .Values.config.sdncServiceName }}.{{.Release.Namespace}} +sdnc.servicePort={{ .Values.config.sdncPort }} +sdnc.user={{ .Values.config.sdncUsername }} +sdnc.password={{ .Values.config.sdncPassword }} +sdnc.httpProtocol={{ .Values.config.sdncHttpProtocol }} +sdnc.connectionTimeout={{ .Values.config.sdncConnectionTimeout }} +sdnc.readTimeout={{ .Values.config.sdncReadTimeout }} +sdnc.genericResourcePath=/restconf/config/GENERIC-RESOURCE-API:services/service/{0} +sdnc.portMirrorResourcePath=/restconf/config/GENERIC-RESOURCE-API:port-mirror-configurations/port-mirror-configuration/{0}/configuration-data/configuration-operation-information/port-mirror-configuration-request-input +sdnc.vnfPath=/restconf/config/VNF-API:vnfs/vnf-list/{0} + +#Servlet context parameters +server.context_parameters.p-name=value #context parameter with p-name as key and value as value. diff --git a/kubernetes/pomba/components/pomba-sdncctxbuilder/resources/config/logback.xml b/kubernetes/pomba/components/pomba-sdncctxbuilder/resources/config/logback.xml new file mode 100644 index 0000000000..0a4b616453 --- /dev/null +++ b/kubernetes/pomba/components/pomba-sdncctxbuilder/resources/config/logback.xml @@ -0,0 +1,31 @@ +<configuration > + <property name="p_tim" value="%d{"yyyy-MM-dd'T'HH:mm:ss.SSSXXX", UTC}"/> + <property name="p_lvl" value="%level"/> + <property name="p_log" value="%logger"/> + <property name="p_mdc" value="%replace(%replace(%mdc){'\t','\\\\t'}){'\n', '\\\\n'}"/> + <property name="p_msg" value="%replace(%replace(%msg){'\t', '\\\\t'}){'\n','\\\\n'}"/> + <property name="p_exc" value="%replace(%replace(%rootException){'\t', '\\\\t'}){'\n','\\\\n'}"/> + <!-- tabs --> + <property name="p_mak" value="%replace(%replace(%marker){'\t', '\\\\t'}){'\n','\\\\n'}"/> + <property name="p_thr" value="%thread"/> + <property name="pattern" value="%nopexception${p_tim}\t${p_thr}\t${p_lvl}\t${p_log}\t${p_mdc}\t${p_msg}\t${p_exc}\t${p_mak}\t%n"/> + <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> + <encoder> + <pattern>${pattern}</pattern> + </encoder> + </appender> + <appender name="FILE" class="ch.qos.logback.core.FileAppender"> + <file>/opt/app/logs/EELF/output.log</file> + <encoder> + <pattern>${pattern}</pattern> + </encoder> + </appender> + <logger level="INFO" name="org.onap.logging.ref.slf4j" additivity="false"> + <appender-ref ref="STDOUT" /> + <appender-ref ref="FILE" /> + </logger> + <root level="info"> + <appender-ref ref="STDOUT" /> + <appender-ref ref="FILE" /> + </root> +</configuration> diff --git a/kubernetes/pomba/components/pomba-sdncctxbuilder/templates/configmap.yaml b/kubernetes/pomba/components/pomba-sdncctxbuilder/templates/configmap.yaml new file mode 100644 index 0000000000..d0e26326ce --- /dev/null +++ b/kubernetes/pomba/components/pomba-sdncctxbuilder/templates/configmap.yaml @@ -0,0 +1,32 @@ +{{/* +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +*/}} + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-log + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/logback.xml").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-configmap + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/application.properties").AsConfig . | indent 2 }} diff --git a/kubernetes/pomba/components/pomba-sdncctxbuilder/templates/deployment.yaml b/kubernetes/pomba/components/pomba-sdncctxbuilder/templates/deployment.yaml new file mode 100644 index 0000000000..0bb855b6ce --- /dev/null +++ b/kubernetes/pomba/components/pomba-sdncctxbuilder/templates/deployment.yaml @@ -0,0 +1,117 @@ +{{/* +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ include "common.release" . }} + spec: + containers: + - name: {{ include "common.name" . }} + image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.internalPort }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{ if .Values.liveness.enabled }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end }} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + env: + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - name: {{ include "common.fullname" . }}-logs + mountPath: /opt/app/logs + readOnly: false + - mountPath: /opt/app/config/logback.xml + name: {{ include "common.fullname" . }}-log-conf + subPath: logback.xml + - name: {{ include "common.fullname" . }}-logs-eelf + mountPath: /opt/app/logs/EELF + readOnly: false + - mountPath: /opt/app/config/application.properties + name: {{ include "common.fullname" . }}-config + subPath: application.properties + readOnly: true + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + + # Filebeat sidecar container + - name: {{ include "common.name" . }}-filebeat-onap + image: {{ include "repositoryGenerator.image.logging" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - name: {{ include "common.fullname" . }}-filebeat-conf + mountPath: /usr/share/filebeat/filebeat.yml + subPath: filebeat.yml + - name: {{ include "common.fullname" . }}-data-filebeat + mountPath: /usr/share/filebeat/data + - name: {{ include "common.fullname" . }}-logs + mountPath: /opt/app/logs + + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: {{ include "common.fullname" . }}-config + configMap: + name: {{ include "common.fullname" . }}-configmap + - name: {{ include "common.fullname" . }}-log-conf + configMap: + name: {{ include "common.fullname" . }}-log + - name: {{ include "common.fullname" . }}-filebeat-conf + configMap: + name: {{ include "common.release" . }}-pomba-filebeat-configmap + - name: {{ include "common.fullname" . }}-data-filebeat + emptyDir: {} + - name: {{ include "common.fullname" . }}-logs + emptyDir: {} + - name: {{ include "common.fullname" . }}-logs-eelf + emptyDir: {} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/pomba/components/pomba-sdncctxbuilder/templates/service.yaml b/kubernetes/pomba/components/pomba-sdncctxbuilder/templates/service.yaml new file mode 100644 index 0000000000..2ebd6758a0 --- /dev/null +++ b/kubernetes/pomba/components/pomba-sdncctxbuilder/templates/service.yaml @@ -0,0 +1,43 @@ +{{/* +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort }} + #Example internal target port if required + #targetPort: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName | default "http" }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName | default "http" }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ include "common.release" . }} diff --git a/kubernetes/pomba/components/pomba-sdncctxbuilder/values.yaml b/kubernetes/pomba/components/pomba-sdncctxbuilder/values.yaml new file mode 100644 index 0000000000..0c8814c6a3 --- /dev/null +++ b/kubernetes/pomba/components/pomba-sdncctxbuilder/values.yaml @@ -0,0 +1,117 @@ +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + +################################################################# +# Application configuration defaults. +################################################################# +# application image +image: onap/pomba-sdnc-context-builder:1.5.1 +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration +# Example: +config: + # AAI Rest Client Connection + aaiServiceName: aai + aaiPort: 8443 + aaiUsername: AAI + aaiPassword: OBF:1gfr1ev31gg7 + aaiHttpProtocol: https + aaiAuthentication: basic_auth + aaiTrustStorePath: n/a + aaiKeyStorePath: n/a + aaiKeyStorePassword: n/a + aaiConnectionTimeout: 5000 + aaiReadTimeout: 5000 + # HTTP Basic Authorization credentials for Rest Service API + aaiHttpUserId: admin + aaiHttpPassword: OBF:1u2a1toa1w8v1tok1u30 + sdncCtxBuilderUserId: admin + sdncCtxBuilderPassword: OBF:1u2a1toa1w8v1tok1u30 + + # SDNC Rest Client Connection + sdncServiceName: sdnc + sdncPort: 8282 + sdncUsername: admin + sdncPassword: OBF:1ks51l8d1o3i1pcc1r2r1e211r391kls1pyj1z7u1njf1lx51go21hnj1y0k1mli1sop1k8o1j651vu91mxw1vun1mze1vv11j8x1k5i1sp11mjc1y161hlr1gm41m111nkj1z781pw31kku1r4p1e391r571pbm1o741l4x1ksp + sdncHttpProtocol: http + sdncConnectionTimeout: 5000 + sdncReadTimeout: 5000 + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 60 + periodSeconds: 30 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 60 + periodSeconds: 30 + +#Example service definition with external, internal and node ports. +service: + # The default service name (exposed in the service.yaml) will be the same + # name as the chart. If the service name needs to be overriden (such as + # when a subchart is shared), uncomment the value below. + #name: <service-name-override> + + #Services may use any combination of ports depending on the 'type' of + #service being defined. + type: ClusterIP + externalPort: 9530 + internalPort: 8080 +# nodePort: <replace with unused node port suffix eg. 23> + # optional port name override - default can be defined in service.yaml + #portName: http + +ingress: + enabled: false + +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 1 + memory: 800Mi + requests: + cpu: 100m + memory: 400Mi + large: + limits: + cpu: 2 + memory: 1600Mi + requests: + cpu: 200m + memory: 800Mi + unlimited: {} diff --git a/kubernetes/pomba/components/pomba-search-data/.helmignore b/kubernetes/pomba/components/pomba-search-data/.helmignore new file mode 100644 index 0000000000..f0c1319444 --- /dev/null +++ b/kubernetes/pomba/components/pomba-search-data/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/kubernetes/pomba/components/pomba-search-data/Chart.yaml b/kubernetes/pomba/components/pomba-search-data/Chart.yaml new file mode 100644 index 0000000000..5f3bc0ae79 --- /dev/null +++ b/kubernetes/pomba/components/pomba-search-data/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License + +apiVersion: v1 +description: ONAP POMBA search-data +name: pomba-search-data +version: 6.0.0 diff --git a/kubernetes/pomba/components/pomba-search-data/requirements.yaml b/kubernetes/pomba/components/pomba-search-data/requirements.yaml new file mode 100644 index 0000000000..fbe51550f0 --- /dev/null +++ b/kubernetes/pomba/components/pomba-search-data/requirements.yaml @@ -0,0 +1,21 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~6.