diff options
46 files changed, 415 insertions, 300 deletions
diff --git a/kubernetes/cds/charts/cds-blueprints-processor/templates/deployment.yaml b/kubernetes/cds/charts/cds-blueprints-processor/templates/deployment.yaml index c2b9f9d8cb..8e9b6db2af 100755 --- a/kubernetes/cds/charts/cds-blueprints-processor/templates/deployment.yaml +++ b/kubernetes/cds/charts/cds-blueprints-processor/templates/deployment.yaml @@ -80,9 +80,9 @@ spec: httpHeaders: - name: Authorization value: Basic Y2NzZGthcHBzOmNjc2RrYXBwcw== - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + timeoutSeconds: {{ .Values.readiness.timeoutSeconds }} volumeMounts: - mountPath: /etc/localtime name: localtime diff --git a/kubernetes/cds/charts/cds-command-executor/templates/deployment.yaml b/kubernetes/cds/charts/cds-command-executor/templates/deployment.yaml index 1737290090..bbeeea26bb 100755 --- a/kubernetes/cds/charts/cds-command-executor/templates/deployment.yaml +++ b/kubernetes/cds/charts/cds-command-executor/templates/deployment.yaml @@ -62,9 +62,9 @@ spec: readinessProbe: tcpSocket: port: {{ .Values.service.grpc.internalPort }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + timeoutSeconds: {{ .Values.readiness.timeoutSeconds }} volumeMounts: - mountPath: /etc/localtime name: localtime diff --git a/kubernetes/common/etcd/Chart.yaml b/kubernetes/common/etcd/Chart.yaml index a01524c42f..012a4e13ce 100644 --- a/kubernetes/common/etcd/Chart.yaml +++ b/kubernetes/common/etcd/Chart.yaml @@ -11,7 +11,8 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - + +apiVersion: v1 name: etcd home: https://github.com/coreos/etcd version: 5.0.0 diff --git a/kubernetes/common/mariadb-galera/templates/pvc.yaml b/kubernetes/common/mariadb-galera/templates/pvc.yaml deleted file mode 100644 index e27c3311e9..0000000000 --- a/kubernetes/common/mariadb-galera/templates/pvc.yaml +++ /dev/null @@ -1,48 +0,0 @@ -{{/* -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" -{{- if .Values.persistence.annotations }} - annotations: -{{ toYaml .Values.persistence.annotations | indent 4 }} -{{- end }} -spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }} - accessModes: - - {{ .Values.persistence.accessMode }} - resources: - requests: - storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} -{{- end -}} diff --git a/kubernetes/common/music/charts/music-cassandra/templates/statefulset.yaml b/kubernetes/common/music/charts/music-cassandra/templates/statefulset.yaml index ae5f7c5a81..514bccc785 100644 --- a/kubernetes/common/music/charts/music-cassandra/templates/statefulset.yaml +++ b/kubernetes/common/music/charts/music-cassandra/templates/statefulset.yaml @@ -106,7 +106,7 @@ spec: - name: {{ template "common.name" . }}-data mountPath: /var/lib/cassandra resources: -{{ toYaml .Values.resources | indent 10 }} +{{ include "common.resources" . | indent 12 }} volumes: - name: localtime hostPath: diff --git a/kubernetes/common/music/charts/music-cassandra/values.yaml b/kubernetes/common/music/charts/music-cassandra/values.yaml index d18dc68e67..f0888c12e6 100644 --- a/kubernetes/common/music/charts/music-cassandra/values.yaml +++ b/kubernetes/common/music/charts/music-cassandra/values.yaml @@ -110,10 +110,22 @@ persistence: storageType: local storageClass: "" +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) resources: - limits: - cpu: 4 - memory: 8Gi - requests: - cpu: 2 - memory: 4Gi + small: + limits: + cpu: 500m + memory: 1.2Gi + requests: + cpu: 160m + memory: 900Mi + large: + limits: + cpu: 4 + memory: 10Gi + requests: + cpu: 2 + memory: 6Gi + unlimited: {} diff --git a/kubernetes/common/music/charts/music-tomcat/templates/deployment.yaml b/kubernetes/common/music/charts/music-tomcat/templates/deployment.yaml index 2e04b15561..2a38a6aad0 100755 --- a/kubernetes/common/music/charts/music-tomcat/templates/deployment.yaml +++ b/kubernetes/common/music/charts/music-tomcat/templates/deployment.yaml @@ -40,7 +40,7 @@ spec: - /root/ready.py args: - --container-name - - zookeeper + - zookeeper env: - name: NAMESPACE valueFrom: @@ -101,7 +101,7 @@ spec: mountPath: /opt/app/music/etc/music.properties subPath: music.properties resources: -{{ toYaml .Values.resources | indent 10 }} +{{ include "common.resources" . | indent 12 }} volumes: - name: shared-data emptyDir: {} diff --git a/kubernetes/common/music/charts/music-tomcat/values.yaml b/kubernetes/common/music/charts/music-tomcat/values.yaml index 05a1b17169..b91ffbd4e4 100755 --- a/kubernetes/common/music/charts/music-tomcat/values.yaml +++ b/kubernetes/common/music/charts/music-tomcat/values.yaml @@ -81,14 +81,26 @@ service: ingress: enabled: false -#resources: {} +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) resources: - limits: - cpu: 2 - memory: 2Gi - requests: - cpu: 2 - memory: 1Gi + small: + limits: + cpu: 900m + memory: 460Mi + requests: + cpu: 550m + memory: 360Mi + large: + limits: + cpu: 4 + memory: 2Gi + requests: + cpu: 2 + memory: 1Gi + unlimited: {} + properties: @@ -100,4 +112,3 @@ properties: # Admin API # ONAP AAF aafAdminUrl: - diff --git a/kubernetes/common/music/charts/zookeeper/values.yaml b/kubernetes/common/music/charts/zookeeper/values.yaml index ea02e6151e..550dbf272b 100644 --- a/kubernetes/common/music/charts/zookeeper/values.yaml +++ b/kubernetes/common/music/charts/zookeeper/values.yaml @@ -54,23 +54,23 @@ ports: protocol: TCP # Protocol for zookeeper container server port. # Resource Limit flavor -By Default using small -flavor: large +flavor: small # Segregation for Different environment (Small and Large) resources: small: limits: - cpu: 1 - memory: 1Gi + cpu: 500m + memory: 900Mi requests: - cpu: 500m - memory: 500Mi + cpu: 10m + memory: 730Mi large: limits: cpu: 3 memory: 2Gi requests: - cpu: 2 - memory: 1Gi + cpu: 2 + memory: 1Gi unlimited: {} nodeSelector: {} # Node label-values required to run zookeeper pods. @@ -78,7 +78,7 @@ nodeSelector: {} # Node