summaryrefslogtreecommitdiffstats
path: root/kubernetes
diff options
context:
space:
mode:
authorSylvain Desbureaux <sylvain.desbureaux@orange.com>2020-03-26 14:55:33 +0100
committerSylvain Desbureaux <sylvain.desbureaux@orange.com>2020-04-03 14:13:17 +0200
commit7896cf270efe0dbbf0aff8ced88aaffa7a5ebf15 (patch)
tree4099202790ce31ed27663aa083831990e717a3a7 /kubernetes
parent223cdf25ba1f04634d8cc31ccceb7a449395a01c (diff)
[COMMON] Faster aafConfig template
"index" function is bad in term of performance in Helm. Reworked the templates in order to avoid it. as certificates are retrieved at every boot (and as already present certs are deleted before), we don't need persistent storage Also set aafImage as a global variable in order to have a consistent use accross ONAP Issue-ID: EXTAPI-375 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: Ie3f5ae5c2a37d816afc42d2c67ebe8e40e749c79
Diffstat (limited to 'kubernetes')
-rw-r--r--kubernetes/common/common/templates/_aafconfig.tpl168
-rwxr-xr-xkubernetes/onap/values.yaml4
2 files changed, 48 insertions, 124 deletions
diff --git a/kubernetes/common/common/templates/_aafconfig.tpl b/kubernetes/common/common/templates/_aafconfig.tpl
index db7cbe8d8d..0c78cc11b9 100644
--- a/kubernetes/common/common/templates/_aafconfig.tpl
+++ b/kubernetes/common/common/templates/_aafconfig.tpl
@@ -18,11 +18,10 @@
common templates to enable aaf configs for applictaions
Parameter for aafConfig to be defined in values.yaml
- aafConfig: --> if a different key is used, call templates with argument (dict "aafRoot" "<yourkey>" "dot" .)
+ aafConfig: --> if a different key is used, call templates with argument (dict "aafRoot" .Values.<yourkey> "dot" .)
# additional scripts can be defined to handle certs
addconfig: true|false
fqdn: "sdnc"
- image: onap/aaf/aaf_agent:2.1.15
app_ns: "org.osaaf.aaf"
fqi: "sdnc@sdnc.onap.org"
fqi_namespace: org.onap.sdnc
@@ -31,19 +30,13 @@
aafDeployPass: demo123456!
cadi_latitude: "38.0"
cadi_longitude: "-72.0"
- persistence:
- enabled: true
- config.volumeReclaimPolicy: Delete
- config.accessMode: ReadWriteMany
- config.size: 40M
- config.storageClass: "manual"
- config.mountPath: "/dockerdata-nfs"
- config.mountSubPath: "sdnc/aaf"
+ secret_uid: &aaf_secret_uid my-component-aaf-deploy-creds
+
# secrets configuration, Note: create a secrets template
secrets:
- - uid: aaf-deploy-creds
+ - uid: *aaf_secret_uid
type: basicAuth
- externalSecret: '{{ ternary (tpl (default "" .Values.aafConfig.aafDeployCredsExternalSecret) .) "aafIsDiabled" .Values.global.aafEnabled }}'
+ externalSecret: '{{ ternary (tpl (default "" .Values.aafConfig.aafDeployCredsExternalSecret) .) "aafIsDisabled" .Values.global.aafEnabled }}'
login: '{{ .Values.aafConfig.aafDeployFqi }}'
password: '{{ .Values.aafConfig.aafDeployPass }}'
passwordPolicy: required
@@ -56,25 +49,18 @@
volumeMounts:
{{- if .Values.global.aafEnabled }}
- mountPath: "/opt/app/osaaf"
- name: {{ include "common.fullname" . }}-aaf-config-vol
+ name: {{ include "common.fullname" . }}-aaf-config
{{- end }}
volumes:
{{- include "common.aaf-config-volumes" . | nindent XX}}
-
- If persistence.enabled = true
- Create pvc:
- {{ include "common.aaf-config-pvc" . }}
- Create pv
- {{ include "common.aaf-config-pv" . }}
-
*/}}
{{- define "common.aaf-config" -}}
-{{- $dot := default . .dot -}}
-{{- $aafRoot := default "aafConfig" .aafRoot -}}
-{{ if .Values.global.aafEnabled }}
-- name: {{ include "common.name" . }}-aaf-readiness
- image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+{{- $dot := default . .dot -}}
