diff options
author | Andreas Geissler <andreas-geissler@telekom.de> | 2023-02-23 09:17:36 +0100 |
---|---|---|
committer | Andreas Geissler <andreas-geissler@telekom.de> | 2023-03-06 09:12:17 +0100 |
commit | ad61ccf6cccbe9a9637ef97eb98cee8dd70dce11 (patch) | |
tree | ec44004f8807bcb7229b1452a78bd31d2ff78c16 /kubernetes/so/components/so-sdc-controller | |
parent | 5583c3cd4f0b6d6be561af051c9f0466502c10fe (diff) |
[SO] Cleanup of SO charts
Remove AAF and TLS related chart entries
Use OOM templates for deployment and service definitions
Remove so-appc-orchestrator, as it is not supported anymore
Issue-ID: OOM-3106
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: I6256aa0fbbe172752cc3d8f83edde0880de7f629
Diffstat (limited to 'kubernetes/so/components/so-sdc-controller')
5 files changed, 29 insertions, 103 deletions
diff --git a/kubernetes/so/components/so-sdc-controller/resources/config/overrides/override.yaml b/kubernetes/so/components/so-sdc-controller/resources/config/overrides/override.yaml index 50cf231a20..0630497bdb 100755 --- a/kubernetes/so/components/so-sdc-controller/resources/config/overrides/override.yaml +++ b/kubernetes/so/components/so-sdc-controller/resources/config/overrides/override.yaml @@ -51,42 +51,32 @@ request: mso: msoKey: {{ index .Values.mso.msoKey }} logPath: ./logs/sdc - config: - cadi: {{ include "so.cadi.keys" . | nindent 8}} catalog: db: spring: endpoint: http://so-catalog-db-adapter.{{ include "common.namespace" . }}:8082 db: - auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.mso.requestDb.auth )}} + auth: {{ .Values.mso.requestDb.auth }} site-name: onapheat camundaURL: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/ adapters: requestDb: endpoint: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083 - auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.mso.requestDb.auth )}} + auth: {{ .Values.mso.requestDb.auth }} aai: - {{ if (include "common.needTLS" .) }} - endpoint: https://aai.{{ include "common.namespace" . }}:8443 - {{ else }} endpoint: http://aai.{{ include "common.namespace" . }}:80 - {{ end }} asdc-connections: asdc-controller1: user: mso consumerGroup: {{ .Values.config.kafka.sdcTopic.consumerGroup }} consumerId: {{ .Values.config.kafka.sdcTopic.clientId }} environmentName: AUTO - {{ if (include "common.needTLS" .) }} - sdcAddress: sdc-be.{{ include "common.namespace" . }}:8443 - {{ else }} sdcAddress: sdc-be.{{ include "common.namespace" . }}:8080 - {{ end }} password: {{ index .Values "mso" "asdc-connections" "asdc-controller1" "password" }} pollingInterval: 60 pollingTimeout: 60 relevantArtifactTypes: HEAT,HEAT_ENV,HEAT_VOL - useHttpsWithSdc: {{ (eq "true" (include "common.needTLS" .)) | ternary true false }} + useHttpsWithSdc: false activateServerTLSAuth: false keyStorePassword: keyStorePath: diff --git a/kubernetes/so/components/so-sdc-controller/templates/configmap.yaml b/kubernetes/so/components/so-sdc-controller/templates/configmap.yaml index 050aab9732..cb40c08f77 100755 --- a/kubernetes/so/components/so-sdc-controller/templates/configmap.yaml +++ b/kubernetes/so/components/so-sdc-controller/templates/configmap.yaml @@ -14,10 +14,6 @@ # limitations under the License. */}} apiVersion: v1 -data: - LOG_PATH: {{ index .Values.logPath }} - APP: {{ index .Values.app }} - ACTIVE_PROFILE: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" "aaf" "value2" "basic")}} kind: ConfigMap metadata: name: {{ include "common.fullname" . }}-configmap @@ -27,6 +23,10 @@ metadata: chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} release: {{ include "common.release" . }} heritage: {{ .Release.Service }} +data: + LOG_PATH: {{ index .Values.logPath }} + APP: {{ index .Values.app }} + ACTIVE_PROFILE: "basic" --- apiVersion: v1 kind: ConfigMap diff --git a/kubernetes/so/components/so-sdc-controller/templates/deployment.yaml b/kubernetes/so/components/so-sdc-controller/templates/deployment.yaml index 6ee0b25cbd..4becf41897 100755 --- a/kubernetes/so/components/so-sdc-controller/templates/deployment.yaml +++ b/kubernetes/so/components/so-sdc-controller/templates/deployment.yaml @@ -15,17 +15,9 @@ */}} apiVersion: apps/v1 kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.fullname" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} +metadata: {{- include "common.resourceMetadata" . | nindent 2 }} spec: - selector: - matchLabels: - app: {{ include "common.name" . }} + selector: {{- include "common.selectors" . | nindent 4 }} replicas: {{ index .Values.replicaCount }} minReadySeconds: {{ index .Values.minReadySeconds }} strategy: @@ -34,30 +26,14 @@ spec: maxUnavailable: {{ index .Values.updateStrategy.maxUnavailable }} maxSurge: {{ index .Values.updateStrategy.maxSurge }} template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} + metadata: {{- include "common.templateMetadata" . | nindent 6 }} spec: initContainers: - {{ include "so.certificate.container_importer" . | indent 6 | trim }} {{ include "common.readinessCheck.waitFor" . | indent 6 | trim }} containers: - name: {{ include "common.name" . }} image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} resources: {{ include "common.resources" . | nindent 10 }} - {{- if .Values.global.aafEnabled }} - command: - - sh - args: - - -c - - | - export $(cat {{ .Values.soHelpers.certInitializer.credsPath }}/mycreds.prop | xargs -0) - {{- if .Values.global.security.aaf.enabled }} - export KEYSTORE_PASSWORD="${cadi_keystore_password_p12}" - {{- end }} - /app/start-app.sh - {{- end }} env: - name: DB_HOST value: {{ include "common.mariadbService" . }} @@ -77,12 +53,11 @@ spec: value: {{ .Values.config.kafka.saslMechanism }} - name: SASL_JAAS_CONFIG {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "so-sdc-kafka-secret" "key" "sasl.jaas.config") | indent 10 }} - {{ include "so.certificates.env" . | indent 8 | trim }} envFrom: - configMapRef: name: {{ include "common.fullname" . }}-configmap imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: {{ include "so.certificate.volumeMount" . | nindent 8 }} + volumeMounts: - name: logs mountPath: /app/logs - name: config @@ -91,14 +66,11 @@ spec: - name: {{ include "common.fullname" . }}-logs mountPath: /var/log/onap {{ include "so.helpers.livenessProbe" .| indent 8 }} - ports: - - containerPort: {{ index .Values.containerPort }} - name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} - protocol: TCP + ports: {{- include "common.containerPorts" . | nindent 10 }} # Filebeat sidecar container {{ include "common.log.sidecar" . | nindent 6 }} serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} - volumes: {{ include "so.certificate.volumes" . | nindent 6 }} + volumes: - name: logs emptyDir: {} - name: config diff --git a/kubernetes/so/components/so-sdc-controller/templates/service.yaml b/kubernetes/so/components/so-sdc-controller/templates/service.yaml index 5b8dee0774..495f828bfb 100755 --- a/kubernetes/so/components/so-sdc-controller/templates/service.yaml +++ b/kubernetes/so/components/so-sdc-controller/templates/service.yaml @@ -13,28 +13,4 @@ # See the License for the specific language governing permissions and # limitations under the License. */}} -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - type: {{ .Values.service.type }} - ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} - {{- end}} - selector: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} +{{ include "common.service" . }}
\ No newline at end of file diff --git a/kubernetes/so/components/so-sdc-controller/values.yaml b/kubernetes/so/components/so-sdc-controller/values.yaml index 63a641c359..dbde74808b 100755 --- a/kubernetes/so/components/so-sdc-controller/values.yaml +++ b/kubernetes/so/components/so-sdc-controller/values.yaml @@ -19,12 +19,6 @@ global: nodePortPrefixExt: 304 persistence: mountPath: /dockerdata-nfs - security: - aaf: - enabled: false - aaf: - auth: - header: Basic c29Ac28ub25hcC5vcmc6ZGVtbzEyMzQ1Ngo= mariadbGalera: serviceName: mariadb-galera servicePort: '3306' @@ -106,25 +100,19 @@ containerPort: &containerPort 8085 logPath: ./logs/sdc/ app: sdc-controller service: - type: ClusterIP - internalPort: *containerPort - externalPort: *containerPort - portName: http + type: ClusterIP + ports: + - name: http + port: *containerPort updateStrategy: - type: RollingUpdate - maxUnavailable: 1 - maxSurge: 1 + type: RollingUpdate + maxUnavailable: 1 + maxSurge: 1 ################################################################# # soHelpers part ################################################################# soHelpers: - nameOverride: so-sdc-cert-init - certInitializer: - nameOverride: so-sdc-cert-init - credsPath: /opt/app/osaaf/local - cadi: - apiEnforcement: org.onap.so.sdcControllerPerm containerPort: *containerPort # Resource Limit flavor -By Default using small @@ -147,14 +135,14 @@ resources: cpu: 1000m unlimited: {} livenessProbe: - path: /manage/health - port: 8085 - scheme: HTTP - initialDelaySeconds: 600 - periodSeconds: 60 - timeoutSeconds: 10 - successThreshold: 1 - failureThreshold: 3 + path: /manage/health + port: 8085 + scheme: HTTP + initialDelaySeconds: 600 + periodSeconds: 60 + timeoutSeconds: 10 + successThreshold: 1 + failureThreshold: 3 ingress: enabled: false nodeSelector: {} |