diff options
466 files changed, 7988 insertions, 5045 deletions
diff --git a/TOSCA/ONAP_TOSCA/onap_tosca.yaml b/TOSCA/ONAP_TOSCA/onap_tosca.yaml index a48f4bc246..e63901d35f 100644 --- a/TOSCA/ONAP_TOSCA/onap_tosca.yaml +++ b/TOSCA/ONAP_TOSCA/onap_tosca.yaml @@ -50,7 +50,7 @@ node_templates: chart-version: { get_input: chart-version } namespace: { get_input: namespace } stable-repo-url: { get_input: stable-repo-url} - config: '{ "aaf": {"enabled": false}, "aai": {"enabled": false}, "appc": {"enabled": false}, "clamp": {"enabled": false}, "cli": {"enabled": false}, "consul": {"enabled": false}, "dcaegen2": {"enabled": false}, "dmaap": {"enabled": false}, "esr": {"enabled": false}, "log": {"enabled": false}, "sniro-emulator": {"enabled": false}, "msb": {"enabled": false}, "multicloud": {"enabled": false}, "nbi": {"enabled": false}, "oof": {"enabled": false}, "policy": {"enabled": false}, "pomba": {"enabled": false}, "portal": {"enabled": false}, "robot": {"enabled": false}, "sdc": {"enabled": false}, "sdnc": {"enabled": false}, "so": {"enabled": false}, "uui": {"enabled": false}, "vfc": {"enabled": false}, "vid": {"enabled": false}, "vnfsdk": {"enabled": false} }' + config: '{ "aaf": {"enabled": false}, "aai": {"enabled": false}, "appc": {"enabled": false}, "clamp": {"enabled": false}, "cli": {"enabled": false}, "consul": {"enabled": false}, "dcaegen2": {"enabled": false}, "dmaap": {"enabled": false}, "log": {"enabled": false}, "sniro-emulator": {"enabled": false}, "msb": {"enabled": false}, "multicloud": {"enabled": false}, "nbi": {"enabled": false}, "oof": {"enabled": false}, "policy": {"enabled": false}, "pomba": {"enabled": false}, "portal": {"enabled": false}, "robot": {"enabled": false}, "sdc": {"enabled": false}, "sdnc": {"enabled": false}, "so": {"enabled": false}, "uui": {"enabled": false}, "vfc": {"enabled": false}, "vid": {"enabled": false}, "vnfsdk": {"enabled": false} }' aaf: type: onap.nodes.component @@ -179,20 +179,6 @@ node_templates: - type: cloudify.relationships.connected_to target: onap_env - esr: - type: onap.nodes.component - properties: - tiller-server-ip: { get_input: tiller-server-ip } - tiller-server-port: { get_input: tiller-server-port } - component-name: esr - chart-repo-url: { get_input: chart-repo-url } - chart-version: { get_input: chart-version } - namespace: { get_input: namespace } - stable-repo-url: { get_input: stable-repo-url} - relationships: - - type: cloudify.relationships.connected_to - target: onap_env - log: type: onap.nodes.component properties: @@ -429,4 +415,4 @@ node_templates: stable-repo-url: { get_input: stable-repo-url} relationships: - type: cloudify.relationships.connected_to - target: onap_env
\ No newline at end of file + target: onap_env diff --git a/docs/environments_onap_demo.yaml b/docs/environments_onap_demo.yaml index 9862ceab6c..8b697cbda2 100644 --- a/docs/environments_onap_demo.yaml +++ b/docs/environments_onap_demo.yaml @@ -48,8 +48,6 @@ cps: enabled: false dcaegen2: enabled: false -esr: - enabled: false log: enabled: false message-router: diff --git a/docs/helm-search.txt b/docs/helm-search.txt index 4d23cc0c4f..7fa7621e30 100644 --- a/docs/helm-search.txt +++ b/docs/helm-search.txt @@ -14,7 +14,6 @@ local/cps 8.0.0 ONAP Configuration Persistene S local/dcaegen2 8.0.0 ONAP DCAE Gen2 local/dgbuilder 8.0.0 D.G. Builder application local/dmaap 8.0.0 ONAP DMaaP components -local/esr 8.0.0 ONAP External System Register local/log 8.0.0 ONAP Logging ElasticStack local/mariadb-galera 8.0.0 Chart for MariaDB Galera cluster local/mongo 8.0.0 MongoDB Server diff --git a/docs/master_nfs_node.sh b/docs/master_nfs_node.sh index 4a7a8dbc12..32574c9f29 100644 --- a/docs/master_nfs_node.sh +++ b/docs/master_nfs_node.sh @@ -1,4 +1,4 @@ -#!/bin/bash +#!/bin/sh usage () { echo "Usage:" @@ -23,7 +23,7 @@ sudo chown nobody:nogroup /dockerdata-nfs/ #Update the /etc/exports NFS_EXP="" for i in $@; do - NFS_EXP+="$i(rw,sync,no_root_squash,no_subtree_check) " + NFS_EXP="${NFS_EXP}$i(rw,sync,no_root_squash,no_subtree_check) " done echo "/dockerdata-nfs "$NFS_EXP | sudo tee -a /etc/exports diff --git a/docs/openstack-k8s-controlnode.sh b/docs/openstack-k8s-controlnode.sh index cd219aa56f..d1515a7e5f 100644 --- a/docs/openstack-k8s-controlnode.sh +++ b/docs/openstack-k8s-controlnode.sh @@ -1,4 +1,4 @@ -#!/bin/bash +#!/bin/sh DOCKER_VERSION=18.09.5 @@ -18,10 +18,10 @@ systemctl daemon-reload systemctl restart docker apt-mark hold docker-ce -IP_ADDR=`ip address |grep ens|grep inet|awk '{print $2}'| awk -F / '{print $1}'` -HOSTNAME=`hostname` +IP_ADDR=$(ip address |grep ens|grep inet|awk '{print $2}'| awk -F / '{print $1}') +HOST_NAME=$(hostname) -echo "$IP_ADDR $HOSTNAME" >> /etc/hosts +echo "$IP_ADDR $HOST_NAME" >> /etc/hosts docker login -u docker -p docker nexus3.onap.org:10001 diff --git a/docs/openstack-k8s-workernode.sh b/docs/openstack-k8s-workernode.sh index 3f32d050a9..8b1b9e41ee 100644 --- a/docs/openstack-k8s-workernode.sh +++ b/docs/openstack-k8s-workernode.sh @@ -1,4 +1,4 @@ -#!/bin/bash +#!/bin/sh DOCKER_VERSION=18.09.5 @@ -18,10 +18,10 @@ systemctl daemon-reload systemctl restart docker apt-mark hold docker-ce -IP_ADDR=`ip address |grep ens|grep inet|awk '{print $2}'| awk -F / '{print $1}'` -HOSTNAME=`hostname` +IP_ADDR=$(ip address |grep ens|grep inet|awk '{print $2}'| awk -F / '{print $1}') +HOST_NAME=$(hostname) -echo "$IP_ADDR $HOSTNAME" >> /etc/hosts +echo "$IP_ADDR $HOST_NAME" >> /etc/hosts docker login -u docker -p docker nexus3.onap.org:10001 diff --git a/docs/openstack-nfs-server.sh b/docs/openstack-nfs-server.sh index 1db04eaff6..395d04f27c 100644 --- a/docs/openstack-nfs-server.sh +++ b/docs/openstack-nfs-server.sh @@ -1,11 +1,11 @@ -#!/bin/bash +#!/bin/sh apt-get update -IP_ADDR=`ip address |grep ens|grep inet|awk '{print $2}'| awk -F / '{print $1}'` -HOSTNAME=`hostname` +IP_ADDR=$(ip address |grep ens|grep inet|awk '{print $2}'| awk -F / '{print $1}') +HOST_NAME=$(hostname) -echo "$IP_ADDR $HOSTNAME" >> /etc/hosts +echo "$IP_ADDR $HOST_NAME" >> /etc/hosts sudo apt-get install make -y diff --git a/docs/release-notes-honolulu.rst b/docs/release-notes-honolulu.rst new file mode 100644 index 0000000000..0c8d81f164 --- /dev/null +++ b/docs/release-notes-honolulu.rst @@ -0,0 +1,162 @@ +.. This work is licensed under a Creative Commons Attribution 4.0 + International License. +.. http://creativecommons.org/licenses/by/4.0 +.. (c) ONAP Project and its contributors +.. _release_notes_honolulu: + +:orphan: + +************************************* +ONAP Operations Manager Release Notes +************************************* + +Previous Release Notes +====================== + +- :ref:`Guilin <release_notes_guilin>` +- :ref:`Frankfurt <release_notes_frankfurt>` +- :ref:`El Alto <release_notes_elalto>` +- :ref:`Dublin <release_notes_dublin>` +- :ref:`Casablanca <release_notes_casablanca>` +- :ref:`Beijing <release_notes_beijing>` +- :ref:`Amsterdam <release_notes_amsterdam>` + +Abstract +======== + +This document provides the release notes for the Honolulu release. + +Summary +======= + +The focus of this release is to strengthen the foundation of OOM installer. + +Release Data +============ + ++--------------------------------------+--------------------------------------+ +| **Project** | OOM | +| | | ++--------------------------------------+--------------------------------------+ +| **Docker images** | N/A | +| | | ++--------------------------------------+--------------------------------------+ +| **Release designation** | Honolulu | +| | | ++--------------------------------------+--------------------------------------+ +| **Release date** | 2021/04/29 | +| | | ++--------------------------------------+--------------------------------------+ + +New features +------------ + +* Kubernetes support for version up to 1.20 +* Helm support for version up to 3.5 +* Limits are set for most of the components +* Portal-Cassandra image updated to Bitnami, supporting IPv4/IPv6 Dual Stack +* CMPv2 external issuer implemented which extends Cert-Manager with ability to + enroll X.509 certificates from CMPv2 servers +* New version for mariadb galera using Bitnami image, supporting IPv4/IPv6 Dual + Stack +* Bump version of common PostgreSQL and ElasticSearch +* Move to automatic certificates retrieval for 80% of the components +* Consistent retrieval of docker images, with ability to configure proxy for + the 4 repositories used by ONAP + +**Bug fixes** + +A list of issues resolved in this release can be found here: +https://jira.onap.org/projects/OOM/versions/11073 + +major issues solved: + +* Better handling of persistence on PostgreSQL +* Better Ingress templating +* Better Service templating + +**Known Issues** + +- `OOM-2554 <https://jira.onap.org/browse/OOM-2554>`_ Common pods have java 8 +- `OOM-2435 <https://jira.onap.org/browse/OOM-2435>`_ SDNC karaf shell: + log:list: Error executing command: Unrecognized configuration +- `OOM-2629 <https://jira.onap.org/browse/OOM-2629>`_ NetBox demo entry setup + not complete +- `OOM-2706 <https://jira.onap.org/browse/OOM-2706>`_ CDS Blueprint Processor + does not work with local DB +- `OOM-2713 <https://jira.onap.org/browse/OOM-2713>`_ Problem on onboarding + custom cert to SDNC ONAP during deployment +- `OOM-2698 <https://jira.onap.org/browse/OOM-2698>`_ SO helm override fails in + for value with multi-level replacement +- `OOM-2697 <https://jira.onap.org/browse/OOM-2697>`_ SO with local MariaDB + deployment fails +- `OOM-2538 <https://jira.onap.org/browse/OOM-2538>`_ strange error with + CertInitializer template +- `OOM-2547 <https://jira.onap.org/browse/OOM-2547>`_ Health Check failures + seen after bringing down/up control plane & worker node VM instances on which + ONAP hosted +- `OOM-2699 <https://jira.onap.org/browse/OOM-2699>`_ SO so-mariadb + readinessCheck fails for local MariaDB instance +- `OOM-2705 <https://jira.onap.org/browse/OOM-2705>`_ SDNC DB installation fails + on local MariaDB instance +- `OOM-2603 <https://jira.onap.org/browse/OOM-2603>`_ [SDNC] allign password for + scaleoutUser/restconfUser/odlUser + +Deliverables +------------ + +Software Deliverables +~~~~~~~~~~~~~~~~~~~~~ + +OOM provides `Helm charts <https://git.onap.org/oom/>`_ that needs to be +"compiled" into Helm package. see step 6 in +:doc:`quickstart guide <oom_quickstart_guide>`. + +Documentation Deliverables +~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- :doc:`Project Description <oom_project_description>` +- :doc:`Cloud Setup Guide <oom_cloud_setup_guide>` +- :doc:`Quick Start Guide <oom_quickstart_guide>` +- :doc:`Setup Ingress Controller <oom_setup_ingress_controller>` +- :doc:`Developer Guide <oom_developer_guide>` +- :doc:`Hardcoded Certificates <oom_hardcoded_certificates>` + +Known Limitations, Issues and Workarounds +========================================= + +Known Vulnerabilities +--------------------- + +- Hard coded password used for all OOM deployments + [`OJSI-188 <https://jira.onap.org/browse/OJSI-188>`_] +- :doc:`Hard coded certificates <oom_hardcoded_certificates>` in Helm packages + +Workarounds +----------- + +- `<https://github.com/bitnami/bitnami-docker-mariadb-galera/issues/35>`_ + Workaround is to generate a password with "short" strenght or pregenerate + passwords without single quote in it. Default deployment is using "short" + password generation for mariadb. + +Security Notes +-------------- + +**Fixed Security Issues** + +References +========== + +For more information on the ONAP Frankfurt release, please see: + +#. `ONAP Home Page`_ +#. `ONAP Documentation`_ +#. `ONAP Release Downloads`_ +#. `ONAP Wiki Page`_ + + +.. _`ONAP Home Page`: https://www.onap.org +.. _`ONAP Wiki Page`: https://wiki.onap.org +.. _`ONAP Documentation`: https://docs.onap.org +.. _`ONAP Release Downloads`: https://git.onap.org diff --git a/docs/release-notes.rst b/docs/release-notes.rst index ae0ea457f5..730acd5eea 100644 --- a/docs/release-notes.rst +++ b/docs/release-notes.rst @@ -11,6 +11,7 @@ ONAP Operations Manager Release Notes Previous Release Notes ====================== +- :ref:`Honolulu <release_notes_honolulu>` - :ref:`Guilin <release_notes_guilin>` - :ref:`Frankfurt <release_notes_frankfurt>` - :ref:`El Alto <release_notes_elalto>` @@ -22,12 +23,12 @@ Previous Release Notes Abstract ======== -This document provides the release notes for the Honolulu release. +This document provides the release notes for the Istanbul release. Summary ======= -The focus of this release is to strengthen the foundation of OOM installer. + Release Data ============ @@ -39,66 +40,25 @@ Release Data | **Docker images** | N/A | | | | +--------------------------------------+--------------------------------------+ -| **Release designation** | Honolulu | +| **Release designation** | Istanbul | | | | +--------------------------------------+--------------------------------------+ -| **Release date** | 2021/04/29 | +| **Release date** | | | | | +--------------------------------------+--------------------------------------+ New features ------------ -* Kubernetes support for version up to 1.20 -* Helm support for version up to 3.5 -* Limits are set for most of the components -* Portal-Cassandra image updated to Bitnami, supporting IPv4/IPv6 Dual Stack -* CMPv2 external issuer implemented which extends Cert-Manager with ability to - enroll X.509 certificates from CMPv2 servers -* New version for mariadb galera using Bitnami image, supporting IPv4/IPv6 Dual - Stack -* Bump version of common PostgreSQL and ElasticSearch -* Move to automatic certificates retrieval for 80% of the components -* Consistent retrieval of docker images, with ability to configure proxy for - the 4 repositories used by ONAP **Bug fixes** A list of issues resolved in this release can be found here: -https://jira.onap.org/projects/OOM/versions/11073 - -major issues solved: +https://jira.onap.org/projects/OOM/versions/11074 -* Better handling of persistence on PostgreSQL -* Better Ingress templating -* Better Service templating **Known Issues** -- `OOM-2554 <https://jira.onap.org/browse/OOM-2554>`_ Common pods have java 8 -- `OOM-2435 <https://jira.onap.org/browse/OOM-2435>`_ SDNC karaf shell: - log:list: Error executing command: Unrecognized configuration -- `OOM-2629 <https://jira.onap.org/browse/OOM-2629>`_ NetBox demo entry setup - not complete -- `OOM-2706 <https://jira.onap.org/browse/OOM-2706>`_ CDS Blueprint Processor - does not work with local DB -- `OOM-2713 <https://jira.onap.org/browse/OOM-2713>`_ Problem on onboarding - custom cert to SDNC ONAP during deployment -- `OOM-2698 <https://jira.onap.org/browse/OOM-2698>`_ SO helm override fails in - for value with multi-level replacement -- `OOM-2697 <https://jira.onap.org/browse/OOM-2697>`_ SO with local MariaDB - deployment fails -- `OOM-2538 <https://jira.onap.org/browse/OOM-2538>`_ strange error with - CertInitializer template -- `OOM-2547 <https://jira.onap.org/browse/OOM-2547>`_ Health Check failures - seen after bringing down/up control plane & worker node VM instances on which - ONAP hosted -- `OOM-2699 <https://jira.onap.org/browse/OOM-2699>`_ SO so-mariadb - readinessCheck fails for local MariaDB instance -- `OOM-2705 <https://jira.onap.org/browse/OOM-2705>`_ SDNC DB installation fails - on local MariaDB instance -- `OOM-2603 <https://jira.onap.org/browse/OOM-2603>`_ [SDNC] allign password for - scaleoutUser/restconfUser/odlUser Deliverables ------------ @@ -126,17 +86,25 @@ Known Limitations, Issues and Workarounds Known Vulnerabilities --------------------- -- Hard coded password used for all OOM deployments - [`OJSI-188 <https://jira.onap.org/browse/OJSI-188>`_] -- :doc:`Hard coded certificates <oom_hardcoded_certificates>` in Helm packages Workarounds ----------- -- `<https://github.com/bitnami/bitnami-docker-mariadb-galera/issues/35>`_ - Workaround is to generate a password with "short" strenght or pregenerate - passwords without single quote in it. Default deployment is using "short" - password generation for mariadb. +- `OOM-2754 <https://jira.onap.org/browse/OOM-2754>`_ + Because of *updateEndpoint* property added to *cmpv2issuer* CRD + it is impossible to upgrade platform component from Honolulu to Istanbul + release without manual steps. Actions that should be performed: + + #. Update the CRD definition:: + + > kubectl -n onap apply -f cmpv2-cert-provider/crds/cmpv2issuer.yaml + #. Upgrade the component + #. Make sure that *cmpv2issuer* contains correct value for + *spec.updateEndpoint*. The value should be: *v1/certificate-update*. + If it's not, edit the resource:: + + > kubectl -n onap edit cmpv2issuer cmpv2-issuer-onap + Security Notes -------------- @@ -146,7 +114,7 @@ Security Notes References ========== -For more information on the ONAP Frankfurt release, please see: +For more information on the ONAP Istanbul release, please see: #. `ONAP Home Page`_ #. `ONAP Documentation`_ diff --git a/kubernetes/aaf/requirements.yaml b/kubernetes/aaf/requirements.yaml index 5e1f33fa36..e5dd29adc4 100644 --- a/kubernetes/aaf/requirements.yaml +++ b/kubernetes/aaf/requirements.yaml @@ -19,30 +19,40 @@ dependencies: - name: aaf-cass version: ~8.x-0 repository: 'file://components/aaf-cass' + condition: aaf-authz.enabled - name: aaf-cm version: ~8.x-0 repository: 'file://components/aaf-cm' + condition: aaf-authz.enabled - name: aaf-fs version: ~8.x-0 repository: 'file://components/aaf-fs' + condition: aaf-authz.enabled - name: aaf-gui version: ~8.x-0 repository: 'file://components/aaf-gui' + condition: aaf-authz.enabled - name: aaf-hello version: ~8.x-0 repository: 'file://components/aaf-hello' + condition: aaf-hello.enabled - name: aaf-locate version: ~8.x-0 repository: 'file://components/aaf-locate' + condition: aaf-authz.enabled - name: aaf-oauth version: ~8.x-0 repository: 'file://components/aaf-oauth' + condition: aaf-authz.enabled - name: aaf-service version: ~8.x-0 repository: 'file://components/aaf-service' + condition: aaf-authz.enabled - name: aaf-sms version: ~8.x-0 repository: 'file://components/aaf-sms' + condition: aaf-sms.enabled - name: aaf-sshsm version: ~8.x-0 repository: 'file://components/aaf-sshsm' + condition: aaf-sshsm.enabled diff --git a/kubernetes/aaf/values.yaml b/kubernetes/aaf/values.yaml index 9d032b599a..ee86a2f0ca 100644 --- a/kubernetes/aaf/values.yaml +++ b/kubernetes/aaf/values.yaml @@ -96,3 +96,12 @@ ingress: persistence: {} resources: {} + +aaf-authz: + enabled: true +aaf-hello: + enabled: false +aaf-sms: + enabled: true +aaf-sshsm: + enabled: false diff --git a/kubernetes/aai/.helmignore b/kubernetes/aai/.helmignore new file mode 100644 index 0000000000..7ddbad7ef4 --- /dev/null +++ b/kubernetes/aai/.helmignore @@ -0,0 +1,22 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj +components/ diff --git a/kubernetes/aai/components/aai-babel/requirements.yaml b/kubernetes/aai/components/aai-babel/requirements.yaml index 67d45f08b9..1f3e92413c 100644 --- a/kubernetes/aai/components/aai-babel/requirements.yaml +++ b/kubernetes/aai/components/aai-babel/requirements.yaml @@ -23,3 +23,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/aai/components/aai-babel/templates/deployment.yaml b/kubernetes/aai/components/aai-babel/templates/deployment.yaml index 9fe386a3c6..db3540606b 100644 --- a/kubernetes/aai/components/aai-babel/templates/deployment.yaml +++ b/kubernetes/aai/components/aai-babel/templates/deployment.yaml @@ -113,7 +113,7 @@ spec: name: {{ include "common.fullname" . }}-logs - mountPath: /usr/share/filebeat/data name: aai-filebeat - + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: - name: localtime hostPath: diff --git a/kubernetes/aai/components/aai-babel/values.yaml b/kubernetes/aai/components/aai-babel/values.yaml index a7f707deed..74c79ec05e 100644 --- a/kubernetes/aai/components/aai-babel/values.yaml +++ b/kubernetes/aai/components/aai-babel/values.yaml @@ -85,3 +85,9 @@ resources: cpu: 2 memory: 2Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: aai-babel + roles: + - read diff --git a/kubernetes/aai/components/aai-graphadmin/requirements.yaml b/kubernetes/aai/components/aai-graphadmin/requirements.yaml index cf22720435..3d0f24cb29 100644 --- a/kubernetes/aai/components/aai-graphadmin/requirements.yaml +++ b/kubernetes/aai/components/aai-graphadmin/requirements.yaml @@ -24,3 +24,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/aai/components/aai-graphadmin/templates/deployment.yaml b/kubernetes/aai/components/aai-graphadmin/templates/deployment.yaml index 8ed7ce83bc..610290061f 100644 --- a/kubernetes/aai/components/aai-graphadmin/templates/deployment.yaml +++ b/kubernetes/aai/components/aai-graphadmin/templates/deployment.yaml @@ -32,6 +32,12 @@ metadata: heritage: {{ .Release.Service }} spec: replicas: {{ .Values.replicaCount }} + minReadySeconds: {{ .Values.minReadySeconds }} + strategy: + type: {{ .Values.updateStrategy.type }} + rollingUpdate: + maxUnavailable: {{ .Values.updateStrategy.maxUnavailable }} + maxSurge: {{ .Values.updateStrategy.maxSurge }} selector: matchLabels: app: {{ include "common.name" . }} @@ -45,6 +51,7 @@ spec: checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} spec: hostname: aai-graphadmin + terminationGracePeriodSeconds: {{ .Values.service.terminationGracePeriodSeconds }} {{ if .Values.global.initContainers.enabled }} initContainers: - command: @@ -89,6 +96,10 @@ spec: value: {{ .Values.global.config.userId | quote }} - name: LOCAL_GROUP_ID value: {{ .Values.global.config.groupId | quote }} + - name: INTERNAL_PORT_1 + value: {{ .Values.service.internalPort | quote }} + - name: INTERNAL_PORT_2 + value: {{ .Values.service.internalPort2 | quote }} volumeMounts: - mountPath: /etc/localtime name: localtime @@ -125,6 +136,18 @@ spec: ports: - containerPort: {{ .Values.service.internalPort }} - containerPort: {{ .Values.service.internalPort2 }} + lifecycle: + # wait for active requests (long-running tasks) to be finished + # Before the SIGTERM is invoked, Kubernetes exposes a preStop hook in the Pod. + preStop: + exec: + command: + - sh + - -c + - | + while (netstat -an | grep ESTABLISHED | grep -e $INTERNAL_PORT_1 -e $INTERNAL_PORT_2) + do sleep 10 + done # disable liveness probe when breakpoints set in debugger # so K8s doesn't restart unresponsive container {{ if .Values.liveness.enabled }} @@ -162,7 +185,7 @@ spec: name: {{ include "common.fullname" . }}-logs - mountPath: /usr/share/filebeat/data name: {{ include "common.fullname" . }}-filebeat - + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: - name: localtime hostPath: diff --git a/kubernetes/aai/components/aai-graphadmin/values.yaml b/kubernetes/aai/components/aai-graphadmin/values.yaml index ad6ef3c984..89c4b024d6 100644 --- a/kubernetes/aai/components/aai-graphadmin/values.yaml +++ b/kubernetes/aai/components/aai-graphadmin/values.yaml @@ -126,6 +126,14 @@ flavor: small flavorOverride: small # default number of instances replicaCount: 1 +# the minimum number of seconds that a newly created Pod should be ready +minReadySeconds: 30 +updateStrategy: + type: RollingUpdate + # The number of pods that can be unavailable during the update process + maxUnavailable: 0 + # The number of pods that can be created above the desired amount of pods during an update + maxSurge: 1 # Configuration for the graphadmin deployment config: @@ -207,6 +215,7 @@ service: internalPort: 8449 portName2: tcp-5005 internalPort2: 5005 + terminationGracePeriodSeconds: 120 ingress: enabled: false @@ -249,3 +258,9 @@ resources: cpu: 1 memory: 2Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: aai-graphadmin + roles: + - read diff --git a/kubernetes/aai/components/aai-modelloader/requirements.yaml b/kubernetes/aai/components/aai-modelloader/requirements.yaml index cf22720435..3d0f24cb29 100644 --- a/kubernetes/aai/components/aai-modelloader/requirements.yaml +++ b/kubernetes/aai/components/aai-modelloader/requirements.yaml @@ -24,3 +24,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/aai/components/aai-modelloader/templates/deployment.yaml b/kubernetes/aai/components/aai-modelloader/templates/deployment.yaml index 0d24bfe957..7509f88090 100644 --- a/kubernetes/aai/components/aai-modelloader/templates/deployment.yaml +++ b/kubernetes/aai/components/aai-modelloader/templates/deployment.yaml @@ -87,6 +87,7 @@ spec: name: aai-filebeat resources: {{ include "common.resources" . }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: - name: localtime hostPath: diff --git a/kubernetes/aai/components/aai-modelloader/values.yaml b/kubernetes/aai/components/aai-modelloader/values.yaml index 38eab954a9..c0806fea0d 100644 --- a/kubernetes/aai/components/aai-modelloader/values.yaml +++ b/kubernetes/aai/components/aai-modelloader/values.yaml @@ -84,3 +84,9 @@ resources: cpu: 1 memory: 1536Mi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: aai-modelloader + roles: + - read diff --git a/kubernetes/aai/components/aai-resources/requirements.yaml b/kubernetes/aai/components/aai-resources/requirements.yaml index f9ba1c1fb7..1552d53276 100644 --- a/kubernetes/aai/components/aai-resources/requirements.yaml +++ b/kubernetes/aai/components/aai-resources/requirements.yaml @@ -27,3 +27,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/aai/components/aai-resources/templates/deployment.yaml b/kubernetes/aai/components/aai-resources/templates/deployment.yaml index d630647883..fd4b1c3dc1 100644 --- a/kubernetes/aai/components/aai-resources/templates/deployment.yaml +++ b/kubernetes/aai/components/aai-resources/templates/deployment.yaml @@ -29,6 +29,12 @@ metadata: heritage: {{ .Release.Service }} spec: replicas: {{ .Values.replicaCount }} + minReadySeconds: {{ .Values.minReadySeconds }} + strategy: + type: {{ .Values.updateStrategy.type }} + rollingUpdate: + maxUnavailable: {{ .Values.updateStrategy.maxUnavailable }} + maxSurge: {{ .Values.updateStrategy.maxSurge }} selector: matchLabels: app: {{ include "common.name" . }} @@ -72,6 +78,7 @@ spec: {{- end }} spec: hostname: aai-resources + terminationGracePeriodSeconds: {{ .Values.service.terminationGracePeriodSeconds }} initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }} - name: {{ include "common.name" . }}-readiness command: @@ -122,9 +129,13 @@ spec: - name: LOCAL_GROUP_ID value: {{ .Values.global.config.groupId | quote }} - name: POST_JAVA_OPTS - value: '-Djavax.net.ssl.trustStore=/opt/app/aai-resources/resources/aaf/truststoreONAPall.jks -Djavax.net.ssl.trustStorePassword={{ .Values.certInitializer.truststorePassword }}' + value: '-Djavax.net.ssl.trustStore={{ .Values.certInitializer.credsPath }}/truststoreONAPall.jks -Djavax.net.ssl.trustStorePassword={{ .Values.certInitializer.truststorePassword }}' - name: TRUSTORE_ALL_PASSWORD value: {{ .Values.certInitializer.truststorePassword }} + - name: INTERNAL_PORT_1 + value: {{ .Values.service.internalPort | quote }} + - name: INTERNAL_PORT_2 + value: {{ .Values.service.internalPort2 | quote }} volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 8 }} - mountPath: /etc/localtime name: localtime @@ -173,6 +184,18 @@ spec: ports: - containerPort: {{ .Values.service.internalPort }} - containerPort: {{ .Values.service.internalPort2 }} + lifecycle: + # wait for active requests (long-running tasks) to be finished + # Before the SIGTERM is invoked, Kubernetes exposes a preStop hook in the Pod. + preStop: + exec: + command: + - sh + - -c + - | + while (netstat -an | grep ESTABLISHED | grep -e $INTERNAL_PORT_1 -e $INTERNAL_PORT_2) + do sleep 10 + done # disable liveness probe when breakpoints set in debugger # so K8s doesn't restart unresponsive container {{- if .Values.liveness.enabled }} @@ -207,6 +230,7 @@ spec: - mountPath: /usr/share/filebeat/data name: {{ include "common.fullname" . }}-filebeat resources: {{ include "common.resources" . | nindent 12 }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }} - name: localtime hostPath: diff --git a/kubernetes/aai/components/aai-resources/values.yaml b/kubernetes/aai/components/aai-resources/values.yaml index 776f8be4b4..e244e76753 100644 --- a/kubernetes/aai/components/aai-resources/values.yaml +++ b/kubernetes/aai/components/aai-resources/values.yaml @@ -164,6 +164,14 @@ flavor: small flavorOverride: small # default number of instances replicaCount: 1 +# the minimum number of seconds that a newly created Pod should be ready +minReadySeconds: 30 +updateStrategy: + type: RollingUpdate + # The number of pods that can be unavailable during the update process + maxUnavailable: 0 + # The number of pods that can be created above the desired amount of pods during an update + maxSurge: 1 # Configuration for the resources deployment config: @@ -223,6 +231,7 @@ service: internalPort: 8447 portName2: tcp-5005 internalPort2: 5005 + terminationGracePeriodSeconds: 120 ingress: enabled: false @@ -260,3 +269,9 @@ resources: cpu: 2 memory: 4Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: aai-resources + roles: + - read diff --git a/kubernetes/aai/components/aai-schema-service/requirements.yaml b/kubernetes/aai/components/aai-schema-service/requirements.yaml index cf22720435..3d0f24cb29 100644 --- a/kubernetes/aai/components/aai-schema-service/requirements.yaml +++ b/kubernetes/aai/components/aai-schema-service/requirements.yaml @@ -24,3 +24,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/aai/components/aai-schema-service/templates/deployment.yaml b/kubernetes/aai/components/aai-schema-service/templates/deployment.yaml index 25be4db147..d4394057e8 100644 --- a/kubernetes/aai/components/aai-schema-service/templates/deployment.yaml +++ b/kubernetes/aai/components/aai-schema-service/templates/deployment.yaml @@ -116,6 +116,7 @@ spec: name: {{ include "common.fullname" . }}-logs - mountPath: /usr/share/filebeat/data name: {{ include "common.fullname" . }}-filebeat + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: - name: aai-common-aai-auth-mount secret: diff --git a/kubernetes/aai/components/aai-schema-service/values.yaml b/kubernetes/aai/components/aai-schema-service/values.yaml index 13d257a5c1..8a7d17f8dc 100644 --- a/kubernetes/aai/components/aai-schema-service/values.yaml +++ b/kubernetes/aai/components/aai-schema-service/values.yaml @@ -140,3 +140,9 @@ resources: cpu: 2 memory: 4Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: aai-schema-service + roles: + - read diff --git a/kubernetes/aai/components/aai-sparky-be/requirements.yaml b/kubernetes/aai/components/aai-sparky-be/requirements.yaml index f9ba1c1fb7..1552d53276 100644 --- a/kubernetes/aai/components/aai-sparky-be/requirements.yaml +++ b/kubernetes/aai/components/aai-sparky-be/requirements.yaml @@ -27,3 +27,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/aai/components/aai-sparky-be/templates/deployment.yaml b/kubernetes/aai/components/aai-sparky-be/templates/deployment.yaml index 3768e629e7..7c09dcd228 100644 --- a/kubernetes/aai/components/aai-sparky-be/templates/deployment.yaml +++ b/kubernetes/aai/components/aai-sparky-be/templates/deployment.yaml @@ -177,7 +177,7 @@ spec: name: aai-sparky-filebeat resources: {{ include "common.resources" . }} - + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }} - name: localtime hostPath: diff --git a/kubernetes/aai/components/aai-sparky-be/values.yaml b/kubernetes/aai/components/aai-sparky-be/values.yaml index a27fc44388..342df7a5d5 100644 --- a/kubernetes/aai/components/aai-sparky-be/values.yaml +++ b/kubernetes/aai/components/aai-sparky-be/values.yaml @@ -144,3 +144,9 @@ resources: cpu: 0.5 memory: 2Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: aai-sparky-be + roles: + - read diff --git a/kubernetes/aai/components/aai-traversal/requirements.yaml b/kubernetes/aai/components/aai-traversal/requirements.yaml index f9ba1c1fb7..1552d53276 100644 --- a/kubernetes/aai/components/aai-traversal/requirements.yaml +++ b/kubernetes/aai/components/aai-traversal/requirements.yaml @@ -27,3 +27,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/aai/components/aai-traversal/templates/deployment.yaml b/kubernetes/aai/components/aai-traversal/templates/deployment.yaml index dc1c010261..277fb4bfbb 100644 --- a/kubernetes/aai/components/aai-traversal/templates/deployment.yaml +++ b/kubernetes/aai/components/aai-traversal/templates/deployment.yaml @@ -29,6 +29,12 @@ metadata: heritage: {{ .Release.Service }} spec: replicas: {{ .Values.replicaCount }} + minReadySeconds: {{ .Values.minReadySeconds }} + strategy: + type: {{ .Values.updateStrategy.type }} + rollingUpdate: + maxUnavailable: {{ .Values.updateStrategy.maxUnavailable }} + maxSurge: {{ .Values.updateStrategy.maxSurge }} selector: matchLabels: app: {{ include "common.name" . }} @@ -91,6 +97,7 @@ spec: {{- end }} spec: hostname: aai-traversal + terminationGracePeriodSeconds: {{ .Values.service.terminationGracePeriodSeconds }} initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }} - command: - /app/ready.py @@ -144,6 +151,10 @@ spec: value: {{ .Values.global.config.userId | quote }} - name: LOCAL_GROUP_ID value: {{ .Values.global.config.groupId | quote }} + - name: INTERNAL_PORT_1 + value: {{ .Values.service.internalPort | quote }} + - name: INTERNAL_PORT_2 + value: {{ .Values.service.internalPort2 | quote }} volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 8 }} - mountPath: /etc/localtime name: localtime @@ -194,6 +205,18 @@ spec: ports: - containerPort: {{ .Values.service.internalPort }} - containerPort: {{ .Values.service.internalPort2 }} + lifecycle: + # wait for active requests (long-running tasks) to be finished + # Before the SIGTERM is invoked, Kubernetes exposes a preStop hook in the Pod. + preStop: + exec: + command: + - sh + - -c + - | + while (netstat -an | grep ESTABLISHED | grep -e $INTERNAL_PORT_1 -e $INTERNAL_PORT_2) + do sleep 10 + done # disable liveness probe when breakpoints set in debugger # so K8s doesn't restart unresponsive container {{ if .Values.liveness.enabled }} @@ -233,6 +256,7 @@ spec: name: {{ include "common.fullname" . }}-filebeat resources: {{ include "common.resources" . }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }} - name: localtime hostPath: diff --git a/kubernetes/aai/components/aai-traversal/values.yaml b/kubernetes/aai/components/aai-traversal/values.yaml index c1746be9ed..fc4ff7a983 100644 --- a/kubernetes/aai/components/aai-traversal/values.yaml +++ b/kubernetes/aai/components/aai-traversal/values.yaml @@ -145,6 +145,14 @@ pullPolicy: Always restartPolicy: Always flavor: small flavorOverride: small +# the minimum number of seconds that a newly created Pod should be ready +minReadySeconds: 30 +updateStrategy: + type: RollingUpdate + # The number of pods that can be unavailable during the update process + maxUnavailable: 0 + # The number of pods that can be created above the desired amount of pods during an update + maxSurge: 1 api_list: - 11 @@ -245,6 +253,7 @@ service: internalPort: 8446 portName2: tcp-5005 internalPort2: 5005 + terminationGracePeriodSeconds: 120 ingress: enabled: false @@ -267,3 +276,9 @@ resources: cpu: 2 memory: 4Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: aai-traversal + roles: + - read diff --git a/kubernetes/aai/requirements.yaml b/kubernetes/aai/requirements.yaml index 8b37ef737d..198439992a 100644 --- a/kubernetes/aai/requirements.yaml +++ b/kubernetes/aai/requirements.yaml @@ -62,3 +62,6 @@ dependencies: version: ~8.x-0 repository: 'file://components/aai-traversal' condition: aai-traversal.enabled + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/aai/templates/deployment.yaml b/kubernetes/aai/templates/deployment.yaml index 85b1111e65..80fcebbef7 100644 --- a/kubernetes/aai/templates/deployment.yaml +++ b/kubernetes/aai/templates/deployment.yaml @@ -117,7 +117,7 @@ spec: affinity: {{ toYaml .Values.affinity | indent 8 }} {{- end }} - + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: - name: localtime hostPath: diff --git a/kubernetes/aai/values.yaml b/kubernetes/aai/values.yaml index a463e47f19..684e592d30 100644 --- a/kubernetes/aai/values.yaml +++ b/kubernetes/aai/values.yaml @@ -397,3 +397,9 @@ resources: cpu: 2 memory: 2Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: aai + roles: + - read diff --git a/kubernetes/appc/.helmignore b/kubernetes/appc/.helmignore index f0c1319444..7ddbad7ef4 100644 --- a/kubernetes/appc/.helmignore +++ b/kubernetes/appc/.helmignore @@ -19,3 +19,4 @@ .project .idea/ *.tmproj +components/ diff --git a/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/startODL.sh b/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/startODL.sh index 68b50e1ad6..97df772ba7 100755 --- a/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/startODL.sh +++ b/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/startODL.sh @@ -70,7 +70,8 @@ do printf "." sleep 1 done -echo -e "\nmariadbgalera ready" +echo +echo "mariadbgalera ready" if [ ! -d ${DBINIT_DIR} ] then diff --git a/kubernetes/appc/values.yaml b/kubernetes/appc/values.yaml index e3f88b1c37..f59a64f3d2 100644 --- a/kubernetes/appc/values.yaml +++ b/kubernetes/appc/values.yaml @@ -131,6 +131,132 @@ mariadb-galera: nameOverride: *appc-db replicaCount: 1 + mariadbConfiguration: |- + [client] + port=3306 + socket=/opt/bitnami/mariadb/tmp/mysql.sock + plugin_dir=/opt/bitnami/mariadb/plugin + + [mysqld] + lower_case_table_names = 1 + default_storage_engine=InnoDB + basedir=/opt/bitnami/mariadb + datadir=/bitnami/mariadb/data + plugin_dir=/opt/bitnami/mariadb/plugin + tmpdir=/opt/bitnami/mariadb/tmp + socket=/opt/bitnami/mariadb/tmp/mysql.sock + pid_file=/opt/bitnami/mariadb/tmp/mysqld.pid + bind_address=0.0.0.0 + + ## Character set + collation_server=utf8_unicode_ci + init_connect='SET NAMES utf8' + character_set_server=utf8 + + ## MyISAM + key_buffer_size=32M + myisam_recover_options=FORCE,BACKUP + + ## Safety + skip_host_cache + skip_name_resolve + max_allowed_packet=16M + max_connect_errors=1000000 + sql_mode=STRICT_TRANS_TABLES,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_AUTO_VALUE_ON_ZERO,NO_ENGINE_SUBSTITUTION,NO_ZERO_DATE,NO_ZERO_IN_DATE + sysdate_is_now=1 + + ## Binary Logging + log_bin=mysql-bin + expire_logs_days=14 + # Disabling for performance per http://severalnines.com/blog/9-tips-going-production-galera-cluster-mysql + sync_binlog=0 + # Required for Galera + binlog_format=row + + ## Caches and Limits + tmp_table_size=32M + max_heap_table_size=32M + # Re-enabling as now works with Maria 10.1.2 + query_cache_type=1 + query_cache_limit=4M + query_cache_size=256M + max_connections=500 + thread_cache_size=50 + open_files_limit=65535 + table_definition_cache=4096 + table_open_cache=4096 + + ## InnoDB + innodb=FORCE + innodb_strict_mode=1 + # Mandatory per https://github.com/codership/documentation/issues/25 + innodb_autoinc_lock_mode=2 + # Per https://www.percona.com/blog/2006/08/04/innodb-double-write/ + innodb_doublewrite=1 + innodb_flush_method=O_DIRECT + innodb_log_files_in_group=2 + innodb_log_file_size=128M + innodb_flush_log_at_trx_commit=1 + innodb_file_per_table=1 + # 80% Memory is default reco. + # Need to re-evaluate when DB size grows + innodb_buffer_pool_size=2G + innodb_file_format=Barracuda + + ## Logging + log_error=/opt/bitnami/mariadb/logs/mysqld.log + slow_query_log_file=/opt/bitnami/mariadb/logs/mysqld.log + log_queries_not_using_indexes=1 + slow_query_log=1 + + ## SSL + ## Use extraVolumes and extraVolumeMounts to mount /certs filesystem + # ssl_ca=/certs/ca.pem + # ssl_cert=/certs/server-cert.pem + # ssl_key=/certs/server-key.pem + + [galera] + wsrep_on=ON + wsrep_provider=/opt/bitnami/mariadb/lib/libgalera_smm.so + wsrep_sst_method=mariabackup + wsrep_slave_threads=4 + wsrep_cluster_address=gcomm:// + wsrep_cluster_name=galera + wsrep_sst_auth="root:" + # Enabled for performance per https://mariadb.com/kb/en/innodb-system-variables/#innodb_flush_log_at_trx_commit + innodb_flush_log_at_trx_commit=2 + # MYISAM REPLICATION SUPPORT # + wsrep_replicate_myisam=ON + binlog_format=row + default_storage_engine=InnoDB + innodb_autoinc_lock_mode=2 + transaction-isolation=READ-COMMITTED + wsrep_causal_reads=1 + wsrep_sync_wait=7 + + [mariadb] + plugin_load_add=auth_pam + + ## Data-at-Rest Encryption + ## Use extraVolumes and extraVolumeMounts to mount /encryption filesystem + # plugin_load_add=file_key_management + # file_key_management_filename=/encryption/keyfile.enc + # file_key_management_filekey=FILE:/encryption/keyfile.key + # file_key_management_encryption_algorithm=AES_CTR + # encrypt_binlog=ON + # encrypt_tmp_files=ON + + ## InnoDB/XtraDB Encryption + # innodb_encrypt_tables=ON + # innodb_encrypt_temporary_tables=ON + # innodb_encrypt_log=ON + # innodb_encryption_threads=4 + # innodb_encryption_rotate_key_age=1 + + ## Aria Encryption + # aria_encrypt_tables=ON + # encrypt_tmp_disk_tables=ON + dgbuilder: nameOverride: appc-dgbuilder certInitializer: diff --git a/kubernetes/cds/.helmignore b/kubernetes/cds/.helmignore index f0c1319444..7ddbad7ef4 100644 --- a/kubernetes/cds/.helmignore +++ b/kubernetes/cds/.helmignore @@ -19,3 +19,4 @@ .project .idea/ *.tmproj +components/ diff --git a/kubernetes/cds/components/cds-blueprints-processor/resources/config/application.properties b/kubernetes/cds/components/cds-blueprints-processor/resources/config/application.properties index a3d32a9a03..ea799e2119 100755 --- a/kubernetes/cds/components/cds-blueprints-processor/resources/config/application.properties +++ b/kubernetes/cds/components/cds-blueprints-processor/resources/config/application.properties @@ -159,3 +159,6 @@ management.endpoint.health.show-details=always blueprintprocessor.k8s.plugin.username=unused blueprintprocessor.k8s.plugin.password=unused blueprintprocessor.k8s.plugin.url=http://multicloud-k8s:9015/ + +#Workflow audit store configuration +blueprintsprocessor.workflow.self-service-api.audit.storeEnable={{ .Values.workflow.storeEnabled }} diff --git a/kubernetes/cds/components/cds-blueprints-processor/values.yaml b/kubernetes/cds/components/cds-blueprints-processor/values.yaml index 71f934fbe5..829bb220cd 100755 --- a/kubernetes/cds/components/cds-blueprints-processor/values.yaml +++ b/kubernetes/cds/components/cds-blueprints-processor/values.yaml @@ -51,7 +51,7 @@ secrets: # Application configuration defaults. ################################################################# # application image -image: onap/ccsdk-blueprintsprocessor:1.1.4 +image: onap/ccsdk-blueprintsprocessor:1.1.5 pullPolicy: Always # flag to enable debugging - application support required @@ -184,3 +184,7 @@ serviceAccount: nameOverride: cds-blueprints-processor roles: - read + +# workflow store flag +workflow: + storeEnabled: false diff --git a/kubernetes/cds/components/cds-command-executor/templates/deployment.yaml b/kubernetes/cds/components/cds-command-executor/templates/deployment.yaml index 523339ca70..3ce24e2e84 100755 --- a/kubernetes/cds/components/cds-command-executor/templates/deployment.yaml +++ b/kubernetes/cds/components/cds-command-executor/templates/deployment.yaml @@ -47,6 +47,12 @@ spec: fieldRef: apiVersion: v1 fieldPath: metadata.namespace + {{- if .Values.metrics.serviceMonitor.enabled }} + - name: PROMETHEUS_METRICS_ENABLED + value: {{ .Values.metrics.serviceMonitor.enabled | quote }} + - name: PROMETHEUS_PORT + value: {{ .Values.service.metrics.internalPort | quote }} + {{ end }} image: {{ include "repositoryGenerator.image.readiness" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }}-readiness diff --git a/kubernetes/cds/components/cds-command-executor/templates/service.yaml b/kubernetes/cds/components/cds-command-executor/templates/service.yaml index 2301902f56..7540728ee9 100755 --- a/kubernetes/cds/components/cds-command-executor/templates/service.yaml +++ b/kubernetes/cds/components/cds-command-executor/templates/service.yaml @@ -34,6 +34,14 @@ spec: nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} {{- end}} name: {{ .Values.service.grpc.portName | default "grpc" }} + {{- if .Values.metrics.serviceMonitor.enabled }} + - port: {{ .Values.service.metrics.externalPort }} + targetPort: {{ .Values.service.metrics.internalPort }} + {{- if eq .Values.service.type "NodePort"}} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + {{- end}} + name: {{ .Values.service.metrics.portName | default "metrics" }} + {{- end}} selector: app: {{ include "common.name" . }} release: {{ include "common.release" . }}
\ No newline at end of file diff --git a/kubernetes/esr/components/esr-server/Chart.yaml b/kubernetes/cds/components/cds-command-executor/templates/servicemonitor.yaml index 38a51cd771..101b24a8a2 100644 --- a/kubernetes/esr/components/esr-server/Chart.yaml +++ b/kubernetes/cds/components/cds-command-executor/templates/servicemonitor.yaml @@ -1,4 +1,5 @@ -# Copyright © 2018 Amdocs, Bell Canada +{{/* +# Copyright © 2021 Bitnami, Orange, Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -11,8 +12,8 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} -apiVersion: v1 -description: ONAP External System Register GUI -name: esr-server -version: 8.0.0 +{{- if .Values.metrics.serviceMonitor.enabled }} +{{ include "common.serviceMonitor" . }} +{{- end }}
\ No newline at end of file diff --git a/kubernetes/cds/components/cds-command-executor/values.yaml b/kubernetes/cds/components/cds-command-executor/values.yaml index 12a7fe9b40..b10fa2754b 100755 --- a/kubernetes/cds/components/cds-command-executor/values.yaml +++ b/kubernetes/cds/components/cds-command-executor/values.yaml @@ -32,7 +32,7 @@ global: # Application configuration defaults. ################################################################# # application image -image: onap/ccsdk-commandexecutor:1.1.4 +image: onap/ccsdk-commandexecutor:1.1.5 pullPolicy: Always # application configuration @@ -66,6 +66,10 @@ service: portName: command-executor-grpc internalPort: 50051 externalPort: 50051 + metrics: + portName: command-executor-metrics + internalPort: 10005 + externalPort: 10005 persistence: enabled: true @@ -97,3 +101,19 @@ serviceAccount: nameOverride: cds-command-executor roles: - read + +metrics: + serviceMonitor: + enabled: false + port: command-executor-metrics + path: /actuator/prometheus + basicAuth: + enabled: false + externalSecretName: mysecretname + externalSecretUserKey: login + externalSecretPasswordKey: password + selector: + app: '{{ include "common.name" . }}' + chart: '{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}' + release: '{{ .Release.Name }}' + heritage: '{{ .Release.Service }}' diff --git a/kubernetes/cds/components/cds-py-executor/values.yaml b/kubernetes/cds/components/cds-py-executor/values.yaml index b7338f88aa..02805cf5fa 100755 --- a/kubernetes/cds/components/cds-py-executor/values.yaml +++ b/kubernetes/cds/components/cds-py-executor/values.yaml @@ -30,7 +30,7 @@ global: # Application configuration defaults. ################################################################# # application image -image: onap/ccsdk-py-executor:1.1.4 +image: onap/ccsdk-py-executor:1.1.5 pullPolicy: Always # default number of instances diff --git a/kubernetes/cds/components/cds-sdc-listener/values.yaml b/kubernetes/cds/components/cds-sdc-listener/values.yaml index 4a67317298..f71dafeeb1 100644 --- a/kubernetes/cds/components/cds-sdc-listener/values.yaml +++ b/kubernetes/cds/components/cds-sdc-listener/values.yaml @@ -29,7 +29,7 @@ global: # Application configuration defaults. ################################################################# # application image -image: onap/ccsdk-sdclistener:1.1.4 +image: onap/ccsdk-sdclistener:1.1.5 name: sdc-listener pullPolicy: Always diff --git a/kubernetes/cds/components/cds-ui/values.yaml b/kubernetes/cds/components/cds-ui/values.yaml index e91e999259..8f5f806baf 100644 --- a/kubernetes/cds/components/cds-ui/values.yaml +++ b/kubernetes/cds/components/cds-ui/values.yaml @@ -44,7 +44,7 @@ certInitializer: {{.Values.fqi}} {{ .Values.fqdn }} > {{ .Values.credsPath }}/mycreds.prop # application image -image: onap/ccsdk-cds-ui-server:1.1.4 +image: onap/ccsdk-cds-ui-server:1.1.5 pullPolicy: Always # application configuration diff --git a/kubernetes/common/cassandra/requirements.yaml b/kubernetes/common/cassandra/requirements.yaml index 501cc89a44..f2860ff140 100644 --- a/kubernetes/common/cassandra/requirements.yaml +++ b/kubernetes/common/cassandra/requirements.yaml @@ -20,3 +20,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: 'file://../repositoryGenerator' + - name: serviceAccount + version: ~8.x-0 + repository: 'file://../serviceAccount' diff --git a/kubernetes/common/cassandra/resources/config/docker-entrypoint.sh b/kubernetes/common/cassandra/resources/config/docker-entrypoint.sh index 5b652228a6..2d30f2e068 100644 --- a/kubernetes/common/cassandra/resources/config/docker-entrypoint.sh +++ b/kubernetes/common/cassandra/resources/config/docker-entrypoint.sh @@ -1,4 +1,5 @@ #!/bin/bash + set -e # first arg is `-f` or `--some-option` @@ -11,7 +12,7 @@ fi if [ "$1" = 'cassandra' -a "$(id -u)" = '0' ]; then find /var/lib/cassandra /var/log/cassandra "$CASSANDRA_CONFIG" \ \! -user cassandra -exec chown cassandra '{}' + - exec gosu cassandra "$BASH_SOURCE" "$@" + exec gosu cassandra "$0" "$@" fi _ip_address() { @@ -27,7 +28,7 @@ _ip_address() { } # "sed -i", but without "mv" (which doesn't work on a bind-mounted file, for example) -_sed-in-place() { +_sed_in_place() { local filename="$1"; shift local tempFile tempFile="$(mktemp)" @@ -56,7 +57,7 @@ if [ "$1" = 'cassandra' ]; then fi : ${CASSANDRA_SEEDS:="$CASSANDRA_BROADCAST_ADDRESS"} - _sed-in-place "$CASSANDRA_CONFIG/cassandra.yaml" \ + _sed_in_place "$CASSANDRA_CONFIG/cassandra.yaml" \ -r 's/(- seeds:).*/\1 "'"$CASSANDRA_SEEDS"'"/' for yaml in \ @@ -70,19 +71,21 @@ if [ "$1" = 'cassandra' ]; then start_rpc \ authenticator \ ; do - var="CASSANDRA_${yaml^^}" - val="${!var}" + var="CASSANDRA_$(echo $yaml | tr '[:lower:]' '[:upper:]')" + # eval presents no security issue here because of limited possible values of var + eval val=\$$var if [ "$val" ]; then - _sed-in-place "$CASSANDRA_CONFIG/cassandra.yaml" \ + _sed_in_place "$CASSANDRA_CONFIG/cassandra.yaml" \ -r 's/^(# )?('"$yaml"':).*/\2 '"$val"'/' fi done for rackdc in dc rack; do - var="CASSANDRA_${rackdc^^}" - val="${!var}" + var="CASSANDRA_$(echo $rackdc | tr '[:lower:]' '[:upper:]')" + # eval presents no security issue here because of limited possible values of var + eval val=\$$var if [ "$val" ]; then - _sed-in-place "$CASSANDRA_CONFIG/cassandra-rackdc.properties" \ + _sed_in_place "$CASSANDRA_CONFIG/cassandra-rackdc.properties" \ -r 's/^('"$rackdc"'=).*/\1 '"$val"'/' fi done diff --git a/kubernetes/common/cassandra/templates/statefulset.yaml b/kubernetes/common/cassandra/templates/statefulset.yaml index 3553cd4069..840e95b490 100644 --- a/kubernetes/common/cassandra/templates/statefulset.yaml +++ b/kubernetes/common/cassandra/templates/statefulset.yaml @@ -28,6 +28,8 @@ spec: metadata: {{- include "common.templateMetadata" . | nindent 6 }} spec: hostNetwork: {{ .Values.hostNetwork }} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" containers: - name: {{ include "common.name" . }} image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image }} @@ -111,14 +113,6 @@ spec: value: {{ default "GossipingPropertyFileSnitch" .Values.config.endpoint_snitch | quote }} - name: CASSANDRA_AUTHENTICATOR value: {{ default "PasswordAuthenticator" .Values.config.authenticator | quote }} - {{- if include "common.onServiceMesh" . }} - - name: CASSANDRA_LISTEN_ADDRESS - value: "127.0.0.1" - - name: CASSANDRA_BROADCAST_ADDRESS - valueFrom: - fieldRef: - fieldPath: status.podIP - {{- end }} - name: POD_IP valueFrom: fieldRef: @@ -138,6 +132,7 @@ spec: {{- if .Values.affinity }} affinity: {{ toYaml .Values.affinity | nindent 8 }} {{- end }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "nothing" "dot" . )}} volumes: - name: localtime hostPath: diff --git a/kubernetes/common/cassandra/values.yaml b/kubernetes/common/cassandra/values.yaml index 9f19bf5c14..1d69993956 100644 --- a/kubernetes/common/cassandra/values.yaml +++ b/kubernetes/common/cassandra/values.yaml @@ -162,3 +162,9 @@ backup: - name: system_traces - name: system_auth - name: system_distributed + +#Pods Service Account +serviceAccount: + nameOverride: cassandra + roles: + - nothing diff --git a/kubernetes/common/cert-wrapper/resources/import-custom-certs.sh b/kubernetes/common/cert-wrapper/resources/import-custom-certs.sh index 6df7505e7b..fa3de03ece 100755 --- a/kubernetes/common/cert-wrapper/resources/import-custom-certs.sh +++ b/kubernetes/common/cert-wrapper/resources/import-custom-certs.sh @@ -22,6 +22,7 @@ WORK_DIR=${WORK_DIR:-/updatedTruststore} ONAP_TRUSTSTORE=${ONAP_TRUSTSTORE:-truststoreONAPall.jks} JRE_TRUSTSTORE=${JRE_TRUSTSTORE:-$JAVA_HOME/lib/security/cacerts} TRUSTSTORE_OUTPUT_FILENAME=${TRUSTSTORE_OUTPUT_FILENAME:-truststore.jks} +SSL_WORKDIR=${SSL_WORKDIR:-/usr/local/share/ca-certificates} mkdir -p $WORK_DIR @@ -37,10 +38,10 @@ for f in $CERTS_DIR/*; do # Dont use onap truststore when aaf is disabled continue fi - if [ ${f: -3} = ".sh" ]; then + if echo $f | grep '\.sh$' >/dev/null; then continue fi - if [ ${f: -4} = ".b64" ] + if echo $f | grep '\.b64$' >/dev/null; then then base64 -d $f > $WORK_DIR/`basename $f .b64` else @@ -49,8 +50,7 @@ for f in $CERTS_DIR/*; do done for f in $MORE_CERTS_DIR/*; do - if [ ${f: -4} == ".pem" ] - then + if echo $f | grep '\.pem$' >/dev/null; then cp $f $WORK_DIR/. fi done @@ -67,7 +67,7 @@ fi # Import Custom Certificates for f in $WORK_DIR/*; do - if [ ${f: -4} = ".pem" ]; then + if echo $f | grep '\.pem$' >/dev/null; then echo "importing certificate: $f" keytool -import -file $f -alias `basename $f` -keystore $WORK_DIR/$TRUSTSTORE_OUTPUT_FILENAME -storepass $TRUSTSTORE_PASSWORD -noprompt if [ $? != 0 ]; then @@ -76,3 +76,15 @@ for f in $WORK_DIR/*; do fi fi done + +# Import certificates to Linux SSL Truststore +cp $CERTS_DIR/*.crt $SSL_WORKDIR/. +cp $MORE_CERTS_DIR/*.crt $SSL_WORKDIR/. +update-ca-certificates +if [ $? != 0 ] + then + echo "failed importing certificates" + exit 1 + else + cp /etc/ssl/certs/ca-certificates.crt $WORK_DIR/. +fi