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~6.x-0 + repository: '@local' diff --git a/kubernetes/pomba/components/pomba-search-data/resources/config/analysis-config.json b/kubernetes/pomba/components/pomba-search-data/resources/config/analysis-config.json new file mode 100644 index 0000000000..0927d98748 --- /dev/null +++ b/kubernetes/pomba/components/pomba-search-data/resources/config/analysis-config.json @@ -0,0 +1,31 @@ +[{ + "name": "whitespace_analyzer", + "description": "A standard whitespace analyzer.", + "behaviours": [ + "Tokenize the text using white space characters as delimeters.", + "Convert all characters to lower case.", + "Convert all alphanumeric and symbolic Unicode characters above the first 127 ASCII characters into their ASCII equivalents." + ], + "tokenizer": "whitespace", + "filters": [ + "lowercase", + "asciifolding" + ] + }, + { + "name": "ngram_analyzer", + "description": "An analyzer which performs ngram filtering on the data stream.", + "behaviours": [ + "Tokenize the text using white space characters as delimeters.", + "Convert all characters to lower case.", + "Convert all alphanumeric and symbolic Unicode characters above the first 127 ASCII characters into their ASCII equivalents.", + "Apply ngram filtering using the following values for minimum and maximum size in codepoints of a single n-gram: minimum = 1, maximum = 2." + ], + "tokenizer": "whitespace", + "filters": [ + "lowercase", + "asciifolding", + "ngram_filter" + ] + } +]
\ No newline at end of file diff --git a/kubernetes/pomba/components/pomba-search-data/resources/config/auth/search_policy.json b/kubernetes/pomba/components/pomba-search-data/resources/config/auth/search_policy.json new file mode 100644 index 0000000000..00a6de5f4a --- /dev/null +++ b/kubernetes/pomba/components/pomba-search-data/resources/config/auth/search_policy.json @@ -0,0 +1,24 @@ +{ + "roles": [{ + "name": "admin", + "functions": [{ + "name": "search", + "methods": [{ + "name": "GET" + }, + { + "name": "DELETE" + }, + { + "name": "PUT" + }, + { + "name": "POST" + } + ] + }], + "users": [{ + "username": "CN=ONAP, OU=ONAP, O=ONAP, L=Ottawa, ST=Ontario, C=CA" + }] + }] +}
\ No newline at end of file diff --git a/kubernetes/pomba/components/pomba-search-data/resources/config/auth/tomcat_keystore b/kubernetes/pomba/components/pomba-search-data/resources/config/auth/tomcat_keystore Binary files differnew file mode 100644 index 0000000000..9eec841aa2 --- /dev/null +++ b/kubernetes/pomba/components/pomba-search-data/resources/config/auth/tomcat_keystore diff --git a/kubernetes/pomba/components/pomba-search-data/resources/config/dynamic-custom-template.json b/kubernetes/pomba/components/pomba-search-data/resources/config/dynamic-custom-template.json new file mode 100644 index 0000000000..0bd8686f85 --- /dev/null +++ b/kubernetes/pomba/components/pomba-search-data/resources/config/dynamic-custom-template.json @@ -0,0 +1,10 @@ +"dynamic_templates": [{ + "strings": { + "match_mapping_type": "string", + "match": "*", + "mapping": { + "type": "text", + "fielddata": true + } + } +}],
\ No newline at end of file diff --git a/kubernetes/pomba/components/pomba-search-data/resources/config/elastic-search.properties b/kubernetes/pomba/components/pomba-search-data/resources/config/elastic-search.properties new file mode 100644 index 0000000000..a42eb427bb --- /dev/null +++ b/kubernetes/pomba/components/pomba-search-data/resources/config/elastic-search.properties @@ -0,0 +1,7 @@ +{{/* +# ElasticSearch Configuration +*/}} + +es.cluster-name=POMBA_ES +es.ip-address=pomba-es.{{.Release.Namespace}} +es.http-port={{.Values.config.elasticsearchHttpPort}} diff --git a/kubernetes/pomba/components/pomba-search-data/resources/config/es-payload-translation.json b/kubernetes/pomba/components/pomba-search-data/resources/config/es-payload-translation.json new file mode 100644 index 0000000000..58ed8f6428 --- /dev/null +++ b/kubernetes/pomba/components/pomba-search-data/resources/config/es-payload-translation.json @@ -0,0 +1,16 @@ +{ + "attr-translations": [ + { + "query": "$..[?(@.type=='string' && @.index=='analyzed')]", + "update": {"type": "text", "index": true, "fielddata": true} + }, + { + "query": "$..[?(@.type=='string' && @.index=='not_analyzed')]", + "update": {"type": "keyword", "index": true} + }, + { + "query": "$..[?(@.type=='string' && !@.index)]", + "update": {"type": "text", "fielddata": true} + } + ] +}
\ No newline at end of file diff --git a/kubernetes/pomba/components/pomba-search-data/resources/config/filter-config.json b/kubernetes/pomba/components/pomba-search-data/resources/config/filter-config.json new file mode 100644 index 0000000000..5f9120e889 --- /dev/null +++ b/kubernetes/pomba/components/pomba-search-data/resources/config/filter-config.json @@ -0,0 +1,5 @@ +[{ + "name": "ngram_filter", + "description": "Custom NGram Filter.", + "configuration": " \"type\": \"nGram\", \"min_gram\": 1, \"max_gram\": 50, \"token_chars\": [ \"letter\", \"digit\", \"punctuation\", \"symbol\" ]" +}]
\ No newline at end of file diff --git a/kubernetes/pomba/components/pomba-search-data/resources/config/log/logback.xml b/kubernetes/pomba/components/pomba-search-data/resources/config/log/logback.xml new file mode 100644 index 0000000000..f84d1bbbb0 --- /dev/null +++ b/kubernetes/pomba/components/pomba-search-data/resources/config/log/logback.xml @@ -0,0 +1,170 @@ +<configuration scan="true" scanPeriod="3 seconds" debug="false"> + <!--<jmxConfigurator /> --> + <!-- directory path for all other type logs --> + + <property name="logDir" value="/var/log/onap" /> + + + <!-- specify the component name + <ECOMP-component-name>::= "MSO" | "DCAE" | "ASDC " | "AAI" |"Policy" | "SDNC" | "AC" --> + <property name="componentName" value="AAI-SDB"></property> + + <!-- default eelf log file names --> + <property name="generalLogName" value="error" /> + <property name="metricsLogName" value="metrics" /> + <property name="auditLogName" value="audit" /> + <property name="debugLogName" value="debug" /> + + <property name="errorLogPattern" value="%d{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}|%mdc{RequestId}|%thread|SearchDataService|%mdc{PartnerName}|%logger||%.-5level|%msg%n" /> + <property name="auditMetricPattern" value="%m%n" /> + + <property name="logDirectory" value="${logDir}/${componentName}" /> + + <!-- Example evaluator filter applied against console appender --> + <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> + <encoder> + <pattern>${errorLogPattern}</pattern> + </encoder> + </appender> + + <!-- ============================================================================ --> + <!-- EELF Appenders --> + <!-- ============================================================================ --> + + <!-- The EELFAppender is used to record events to the general application + log --> + + <appender name="EELF" class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/${generalLogName}.log</file> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/${generalLogName}.%d{yyyy-MM-dd}.log.zip + </fileNamePattern> + <maxHistory>60</maxHistory> + </rollingPolicy> + <encoder> + <pattern>${errorLogPattern}</pattern> + </encoder> + </appender> + <appender name="asyncEELF" class="ch.qos.logback.classic.AsyncAppender"> + <!-- deny all events with a level below INFO, that is TRACE and DEBUG --> + <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> + <level>INFO</level> + </filter> + <queueSize>256</queueSize> + <appender-ref ref="EELF" /> + </appender> + + + <!-- EELF Audit Appender. This appender is used to record audit engine + related logging events. The audit logger and appender are specializations + of the EELF application root logger and appender. This can be used to segregate + Policy engine events from other components, or it can be eliminated to record + these events as part of the application root log. --> + + <appender name="EELFAudit" class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/${auditLogName}.log</file> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.log.zip + </fileNamePattern> + <maxHistory>60</maxHistory> + </rollingPolicy> + <encoder> + <pattern>${auditMetricPattern}</pattern> + </encoder> + </appender> + <appender name="asyncEELFAudit" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>256</queueSize> + <appender-ref ref="EELFAudit" /> + </appender> + + <appender name="EELFMetrics" class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/${metricsLogName}.log</file> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.log.zip + </fileNamePattern> + <maxHistory>60</maxHistory> + </rollingPolicy> + <encoder> + <!