diff options
53 files changed, 594 insertions, 204 deletions
diff --git a/.gitignore b/.gitignore index 6d071f6cb1..8b573a454f 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,6 @@ +# Helm generated stuff +Chart.lock +**/charts/ # auto generated certificates kubernetes/platform/components/oom-cert-service/resources/*.jks kubernetes/platform/components/oom-cert-service/resources/*.p12 diff --git a/kubernetes/aaf/components/aaf-sms/resources/config/osdf.json b/kubernetes/aaf/components/aaf-sms/resources/config/osdf.json index 3ede31dc44..c14f7ee4ba 100644 --- a/kubernetes/aaf/components/aaf-sms/resources/config/osdf.json +++ b/kubernetes/aaf/components/aaf-sms/resources/config/osdf.json @@ -99,14 +99,14 @@ "UserName": "${OSDF_OPT_ENGINE_USER}", "Password": "${OSDF_OPT_ENGINE_PASS}" } - }, + }{{ if .Values.cps.enabled }}, { "name": "cps", "values": { "UserName": "${CPS_USER}", "Password": "${CPS_PASS}" } - } + }{{ end }} ] } } diff --git a/kubernetes/aaf/components/aaf-sms/templates/job.yaml b/kubernetes/aaf/components/aaf-sms/templates/job.yaml index 6d9ecaa7cb..8dbe276d97 100644 --- a/kubernetes/aaf/components/aaf-sms/templates/job.yaml +++ b/kubernetes/aaf/components/aaf-sms/templates/job.yaml @@ -52,7 +52,9 @@ spec: export OSDF_OPT_ENGINE_PASS=${OSDF_OPT_ENGINE_PASS_PLAIN}; export SO_PASS=${SO_PASS_PLAIN}; export SDC_PASS=${SDC_PASS_PLAIN}; + {{- if .Values.cps.enabled }} export CPS_PASS=${CPS_PASS_PLAIN}; + {{- end }} cd /config-input; for PFILE in `find . -not -type d | grep -v -F ..`; do envsubst <${PFILE} >/config/${PFILE}; @@ -137,11 +139,12 @@ spec: {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "sdc-creds" "key" "login") | indent 10 }} - name: SDC_PASS_PLAIN {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "sdc-creds" "key" "password") | indent 10 }} - + {{- if .Values.cps.enabled }} - name: CPS_USER {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cps-creds" "key" "login") | indent 10 }} - name: CPS_PASS_PLAIN {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cps-creds" "key" "password") | indent 10 }} + {{- end }} volumeMounts: - mountPath: /config-input diff --git a/kubernetes/aaf/components/aaf-sms/values.yaml b/kubernetes/aaf/components/aaf-sms/values.yaml index cde8529cc1..da268ccf06 100644 --- a/kubernetes/aaf/components/aaf-sms/values.yaml +++ b/kubernetes/aaf/components/aaf-sms/values.yaml @@ -116,6 +116,9 @@ persistence: ingress: enabled: false +cps: + enabled: true + secrets: - uid: aai-creds type: basicAuth diff --git a/kubernetes/aai/components/aai-babel/values.yaml b/kubernetes/aai/components/aai-babel/values.yaml index f2dfd2c9c2..14f162a486 100644 --- a/kubernetes/aai/components/aai-babel/values.yaml +++ b/kubernetes/aai/components/aai-babel/values.yaml @@ -59,7 +59,7 @@ certInitializer: ################################################################# # application image -image: onap/babel:1.9.2 +image: onap/babel:1.9.3 flavor: small flavorOverride: small diff --git a/kubernetes/aai/components/aai-graphadmin/templates/deployment.yaml b/kubernetes/aai/components/aai-graphadmin/templates/deployment.yaml index cccc2b1e66..d0147aa1a4 100644 --- a/kubernetes/aai/components/aai-graphadmin/templates/deployment.yaml +++ b/kubernetes/aai/components/aai-graphadmin/templates/deployment.yaml @@ -63,9 +63,9 @@ spec: echo "*** retrieve Truststore and Keystore password" export $(cat {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop | xargs -0) echo "*** obfuscate them " - export KEYSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.44.v20210927.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"` - export KEYSTORE_JKS_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.44.v20210927.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_JKS_PLAIN_PASSWORD} 2>&1 | grep "OBF:"` - export TRUSTSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.44.v20210927.jar org.eclipse.jetty.util.security.Password ${TRUSTSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"` + export KEYSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"` + export KEYSTORE_JKS_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_JKS_PLAIN_PASSWORD} 2>&1 | grep "OBF:"` + export TRUSTSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${TRUSTSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"` echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop echo "KEYSTORE_JKS_PASSWORD=${KEYSTORE_JKS_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop echo "TRUSTSTORE_PASSWORD=${TRUSTSTORE_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop diff --git a/kubernetes/aai/components/aai-graphadmin/templates/job-copy-db-backup.yaml b/kubernetes/aai/components/aai-graphadmin/templates/job-copy-db-backup.yaml index 95c3fe2fbf..07307134d8 100644 --- a/kubernetes/aai/components/aai-graphadmin/templates/job-copy-db-backup.yaml +++ b/kubernetes/aai/components/aai-graphadmin/templates/job-copy-db-backup.yaml @@ -68,9 +68,9 @@ spec: echo "*** retrieve Truststore and Keystore password" export $(cat {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop | xargs -0) echo "*** obfuscate them " - export KEYSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.44.v20210927.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"` - export KEYSTORE_JKS_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.44.v20210927.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_JKS_PLAIN_PASSWORD} 2>&1 | grep "OBF:"` - export TRUSTSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.44.v20210927.jar org.eclipse.jetty.util.security.Password ${TRUSTSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"` + export KEYSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"` + export KEYSTORE_JKS_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_JKS_PLAIN_PASSWORD} 2>&1 | grep "OBF:"` + export TRUSTSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${TRUSTSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"` echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop echo "KEYSTORE_JKS_PASSWORD=${KEYSTORE_JKS_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop echo "TRUSTSTORE_PASSWORD=${TRUSTSTORE_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop diff --git a/kubernetes/aai/components/aai-graphadmin/templates/job-create-db.yaml b/kubernetes/aai/components/aai-graphadmin/templates/job-create-db.yaml index 62e27b6321..b483489141 100644 --- a/kubernetes/aai/components/aai-graphadmin/templates/job-create-db.yaml +++ b/kubernetes/aai/components/aai-graphadmin/templates/job-create-db.yaml @@ -63,9 +63,9 @@ spec: echo "*** retrieve Truststore and Keystore password" export $(cat {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop | xargs -0) echo "*** obfuscate them " - export KEYSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.44.v20210927.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"` - export KEYSTORE_JKS_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.44.v20210927.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_JKS_PLAIN_PASSWORD} 2>&1 | grep "OBF:"` - export TRUSTSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.44.v20210927.jar org.eclipse.jetty.util.security.Password ${TRUSTSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"` + export KEYSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"` + export KEYSTORE_JKS_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_JKS_PLAIN_PASSWORD} 2>&1 | grep "OBF:"` + export TRUSTSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${TRUSTSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"` echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop echo "KEYSTORE_JKS_PASSWORD=${KEYSTORE_JKS_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop echo "TRUSTSTORE_PASSWORD=${TRUSTSTORE_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop diff --git a/kubernetes/aai/components/aai-graphadmin/templates/job-migration.yaml b/kubernetes/aai/components/aai-graphadmin/templates/job-migration.yaml index 07009b2fbd..0d471f7d78 100644 --- a/kubernetes/aai/components/aai-graphadmin/templates/job-migration.yaml +++ b/kubernetes/aai/components/aai-graphadmin/templates/job-migration.yaml @@ -68,9 +68,9 @@ spec: echo "*** retrieve Truststore and Keystore password" export $(cat {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop | xargs -0) echo "*** obfuscate them " - export KEYSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.44.v20210927.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"` - export KEYSTORE_JKS_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.44.v20210927.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_JKS_PLAIN_PASSWORD} 2>&1 | grep "OBF:"` - export TRUSTSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.44.v20210927.jar org.eclipse.jetty.util.security.Password ${TRUSTSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"` + export KEYSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"` + export KEYSTORE_JKS_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_JKS_PLAIN_PASSWORD} 2>&1 | grep "OBF:"` + export TRUSTSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${TRUSTSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"` echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop echo "KEYSTORE_JKS_PASSWORD=${KEYSTORE_JKS_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop echo "TRUSTSTORE_PASSWORD=${TRUSTSTORE_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop @@ -266,9 +266,9 @@ spec: echo "*** retrieve Truststore and Keystore password" export $(cat {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop | xargs -0) echo "*** obfuscate them " - export KEYSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.44.v20210927.