\ No newline at end of file diff --git a/kubernetes/common/certInitializer/templates/_certInitializer.yaml b/kubernetes/common/certInitializer/templates/_certInitializer.yaml index f3ba8a24e0..32bba457ee 100644 --- a/kubernetes/common/certInitializer/templates/_certInitializer.yaml +++ b/kubernetes/common/certInitializer/templates/_certInitializer.yaml @@ -174,6 +174,9 @@ - mountPath: {{ $initRoot.truststoreMountpath }}/{{ $initRoot.truststoreOutputFileName }} name: updated-truststore subPath: {{ $initRoot.truststoreOutputFileName }} +- mountPath: /etc/ssl/certs/ca-certificates.crt + name: updated-truststore + subPath: ca-certificates.crt {{- end -}} {{- end -}} diff --git a/kubernetes/common/cmpv2Config/values.yaml b/kubernetes/common/cmpv2Config/values.yaml index 02595b348d..4b8438ace2 100644 --- a/kubernetes/common/cmpv2Config/values.yaml +++ b/kubernetes/common/cmpv2Config/values.yaml @@ -35,5 +35,5 @@ global: truststorePasswordSecretName: oom-cert-service-truststore-password truststorePasswordSecretKey: password certPostProcessor: - image: onap/org.onap.oom.platform.cert-service.oom-certservice-post-processor:2.3.3 + image: onap/org.onap.oom.platform.cert-service.oom-certservice-post-processor:2.4.0 diff --git a/kubernetes/common/common/templates/_affinities.tpl b/kubernetes/common/common/templates/_affinities.tpl index f0802be29d..bf7ae497ca 100644 --- a/kubernetes/common/common/templates/_affinities.tpl +++ b/kubernetes/common/common/templates/_affinities.tpl @@ -23,7 +23,7 @@ Return a soft nodeAffinity definition preferredDuringSchedulingIgnoredDuringExecution: - preference: matchExpressions: - key: {{ .key }} + - key: {{ .key }} operator: In values: {{- range .values }} @@ -40,7 +40,7 @@ Return a hard nodeAffinity definition requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: {{ .key }} + - key: {{ .key }} operator: In values: {{- range .values }} diff --git a/kubernetes/common/common/templates/_dmaapProvisioning.tpl b/kubernetes/common/common/templates/_dmaapProvisioning.tpl new file mode 100644 index 0000000000..704bd06a49 --- /dev/null +++ b/kubernetes/common/common/templates/_dmaapProvisioning.tpl @@ -0,0 +1,186 @@ +{{/* +################################################################################ +# Copyright (C) 2021 Nordix Foundation. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ +*/}} + +{{/* + This template generates a Kubernetes init containers common template to enable applications to provision + DMaaP topics (on Message Router) and feeds (on Data Router), with associated authorization (on AAF). + DMaap Bus Controller endpoints are used to provision: + - Authorized topic on MR, and to create and grant permission for publishers and subscribers. + - Feed on DR, with associated user authentication. + + common.dmaap.provisioning.initContainer: + This template make use of Dmaap Bus Controller docker image to create resources on Dmaap Data Router + microservice, with the help of dbc-client.sh script it makes use of Bus Controller API to create Feed, Topics. + If the resource creation is successful via script response is logged back at particular location with + appropriate naming convention. + + More details can be found at : + (https://wiki.onap.org/pages/viewpage.action?pageId=103417564) + + The template directly references data in .Values, and indirectly (through its + use of templates from the ONAP "common" collection) references data in .Release. + + Parameter for _dmaapProvisioning to be defined in values.yaml + # DataRouter Feed Configuration + drFeedConfig: + - feedName: bulk_pm_feed + owner: dcaecm + feedVersion: 0.0 + asprClassification: unclassified + feedDescription: DFC Feed Creation + + # DataRouter Publisher Configuration + drPubConfig: + - feedName: bulk_pm_feed + dcaeLocationName: loc00 + + # DataRouter Subscriber Configuration + drSubConfig: + - feedName: bulk_pm_feed + decompress: True + dcaeLocationName: loc00 + privilegedSubscriber: True + deliveryURL: https://dcae-pm-mapper:8443/delivery + + # MessageRouter Topic, Publisher Configuration + mrTopicsConfig: + - topicName: PERFORMANCE_MEASUREMENTS + topicDescription: Description about Topic + owner: dcaecm + tnxEnabled: false + clients: + - dcaeLocationName: san-francisco + clientRole: org.onap.dcae.pmPublisher + action: + - pub + - view + + # ConfigMap Configuration for DR Feed, Dr_Publisher, Dr_Subscriber, MR Topics + volumes: + - name: feeds-config + path: /opt/app/config/feeds + - name: drpub-config + path: /opt/app/config/dr_pubs + - name: drsub-config + path: /opt/app/config/dr_subs + - name: topics-config + path: /opt/app/config/topics + + In deployments/jobs/stateful include: + initContainers: + {{- include "common.dmaap.provisioning.initContainer" . | nindent XX }} + volumes: + {{- include "common.dmaap.provisioning._volumes" . | nindent XX -}} +*/}} + +{{- define "common.dmaap.provisioning._volumeMounts" -}} +{{- $dot := default . .dot -}} +- mountPath: /opt/app/config/cache + name: dbc-response-cache +{{- range $name, $volume := $dot.Values.volumes }} +- name: {{ $volume.name }} + mountPath: {{ $volume.path }} +{{- end }} +{{- end -}} + +{{- define "common.dmaap.provisioning._volumes" -}} +{{- $dot := default . .dot -}} +- name: dbc-response-cache + emptyDir: {} +{{- range $name, $volume := $dot.Values.volumes }} +- name: {{ $volume.name }} + configMap: + defaultMode: 420 + name: {{ include "common.fullname" $dot }}-{{ printf "%s" $volume.name }} +{{- end }} +{{- end -}} + +{{- define "common.dmaap.provisioning.initContainer" -}} +{{- $dot := default . .dot -}} +{{- $drFeedConfig := default $dot.Values.drFeedConfig .drFeedConfig -}} +{{- $mrTopicsConfig := default $dot.Values.mrTopicsConfig .mrTopicsConfig -}} +{{- if or $drFeedConfig $mrTopicsConfig -}} +- name: {{ include "common.name" $dot }}-init-dmaap-provisioning + image: {{ include "repositoryGenerator.image.dbcClient" $dot }} + imagePullPolicy: {{ $dot.Values.global.pullPolicy | default $dot.Values.pullPolicy }} + env: + - name: RESP_CACHE + value: /opt/app/config/cache + - name: REQUESTID + value: "{{ include "common.name" $dot }}-dmaap-provisioning" + {{- range $cred := $dot.Values.credentials }} + - name: {{ $cred.name }} + {{- include "common.secret.envFromSecretFast" (dict "global" $dot "uid" $cred.uid "key" $cred.key) | nindent 4 }} + {{- end }} + volumeMounts: + {{- include "common.dmaap.provisioning._volumeMounts" $dot | trim | nindent 2 }} + resources: {{ include "common.resources" $dot | nindent 1 }} +- name: {{ include "common.name" $dot }}-init-merge-config + image: {{ include "repositoryGenerator.image.envsubst" $dot }} + imagePullPolicy: {{ $dot.Values.global.pullPolicy | default $dot.Values.pullPolicy }} + command: + - /bin/sh + args: + - -c + - | + if [ -d /opt/app/config/cache ]; then + cd /opt/app/config/cache + for file in $(ls feed*); do + NUM=$(echo "$file" | sed 's/feedConfig-\([0-9]\+\)-resp.json/\1/') + export DR_LOG_URL_"$NUM"="$(grep -o '"logURL":"[^"]*' "$file" | cut -d '"' -f4)" + export DR_FILES_PUBLISHER_URL_"$NUM"="$(grep -o '"publishURL":"[^"]*' "$file" | cut -d '"' -f4)" + done + for file in $(ls drpub*); do + NUM=$(echo "$file" | sed 's/drpubConfig-\([0-9]\+\)-resp.json/\1/') + export DR_USERNAME_"$NUM"="$(grep -o '"username":"[^"]*' "$file" | cut -d '"' -f4)" + export DR_PASSWORD_"$NUM"="$(grep -o '"userpwd":"[^"]*' "$file" | cut -d '"' -f4)" + export DR_FILES_PUBLISHER_ID_"$NUM"="$(grep -o '"pubId":"[^"]*' "$file" | cut -d '"' -f4)" + done + for file in $(ls drsub*); do + NUM=$(echo "$file" | sed 's/drsubConfig-\([0-9]\+\)-resp.json/\1/') + export DR_FILES_SUBSCRIBER_ID_"$NUM"="$(grep -o '"subId":"[^"]*' "$file" | cut -d '"' -f4)" + done + for file in $(ls topics*); do + NUM=$(echo "$file" | sed 's/topicsConfig-\([0-9]\+\)-resp.json/\1/') + export MR_FILES_PUBLISHER_CLIENT_ID_"$NUM"="$(grep -o '"mrClientId":"[^"]*' "$file" | cut -d '"' -f4)" + done + else + echo "No Response logged for Dmaap BusController Http POST Request..!" + fi + cd /config-input && for PFILE in `ls -1`; do envsubst <${PFILE} >/config/${PFILE}; done + env: + {{- range $cred := $dot.Values.credentials }} + - name: {{ $cred.name }} + {{- include "common.secret.envFromSecretFast" (dict "global" $dot "uid" $cred.uid "key" $cred.key) | nindent 4 }} + {{- end }} + volumeMounts: + - mountPath: /opt/app/config/cache + name: dbc-response-cache + - mountPath: /config-input + name: app-config-input + - mountPath: /config + name: app-config + resources: + limits: + cpu: 200m + memory: 250Mi + requests: + cpu: 100m + memory: 200Mi +{{- end -}} +{{- end -}}
\ No newline at end of file diff --git a/kubernetes/common/common/templates/_service.tpl b/kubernetes/common/common/templates/_service.tpl index 2650929389..a488e0d5fa 100644 --- a/kubernetes/common/common/templates/_service.tpl +++ b/kubernetes/common/common/templates/_service.tpl @@ -13,7 +13,6 @@ # See the License for the specific language governing permissions and # limitations under the License. */}} - {{/* Resolve the name of a chart's service. @@ -122,6 +121,11 @@ labels: {{- include "common.labels" (dict "labels" $labels "dot" $dot) | nindent {{- if (include "common.needTLS" $dot) }} - port: {{ $port.port }} targetPort: {{ $port.name }} +{{- if $port.l4_protocol }} + protocol: {{ $port.l4_protocol }} +{{- else }} + protocol: TCP +{{- end }} {{- if $port.port_protocol }} name: {{ printf "%ss-%s" $port.port_protocol $port.name }} {{- else }} @@ -133,6 +137,11 @@ labels: {{- include "common.labels" (dict "labels" $labels "dot" $dot) | nindent {{- else }} - port: {{ default $port.port $port.plain_port }} targetPort: {{ $port.name }} +{{- if $port.plain_port_l4_protocol }} + protocol: {{ $port.plain_port_l4_protocol }} +{{- else }} + protocol: {{ default "TCP" $port.l4_protocol }} +{{- end }} {{- if $port.port_protocol }} name: {{ printf "%s-%s" $port.port_protocol $port.name }} {{- else }} @@ -143,6 +152,11 @@ labels: {{- include "common.labels" (dict "labels" $labels "dot" $dot) | nindent {{- if (eq $serviceType "ClusterIP") }} - port: {{ $port.plain_port }} targetPort: {{ $port.name }}-plain +{{- if $port.plain_l4_port_protocol }} + protocol: {{ $port.plain_port_l4_protocol }} +{{- else }} + protocol: {{ default "TCP" $port.l4_protocol }} +{{- end }} {{- if $port.port_protocol }} name: {{ printf "%s-%s" $port.port_protocol $port.name }} {{- else }} diff --git a/kubernetes/common/common/templates/_serviceMonitor.tpl b/kubernetes/common/common/templates/_serviceMonitor.tpl new file mode 100644 index 0000000000..eb6c047c2f --- /dev/null +++ b/kubernetes/common/common/templates/_serviceMonitor.tpl @@ -0,0 +1,166 @@ +{{/* +# Copyright © 2021 Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} +{{/* + Resolve the name of a chart's serviceMonitor. + + The default will be the chart name (or $dot.Values.nameOverride if set). + And the use of .Values.metrics.serviceMonitor.name overrides all. + + - .Values.metrics.serviceMonitor.name: override default serviceMonitor (ie. chart) name + Example values file addition: + metrics: + serviceMonitor: + enabled: true + port: blueprints-processor-http + ## specify target port if name is not given to the port in the service definition + ## + # targetPort: 8080 + path: /metrics + basicAuth: + enabled: false + externalSecretName: mysecretname + externalSecretUserKey: login + externalSecretPasswordKey: password + + ## Namespace in which Prometheus is running + ## + # namespace: monitoring + + ## Interval at which metrics should be scraped. + ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint + ## + # interval: 60s + + ## Timeout after which the scrape is ended + ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint + ## + # scrapeTimeout: 10s + + ## ServiceMonitor selector labels + ## ref: https://github.com/bitnami/charts/tree/master/bitnami/prometheus-operator#prometheus-configuration + ## + selector: + app: '{{ include "common.name" . }}' + chart: '{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}' + release: '{{ include "common.release" . }}' + heritage: '{{ .Release.Service }}' + + ## RelabelConfigs to apply to samples before scraping + ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#relabelconfig + ## Value is evalued as a template + ## + relabelings: [] + + ## MetricRelabelConfigs to apply to samples before ingestion + ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#relabelconfig + ## Value is evalued as a template + ## + metricRelabelings: [] + # - sourceLabels: + # - "__name__" + # targetLabel: "__name__" + # action: replace + # regex: '(.*)' + # replacement: 'example_prefix_$1' + +*/}} +{{/* + Expand the serviceMonitor name for a chart. +*/}} +{{- define "common.serviceMonitorName" -}} + {{- $name := default .Chart.Name .Values.nameOverride -}} + {{- default $name .Values.metrics.serviceMonitor.name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* Define the metadata of serviceMonitor + The function takes from one to four arguments (inside a dictionary): + - .dot : environment (.) + - .suffix : a string which will be added at the end of the name (with a '-'). + - .annotations: the annotations to add + - .labels : labels to add + Usage example: + {{ include "common.serviceMonitorMetadata" ( dict "suffix" "myService" "dot" .) }} + {{ include "common.serviceMonitorMetadata" ( dict "annotations" .Values.metrics.serviceMonitor.annotation "dot" .) }} +*/}} + +{{- define "common.serviceMonitorMetadata" -}} +{{- $dot := default . .dot -}} +{{- $annotations := default "" .annotations -}} +{{- $labels := default (dict) .labels -}} +{{- if $annotations -}} +annotations: +{{ include "common.tplValue" (dict "value" $annotations "context" $dot) | indent 2 }} +{{- end }} +name: {{ include "common.serviceMonitorName" $dot }} +{{- if $dot.Values.metrics.serviceMonitor.namespace }} +namespace: {{ $dot.Values.metrics.serviceMonitor.namespace }} +{{- else }} +namespace: {{ include "common.namespace" $dot }} +{{- end }} +labels: {{- include "common.labels" (dict "labels" $labels "dot" $dot) | nindent 2 }} +{{- end -}} + +{{/* + Create service monitor template +*/}} +{{- define "common.serviceMonitor" -}} +{{- $dot := default . .dot -}} +{{- $labels := default (dict) .labels -}} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: +{{- include "common.serviceMonitorMetadata" $dot | nindent 2 }} +spec: + endpoints: + - path: {{ default "/metrics" $dot.Values.metrics.serviceMonitor.path }} + {{- if $dot.Values.metrics.serviceMonitor.port }} + port: {{ $dot.Values.metrics.serviceMonitor.port }} + {{- else if $dot.Values.metrics.serviceMonitor.targetPort }} + targetPort: {{ $dot.Values.metrics.serviceMonitor.targetPort }} + {{- else }} + port: metrics + {{- end }} + {{- if $dot.Values.metrics.serviceMonitor.basicAuth.enabled }} + basicAuth: + username: + key: {{ $dot.Values.metrics.serviceMonitor.basicAuth.externalSecretUserKey }} + name: {{ $dot.Values.metrics.serviceMonitor.basicAuth.externalSecretName }} + password: + key: {{ $dot.Values.metrics.serviceMonitor.basicAuth.externalSecretPasswordKey }} + name: {{ $dot.Values.metrics.serviceMonitor.basicAuth.externalSecretName }} + {{- end }} + {{- if $dot.Values.metrics.serviceMonitor.interval }} + interval: {{ $dot.Values.metrics.serviceMonitor.interval }} + {{- end }} + {{- if $dot.Values.metrics.serviceMonitor.scrapeTimeout }} + scrapeTimeout: {{ $dot.Values.metrics.serviceMonitor.scrapeTimeout }} + {{- end }} + {{- if $dot.Values.metrics.serviceMonitor.relabelings }} + relabelings: {{- include "common.tplValue" ( dict "value" $dot.Values.metrics.serviceMonitor.relabelings "context" $dot) | nindent 6 }} + {{- end }} + {{- if $dot.Values.metrics.serviceMonitor.metricRelabelings }} + metricRelabelings: {{- include "common.tplValue" ( dict "value" $dot.Values.metrics.serviceMonitor.metricRelabelings "context" $dot) | nindent 6 }} + {{- end }} + namespaceSelector: + matchNames: + - {{ include "common.namespace" $dot }} + selector: + {{- if $dot.Values.metrics.serviceMonitor.selector }} + matchLabels: {{- include "common.tplValue" ( dict "value" $dot.Values.metrics.serviceMonitor.selector "context" $dot) | nindent 6 }} + {{- else }} + matchLabels: {{- include "common.labels" (dict "labels" $labels "dot" $dot) | nindent 6 }} + {{- end }} +{{- end -}} diff --git a/kubernetes/common/elasticsearch/values.yaml b/kubernetes/common/elasticsearch/values.yaml index b91ac76056..a3f15645a3 100644 --- a/kubernetes/common/elasticsearch/values.yaml +++ b/kubernetes/common/elasticsearch/values.yaml @@ -279,7 +279,6 @@ certInitializer: aaf_add_config: > cd {{ .Values.credsPath }}; mkdir -p certs; - export $(/opt/app/aaf_config/bin/agent.sh local showpass | grep '^c' | xargs -0); keytool -exportcert -rfc -file certs/cacert.pem -keystore {{ .Values.fqi_namespace }}.trust.jks -alias ca_local_0 -storepass $cadi_truststore_password; openssl pkcs12 -in {{ .Values.fqi_namespace }}.p12 -out certs/cert.pem -passin pass:$cadi_keystore_password_p12 -passout pass:$cadi_keystore_password_p12; cp {{ .Values.fqi_namespace }}.key certs/key.pem; diff --git a/kubernetes/common/etcd/templates/statefulset.yaml b/kubernetes/common/etcd/templates/statefulset.yaml index 48c8b6d0cc..c8c0ffa0b2 100644 --- a/kubernetes/common/etcd/templates/statefulset.yaml +++ b/kubernetes/common/etcd/templates/statefulset.yaml @@ -48,6 +48,8 @@ spec: tolerations: {{ toYaml .Values.tolerations | indent 8 }} {{- end }} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" containers: - name: {{ include "common.name" . }} image: {{ include "repositoryGenerator.googleK8sRepository" . }}/{{ .Values.image }} diff --git a/kubernetes/common/mariadb-galera/templates/servicemonitor.yaml b/kubernetes/common/mariadb-galera/templates/servicemonitor.yaml index 6c3b41f5a5..6d1ed40e13 100644 --- a/kubernetes/common/mariadb-galera/templates/servicemonitor.yaml +++ b/kubernetes/common/mariadb-galera/templates/servicemonitor.yaml @@ -1,5 +1,5 @@ {{/* -# Copyright © 2020 Bitnami, Orange +# Copyright © 2021 Bitnami, Orange, Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -14,38 +14,6 @@ # limitations under the License. */}} -{{- if default false (and .Values.global.metrics.enabled .Values.global.metrics.custom_resources) }} -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: {{ template "common.fullname" . }} - {{- if .Values.metrics.serviceMonitor.namespace }} - namespace: {{ .Values.metrics.serviceMonitor.namespace }} - {{- else }} - namespace: {{ include "common.namespace" . }} - {{- end }} - labels: {{- include "common.labels" . | nindent 4 }} - {{- range $key, $value := .Values.metrics.serviceMonitor.selector }} - {{ $key }}: {{ $value | quote }} - {{- end }} -spec: - selector: - matchLabels: {{- include "common.matchLabels" . | nindent 6 }} - endpoints: - - port: metrics - {{- if .Values.metrics.serviceMonitor.interval }} - interval: {{ .Values.metrics.serviceMonitor.interval }} - {{- end }} - {{- if .Values.metrics.serviceMonitor.scrapeTimeout }} - scrapeTimeout: {{ .Values.metrics.serviceMonitor.scrapeTimeout }} - {{- end }} - {{- if .Values.metrics.serviceMonitor.relabelings }} - relabelings: {{- include "common.tplValue" ( dict "value" .Values.metrics.serviceMonitor.relabelings "context" $) | nindent 8 }} - {{- end }} - {{- if .Values.metrics.serviceMonitor.metricRelabelings }} - metricRelabelings: {{- include "common.tplValue" ( dict "value" .Values.metrics.serviceMonitor.metricRelabelings "context" $) | nindent 8 }} - {{- end }} - namespaceSelector: - matchNames: - - {{ .Release.Namespace }} +{{- if .Values.metrics.serviceMonitor.enabled }} +{{ include "common.serviceMonitor" . }} {{- end }} diff --git a/kubernetes/common/mariadb-galera/templates/statefulset.yaml b/kubernetes/common/mariadb-galera/templates/statefulset.yaml index 7b0d90a9aa..9227e182b6 100644 --- a/kubernetes/common/mariadb-galera/templates/statefulset.yaml +++ b/kubernetes/common/mariadb-galera/templates/statefulset.yaml @@ -223,7 +223,7 @@ spec: {{- end }} serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} {{- if .Values.affinity }} - affinity: {{- include "common.tplvalues" ( dict "value" .Values.affinity "context" $) | nindent 8 }} + affinity: {{- include "common.tplValue" ( dict "value" .Values.affinity "context" $) | nindent 8 }} {{- else }} affinity: podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.podAffinityPreset "context" $) | nindent 10 }} @@ -231,10 +231,10 @@ spec: nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.nodeAffinityPreset.type "key" .Values.nodeAffinityPreset.key "values" .Values.nodeAffinityPreset.values) | nindent 10 }} {{- end }} {{- if .Values.nodeSelector }} - nodeSelector: {{- include "common.tplvalues" ( dict "value" .Values.nodeSelector "context" $) | nindent 8 }} + nodeSelector: {{- include "common.tplValue" ( dict "value" .Values.nodeSelector "context" $) | nindent 8 }} {{- end }} {{- if .Values.tolerations }} - tolerations: {{- include "common.tplvalues" (dict "value" .Values.tolerations "context" .) | nindent 8 }} + tolerations: {{- include "common.tplValue" (dict "value" .Values.tolerations "context" .) | nindent 8 }} {{- end }} volumes: - name: previous-boot diff --git a/kubernetes/common/mariadb-galera/values.yaml b/kubernetes/common/mariadb-galera/values.yaml index 4c77efc83f..ed9977acd9 100644 --- a/kubernetes/common/mariadb-galera/values.yaml +++ b/kubernetes/common/mariadb-galera/values.yaml @@ -86,9 +86,10 @@ service: ## type: ClusterIP headless: {} + internalPort: &dbPort 3306 ports: - name: mysql - port: 3306 + port: *dbPort headlessPorts: - name: galera port: 4567 diff --git a/kubernetes/common/mariadb-init/resources/config/db_init.sh b/kubernetes/common/mariadb-init/resources/config/db_init.sh index fa4b007a5a..df7c336405 100755 --- a/kubernetes/common/mariadb-init/resources/config/db_init.sh +++ b/kubernetes/common/mariadb-init/resources/config/db_init.sh @@ -1,4 +1,5 @@ #!/bin/bash + {{/* # Copyright © 2019 Orange # Copyright © 2020 Samsung Electronics @@ -20,10 +21,17 @@ set -e while read DB ; do - USER_VAR="MYSQL_USER_${DB^^}" - PASS_VAR="MYSQL_PASSWORD_${DB^^}" - USER=${!USER_VAR} - PASS=`echo -n ${!PASS_VAR} | sed -e "s/'/''/g"` + USER_VAR="MYSQL_USER_$(echo $DB | tr '[:lower:]' '[:upper:]')" + PASS_VAR="MYSQL_PASSWORD_$(echo $DB | tr '[:lower:]' '[:upper:]')" +{{/* + # USER=${!USER_VAR} + # PASS=`echo -n ${!PASS_VAR} | sed -e "s/'/''/g"` + # eval replacement of the bashism equivalents above might present a security issue here + # since it reads content from DB values filled by helm at the end of the script. + # These possible values has to be constrainted and/or limited by helm for a safe use of eval. +*/}} + eval USER=\$$USER_VAR + PASS=$(eval echo -n \$$PASS_VAR | sed -e "s/'/''/g") MYSQL_OPTS=( -h ${DB_HOST} -P ${DB_PORT} -uroot -p${MYSQL_ROOT_PASSWORD} ) echo "Creating database ${DB} and user ${USER}..." diff --git a/kubernetes/common/mariadb-init/templates/job.yaml b/kubernetes/common/mariadb-init/templates/job.yaml index ad97cd4ed6..96d1dc54a4 100644 --- a/kubernetes/common/mariadb-init/templates/job.yaml +++ b/kubernetes/common/mariadb-init/templates/job.yaml @@ -63,9 +63,9 @@ spec: /db_config/db_cmd.sh{{ end }} env: - name: DB_HOST - value: "{{ default .Values.global.mariadbGalera.nameOverride .Values.mariadbGalera.serviceName }}" + value: {{ include "common.mariadbService" . }} - name: DB_PORT - value: "{{ default .Values.global.mariadbGalera.servicePort .Values.mariadbGalera.servicePort }}" + value: {{ include "common.mariadbPort" . | quote }} - name: MYSQL_ROOT_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "root-password" "key" (default "password" .Values.global.mariadbGalera.userRootSecretKey)) | indent 10 }} - name: {{ printf "MYSQL_USER_%s" .Values.config.mysqlDatabase | upper }} @@ -83,10 +83,10 @@ spec: - mountPath: /etc/localtime name: localtime readOnly: true - - name: mariadb-conf + - name: mariadb-init mountPath: /db_init/ {{- if or .Values.dbScriptConfigMap .Values.dbScript }} - - name: mariadb-init + - name: mariadb-conf mountPath: /db_config/ {{- end }} resources: @@ -104,7 +104,7 @@ spec: hostPath: path: /etc/localtime {{- if or .Values.dbScriptConfigMap .Values.dbScript }} - - name: mariadb-init + - name: mariadb-conf configMap: {{- if .Values.dbScriptConfigMap }} name: {{ tpl .Values.dbScriptConfigMap . }} @@ -113,7 +113,7 @@ spec: {{- end }} defaultMode: 0755 {{- end }} - - name: mariadb-conf + - name: mariadb-init configMap: name: {{ include "mariadbInit.configMap" . }} defaultMode: 0755 diff --git a/kubernetes/common/mongo/templates/statefulset.yaml b/kubernetes/common/mongo/templates/statefulset.yaml index 73186b392d..11602054e8 100644 --- a/kubernetes/common/mongo/templates/statefulset.yaml +++ b/kubernetes/common/mongo/templates/statefulset.yaml @@ -37,6 +37,8 @@ spec: release: {{ include "common.release" . }} spec: {{ include "common.podSecurityContext" . | indent 6 }} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" containers: - name: {{ include "common.name" . }} image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image }} diff --git a/kubernetes/common/music/components/music-cassandra/templates/statefulset.yaml b/kubernetes/common/music/components/music-cassandra/templates/statefulset.yaml index 1aabfb6bcc..d80e70b5fb 100644 --- a/kubernetes/common/music/components/music-cassandra/templates/statefulset.yaml +++ b/kubernetes/common/music/components/music-cassandra/templates/statefulset.yaml @@ -41,6 +41,8 @@ spec: release: {{ include "common.release" . }} name: {{ include "common.name" . }} spec: + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" containers: - name: {{ include "common.name" . }} image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} diff --git a/kubernetes/common/music/templates/deployment.yaml b/kubernetes/common/music/templates/deployment.yaml index 1e5d3c5377..53d5a366f7 100644 --- a/kubernetes/common/music/templates/deployment.yaml +++ b/kubernetes/common/music/templates/deployment.yaml @@ -23,6 +23,8 @@ spec: template: metadata: {{- include "common.templateMetadata" . | nindent 6 }} spec: + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" initContainers: - name: {{ include "common.name" . }}-cassandra-readiness image: {{ include "repositoryGenerator.image.readiness" . }} diff --git a/kubernetes/common/postgres/templates/_deployment.tpl b/kubernetes/common/postgres/templates/_deployment.tpl index 7d04501f24..d93d401ebc 100644 --- a/kubernetes/common/postgres/templates/_deployment.tpl +++ b/kubernetes/common/postgres/templates/_deployment.tpl @@ -42,6 +42,8 @@ spec: release: {{ include "common.release" $dot }} name: "{{ index $dot.Values "container" "name" $pgMode }}" spec: + imagePullSecrets: + - name: "{{ include "common.namespace" $dot }}-docker-registry-key" initContainers: - command: - sh diff --git a/kubernetes/common/repositoryGenerator/templates/_repository.tpl b/kubernetes/common/repositoryGenerator/templates/_repository.tpl index 488db054a0..1662985d0a 100644 --- a/kubernetes/common/repositoryGenerator/templates/_repository.tpl +++ b/kubernetes/common/repositoryGenerator/templates/_repository.tpl @@ -1,6 +1,7 @@ {{/* # Copyright © 2017 Amdocs, Bell Canada -# Copyright 2021 AT&T +# Copyright © 2021 AT&T +# Modifications Copyright (C) 2021 Nordix Foundation. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -67,6 +68,15 @@ {{- include "repositoryGenerator._repositoryHelper" (merge (dict "repoName" "googleK8sRepository") .) }} {{- end -}} +{{/* + Resolve the name of the GithubContainer registry + - .Values.global.githubContainerRegistry : default image githubContainerRegistry for all dockerHub images + - .Values.githubContainerRegistryOverride : override global githubContainerRegistry on a per chart basis +*/}} +{{- define "repositoryGenerator.githubContainerRegistry" -}} + {{- include "repositoryGenerator._repositoryHelper" (merge (dict "repoName" "githubContainerRegistry") .) }} +{{- end -}} + {{- define "repositoryGenerator.image._helper" -}} {{- $dot := default . .dot -}} {{- $initRoot := default $dot.Values.repositoryGenerator .initRoot -}} @@ -123,6 +133,10 @@ {{- include "repositoryGenerator.image._helper" (merge (dict "image" "readinessImage") .) }} {{- end -}} +{{- define "repositoryGenerator.image.dbcClient" -}} + {{- include "repositoryGenerator.image._helper" (merge (dict "image" "dbcClientImage") .) }} +{{- end -}} + {{/* Resolve the image repository secret token. The value for .Values.global.repositoryCred is used if provided: @@ -182,5 +196,17 @@ {{- $repoCreds = printf "%s, %s" $repoCreds $gcrRepoCreds }} {{- end }} {{- end }} + {{- if $subchartDot.Values.global.githubContainerRegistryCred }} + {{- $ghcrRepo := $subchartDot.Values.global.githubContainerRegistry }} + {{- $ghcrCred := $subchartDot.Values.global.githubContainerRegistryCred }} + {{- $ghcrMail := default "@" $ghcrCred.mail }} + {{- $ghcrAuth := printf "%s:%s" $ghcrCred.user $ghcrCred.password | b64enc }} + {{- $ghcrRepoCreds := printf "\"%s\":{\"username\":\"%s\",\"password\":\"%s\",\"email\":\"%s\",\"auth\":\"%s\"}" $ghcrRepo $ghcrCred.user $ghcrCred.password $ghcrMail $ghcrAuth }} + {{- if eq "" $repoCreds }} + {{- $repoCreds = $ghcrRepoCreds }} + {{- else }} + {{- $repoCreds = printf "%s, %s" $repoCreds $ghcrRepoCreds }} + {{- end }} + {{- end }} {{- printf "{%s}" $repoCreds | b64enc -}} {{- end -}} diff --git a/kubernetes/common/repositoryGenerator/values.yaml b/kubernetes/common/repositoryGenerator/values.yaml index bf21e2da08..f4104538f7 100644 --- a/kubernetes/common/repositoryGenerator/values.yaml +++ b/kubernetes/common/repositoryGenerator/values.yaml @@ -1,5 +1,6 @@ # Copyright © 2020 Orange # Copyright © 2021 Nokia, AT&T +# Modifications Copyright (C) 2021 Nordix Foundation. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -19,6 +20,7 @@ global: dockerHubRepository: docker.io elasticRepository: docker.elastic.co googleK8sRepository: k8s.gcr.io + githubContainerRegistry: ghcr.io # common global images busyboxImage: busybox:1.32 @@ -34,6 +36,7 @@ global: postgresImage: crunchydata/crunchy-postgres:centos8-13.2-4.6.1 readinessImage: onap/oom/readiness:3.0.1 dcaePolicySyncImage: onap/org.onap.dcaegen2.deployments.dcae-services-policy-sync:1.0.1 + dbcClientImage: onap/dmaap/dbc-client:2.0.7 # Default credentials # they're optional. If the target repository doesn't need them, comment them @@ -65,3 +68,4 @@ imageRepoMapping: postgresImage: dockerHubRepository readinessImage: repository dcaePolicySyncImage: repository + dbcClientImage: repository diff --git a/kubernetes/esr/.helmignore b/kubernetes/common/timescaledb/.helmignore index f0c1319444..50af031725 100644 --- a/kubernetes/esr/.helmignore +++ b/kubernetes/common/timescaledb/.helmignore @@ -19,3 +19,4 @@ .project .idea/ *.tmproj +.vscode/ diff --git a/kubernetes/esr/Chart.yaml b/kubernetes/common/timescaledb/Chart.yaml index 79b287505e..7aeafa01f2 100644 --- a/kubernetes/esr/Chart.yaml +++ b/kubernetes/common/timescaledb/Chart.yaml @@ -1,19 +1,23 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T -# +# ============LICENSE_START======================================================= +# Copyright (c) 2021 Bell Canada. +# ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at -# + # http://www.apache.org/licenses/LICENSE-2.0 -# + # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= apiVersion: v1 -description: ONAP External System Register -name: esr +appVersion: "1.0" +description: ONAP timescaledb +name: timescaledb version: 8.0.0 diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/requirements.yaml b/kubernetes/common/timescaledb/requirements.yaml index 2159c5f3a8..de0c414c19 100644 --- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/requirements.yaml +++ b/kubernetes/common/timescaledb/requirements.yaml @@ -1,24 +1,28 @@ -# Copyright (C) 2020 Wipro Limited. -# +# ============LICENSE_START======================================================= +# Copyright (c) 2021 Bell Canada. +# ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at -# + # http://www.apache.org/licenses/LICENSE-2.0 -# + # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= dependencies: - name: common version: ~8.x-0 repository: '@local' - - name: certInitializer + - name: serviceAccount version: ~8.x-0 repository: '@local' - name: repositoryGenerator version: ~8.x-0 - repository: '@local' + repository: 'file://../repositoryGenerator' diff --git a/kubernetes/platform/components/cmpv2-cert-provider/templates/service.yaml b/kubernetes/common/timescaledb/resources/init/init-schema.sh index bc689cc68f..ab83cffae2 100644 --- a/kubernetes/platform/components/cmpv2-cert-provider/templates/service.yaml +++ b/kubernetes/common/timescaledb/resources/init/init-schema.sh @@ -1,38 +1,28 @@ -{{ if .Values.global.cmpv2Enabled }} +#!/bin/bash # ============LICENSE_START======================================================= -# Copyright (c) 2020 Nokia +# Copyright (c) 2021 Bell Canada. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# + +# http://www.apache.org/licenses/LICENSE-2.0 + # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 # ============LICENSE_END========================================================= -apiVersion: v1 -kind: Service -metadata: - annotations: - prometheus.io/port: "8443" - prometheus.io/scheme: https - prometheus.io/scrape: "true" - labels: - control-plane: controller-manager - name: {{ .Values.service.name }} - namespace: {{ include "common.namespace" . }} -spec: - type: {{ .Values.service.type }} - ports: - - name: {{ .Values.service.ports.name }} - port: {{ .Values.service.ports.port }} - targetPort: {{ .Values.service.ports.targetPort }} - selector: - control-plane: controller-manager -{{ end }} +set -e +set echo on; +psql --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<-EOSQL + CREATE USER $DB_USERNAME WITH PASSWORD '$DB_PASSWORD'; + CREATE SCHEMA $POSTGRES_DB; + GRANT ALL PRIVILEGES ON SCHEMA $POSTGRES_DB TO $DB_USERNAME; + CREATE EXTENSION IF NOT EXISTS timescaledb WITH SCHEMA $POSTGRES_DB; +EOSQL diff --git a/kubernetes/oof/components/oof-cmso/templates/configmap.yaml b/kubernetes/common/timescaledb/templates/configmap-init.yaml index 03e006e6dc..82c1de6255 100644 --- a/kubernetes/oof/components/oof-cmso/templates/configmap.yaml +++ b/kubernetes/common/timescaledb/templates/configmap-init.yaml @@ -1,24 +1,27 @@ {{/* -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T -# +# ============LICENSE_START======================================================= +# Copyright (c) 2021 Bell Canada. +# ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at -# + # http://www.apache.org/licenses/LICENSE-2.0 -# + # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= */}} apiVersion: v1 kind: ConfigMap metadata: - name: {{ include "common.release" . }}-cmso-filebeat-configmap + name: {{ include "common.fullname" . }}-init namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} @@ -26,4 +29,5 @@ metadata: release: {{ include "common.release" . }} heritage: {{ .Release.Service }} data: -{{ tpl (.Files.Glob "resources/log/filebeat/*").AsConfig . | indent 2 }} + init-schema.sh: |- +{{ .Files.Get "resources/init/init-schema.sh" | indent 4}} diff --git a/kubernetes/esr/values.yaml b/kubernetes/common/timescaledb/templates/pv.yaml index 5b2f776dfe..f99b5f3562 100644 --- a/kubernetes/esr/values.yaml +++ b/kubernetes/common/timescaledb/templates/pv.yaml @@ -1,26 +1,21 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T -# +{{/* +# ============LICENSE_START======================================================= +# Copyright (c) 2021 Bell Canada. +# ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at -# + # http://www.apache.org/licenses/LICENSE-2.0 -# + # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +*/}} -################################################################# -# Global configuration defaults. -################################################################# - -# application configuration -config: - logstashServiceName: log-ls - logstashPort: 5044 - -esr-gui: - enabled: true
\ No newline at end of file +{{ include "common.PV" . }} diff --git a/kubernetes/common/timescaledb/templates/secrets.yaml b/kubernetes/common/timescaledb/templates/secrets.yaml new file mode 100644 index 0000000000..c888d48b6c --- /dev/null +++ b/kubernetes/common/timescaledb/templates/secrets.yaml @@ -0,0 +1,21 @@ +{{/* +# ============LICENSE_START======================================================= +# Copyright (c) 2021 Bell Canada. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at + +# http://www.apache.org/licenses/LICENSE-2.0 + +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +*/}} + +{{ include "common.secretFast" . }} diff --git a/kubernetes/common/timescaledb/templates/service.yaml b/kubernetes/common/timescaledb/templates/service.yaml new file mode 100644 index 0000000000..c205ff4889 --- /dev/null +++ b/kubernetes/common/timescaledb/templates/service.yaml @@ -0,0 +1,21 @@ +{{/* +# ============LICENSE_START======================================================= +# Copyright (c) 2021 Bell Canada. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at + +# http://www.apache.org/licenses/LICENSE-2.0 + +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +*/}} + +{{ include "common.service" . }} diff --git a/kubernetes/common/timescaledb/templates/statefulset.yaml b/kubernetes/common/timescaledb/templates/statefulset.yaml new file mode 100644 index 0000000000..9b63de434d --- /dev/null +++ b/kubernetes/common/timescaledb/templates/statefulset.yaml @@ -0,0 +1,90 @@ +{{/* +# ============LICENSE_START======================================================= +# Copyright (c) 2021 Bell Canada. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at + +# http://www.apache.org/licenses/LICENSE-2.0 + +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +*/}} + +apiVersion: apps/v1 +kind: StatefulSet +metadata: {{- include "common.resourceMetadata" . | nindent 2 }} +spec: + replicas: {{ .Values.replicaCount }} + selector: {{- include "common.selectors" . | nindent 4 }} + serviceName: {{ include "common.servicename" . }} + template: + metadata: {{- include "common.templateMetadata" . | nindent 6 }} + spec: + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . ) }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ include "common.name" . }} + image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + imagePullPolicy: {{ .Values.pullPolicy }} + ports: {{ include "common.containerPorts" . | nindent 12 }} + livenessProbe: + exec: + command: ["psql", "-w", "-U", "{{ .Values.config.pgRootUserName }}", "-c", "select 1"] + initialDelaySeconds: 5 + periodSeconds: 60 + readinessProbe: + exec: + command: ["psql", "-w", "-U", "{{ .Values.config.pgRootUserName }}", "-c", "select 1"] + initialDelaySeconds: 5 + periodSeconds: 30 + env: + - name: DB_USERNAME + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "user-creds" "key" "login") | indent 14 }} + - name: DB_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "user-creds" "key" "password") | indent 14 }} + - name: POSTGRES_DB + value: {{ .Values.config.pgDatabase }} + - name: POSTGRES_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "root-creds" "key" "login") | indent 14 }} + - name: POSTGRES_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "root-creds" "key" "password") | indent 14 }} + - name: PGDATA + value: /var/lib/postgresql/data/pgdata + resources: +{{ include "common.resources" . | indent 12 }} + volumeMounts: + - name: {{ include "common.fullname" . }}-init + mountPath: /docker-entrypoint-initdb.d + - name: {{ include "common.fullname" . }} + mountPath: /var/lib/postgresql/data + volumes: + - name: {{ include "common.fullname" . }}-init + configMap: + name: {{ include "common.fullname" . }}-init + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + {{if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }} + volumeClaimTemplates: + - {{ include "common.PVCTemplate" (dict "dot" . "suffix" "data" "persistenceInfos" .Values.persistence) | indent 6 | trim }} +{{- end }} diff --git a/kubernetes/common/timescaledb/values.yaml b/kubernetes/common/timescaledb/values.yaml new file mode 100644 index 0000000000..b6d2face3a --- /dev/null +++ b/kubernetes/common/timescaledb/values.yaml @@ -0,0 +1,111 @@ +# ============LICENSE_START======================================================= +# Copyright (c) 2021 Bell Canada. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at + +# http://www.apache.org/licenses/LICENSE-2.0 + +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +replicaCount: 1 +global: + persistence: {} + +################################################################# +# Secrets. +############################################################## +image: timescale/timescaledb:2.1.1-pg13 + +pullPolicy: Always +containerPorts: 5432 + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +serviceAccount: + nameOverride: timescaledb + roles: + - read + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +resources: + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + limits: + cpu: 0.5 + memory: 256Mi + requests: + cpu: 20m + memory: 256Mi + +nodeSelector: {} + +tolerations: [] + +affinity: {} + +service: + type: ClusterIP + name: timescaledb + ports: + - name: tcp-timescaledb + port: 5432 + +persistence: + enabled: true + + ## A manually managed Persistent Volume and Claim + ## Requires persistence.enabled: true + ## If defined, PVC must be created manually before volume will be bound + # existingClaim: + volumeReclaimPolicy: Retain + + ## database data Persistent Volume Storage Class + ## If defined, storageClassName: <storageClass> + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is + ## set, choosing the default provisioner. (gp2 on AWS, standard on + ## GKE, AWS & OpenStack) + accessMode: ReadWriteOnce + size: 1Gi + mountPath: /dockerdata-nfs + +config: + pgUserName: timescaledb + pgRootUserName: postgres + pgDatabase: timescaledb + +secrets: + - uid: root-creds + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.config.pgRootPasswordExternalSecret) . }}' + login: '{{ .Values.config.pgRootUserName }}' + password: '{{ .Values.config.pgRootpassword }}' + - uid: user-creds + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.config.pgUserExternalSecret) . }}' + login: '{{ .Values.config.pgUserName }}' + password: '{{ .Values.config.pgUserPassword }}' + diff --git a/kubernetes/config/prepull_docker.sh b/kubernetes/config/prepull_docker.sh index 590d651f87..efd0bd14d3 100755 --- a/kubernetes/config/prepull_docker.sh +++ b/kubernetes/config/prepull_docker.sh @@ -102,7 +102,7 @@ do for line in `parse_yaml $filename` do #skiping commented line - if [ "${line:0:1}" != '#' ]; then + if echo "$line" | grep -v '^#' >/dev/null; then #find all image subtag inside converted values.yaml file's lines if echo $line | grep -q $IMAGE_TEXT ; then #find imageName inside line diff --git a/kubernetes/consul/.helmignore b/kubernetes/consul/.helmignore new file mode 100644 index 0000000000..7ddbad7ef4 --- /dev/null +++ b/kubernetes/consul/.helmignore @@ -0,0 +1,22 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj +components/ diff --git a/kubernetes/esr/Makefile b/kubernetes/consul/Makefile index 4c79718d02..92102d2dfc 100644 --- a/kubernetes/esr/Makefile +++ b/kubernetes/consul/Makefile @@ -1,4 +1,4 @@ -# Copyright © 2020 Samsung Electronics +# Copyright © 2020 Samsung Electronics, Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/kubernetes/esr/components/Makefile b/kubernetes/consul/components/Makefile index bf267b7720..e9159f32a9 100644 --- a/kubernetes/esr/components/Makefile +++ b/kubernetes/consul/components/Makefile @@ -1,4 +1,4 @@ -# Copyright © 2020 Samsung Electronics +# Copyright © 2020 Samsung Electronics, Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/kubernetes/consul/components/consul-server/requirements.yaml b/kubernetes/consul/components/consul-server/requirements.yaml index 7afdbc936e..e43236def8 100644 --- a/kubernetes/consul/components/consul-server/requirements.yaml +++ b/kubernetes/consul/components/consul-server/requirements.yaml @@ -20,3 +20,9 @@ dependencies: # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/consul/components/consul-server/templates/statefulset.yaml b/kubernetes/consul/components/consul-server/templates/statefulset.yaml index 16fda3a510..8e872b9c87 100644 --- a/kubernetes/consul/components/consul-server/templates/statefulset.yaml +++ b/kubernetes/consul/components/consul-server/templates/statefulset.yaml @@ -74,3 +74,4 @@ spec: initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} resources: {{ include "common.resources" . | nindent 10 }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} diff --git a/kubernetes/consul/components/consul-server/values.yaml b/kubernetes/consul/components/consul-server/values.yaml index 48a26effd7..d4e649444a 100644 --- a/kubernetes/consul/components/consul-server/values.yaml +++ b/kubernetes/consul/components/consul-server/values.yaml @@ -92,3 +92,9 @@ securityContext: fsGroup: 1000 runAsUser: 100 runAsGroup: 1000 + +#Pods Service Account +serviceAccount: + nameOverride: consul-server + roles: + - read diff --git a/kubernetes/consul/requirements.yaml b/kubernetes/consul/requirements.yaml index 4d43035d04..1312294f29 100644 --- a/kubernetes/consul/requirements.yaml +++ b/kubernetes/consul/requirements.yaml @@ -26,4 +26,7 @@ dependencies: - name: consul-server version: ~8.x-0 repository: 'file://components/consul-server' - condition: cds-command-executor.enabled + condition: consul-server.enabled + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/consul/templates/deployment.yaml b/kubernetes/consul/templates/deployment.yaml index 31546abd49..c5d12a4693 100644 --- a/kubernetes/consul/templates/deployment.yaml +++ b/kubernetes/consul/templates/deployment.yaml @@ -83,6 +83,7 @@ spec: - mountPath: /consul/certs name: consul-agent-certs-config resources: {{ include "common.resources" . | nindent 10 }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: - name: consul-agent-config-dir emptyDir: {} diff --git a/kubernetes/consul/values.yaml b/kubernetes/consul/values.yaml index 0f5d2861cc..e2aa181efb 100644 --- a/kubernetes/consul/values.yaml +++ b/kubernetes/consul/values.yaml @@ -109,3 +109,9 @@ securityContext: fsGroup: 1000 runAsUser: 100 runAsGroup: 1000 + +#Pods Service Account +serviceAccount: + nameOverride: consul + roles: + - read diff --git a/kubernetes/contrib/components/ejbca/requirements.yaml b/kubernetes/contrib/components/ejbca/requirements.yaml index 31db08aa3a..8762d969f9 100644 --- a/kubernetes/contrib/components/ejbca/requirements.yaml +++ b/kubernetes/contrib/components/ejbca/requirements.yaml @@ -26,3 +26,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: cmpv2Config + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/contrib/components/ejbca/resources/ejbca-config.sh b/kubernetes/contrib/components/ejbca/resources/ejbca-config.sh index ad10240b94..2c672e2f07 100755 --- a/kubernetes/contrib/components/ejbca/resources/ejbca-config.sh +++ b/kubernetes/contrib/components/ejbca/resources/ejbca-config.sh @@ -8,16 +8,31 @@ waitForEjbcaToStart() { } configureEjbca() { + ejbca.sh ca init \ + --caname ManagementCA \ + --dn "O=EJBCA Container Quickstart,CN=ManagementCA,UID=12345" \ + --tokenType soft \ + --keyspec 3072 \ + --keytype RSA \ + -v 3652 \ + --policy null \ + -s SHA256WithRSA \ + -type "x509" ejbca.sh config cmp addalias --alias cmpRA ejbca.sh config cmp updatealias --alias cmpRA --key operationmode --value ra ejbca.sh ca editca --caname ManagementCA --field cmpRaAuthSecret --value ${RA_IAK} - ejbca.sh config cmp updatealias --alias cmpRA --key responseprotection --value pbe + ejbca.sh config cmp updatealias --alias cmpRA --key responseprotection --value signature + ejbca.sh config cmp updatealias --alias cmpRA --key authenticationmodule --value 'HMAC;EndEntityCertificate' + ejbca.sh config cmp updatealias --alias cmpRA --key authenticationparameters --value '-;ManagementCA' + ejbca.sh config cmp updatealias --alias cmpRA --key allowautomatickeyupdate --value true #Custom EJBCA cert profile and endentity are imported to allow issuing certificates with correct extended usage (containing serverAuth) ejbca.sh ca importprofiles -d /opt/primekey/custom_profiles #Profile name taken from certprofile filename (certprofile_<profile-name>-<id>.xml) ejbca.sh config cmp updatealias --alias cmpRA --key ra.certificateprofile --value CUSTOM_ENDUSER #ID taken from entityprofile filename (entityprofile_<profile-name>-<id>.xml) ejbca.sh config cmp updatealias --alias cmpRA --key ra.endentityprofileid --value 1356531849 + caSubject=$(ejbca.sh ca getcacert --caname ManagementCA -f /dev/stdout | grep 'Subject' | sed -e "s/^Subject: //" | sed -n '1p') + ejbca.sh config cmp updatealias --alias cmpRA --key defaultca --value "$caSubject" ejbca.sh config cmp dumpalias --alias cmpRA ejbca.sh config cmp addalias --alias cmp ejbca.sh config cmp updatealias --alias cmp --key allowautomatickeyupdate --value true @@ -27,6 +42,13 @@ configureEjbca() { ejbca.sh config cmp updatealias --alias cmp --key extractusernamecomponent --value CN ejbca.sh config cmp dumpalias --alias cmp ejbca.sh ca getcacert --caname ManagementCA -f /dev/stdout > cacert.pem + #Add "Certificate Update Admin" role to allow performing KUR/CR for certs within specific organization (e.g. Linux-Foundation) + ejbca.sh roles addrole "Certificate Update Admin" + ejbca.sh roles changerule "Certificate Update Admin" /ca/ManagementCA/ ACCEPT + ejbca.sh roles changerule "Certificate Update Admin" /ca_functionality/create_certificate/ ACCEPT + ejbca.sh roles changerule "Certificate Update Admin" /endentityprofilesrules/Custom_EndEntity/ ACCEPT + ejbca.sh roles changerule "Certificate Update Admin" /ra_functionality/edit_end_entity/ ACCEPT + ejbca.sh roles addrolemember "Certificate Update Admin" ManagementCA WITH_ORGANIZATION --value "{{ .Values.cmpv2Config.global.certificate.default.subject.organization }}" } diff --git a/kubernetes/contrib/components/ejbca/templates/deployment.yaml b/kubernetes/contrib/components/ejbca/templates/deployment.yaml index a10b0592de..fc163ee2e2 100644 --- a/kubernetes/contrib/components/ejbca/templates/deployment.yaml +++ b/kubernetes/contrib/components/ejbca/templates/deployment.yaml @@ -23,6 +23,8 @@ spec: template: metadata: {{- include "common.templateMetadata" . | nindent 6 }} spec: + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" initContainers: - name: {{ include "common.name" . }}-db-readiness command: @@ -59,6 +61,8 @@ spec: env: - name: INITIAL_ADMIN value: ";PublicAccessAuthenticationToken:TRANSPORT_ANY;" + - name: NO_CREATE_CA + value: "true" - name: DATABASE_JDBC_URL value: jdbc:mariadb://{{ include "common.mariadbService" . }}:{{ include "common.mariadbPort" . }}/{{ .Values.mysqlDatabase }} - name: DATABASE_USER diff --git a/kubernetes/contrib/dns-server-for-vhost-ingress-testing/deploy_dns.sh b/kubernetes/contrib/dns-server-for-vhost-ingress-testing/deploy_dns.sh index 67bbfd6c6f..460c046632 100755 --- a/kubernetes/contrib/dns-server-for-vhost-ingress-testing/deploy_dns.sh +++ b/kubernetes/contrib/dns-server-for-vhost-ingress-testing/deploy_dns.sh @@ -1,5 +1,5 @@ #!/bin/bash -e -# + # Copyright 2020 Samsung Electronics Co., Ltd. # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -70,7 +70,8 @@ ingress_controller_ip() { deploy() { local ingress_ip=$(ingress_controller_ip) - pushd "$SPATH/bind9dns" > /dev/null + initdir = $(pwd) + cd $SPATH/bind9dns if [ $# -eq 0 ]; then local cl_domain="simpledemo.onap.org" else @@ -82,13 +83,13 @@ deploy() { shift fi helm install . --set dnsconf.wildcard="$cl_domain=$ingress_ip" $@ - popd > /dev/null + cd $initdir target_machine_notice_info } if [ $# -eq 1 ] && [ "$1" = "-h" ]; then usage -elif [ $# -eq 1 ] && [ "$1" = "--help" ]; then +elif [ $# -eq 1 ] && [ "$1" = "--help" ]; then usage elif [ $# -eq 1 ] && [ "$1" = "--info" ]; then target_machine_notice_info diff --git a/kubernetes/contrib/tools/check-for-staging-images.sh b/kubernetes/contrib/tools/check-for-staging-images.sh index 8c01312fa2..543e918cfa 100755 --- a/kubernetes/contrib/tools/check-for-staging-images.sh +++ b/kubernetes/contrib/tools/check-for-staging-images.sh @@ -40,7 +40,7 @@ printf "\n" if [ -n "$NOT_AVAILABLE_IMAGES" ]; then echo "[ERROR] Only release images are allowed in helm charts." echo "[ERROR] Images not found in release repo:" - echo -e "$NOT_AVAILABLE_IMAGES" + printf "%b$NOT_AVAILABLE_IMAGES\n" exit 1 fi -exit 0