-- <pattern>"%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - + %msg%n"</pattern> --> + <pattern>${auditMetricPattern}</pattern> + </encoder> + </appender> + + + <appender name="asyncEELFMetrics" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>256</queueSize> + <appender-ref ref="EELFMetrics"/> + </appender> + + <appender name="EELFDebug" class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/${debugLogName}.log</file> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.log.zip + </fileNamePattern> + <maxHistory>60</maxHistory> + </rollingPolicy> + <encoder> + <pattern>${errorLogPattern}</pattern> + </encoder> + </appender> + + <appender name="asyncEELFDebug" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>256</queueSize> + <appender-ref ref="EELFDebug" /> + <includeCallerData>false</includeCallerData> + </appender> + + + <!-- ============================================================================ --> + <!-- EELF loggers --> + <!-- ============================================================================ --> + <logger name="com.att.eelf" level="info" additivity="false"> + <appender-ref ref="asyncEELF" /> + <appender-ref ref="asyncEELFDebug" /> + </logger> + + <logger name="com.att.eelf.audit" level="info" additivity="false"> + <appender-ref ref="asyncEELFAudit" /> + </logger> + <logger name="com.att.eelf.metrics" level="info" additivity="false"> + <appender-ref ref="asyncEELFMetrics" /> + </logger> + + <!-- Spring related loggers --> + <logger name="org.springframework" level="WARN" /> + <logger name="org.springframework.beans" level="WARN" /> + <logger name="org.springframework.web" level="WARN" /> + <logger name="com.blog.spring.jms" level="WARN" /> + + <!-- SearchDB loggers --> + <logger name="org.openecomp.sa" level="INFO" /> + + <!-- Other Loggers that may help troubleshoot --> + <logger name="net.sf" level="WARN" /> + <logger name="org.apache.commons.httpclient" level="WARN" /> + <logger name="org.apache.commons" level="WARN" /> + <logger name="org.apache.coyote" level="WARN" /> + <logger name="org.apache.jasper" level="WARN" /> + + <!-- Camel Related Loggers (including restlet/servlet/jaxrs/cxf logging. + May aid in troubleshooting) --> + <logger name="org.apache.camel" level="WARN" /> + <logger name="org.apache.cxf" level="WARN" /> + <logger name="org.apache.camel.processor.interceptor" level="WARN" /> + <logger name="org.apache.cxf.jaxrs.interceptor" level="WARN" /> + <logger name="org.apache.cxf.service" level="WARN" /> + <logger name="org.restlet" level="WARN" /> + <logger name="org.apache.camel.component.restlet" level="WARN" /> + + <!-- logback internals logging --> + <logger name="ch.qos.logback.classic" level="WARN" /> + <logger name="ch.qos.logback.core" level="WARN" /> + + <root> + <appender-ref ref="asyncEELF" /> + <appender-ref ref="STDOUT" /> + <!-- <appender-ref ref="asyncEELFDebug" /> --> + </root> + +</configuration> diff --git a/kubernetes/pomba/components/pomba-search-data/templates/configmap.yaml b/kubernetes/pomba/components/pomba-search-data/templates/configmap.yaml new file mode 100644 index 0000000000..0715f0d51a --- /dev/null +++ b/kubernetes/pomba/components/pomba-search-data/templates/configmap.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-service-log + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/log/logback.xml").AsConfig . | indent 2 }} diff --git a/kubernetes/pomba/components/pomba-search-data/templates/deployment.yaml b/kubernetes/pomba/components/pomba-search-data/templates/deployment.yaml new file mode 100644 index 0000000000..08fc3e9148 --- /dev/null +++ b/kubernetes/pomba/components/pomba-search-data/templates/deployment.yaml @@ -0,0 +1,160 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + selector: + matchLabels: + app: {{ include "common.name" . }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ include "common.release" . }} + name: {{ include "common.name" . }} + spec: + initContainers: + - command: + - /app/ready.py + args: + - --container-name + - pomba-elasticsearch + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: {{ include "repositoryGenerator.image.readiness" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness + containers: + - name: {{ include "common.name" . }} + image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + env: + - name: CONFIG_HOME + value: /opt/app/search-data-service/config/ + - name: KEY_STORE_PASSWORD + value: {{ .Values.config.keyStorePassword }} + - name: KEY_MANAGER_PASSWORD + value: {{ .Values.config.keyManagerPassword }} + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /opt/app/search-data-service/config/filter-config.json + subPath: filter-config.json + name: {{ include "common.fullname" . }}-service-config + - mountPath: /opt/app/search-data-service/config/elastic-search.properties + subPath: elastic-search.properties + name: {{ include "common.fullname" . }}-service-config + - mountPath: /opt/app/search-data-service/config/analysis-config.json + subPath: analysis-config.json + name: {{ include "common.fullname" . }}-service-config + - mountPath: /opt/app/search-data-service/config/es-payload-translation.json + subPath: es-payload-translation.json + name: {{ include "common.fullname" . }}-service-config + - mountPath: /opt/app/search-data-service/config/dynamic-custom-template.json + subPath: dynamic-custom-template.json + name: {{ include "common.fullname" . }}-service-config + - mountPath: /opt/app/search-data-service/config/auth/tomcat_keystore + subPath: tomcat_keystore + name: {{ include "common.fullname" . }}-service-auth-config + - mountPath: /opt/app/search-data-service/config/auth/search_policy.json + subPath: search_policy.json + name: {{ include "common.fullname" . }}-search-policy-config + - mountPath: /var/log/onap + name: {{ include "common.fullname" . }}-service-logs + - mountPath: /opt/app/search-data-service/bundleconfig/etc/logback.xml + name: {{ include "common.fullname" . }}-service-log-conf + subPath: logback.xml + ports: + - containerPort: {{ .Values.service.internalPort }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + resources: +{{ include "common.resources" . | indent 10 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 8 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 8 }} + {{- end }} + + # side car containers + - name: filebeat-onap + image: {{ include "repositoryGenerator.image.logging" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - mountPath: /usr/share/filebeat/filebeat.yml + subPath: filebeat.yml + name: filebeat-conf + - mountPath: /var/log/onap + name: {{ include "common.fullname" . }}-service-logs + - mountPath: /usr/share/filebeat/data + name: {{ include "common.fullname" . }}-service-filebeat + + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: {{ include "common.fullname" . }}-service-config + configMap: + name: {{ include "common.fullname" . }} + - name: {{ include "common.fullname" . }}-service-auth-config + secret: + secretName: {{ include "common.fullname" . }}-keystone + - name: {{ include "common.fullname" . }}-search-policy-config + secret: + secretName: {{ include "common.fullname" . }}-policy + - name: filebeat-conf + configMap: + name: {{ include "common.release" . }}-pomba-filebeat-configmap + - name: {{ include "common.fullname" . }}-service-logs + emptyDir: {} + - name: {{ include "common.fullname" . }}-service-filebeat + emptyDir: {} + - name: {{ include "common.fullname" . }}-service-log-conf + configMap: + name: {{ include "common.fullname" . }}-service-log + restartPolicy: {{ .Values.global.restartPolicy | default .Values.restartPolicy }} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/pomba/components/pomba-search-data/templates/secret.yaml b/kubernetes/pomba/components/pomba-search-data/templates/secret.yaml new file mode 100644 index 0000000000..33b058fc8f --- /dev/null +++ b/kubernetes/pomba/components/pomba-search-data/templates/secret.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "common.fullname" . }}-keystone + namespace: {{ include "common.namespace" . }} +type: Opaque +data: +{{ tpl (.Files.Glob "resources/config/auth/tomcat_keystore").AsSecrets . | indent 2 }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "common.fullname" . }}-policy + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/auth/search_policy.json").AsSecrets . | indent 2 }} diff --git a/kubernetes/pomba/components/pomba-search-data/templates/service.yaml b/kubernetes/pomba/components/pomba-search-data/templates/service.yaml new file mode 100644 index 0000000000..c786a5a894 --- /dev/null +++ b/kubernetes/pomba/components/pomba-search-data/templates/service.yaml @@ -0,0 +1,24 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName }} + {{- else -}} + - port: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ include "common.release" . }} diff --git a/kubernetes/pomba/components/pomba-search-data/values.yaml b/kubernetes/pomba/components/pomba-search-data/values.yaml new file mode 100644 index 0000000000..a950750f85 --- /dev/null +++ b/kubernetes/pomba/components/pomba-search-data/values.yaml @@ -0,0 +1,65 @@ +# Default values for search-data. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. +global: # global defaults + nodePortPrefix: 302 + + +# application image +image: onap/search-data-service:1.3.1 +pullPolicy: Always +restartPolicy: Always + +# application configuration +config: + elasticsearchHttpPort: 9200 + keyStorePassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 + keyManagerPassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 + + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 30 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 30 + periodSeconds: 10 + +service: + type: ClusterIP + portName: pomba-search-data + internalPort: 9509 + +ingress: + enabled: false + +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 1 + memory: 1800Mi + requests: + cpu: 50m + memory: 900Mi + large: + limits: + cpu: 2 + memory: 3600Mi + requests: + cpu: 100m + memory: 1800Mi + unlimited: {} diff --git a/kubernetes/pomba/components/pomba-servicedecomposition/Chart.yaml b/kubernetes/pomba/components/pomba-servicedecomposition/Chart.yaml new file mode 100644 index 0000000000..d12b3f984d --- /dev/null +++ b/kubernetes/pomba/components/pomba-servicedecomposition/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2018 Amdocs