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"` - export KEYSTORE_JKS_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.44.v20210927.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_JKS_PLAIN_PASSWORD} 2>&1 | grep "OBF:"` - export TRUSTSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.44.v20210927.jar org.eclipse.jetty.util.security.Password ${TRUSTSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"` + export KEYSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"` + export KEYSTORE_JKS_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_JKS_PLAIN_PASSWORD} 2>&1 | grep "OBF:"` + export TRUSTSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${TRUSTSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"` echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop echo "KEYSTORE_JKS_PASSWORD=${KEYSTORE_JKS_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop echo "TRUSTSTORE_PASSWORD=${TRUSTSTORE_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop diff --git a/kubernetes/aai/components/aai-graphadmin/values.yaml b/kubernetes/aai/components/aai-graphadmin/values.yaml index 118f446b26..6f372f9bd9 100644 --- a/kubernetes/aai/components/aai-graphadmin/values.yaml +++ b/kubernetes/aai/components/aai-graphadmin/values.yaml @@ -76,11 +76,11 @@ global: # global defaults version: # Current version of the REST API api: - default: v24 + default: v26 # Specifies which version the depth parameter is configurable depth: v11 # List of all the supported versions of the API - list: v11,v12,v13,v14,v15,v16,v17,v18,v19,v20,v21,v22,v23,v24 + list: v11,v12,v13,v14,v15,v16,v17,v18,v19,v20,v21,v22,v23,v24,v25,v26 # Specifies from which version related link should appear related: link: v11 @@ -144,7 +144,7 @@ certInitializer: chown -R {{ .Values.user_id }}:{{ .Values.group_id }} {{ .Values.credsPath }} # application image -image: onap/aai-graphadmin:1.9.2 +image: onap/aai-graphadmin:1.9.3 pullPolicy: Always restartPolicy: Always flavor: small diff --git a/kubernetes/aai/components/aai-modelloader/templates/deployment.yaml b/kubernetes/aai/components/aai-modelloader/templates/deployment.yaml index c4098b1a3b..22f0dbcd05 100644 --- a/kubernetes/aai/components/aai-modelloader/templates/deployment.yaml +++ b/kubernetes/aai/components/aai-modelloader/templates/deployment.yaml @@ -56,8 +56,8 @@ spec: echo "*** obfuscate them " export KEYSTORE_PLAIN_PASSWORD=${KEYSTORE_PLAIN_PASSWORD} export TRUSTSTORE_PLAIN_PASSWORD=${TRUSTSTORE_PLAIN_PASSWORD} - export KEYSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.44.v20210927.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"` - export TRUSTSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.44.v20210927.jar org.eclipse.jetty.util.security.Password ${TRUSTSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"` + export KEYSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"` + export TRUSTSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${TRUSTSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"` echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop echo "TRUSTSTORE_PASSWORD=${TRUSTSTORE_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop image: {{ include "repositoryGenerator.image.jetty" . }} diff --git a/kubernetes/aai/components/aai-modelloader/values.yaml b/kubernetes/aai/components/aai-modelloader/values.yaml index 95eae6a80b..6d1a37e561 100644 --- a/kubernetes/aai/components/aai-modelloader/values.yaml +++ b/kubernetes/aai/components/aai-modelloader/values.yaml @@ -56,7 +56,7 @@ certInitializer: chown -R {{ .Values.user_id }}:{{ .Values.group_id }} {{ .Values.credsPath }} # application image -image: onap/model-loader:1.9.1 +image: onap/model-loader:1.9.2 pullPolicy: Always restartPolicy: Always flavor: small diff --git a/kubernetes/aai/components/aai-resources/values.yaml b/kubernetes/aai/components/aai-resources/values.yaml index 51984947cd..b1f8c085b8 100644 --- a/kubernetes/aai/components/aai-resources/values.yaml +++ b/kubernetes/aai/components/aai-resources/values.yaml @@ -77,11 +77,11 @@ global: # global defaults version: # Current version of the REST API api: - default: v24 + default: v26 # Specifies which version the depth parameter is configurable depth: v11 # List of all the supported versions of the API - list: v11,v12,v13,v14,v15,v16,v17,v18,v19,v20,v21,v22,v23,v24 + list: v11,v12,v13,v14,v15,v16,v17,v18,v19,v20,v21,v22,v23,v24,v25,v26 # Specifies from which version related link should appear related: link: v11 @@ -157,7 +157,7 @@ certInitializer: chown -R 1000 {{ .Values.credsPath }} # application image -image: onap/aai-resources:1.9.3 +image: onap/aai-resources:1.9.4 pullPolicy: Always restartPolicy: Always flavor: small diff --git a/kubernetes/aai/components/aai-schema-service/templates/deployment.yaml b/kubernetes/aai/components/aai-schema-service/templates/deployment.yaml index e4f1d72d7b..cb58120159 100644 --- a/kubernetes/aai/components/aai-schema-service/templates/deployment.yaml +++ b/kubernetes/aai/components/aai-schema-service/templates/deployment.yaml @@ -52,8 +52,9 @@ spec: echo "*** obfuscate them " export KEYSTORE_PLAIN_PASSWORD=${KEYSTORE_PLAIN_PASSWORD} export TRUSTSTORE_PLAIN_PASSWORD=${TRUSTSTORE_PLAIN_PASSWORD} - export KEYSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.44.v20210927.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"` - export TRUSTSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.44.v20210927.jar org.eclipse.jetty.util.security.Password ${TRUSTSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"` + ls -l /usr/local/jetty/lib + export KEYSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"` + export TRUSTSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${TRUSTSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"` echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop echo "TRUSTSTORE_PASSWORD=${TRUSTSTORE_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop image: {{ include "repositoryGenerator.image.jetty" . }} @@ -75,8 +76,6 @@ spec: - | echo "*** retrieve Truststore and Keystore password" export $(cat {{ .Values.certInitializer.credsPath }}/mycreds.prop | xargs -0) - echo "keystore pass: $KEYSTORE_PASSWORD" - echo "truststore pass: $TRUSTSTORE_PASSWORD" echo "*** actual launch of AAI Schema Service" /bin/bash /opt/app/aai-schema-service/docker-entrypoint.sh {{- end }} diff --git a/kubernetes/aai/components/aai-schema-service/values.yaml b/kubernetes/aai/components/aai-schema-service/values.yaml index 9ca398319b..1dd374c4dc 100644 --- a/kubernetes/aai/components/aai-schema-service/values.yaml +++ b/kubernetes/aai/components/aai-schema-service/values.yaml @@ -40,11 +40,11 @@ global: # global defaults version: # Current version of the REST API api: - default: v24 + default: v26 # Specifies which version the depth parameter is configurable depth: v11 # List of all the supported versions of the API - list: v11,v12,v13,v14,v15,v16,v17,v18,v19,v20,v21,v22,v23,v24 + list: v11,v12,v13,v14,v15,v16,v17,v18,v19,v20,v21,v22,v23,v24,v25,v26 # Specifies from which version related link should appear related: link: v11 @@ -94,7 +94,7 @@ certInitializer: chown -R {{ .Values.user_id }}:{{ .Values.group_id }} {{ .Values.credsPath }} # application image -image: onap/aai-schema-service:1.9.3 +image: onap/aai-schema-service:1.9.4 pullPolicy: Always restartPolicy: Always flavorOverride: small diff --git a/kubernetes/aai/components/aai-traversal/values.yaml b/kubernetes/aai/components/aai-traversal/values.yaml index 7de12f54a7..b1c8fdd221 100644 --- a/kubernetes/aai/components/aai-traversal/values.yaml +++ b/kubernetes/aai/components/aai-traversal/values.yaml @@ -84,11 +84,11 @@ global: # global defaults version: # Current version of the REST API api: - default: v24 + default: v26 # Specifies which version the depth parameter is configurable depth: v11 # List of all the supported versions of the API - list: v11,v12,v13,v14,v15,v16,v17,v18,v19,v20,v21,v22,v23,v24 + list: v11,v12,v13,v14,v15,v16,v17,v18,v19,v20,v21,v22,v23,v24,v25,v26 # Specifies from which version related link should appear related: link: v11 @@ -140,7 +140,7 @@ certInitializer: chown -R 1000 {{ .Values.credsPath }} # application image -image: onap/aai-traversal:1.9.3 +image: onap/aai-traversal:1.9.4 pullPolicy: Always restartPolicy: Always flavor: small diff --git a/kubernetes/aai/resources/config/haproxy/haproxy-pluggable-security.cfg b/kubernetes/aai/resources/config/haproxy/haproxy-pluggable-security.cfg index 9fa6d2ee9b..6e7acef17f 100644 --- a/kubernetes/aai/resources/config/haproxy/haproxy-pluggable-security.cfg +++ b/kubernetes/aai/resources/config/haproxy/haproxy-pluggable-security.cfg @@ -88,6 +88,15 @@ frontend IST_8443 http-request set-header X-AAI-SSL-Client-ST %{+Q}[ssl_c_s_dn(ST)] http-request set-header X-AAI-SSL-Client-C %{+Q}[ssl_c_s_dn(C)] http-request set-header X-AAI-SSL-Client-O %{+Q}[ssl_c_s_dn(O)] +####################################### +## Request blocking configuration ### +####################################### + {{- if eq $.Values.haproxy.requestBlocking.enabled true }} + {{- range $custom_config := $.Values.haproxy.requestBlocking.customConfigs }} + {{ $custom_config }} + {{- end }} + {{- end }} + reqadd X-Forwarded-Proto:\ https reqadd X-Forwarded-Port:\ 8443 diff --git a/kubernetes/aai/resources/config/haproxy/haproxy.cfg b/kubernetes/aai/resources/config/haproxy/haproxy.cfg index 1db4addb5a..1accff9935 100644 --- a/kubernetes/aai/resources/config/haproxy/haproxy.cfg +++ b/kubernetes/aai/resources/config/haproxy/haproxy.cfg @@ -119,6 +119,15 @@ frontend IST_8443 http-request set-header X-AAI-SSL-Client-ST %{+Q}[ssl_c_s_dn(ST)] http-request set-header X-AAI-SSL-Client-C %{+Q}[ssl_c_s_dn(C)] http-request set-header X-AAI-SSL-Client-O %{+Q}[ssl_c_s_dn(O)] +####################################### +## Request blocking configuration ### +####################################### + {{- if eq $.Values.haproxy.requestBlocking.enabled true }} + {{- range $custom_config := $.Values.haproxy.requestBlocking.customConfigs }} + {{ $custom_config }} + {{- end }} + {{- end }} + reqadd X-Forwarded-Proto:\ https reqadd X-Forwarded-Port:\ 8443 {{- end }} diff --git a/kubernetes/aai/values.yaml b/kubernetes/aai/values.yaml index 42b0fa622a..62d1d2eabd 100644 --- a/kubernetes/aai/values.yaml +++ b/kubernetes/aai/values.yaml @@ -231,11 +231,11 @@ global: # global defaults version: # Current version of the REST API api: - default: v24 + default: v26 # Specifies which version the depth parameter is configurable depth: v11 # List of all the supported versions of the API - list: v11,v12,v13,v14,v15,v16,v17,v18,v19,v20,v21,v22,v23,v24 + list: v11,v12,v13,v14,v15,v16,v17,v18,v19,v20,v21,v22,v23,v24,v25,v26 # Specifies from which version related link should appear related: link: v11 @@ -349,6 +349,12 @@ nodeSelector: {} affinity: {} +# HAProxy configuration to block HTTP requests to AAI based on configurable URL patterns +haproxy: + requestBlocking: + enabled: false + customConfigs: [] + # probe configuration parameters liveness: initialDelaySeconds: 10 diff --git a/kubernetes/common/cassandra/templates/servicemonitor.yaml b/kubernetes/common/cassandra/templates/servicemonitor.yaml new file mode 100644 index 0000000000..5297e692d2 --- /dev/null +++ b/kubernetes/common/cassandra/templates/servicemonitor.yaml @@ -0,0 +1,19 @@ +{{/* +# Copyright © 2022 Amdocs, Bitnami, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if .Values.metrics.serviceMonitor.enabled }} +{{ include "common.serviceMonitor" . }} +{{- end }}
\ No newline at end of file diff --git a/kubernetes/common/cassandra/templates/statefulset.yaml b/kubernetes/common/cassandra/templates/statefulset.yaml index 840e95b490..43367ee542 100644 --- a/kubernetes/common/cassandra/templates/statefulset.yaml +++ b/kubernetes/common/cassandra/templates/statefulset.yaml @@ -1,5 +1,5 @@ {{/* -# Copyright © 2018 Amdocs, AT&T, Bell Canada +# Copyright © 2022 Amdocs, AT&T, Bell Canada, Bitnami # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -26,6 +26,15 @@ spec: type: {{ .Values.updateStrategy.type }} template: metadata: {{- include "common.templateMetadata" . | nindent 6 }} + {{- if or .Values.podAnnotations (and .Values.metrics.serviceMonitor.enabled .Values.metrics.podAnnotations) }} + annotations: + {{- if .Values.podAnnotations }} + {{- include "common.tplValue" (dict "value" .Values.podAnnotations "context" $) | nindent 8 }} + {{- end }} + {{- if and .Values.metrics.serviceMonitor.enabled .Values.metrics.podAnnotations }} + {{- include "common.tplValue" (dict "value" .Values.metrics.podAnnotations "context" $) | nindent 8 }} + {{- end }} + {{- end }} spec: hostNetwork: {{ .Values.hostNetwork }} imagePullSecrets: @@ -126,6 +135,41 @@ spec: command: ["/bin/sh", "-c", "PID=$(pidof java) && kill $PID && while ps -p $PID > /dev/null; do sleep 1; done"] {{- end }} resources: {{ toYaml .Values.resources | nindent 10 }} + {{- if .Values.metrics.serviceMonitor.enabled }} + - name: {{ include "common.name" . }}-metrics + image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.metrics.image }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.metrics.pullPolicy | quote}} + {{- if (.Values.metrics.enabled) }} + ports: + {{- range $index, $metricPort := .Values.metrics.ports }} + - name: {{ $metricPort.name }} + containerPort: {{ $metricPort.port }} + protocol: TCP + {{- end }} + livenessProbe: + httpGet: + path: {{ .Values.metrics.livenessProbe.httpGet.path }} + port: {{ .Values.metrics.livenessProbe.httpGet.port }} + initialDelaySeconds: {{ .Values.metrics.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.metrics.livenessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.metrics.livenessProbe.timeoutSeconds }} + successThreshold: {{ .Values.metrics.livenessProbe.successThreshold }} + failureThreshold: {{ .Values.metrics.livenessProbe.failureThreshold }} + readinessProbe: + httpGet: + path: {{ .Values.metrics.readinessProbe.httpGet.path }} + port: {{ .Values.metrics.readinessProbe.httpGet.port }} + initialDelaySeconds: {{ .Values.metrics.readinessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.metrics.readinessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.metrics.readinessProbe.timeoutSeconds }} + successThreshold: {{ .Values.metrics.readinessProbe.successThreshold }} + failureThreshold: {{ .Values.metrics.readinessProbe.failureThreshold }} + {{- end }} + {{ include "common.containerSecurityContext" . | indent 10 | trim }} + {{- if .Values.metrics.resources }} + resources: {{- toYaml .Values.metrics.resources | nindent 10 }} + {{- end }} + {{- end }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | nindent 8 }} {{- end -}} diff --git a/kubernetes/common/cassandra/values.yaml b/kubernetes/common/cassandra/values.yaml index 1d69993956..597174ee0a 100644 --- a/kubernetes/common/cassandra/values.yaml +++ b/kubernetes/common/cassandra/values.yaml @@ -1,4 +1,4 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T +# Copyright © 2022 Amdocs, Bell Canada, AT&T, Bitnami # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -168,3 +168,63 @@ serviceAccount: nameOverride: cassandra roles: - nothing + +# Cassandra Metrics +metrics: + enabled: false + image: bitnami/cassandra-exporter:2.3.4-debian-10-r641 + pullPolicy: IfNotPresent + ports: + - name: tcp-metrics + port: 8080 + podAnnotations: + prometheus.io/scrape: 'true' + prometheus.io/port: '8080' + livenessProbe: + enabled: true + httpGet: + path: /metrics + port: 8080 + initialDelaySeconds: 30 + periodSeconds: 10 + timeoutSeconds: 5 + successThreshold: 1 + failureThreshold: 3 + readinessProbe: + httpGet: + path: /metrics + port: 8080 + enabled: true + initialDelaySeconds: 5 + periodSeconds: 10 + timeoutSeconds: 5 + successThreshold: 1 + failureThreshold: 3 + serviceMonitor: + enabled: false + targetPort: 8080 + path: /metrics + basicAuth: + enabled: false + ## Namespace in which Prometheus is running + ## + # namespace: monitoring + + ## Interval at which metrics should be scraped. + #interval: 30s + + ## Timeout after which the scrape is ended + # scrapeTimeout: 10s + + ## ServiceMonitor selector labels + selector: + app.kubernetes.io/name: '{{ include "common.name" . }}' + helm.sh/chart: '{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}' + app.kubernetes.io/instance: '{{ include "common.release" . }}' + app.kubernetes.io/managed-by: '{{ .Release.Service }}' + + ## RelabelConfigs to apply to samples before scraping + relabelings: [] + + ## MetricRelabelConfigs to apply to samples before ingestion + metricRelabelings: [] diff --git a/kubernetes/common/cert-wrapper/resources/import-custom-certs.sh b/kubernetes/common/cert-wrapper/resources/import-custom-certs.sh index fa3de03ece..96b0c0c0c8 100755 --- a/kubernetes/common/cert-wrapper/resources/import-custom-certs.sh +++ b/kubernetes/common/cert-wrapper/resources/import-custom-certs.sh @@ -41,7 +41,7 @@ for f in $CERTS_DIR/*; do if echo $f | grep '\.sh$' >/dev/null; then continue fi - if echo $f | grep '\.b64$' >/dev/null; then + if echo $f | grep '\.b64$' >/dev/null then base64 -d $f > $WORK_DIR/`basename $f .b64` else @@ -87,4 +87,4 @@ if [ $? != 0 ] exit 1 else cp /etc/ssl/certs/ca-certificates.crt $WORK_DIR/. -fi
\ No newline at end of file +fi diff --git a/kubernetes/common/common/templates/_dmaapProvisioning.tpl b/kubernetes/common/common/templates/_dmaapProvisioning.tpl index d28494aacd..eefd00d7bf 100644 --- a/kubernetes/common/common/templates/_dmaapProvisioning.tpl +++ b/kubernetes/common/common/templates/_dmaapProvisioning.tpl @@ -138,6 +138,7 @@ args: - -c - | + set -uex -o pipefail if [ -d /opt/app/config/cache ]; then cd /opt/app/config/cache for file in $(ls feed*); do @@ -147,8 +148,6 @@ done for file in $(ls drpub*); do NUM=$(echo "$file" | sed 's/drpubConfig-\([0-9]\+\)-resp.json/\1/') - export DR_USERNAME_"$NUM"="$(grep -o '"username":"[^"]*' "$file" | cut -d '"' -f4)" - export DR_PASSWORD_"$NUM"="$(grep -o '"userpwd":"[^"]*' "$file" | cut -d '"' -f4)" export DR_FILES_PUBLISHER_ID_"$NUM"="$(grep -o '"pubId":"[^"]*' "$file" | cut -d '"' -f4)" done for file in $(ls drsub*); do diff --git a/kubernetes/common/common/templates/_service.tpl b/kubernetes/common/common/templates/_service.tpl index a488e0d5fa..f6a0f211a9 100644 --- a/kubernetes/common/common/templates/_service.tpl +++ b/kubernetes/common/common/templates/_service.tpl @@ -267,6 +267,11 @@ spec: {{- $ports := $dot.Values.service.headlessPorts -}} {{- $labels := default (dict) .labels -}} {{- $matchLabels := default (dict) .matchLabels -}} +{{- if ($dot.Values.metrics) }} +{{- range $index, $metricPort := $dot.Values.metrics.ports }} +{{- $ports = append $ports $metricPort }} +{{- end }} +{{- end }} {{ include "common.genericService" (dict "suffix" $suffix "annotations" $annotations "dot" $dot "publishNotReadyAddresses" $publishNotReadyAddresses "ports" $ports "serviceType" "ClusterIP" "headless" true "labels" $labels "matchLabels" $matchLabels) }} {{- end -}} diff --git a/kubernetes/common/mariadb-galera/values.yaml b/kubernetes/common/mariadb-galera/values.yaml index f49a898818..9f7c882134 100644 --- a/kubernetes/common/mariadb-galera/values.yaml +++ b/kubernetes/common/mariadb-galera/values.yaml @@ -608,8 +608,8 @@ metrics: ## ServiceMonitor selector labels ## ref: https://github.com/bitnami/charts/tree/master/bitnami/prometheus-operator#prometheus-configuration ## - selector: - prometheus: kube-prometheus + # selector: + # prometheus: kube-prometheus ## RelabelConfigs to apply to samples before scraping ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#relabelconfig diff --git a/kubernetes/common/repositoryGenerator/values.yaml b/kubernetes/common/repositoryGenerator/values.yaml index 5a43eefc03..34ce466f48 100644 --- a/kubernetes/common/repositoryGenerator/values.yaml +++ b/kubernetes/common/repositoryGenerator/values.yaml @@ -1,6 +1,6 @@ # Copyright © 2020 Orange # Copyright © 2021 Nokia, AT&T -# Modifications Copyright (C) 2021 Nordix Foundation. +# Modifications Copyright (c) 2022 Nordix Foundation. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -23,21 +23,24 @@ global: githubContainerRegistry: ghcr.io # common global images - busyboxImage: busybox:1.32 + busyboxImage: busybox:1.34.1 curlImage: curlimages/curl:7.80.0 envsubstImage: dibi/envsubst:1 # there's only latest image for htpasswd htpasswdImage: xmartlabs/htpasswd:latest - jettyImage: jetty:9-jdk11-slim + # if you change jetty image, you'll also need to update jar file which is + # "hardcoded" to the value... + # (/usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar) for 9.4.45 + jettyImage: jetty:9.4.45-jdk11-slim jreImage: onap/integration-java11:10.0.0 - kubectlImage: bitnami/kubectl:1.19 + kubectlImage: bitnami/kubectl:1.22.4 loggingImage: beats/filebeat:5.5.0 mariadbImage: bitnami/mariadb:10.6.5-debian-10-r28 - nginxImage: bitnami/nginx:1.18-debian-10 + nginxImage: bitnami/nginx:1.21.4 postgresImage: crunchydata/crunchy-postgres:centos8-13.2-4.6.1 readinessImage: onap/oom/readiness:3.0.1 dcaePolicySyncImage: onap/org.onap.dcaegen2.deployments.dcae-services-policy-sync:1.0.1 - dbcClientImage: onap/dmaap/dbc-client:2.0.7 + dbcClientImage: onap/dmaap/dbc-client:2.0.9 quitQuitImage: onap/oom/readiness:4.1.0 # Default credentials diff --git a/kubernetes/cps/Chart.yaml b/kubernetes/cps/Chart.yaml index 40bf4889ea..5e951d7beb 100644 --- a/kubernetes/cps/Chart.yaml +++ b/kubernetes/cps/Chart.yaml @@ -23,9 +23,6 @@ dependencies: - name: common version: ~10.x-0 repository: '@local' - - name: roles-wrapper - version: ~10.x-0 - repository: '@local' - name: cps-core version: ~10.x-0 repository: '@local' diff --git a/kubernetes/cps/components/cps-core/Chart.yaml b/kubernetes/cps/components/cps-core/Chart.yaml index c1ef7202a7..95201a0d4a 100644 --- a/kubernetes/cps/components/cps-core/Chart.yaml +++ b/kubernetes/cps/components/cps-core/Chart.yaml @@ -1,6 +1,7 @@ -# Copyright (C) Pantheon.tech, Orange +# Copyright (C) Pantheon.tech, Orange # Modifications Copyright © 2021 Orange # Modifications Copyright © 2021 Nordix Foundation +# Modifications Copyright (C) 2022 Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -30,8 +31,7 @@ dependencies: - name: postgres-init version: ~10.x-0 repository: '@local' - condition: not global.postgres.localCluster - #condition: global.postgres.postgresInit + condition: postgres.postgresInit - name: readinessCheck version: ~10.x-0 repository: '@local' diff --git a/kubernetes/cps/components/cps-core/resources/config/application-helm.yml b/kubernetes/cps/components/cps-core/resources/config/application-helm.yml index 8f904efeae..e9958f1114 100644 --- a/kubernetes/cps/components/cps-core/resources/config/application-helm.yml +++ b/kubernetes/cps/components/cps-core/resources/config/application-helm.yml @@ -20,9 +20,9 @@ spring: datasource: {{- if .Values.global.postgres.localCluster }} - url: jdbc:postgresql://{{ .Values.postgres.service.name2 }}:5432/{{ .Values.postgres.config.pgDatabase }} + url: jdbc:postgresql://{{ .Values.postgres.service.name2 }}:{{ .Values.postgres.service.externalPort2 }}/{{ .Values.postgres.config.pgDatabase }} {{- else }} - url: jdbc:postgresql://{{ .Values.global.postgres.service.name2 }}:5432/{{ .Values.postgres.config.pgDatabase }} + url: jdbc:postgresql://{{ .Values.global.postgres.service.name2 }}:{{ .Values.global.postgres.service.externalPort2 }}/{{ .Values.postgres.config.pgDatabase }} {{- end }} username: ${DB_USERNAME} password: ${DB_PASSWORD} diff --git a/kubernetes/cps/components/cps-core/values.yaml b/kubernetes/cps/components/cps-core/values.yaml index a482152582..3da5d170b7 100644 --- a/kubernetes/cps/components/cps-core/values.yaml +++ b/kubernetes/cps/components/cps-core/values.yaml @@ -1,4 +1,5 @@ -# Copyright (C) 2021 Pantheon.tech, Orange, Bell Canada. +# Copyright (C) 2021 Pantheon.tech, Orange, Bell Canada. +# Modifications Copyright (C) 2022 Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -58,8 +59,11 @@ global: localCluster: false service: name: pgset + externalPort: 5432 name2: tcp-pgset-primary + externalPort2: 5432 name3: tcp-pgset-replica + externalPort3: 5432 container: name: postgres @@ -197,11 +201,15 @@ logging: # Postgres overriding defaults in the postgres ################################################################# postgres: + postgresInit: true nameOverride: &postgresName cps-core-postgres service: name: *postgresName + externalPort: 5432 name2: cps-core-pg-primary + externalPort2: 5432 name3: cps-core-pg-replica + externalPort3: 5432 container: name: primary: cps-core-pg-primary diff --git a/kubernetes/dcaegen2-services/components/dcae-datafile-collector/templates/secret.yaml b/kubernetes/dcaegen2-services/components/dcae-datafile-collector/templates/secret.yaml new file mode 100644 index 0000000000..13a14a5e12 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-datafile-collector/templates/secret.yaml @@ -0,0 +1,19 @@ +{{/* +################################################################################ +# Copyright (c) 2022 Nordix Foundation. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ +*/}} + +{{ include "common.secretFast" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-datafile-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-datafile-collector/values.yaml index 7408f44416..2ce6c89775 100644 --- a/kubernetes/dcaegen2-services/components/dcae-datafile-collector/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-datafile-collector/values.yaml @@ -1,6 +1,6 @@ # ================================ LICENSE_START ========================== # ========================================================================= -# Copyright (C) 2021 Nordix Foundation. +# Copyright (c) 2021 Nordix Foundation. # ========================================================================= # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -31,6 +31,16 @@ filebeatConfig: logstashPort: 5044 ################################################################# +# Secrets Configuration. +################################################################# +secrets: + - uid: &drPubCredsUID drpubcreds + type: basicAuth + login: '{{ .Values.drPubscriberCreds.username }}' + password: '{{ .Values.drPubscriberCreds.password }}' + passwordPolicy: required + +################################################################# # InitContainer Images. ################################################################# tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 @@ -116,6 +126,19 @@ applicationEnv: # It's a workaround because DMAAP specific env variables are not available in main container. CBS_CLIENT_CONFIG_PATH: '' +# Data Router Publisher Credentials +drPubscriberCreds: + username: username + password: password + +credentials: +- name: DR_USERNAME + uid: *drPubCredsUID + key: login +- name: DR_PASSWORD + uid: *drPubCredsUID + key: password + # Initial Application Configuration applicationConfig: dmaap.certificateConfig.keyCert: /opt/app/datafile/etc/cert/cert.p12 @@ -139,8 +162,8 @@ applicationConfig: location: loc00 log_url: ${DR_LOG_URL_0} publish_url: ${DR_FILES_PUBLISHER_URL_0} - username: ${DR_USERNAME_0} - password: ${DR_PASSWORD_0} + username: ${DR_USERNAME} + password: ${DR_PASSWORD} type: data_router streams_subscribes: dmaap_subscriber: @@ -159,6 +182,8 @@ drFeedConfig: # DataRouter Publisher Configuration drPubConfig: - feedName: bulk_pm_feed + username: ${DR_USERNAME} + userpwd: ${DR_PASSWORD} dcaeLocationName: loc00 # ConfigMap Configuration for Feed, Dr_Publisher diff --git a/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml b/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml index 84a3c1eee8..2bfa496bcd 100644 --- a/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml @@ -79,7 +79,7 @@ spec: name: {{ include "common.fullname" . }}-log-conf subPath: logback.xml - mountPath: {{ .Values.global.loggingDirectory }} - name: {{ include "common.fullname" . }}-logs + name: logs resources: {{ include "common.resources" . | nindent 12 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | nindent 10 }} @@ -106,7 +106,7 @@ spec: configMap: name: {{ include "common.fullname" . }}-log {{ include "common.log.volumes" . | nindent 8 }} - - name: {{ include "common.fullname" . }}-logs + - name: logs emptyDir: {} {{- if not .Values.persistence.enabled }} - name: {{ include "common.fullname" . }}-event-logs diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml index 5f99ea3399..b7acbc9d8d 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml @@ -95,7 +95,7 @@ spec: name: {{ include "common.fullname" . }}-log-conf subPath: logback.xml - mountPath: {{ .Values.global.loggingDirectory }} - name: {{ include "common.fullname" . }}-logs + name: logs resources: {{ include "common.resources" . }} {{- if .Values.nodeSelector }} @@ -123,7 +123,7 @@ spec: configMap: name: {{ include "common.fullname" . }}-log {{ include "common.log.volumes" . | nindent 6 }} - - name: {{ include "common.fullname" . }}-logs + - name: logs emptyDir: {} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/holmes/components/holmes-engine-mgmt/Chart.yaml b/kubernetes/holmes/components/holmes-engine-mgmt/Chart.yaml index 27b79fd7d1..455996b063 100644 --- a/kubernetes/holmes/components/holmes-engine-mgmt/Chart.yaml +++ b/kubernetes/holmes/components/holmes-engine-mgmt/Chart.yaml @@ -15,7 +15,7 @@ # limitations under the License. apiVersion: v2 -appVersion: "1.0" +appVersion: "2.0" description: Holmes Engine Management name: holmes-engine-mgmt version: 10.0.0 diff --git a/kubernetes/holmes/components/holmes-engine-mgmt/templates/deployment.yaml b/kubernetes/holmes/components/holmes-engine-mgmt/templates/deployment.yaml index b625f6d72e..aef0c8c22a 100644 --- a/kubernetes/holmes/components/holmes-engine-mgmt/templates/deployment.yaml +++ b/kubernetes/holmes/components/holmes-engine-mgmt/templates/deployment.yaml @@ -20,6 +20,13 @@ apiVersion: apps/v1 kind: Deployment metadata: {{- include "common.resourceMetadata" . | nindent 2 }} +{{- $sum := "" }} +{{- range $path, $bytes := .Files.Glob "resources/config/*.json"}} +{{- $sum = $.Files.Get $path | sha256sum | print $sum }} +{{- end }} + annotations: + checksum/config: {{ $sum | sha256sum }} + spec: replicas: 1 selector: {{- include "common.selectors" . | nindent 4 }} @@ -27,19 +34,6 @@ spec: metadata: {{- include "common.templateMetadata" . | nindent 6 }} spec: initContainers: {{- include "common.certInitializer.initContainer" . | nindent 6 }} - - name: init-consul - image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.consulLoaderImage }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - env: - - name: CONSUL_HOST - value: {{ .Values.consulHost | default "consul-server-ui" }}.{{ include "common.namespace" . }} - args: - - --key - - holmes-engine-mgmt|/hemconfig/cfy.json - resources: {} - volumeMounts: - - mountPath: /hemconfig - name: {{ include "common.fullname" . }}-config - name: {{ include "common.name" . }}-env-config image: {{ include "repositoryGenerator.image.envsubst" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} @@ -73,6 +67,8 @@ spec: volumeMounts: {{- include "common.certInitializer.volumeMount" . | nindent 8 }} - name: {{ include "common.fullname" . }}-env-config mountPath: /opt/hemconfig + - name: {{ include "common.fullname" . }}-config + mountPath: /opt/hemtopics # disable liveness probe when breakpoints set in debugger # so K8s doesn't restart unresponsive container {{- if eq .Values.liveness.enabled true }} diff --git a/kubernetes/holmes/components/holmes-engine-mgmt/values.yaml b/kubernetes/holmes/components/holmes-engine-mgmt/values.yaml index 1bdf35da21..d9dfa2d96e 100644 --- a/kubernetes/holmes/components/holmes-engine-mgmt/values.yaml +++ b/kubernetes/holmes/components/holmes-engine-mgmt/values.yaml @@ -25,7 +25,7 @@ global: # Application configuration defaults. ################################################################# # application image -image: onap/holmes/engine-management:9.0.0 +image: onap/holmes/engine-management:10.0.0 consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0 ################################################################# diff --git a/kubernetes/holmes/components/holmes-rule-mgmt/Chart.yaml b/kubernetes/holmes/components/holmes-rule-mgmt/Chart.yaml index d224e94cb9..97d7fe3eea 100644 --- a/kubernetes/holmes/components/holmes-rule-mgmt/Chart.yaml +++ b/kubernetes/holmes/components/holmes-rule-mgmt/Chart.yaml @@ -15,7 +15,7 @@ # limitations under the License. apiVersion: v2 -appVersion: "1.0" +appVersion: "2.0" description: Holmes Rule Management name: holmes-rule-mgmt version: 10.0.0 diff --git a/kubernetes/holmes/components/holmes-rule-mgmt/resources/config/cfy.json b/kubernetes/holmes/components/holmes-rule-mgmt/resources/config/cfy.json deleted file mode 100644 index 8710f81d1b..0000000000 --- a/kubernetes/holmes/components/holmes-rule-mgmt/resources/config/cfy.json +++ /dev/null @@ -1,6 +0,0 @@ -{ - "holmes.default.rule.volte.scenario1": "ControlLoop-VOLTE-2179b738-fd36-4843-a71a-a8c24c70c55b$$$package org.onap.holmes.droolsRule;\n\nimport org.onap.holmes.common.dmaap.DmaapService;\nimport org.onap.holmes.common.api.stat.VesAlarm;\nimport org.onap.holmes.common.aai.CorrelationUtil;\nimport org.onap.holmes.common.dmaap.entity.PolicyMsg;\nimport org.onap.holmes.common.dropwizard.ioc.utils.ServiceLocatorHolder;\nimport org.onap.holmes.common.utils.DroolsLog;\n \n\nrule \"Relation_analysis_Rule\"\nsalience 200\nno-loop true\n when\n $root : VesAlarm(alarmIsCleared == 0,\n $sourceId: sourceId, sourceId != null && !sourceId.equals(\"\"),\n\t\t\t$sourceName: sourceName, sourceName != null && !sourceName.equals(\"\"),\n\t\t\t$startEpochMicrosec: startEpochMicrosec,\n eventName in (\"Fault_MultiCloud_VMFailure\"),\n $eventId: eventId)\n $child : VesAlarm( eventId != $eventId, parentId == null,\n CorrelationUtil.getInstance().isTopologicallyRelated(sourceId, $sourceId, $sourceName),\n eventName in (\"Fault_MME_eNodeB out of service alarm\"),\n startEpochMicrosec < $startEpochMicrosec + 60000 && startEpochMicrosec > $startEpochMicrosec - 60000 )\n then\n\t\tDroolsLog.printInfo(\"===========================================================\");\n\t\tDroolsLog.printInfo(\"Relation_analysis_Rule: rootId=\" + $root.getEventId() + \", childId=\" + $child.getEventId());\n\t\t$child.setParentId($root.getEventId());\n\t\tupdate($child);\n\t\t\nend\n\nrule \"root_has_child_handle_Rule\"\nsalience 150\nno-loop true\n\twhen\n\t\t$root : VesAlarm(alarmIsCleared == 0, rootFlag == 0, $eventId: eventId)\n\t\t$child : VesAlarm(eventId != $eventId, parentId == $eventId)\n\tthen\n\t\tDroolsLog.printInfo(\"===========================================================\");\n\t\tDroolsLog.printInfo(\"root_has_child_handle_Rule: rootId=\" + $root.getEventId() + \", childId=\" + $child.getEventId());\n\t\tDmaapService dmaapService = ServiceLocatorHolder.getLocator().getService(DmaapService.class);\n\t\tPolicyMsg policyMsg = dmaapService.getPolicyMsg($root, $child, \"org.onap.holmes.droolsRule\");\n dmaapService.publishPolicyMsg(policyMsg, \"dcae_cl_out\");\n\t\t$root.setRootFlag(1);\n\t\tupdate($root);\nend\n\nrule \"root_no_child_handle_Rule\"\nsalience 100\nno-loop true\n when\n $root : VesAlarm(alarmIsCleared == 0, rootFlag == 0,\n sourceId != null && !sourceId.equals(\"\"),\n\t\t\tsourceName != null && !sourceName.equals(\"\"),\n eventName in (\"Fault_MultiCloud_VMFailure\"))\n then\n\t\tDroolsLog.printInfo(\"===========================================================\");\n\t\tDroolsLog.printInfo(\"root_no_child_handle_Rule: rootId=\" + $root.getEventId());\n\t\tDmaapService dmaapService = ServiceLocatorHolder.getLocator().getService(DmaapService.class);\n\t\tPolicyMsg policyMsg = dmaapService.getPolicyMsg($root, null, \"org.onap.holmes.droolsRule\");\n dmaapService.publishPolicyMsg(policyMsg, \"dcae_cl_out\");\n\t\t$root.setRootFlag(1);\n\t\tupdate($root);\nend\n\nrule \"root_cleared_handle_Rule\"\nsalience 100\nno-loop true\n when\n $root : VesAlarm(alarmIsCleared == 1, rootFlag == 1)\n then\n\t\tDroolsLog.printInfo(\"===========================================================\");\n\t\tDroolsLog.printInfo(\"root_cleared_handle_Rule: rootId=\" + $root.getEventId());\n\t\tDmaapService dmaapService = ServiceLocatorHolder.getLocator().getService(DmaapService.class);\n\t\tPolicyMsg policyMsg = dmaapService.getPolicyMsg($root, null, \"org.onap.holmes.droolsRule\");\n dmaapService.publishPolicyMsg(policyMsg, \"dcae_cl_out\");\n\t\tretract($root);\nend\n\nrule \"child_handle_Rule\"\nsalience 100\nno-loop true\n when\n $child : VesAlarm(alarmIsCleared == 1, rootFlag == 0)\n then\n\t\tDroolsLog.printInfo(\"===========================================================\");\n\t\tDroolsLog.printInfo(\"child_handle_Rule: childId=\" + $child.getEventId());\n\t\tretract($child);\nend", - "services_calls": {}, - "streams_publishes": {}, - "streams_subscribes": {} -} diff --git a/kubernetes/holmes/components/holmes-rule-mgmt/resources/rules/ControlLoop-VOLTE-2179b738-fd36-4843-a71a-a8c24c70c55b.drl b/kubernetes/holmes/components/holmes-rule-mgmt/resources/rules/ControlLoop-VOLTE-2179b738-fd36-4843-a71a-a8c24c70c55b.drl new file mode 100644 index 0000000000..494333c2a8 --- /dev/null +++ b/kubernetes/holmes/components/holmes-rule-mgmt/resources/rules/ControlLoop-VOLTE-2179b738-fd36-4843-a71a-a8c24c70c55b.drl @@ -0,0 +1,88 @@ +package org.onap.holmes.droolsRule; + +import org.onap.holmes.common.dmaap.DmaapService; +import org.onap.holmes.common.api.stat.VesAlarm; +import org.onap.holmes.common.aai.CorrelationUtil; +import