+{{- $aafRoot := default $dot.Values.aafConfig .aafRoot -}}
+{{- if $dot.Values.global.aafEnabled -}}
+- name: {{ include "common.name" $dot }}-aaf-readiness
+ image: "{{ $dot.Values.global.readinessRepository }}/{{ $dot.Values.global.readinessImage }}"
+ imagePullPolicy: {{ $dot.Values.global.pullPolicy | default $dot.Values.pullPolicy }}
command:
- /root/ready.py
args:
@@ -84,143 +70,79 @@
- aaf-cm
- --container-name
- aaf-service
-
env:
- name: NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
-- name: {{ include "common.name" . }}-aaf-config
- image: {{ .Values.global.repository }}/{{index .Values $aafRoot "image" }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+- name: {{ include "common.name" $dot }}-aaf-config
+ image: {{ (default $dot.Values.repository $dot.Values.global.repository) }}/{{ $dot.Values.global.aafAgentImage }}
+ imagePullPolicy: {{ $dot.Values.global.pullPolicy | default $dot.Values.pullPolicy }}
volumeMounts:
- mountPath: "/opt/app/osaaf"
- name: {{ include "common.fullname" . }}-aaf-config-vol
- {{- if (index .Values $aafRoot "addconfig") }}
+ name: {{ include "common.fullname" $dot }}-aaf-config
+{{- if $aafRoot.addconfig }}
- name: aaf-add-config
mountPath: /opt/app/aaf_config/bin/aaf-add-config.sh
subPath: aaf-add-config.sh
- {{- end }}
+{{- end }}
command:
- sh
- -c
- |
#!/usr/bin/env bash
/opt/app/aaf_config/bin/agent.sh
- {{- if (index .Values $aafRoot "addconfig") }}
+{{- if $aafRoot.addconfig }}
/opt/app/aaf_config/bin/aaf-add-config.sh
- {{- end }}
+{{- end }}
env:
- name: APP_FQI
- value: "{{ index .Values $aafRoot "fqi" }}"
+ value: "{{ $aafRoot.fqi }}"
- name: aaf_locate_url
- value: "https://aaf-locate.{{ .Release.Namespace}}:8095"
+ value: "https://aaf-locate.{{ $dot.Release.Namespace}}:8095"
- name: aaf_locator_container
value: "oom"
- name: aaf_locator_container_ns
- value: "{{ .Release.Namespace }}"
+ value: "{{ $dot.Release.Namespace }}"
- name: aaf_locator_fqdn
- value: "{{ index .Values $aafRoot "fqdn" }}"
+ value: "{{ $aafRoot.fqdn }}"
- name: aaf_locator_app_ns
- value: "{{ index .Values $aafRoot "app_ns" }}"
+ value: "{{ $aafRoot.app_ns }}"
- name: DEPLOY_FQI
- {{- include "common.secret.envFromSecret" (dict "global" . "uid" "aaf-deploy-creds" "key" "login") | indent 6 }}
+ {{- include "common.secret.envFromSecret" (dict "global" $dot "uid" $aafRoot.secret_uid "key" "login") | indent 6 }}
- name: DEPLOY_PASSWORD
- {{- include "common.secret.envFromSecret" (dict "global" . "uid" "aaf-deploy-creds" "key" "password") | indent 6 }}
- #Note: want to put this on Nodes, evenutally
+ {{- include "common.secret.envFromSecret" (dict "global" $dot "uid" $aafRoot.secret_uid "key" "password") | indent 6 }}
+ #Note: want to put this on Nodes, eventually
- name: cadi_longitude
- value: "{{ default "52.3" (index .Values $aafRoot "cadi_longitude") }}"
+ value: "{{ default "52.3" $aafRoot.cadi_longitude }}"
- name: cadi_latitude
- value: "{{ default "13.2" (index .Values $aafRoot "cadi_latitude") }}"
+ value: "{{ default "13.2" $aafRoot.cadi_latitude }}"
#Hello specific. Clients don't don't need this, unless Registering with AAF Locator
- name: aaf_locator_public_fqdn
- value: "{{ (index .Values $aafRoot "public_fqdn") | default "" }}"
-{{- end -}}
+ value: "{{ $aafRoot.public_fqdn | default "" }}"
+{{- end -}}
{{- end -}}
-
{{- define "common.aaf-config-volume-mountpath" -}}
-{{ if .Values.global.aafEnabled }}
+{{- if .Values.global.aafEnabled -}}
- mountPath: "/opt/app/osaaf"
- name: {{ include "common.fullname" . }}-aaf-config-vol