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+description: ONAP POMBA Network Discovery Service Decomposition
+name: pomba-servicedecomposition
+version: 6.0.0
diff --git a/kubernetes/pomba/components/pomba-servicedecomposition/requirements.yaml b/kubernetes/pomba/components/pomba-servicedecomposition/requirements.yaml new file mode 100644 index 0000000000..fbe51550f0 --- /dev/null +++ b/kubernetes/pomba/components/pomba-servicedecomposition/requirements.yaml @@ -0,0 +1,21 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~6.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~6.x-0 + repository: '@local' diff --git a/kubernetes/pomba/components/pomba-servicedecomposition/resources/config/application.properties b/kubernetes/pomba/components/pomba-servicedecomposition/resources/config/application.properties new file mode 100644 index 0000000000..d03f44a080 --- /dev/null +++ b/kubernetes/pomba/components/pomba-servicedecomposition/resources/config/application.properties @@ -0,0 +1,56 @@ +{{/* +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License +*/}} + +spring.jersey.type=filter +spring.mvc.urls=swagger,docs,prometheus,auditevents,info,heapdump,autoconfig,beans,loggers,dump,env,trace,health,configprops,mappings,metrics,webjars + + +server.contextPath=/service-decomposition +spring.autoconfigure.exclude=org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration,org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration + +#This property is used to set the Tomcat connector attributes.developers can define multiple attributes separated by comma +#tomcat.connector.attributes=allowTrace-true +#The max number of active threads in this pool +server.tomcat.max-threads=200 +#The minimum number of threads always kept alive +server.tomcat.min-Spare-Threads=25 +#The number of milliseconds before an idle thread shutsdown, unless the number of active threads are less or equal to minSpareThreads +server.tomcat.max-idle-time=60000 + +basicAuth.username={{ .Values.config.serviceDecompositionUserId }} +basicAuth.password={{ .Values.config.serviceDecompositionPassword }} + +# AAI REST Client Configuration +aai.serviceName={{ .Values.config.aaiServiceName }}.{{.Release.Namespace}} +aai.servicePort={{ .Values.config.aaiPort }} +# AAI APIs authentication mode. Valid values: [basic_auth, client_cert] +aai.authentication=basic_auth +aai.trustStorePath=n/a +aai.keyStorePath=n/a +aai.keyStorePassword=n/a +aai.username={{ .Values.config.aaiUsername }} +aai.password={{ .Values.config.aaiPassword }} +aai.httpProtocol={{ .Values.config.aaiHttpProtocol }} +aai.securityProtocol=TLS +aai.connectionTimeout=60000 +aai.readTimeout=60000 +aai.resourceList=vnfc,vserver,l3-network,pserver +aai.serviceInstancePath=/aai/v13/nodes/service-instance/{0} +aai.urlDepth=2 + +#Servlet context parameters +server.context_parameters.p-name=value #context parameter with p-name as key and value as value. + diff --git a/kubernetes/pomba/components/pomba-servicedecomposition/resources/config/log/logback.xml b/kubernetes/pomba/components/pomba-servicedecomposition/resources/config/log/logback.xml new file mode 100644 index 0000000000..3b02684b68 --- /dev/null +++ b/kubernetes/pomba/components/pomba-servicedecomposition/resources/config/log/logback.xml @@ -0,0 +1,31 @@ +<configuration> + <property name="p_tim" value="%d{"yyyy-MM-dd'T'HH:mm:ss.SSSXXX", UTC}"/> + <property name="p_lvl" value="%level"/> + <property name="p_log" value="%logger"/> + <property name="p_mdc" value="%replace(%replace(%mdc){'\t','\\\\t'}){'\n', '\\\\n'}"/> + <property name="p_msg" value="%replace(%replace(%msg){'\t', '\\\\t'}){'\n','\\\\n'}"/> + <property name="p_exc" value="%replace(%replace(%rootException){'\t', '\\\\t'}){'\n','\\\\n'}"/> + <!-- tabs --> + <property name="p_mak" value="%replace(%replace(%marker){'\t', '\\\\t'}){'\n','\\\\n'}"/> + <property name="p_thr" value="%thread"/> + <property name="pattern" value="%nopexception${p_tim}\t${p_thr}\t${p_lvl}\t${p_log}\t${p_mdc}\t${p_msg}\t${p_exc}\t${p_mak}\t%n"/> + <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> + <encoder> + <pattern>${pattern}</pattern> + </encoder> + </appender> + <appender name="FILE" class="ch.qos.logback.core.FileAppender"> + <file>logs/EELF/output.log</file> + <encoder> + <pattern>${pattern}</pattern> + </encoder> + </appender> + <logger level="INFO" name="org.onap.logging.ref.slf4j" additivity="false"> + <appender-ref ref="STDOUT" /> + <appender-ref ref="FILE" /> + </logger> + <root level="INFO"> + <appender-ref ref="STDOUT" /> + <appender-ref ref="FILE" /> + </root> +</configuration>
\ No newline at end of file diff --git a/kubernetes/pomba/components/pomba-servicedecomposition/templates/configmap.yaml b/kubernetes/pomba/components/pomba-servicedecomposition/templates/configmap.yaml new file mode 100644 index 0000000000..e2cb33c791 --- /dev/null +++ b/kubernetes/pomba/components/pomba-servicedecomposition/templates/configmap.yaml @@ -0,0 +1,32 @@ +{{/* +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +*/}} + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-log + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/log/logback.xml").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-configmap + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/application.properties").AsConfig . | indent 2 }} diff --git a/kubernetes/pomba/components/pomba-servicedecomposition/templates/deployment.yaml b/kubernetes/pomba/components/pomba-servicedecomposition/templates/deployment.yaml new file mode 100644 index 0000000000..d30e921e12 --- /dev/null +++ b/kubernetes/pomba/components/pomba-servicedecomposition/templates/deployment.yaml @@ -0,0 +1,113 @@ +{{/* +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ include "common.release" . }} + spec: + containers: + - name: {{ include "common.name" . }} + image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.internalPort }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{ if .Values.liveness.enabled }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end }} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + env: + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - name: {{ include "common.fullname" . }}-logs + mountPath: /var/log/onap + - mountPath: /opt/app/config/logback.xml + name: {{ include "common.fullname" . }}-log-conf + subPath: logback.xml + - mountPath: /opt/app/config/application.properties + name: {{ include "common.fullname" . }}-config + subPath: application.properties + readOnly: true + + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + + # Filebeat sidecar container + - name: {{ include "common.name" . }}-filebeat-onap + image: {{ include "repositoryGenerator.image.logging" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - name: {{ include "common.fullname" . }}-filebeat-conf + mountPath: /usr/share/filebeat/filebeat.yml + subPath: filebeat.yml + - name: {{ include "common.fullname" . }}-data-filebeat + mountPath: /usr/share/filebeat/data + - name: {{ include "common.fullname" . }}-logs + mountPath: /var/log/onap + + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: {{ include "common.fullname" . }}-logs + emptyDir: {} + - name: {{ include "common.fullname" . }}-log-conf + configMap: + name: {{ include "common.fullname" . }}-log + - name: {{ include "common.fullname" . }}-config + configMap: + name: {{ include "common.fullname" . }}-configmap + - name: {{ include "common.fullname" . }}-filebeat-conf + configMap: + name: {{ include "common.release" . }}-pomba-filebeat-configmap + - name: {{ include "common.fullname" . }}-data-filebeat + emptyDir: {} + + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/pomba/components/pomba-servicedecomposition/templates/service.yaml b/kubernetes/pomba/components/pomba-servicedecomposition/templates/service.yaml new file mode 100644 index 0000000000..2ebd6758a0 --- /dev/null +++ b/kubernetes/pomba/components/pomba-servicedecomposition/templates/service.yaml @@ -0,0 +1,43 @@ +{{/* +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort }} + #Example internal target port if