\ No newline at end of file +exit 0 diff --git a/kubernetes/contrib/tools/registry-initialize.sh b/kubernetes/contrib/tools/registry-initialize.sh new file mode 100755 index 0000000000..75b36bbc52 --- /dev/null +++ b/kubernetes/contrib/tools/registry-initialize.sh @@ -0,0 +1,118 @@ +#!/bin/sh -x + +# Copyright (c) 2021 AT&T. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Pre-requisite +# 1. Chart packages available under local directory provided as input/argument +# 2. helm client installed with push plugin +# 3. ONAP chartmuseum service deployed + +usage() +{ + echo "Chart Base directory must be provided as input!!" + echo "Usage: registry-initialize.sh -d chartdirectory \ +<-n namespace override> <-r helmrelease override>" + exit 1 +} + +if [ $# -eq 0 ]; then + usage +fi + +# defaults +NAMESPACE=onap +RLS_NAME=onap +LOGIN="" +PASSWORD="" + +while getopts ":d:n:r:" opt; do + case $opt in + d) BASEDIR="$OPTARG" + ;; + n) NAMESPACE="$OPTARG" + ;; + r) RLS_NAME="$OPTARG" + ;; + \?) echo "Invalid option -$OPTARG" >&2 + usage + ;; + esac +done + +if [ -z "$BASEDIR" ]; then + exit "Chart base directory provided $BASEDIR is empty" +fi + +if [ "$(find $BASEDIR -maxdepth 1 -name '*tgz' -print -quit)" ]; then + echo "$BASEDIR valid" +else + exit "No chart package on $BASEDIR provided" +fi + +LOGIN=$(kubectl -n "$NAMESPACE" get secret \ + "${RLS_NAME}-chartmuseum-registrycred" \ + -o jsonpath='{.data.login}' | base64 -d) + +PASSWORD=$(kubectl -n "$NAMESPACE" get secret \ + "${RLS_NAME}-chartmuseum-registrycred" \ + -o jsonpath='{.data.password}' | base64 -d) + +if [ -z "$LOGIN" ] || [ -z "$PASSWORD" ]; then + echo "Login/Password credential for target registry cannot be retrieved" + exit 1 +fi + +# Expose cluster port via port-forwarding +kubectl -n $NAMESPACE port-forward service/chart-museum 27017:80 & +if [ $? -ne 0 ]; then + echo "Error in portforwarding; registry cannot be added!!" + exit 1 +fi + +sleep 5 + +# Add chartmuseum repo as helm repo +# Credentials should match config defined in +# oom\kubernetes\platform\components\chartmuseum\values.yaml +helm repo add k8s-registry http://127.0.0.1:27017 --username "$LOGIN" \ + --password "$PASSWORD" +if [ $? -ne 0 ]; then + echo "registry cannot be added!!" + pkill -f "port-forward service/chart-museum" + exit 1 +fi + +# Initial scope is pushing only dcae charts +# can be expanded to include all onap charts if required +for file in $BASEDIR/dcae*tgz; do + # use helm plugin to push charts + helm push $file k8s-registry + if [ $? -eq 0 ]; then + echo "$file uploaded to registry successfully" + else + echo "registry upload failed!!" + pkill -f "port-forward service/chart-museum" + helm repo remove k8s-registry + exit 1 + fi +done + +echo "All Helm charts successfully uploaded into internal repository" + +# Remove the port-forwarding process +pkill -f "port-forward service/chart-museum" + +# Remove helm registry from local +helm repo remove k8s-registry diff --git a/kubernetes/cps/.helmignore b/kubernetes/cps/.helmignore index 80b47d2723..7ddbad7ef4 100644 --- a/kubernetes/cps/.helmignore +++ b/kubernetes/cps/.helmignore @@ -19,4 +19,4 @@ .project .idea/ *.tmproj -components/
\ No newline at end of file +components/ diff --git a/kubernetes/cps/Chart.yaml b/kubernetes/cps/Chart.yaml index 325f26dc38..0837c72dd9 100644 --- a/kubernetes/cps/Chart.yaml +++ b/kubernetes/cps/Chart.yaml @@ -1,4 +1,4 @@ -# Copyright (C) 2021 Pantheon.tech +# Copyright (C) 2021 Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,6 +13,6 @@ # limitations under the License. apiVersion: v1 -description: Configuration Persistance Service (CPS) +description: ONAP Configuration Persistance Service (CPS) name: cps version: 8.0.0 diff --git a/kubernetes/oof/components/oof-cmso/components/Makefile b/kubernetes/cps/Makefile index 36ea7b6c2b..70bb031af3 100755..100644 --- a/kubernetes/oof/components/oof-cmso/components/Makefile +++ b/kubernetes/cps/Makefile @@ -1,4 +1,5 @@ # Copyright © 2020 Samsung Electronics +# Copyright (c) 2021 AT&T. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,14 +14,15 @@ # limitations under the License. ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST)))) -OUTPUT_DIR := $(ROOT_DIR)/../../../../dist +OUTPUT_DIR := $(ROOT_DIR)/../dist PACKAGE_DIR := $(OUTPUT_DIR)/packages SECRET_DIR := $(OUTPUT_DIR)/secrets +HELM_REPO := local + EXCLUDES := HELM_BIN := helm HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.)))) -HELM_VER := $(shell $(HELM_BIN) version --template "{{.Version}}") .PHONY: $(EXCLUDES) $(HELM_CHARTS) @@ -41,12 +43,8 @@ lint-%: dep-% package-%: lint-% @mkdir -p $(PACKAGE_DIR) -ifeq "$(findstring v3,$(HELM_VER))" "v3" - @if [ -f $*/Chart.yaml ]; then PACKAGE_NAME=$$($(HELM_BIN) package -d $(PACKAGE_DIR) $* | cut -d":" -f2) && $(HELM_BIN) push -f $$PACKAGE_NAME local; fi -else - @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) package -d $(PACKAGE_DIR) $*; fi -endif - @$(HELM_BIN) repo index $(PACKAGE_DIR) + @if [ -f $*/Chart.yaml ]; then PACKAGE_NAME=$$($(HELM_BIN) package -d $(PACKAGE_DIR) $* | cut -d":" -f2) && $(HELM_BIN) push -f $$PACKAGE_NAME $(HELM_REPO); fi + @sleep 3 clean: @rm -f */requirements.lock diff --git a/kubernetes/cps/README.md b/kubernetes/cps/README.md index 4b578c41c2..876da2ca57 100644 --- a/kubernetes/cps/README.md +++ b/kubernetes/cps/README.md @@ -19,4 +19,4 @@ ONAP Configuration Persistence Service (CPS) includes the following Kubernetes services: -1) Cps and xNF - Configuration Persistence Service together with Nf Configuration Persistence Service
\ No newline at end of file +1) cps-core - Configuration Persistence Service together with Nf Configuration Persistence Service
\ No newline at end of file diff --git a/kubernetes/oof/components/oof-cmso/Makefile b/kubernetes/cps/components/Makefile index 33d61041cd..db8704c2ca 100644 --- a/kubernetes/oof/components/oof-cmso/Makefile +++ b/kubernetes/cps/components/Makefile @@ -1,4 +1,5 @@ # Copyright © 2020 Samsung Electronics +# Copyright (c) 2021 AT&T. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,18 +14,26 @@ # limitations under the License. ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST)))) -OUTPUT_DIR := $(ROOT_DIR)/../../../dist +OUTPUT_DIR := $(ROOT_DIR)/../../dist PACKAGE_DIR := $(OUTPUT_DIR)/packages SECRET_DIR := $(OUTPUT_DIR)/secrets -EXCLUDES := dist resources templates charts docker +HELM_REPO := local + +EXCLUDES := HELM_BIN := helm +# Helm v2 and helm v3 uses different version format so we first try in helm v3 format +# and if it fails then we fallback to helm v2 one +HELM_VER := $(shell $(HELM_BIN) version --template "{{.Version}}" 2>/dev/null) +ifneq "$(findstring v3,$(HELM_VER))" "v3" + HELM_VER := $(shell $(HELM_BIN) version -c --template "{{.Client.SemVer}}") +endif + HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.)))) -HELM_VER := $(shell $(HELM_BIN) version --template "{{.Version}}") .PHONY: $(EXCLUDES) $(HELM_CHARTS) -all: $(HELM_CHARTS) +all: $(HELM_CHARTS) helm-repo-update $(HELM_CHARTS): @echo "\n[$@]" @@ -41,16 +50,18 @@ lint-%: dep-% package-%: lint-% @mkdir -p $(PACKAGE_DIR) -ifeq "$(findstring v3,$(HELM_VER))" "v3" - @if [ -f $*/Chart.yaml ]; then PACKAGE_NAME=$$($(HELM_BIN) package -d $(PACKAGE_DIR) $* | cut -d":" -f2) && $(HELM_BIN) push -f $$PACKAGE_NAME local; fi -else - @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) package -d $(PACKAGE_DIR) $*; fi -endif - @$(HELM_BIN) repo index $(PACKAGE_DIR) + @if [ -f $*/Chart.yaml ]; then PACKAGE_NAME=$$($(HELM_BIN) package -d $(PACKAGE_DIR) $* | cut -d":" -f2) && $(HELM_BIN) push -f $$PACKAGE_NAME $(HELM_REPO); fi + @sleep 3 clean: @rm -f */requirements.lock @rm -f *tgz */charts/*tgz @rm -rf $(PACKAGE_DIR) + +helm-repo-update: +ifeq "$(findstring v3,$(HELM_VER))" "v3" + @$(HELM_BIN) repo update +endif + %: @: diff --git a/kubernetes/esr/components/esr-gui/.helmignore b/kubernetes/cps/components/cps-core/.helmignore index f0c1319444..80b47d2723 100644 --- a/kubernetes/esr/components/esr-gui/.helmignore +++ b/kubernetes/cps/components/cps-core/.helmignore @@ -19,3 +19,4 @@ .project .idea/ *.tmproj +components/
\ No newline at end of file diff --git a/kubernetes/oof/components/oof-cmso/Chart.yaml b/kubernetes/cps/components/cps-core/Chart.yaml index c1fa86c277..710032896e 100644 --- a/kubernetes/oof/components/oof-cmso/Chart.yaml +++ b/kubernetes/cps/components/cps-core/Chart.yaml @@ -1,4 +1,4 @@ -# Copyright © 2018 AT&T +# Copyright (C) Pantheon.tech, Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,6 +13,6 @@ # limitations under the License. apiVersion: v1 -description: Chart for Change Management Service Orchestrator (CMSO) -name: oof-cmso +description: ONAP Configuration Persistance Service (CPS) - Core +name: cps-core version: 8.0.0 diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-ticketmgt/requirements.yaml b/kubernetes/cps/components/cps-core/requirements.yaml index 2159c5f3a8..d6b6712852 100644 --- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-ticketmgt/requirements.yaml +++ b/kubernetes/cps/components/cps-core/requirements.yaml @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Wipro Limited. +# Copyright (C) 2021 Pantheon.tech, Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -16,9 +16,15 @@ dependencies: - name: common version: ~8.x-0 repository: '@local' - - name: certInitializer + - name: postgres + version: ~8.x-0 + repository: '@local' + - name: readinessCheck version: ~8.x-0 repository: '@local' - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/cps/resources/config/application-helm.yml b/kubernetes/cps/components/cps-core/resources/config/application-helm.yml index 5f19007231..f181b82fec 100755..100644 --- a/kubernetes/cps/resources/config/application-helm.yml +++ b/kubernetes/cps/components/cps-core/resources/config/application-helm.yml @@ -1,21 +1,21 @@ {{/* - # Copyright (C) 2021 Pantheon.tech - # Modifications Copyright (C) 2020 Bell Canada. All rights reserved. - # Modifications Copyright (C) 2021 Nordix Foundation. All rights reserved. - # - # Licensed under the Apache License, Version 2.0 (the "License"); - # you may not use this file except in compliance with the License. - # You may obtain a copy of the License at - # - # http://www.apache.org/licenses/LICENSE-2.0 - # - # Unless required by applicable law or agreed to in writing, software - # distributed under the License is distributed on an "AS IS" BASIS, - # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - # See the License for the specific language governing permissions and - # limitations under the License. +# Copyright (C) 2021 Pantheon.tech +# Modifications Copyright (C) 2020 Bell Canada. +# Modifications Copyright (C) 2021 Nordix Foundation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. */}} ---- + server: port: 8080 diff --git a/kubernetes/cps/resources/config/logback.xml b/kubernetes/cps/components/cps-core/resources/config/logback.xml index 56ffc88220..8256cfa18d 100644 --- a/kubernetes/cps/resources/config/logback.xml +++ b/kubernetes/cps/components/cps-core/resources/config/logback.xml @@ -1,11 +1,13 @@ <!-- ============LICENSE_START======================================================= - Copyright (C) 2020 Bell Canada. All rights reserved. + Copyright (C) 2020 Bell Canada. ================================================================================ Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at + http://www.apache.org/licenses/LICENSE-2.0 + Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. diff --git a/kubernetes/cps/templates/NOTES.txt b/kubernetes/cps/components/cps-core/templates/NOTES.txt index 09d22dfa7c..09d22dfa7c 100644 --- a/kubernetes/cps/templates/NOTES.txt +++ b/kubernetes/cps/components/cps-core/templates/NOTES.txt diff --git a/kubernetes/cps/templates/configmap.yaml b/kubernetes/cps/components/cps-core/templates/configmap.yaml index eeb057cbd8..eeb057cbd8 100644 --- a/kubernetes/cps/templates/configmap.yaml +++ b/kubernetes/cps/components/cps-core/templates/configmap.yaml diff --git a/kubernetes/cps/templates/deployment.yaml b/kubernetes/cps/components/cps-core/templates/deployment.yaml index 61877c38a0..2047a39497 100755..100644 --- a/kubernetes/cps/templates/deployment.yaml +++ b/kubernetes/cps/components/cps-core/templates/deployment.yaml @@ -1,7 +1,7 @@ {{/* # Copyright (C) 2021 Pantheon.tech, Orange # Modifications Copyright (C) 2021 Bell Canada. -# Modifications Copyright (C) 2021 Nordix Foundation. All rights reserved. +# Modifications Copyright (C) 2021 Nordix Foundation. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -103,4 +103,4 @@ spec: - name: init-temp emptyDir: {} imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key"
\ No newline at end of file + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/cps/templates/ingress.yaml b/kubernetes/cps/components/cps-core/templates/ingress.yaml index 16f9440aba..16f9440aba 100644 --- a/kubernetes/cps/templates/ingress.yaml +++ b/kubernetes/cps/components/cps-core/templates/ingress.yaml diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/templates/secret.yaml b/kubernetes/cps/components/cps-core/templates/secrets.yaml index 34932b713d..f25044d339 100644 --- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/templates/secret.yaml +++ b/kubernetes/cps/components/cps-core/templates/secrets.yaml @@ -1,5 +1,5 @@ {{/* -# Copyright © 2020 Samsung Electronics +# Copyright (C) 2021 Pantheon.tech # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/templates/secret.yaml b/kubernetes/cps/components/cps-core/templates/service.yaml index 34932b713d..97657bfc0b 100644 --- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/templates/secret.yaml +++ b/kubernetes/cps/components/cps-core/templates/service.yaml @@ -1,5 +1,5 @@ {{/* -# Copyright © 2020 Samsung Electronics +# Copyright (C) 2021 Pantheon.tech, Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -14,4 +14,4 @@ # limitations under the License. */}} -{{ include "common.secretFast" . }} +{{ include "common.service" . }} diff --git a/kubernetes/cps/components/cps-core/values.yaml b/kubernetes/cps/components/cps-core/values.yaml new file mode 100644 index 0000000000..ae8bccd2a8 --- /dev/null +++ b/kubernetes/cps/components/cps-core/values.yaml @@ -0,0 +1,168 @@ +# Copyright (C) 2021 Pantheon.tech, Orange, Bell Canada. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Secrets. +################################################################# +secrets: + - uid: pg-root-pass + name: &pgRootPassSecretName '{{ include "common.release" . }}-cps-pg-root-pass' + type: password + externalSecret: '{{ ternary "" (tpl (default "" .Values.postgres.config.pgRootPasswordExternalSecret) .) (hasSuffix "cps-pg-root-pass" .Values.postgres.config.pgRootPasswordExternalSecret) }}' + password: '{{ .Values.postgres.config.pgRootpassword }}' + policy: generate + - uid: pg-user-creds + name: &pgUserCredsSecretName '{{ include "common.release" . }}-cps-pg-user-creds' + type: basicAuth + externalSecret: '{{ ternary "" (tpl (default "" .Values.postgres.config.pgUserExternalSecret) .) (hasSuffix "cps-pg-user-creds" .Values.postgres.config.pgUserExternalSecret) }}' + login: '{{ .Values.postgres.config.pgUserName }}' + password: '{{ .Values.postgres.config.pgUserPassword }}' + passwordPolicy: generate + - uid: app-user-creds + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.config.appUserExternalSecret) . }}' + login: '{{ .Values.config.appUserName }}' + password: '{{ .Values.config.appUserPassword }}' + passwordPolicy: generate + +################################################################# +# Global configuration defaults. +################################################################# + +# bitnami image doesn't support well single quote in password +passwordStrengthOverride: basic +global: + ingress: + virtualhost: + baseurl: "simpledemo.onap.org" + +image: onap/cps-and-nf-proxy:1.0.1 +containerPort: &svc_port 8080 + +service: + type: ClusterIP + name: cps-core + ports: + - name: &port http + port: *svc_port + +pullPolicy: Always +# flag to enable debugging - application support required +debugEnabled: false +nodeSelector: {} +affinity: {} +# Resource Limit flavor -By Default using small +flavor: small +# default number of instances +replicaCount: 1 +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 2 + memory: 2Gi + requests: + cpu: 1 + memory: 1Gi + large: + limits: + cpu: 4 + memory: 4Gi + requests: + cpu: 2 + memory: 2Gi + unlimited: {} +# probe configuration parameters +liveness: + initialDelaySeconds: 20 + periodSeconds: 20 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + path: /manage/health + port: *port + +readiness: + initialDelaySeconds: 15 + periodSeconds: 15 + path: /manage/health + port: *port + +ingress: + enabled: true + service: + - baseaddr: "cps-core" + path: "/" + name: "cps-core" + port: *svc_port + +serviceAccount: + nameOverride: cps-core + roles: + - read + +securityContext: + user_id: 100 + group_id: 655533 + +################################################################# +# Application configuration defaults. +################################################################# + +config: + + # Set it for pre loading xnfdata, else set to null + liquibaseLabels: xnf-data-preload + + # REST API basic authentication credentials (passsword is generated if not provided) + appUserName: cpsuser + spring: + profile: helm + #appUserPassword: + +# Any new property can be added in the env by setting in overrides in the format mentioned below +# All the added properties must be in "key: value" format insead of yaml. +# additional: +# spring.config.max-size: 200 +# spring.config.min-size: 10 + +logging: + level: INFO + path: /tmp + +################################################################# +# Postgres overriding defaults in the postgres +################################################################# +postgres: + nameOverride: &postgresName cps-postgres + service: + name: *postgresName + name2: cps-pg-primary + name3: cps-pg-replica + container: + name: + primary: cps-pg-primary + replica: cps-pg-replica + persistence: + mountSubPath: cps/data + mountInitPath: cps + config: + pgUserName: cps + pgDatabase: cpsdb + pgUserExternalSecret: *pgUserCredsSecretName + pgRootPasswordExternalSecret: *pgRootPassSecretName + +readinessCheck: + wait_for: + - cps-postgres diff --git a/kubernetes/cps/components/cps-temporal/.helmignore b/kubernetes/cps/components/cps-temporal/.helmignore new file mode 100644 index 0000000000..80b47d2723 --- /dev/null +++ b/kubernetes/cps/components/cps-temporal/.helmignore @@ -0,0 +1,22 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj +components/
\ No newline at end of file diff --git a/kubernetes/esr/components/esr-gui/Chart.yaml b/kubernetes/cps/components/cps-temporal/Chart.yaml index 9f08c59485..ab4bfe7e42 100644 --- a/kubernetes/esr/components/esr-gui/Chart.yaml +++ b/kubernetes/cps/components/cps-temporal/Chart.yaml @@ -1,19 +1,22 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T -# +# ============LICENSE_START======================================================= +# Copyright (c) 2021 Bell Canada. +# ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at -# + # http://www.apache.org/licenses/LICENSE-2.0 -# + # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= apiVersion: v1 -description: ONAP External System Register GUI -name: esr-gui +description: ONAP Configuration Persistance Service (CPS) - Temporal +name: cps-temporal version: 8.0.0 diff --git a/kubernetes/cps/components/cps-temporal/requirements.yaml b/kubernetes/cps/components/cps-temporal/requirements.yaml new file mode 100644 index 0000000000..b2293db9af --- /dev/null +++ b/kubernetes/cps/components/cps-temporal/requirements.yaml @@ -0,0 +1,34 @@ +# ============LICENSE_START======================================================= +# Copyright (c) 2021 Bell Canada. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at + +# http://www.apache.org/licenses/LICENSE-2.0 + +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +dependencies: + - name: common + version: ~8.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~8.x-0 + repository: '@local' + - name: timescaledb + version: ~8.x-0 + repository: '@local' + - name: readinessCheck + version: ~8.x-0 + repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/cps/components/cps-temporal/resources/config/application-helm.yml b/kubernetes/cps/components/cps-temporal/resources/config/application-helm.yml new file mode 100644 index 0000000000..6654b26556 --- /dev/null +++ b/kubernetes/cps/components/cps-temporal/resources/config/application-helm.yml @@ -0,0 +1,47 @@ +{{/* +# ============LICENSE_START======================================================= +# Copyright (c) 2021 Bell Canada. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at + +# http://www.apache.org/licenses/LICENSE-2.0 + +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +*/}} + +spring: + datasource: + url: jdbc:postgresql://{{ .Values.timescaledb.service.name }}:5432/{{ .Values.timescaledb.config.pgDatabase }} + username: ${DB_USERNAME} + password: ${DB_PASSWORD} + kafka: + bootstrap-servers: [{{ .Values.config.kafka.service }}:{{ .Values.config.kafka.port }}] + security: + protocol: {{ .Values.config.kafka.protocol }} + consumer: + group-id: {{ .Values.config.kafka.consumerGroupId }} + +security: + auth: + username: ${APP_USERNAME} + password: ${APP_PASSWORD} + +app: + listener: + data-updated: + topic: {{ .Values.config.kafka.listenerTopic }} + +{{- if .Values.config.additional }} +{{ toYaml .Values.config.additional | nindent 2 }} +{{- end }} + +# Last empty line is required otherwise the last property will be missing from application.yml file in the pod. diff --git a/kubernetes/cps/components/cps-temporal/resources/config/logback.xml b/kubernetes/cps/components/cps-temporal/resources/config/logback.xml new file mode 100644 index 0000000000..a64a58664b --- /dev/null +++ b/kubernetes/cps/components/cps-temporal/resources/config/logback.xml @@ -0,0 +1,44 @@ +<!-- + ============LICENSE_START======================================================= + Copyright (C) 2020 Bell Canada. + ================================================================================ + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + SPDX-License-Identifier: Apache-2.0 + ============LICENSE_END========================================================= +--> + +<configuration> + + <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> + <encoder> + <pattern>%d - %highlight(%-5level) [%-20.20thread] %cyan(%logger{36}) - %msg%n</pattern> + </encoder> + </appender> + + <!-- Logger for cps classes --> + <logger name="org.onap.cps" level="info"/> + + <!-- Logger for sql statements. Set to info to disable, debug to enable --> + <logger name="org.hibernate.SQL" level="info"/> + + <!-- Logger for sql bindings. Set to info to disable, to trace to enable --> + <logger name="org.hibernate.type.descriptor.sql.BasicBinder" level="info"/> + + <!-- Logger for hibernate statistics. Set to warn to disable, to info to enable --> + <logger name="org.hibernate.engine.internal.StatisticalLoggingSessionEventListener" level="warn"/> + + <root level="info"> + <appender-ref ref="STDOUT" /> + </root> + +</configuration>
\ No newline at end of file diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/templates/configmap.yaml b/kubernetes/cps/components/cps-temporal/templates/configmap.yaml index 69614344fc..6d9e30fe16 100644 --- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/templates/configmap.yaml +++ b/kubernetes/cps/components/cps-temporal/templates/configmap.yaml @@ -1,28 +1,24 @@ {{/* -# Copyright © 2018 AT&T -# +# ============LICENSE_START======================================================= +# Copyright (c) 2021 Bell Canada. +# ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at -# + # http://www.apache.org/licenses/LICENSE-2.0 -# + # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= */}} apiVersion: v1 kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} +metadata: {{- include "common.resourceMetadata" . | nindent 2 }} +data: {{ tpl (.Files.Glob "resources/config/*").AsConfig . | nindent 2 }} diff --git a/kubernetes/cps/components/cps-temporal/templates/deployment.yaml b/kubernetes/cps/components/cps-temporal/templates/deployment.yaml new file mode 100644 index 0000000000..806e65a865 --- /dev/null +++ b/kubernetes/cps/components/cps-temporal/templates/deployment.yaml @@ -0,0 +1,113 @@ +{{/* +# ============LICENSE_START======================================================= +# Copyright (c) 2021 Bell Canada. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at + +# http://www.apache.org/licenses/LICENSE-2.0 + +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +*/}} + +apiVersion: apps/v1 +kind: Deployment +metadata: {{- include "common.resourceMetadata" . | nindent 2 }} +spec: + replicas: {{ .Values.replicaCount }} + minReadySeconds: {{ index .Values.minReadySeconds }} + strategy: + type: {{ index .Values.updateStrategy.type }} + rollingUpdate: + maxUnavailable: {{ index .Values.updateStrategy.maxUnavailable }} + maxSurge: {{ index .Values.updateStrategy.maxSurge }} + selector: {{- include "common.selectors" . | nindent 4 }} + template: + metadata: {{- include "common.templateMetadata" . | nindent 6 }} + spec: + {{ include "common.podSecurityContext" . | indent 6 | trim}} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . ) }} + initContainers: {{ include "common.readinessCheck.waitFor" . | nindent 6 }} + - name: {{ include "common.name" . }}-update-config + image: {{ include "repositoryGenerator.image.envsubst" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - sh + args: + - -c + - "cd /config-input && for PFILE in `find . -not -type d | grep -v -F ..`; do envsubst <${PFILE} >/config/${PFILE}; done" + env: + - name: DB_USERNAME + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pg-user-creds" "key" "login") | indent 12 }} + - name: DB_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pg-user-creds" "key" "password") | indent 12 }} + - name: APP_USERNAME + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "app-user-creds" "key" "login") | indent 12 }} + - name: APP_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "app-user-creds" "key" "password") | indent 12 }} + volumeMounts: + - mountPath: /config-input + name: init-data-input + - mountPath: /config + name: init-data + containers: + - name: {{ include "common.name" . }} + image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: {{ include "common.containerPorts" . | nindent 10 }} + {{ include "common.containerSecurityContext" . | indent 8 | trim }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + httpGet: + port: {{ .Values.liveness.port }} + path: {{ .Values.liveness.path }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + httpGet: + port: {{ .Values.readiness.port }} + path: {{ .Values.readiness.path }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + env: + - name: SPRING_PROFILES_ACTIVE + value: {{ .Values.config.spring.profile }} + resources: {{ include "common.resources" . | nindent 10 }} + {{- if .Values.nodeSelector }} + nodeSelector: {{ toYaml .Values.nodeSelector | nindent 12 }} + {{- end }} + {{- if .Values.affinity }} + affinity: {{ toYaml .Values.affinity | nindent 12 }} + {{- end }} + volumeMounts: + - mountPath: /app/resources/application-helm.yml + subPath: application-helm.yml + name: init-data + - mountPath: /app/resources/logback.xml + subPath: logback.xml + name: init-data + - mountPath: /tmp + name: init-temp + volumes: + - name: init-data-input + configMap: + name: {{ include "common.fullname" . }} + - name: init-data + emptyDir: + medium: Memory + - name: init-temp + emptyDir: {} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" + diff --git a/kubernetes/cps/components/cps-temporal/templates/ingress.yaml b/kubernetes/cps/components/cps-temporal/templates/ingress.yaml new file mode 100644 index 0000000000..0dc4d1ae47 --- /dev/null +++ b/kubernetes/cps/components/cps-temporal/templates/ingress.yaml @@ -0,0 +1,21 @@ +{{/* +# ============LICENSE_START======================================================= +# Copyright (c) 2021 Bell Canada. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at + +# http://www.apache.org/licenses/LICENSE-2.0 + +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +*/}} + +{{ include "common.ingress" . }} diff --git a/kubernetes/cps/components/cps-temporal/templates/secrets.yaml b/kubernetes/cps/components/cps-temporal/templates/secrets.yaml new file mode 100644 index 0000000000..2a492061a3 --- /dev/null +++ b/kubernetes/cps/components/cps-temporal/templates/secrets.yaml @@ -0,0 +1,22 @@ +{{/* +# ============LICENSE_START======================================================= +# Copyright (c) 2021 Bell Canada. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at + +# http://www.apache.org/licenses/LICENSE-2.0 + + +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +*/}} + +{{ include "common.secretFast" . }} diff --git a/kubernetes/cps/components/cps-temporal/templates/service.yaml b/kubernetes/cps/components/cps-temporal/templates/service.yaml new file mode 100644 index 0000000000..c205ff4889 --- /dev/null +++ b/kubernetes/cps/components/cps-temporal/templates/service.yaml @@ -0,0 +1,21 @@ +{{/* +# ============LICENSE_START======================================================= +# Copyright (c) 2021 Bell Canada. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at + +# http://www.apache.org/licenses/LICENSE-2.0 + +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +*/}} + +{{ include "common.service" . }} diff --git a/kubernetes/cps/components/cps-temporal/templates/serviceMonitor.yaml b/kubernetes/cps/components/cps-temporal/templates/serviceMonitor.yaml new file mode 100644 index 0000000000..a49a662aed --- /dev/null +++ b/kubernetes/cps/components/cps-temporal/templates/serviceMonitor.yaml @@ -0,0 +1,23 @@ +{{/* +# ============LICENSE_START======================================================= +# Copyright (c) 2021 Bell Canada +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at + +# http://www.apache.org/licenses/LICENSE-2.0 + +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +*/}} + +{{- if .Values.prometheus.enabled }} +{{ include "common.serviceMonitor" . }} +{{- end }}
\ No newline at end of file diff --git a/kubernetes/cps/components/cps-temporal/values.yaml b/kubernetes/cps/components/cps-temporal/values.yaml new file mode 100644 index 0000000000..1b8c3e1cf0 --- /dev/null +++ b/kubernetes/cps/components/cps-temporal/values.yaml @@ -0,0 +1,185 @@ +# ============LICENSE_START======================================================= +# Copyright (c) 2021 Bell Canada. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at + +# http://www.apache.org/licenses/LICENSE-2.0 + +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +################################################################# +# Global configuration defaults. +################################################################# +passwordStrengthOverride: basic +global: + ingress: + virtualhost: + baseurl: "simpledemo.temporal.onap.org" + +secrets: + - uid: pg-user-creds + name: &pgUserCredsSecretName '{{ include "common.release" . }}-cps-temporal-pg-user-creds' + type: basicAuth + externalSecret: '{{ ternary "" (tpl (default "" .Values.timescaledb.config.pgUserExternalSecret) .) (hasSuffix "cps-temporal-pg-user-creds" .Values.timescaledb.config.pgUserExternalSecret) }}' + login: '{{ .Values.timescaledb.config.pgUserName }}' + password: '{{ .Values.timescaledb.config.pgUserPassword }}' + passwordPolicy: generate + - uid: app-user-creds + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.config.appUserExternalSecret) . }}' + login: '{{ .Values.config.appUserName }}' + password: '{{ .Values.config.appUserPassword }}' + passwordPolicy: generate + +image: onap/cps-temporal:0.0.1 +containerPort: &svc_port 8080 +managementPort: &mgt_port 8081 + +prometheus: + enabled: true + +service: + type: ClusterIP + name: cps-temporal + ports: + - name: http + port: *svc_port + targetPort: *svc_port + - name: management + port: *mgt_port + targetPort: *mgt_port + +metrics: + serviceMonitor: + enabled: true + port: management + ## specify target port if name is not given to the port in the service definition + ## + # targetPort: 8080 + path: /manage/prometheus + interval: 60s + basicAuth: + enabled: false + +pullPolicy: IfNotPresent +# flag to enable debugging - application support required +debugEnabled: false +nodeSelector: {} +affinity: {} +# Resource Limit flavor -By Default using small +flavor: small +# default number of instances +replicaCount: 1 +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 2 + memory: 2Gi + requests: + cpu: 1 + memory: 1Gi + large: + limits: + cpu: 4 + memory: 4Gi + requests: + cpu: 2 + memory: 2Gi + unlimited: {} +# probe configuration parameters +liveness: + initialDelaySeconds: 20 + periodSeconds: 20 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + path: /manage/health + port: *mgt_port + +readiness: + initialDelaySeconds: 15 + periodSeconds: 15 + path: /manage/health + port: *mgt_port + +ingress: + enabled: true + service: + - baseaddr: "cps-temporal" + path: "/" + name: "cps-temporal" + port: *svc_port + +serviceAccount: + nameOverride: cps-temporal + roles: + - read + +securityContext: + user_id: 100 + group_id: 655533 + +################################################################# +# Application configuration defaults. +################################################################# + +config: + # REST API basic authentication credentials (passsword is generated if not provided) + appUserName: cpstemporal + spring: + profile: helm + #appUserPassword: + +# Any new property can be added in the env by setting in overrides in the format mentioned below +# All the added properties must be in "key: value" format instead of yaml. +# additional: +# spring.config.max-size: 200 +# spring.config.min-size: 10 + + kafka: + service: message-router-kafka + port: 9092 + listenerTopic: cps.cfg-state-events + consumerGroupId: cps-temporal-group + protocol: PLAINTEXT + +logging: + level: INFO + path: /tmp + +timescaledb: + nameOverride: cps-temporal-db + container: + name: cps-temporal-db + name: cpstemporaldb + service: + name: cps-temporal-db + persistence: + mountSubPath: cps-temporal/data + mountInitPath: cps-temporal + config: + pgUserName: cpstemporaldb + pgDatabase: cpstemporaldb + pgUserExternalSecret: *pgUserCredsSecretName + serviceAccount: + nameOverride: cps-temporal-db + +readinessCheck: + wait_for: + - cps-temporal-db + +minReadySeconds: 10 +updateStrategy: + type: RollingUpdate + maxUnavailable: 0 + maxSurge: 1
\ No newline at end of file diff --git a/kubernetes/cps/components/ncmp-dmi-plugin/.helmignore b/kubernetes/cps/components/ncmp-dmi-plugin/.helmignore new file mode 100644 index 0000000000..80b47d2723 --- /dev/null +++ b/kubernetes/cps/components/ncmp-dmi-plugin/.helmignore @@ -0,0 +1,22 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj +components/
\ No newline at end of file diff --git a/kubernetes/cps/components/ncmp-dmi-plugin/Chart.yaml b/kubernetes/cps/components/ncmp-dmi-plugin/Chart.yaml new file mode 100644 index 0000000000..e99111d859 --- /dev/null +++ b/kubernetes/cps/components/ncmp-dmi-plugin/Chart.yaml @@ -0,0 +1,22 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2021 Nordix Foundation +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +apiVersion: v1 +description: ONAP Configuration Persistance Service (CPS) - NCMP-DMI-Plugin +name: ncmp-dmi-plugin +version: 8.0.0 diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-topology/requirements.yaml b/kubernetes/cps/components/ncmp-dmi-plugin/requirements.yaml index 2159c5f3a8..d1fbdd3182 100644 --- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-topology/requirements.yaml +++ b/kubernetes/cps/components/ncmp-dmi-plugin/requirements.yaml @@ -1,5 +1,6 @@ -# Copyright (C) 2020 Wipro Limited. -# +# ============LICENSE_START======================================================= +# Copyright (C) 2021 Nordix Foundation +# ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,14 +12,20 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= dependencies: - name: common version: ~8.x-0 repository: '@local' - - name: certInitializer + - name: readinessCheck version: ~8.x-0 repository: '@local' - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local'
