summaryrefslogtreecommitdiffstats
path: root/kubernetes/so/components/so-openstack-adapter
diff options
context:
space:
mode:
authorAndreas Geissler <andreas-geissler@telekom.de>2023-02-23 09:17:36 +0100
committerAndreas Geissler <andreas-geissler@telekom.de>2023-03-06 09:12:17 +0100
commitad61ccf6cccbe9a9637ef97eb98cee8dd70dce11 (patch)
treeec44004f8807bcb7229b1452a78bd31d2ff78c16 /kubernetes/so/components/so-openstack-adapter
parent5583c3cd4f0b6d6be561af051c9f0466502c10fe (diff)
[SO] Cleanup of SO charts
Remove AAF and TLS related chart entries Use OOM templates for deployment and service definitions Remove so-appc-orchestrator, as it is not supported anymore Issue-ID: OOM-3106 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de> Change-Id: I6256aa0fbbe172752cc3d8f83edde0880de7f629
Diffstat (limited to 'kubernetes/so/components/so-openstack-adapter')
-rwxr-xr-xkubernetes/so/components/so-openstack-adapter/resources/config/overrides/override.yaml20
-rwxr-xr-xkubernetes/so/components/so-openstack-adapter/templates/configmap.yaml2
-rwxr-xr-xkubernetes/so/components/so-openstack-adapter/templates/deployment.yaml40
-rwxr-xr-xkubernetes/so/components/so-openstack-adapter/templates/service.yaml26
-rwxr-xr-xkubernetes/so/components/so-openstack-adapter/values.yaml47
5 files changed, 30 insertions, 105 deletions
diff --git a/kubernetes/so/components/so-openstack-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-openstack-adapter/resources/config/overrides/override.yaml
index 7dc22c3536..55d9ca2b1d 100755
--- a/kubernetes/so/components/so-openstack-adapter/resources/config/overrides/override.yaml
+++ b/kubernetes/so/components/so-openstack-adapter/resources/config/overrides/override.yaml
@@ -14,12 +14,8 @@
# limitations under the License.
*/}}
aai:
- auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.encrypted "value2" .Values.aai.auth )}}
- {{ if (include "common.needTLS" .) }}
- endpoint: https://aai.{{ include "common.namespace" . }}:8443
- {{ else }}
+ auth: {{ .Values.aai.auth }}
endpoint: http://aai.{{ include "common.namespace" . }}:80
- {{ end }}
server:
{{- if include "common.onServiceMesh" . }}
forward-headers-strategy: none
@@ -72,7 +68,7 @@ org:
{{- end }}
default_keystone_reg_ex: "/[vV][0-9]"
vnf:
- bpelauth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.encrypted "value2" .Values.org.onap.so.adapters.bpelauth )}}
+ bpelauth: {{ .Values.org.onap.so.adapters.bpelauth }}
checkRequiredParameters: true
addGetFilesOnVolumeReq: false
sockettimeout: 30
@@ -83,7 +79,7 @@ org:
valet_enabled: false
fail_requests_on_valet_failure: false
network:
- bpelauth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.encrypted "value2" .Values.org.onap.so.adapters.bpelauth )}}
+ bpelauth: {{ .Values.org.onap.so.adapters.bpelauth }}
sockettimeout: 5
connecttimeout: 5
retrycount: 5
@@ -117,8 +113,8 @@ mso:
adapters:
requestDb:
endpoint: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083
- auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.encrypted "value2" .Values.mso.db.auth )}}
- auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.aaf.auth.encrypted "value2" .Values.mso.auth )}}
+ auth: {{ .Values.mso.db.auth }}
+ auth: {{ .Values.mso.auth }}
logPath: ./logs/openstack
msb-ip: msb-iag
msb-port: 80
@@ -127,18 +123,14 @@ mso:
endpoint: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/sobpmnengine
msoKey: {{ .Values.mso.msoKey }}
config:
- {{ if eq .Values.global.security.aaf.enabled true }}
- cadi: {{ include "so.cadi.keys" . | nindent 8}}
- {{- else }}
cadi:
aafId: {{ .Values.mso.basicUser }}
- {{- end }}
catalog:
db:
spring:
endpoint: http://so-catalog-db-adapter.{{ include "common.namespace" . }}:8082
db:
- auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.encrypted "value2" .Values.mso.db.auth )}}
+ auth: {{ .Values.mso.db.auth }}