required + #targetPort: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName | default "http" }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName | default "http" }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ include "common.release" . }} diff --git a/kubernetes/pomba/components/pomba-servicedecomposition/values.yaml b/kubernetes/pomba/components/pomba-servicedecomposition/values.yaml new file mode 100644 index 0000000000..a0e849890a --- /dev/null +++ b/kubernetes/pomba/components/pomba-servicedecomposition/values.yaml @@ -0,0 +1,100 @@ +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + +################################################################# +# Application configuration defaults. +################################################################# +# application image +image: onap/service-decomposition:1.5.1 +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration +# Example: +config: + # Service Decomposition REST Client Configuration + aaiServiceName: aai + aaiPort: 8443 + aaiUsername: AAI + aaiPassword: OBF:1gfr1ev31gg7 + aaiHttpProtocol: https + # Basic Authorization Client credentials for Service Decomposition REST service + serviceDecompositionUserId: admin + serviceDecompositionPassword: OBF:1u2a1toa1w8v1tok1u30 + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 30 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 30 + periodSeconds: 10 + +#Example service definition with external, internal and node ports. +service: + # The default service name (exposed in the service.yaml) will be the same + # name as the chart. If the service name needs to be overriden (such as + # when a subchart is shared), uncomment the value below. + #name: <service-name-override> + + #Services may use any combination of ports depending on the 'type' of + #service being defined. + type: ClusterIP + externalPort: 9532 + internalPort: 8080 +# nodePort: <replace with unused node port suffix eg. 23> + # optional port name override - default can be defined in service.yaml + #portName: http + +ingress: + enabled: false + +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 1 + memory: 800Mi + requests: + cpu: 100m + memory: 400Mi + large: + limits: + cpu: 2 + memory: 1600Mi + requests: + cpu: 200m + memory: 800Mi + unlimited: {} diff --git a/kubernetes/pomba/components/pomba-validation-service/Chart.yaml b/kubernetes/pomba/components/pomba-validation-service/Chart.yaml new file mode 100644 index 0000000000..525de440a9 --- /dev/null +++ b/kubernetes/pomba/components/pomba-validation-service/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: POMBA Validaton-Service +name: pomba-validation-service +version: 6.0.0 diff --git a/kubernetes/pomba/components/pomba-validation-service/requirements.yaml b/kubernetes/pomba/components/pomba-validation-service/requirements.yaml new file mode 100644 index 0000000000..fbe51550f0 --- /dev/null +++ b/kubernetes/pomba/components/pomba-validation-service/requirements.yaml @@ -0,0 +1,21 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~6.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~6.x-0 + repository: '@local' diff --git a/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/README.txt b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/README.txt new file mode 100644 index 0000000000..5cc01497f5 --- /dev/null +++ b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/README.txt @@ -0,0 +1,10 @@ +This directory contains all external configuration files that +need to be mounted into an application container. + +See the configmap.yaml in the templates directory for an example +of how to load (ie map) config files from this directory, into +Kubernetes, for distribution within the k8s cluster. + +See deployment.yaml in the templates directory for an example +of how the 'config mapped' files are then mounted into the +containers. diff --git a/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/aai-environment.properties b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/aai-environment.properties new file mode 100644 index 0000000000..cd5c62e96b --- /dev/null +++ b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/aai-environment.properties @@ -0,0 +1,15 @@ +host=dummy-host.onap.org +port=8443 +httpProtocol=https +trustStorePath=/auth/tomcat_keystore +#trustStorePassword intentionally left blank +trustStorePassword.x= +keyStorePath=/auth/client-cert-onap.p12 +keyStorePassword.x=OBF: +keyManagerFactoryAlgorithm=SunX509 +keyStoreType=PKCS12 +securityProtocol=TLS +connectionTimeout=5000 +readTimeout=1000 + +baseModelURI=/aai/v8/service-design-and-creation/models/model diff --git a/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/auth/client-cert-onap.p12 b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/auth/client-cert-onap.p12 Binary files differnew file mode 100644 index 0000000000..dbf4fcacec --- /dev/null +++ b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/auth/client-cert-onap.p12 diff --git a/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/auth/tomcat_keystore b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/auth/tomcat_keystore Binary files differnew file mode 100644 index 0000000000..9eec841aa2 --- /dev/null +++ b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/auth/tomcat_keystore diff --git a/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/auth_policy.json b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/auth_policy.json new file mode 100644 index 0000000000..ea5565a71e --- /dev/null +++ b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/auth_policy.json @@ -0,0 +1,46 @@ +{"roles": [ + { + "name": "admin", + "functions": [ + { + "name": "actions", + "methods": [ + {"name": "GET"}, + {"name": "DELETE"}, + {"name": "PUT"} + ] + }, + { + "name": "validate", + "methods": [{"name": "POST"}] + } + ], + "users": [ + {"username": "CN=common-name, OU=org-unit, O=org, L=location, ST=state, C=US"}, + {"username": "CN=test, OU=qa, O=Test Ltd, L=London, ST=London, C=GB"}, + {"username": "CN=aai-client.dev.att.com, OU=aai digicert client dev, O=\"AT&T Services, Inc.\", L=Dallas, ST=Texas, C=US"} + ] + }, + { + "name": "ops", + "functions": [{ + "name": "actions", + "methods": [{"name": "POST"}] + }], + "users": [ + {"username": "CN=common-name, OU=org-unit, O=org, L=location, ST=state, C=US"}, + {"username": "CN=test, OU=qa, O=Test Ltd, L=London, ST=London, C=GB"} + ] + }, + { + "name": "basicauth", + "functions": [{ + "name": "util", + "methods": [{"name": "GET"}] + }], + "users": [{ + "user": "aai", + "pass": "OBF:1u2a1t2v1vgb1s3g1s3m1vgj1t3b1u30" + }] + } +]} diff --git a/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/rule-data-dictionary.properties b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/rule-data-dictionary.properties new file mode 100644 index 0000000000..d93f030395 --- /dev/null +++ b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/rule-data-dictionary.properties @@ -0,0 +1,9 @@ +rule.datadictionary.hostport={{ .Values.config.dataDictHostPort }} +rule.datadictionary.connect.timeout=1000 +rule.datadictionary.read.timeout=1000 + +# basic authentication: base64 encoding of username:password +rule.datadictionary.credentials={{ .Values.config.dataDictCredentials }} + +# ex: /commonModelElements/instance~nfValuesCatalog~1.0/ +rule.datadictionary.uri=/commonModelElements/{0}~{1}~1.0/validateInstance diff --git a/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/rule-indexing.properties b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/rule-indexing.properties new file mode 100644 index 0000000000..06f4626ab6 --- /dev/null +++ b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/rule-indexing.properties @@ -0,0 +1,4 @@ +rule.indexing.events=POA-EVENT +rule.indexing.exclude.oxm.validation=POA-EVENT +rule.indexing.key.attributes=$.poa-event.modelVersionId,$.poa-event.modelInvariantId +rule.indexing.default.key=default-rules diff --git a/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/schemaIngest.properties b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/schemaIngest.properties new file mode 100644 index 0000000000..a711881dc5 --- /dev/null +++ b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/schemaIngest.properties @@ -0,0 +1,9 @@ +{{/* +# Properties for the SchemaLocationsBean +# The AAI Schema jar will be unpacked to bundleconfig/etc +*/}} +schemaConfig=bundleconfig +# Files named aai_oxm_v*.xml are unpacked here: +nodeDir=${APP_HOME}/bundleconfig/etc/oxm +# Dummy folder/directory: +edgeDir=${APP_HOME}/bundleconfig/etc/oxm diff --git a/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/topics/topic-poa-audit-result.properties b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/topics/topic-poa-audit-result.properties new file mode 100644 index 0000000000..fe8e2684d5 --- /dev/null +++ b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/topics/topic-poa-audit-result.properties @@ -0,0 +1,24 @@ +{{/* +# ============LICENSE_START=================================================== +# Copyright (c) 2018 Amdocs +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END===================================================== +*/}} + +poa-audit-result.name=POA-AUDIT-RESULT +poa-audit-result.host=message-router:3904 +poa-audit-result.publisher.partition=1 +poa-audit-result.username= +poa-audit-result.password=OBF: +poa-audit-result.transport.type=HTTPAUTH diff --git a/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/topics/topic-poa-rule-validation.properties b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/topics/topic-poa-rule-validation.properties new file mode 100644 index 0000000000..2dace57936 --- /dev/null +++ b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/topics/topic-poa-rule-validation.properties @@ -0,0 +1,25 @@ +{{/* +# ============LICENSE_START=================================================== +# Copyright (c) 2018 Amdocs +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END===================================================== +*/}} + +poa-rule-validation.name=POA-RULE-VALIDATION +poa-rule-validation.host=message-router:3904 +poa-rule-validation.username= +poa-rule-validation.password=OBF: +poa-rule-validation.consumer.group=poa-validator-test +poa-rule-validation.consumer.id=test +poa-rule-validation.transport.type=HTTPAUTH diff --git a/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/validation-service-auth.properties b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/validation-service-auth.properties new file mode 100644 index 0000000000..8bbd4233a6 --- /dev/null +++ b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/validation-service-auth.properties @@ -0,0 +1,2 @@ +auth.policy.file=${CONFIG_HOME}/auth_policy.json +auth.authentication.disable=false diff --git a/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/validation-service.properties b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/validation-service.properties new file mode 100644 index 0000000000..9b2e86213a --- /dev/null +++ b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/validation-service.properties @@ -0,0 +1,13 @@ +topic.publish.enable=true +topic.publish.retries=3 +topic.consume.enable=true +topic.consume.polling.interval.seconds=3 + +event.domain=onap +event.action.exclude=DELETE +event.type.rule=POA-EVENT +event.type.model=NOT-APPLICABLE-IN-POMBA +event.type.end=END-EVENT + +model.cache.expirySeconds=3 +aai.oxm.version=10 diff --git a/kubernetes/pomba/components/pomba-validation-service/resources/application.properties b/kubernetes/pomba/components/pomba-validation-service/resources/application.properties new file mode 100644 index 0000000000..99879d4557 --- /dev/null +++ b/kubernetes/pomba/components/pomba-validation-service/resources/application.properties @@ -0,0 +1,45 @@ +{{/* +# ============LICENSE_START=================================================== +# Copyright (c) 2018 Amdocs +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END===================================================== + +# Note that the start.sh script sets the following System Properties +# We provide default values here for testing purposes +*/}} +APP_HOME=. +CONFIG_HOME=appconfig +com.att.eelf.logging.path=src/main/resources +com.att.eelf.logging.file=logback.xml +logback.configurationFile=${com.att.eelf.logging.path}/${com.att.eelf.logging.file} + +schemaIngestPropLoc=${CONFIG_HOME}/schemaIngest.properties + +server.port=9501 +server.ssl.client-auth=want +server.ssl.key-store=${CONFIG_HOME}/auth/tomcat_keystore +# Work-around for missing Java certificates file "cacerts". This default value should be overridden. +server.ssl.trust-store=${CONFIG_HOME}/auth/tomcat_keystore + +server.tomcat.max-threads=200 +# The minimum number of threads always kept alive +server.tomcat.min-spare-threads=25 + +# Spring Boot logging +logging.config=${logback.configurationFile} + +consumer.topic.names=poa-rule-validation +publisher.topic.names=poa-audit-result + +topics.properties.location=${CONFIG_HOME}/topics/ diff --git a/kubernetes/pomba/components/pomba-validation-service/resources/bundleconfig/etc/rules/poa-event/default-rules.groovy b/kubernetes/pomba/components/pomba-validation-service/resources/bundleconfig/etc/rules/poa-event/default-rules.groovy new file mode 100644 index 0000000000..4a7f30452f --- /dev/null +++ b/kubernetes/pomba/components/pomba-validation-service/resources/bundleconfig/etc/rules/poa-event/default-rules.groovy @@ -0,0 +1,512 @@ +/* + * ============LICENSE_START=================================================== + * Copyright (c) 2018 Amdocs + * ============================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END===================================================== + */ + +entity { + name 'POA-EVENT' + indexing { + indices 'default-rules' + } + validation { + + // NDCB-AAI comparison: Context level + useRule { + name 'Attribute-comparison' + attributes 'context-list.ndcb', 'context-list.aai' + } + + // NDCB-AAI comparison: Service entity + useRule { + name 'Attribute-comparison' + attributes 'context-list.ndcb.service', 'context-list.aai.service' + } + + // NDCB-AAI comparison: Context level network list + useRule { + name 'Attribute-comparison' + attributes 'context-list.ndcb.networkList[*]', 'context-list.aai.networkList[*]' + } + + // NDCB-AAI comparison: VNF list + useRule { + name 'Attribute-comparison' + attributes 'context-list.ndcb.vnfList[*]', 'context-list.aai.vnfList[*]' + } + + // NDCB-AAI comparison: VNF network list + useRule { + name 'Attribute-comparison' + attributes 'context-list.ndcb.vnfList[*].networkList[*]', 'context-list.aai.vnfList[*].networkList[*]' + } + + // NDCB-AAI comparison: VF-Module list + useRule { + name 'Attribute-comparison' + attributes 'context-list.ndcb.vnfList[*].vfModuleList[*]', 'context-list.aai.vnfList[*].vfModuleList[*]' + } + + // NDCB-AAI comparison: VF-Module network list + useRule { + name 'Attribute-comparison' + attributes 'context-list.ndcb.vnfList[*].vfModuleList[*].networkList[*]', 'context-list.aai.vnfList[*].vfModuleList[*].networkList[*]' + } + + // NDCB-AAI comparison: VNFC list + useRule { + name 'Attribute-comparison' + attributes 'context-list.ndcb.vnfList[*].vnfcList[*]', 'context-list.aai.vnfList[*].vnfcList[*]' + } + + // NDCB-AAI comparison: VM list + useRule { + name 'Attribute-comparison' + attributes 'context-list.ndcb.vnfList[*].vfModuleList[*].vmList[*]', 'context-list.aai.vnfList[*].vfModuleList[*].vmList[*]' + } + + // NDCB-AAI comparison: P-Interface list + useRule { + name 'Attribute-comparison' + attributes 'context-list.ndcb.pnfList[*].pInterfaceList[*]', 'context-list.aai.pnfList[*].pInterfaceList[*]' + } + + + // SDNC-AAI comparison: Context level + useRule { + name 'Attribute-comparison' + attributes 'context-list.sdnc', 'context-list.aai' + } + + // SDNC-AAI comparison: Service entity + useRule { + name 'Attribute-comparison' + attributes 'context-list.sdnc.service', 'context-list.aai.service' + } + + // SDNC-AAI comparison: Context level network list + useRule { + name 'Attribute-comparison' + attributes 'context-list.sdnc.networkList[*]', 'context-list.aai.networkList[*]' + } + + // SDNC-AAI comparison: VNF list + useRule { + name 'Attribute-comparison' + attributes 'context-list.sdnc.vnfList[*]', 'context-list.aai.vnfList[*]' + } + + // SDNC-AAI comparison: VNF network list + useRule { + name 'Attribute-comparison' + attributes 'context-list.sdnc.vnfList[*].networkList[*]', 'context-list.aai.vnfList[*].networkList[*]' + } + + // SDNC-AAI comparison: VF-Module list + useRule { + name 'Attribute-comparison' + attributes 'context-list.sdnc.vnfList[*].vfModuleList[*]', 'context-list.aai.vnfList[*].vfModuleList[*]' + } + + // SDNC-AAI comparison: VF-Module network list + useRule { + name 'Attribute-comparison' + attributes 'context-list.sdnc.vnfList[*].vfModuleList[*].networkList[*]', 'context-list.aai.vnfList[*].vfModuleList[*].networkList[*]' + } + + // SDNC-AAI comparison: VNFC list + useRule { + name 'Attribute-comparison' + attributes 'context-list.sdnc.vnfList[*].vnfcList[*]', 'context-list.aai.vnfList[*].vnfcList[*]' + } + + // SDNC-AAI comparison: VM list + useRule { + name 'Attribute-comparison' + attributes 'context-list.sdnc.vnfList[*].vfModuleList[*].vmList[*]', 'context-list.aai.vnfList[*].vfModuleList[*].vmList[*]' + } + + // AAI-SDNC PNF name validation + useRule { + name 'AAI-SDNC-pnf-name-check' + attributes 'context-list.aai.pnfList[*].name', 'context-list.sdnc.pnfList[*].name' + } + + + // SDNC-NDCB comparison: Context level + useRule { + name 'Attribute-comparison' + attributes 'context-list.sdnc', 'context-list.ndcb' + } + + // SDNC-NDCB comparison: Service entity + useRule { + name 'Attribute-comparison' + attributes 'context-list.sdnc.service', 'context-list.ndcb.service' + } + + // SDNC-NDCB comparison: Context level network list + useRule { + name 'Attribute-comparison' + attributes 'context-list.sdnc.networkList[*]', 'context-list.ndcb.networkList[*]' + } + + // SDNC-NDCB comparison: VNF list + useRule { + name 'Attribute-comparison' + attributes 'context-list.sdnc.vnfList[*]', 'context-list.ndcb.vnfList[*]' + } + + // SDNC-NDCB comparison: VNF network list + useRule { + name 'Attribute-comparison' + attributes 'context-list.sdnc.vnfList[*].networkList[*]', 'context-list.ndcb.vnfList[*].networkList[*]' + } + + // SDNC-NDCB comparison: VF-Module list + useRule { + name 'Attribute-comparison' + attributes 'context-list.sdnc.vnfList[*].vfModuleList[*]', 