label-values required to run zookeeper pods. tolerations: [] # Node taint overrides for zookeeper pods. affinity: {} # Criteria by which pod label-values influence scheduling for zookeeper pods. -affinity: +affinity: podAntiAffinity: requiredDuringSchedulingIgnoredDuringExecution: - topologyKey: "kubernetes.io/hostname" diff --git a/kubernetes/contrib/charts/awx/charts/awx-postgres/values.yaml b/kubernetes/contrib/charts/awx/charts/awx-postgres/values.yaml index 79fe5104b2..09012ead47 100755 --- a/kubernetes/contrib/charts/awx/charts/awx-postgres/values.yaml +++ b/kubernetes/contrib/charts/awx/charts/awx-postgres/values.yaml @@ -64,7 +64,7 @@ persistence: # storageClass: "nfs-dev-sc" - accessMode: ReadWriteMany + accessMode: ReadWriteOnce size: 1Gi # When using storage class, mountPath and mountSubPath are diff --git a/kubernetes/contrib/charts/awx/charts/awx/values.yaml b/kubernetes/contrib/charts/awx/charts/awx/values.yaml index 5974de32ff..ffacea54a0 100755 --- a/kubernetes/contrib/charts/awx/charts/awx/values.yaml +++ b/kubernetes/contrib/charts/awx/charts/awx/values.yaml @@ -76,7 +76,7 @@ persistence: # storageClass: "nfs-dev-sc" - accessMode: ReadWriteMany + accessMode: ReadWriteOnce size: 5Gi # When using storage class, mountPath and mountSubPath are diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-postgres/values.yaml b/kubernetes/contrib/charts/netbox/charts/netbox-postgres/values.yaml index f2def04359..1db2457171 100755 --- a/kubernetes/contrib/charts/netbox/charts/netbox-postgres/values.yaml +++ b/kubernetes/contrib/charts/netbox/charts/netbox-postgres/values.yaml @@ -64,7 +64,7 @@ persistence: # storageClass: "nfs-dev-sc" - accessMode: ReadWriteMany + accessMode: ReadWriteOnce size: 1Gi # When using storage class, mountPath and mountSubPath are diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml b/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml index d1b9170e69..00a285bd3d 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml +++ b/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml @@ -101,8 +101,8 @@ default_k8s_location: central # DCAE component images to be deployed via Cloudify Manager # Use to override default setting in blueprints componentImages: - holmes_rules: onap/holmes/rule-management:1.2.6 - holmes_engine: onap/holmes/engine-management:1.2.5 + holmes_rules: onap/holmes/rule-management:1.2.7 + holmes_engine: onap/holmes/engine-management:1.2.6 tca: onap/org.onap.dcaegen2.deployments.tca-cdap-container:1.1.2 ves: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.4.5 snmptrap: onap/org.onap.dcaegen2.collectors.snmptrap:1.4.0 diff --git a/kubernetes/dmaap/components/dmaap-bc/resources/config/dmaapbc.properties b/kubernetes/dmaap/components/dmaap-bc/resources/config/dmaapbc.properties index bcfefe93cf..e43182daa3 100644 --- a/kubernetes/dmaap/components/dmaap-bc/resources/config/dmaapbc.properties +++ b/kubernetes/dmaap/components/dmaap-bc/resources/config/dmaapbc.properties @@ -25,7 +25,7 @@ # ##################################################### # Indicator for whether to use AAF -UseAAF: true +UseAAF: {{ .Values.global.aafEnabled }} # csit: stubs out some southbound APIs for csit csit: No diff --git a/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml b/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml index fffd4db847..f362f1c901 100644 --- a/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml +++ b/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml @@ -31,11 +31,8 @@ spec: app: {{ include "common.name" . }} release: {{ .Release.Name }} spec: - hostAliases: - - ip: "10.12.5.145" - hostnames: - - "aaf-onap-test.osaaf.org" initContainers: +{{- if .Values.global.aafEnabled }} - command: - /root/ready.py args: @@ -50,7 +47,8 @@ spec: image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }}-aaf-readiness -{{ if .Values.PG.enabled }} +{{- end }} +{{- if .Values.PG.enabled }} - command: - /root/ready.py args: @@ -73,7 +71,7 @@ spec: ports: - containerPort: {{ .Values.service.internalPort }} - containerPort: {{ .Values.service.internalPort2 }} - {{if eq .Values.liveness.enabled true }} + {{ if eq .Values.liveness.enabled true -}} livenessProbe: httpGet: port: {{ .Values.service.internalPort }} @@ -92,7 +90,6 @@ spec: - mountPath: /etc/localtime name: localtime readOnly: true - # NOTE: on the following several configMaps, careful to include / at end # since there may be more than one file in each mountPath - name: {{ include "common.name" . }}-config @@ -100,9 +97,8 @@ spec: - name: {{ include "common.name" . }}-aaf-config mountPath: /opt/app/dmaapbc/etc/org.onap.dmaap-bc.props subPath: org.onap.dmaap-bc.props - resources: -{{ include "common.resources" . | indent 12 }} +{{ include "common.resources" . }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/dmaap/components/dmaap-dr-node/resources/config/drNodeCadi.properties b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/drNodeCadi.properties deleted file mode 100644 index 043bb8bced..0000000000 --- a/kubernetes/dmaap/components/dmaap-dr-node/resources/config/drNodeCadi.properties +++ /dev/null @@ -1,23 +0,0 @@ -cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US -cadi_keyfile=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.keyfile -cadi_keystore=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.jks -cadi_keystore_password=WGxd2P6MDo*Bi4+UdzWs{?$8 -cadi_key_password=WGxd2P6MDo*Bi4+UdzWs{?$8 -cadi_alias=dmaap-dr-node@dmaap-dr.onap.org -cadi_truststore=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.trust.jks -cadi_truststore_password=)OBvCd{e{aWq.^mJJdX:S:1& - -aaf_env=DEV -aaf_locate_url=https://aaf-locate:8095 -aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.1/introspect -aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.1/token -aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.1 -cadi_protocols=TLSv1.1,TLSv1.2 -cm_url=https://AAF_LOCATE_URL/AAF_NS.cm:2.1 -fs_url=https://AAF_LOCATE_URL/AAF_NS.fs.2.1 -gui_url=https://AAF_LOCATE_URL/AAF_NS.gui.2.1 - -cadi_latitude=53.423 -cadi_longitude=7.940 - -cadi_loglevel=INFO
