[SDNC] Move dgbuilder and network-name-gen to SDNC

Move the charts from /common to sdnc/components and simplify the DB creation. Issue-ID: OOM-3286 Change-Id: Ib0c53e51b96ad2e1573859b9d938e700c0bea4ac Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
author: Andreas Geissler <andreas-geissler@telekom.de> 2024-04-10 10:45:53 +0200
committer: Andreas Geissler <andreas-geissler@telekom.de> 2024-04-10 11:01:08 +0200
commit: 4b149053969ca20ac0d1cf14fe69bf0eeb042859 (patch)
tree: fa446f4598edb8f9746bc944c72043d15dbd4643 /kubernetes/sdnc/components/network-name-gen
parent: 5230ed9ba9769c93487ad66d0d1f68eec5134a90 (diff)
6 files changed, 364 insertions, 0 deletions
diff --git a/kubernetes/sdnc/components/network-name-gen/Chart.yaml b/kubernetes/sdnc/components/network-name-gen/Chart.yaml
new file mode 100644
index 0000000000..e998a64ecc
--- /dev/null
+++ b/kubernetes/sdnc/components/network-name-gen/Chart.yaml
@@ -0,0 +1,34 @@
+# Copyright (C) 2018  AT&T Intellectual Property.  All rights reserved.
+# Modifications Copyright © 2021 Orange
+# Modifications Copyright © 2021 Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v2
+description: Name Generation Micro Service
+name: network-name-gen
+version: 13.0.0
+
+dependencies:
+  - name: common
+    version: ~13.x-0
+    repository: '@local'
+  - name: repositoryGenerator
+    version: ~13.x-0
+    repository: '@local'
+  - name: mariadb-init
+    version: ~13.x-0
+    repository: '@local'
+  - name: serviceAccount
+    version: ~13.x-0
+    repository: '@local'
+\ No newline at end of file
diff --git a/kubernetes/sdnc/components/network-name-gen/resources/config/aai_keystore b/kubernetes/sdnc/components/network-name-gen/resources/config/aai_keystore
new file mode 100644
index 0000000000..83cae95273
--- /dev/null
+++ b/kubernetes/sdnc/components/network-name-gen/resources/config/aai_keystore
diff --git a/kubernetes/sdnc/components/network-name-gen/templates/deployment.yaml b/kubernetes/sdnc/components/network-name-gen/templates/deployment.yaml
new file mode 100644
index 0000000000..fbb8044630
--- /dev/null
+++ b/kubernetes/sdnc/components/network-name-gen/templates/deployment.yaml
@@ -0,0 +1,120 @@
+{{/*
+# Copyright (C) 2018  AT&T Intellectual Property.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+apiVersion: apps/v1
+kind: Deployment
+metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
+spec:
+  selector: {{- include "common.selectors" . | nindent 4 }}
+  replicas: {{ .Values.replicaCount }}
+  template:
+    metadata: {{- include "common.templateMetadata" . | nindent 6 }}
+    spec:
+      initContainers:
+      - name: {{ include "common.name" . }}-readiness
+        command:
+        - /app/ready.py
+        args:
+{{- if .Values.global.mariadbGalera.localCluster }}
+        - --app-name
+        - {{ index .Values "mariadb-galera" "nameOverride" }}
+{{- else }}
+        - --job-name
+        - {{ include "common.release" . }}-{{ index .Values "mariadb-init" "nameOverride" }}-config-job
+{{- end }}
+        env:
+        - name: NAMESPACE
+          valueFrom:
+            fieldRef:
+              apiVersion: v1
+              fieldPath: metadata.namespace
+        image: {{ include "repositoryGenerator.image.readiness" . }}
+        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+        resources:
+          limits:
+            cpu: "100m"
+            memory: "500Mi"
+          requests:
+            cpu: "3m"
+            memory: "20Mi"
+      containers:
+      - name: {{ include "common.name" . }}
+        command:
+          - bash
+        args:
+          - '-c'
+          - 'export POL_BASIC_AUTH=`echo -n $POL_BASIC_AUTH_USER:$POL_BASIC_AUTH_PASSWORD | base64`; /startService.sh'
+        image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
+        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+        env:
+        - name: SPRING_PROFILE
+          value: "{{ .Values.config.springProfile }}"
+        - name: NENG_DB_USER
+          {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "neng-db-secret" "key" "login") | indent 10}}
+        - name: NENG_DB_PASS
+          {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "neng-db-secret" "key" "password") | indent 10}}
+        - name: NENG_DB_URL
+          value: jdbc:mysql://{{ include "common.mariadbService" . }}:{{ include "common.mariadbPort" . }}/{{ index .Values "mariadb-init" "config" "mysqlDatabase" }}
+        - name: POL_CLIENT_AUTH
