diff options
| author |   Andreas Geissler <andreas-geissler@telekom.de> | 2023-03-20 17:16:45 +0100 |
|---|---|---|
| committer | Andreas Geissler <andreas-geissler@telekom.de> | 2023-03-22 17:36:43 +0100 |
| commit | dd34eadb816e1089a7121dda9810e902caf3e6c4 (patch) | |
| tree | 26d2af10ff6bf9dba2d225bb1f885959b9a77fcb /kubernetes/sdc/components/sdc-onboarding-be | |
| parent | 0879dfcaad420fcc7a6adc77b2b9c72b9522e3cb (diff) | |
[SDC] Chart cleanup for AAF/TLS removal
Use latest helm templates and remove TLS/AAF related parts
Issue-ID: OOM-3121
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: I453d9bfb471462a3c2f4825a3a542c61df353cf5
Diffstat (limited to 'kubernetes/sdc/components/sdc-onboarding-be')
7 files changed, 19 insertions, 264 deletions
diff --git a/kubernetes/sdc/components/sdc-onboarding-be/Chart.yaml b/kubernetes/sdc/components/sdc-onboarding-be/Chart.yaml index 6032061d13..92f8716d77 100644 --- a/kubernetes/sdc/components/sdc-onboarding-be/Chart.yaml +++ b/kubernetes/sdc/components/sdc-onboarding-be/Chart.yaml @@ -21,9 +21,6 @@ name: sdc-onboarding-be version: 12.0.0 dependencies: - - name: certInitializer - version: ~12.x-0 - repository: '@local' - name: repositoryGenerator version: ~12.x-0 repository: '@local' diff --git a/kubernetes/sdc/components/sdc-onboarding-be/templates/deployment.yaml b/kubernetes/sdc/components/sdc-onboarding-be/templates/deployment.yaml index 8180cc79f1..6c392ef24c 100644 --- a/kubernetes/sdc/components/sdc-onboarding-be/templates/deployment.yaml +++ b/kubernetes/sdc/components/sdc-onboarding-be/templates/deployment.yaml @@ -18,26 +18,14 @@ apiVersion: apps/v1 kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} +metadata: {{- include "common.resourceMetadata" . | nindent 2 }} spec: - selector: - matchLabels: - app: {{ include "common.name" . }} + selector: {{- include "common.selectors" . | nindent 4 }} replicas: {{ .Values.replicaCount }} template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} + metadata: {{- include "common.templateMetadata" . | nindent 6 }} spec: - initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }} + initContainers: - name: {{ include "common.name" . }}-job-completion image: {{ include "repositoryGenerator.image.readiness" . }} imagePullPolicy: "{{ .Values.global.pullPolicy | default .Values.pullPolicy }}" @@ -45,7 +33,7 @@ spec: - /app/ready.py args: - --job-name - - {{ include "common.release" . }}-sdc-onboarding-be-cassandra-init + - {{ include "common.release" . }}-sdc-onboarding-be env: - name: NAMESPACE valueFrom: @@ -59,73 +47,16 @@ spec: requests: cpu: 3m memory: 20Mi - {{- if .Values.global.aafEnabled }} - - name: {{ include "common.name" . }}-update-config - image: {{ include "repositoryGenerator.image.envsubst" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: - - sh - args: - - "-c" - - | - export $(grep '^c' {{ .Values.certInitializer.credsPath }}/mycreds.prop | xargs -0) - export KEYSTORE_PASS=$cadi_keystore_password_p12 - export KEYMANAGER_PASS=$cadi_keystore_password_p12 - export TRUSTSTORE_PASS=$cadi_truststore_password - cp {{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.keystoreFile }} /config-output - cp {{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.truststoreFile }} /config-output - cd /config-input && \ - for PFILE in `find . -not -type d | grep -v -F ..` - do - envsubst <${PFILE} >/config-output/${PFILE} - chmod 0755 /config-output/${PFILE} - done - volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }} - - name: sdc-environments-input - mountPath: /config-input/ - - name: sdc-environments - mountPath: /config-output/ - resources: - limits: - cpu: 100m - memory: 100Mi - requests: - cpu: 3m - memory: 20Mi - {{- end }} - - name: volume-permissions - image: {{ include "repositoryGenerator.image.busybox" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: - - sh - args: - - "-c" - - | - chown -R {{ .Values.securityContext.runAsUser }}:{{ .Values.securityContext.fsGroup }} //onboard/cert - securityContext: - runAsUser: 0 - volumeMounts: - - name: cert-storage - mountPath: "/onboard/cert" - resources: - limits: - cpu: 100m - memory: 100Mi - requests: - cpu: 3m - memory: 20Mi containers: - name: {{ include "common.name" . }} image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - ports: - - containerPort: {{ .Values.service.internalPort }} - - containerPort: {{ .Values.service.internalPort2 }} + ports: {{ include "common.containerPorts" . | nindent 12 }} {{ if eq .Values.liveness.enabled true }} livenessProbe: httpGet: path: /onboarding-api/v1.0/healthcheck - port: {{ .Values.service.internalPort2 }} + port: {{ .Values.service.internalPort }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} @@ -135,7 +66,7 @@ spec: readinessProbe: httpGet: path: /onboarding-api/v1.0/healthcheck - port: {{ .Values.service.internalPort2 }} + port: {{ .Values.service.internalPort }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} timeoutSeconds: {{ .Values.readiness.timeoutSeconds }} @@ -144,7 +75,7 @@ spec: startupProbe: httpGet: path: /onboarding-api/v1.0/healthcheck - port: {{ .Values.service.internalPort2 }} + port: {{ .Values.service.internalPort }} initialDelaySeconds: {{ .Values.startup.initialDelaySeconds }} periodSeconds: {{ .Values.startup.periodSeconds }} timeoutSeconds: {{ .Values.startup.timeoutSeconds }} @@ -171,25 +102,15 @@ spec: valueFrom: secretKeyRef: {name: {{ include "common.release" . }}-sdc-cs-secrets, key: sdc_password} - name: SDC_CERT_DIR - value: {{ .Values.cert.certDir }} + value: "" volumeMounts: - name: sdc-environments mountPath: /app/jetty/chef-solo/environments/ - {{- if .Values.global.aafEnabled }} - - name: sdc-environments - mountPath: /app/jetty/chef-solo/cookbooks/sdc-onboard-backend/files/default/org.onap.sdc.p12 - subPath: org.onap.sdc.p12 - - name: sdc-environments - mountPath: /app/jetty/chef-solo/cookbooks/sdc-onboard-backend/files/default/org.onap.sdc.trust.jks - subPath: org.onap.sdc.trust.jks - {{- end }} - name: localtime mountPath: /etc/localtime readOnly: true - name: logs mountPath: /var/log/onap - - name: cert-storage - mountPath: "{{ .Values.cert.certDir }}" - name: logback mountPath: /tmp/logback.xml subPath: logback.xml @@ -200,27 +121,19 @@ spec: # side car containers {{ include "common.log.sidecar" . | nindent 8 }} serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} - volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }} + volumes: - name: localtime hostPath: path: /etc/localtime - {{ include "common.log.volumes" (dict "dot" . "configMapNamePrefix" (tpl .Values.logConfigMapNamePrefix .)) | nindent 6 }} - name: logback configMap: name : {{ include "common.fullname" . }}-logging-configmap - name: sdc-environments - {{- if .Values.global.aafEnabled }} - emptyDir: { medium: "Memory" } - - name: sdc-environments-input - {{- end }} configMap: name: {{ include "common.release" . }}-sdc-environments-configmap defaultMode: 0755 - name: logs emptyDir: {} - - name: cert-storage - persistentVolumeClaim: - claimName: {{ include "common.fullname" . }}-cert imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/sdc/components/sdc-onboarding-be/templates/job.yaml b/kubernetes/sdc/components/sdc-onboarding-be/templates/job.yaml index bfc1ef8e7b..41996ff4cd 100644 --- a/kubernetes/sdc/components/sdc-onboarding-be/templates/job.yaml +++ b/kubernetes/sdc/components/sdc-onboarding-be/templates/job.yaml @@ -17,14 +17,7 @@ apiVersion: batch/v1 kind: Job -metadata: - name: {{ include "common.fullname" . }}-cassandra-init - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }}-job - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} +metadata: {{- include "common.resourceMetadata" . | nindent 2 }} spec: backoffLimit: 20 template: @@ -42,7 +35,7 @@ spec: - /app/ready.py args: - --job-name - - {{ include "common.release" . }}-sdc-cs-config-cassandra + - {{ include "common.release" . }}-sdc-cs - "-t" - "20" env: diff --git a/kubernetes/sdc/components/sdc-onboarding-be/templates/pv.yaml b/kubernetes/sdc/components/sdc-onboarding-be/templates/pv.yaml deleted file mode 100644 index bc110c3b0f..0000000000 --- a/kubernetes/sdc/components/sdc-onboarding-be/templates/pv.yaml +++ /dev/null @@ -1,41 +0,0 @@ -{{/* -# ================================================================================ -# Copyright (C) 2019, Nordix Foundation. All rights reserved. -# ================================================================================ -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} -{{- if and .Values.persistence.enabled (not .Values.cert.persistence.existingClaim) -}} -{{- if eq "True" (include "common.needPV" .) -}} -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ include "common.release" . }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }} -spec: - capacity: - storage: {{ .Values.cert.persistence.size}} - accessModes: - - {{ .Values.cert.persistence.accessMode }} - persistentVolumeReclaimPolicy: {{ .Values.cert.persistence.volumeReclaimPolicy }} - storageClassName: "{{ include "common.fullname" . }}-data" - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ include "common.release" . }}/{{ .Values.cert.persistence.mountSubPath }} -{{- end -}} -{{- end -}} diff --git a/kubernetes/sdc/components/sdc-onboarding-be/templates/pvc.yaml b/kubernetes/sdc/components/sdc-onboarding-be/templates/pvc.yaml deleted file mode 100644 index 006d736b63..0000000000 --- a/kubernetes/sdc/components/sdc-onboarding-be/templates/pvc.yaml +++ /dev/null @@ -1,40 +0,0 @@ -{{/* -# ================================================================================ -# Copyright (C) 2019, Nordix Foundation. All rights reserved. -# ================================================================================ -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} -{{- if and .Values.cert.persistence.enabled (not .Values.cert.persistence.existingClaim) -}} -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }}-cert - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ include "common.release" . }}" - heritage: "{{ .Release.Service }}" -{{- if .Values.cert.persistence.annotations }} - annotations: -{{ toYaml .Values.cert.persistence.annotations | indent 4 }} -{{- end }} -spec: - accessModes: - - {{ .Values.cert.persistence.accessMode }} - storageClassName: {{ include "common.storageClass" . }} - resources: - requests: - storage: {{ .Values.cert.persistence.size }} -{{- end -}} diff --git a/kubernetes/sdc/components/sdc-onboarding-be/templates/service.yaml b/kubernetes/sdc/components/sdc-onboarding-be/templates/service.yaml index ece5a439a3..0a349834b4 100644 --- a/kubernetes/sdc/components/sdc-onboarding-be/templates/service.yaml +++ b/kubernetes/sdc/components/sdc-onboarding-be/templates/service.yaml @@ -1,6 +1,7 @@ {{/* # Copyright © 2017 Amdocs, Bell Canada # Modifications Copyright © 2018 AT&T, ZTE +# Modifications Copyright © 2023 Deutsche Telekom # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -15,35 +16,4 @@ # limitations under the License. */}} -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - type: {{ .Values.service.type }} - ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.externalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName | default "http" }}s - - - port: {{ .Values.service.externalPort2 }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }} - name: {{ .Values.service.portName | default "http" }}} - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName | default "http" }}s - - port: {{ .Values.service.externalPort2 }} - targetPort: {{ .Values.service.internalPort2 }} - name: {{ .Values.service.portName | default "http" }} - {{- end}} - selector: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} +{{ include "common.service" . }}
\ No newline at end of file diff --git a/kubernetes/sdc/components/sdc-onboarding-be/values.yaml b/kubernetes/sdc/components/sdc-onboarding-be/values.yaml index b34ce76fc7..2066835fcf 100644 --- a/kubernetes/sdc/components/sdc-onboarding-be/values.yaml +++ b/kubernetes/sdc/components/sdc-onboarding-be/values.yaml @@ -18,7 +18,6 @@ ################################################################# global: nodePortPrefix: 302 - aafEnabled: true persistence: {} sdc_cassandra: #This flag allows SDC to instantiate its own cluster, serviceName @@ -33,29 +32,6 @@ global: dataCenter: Pod ################################################################# -# AAF Part -################################################################# -certInitializer: - nameOverride: sdc-onboarding-be-cert-init - aafDeployFqi: deployer@people.osaaf.org - aafDeployPass: demo123456! - fqdn: sdc - fqi: sdc@sdc.onap.org - public_fqdn: sdc.onap.org - cadi_longitude: "0.0" - cadi_latitude: "0.0" - app_ns: org.osaaf.aaf - credsPath: /opt/app/osaaf/local - addconfig: true - keystoreFile: "org.onap.sdc.p12" - truststoreFile: "org.onap.sdc.trust.jks" - permission_user: 352070 - permission_group: 35953 - aaf_add_config: | - echo "cadi_keystore_password_p12=$cadi_keystore_password_p12" > {{ .Values.credsPath }}/mycreds.prop - echo "cadi_truststore_password=$cadi_truststore_password" >> {{ .Values.credsPath }}/mycreds.prop - -################################################################# # Application configuration defaults. ################################################################# # application image @@ -109,12 +85,10 @@ startup: service: type: ClusterIP name: sdc-onboarding-be - portName: http - internalPort: 8445 - externalPort: 8445 - - internalPort2: 8081 - externalPort2: 8081 + internalPort: 8081 + ports: + - name: http + port: 8081 ## Persist data to a persitent volume persistence: @@ -139,17 +113,6 @@ persistence: mountPath: /dockerdata-nfs mountSubPath: /sdc/sdc-cs/CS -##Certificate storage persistence -##This is temporary solution for SDC-1980 -cert: - certDir: /app/jetty/cert - persistence: - enabled: true - size: 10Mi - accessMode: ReadWriteOnce - volumeReclaimPolicy: Retain - mountSubPath: /sdc/onbaording/cert - securityContext: fsGroup: 35953 runAsUser: 352070 |