\ No newline at end of file diff --git a/kubernetes/cps/components/ncmp-dmi-plugin/resources/config/application-helm.yml b/kubernetes/cps/components/ncmp-dmi-plugin/resources/config/application-helm.yml new file mode 100644 index 0000000000..d388823f9e --- /dev/null +++ b/kubernetes/cps/components/ncmp-dmi-plugin/resources/config/application-helm.yml @@ -0,0 +1,57 @@ +{{/* +# ============LICENSE_START======================================================= +# Copyright (C) 2021 Nordix Foundation +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +*/}} + +server: + port: 8080 + +cps-core: + baseUrl: http://${CPS_CORE_HOST:cps}:${CPS_CORE_PORT:8080} + dmiRegistrationUrl : /cps-ncmp/api/ncmp-dmi/v1/ch + auth: + username: ${CPS_CORE_USERNAME} + password: ${CPS_CORE_PASSWORD} + +sdnc: + baseUrl: http://${SDNC_HOST:sdnc}:${SDNC_PORT:8181} + topologyId: ${SDNC_TOPOLOGY_ID:topology-netconf} + auth: + username: ${SDNC_USERNAME} + password: ${SDNC_PASSWORD} + +security: + # comma-separated uri patterns which do not require authorization + permit-uri: /manage/**,/swagger-ui/**,/swagger-resources/**,/v3/api-docs + auth: + username: ${DMI_PLUGIN_USERNAME} + password: ${DMI_PLUGIN_PASSWORD} + +logging: + level: + org: + springframework: {{ .Values.logging.level }} + onap: + cps: {{ .Values.logging.cps }} + + +{{- if .Values.config.additional }} +{{ toYaml .Values.config.additional | nindent 2 }} +{{- end }} + +# Last empty line is required otherwise the last property will be missing from application.yml file in the pod. diff --git a/kubernetes/cps/components/ncmp-dmi-plugin/resources/config/logback.xml b/kubernetes/cps/components/ncmp-dmi-plugin/resources/config/logback.xml new file mode 100644 index 0000000000..2a62c86e77 --- /dev/null +++ b/kubernetes/cps/components/ncmp-dmi-plugin/resources/config/logback.xml @@ -0,0 +1,36 @@ +<!-- + ============LICENSE_START======================================================= + Copyright (C) 2021 Nordix Foundation + ================================================================================ + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + SPDX-License-Identifier: Apache-2.0 + ============LICENSE_END========================================================= +--> + +<configuration scan="true" scanPeriod="30 seconds" debug="false"> + + <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> + <encoder> + <pattern>%d - %highlight(%-5level) [%-20.20thread] %cyan(%logger{36}) - %msg%n</pattern> + </encoder> + </appender> + <appender name="AsyncSysOut" class="ch.qos.logback.classic.AsyncAppender"> + <appender-ref ref="STDOUT" /> + </appender> + + <root level="INFO"> + <appender-ref ref="AsyncSysOut" /> + </root> + +</configuration> + diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-topology/templates/NOTES.txt b/kubernetes/cps/components/ncmp-dmi-plugin/templates/NOTES.txt index 1103affff1..66f5302a11 100644 --- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-topology/templates/NOTES.txt +++ b/kubernetes/cps/components/ncmp-dmi-plugin/templates/NOTES.txt @@ -1,5 +1,6 @@ -# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. -# +# ============LICENSE_START======================================================= +# Copyright (C) 2021 Nordix Foundation +# ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -11,22 +12,28 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + 1. Get the application URL by running these commands: {{- if .Values.ingress.enabled }} {{- range .Values.ingress.hosts }} http://{{ . }} {{- end }} {{- else if contains "NodePort" .Values.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.fullname" . }}) export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") echo http://$NODE_IP:$NODE_PORT {{- else if contains "LoadBalancer" .Values.service.type }} NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - echo http://$SERVICE_IP:{{ .Values.service.externalPort }} + You can watch the status of by running 'kubectl get svc -w {{ include "common.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + export SERVICE_PORT=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.fullname" . }} -o jsonpath='{.spec.ports[0].port}') + echo http://$SERVICE_IP:$SERVICE_PORT {{- else if contains "ClusterIP" .Values.service.type }} export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export POD_PORT=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].spec.containers[0].ports[0].containerPort}") echo "Visit http://127.0.0.1:8080 to use your application" - kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} + kubectl port-forward $POD_NAME 8080:$POD_PORT {{- end }} diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/templates/configmap.yaml b/kubernetes/cps/components/ncmp-dmi-plugin/templates/configmap.yaml index 69614344fc..7e8a0058ec 100644 --- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/templates/configmap.yaml +++ b/kubernetes/cps/components/ncmp-dmi-plugin/templates/configmap.yaml @@ -1,6 +1,7 @@ {{/* -# Copyright © 2018 AT&T -# +# ============LICENSE_START======================================================= +# Copyright (C) 2021 Nordix Foundation +# ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -12,17 +13,12 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= */}} apiVersion: v1 kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} +metadata: {{- include "common.resourceMetadata" . | nindent 2 }} +data: {{ tpl (.Files.Glob "resources/config/*").AsConfig . | nindent 2 }} diff --git a/kubernetes/cps/components/ncmp-dmi-plugin/templates/deployment.yaml b/kubernetes/cps/components/ncmp-dmi-plugin/templates/deployment.yaml new file mode 100644 index 0000000000..d2fd5c9c49 --- /dev/null +++ b/kubernetes/cps/components/ncmp-dmi-plugin/templates/deployment.yaml @@ -0,0 +1,119 @@ +{{/* +# ============LICENSE_START======================================================= +# Copyright (C) 2021 Nordix Foundation +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +*/}} + +apiVersion: apps/v1 +kind: Deployment +metadata: {{- include "common.resourceMetadata" . | nindent 2 }} +spec: + replicas: {{ .Values.replicaCount }} + selector: {{- include "common.selectors" . | nindent 4 }} + template: + metadata: + labels: + app.kubernetes.io/name: {{ include "common.name" . }} + app.kubernetes.io/instance: {{ include "common.release" . }} + {{- if .Values.prometheus.enabled }} + annotations: + prometheus.io/scrape: "true" + prometheus.io/path: 'manage/prometheus' + prometheus.io/port: {{ .Values.managementPort | quote }} + {{- end }} + spec: + {{ include "common.podSecurityContext" . | indent 6 | trim}} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . ) }} + initContainers: {{ include "common.readinessCheck.waitFor" . | nindent 6 }} + - name: {{ include "common.name" . }}-update-config + image: {{ include "repositoryGenerator.image.envsubst" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - sh + args: + - -c + - "cd /config-input && for PFILE in `find . -not -type d | grep -v -F ..`; do envsubst <${PFILE} >/config/${PFILE}; done" + env: + - name: DMI_PLUGIN_USERNAME + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "user-creds" "key" "login") | indent 12 }} + - name: DMI_PLUGIN_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "user-creds" "key" "password") | indent 12 }} + - name: SDNC_USERNAME + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "sdnc-creds" "key" "login") | indent 12 }} + - name: SDNC_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "sdnc-creds" "key" "password") | indent 12 }} + - name: CPS_CORE_USERNAME + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "core-creds" "key" "login") | indent 12 }} + - name: CPS_CORE_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "core-creds" "key" "password") | indent 12 }} + volumeMounts: + - mountPath: /config-input + name: init-data-input + - mountPath: /config + name: init-data + containers: + - name: {{ include "common.name" . }} + image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: {{ include "common.containerPorts" . | nindent 10 }} + {{ include "common.containerSecurityContext" . | indent 8 | trim }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + httpGet: + port: {{ .Values.liveness.port }} + path: {{ .Values.liveness.path }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + httpGet: + port: {{ .Values.readiness.port }} + path: {{ .Values.readiness.path }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + env: + - name: SPRING_PROFILES_ACTIVE + value: {{ .Values.config.spring.profile }} + resources: {{ include "common.resources" . | nindent 10 }} + {{- if .Values.nodeSelector }} + nodeSelector: {{ toYaml .Values.nodeSelector | nindent 12 }} + {{- end }} + {{- if .Values.affinity }} + affinity: {{ toYaml .Values.affinity | nindent 12 }} + {{- end }} + volumeMounts: + - mountPath: /app/resources/application-helm.yml + subPath: application-helm.yml + name: init-data + - mountPath: /app/resources/logback.xml + subPath: logback.xml + name: init-data + - mountPath: /tmp + name: init-temp + volumes: + - name: init-data-input + configMap: + name: {{ include "common.fullname" . }} + - name: init-data + emptyDir: + medium: Memory + - name: init-temp + emptyDir: {} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/esr/requirements.yaml b/kubernetes/cps/components/ncmp-dmi-plugin/templates/ingress.yaml index a2bf902284..b3d1cafe15 100644 --- a/kubernetes/esr/requirements.yaml +++ b/kubernetes/cps/components/ncmp-dmi-plugin/templates/ingress.yaml @@ -1,6 +1,7 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T -# +{{/* +# ============LICENSE_START======================================================= +# Copyright (C) 2021 Nordix Foundation +# ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -12,12 +13,9 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +*/}} -dependencies: - - name: esr-gui - version: ~8.x-0 - repository: 'file://components/esr-gui' - condition: esr-gui.enabled - - name: esr-server - version: ~8.x-0 - repository: 'file://components/esr-server' +{{ include "common.ingress" . }} diff --git a/kubernetes/cps/components/ncmp-dmi-plugin/templates/secrets.yaml b/kubernetes/cps/components/ncmp-dmi-plugin/templates/secrets.yaml new file mode 100644 index 0000000000..84e279d928 --- /dev/null +++ b/kubernetes/cps/components/ncmp-dmi-plugin/templates/secrets.yaml @@ -0,0 +1,21 @@ +{{/* +# ============LICENSE_START======================================================= +# Copyright (C) 2021 Nordix Foundation +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +*/}} + +{{ include "common.secretFast" . }} diff --git a/kubernetes/cps/components/ncmp-dmi-plugin/templates/service.yaml b/kubernetes/cps/components/ncmp-dmi-plugin/templates/service.yaml new file mode 100644 index 0000000000..4825d55c12 --- /dev/null +++ b/kubernetes/cps/components/ncmp-dmi-plugin/templates/service.yaml @@ -0,0 +1,21 @@ +{{/* +# ============LICENSE_START======================================================= +# Copyright (C) 2021 Nordix Foundation +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +*/}} + +{{ include "common.service" . }} diff --git a/kubernetes/cps/components/ncmp-dmi-plugin/values.yaml b/kubernetes/cps/components/ncmp-dmi-plugin/values.yaml new file mode 100644 index 0000000000..390a545cd2 --- /dev/null +++ b/kubernetes/cps/components/ncmp-dmi-plugin/values.yaml @@ -0,0 +1,157 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2021 Nordix Foundation +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +################################################################# +# Secrets. +################################################################# +secrets: + - uid: user-creds + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.config.appUserExternalSecret) . }}' + login: '{{ .Values.config.appUserName }}' + password: '{{ .Values.config.appUserPassword }}' + passwordPolicy: generate + - uid: sdnc-creds + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.config.odlCredsExternalSecret) . }}' + login: '{{ .Values.config.sdncUser }}' + password: '{{ .Values.config.sdncPassword }}' + passwordPolicy: required + - uid: core-creds + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.config.coreCredsExternalSecret) . }}' + login: '{{ .Values.config.coreUser }}' + password: '{{ .Values.config.corePassword }}' + passwordPolicy: generate + +################################################################# +# Global configuration defaults. +################################################################# +global: + ingress: + virtualhost: + baseurl: "simpledemo.onap.org" + +image: onap/ncmp-dmi-plugin:0.0.1 +containerPort: &svc_port 8080 +managementPort: &mgt_port 8081 + +prometheus: + enabled: true + interval: 60s + +service: + type: ClusterIP + name: ncmp-dmi-plugin + ports: + - name: &port http + port: *svc_port + - name: management + port: *mgt_port + targetPort: *mgt_port + +pullPolicy: IfNotPresent +# flag to enable debugging - application support required +debugEnabled: false +nodeSelector: {} +affinity: {} +# Resource Limit flavor -By Default using small +flavor: small +# default number of instances +replicaCount: 1 +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 2 + memory: 2Gi + requests: + cpu: 1 + memory: 1Gi + large: + limits: + cpu: 4 + memory: 4Gi + requests: + cpu: 2 + memory: 2Gi + unlimited: {} +# probe configuration parameters +liveness: + initialDelaySeconds: 20 + periodSeconds: 20 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + path: /manage/health + port: *mgt_port + +readiness: + initialDelaySeconds: 15 + periodSeconds: 15 + path: /manage/health + port: *mgt_port + +ingress: + enabled: true + service: + - baseaddr: "ncmp-dmi-plugin" + path: "/" + name: "ncmp-dmi-plugin" + port: *svc_port + +serviceAccount: + nameOverride: ncmp-dmi-plugin + roles: + - read + +securityContext: + user_id: 100 + group_id: 655533 + +################################################################# +# Application configuration defaults. +################################################################# + +config: + + # REST API basic authentication credentials (passsword is generated if not provided) + appUserName: ncmpuser + spring: + profile: helm + #appUserPassword: + + sdncUser: admin + sdncPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U + + coreUser: cpsuser + +# Any new property can be added in the env by setting in overrides in the format mentioned below +# All the added properties must be in "key: value" format insead of yaml. +# additional: +# spring.config.max-size: 200 +# spring.config.min-size: 10 + +logging: + level: INFO + cps: DEBUG + path: /tmp + +readinessCheck: + wait_for: + - cps-postgres diff --git a/kubernetes/cps/requirements.yaml b/kubernetes/cps/requirements.yaml index d6b6712852..053723331a 100644 --- a/kubernetes/cps/requirements.yaml +++ b/kubernetes/cps/requirements.yaml @@ -1,4 +1,4 @@ -# Copyright (C) 2021 Pantheon.tech, Orange +# Copyright (C) 2021 Bell Canada. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -16,15 +16,15 @@ dependencies: - name: common version: ~8.x-0 repository: '@local' - - name: postgres + - name: cps-core version: ~8.x-0 repository: '@local' - - name: readinessCheck + condition: cps-core.enabled + - name: cps-temporal version: ~8.x-0 repository: '@local' - - name: repositoryGenerator - version: ~8.x-0 - repository: '@local' - - name: serviceAccount + condition: cps-temporal.enabled + - name: ncmp-dmi-plugin version: ~8.x-0 repository: '@local' + condition: ncmp-dmi-plugin.enabled
\ No newline at end of file diff --git a/kubernetes/cps/templates/secrets.yaml b/kubernetes/cps/templates/secrets.yaml index f25044d339..84e279d928 100644 --- a/kubernetes/cps/templates/secrets.yaml +++ b/kubernetes/cps/templates/secrets.yaml @@ -1,6 +1,7 @@ {{/* -# Copyright (C) 2021 Pantheon.tech -# +# ============LICENSE_START======================================================= +# Copyright (C) 2021 Nordix Foundation +# ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -12,6 +13,9 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= */}} {{ include "common.secretFast" . }} diff --git a/kubernetes/cps/templates/service.yaml b/kubernetes/cps/templates/service.yaml deleted file mode 100644 index bfcaabc178..0000000000 --- a/kubernetes/cps/templates/service.yaml +++ /dev/null @@ -1,17 +0,0 @@ -{{/* - # Copyright (C) 2021 Pantheon.tech, Orange - # - # Licensed under the Apache License, Version 2.0 (the "License"); - # you may not use this file except in compliance with the License. - # You may obtain a copy of the License at - # - # http://www.apache.org/licenses/LICENSE-2.0 - # - # Unless required by applicable law or agreed to in writing, software - # distributed under the License is distributed on an "AS IS" BASIS, - # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - # See the License for the specific language governing permissions and - # limitations under the License. - */}} - -{{ include "common.service" . }} diff --git a/kubernetes/cps/values.yaml b/kubernetes/cps/values.yaml index 2312a4994d..cda726d0d3 100755 --- a/kubernetes/cps/values.yaml +++ b/kubernetes/cps/values.yaml @@ -1,4 +1,4 @@ -# Copyright (C) 2021 Pantheon.tech, Orange, Bell Canada. +# Copyright (C) 2021 Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,156 +13,36 @@ # limitations under the License. ################################################################# -# Secrets. +# Global configuration defaults. ################################################################# secrets: - - uid: pg-root-pass - name: &pgRootPassSecretName '{{ include "common.release" . }}-cps-pg-root-pass' - type: password - externalSecret: '{{ ternary "" (tpl (default "" .Values.postgres.config.pgRootPasswordExternalSecret) .) (hasSuffix "cps-pg-root-pass" .Values.postgres.config.pgRootPasswordExternalSecret) }}' - password: '{{ .Values.postgres.config.pgRootpassword }}' - policy: generate - - uid: pg-user-creds - name: &pgUserCredsSecretName '{{ include "common.release" . }}-cps-pg-user-creds' - type: basicAuth - externalSecret: '{{ ternary "" (tpl (default "" .Values.postgres.config.pgUserExternalSecret) .) (hasSuffix "cps-pg-user-creds" .Values.postgres.config.pgUserExternalSecret) }}' - login: '{{ .Values.postgres.config.pgUserName }}' - password: '{{ .Values.postgres.config.pgUserPassword }}' - passwordPolicy: generate - - uid: app-user-creds + - uid: core-app-user-creds + name: &core-creds-secret '{{ include "common.release" . }}-cps-core-app-user-creds' type: basicAuth - externalSecret: '{{ tpl (default "" .Values.config.appUserExternalSecret) . }}' - login: '{{ .Values.config.appUserName }}' - password: '{{ .Values.config.appUserPassword }}' + externalSecret: '{{ tpl (default "" .Values.config.coreUserExternalSecret) . }}' + login: '{{ .Values.config.coreUserName }}' + password: '{{ .Values.config.coreUserPassword }}' passwordPolicy: generate -################################################################# -# Global configuration defaults. -################################################################# - -# bitnami image doesn't support well single quote in password passwordStrengthOverride: basic global: ingress: virtualhost: baseurl: "simpledemo.onap.org" -image: onap/cps-and-nf-proxy:1.0.1 -containerPort: &svc_port 8080 - -service: - type: ClusterIP - name: cps - ports: - - name: &port http - port: *svc_port +config: + coreUserName: cpsuser -pullPolicy: Always -# flag to enable debugging - application support required -debugEnabled: false -nodeSelector: {} -affinity: {} -# Resource Limit flavor -By Default using small -flavor: small -# default number of instances -replicaCount: 1 -# Segregation for Different environment (Small and Large) -resources: - small: - limits: - cpu: 2 - memory: 2Gi - requests: - cpu: 1 - memory: 1Gi - large: - limits: - cpu: 4 - memory: 4Gi - requests: - cpu: 2 - memory: 2Gi - unlimited: {} -# probe configuration parameters -liveness: - initialDelaySeconds: 20 - periodSeconds: 20 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container +# Enable all CPS components by default +cps-core: enabled: true - path: /manage/health - port: *port - -readiness: - initialDelaySeconds: 15 - periodSeconds: 15 - path: /manage/health - port: *port + config: + appUserExternalSecret: *core-creds-secret -ingress: +cps-temporal: enabled: true - service: - - baseaddr: "cps" - path: "/" - name: "cps" - port: *svc_port - -serviceAccount: - nameOverride: cps - roles: - - read - -securityContext: - user_id: 100 - group_id: 655533 -################################################################# -# Application configuration defaults. -################################################################# - -config: - - # Set it for pre loading xnfdata, else set to null - liquibaseLabels: xnf-data-preload - - # REST API basic authentication credentials (passsword is generated if not provided) - appUserName: cpsuser - spring: - profile: helm - #appUserPassword: - -# Any new property can be added in the env by setting in overrides in the format mentioned below -# All the added properties must be in "key: value" format insead of yaml. -# additional: -# spring.config.max-size: 200 -# spring.config.min-size: 10 - -logging: - level: INFO - path: /tmp - -################################################################# -# Postgres overriding defaults in the postgres -################################################################# -postgres: - nameOverride: &postgresName cps-postgres - service: - name: *postgresName - name2: cps-pg-primary - name3: cps-pg-replica - container: - name: - primary: cps-pg-primary - replica: cps-pg-replica - persistence: - mountSubPath: cps/data - mountInitPath: cps +ncmp-dmi-plugin: + enabled: true config: - pgUserName: cps - pgDatabase: cpsdb - pgUserExternalSecret: *pgUserCredsSecretName - pgRootPasswordExternalSecret: *pgRootPassSecretName - -readinessCheck: - wait_for: - - cps-postgres + coreCredsExternalSecret: *core-creds-secret diff --git a/kubernetes/dcaegen2-services/.helmignore b/kubernetes/dcaegen2-services/.helmignore index 50af031725..301d5b7d9e 100644 --- a/kubernetes/dcaegen2-services/.helmignore +++ b/kubernetes/dcaegen2-services/.helmignore @@ -20,3 +20,4 @@ .idea/ *.tmproj .vscode/ +components/ diff --git a/kubernetes/dcaegen2-services/common/Makefile b/kubernetes/dcaegen2-services/common/Makefile index 4a6491d8cc..db8704c2ca 100644 --- a/kubernetes/dcaegen2-services/common/Makefile +++ b/kubernetes/dcaegen2-services/common/Makefile @@ -22,11 +22,18 @@ HELM_REPO := local EXCLUDES := HELM_BIN := helm +# Helm v2 and helm v3 uses different version format so we first try in helm v3 format +# and if it fails then we fallback to helm v2 one +HELM_VER := $(shell $(HELM_BIN) version --template "{{.Version}}" 2>/dev/null) +ifneq "$(findstring v3,$(HELM_VER))" "v3" + HELM_VER := $(shell $(HELM_BIN) version -c --template "{{.Client.SemVer}}") +endif + HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.)))) .PHONY: $(EXCLUDES) $(HELM_CHARTS) -all: $(HELM_CHARTS) +all: $(HELM_CHARTS) helm-repo-update $(HELM_CHARTS): @echo "\n[$@]" @@ -50,5 +57,11 @@ clean: @rm -f */requirements.lock @rm -f *tgz */charts/*tgz @rm -rf $(PACKAGE_DIR) + +helm-repo-update: +ifeq "$(findstring v3,$(HELM_VER))" "v3" + @$(HELM_BIN) repo update +endif + %: @: diff --git a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_configmap.tpl b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_configmap.tpl index 46f52b805e..5313b0782a 100644 --- a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_configmap.tpl +++ b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_configmap.tpl @@ -2,6 +2,7 @@ # Copyright © 2017 Amdocs, Bell Canada # Modifications Copyright © 2019 AT&T # Copyright (c) 2021 J. F. Lucas. All rights reserved. +# Copyright (c) 2021 Nordix Foundation. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -40,6 +41,7 @@ information for the logging sidecar. */}} {{- define "dcaegen2-services-common.configMap" -}} +{{- $appConf := .Values.applicationConfig | default (dict) -}} apiVersion: v1 kind: ConfigMap metadata: @@ -48,7 +50,7 @@ metadata: labels: {{ include "common.labels" . | nindent 6 }} data: application_config.yaml: | -{{ .Values.applicationConfig | toYaml | indent 4 }} +{{ $appConf | toYaml | indent 4 }} {{- if .Values.logDirectory }} --- @@ -62,4 +64,64 @@ data: filebeat.yml: |- {{ include "dcaegen2-services-common.filebeatConfiguration" . | indent 4 }} {{- end }} + +{{- if .Values.drFeedConfig }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-feeds-config + namespace: {{ include "common.namespace" . }} + labels: {{ include "common.labels" . | nindent 6 }} +data: + {{- range $i, $feed := .Values.drFeedConfig }} + feedConfig-{{$i}}.json: |- + {{ $feed | toJson | indent 2 }} + {{- end }} +{{- end }} + +{{- if .Values.drPubConfig }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-drpub-config + namespace: {{ include "common.namespace" . }} + labels: {{ include "common.labels" . | nindent 6 }} +data: + {{- range $i, $drpub := .Values.drPubConfig }} + drpubConfig-{{$i}}.json: |- + {{ $drpub | toJson | indent 2 }} + {{- end }} +{{- end }} + +{{- if .Values.drSubConfig }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-drsub-config + namespace: {{ include "common.namespace" . }} + labels: {{ include "common.labels" . | nindent 6 }} +data: + {{- range $i, $drsub := .Values.drSubConfig }} + drsubConfig-{{$i}}.json: |- + {{ $drsub | toJson | indent 2 }} + {{- end }} +{{- end }} + +{{- if .Values.mrTopicsConfig }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-topics-config + namespace: {{ include "common.namespace" . }} + labels: {{ include "common.labels" . | nindent 6 }} +data: + {{- range $i, $topics := .Values.mrTopicsConfig }} + topicsConfig-{{$i}}.json: |- + {{ $topics | toJson | indent 2 }} + {{- end }} +{{- end }} {{- end }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl index 328a4c625f..8738b1099e 100644 --- a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl +++ b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl @@ -4,6 +4,7 @@ # Copyright (c) 2021 J. F. Lucas. All rights reserved. # Copyright (c) 2021 AT&T Intellectual Property. All rights reserved. # Copyright (c) 2021 Nokia. All rights reserved. +# Copyright (c) 2021 Nordix Foundation. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -79,7 +80,7 @@ to give the microservice access to data in volumes created else. This initial implementation supports ConfigMaps only, as this is the only external volume mounting required by current microservices. -.Values.externalValues is a list of objects. Each object has 3 required fields and 1 optional field: +.Values.externalVolumes is a list of objects. Each object has 3 required fields and 2 optional fields: - name: the name of the resource (in the current implementation, it must be a ConfigMap) that is to be set up as a volume. The value is a case sensitive string. Because the names of resources are sometimes set at deployment time (for instance, to prefix the Helm @@ -91,6 +92,11 @@ external volume mounting required by current microservices. value is a case-sensitive string. - readOnly: (Optional) Boolean flag. Set to true to mount the volume as read-only. Defaults to false. + - optional: (Optional) Boolean flag. Set to true to make the configMap optional (i.e., to allow the + microservice's pod to start even if the configMap doesn't exist). If set to false, the configMap must + be present in order for the microservice's pod to start. Defaults to true. (Note that this + default is the opposite of the Kubernetes default. We've done this to be consistent with the behavior + of the DCAE Cloudify plugin for Kubernetes [k8splugin], which always set "optional" to true.) Here is an example fragment from a values.yaml file for a microservice: @@ -101,16 +107,19 @@ externalVolumes: - name: '{{ include "common.release" . }}-another-example' type: configmap mountPath: /opt/app/otherconfig + optional: false */}} {{- define "dcaegen2-services-common._externalVolumes" -}} {{- $global := . -}} {{- if .Values.externalVolumes }} {{- range $vol := .Values.externalVolumes }} {{- if eq (lower $vol.type) "configmap" }} - {{- $vname := (tpl $vol.name $global) }} + {{- $vname := (tpl $vol.name $global) -}} + {{- $opt := hasKey $vol "optional" | ternary $vol.optional true }} - configMap: defaultMode: 420 name: {{ $vname }} + optional: {{ $opt }} name: {{ $vname }} {{- end }} {{- end }} @@ -198,14 +207,28 @@ The sidecar is included if .Values.policies is set. The Policy-sync sidecar polls PolicyEngine (PDP) periodically based on .Values.policies.duration and configuration retrieved is shared with DCAE Microservice container by common volume. Policy can be retrieved based on -list of policyID or filter +list of policyID or filter. An optional policyRelease parameter can be specified +to override the default policy helm release (used for retreiving the secret containing +pdp username and password) + +Following is example policy config override + +dcaePolicySyncImage: onap/org.onap.dcaegen2.deployments.dcae-services-policy-sync:1.0.1 +policies: + duration: 300 + policyRelease: "onap" + policyID: | + '["onap.vfirewall.tca","onap.vdns.tca"]' */}} {{- define "dcaegen2-services-common.microserviceDeployment" -}} {{- $logDir := default "" .Values.logDirectory -}} {{- $certDir := default "" .Values.certDirectory . -}} {{- $tlsServer := default "" .Values.tlsServer -}} -{{- $policy := default "" .Values.policies -}} +{{- $commonRelease := print (include "common.release" .) -}} +{{- $policy := default dict .Values.policies -}} +{{- $policyRls := default $commonRelease $policy.policyRelease -}} +{{- $drFeedConfig := default "" .Values.drFeedConfig -}} apiVersion: apps/v1 kind: Deployment @@ -217,6 +240,7 @@ spec: metadata: {{- include "common.templateMetadata" . | nindent 6 }} spec: initContainers: + {{- if not $drFeedConfig }} - command: - sh args: @@ -239,8 +263,9 @@ spec: image: {{ include "repositoryGenerator.image.envsubst" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }}-update-config - + {{- end }} {{ include "common.readinessCheck.waitFor" . | indent 6 | trim }} + {{- include "common.dmaap.provisioning.initContainer" . | nindent 6 }} - name: init-consul image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.consulLoaderImage }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} @@ -372,12 +397,12 @@ spec: - name: POLICY_SYNC_PDP_USER valueFrom: secretKeyRef: - name: onap-policy-xacml-pdp-api-creds + name: {{ $policyRls }}-policy-xacml-pdp-api-creds key: login - name: POLICY_SYNC_PDP_PASS valueFrom: secretKeyRef: - name: onap-policy-xacml-pdp-api-creds + name: {{ $policyRls }}-policy-xacml-pdp-api-creds key: password - name: POLICY_SYNC_PDP_URL value : http{{ if (include "common.needTLS" .) }}s{{ end }}://policy-xacml-pdp:6969 @@ -395,7 +420,7 @@ spec: {{- end -}} {{- if $policy.duration }} - name: POLICY_SYNC_DURATION - value: {{ $policy.duration }} + value: "{{ $policy.duration }}" {{- end }} resources: {{ include "common.resources" . | nindent 2 }} volumeMounts: @@ -436,6 +461,7 @@ spec: - name: policy-shared emptyDir: {} {{- end }} + {{- include "common.dmaap.provisioning._volumes" . | nindent 6 -}} {{- include "dcaegen2-services-common._externalVolumes" . | nindent 6 }} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_job.tpl b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_job.tpl index 6d52b2a087..f3c09161cc 100644 --- a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_job.tpl +++ b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_job.tpl @@ -55,7 +55,8 @@ spec: - name: dcae-config-delete image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.consulLoaderImage }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - /opt/app/delete_key.sh args: - - --delete-key - {{ include "common.name" . }} {{ end -}} diff --git a/kubernetes/dcaegen2-services/components/Makefile b/kubernetes/dcaegen2-services/components/Makefile index 98dfb97f8f..284f99de6b 100644 --- a/kubernetes/dcaegen2-services/components/Makefile +++ b/kubernetes/dcaegen2-services/components/Makefile @@ -26,7 +26,7 @@ HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.) .PHONY: $(EXCLUDES) $(HELM_CHARTS) -all: $(HELM_CHARTS) +all: $(HELM_CHARTS) helm-repo-update $(HELM_CHARTS): @echo "\n[$@]" @@ -50,5 +50,11 @@ clean: @rm -f */requirements.lock @rm -f *tgz */charts/*tgz @rm -rf $(PACKAGE_DIR) + +helm-repo-update: +ifeq "$(findstring v3,$(HELM_VER))" "v3" + @$(HELM_BIN) repo update +endif + %: @: diff --git a/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/Chart.yaml new file mode 100644 index 0000000000..a743d62b8f --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/Chart.yaml @@ -0,0 +1,22 @@ +# ================================ LICENSE_START ============================= +# ============================================================================ +# Copyright (c) 2021 AT&T Intellectual Property +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ================================= LICENSE_END ============================== + +apiVersion: v1 +appVersion: "Honolulu" +description: DCAE BBS-EventProcessor Microservice +name: dcae-bbs-eventprocessor-ms +version: 8.0.0
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/requirements.yaml b/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/requirements.yaml new file mode 100644 index 0000000000..c6804b76b4 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/requirements.yaml @@ -0,0 +1,30 @@ +# ================================ LICENSE_START ============================= +# ============================================================================ +# Copyright (c) 2021 AT&T Intellectual Property. All rights reserved. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ================================= LICENSE_END ============================== + +dependencies: + - name: common + version: ~8.x-0 + repository: '@local' + - name: readinessCheck + version: ~8.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~8.x-0 + repository: '@local' + - name: dcaegen2-services-common + version: ~8.x-0 + repository: '@local'
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/templates/configmap.yaml b/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/templates/configmap.yaml new file mode 100644 index 0000000000..a914446c99 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/templates/configmap.yaml @@ -0,0 +1,19 @@ +{{/* +################################################################################ +# Copyright (c) 2021 AT&T Intellectual Property # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ +*/}} + +{{ include "dcaegen2-services-common.configMap" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/templates/deployment.yaml b/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/templates/deployment.yaml new file mode 100644 index 0000000000..0ad66b62a9 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/templates/deployment.yaml @@ -0,0 +1,19 @@ +{{/* +################################################################################ +# Copyright (c) 2021 AT&T Intellectual Property # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ +*/}} + +{{ include "dcaegen2-services-common.microserviceDeployment" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/templates/job.yaml b/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/templates/job.yaml new file mode 100644 index 0000000000..c7722ea098 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/templates/job.yaml @@ -0,0 +1,20 @@ +{{/* +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2021 J. F. Lucas. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +*/}} + +{{ include "dcaegen2-services-common.consulDeleteJob" . }} diff --git a/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/templates/secret.yaml b/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/templates/secret.yaml new file mode 100644 index 0000000000..6b70356ca9 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/templates/secret.yaml @@ -0,0 +1,19 @@ +{{/* +################################################################################ +# Copyright (c) 2021 AT&T Intellectual Property # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ +*/}} + +{{ include "common.secretFast" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/templates/service.yaml b/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/templates/service.yaml new file mode 100644 index 0000000000..cf11d2a0c5 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/templates/service.yaml @@ -0,0 +1,19 @@ +{{/* +################################################################################ +# Copyright (c) 2021 AT&T Intellectual Property # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ +*/}} + +{{ include "common.service" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/values.yaml b/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/values.yaml new file mode 100644 index 0000000000..2eb3e5ae00 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/values.yaml @@ -0,0 +1,201 @@ +# ================================ LICENSE_START ============================= +# ============================================================================ +# Copyright (c) 2021 AT&T Intellectual Property. All rights reserved. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ================================= LICENSE_END ============================== + +################################################################# +# Global Configuration Defaults. +################################################################# +global: + nodePortPrefix: 302 + nodePortPrefixExt: 304 + +################################################################# +# Filebeat Configuration Defaults. +################################################################# +filebeatConfig: + logstashServiceName: log-ls + logstashPort: 5044 + +################################################################# +# Secrets Configuration. +################################################################# +secrets: + - uid: &aafCredsUID aafcreds + type: basicAuth + login: '{{ .Values.aafCreds.identity }}' + password: '{{ .Values.aafCreds.password }}' + passwordPolicy: required + - uid: &aaiCredsUID aaicreds + type: basicAuth + login: '{{ .Values.aaiCreds.username }}' + password: '{{ .Values.aaiCreds.password }}' + passwordPolicy: required + + +################################################################# +# InitContainer Images. +################################################################# +tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 +consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.1 + +################################################################# +# Application Configuration Defaults. +################################################################# +# Application Image +image: onap/org.onap.dcaegen2.services.components.bbs-event-processor:2.1.0 +pullPolicy: Always + +# Log directory where logging sidecar should look for log files +# if absent, no sidecar will be deployed +logDirectory: /opt/app/bbs-event-processor/logs + +# Directory where TLS certs should be stored +# if absent, no certs will be retrieved and stored +certDirectory: /opt/app/bbs-event-processor/etc/cert/ + +# TLS role -- set to true if microservice acts as server +# If true, an init container will retrieve a server cert +# and key from AAF and mount them in certDirectory. +tlsServer: true + +# Dependencies +readinessCheck: + wait_for: + - dcae-config-binding-service + - aaf-cm + +# Probe Configuration +readiness: + initialDelaySeconds: 120 + periodSeconds: 180 + timeoutSeconds: 5 + path: /heartbeat + scheme: HTTP + port: 8100 + + +# Service Configuration +service: + type: ClusterIP + name: dcae-bbs-eventprocessor + ports: + - name: https + port: 8100 + port_protocol: http + +# AAF Credentials +aafCreds: + identity: dcae@dcae.onap.org + password: demo123456! + +# AAI Credentials +aaiCreds: + username: AAI + password: AAI + +credentials: +- name: AAF_USERNAME + uid: *aafCredsUID + key: login +- name: AAF_PASSWORD + uid: *aafCredsUID + key: password +- name: AAI_USERNAME + uid: *aaiCredsUID + key: login +- name: AAI_PASSWORD + uid: *aaiCredsUID + key: password + + +# Initial Application Configuration +applicationConfig: + streams_subscribes: + pnf_reregistration: + type: message_router + aaf_username: ${AAF_USERNAME} + aaf_password: ${AAF_PASSWORD} + dmaap_info: + topic_url: https:message-router:3905/events/unauthenticated.PNF_UPDATE + cpe_authentication: + type: message_router + aaf_username: ${AAF_USERNAME} + aaf_password: ${AAF_PASSWORD} + dmaap_info: + topic_url: https:message-router:3905/events/unauthenticated.CPE_AUTHENTICATION + streams_publishes: + close_loop: + type: message_router + aaf_username: ${AAF_USERNAME} + aaf_password: ${AAF_PASSWORD} + dmaap_info: + topic_url: https:message-router:3905/events/unauthenticated.DCAE_CL_OUTPUT + dmaap.protocol: https + dmaap.contentType: application/json + dmaap.consumer.consumerId: c12 + dmaap.consumer.consumerGroup: OpenDcae-c12 + dmaap.messageLimit: -1 + dmaap.timeoutMs: -1 + aai.host: aai.onap + aai.port: 8443 + aai.protocol: https + aai.username: ${AAI_USERNAME} + aai.password: ${AAF_PASSWORD} + aai.aaiIgnoreSslCertificateErrors: true + application.pipelinesPollingIntervalSec: 25 + application.pipelinesTimeoutSec: 15 + application.cbsPollingIntervalSec: 120 + application.policyVersion: 1.0.0.5 + application.clTargetType: VM + application.clEventStatus: ONSET + application.clVersion: 1.0.2 + application.clTarget: vserver.vserver-name + application.clOriginator: DCAE-BBS-ep + application.reregistration.policyScope: policyScopeReReg + application.reregistration.clControlName: clControlNameReReg + application.cpe.authentication.policyScope: policyScopeCpeAuth + application.cpe.authentication.clControlName: clControlNameCpeAuth + application.reregistration.configKey: pnf_reregistration + application.cpeAuth.configKey: cpe_authentication + application.closeLoop.configKey: close_loop + application.loggingLevel: INFO + application.ssl.keyStorePath: "/opt/app/bbs-event-processor/etc/cert/cert.jks" + application.ssl.keyStorePasswordPath: "/opt/app/bbs-event-processor/etc/cert/jks.pass" + application.ssl.trustStorePath: "/opt/app/bbs-event-processor/etc/cert/trust.jks" + application.ssl.trustStorePasswordPath: "/opt/app/bbs-event-processor/etc/cert/trust.pass" + application.ssl.enableAaiCertAuth: true + application.ssl.enableDmaapCertAuth: true + +# Resource Limit Flavor -By Default Using Small +flavor: small + +# Segregation for Different Environment (Small and Large) +resources: + small: + limits: + cpu: 1 + memory: 1Gi + requests: + cpu: 1 + memory: 1Gi + large: + limits: + cpu: 2 + memory: 2Gi + requests: + cpu: 2 + memory: 2Gi + unlimited: {} diff --git a/kubernetes/dcaegen2-services/components/dcae-datafile-collector/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-datafile-collector/Chart.yaml new file mode 100644 index 0000000000..e7cde04abf --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-datafile-collector/Chart.yaml @@ -0,0 +1,22 @@ +# ================================ LICENSE_START ============================= +# ============================================================================ +# Copyright (C) 2021 Nordix Foundation. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ================================= LICENSE_END ============================== + +apiVersion: v1 +appVersion: "Honolulu" +description: DCAE DataFile Collector Helm charts +name: dcae-datafile-collector +version: 8.0.0
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-datafile-collector/requirements.yaml b/kubernetes/dcaegen2-services/components/dcae-datafile-collector/requirements.yaml new file mode 100644 index 0000000000..9f1600ead3 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-datafile-collector/requirements.yaml @@ -0,0 +1,33 @@ +# ================================ LICENSE_START ============================= +# ============================================================================ +# Copyright (C) 2021 Nordix Foundation. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ================================= LICENSE_END ============================== + +dependencies: + - name: common + version: ~8.x-0 + repository: '@local' + - name: readinessCheck + version: ~8.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~8.x-0 + repository: '@local' + - name: certManagerCertificate + version: ~8.x-0 + repository: '@local' + - name: dcaegen2-services-common + version: ~8.x-0 + repository: '@local'
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-datafile-collector/templates/certificates.yaml b/kubernetes/dcaegen2-services/components/dcae-datafile-collector/templates/certificates.yaml new file mode 100644 index 0000000000..78ae858cec --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-datafile-collector/templates/certificates.yaml @@ -0,0 +1,21 @@ +{{/* +################################################################################ +# Copyright (C) 2021 Nordix Foundation. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ +*/}} + +{{- if (include "dcaegen2-services-common.shouldUseCmpv2Certificates" .) -}} +{{ include "certManagerCertificate.certificate" . }} +{{ end }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-datafile-collector/templates/configmap.yaml b/kubernetes/dcaegen2-services/components/dcae-datafile-collector/templates/configmap.yaml new file mode 100644 index 0000000000..a0cb9a66bd --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-datafile-collector/templates/configmap.yaml @@ -0,0 +1,19 @@ +{{/* +################################################################################ +# Copyright (C) 2021 Nordix Foundation. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ +*/}} + +{{ include "dcaegen2-services-common.configMap" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-datafile-collector/templates/deployment.yaml b/kubernetes/dcaegen2-services/components/dcae-datafile-collector/templates/deployment.yaml new file mode 100644 index 0000000000..d992d5c19c --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-datafile-collector/templates/deployment.yaml @@ -0,0 +1,19 @@ +{{/* +################################################################################ +# Copyright (C) 2021 Nordix Foundation. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ +*/}} + +{{ include "dcaegen2-services-common.microserviceDeployment" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-datafile-collector/templates/job.yaml b/kubernetes/dcaegen2-services/components/dcae-datafile-collector/templates/job.yaml new file mode 100644 index 0000000000..177cc03347 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-datafile-collector/templates/job.yaml @@ -0,0 +1,19 @@ +{{/* +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2021 J. F. Lucas. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +*/}} +{{ include "dcaegen2-services-common.consulDeleteJob" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-datafile-collector/templates/service.yaml b/kubernetes/dcaegen2-services/components/dcae-datafile-collector/templates/service.yaml new file mode 100644 index 0000000000..2de4a8fe0a --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-datafile-collector/templates/service.yaml @@ -0,0 +1,19 @@ +{{/* +################################################################################ +# Copyright (C) 2021 Nordix Foundation. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ +*/}} + +{{ include "common.service" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-datafile-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-datafile-collector/values.yaml new file mode 100644 index 0000000000..be7620733b --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-datafile-collector/values.yaml @@ -0,0 +1,186 @@ +# ================================ LICENSE_START ========================== +# ========================================================================= +# Copyright (C) 2021 Nordix Foundation. +# ========================================================================= +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ================================= LICENSE_END =========================== + +################################################################# +# Global Configuration Defaults. +################################################################# +global: + nodePortPrefix: 302 + nodePortPrefixExt: 304 + +################################################################# +# Filebeat Configuration Defaults. +################################################################# +filebeatConfig: + logstashServiceName: log-ls + logstashPort: 5044 + +################################################################# +# InitContainer Images. +################################################################# +tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 +consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.1 +certPostProcessorImage: onap/org.onap.oom.platform.cert-service.oom-certservice-post-processor:2.4.0 + +################################################################# +# Application Configuration Defaults. +################################################################# +# Application Image +image: onap/org.onap.dcaegen2.collectors.datafile.datafile-app-server:1.6.1 +pullPolicy: Always + +# Log directory where logging sidecar should look for log files +# if absent, no sidecar will be deployed +logDirectory: /var/log/ONAP + +# Directory where TLS certs should be stored +# if absent, no certs will be retrieved and stored +certDirectory: /opt/app/datafile/etc/cert + +# TLS role -- set to true if microservice acts as server +# If true, an init container will retrieve a server cert +# and key from AAF and mount them in certDirectory. +tlsServer: true + +# CMPv2 certificate +# It is used only when: +# - certDirectory is set +# - global cmpv2Enabled flag is set to true +# - flag useCmpv2Certificates is set to true +# Disabled by default +useCmpv2Certificates: false +certificates: + - mountPath: /opt/app/datafile/etc/cert/external + commonName: dcae-datafile-collector + dnsNames: + - dcae-datafile-collector + - datafile-collector + - datafile + keystore: + outputType: + - p12 + passwordSecretRef: + name: datafile-collector-cmpv2-keystore-password + key: password + create: true + +# Dependencies +readinessCheck: + wait_for: + containers: + - dcae-config-binding-service + - aaf-cm + - dmaap-bc + - dmaap-provisioning-job + +# Probe Configuration +readiness: + initialDelaySeconds: 10 + periodSeconds: 15 + timeoutSeconds: 1 + path: /heartbeat + scheme: HTTP + port: 8100 + +# Service Configuration +service: + type: ClusterIP + name: datafile-collector + ports: + - name: https + port: 8443 + plain_port: 8100 + port_protocol: http + +# Environment variables +applicationEnv: +# Empty path forces DFC to use Consul configuration, which allows app runtime reconfiguration. +# It's a workaround because DMAAP specific env variables are not available in main container. + CBS_CLIENT_CONFIG_PATH: '' + +# Initial Application Configuration +applicationConfig: + dmaap.certificateConfig.keyCert: /opt/app/datafile/etc/cert/cert.p12 + dmaap.certificateConfig.keyPasswordPath: /opt/app/datafile/etc/cert/p12.pass + dmaap.certificateConfig.trustedCa: /opt/app/datafile/etc/cert/trust.jks + dmaap.certificateConfig.trustedCaPasswordPath: /opt/app/datafile/etc/cert/trust.pass + dmaap.dmaapConsumerConfiguration.consumerGroup: OpenDcae-c12 + dmaap.dmaapConsumerConfiguration.consumerId: C12 + dmaap.dmaapConsumerConfiguration.timeoutMs: -1 + dmaap.security.enableDmaapCertAuth: true + dmaap.security.keyStorePasswordPath: /opt/app/datafile/etc/cert/jks.pass + dmaap.security.keyStorePath: /opt/app/datafile/etc/cert/cert.jks + dmaap.security.trustStorePasswordPath: /opt/app/datafile/etc/cert/trust.pass + dmaap.security.trustStorePath: /opt/app/datafile/etc/cert/trust.jks + service_calls: [] + sftp.security.strictHostKeyChecking: true + streams_publishes: + PM_MEAS_FILES: + dmaap_info: + publisher_id: ${DR_FILES_PUBLISHER_ID_0} + location: loc00 + log_url: ${DR_LOG_URL_0} + publish_url: ${DR_FILES_PUBLISHER_URL_0} + username: ${DR_USERNAME_0} + password: ${DR_PASSWORD_0} + type: data_router + streams_subscribes: + dmaap_subscriber: + dmaap_info: + topic_url: "https://message-router:3905/events/unauthenticated.VES_NOTIFICATION_OUTPUT" + type: message_router + +# DataRouter Feed Configuration +drFeedConfig: + - feedName: bulk_pm_feed + owner: dcaecm + feedVersion: 0.0 + asprClassification: unclassified + feedDescription: DFC Feed Creation + +# DataRouter Publisher Configuration +drPubConfig: + - feedName: bulk_pm_feed + dcaeLocationName: loc00 + +# ConfigMap Configuration for Feed, Dr_Publisher +volumes: + - name: feeds-config + path: /opt/app/config/feeds + - name: drpub-config + path: /opt/app/config/dr_pubs + +# Resource Limit Flavor -By Default Using Small +flavor: small + +# Segregation for Different Environment (Small and Large) +resources: + small: + limits: + cpu: 1 + memory: 1Gi + requests: + cpu: 500m + memory: 768Mi + large: + limits: + cpu: 2 + memory: 2Gi + requests: + cpu: 1 + memory: 1Gi + unlimited: {} diff --git a/kubernetes/dcaegen2-services/components/dcae-datalake-admin-ui/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-datalake-admin-ui/Chart.yaml new file mode 100644 index 0000000000..70f68cf0bb --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-datalake-admin-ui/Chart.yaml @@ -0,0 +1,23 @@ +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2021 Wipro Limited. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +apiVersion: v1 +appVersion: "Honolulu" +description: DCAE datalake-admin-ui helm chart +name: dcae-datalake-admin-ui +version: 8.0.0 + diff --git a/kubernetes/dcaegen2-services/components/dcae-datalake-admin-ui/requirements.yaml b/kubernetes/dcaegen2-services/components/dcae-datalake-admin-ui/requirements.yaml new file mode 100644 index 0000000000..8e53236787 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-datalake-admin-ui/requirements.yaml @@ -0,0 +1,30 @@ +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2021 Wipro Limited. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +dependencies: + - name: common + version: ~8.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~8.x-0 + repository: '@local' + - name: readinessCheck + version: ~8.x-0 + repository: '@local' + - name: dcaegen2-services-common + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/dcaegen2-services/components/dcae-datalake-admin-ui/templates/configmap.yaml b/kubernetes/dcaegen2-services/components/dcae-datalake-admin-ui/templates/configmap.yaml new file mode 100644 index 0000000000..26be310888 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-datalake-admin-ui/templates/configmap.yaml @@ -0,0 +1,20 @@ +{{/* +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2021 Wipro Limited. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +*/}} + +{{ include "dcaegen2-services-common.configMap" . }} diff --git a/kubernetes/dcaegen2-services/components/dcae-datalake-admin-ui/templates/deployment.yaml b/kubernetes/dcaegen2-services/components/dcae-datalake-admin-ui/templates/deployment.yaml new file mode 100644 index 0000000000..02b5df8135 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-datalake-admin-ui/templates/deployment.yaml @@ -0,0 +1,20 @@ +{{/* +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2021 Wipro Limited. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +*/}} + +{{ include "dcaegen2-services-common.microserviceDeployment" . }} diff --git a/kubernetes/dcaegen2-services/components/dcae-datalake-admin-ui/templates/job.yaml b/kubernetes/dcaegen2-services/components/dcae-datalake-admin-ui/templates/job.yaml new file mode 100644 index 0000000000..177cc03347 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-datalake-admin-ui/templates/job.yaml @@ -0,0 +1,19 @@ +{{/* +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2021 J. F. Lucas. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +*/}} +{{ include "dcaegen2-services-common.consulDeleteJob" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-datalake-admin-ui/templates/secret.yaml b/kubernetes/dcaegen2-services/components/dcae-datalake-admin-ui/templates/secret.yaml new file mode 100644 index 0000000000..c4596e5b21 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-datalake-admin-ui/templates/secret.yaml @@ -0,0 +1,20 @@ +{{/* +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2021 Wipro Limited. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +*/}} + +{{ include "common.secretFast" . }} diff --git a/kubernetes/dcaegen2-services/components/dcae-datalake-admin-ui/templates/service.yaml b/kubernetes/dcaegen2-services/components/dcae-datalake-admin-ui/templates/service.yaml new file mode 100644 index 0000000000..ba0283dda5 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-datalake-admin-ui/templates/service.yaml @@ -0,0 +1,20 @@ +{{/* +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2021 Wipro Limited. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +*/}} + +{{ include "common.service" . }} diff --git a/kubernetes/dcaegen2-services/components/dcae-datalake-admin-ui/values.yaml b/kubernetes/dcaegen2-services/components/dcae-datalake-admin-ui/values.yaml new file mode 100644 index 0000000000..d092b83937 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-datalake-admin-ui/values.yaml @@ -0,0 +1,118 @@ +# ============= LICENSE_START ================================================ +# ============================================================================ +# Copyright (C) 2021 Wipro Limited. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============= LICENSE_END ================================================== + +################################################################# +# Global Configuration Defaults. +################################################################# +global: + nodePortPrefix: 302 + nodePortPrefixExt: 304 + +################################################################# +# Filebeat Configuration Defaults. +################################################################# +filebeatConfig: + logstashServiceName: log-ls + logstashPort: 5044 + +################################################################# +# Secrets Configuration. +################################################################# +secrets: + - uid: &aafCredsUID aafcreds + type: basicAuth + login: '{{ .Values.aafCreds.identity }}' + password: '{{ .Values.aafCreds.password }}' + passwordPolicy: required + +################################aafcreds################################# +# InitContainer Images. +################################################################# +tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 +consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.1 + +################################################################# +# Application Configuration Defaults. +################################################################# +# Application Image +image: onap/org.onap.dcaegen2.services.datalakeadminui:1.1.0 + +# Log directory where logging sidecar should look for log files +# if absent, no sidecar will be deployed +logDirectory: /var/log/ONAP/dcaegen2/services/datalake-admin-ui + +# Directory where TLS certs should be stored +# if absent, no certs will be retrieved and stored +certDirectory: /opt/app/datalake-admin-ui/etc/cert/ + +# TLS role -- set to true if microservice acts as server +# If true, an init container will retrieve a server cert +# and key from AAF and mount them in certDirectory. +tlsServer: true + +# Dependencies +readinessCheck: + wait_for: + - aaf-cm + - dcae-datalake-feeder + +# Probe Configuration +readiness: + initialDelaySeconds: 30 + periodSeconds: 10 + timeoutSeconds: 1 + path: / + scheme: HTTP + port: 8088 + +# Service Configuration +service: + type: ClusterIP + name: dl-admin-ui + ports: + - name: http + port: 8088 + port_protocol: http + +# AAF Credentials +aafCreds: + identity: dcae@dcae.onap.org + password: demo123456! + +# Initial Application Configuration +applicationConfig: + FEEDER_ADDR: dl-feeder + +# Resource Limit Flavor -By Default Using Small +flavor: small +# Segregation for Different Environment (Small and Large) +resources: + small: + limits: + cpu: 1 + memory: 1Gi + requests: + cpu: 1 + memory: 1Gi + large: + limits: + cpu: 2 + memory: 2Gi + requests: + cpu: 2 + memory: 2Gi + unlimited: {} diff --git a/kubernetes/dcaegen2-services/components/dcae-datalake-des/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-datalake-des/Chart.yaml new file mode 100644 index 0000000000..392db08ee3 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-datalake-des/Chart.yaml @@ -0,0 +1,22 @@ +# ================================ LICENSE_START ============================= +# ============================================================================ +# Copyright (C) 2021 Wipro Limited. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ================================= LICENSE_END ============================== + +apiVersion: v1 +appVersion: "Honolulu" +description: DCAE Datalake DES MS charts +name: dcae-datalake-des +version: 8.0.0 diff --git a/kubernetes/dcaegen2-services/components/dcae-datalake-des/requirements.yaml b/kubernetes/dcaegen2-services/components/dcae-datalake-des/requirements.yaml new file mode 100644 index 0000000000..34fe22ee16 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-datalake-des/requirements.yaml @@ -0,0 +1,31 @@ +# ================================ LICENSE_START ============================= +# ============================================================================ +# Copyright (C) 2021 Wipro Limited. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ================================= LICENSE_END ============================== + +dependencies: + - name: common + version: ~8.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~8.x-0 + repository: '@local' + - name: readinessCheck + version: ~8.x-0 + repository: '@local' + - name: dcaegen2-services-common + version: ~8.x-0 + repository: '@local' + diff --git a/kubernetes/dcaegen2-services/components/dcae-datalake-des/templates/configmap.yaml b/kubernetes/dcaegen2-services/components/dcae-datalake-des/templates/configmap.yaml new file mode 100644 index 0000000000..26be310888 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-datalake-des/templates/configmap.yaml @@ -0,0 +1,20 @@ +{{/* +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2021 Wipro Limited. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +*/}} + +{{ include "dcaegen2-services-common.configMap" . }} diff --git a/kubernetes/dcaegen2-services/components/dcae-datalake-des/templates/deployment.yaml b/kubernetes/dcaegen2-services/components/dcae-datalake-des/templates/deployment.yaml new file mode 100644 index 0000000000..02b5df8135 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-datalake-des/templates/deployment.yaml @@ -0,0 +1,20 @@ +{{/* +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2021 Wipro Limited. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +*/}} + +{{ include "dcaegen2-services-common.microserviceDeployment" . }} diff --git a/kubernetes/dcaegen2-services/components/dcae-datalake-des/templates/job.yaml b/kubernetes/dcaegen2-services/components/dcae-datalake-des/templates/job.yaml new file mode 100644 index 0000000000..177cc03347 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-datalake-des/templates/job.yaml @@ -0,0 +1,19 @@ +{{/* +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2021 J. F. Lucas. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +*/}} +{{ include "dcaegen2-services-common.consulDeleteJob" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-datalake-des/templates/secret.yaml b/kubernetes/dcaegen2-services/components/dcae-datalake-des/templates/secret.yaml new file mode 100644 index 0000000000..9d55a03d71 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-datalake-des/templates/secret.yaml @@ -0,0 +1,19 @@ +{{/* +# ================================ LICENSE_START ============================= +# ============================================================================ +# Copyright (C) 2021 Wipro Limited. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ================================= LICENSE_END ============================== +*/}} +{{ include "common.secretFast" . }} diff --git a/kubernetes/dcaegen2-services/components/dcae-datalake-des/templates/service.yaml b/kubernetes/dcaegen2-services/components/dcae-datalake-des/templates/service.yaml new file mode 100644 index 0000000000..ba0283dda5 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-datalake-des/templates/service.yaml @@ -0,0 +1,20 @@ +{{/* +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2021 Wipro Limited. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +*/}} + +{{ include "common.service" . }} diff --git a/kubernetes/dcaegen2-services/components/dcae-datalake-des/values.yaml b/kubernetes/dcaegen2-services/components/dcae-datalake-des/values.yaml new file mode 100644 index 0000000000..bc5fe3b88c --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-datalake-des/values.yaml @@ -0,0 +1,148 @@ +# ============= LICENSE_START ================================================ +# ============================================================================ +# Copyright (C) 2021 Wipro Limited. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============= LICENSE_END ================================================== + +################################################################# +# Global Configuration Defaults. +################################################################# +global: + nodePortPrefix: 302 + nodePortPrefixExt: 304 + +################################################################# +# Filebeat Configuration Defaults. +#B +################################################################# +filebeatConfig: + logstashServiceName: log-ls + logstashPort: 5044 + +################################################################# +# Secrets Configuration. +################################################################# +secrets: + - uid: &aafCredsUID aafcreds + type: basicAuth + login: '{{ .Values.aafCreds.identity }}' + password: '{{ .Values.aafCreds.password }}' + passwordPolicy: required + - uid: &pgUserCredsSecretUid pg-user-creds + externalSecret: '{{ include "common.release" . }}-datalake-pg-user-creds' + type: basicAuth + login: '{{ .Values.postgres.config.pgUserName }}' + passwordPolicy: required + +################################aafcreds################################# +# InitContainer Images. +################################################################# +tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 +consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.1 + +################################################################# +# Application Configuration Defaults. +################################################################# +# Application Image +image: onap/org.onap.dcaegen2.services.datalake.exposure.service:1.1.1 + +# Log directory where logging sidecar should look for log files +# if absent, no sidecar will be deployed +logDirectory: /var/log/ONAP/dcaegen2/services/datalake + +# Directory where TLS certs should be stored +# if absent, no certs will be retrieved and stored +certDirectory: /opt/app/datalake/etc/cert/ + +# TLS role -- set to true if microservice acts as server +# If true, an init container will retrieve a server cert +# and key from AAF and mount them in certDirectory. +tlsServer: true + +# Dependencies +readinessCheck: + wait_for: + - aaf-cm + - dcae-datalake-feeder + +# Probe Configuration +readiness: + initialDelaySeconds: 90 + periodSeconds: 90 + timeoutSeconds: 10 + path: /datalake/v1/exposure + scheme: HTTP + port: 1681 + +# Service Configuration +service: + type: ClusterIP + name: dl-des + ports: + - name: http + port: 1681 + port_protocol: http + +# AAF Credentials +aafCreds: + identity: dcae@dcae.onap.org + password: demo123456! + +#postgres configuration +postgres: + config: + pgUserName: datalake + +# Initial Application Configuration +applicationConfig: + PRESTO_HOST: dl-presto + PRESTO_PORT: 9000 + PRESTO_USER: user + PRESTO_PASSWORD: test + HOSTNAME: dl-des + +applicationEnv: + PG_HOST: dcae-datalake-pg-primary + PG_PORT: '5432' + PG_USER: + secretUid: *pgUserCredsSecretUid + key: login + PG_PASSWORD: + secretUid: *pgUserCredsSecretUid + key: password + PG_DB: datalake + PRESTO_HOST: dl-presto + PRESTO_PORT: '9000' + PRESTO_USER: user + PRESTO_PASSWORD: test + +# Resource Limit Flavor -By Default Using Small +flavor: small +# Segregation for Different Environment (Small and Large) +resources: + small: + limits: + cpu: 1 + memory: 1Gi + requests: + cpu: 1 + memory: 1Gi + large: + limits: + cpu: 2 + memory: 2Gi + requests: + cpu: 2 + memory: 2Gi + unlimited: {} diff --git a/kubernetes/dcaegen2-services/components/dcae-datalake-feeder/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-datalake-feeder/Chart.yaml new file mode 100644 index 0000000000..1db95b84f9 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-datalake-feeder/Chart.yaml @@ -0,0 +1,22 @@ +# ================================ LICENSE_START ============================= +# ============================================================================ +# Copyright (C) 2021 Wipro Limited +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ================================= LICENSE_END ============================== + +apiVersion: v1 +appVersion: "Honolulu" +description: DCAE Datalake feeder MS charts +name: dcae-datalake-feeder +version: 8.0.0 diff --git a/kubernetes/dcaegen2-services/components/dcae-datalake-feeder/requirements.yaml b/kubernetes/dcaegen2-services/components/dcae-datalake-feeder/requirements.yaml new file mode 100644 index 0000000000..5ef187132e --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-datalake-feeder/requirements.yaml @@ -0,0 +1,34 @@ +# ================================ LICENSE_START ============================= +# ============================================================================ +# Copyright (C) 2021 Wipro Limited. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ================================= LICENSE_END ============================== + +dependencies: + - name: common + version: ~8.x-0 + repository: '@local' + - name: postgres + version: ~8.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~8.x-0 + repository: '@local' + - name: readinessCheck + version: ~8.x-0 + repository: '@local' + - name: dcaegen2-services-common + version: ~8.x-0 + repository: '@local' + diff --git a/kubernetes/dcaegen2-services/components/dcae-datalake-feeder/templates/configmap.yaml b/kubernetes/dcaegen2-services/components/dcae-datalake-feeder/templates/configmap.yaml new file mode 100644 index 0000000000..26be310888 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-datalake-feeder/templates/configmap.yaml @@ -0,0 +1,20 @@ +{{/* +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2021 Wipro Limited. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +*/}} + +{{ include "dcaegen2-services-common.configMap" . }} diff --git a/kubernetes/dcaegen2-services/components/dcae-datalake-feeder/templates/deployment.yaml b/kubernetes/dcaegen2-services/components/dcae-datalake-feeder/templates/deployment.yaml new file mode 100644 index 0000000000..02b5df8135 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-datalake-feeder/templates/deployment.yaml @@ -0,0 +1,20 @@ +{{/* +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2021 Wipro Limited. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +*/}} + +{{ include "dcaegen2-services-common.microserviceDeployment" . }} diff --git a/kubernetes/dcaegen2-services/components/dcae-datalake-feeder/templates/job.yaml b/kubernetes/dcaegen2-services/components/dcae-datalake-feeder/templates/job.yaml new file mode 100644 index 0000000000..177cc03347 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-datalake-feeder/templates/job.yaml @@ -0,0 +1,19 @@ +{{/* +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2021 J. F. Lucas. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +*/}} +{{ include "dcaegen2-services-common.consulDeleteJob" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-datalake-feeder/templates/secret.yaml b/kubernetes/dcaegen2-services/components/dcae-datalake-feeder/templates/secret.yaml new file mode 100644 index 0000000000..c4596e5b21 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-datalake-feeder/templates/secret.yaml @@ -0,0 +1,20 @@ +{{/* +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2021 Wipro Limited. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +*/}} + +{{ include "common.secretFast" . }} diff --git a/kubernetes/dcaegen2-services/components/dcae-datalake-feeder/templates/service.yaml b/kubernetes/dcaegen2-services/components/dcae-datalake-feeder/templates/service.yaml new file mode 100644 index 0000000000..ba0283dda5 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-datalake-feeder/templates/service.yaml @@ -0,0 +1,20 @@ +{{/* +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2021 Wipro Limited. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +*/}} + +{{ include "common.service" . }} diff --git a/kubernetes/dcaegen2-services/components/dcae-datalake-feeder/values.yaml b/kubernetes/dcaegen2-services/components/dcae-datalake-feeder/values.yaml new file mode 100644 index 0000000000..56017b7e5c --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-datalake-feeder/values.yaml @@ -0,0 +1,175 @@ +# ================================ LICENSE_START ============================= +# ============================================================================ +# Copyright (C) 2021 Wipro Limited. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ================================= LICENSE_END ============================== + +################################################################# +# Global Configuration Defaults. +################################################################# +global: + nodePortPrefix: 302 + nodePortPrefixExt: 304 + +################################################################# +# Filebeat Configuration Defaults. +################################################################# +filebeatConfig: + logstashServiceName: log-ls + logstashPort: 5044 + +################################################################# +# Secrets Configuration. +################################################################# +secrets: + - uid: &aafCredsUID aafcreds + type: basicAuth + login: '{{ .Values.aafCreds.identity }}' + password: '{{ .Values.aafCreds.password }}' + passwordPolicy: required + - uid: &pgUserCredsSecretUid pg-user-creds + name: &pgUserCredsSecretName '{{ include "common.release" . }}-datalake-pg-user-creds' + type: basicAuth + externalSecret: '{{ ternary "" (tpl (default "" .Values.postgres.config.pgUserExternalSecret) .) (hasSuffix "datalake-pg-user-creds" .Values.postgres.config.pgUserExternalSecret) }}' + login: '{{ .Values.postgres.config.pgUserName }}' + password: '{{ .Values.postgres.config.pgUserPassword }}' + passwordPolicy: generate + +################################################################# +# InitContainer Images. +################################################################# +tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 +consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.1 + +################################################################# +# Application Configuration Defaults. +################################################################# +# Application Image +image: onap/org.onap.dcaegen2.services.datalakefeeder:1.1.1 +pullPolicy: Always + +# Log directory where logging sidecar should look for log files +# if absent, no sidecar will be deployed +logDirectory: /var/log/ONAP/dcaegen2/services/datalake + +# Directory where TLS certs should be stored +# if absent, no certs will be retrieved and stored +certDirectory: /opt/app/datalake/etc/certs + +# TLS role -- set to true if microservice acts as server +# If true, an init container will retrieve a server cert +# and key from AAF and mount them in certDirectory. +tlsServer: true + +# Dependencies +readinessCheck: + wait_for: + - dcae-config-binding-service + - aaf-cm + - &postgresName dcae-datalake-postgres + +# Probe Configuration +readiness: + initialDelaySeconds: 90 + periodSeconds: 90 + timeoutSeconds: 10 + path: /datalake/v1/topics + scheme: HTTP + port: 1680 + +# Service Configuration +service: + type: ClusterIP + name: dl-feeder + ports: + - name: http + port: 1680 + port_protocol: http + +# AAF Credentials +aafCreds: + identity: dcae@dcae.onap.org + password: demo123456! + +credentials: +- name: PG_USER + uid: *pgUserCredsSecretUid + key: login +- name: PG_PASSWORD + uid: *pgUserCredsSecretUid + key: password + +# Initial Application Configuration +applicationConfig: + PG_HOST: dcae-datalake-pg-primary + PG_PORT: 5432 + PG_USER: ${PG_USER} + PG_PASSWORD: ${PG_PASSWORD} + PG_DB: datalake + HOSTNAME: dcae-datalake-feeder + CONSUL_HOST: consul + CONFIG_BINDING_SERVICE: 30408 + +applicationEnv: + PG_HOST: dcae-datalake-pg-primary + PG_PORT: '5432' + PG_USER: + secretUid: *pgUserCredsSecretUid + key: login + PG_PASSWORD: + secretUid: *pgUserCredsSecretUid + key: password + PG_DB: datalake + +# Resource Limit Flavor -By Default Using Small +flavor: small + +# Segregation for Different Environment (Small and Large) +resources: + small: + limits: + cpu: 1 + memory: 1Gi + requests: + cpu: 1 + memory: 1Gi + large: + limits: + cpu: 2 + memory: 2Gi + requests: + cpu: 2 + memory: 2Gi + unlimited: {} + +################################################################# +# Application configuration Overriding Defaults in the Postgres. +################################################################# +postgres: + nameOverride: *postgresName + service: + name: *postgresName + name2: dcae-datalake-pg-primary + name3: dcae-datalake-pg-replica + container: + name: + primary: dcae-datalake-pg-primary + replica: dcae-datalake-pg-replica + persistence: + mountSubPath: datalake/data + mountInitPath: datalake + config: + pgUserName: datalake + pgDatabase: datalake + pgUserExternalSecret: *pgUserCredsSecretName diff --git a/kubernetes/dcaegen2-services/components/dcae-heartbeat/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-heartbeat/Chart.yaml new file mode 100644 index 0000000000..feb3d5335f --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-heartbeat/Chart.yaml @@ -0,0 +1,22 @@ +# ================================ LICENSE_START ============================= +# ============================================================================ +# Copyright (c) 2021 AT&T Intellectual Property +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ================================= LICENSE_END ============================== + +apiVersion: v1 +appVersion: "Honolulu" +description: DCAE Heartbeat Microservice +name: dcae-heartbeat +version: 8.0.0
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-heartbeat/requirements.yaml b/kubernetes/dcaegen2-services/components/dcae-heartbeat/requirements.yaml new file mode 100644 index 0000000000..680c0d6711 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-heartbeat/requirements.yaml @@ -0,0 +1,33 @@ +# ================================ LICENSE_START ============================= +# ============================================================================ +# Copyright (c) 2021 AT&T Intellectual Property. All rights reserved. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ================================= LICENSE_END ============================== + +dependencies: + - name: common + version: ~8.x-0 + repository: '@local' + - name: postgres + version: ~8.x-0 + repository: '@local' + - name: readinessCheck + version: ~8.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~8.x-0 + repository: '@local' + - name: dcaegen2-services-common + version: ~8.x-0 + repository: '@local'
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-heartbeat/templates/configmap.yaml b/kubernetes/dcaegen2-services/components/dcae-heartbeat/templates/configmap.yaml new file mode 100644 index 0000000000..a914446c99 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-heartbeat/templates/configmap.yaml @@ -0,0 +1,19 @@ +{{/* +################################################################################ +# Copyright (c) 2021 AT&T Intellectual Property # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ +*/}} + +{{ include "dcaegen2-services-common.configMap" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-heartbeat/templates/deployment.yaml b/kubernetes/dcaegen2-services/components/dcae-heartbeat/templates/deployment.yaml new file mode 100644 index 0000000000..0ad66b62a9 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-heartbeat/templates/deployment.yaml @@ -0,0 +1,19 @@ +{{/* +################################################################################ +# Copyright (c) 2021 AT&T Intellectual Property # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ +*/}} + +{{ include "dcaegen2-services-common.microserviceDeployment" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-heartbeat/templates/job.yaml b/kubernetes/dcaegen2-services/components/dcae-heartbeat/templates/job.yaml new file mode 100644 index 0000000000..177cc03347 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-heartbeat/templates/job.yaml @@ -0,0 +1,19 @@ +{{/* +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2021 J. F. Lucas. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +*/}} +{{ include "dcaegen2-services-common.consulDeleteJob" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-heartbeat/templates/secret.yaml b/kubernetes/dcaegen2-services/components/dcae-heartbeat/templates/secret.yaml new file mode 100644 index 0000000000..6b70356ca9 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-heartbeat/templates/secret.yaml @@ -0,0 +1,19 @@ +{{/* +################################################################################ +# Copyright (c) 2021 AT&T Intellectual Property # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ +*/}} + +{{ include "common.secretFast" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-heartbeat/templates/service.yaml b/kubernetes/dcaegen2-services/components/dcae-heartbeat/templates/service.yaml new file mode 100644 index 0000000000..cf11d2a0c5 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-heartbeat/templates/service.yaml @@ -0,0 +1,19 @@ +{{/* +################################################################################ +# Copyright (c) 2021 AT&T Intellectual Property # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ +*/}} + +{{ include "common.service" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-heartbeat/values.yaml b/kubernetes/dcaegen2-services/components/dcae-heartbeat/values.yaml new file mode 100644 index 0000000000..09637c5cfc --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-heartbeat/values.yaml @@ -0,0 +1,192 @@ +# ================================ LICENSE_START ============================= +# ============================================================================ +# Copyright (c) 2021 AT&T Intellectual Property. All rights reserved. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ================================= LICENSE_END ============================== + +################################################################# +# Global Configuration Defaults. +################################################################# +global: + nodePortPrefix: 302 + nodePortPrefixExt: 304 + +################################################################# +# Filebeat Configuration Defaults. +################################################################# +filebeatConfig: + logstashServiceName: log-ls + logstashPort: 5044 + +################################################################# +# Secrets Configuration. +################################################################# +secrets: + - uid: &aafCredsUID aafcreds + type: basicAuth + login: '{{ .Values.aafCreds.identity }}' + password: '{{ .Values.aafCreds.password }}' + passwordPolicy: required + - uid: &pgUserCredsSecretUid pg-user-creds + name: &pgUserCredsSecretName '{{ include "common.release" . }}-heartbeat-pg-user-creds' + type: basicAuth + externalSecret: '{{ ternary "" (tpl (default "" .Values.postgres.config.pgUserExternalSecret) .) (hasSuffix "heartbeat-pg-user-creds" .Values.postgres.config.pgUserExternalSecret) }}' + login: '{{ .Values.postgres.config.pgUserName }}' + password: '{{ .Values.postgres.config.pgUserPassword }}' + passwordPolicy: generate + +################################################################# +# InitContainer Images. +################################################################# +tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 +consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.1 + +################################################################# +# Application Configuration Defaults. +################################################################# +# Application Image +image: onap/org.onap.dcaegen2.services.heartbeat:2.2.0 +pullPolicy: Always + +# Log directory where logging sidecar should look for log files +# if absent, no sidecar will be deployed +logDirectory: /var/log/ONAP/dcaegen2/services/heartbeat + +# Directory where TLS certs should be stored +# if absent, no certs will be retrieved and stored +certDirectory: /opt/app/heartbeat/etc/certs + +# TLS role -- set to true if microservice acts as server +# If true, an init container will retrieve a server cert +# and key from AAF and mount them in certDirectory. +tlsServer: true + +# Dependencies +readinessCheck: + wait_for: + - dcae-config-binding-service + - aaf-cm + - &postgresName dcae-heartbeat-postgres + +# Probe Configuration +readiness: + initialDelaySeconds: 10 + periodSeconds: 15 + timeoutSeconds: 1 + path: / + scheme: HTTP + port: 10002 + +# Service Configuration +service: + type: ClusterIP + name: dcae-heartbeat + ports: + - name: http + port: 10002 + port_protocol: http + +# AAF Credentials +aafCreds: + identity: dcae@dcae.onap.org + password: demo123456! + +credentials: +- name: AAF_IDENTITY + uid: *aafCredsUID + key: login +- name: AAF_PASSWORD + uid: *aafCredsUID + key: password +- name: HEARTBEAT_PG_USERNAME + uid: *pgUserCredsSecretUid + key: login +- name: HEARTBEAT_PG_PASSWORD + uid: *pgUserCredsSecretUid + key: password + + +# Initial Application Configuration +applicationConfig: + CBS_polling_allowed: "True" + CBS_polling_interval: "300" + consumerID: "1" + groupID: "hbgrpID" + pg_ipAddress: dcae-heartbeat-pg-primary + pg_passwd: ${HEARTBEAT_PG_PASSWORD} + pg_portNum: 5432 + pg_userName: ${HEARTBEAT_PG_USERNAME} + pg_dbName: heartbeat + heartbeat_config: '{"vnfs": [{"eventName": "Heartbeat_vDNS","heartbeatcountmissed": 3,"heartbeatinterval": 60,"closedLoopControlName": "ControlLoopEvent1", "policyVersion": "1.0.0.5", "policyName":"vFireWall","policyScope": "resource=sampleResource,type=sampletype,CLName=sampleCLName","target_type": "VNF", "target": "genVnfName", "version": "1.0"}, {"eventName": "Heartbeat_vFW","heartbeatcountmissed": 3, "heartbeatinterval": 60,"closedLoopControlName": "ControlLoopEvent1","policyVersion": "1.0.0.5","policyName": "vFireWall","policyScope": "resource=sampleResource,type=sampletype,CLName=sampleCLName", "target_type":"VNF", "target": "genVnfName", "version": "1.0"}, {"eventName": "Heartbeat_xx","heartbeatcountmissed": 3, "heartbeatinterval": 60,"closedLoopControlName": "ControlLoopEvent1","policyVersion": "1.0.0.5","policyName": "vFireWall", "policyScope": "resource=sampleResource,type=sampletype,CLName=sampleCLName","target_type": "VNF","target": "genVnfName","version": "1.0"}]}' + streams_publishes: + dcae_cl_out: + dmaap_info: + topic_url: "http://message-router.onap.svc.cluster.local:3904/events/unauthenticated.DCAE_CL_OUTPUT" + type: message_router + streams_subscribes: + ves-heartbeat: + dmaap_info: + topic_url: "http://message-router:3904/events/unauthenticated.SEC_HEARTBEAT_OUTPUT" + type: message_router + +#applicationEnv: +# HEARTBEAT_PG_URL: &dcaeheartbeatPgPrimary dcae-heartbeat-pg-primary +# HEARTBEAT_PG_USERNAME: +# secretUid: *pgUserCredsSecretUid +# key: login +# HEARTBEAT_PG_PASSWORD: +# secretUid: *pgUserCredsSecretUid +# key: password + +# Resource Limit Flavor -By Default Using Small +flavor: small + +# Segregation for Different Environment (Small and Large) +resources: + small: + limits: + cpu: 1 + memory: 1Gi + requests: + cpu: 1 + memory: 1Gi + large: + limits: + cpu: 2 + memory: 2Gi + requests: + cpu: 2 + memory: 2Gi + unlimited: {} + +################################################################# +# Application configuration Overriding Defaults in the Postgres. +################################################################# +postgres: + nameOverride: *postgresName + service: + name: *postgresName + name2: dcae-heartbeat-pg-primary + name3: dcae-heartbeat-pg-replica + container: + name: + primary: dcae-heartbeat-pg-primary + replica: dcae-heartbeat-pg-replica + persistence: + mountSubPath: heartbeat/data + mountInitPath: heartbeat + config: + pgUserName: heartbeat + pgDatabase: heartbeat + pgUserExternalSecret: *pgUserCredsSecretName diff --git a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/job.yaml b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/job.yaml new file mode 100644 index 0000000000..177cc03347 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/job.yaml @@ -0,0 +1,19 @@ +{{/* +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2021 J. F. Lucas. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +*/}} +{{ include "dcaegen2-services-common.consulDeleteJob" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml index 64e4ba9b43..07b10614a8 100644 --- a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml @@ -34,14 +34,14 @@ filebeatConfig: # initContainer images. ################################################################# tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 -consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.0 -certPostProcessorImage: onap/org.onap.oom.platform.cert-service.oom-certservice-post-processor:2.3.3 +consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.1 +certPostProcessorImage: onap/org.onap.oom.platform.cert-service.oom-certservice-post-processor:2.4.0 ################################################################# # Application configuration defaults. ################################################################# # application image -image: onap/org.onap.dcaegen2.collectors.hv-ves.hv-collector-main:1.8.0 +image: onap/org.onap.dcaegen2.collectors.hv-ves.hv-collector-main:1.9.1 pullPolicy: Always # log directory where logging sidecar should look for log files @@ -178,6 +178,7 @@ applicationConfig: applicationEnv: JAVA_OPTS: '-Dlogback.configurationFile=/etc/ONAP/dcae-hv-ves-collector/logback.xml' + CBS_CLIENT_CONFIG_PATH: '/app-config-input/application_config.yaml' # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/dcaegen2-services/components/dcae-kpi-ms/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-kpi-ms/Chart.yaml new file mode 100644 index 0000000000..336ffc4309 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-kpi-ms/Chart.yaml @@ -0,0 +1,23 @@ +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2021 Wipro Limited. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +apiVersion: v1 +appVersion: "Honolulu" +description: DCAE KPI MS chart +name: dcae-kpi-ms +version: 8.0.0 + diff --git a/kubernetes/dcaegen2-services/components/dcae-kpi-ms/requirements.yaml b/kubernetes/dcaegen2-services/components/dcae-kpi-ms/requirements.yaml new file mode 100644 index 0000000000..6b37d363b6 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-kpi-ms/requirements.yaml @@ -0,0 +1,32 @@ +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2021 Wipro Limited. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +dependencies: + - name: common + version: ~8.x-0 + repository: '@local' + - name: readinessCheck + version: ~8.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~8.x-0 + repository: '@local' + - name: dcaegen2-services-common + version: ~8.x-0 + repository: '@local' + + diff --git a/kubernetes/dcaegen2-services/components/dcae-kpi-ms/templates/configmap.yaml b/kubernetes/dcaegen2-services/components/dcae-kpi-ms/templates/configmap.yaml new file mode 100644 index 0000000000..26be310888 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-kpi-ms/templates/configmap.yaml @@ -0,0 +1,20 @@ +{{/* +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2021 Wipro Limited. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +*/}} + +{{ include "dcaegen2-services-common.configMap" . }} diff --git a/kubernetes/dcaegen2-services/components/dcae-kpi-ms/templates/deployment.yaml b/kubernetes/dcaegen2-services/components/dcae-kpi-ms/templates/deployment.yaml new file mode 100644 index 0000000000..02b5df8135 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-kpi-ms/templates/deployment.yaml @@ -0,0 +1,20 @@ +{{/* +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2021 Wipro Limited. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +*/}} + +{{ include "dcaegen2-services-common.microserviceDeployment" . }} diff --git a/kubernetes/dcaegen2-services/components/dcae-kpi-ms/templates/job.yaml b/kubernetes/dcaegen2-services/components/dcae-kpi-ms/templates/job.yaml new file mode 100644 index 0000000000..177cc03347 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-kpi-ms/templates/job.yaml @@ -0,0 +1,19 @@ +{{/* +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2021 J. F. Lucas. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +*/}} +{{ include "dcaegen2-services-common.consulDeleteJob" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-kpi-ms/templates/secret.yaml b/kubernetes/dcaegen2-services/components/dcae-kpi-ms/templates/secret.yaml new file mode 100644 index 0000000000..c4596e5b21 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-kpi-ms/templates/secret.yaml @@ -0,0 +1,20 @@ +{{/* +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2021 Wipro Limited. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +*/}} + +{{ include "common.secretFast" . }} diff --git a/kubernetes/dcaegen2-services/components/dcae-kpi-ms/templates/service.yaml b/kubernetes/dcaegen2-services/components/dcae-kpi-ms/templates/service.yaml new file mode 100644 index 0000000000..ba0283dda5 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-kpi-ms/templates/service.yaml @@ -0,0 +1,20 @@ +{{/* +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2021 Wipro Limited. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +*/}} + +{{ include "common.service" . }} diff --git a/kubernetes/dcaegen2-services/components/dcae-kpi-ms/values.yaml b/kubernetes/dcaegen2-services/components/dcae-kpi-ms/values.yaml new file mode 100644 index 0000000000..425016878c --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-kpi-ms/values.yaml @@ -0,0 +1,156 @@ +# ============= LICENSE_START ================================================ +# ============================================================================ +# Copyright (C) 2021 Wipro Limited. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============= LICENSE_END ================================================== + +################################################################# +# Global Configuration Defaults. +################################################################# +global: + nodePortPrefix: 302 + nodePortPrefixExt: 304 + +################################################################# +# Filebeat Configuration Defaults. +################################################################# +filebeatConfig: + logstashServiceName: log-ls + logstashPort: 5044 + +################################################################# +# Secrets Configuration. +################################################################# +secrets: + - uid: &aafCredsUID aafcreds + type: basicAuth + login: '{{ .Values.aafCreds.identity }}' + password: '{{ .Values.aafCreds.password }}' + passwordPolicy: required + +################################################################# +# InitContainer Images. +################################################################# +tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 +consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.1 + +################################################################# +# Application Configuration Defaults. +################################################################# +# Application Image +image: onap/org.onap.dcaegen2.services.components.kpi-ms:1.0.0 +pullPolicy: Always + +# Log directory where logging sidecar should look for log files +# if absent, no sidecar will be deployed +logDirectory: /var/log/ONAP/dcaegen2/services/kpims + +# Directory where TLS certs should be stored +# if absent, no certs will be retrieved and stored +certDirectory: /opt/app/kpims/etc/cert/ + +# TLS role -- set to true if microservice acts as server +# If true, an init container will retrieve a server cert +# and key from AAF and mount them in certDirectory. +tlsServer: true +enable_tls: true + +# Dependencies +readinessCheck: + wait_for: + - dcae-config-binding-service + - aaf-cm + +# Probe Configuration +readiness: + initialDelaySeconds: 10 + periodSeconds: 15 + timeoutSeconds: 1 + path: /healthcheck + scheme: HTTP + port: 8080 + +# Service Configuration +service: + type: ClusterIP + name: dcae-kpi-ms + ports: + - name: http + port: 8080 + port_protocol: http + +# AAF Credentials +aafCreds: + identity: dcae@dcae.onap.org + password: demo123456! + +credentials: +- name: AAF_IDENTITY + uid: *aafCredsUID + key: login +- name: AAF_PASSWORD + uid: *aafCredsUID + key: password + +# Initial Application Configuration +applicationConfig: + aafUsername: ${AAF_IDENTITY} + aafPassword: ${AAF_PASSWORD} + trust_store_path: '/opt/app/kpims/etc/cert/trust.jks' + trust_store_pass_path: '/opt/app/kpims/etc/cert/trust.pass' + pollingInterval: 20 + pollingTimeout: 60 + cbsPollingInterval: 60 + dmaap.server: ["message-router"] + cg: kpi-cg + cid: kpi-cid + streams_subscribes: + performance_management_topic: + aafUsername: ${AAF_IDENTITY} + aafPassword: ${AAF_PASSWORD} + type: message-router + dmaap_info: + topic_url: https://message-router.onap.svc.cluster.local:3905/events/org.onap.dmaap.mr.PERFORMANCE_MEASUREMENTS + streams_publishes: + kpi_topic: + aafUsername: ${AAF_IDENTITY} + aafPassword: ${AAF_PASSWORD} + type: message-router + dmaap_info: + topic_url: https://message-router.onap.svc.cluster.local:3905/events/unauthenticated.DCAE_KPI_OUTPUT + kpi.policy: '{"domain":"measurementsForKpi","methodForKpi":[{"eventName":"perf3gpp_CORE-AMF_pmMeasResult","controlLoopSchemaType":"SLICE","policyScope":"resource=networkSlice;type=configuration","policyName":"configuration.dcae.microservice.kpi-computation","policyVersion":"v0.0.1","kpis":[{"measType":"AMFRegNbr","operation":"SUM","operands":"RM.RegisteredSubNbrMean"}]},{"eventName":"perf3gpp_CORE-UPF_pmMeasResult","controlLoopSchemaType":"SLICE","policyScope":"resource=networkSlice;type=configuration","policyName":"configuration.dcae.microservice.kpi-computation","policyVersion":"v0.0.1","kpis":[{"measType":"UpstreamThr","operation":"SUM","operands":"GTP.InDataOctN3UPF"},{"measType":"DownstreamThr","operation":"SUM","operands":"GTP.OutDataOctN3UPF"}]}]}' + +applicationEnv: + STANDALONE: 'false' + +# Resource Limit Flavor -By Default Using Small +flavor: small + +# Segregation for Different Environment (Small and Large) +resources: + small: + limits: + cpu: 1 + memory: 1Gi + requests: + cpu: 1 + memory: 1Gi + large: + limits: + cpu: 2 + memory: 2Gi + requests: + cpu: 2 + memory: 2Gi + unlimited: {} diff --git a/kubernetes/dcaegen2-services/components/dcae-ms-healthcheck/values.yaml b/kubernetes/dcaegen2-services/components/dcae-ms-healthcheck/values.yaml index 75353254e8..aa6af35c5e 100644 --- a/kubernetes/dcaegen2-services/components/dcae-ms-healthcheck/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-ms-healthcheck/values.yaml @@ -43,7 +43,7 @@ readiness: initialDelaySeconds: 10 periodSeconds: 10 # application image -image: onap/org.onap.dcaegen2.deployments.healthcheck-container:2.1.0 +image: onap/org.onap.dcaegen2.deployments.healthcheck-container:2.2.0 # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/dcaegen2-services/components/dcae-pm-mapper/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-pm-mapper/Chart.yaml new file mode 100644 index 0000000000..1740464cc5 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-pm-mapper/Chart.yaml @@ -0,0 +1,22 @@ +# ================================ LICENSE_START ============================= +# ============================================================================ +# Copyright (C) 2021 Nordix Foundation. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ================================= LICENSE_END ============================== + +apiVersion: v1 +appVersion: "Honolulu" +description: DCAE PM-Mapper Helm charts +name: dcae-pm-mapper +version: 8.0.0
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-pm-mapper/requirements.yaml b/kubernetes/dcaegen2-services/components/dcae-pm-mapper/requirements.yaml new file mode 100644 index 0000000000..5e1b36e493 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-pm-mapper/requirements.yaml @@ -0,0 +1,30 @@ +# ================================ LICENSE_START ============================= +# ============================================================================ +# Copyright (C) 2021 Nordix Foundation. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ================================= LICENSE_END ============================== + +dependencies: + - name: common + version: ~8.x-0 + repository: '@local' + - name: readinessCheck + version: ~8.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~8.x-0 + repository: '@local' + - name: dcaegen2-services-common + version: ~8.x-0 + repository: 'file://../../common/dcaegen2-services-common'