site-name: localDevEnv
async:
core-pool-size: 50
diff --git a/kubernetes/so/components/so-openstack-adapter/templates/configmap.yaml b/kubernetes/so/components/so-openstack-adapter/templates/configmap.yaml
index 050aab9732..eeab0f72cd 100755
--- a/kubernetes/so/components/so-openstack-adapter/templates/configmap.yaml
+++ b/kubernetes/so/components/so-openstack-adapter/templates/configmap.yaml
@@ -17,7 +17,7 @@ apiVersion: v1
data:
LOG_PATH: {{ index .Values.logPath }}
APP: {{ index .Values.app }}
- ACTIVE_PROFILE: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" "aaf" "value2" "basic")}}
+ ACTIVE_PROFILE: "basic"
kind: ConfigMap
metadata:
name: {{ include "common.fullname" . }}-configmap
diff --git a/kubernetes/so/components/so-openstack-adapter/templates/deployment.yaml b/kubernetes/so/components/so-openstack-adapter/templates/deployment.yaml
index dd6d1f0098..c2db839bd7 100755
--- a/kubernetes/so/components/so-openstack-adapter/templates/deployment.yaml
+++ b/kubernetes/so/components/so-openstack-adapter/templates/deployment.yaml
@@ -15,17 +15,9 @@
*/}}
apiVersion: apps/v1
kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.fullname" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
+metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
spec:
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
+ selector: {{- include "common.selectors" . | nindent 4 }}
replicas: {{ index .Values.replicaCount }}
minReadySeconds: {{ index .Values.minReadySeconds }}
strategy:
@@ -34,30 +26,14 @@ spec:
maxUnavailable: {{ index .Values.updateStrategy.maxUnavailable }}
maxSurge: {{ index .Values.updateStrategy.maxSurge }}
template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
+ metadata: {{- include "common.templateMetadata" . | nindent 6 }}
spec:
initContainers:
- {{ include "so.certificate.container_importer" . | indent 6 | trim }}
{{ include "common.readinessCheck.waitFor" . | indent 6 | trim }}
containers:
- name: {{ include "common.name" . }}
image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
resources: {{ include "common.resources" . | nindent 10 }}
- {{- if .Values.global.aafEnabled }}
- command:
- - sh
- args:
- - -c
- - |
- export $(cat {{ .Values.soHelpers.certInitializer.credsPath }}/mycreds.prop | xargs -0)
- {{- if .Values.global.security.aaf.enabled }}
- export KEYSTORE_PASSWORD="${cadi_keystore_password_p12}"
- {{- end }}
- /app/start-app.sh
- {{- end }}
env:
- name: DB_HOST
value: {{ include "common.mariadbService" . }}
@@ -71,12 +47,11 @@ spec:
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-admin-creds" "key" "login") | indent 10 }}
- name: DB_ADMIN_PASSWORD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-admin-creds" "key" "password") | indent 10 }}
- {{ include "so.certificates.env" . | indent 8 | trim }}
envFrom:
- configMapRef:
name: {{ include "common.fullname" . }}-configmap
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- volumeMounts: {{ include "so.certificate.volumeMount" . | nindent 8 }}
+ volumeMounts:
- name: logs
mountPath: /app/logs
- name: config
@@ -85,14 +60,11 @@ spec:
- name: {{ include "common.fullname" . }}-logs
mountPath: /var/log/onap
{{ include "so.helpers.livenessProbe" .| indent 8 }}
- ports:
- - containerPort: {{ index .Values.containerPort }}
- name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
- protocol: TCP
+ ports: {{- include "common.containerPorts" . | nindent 10 }}
# Filebeat sidecar container
{{ include "common.log.sidecar" . | nindent 6 }}
serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
- volumes: {{ include "so.certificate.volumes" . | nindent 6 }}
+ volumes:
- name: logs
emptyDir: {}
- name: config
diff --git a/kubernetes/so/components/so-openstack-adapter/templates/service.yaml b/kubernetes/so/components/so-openstack-adapter/templates/service.yaml