\ No newline at end of file diff --git a/kubernetes/dmaap/components/dmaap-dr-node/resources/config/node.properties b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/node.properties index 4379dfbf1d..3a95b5a221 100644 --- a/kubernetes/dmaap/components/dmaap-dr-node/resources/config/node.properties +++ b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/node.properties @@ -71,43 +71,19 @@ SpoolDir=/opt/app/datartr/spool # # The path to the redirection data file # -#RedirectionFile: etc/redirections.dat +RedirectionFile = etc/redirections.dat # # The type of keystore for https -# -KeyStoreType=jks -# -# The path to the keystore for https -# -KeyStoreFile=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.jks -# -# The password for the https keystore -# -KeyStorePassword=WGxd2P6MDo*Bi4+UdzWs{?$8 -# -# The password for the private key in the https keystore -# -KeyPassword=WGxd2P6MDo*Bi4+UdzWs{?$8 +KeyStoreType = PKCS12 # # The type of truststore for https -# -TrustStoreType=jks -# -# The path to the truststore for https -# -TrustStoreFile=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.trust.jks -# -# The password for the https truststore -# -TrustStorePassword=)OBvCd{e{aWq.^mJJdX:S:1& +TrustStoreType = jks # # The path to the file used to trigger an orderly shutdown -# -QuiesceFile=etc/SHUTDOWN +QuiesceFile = etc/SHUTDOWN # # The key used to generate passwords for node to node transfers -# -NodeAuthKey=Node123! +NodeAuthKey = Node123! # # DR_NODE DEFAULT ENABLED TLS PROTOCOLS NodeHttpsProtocols = TLSv1.1|TLSv1.2 @@ -121,9 +97,9 @@ AAFInstance = legacy # AAF action to generate permission string - default should be publish AAFAction = publish # -# AAF URL to connect to AAF server -AafUrl = https://aaf-locate:8095 -# # AAF CADI enabled flag CadiEnabled = false +# +# AAF Props file path +AAFPropsFilePath = /opt/app/osaaf/local/org.onap.dmaap-dr.props diff --git a/kubernetes/dmaap/components/dmaap-dr-node/templates/pv.yaml b/kubernetes/dmaap/components/dmaap-dr-node/templates/pv.yaml index 016a6ea023..90a9c2c26b 100644 --- a/kubernetes/dmaap/components/dmaap-dr-node/templates/pv.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-node/templates/pv.yaml @@ -58,4 +58,27 @@ spec: storageClassName: "{{ include "common.fullname" . }}-event-logs-stcl" persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} hostPath: - path: {{ .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.eventLogsMountSubPath }}
\ No newline at end of file + path: {{ .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.eventLogsMountSubPath }} +--- +{{- if .Values.global.aafEnabled }} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }}-aaf-props-pv + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }}-aaf-props-pv +spec: + capacity: + storage: {{ .Values.persistence.aafCredsSize }} + accessModes: + - {{ .Values.persistence.accessMode }} + storageClassName: "{{ include "common.fullname" . }}-aaf-props-stcl" + persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.aafCredsMountSubPath }} +{{ end -}}
\ No newline at end of file diff --git a/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml b/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml index a190d0d7d2..9dd5f20748 100644 --- a/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml @@ -45,6 +45,38 @@ spec: fieldRef: apiVersion: v1 fieldPath: metadata.namespace + {{- if .Values.global.aafEnabled }} + - name: {{ include "common.name" . }}-dr-node-aaf-config + image: "{{ include "common.repository" . }}/{{ .Values.global.aafAgentImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - mountPath: {{ .Values.persistence.aafCredsPath }} + name: {{ include "common.fullname" . }}-aaf-props-pvc + command: ["bash","-c","exec /opt/app/aaf_config/bin/agent.sh"] + env: + - name: APP_FQI + value: "{{ .Values.aafConfig.fqi }}" + - name: aaf_locate_url + value: "https://aaf-locate.{{ .Release.Namespace }}:8095" + - name: aaf_locator_container + value: "{{ .Values.global.aafLocatorContainer }}" + - name: aaf_locator_container_ns + value: "{{ .Release.Namespace }}" + - name: aaf_locator_fqdn + value: "{{ .Values.aafConfig.fqdn }}" + - name: aaf_locator_public_fqdn + value: "{{.Values.aafConfig.publicFqdn}}" + - name: aaf_locator_app_ns + value: "{{ .Values.global.aafAppNs }}" + - name: DEPLOY_FQI + value: "{{ .Values.aafConfig.aafDeployFqi }}" + - name: DEPLOY_PASSWORD + value: "{{ .Values.aafConfig.aafDeployPass }}" + - name: cadi_longitude + value: "{{ .Values.aafConfig.cadiLongitude }}" + - name: cadi_latitude + value: "{{ .Values.aafConfig.cadiLatitude }}" + {{- end }} - name: {{ include "common.name" . }}-permission-fixer image: "{{ .Values.global.busyBoxRepository }}/{{ .Values.global.busyBoxImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} @@ -53,7 +85,11 @@ spec: name: {{ include "common.fullname" . }}-spool-data-pvc - mountPath: {{ .Values.persistence.eventLogsPath }} name: {{ include "common.fullname" . }}-event-logs-pvc - command: ["chown","-Rf","1000:1001", "/opt/app/datartr"] + {{- if .Values.global.aafEnabled }} + - mountPath: {{ .Values.persistence.aafCredsPath }} + name: {{ include "common.fullname" . }}-aaf-props-pvc + {{- end }} + command: ["chown","-Rf","1000:1001", "/opt/app/"] containers: - name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" @@ -74,6 +110,10 @@ spec: initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} volumeMounts: + {{- if .Values.global.aafEnabled }} + - mountPath: {{ .Values.persistence.aafCredsPath }} + name: {{ include "common.fullname" . }}-aaf-props-pvc + {{- end }} - mountPath: {{ .Values.persistence.spoolPath }} name: {{ include "common.fullname" . }}-spool-data-pvc - mountPath: {{ .Values.persistence.eventLogsPath }} @@ -84,16 +124,13 @@ spec: - mountPath: /opt/app/datartr/etc/node.properties name: {{ include "common.fullname" . }}-config subPath: node.properties - - mountPath: /opt/app/datartr/etc/drNodeCadi.properties - name: {{ include "common.fullname" . }}-config - subPath: drNodeCadi.properties - mountPath: /opt/app/datartr/etc/logback.xml name: {{ include "common.fullname" . }}-log-conf subPath: logback.xml - mountPath: {{ .Values.global.loggingDirectory }} name: {{ include "common.fullname" . }}-logs resources: -{{ include "common.resources" . | indent 12 }} +{{ include "common.resources" . }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} @@ -101,8 +138,8 @@ spec: {{- if .Values.affinity }} affinity: {{ toYaml .Values.affinity | indent 10 }} - {{- end }} - # Filebeat sidecar container + {{- end -}} + # Filebeat sidecar container - name: {{ include "common.name" . }}-filebeat-onap image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} @@ -126,8 +163,6 @@ spec: items: - key: node.properties path: node.properties - - key: drNodeCadi.properties - path: drNodeCadi.properties - name: {{ include "common.fullname" . }}-log-conf configMap: name: {{ include "common.fullname" . }}-log @@ -140,6 +175,10 @@ spec: emptyDir: {} - name: {{ include "common.fullname" . }}-logs emptyDir: {} + {{- if .Values.global.aafEnabled }} + - name: {{ include "common.fullname" . }}-aaf-props-pvc + emptyDir: {} + {{- end }} volumeClaimTemplates: - metadata: name: {{ include "common.fullname" . }}-spool-data-pvc @@ -167,3 +206,18 @@ spec: selector: matchLabels: name: {{ include "common.fullname" . }}-event-logs-pv +{{- if .Values.global.aafEnabled }} + - metadata: + name: {{ include "common.fullname" . }}-aaf-props-pvc + labels: + name: {{ include "common.fullname" . }} + spec: + accessModes: [ {{ .Values.persistence.accessMode }} ] + storageClassName: {{ include "common.fullname" . }}-aaf-props-stcl + resources: + requests: + storage: {{ .Values.persistence.aafCredsSize }} + selector: + matchLabels: + name: {{ include "common.fullname" . }}-aaf-props-pv +{{- end }} diff --git a/kubernetes/dmaap/components/dmaap-dr-node/values.yaml b/kubernetes/dmaap/components/dmaap-dr-node/values.yaml index b5e459b6b9..01309acfe4 100644 --- a/kubernetes/dmaap/components/dmaap-dr-node/values.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-node/values.yaml @@ -17,14 +17,12 @@ ################################################################# global: loggingDirectory: /var/log/onap/datarouter - busyBoxImage: busybox:1.30 - busyBoxRepository: docker.io ################################################################# # Application configuration defaults. ################################################################# # application image -image: onap/dmaap/datarouter-node:2.1.2 +image: onap/dmaap/datarouter-node:2.1.3 pullPolicy: Always # flag to enable debugging - application support required @@ -58,13 +56,28 @@ persistence: mountPath: /dockerdata-nfs spoolMountSubPath: data-router/dr-node/spool-data - spoolSize: 1Gi + spoolSize: 2Gi spoolPath: /opt/app/datartr/spool eventLogsMountSubPath: data-router/dr-node/event-logs - eventLogSize: 1Gi + eventLogSize: 2Gi eventLogsPath: /opt/app/datartr/logs + aafCredsMountSubPath: data-router/dr-node/aaf-props + aafCredsSize: 10M + aafCredsPath: /opt/app/osaaf/local + +#AAF local config +aafConfig: + aafDeployFqi: dmaap-dr@dmaap-dr.onap.org + aafDeployPass: demo123456! + fqdn: dmaap-dr-node + fqi: dmaap-dr-node@dmaap-dr.onap.org + publicFqdn: dmaap-dr.onap.org + cadiLatitude: 0.0 + cadiLongitude: 0.0 + + ingress: enabled: false diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/drProvCadi.properties b/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/drProvCadi.properties deleted file mode 100644 index 79abe22a6a..0000000000 --- a/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/drProvCadi.properties +++ /dev/null @@ -1,23 +0,0 @@ -cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US -cadi_keyfile=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.keyfile -cadi_keystore=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.jks -cadi_keystore_password=FZNkU,B%NJzcT1v7;^v]M#ZX -cadi_key_password=FZNkU,B%NJzcT1v7;^v]M#ZX -cadi_alias=dmaap-dr-prov@dmaap-dr.onap.org -cadi_truststore=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.trust.jks -cadi_truststore_password=+mzf@J.D^;3!![*Xr.z$c#?b - -aaf_env=DEV -aaf_locate_url=https://aaf-locate:8095 -aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.1/introspect -aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.1/token -aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.1 -cadi_protocols=TLSv1.1,TLSv1.2 -cm_url=https://AAF_LOCATE_URL/AAF_NS.cm:2.1 -fs_url=https://AAF_LOCATE_URL/AAF_NS.fs.2.1 -gui_url=https://AAF_LOCATE_URL/AAF_NS.gui.2.1 - -cadi_latitude=53.423 -cadi_longitude=7.940 - -cadi_loglevel=INFO
\ No newline at end of file diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/provserver.properties b/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/provserver.properties index 210fb7c75f..c7714d33a4 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/provserver.properties +++ b/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/provserver.properties @@ -27,12 +27,8 @@ org.onap.dmaap.datarouter.provserver.http.port = {{.Values.config.dmaa org.onap.dmaap.datarouter.provserver.https.port = {{.Values.config.dmaapDrProv.internalPort2}} org.onap.dmaap.datarouter.provserver.https.relaxation = true -org.onap.dmaap.datarouter.provserver.keymanager.password = FZNkU,B%NJzcT1v7;^v]M#ZX -org.onap.dmaap.datarouter.provserver.keystore.type = jks -org.onap.dmaap.datarouter.provserver.keystore.path = /opt/app/datartr/aaf_certs/org.onap.dmaap-dr.jks -org.onap.dmaap.datarouter.provserver.keystore.password = FZNkU,B%NJzcT1v7;^v]M#ZX -org.onap.dmaap.datarouter.provserver.truststore.path = /opt/app/datartr/aaf_certs/org.onap.dmaap-dr.trust.jks -org.onap.dmaap.datarouter.provserver.truststore.password = +mzf@J.D^;3!![*Xr.z$c#?b +org.onap.dmaap.datarouter.provserver.aafprops.path = /opt/app/osaaf/local/org.onap.dmaap-dr.props + org.onap.dmaap.datarouter.provserver.accesslog.dir = /opt/app/datartr/logs org.onap.dmaap.datarouter.provserver.spooldir = /opt/app/datartr/spool org.onap.dmaap.datarouter.provserver.dbscripts = /opt/app/datartr/etc/misc @@ -61,6 +57,3 @@ org.onap.dmaap.datarouter.provserver.aaf.instance = legacy org.onap.dmaap.datarouter.provserver.aaf.action.publish = publish org.onap.dmaap.datarouter.provserver.aaf.action.subscribe = subscribe -# AAF URL to connect to AAF server -org.onap.dmaap.datarouter.provserver.cadi.aaf.url = https://aaf-locate:8095 - diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml index 98ad9a373e..a1d148d88b 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml @@ -31,20 +31,59 @@ spec: spec: hostname: {{ .Values.global.dmaapDrProvName }} initContainers: - - command: - - /root/ready.py - args: - - --container-name - - {{ .Values.config.dmaapDrDb.mariadbContName }} - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness + - name: {{ include "common.name" . }}-readiness + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - /root/ready.py + args: + - --container-name + - {{ .Values.config.dmaapDrDb.mariadbContName }} + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + {{- if .Values.global.aafEnabled }} + - name: {{ include "common.name" . }}-dr-prov-aaf-config + image: "{{ include "common.repository" . }}/{{ .Values.global.aafAgentImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: ["bash","-c","exec /opt/app/aaf_config/bin/agent.sh"] + volumeMounts: + - mountPath: {{ .Values.persistence.aafCredsPath }} + name: {{ include "common.fullname" . }}-aaf-config-vol + env: + - name: APP_FQI + value: "{{ .Values.aafConfig.fqi }}" + - name: aaf_locate_url + value: "https://aaf-locate.{{ .Release.Namespace }}:8095" + - name: aaf_locator_container + value: "{{ .Values.global.aafLocatorContainer }}" + - name: aaf_locator_container_ns + value: "{{ .Release.Namespace }}" + - name: aaf_locator_fqdn + value: "{{ .Values.aafConfig.fqdn }}" + - name: aaf_locator_public_fqdn + value: "{{.Values.aafConfig.publicFqdn}}" + - name: aaf_locator_app_ns + value: "{{ .Values.global.aafAppNs }}" + - name: DEPLOY_FQI + value: "{{ .Values.aafConfig.aafDeployFqi }}" + - name: DEPLOY_PASSWORD + value: "{{ .Values.aafConfig.aafDeployPass }}" + - name: cadi_longitude + value: "{{ .Values.aafConfig.cadiLongitude }}" + - name: cadi_latitude + value: "{{ .Values.aafConfig.cadiLatitude }}" + - name: {{ include "common.name" . }}-permission-fixer + image: "{{ .Values.global.busyBoxRepository }}/{{ .Values.global.busyBoxImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - mountPath: {{ .Values.persistence.aafCredsPath }} + name: {{ include "common.fullname" . }}-aaf-config-vol + command: ["chown","-Rf","1000:1001", "/opt/app/"] + {{ end }} containers: - name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" @@ -64,22 +103,23 @@ spec: initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} volumeMounts: + {{- if .Values.global.aafEnabled }} + - mountPath: {{ .Values.persistence.aafCredsPath }} + name: {{ include "common.fullname" . }}-aaf-config-vol + {{- end }} - mountPath: /etc/localtime name: localtime readOnly: false - mountPath: /opt/app/datartr/etc/provserver.properties name: {{ include "common.fullname" . }}-config subPath: provserver.properties - - mountPath: /opt/app/datartr/etc/drProvCadi.properties - name: {{ include "common.fullname" . }}-config - subPath: drProvCadi.properties - mountPath: /opt/app/datartr/etc/logback.xml name: {{ include "common.fullname" . }}-log-conf subPath: logback.xml - mountPath: {{ .Values.global.loggingDirectory }} name: {{ include "common.fullname" . }}-logs resources: -{{ include "common.resources" . | indent 12 }} +{{ include "common.resources" . }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} @@ -87,8 +127,8 @@ spec: {{- if .Values.affinity }} affinity: {{ toYaml .Values.affinity | indent 10 }} - {{- end }} - # Filebeat sidecar container + {{- end -}} + # Filebeat sidecar container - name: {{ include "common.name" . }}-filebeat-onap image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} @@ -110,8 +150,6 @@ spec: items: - key: provserver.properties path: provserver.properties - - key: drProvCadi.properties - path: drProvCadi.properties - name: {{ include "common.fullname" . }}-log-conf configMap: name: {{ include "common.fullname" . }}-log @@ -122,5 +160,10 @@ spec: emptyDir: {} - name: {{ include "common.fullname" . }}-logs emptyDir: {} + {{- if .Values.global.aafEnabled }} + - name: {{ include "common.fullname" . }}-aaf-config-vol + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }}-aaf-props + {{ end }} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/templates/post-install-job.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/templates/post-install-job.yaml index 7b71bb03a2..acf87b81a9 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/templates/post-install-job.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/templates/post-install-job.yaml @@ -39,12 +39,10 @@ spec: {{ end }} - name: REQUESTID value: "{{.Chart.Name}}-post-install" - volumeMounts: - mountPath: /etc/localtime name: localtime readOnly: true - # NOTE: on the following several configMaps, careful to include / at end # since there may be more than one file in each mountPath # NOTE: the basename of the subdirectory is important - it matches the DBCL API URI diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/templates/pv.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/templates/pv.yaml new file mode 100644 index 0000000000..b82e67673a --- /dev/null +++ b/kubernetes/dmaap/components/dmaap-dr-prov/templates/pv.yaml @@ -0,0 +1,41 @@ +{{/* + # ============LICENSE_START======================================================= + # Copyright (C) 2019 Nordix Foundation. + # ================================================================================ + # Licensed under the Apache License, Version 2.0 (the "License"); + # you may not use this file except in compliance with the License. + # You may obtain a copy of the License at + # + # http://www.apache.org/licenses/LICENSE-2.0 + # + # Unless required by applicable law or agreed to in writing, software + # distributed under the License is distributed on an "AS IS" BASIS, + # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + # See the License for the specific language governing permissions and + # limitations under the License. + # + # SPDX-License-Identifier: Apache-2.0 + # ============LICENSE_END========================================================= +*/}} +{{- if .Values.global.aafEnabled }} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }}-aaf-props + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }}-aaf-props + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }}-aaf-props +spec: + capacity: + storage: {{ .Values.persistence.aafCredsSize}} + accessModes: + - {{ .Values.persistence.accessMode }} + storageClassName: "{{ include "common.fullname" . }}-aaf-props-stcl" + persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.aafCredsMountSubPath }} +{{ end -}} diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/templates/pvc.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/templates/pvc.yaml new file mode 100644 index 0000000000..6ff9e6d615 --- /dev/null +++ b/kubernetes/dmaap/components/dmaap-dr-prov/templates/pvc.yaml @@ -0,0 +1,45 @@ +{{/* + # ============LICENSE_START======================================================= + # Copyright (C) 2019 Nordix Foundation. + # ================================================================================ + # Licensed under the Apache License, Version 2.0 (the "License"); + # you may not use this file except in compliance with the License. + # You may obtain a copy of the License at + # + # http://www.apache.org/licenses/LICENSE-2.0 + # + # Unless required by applicable law or agreed to in writing, software + # distributed under the License is distributed on an "AS IS" BASIS, + # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + # See the License for the specific language governing permissions and + # limitations under the License. + # + # SPDX-License-Identifier: Apache-2.0 + # ============LICENSE_END========================================================= +*/}} +{{- if .Values.global.aafEnabled }} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }}-aaf-props + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + selector: + matchLabels: + name: {{ include "common.fullname" . }}-aaf-props + accessModes: + - {{ .Values.persistence.accessMode }} + storageClassName: "{{ include "common.fullname" . }}-aaf-props-stcl" + resources: + requests: + storage: {{ .Values.persistence.aafCredsSize }} +{{ end -}}
\ No newline at end of file diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/templates/service.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/templates/service.yaml index 7a94fdb2cd..734ab72c03 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/templates/service.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/templates/service.yaml @@ -38,7 +38,7 @@ metadata: spec: type: {{ .Values.config.dmaapDrProv.servicetype }} ports: - {{if eq .Values.config.dmaapDrProv.servicetype "NodePort" -}} + {{- if eq .Values.config.dmaapDrProv.servicetype "NodePort" -}} {{- if .Values.global.allow_http }} - port: {{ .Values.global.dmaapDrProvExtPort }} targetPort: {{ .Values.config.dmaapDrProv.internalPort }} diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml index 195bcb47be..8c81f1ef43 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml @@ -23,7 +23,7 @@ global: # Application configuration defaults. ################################################################# # application image -image: onap/dmaap/datarouter-prov:2.1.2 +image: onap/dmaap/datarouter-prov:2.1.3 pullPolicy: Always # flag to enable debugging - application support required @@ -52,31 +52,17 @@ readiness: ## Persist data to a persitent volume persistence: - enabled: false + volumeReclaimPolicy: Retain + accessMode: ReadWriteOnce + mountPath: /dockerdata-nfs + + aafCredsMountSubPath: data-router/dr-prov/aaf-props + aafCredsSize: 10M + aafCredsPath: /opt/app/osaaf/local ingress: enabled: false -# Resource Limit flavor -By Default using small -flavor: small -# Segregation for Different environment (Small and Large) -resources: - small: - limits: - cpu: 2000m - memory: 4Gi - requests: - cpu: 500m - memory: 1Gi - large: - limits: - cpu: 4000m - memory: 8Gi - requests: - cpu: 1000m - memory: 2Gi - unlimited: {} - config: # dr provisioning server configuration dmaapDrProv: @@ -111,3 +97,33 @@ mariadb: size: 1Gi mountSubPath: data-router/dr-db-data disableNfsProvisioner: true + +#AAF local config +aafConfig: + aafDeployFqi: dmaap-dr@dmaap-dr.onap.org + aafDeployPass: demo123456! + fqdn: dmaap-dr-prov + fqi: dmaap-dr-prov@dmaap-dr.onap.org + publicFqdn: dmaap-dr.onap.org + cadiLatitude: 0.0 + cadiLongitude: 0.0 + +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 2000m + memory: 4Gi + requests: + cpu: 500m + memory: 1Gi + large: + limits: + cpu: 4000m + memory: 8Gi + requests: + cpu: 1000m + memory: 2Gi + unlimited: {}