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-pm-mapper/templates/configmap.yaml b/kubernetes/dcaegen2-services/components/dcae-pm-mapper/templates/configmap.yaml new file mode 100644 index 0000000000..a0cb9a66bd --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-pm-mapper/templates/configmap.yaml @@ -0,0 +1,19 @@ +{{/* +################################################################################ +# Copyright (C) 2021 Nordix Foundation. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ +*/}} + +{{ include "dcaegen2-services-common.configMap" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-pm-mapper/templates/deployment.yaml b/kubernetes/dcaegen2-services/components/dcae-pm-mapper/templates/deployment.yaml new file mode 100644 index 0000000000..d992d5c19c --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-pm-mapper/templates/deployment.yaml @@ -0,0 +1,19 @@ +{{/* +################################################################################ +# Copyright (C) 2021 Nordix Foundation. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ +*/}} + +{{ include "dcaegen2-services-common.microserviceDeployment" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-pm-mapper/templates/job.yaml b/kubernetes/dcaegen2-services/components/dcae-pm-mapper/templates/job.yaml new file mode 100644 index 0000000000..177cc03347 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-pm-mapper/templates/job.yaml @@ -0,0 +1,19 @@ +{{/* +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2021 J. F. Lucas. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +*/}} +{{ include "dcaegen2-services-common.consulDeleteJob" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-pm-mapper/templates/secret.yaml b/kubernetes/dcaegen2-services/components/dcae-pm-mapper/templates/secret.yaml new file mode 100644 index 0000000000..1f588464ba --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-pm-mapper/templates/secret.yaml @@ -0,0 +1,19 @@ +{{/* +################################################################################ +# Copyright (C) 2021 Nordix Foundation. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ +*/}} + +{{ include "common.secretFast" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-pm-mapper/templates/service.yaml b/kubernetes/dcaegen2-services/components/dcae-pm-mapper/templates/service.yaml new file mode 100644 index 0000000000..2de4a8fe0a --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-pm-mapper/templates/service.yaml @@ -0,0 +1,19 @@ +{{/* +################################################################################ +# Copyright (C) 2021 Nordix Foundation. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ +*/}} + +{{ include "common.service" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-pm-mapper/values.yaml b/kubernetes/dcaegen2-services/components/dcae-pm-mapper/values.yaml new file mode 100644 index 0000000000..d18e8d64eb --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-pm-mapper/values.yaml @@ -0,0 +1,218 @@ +# ================================ LICENSE_START ========================== +# ========================================================================= +# Copyright (C) 2021 Nordix Foundation. +# ========================================================================= +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ================================= LICENSE_END =========================== + +################################################################# +# Global Configuration Defaults. +################################################################# +global: + nodePortPrefix: 302 + nodePortPrefixExt: 304 + +################################################################# +# Filebeat Configuration Defaults. +################################################################# +filebeatConfig: + logstashServiceName: log-ls + logstashPort: 5044 + +################################################################# +# Secrets Configuration. +################################################################# +secrets: + - uid: &aafCredsUID aafcreds + type: basicAuth + login: '{{ .Values.aafCreds.identity }}' + password: '{{ .Values.aafCreds.password }}' + passwordPolicy: required + - uid: &drSubCredsUID drsubcreds + type: basicAuth + login: '{{ .Values.drSubscriberCreds.username }}' + password: '{{ .Values.drSubscriberCreds.password }}' + passwordPolicy: required + +################################################################# +# InitContainer Images. +################################################################# +tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 +consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.1 + +################################################################# +# Application Configuration Defaults. +################################################################# +# Application Image +image: onap/org.onap.dcaegen2.services.pm-mapper:1.7.0 +pullPolicy: Always + +# Log directory where logging sidecar should look for log files +# if absent, no sidecar will be deployed +logDirectory: /var/log/ONAP/dcaegen2/services/pm-mapper + +# Directory where TLS certs should be stored +# if absent, no certs will be retrieved and stored +certDirectory: /opt/app/pm-mapper/etc/cert + +# TLS role -- set to true if microservice acts as server +# If true, an init container will retrieve a server cert +# and key from AAF and mount them in certDirectory. +tlsServer: true + +# Dependencies +readinessCheck: + wait_for: + containers: + - dcae-config-binding-service + - aaf-cm + - dmaap-bc + - dmaap-provisioning-job + - dcae-datafile-collector + +# Probe Configuration +readiness: + initialDelaySeconds: 10 + periodSeconds: 15 + timeoutSeconds: 1 + path: /healthcheck + scheme: HTTPS + port: 8443 + +# Service Configuration +service: + type: ClusterIP + name: dcae-pm-mapper + both_tls_and_plain: true + ports: + - name: https + port: 8443 + plain_port: 8081 + port_protocol: http + +# AAF Credentials +aafCreds: + identity: dcae@dcae.onap.org + password: demo123456! + +# Data Router Subscriber Credentials +drSubscriberCreds: + username: username + password: password + +credentials: +- name: AAF_IDENTITY + uid: *aafCredsUID + key: login +- name: AAF_PASSWORD + uid: *aafCredsUID + key: password +- name: DR_USERNAME + uid: *drSubCredsUID + key: login +- name: DR_PASSWORD + uid: *drSubCredsUID + key: password + +# Initial Application Configuration +applicationConfig: + enable_tls: true + enable_http: false + aaf_identity: ${AAF_IDENTITY} + aaf_password: ${AAF_PASSWORD} + pm-mapper-filter: "{ \"filters\":[] }" + key_store_path: /opt/app/pm-mapper/etc/cert/cert.jks + key_store_pass_path: /opt/app/pm-mapper/etc/cert/jks.pass + trust_store_path: /opt/app/pm-mapper/etc/cert/trust.jks + trust_store_pass_path: /opt/app/pm-mapper/etc/cert/trust.pass + dmaap_dr_delete_endpoint: https://dmaap-dr-node:8443/delete + streams_publishes: + dmaap_publisher: + type: message_router + dmaap_info: + client_id: ${MR_FILES_PUBLISHER_CLIENT_ID_0} + location: san-francisco + client_role: org.onap.dcae.pmPublisher + topic_url: http://message-router:3904/events/org.onap.dmaap.mr.PERFORMANCE_MEASUREMENTS + streams_subscribes: + dmaap_subscriber: + type: data_router + dmaap_info: + subscriber_id: ${DR_FILES_SUBSCRIBER_ID_0} + decompress: true + privileged: true + username: ${DR_USERNAME} + password: ${DR_PASSWORD} + location: san-francisco + delivery_url: https://dcae-pm-mapper:8443/delivery + +# DataRouter Feed Configuration +drFeedConfig: + - feedName: bulk_pm_feed + owner: dcaecm + feedVersion: 0.0 + asprClassification: unclassified + feedDescription: DFC Feed Creation + +# DataRouter Subscriber Configuration +drSubConfig: + - feedName: bulk_pm_feed + decompress: true + username: ${DR_USERNAME} + userpwd: ${DR_PASSWORD} + dcaeLocationName: loc00 + privilegedSubscriber: true + deliveryURL: https://dcae-pm-mapper:8443/delivery + +# MessageRouter Topic, Publisher Configuration +mrTopicsConfig: + - topicName: PERFORMANCE_MEASUREMENTS + topicDescription: PM Mapper publishes perf3gpp VES PM Events to authenticated MR topic + owner: dcaecm + tnxEnabled: false + clients: + - dcaeLocationName: san-francisco + clientRole: org.onap.dcae.pmPublisher + action: + - pub + - view + +# ConfigMap Configuration for Dr Feed, Subscriber, MR Topics +volumes: + - name: feeds-config + path: /opt/app/config/feeds + - name: drsub-config + path: /opt/app/config/dr_subs + - name: topics-config + path: /opt/app/config/topics + +# Resource Limit Flavor -By Default Using Small +flavor: small + +# Segregation for Different Environment (Small and Large) +resources: + small: + limits: + cpu: 1 + memory: 1Gi + requests: + cpu: 1 + memory: 1Gi + large: + limits: + cpu: 2 + memory: 2Gi + requests: + cpu: 2 + memory: 2Gi + unlimited: {} diff --git a/kubernetes/dcaegen2-services/components/dcae-pmsh/templates/job.yaml b/kubernetes/dcaegen2-services/components/dcae-pmsh/templates/job.yaml new file mode 100644 index 0000000000..177cc03347 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-pmsh/templates/job.yaml @@ -0,0 +1,19 @@ +{{/* +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2021 J. F. Lucas. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +*/}} +{{ include "dcaegen2-services-common.consulDeleteJob" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-pmsh/values.yaml b/kubernetes/dcaegen2-services/components/dcae-pmsh/values.yaml index 0e79e5e554..0efcf2eb3d 100644 --- a/kubernetes/dcaegen2-services/components/dcae-pmsh/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-pmsh/values.yaml @@ -50,7 +50,7 @@ secrets: # InitContainer Images. ################################################################# tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 -consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.0 +consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.1 ################################################################# # Application Configuration Defaults. diff --git a/kubernetes/dcaegen2-services/components/dcae-prh/templates/job.yaml b/kubernetes/dcaegen2-services/components/dcae-prh/templates/job.yaml new file mode 100644 index 0000000000..177cc03347 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-prh/templates/job.yaml @@ -0,0 +1,19 @@ +{{/* +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2021 J. F. Lucas. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +*/}} +{{ include "dcaegen2-services-common.consulDeleteJob" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-prh/values.yaml b/kubernetes/dcaegen2-services/components/dcae-prh/values.yaml index d1f3f2a84a..c7d4c1d82f 100644 --- a/kubernetes/dcaegen2-services/components/dcae-prh/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-prh/values.yaml @@ -33,13 +33,13 @@ filebeatConfig: # initContainer images. ################################################################# tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 -consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.0 +consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.1 ################################################################# # Application configuration defaults. ################################################################# # application image -image: onap/org.onap.dcaegen2.services.prh.prh-app-server:1.5.6 +image: onap/org.onap.dcaegen2.services.prh.prh-app-server:1.7.1 pullPolicy: Always # log directory where logging sidecar should look for log files @@ -108,17 +108,17 @@ applicationConfig: dmaap.dmaapConsumerConfiguration.timeoutMs: -1 dmaap.dmaapProducerConfiguration.dmaapContentType: "application/json" dmaap.dmaapUpdateProducerConfiguration.dmaapContentType: "application/json" - aai.aaiClientConfiguration.pnfUrl: https://aai.onap.svc.cluster.local:8443/aai/v12/network/pnfs/pnf - aai.aaiClientConfiguration.baseUrl: https://aai.onap.svc.cluster.local:8443/aai/v12 + aai.aaiClientConfiguration.pnfUrl: https://aai.onap.svc.cluster.local:8443/aai/v23/network/pnfs/pnf + aai.aaiClientConfiguration.baseUrl: https://aai.onap.svc.cluster.local:8443/aai/v23 aai.aaiClientConfiguration.aaiHost: aai.onap.svc.cluster.local aai.aaiClientConfiguration.aaiHostPortNumber: 8443 aai.aaiClientConfiguration.aaiProtocol: "https" aai.aaiClientConfiguration.aaiUserName: ${AAI_USER} aai.aaiClientConfiguration.aaiUserPassword: ${AAI_PASSWORD} aai.aaiClientConfiguration.aaiIgnoreSslCertificateErrors: true - aai.aaiClientConfiguration.aaiBasePath: "/aai/v12" + aai.aaiClientConfiguration.aaiBasePath: "/aai/v23" aai.aaiClientConfiguration.aaiPnfPath: "/network/pnfs/pnf" - aai.aaiClientConfiguration.aaiServiceInstancePath: "/business/customers/customer/${customer}/service-subscriptions/service-subscription/${serviceType}/service-instances/service-instance/${serviceInstanceId}" + aai.aaiClientConfiguration.aaiServiceInstancePath: "/business/customers/customer/{{customer}}/service-subscriptions/service-subscription/{{serviceType}}/service-instances/service-instance/{{serviceInstanceId}}" aai.aaiClientConfiguration.aaiHeaders: X-FromAppId: "prh" X-TransactionId: "9999" @@ -146,6 +146,9 @@ applicationConfig: dmaap_info: topic_url: http://message-router.onap.svc.cluster.local:3904/events/unauthenticated.VES_PNFREG_OUTPUT +applicationEnv: + CBS_CLIENT_CONFIG_PATH: '/app-config-input/application_config.yaml' + # Resource Limit flavor -By Default using small flavor: small # Segregation for Different environment (Small and Large) diff --git a/kubernetes/dcaegen2-services/components/dcae-restconf-collector/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-restconf-collector/Chart.yaml new file mode 100644 index 0000000000..f94f3cb70e --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-restconf-collector/Chart.yaml @@ -0,0 +1,22 @@ +# ================================ LICENSE_START ============================= +# ============================================================================ +# Copyright (c) 2021 AT&T Intellectual Property +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ================================= LICENSE_END ============================== + +apiVersion: v1 +appVersion: "Honolulu" +description: DCAE RESTConf Collector +name: dcae-restconf-collector +version: 8.0.0
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-restconf-collector/requirements.yaml b/kubernetes/dcaegen2-services/components/dcae-restconf-collector/requirements.yaml new file mode 100644 index 0000000000..c6804b76b4 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-restconf-collector/requirements.yaml @@ -0,0 +1,30 @@ +# ================================ LICENSE_START ============================= +# ============================================================================ +# Copyright (c) 2021 AT&T Intellectual Property. All rights reserved. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ================================= LICENSE_END ============================== + +dependencies: + - name: common + version: ~8.x-0 + repository: '@local' + - name: readinessCheck + version: ~8.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~8.x-0 + repository: '@local' + - name: dcaegen2-services-common + version: ~8.x-0 + repository: '@local'
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-restconf-collector/templates/configmap.yaml b/kubernetes/dcaegen2-services/components/dcae-restconf-collector/templates/configmap.yaml new file mode 100644 index 0000000000..a914446c99 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-restconf-collector/templates/configmap.yaml @@ -0,0 +1,19 @@ +{{/* +################################################################################ +# Copyright (c) 2021 AT&T Intellectual Property # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ +*/}} + +{{ include "dcaegen2-services-common.configMap" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-restconf-collector/templates/deployment.yaml b/kubernetes/dcaegen2-services/components/dcae-restconf-collector/templates/deployment.yaml new file mode 100644 index 0000000000..0ad66b62a9 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-restconf-collector/templates/deployment.yaml @@ -0,0 +1,19 @@ +{{/* +################################################################################ +# Copyright (c) 2021 AT&T Intellectual Property # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ +*/}} + +{{ include "dcaegen2-services-common.microserviceDeployment" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-restconf-collector/templates/job.yaml b/kubernetes/dcaegen2-services/components/dcae-restconf-collector/templates/job.yaml new file mode 100644 index 0000000000..177cc03347 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-restconf-collector/templates/job.yaml @@ -0,0 +1,19 @@ +{{/* +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2021 J. F. Lucas. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +*/}} +{{ include "dcaegen2-services-common.consulDeleteJob" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-restconf-collector/templates/secret.yaml b/kubernetes/dcaegen2-services/components/dcae-restconf-collector/templates/secret.yaml new file mode 100644 index 0000000000..6b70356ca9 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-restconf-collector/templates/secret.yaml @@ -0,0 +1,19 @@ +{{/* +################################################################################ +# Copyright (c) 2021 AT&T Intellectual Property # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ +*/}} + +{{ include "common.secretFast" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-restconf-collector/templates/service.yaml b/kubernetes/dcaegen2-services/components/dcae-restconf-collector/templates/service.yaml new file mode 100644 index 0000000000..cf11d2a0c5 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-restconf-collector/templates/service.yaml @@ -0,0 +1,19 @@ +{{/* +################################################################################ +# Copyright (c) 2021 AT&T Intellectual Property # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ +*/}} + +{{ include "common.service" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-restconf-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-restconf-collector/values.yaml new file mode 100644 index 0000000000..789a807d63 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-restconf-collector/values.yaml @@ -0,0 +1,161 @@ +# ================================ LICENSE_START ============================= +# ============================================================================ +# Copyright (c) 2021 AT&T Intellectual Property. All rights reserved. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ================================= LICENSE_END ============================== + +################################################################# +# Global Configuration Defaults. +################################################################# +global: + nodePortPrefix: 302 + nodePortPrefixExt: 304 + +################################################################# +# Filebeat Configuration Defaults. +################################################################# +filebeatConfig: + logstashServiceName: log-ls + logstashPort: 5044 + +################################################################# +# Secrets Configuration. +################################################################# +secrets: + - uid: &controllerCredsUID controllercreds + type: basicAuth + login: '{{ .Values.controllerCreds.username }}' + password: '{{ .Values.controllerCreds.password }}' + passwordPolicy: required + + +################################################################# +# InitContainer Images. +################################################################# +tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 +consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.1 + +################################################################# +# Application Configuration Defaults. +################################################################# +# Application Image +image: onap/org.onap.dcaegen2.collectors.restconfcollector:1.2.5 +pullPolicy: Always + +# Log directory where logging sidecar should look for log files +# if absent, no sidecar will be deployed +# logDirectory: /opt/app/restconfcollector/logs + +# Directory where TLS certs should be stored +# if absent, no certs will be retrieved and stored +certDirectory: /opt/app/dcae-certificate + +# TLS role -- set to true if microservice acts as server +# If true, an init container will retrieve a server cert +# and key from AAF and mount them in certDirectory. +tlsServer: true + +# Dependencies +readinessCheck: + wait_for: + - dcae-config-binding-service + - aaf-cm + +# Probe Configuration +readiness: + initialDelaySeconds: 100 + periodSeconds: 60 + timeoutSeconds: 5 + path: /healthcheck + scheme: HTTP + port: 8080 + + +# service configuration +service: + type: NodePort + name: dcae-restconf-collector + ports: + - name: http + port: 8443 + plain_port: 8080 + port_protocol: http + nodePort: 16 + useNodePortExt: true + +# AAF Credentials +controllerCreds: + username: access + password: Huawei@123 + +credentials: +- name: CONTROLLER_USERNAME + uid: *controllerCredsUID + key: login +- name: CONTROLLER_PASSWORD + uid: *controllerCredsUID + key: password + +# Initial Application Configuration +applicationConfig: + collector.rcc.appDescription: DCAE RestConf Collector Application + collector.rcc.appName: dcae-rcc + collector.rcc.dmaap.streamid: notification=device-registration + collector.rcc.inputQueue.maxPending: '8096' + tomcat.maxthreads: '200' + collector.rcc.service.port: '8080' + collector.rcc.service.secure.port: '8687' + collector.rcc.keystore.file.location: /opt/app/dcae-certificate/cert.jks + collector.rcc.keystore.passwordfile: /opt/app/dcae-certificate/jks.pass + collector.rcc.keystore.alias: dynamically generated + collector.rcc.truststore.file.location: /opt/app/dcae-certificate/trust.jks + collector.rcc.truststore.passwordfile: /opt/app/dcae-certificate/trust.pass + #collector.keystore.file.location: /opt/app/dcae-certificate/external/cert.jks + #collector.keystore.passwordfile: /opt/app/dcae-certificate/external/jks.pass + collector.header.authflag: '0' + collector.header.authlist: sample1,c2FtcGxlMQ== + collector.rcc.service.secure.clientauth: '0' + streams_publishes: + device-registration: + dmaap_info: + topic_url: http://message-router:3904/events/unauthenticated.DCAE_RCC_OUTPUT + type: message_router + #rcc_policy: '[{"controller_name":"AccessM&C","controller_restapiUrl":"${CONTROLLER_IP}:{CONTROLLER_PORT}","controller_restapiUser":"${CONTROLLER_USERNAME}","controller_restapiPassword":"${CONTROLLER_PASSWORD}","controller_accessTokenUrl":"/rest/plat/smapp/v1/oauth/token","controller_accessTokenFile":"./etc/access-token.json","controller_accessTokenMethod":"put","controller_subsMethod":"post","controller_subscriptionUrl":"/restconf/v1/operations/huawei-nce-notification-action:establish-subscription","controller_disableSsl":"true","event_details":[{"event_name":"ONT_registration","event_description":"ONTregistartionevent","event_sseventUrlEmbed":"true","event_sseventsField":"output.url","event_sseventsUrl":"null","event_subscriptionTemplate":"./etc/ont_registartion_subscription_template.json","event_unSubscriptionTemplate":"./etc/ont_registartion_unsubscription_template.json","event_ruleId":"12345678","modifyData":"true","modifyMethod": "modifyOntEvent","userData": "remote_id=AC9.0234.0337;svlan=100;cvlan=10;"}]}]' + rcc_policy: '[{"controller_name":"AccessM&C","controller_restapiUrl":"172.30.0.55:26335","controller_restapiUser":"${CONTROLLER_USERNAME}","controller_restapiPassword":"${CONTROLLER_PASSWORD}","controller_accessTokenUrl":"/rest/plat/smapp/v1/oauth/token","controller_accessTokenFile":"./etc/access-token.json","controller_accessTokenMethod":"put","controller_subsMethod":"post","controller_subscriptionUrl":"/restconf/v1/operations/huawei-nce-notification-action:establish-subscription","controller_disableSsl":"true","event_details":[{"event_name":"ONT_registration","event_description":"ONTregistartionevent","event_sseventUrlEmbed":"true","event_sseventsField":"output.url","event_sseventsUrl":"null","event_subscriptionTemplate":"./etc/ont_registartion_subscription_template.json","event_unSubscriptionTemplate":"./etc/ont_registartion_unsubscription_template.json","event_ruleId":"12345678","modifyData":"true","modifyMethod": "modifyOntEvent","userData": "remote_id=AC9.0234.0337;svlan=100;cvlan=10;"}]}]' + +#applicationEnv: +# CONTROLLER_IP: "172.30.0.55" +# CONTROLLER_PORT: "26335" + + +# Resource Limit Flavor -By Default Using Small +flavor: small + +# Segregation for Different Environment (Small and Large) +resources: + small: + limits: + cpu: 1 + memory: 1Gi + requests: + cpu: 1 + memory: 1Gi + large: + limits: + cpu: 2 + memory: 2Gi + requests: + cpu: 2 + memory: 2Gi + unlimited: {} diff --git a/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/templates/job.yaml b/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/templates/job.yaml new file mode 100644 index 0000000000..177cc03347 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/templates/job.yaml @@ -0,0 +1,19 @@ +{{/* +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2021 J. F. Lucas. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +*/}} +{{ include "dcaegen2-services-common.consulDeleteJob" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml b/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml index 6790541bd9..35d108d000 100644 --- a/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml @@ -50,7 +50,7 @@ secrets: # InitContainer Images. ################################################################# tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 -consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.0 +consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.1 ################################################################# # Application Configuration Defaults. diff --git a/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/Chart.yaml new file mode 100644 index 0000000000..23020db593 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/Chart.yaml @@ -0,0 +1,22 @@ +# ================================ LICENSE_START ============================= +# ============================================================================ +# Copyright (c) 2021 AT&T Intellectual Property +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ================================= LICENSE_END ============================== + +apiVersion: v1 +appVersion: "Honolulu" +description: DCAE SNMPTrap Collector +name: dcae-snmptrap-collector +version: 8.0.0
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/requirements.yaml b/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/requirements.yaml new file mode 100644 index 0000000000..c6804b76b4 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/requirements.yaml @@ -0,0 +1,30 @@ +# ================================ LICENSE_START ============================= +# ============================================================================ +# Copyright (c) 2021 AT&T Intellectual Property. All rights reserved. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ================================= LICENSE_END ============================== + +dependencies: + - name: common + version: ~8.x-0 + repository: '@local' + - name: readinessCheck + version: ~8.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~8.x-0 + repository: '@local' + - name: dcaegen2-services-common + version: ~8.x-0 + repository: '@local'
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/templates/configmap.yaml b/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/templates/configmap.yaml new file mode 100644 index 0000000000..a914446c99 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/templates/configmap.yaml @@ -0,0 +1,19 @@ +{{/* +################################################################################ +# Copyright (c) 2021 AT&T Intellectual Property # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ +*/}} + +{{ include "dcaegen2-services-common.configMap" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/templates/deployment.yaml b/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/templates/deployment.yaml new file mode 100644 index 0000000000..0ad66b62a9 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/templates/deployment.yaml @@ -0,0 +1,19 @@ +{{/* +################################################################################ +# Copyright (c) 2021 AT&T Intellectual Property # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ +*/}} + +{{ include "dcaegen2-services-common.microserviceDeployment" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/templates/job.yaml b/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/templates/job.yaml new file mode 100644 index 0000000000..177cc03347 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/templates/job.yaml @@ -0,0 +1,19 @@ +{{/* +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2021 J. F. Lucas. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +*/}} +{{ include "dcaegen2-services-common.consulDeleteJob" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/templates/secret.yaml b/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/templates/secret.yaml new file mode 100644 index 0000000000..6b70356ca9 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/templates/secret.yaml @@ -0,0 +1,19 @@ +{{/* +################################################################################ +# Copyright (c) 2021 AT&T Intellectual Property # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ +*/}} + +{{ include "common.secretFast" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/templates/service.yaml b/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/templates/service.yaml new file mode 100644 index 0000000000..cf11d2a0c5 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/templates/service.yaml @@ -0,0 +1,19 @@ +{{/* +################################################################################ +# Copyright (c) 2021 AT&T Intellectual Property # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ +*/}} + +{{ include "common.service" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/values.yaml new file mode 100644 index 0000000000..60295b972a --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/values.yaml @@ -0,0 +1,147 @@ +# ================================ LICENSE_START ============================= +# ============================================================================ +# Copyright (c) 2021 AT&T Intellectual Property. All rights reserved. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ================================= LICENSE_END ============================== + +################################################################# +# Global Configuration Defaults. +################################################################# +global: + nodePortPrefix: 302 + nodePortPrefixExt: 304 + +################################################################# +# Filebeat Configuration Defaults. +################################################################# +filebeatConfig: + logstashServiceName: log-ls + logstashPort: 5044 + + +################################################################# +# InitContainer Images. +################################################################# +tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 +consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.1 + +################################################################# +# Application Configuration Defaults. +################################################################# +# Application Image +image: onap/org.onap.dcaegen2.collectors.snmptrap:2.0.5 +pullPolicy: Always + +# Log directory where logging sidecar should look for log files +# if absent, no sidecar will be deployed +logDirectory: /opt/app/snmptrap/logs + + +# TLS role -- set to true if microservice acts as server +# If true, an init container will retrieve a server cert +# and key from AAF and mount them in certDirectory. +tlsServer: true + +# Dependencies +readinessCheck: + wait_for: + - dcae-config-binding-service + +# Probe Configuration +readiness: + type: exec + command: + - /opt/app/snmptrap/bin/snmptrapd.sh + - status + +# service configuration +service: + type: NodePort + name: dcae-snmptrap-collector + ports: + - name: udp + port: 6162 + l4_protocol: UDP # default to TCP if not set + port_protocol: udp #used in svn name + nodePort: 70 + useNodePortExt: true + +# Initial Application Configuration +applicationConfig: + StormWatchPolicy: '' + cache: + dns_cache_ttl_seconds: 60 + services_calls: {} + snmptrapd: + version: '2.0.4' + title: ONAP SNMP Trap Receiver + sw_interval_in_seconds: 60 + streams_publishes: + sec_fault_unsecure: + dmaap_info: + topic_url: http://message-router:3904/events/unauthenticated.ONAP-COLLECTOR-SNMPTRAP + type: message_router + aaf_password: null + aaf_username: null + files: + runtime_base_dir: "/opt/app/snmptrap" + log_dir: logs + data_dir: data + pid_dir: tmp + arriving_traps_log: snmptrapd_arriving_traps.log + snmptrapd_diag: snmptrapd_prog_diag.log + traps_stats_log: snmptrapd_stats.csv + perm_status_file: snmptrapd_status.log + eelf_base_dir: "/opt/app/snmptrap/logs" + eelf_error: error.log + eelf_debug: debug.log + eelf_audit: audit.log + eelf_metrics: metrics.log + roll_frequency: hour + minimum_severity_to_log: 3 + protocols: + transport: udp + ipv4_interface: 0.0.0.0 + ipv4_port: 6162 + ipv6_interface: "::1" + ipv6_port: 6162 + publisher: + http_milliseconds_timeout: 1500 + http_retries: 3 + http_milliseconds_between_retries: 750 + http_primary_publisher: 'true' + http_peer_publisher: unavailable + max_traps_between_publishes: 10 + max_milliseconds_between_publishes: 10000 + +# Resource Limit Flavor -By Default Using Small +flavor: small + +# Segregation for Different Environment (Small and Large) +resources: + small: + limits: + cpu: 1 + memory: 1Gi + requests: + cpu: 1 + memory: 1Gi + large: + limits: + cpu: 2 + memory: 2Gi + requests: + cpu: 2 + memory: 2Gi + unlimited: {} diff --git a/kubernetes/dcaegen2-services/components/dcae-son-handler/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-son-handler/Chart.yaml new file mode 100644 index 0000000000..f57b63ac86 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-son-handler/Chart.yaml @@ -0,0 +1,22 @@ +# ============= LICENSE_START ================================================ +# ============================================================================ +# Copyright (C) 2021 Wipro Limited. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============= LICENSE_END ================================================== + +apiVersion: v1 +appVersion: "Honolulu" +description: DCAE Son-handler helm chart +name: dcae-son-handler +version: 8.0.0 diff --git a/kubernetes/dcaegen2-services/components/dcae-son-handler/requirements.yaml b/kubernetes/dcaegen2-services/components/dcae-son-handler/requirements.yaml new file mode 100644 index 0000000000..3f52d6fce8 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-son-handler/requirements.yaml @@ -0,0 +1,33 @@ +# ============= LICENSE_START ================================================ +# ============================================================================ +# Copyright (C) 2021 Wipro Limited. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============= LICENSE_END ================================================== + +dependencies: + - name: common + version: ~8.x-0 + repository: '@local' + - name: postgres + version: ~8.x-0 + repository: '@local' + - name: readinessCheck + version: ~8.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~8.x-0 + repository: '@local' + - name: dcaegen2-services-common + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/dcaegen2-services/components/dcae-son-handler/templates/configmap.yaml b/kubernetes/dcaegen2-services/components/dcae-son-handler/templates/configmap.yaml new file mode 100644 index 0000000000..48a203963e --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-son-handler/templates/configmap.yaml @@ -0,0 +1,20 @@ +{{/* +# ============= LICENSE_START ================================================ +# ============================================================================ +# Copyright (C) 2021 Wipro Limited. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============= LICENSE_END ================================================== +*/}} + +{{ include "dcaegen2-services-common.configMap" . }} diff --git a/kubernetes/dcaegen2-services/components/dcae-son-handler/templates/deployment.yaml b/kubernetes/dcaegen2-services/components/dcae-son-handler/templates/deployment.yaml new file mode 100644 index 0000000000..c8cd4d40e5 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-son-handler/templates/deployment.yaml @@ -0,0 +1,20 @@ +{{/* +# ============= LICENSE_START ================================================ +# ============================================================================ +# Copyright (C) 2021 Wipro Limited. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============= LICENSE_END ================================================== +*/}} + +{{ include "dcaegen2-services-common.microserviceDeployment" . }} diff --git a/kubernetes/dcaegen2-services/components/dcae-son-handler/templates/job.yaml b/kubernetes/dcaegen2-services/components/dcae-son-handler/templates/job.yaml new file mode 100644 index 0000000000..177cc03347 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-son-handler/templates/job.yaml @@ -0,0 +1,19 @@ +{{/* +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2021 J. F. Lucas. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +*/}} +{{ include "dcaegen2-services-common.consulDeleteJob" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-son-handler/templates/secret.yaml b/kubernetes/dcaegen2-services/components/dcae-son-handler/templates/secret.yaml new file mode 100644 index 0000000000..26b7b5dbdd --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-son-handler/templates/secret.yaml @@ -0,0 +1,20 @@ +{{/* +# ============= LICENSE_START ================================================ +# ============================================================================ +# Copyright (C) 2021 Wipro Limited. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============= LICENSE_END ================================================== +*/}} + +{{ include "common.secretFast" . }} diff --git a/kubernetes/esr/components/esr-gui/requirements.yaml b/kubernetes/dcaegen2-services/components/dcae-son-handler/templates/service.yaml index 343812db25..41133e5abc 100644 --- a/kubernetes/esr/components/esr-gui/requirements.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-son-handler/templates/service.yaml @@ -1,25 +1,20 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T -# +{{/* +# ============= LICENSE_START ================================================ +# ============================================================================ +# Copyright (C) 2021 Wipro Limited. +# ============================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # -# http://www.apache.org/licenses/LICENSE-2.0 +# http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +# ============= LICENSE_END ================================================== +*/}} -dependencies: - - name: common - version: ~8.x-0 - # local reference to common chart, as it is - # a part of this chart's package and will not - # be published independently to a repo (at this point) - repository: '@local' - - name: repositoryGenerator - version: ~8.x-0 - repository: '@local' +{{ include "common.service" . }} diff --git a/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml b/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml new file mode 100644 index 0000000000..31c6b46e95 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml @@ -0,0 +1,244 @@ +# ============= LICENSE_START ================================================ +# ============================================================================ +# Copyright (C) 2021 Wipro Limited. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============= LICENSE_END ================================================== + +################################################################# +# Global Configuration Defaults. +################################################################# +global: + nodePortPrefix: 302 + nodePortPrefixExt: 304 + +################################################################# +# Filebeat Configuration Defaults. +################################################################# +filebeatConfig: + logstashServiceName: log-ls + logstashPort: 5044 + +################################################################# +# Secrets Configuration. +################################################################# +secrets: + - uid: &aafCredsUID aafcreds + type: basicAuth + login: '{{ .Values.aafCreds.identity }}' + password: '{{ .Values.aafCreds.password }}' + passwordPolicy: required + - uid: &pgUserCredsSecretUid pg-user-creds + name: &pgUserCredsSecretName '{{ include "common.release" . }}-sonhms-pg-user-creds' + type: basicAuth + externalSecret: '{{ ternary "" (tpl (default "" .Values.postgres.config.pgUserExternalSecret) .) (hasSuffix "sonhms-pg-user-creds" .Values.postgres.config.pgUserExternalSecret) }}' + login: '{{ .Values.postgres.config.pgUserName }}' + password: '{{ .Values.postgres.config.pgUserPassword }}' + passwordPolicy: generate + +################################################################# +# InitContainer Images. +################################################################# +tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 +consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.1 + +################################################################# +# Application Configuration Defaults. +################################################################# +# Application Image +image: onap/org.onap.dcaegen2.services.son-handler:2.1.3 +pullPolicy: Always + +# Log directory where logging sidecar should look for log files +# if absent, no sidecar will be deployed +logDirectory: /var/log/ONAP/dcaegen2/services/sonhms + +# Directory where TLS certs should be stored +# if absent, no certs will be retrieved and stored +certDirectory: /opt/app/sonhms/etc/certs + +# TLS role -- set to true if microservice acts as server +# If true, an init container will retrieve a server cert +# and key from AAF and mount them in certDirectory. +tlsServer: true + +# Policy configuraiton properties +# if present, policy-sync side car will be deployed +dcaePolicySyncImage: onap/org.onap.dcaegen2.deployments.dcae-services-policy-sync:1.0.1 +policies: + policyID: | + '["com.Config_PCIMS_CONFIG_POLICY"]' + +# Dependencies +readinessCheck: + wait_for: + - dcae-config-binding-service + - aaf-cm + - &postgresName dcae-sonhms-postgres + +# Probe Configuration +readiness: + initialDelaySeconds: 10 + periodSeconds: 15 + timeoutSeconds: 1 + path: /healthcheck + scheme: HTTPS + port: 8080 + +# Service Configuration +service: + type: ClusterIP + name: dcae-son-handler + ports: + - name: https + port: 8080 + port_protocol: http + +# AAF Credentials +aafCreds: + identity: dcae@dcae.onap.org + password: demo123456! + +credentials: +- name: AAF_IDENTITY + uid: *aafCredsUID + key: login +- name: AAF_PASSWORD + uid: *aafCredsUID + key: password +- name: PG_USERNAME + uid: *pgUserCredsSecretUid + key: login +- name: PG_PASSWORD + uid: *pgUserCredsSecretUid + key: password + + +# Initial Application Configuration +applicationConfig: + postgres.host: &dcaeSonhmsPgPrimary dcae-sonhms-pg-primary + postgres.port: 5432 + postgres.username: ${PG_USERNAME} + postgres.password: ${PG_PASSWORD} + sonhandler.pollingInterval: 20 + sonhandler.pollingTimeout: 60 + cbsPollingInterval: 60 + sonhandler.numSolutions: 5 + sonhandler.minCollision: 5 + sonhandler.minConfusion: 5 + sonhandler.maximumClusters: 5 + sonhandler.badThreshold: 50 + sonhandler.poorThreshold: 70 + sonhandler.namespace: onap + sonhandler.sourceId: SONHMS + sonhandler.dmaap.server: ["message-router"] + sonhandler.bufferTime: 60 + sonhandler.cg: sonhms-cg + sonhandler.cid: sonhms-cid + sonhandler.configDb.service: http://configdb:8080 + sonhandler.oof.service: https://oof-osdf:8698 + sonhandler.oof.endpoint: /api/oof/v1/pci + sonhandler.pciOptimizer: pci + sonhandler.pciAnrOptimizer: pci_anr + sonhandler.poorCountThreshold: 3 + sonhandler.badCountThreshold: 3 + sonhandler.oofTriggerCountTimer: 30 + sonhandler.oofTriggerCountThreshold: 5 + sonhandler.policyRespTimer: 10 + sonhandler.policyNegativeAckThreshold: 3 + sonhandler.policyFixedPciTimeInterval: 30000 + sonhandler.nfNamingCode: RansimAgent + streams_publishes: + CL_topic: + type: message-router + aaf_username: ${AAF_IDENTITY} + aaf_password: ${AAF_PASSWORD} + dmaap_info: + topic_url: https://message-router:3905/events/unauthenticated.DCAE_CL_OUTPUT + streams_subscribes: + performance_management_topic: + type: message-router + aaf_username: ${AAF_IDENTITY} + aaf_password: ${AAF_PASSWORD} + dmaap_info: + topic_url: https://message-router:3905/events/unauthenticated.VES_MEASUREMENT_OUTPUT + fault_management_topic: + type: message-router + aaf_username: ${AAF_IDENTITY} + aaf_password: ${AAF_PASSWORD} + dmaap_info: + topic_url: https://message-router:3905/events/unauthenticated.SEC_FAULT_OUTPUT + nbr_list_change_topic: + type: message-router + aaf_username: ${AAF_IDENTITY} + aaf_password: ${AAF_PASSWORD} + dmaap_info: + topic_url: https://message-router:3905/events/PCI-NOTIF-TOPIC-NGHBR-LIST-CHANGE-INFO + dcae_cl_response_topic: + type: message-router + aaf_username: ${AAF_IDENTITY} + aaf_password: ${AAF_PASSWORD} + dmaap_info: + topic_url: https://message-router:3905/events/DCAE_CL_RSP + service_calls: + sdnr-getpnfname: [] + sdnr-getpci: [] + sdnr-getnbrlist: [] + sdnr-getcelllist: [] + oof-req: [] + policy-req: [] + +applicationEnv: + STANDALONE: 'false' + +# Resource Limit Flavor -By Default Using Small +flavor: small + +# Segregation for Different Environment (Small and Large) +resources: + small: + limits: + cpu: 1 + memory: 1Gi + requests: + cpu: 1 + memory: 1Gi + large: + limits: + cpu: 2 + memory: 2Gi + requests: + cpu: 2 + memory: 2Gi + unlimited: {} + +################################################################# +# Application configuration Overriding Defaults in the Postgres. +################################################################# +postgres: + nameOverride: *postgresName + service: + name: *postgresName + name2: *dcaeSonhmsPgPrimary + name3: dcae-sonhms-pg-replica + container: + name: + primary: dcae-sonhms-pg-primary + replica: dcae-sonhms-pg-replica + persistence: + mountSubPath: sonhms/data + mountInitPath: sonhms + config: + pgUserName: sonhms + pgDatabase: sonhms + pgUserExternalSecret: *pgUserCredsSecretName diff --git a/kubernetes/dcaegen2-services/components/dcae-tcagen2/templates/job.yaml b/kubernetes/dcaegen2-services/components/dcae-tcagen2/templates/job.yaml new file mode 100644 index 0000000000..177cc03347 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-tcagen2/templates/job.yaml @@ -0,0 +1,19 @@ +{{/* +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2021 J. F. Lucas. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +*/}} +{{ include "dcaegen2-services-common.consulDeleteJob" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-tcagen2/values.yaml b/kubernetes/dcaegen2-services/components/dcae-tcagen2/values.yaml index f4516ed7e8..cceed6289c 100644 --- a/kubernetes/dcaegen2-services/components/dcae-tcagen2/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-tcagen2/values.yaml @@ -34,14 +34,14 @@ filebeatConfig: # initContainer images. ################################################################# tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 -consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.0 +consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.1 ################################################################# # Application configuration defaults. ################################################################# # application image -image: onap/org.onap.dcaegen2.analytics.tca-gen2.dcae-analytics-tca-web:1.3.0 +image: onap/org.onap.dcaegen2.analytics.tca-gen2.dcae-analytics-tca-web:1.3.1 pullPolicy: Always # log directory where logging sidecar should look for log files @@ -87,13 +87,13 @@ service: name: http # Policy configuraiton properties -# if present, policy-sync side car will be deployed - +# if enabled, policy-sync side car will be deployed #dcaePolicySyncImage: onap/org.onap.dcaegen2.deployments.dcae-services-policy-sync:1.0.1 #policies: # duration: 300 +# policyRelease: "onap" # policyID: | -# '["onap.vfirewall.tca","abc"]' +# '["onap.vfirewall.tca","onap.vdns.tca"]' # filter: | # '["DCAE.Config_vfirewall_.*"]' @@ -137,7 +137,7 @@ applicationConfig: tca.aai.generic_vnf_path: aai/v11/network/generic-vnfs/generic-vnf tca.aai.node_query_path: aai/v11/search/nodes-query tca.aai.password: ${AAI_PASSWORD} - tca.aai.url: http://aai + tca.aai.url: https://aai:8443 tca.aai.username: ${AAI_USERNAME} tca.policy: '{"domain":"measurementsForVfScaling","metricsPerEventName":[{"eventName":"vFirewallBroadcastPackets","controlLoopSchemaType":"VM","policyScope":"DCAE","policyName":"DCAE.Config_tca-hi-lo","policyVersion":"v0.0.1","thresholds":[{"closedLoopControlName":"ControlLoop-vFirewall-d0a1dfc6-94f5-4fd4-a5b5-4630b438850a","version":"1.0.2","fieldPath":"$.event.measurementsForVfScalingFields.vNicPerformanceArray[*].receivedTotalPacketsDelta","thresholdValue":300,"direction":"LESS_OR_EQUAL","severity":"MAJOR","closedLoopEventStatus":"ONSET"},{"closedLoopControlName":"ControlLoop-vFirewall-d0a1dfc6-94f5-4fd4-a5b5-4630b438850a","version":"1.0.2","fieldPath":"$.event.measurementsForVfScalingFields.vNicPerformanceArray[*].receivedTotalPacketsDelta","thresholdValue":700,"direction":"GREATER_OR_EQUAL","severity":"CRITICAL","closedLoopEventStatus":"ONSET"}]},{"eventName":"vLoadBalancer","controlLoopSchemaType":"VM","policyScope":"DCAE","policyName":"DCAE.Config_tca-hi-lo","policyVersion":"v0.0.1","thresholds":[{"closedLoopControlName":"ControlLoop-vDNS-6f37f56d-a87d-4b85-b6a9-cc953cf779b3","version":"1.0.2","fieldPath":"$.event.measurementsForVfScalingFields.vNicPerformanceArray[*].receivedTotalPacketsDelta","thresholdValue":300,"direction":"GREATER_OR_EQUAL","severity":"CRITICAL","closedLoopEventStatus":"ONSET"}]},{"eventName":"Measurement_vGMUX","controlLoopSchemaType":"VNF","policyScope":"DCAE","policyName":"DCAE.Config_tca-hi-lo","policyVersion":"v0.0.1","thresholds":[{"closedLoopControlName":"ControlLoop-vCPE-48f0c2c3-a172-4192-9ae3-052274181b6e","version":"1.0.2","fieldPath":"$.event.measurementsForVfScalingFields.additionalMeasurements[*].arrayOfFields[0].value","thresholdValue":0,"direction":"EQUAL","severity":"MAJOR","closedLoopEventStatus":"ABATED"},{"closedLoopControlName":"ControlLoop-vCPE-48f0c2c3-a172-4192-9ae3-052274181b6e","version":"1.0.2","fieldPath":"$.event.measurementsForVfScalingFields.additionalMeasurements[*].arrayOfFields[0].value","thresholdValue":0,"direction":"GREATER","severity":"CRITICAL","closedLoopEventStatus":"ONSET"}]}]}' tca.processing_batch_size: 10000 diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-collector/templates/job.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-collector/templates/job.yaml new file mode 100644 index 0000000000..177cc03347 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-ves-collector/templates/job.yaml @@ -0,0 +1,19 @@ +{{/* +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2021 J. F. Lucas. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +*/}} +{{ include "dcaegen2-services-common.consulDeleteJob" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml index 982d770595..bfea92aeb9 100644 --- a/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml @@ -34,14 +34,14 @@ filebeatConfig: # initContainer images. ################################################################# tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 -consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.0 -certPostProcessorImage: onap/org.onap.oom.platform.cert-service.oom-certservice-post-processor:2.3.3 +consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.1 +certPostProcessorImage: onap/org.onap.oom.platform.cert-service.oom-certservice-post-processor:2.4.0 ################################################################# # Application configuration defaults. ################################################################# # application image -image: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.9.2 +image: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.10.1 pullPolicy: Always # log directory where logging sidecar should look for log files @@ -104,6 +104,10 @@ service: nodePort: 17 useNodePortExt: true +# application environments +applicationEnv: + CBS_CLIENT_CONFIG_PATH: '/app-config-input/application_config.yaml' + # initial application configuration applicationConfig: collector.dmaap.streamid: fault=ves-fault|syslog=ves-syslog|heartbeat=ves-heartbeat|measurement=ves-measurement|measurementsForVfScaling=ves-measurement|mobileFlow=ves-mobileflow|other=ves-other|stateChange=ves-statechange|thresholdCrossingAlert=ves-thresholdCrossingAlert|voiceQuality=ves-voicequality|sipSignaling=ves-sipsignaling|notification=ves-notification|pnfRegistration=ves-pnfRegistration|3GPP-FaultSupervision=ves-3gpp-fault-supervision|3GPP-Heartbeat=ves-3gpp-heartbeat|3GPP-Provisioning=ves-3gpp-provisioning|3GPP-PerformanceAssurance=ves-3gpp-performance-assurance diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-mapper/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-mapper/Chart.yaml new file mode 100644 index 0000000000..2dc74674d5 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-ves-mapper/Chart.yaml @@ -0,0 +1,22 @@ +# ================================ LICENSE_START ============================= +# ============================================================================ +# Copyright (c) 2021 AT&T Intellectual Property +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ================================= LICENSE_END ============================== + +apiVersion: v1 +appVersion: "Honolulu" +description: DCAE VES-Mapper Microservice +name: dcae-ves-mapper +version: 8.0.0
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-mapper/requirements.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-mapper/requirements.yaml new file mode 100644 index 0000000000..c6804b76b4 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-ves-mapper/requirements.yaml @@ -0,0 +1,30 @@ +# ================================ LICENSE_START ============================= +# ============================================================================ +# Copyright (c) 2021 AT&T Intellectual Property. All rights reserved. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ================================= LICENSE_END ============================== + +dependencies: + - name: common + version: ~8.x-0 + repository: '@local' + - name: readinessCheck + version: ~8.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~8.x-0 + repository: '@local' + - name: dcaegen2-services-common + version: ~8.x-0 + repository: '@local'
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-mapper/templates/configmap.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-mapper/templates/configmap.yaml new file mode 100644 index 0000000000..a914446c99 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-ves-mapper/templates/configmap.yaml @@ -0,0 +1,19 @@ +{{/* +################################################################################ +# Copyright (c) 2021 AT&T Intellectual Property # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ +*/}} + +{{ include "dcaegen2-services-common.configMap" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-mapper/templates/deployment.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-mapper/templates/deployment.yaml new file mode 100644 index 0000000000..0ad66b62a9 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-ves-mapper/templates/deployment.yaml @@ -0,0 +1,19 @@ +{{/* +################################################################################ +# Copyright (c) 2021 AT&T Intellectual Property # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ +*/}} + +{{ include "dcaegen2-services-common.microserviceDeployment" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-mapper/templates/job.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-mapper/templates/job.yaml new file mode 100644 index 0000000000..177cc03347 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-ves-mapper/templates/job.yaml @@ -0,0 +1,19 @@ +{{/* +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2021 J. F. Lucas. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +*/}} +{{ include "dcaegen2-services-common.consulDeleteJob" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-mapper/templates/secret.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-mapper/templates/secret.yaml new file mode 100644 index 0000000000..6b70356ca9 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-ves-mapper/templates/secret.yaml @@ -0,0 +1,19 @@ +{{/* +################################################################################ +# Copyright (c) 2021 AT&T Intellectual Property # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ +*/}} + +{{ include "common.secretFast" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-mapper/templates/service.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-mapper/templates/service.yaml new file mode 100644 index 0000000000..cf11d2a0c5 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-ves-mapper/templates/service.yaml @@ -0,0 +1,19 @@ +{{/* +################################################################################ +# Copyright (c) 2021 AT&T Intellectual Property # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ +*/}} + +{{ include "common.service" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-mapper/values.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-mapper/values.yaml new file mode 100644 index 0000000000..7bde2e99fb --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-ves-mapper/values.yaml @@ -0,0 +1,191 @@ +# ================================ LICENSE_START ============================= +# ============================================================================ +# Copyright (c) 2021 AT&T Intellectual Property. All rights reserved. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ================================= LICENSE_END ============================== + +################################################################# +# Global Configuration Defaults. +################################################################# +global: + nodePortPrefix: 302 + nodePortPrefixExt: 304 + +################################################################# +# Filebeat Configuration Defaults. +################################################################# +filebeatConfig: + logstashServiceName: log-ls + logstashPort: 5044 + +################################################################# +# InitContainer Images. +################################################################# +tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 +consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.1 + +################################################################# +# Application Configuration Defaults. +################################################################# +# Application Image +image: onap/org.onap.dcaegen2.services.mapper.vesadapter.universalvesadaptor:1.3.0 +pullPolicy: Always + +# Log directory where logging sidecar should look for log files +# if absent, no sidecar will be deployed +logDirectory: /opt/app/VESAdapter/logs + +# Directory where TLS certs should be stored +# if absent, no certs will be retrieved and stored +#certDirectory: /opt/app/ves-mapper/etc/certs + +# TLS role -- set to true if microservice acts as server +# If true, an init container will retrieve a server cert +# and key from AAF and mount them in certDirectory. +#tlsServer: true + +# Dependencies +readinessCheck: + wait_for: + - dcae-config-binding-service + - aaf-cm + +# Service Configuration +service: + type: ClusterIP + name: dcae-ves-mapper + ports: + - name: http + port: 80 + port_protocol: http + + +# Initial Application Configuration +applicationConfig: + app_preferences: + collectors: + - identifier: notification-id + mapping-files: + - defaultMappingFile-rcc-notification: "<?xml version='1.0' encoding='UTF-8'?><smooks-resource-list + xmlns='http://www.milyn.org/xsd/smooks-1.1.xsd' xmlns:jb='http://www.milyn.org/xsd/smooks/javabean-1.4.xsd' + xmlns:json='http://www.milyn.org/xsd/smooks/json-1.1.xsd'><json:reader rootName='vesevent' + keyWhitspaceReplacement='-'><json:keyMap><json:key from='date&time' to='date-and-time' + /></json:keyMap></json:reader><jb:bean class='org.onap.dcaegen2.ves.domain.ves70.VesEvent' + beanId='vesEvent' createOnElement='vesevent'><jb:wiring property='event' beanIdRef='event' + /></jb:bean><jb:bean class='org.onap.dcaegen2.ves.domain.ves70.Event' beanId='event' + createOnElement='vesevent'><jb:wiring property='commonEventHeader' beanIdRef='commonEventHeader' + /><jb:wiring property='pnfRegistrationFields' beanIdRef='pnfRegistrationFields' + /></jb:bean><jb:bean class='org.onap.dcaegen2.ves.domain.ves70.CommonEventHeader' + beanId='commonEventHeader' createOnElement='vesevent'><jb:expression property='version'>org.onap.dcaegen2.ves.domain.ves70.CommonEventHeader.Version._4_0_1</jb:expression><jb:expression + property='eventType'>'pnfRegistration'</jb:expression><jb:expression property='vesEventListenerVersion'>org.onap.dcaegen2.ves.domain.ves70.CommonEventHeader.VesEventListenerVersion._7_0_1</jb:expression><jb:expression + property='eventId' execOnElement='vesevent'>'registration_'+commonEventHeader.ts1</jb:expression><jb:expression + property='reportingEntityName'>'VESMapper'</jb:expression><jb:expression property='domain'>org.onap.dcaegen2.ves.domain.ves70.CommonEventHeader.Domain.PNF_REGISTRATION</jb:expression><jb:expression + property='eventName' execOnElement='vesevent'>commonEventHeader.domain</jb:expression><jb:value + property='sequence' data='0' default='0' decoder='Long' /><jb:expression property='lastEpochMicrosec' + execOnElement='vesevent'>commonEventHeader.ts1</jb:expression><jb:expression + property='startEpochMicrosec' execOnElement='vesevent'>commonEventHeader.ts1</jb:expression><jb:expression + property='priority'>org.onap.dcaegen2.ves.domain.ves70.CommonEventHeader.Priority.NORMAL</jb:expression><jb:expression + property='sourceName' execOnElement='vesevent'>pnfRegistrationFields.vendorName+'-'+pnfRegistrationFields.serialNumber</jb:expression></jb:bean><jb:bean + class='org.onap.dcaegen2.ves.domain.ves70.PnfRegistrationFields' beanId='pnfRegistrationFields' + createOnElement='vesevent'><jb:expression property='pnfRegistrationFieldsVersion'>org.onap.dcaegen2.ves.domain.ves70.PnfRegistrationFields.PnfRegistrationFieldsVersion._2_0</jb:expression><jb:value + property='serialNumber' data='pnfRegistration/serialNumber' /><jb:value property='lastServiceDate' + data='pnfRegistration/lastServiceDate' /><jb:value property='manufactureDate' + data='pnfRegistration/manufactureDate' /><jb:value property='modelNumber' + data='pnfRegistration/modelNumber' /><jb:value property='oamV4IpAddress' data='pnfRegistration/oamV4IpAddress' + /><jb:value property='oamV6IpAddress' data='pnfRegistration/oamV6IpAddress' + /><jb:value property='softwareVersion' data='pnfRegistration/softwareVersion' + /><jb:value property='unitFamily' data='pnfRegistration/unitFamily' /><jb:value + property='unitType' data='pnfRegistration/unitType' /><jb:value property='vendorName' + data='pnfRegistration/vendorName' /><jb:wiring property='additionalFields' + beanIdRef='alarmAdditionalInformation' /></jb:bean><jb:bean class='org.onap.dcaegen2.ves.domain.ves70.AlarmAdditionalInformation' + beanId='alarmAdditionalInformation' createOnElement='vesevent'><jb:wiring + property='additionalProperties' beanIdRef='additionalFields2' /></jb:bean><jb:bean + beanId='additionalFields2' class='java.util.HashMap' createOnElement='vesevent/pnfRegistration/additionalFields'><jb:value + data='pnfRegistration/additionalFields/*'/></jb:bean></smooks-resource-list>" + stream_publisher: ves-pnfRegistration + stream_subscriber: rcc-notification + - identifier: notify OID + mapping-files: + - defaultMappingFile-snmp-notification: "<?xml version='1.0' encoding='UTF-8'?><smooks-resource-list + xmlns='http://www.milyn.org/xsd/smooks-1.1.xsd' xmlns:jb='http://www.milyn.org/xsd/smooks/javabean-1.4.xsd' + xmlns:json='http://www.milyn.org/xsd/smooks/json-1.1.xsd'><json:reader rootName='vesevent' + keyWhitspaceReplacement='-'><json:keyMap><json:key from='date&time' to='date-and-time' + /></json:keyMap></json:reader><jb:bean class='org.onap.dcaegen2.ves.domain.ves54.VesEvent' + beanId='vesEvent' createOnElement='vesevent'><jb:wiring property='event' beanIdRef='event' + /></jb:bean><jb:bean class='org.onap.dcaegen2.ves.domain.ves54.Event' beanId='event' + createOnElement='vesevent'><jb:wiring property='commonEventHeader' beanIdRef='commonEventHeader' + /><jb:wiring property='faultFields' beanIdRef='faultFields' /></jb:bean><jb:bean + class='org.onap.dcaegen2.ves.domain.ves54.CommonEventHeader' beanId='commonEventHeader' + createOnElement='vesevent'><jb:expression property='version'>'3.0'</jb:expression><jb:expression + property='eventType'>'FaultField'</jb:expression><jb:expression property='eventId' + execOnElement='vesevent'>'XXXX'</jb:expression><jb:expression property='reportingEntityName'>'VESMapper'</jb:expression><jb:expression + property='domain'>org.onap.dcaegen2.ves.domain.ves54.CommonEventHeader.Domain.FAULT</jb:expression><jb:expression + property='eventName' execOnElement='vesevent'>commonEventHeader.domain</jb:expression><jb:value + property='sequence' data='0' default='0' decoder='Long' /><jb:value property='lastEpochMicrosec' + data='#/time-received' /><jb:value property='startEpochMicrosec' data='#/time-received' + /><jb:expression property='priority'>org.onap.dcaegen2.ves.domain.ves54.CommonEventHeader.Priority.NORMAL</jb:expression><jb:expression + property='sourceName'>'VesAdapter'</jb:expression></jb:bean><jb:bean class='org.onap.dcaegen2.ves.domain.ves54.FaultFields' + beanId='faultFields' createOnElement='vesevent'><jb:value property='faultFieldsVersion' + data='2.0' default='2.0' decoder='Double' /><jb:value property='alarmCondition' + data='#/trap-category' /><jb:expression property='specificProblem'>'SNMP Fault'</jb:expression><jb:expression + property='vfStatus'>org.onap.dcaegen2.ves.domain.ves54.FaultFields.VfStatus.ACTIVE</jb:expression><jb:expression + property='eventSeverity'>org.onap.dcaegen2.ves.domain.ves54.FaultFields.EventSeverity.MINOR</jb:expression><jb:wiring + property='alarmAdditionalInformation' beanIdRef='alarmAdditionalInformationroot' + /></jb:bean><jb:bean class='java.util.ArrayList' beanId='alarmAdditionalInformationroot' + createOnElement='vesevent'><jb:wiring beanIdRef='alarmAdditionalInformation' + /></jb:bean><jb:bean class='org.onap.dcaegen2.ves.domain.ves54.AlarmAdditionalInformation' + beanId='alarmAdditionalInformation' createOnElement='varbinds/element'><jb:value + property='name' data='#/varbind_oid' /><jb:value property='value' data='#/varbind_value' + /></jb:bean></smooks-resource-list>" + stream_publisher: ves-fault + stream_subscriber: snmp-notification + streams_publishes: + ves-fault: + dmaap_info: + topic_url: http://message-router:3904/events/unauthenticated.SEC_FAULT_OUTPUT + type: message_router + ves-pnfRegistration: + dmaap_info: + topic_url: http://message-router:3904/events/unauthenticated.VES_PNFREG_OUTPUT + type: message_router + streams_subscribes: + rcc-notification: + dmaap_info: + topic_url: http://message-router:3904/events/unauthenticated.DCAE_RCC_OUTPUT + type: message_router + snmp-notification: + dmaap_info: + topic_url: http://message-router:3904/events/unauthenticated.ONAP-COLLECTOR-SNMPTRAP + type: message_router + +# Resource Limit Flavor -By Default Using Small +flavor: small + +# Segregation for Different Environment (Small and Large) +resources: + small: + limits: + cpu: 1 + memory: 1Gi + requests: + cpu: 1 + memory: 1Gi + large: + limits: + cpu: 2 + memory: 2Gi + requests: + cpu: 2 + memory: 2Gi + unlimited: {} diff --git a/kubernetes/dcaegen2-services/requirements.yaml b/kubernetes/dcaegen2-services/requirements.yaml index e59fe98205..51368b686c 100644 --- a/kubernetes/dcaegen2-services/requirements.yaml +++ b/kubernetes/dcaegen2-services/requirements.yaml @@ -1,5 +1,6 @@ # Copyright (c) 2021 J. F. Lucas. All rights reserved. # Copyright (c) 2021 AT&T. All rights reserved. +# Modifications Copyright (C) 2021 Nordix Foundation. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -17,38 +18,79 @@ dependencies: - name: common version: ~8.x-0 repository: '@local' + - name: dcae-bbs-eventprocessor-ms + version: ~8.x-0 + repository: '@local' + condition: dcae-bbs-eventprocessor-ms.enabled + - name: dcae-datafile-collector + version: ~8.x-0 + repository: '@local' + condition: dcae-datafile-collector.enabled + - name: dcae-datalake-admin-ui + version: ~8.x-0 + repository: '@local' + condition: dcae-datalake-admin-ui.enabled + - name: dcae-datalake-des + version: ~8.x-0 + repository: '@local' + condition: dcae-datalake-des.enabled + - name: dcae-datalake-feeder + version: ~8.x-0 + repository: '@local' + condition: dcae-datalake-feeder.enabled + - name: dcae-heartbeat + version: ~8.x-0 + repository: '@local' + condition: dcae-heartbeat.enabled + - name: dcae-hv-ves-collector + version: ~8.x-0 + repository: '@local' + condition: dcae-hv-ves-collector.enabled + - name: dcae-kpi-ms + version: ~8.x-0 + repository: '@local' + condition: dcae-kpi-ms.enabled - name: dcae-ms-healthcheck version: ~8.x-0 repository: '@local' - #repository: 'file://components/dcae-ms-healthcheck' condition: dcae-ms-healthcheck.enabled + - name: dcae-pm-mapper + version: ~8.x-0 + repository: '@local' + condition: dcae-pm-mapper.enabled - name: dcae-pmsh version: ~8.x-0 repository: '@local' - #repository: 'file://components/dcae-pmsh' condition: dcae-pmsh.enabled - name: dcae-prh version: ~8.x-0 repository: '@local' - #repository: 'file://components/dcae-prh' - condition: dcae-bootstrap.enabled + condition: dcae-prh.enabled + - name: dcae-restconf-collector + version: ~8.x-0 + repository: '@local' + condition: dcae-restconf-collector.enabled + - name: dcae-slice-analysis-ms + version: ~8.x-0 + repository: '@local' + condition: dcae-slice-analysis-ms.enabled + - name: dcae-snmptrap-collector + version: ~8.x-0 + repository: '@local' + condition: dcae-snmptrap-collector.enabled + - name: dcae-son-handler + version: ~8.x-0 + repository: '@local' + condition: dcae-son-handler.enabled - name: dcae-tcagen2 version: ~8.x-0 repository: '@local' - #repository: 'file://components/dcae-tcagen2' condition: dcae-tcagen2.enabled - name: dcae-ves-collector version: ~8.x-0 repository: '@local' - #repository: 'file://components/dcae-ves-collector' condition: dcae-ves-collector.enabled - - name: dcae-hv-ves-collector + - name: dcae-ves-mapper version: ~8.x-0 repository: '@local' - #repository: 'file://components/dcae-hv-ves-collector' - condition: dcae-hv-ves-collector.enabled - - name: dcae-slice-analysis-ms - version: ~8.x-0 - repository: '@local' - #repository: 'file://components/dcae-slice-analysis-ms' - condition: dcae-slice-analysis-ms.enabled + condition: dcae-ves-mapper.enabled diff --git a/kubernetes/dcaegen2-services/values.yaml b/kubernetes/dcaegen2-services/values.yaml index 50aa21741b..eb0b9cc34d 100644 --- a/kubernetes/dcaegen2-services/values.yaml +++ b/kubernetes/dcaegen2-services/values.yaml @@ -1,4 +1,6 @@ # Copyright (c) 2021 J. F. Lucas. All rights reserved. +# Copyright (c) 2021 AT&T. All rights reserved. +# Modifications Copyright (C) 2021 Nordix Foundation. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,17 +15,42 @@ # limitations under the License. # Control deployment of DCAE microservices at ONAP installation time -dcae-ms-healthcheck: - enabled: true + +dcae-bbs-eventprocessor-ms: + enabled: false +dcae-datafile-collector: + enabled: false +dcae-datalake-admin-ui: + enabled: false +dcae-datalake-des: + enabled: false +dcae-datalake-feeder: + enabled: false +dcae-heartbeat: + enabled: false dcae-hv-ves-collector: enabled: true +dcae-kpi-ms: + enabled: false +dcae-ms-healthcheck: + enabled: true +dcae-pm-mapper: + enabled: false dcae-pmsh: enabled: false dcae-prh: enabled: true +dcae-restconf-collector: + enabled: false +dcae-slice-analysis-ms: + enabled: false +dcae-snmptrap-collector: + enabled: false +dcae-son-handler: + enabled: false dcae-tcagen2: enabled: true dcae-ves-collector: enabled: true -dcae-slice-analysis-ms: +dcae-ves-mapper: enabled: false diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml index 0a97f9e0c0..3bb09f0330 100644 --- a/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml +++ b/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml @@ -24,7 +24,7 @@ global: nodePortPrefix: 302 nodePortPrefixExt: 304 tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 - consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.0 + consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.1 secrets: - uid: pg-root-pass @@ -104,16 +104,16 @@ mongo: disableNfsProvisioner: true # application image -image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:3.0.4 +image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:3.3.4 default_k8s_location: central # DCAE component images to be deployed via Cloudify Manager # Use to override default setting in blueprints componentImages: - tcagen2: onap/org.onap.dcaegen2.analytics.tca-gen2.dcae-analytics-tca-web:1.3.0 - ves: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.9.2 - prh: onap/org.onap.dcaegen2.services.prh.prh-app-server:1.5.6 - hv_ves: onap/org.onap.dcaegen2.collectors.hv-ves.hv-collector-main:1.8.0 + tcagen2: onap/org.onap.dcaegen2.analytics.tca-gen2.dcae-analytics-tca-web:1.3.1 + ves: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.10.1 + prh: onap/org.onap.dcaegen2.services.prh.prh-app-server:1.7.1 + hv_ves: onap/org.onap.dcaegen2.collectors.hv-ves.hv-collector-main:1.9.1 # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/dcaegen2/components/dcae-cloudify-manager/values.yaml b/kubernetes/dcaegen2/components/dcae-cloudify-manager/values.yaml index 313ac9b34d..e6567d9ac2 100644 --- a/kubernetes/dcaegen2/components/dcae-cloudify-manager/values.yaml +++ b/kubernetes/dcaegen2/components/dcae-cloudify-manager/values.yaml @@ -24,7 +24,7 @@ global: nodePortPrefix: 302 persistence: {} tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 - consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.0 + consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.1 repositoryCred: user: docker password: docker @@ -53,7 +53,7 @@ config: # Application configuration defaults. ################################################################# # application image -image: onap/org.onap.dcaegen2.deployments.cm-container:4.5.0 +image: onap/org.onap.dcaegen2.deployments.cm-container:4.6.1 pullPolicy: Always # name of shared ConfigMap with kubeconfig for multiple clusters diff --git a/kubernetes/dcaegen2/components/dcae-dashboard/values.yaml b/kubernetes/dcaegen2/components/dcae-dashboard/values.yaml index 83914d423c..6640f78e9a 100644 --- a/kubernetes/dcaegen2/components/dcae-dashboard/values.yaml +++ b/kubernetes/dcaegen2/components/dcae-dashboard/values.yaml @@ -53,7 +53,7 @@ config: # Application configuration defaults. ################################################################# # application image -image: onap/org.onap.ccsdk.dashboard.ccsdk-app-os:1.4.3 +image: onap/org.onap.ccsdk.dashboard.ccsdk-app-os:1.4.4 pullPolicy: Always # probe configuration parameters @@ -97,16 +97,16 @@ postgres: mountSubPath: dcae-dashboard/data mountInitPath: dcae-dashboard -# Resource Limit flavor -By Default using small +#Resource Limit flavor -By Default using small flavor: small -# Segregation for Different environment (Small and Large) +#Segregation for Different environment (Small and Large) resources: small: limits: - cpu: 4000m - memory: 4Gi + cpu: 2 + memory: 2Gi requests: - cpu: 1500m + cpu: 1 memory: 1Gi large: limits: diff --git a/kubernetes/dcaegen2/components/dcae-deployment-handler/values.yaml b/kubernetes/dcaegen2/components/dcae-deployment-handler/values.yaml index 7b9431c46d..fc4d07d39d 100644 --- a/kubernetes/dcaegen2/components/dcae-deployment-handler/values.yaml +++ b/kubernetes/dcaegen2/components/dcae-deployment-handler/values.yaml @@ -21,7 +21,7 @@ global: nodePortPrefix: 302 tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 - consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.0 + consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.1 secrets: - uid: 'cm-pass' diff --git a/kubernetes/dcaegen2/components/dcae-healthcheck/values.yaml b/kubernetes/dcaegen2/components/dcae-healthcheck/values.yaml index a083694767..221e579943 100644 --- a/kubernetes/dcaegen2/components/dcae-healthcheck/values.yaml +++ b/kubernetes/dcaegen2/components/dcae-healthcheck/values.yaml @@ -3,6 +3,7 @@ # Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # Modifications Copyright © 2018 Amdocs, Bell Canada # Modifications Copyright © 2020 Nokia +# Copyright (c) 2021 J. F. Lucas. All rights reserved. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -41,7 +42,7 @@ readiness: initialDelaySeconds: 10 periodSeconds: 10 # application image -image: onap/org.onap.dcaegen2.deployments.healthcheck-container:2.1.0 +image: onap/org.onap.dcaegen2.deployments.healthcheck-container:2.2.0 # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/dcaegen2/components/dcae-policy-handler/values.yaml b/kubernetes/dcaegen2/components/dcae-policy-handler/values.yaml index ba10394e11..8f6a1a7da9 100644 --- a/kubernetes/dcaegen2/components/dcae-policy-handler/values.yaml +++ b/kubernetes/dcaegen2/components/dcae-policy-handler/values.yaml @@ -1,6 +1,7 @@ #============LICENSE_START======================================================== # ================================================================================ # Copyright (c) 2019-2020 AT&T Intellectual Property. All rights reserved. +# Copyright (c) 2021 J. F. Lucas. All rights reserved. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -21,7 +22,7 @@ global: nodePortPrefix: 302 tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 - consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.0 + consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.1 secrets: - uid: 'cm-pass' type: password @@ -44,7 +45,7 @@ config: # Application configuration defaults. ################################################################# # application image -image: onap/org.onap.dcaegen2.platform.policy-handler:5.1.2 +image: onap/org.onap.dcaegen2.platform.policy-handler:5.1.3 pullPolicy: Always # probe configuration parameters diff --git a/kubernetes/dcaegen2/values.yaml b/kubernetes/dcaegen2/values.yaml index 340c159a2f..f82b410e1b 100644 --- a/kubernetes/dcaegen2/values.yaml +++ b/kubernetes/dcaegen2/values.yaml @@ -21,7 +21,7 @@ global: nodePortPrefix: 302 tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 - consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.0 + consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.1 ################################################################# # Secrets metaconfig diff --git a/kubernetes/dcaemod/components/dcaemod-healthcheck/values.yaml b/kubernetes/dcaemod/components/dcaemod-healthcheck/values.yaml index 3366b00f20..6a4fd542e7 100644 --- a/kubernetes/dcaemod/components/dcaemod-healthcheck/values.yaml +++ b/kubernetes/dcaemod/components/dcaemod-healthcheck/values.yaml @@ -2,6 +2,7 @@ #================================================================================= # Copyright (c) 2018-2020 AT&T Intellectual Property. All rights reserved. # Modifications Copyright © 2018 Amdocs, Bell Canada +# Copyright (c) 2021 J. F. Lucas. All rights reserved. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -41,7 +42,7 @@ readiness: initialDelaySeconds: 10 periodSeconds: 10 # application image -image: onap/org.onap.dcaegen2.deployments.healthcheck-container:2.1.0 +image: onap/org.onap.dcaegen2.deployments.healthcheck-container:2.2.0 # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml b/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml index 521fac06a2..22c4cdb3b2 100644 --- a/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml +++ b/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml @@ -35,8 +35,8 @@ config: importCloudify: https://www.getcloudify.org/spec/cloudify/4.5.5/types.yaml importK8S: plugin:k8splugin?version=>=3.5.1,<4.0.0 importPostgres: plugin:pgaas?version=1.3.0 - importClamp: plugin:clamppolicyplugin?version=1.1.0 - importDMaaP: plugin:dmaap?version=1.5.0 + importClamp: plugin:clamppolicyplugin?version=1.1.1 + importDMaaP: plugin:dmaap?version=>=1.5.1,<2.0.0 useDmaapPlugin: false bpResourcesCpuLimit: 250m bpResourcesMemoryLimit: 128Mi diff --git a/kubernetes/dmaap/components/dmaap-bc/requirements.yaml b/kubernetes/dmaap/components/dmaap-bc/requirements.yaml index 95f841632c..7c26bb83b1 100644 --- a/kubernetes/dmaap/components/dmaap-bc/requirements.yaml +++ b/kubernetes/dmaap/components/dmaap-bc/requirements.yaml @@ -26,3 +26,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/dmaap/components/dmaap-bc/resources/topics/PNF_READY.json b/kubernetes/dmaap/components/dmaap-bc/resources/topics/PNF_READY.json index 8f4cf8bd64..34197b948e 100644 --- a/kubernetes/dmaap/components/dmaap-bc/resources/topics/PNF_READY.json +++ b/kubernetes/dmaap/components/dmaap-bc/resources/topics/PNF_READY.json @@ -2,7 +2,7 @@ "topicName": "PNF_READY", "topicDescription": "This topic will be used to publish the PNF_READY events generated by the PNF REgistration Handler service in the DCAE platform.", "owner": "PNFRegistrationHandler", - "txenabled": false, + "tnxEnabled": false, "clients": [ { "dcaeLocationName": "san-francisco", diff --git a/kubernetes/dmaap/components/dmaap-bc/resources/topics/PNF_REGISTRATION.json b/kubernetes/dmaap/components/dmaap-bc/resources/topics/PNF_REGISTRATION.json index f0dd2c7829..e7325794a1 100644 --- a/kubernetes/dmaap/components/dmaap-bc/resources/topics/PNF_REGISTRATION.json +++ b/kubernetes/dmaap/components/dmaap-bc/resources/topics/PNF_REGISTRATION.json @@ -2,7 +2,7 @@ "topicName": "PNF_REGISTRATION", "topicDescription": "the VES collector will be publishing pnfRegistration events in this topic", "owner": "VEScollector", - "txenabled": false, + "tnxEnabled": false, "clients": [ { "dcaeLocationName": "san-francisco", diff --git a/kubernetes/dmaap/components/dmaap-bc/resources/topics/mirrormakeragent.json b/kubernetes/dmaap/components/dmaap-bc/resources/topics/mirrormakeragent.json index ff1a5732e2..fb2c54ed4b 100644 --- a/kubernetes/dmaap/components/dmaap-bc/resources/topics/mirrormakeragent.json +++ b/kubernetes/dmaap/components/dmaap-bc/resources/topics/mirrormakeragent.json @@ -3,7 +3,7 @@ "topicDescription": "the topic used to provision the MM agent whitelist", "replicationCase": "REPLICATION_NONE", "owner": "dmaap", - "txenabled": false, + "tnxEnabled": false, "partitionCount": "1", "clients": [ { diff --git a/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml b/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml index eaad403dc8..a0b6fdad8d 100644 --- a/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml +++ b/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml @@ -114,6 +114,7 @@ spec: {{- if .Values.affinity }} affinity: {{ toYaml .Values.affinity | nindent 10 }} {{- end }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }} - name: localtime hostPath: diff --git a/kubernetes/dmaap/components/dmaap-bc/values.yaml b/kubernetes/dmaap/components/dmaap-bc/values.yaml index bfd0f1ebd3..a3d42d2130 100644 --- a/kubernetes/dmaap/components/dmaap-bc/values.yaml +++ b/kubernetes/dmaap/components/dmaap-bc/values.yaml @@ -40,7 +40,7 @@ secrets: pullPolicy: Always # application images -image: onap/dmaap/dmaap-bc:2.0.5 +image: onap/dmaap/dmaap-bc:2.0.6 # application configuration @@ -163,3 +163,9 @@ resources: cpu: 2 memory: 2Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: dmaap-bc + roles: + - read diff --git a/kubernetes/dmaap/components/dmaap-dr-node/requirements.yaml b/kubernetes/dmaap/components/dmaap-dr-node/requirements.yaml index d96058de91..b7e9dceba7 100644 --- a/kubernetes/dmaap/components/dmaap-dr-node/requirements.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-node/requirements.yaml @@ -25,3 +25,9 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' + - name: certInitializer + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/dmaap/components/dmaap-dr-node/resources/config/node.properties b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/node.properties index 1d0015ed7f..20030a79c8 100644 --- a/kubernetes/dmaap/components/dmaap-dr-node/resources/config/node.properties +++ b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/node.properties @@ -103,4 +103,4 @@ AAFAction = publish CadiEnabled = false # # AAF Props file path -AAFPropsFilePath = {{ .Values.aafConfig.credsPath }}/org.onap.dmaap-dr.props +AAFPropsFilePath = {{ .Values.certInitializer.credsPath }}/org.onap.dmaap-dr.props diff --git a/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml b/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml index 40a4d7db93..90db648028 100644 --- a/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml @@ -23,7 +23,7 @@ spec: template: metadata: {{- include "common.templateMetadata" . | nindent 6 }} spec: - initContainers: + initContainers: {{ include "common.certInitializer.initContainer" . | nindent 8 }} - name: {{ include "common.name" . }}-readiness image: {{ include "repositoryGenerator.image.readiness" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} @@ -38,11 +38,10 @@ spec: fieldRef: apiVersion: v1 fieldPath: metadata.namespace - {{- if .Values.global.aafEnabled }}{{ include "common.aaf-config" . | nindent 8 }}{{ end }} - name: {{ include "common.name" . }}-permission-fixer image: {{ include "repositoryGenerator.image.busybox" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: {{- if .Values.global.aafEnabled }}{{ include "common.aaf-config-volume-mountpath" . | nindent 10 }}{{ end }} + volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }} - mountPath: {{ .Values.persistence.spool.path }} name: {{ include "common.fullname" . }}-spool - mountPath: {{ .Values.persistence.event.path }} @@ -65,7 +64,7 @@ spec: port: {{.Values.readiness.port}} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} - volumeMounts: {{- if .Values.global.aafEnabled }}{{ include "common.aaf-config-volume-mountpath" . | nindent 10 }}{{ end }} + volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }} - mountPath: {{ .Values.persistence.spool.path }} name: {{ include "common.fullname" . }}-spool - mountPath: {{ .Values.persistence.event.path }} @@ -102,7 +101,8 @@ spec: mountPath: /var/log/onap/datarouter-node imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" - volumes: {{ include "common.aaf-config-volumes" . | nindent 8 }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} + volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }} - name: localtime hostPath: path: /etc/localtime diff --git a/kubernetes/dmaap/components/dmaap-dr-node/values.yaml b/kubernetes/dmaap/components/dmaap-dr-node/values.yaml index 1d55a13bd9..ced70050a3 100644 --- a/kubernetes/dmaap/components/dmaap-dr-node/values.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-node/values.yaml @@ -21,6 +21,25 @@ global: aafEnabled: true ################################################################# +# AAF part +################################################################# +certInitializer: + nameOverride: dmaap-dr-node-cert-initializer + aafDeployFqi: deployer@people.osaaf.org + aafDeployPass: demo123456! + # aafDeployCredsExternalSecret: some secret + fqdn: dmaap-dr-node + fqi: dmaap-dr-node@dmaap-dr.onap.org + public_fqdn: dmaap-dr.onap.org + cadi_longitude: "0.0" + cadi_latitude: "0.0" + app_ns: org.osaaf.aaf + credsPath: /opt/app/osaaf/local + aaf_add_config: > + echo "cadi_keystore_password_p12=$cadi_keystore_password_p12" > {{ .Values.credsPath }}/mycreds.prop + echo "cadi_truststore_password=$cadi_truststore_password" >> {{ .Values.credsPath }}/mycreds.prop + +################################################################# # Application configuration defaults. ################################################################# # application image @@ -78,32 +97,9 @@ persistence: app.kubernetes.io/component: event-logs ################################################################# -# AAF part -################################################################# -aafConfig: - aafDeployFqi: deployer@people.osaaf.org - aafDeployPass: demo123456! - fqdn: dmaap-dr-node - fqi: dmaap-dr-node@dmaap-dr.onap.org - public_fqdn: dmaap-dr.onap.org - cadi_longitude: 0.0 - cadi_latitude: 0.0 - app_ns: org.osaaf.aaf - permission_user: 1000 - permission_group: 1001 - secret_uid: &aaf_secret_uid dmaap-dr-node-aaf-deploy-creds - credsPath: /opt/app/osaaf/local - -################################################################# # Secrets metaconfig ################################################################# -secrets: - - uid: *aaf_secret_uid - type: basicAuth - externalSecret: '{{ ternary (tpl (default "" .Values.aafConfig.aafDeployCredsExternalSecret) .) "aafIsDisabled" .Values.global.aafEnabled }}' - login: '{{ .Values.aafConfig.aafDeployFqi }}' - password: '{{ .Values.aafConfig.aafDeployPass }}' - passwordPolicy: required +secrets: {} ingress: enabled: false @@ -154,3 +150,9 @@ config: # dr uses the EELF Logging framework https://github.com/att/EELF # and supports the following log levels: TRACE, DEBUG, INFO, WARN, ERROR, OFF logLevel: "INFO" + +#Pods Service Account +serviceAccount: + nameOverride: dmaap-dr-node + roles: + - read diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/requirements.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/requirements.yaml index ed03e05b2e..65867f50af 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/requirements.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/requirements.yaml @@ -32,3 +32,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml index 5c94116bac..61678961cc 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml @@ -118,6 +118,7 @@ spec: mountPath: /usr/share/filebeat/data - name: {{ include "common.fullname" . }}-logs mountPath: /var/log/onap/datarouter-prov + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }} - name: localtime hostPath: diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml index df0e270db5..7564ccfc78 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml @@ -105,7 +105,7 @@ config: mariadb: name: *dmaap-dr-db nameOverride: *dmaap-dr-db - replicaCount: 3 + replicaCount: 1 db: externalSecret: *dbSecretName name: datarouter @@ -154,3 +154,9 @@ resources: cpu: 1000m memory: 2Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: dmaap-dr-prov + roles: + - read diff --git a/kubernetes/dmaap/components/message-router/components/message-router-kafka/requirements.yaml b/kubernetes/dmaap/components/message-router/components/message-router-kafka/requirements.yaml index 68c3169e68..c212f38b39 100644 --- a/kubernetes/dmaap/components/message-router/components/message-router-kafka/requirements.yaml +++ b/kubernetes/dmaap/components/message-router/components/message-router-kafka/requirements.yaml @@ -26,3 +26,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/statefulset.yaml index c16500e787..7cedbf89d1 100644 --- a/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/statefulset.yaml +++ b/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/statefulset.yaml @@ -220,6 +220,7 @@ spec: tolerations: {{ toYaml .Values.tolerations | indent 10 }} {{- end }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }} - name: localtime hostPath: @@ -230,11 +231,6 @@ spec: - name: docker-socket hostPath: path: /var/run/docker.sock - {{- if .Values.global.aafEnabled }} - - name: cadi - configMap: - name: {{ include "common.fullname" . }}-cadi-prop-configmap - {{ end }} - name: jaas configMap: name: {{ include "common.fullname" . }}-jaas-configmap diff --git a/kubernetes/dmaap/components/message-router/components/message-router-kafka/values.yaml b/kubernetes/dmaap/components/message-router/components/message-router-kafka/values.yaml index 04d7cee705..5732c5de0e 100644 --- a/kubernetes/dmaap/components/message-router/components/message-router-kafka/values.yaml +++ b/kubernetes/dmaap/components/message-router/components/message-router-kafka/values.yaml @@ -219,3 +219,9 @@ resources: cpu: 1000m memory: 2Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: message-router-kafka + roles: + - read diff --git a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/requirements.yaml b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/requirements.yaml index 343812db25..20cc48f360 100644 --- a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/requirements.yaml +++ b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/requirements.yaml @@ -23,3 +23,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/statefulset.yaml index 5ea5bc53b7..f5473ec589 100644 --- a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/statefulset.yaml +++ b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/statefulset.yaml @@ -187,6 +187,7 @@ spec: tolerations: {{ toYaml .Values.tolerations | indent 10 }} {{- end }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: - name: localtime hostPath: diff --git a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/values.yaml b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/values.yaml index 64c29db935..6863acc7a2 100644 --- a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/values.yaml +++ b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/values.yaml @@ -151,3 +151,9 @@ resources: cpu: 1000m memory: 2Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: message-router-zookeeper + roles: + - read diff --git a/kubernetes/dmaap/components/message-router/requirements.yaml b/kubernetes/dmaap/components/message-router/requirements.yaml index 5adbb623bd..00d14549cd 100644 --- a/kubernetes/dmaap/components/message-router/requirements.yaml +++ b/kubernetes/dmaap/components/message-router/requirements.yaml @@ -33,3 +33,6 @@ dependencies: - name: message-router-zookeeper version: ~8.x-0 repository: 'file://components/message-router-zookeeper' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/dmaap/components/message-router/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/templates/statefulset.yaml index 706fe298bd..9bad341792 100644 --- a/kubernetes/dmaap/components/message-router/templates/statefulset.yaml +++ b/kubernetes/dmaap/components/message-router/templates/statefulset.yaml @@ -126,6 +126,7 @@ spec: - mountPath: /appl/dmaapMR1/etc/keyfile subPath: mykey name: mykey + {{- if .Values.global.aafEnabled }} - mountPath: /appl/dmaapMR1/etc/runner-web.xml subPath: runner-web.xml name: etc @@ -134,7 +135,9 @@ spec: name: sys-props - mountPath: /jetty-config name: jetty + {{- end }} resources: {{ include "common.resources" . | nindent 12 }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }} - name: localtime hostPath: diff --git a/kubernetes/dmaap/components/message-router/values.yaml b/kubernetes/dmaap/components/message-router/values.yaml index d0b162b45e..7028bb1263 100644 --- a/kubernetes/dmaap/components/message-router/values.yaml +++ b/kubernetes/dmaap/components/message-router/values.yaml @@ -153,3 +153,9 @@ resources: cpu: 1000m memory: 2Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: message-router + roles: + - read diff --git a/kubernetes/dmaap/requirements.yaml b/kubernetes/dmaap/requirements.yaml index d62273499e..268ff70467 100644 --- a/kubernetes/dmaap/requirements.yaml +++ b/kubernetes/dmaap/requirements.yaml @@ -33,3 +33,6 @@ dependencies: version: ~8.x-0 repository: 'file://components/dmaap-dr-prov' condition: dmaap-dr-prov.enabled + - name: serviceAccount + version: ~8.x-0 + repository: '@local'
\ No newline at end of file diff --git a/kubernetes/dmaap/values.yaml b/kubernetes/dmaap/values.yaml index c1ba7547db..b7f0735c8d 100644 --- a/kubernetes/dmaap/values.yaml +++ b/kubernetes/dmaap/values.yaml @@ -54,3 +54,9 @@ dmaap-dr-node: enabled: true dmaap-dr-prov: enabled: true + +#Pods Service Account +serviceAccount: + nameOverride: dmaap + roles: + - read diff --git a/kubernetes/esr/components/esr-gui/templates/NOTES.txt b/kubernetes/esr/components/esr-gui/templates/NOTES.txt deleted file mode 100644 index e2b067fde4..0000000000 --- a/kubernetes/esr/components/esr-gui/templates/NOTES.txt +++ /dev/null @@ -1,29 +0,0 @@ -# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -1. Get the application URL by running these commands: -{{- if .Values.ingress.enabled }} -{{- range .Values.ingress.hosts }} - http://{{ . }} -{{- end }} - export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - echo http://$SERVICE_IP:{{ .Values.service.externalPort }} - export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ .Chart.Name }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - echo "Visit http://127.0.0.1:8080 to use your application" - kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} -{{- end }} diff --git a/kubernetes/esr/components/esr-gui/templates/deployment.yaml b/kubernetes/esr/components/esr-gui/templates/deployment.yaml deleted file mode 100644 index 74f933572f..0000000000 --- a/kubernetes/esr/components/esr-gui/templates/deployment.yaml +++ /dev/null @@ -1,102 +0,0 @@ -{{/* -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - selector: - matchLabels: - app: {{ include "common.name" . }} - replicas: {{ .Values.replicaCount }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} - spec: - securityContext: - runAsUser: 1000 - runAsGroup: 1001 - fsGroup: 1001 - initContainers: - - command: - - cp - args: - - -r - - -T - - /home/esr/tomcat - - /opt/tomcat - securityContext: - privileged: true - image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: create-tomcat-dir - volumeMounts: - - name: tomcat-workdir - mountPath: /opt/tomcat - - containers: - - name: {{ include "common.name" . }} - image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - ports: - - containerPort: {{ .Values.service.internalPort }} - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container - {{- if eq .Values.liveness.enabled true }} - livenessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - {{ end -}} - readinessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - env: - - name: MSB_ADDR - value: {{ tpl .Values.msbaddr . }} - volumeMounts: - - name: tomcat-workdir - mountPath: /home/esr/tomcat/ - resources: -{{ include "common.resources" . | indent 12 }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 10 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 10 }} - {{- end }} - - volumes: - - name: tomcat-workdir - emptyDir: {} - - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/esr/components/esr-gui/templates/service.yaml b/kubernetes/esr/components/esr-gui/templates/service.yaml deleted file mode 100644 index b020257873..0000000000 --- a/kubernetes/esr/components/esr-gui/templates/service.yaml +++ /dev/null @@ -1,46 +0,0 @@ -{{/* -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} - annotations: - msb.onap.org/service-info: '[ - { - "serviceName": "aai-esr-gui", - "version": "v1", - "url": "/esr-gui", - "protocol": "UI", - "port": "{{ .Values.service.internalPort }}", - "visualRange":"1", - "path":"/iui/aai-esr-gui" - } - ]' -spec: - ports: - - port: {{ .Values.service.internalPort }} - name: {{ .Values.service.name }} - selector: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} diff --git a/kubernetes/esr/components/esr-gui/values.yaml b/kubernetes/esr/components/esr-gui/values.yaml deleted file mode 100644 index 417ace5ab4..0000000000 --- a/kubernetes/esr/components/esr-gui/values.yaml +++ /dev/null @@ -1,73 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration defaults. -################################################################# -global: - nodePortPrefix: 302 - persistence: {} -################################################################# -# Application configuration defaults. -################################################################# -# application image -image: onap/aai/esr-gui:1.4.0 -pullPolicy: Always -msbaddr: msb-iag.{{ include "common.namespace" . }}:443 - -# default number of instances -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 10 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 10 - periodSeconds: 10 - -service: - name: esr-gui - internalPort: 8080 - -ingress: - enabled: false - -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # - # Example: - # Configure resource requests and limits - # ref: http://kubernetes.io/docs/user-guide/compute-resources/ - # Minimum memory for development is 2 CPU cores and 4GB memory - # Minimum memory for production is 4 CPU cores and 8GB memory -#resources: -# limits: -# cpu: 2 -# memory: 4Gi -# requests: -# cpu: 2 -# memory: 4Gi diff --git a/kubernetes/esr/components/esr-server/requirements.yaml b/kubernetes/esr/components/esr-server/requirements.yaml deleted file mode 100644 index 343812db25..0000000000 --- a/kubernetes/esr/components/esr-server/requirements.yaml +++ /dev/null @@ -1,25 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -dependencies: - - name: common - version: ~8.x-0 - # local reference to common chart, as it is - # a part of this chart's package and will not - # be published independently to a repo (at this point) - repository: '@local' - - name: repositoryGenerator - version: ~8.x-0 - repository: '@local' diff --git a/kubernetes/esr/components/esr-server/resources/config/log/filebeat/filebeat.yml b/kubernetes/esr/components/esr-server/resources/config/log/filebeat/filebeat.yml deleted file mode 100644 index a60fb95795..0000000000 --- a/kubernetes/esr/components/esr-server/resources/config/log/filebeat/filebeat.yml +++ /dev/null @@ -1,56 +0,0 @@ -{{/* -# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} -filebeat.prospectors: -#it is mandatory, in our case it's log -- input_type: log - #This is the canolical path as mentioned in logback.xml, *.* means it will monitor all files in the directory. - paths: - - /var/log/onap/*/*/*/*.log - - /var/log/onap/*/*/*.log - - /var/log/onap/*/*.log - #Files older than this should be ignored.In our case it will be 48 hours i.e. 2 days. It is a helping flag for clean_inactive - ignore_older: 48h - # Remove the registry entry for a file that is more than the specified time. In our case it will be 96 hours, i.e. 4 days. It will help to keep registry records with in limit - clean_inactive: 96h - - -# Name of the registry file. If a relative path is used, it is considered relative to the -# data path. Else full qualified file name. -#filebeat.registry_file: ${path.data}/registry - - -output.logstash: - #List of logstash server ip addresses with port number. - #But, in our case, this will be the loadbalancer IP address. - #For the below property to work the loadbalancer or logstash should expose 5044 port to listen the filebeat events or port in the property should be changed appropriately. - hosts: ["{{.Values.config.logstashServiceName}}.{{.Release.Namespace}}:{{.Values.config.logstashPort}}"] - #If enable will do load balancing among availabe Logstash, automatically. - loadbalance: true - - #The list of root certificates for server verifications. - #If certificate_authorities is empty or not set, the trusted - #certificate authorities of the host system are used. - #ssl.certificate_authorities: $ssl.certificate_authorities - - #The path to the certificate for SSL client authentication. If the certificate is not specified, - #client authentication is not available. - #ssl.certificate: $ssl.certificate - - #The client certificate key used for client authentication. - #ssl.key: $ssl.key - - #The passphrase used to decrypt an encrypted key stored in the configured key file - #ssl.key_passphrase: $ssl.key_passphrase diff --git a/kubernetes/esr/components/esr-server/resources/config/logback.xml b/kubernetes/esr/components/esr-server/resources/config/logback.xml deleted file mode 100644 index fcc9f250d9..0000000000 --- a/kubernetes/esr/components/esr-server/resources/config/logback.xml +++ /dev/null @@ -1,144 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!-- -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. ---> - -<configuration scan="{{ .Values.log.scan.enabled }}" debug="{{ .Values.log.debug }}"> - - <property name="componentName" value='{{default "UNSET_COMPONENT" .Values.log.componentName}}'/> - <property name="subcomponentName" value='{{default "UNSET_SUBCOMPONENT" .Values.log.subcomponentName}}'/> - - <property name="logDir" value="{{ .Values.log.logDir }}" /> - <property name="queueSize" value="{{ .Values.log.queueSize }}"/> - - <property name="p_tim" value="%d{"yyyy-MM-dd'T'HH:mm:ss.SSSXXX", UTC}"/> - <property name="p_lvl" value="%level"/> - <property name="p_log" value="%logger"/> - <property name="p_mdc" value="%replace(%replace(%mdc){'\t','\\\\t'}){'\n', '\\\\n'}"/> - <property name="p_msg" value="%replace(%replace(%msg){'\t', '\\\\t'}){'\n','\\\\n'}"/> - <property name="p_exc" value="%replace(%replace(%rootException){'\t', '\\\\t'}){'\n','\\\\n'}"/> - <property name="p_mak" value="%replace(%replace(%marker){'\t', '\\\\t'}){'\n','\\\\n'}"/> - <property name="p_thr" value="%thread"/> - <property name="pattern" value="%nopexception${p_tim}\t${p_thr}\t${p_lvl}\t${p_log}\t${p_mdc}\t${p_msg}\t${p_exc}\t${p_mak}\t%n"/> - - <property name="errorLogName" value="error" /> - <property name="metricsLogName" value="metrics" /> - <property name="auditLogName" value="audit" /> - <property name="debugLogName" value="debug" /> - - <property name="errorPattern" value="${p_tim}|%X{RequestId}|%thread|%X{ServiceName}|%X{PartnerName}|%X{TargetEntity}|%X{TargetServiceName}|%.-5level|%X{ErrorCode}|%X{ErrorDesc}|%msg%n\t${p_mdc}\t${p_msg}\t${p_exc}\t${p_mak}\t%n" /> - <property name="debugPattern" value="${p_tim}|%X{RequestId}|%msg%n\t${p_mdc}\t${p_msg}\t${p_exc}\t${p_mak}\t%n" /> - <property name="auditPattern" value="%X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%thread||%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDesc}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{Timer}|%X{ServerFQDN}|%X{RemoteHost}||||||||%msg%n" /> - <property name="metricPattern" value="%X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%thread||%X{ServiceName}|%X{PartnerName}|%X{TargetEntity}|%X{TargetServiceName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDesc}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{Timer}|%X{ServerFQDN}|%X{RemoteHost}||||%X{TargetVirtualEntity}|||||%msg%n" /> - - <property name="logDirectory" value="${logDir}/${componentName}/${subComponentName}" /> - - <!-- Console (human-readable) logging --> - <property name="consolePattern" value="%nopexception${p_log}\t${p_tim}\t${p_lvl}\t%message\t${p_mdc}\t%rootException\t${p_mak}\t${p_thr}%n"/> - - <appender name="EELFAudit" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <file>${logDirectory}/${auditLogName}.log</file> - <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> - <fileNamePattern>${logDirectory}/${auditLogName}.log.%d</fileNamePattern> - </rollingPolicy> - <encoder> - <pattern>${auditPattern}</pattern> - </encoder> - </appender> - - <appender name="asyncEELFAudit" class="ch.qos.logback.classic.AsyncAppender"> - <queueSize>${queueSize}</queueSize> - <appender-ref ref="EELFAudit" /> - </appender> - - <appender name="EELFMetrics" class="ch.qos.logback.core.rolling.RollingFileAppender"> - <file>${logDirectory}/${metricsLogName}.log</file> - <rollingPolicy - class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> - <fileNamePattern>${logDirectory}/${metricsLogName}.log.%d</fileNamePattern> - </rollingPolicy> - <encoder> - <pattern>${metricPattern}</pattern> - </encoder> - </appender> - - <appender name="asyncEELFMetrics" class="ch.qos.logback.classic.AsyncAppender"> - <queueSize>${queueSize}</queueSize> - <appender-ref ref="EELFMetrics"/> - </appender> - - <appender name="EELFError" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <file>${logDirectory}/${errorLogName}.log</file> - <rollingPolicy - class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> - <fileNamePattern>${logDirectory}/${errorLogName}.log.%d</fileNamePattern> - </rollingPolicy> - <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> - <level>INFO</level> - </filter> - <encoder> - <pattern>${errorPattern}</pattern> - </encoder> - </appender> - - <appender name="asyncEELFError" class="ch.qos.logback.classic.AsyncAppender"> - <queueSize>${queueSize}</queueSize> - <appender-ref ref="EELFError"/> - </appender> - - <appender name="EELFDebug" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <file>${logDirectory}/${debugLogName}.log</file> - <rollingPolicy - class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> - <fileNamePattern>${logDirectory}/${debugLogName}.log.%d</fileNamePattern> - </rollingPolicy> - <encoder> - <pattern>${debugPattern}</pattern> - </encoder> - </appender> - - <appender name="asyncEELFDebug" class="ch.qos.logback.classic.AsyncAppender"> - <queueSize>${queueSize}</queueSize> - <appender-ref ref="EELFDebug" /> - <includeCallerData>true</includeCallerData> - </appender> - - <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> - <encoder> - <pattern>${consolePattern}</pattern> - </encoder> - </appender> - - <logger name="com.att.eelf.audit" level="info" additivity="false"> - <appender-ref ref="asyncEELFAudit" /> - </logger> - - <logger name="com.att.eelf.metrics" level="info" additivity="false"> - <appender-ref ref="asyncEELFMetrics" /> - </logger> - - <logger name="com.att.eelf.error" level="debug" additivity="false"> - <appender-ref ref="asyncEELFError" /> - </logger> - - <root level="{{ .Values.log.root.level }}"> - <appender-ref ref="asyncEELFDebug" /> - <appender-ref ref="STDOUT" /> - </root> - -</configuration>