+          value: "{{ .Values.config.polClientAuth }}"
+        - name: POL_BASIC_AUTH_USER
+          {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pol-basic-auth-secret" "key" "login") | indent 10}}
+        - name: POL_BASIC_AUTH_PASSWORD
+          {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pol-basic-auth-secret" "key" "password") | indent 10}}
+        - name: POL_URL
+          {{- if (include "common.needTLS" .) }}
+          value: "{{ .Values.config.polUrl.https }}"
+          {{- else }}
+          value: "{{ .Values.config.polUrl.http }}"
+          {{- end }}
+        - name: POL_ENV
+          value: "{{ .Values.config.polEnv }}"
+        - name: POL_REQ_ID
+          value: "{{ .Values.config.polReqId }}"
+        - name: AAI_CERT_PASS
+          value: "{{ .Values.config.aaiCertPass }}"
+        - name: AAI_CERT_PATH
+          value: "{{ .Values.config.aaiCertPath }}"
+        - name: AAI_URI
+          {{- if (include "common.needTLS" .) }}
+          value: "{{ .Values.config.aaiUri.https }}"
+          {{- else }}
+          value: "{{ .Values.config.aaiUri.http }}"
+          {{- end }}
+        - name: AAI_AUTH
+          value: "{{ .Values.config.aaiAuth }}"
+        - name: DISABLE_HOST_VERIFICATION
+          value: "{{ .Values.config.disableHostVerification }}"
+        volumeMounts:
+        - name: certs
+          mountPath: /opt/etc/config/aai_keystore
+          subPath: aai_keystore
+          readOnly: true
+        resources: {{ include "common.resources" . | nindent 10 }}
+        {{- if .Values.nodeSelector }}
+        nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 10 }}
+        {{- end -}}
+        {{- if .Values.affinity }}
+        affinity:
+{{ toYaml .Values.affinity | indent 10 }}
+        {{- end }}
+      serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
+      volumes:
+      - name: certs
+        secret:
+            secretName: {{ include "common.release" . }}-aai-keystore
+      {{- include "common.imagePullSecrets" . | nindent 6 }}
diff --git a/kubernetes/sdnc/components/network-name-gen/templates/secrets.yaml b/kubernetes/sdnc/components/network-name-gen/templates/secrets.yaml
new file mode 100644
index 0000000000..61b83d7a9b
--- /dev/null
+++ b/kubernetes/sdnc/components/network-name-gen/templates/secrets.yaml
@@ -0,0 +1,31 @@
+{{/*
+# Copyright (c) 2018 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{ include "common.secretFast" . }}
+---
+apiVersion: v1
+data:
+{{ tpl (.Files.Glob "resources/config/aai_keystore").AsSecrets . | indent 2 }}
+metadata:
+  name: {{ include "common.release" . }}-aai-keystore
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.fullname" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ include "common.release" . }}
+    heritage: {{ .Release.Service }}
+kind: Secret
+type: Opaque
diff --git a/kubernetes/sdnc/components/network-name-gen/templates/service.yaml b/kubernetes/sdnc/components/network-name-gen/templates/service.yaml
new file mode 100644
index 0000000000..aac71f7eb3
--- /dev/null
+++ b/kubernetes/sdnc/components/network-name-gen/templates/service.yaml
@@ -0,0 +1,43 @@
+{{/*
+# Copyright (C) 2018  AT&T Intellectual Property.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "common.servicename" . }}
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ include "common.release" . }}
+    heritage: {{ .Release.Service }}
+spec:
+  type: {{ .Values.service.type }}
+  ports:
+    {{if eq .Values.service.type "NodePort" -}}
+    - port: {{ .Values.service.externalPort }}
+      targetPort: {{ .Values.service.internalPort }}
+      nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+      name: {{ .Values.service.portName }}
+    {{- else -}}
+    - port: {{ .Values.service.externalPort }}
+      targetPort: {{ .Values.service.internalPort }}
+      name: {{ .Values.service.portName }}
+    {{- end}}
+  selector:
+    app.kubernetes.io/name: {{ include "common.name" . }}
+    app.kubernetes.io/instance: {{ include "common.release" . }}
+
diff --git a/kubernetes/sdnc/components/network-name-gen/values.yaml b/kubernetes/sdnc/components/network-name-gen/values.yaml
new file mode 100644
index 0000000000..9d6a0aef5c
--- /dev/null
+++ b/kubernetes/sdnc/components/network-name-gen/values.yaml
@@ -0,0 +1,136 @@
+# Copyright (C) 2018  AT&T Intellectual Property.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# Global configuration default values that can be inherited by
+# all subcharts.