index 5b8dee0774..495f828bfb 100755
--- a/kubernetes/so/components/so-openstack-adapter/templates/service.yaml
+++ b/kubernetes/so/components/so-openstack-adapter/templates/service.yaml
@@ -13,28 +13,4 @@
# See the License for the specific language governing permissions and
# limitations under the License.
*/}}
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "common.servicename" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-spec:
- type: {{ .Values.service.type }}
- ports:
- {{if eq .Values.service.type "NodePort" -}}
- - port: {{ .Values.service.internalPort }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
- {{- else -}}
- - port: {{ .Values.service.externalPort }}
- targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
- {{- end}}
- selector:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
+{{ include "common.service" . }} \ No newline at end of file
diff --git a/kubernetes/so/components/so-openstack-adapter/values.yaml b/kubernetes/so/components/so-openstack-adapter/values.yaml
index e25f4b3498..205bc9a342 100755
--- a/kubernetes/so/components/so-openstack-adapter/values.yaml
+++ b/kubernetes/so/components/so-openstack-adapter/values.yaml
@@ -19,12 +19,6 @@ global:
nodePortPrefixExt: 304
persistence:
mountPath: /dockerdata-nfs
- security:
- aaf:
- enabled: false
- aaf:
- auth:
- encrypted: 3EDC974C5CD7FE54C47C7490AF4D3B474CDD7D0FFA35A7ACDE3E209631E45F428976EAC0858874F17390A13149E63C90281DD8D20456
mariadbGalera:
serviceName: mariadb-galera
servicePort: '3306'
@@ -71,9 +65,6 @@ db:
aai:
auth: 2A11B07DB6214A839394AA1EC5844695F5114FC407FF5422625FB00175A3DCB8A1FF745F22867EFA72D5369D599BBD88DA8BED4233CF5586
-aaf:
- auth:
- encrypted: 7F182B0C05D58A23A1C4966B9CDC9E0B8BC5CD53BC8C7B4083D869F8D53E9BDC3EFD55C94B1D3F
org:
onap:
so:
@@ -92,25 +83,19 @@ containerPort: &containerPort 8087
logPath: ./logs/openstack/
app: openstack-adapter
service:
- type: ClusterIP
- internalPort: *containerPort
- externalPort: *containerPort
- portName: http
+ type: ClusterIP
+ ports:
+ - name: http
+ port: *containerPort
updateStrategy:
- type: RollingUpdate
- maxUnavailable: 1
- maxSurge: 1
+ type: RollingUpdate
+ maxUnavailable: 1
+ maxSurge: 1
#################################################################
-# soHelper part
+# soHelpers part
#################################################################
soHelpers:
- nameOverride: so-openstack-cert-init
- certInitializer:
- nameOverride: so-openstack-cert-init
- credsPath: /opt/app/osaaf/local
- cadi:
- apiEnforcement: org.onap.so.openStackAdapterPerm
containerPort: *containerPort
# Resource Limit flavor -By Default using small
@@ -133,14 +118,14 @@ resources:
cpu: 1000m
unlimited: {}
livenessProbe:
- path: /manage/health
- port: 8087
- scheme: HTTP
- initialDelaySeconds: 600
- periodSeconds: 60
- timeoutSeconds: 10
- successThreshold: 1
- failureThreshold: 3
+ path: /manage/health
+ port: 8087
+ scheme: HTTP
+ initialDelaySeconds: 600
+ periodSeconds: 60
+ timeoutSeconds: 10
+ successThreshold: 1
+ failureThreshold: 3
ingress:
enabled: false
config: