diff options
89 files changed, 1166 insertions, 15 deletions
diff --git a/kubernetes/aai/components/aai-babel/requirements.yaml b/kubernetes/aai/components/aai-babel/requirements.yaml index 67d45f08b9..1f3e92413c 100644 --- a/kubernetes/aai/components/aai-babel/requirements.yaml +++ b/kubernetes/aai/components/aai-babel/requirements.yaml @@ -23,3 +23,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/aai/components/aai-babel/templates/deployment.yaml b/kubernetes/aai/components/aai-babel/templates/deployment.yaml index 9fe386a3c6..db3540606b 100644 --- a/kubernetes/aai/components/aai-babel/templates/deployment.yaml +++ b/kubernetes/aai/components/aai-babel/templates/deployment.yaml @@ -113,7 +113,7 @@ spec: name: {{ include "common.fullname" . }}-logs - mountPath: /usr/share/filebeat/data name: aai-filebeat - + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: - name: localtime hostPath: diff --git a/kubernetes/aai/components/aai-babel/values.yaml b/kubernetes/aai/components/aai-babel/values.yaml index 7560efde26..4a2246793e 100644 --- a/kubernetes/aai/components/aai-babel/values.yaml +++ b/kubernetes/aai/components/aai-babel/values.yaml @@ -85,3 +85,9 @@ resources: cpu: 2 memory: 2Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: aai-babel + roles: + - read diff --git a/kubernetes/aai/components/aai-graphadmin/requirements.yaml b/kubernetes/aai/components/aai-graphadmin/requirements.yaml index cf22720435..3d0f24cb29 100644 --- a/kubernetes/aai/components/aai-graphadmin/requirements.yaml +++ b/kubernetes/aai/components/aai-graphadmin/requirements.yaml @@ -24,3 +24,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/aai/components/aai-graphadmin/templates/deployment.yaml b/kubernetes/aai/components/aai-graphadmin/templates/deployment.yaml index 5e6f2bc33d..791bf61004 100644 --- a/kubernetes/aai/components/aai-graphadmin/templates/deployment.yaml +++ b/kubernetes/aai/components/aai-graphadmin/templates/deployment.yaml @@ -162,7 +162,7 @@ spec: name: {{ include "common.fullname" . }}-logs - mountPath: /usr/share/filebeat/data name: {{ include "common.fullname" . }}-filebeat - + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: - name: localtime hostPath: diff --git a/kubernetes/aai/components/aai-graphadmin/values.yaml b/kubernetes/aai/components/aai-graphadmin/values.yaml index 63c668fb9e..03d034bf05 100644 --- a/kubernetes/aai/components/aai-graphadmin/values.yaml +++ b/kubernetes/aai/components/aai-graphadmin/values.yaml @@ -246,3 +246,9 @@ resources: cpu: 1 memory: 2Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: aai-graphadmin + roles: + - read diff --git a/kubernetes/aai/components/aai-modelloader/requirements.yaml b/kubernetes/aai/components/aai-modelloader/requirements.yaml index cf22720435..3d0f24cb29 100644 --- a/kubernetes/aai/components/aai-modelloader/requirements.yaml +++ b/kubernetes/aai/components/aai-modelloader/requirements.yaml @@ -24,3 +24,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/aai/components/aai-modelloader/templates/deployment.yaml b/kubernetes/aai/components/aai-modelloader/templates/deployment.yaml index 0d24bfe957..7509f88090 100644 --- a/kubernetes/aai/components/aai-modelloader/templates/deployment.yaml +++ b/kubernetes/aai/components/aai-modelloader/templates/deployment.yaml @@ -87,6 +87,7 @@ spec: name: aai-filebeat resources: {{ include "common.resources" . }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: - name: localtime hostPath: diff --git a/kubernetes/aai/components/aai-modelloader/values.yaml b/kubernetes/aai/components/aai-modelloader/values.yaml index b235ba171c..5da0e5736f 100644 --- a/kubernetes/aai/components/aai-modelloader/values.yaml +++ b/kubernetes/aai/components/aai-modelloader/values.yaml @@ -84,3 +84,9 @@ resources: cpu: 1 memory: 1536Mi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: aai-modelloader + roles: + - read diff --git a/kubernetes/aai/components/aai-resources/requirements.yaml b/kubernetes/aai/components/aai-resources/requirements.yaml index f9ba1c1fb7..1552d53276 100644 --- a/kubernetes/aai/components/aai-resources/requirements.yaml +++ b/kubernetes/aai/components/aai-resources/requirements.yaml @@ -27,3 +27,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/aai/components/aai-resources/templates/deployment.yaml b/kubernetes/aai/components/aai-resources/templates/deployment.yaml index 1297809658..501a706f47 100644 --- a/kubernetes/aai/components/aai-resources/templates/deployment.yaml +++ b/kubernetes/aai/components/aai-resources/templates/deployment.yaml @@ -207,6 +207,7 @@ spec: - mountPath: /usr/share/filebeat/data name: {{ include "common.fullname" . }}-filebeat resources: {{ include "common.resources" . | nindent 12 }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }} - name: localtime hostPath: diff --git a/kubernetes/aai/components/aai-resources/values.yaml b/kubernetes/aai/components/aai-resources/values.yaml index f30b067b2e..c2658a5503 100644 --- a/kubernetes/aai/components/aai-resources/values.yaml +++ b/kubernetes/aai/components/aai-resources/values.yaml @@ -257,3 +257,9 @@ resources: cpu: 2 memory: 4Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: aai-resources + roles: + - read diff --git a/kubernetes/aai/components/aai-schema-service/requirements.yaml b/kubernetes/aai/components/aai-schema-service/requirements.yaml index cf22720435..3d0f24cb29 100644 --- a/kubernetes/aai/components/aai-schema-service/requirements.yaml +++ b/kubernetes/aai/components/aai-schema-service/requirements.yaml @@ -24,3 +24,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/aai/components/aai-schema-service/templates/deployment.yaml b/kubernetes/aai/components/aai-schema-service/templates/deployment.yaml index 25be4db147..d4394057e8 100644 --- a/kubernetes/aai/components/aai-schema-service/templates/deployment.yaml +++ b/kubernetes/aai/components/aai-schema-service/templates/deployment.yaml @@ -116,6 +116,7 @@ spec: name: {{ include "common.fullname" . }}-logs - mountPath: /usr/share/filebeat/data name: {{ include "common.fullname" . }}-filebeat + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: - name: aai-common-aai-auth-mount secret: diff --git a/kubernetes/aai/components/aai-schema-service/values.yaml b/kubernetes/aai/components/aai-schema-service/values.yaml index 50bd6c38b8..e7479b8818 100644 --- a/kubernetes/aai/components/aai-schema-service/values.yaml +++ b/kubernetes/aai/components/aai-schema-service/values.yaml @@ -140,3 +140,9 @@ resources: cpu: 2 memory: 4Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: aai-schema-service + roles: + - read diff --git a/kubernetes/aai/components/aai-sparky-be/requirements.yaml b/kubernetes/aai/components/aai-sparky-be/requirements.yaml index f9ba1c1fb7..1552d53276 100644 --- a/kubernetes/aai/components/aai-sparky-be/requirements.yaml +++ b/kubernetes/aai/components/aai-sparky-be/requirements.yaml @@ -27,3 +27,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/aai/components/aai-sparky-be/templates/deployment.yaml b/kubernetes/aai/components/aai-sparky-be/templates/deployment.yaml index 45ff270047..7d0dfe39e2 100644 --- a/kubernetes/aai/components/aai-sparky-be/templates/deployment.yaml +++ b/kubernetes/aai/components/aai-sparky-be/templates/deployment.yaml @@ -175,7 +175,7 @@ spec: name: aai-sparky-filebeat resources: {{ include "common.resources" . }} - + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }} - name: localtime hostPath: diff --git a/kubernetes/aai/components/aai-sparky-be/values.yaml b/kubernetes/aai/components/aai-sparky-be/values.yaml index 98dca5d11d..420517f8f0 100644 --- a/kubernetes/aai/components/aai-sparky-be/values.yaml +++ b/kubernetes/aai/components/aai-sparky-be/values.yaml @@ -144,3 +144,9 @@ resources: cpu: 0.5 memory: 2Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: aai-sparky-be + roles: + - read diff --git a/kubernetes/aai/components/aai-traversal/requirements.yaml b/kubernetes/aai/components/aai-traversal/requirements.yaml index f9ba1c1fb7..1552d53276 100644 --- a/kubernetes/aai/components/aai-traversal/requirements.yaml +++ b/kubernetes/aai/components/aai-traversal/requirements.yaml @@ -27,3 +27,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/aai/components/aai-traversal/templates/deployment.yaml b/kubernetes/aai/components/aai-traversal/templates/deployment.yaml index dc1c010261..037f811f44 100644 --- a/kubernetes/aai/components/aai-traversal/templates/deployment.yaml +++ b/kubernetes/aai/components/aai-traversal/templates/deployment.yaml @@ -233,6 +233,7 @@ spec: name: {{ include "common.fullname" . }}-filebeat resources: {{ include "common.resources" . }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }} - name: localtime hostPath: diff --git a/kubernetes/aai/components/aai-traversal/values.yaml b/kubernetes/aai/components/aai-traversal/values.yaml index ad4279a543..297de15308 100644 --- a/kubernetes/aai/components/aai-traversal/values.yaml +++ b/kubernetes/aai/components/aai-traversal/values.yaml @@ -267,3 +267,9 @@ resources: cpu: 2 memory: 4Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: aai-traversal + roles: + - read diff --git a/kubernetes/aai/requirements.yaml b/kubernetes/aai/requirements.yaml index 8b37ef737d..198439992a 100644 --- a/kubernetes/aai/requirements.yaml +++ b/kubernetes/aai/requirements.yaml @@ -62,3 +62,6 @@ dependencies: version: ~8.x-0 repository: 'file://components/aai-traversal' condition: aai-traversal.enabled + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/aai/templates/deployment.yaml b/kubernetes/aai/templates/deployment.yaml index 2ca489f2de..4b08d10e45 100644 --- a/kubernetes/aai/templates/deployment.yaml +++ b/kubernetes/aai/templates/deployment.yaml @@ -115,7 +115,7 @@ spec: affinity: {{ toYaml .Values.affinity | indent 8 }} {{- end }} - + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: - name: localtime hostPath: diff --git a/kubernetes/aai/values.yaml b/kubernetes/aai/values.yaml index ed617780f1..1cb297078e 100644 --- a/kubernetes/aai/values.yaml +++ b/kubernetes/aai/values.yaml @@ -392,3 +392,9 @@ resources: cpu: 2 memory: 2Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: aai + roles: + - read diff --git a/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/startODL.sh b/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/startODL.sh index 68b50e1ad6..97df772ba7 100755 --- a/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/startODL.sh +++ b/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/startODL.sh @@ -70,7 +70,8 @@ do printf "." sleep 1 done -echo -e "\nmariadbgalera ready" +echo +echo "mariadbgalera ready" if [ ! -d ${DBINIT_DIR} ] then diff --git a/kubernetes/common/cassandra/resources/config/docker-entrypoint.sh b/kubernetes/common/cassandra/resources/config/docker-entrypoint.sh index 5f23a89867..c01d7c6d57 100644 --- a/kubernetes/common/cassandra/resources/config/docker-entrypoint.sh +++ b/kubernetes/common/cassandra/resources/config/docker-entrypoint.sh @@ -28,7 +28,7 @@ _ip_address() { } # "sed -i", but without "mv" (which doesn't work on a bind-mounted file, for example) -_sed-in-place() { +_sed_in_place() { local filename="$1"; shift local tempFile tempFile="$(mktemp)" @@ -57,7 +57,7 @@ if [ "$1" = 'cassandra' ]; then fi : ${CASSANDRA_SEEDS:="$CASSANDRA_BROADCAST_ADDRESS"} - _sed-in-place "$CASSANDRA_CONFIG/cassandra.yaml" \ + _sed_in_place "$CASSANDRA_CONFIG/cassandra.yaml" \ -r 's/(- seeds:).*/\1 "'"$CASSANDRA_SEEDS"'"/' for yaml in \ @@ -75,7 +75,7 @@ if [ "$1" = 'cassandra' ]; then # eval presents no security issue here because of limited possible values of var eval val=\$$var if [ "$val" ]; then - _sed-in-place "$CASSANDRA_CONFIG/cassandra.yaml" \ + _sed_in_place "$CASSANDRA_CONFIG/cassandra.yaml" \ -r 's/^(# )?('"$yaml"':).*/\2 '"$val"'/' fi done @@ -85,7 +85,7 @@ if [ "$1" = 'cassandra' ]; then # eval presents no security issue here because of limited possible values of var eval val=\$$var if [ "$val" ]; then - _sed-in-place "$CASSANDRA_CONFIG/cassandra-rackdc.properties" \ + _sed_in_place "$CASSANDRA_CONFIG/cassandra-rackdc.properties" \ -r 's/^('"$rackdc"'=).*/\1 '"$val"'/' fi done diff --git a/kubernetes/contrib/components/ejbca/templates/deployment.yaml b/kubernetes/contrib/components/ejbca/templates/deployment.yaml index a10b0592de..46f7d3521c 100644 --- a/kubernetes/contrib/components/ejbca/templates/deployment.yaml +++ b/kubernetes/contrib/components/ejbca/templates/deployment.yaml @@ -23,6 +23,8 @@ spec: template: metadata: {{- include "common.templateMetadata" . | nindent 6 }} spec: + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" initContainers: - name: {{ include "common.name" . }}-db-readiness command: diff --git a/kubernetes/contrib/tools/check-for-staging-images.sh b/kubernetes/contrib/tools/check-for-staging-images.sh index 8c01312fa2..543e918cfa 100755 --- a/kubernetes/contrib/tools/check-for-staging-images.sh +++ b/kubernetes/contrib/tools/check-for-staging-images.sh @@ -40,7 +40,7 @@ printf "\n" if [ -n "$NOT_AVAILABLE_IMAGES" ]; then echo "[ERROR] Only release images are allowed in helm charts." echo "[ERROR] Images not found in release repo:" - echo -e "$NOT_AVAILABLE_IMAGES" + printf "%b$NOT_AVAILABLE_IMAGES\n" exit 1 fi -exit 0
\ No newline at end of file +exit 0 diff --git a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl index 7c9073a537..2d68b38771 100644 --- a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl +++ b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl @@ -407,7 +407,7 @@ spec: {{- end -}} {{- if $policy.duration }} - name: POLICY_SYNC_DURATION - value: {{ $policy.duration }} + value: "{{ $policy.duration }}" {{- end }} resources: {{ include "common.resources" . | nindent 2 }} volumeMounts: diff --git a/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/Chart.yaml new file mode 100644 index 0000000000..a743d62b8f --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/Chart.yaml @@ -0,0 +1,22 @@ +# ================================ LICENSE_START ============================= +# ============================================================================ +# Copyright (c) 2021 AT&T Intellectual Property +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ================================= LICENSE_END ============================== + +apiVersion: v1 +appVersion: "Honolulu" +description: DCAE BBS-EventProcessor Microservice +name: dcae-bbs-eventprocessor-ms +version: 8.0.0
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/requirements.yaml b/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/requirements.yaml new file mode 100644 index 0000000000..c6804b76b4 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/requirements.yaml @@ -0,0 +1,30 @@ +# ================================ LICENSE_START ============================= +# ============================================================================ +# Copyright (c) 2021 AT&T Intellectual Property. All rights reserved. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ================================= LICENSE_END ============================== + +dependencies: + - name: common + version: ~8.x-0 + repository: '@local' + - name: readinessCheck + version: ~8.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~8.x-0 + repository: '@local' + - name: dcaegen2-services-common + version: ~8.x-0 + repository: '@local'
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/templates/configmap.yaml b/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/templates/configmap.yaml new file mode 100644 index 0000000000..a914446c99 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/templates/configmap.yaml @@ -0,0 +1,19 @@ +{{/* +################################################################################ +# Copyright (c) 2021 AT&T Intellectual Property # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ +*/}} + +{{ include "dcaegen2-services-common.configMap" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/templates/deployment.yaml b/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/templates/deployment.yaml new file mode 100644 index 0000000000..0ad66b62a9 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/templates/deployment.yaml @@ -0,0 +1,19 @@ +{{/* +################################################################################ +# Copyright (c) 2021 AT&T Intellectual Property # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ +*/}} + +{{ include "dcaegen2-services-common.microserviceDeployment" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/templates/secret.yaml b/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/templates/secret.yaml new file mode 100644 index 0000000000..6b70356ca9 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/templates/secret.yaml @@ -0,0 +1,19 @@ +{{/* +################################################################################ +# Copyright (c) 2021 AT&T Intellectual Property # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ +*/}} + +{{ include "common.secretFast" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/templates/service.yaml b/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/templates/service.yaml new file mode 100644 index 0000000000..cf11d2a0c5 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/templates/service.yaml @@ -0,0 +1,19 @@ +{{/* +################################################################################ +# Copyright (c) 2021 AT&T Intellectual Property # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ +*/}} + +{{ include "common.service" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/values.yaml b/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/values.yaml new file mode 100644 index 0000000000..77dcaba761 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/values.yaml @@ -0,0 +1,201 @@ +# ================================ LICENSE_START ============================= +# ============================================================================ +# Copyright (c) 2021 AT&T Intellectual Property. All rights reserved. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ================================= LICENSE_END ============================== + +################################################################# +# Global Configuration Defaults. +################################################################# +global: + nodePortPrefix: 302 + nodePortPrefixExt: 304 + +################################################################# +# Filebeat Configuration Defaults. +################################################################# +filebeatConfig: + logstashServiceName: log-ls + logstashPort: 5044 + +################################################################# +# Secrets Configuration. +################################################################# +secrets: + - uid: &aafCredsUID aafcreds + type: basicAuth + login: '{{ .Values.aafCreds.identity }}' + password: '{{ .Values.aafCreds.password }}' + passwordPolicy: required + - uid: &aaiCredsUID aaicreds + type: basicAuth + login: '{{ .Values.aaiCreds.username }}' + password: '{{ .Values.aaiCreds.password }}' + passwordPolicy: required + + +################################################################# +# InitContainer Images. +################################################################# +tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 +consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.0 + +################################################################# +# Application Configuration Defaults. +################################################################# +# Application Image +image: onap/org.onap.dcaegen2.services.components.bbs-event-processor:2.1.0 +pullPolicy: Always + +# Log directory where logging sidecar should look for log files +# if absent, no sidecar will be deployed +logDirectory: /opt/app/bbs-event-processor/logs + +# Directory where TLS certs should be stored +# if absent, no certs will be retrieved and stored +certDirectory: /opt/app/bbs-event-processor/etc/cert/ + +# TLS role -- set to true if microservice acts as server +# If true, an init container will retrieve a server cert +# and key from AAF and mount them in certDirectory. +tlsServer: true + +# Dependencies +readinessCheck: + wait_for: + - dcae-config-binding-service + - aaf-cm + +# Probe Configuration +readiness: + initialDelaySeconds: 120 + periodSeconds: 180 + timeoutSeconds: 5 + path: /heartbeat + scheme: HTTP + port: 8100 + + +# Service Configuration +service: + type: ClusterIP + name: dcae-bbs-eventprocessor + ports: + - name: https + port: 8100 + port_protocol: http + +# AAF Credentials +aafCreds: + identity: dcae@dcae.onap.org + password: demo123456! + +# AAI Credentials +aaiCreds: + username: AAI + password: AAI + +credentials: +- name: AAF_USERNAME + uid: *aafCredsUID + key: login +- name: AAF_PASSWORD + uid: *aafCredsUID + key: password +- name: AAI_USERNAME + uid: *aaiCredsUID + key: login +- name: AAI_PASSWORD + uid: *aaiCredsUID + key: password + + +# Initial Application Configuration +applicationConfig: + streams_subscribes: + pnf_reregistration: + type: message_router + aaf_username: ${AAF_USERNAME} + aaf_password: ${AAF_PASSWORD} + dmaap_info: + topic_url: https:message-router:3905/events/unauthenticated.PNF_UPDATE + cpe_authentication: + type: message_router + aaf_username: ${AAF_USERNAME} + aaf_password: ${AAF_PASSWORD} + dmaap_info: + topic_url: https:message-router:3905/events/unauthenticated.CPE_AUTHENTICATION + streams_publishes: + close_loop: + type: message_router + aaf_username: ${AAF_USERNAME} + aaf_password: ${AAF_PASSWORD} + dmaap_info: + topic_url: https:message-router:3905/events/unauthenticated.DCAE_CL_OUTPUT + dmaap.protocol: https + dmaap.contentType: application/json + dmaap.consumer.consumerId: c12 + dmaap.consumer.consumerGroup: OpenDcae-c12 + dmaap.messageLimit: -1 + dmaap.timeoutMs: -1 + aai.host: aai.onap + aai.port: 8443 + aai.protocol: https + aai.username: ${AAI_USERNAME} + aai.password: ${AAF_PASSWORD} + aai.aaiIgnoreSslCertificateErrors: true + application.pipelinesPollingIntervalSec: 25 + application.pipelinesTimeoutSec: 15 + application.cbsPollingIntervalSec: 120 + application.policyVersion: 1.0.0.5 + application.clTargetType: VM + application.clEventStatus: ONSET + application.clVersion: 1.0.2 + application.clTarget: vserver.vserver-name + application.clOriginator: DCAE-BBS-ep + application.reregistration.policyScope: policyScopeReReg + application.reregistration.clControlName: clControlNameReReg + application.cpe.authentication.policyScope: policyScopeCpeAuth + application.cpe.authentication.clControlName: clControlNameCpeAuth + application.reregistration.configKey: pnf_reregistration + application.cpeAuth.configKey: cpe_authentication + application.closeLoop.configKey: close_loop + application.loggingLevel: INFO + application.ssl.keyStorePath: "/opt/app/bbs-event-processor/etc/cert/cert.jks" + application.ssl.keyStorePasswordPath: "/opt/app/bbs-event-processor/etc/cert/jks.pass" + application.ssl.trustStorePath: "/opt/app/bbs-event-processor/etc/cert/trust.jks" + application.ssl.trustStorePasswordPath: "/opt/app/bbs-event-processor/etc/cert/trust.pass" + application.ssl.enableAaiCertAuth: true + application.ssl.enableDmaapCertAuth: true + +# Resource Limit Flavor -By Default Using Small +flavor: small + +# Segregation for Different Environment (Small and Large) +resources: + small: + limits: + cpu: 1 + memory: 1Gi + requests: + cpu: 1 + memory: 1Gi + large: + limits: + cpu: 2 + memory: 2Gi + requests: + cpu: 2 + memory: 2Gi + unlimited: {} diff --git a/kubernetes/dcaegen2-services/components/dcae-restconf-collector/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-restconf-collector/Chart.yaml new file mode 100644 index 0000000000..f94f3cb70e --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-restconf-collector/Chart.yaml @@ -0,0 +1,22 @@ +# ================================ LICENSE_START ============================= +# ============================================================================ +# Copyright (c) 2021 AT&T Intellectual Property +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ================================= LICENSE_END ============================== + +apiVersion: v1 +appVersion: "Honolulu" +description: DCAE RESTConf Collector +name: dcae-restconf-collector +version: 8.0.0
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-restconf-collector/requirements.yaml b/kubernetes/dcaegen2-services/components/dcae-restconf-collector/requirements.yaml new file mode 100644 index 0000000000..c6804b76b4 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-restconf-collector/requirements.yaml @@ -0,0 +1,30 @@ +# ================================ LICENSE_START ============================= +# ============================================================================ +# Copyright (c) 2021 AT&T Intellectual Property. All rights reserved. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ================================= LICENSE_END ============================== + +dependencies: + - name: common + version: ~8.x-0 + repository: '@local' + - name: readinessCheck + version: ~8.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~8.x-0 + repository: '@local' + - name: dcaegen2-services-common + version: ~8.x-0 + repository: '@local'
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-restconf-collector/templates/configmap.yaml b/kubernetes/dcaegen2-services/components/dcae-restconf-collector/templates/configmap.yaml new file mode 100644 index 0000000000..a914446c99 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-restconf-collector/templates/configmap.yaml @@ -0,0 +1,19 @@ +{{/* +################################################################################ +# Copyright (c) 2021 AT&T Intellectual Property # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ +*/}} + +{{ include "dcaegen2-services-common.configMap" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-restconf-collector/templates/deployment.yaml b/kubernetes/dcaegen2-services/components/dcae-restconf-collector/templates/deployment.yaml new file mode 100644 index 0000000000..0ad66b62a9 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-restconf-collector/templates/deployment.yaml @@ -0,0 +1,19 @@ +{{/* +################################################################################ +# Copyright (c) 2021 AT&T Intellectual Property # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ +*/}} + +{{ include "dcaegen2-services-common.microserviceDeployment" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-restconf-collector/templates/secret.yaml b/kubernetes/dcaegen2-services/components/dcae-restconf-collector/templates/secret.yaml new file mode 100644 index 0000000000..6b70356ca9 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-restconf-collector/templates/secret.yaml @@ -0,0 +1,19 @@ +{{/* +################################################################################ +# Copyright (c) 2021 AT&T Intellectual Property # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ +*/}} + +{{ include "common.secretFast" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-restconf-collector/templates/service.yaml b/kubernetes/dcaegen2-services/components/dcae-restconf-collector/templates/service.yaml new file mode 100644 index 0000000000..cf11d2a0c5 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-restconf-collector/templates/service.yaml @@ -0,0 +1,19 @@ +{{/* +################################################################################ +# Copyright (c) 2021 AT&T Intellectual Property # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ +*/}} + +{{ include "common.service" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-restconf-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-restconf-collector/values.yaml new file mode 100644 index 0000000000..17c3694c1d --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-restconf-collector/values.yaml @@ -0,0 +1,161 @@ +# ================================ LICENSE_START ============================= +# ============================================================================ +# Copyright (c) 2021 AT&T Intellectual Property. All rights reserved. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ================================= LICENSE_END ============================== + +################################################################# +# Global Configuration Defaults. +################################################################# +global: + nodePortPrefix: 302 + nodePortPrefixExt: 304 + +################################################################# +# Filebeat Configuration Defaults. +################################################################# +filebeatConfig: + logstashServiceName: log-ls + logstashPort: 5044 + +################################################################# +# Secrets Configuration. +################################################################# +secrets: + - uid: &controllerCredsUID controllercreds + type: basicAuth + login: '{{ .Values.controllerCreds.username }}' + password: '{{ .Values.controllerCreds.password }}' + passwordPolicy: required + + +################################################################# +# InitContainer Images. +################################################################# +tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 +consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.0 + +################################################################# +# Application Configuration Defaults. +################################################################# +# Application Image +image: onap/org.onap.dcaegen2.collectors.restconfcollector:1.2.5 +pullPolicy: Always + +# Log directory where logging sidecar should look for log files +# if absent, no sidecar will be deployed +# logDirectory: /opt/app/restconfcollector/logs + +# Directory where TLS certs should be stored +# if absent, no certs will be retrieved and stored +certDirectory: /opt/app/dcae-certificate + +# TLS role -- set to true if microservice acts as server +# If true, an init container will retrieve a server cert +# and key from AAF and mount them in certDirectory. +tlsServer: true + +# Dependencies +readinessCheck: + wait_for: + - dcae-config-binding-service + - aaf-cm + +# Probe Configuration +readiness: + initialDelaySeconds: 100 + periodSeconds: 60 + timeoutSeconds: 5 + path: /healthcheck + scheme: HTTP + port: 8080 + + +# service configuration +service: + type: NodePort + name: dcae-restconf-collector + ports: + - name: http + port: 8443 + plain_port: 8080 + port_protocol: http + nodePort: 16 + useNodePortExt: true + +# AAF Credentials +controllerCreds: + username: access + password: Huawei@123 + +credentials: +- name: CONTROLLER_USERNAME + uid: *controllerCredsUID + key: login +- name: CONTROLLER_PASSWORD + uid: *controllerCredsUID + key: password + +# Initial Application Configuration +applicationConfig: + collector.rcc.appDescription: DCAE RestConf Collector Application + collector.rcc.appName: dcae-rcc + collector.rcc.dmaap.streamid: notification=device-registration + collector.rcc.inputQueue.maxPending: '8096' + tomcat.maxthreads: '200' + collector.rcc.service.port: '8080' + collector.rcc.service.secure.port: '8687' + collector.rcc.keystore.file.location: /opt/app/dcae-certificate/cert.jks + collector.rcc.keystore.passwordfile: /opt/app/dcae-certificate/jks.pass + collector.rcc.keystore.alias: dynamically generated + collector.rcc.truststore.file.location: /opt/app/dcae-certificate/trust.jks + collector.rcc.truststore.passwordfile: /opt/app/dcae-certificate/trust.pass + #collector.keystore.file.location: /opt/app/dcae-certificate/external/cert.jks + #collector.keystore.passwordfile: /opt/app/dcae-certificate/external/jks.pass + collector.header.authflag: '0' + collector.header.authlist: sample1,c2FtcGxlMQ== + collector.rcc.service.secure.clientauth: '0' + streams_publishes: + device-registration: + dmaap_info: + topic_url: http://message-router:3904/events/unauthenticated.DCAE_RCC_OUTPUT + type: message_router + #rcc_policy: '[{"controller_name":"AccessM&C","controller_restapiUrl":"${CONTROLLER_IP}:{CONTROLLER_PORT}","controller_restapiUser":"${CONTROLLER_USERNAME}","controller_restapiPassword":"${CONTROLLER_PASSWORD}","controller_accessTokenUrl":"/rest/plat/smapp/v1/oauth/token","controller_accessTokenFile":"./etc/access-token.json","controller_accessTokenMethod":"put","controller_subsMethod":"post","controller_subscriptionUrl":"/restconf/v1/operations/huawei-nce-notification-action:establish-subscription","controller_disableSsl":"true","event_details":[{"event_name":"ONT_registration","event_description":"ONTregistartionevent","event_sseventUrlEmbed":"true","event_sseventsField":"output.url","event_sseventsUrl":"null","event_subscriptionTemplate":"./etc/ont_registartion_subscription_template.json","event_unSubscriptionTemplate":"./etc/ont_registartion_unsubscription_template.json","event_ruleId":"12345678","modifyData":"true","modifyMethod": "modifyOntEvent","userData": "remote_id=AC9.0234.0337;svlan=100;cvlan=10;"}]}]' + rcc_policy: '[{"controller_name":"AccessM&C","controller_restapiUrl":"172.30.0.55:26335","controller_restapiUser":"${CONTROLLER_USERNAME}","controller_restapiPassword":"${CONTROLLER_PASSWORD}","controller_accessTokenUrl":"/rest/plat/smapp/v1/oauth/token","controller_accessTokenFile":"./etc/access-token.json","controller_accessTokenMethod":"put","controller_subsMethod":"post","controller_subscriptionUrl":"/restconf/v1/operations/huawei-nce-notification-action:establish-subscription","controller_disableSsl":"true","event_details":[{"event_name":"ONT_registration","event_description":"ONTregistartionevent","event_sseventUrlEmbed":"true","event_sseventsField":"output.url","event_sseventsUrl":"null","event_subscriptionTemplate":"./etc/ont_registartion_subscription_template.json","event_unSubscriptionTemplate":"./etc/ont_registartion_unsubscription_template.json","event_ruleId":"12345678","modifyData":"true","modifyMethod": "modifyOntEvent","userData": "remote_id=AC9.0234.0337;svlan=100;cvlan=10;"}]}]' + +#applicationEnv: +# CONTROLLER_IP: "172.30.0.55" +# CONTROLLER_PORT: "26335" + + +# Resource Limit Flavor -By Default Using Small +flavor: small + +# Segregation for Different Environment (Small and Large) +resources: + small: + limits: + cpu: 1 + memory: 1Gi + requests: + cpu: 1 + memory: 1Gi + large: + limits: + cpu: 2 + memory: 2Gi + requests: + cpu: 2 + memory: 2Gi + unlimited: {} diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-mapper/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-mapper/Chart.yaml new file mode 100644 index 0000000000..2dc74674d5 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-ves-mapper/Chart.yaml @@ -0,0 +1,22 @@ +# ================================ LICENSE_START ============================= +# ============================================================================ +# Copyright (c) 2021 AT&T Intellectual Property +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ================================= LICENSE_END ============================== + +apiVersion: v1 +appVersion: "Honolulu" +description: DCAE VES-Mapper Microservice +name: dcae-ves-mapper +version: 8.0.0