\ No newline at end of file diff --git a/kubernetes/dmaap/components/message-router/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/templates/statefulset.yaml index f6d67214a6..21524ef30c 100644 --- a/kubernetes/dmaap/components/message-router/templates/statefulset.yaml +++ b/kubernetes/dmaap/components/message-router/templates/statefulset.yaml @@ -70,7 +70,7 @@ spec: timeoutSeconds: {{ .Values.readiness.timeoutSeconds }} env: - name: enableCadi - value: "true" + value: "{{ .Values.global.aafEnabled }}" volumeMounts: - mountPath: /etc/localtime name: localtime @@ -88,7 +88,7 @@ spec: subPath: mykey name: mykey resources: -{{ include "common.resources" . | indent 12 }} +{{ include "common.resources" . }} volumes: - name: localtime hostPath: diff --git a/kubernetes/dmaap/values.yaml b/kubernetes/dmaap/values.yaml index 86c2fe970c..4c0d8d584e 100644 --- a/kubernetes/dmaap/values.yaml +++ b/kubernetes/dmaap/values.yaml @@ -25,6 +25,8 @@ global: loggingImage: beats/filebeat:5.5.0 clientImage: onap/dmaap/dbc-client:1.0.9 repository: nexus3.onap.org:10001 + busyBoxImage: busybox:1.30 + busyBoxRepository: docker.io #Global DMaaP app config allow_http: true @@ -38,6 +40,13 @@ global: dmaapDrProvExtPort2: 443 dmaapDrProvExtPort: 80 + #AAF global config overrides + aafEnabled: true + aafAgentImage: onap/aaf/aaf_agent:2.1.15 + aafAppNs: org.osaaf.aaf + aafLocatorContainer: oom + + #Component overrides message-router: diff --git a/kubernetes/policy/charts/policy-pap/resources/config/config.json b/kubernetes/policy/charts/policy-pap/resources/config/config.json index 3f33ed95a0..a665c07858 100644 --- a/kubernetes/policy/charts/policy-pap/resources/config/config.json +++ b/kubernetes/policy/charts/policy-pap/resources/config/config.json @@ -55,6 +55,11 @@ "topic" : "POLICY-PDP-PAP", "servers" : [ "message-router" ], "topicCommInfrastructure" : "dmaap" + }, + { + "topic" : "POLICY-NOTIFICATION", + "servers" : [ "message-router" ], + "topicCommInfrastructure" : "dmaap" }] } } diff --git a/kubernetes/portal/charts/portal-cassandra/templates/deployment.yaml b/kubernetes/portal/charts/portal-cassandra/templates/deployment.yaml index 2040794074..96e865d8cf 100644 --- a/kubernetes/portal/charts/portal-cassandra/templates/deployment.yaml +++ b/kubernetes/portal/charts/portal-cassandra/templates/deployment.yaml @@ -65,7 +65,7 @@ spec: - name: CASSPASS value: "{{ .Values.config.cassandraPassword }}" - name: JVM_OPTS - value: "{{ .Values.config.cassandraJvmOpts }}" + value: "{{ .Values.config.cassandraJvmOpts }}" - name: POD_IP valueFrom: fieldRef: diff --git a/kubernetes/sdc/charts/sdc-wfd-be/templates/deployment.yaml b/kubernetes/sdc/charts/sdc-wfd-be/templates/deployment.yaml index 0bf1bf5d31..31ab7d5eaf 100644 --- a/kubernetes/sdc/charts/sdc-wfd-be/templates/deployment.yaml +++ b/kubernetes/sdc/charts/sdc-wfd-be/templates/deployment.yaml @@ -60,13 +60,13 @@ spec: {{ if .Values.liveness.enabled }} livenessProbe: tcpSocket: - port: {{ .Values.service.internalPort }} + port: {{ .Values.service.internalPort2 }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} {{ end }} readinessProbe: tcpSocket: - port: {{ .Values.service.internalPort }} + port: {{ .Values.service.internalPort2 }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} env: diff --git a/kubernetes/sdc/charts/sdc-wfd-be/values.yaml b/kubernetes/sdc/charts/sdc-wfd-be/values.yaml index 0a250e4fce..5a67965850 100644 --- a/kubernetes/sdc/charts/sdc-wfd-be/values.yaml +++ b/kubernetes/sdc/charts/sdc-wfd-be/values.yaml @@ -28,8 +28,8 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/workflow-backend:1.5.1 -configInitImage: onap/workflow-init:1.5.1 +image: onap/workflow-backend:1.5.2 +configInitImage: onap/workflow-init:1.5.2 pullPolicy: Always # flag to enable debugging - application support required @@ -43,14 +43,14 @@ config: cassandraAuthenticationEnabled: true cassandraThriftClientPort: 9160 cassandraClientPort: 9042 - sdcProtocol: HTTP - sdcEndpoint: sdc-be:8080 + sdcProtocol: HTTPS + sdcEndpoint: sdc-be:8443 sdcExternalUser: workflow sdcExternalUserPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U serverSSLEnabled: false serverSSLKeyStoreType: jks - serverSSLKeyStorePath: /etc/server-https-keystore/keystore - serverSSLKeyPassword: password + serverSSLKeyStorePath: etc/org.onap.sdc.p12 + serverSSLKeyPassword: "!ppJ.JvWn0hGh)oVF]([Kv)^" cassandraSSLEnabled: false cassandraTrustStorePath: /etc/cassandra-client-truststore/truststore cassandraTrustStorePassword: password diff --git a/kubernetes/sdc/charts/sdc-wfd-fe/templates/deployment.yaml b/kubernetes/sdc/charts/sdc-wfd-fe/templates/deployment.yaml index 0be06f3985..1daee714b6 100644 --- a/kubernetes/sdc/charts/sdc-wfd-fe/templates/deployment.yaml +++ b/kubernetes/sdc/charts/sdc-wfd-fe/templates/deployment.yaml @@ -75,41 +75,15 @@ spec: value: "{{ .Values.config.isHttpsEnabled}}" {{ if and .Values.config.isHttpsEnabled (eq .Values.security.isDefaultStore false) }} - name: KEYSTORE_PASS - {{- if .Values.global.security.keysFromCa }} - valueFrom: - secretKeyRef: - name: mft-sdc - key: keystore-password.txt - {{ else }} - value: {{ .Values.global.security.keyStorePass}} - {{- end }} + value: "{{ .Values.security.keystorePass}}" - name: TRUSTSTORE_PASS - {{- if .Values.global.security.keysFromCa }} - valueFrom: - secretKeyRef: - name: mft-catruststore - key: keystore-password.txt - {{ else }} - value: {{ .Values.global.security.trustStorePass}} - {{- end }} + value: "{{ .Values.security.truststorePass}}" - name: TRUSTSTORE_PATH value: "{{ .Values.security.storePath }}/{{ .Values.security.truststoreFilename }}" - name: KEYSTORE_PATH value: "{{ .Values.security.storePath }}/{{ .Values.security.keystoreFilename }}" - - name: TRUSTSTORE_TYPE - value: {{ .Values.security.truststore.type }} - - name: KEYSTORE_TYPE - value: {{ .Values.security.keystore.type }} {{ end }} volumeMounts: - {{ if and .Values.config.isHttpsEnabled (eq .Values.security.isDefaultStore false) }} - - name: {{ include "common.fullname" . }}-jetty-https-truststore - mountPath: /var/lib/jetty/{{ .Values.security.storePath }}/{{ .Values.security.truststoreFilename }} - subPath: {{ .Values.security.truststoreFilename }} - - name: {{ include "common.fullname" . }}-jetty-https-keystore - mountPath: /var/lib/jetty/etc/{{ .Values.security.storePath }}/{{ .Values.security.keystoreFilename }} - subPath: {{ .Values.security.keystoreFilename }} - {{ end }} - name: {{ include "common.fullname" . }}-localtime mountPath: /etc/localtime readOnly: true @@ -123,7 +97,6 @@ spec: affinity: {{ toYaml .Values.affinity | indent 10 }} {{- end }} - # side car containers - name: {{ include "common.name" . }}-filebeat-onap image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" diff --git a/kubernetes/sdc/charts/sdc-wfd-fe/values.yaml b/kubernetes/sdc/charts/sdc-wfd-fe/values.yaml index 91cdead023..54e0e9b229 100644 --- a/kubernetes/sdc/charts/sdc-wfd-fe/values.yaml +++ b/kubernetes/sdc/charts/sdc-wfd-fe/values.yaml @@ -28,7 +28,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/workflow-frontend:1.5.1 +image: onap/workflow-frontend:1.5.2 pullPolicy: Always # flag to enable debugging - application support required @@ -41,11 +41,11 @@ config: # https relevant settings. Change in case you have other trust files then default ones. security: - isDefaultStore: true - truststoreType: "JKS" - keystoreType: "JKS" - truststoreFilename: "truststore" - keystoreFilename: "keystore" + isDefaultStore: false + truststoreFilename: "org.onap.sdc.trust.jks" + keystoreFilename: "org.onap.sdc.p12" + keystorePass: "!ppJ.JvWn0hGh)oVF]([Kv)^" + truststorePass: "].][xgtze]hBhz*wy]}m#lf*" storePath: "etc" # default number of instances diff --git a/kubernetes/so/charts/so-bpmn-infra/values.yaml b/kubernetes/so/charts/so-bpmn-infra/values.yaml index 89b0eb4183..a7925b79e5 100755 --- a/kubernetes/so/charts/so-bpmn-infra/values.yaml +++ b/kubernetes/so/charts/so-bpmn-infra/values.yaml @@ -27,7 +27,7 @@ global: # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 -image: onap/so/bpmn-infra:1.5.2 +image: onap/so/bpmn-infra:1.5.3 pullPolicy: Always replicaCount: 1 diff --git a/kubernetes/so/charts/so-catalog-db-adapter/values.yaml b/kubernetes/so/charts/so-catalog-db-adapter/values.yaml index 4b2a4d6cc1..4685fd166a 100755 --- a/kubernetes/so/charts/so-catalog-db-adapter/values.yaml +++ b/kubernetes/so/charts/so-catalog-db-adapter/values.yaml @@ -27,7 +27,7 @@ global: # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 -image: onap/so/catalog-db-adapter:1.5.2 +image: onap/so/catalog-db-adapter:1.5.3 pullPolicy: Always replicaCount: 1 diff --git a/kubernetes/so/charts/so-monitoring/values.yaml b/kubernetes/so/charts/so-monitoring/values.yaml index 7539e47af9..587dbea7bf 100644 --- a/kubernetes/so/charts/so-monitoring/values.yaml +++ b/kubernetes/so/charts/so-monitoring/values.yaml @@ -32,7 +32,7 @@ global: # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 -image: onap/so/so-monitoring:1.5.2 +image: onap/so/so-monitoring:1.5.3 pullPolicy: Always replicaCount: 1 diff --git a/kubernetes/so/charts/so-openstack-adapter/values.yaml b/kubernetes/so/charts/so-openstack-adapter/values.yaml index c570f5eb45..8dc7e830d2 100755 --- a/kubernetes/so/charts/so-openstack-adapter/values.yaml +++ b/kubernetes/so/charts/so-openstack-adapter/values.yaml @@ -26,7 +26,7 @@ global: ################################################################# # Application configuration defaults. ################################################################# -image: onap/so/openstack-adapter:1.5.2 +image: onap/so/openstack-adapter:1.5.3 pullPolicy: Always repository: nexus3.onap.org:10001 diff --git a/kubernetes/so/charts/so-request-db-adapter/values.yaml b/kubernetes/so/charts/so-request-db-adapter/values.yaml index 028d123a31..58e6412847 100755 --- a/kubernetes/so/charts/so-request-db-adapter/values.yaml +++ b/kubernetes/so/charts/so-request-db-adapter/values.yaml @@ -27,7 +27,7 @@ global: # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 -image: onap/so/request-db-adapter:1.5.2 +image: onap/so/request-db-adapter:1.5.3 pullPolicy: Always replicaCount: 1 diff --git a/kubernetes/so/charts/so-sdc-controller/values.yaml b/kubernetes/so/charts/so-sdc-controller/values.yaml index 1259435ec9..2cce8bb2dd 100755 --- a/kubernetes/so/charts/so-sdc-controller/values.yaml +++ b/kubernetes/so/charts/so-sdc-controller/values.yaml @@ -27,7 +27,7 @@ global: # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 -image: onap/so/sdc-controller:1.5.2 +image: onap/so/sdc-controller:1.5.3 pullPolicy: Always replicaCount: 1 diff --git a/kubernetes/so/charts/so-sdnc-adapter/values.yaml b/kubernetes/so/charts/so-sdnc-adapter/values.yaml index e48c9c93e2..d1be03b541 100755 --- a/kubernetes/so/charts/so-sdnc-adapter/values.yaml +++ b/kubernetes/so/charts/so-sdnc-adapter/values.yaml @@ -27,7 +27,7 @@ global: # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 -image: onap/so/sdnc-adapter:1.5.2 +image: onap/so/sdnc-adapter:1.5.3 pullPolicy: Always replicaCount: 1 diff --git a/kubernetes/so/charts/so-vfc-adapter/values.yaml b/kubernetes/so/charts/so-vfc-adapter/values.yaml index 1663fb350c..b15a67ffe8 100755 --- a/kubernetes/so/charts/so-vfc-adapter/values.yaml +++ b/kubernetes/so/charts/so-vfc-adapter/values.yaml @@ -27,7 +27,7 @@ global: # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 -image: onap/so/vfc-adapter:1.5.2 +image: onap/so/vfc-adapter:1.5.3 pullPolicy: Always replicaCount: 1 diff --git a/kubernetes/so/charts/so-vnfm-adapter/values.yaml b/kubernetes/so/charts/so-vnfm-adapter/values.yaml index d29bff28aa..67523bc27f 100755 --- a/kubernetes/so/charts/so-vnfm-adapter/values.yaml +++ b/kubernetes/so/charts/so-vnfm-adapter/values.yaml @@ -26,7 +26,7 @@ global: # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 -image: onap/so/vnfm-adapter:1.5.2 +image: onap/so/vnfm-adapter:1.5.3 pullPolicy: Always replicaCount: 1 diff --git a/kubernetes/so/values.yaml b/kubernetes/so/values.yaml index ae126fa78e..b4bf248dfe 100755 --- a/kubernetes/so/values.yaml +++ b/kubernetes/so/values.yaml @@ -43,7 +43,7 @@ global: # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 -image: onap/so/api-handler-infra:1.5.2 +image: onap/so/api-handler-infra:1.5.3 pullPolicy: Always replicaCount: 1 |