+#################################################################
+global:
+
+  # Change to an unused port prefix range to prevent port conflicts
+  # with other instances running within the same k8s cluster
+  nodePortPrefix: 302
+
+  # image pull policy
+  pullPolicy: IfNotPresent
+
+  mariadbGalera: &mariadbGalera
+    # flag to enable the DB creation via mariadb-operator
+    useOperator: true
+    localCluster: false
+    service: &dbService mariadb-galera
+    internalPort: &dbPort 3306
+    nameOverride: mariadb-galera
+
+#################################################################
+# Secrets metaconfig
+#################################################################
+secrets:
+  - uid: neng-db-secret
+    name: &dbUserSecretName '{{ include "common.release" . }}-neng-db-secret'
+    type: basicAuth
+    externalSecret: '{{ tpl (default "" .Values.config.db.externalSecret) . }}'
+    login: '{{ .Values.config.db.userName }}'
+    password: '{{ .Values.config.db.userPassword }}'
+  - uid: pol-basic-auth-secret
+    name: '{{ include "common.release" . }}-pol-basic-auth-secret'
+    type: basicAuth
+    externalSecret: '{{ tpl (default "" .Values.config.polBasicAuthSecret) . }}'
+    login: '{{ .Values.config.polBasicAuthUser }}'
+    password: '{{ .Values.config.polBasicAuthPassword }}'
+
+mariadb-init:
+  config:
+    userCredentialsExternalSecret: *dbUserSecretName
+    mysqlDatabase: nengdb
+  nameOverride: nengdb-init
+  mariadb-galera:
+    nameOverride: *dbService
+    service:
+      internalPort: *dbPort
+  serviceAccount:
+    nameOverride: nengdb-init
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application image
+image: onap/ccsdk-apps-ms-neng:1.4.0
+pullPolicy: IfNotPresent
+
+# application configuration
+config:
+  db:
+    userName: nenguser
+    # userPassword: password
+    # userCredentialsExternalSecret: some-secret
+  springProfile: live
+  polClientAuth: cHl0aG9uOnRlc3Q=
+  polBasicAuthUser: healthcheck
+  polBasicAuthPassword: zb!XztG34
+  polUrl:
+    https: https://policy-xacml-pdp:6969/policy/pdpx/v1/decision
+    http: http://policy-xacml-pdp:6969/policy/pdpx/v1/decision
+  polEnv: TEST
+  polReqId: xx
+  disableHostVerification: true
+  aaiCertPass: changeit
+  aaiCertPath: /opt/etc/config/aai_keystore
+  aaiAuth: QUFJOkFBSQ==
+  aaiUri:
+    https: https://aai:8443/aai/v14/
+    http: http://aai:80/aai/v14/
+
+# default number of instances
+replicaCount: 1
+
+nodeSelector: {}
+
+affinity: {}
+
+# probe configuration parameters
+liveness:
+  initialDelaySeconds: 10
+  periodSeconds: 10
+  # necessary to disable liveness probe when setting breakpoints
+  # in debugger so K8s doesn't restart unresponsive container
+  enabled: false
+
+readiness:
+  initialDelaySeconds: 10
+  periodSeconds: 10
+
+service:
+  type: ClusterIP
+  name: neng-serv
+  portName: http
+  internalPort: 8080
+  externalPort: 8080
+
+ingress:
+  enabled: false
+
+resources: {}
+
+podAnnotations:
+  # Workarround to exclude K8S API from istio communication
+  # as init-container (readinessCheck) does not work with the
+  # Istio CNI plugin, see:
+  # (https://istio.io/latest/docs/setup/additional-setup/cni/#compatibility-with-application-init-containers)
+  traffic.sidecar.istio.io/excludeOutboundPorts: "443"
+
+#Pods Service Account
+serviceAccount:
+  nameOverride: network-name-gen
+  roles:
+    - read
author	Andreas Geissler <andreas-geissler@telekom.de>	2024-04-10 10:45:53 +0200
committer	Andreas Geissler <andreas-geissler@telekom.de>	2024-04-10 11:01:08 +0200
commit	4b149053969ca20ac0d1cf14fe69bf0eeb042859 (patch)
tree	fa446f4598edb8f9746bc944c72043d15dbd4643 /kubernetes/sdnc/components/network-name-gen
parent	5230ed9ba9769c93487ad66d0d1f68eec5134a90 (diff)