-{{- end -}}
+ name: {{ include "common.fullname" . }}-aaf-config
+{{- end -}}
{{- end -}}
{{- define "common.aaf-config-volumes" -}}
-{{ if .Values.global.aafEnabled }}
-{{- $dot := default . .dot -}}
-{{- $aafRoot := default "aafConfig" .aafRoot -}}
-- name: {{ include "common.fullname" . }}-aaf-config-vol
- persistentVolumeClaim:
- claimName: {{ include "common.fullname" . }}-aaf-config-pvc
-{{- if (index .Values $aafRoot "addconfig") }}
+{{- $dot := default . .dot -}}
+{{- $aafRoot := default $dot.Values.aafConfig .aafRoot -}}
+{{- if $dot.Values.global.aafEnabled -}}
+- name: {{ include "common.fullname" $dot }}-aaf-config
+ emptyDir:
+ medium: Memory
+{{- if $aafRoot.addconfig }}
- name: aaf-add-config
configMap:
- name: {{ include "common.fullname" . }}-aaf-add-config
+ name: {{ include "common.fullname" $dot }}-aaf-add-config
defaultMode: 0700
-{{- end }}
-{{- end -}}
-{{- end }}
-
-{{- define "common.aaf-config-pv" -}}
-{{- $dot := default . .dot -}}
-{{- $aafRoot := default "aafConfig" .aafRoot -}}
-metadata:
- name: {{ include "common.fullname" . }}-aaf-config-pv
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}-aaf-config-pv
- chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
- name: {{ include "common.fullname" . }}
-spec:
- capacity:
- storage: {{ index .Values $aafRoot "persistence" "config" "size"}}
- accessModes:
- - {{ index .Values $aafRoot "persistence" "config" "accessMode" }}
- persistentVolumeReclaimPolicy: {{ index .Values $aafRoot "persistence" "config" "volumeReclaimPolicy" }}
- hostPath:
- path: {{ index .Values $aafRoot "persistence" "config" "mountPath" }}/{{ .Release.Name }}/{{ index .Values $aafRoot "persistence" "config" "mountSubPath" }}
-{{- if (index .Values $aafRoot "persistence" "config" "storageClass") }}
-{{- if (eq "-" (index .Values $aafRoot "persistence" "config" "storageClass")) }}
- storageClassName: ""
-{{- else }}
- storageClassName: "{{ index .Values $aafRoot "persistence" "config" "storageClass" }}"
-{{- end }}
-{{- end }}
-{{- end -}}
-
-{{- define "common.aaf-config-pvc" -}}
-{{- $dot := default . .dot -}}
-{{- $aafRoot := default "aafConfig" .aafRoot -}}
-metadata:
- name: {{ include "common.fullname" . }}-aaf-config-pvc
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
-{{- if (index .Values $aafRoot "persistence" "annotations") }}
- annotations:
-{{ toYaml (index .Values $aafRoot "persistence" "annotations" ) | indent 4 }}
-{{- end }}
-spec:
- selector:
- matchLabels:
- app: {{ include "common.name" . }}-aaf-config-pv
- accessModes:
- - {{ index .Values $aafRoot "persistence" "config" "accessMode" }}
- resources:
- requests:
- storage: {{ index .Values $aafRoot "persistence" "config" "size" }}
-{{- if (index .Values $aafRoot "persistence" "config" "storageClass") }}
-{{- if (eq "-" (index .Values $aafRoot "persistence" "config" "storageClass")) }}
- storageClassName: ""
-{{- else }}
- storageClassName: "{{ index .Values $aafRoot "persistence" "config" "storageClass" }}"
-{{- end }}
-{{- end }}
+{{- end -}}
+{{- end -}}
{{- end -}}
diff --git a/kubernetes/onap/values.yaml b/kubernetes/onap/values.yaml
index 4d69b9d3cb..40275a5696 100755
--- a/kubernetes/onap/values.yaml
+++ b/kubernetes/onap/values.yaml
@@ -71,8 +71,10 @@ global:
tls: true
# Disabling AAF
- # POC Mode, don't use it in production
+ # POC Mode, only for use in development environment
+ # Keep it enabled in production
aafEnabled: true
+ aafAgentImage: onap/aaf/aaf_agent:2.1.20
# TLS
# Set to false if you want to disable TLS for NodePorts. Be aware that this