org.onap.holmes.common.dmaap.entity.PolicyMsg; +import org.onap.holmes.common.dropwizard.ioc.utils.ServiceLocatorHolder; +import org.onap.holmes.common.utils.DroolsLog; + +rule "Relation_analysis_Rule" +salience 200 +no-loop true + when + $root : VesAlarm(alarmIsCleared == 0, + $sourceId: sourceId, sourceId != null && !sourceId.equals(""), + $sourceName: sourceName, sourceName != null && !sourceName.equals(""), + $startEpochMicrosec: startEpochMicrosec, + eventName in ("Fault_MultiCloud_VMFailure"), + $eventId: eventId) + $child : VesAlarm( eventId != $eventId, parentId == null, + CorrelationUtil.getInstance().isTopologicallyRelated(sourceId, $sourceId, $sourceName), + eventName in ("Fault_MME_eNodeB out of service alarm"), + startEpochMicrosec < $startEpochMicrosec + 60000 && startEpochMicrosec > $startEpochMicrosec - 60000 ) + then + DroolsLog.printInfo("==========================================================="); + DroolsLog.printInfo("Relation_analysis_Rule: rootId=" + $root.getEventId() + ", childId=" + $child.getEventId()); + $child.setParentId($root.getEventId()); + update($child); +end + +rule "root_has_child_handle_Rule" +salience 150 +no-loop true + when + $root : VesAlarm(alarmIsCleared == 0, rootFlag == 0, $eventId: eventId) + $child : VesAlarm(eventId != $eventId, parentId == $eventId) + then + DroolsLog.printInfo("==========================================================="); + DroolsLog.printInfo("root_has_child_handle_Rule: rootId=" + $root.getEventId() + ", childId=" + $child.getEventId()); + DmaapService dmaapService = ServiceLocatorHolder.getLocator().getService(DmaapService.class); + PolicyMsg policyMsg = dmaapService.getPolicyMsg($root, $child, "org.onap.holmes.droolsRule"); + dmaapService.publishPolicyMsg(policyMsg, "dcae_cl_out"); + $root.setRootFlag(1); + update($root); +end + +rule "root_no_child_handle_Rule" +salience 100 +no-loop true + when + $root : VesAlarm(alarmIsCleared == 0, rootFlag == 0, + sourceId != null && !sourceId.equals(""), + sourceName != null && !sourceName.equals(""), + eventName in ("Fault_MultiCloud_VMFailure")) + then + DroolsLog.printInfo("==========================================================="); + DroolsLog.printInfo("root_no_child_handle_Rule: rootId=" + $root.getEventId()); + DmaapService dmaapService = ServiceLocatorHolder.getLocator().getService(DmaapService.class); + PolicyMsg policyMsg = dmaapService.getPolicyMsg($root, null, "org.onap.holmes.droolsRule"); + dmaapService.publishPolicyMsg(policyMsg, "dcae_cl_out"); + $root.setRootFlag(1); + update($root); +end + +rule "root_cleared_handle_Rule" +salience 100 +no-loop true + when + $root : VesAlarm(alarmIsCleared == 1, rootFlag == 1) + then + DroolsLog.printInfo("==========================================================="); + DroolsLog.printInfo("root_cleared_handle_Rule: rootId=" + $root.getEventId()); + DmaapService dmaapService = ServiceLocatorHolder.getLocator().getService(DmaapService.class); + PolicyMsg policyMsg = dmaapService.getPolicyMsg($root, null, "org.onap.holmes.droolsRule"); + dmaapService.publishPolicyMsg(policyMsg, "dcae_cl_out"); + retract($root); +end + +rule "child_handle_Rule" +salience 100 +no-loop true + when + $child : VesAlarm(alarmIsCleared == 1, rootFlag == 0) + then + DroolsLog.printInfo("==========================================================="); + DroolsLog.printInfo("child_handle_Rule: childId=" + $child.getEventId()); + retract($child); +end diff --git a/kubernetes/holmes/components/holmes-rule-mgmt/resources/rules/index.json b/kubernetes/holmes/components/holmes-rule-mgmt/resources/rules/index.json new file mode 100644 index 0000000000..70f9dd09db --- /dev/null +++ b/kubernetes/holmes/components/holmes-rule-mgmt/resources/rules/index.json @@ -0,0 +1,6 @@ +[ + { + "closedControlLoopName": "ControlLoop-VOLTE-2179b738-fd36-4843-a71a-a8c24c70c55b", + "file": "ControlLoop-VOLTE-2179b738-fd36-4843-a71a-a8c24c70c55b.drl" + } +] diff --git a/kubernetes/holmes/components/holmes-rule-mgmt/templates/configmap.yaml b/kubernetes/holmes/components/holmes-rule-mgmt/templates/configmap.yaml index 76b339faea..3d54264723 100644 --- a/kubernetes/holmes/components/holmes-rule-mgmt/templates/configmap.yaml +++ b/kubernetes/holmes/components/holmes-rule-mgmt/templates/configmap.yaml @@ -17,5 +17,12 @@ apiVersion: v1 kind: ConfigMap -metadata: {{- include "common.resourceMetadata" . | nindent 2 }} +metadata: + name: {{ include "common.fullname" . }}-general-config data: {{ tpl (.Files.Glob "resources/config/*").AsConfig . | nindent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-rule-config +data: {{ tpl (.Files.Glob "resources/rules/*").AsConfig . | nindent 2 }} diff --git a/kubernetes/holmes/components/holmes-rule-mgmt/templates/deployment.yaml b/kubernetes/holmes/components/holmes-rule-mgmt/templates/deployment.yaml index 19ccbc0cdc..f3e9ce5dde 100644 --- a/kubernetes/holmes/components/holmes-rule-mgmt/templates/deployment.yaml +++ b/kubernetes/holmes/components/holmes-rule-mgmt/templates/deployment.yaml @@ -20,6 +20,12 @@ apiVersion: apps/v1 kind: Deployment metadata: {{- include "common.resourceMetadata" . | nindent 2 }} +{{- $sum := "" }} +{{- range $path, $bytes := .Files.Glob "resources/rules/*"}} +{{- $sum = $.Files.Get $path | sha256sum | print $sum }} +{{- end }} + annotations: + checksum/rules: {{ $sum | sha256sum }} spec: replicas: 1 selector: {{- include "common.selectors" . | nindent 4 }} @@ -27,19 +33,6 @@ spec: metadata: {{- include "common.templateMetadata" . | nindent 6 }} spec: initContainers: {{- include "common.certInitializer.initContainer" . | nindent 6 }} - - name: init-consul - image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.consulLoaderImage }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - env: - - name: CONSUL_HOST - value: {{ .Values.consulHost | default "consul-server-ui" }}.{{ include "common.namespace" . }} - args: - - --key - - holmes-rule-mgmt|/hrmconfigs/cfy.json - resources: {} - volumeMounts: - - mountPath: /hrmconfigs - name: {{ include "common.fullname" . }}-config - name: {{ include "common.name" . }}-env-config image: {{ include "repositoryGenerator.image.envsubst" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} @@ -61,7 +54,7 @@ spec: value: "{{ .Values.config.pgConfig.dbPort }}" volumeMounts: - mountPath: /hrmconfig - name: {{ include "common.fullname" . }}-config + name: {{ include "common.fullname" . }}-general-config - mountPath: /config name: {{ include "common.fullname" . }}-env-config containers: @@ -72,6 +65,8 @@ spec: volumeMounts: {{- include "common.certInitializer.volumeMount" . | nindent 8 }} - name: {{ include "common.fullname" . }}-env-config mountPath: /opt/hrmconfig + - name: {{ include "common.fullname" . }}-rule-config + mountPath: /opt/hrmrules # disable liveness probe when breakpoints set in debugger # so K8s doesn't restart unresponsive container {{- if eq .Values.liveness.enabled true }} @@ -119,10 +114,14 @@ spec: value: "{{ .Values.config.pgConfig.dbPort }}" serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }} - - name: {{ include "common.fullname" . }}-config + - name: {{ include "common.fullname" . }}-general-config + configMap: + defaultMode: 422 + name: {{ include "common.fullname" . }}-general-config + - name: {{ include "common.fullname" . }}-rule-config configMap: defaultMode: 422 - name: {{ include "common.fullname" . }} + name: {{ include "common.fullname" . }}-rule-config - name: {{ include "common.fullname" . }}-env-config emptyDir: medium: Memory diff --git a/kubernetes/holmes/components/holmes-rule-mgmt/values.yaml b/kubernetes/holmes/components/holmes-rule-mgmt/values.yaml index 06248824b4..d26e88d193 100644 --- a/kubernetes/holmes/components/holmes-rule-mgmt/values.yaml +++ b/kubernetes/holmes/components/holmes-rule-mgmt/values.yaml @@ -25,7 +25,7 @@ global: # Application configuration defaults. ################################################################# # application image -image: onap/holmes/rule-management:9.0.1 +image: onap/holmes/rule-management:10.0.0 consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0 ################################################################# @@ -120,17 +120,17 @@ resources: small: limits: cpu: 250m - memory: 256Mi + memory: 1024Mi requests: cpu: 250m - memory: 1024Mi + memory: 256Mi large: limits: cpu: 500m - memory: 512Mi + memory: 2Gi requests: cpu: 500m - memory: 2Gi + memory: 512Mi unlimited: {} #Pods Service Account diff --git a/kubernetes/onap/resources/overrides/onap-all.yaml b/kubernetes/onap/resources/overrides/onap-all.yaml index 229717a990..f92bfa78bc 100644 --- a/kubernetes/onap/resources/overrides/onap-all.yaml +++ b/kubernetes/onap/resources/overrides/onap-all.yaml @@ -29,6 +29,10 @@ postgres: enabled: true aaf: enabled: true + aaf-sms: + cps: + # you must always set the same values as value set in cps.enabled + enabled: true aai: enabled: true appc: diff --git a/kubernetes/onap/resources/overrides/sm-onap.yaml b/kubernetes/onap/resources/overrides/sm-onap.yaml index 312fc4b65f..b07b6d3aa2 100644 --- a/kubernetes/onap/resources/overrides/sm-onap.yaml +++ b/kubernetes/onap/resources/overrides/sm-onap.yaml @@ -44,6 +44,11 @@ ####################### global: aafEnabled: false + centralizedLoggingEnabled: false + serviceMesh: + enabled: true + tls: true + engine: "istio" aai: enabled: true global: @@ -53,6 +58,10 @@ aai: replicaCount: 1 aaf: enabled: false + aaf-sms: + cps: + # you must always set the same values as value set in cps.enabled + enabled: false appc: enabled: false cassandra: diff --git a/kubernetes/onap/values.yaml b/kubernetes/onap/values.yaml index 08f404a70c..73f96d3eb8 100755 --- a/kubernetes/onap/values.yaml +++ b/kubernetes/onap/values.yaml @@ -78,7 +78,7 @@ global: # common global images # Busybox for simple shell manipulation - busyboxImage: busybox:1.32 + busyboxImage: busybox:1.34.1 # curl image curlImage: curlimages/curl:7.80.0 @@ -91,7 +91,7 @@ global: htpasswdImage: xmartlabs/htpasswd:latest # kubenretes client image - kubectlImage: bitnami/kubectl:1.19 + kubectlImage: bitnami/kubectl:1.22.4 # logging agent loggingImage: beats/filebeat:5.5.0 @@ -100,7 +100,7 @@ global: mariadbImage: bitnami/mariadb:10.6.5-debian-10-r28 # nginx server image - nginxImage: bitnami/nginx:1.18-debian-10 + nginxImage: bitnami/nginx:1.21.4 # postgreSQL client and server image postgresImage: crunchydata/crunchy-postgres:centos8-13.2-4.6.1 @@ -259,8 +259,13 @@ global: # Enable/disable and configure helm charts (ie. applications) # to customize the ONAP deployment. ################################################################# + aaf: enabled: false + aaf-sms: + cps: + # you must always set the same values as value set in cps.enabled + enabled: false aai: enabled: false appc: diff --git a/kubernetes/oof/resources/config/conf/slicing_config.yaml b/kubernetes/oof/resources/config/conf/slicing_config.yaml index e456aeccdf..97ed73d524 100644 --- a/kubernetes/oof/resources/config/conf/slicing_config.yaml +++ b/kubernetes/oof/resources/config/conf/slicing_config.yaml @@ -21,6 +21,7 @@ attribute_mapping: uLThptPerUE: ul_thpt_per_ue sNSSAI: s_nssai pLMNIdList: plmn_id_list + plmnIdList: plmn_id_List activityFactor: activity_factor coverageAreaTAList: coverage_area_ta_list availability: availability @@ -34,7 +35,7 @@ attribute_mapping: maxPktSize: max_pkt_size msgSizeByte: msg_size_byte maxNumberofConns: max_number_of_conns - maxNumberofPDUSessions: max_number_of_pdu_sessions + maxNumberofPDUSession: max_number_of_pdu_session termDensity: terminal_density survivalTime: survival_time areaTrafficCapDL: area_traffic_cap_dl @@ -64,6 +65,7 @@ attribute_mapping: ul_thpt_per_ue: uLThptPerUE s_nssai: sNSSAI plmn_id_list: pLMNIdList + plmn_id_List: plmnIdList activity_factor: activityFactor coverage_area_ta_list: coverageAreaTAList availability: availability @@ -77,7 +79,7 @@ attribute_mapping: max_pkt_size: maxPktSize msg_size_byte: msgSizeByte max_number_of_conns: maxNumberofConns - max_number_of_pdu_sessions: maxNumberofPDUSessions + max_number_of_pdu_session: maxNumberofPDUSession terminal_density: termDensity survival_time: survivalTime area_traffic_cap_dl: areaTrafficCapDL diff --git a/kubernetes/policy/components/policy-clamp-be/resources/config/application.properties b/kubernetes/policy/components/policy-clamp-be/resources/config/application.properties index cd6c6faa03..b9a4ed33a8 100644 --- a/kubernetes/policy/components/policy-clamp-be/resources/config/application.properties +++ b/kubernetes/policy/components/policy-clamp-be/resources/config/application.properties @@ -71,7 +71,7 @@ clamp.config.dcae.deployment.password=none clamp.config.cadi.aafLocateUrl=https://aaf-locate.{{ include "common.namespace" . }}:8095 # Configuration settings for ControlLoop Runtime Rest API -clamp.config.controlloop.runtime.url=http://policy-clamp-cl-runtime.{{ include "common.namespace" . }}:6969 +clamp.config.controlloop.runtime.url=https://policy-clamp-cl-runtime.{{ include "common.namespace" . }}:6969 clamp.config.controlloop.runtime.userName=${RUNTIME_USER} clamp.config.controlloop.runtime.password=${RUNTIME_PASSWORD} diff --git a/kubernetes/sdc/components/sdc-be/resources/config/logging/logback.xml b/kubernetes/sdc/components/sdc-be/resources/config/logging/logback.xml index 28fd910d76..fcbca71f33 100644 --- a/kubernetes/sdc/components/sdc-be/resources/config/logging/logback.xml +++ b/kubernetes/sdc/components/sdc-be/resources/config/logging/logback.xml @@ -14,24 +14,45 @@ # limitations under the License. --> <configuration scan="true" scanPeriod="3 seconds"> - <property name="logDir" value="/var/log/onap" /> - <property name="componentName" scope="system" value="sdc"></property> - <property name="subComponentName" scope="system" value="sdc-be"></property> - <property name="logDirectory" value="${logDir}/${componentName}/${subComponentName}" /> - <property file="${config.home}/catalog-be/configuration.yaml" /> - <property name="enable-all-log" scope="context" value="false" /> + <property name="logDir" value="/var/log/onap"/> + <property name="componentName" scope="system" value="sdc"/> + <property name="subComponentName" scope="system" value="sdc-be"/> + <property name="logDirectory" value="${logDir}/${componentName}/${subComponentName}"/> + <property file="${config.home}/catalog-be/configuration.yaml"/> + <property name="enable-all-log" scope="context" value="false"/> <!-- log file names --> - <property name="errorLogName" value="error" /> - <property name="metricsLogName" value="metrics" /> - <property name="auditLogName" value="audit" /> - <property name="debugLogName" value="debug" /> - <property name="transactionLogName" value="transaction" /> - <property name="allLogName" value="all" /> - <property name="queueSize" value="256" /> - <property name="maxFileSize" value="50MB" /> - <property name="maxHistory" value="30" /> - <property name="totalSizeCap" value="10GB" /> - <property name="pattern" value="%d{"yyyy-MM-dd'T'HH:mm:ss.SSSXXX", UTC}\t[%thread]\t%-5level\t%logger{36}\t%replace(%replace(%replace(%mdc){'\t','\\\\t'}){', ','\t'}){'\n', '\\\\n'}\t%replace(%replace(%msg){'\n', '\\\\n'}){'\t','\\\\t'}%n" /> + <property name="errorLogName" value="error"/> + <property name="metricsLogName" value="metrics"/> + <property name="auditLogName" value="audit"/> + <property name="debugLogName" value="debug"/> + <property name="transactionLogName" value="transaction"/> + <property name="allLogName" value="all"/> + <property name="queueSize" value="256"/> + <property name="maxFileSize" value="50MB"/> + <property name="maxHistory" value="30"/> + <property name="totalSizeCap" value="10GB"/> + <property name="pattern" + value="%d{"yyyy-MM-dd'T'HH:mm:ss.SSSXXX", UTC}\t[%thread]\t%-5level\t%logger{36}\t%replace(%replace(%replace(%mdc){'\t','\\\\t'}){', ','\t'}){'\n', '\\\\n'}\t%replace(%replace(%msg){'\n', '\\\\n'}){'\t','\\\\t'}%n"/> + + <!-- STDOUT --> + <appender class="ch.qos.logback.core.ConsoleAppender" name="STDOUT"> + <encoder> + <pattern>${pattern}</pattern> + </encoder> + </appender> + + <!-- STDERR --> + <appender class="ch.qos.logback.core.ConsoleAppender" name="STDERR"> + <filter class="ch.qos.logback.classic.filter.LevelFilter"> + <level>ERROR</level> + <onMatch>ACCEPT</onMatch> + <onMismatch>DENY</onMismatch> + </filter> + <encoder> + <pattern>"%d [%thread] %-5level %logger{1024} - %msg%n"</pattern> + </encoder> + </appender> + <!-- All log --> <if condition='property("enable-all-log").equalsIgnoreCase("true")'> <then> @@ -50,7 +71,7 @@ </encoder> </appender> <appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_ALL"> - <appender-ref ref="ALL_ROLLING" /> + <appender-ref ref="ALL_ROLLING"/> </appender> </then> </if> @@ -170,30 +191,32 @@ <!-- Asynchronicity Configurations --> <appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_DEBUG"> <queueSize>${queueSize}</queueSize> - <appender-ref ref="DEBUG_ROLLING" /> + <appender-ref ref="DEBUG_ROLLING"/> </appender> <appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_TRANSACTION"> <queueSize>${queueSize}</queueSize> - <appender-ref ref="TRANSACTION_ROLLING" /> + <appender-ref ref="TRANSACTION_ROLLING"/> </appender> <appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_ERROR"> <queueSize>${queueSize}</queueSize> - <appender-ref ref="ERROR_ROLLING" /> + <appender-ref ref="ERROR_ROLLING"/> </appender> <appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_AUDIT"> <queueSize>${queueSize}</queueSize> - <appender-ref ref="AUDIT_ROLLING" /> + <appender-ref ref="AUDIT_ROLLING"/> </appender> <root level="INFO"> - <appender-ref ref="ASYNC_ERROR" /> - <appender-ref ref="ASYNC_DEBUG" /> - <appender-ref ref="ASYNC_AUDIT" /> - <appender-ref ref="ASYNC_TRANSACTION" /> + <appender-ref ref="ASYNC_ERROR"/> + <appender-ref ref="ASYNC_DEBUG"/> + <appender-ref ref="ASYNC_AUDIT"/> + <appender-ref ref="ASYNC_TRANSACTION"/> <if condition='property("enable-all-log").equalsIgnoreCase("true")'> <then> - <appender-ref ref="ALL_ROLLING" /> + <appender-ref ref="ALL_ROLLING"/> </then> </if> + <appender-ref ref="STDOUT"/> + <appender-ref ref="STDERR"/> </root> - <logger level="INFO" name="org.openecomp.sdc" /> + <logger level="INFO" name="org.openecomp.sdc"/> </configuration> diff --git a/kubernetes/sdc/components/sdc-fe/resources/config/logging/logback.xml b/kubernetes/sdc/components/sdc-fe/resources/config/logging/logback.xml index 1000982b6e..f3ebf76428 100644 --- a/kubernetes/sdc/components/sdc-fe/resources/config/logging/logback.xml +++ b/kubernetes/sdc/components/sdc-fe/resources/config/logging/logback.xml @@ -16,24 +16,45 @@ -->
<configuration scan="true" scanPeriod="3 seconds">
- <property name="logDir" value="/var/log/onap" />
- <property name="componentName" scope="system" value="sdc"></property>
- <property name="subComponentName" scope="system" value="sdc-fe"></property>
- <property name="logDirectory" value="${logDir}/${componentName}/${subComponentName}" />