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-mapper/requirements.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-mapper/requirements.yaml new file mode 100644 index 0000000000..c6804b76b4 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-ves-mapper/requirements.yaml @@ -0,0 +1,30 @@ +# ================================ LICENSE_START ============================= +# ============================================================================ +# Copyright (c) 2021 AT&T Intellectual Property. All rights reserved. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ================================= LICENSE_END ============================== + +dependencies: + - name: common + version: ~8.x-0 + repository: '@local' + - name: readinessCheck + version: ~8.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~8.x-0 + repository: '@local' + - name: dcaegen2-services-common + version: ~8.x-0 + repository: '@local'
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-mapper/templates/configmap.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-mapper/templates/configmap.yaml new file mode 100644 index 0000000000..a914446c99 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-ves-mapper/templates/configmap.yaml @@ -0,0 +1,19 @@ +{{/* +################################################################################ +# Copyright (c) 2021 AT&T Intellectual Property # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ +*/}} + +{{ include "dcaegen2-services-common.configMap" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-mapper/templates/deployment.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-mapper/templates/deployment.yaml new file mode 100644 index 0000000000..0ad66b62a9 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-ves-mapper/templates/deployment.yaml @@ -0,0 +1,19 @@ +{{/* +################################################################################ +# Copyright (c) 2021 AT&T Intellectual Property # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ +*/}} + +{{ include "dcaegen2-services-common.microserviceDeployment" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-mapper/templates/secret.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-mapper/templates/secret.yaml new file mode 100644 index 0000000000..6b70356ca9 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-ves-mapper/templates/secret.yaml @@ -0,0 +1,19 @@ +{{/* +################################################################################ +# Copyright (c) 2021 AT&T Intellectual Property # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ +*/}} + +{{ include "common.secretFast" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-mapper/templates/service.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-mapper/templates/service.yaml new file mode 100644 index 0000000000..cf11d2a0c5 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-ves-mapper/templates/service.yaml @@ -0,0 +1,19 @@ +{{/* +################################################################################ +# Copyright (c) 2021 AT&T Intellectual Property # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ +*/}} + +{{ include "common.service" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-mapper/values.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-mapper/values.yaml new file mode 100644 index 0000000000..67d97adf19 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-ves-mapper/values.yaml @@ -0,0 +1,192 @@ +# ================================ LICENSE_START ============================= +# ============================================================================ +# Copyright (c) 2021 AT&T Intellectual Property. All rights reserved. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ================================= LICENSE_END ============================== + +################################################################# +# Global Configuration Defaults. +################################################################# +global: + nodePortPrefix: 302 + nodePortPrefixExt: 304 + +################################################################# +# Filebeat Configuration Defaults. +################################################################# +filebeatConfig: + logstashServiceName: log-ls + logstashPort: 5044 + +################################################################# +# InitContainer Images. +################################################################# +tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 +consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.0 + +################################################################# +# Application Configuration Defaults. +################################################################# +# Application Image +image: onap/org.onap.dcaegen2.services.mapper.vesadapter.universalvesadaptor:1.2.0 +pullPolicy: Always + +# Log directory where logging sidecar should look for log files +# if absent, no sidecar will be deployed +logDirectory: /opt/app/VESAdapter/logs + +# Directory where TLS certs should be stored +# if absent, no certs will be retrieved and stored +#certDirectory: /opt/app/ves-mapper/etc/certs + +# TLS role -- set to true if microservice acts as server +# If true, an init container will retrieve a server cert +# and key from AAF and mount them in certDirectory. +#tlsServer: true + +# Dependencies +readinessCheck: + wait_for: + - dcae-config-binding-service + - aaf-cm + +# Service Configuration +service: + type: ClusterIP + name: dcae-ves-mapper + ports: + - name: http + port: 80 + port_protocol: http + + +# Initial Application Configuration +applicationConfig: + app_preferences: + collectors: + - identifier: notification-id + mapping-files: + - defaultMappingFile-rcc-notification: "<?xml version='1.0' encoding='UTF-8'?><smooks-resource-list + xmlns='http://www.milyn.org/xsd/smooks-1.1.xsd' xmlns:jb='http://www.milyn.org/xsd/smooks/javabean-1.4.xsd' + xmlns:json='http://www.milyn.org/xsd/smooks/json-1.1.xsd'><json:reader rootName='vesevent' + keyWhitspaceReplacement='-'><json:keyMap><json:key from='date&time' to='date-and-time' + /></json:keyMap></json:reader><jb:bean class='org.onap.dcaegen2.ves.domain.ves70.VesEvent' + beanId='vesEvent' createOnElement='vesevent'><jb:wiring property='event' beanIdRef='event' + /></jb:bean><jb:bean class='org.onap.dcaegen2.ves.domain.ves70.Event' beanId='event' + createOnElement='vesevent'><jb:wiring property='commonEventHeader' beanIdRef='commonEventHeader' + /><jb:wiring property='pnfRegistrationFields' beanIdRef='pnfRegistrationFields' + /></jb:bean><jb:bean class='org.onap.dcaegen2.ves.domain.ves70.CommonEventHeader' + beanId='commonEventHeader' createOnElement='vesevent'><jb:expression property='version'>org.onap.dcaegen2.ves.domain.ves70.CommonEventHeader.Version._4_0_1</jb:expression><jb:expression + property='eventType'>'pnfRegistration'</jb:expression><jb:expression property='vesEventListenerVersion'>org.onap.dcaegen2.ves.domain.ves70.CommonEventHeader.VesEventListenerVersion._7_0_1</jb:expression><jb:expression + property='eventId' execOnElement='vesevent'>'registration_'+commonEventHeader.ts1</jb:expression><jb:expression + property='reportingEntityName'>'VESMapper'</jb:expression><jb:expression property='domain'>org.onap.dcaegen2.ves.domain.ves70.CommonEventHeader.Domain.PNF_REGISTRATION</jb:expression><jb:expression + property='eventName' execOnElement='vesevent'>commonEventHeader.domain</jb:expression><jb:value + property='sequence' data='0' default='0' decoder='Long' /><jb:expression property='lastEpochMicrosec' + execOnElement='vesevent'>commonEventHeader.ts1</jb:expression><jb:expression + property='startEpochMicrosec' execOnElement='vesevent'>commonEventHeader.ts1</jb:expression><jb:expression + property='priority'>org.onap.dcaegen2.ves.domain.ves70.CommonEventHeader.Priority.NORMAL</jb:expression><jb:expression + property='sourceName' execOnElement='vesevent'>pnfRegistrationFields.vendorName+'-'+pnfRegistrationFields.serialNumber</jb:expression></jb:bean><jb:bean + class='org.onap.dcaegen2.ves.domain.ves70.PnfRegistrationFields' beanId='pnfRegistrationFields' + createOnElement='vesevent'><jb:expression property='pnfRegistrationFieldsVersion'>org.onap.dcaegen2.ves.domain.ves70.PnfRegistrationFields.PnfRegistrationFieldsVersion._2_0</jb:expression><jb:value + property='serialNumber' data='pnfRegistration/serialNumber' /><jb:value property='lastServiceDate' + data='pnfRegistration/lastServiceDate' /><jb:value property='manufactureDate' + data='pnfRegistration/manufactureDate' /><jb:value property='modelNumber' + data='pnfRegistration/modelNumber' /><jb:value property='oamV4IpAddress' data='pnfRegistration/oamV4IpAddress' + /><jb:value property='oamV6IpAddress' data='pnfRegistration/oamV6IpAddress' + /><jb:value property='softwareVersion' data='pnfRegistration/softwareVersion' + /><jb:value property='unitFamily' data='pnfRegistration/unitFamily' /><jb:value + property='unitType' data='pnfRegistration/unitType' /><jb:value property='vendorName' + data='pnfRegistration/vendorName' /><jb:wiring property='additionalFields' + beanIdRef='alarmAdditionalInformation' /></jb:bean><jb:bean class='org.onap.dcaegen2.ves.domain.ves70.AlarmAdditionalInformation' + beanId='alarmAdditionalInformation' createOnElement='vesevent'><jb:wiring + property='additionalProperties' beanIdRef='additionalFields2' /></jb:bean><jb:bean + beanId='additionalFields2' class='java.util.HashMap' createOnElement='vesevent/pnfRegistration/additionalFields'><jb:value + data='pnfRegistration/additionalFields/*'/></jb:bean></smooks-resource-list>" + stream_publisher: ves-pnfRegistration + stream_subscriber: rcc-notification + - identifier: notify OID + mapping-files: + - defaultMappingFile-snmp-notification: "<?xml version='1.0' encoding='UTF-8'?><smooks-resource-list + xmlns='http://www.milyn.org/xsd/smooks-1.1.xsd' xmlns:jb='http://www.milyn.org/xsd/smooks/javabean-1.4.xsd' + xmlns:json='http://www.milyn.org/xsd/smooks/json-1.1.xsd'><json:reader rootName='vesevent' + keyWhitspaceReplacement='-'><json:keyMap><json:key from='date&time' to='date-and-time' + /></json:keyMap></json:reader><jb:bean class='org.onap.dcaegen2.ves.domain.ves54.VesEvent' + beanId='vesEvent' createOnElement='vesevent'><jb:wiring property='event' beanIdRef='event' + /></jb:bean><jb:bean class='org.onap.dcaegen2.ves.domain.ves54.Event' beanId='event' + createOnElement='vesevent'><jb:wiring property='commonEventHeader' beanIdRef='commonEventHeader' + /><jb:wiring property='faultFields' beanIdRef='faultFields' /></jb:bean><jb:bean + class='org.onap.dcaegen2.ves.domain.ves54.CommonEventHeader' beanId='commonEventHeader' + createOnElement='vesevent'><jb:expression property='version'>'3.0'</jb:expression><jb:expression + property='eventType'>'FaultField'</jb:expression><jb:expression property='eventId' + execOnElement='vesevent'>'XXXX'</jb:expression><jb:expression property='reportingEntityName'>'VESMapper'</jb:expression><jb:expression + property='domain'>org.onap.dcaegen2.ves.domain.ves54.CommonEventHeader.Domain.FAULT</jb:expression><jb:expression + property='eventName' execOnElement='vesevent'>commonEventHeader.domain</jb:expression><jb:value + property='sequence' data='0' default='0' decoder='Long' /><jb:value property='lastEpochMicrosec' + data='#/time-received' /><jb:value property='startEpochMicrosec' data='#/time-received' + /><jb:expression property='priority'>org.onap.dcaegen2.ves.domain.ves54.CommonEventHeader.Priority.NORMAL</jb:expression><jb:expression + property='sourceName'>'VesAdapter'</jb:expression></jb:bean><jb:bean class='org.onap.dcaegen2.ves.domain.ves54.FaultFields' + beanId='faultFields' createOnElement='vesevent'><jb:value property='faultFieldsVersion' + data='2.0' default='2.0' decoder='Double' /><jb:value property='alarmCondition' + data='#/trap-category' /><jb:expression property='specificProblem'>'SNMP Fault'</jb:expression><jb:expression + property='vfStatus'>org.onap.dcaegen2.ves.domain.ves54.FaultFields.VfStatus.ACTIVE</jb:expression><jb:expression + property='eventSeverity'>org.onap.dcaegen2.ves.domain.ves54.FaultFields.EventSeverity.MINOR</jb:expression><jb:wiring + property='alarmAdditionalInformation' beanIdRef='alarmAdditionalInformationroot' + /></jb:bean><jb:bean class='java.util.ArrayList' beanId='alarmAdditionalInformationroot' + createOnElement='vesevent'><jb:wiring beanIdRef='alarmAdditionalInformation' + /></jb:bean><jb:bean class='org.onap.dcaegen2.ves.domain.ves54.AlarmAdditionalInformation' + beanId='alarmAdditionalInformation' createOnElement='varbinds/element'><jb:value + property='name' data='#/varbind_oid' /><jb:value property='value' data='#/varbind_value' + /></jb:bean></smooks-resource-list>" + stream_publisher: ves-fault + stream_subscriber: snmp-notification + streams_publishes: + ves-fault: + dmaap_info: + topic_url: http://message-router:3904/events/unauthenticated.SEC_FAULT_OUTPUT + type: message_router + ves-pnfRegistration: + dmaap_info: + topic_url: http://message-router:3904/events/unauthenticated.VES_PNFREG_OUTPUT + type: message_router + streams_subscribes: + rcc-notification: + dmaap_info: + topic_url: http://message-router:3904/events/unauthenticated.DCAE_RCC_OUTPUT + type: message_router + snmp-notification: + dmaap_info: + topic_url: http://message-router:3904/events/unauthenticated.ONAP-COLLECTOR-SNMPTRAP + type: message_router + + +# Resource Limit Flavor -By Default Using Small +flavor: small + +# Segregation for Different Environment (Small and Large) +resources: + small: + limits: + cpu: 1 + memory: 1Gi + requests: + cpu: 1 + memory: 1Gi + large: + limits: + cpu: 2 + memory: 2Gi + requests: + cpu: 2 + memory: 2Gi + unlimited: {} diff --git a/kubernetes/dcaegen2-services/requirements.yaml b/kubernetes/dcaegen2-services/requirements.yaml index 63e65ea5eb..d8d0639c5d 100644 --- a/kubernetes/dcaegen2-services/requirements.yaml +++ b/kubernetes/dcaegen2-services/requirements.yaml @@ -18,6 +18,10 @@ dependencies: - name: common version: ~8.x-0 repository: '@local' + - name: dcae-bbs-eventprocessor-ms + version: ~8.x-0 + repository: '@local' + condition: dcae-bbs-eventprocessor-ms.enabled - name: dcae-datafile-collector version: ~8.x-0 repository: '@local' @@ -50,6 +54,10 @@ dependencies: version: ~8.x-0 repository: '@local' condition: dcae-prh.enabled + - name: dcae-restconf-collector + version: ~8.x-0 + repository: '@local' + condition: dcae-restconf-collector.enabled - name: dcae-slice-analysis-ms version: ~8.x-0 repository: '@local' @@ -66,3 +74,7 @@ dependencies: version: ~8.x-0 repository: '@local' condition: dcae-ves-collector.enabled + - name: dcae-ves-mapper + version: ~8.x-0 + repository: '@local' + condition: dcae-ves-mapper.enabled diff --git a/kubernetes/dcaegen2-services/values.yaml b/kubernetes/dcaegen2-services/values.yaml index 7f971fac4d..f620e126b2 100644 --- a/kubernetes/dcaegen2-services/values.yaml +++ b/kubernetes/dcaegen2-services/values.yaml @@ -16,6 +16,8 @@ # Control deployment of DCAE microservices at ONAP installation time +dcae-bbs-eventprocessor-ms: + enabled: false dcae-datafile-collector: enabled: false dcae-heartbeat: @@ -32,6 +34,8 @@ dcae-pmsh: enabled: false dcae-prh: enabled: true +dcae-restconf-collector: + enabled: false dcae-slice-analysis-ms: enabled: false dcae-son-handler: @@ -40,3 +44,5 @@ dcae-tcagen2: enabled: true dcae-ves-collector: enabled: true +dcae-ves-mapper: + enabled: false diff --git a/kubernetes/dmaap/components/message-router/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/templates/statefulset.yaml index 706fe298bd..c0d32a362b 100644 --- a/kubernetes/dmaap/components/message-router/templates/statefulset.yaml +++ b/kubernetes/dmaap/components/message-router/templates/statefulset.yaml @@ -126,6 +126,7 @@ spec: - mountPath: /appl/dmaapMR1/etc/keyfile subPath: mykey name: mykey + {{- if .Values.global.aafEnabled }} - mountPath: /appl/dmaapMR1/etc/runner-web.xml subPath: runner-web.xml name: etc @@ -134,6 +135,7 @@ spec: name: sys-props - mountPath: /jetty-config name: jetty + {{- end }} resources: {{ include "common.resources" . | nindent 12 }} volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }} - name: localtime diff --git a/kubernetes/nbi/values.yaml b/kubernetes/nbi/values.yaml index a94bd4df4a..a3dc897718 100644 --- a/kubernetes/nbi/values.yaml +++ b/kubernetes/nbi/values.yaml @@ -91,6 +91,10 @@ mariadb-galera: db: externalSecret: *dbUserSecretName name: &mysqlDbName nbi + service: + name: nbi-galera + portName: nbi-galera + internalPort: 3306 nameOverride: &nbi-galera nbi-galera replicaCount: 1 persistence: diff --git a/kubernetes/platform/components/cmpv2-cert-provider/templates/deployment.yaml b/kubernetes/platform/components/cmpv2-cert-provider/templates/deployment.yaml index 8bcbc1f7d0..c5f289f2d9 100644 --- a/kubernetes/platform/components/cmpv2-cert-provider/templates/deployment.yaml +++ b/kubernetes/platform/components/cmpv2-cert-provider/templates/deployment.yaml @@ -33,6 +33,8 @@ spec: labels: control-plane: controller-manager spec: + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" initContainers: {{ include "common.readinessCheck.waitFor" . | indent 6 | trim }} containers: diff --git a/kubernetes/platform/components/oom-cert-service/templates/deployment.yaml b/kubernetes/platform/components/oom-cert-service/templates/deployment.yaml index 9a6abd4eb9..8215ed949e 100644 --- a/kubernetes/platform/components/oom-cert-service/templates/deployment.yaml +++ b/kubernetes/platform/components/oom-cert-service/templates/deployment.yaml @@ -23,6 +23,8 @@ spec: template: metadata: {{- include "common.templateMetadata" . | nindent 6 }} spec: + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" volumes: {{- if .Values.global.addTestingComponents }} - name: cmp-servers-template-volume diff --git a/kubernetes/policy/components/policy-apex-pdp/requirements.yaml b/kubernetes/policy/components/policy-apex-pdp/requirements.yaml index 1c57aa449b..f320b219dc 100755 --- a/kubernetes/policy/components/policy-apex-pdp/requirements.yaml +++ b/kubernetes/policy/components/policy-apex-pdp/requirements.yaml @@ -27,3 +27,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/policy/components/policy-apex-pdp/templates/statefulset.yaml b/kubernetes/policy/components/policy-apex-pdp/templates/statefulset.yaml index 586f468334..4d9ff9250e 100755 --- a/kubernetes/policy/components/policy-apex-pdp/templates/statefulset.yaml +++ b/kubernetes/policy/components/policy-apex-pdp/templates/statefulset.yaml @@ -115,6 +115,7 @@ spec: affinity: {{ toYaml .Values.affinity | indent 10 }} {{- end }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "common.certInitializer.volumes" . | indent 8 }} - name: localtime diff --git a/kubernetes/policy/components/policy-apex-pdp/values.yaml b/kubernetes/policy/components/policy-apex-pdp/values.yaml index aa1daf703f..eb6292a039 100755 --- a/kubernetes/policy/components/policy-apex-pdp/values.yaml +++ b/kubernetes/policy/components/policy-apex-pdp/values.yaml @@ -133,3 +133,9 @@ resources: cpu: 20m memory: 2Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: policy-apex-pdp + roles: + - read diff --git a/kubernetes/policy/components/policy-api/requirements.yaml b/kubernetes/policy/components/policy-api/requirements.yaml index 7bc531a759..2365cd729a 100755 --- a/kubernetes/policy/components/policy-api/requirements.yaml +++ b/kubernetes/policy/components/policy-api/requirements.yaml @@ -26,3 +26,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/policy/components/policy-api/templates/deployment.yaml b/kubernetes/policy/components/policy-api/templates/deployment.yaml index 899e74e674..de0558e4cd 100755 --- a/kubernetes/policy/components/policy-api/templates/deployment.yaml +++ b/kubernetes/policy/components/policy-api/templates/deployment.yaml @@ -107,6 +107,7 @@ spec: affinity: {{ toYaml .Values.affinity | indent 10 }} {{- end }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "common.certInitializer.volumes" . | indent 8 }} - name: localtime diff --git a/kubernetes/policy/components/policy-api/values.yaml b/kubernetes/policy/components/policy-api/values.yaml index da983e5b5b..36eb5c4899 100755 --- a/kubernetes/policy/components/policy-api/values.yaml +++ b/kubernetes/policy/components/policy-api/values.yaml @@ -143,3 +143,9 @@ resources: cpu: 200m memory: 2Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: policy-api + roles: + - read diff --git a/kubernetes/policy/components/policy-clamp-be/requirements.yaml b/kubernetes/policy/components/policy-clamp-be/requirements.yaml index 88fd9d90eb..670f8cb65a 100644 --- a/kubernetes/policy/components/policy-clamp-be/requirements.yaml +++ b/kubernetes/policy/components/policy-clamp-be/requirements.yaml @@ -20,3 +20,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/policy/components/policy-clamp-be/templates/deployment.yaml b/kubernetes/policy/components/policy-clamp-be/templates/deployment.yaml index c243e30540..e61cca0e49 100644 --- a/kubernetes/policy/components/policy-clamp-be/templates/deployment.yaml +++ b/kubernetes/policy/components/policy-clamp-be/templates/deployment.yaml @@ -114,6 +114,7 @@ spec: {{- if .Values.affinity }} affinity: {{ toYaml .Values.affinity | nindent 10 }} {{- end }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }} - name: {{ include "common.fullname" . }}-config configMap: diff --git a/kubernetes/policy/components/policy-clamp-be/templates/job.yaml b/kubernetes/policy/components/policy-clamp-be/templates/job.yaml index c5c968a2e1..8fe711b825 100755 --- a/kubernetes/policy/components/policy-clamp-be/templates/job.yaml +++ b/kubernetes/policy/components/policy-clamp-be/templates/job.yaml @@ -30,6 +30,8 @@ spec: app: {{ include "common.name" . }}-policy-clamp-job release: {{ include "common.release" . }} spec: + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" initContainers: #This container checks that all galera instances are up before initializing it. - name: {{ include "common.name" . }}-readiness diff --git a/kubernetes/policy/components/policy-clamp-be/values.yaml b/kubernetes/policy/components/policy-clamp-be/values.yaml index 71d2517be1..dcbe59c382 100644 --- a/kubernetes/policy/components/policy-clamp-be/values.yaml +++ b/kubernetes/policy/components/policy-clamp-be/values.yaml @@ -156,3 +156,9 @@ resources: cpu: 10m memory: 3Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: policy-clamp-be + roles: + - read diff --git a/kubernetes/policy/components/policy-clamp-fe/requirements.yaml b/kubernetes/policy/components/policy-clamp-fe/requirements.yaml index 88fd9d90eb..670f8cb65a 100644 --- a/kubernetes/policy/components/policy-clamp-fe/requirements.yaml +++ b/kubernetes/policy/components/policy-clamp-fe/requirements.yaml @@ -20,3 +20,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/policy/components/policy-clamp-fe/templates/deployment.yaml b/kubernetes/policy/components/policy-clamp-fe/templates/deployment.yaml index 97c7919389..1349558651 100644 --- a/kubernetes/policy/components/policy-clamp-fe/templates/deployment.yaml +++ b/kubernetes/policy/components/policy-clamp-fe/templates/deployment.yaml @@ -91,6 +91,7 @@ spec: affinity: {{ toYaml .Values.affinity | indent 10 }} {{- end }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }} - name: {{ include "common.fullname" . }}-config configMap: diff --git a/kubernetes/policy/components/policy-clamp-fe/values.yaml b/kubernetes/policy/components/policy-clamp-fe/values.yaml index 9712a38e10..a7c8d6defa 100644 --- a/kubernetes/policy/components/policy-clamp-fe/values.yaml +++ b/kubernetes/policy/components/policy-clamp-fe/values.yaml @@ -146,3 +146,9 @@ resources: cpu: 10m memory: 50Mi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: policy-clamp-fe + roles: + - read diff --git a/kubernetes/policy/components/policy-distribution/requirements.yaml b/kubernetes/policy/components/policy-distribution/requirements.yaml index 0006e4965a..db84102327 100755 --- a/kubernetes/policy/components/policy-distribution/requirements.yaml +++ b/kubernetes/policy/components/policy-distribution/requirements.yaml @@ -27,3 +27,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/policy/components/policy-distribution/templates/deployment.yaml b/kubernetes/policy/components/policy-distribution/templates/deployment.yaml index 04db6d70c7..4745aac23b 100755 --- a/kubernetes/policy/components/policy-distribution/templates/deployment.yaml +++ b/kubernetes/policy/components/policy-distribution/templates/deployment.yaml @@ -121,6 +121,7 @@ spec: affinity: {{ toYaml .Values.affinity | indent 10 }} {{- end }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "common.certInitializer.volumes" . | indent 8 }} - name: localtime diff --git a/kubernetes/policy/components/policy-distribution/values.yaml b/kubernetes/policy/components/policy-distribution/values.yaml index 6788613ceb..fb6ef6e039 100755 --- a/kubernetes/policy/components/policy-distribution/values.yaml +++ b/kubernetes/policy/components/policy-distribution/values.yaml @@ -155,3 +155,9 @@ resources: cpu: 200m memory: 2Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: policy-distribution + roles: + - read diff --git a/kubernetes/policy/components/policy-drools-pdp/requirements.yaml b/kubernetes/policy/components/policy-drools-pdp/requirements.yaml index 29b1053600..6c540a4bcf 100755 --- a/kubernetes/policy/components/policy-drools-pdp/requirements.yaml +++ b/kubernetes/policy/components/policy-drools-pdp/requirements.yaml @@ -23,3 +23,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/policy/components/policy-drools-pdp/templates/statefulset.yaml b/kubernetes/policy/components/policy-drools-pdp/templates/statefulset.yaml index 7e9c6cfde8..d389246b5c 100755 --- a/kubernetes/policy/components/policy-drools-pdp/templates/statefulset.yaml +++ b/kubernetes/policy/components/policy-drools-pdp/templates/statefulset.yaml @@ -125,6 +125,7 @@ spec: affinity: {{ toYaml .Values.affinity | indent 10 }} {{- end }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "common.certInitializer.volumes" . | indent 8 }} - name: localtime diff --git a/kubernetes/policy/components/policy-drools-pdp/values.yaml b/kubernetes/policy/components/policy-drools-pdp/values.yaml index 4eb37c6106..38d398998c 100755 --- a/kubernetes/policy/components/policy-drools-pdp/values.yaml +++ b/kubernetes/policy/components/policy-drools-pdp/values.yaml @@ -188,3 +188,9 @@ resources: cpu: 200m memory: 2Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: policy-drools-pdp + roles: + - read diff --git a/kubernetes/policy/components/policy-nexus/requirements.yaml b/kubernetes/policy/components/policy-nexus/requirements.yaml index 343812db25..20cc48f360 100755 --- a/kubernetes/policy/components/policy-nexus/requirements.yaml +++ b/kubernetes/policy/components/policy-nexus/requirements.yaml @@ -23,3 +23,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/policy/components/policy-nexus/templates/deployment.yaml b/kubernetes/policy/components/policy-nexus/templates/deployment.yaml index 3d5d59fea2..4c945f4605 100755 --- a/kubernetes/policy/components/policy-nexus/templates/deployment.yaml +++ b/kubernetes/policy/components/policy-nexus/templates/deployment.yaml @@ -83,6 +83,7 @@ spec: affinity: {{ toYaml .Values.affinity | indent 10 }} {{- end }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "nothing" "dot" . )}} volumes: - name: localtime hostPath: diff --git a/kubernetes/policy/components/policy-nexus/values.yaml b/kubernetes/policy/components/policy-nexus/values.yaml index 7801b525f2..3d77e67456 100755 --- a/kubernetes/policy/components/policy-nexus/values.yaml +++ b/kubernetes/policy/components/policy-nexus/values.yaml @@ -92,3 +92,9 @@ resources: cpu: 2m memory: 1Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: policy-nexus + roles: + - nothing diff --git a/kubernetes/policy/components/policy-pap/requirements.yaml b/kubernetes/policy/components/policy-pap/requirements.yaml index 3f0071ab7c..18de3a6517 100755 --- a/kubernetes/policy/components/policy-pap/requirements.yaml +++ b/kubernetes/policy/components/policy-pap/requirements.yaml @@ -27,3 +27,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/policy/components/policy-pap/templates/deployment.yaml b/kubernetes/policy/components/policy-pap/templates/deployment.yaml index a02752c033..77474a8387 100755 --- a/kubernetes/policy/components/policy-pap/templates/deployment.yaml +++ b/kubernetes/policy/components/policy-pap/templates/deployment.yaml @@ -122,6 +122,7 @@ spec: affinity: {{ toYaml .Values.affinity | indent 10 }} {{- end }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "common.certInitializer.volumes" . | indent 8 }} - name: localtime diff --git a/kubernetes/policy/components/policy-pap/values.yaml b/kubernetes/policy/components/policy-pap/values.yaml index 18e0e3e171..3c4c3e5ec6 100755 --- a/kubernetes/policy/components/policy-pap/values.yaml +++ b/kubernetes/policy/components/policy-pap/values.yaml @@ -169,3 +169,9 @@ resources: cpu: 200m memory: 2Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: policy-pap + roles: + - read diff --git a/kubernetes/policy/components/policy-xacml-pdp/requirements.yaml b/kubernetes/policy/components/policy-xacml-pdp/requirements.yaml index 7bc531a759..2365cd729a 100755 --- a/kubernetes/policy/components/policy-xacml-pdp/requirements.yaml +++ b/kubernetes/policy/components/policy-xacml-pdp/requirements.yaml @@ -26,3 +26,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/policy/components/policy-xacml-pdp/templates/deployment.yaml b/kubernetes/policy/components/policy-xacml-pdp/templates/deployment.yaml index 73ae6dd55a..2da0035fa0 100755 --- a/kubernetes/policy/components/policy-xacml-pdp/templates/deployment.yaml +++ b/kubernetes/policy/components/policy-xacml-pdp/templates/deployment.yaml @@ -131,6 +131,7 @@ spec: affinity: {{ toYaml .Values.affinity | indent 10 }} {{- end }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "common.certInitializer.volumes" . | indent 8 }} - name: localtime diff --git a/kubernetes/policy/components/policy-xacml-pdp/values.yaml b/kubernetes/policy/components/policy-xacml-pdp/values.yaml index 64c00e9bed..9eda53ee9b 100755 --- a/kubernetes/policy/components/policy-xacml-pdp/values.yaml +++ b/kubernetes/policy/components/policy-xacml-pdp/values.yaml @@ -152,3 +152,9 @@ resources: cpu: 200m memory: 2Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: policy-xacml-pdp + roles: + - read diff --git a/kubernetes/policy/requirements.yaml b/kubernetes/policy/requirements.yaml index 33447a2571..c98d4fc7a8 100755 --- a/kubernetes/policy/requirements.yaml +++ b/kubernetes/policy/requirements.yaml @@ -59,3 +59,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/policy/templates/job.yaml b/kubernetes/policy/templates/job.yaml index f2a55879ee..72c94f30c5 100755 --- a/kubernetes/policy/templates/job.yaml +++ b/kubernetes/policy/templates/job.yaml @@ -30,6 +30,8 @@ spec: app: {{ include "common.name" . }}-job release: {{ include "common.release" . }} spec: + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" initContainers: #This container checks that all galera instances are up before initializing it. - name: {{ include "common.name" . }}-readiness @@ -70,6 +72,7 @@ spec: resources: {{ include "common.resources" . }} restartPolicy: Never + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: - name: {{ include "common.fullname" . }}-config configMap: diff --git a/kubernetes/policy/values.yaml b/kubernetes/policy/values.yaml index 678772c481..92344dd2fe 100755 --- a/kubernetes/policy/values.yaml +++ b/kubernetes/policy/values.yaml @@ -148,3 +148,8 @@ resources: memory: 2Gi unlimited: {} +#Pods Service Account +serviceAccount: + nameOverride: policy + roles: + - read diff --git a/kubernetes/portal/components/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh b/kubernetes/portal/components/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh index 40341bec11..3d5e13ff5a 100644 --- a/kubernetes/portal/components/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh +++ b/kubernetes/portal/components/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh @@ -87,7 +87,7 @@ docker_process_init_files() { mysql_check_config() { local toRun=( "$@" --verbose --help --log-bin-index="$(mktemp -u)" ) errors if ! errors="$("${toRun[@]}" 2>&1 >/dev/null)"; then - mysql_error $'mysqld failed while attempting to check config\n\tcommand was: '"${toRun[*]}"$'\n\t'"$errors" + mysql_error "$(printf 'mysqld failed while attempting to check config\n\tcommand was: ')${toRun[*]}$(printf'\n\t')$errors" fi } @@ -134,7 +134,7 @@ docker_temp_server_stop() { # Verify that the minimally required password settings are set for new databases. docker_verify_minimum_env() { if [ -z "$MYSQL_ROOT_PASSWORD" -a -z "$MYSQL_ALLOW_EMPTY_PASSWORD" -a -z "$MYSQL_RANDOM_ROOT_PASSWORD" ]; then - mysql_error $'Database is uninitialized and password option is not specified\n\tYou need to specify one of MYSQL_ROOT_PASSWORD, MYSQL_ALLOW_EMPTY_PASSWORD and MYSQL_RANDOM_ROOT_PASSWORD' + mysql_error "$(printf'Database is uninitialized and password option is not specified\n\tYou need to specify one of MYSQL_ROOT_PASSWORD, MYSQL_ALLOW_EMPTY_PASSWORD and MYSQL_RANDOM_ROOT_PASSWORD')" fi } diff --git a/kubernetes/robot/demo-k8s.sh b/kubernetes/robot/demo-k8s.sh index 5e4e216c95..0d30557220 100755 --- a/kubernetes/robot/demo-k8s.sh +++ b/kubernetes/robot/demo-k8s.sh @@ -93,7 +93,10 @@ do case $key in init_robot) TAG="UpdateWebPage" - read -s -p "WEB Site Password for user 'test': " WEB_PASSWORD + echo "WEB Site Password for user 'test': " + stty -echo + read WEB_PASSWORD + stty echo if [ "$WEB_PASSWORD" = "" ]; then echo "" echo "WEB Password is required for user 'test'" |