'context-list.ndcb.vnfList[*].vfModuleList[*]' + } + + // SDNC-NDCB comparison: VF-Module network list + useRule { + name 'Attribute-comparison' + attributes 'context-list.sdnc.vnfList[*].vfModuleList[*].networkList[*]', 'context-list.ndcb.vnfList[*].vfModuleList[*].networkList[*]' + } + + // SDNC-NDCB comparison: VNFC list + useRule { + name 'Attribute-comparison' + attributes 'context-list.sdnc.vnfList[*].vnfcList[*]', 'context-list.ndcb.vnfList[*].vnfcList[*]' + } + + // SDNC-NDCB comparison: VM list + useRule { + name 'Attribute-comparison' + attributes 'context-list.sdnc.vnfList[*].vfModuleList[*].vmList[*]', 'context-list.ndcb.vnfList[*].vfModuleList[*].vmList[*]' + } + + + + // SDC-AAI VNFC type + useRule { + name 'SDC-AAI-vnfc-type' + attributes 'context-list.sdc.vnfList[*].vnfcList[*]', 'context-list.aai.vnfList[*].vnfcList[*]' + } + + // SDC-AAI VNFC node count + useRule { + name 'SDC-AAI-vnfc-node-count' + attributes 'context-list.sdc.vnfList[*].vnfcList[*]', 'context-list.aai.vnfList[*].vnfcList[*]' + } + + // SDC-AAI VF-Module instance + useRule { + name 'SDC-AAI-vf-module-instance-check' + attributes 'context-list.sdc.vnfList[*].vfModuleList[*]', 'context-list.aai.vnfList[*].vfModuleList[*]' + } + + useRule { + name 'AAI-not-empty' + attributes 'context-list.aai.pnfList', 'context-list.aai.vnfList', 'context-list.aai.networkList' + } + } +} + +rule { + name 'AAI-not-empty' + category 'VNFC Consistency' + description 'Check if AAI collected anything' + errorText 'AAI section is empty' + severity 'ERROR' + attributes 'pnfList', 'vnfList', 'networkList' + validate ''' + // expect at least one not empty list + return !pnfList.isEmpty() || !vnfList.isEmpty() || !networkList.isEmpty() + ''' +} + +rule { + name 'SDC-AAI-vnfc-type' + category 'VNFC Consistency' + description 'Validate that each VNFC instance in AAI conforms to a VNFC type defined in SDC model' + errorText 'AAI VNFC instance includes non-specified type in design SDC model' + severity 'ERROR' + attributes 'sdcList', 'aaiList' + validate ''' + def getVnfcTypes = { parsedData -> + parsedData.collect{ it.findResult{ k, v -> if(k.equals("type")) {return "$v"}}} + } + + def slurper = new groovy.json.JsonSlurper() + def sdcTypes = getVnfcTypes(slurper.parseText(sdcList.toString())) + def aaiTypes = getVnfcTypes(slurper.parseText(aaiList.toString())) + + // each type in AAI must exist in SDC + return sdcTypes.containsAll(aaiTypes) + ''' +} + +rule { + name 'SDC-AAI-vnfc-node-count' + category 'VNFC Consistency' + description 'Validate that for each VNFC node defined in SDC model, there is at least one VNFC instance in AAI' + errorText 'Design has specified types but not all of them exist in AAI' + severity 'WARNING' + attributes 'sdcList', 'aaiList' + validate ''' + def getVnfcNodes = { parsedData -> + parsedData.collect { new Tuple2( + it.findResult{ k, v -> if(k.equals("name")) {return "$v"}}, + it.findResult{ k, v -> if(k.equals("type")) {return "$v"}}) + } + } + + def slurper = new groovy.json.JsonSlurper() + def sdcNodes = getVnfcNodes(slurper.parseText(sdcList.toString())) + def aaiNodes = getVnfcNodes(slurper.parseText(aaiList.toString())) + + // each node in AAI must exist in SDC + return aaiNodes.containsAll(sdcNodes) + ''' +} + +rule { + name 'SDC-AAI-vf-module-instance-check' + category 'VF Consistency' + description 'Validate that each VF module instance in AAI conforms to a VF module defined in SDC service model' + errorText 'One or more AAI VF module instance(s) not defined in SDC model' + severity 'CRITICAL' + attributes 'sdcList', 'aaiList' + validate ''' + def getVfModules = { parsedData -> + parsedData.collect{ it.findResult{ k, v -> if(k.equals("name")) {return "$v"}}} + } + + def slurper = new groovy.json.JsonSlurper() + def sdcVfModules = getVfModules(slurper.parseText(sdcList.toString())) + def aaiVfModules = getVfModules(slurper.parseText(aaiList.toString())) + + // all VF modules in AAI must exist in SDC + return aaiVfModules.containsAll(sdcVfModules) + ''' +} + +rule { + name 'Attribute-comparison' + category 'Attribute Mismatch' + description 'Determine all discrepancies between values for attributes with matching names from each model' + errorText 'Error found with attribute(s) and values: {0}' + severity 'ERROR' + attributes 'lhsObject', 'rhsObject' + validate ''' + // This closure extracts the given object's root level attributes and contents of the attribute list. + // Complex items like lists are excluded. + // Returns a map containing attribute names as keys, mapping to a list of values for each attribute. + Closure<java.util.Map> getAttributes = { parsedData -> + java.util.Map attributeMap = new java.util.HashMap() + + def isAttributeDataQualityOk = { attribute -> + attribute.findResult{ k, v -> if(k.equals("dataQuality") ) {return v.get("status")}}.equals("ok") + } + + def addToMap = { attrKey, attrValue -> + java.util.Set values = attributeMap.get("$attrKey") + if(values == null) { + values = new java.util.HashSet() + attributeMap.put("$attrKey", values) + } + values.add("$attrValue") + } + + def addAttributeToMap = { attribute -> + if(isAttributeDataQualityOk(attribute)) { + String key, value + attribute.each { k, v -> + if(k.equals("name")) {key = "$v"} + if(k.equals("value")) {value = "$v"} + } + addToMap("$key", "$value") + } + } + + def processKeyValue = { key, value -> + if(value instanceof java.util.ArrayList) { + if(key.equals("attributeList")) { + value.each { + addAttributeToMap(it) + } + } + } else if(!(value instanceof groovy.json.internal.LazyMap)) { + // only add key-value attributes, skip the rest + addToMap("$key", "$value") + } + } + + if(parsedData instanceof java.util.ArrayList) { + parsedData.each { + it.each { key, value -> processKeyValue(key, value) } + } + } else { + parsedData.each { key, value -> processKeyValue(key, value) } + } + return attributeMap + } + + // This closure compares all values for each key from the left map, to values of the same key from the right map. + // Returns a map of attributes with mismatched or missing values (i.e. attribute name mapped to list of failed values). + Closure<java.util.Map> compareAttributes = { java.util.Map left, java.util.Map right -> + java.util.Map violationMap = new java.util.HashMap() + left.each{ leftKey, leftValueList -> + def rightValueList = right.get("$leftKey") + rightValueList.each{ rightValue -> + if(!leftValueList.any{ it == "$rightValue" }) { + def existingValues = violationMap.get(leftKey) + if(existingValues) { + existingValues.add("$rightValue") + } else { + java.util.Set newValues = new HashSet() + newValues.add("$rightValue") + violationMap.put("$leftKey", newValues) + } + } + } + } + return violationMap + } + + // This closure merges the given maps into a new map. + // Returns a map containing all keys and their values from both maps. + Closure<java.util.Map> mergeMaps = { java.util.Map left, java.util.Map right -> + if(left.isEmpty() && right.isEmpty()) { + return [:] + } else if(left.isEmpty()) { + return right + } else if(right.isEmpty()) { + return left + } + java.util.Map merged = new java.util.HashMap() + merged.putAll(left) + right.each{ rightKey, rightValues -> + java.util.Set mergedValues = merged.get(rightKey) + if(mergedValues == null) { + merged.put(rightKey, rightValues) + } else { + mergedValues.addAll(rightValues) + } + } + return merged + } + + def slurper = new groovy.json.JsonSlurper() + java.util.Map lhsAttributes = getAttributes(slurper.parseText(lhsObject.toString())) + java.util.Map rhsAttributes = getAttributes(slurper.parseText(rhsObject.toString())) + + def leftToRight = compareAttributes(lhsAttributes, rhsAttributes) + def rightToLeft = compareAttributes(rhsAttributes, lhsAttributes) + def mergedResults = mergeMaps(leftToRight, rightToLeft) + + boolean success = true + List<String> details = new ArrayList<>() + if(!mergedResults.isEmpty()) { + success = false + details.add(mergedResults.toString()) + } + return new Tuple2(success, details) + ''' +} + +/* + * The data-dictionary rule below can be used with this useRule clause: + * useRule { + * name 'Data-Dictionary validate VF type' + * attributes 'context-list.ndcb.vnfList[*].vfModuleList[*].networkList[*].type' + * } + */ +rule { + name 'Data-Dictionary validate VF type' + category 'INVALID_VALUE' + description 'Validate all VF type values against data-dictionary' + errorText 'VF type [{0}] failed data-dictionary validation: {1}' + severity 'ERROR' + attributes 'typeList' + validate ''' + boolean success = true + List<String> details = new ArrayList<>() + typeList.any { + if(!success) { + // break out of 'any' loop + return false + } + def result = org.onap.aai.validation.ruledriven.rule.builtin.DataDictionary.validate("instance", "vfModuleNetworkType", "type", "$it") + if(!result.isEmpty()) { + success = false + details.add("$it") + details.add("$result") + } + } + return new Tuple2(success, details) + ''' +} + +rule { + name 'AAI-SDNC-pnf-name-check' + category 'PNF Consistency' + description 'Validate that each PNF name in AAI matches a PNF name in the SDNC model' + errorText 'AAI PNF names do not match SDNC - {0}' + severity 'ERROR' + attributes 'aaiNames', 'sdncNames' + validate ''' + def addName = { values, key -> + values.add("$key") + } + + List<String> errorReasons = new ArrayList(); + + if (aaiNames.size() != sdncNames.size()) { + errorReasons.add("Number of PNFs don't match; aai has ${aaiNames.size()}, sdnc has ${sdncNames.size()}") + return new Tuple2(false, errorReasons) + } + + // collect all the "name" values from AAI and SDNC into two Sets. + Set aaiNameSet = new java.util.HashSet() + aaiNames.each { + aValue -> addName(aaiNameSet, aValue) + } + + Set sdncNameSet = new java.util.HashSet() + sdncNames.each { + aValue -> addName(sdncNameSet, aValue) + } + + // Validate that the names match by comparing the size of the two Sets. + if (aaiNameSet.size() != sdncNameSet.size()) { + errorReasons.add("Number of distinct PNF names don't match; aai: ${aaiNameSet}, sdnc: ${sdncNameSet}") + return new Tuple2(false, errorReasons) + } + + Set combinedSet = new HashSet(); + combinedSet.addAll(aaiNameSet); + combinedSet.addAll(sdncNameSet); + if (combinedSet.size() != aaiNameSet.size()) { + errorReasons.add("PNF names don't match; aai names: ${aaiNameSet}, sdnc names: ${sdncNameSet}") + return new Tuple2(false, errorReasons) + } + + return true + + ''' +} diff --git a/kubernetes/pomba/components/pomba-validation-service/templates/configmap.yaml b/kubernetes/pomba/components/pomba-validation-service/templates/configmap.yaml new file mode 100644 index 0000000000..9a9951ab9f --- /dev/null +++ b/kubernetes/pomba/components/pomba-validation-service/templates/configmap.yaml @@ -0,0 +1,47 @@ +{{/* +# Copyright © 2018 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-root-config + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/*.*").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-config-properties + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/appconfig/*.*").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-config-topics + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/appconfig/topics/*.properties").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-rules + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/bundleconfig/etc/rules/poa-event/*.groovy").AsConfig . | indent 2 }} diff --git a/kubernetes/pomba/components/pomba-validation-service/templates/deployment.yaml b/kubernetes/pomba/components/pomba-validation-service/templates/deployment.yaml new file mode 100644 index 0000000000..1590f4e001 --- /dev/null +++ b/kubernetes/pomba/components/pomba-validation-service/templates/deployment.yaml @@ -0,0 +1,162 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ include "common.release" . }} + spec: + containers: + - name: {{ include "common.name" . }} + image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.internalPort }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{ if .Values.liveness.enabled }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end }} + {{ if .Values.readiness.enabled }} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + {{ end }} + env: + - name: APP_HOME + value: "{{ .Values.config.appDir }}" + - name: CONFIG_HOME + value: "{{ .Values.config.configDir }}" + - name: MAX_HEAP + value: "{{ .Values.config.maxHeap }}" + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: {{ .Values.config.appDir }}/application.properties + name: root-config-app-prop + subPath: application.properties + - mountPath: {{ .Values.config.configDir }}/ + name: properties + - mountPath: {{ .Values.config.configAuthDir }}/ + name: config-auth + - mountPath: {{ .Values.config.configTopicsDir }}/ + name: config-topics + - mountPath: {{ .Values.config.rulesDir }}/ + name: rules + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + + # Filebeat sidecar container + - name: {{ include "common.name" . }}-filebeat-onap + image: {{ include "repositoryGenerator.image.logging" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - name: {{ include "common.fullname" . }}-filebeat-conf + mountPath: /usr/share/filebeat/filebeat.yml + subPath: filebeat.yml + - name: {{ include "common.fullname" . }}-data-filebeat + mountPath: /usr/share/filebeat/data + - name: {{ include "common.fullname" . }}-logs + mountPath: /opt/app/logs + + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: {{ include "common.fullname" . }}-filebeat-conf + configMap: + name: {{ include "common.release" . }}-pomba-filebeat-configmap + - name: {{ include "common.fullname" . }}-data-filebeat + emptyDir: {} + - name: root-config-app-prop + configMap: + name: {{ include "common.fullname" . }}-root-config + defaultMode: 0644 + - name: {{ include "common.fullname" . }}-logs + emptyDir: {} + - name: properties + configMap: + name: {{ include "common.fullname" . }}-config-properties + defaultMode: 0644 + items: + - key: validation-service.properties + path: validation-service.properties + - key: validation-service-auth.properties + path: validation-service-auth.properties + - key: rule-indexing.properties + path: rule-indexing.properties + - key: rule-data-dictionary.properties + path: rule-data-dictionary.properties + - key: aai-environment.properties + path: aai-environment.properties + - key: schemaIngest.properties + path: schemaIngest.properties + - key: auth_policy.json + path: auth_policy.json + - name: config-auth + secret: + secretName: {{ include "common.fullname" . }}-config-auth-secret + items: + - key: tomcat_keystore + path: tomcat_keystore + - key: client-cert-onap.p12 + path: client-cert-onap.p12 + - name: config-topics + configMap: + name: {{ include "common.fullname" . }}-config-topics + defaultMode: 0644 + items: + - key: topic-poa-audit-result.properties + path: topic-poa-audit-result.properties + - key: topic-poa-rule-validation.properties + path: topic-poa-rule-validation.properties + - name: rules + configMap: + name: {{ include "common.fullname" . }}-rules + defaultMode: 0644 + items: + - key: default-rules.groovy + path: default-rules.groovy + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/pomba/components/pomba-validation-service/templates/secrets.yaml b/kubernetes/pomba/components/pomba-validation-service/templates/secrets.yaml new file mode 100644 index 0000000000..63d3b10f9a --- /dev/null +++ b/kubernetes/pomba/components/pomba-validation-service/templates/secrets.yaml @@ -0,0 +1,24 @@ +{{/* +# Copyright © 2018 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "common.fullname" . }}-config-auth-secret + namespace: {{ include "common.namespace" . }} +type: Opaque +data: +{{ (.Files.Glob "resources/appconfig/auth/*").AsSecrets | indent 2 }} diff --git a/kubernetes/pomba/components/pomba-validation-service/templates/service.yaml b/kubernetes/pomba/components/pomba-validation-service/templates/service.yaml new file mode 100644 index 0000000000..8647447dc1 --- /dev/null +++ b/kubernetes/pomba/components/pomba-validation-service/templates/service.yaml @@ -0,0 +1,43 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort }} + #Example internal target port if required + #targetPort: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName | default "http" }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName | default "http" }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ include "common.release" . }} diff --git a/kubernetes/pomba/components/pomba-validation-service/values.yaml b/kubernetes/pomba/components/pomba-validation-service/values.yaml new file mode 100644 index 0000000000..0626b0312e --- /dev/null +++ b/kubernetes/pomba/components/pomba-validation-service/values.yaml @@ -0,0 +1,100 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + +################################################################# +# Application configuration defaults. +################################################################# +# application image +image: onap/validation:1.3.1 +#pullPolicy: Always +pullPolicy: IfNotPresent + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration +config: + appDir: /opt/app/validation-service + configDir: /opt/app/validation-service/appconfig + configAuthDir: /opt/app/validation-service/appconfig/auth + configTopicsDir: /opt/app/validation-service/appconfig/topics + rulesDir: /opt/app/validation-service/bundleconfig/etc/rules/poa-event + maxHeap: 1024 + dataDictHostPort: http://dummy-host:443 + dataDictCredentials: cG9tYmE6cG9tYmE= + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 30 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: false + +readiness: + initialDelaySeconds: 30 + periodSeconds: 10 + enabled: false + +#Example service definition with external, internal and node ports. +service: + # The default service name (exposed in the service.yaml) will be the same + # name as the chart. If the service name needs to be overriden (such as + # when a subchart is shared), uncomment the value below. + #name: validation-service + + #Services may use any combination of ports depending on the 'type' of + #service being defined. + type: ClusterIP + externalPort: 9529 + internalPort: 8080 +# nodePort: <replace with unused node port suffix eg. 23> + # optional port name override - default can be defined in service.yaml + #portName: http + +ingress: + enabled: false + +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 1 + memory: 1400Mi + requests: + cpu: 50m + memory: 700Mi + large: + limits: + cpu: 2 + memory: 2800Mi + requests: + cpu: 100m + memory: 1400Mi + unlimited: {} |