- <property file="${config.home}/catalog-fe/configuration.yaml" />
- <property name="enable-all-log" scope="context" value="false" />
+ <property name="logDir" value="/var/log/onap"/>
+ <property name="componentName" scope="system" value="sdc"/>
+ <property name="subComponentName" scope="system" value="sdc-fe"/>
+ <property name="logDirectory" value="${logDir}/${componentName}/${subComponentName}"/>
+ <property file="${config.home}/catalog-fe/configuration.yaml"/>
+ <property name="enable-all-log" scope="context" value="false"/>
<!-- log file names -->
- <property name="errorLogName" value="error" />
- <property name="metricsLogName" value="metrics" />
- <property name="auditLogName" value="audit" />
- <property name="debugLogName" value="debug" />
- <property name="transactionLogName" value="transaction" />
- <property name="allLogName" value="all" />
- <property name="queueSize" value="256" />
- <property name="maxFileSize" value="50MB" />
- <property name="maxHistory" value="30" />
- <property name="totalSizeCap" value="10GB" />
- <property name="pattern" value="%d{"yyyy-MM-dd'T'HH:mm:ss.SSSXXX", UTC}\t[%thread]\t%-5level\t%logger{36}\t%replace(%replace(%replace(%mdc){'\t','\\\\t'}){', ','\t'}){'\n', '\\\\n'}\t%replace(%replace(%msg){'\n', '\\\\n'}){'\t','\\\\t'}%n" />
+ <property name="errorLogName" value="error"/>
+ <property name="metricsLogName" value="metrics"/>
+ <property name="auditLogName" value="audit"/>
+ <property name="debugLogName" value="debug"/>
+ <property name="transactionLogName" value="transaction"/>
+ <property name="allLogName" value="all"/>
+ <property name="queueSize" value="256"/>
+ <property name="maxFileSize" value="50MB"/>
+ <property name="maxHistory" value="30"/>
+ <property name="totalSizeCap" value="10GB"/>
+ <property name="pattern"
+ value="%d{"yyyy-MM-dd'T'HH:mm:ss.SSSXXX", UTC}\t[%thread]\t%-5level\t%logger{36}\t%replace(%replace(%replace(%mdc){'\t','\\\\t'}){', ','\t'}){'\n', '\\\\n'}\t%replace(%replace(%msg){'\n', '\\\\n'}){'\t','\\\\t'}%n"/>
+
+ <!-- STDOUT -->
+ <appender class="ch.qos.logback.core.ConsoleAppender" name="STDOUT">
+ <encoder>
+ <pattern>${pattern}</pattern>
+ </encoder>
+ </appender>
+
+ <!-- STDERR -->
+ <appender class="ch.qos.logback.core.ConsoleAppender" name="STDERR">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>ERROR</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <encoder>
+ <pattern>"%d [%thread] %-5level %logger{1024} - %msg%n"</pattern>
+ </encoder>
+ </appender>
+
<!-- All log -->
<if condition='property("enable-all-log").equalsIgnoreCase("true")'>
<then>
@@ -52,7 +73,7 @@ </encoder>
</appender>
<appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_ALL">
- <appender-ref ref="ALL_ROLLING" />
+ <appender-ref ref="ALL_ROLLING"/>
</appender>
</then>
</if>
@@ -174,30 +195,32 @@ <!-- Asynchronicity Configurations -->
<appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_DEBUG">
<queueSize>${queueSize}</queueSize>
- <appender-ref ref="DEBUG_ROLLING" />
+ <appender-ref ref="DEBUG_ROLLING"/>
</appender>
<appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_TRANSACTION">
<queueSize>${queueSize}</queueSize>
- <appender-ref ref="TRANSACTION_ROLLING" />
+ <appender-ref ref="TRANSACTION_ROLLING"/>
</appender>
<appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_ERROR">
<queueSize>${queueSize}</queueSize>
- <appender-ref ref="ERROR_ROLLING" />
+ <appender-ref ref="ERROR_ROLLING"/>
</appender>
<appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_AUDIT">
<queueSize>${queueSize}</queueSize>
- <appender-ref ref="AUDIT_ROLLING" />
+ <appender-ref ref="AUDIT_ROLLING"/>
</appender>
<root level="INFO">
- <appender-ref ref="ASYNC_ERROR" />
- <appender-ref ref="ASYNC_DEBUG" />
- <appender-ref ref="ASYNC_AUDIT" />
- <appender-ref ref="ASYNC_TRANSACTION" />
+ <appender-ref ref="ASYNC_ERROR"/>
+ <appender-ref ref="ASYNC_DEBUG"/>
+ <appender-ref ref="ASYNC_AUDIT"/>
+ <appender-ref ref="ASYNC_TRANSACTION"/>
<if condition='property("enable-all-log").equalsIgnoreCase("true")'>
<then>
- <appender-ref ref="ALL_ROLLING" />
+ <appender-ref ref="ALL_ROLLING"/>
</then>
</if>
+ <appender-ref ref="STDOUT"/>
+ <appender-ref ref="STDERR"/>
</root>
- <logger level="INFO" name="org.openecomp.sdc" />
+ <logger level="INFO" name="org.openecomp.sdc"/>
</configuration>
diff --git a/kubernetes/sdc/components/sdc-onboarding-be/resources/config/logging/logback.xml b/kubernetes/sdc/components/sdc-onboarding-be/resources/config/logging/logback.xml index b537709925..ee22ff2cfd 100644 --- a/kubernetes/sdc/components/sdc-onboarding-be/resources/config/logging/logback.xml +++ b/kubernetes/sdc/components/sdc-onboarding-be/resources/config/logging/logback.xml @@ -15,24 +15,45 @@ # limitations under the License.
-->
<configuration scan="true" scanPeriod="3 seconds">
- <property name="logDir" value="/var/log/onap" />
- <property name="componentName" scope="system" value="sdc"></property>
- <property name="subComponentName" scope="system" value="sdc-onboarding-be"></property>
- <property name="logDirectory" value="${logDir}/${componentName}/${subComponentName}" />
- <property file="${config.home}/catalog-be/configuration.yaml" />
- <property name="enable-all-log" scope="context" value="false" />
+ <property name="logDir" value="/var/log/onap"/>
+ <property name="componentName" scope="system" value="sdc"/>
+ <property name="subComponentName" scope="system" value="sdc-onboarding-be"/>
+ <property name="logDirectory" value="${logDir}/${componentName}/${subComponentName}"/>
+ <property file="${config.home}/catalog-be/configuration.yaml"/>
+ <property name="enable-all-log" scope="context" value="false"/>
<!-- log file names -->
- <property name="errorLogName" value="error" />
- <property name="metricsLogName" value="metrics" />
- <property name="auditLogName" value="audit" />
- <property name="debugLogName" value="debug" />
- <property name="transactionLogName" value="transaction" />
- <property name="allLogName" value="all" />
- <property name="queueSize" value="256" />
- <property name="maxFileSize" value="50MB" />
- <property name="maxHistory" value="30" />
- <property name="totalSizeCap" value="10GB" />
- <property name="pattern" value="%d{"yyyy-MM-dd'T'HH:mm:ss.SSSXXX", UTC}\t[%thread]\t%-5level\t%logger{36}\t%replace(%replace(%replace(%mdc){'\t','\\\\t'}){', ','\t'}){'\n', '\\\\n'}\t%replace(%replace(%msg){'\n', '\\\\n'}){'\t','\\\\t'}%n" />
+ <property name="errorLogName" value="error"/>
+ <property name="metricsLogName" value="metrics"/>
+ <property name="auditLogName" value="audit"/>
+ <property name="debugLogName" value="debug"/>
+ <property name="transactionLogName" value="transaction"/>
+ <property name="allLogName" value="all"/>
+ <property name="queueSize" value="256"/>
+ <property name="maxFileSize" value="50MB"/>
+ <property name="maxHistory" value="30"/>
+ <property name="totalSizeCap" value="10GB"/>
+ <property name="pattern"
+ value="%d{"yyyy-MM-dd'T'HH:mm:ss.SSSXXX", UTC}\t[%thread]\t%-5level\t%logger{36}\t%replace(%replace(%replace(%mdc){'\t','\\\\t'}){', ','\t'}){'\n', '\\\\n'}\t%replace(%replace(%msg){'\n', '\\\\n'}){'\t','\\\\t'}%n"/>
+
+ <!-- STDOUT -->
+ <appender class="ch.qos.logback.core.ConsoleAppender" name="STDOUT">
+ <encoder>
+ <pattern>${pattern}</pattern>
+ </encoder>
+ </appender>
+
+ <!-- STDERR -->
+ <appender class="ch.qos.logback.core.ConsoleAppender" name="STDERR">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>ERROR</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <encoder>
+ <pattern>"%d [%thread] %-5level %logger{1024} - %msg%n"</pattern>
+ </encoder>
+ </appender>
+
<!-- All log -->
<if condition='property("enable-all-log").equalsIgnoreCase("true")'>
<then>
@@ -51,7 +72,7 @@ </encoder>
</appender>
<appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_ALL">
- <appender-ref ref="ALL_ROLLING" />
+ <appender-ref ref="ALL_ROLLING"/>
</appender>
</then>
</if>
@@ -171,30 +192,32 @@ <!-- Asynchronicity Configurations -->
<appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_DEBUG">
<queueSize>${queueSize}</queueSize>
- <appender-ref ref="DEBUG_ROLLING" />
+ <appender-ref ref="DEBUG_ROLLING"/>
</appender>
<appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_TRANSACTION">
<queueSize>${queueSize}</queueSize>
- <appender-ref ref="TRANSACTION_ROLLING" />
+ <appender-ref ref="TRANSACTION_ROLLING"/>
</appender>
<appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_ERROR">
<queueSize>${queueSize}</queueSize>
- <appender-ref ref="ERROR_ROLLING" />
+ <appender-ref ref="ERROR_ROLLING"/>
</appender>
<appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_AUDIT">
<queueSize>${queueSize}</queueSize>
- <appender-ref ref="AUDIT_ROLLING" />
+ <appender-ref ref="AUDIT_ROLLING"/>
</appender>
<root level="INFO">
- <appender-ref ref="ASYNC_ERROR" />
- <appender-ref ref="ASYNC_DEBUG" />
- <appender-ref ref="ASYNC_AUDIT" />
- <appender-ref ref="ASYNC_TRANSACTION" />
+ <appender-ref ref="ASYNC_ERROR"/>
+ <appender-ref ref="ASYNC_DEBUG"/>
+ <appender-ref ref="ASYNC_AUDIT"/>
+ <appender-ref ref="ASYNC_TRANSACTION"/>
<if condition='property("enable-all-log").equalsIgnoreCase("true")'>
<then>
- <appender-ref ref="ALL_ROLLING" />
+ <appender-ref ref="ALL_ROLLING"/>
</then>
</if>
+ <appender-ref ref="STDOUT"/>
+ <appender-ref ref="STDERR"/>
</root>
- <logger level="INFO" name="org.openecomp.sdc" />
+ <logger level="INFO" name="org.openecomp.sdc"/>
</configuration>
|