\ No newline at end of file diff --git a/kubernetes/esr/components/esr-server/templates/NOTES.txt b/kubernetes/esr/components/esr-server/templates/NOTES.txt deleted file mode 100644 index 5da4ade3a5..0000000000 --- a/kubernetes/esr/components/esr-server/templates/NOTES.txt +++ /dev/null @@ -1,30 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -1. Get the application URL by running these commands: -{{- if .Values.ingress.enabled }} -{{- range .Values.ingress.hosts }} - http://{{ . }} -{{- end }} - export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - echo http://$SERVICE_IP:{{ .Values.service.externalPort }} - export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ .Chart.Name }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - echo "Visit http://127.0.0.1:8080 to use your application" - kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} -{{- end }} diff --git a/kubernetes/esr/components/esr-server/templates/configmap.yaml b/kubernetes/esr/components/esr-server/templates/configmap.yaml deleted file mode 100644 index 6861a8bdf0..0000000000 --- a/kubernetes/esr/components/esr-server/templates/configmap.yaml +++ /dev/null @@ -1,42 +0,0 @@ -{{/* -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-log - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/logback.xml").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-esr-filebeat-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/log/filebeat/filebeat.yml").AsConfig . | indent 2 }} diff --git a/kubernetes/esr/components/esr-server/templates/deployment.yaml b/kubernetes/esr/components/esr-server/templates/deployment.yaml deleted file mode 100644 index 03bcaa09d4..0000000000 --- a/kubernetes/esr/components/esr-server/templates/deployment.yaml +++ /dev/null @@ -1,137 +0,0 @@ -{{/* -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - selector: - matchLabels: - app: {{ include "common.name" . }} - replicas: {{ .Values.replicaCount }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} - spec: - securityContext: - runAsUser: 1000 - runAsGroup: 1001 - fsGroup: 1001 - initContainers: - - command: - - cp - args: - - -r - - -T - - /home/esr/conf - - /opt/conf - securityContext: - privileged: true - image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: create-conf-dir - volumeMounts: - - name: conf-dir - mountPath: /opt/conf - - containers: - - name: {{ .Chart.Name }} - image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - ports: - - containerPort: {{ .Values.service.internalPort }} - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container - {{- if eq .Values.liveness.enabled true }} - livenessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - {{ end -}} - readinessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - env: - - name: MSB_ADDR - value: {{ tpl .Values.msbaddr . }} - volumeMounts: - - mountPath: /etc/localtime - name: localtime - readOnly: true - - mountPath: /home/esr/works/logs - name: {{ include "common.fullname" . }}-logs - - mountPath: /home/esr/conf - name: conf-dir - resources: -{{ include "common.resources" . | indent 12 }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 10 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 10 }} - {{- end }} - # Filebeat sidecar container - - name: {{ include "common.name" . }}-filebeat-onap - securityContext: - runAsUser: 1000 - runAsGroup: 1000 - image: {{ include "repositoryGenerator.image.logging" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - - name: {{ include "common.fullname" . }}-filebeat-conf - mountPath: /usr/share/filebeat/filebeat.yml - subPath: filebeat.yml - - name: {{ include "common.fullname" . }}-data-filebeat - mountPath: /usr/share/filebeat/data - - name: {{ include "common.fullname" . }}-logs - mountPath: /var/log/onap/esr/esr-server - - mountPath: /opt/ajsc/etc/config/logback.xml - name: {{ include "common.fullname" . }}-log-conf - subPath: logback.xml - volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name: {{ include "common.fullname" . }}-log-conf - configMap: - name: {{ include "common.fullname" . }}-log - - name: {{ include "common.fullname" . }}-filebeat-conf - configMap: - name: {{ include "common.fullname" . }}-esr-filebeat-configmap - - name: {{ include "common.fullname" . }}-data-filebeat - emptyDir: {} - - name: {{ include "common.fullname" . }}-logs - emptyDir: {} - - name: conf-dir - emptyDir: {} - - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/esr/components/esr-server/templates/service.yaml b/kubernetes/esr/components/esr-server/templates/service.yaml deleted file mode 100644 index 9fb6e93a7b..0000000000 --- a/kubernetes/esr/components/esr-server/templates/service.yaml +++ /dev/null @@ -1,55 +0,0 @@ -{{/* -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} - annotations: - msb.onap.org/service-info: '[ - { - "serviceName": "aai-esr-server", - "version": "v1", - "url": "/api/aai-esr-server/v1", - "protocol": "REST", - "port": "{{.Values.service.internalPort}}", - "enable_ssl": true, - "visualRange":"1" - } - ]' -spec: - type: {{ .Values.service.type }} - ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - {{- end}} - selector: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} diff --git a/kubernetes/esr/components/esr-server/values.yaml b/kubernetes/esr/components/esr-server/values.yaml deleted file mode 100644 index a3fb6862a6..0000000000 --- a/kubernetes/esr/components/esr-server/values.yaml +++ /dev/null @@ -1,91 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration defaults. -################################################################# -global: - nodePortPrefix: 302 - -subChartsOnly: - enabled: true - -# application image -image: onap/aai/esr-server:1.5.2 -pullPolicy: Always -msbaddr: msb-iag.{{ include "common.namespace" . }}:443 - -# application configuration -config: - logstashServiceName: log-ls - logstashPort: 5044 - -# default number of instances -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 10 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 10 - periodSeconds: 10 - -service: - type: ClusterIP - name: esr-server - portName: esr-server - externalPort: 9518 - internalPort: 9518 - -ingress: - enabled: false - -log: - componentName: esr - subcomponentName: esr-server - debug: true - scan: - enabled: false - logDir: /var/log/onap - queueSize: 256 - root: - level: INFO - -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # - # Example: - # Configure resource requests and limits - # ref: http://kubernetes.io/docs/user-guide/compute-resources/ - # Minimum memory for development is 2 CPU cores and 4GB memory - # Minimum memory for production is 4 CPU cores and 8GB memory -#resources: -# limits: -# cpu: 2 -# memory: 4Gi -# requests: -# cpu: 2 -# memory: 4Gi diff --git a/kubernetes/helm/plugins/deploy/deploy.sh b/kubernetes/helm/plugins/deploy/deploy.sh index ce8e80225f..2182dde1d6 100755 --- a/kubernetes/helm/plugins/deploy/deploy.sh +++ b/kubernetes/helm/plugins/deploy/deploy.sh @@ -89,16 +89,16 @@ resolve_deploy_flags() { deploy() { # validate params - if [ -z "$1" ] || [ -z "$2" ]; then + if [ -z "$1" ] || [ -z "$2" ]; then usage - exit 0 + exit 1 fi RELEASE=$1 CHART_URL=$2 - FLAGS=${@:3} - CHART_REPO="$(echo "$CHART_URL" |cut -d'/' -f1)" - CHART_NAME="$(echo "$CHART_URL" |cut -d'/' -f2)" + FLAGS=$(echo ${@} | sed 's/^ *[^ ]* *[^ ]* *//') + CHART_REPO="$(echo "$CHART_URL" | cut -d'/' -f1)" + CHART_NAME="$(echo "$CHART_URL" | cut -d'/' -f2)" if expr "$HELM_VER" : "v3\..*" ; then CACHE_DIR=~/.local/share/helm/plugins/deploy/cache else @@ -123,7 +123,7 @@ deploy() { fi # determine if set-last-applied flag is enabled SET_LAST_APPLIED="false" - if expr"$FLAGS" : ".*--set-last-applied.*" ; then + if expr "$FLAGS" : ".*--set-last-applied.*" ; then FLAGS="$(echo $FLAGS| sed -n 's/--set-last-applied//p')" SET_LAST_APPLIED="true" fi @@ -251,7 +251,7 @@ deploy() { fi if [ "$DELAY" = "true" ]; then echo sleep 3m - sleep 3m + sleep 180 fi else array=($(echo "$ALL_HELM_RELEASES" | grep "${RELEASE}-${subchart}")) @@ -287,7 +287,7 @@ case "${1:-"help"}" in usage ;; *) - deploy $1 $2 ${@:3} + deploy $1 $2 $(echo ${@} | sed 's/^ *[^ ]* *[^ ]* *//') ;; esac diff --git a/kubernetes/helm/plugins/undeploy/undeploy.sh b/kubernetes/helm/plugins/undeploy/undeploy.sh index 790f84fda9..a3b0e3c623 100755 --- a/kubernetes/helm/plugins/undeploy/undeploy.sh +++ b/kubernetes/helm/plugins/undeploy/undeploy.sh @@ -29,9 +29,9 @@ undeploy() { done } -if [ $# < 1 ]; then +if [ -z "$1" ]; then echo "Error: command 'undeploy' requires a release name" - exit 0 + exit 1 fi case "${1:-"help"}" in @@ -45,8 +45,8 @@ case "${1:-"help"}" in usage ;; *) - undeploy $1 ${@:2} + undeploy $1 $(echo ${@} | sed 's/^ *[^ ]* *//') ;; esac -exit 0
\ No newline at end of file +exit 0 diff --git a/kubernetes/holmes/components/holmes-engine-mgmt/values.yaml b/kubernetes/holmes/components/holmes-engine-mgmt/values.yaml index f44faa1059..bbdc3e09cd 100644 --- a/kubernetes/holmes/components/holmes-engine-mgmt/values.yaml +++ b/kubernetes/holmes/components/holmes-engine-mgmt/values.yaml @@ -25,7 +25,7 @@ global: # Application configuration defaults. ################################################################# # application image -image: onap/holmes/engine-management:1.3.3 +image: onap/holmes/engine-management:9.0.0 consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0 ################################################################# diff --git a/kubernetes/holmes/components/holmes-rule-mgmt/values.yaml b/kubernetes/holmes/components/holmes-rule-mgmt/values.yaml index 9e2b656150..4f4849a5a4 100644 --- a/kubernetes/holmes/components/holmes-rule-mgmt/values.yaml +++ b/kubernetes/holmes/components/holmes-rule-mgmt/values.yaml @@ -25,7 +25,7 @@ global: # Application configuration defaults. ################################################################# # application image -image: onap/holmes/rule-management:1.3.3 +image: onap/holmes/rule-management:9.0.0 consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0 ################################################################# diff --git a/kubernetes/log/.helmignore b/kubernetes/log/.helmignore index f0c1319444..7ddbad7ef4 100644 --- a/kubernetes/log/.helmignore +++ b/kubernetes/log/.helmignore @@ -19,3 +19,4 @@ .project .idea/ *.tmproj +components/ diff --git a/kubernetes/modeling/.helmignore b/kubernetes/modeling/.helmignore new file mode 100644 index 0000000000..7ddbad7ef4 --- /dev/null +++ b/kubernetes/modeling/.helmignore @@ -0,0 +1,22 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj +components/ diff --git a/kubernetes/modeling/components/modeling-etsicatalog/values.yaml b/kubernetes/modeling/components/modeling-etsicatalog/values.yaml index c9e24fc07b..1672b6d3df 100644 --- a/kubernetes/modeling/components/modeling-etsicatalog/values.yaml +++ b/kubernetes/modeling/components/modeling-etsicatalog/values.yaml @@ -100,7 +100,7 @@ config: # application image flavor: small -image: onap/modeling/etsicatalog:1.0.10 +image: onap/modeling/etsicatalog:1.0.11 pullPolicy: Always #Istio sidecar injection policy diff --git a/kubernetes/msb/.helmignore b/kubernetes/msb/.helmignore index f0c1319444..7ddbad7ef4 100644 --- a/kubernetes/msb/.helmignore +++ b/kubernetes/msb/.helmignore @@ -19,3 +19,4 @@ .project .idea/ *.tmproj +components/ diff --git a/kubernetes/msb/components/msb-consul/resources/docker-entrypoint.sh b/kubernetes/msb/components/msb-consul/resources/docker-entrypoint.sh index 0cd46167e4..cbcbf7a8bf 100755 --- a/kubernetes/msb/components/msb-consul/resources/docker-entrypoint.sh +++ b/kubernetes/msb/components/msb-consul/resources/docker-entrypoint.sh @@ -53,7 +53,7 @@ fi # If the user is trying to run Consul directly with some arguments, then # pass them to Consul. -if [ "${1:0:1}" = '-' ]; then +if echo "$1" | grep '^-' >/dev/null; then set -- consul "$@" fi diff --git a/kubernetes/multicloud/.helmignore b/kubernetes/multicloud/.helmignore index f0c1319444..7ddbad7ef4 100644 --- a/kubernetes/multicloud/.helmignore +++ b/kubernetes/multicloud/.helmignore @@ -19,3 +19,4 @@ .project .idea/ *.tmproj +components/ diff --git a/kubernetes/multicloud/components/multicloud-k8s/values.yaml b/kubernetes/multicloud/components/multicloud-k8s/values.yaml index 307524c4fa..ec3b9567c3 100644 --- a/kubernetes/multicloud/components/multicloud-k8s/values.yaml +++ b/kubernetes/multicloud/components/multicloud-k8s/values.yaml @@ -18,13 +18,13 @@ global: nodePortPrefixExt: 304 persistence: {} - artifactImage: onap/multicloud/framework-artifactbroker:1.6.0 + artifactImage: onap/multicloud/framework-artifactbroker:1.7.0 ################################################################# # Application configuration defaults. ################################################################# # application image -image: onap/multicloud/k8s:0.8.2 +image: onap/multicloud/k8s:0.9.0 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/multicloud/values.yaml b/kubernetes/multicloud/values.yaml index a3b435a192..93d299e16f 100644 --- a/kubernetes/multicloud/values.yaml +++ b/kubernetes/multicloud/values.yaml @@ -18,7 +18,7 @@ ################################################################# global: nodePortPrefix: 302 - artifactImage: onap/multicloud/framework-artifactbroker:1.6.0 + artifactImage: onap/multicloud/framework-artifactbroker:1.7.0 prometheus: enabled: false persistence: {} @@ -27,7 +27,7 @@ global: # Application configuration defaults. ################################################################# # application image -image: onap/multicloud/framework:1.6.0 +image: onap/multicloud/framework:1.7.0 pullPolicy: Always #Istio sidecar injection policy @@ -42,11 +42,11 @@ multicloud-pike: multicloud-prometheus: enabled: false multicloud-starlingx: - enabled: true + enabled: false multicloud-vio: - enabled: true + enabled: false multicloud-windriver: - enabled: true + enabled: false # application configuration config: diff --git a/kubernetes/nbi/values.yaml b/kubernetes/nbi/values.yaml index a94bd4df4a..a3dc897718 100644 --- a/kubernetes/nbi/values.yaml +++ b/kubernetes/nbi/values.yaml @@ -91,6 +91,10 @@ mariadb-galera: db: externalSecret: *dbUserSecretName name: &mysqlDbName nbi + service: + name: nbi-galera + portName: nbi-galera + internalPort: 3306 nameOverride: &nbi-galera nbi-galera replicaCount: 1 persistence: diff --git a/kubernetes/onap/requirements.yaml b/kubernetes/onap/requirements.yaml index fa3efd3b40..61d4314be4 100755 --- a/kubernetes/onap/requirements.yaml +++ b/kubernetes/onap/requirements.yaml @@ -78,10 +78,6 @@ dependencies: version: ~8.x-0 repository: '@local' condition: dmaap.enabled - - name: esr - version: ~8.x-0 - repository: '@local' - condition: esr.enabled - name: log version: ~8.x-0 repository: '@local' diff --git a/kubernetes/onap/resources/environments/core-onap.yaml b/kubernetes/onap/resources/environments/core-onap.yaml index 24678e6680..de448084ee 100644 --- a/kubernetes/onap/resources/environments/core-onap.yaml +++ b/kubernetes/onap/resources/environments/core-onap.yaml @@ -77,8 +77,6 @@ holmes: enabled: false dmaap: enabled: true -esr: - enabled: false log: enabled: false mariadb-galera: diff --git a/kubernetes/onap/resources/environments/dev.yaml b/kubernetes/onap/resources/environments/dev.yaml index df333455d8..b5951b25d2 100644 --- a/kubernetes/onap/resources/environments/dev.yaml +++ b/kubernetes/onap/resources/environments/dev.yaml @@ -81,8 +81,6 @@ holmes: enabled: false dmaap: enabled: false -esr: - enabled: false log: enabled: false log-logstash: diff --git a/kubernetes/onap/resources/environments/disable-allcharts.yaml b/kubernetes/onap/resources/environments/disable-allcharts.yaml index af3c11a17e..0f93b94983 100644 --- a/kubernetes/onap/resources/environments/disable-allcharts.yaml +++ b/kubernetes/onap/resources/environments/disable-allcharts.yaml @@ -51,8 +51,6 @@ holmes: enabled: false dmaap: enabled: false -esr: - enabled: false log: enabled: false sniro-emulator: diff --git a/kubernetes/onap/resources/environments/minimal-onap.yaml b/kubernetes/onap/resources/environments/minimal-onap.yaml index 56ed2fef85..670a55ae8d 100644 --- a/kubernetes/onap/resources/environments/minimal-onap.yaml +++ b/kubernetes/onap/resources/environments/minimal-onap.yaml @@ -72,8 +72,6 @@ holmes: enabled: false dmaap: enabled: true -esr: - enabled: false log: enabled: false mariadb-galera: diff --git a/kubernetes/onap/resources/overrides/onap-5g-network-slicing.yaml b/kubernetes/onap/resources/overrides/onap-5g-network-slicing.yaml index 7f23899c98..8c9babb99a 100644 --- a/kubernetes/onap/resources/overrides/onap-5g-network-slicing.yaml +++ b/kubernetes/onap/resources/overrides/onap-5g-network-slicing.yaml @@ -104,8 +104,6 @@ holmes: enabled: false dmaap: enabled: true -esr: - enabled: true log: enabled: true sniro-emulator: diff --git a/kubernetes/onap/resources/overrides/onap-all-ingress-nginx-vhost.yaml b/kubernetes/onap/resources/overrides/onap-all-ingress-nginx-vhost.yaml index ea286b09c1..528cd2c687 100644 --- a/kubernetes/onap/resources/overrides/onap-all-ingress-nginx-vhost.yaml +++ b/kubernetes/onap/resources/overrides/onap-all-ingress-nginx-vhost.yaml @@ -25,7 +25,7 @@ aaf: aai: enabled: true appc: - enabled: true + enabled: false cds: enabled: true clamp: @@ -46,8 +46,6 @@ holmes: enabled: true dmaap: enabled: true -esr: - enabled: true oof: enabled: true msb: diff --git a/kubernetes/onap/resources/overrides/onap-all.yaml b/kubernetes/onap/resources/overrides/onap-all.yaml index 521cf2ff8b..91e0157aea 100644 --- a/kubernetes/onap/resources/overrides/onap-all.yaml +++ b/kubernetes/onap/resources/overrides/onap-all.yaml @@ -29,7 +29,7 @@ aaf: aai: enabled: true appc: - enabled: true + enabled: false cds: enabled: true clamp: @@ -55,8 +55,6 @@ holmes: enabled: true dmaap: enabled: true -esr: - enabled: true oof: enabled: true msb: diff --git a/kubernetes/onap/resources/overrides/sm-onap.yaml b/kubernetes/onap/resources/overrides/sm-onap.yaml index ca98011484..312fc4b65f 100644 --- a/kubernetes/onap/resources/overrides/sm-onap.yaml +++ b/kubernetes/onap/resources/overrides/sm-onap.yaml @@ -74,8 +74,6 @@ dcaegen2-services: enabled: false holmes: enabled: false -esr: - enabled: false log: enabled: false mariadb-galera: diff --git a/kubernetes/onap/values.yaml b/kubernetes/onap/values.yaml index 0e2b13b473..133e59fb01 100755 --- a/kubernetes/onap/values.yaml +++ b/kubernetes/onap/values.yaml @@ -47,7 +47,7 @@ global: dockerHubRepository: &dockerHubRepository docker.io elasticRepository: &elasticRepository docker.elastic.co googleK8sRepository: k8s.gcr.io - + githubContainerRegistry: ghcr.io #/!\ DEPRECATED /!\ # Legacy repositories which will be removed at the end of migration. @@ -298,8 +298,6 @@ holmes: enabled: false dmaap: enabled: false -esr: - enabled: false # Today, "logging" chart that perform the central part of logging must also be # enabled in order to make it work. So `logging.enabled` must have the same # value than centralizedLoggingEnabled diff --git a/kubernetes/oof/components/oof-cmso/.helmignore b/kubernetes/oof/components/oof-cmso/.helmignore deleted file mode 100644 index 68ffb32406..0000000000 --- a/kubernetes/oof/components/oof-cmso/.helmignore +++ /dev/null @@ -1 +0,0 @@ -components/ diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/Chart.yaml b/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/Chart.yaml deleted file mode 100644 index 8cd7c2ffb8..0000000000 --- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/Chart.yaml +++ /dev/null @@ -1,18 +0,0 @@ -# Copyright © 2019 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -description: Chart for Change Management Service Orchestrator (CMSO) Optimizer -name: oof-cmso-optimizer -version: 8.0.0 diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/resources/config/cadi.properties b/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/resources/config/cadi.properties deleted file mode 100644 index d7387dd1e1..0000000000 --- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/resources/config/cadi.properties +++ /dev/null @@ -1,23 +0,0 @@ -{{/* -#------------------------------------------------------------------------------- -# ============LICENSE_START============================================== -# Copyright (c) 2019 AT&T Intellectual Property. -# ======================================================================= -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain a -# copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express -# or implied. See the License for the specific language governing -# permissions and limitations under the License. -# ============LICENSE_END================================================= -# -#------------------------------------------------------------------------------- -*/}} -cadi_loglevel=DEBUG -cadi_prop_files=/share/etc/osaaf/local/org.onap.oof.props - diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/resources/config/liquibase.properties b/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/resources/config/liquibase.properties deleted file mode 100644 index 959aa960c0..0000000000 --- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/resources/config/liquibase.properties +++ /dev/null @@ -1,45 +0,0 @@ -{{/* -### -# Copyright (c) 2019 AT&T Intellectual Property. -# Modifications Copyright (c) 2018 IBM. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Unless otherwise specified, all documentation contained herein is licensed -# under the Creative Commons License, Attribution 4.0 Intl. (the “License”); -# you may not use this documentation except in compliance with the License. -# You may obtain a copy of the License at -# -# https://creativecommons.org/licenses/by/4.0/ -# -# Unless required by applicable law or agreed to in writing, documentation -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# -*/}} -spring.datasource.jdbcUrl=jdbc:mariadb://${DB_HOST}:${DB_PORT}/${DB_SCHEMA}?createDatabaseIfNotExist=true -spring.datasource.driver-class-name=org.mariadb.jdbc.Driver -spring.datasource.username=${DB_USERNAME} -spring.datasource.password=${DB_PASSWORD} - -spring.datasource.initialize=false -spring.datasource.tomcat.max-wait=10000 -spring.datasource.tomcat.initialSize=5 -spring.datasource.tomcat.max-active=25 -spring.datasource.tomcat.test-on-borrow=true - - -changeLogFile=optimizer-liquibase-changeLog.xml diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/resources/config/logback.xml b/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/resources/config/logback.xml deleted file mode 100644 index e288419211..0000000000 --- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/resources/config/logback.xml +++ /dev/null @@ -1,253 +0,0 @@ -<?xml version = "1.0" encoding = "UTF-8" ?> -<!-- -# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. ---> -<configuration> - <jmxConfigurator /> - <!-- Example evaluator filter applied against console appender --> -<property name="p_tim" value="%d{"yyyy-MM-dd'T'HH:mm:ss.SSSXXX", UTC}"/> - <property name="p_lvl" value="%level"/> - <property name="p_log" value="%logger"/> - <property name="p_mdc" value="%replace(%replace(%mdc){'\t','\\\\t'}){'\n', '\\\\n'}"/> - <property name="p_msg" value="%replace(%replace(%msg){'\t', '\\\\t'}){'\n','\\\\n'}"/> - <property name="p_exc" value="%replace(%replace(%rootException){'\t', '\\\\t'}){'\n','\\\\n'}"/> - <property name="p_mak" value="%replace(%replace(%marker){'\t', '\\\\t'}){'\n','\\\\n'}"/> - <property name="p_thr" value="%thread"/> - <property name="defaultPattern" value="%nopexception${p_tim}\t${p_thr}\t${p_lvl}\t${p_log}\t${p_mdc}\t${p_msg}\t${p_exc}\t${p_mak}\t%n"/> - <property name="debugPattern" value="%nopexception${p_tim}|${p_lvl}|${p_mdc}|${p_exc}|%msg%n"/> - - <!-- Example evaluator filter applied against console appender --> - <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> - <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> - <level>INFO</level> - </filter> - <encoder> - <pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n</pattern> - </encoder> - </appender> - - <appender name="ERROR" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> - <level>INFO</level> - </filter> - <file>${logDirectory}/error2.log</file> - <append>true</append> - <encoder> - <pattern>${defaultPattern}</pattern> - </encoder> - <rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy"> - <fileNamePattern>${outputDirectory}/cmso/error.%d{yyyy-MM-dd}.%i.log.zip</fileNamePattern> - <maxFileSize>50MB</maxFileSize> - <maxHistory>30</maxHistory> - <totalSizeCap>10GB</totalSizeCap> - </rollingPolicy> - <triggeringPolicy - class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> - <maxFileSize>10MB</maxFileSize> - </triggeringPolicy> - </appender> - - <appender name="DEBUG" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <file>${logDirectory}/debug.log</file> - <append>true</append> - <encoder> - <pattern>${debugPattern}</pattern> - </encoder> - <rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy"> - <fileNamePattern>${outputDirectory}/cmso/debug.%d{yyyy-MM-dd}.%i.log.zip</fileNamePattern> - <maxFileSize>50MB</maxFileSize> - <maxHistory>30</maxHistory> - <totalSizeCap>10GB</totalSizeCap> - </rollingPolicy> - </appender> - - - <appender name="AUDIT" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <file>${logDirectory}/audit.log</file> - <append>true</append> - <encoder> - <pattern>%X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|%msg%n - </pattern> - </encoder> - <rollingPolicy - class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> - <maxIndex>10</maxIndex> - <FileNamePattern>${logDirectory}/audit.%i.log.zip - </FileNamePattern> - </rollingPolicy> - <triggeringPolicy - class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> - <maxFileSize>10MB</maxFileSize> - </triggeringPolicy> - </appender> - <appender name="asyncEELFAudit" - class="ch.qos.logback.classic.AsyncAppender"> - <queueSize>256</queueSize> - <appender-ref ref="AUDIT" /> - </appender> - - <appender name="METRIC" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <file>${logDirectory}/metric.log</file> - <append>true</append> - <encoder> - <pattern>%X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{TargetEntity}|%X{TargetServiceName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{TargetVirtualEntity}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}| - %msg%n</pattern> - </encoder> - <rollingPolicy - class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> - <maxIndex>10</maxIndex> - <FileNamePattern>${logDirectory}/metric.%i.log.zip - </FileNamePattern> - </rollingPolicy> - <triggeringPolicy - class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> - <maxFileSize>10MB</maxFileSize> - </triggeringPolicy> - </appender> - <appender name="asyncEELFMetrics" - class="ch.qos.logback.classic.AsyncAppender"> - <queueSize>256</queueSize> - <appender-ref ref="METRIC" /> - </appender> - - <!-- SECURITY related loggers --> - <appender name="SECURITY" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <file>${logDirectory}/security.log</file> - <append>true</append> - <encoder> - <pattern>%X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|%msg%n - </pattern> - </encoder> - <rollingPolicy - class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> - <maxIndex>10</maxIndex> - <FileNamePattern>${logDirectory}/security.%i.log.zip - </FileNamePattern> - </rollingPolicy> - <triggeringPolicy - class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> - <maxFileSize>10MB</maxFileSize> - </triggeringPolicy> - </appender> - <appender name="asyncEELFSecurity" - class="ch.qos.logback.classic.AsyncAppender"> - <queueSize>256</queueSize> - <appender-ref ref="SECURITY" /> - </appender> - <!-- AAF related loggers --> - <logger name="org.onap.aaf" level="INFO" additivity="true"> - <appender-ref ref="DEBUG" /> - </logger> - <logger name="org.apache.catalina.core" level="INFO" - additivity="true"> - <appender-ref ref="DEBUG" /> - </logger> - <logger name="org.onap.cmso" level="INFO" - additivity="true"> - <appender-ref ref="ERROR" /> - </logger> - - <!-- CLDS related loggers --> - <logger name="com.att.eelf.error" level="OFF" additivity="true"> - <appender-ref ref="ERROR" /> - </logger> - <!-- EELF related loggers --> - <logger name="com.att.eelf.audit" level="INFO" - additivity="false"> - <appender-ref ref="asyncEELFAudit" /> - </logger> - <logger name="com.att.eelf.metrics" level="DEBUG" - additivity="false"> - <appender-ref ref="asyncEELFMetrics" /> - </logger> - <logger name="com.att.eelf.security" level="DEBUG" - additivity="false"> - <appender-ref ref="asyncEELFSecurity" /> - </logger> - - <!-- Spring related loggers --> - <logger name="org.springframework" level="DEBUG" /> - - <!-- Other Loggers that may help troubleshoot --> - <logger name="org.apache" level="DEBUG" /> - - <!-- logback internals logging --> - <logger name="ch.qos.logback.classic" level="INFO" /> - <logger name="ch.qos.logback.core" level="INFO" /> - - <!-- logback jms appenders & loggers definition starts here --> - <appender name="auditLogs" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> - </filter> - <file>${logDirectory}/Audit-${lrmRVer}-${lrmRO}-${Pid}.log</file> - <rollingPolicy - class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> - <fileNamePattern>${logDirectory}/Audit-${lrmRVer}-${lrmRO}-${Pid}.%i.log.zip - </fileNamePattern> - <minIndex>1</minIndex> - <maxIndex>9</maxIndex> - </rollingPolicy> - <triggeringPolicy - class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> - <maxFileSize>5MB</maxFileSize> - </triggeringPolicy> - <encoder> - <pattern>"%d [%thread] %-5level %logger{1024} - %msg%n"</pattern> - </encoder> - </appender> - <appender name="perfLogs" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> - </filter> - <file>${logDirectory}/Perform-${lrmRVer}-${lrmRO}-${Pid}.log</file> - <rollingPolicy - class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> - <fileNamePattern>${logDirectory}/Perform-${lrmRVer}-${lrmRO}-${Pid}.%i.log.zip - </fileNamePattern> - <minIndex>1</minIndex> - <maxIndex>9</maxIndex> - </rollingPolicy> - <triggeringPolicy - class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> - <maxFileSize>5MB</maxFileSize> - </triggeringPolicy> - <encoder> - <pattern>"%d [%thread] %-5level %logger{1024} - %msg%n"</pattern> - </encoder> - </appender> - <logger name="AuditRecord" level="INFO" additivity="FALSE"> - <appender-ref ref="auditLogs" /> - </logger> - <logger name="AuditRecord_DirectCall" level="INFO" - additivity="FALSE"> - <appender-ref ref="auditLogs" /> - </logger> - <logger name="PerfTrackerRecord" level="INFO" additivity="FALSE"> - <appender-ref ref="perfLogs" /> - </logger> - <!-- logback jms appenders & loggers definition ends here --> - - <root level="INFO"> - <appender-ref ref="DEBUG" /> - <appender-ref ref="STDOUT" /> - </root> -</configuration> - diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/resources/config/optimizer.properties b/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/resources/config/optimizer.properties deleted file mode 100644 index 04a5714a8e..0000000000 --- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/resources/config/optimizer.properties +++ /dev/null @@ -1,65 +0,0 @@ -{{/* -#------------------------------------------------------------------------------- -# ============LICENSE_START============================================== -# Copyright (c) 2019 AT&T Intellectual Property. -# ======================================================================= -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain a -# copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express -# or implied. See the License for the specific language governing -# permissions and limitations under the License. -# ============LICENSE_END================================================= -# -#------------------------------------------------------------------------------- -*/}} -spring.datasource.url=jdbc:mariadb://${DB_HOST}:${DB_PORT}/${DB_SCHEMA} -spring.datasource.driver-class-name=org.mariadb.jdbc.Driver -spring.datasource.username=${DB_USERNAME} -spring.datasource.password=${DB_PASSWORD} -cmso.database.password=${DB_PASSWORD} - -spring.datasource.initialize=false -spring.datasource.tomcat.max-wait=10000 -spring.datasource.tomcat.initialSize=5 -spring.datasource.tomcat.max-active=25 -spring.datasource.tomcat.test-on-borrow=true - -spring.jpa.show-sql=false -spring.jpa.hibernate.ddl-auto=none -spring.jpa.hibernate.naming.strategy=org.hibernate.cfg.EJB3NamingStrategy -spring.jpa.database-platform=org.hibernate.dialect.MySQL5InnoDBDialect -spring.jpa.hibernate.naming.physical-strategy=org.hibernate.boot.model.naming.PhysicalNamingStrategyStandardImpl -spring.jpa.hibernate.id.new_generator_mappings=false -hibernate.id.new_generator_mappings=false - -logging.level.org.hibernate.SQL=WARN -logging.level.org.hibernate=WARN -#------------------------------------------------------------------------------- - - -cmso.topology.create.request.url=https://oof-cmso-topology:7998/topology/v1/current -cmso.ticket.create.request.url=https://oof-cmso-ticketmgt:7999/ticketmgt/v1/activetickets -cmso.local.policy.folder=data/policies - -cmso.minizinc.command.exe=/mz-dist/bin/minizinc -cmso.minizinc.command.solver=OSICBC -cmso.minizinc.command.timelimit=60000 -cmso.minizinc.command.mzn=scripts/minizinc/generic_attributes.mzn - -mechid.user=${AAF_USER} -mechid.pass=${AAF_PASSWORD} - -aaf.urls=https://aaf-locate:8095 -aaf.user.role.properties=/share/etc/certs/AAFUserRoles.properties -aaf.enabled=true -aaf.namespace=org.onap.oof - -cadi_loglevel=DEBUG -cadi_prop_files=/share/etc/osaaf/local/org.onap.oof.props -aaf.user.roles=/share/etc/certs/AAFUserRoles.properties diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/templates/NOTES.txt b/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/templates/NOTES.txt deleted file mode 100644 index 1103affff1..0000000000 --- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/templates/NOTES.txt +++ /dev/null @@ -1,32 +0,0 @@ -# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -1. Get the application URL by running these commands: -{{- if .Values.ingress.enabled }} -{{- range .Values.ingress.hosts }} - http://{{ . }} -{{- end }} -{{- else if contains "NodePort" .Values.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT -{{- else if contains "LoadBalancer" .Values.service.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - echo http://$SERVICE_IP:{{ .Values.service.externalPort }} -{{- else if contains "ClusterIP" .Values.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - echo "Visit http://127.0.0.1:8080 to use your application" - kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} -{{- end }} diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/templates/deployment.yaml b/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/templates/deployment.yaml deleted file mode 100644 index 08af62d844..0000000000 --- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/templates/deployment.yaml +++ /dev/null @@ -1,190 +0,0 @@ -{{/* -# Copyright © 2018 AT&T -# Copyright (C) 2020 Wipro Limited. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - selector: - matchLabels: - app: {{ include "common.name" . }} - replicas: {{ .Values.replicaCount }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} - spec: - initContainers: - - command: - - /app/ready.py - args: - - --container-name - - {{ .Values.config.db.container }} - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: {{ include "repositoryGenerator.image.readiness" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness - - name: {{ include "common.name" . }}-db-config-readiness - command: - - /app/ready.py - args: - - -j - - "{{ include "common.release" . }}-cmso-db-config-config-job" - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: {{ include "repositoryGenerator.image.readiness" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - - name: {{ include "common.name" . }}-chown - command: ["/bin/sh", "-c", "chown -Rf 1000:1000 /share/"] - image: {{ include "repositoryGenerator.image.busybox" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - - name: {{ include "common.fullname" . }}-logs - mountPath: /share/logs - - name: db-init - image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.dbinit.image }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - env: - - name: DB_HOST - value: {{ .Values.config.db.host }}.{{.Release.Namespace}} - - name: DB_PORT - value: {{ .Values.config.db.port | quote}} - - name: DB_USERNAME - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cmso-db-user-secret" "key" "login") | indent 10}} - - name: DB_SCHEMA - value: {{ .Values.config.db.mysqlDatabase }} - - name: DB_PASSWORD - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cmso-db-user-secret" "key" "password") | indent 10}} - terminationMessagePolicy: File - volumeMounts: - - name: {{ include "common.fullname" . }}-config - mountPath: /share/etc/config - - name: {{ include "common.fullname" . }}-logs - mountPath: /share/logs -{{ include "common.certInitializer.initContainer" . | indent 6 }} - containers: - - name: {{ include "common.name" . }} - image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - env: - - name: DB_HOST - value: {{ .Values.config.db.host }}.{{.Release.Namespace}} - - name: DB_PORT - value: {{ .Values.config.db.port | quote}} - - name: DB_USERNAME - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cmso-db-user-secret" "key" "login") | indent 10}} - - name: DB_SCHEMA - value: {{ .Values.config.db.mysqlDatabase }} - - name: DB_PASSWORD - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cmso-db-user-secret" "key" "password") | indent 10}} - - name: JAVA_TRUSTSTORE - value: /share/etc/osaaf/local/{{ .Values.global.truststoreFile }} - - name: SSL_KEYSTORE - value: /share/etc/osaaf/local/{{ .Values.global.keystoreFile }} - - name: JAVA_TRUSTSTORE_PASSWORD - value: {{ .Values.global.truststorePassword }} - - name: AUTHENTICATION - value: {{ .Values.global.authentication }} - - name: AAF_USER - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cmso-aaf-creds" "key" "login") | indent 10}} - - name: AAF_PASSWORD - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cmso-aaf-creds" "key" "password") | indent 10}} - - name: VM_ARGS - value: "-Dcom.att.eelf.logging.file=logback.xml -Dcom.att.eelf.logging.path=/share/etc/config" - command: - - /bin/sh - args: - - "-c" - - | - export SSL_KEYSTORE_PASSWORD=$(cat /share/etc/osaaf/local/.pass) - ./startService.sh - ports: - - containerPort: {{ .Values.service.internalPort }} - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container - {{- if eq .Values.liveness.enabled true }} - livenessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - {{ end -}} - readinessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - volumeMounts: -{{ include "common.certInitializer.volumeMount" . | indent 8 }} - - name: {{ include "common.fullname" . }}-logs - mountPath: /share/logs - - name: {{ include "common.fullname" . }}-logs - mountPath: /share/debug-logs - - name: {{ include "common.fullname" . }}-config - mountPath: /share/etc/config - - name: {{ include "common.fullname" . }}-certs - mountPath: /share/etc/certs - - name: {{ include "common.fullname" . }}-certs - mountPath: /opt/app/cmso/src/main/resources/aaf - resources: -{{ include "common.resources" . | indent 12 }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 10 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 10 }} - {{- end }} - volumes: - {{ include "common.certInitializer.volumes" . | nindent 8 }} - - name: {{ include "common.fullname" . }}-config - configMap: - name: {{ include "common.fullname" . }} - items: - - key: logback.xml - path: logback.xml - - key: cadi.properties - path: cadi.properties - - key: optimizer.properties - path: optimizer.properties - - key: liquibase.properties - path: liquibase.properties - - name: {{ include "common.fullname" . }}-logs - emptyDir: {} - - name: {{ include "common.fullname" . }}-certs - secret: - secretName: {{ include "common.release" . }}-{{ .Values.global.commonConfigPrefix }}-certs - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/templates/service.yaml b/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/templates/service.yaml deleted file mode 100644 index e8db9f7b2e..0000000000 --- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/templates/service.yaml +++ /dev/null @@ -1,41 +0,0 @@ -{{/* -# Copyright © 2018 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - type: {{ .Values.service.type }} - ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - {{- end}} - selector: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/values.yaml b/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/values.yaml deleted file mode 100644 index c9de6546c2..0000000000 --- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/values.yaml +++ /dev/null @@ -1,139 +0,0 @@ -# Copyright © 2019 AT&T -# Copyright (C) 2020 Wipro Limited. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration defaults. -################################################################# -global: # global defaults - nodePortPrefix: 302 - readinessImage: onap/oom/readiness:3.0.1 - -subChartsOnly: - enabled: true - -# application image -image: onap/optf-cmso-optimizer:2.3.4 -pullPolicy: Always - -#init container image -dbinit: - image: onap/optf-cmso-dbinit:2.3.4 - -# flag to enable debugging - application support required -debugEnabled: false - - -################################################################# -# Secrets metaconfig -################################################################# -secrets: - - uid: cmso-db-user-secret - type: basicAuth - externalSecret: '{{ tpl (default "" .Values.config.db.userCredentialsExternalSecret) . }}' - login: '{{ .Values.config.db.user }}' - password: '{{ .Values.config.db.password }}' - passwordPolicy: required - - uid: cmso-aaf-creds - type: basicAuth - externalSecret: '{{ tpl (default "" .Values.config.aaf.userCredentialsExternalSecret) . }}' - login: '{{ .Values.config.aaf.user }}' - password: '{{ .Values.config.aaf.password }}' - passwordPolicy: required - -################################################################# -# Application configuration defaults. -################################################################# -# default number of instances -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 120 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 120 - periodSeconds: 10 - - -service: - type: ClusterIP - name: oof-cmso-optimizer - portName: cmso - internalPort: 7997 - externalPort: 7997 - #nodePort: 23 - # as of 20181022 port 23 is reserved for cmso - # see https://wiki.onap.org/display/DW/OOM+NodePort+List - - -config: - aaf: - user: user - password: pass -# userCredentialsExternalSecret: some-secret - db: - port: 3306 -# rootPassword: pass -# rootPasswordExternalSecret: some secret - user: cmso-admin - password: pass -# userCredentialsExternalSecret: some-secret -# host: host -# container: container -# mysqlDatabase: optimizer - topology_host: oof-cmso-topology - topology_port: 7998 - ticketmgt_host: oof-cmso-ticketmgt - ticketmgt_port: 7999 - -ingress: - enabled: false - -#resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # - # Example: - # Configure resource requests and limits - # ref: http://kubernetes.io/docs/user-guide/compute-resources/ - # Minimum memory for development is 2 CPU cores and 4GB memory - # Minimum memory for production is 4 CPU cores and 8GB memory -flavor: small -resources: - small: - limits: - cpu: 1 - memory: 1.2Gi - requests: - cpu: 10m - memory: 800Mi - large: - limits: - cpu: 1 - memory: 1.2Gi - requests: - cpu: 10m - memory: 800Mi - unlimited: {} diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/Chart.yaml b/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/Chart.yaml deleted file mode 100644 index 698166e0dc..0000000000 --- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/Chart.yaml +++ /dev/null @@ -1,18 +0,0 @@ -# Copyright © 2018 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -description: Chart for Change Management Service Orchestrator (CMSO) Service -name: oof-cmso-service -version: 8.0.0 diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/resources/config/cadi.properties b/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/resources/config/cadi.properties deleted file mode 100644 index d7387dd1e1..0000000000 --- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/resources/config/cadi.properties +++ /dev/null @@ -1,23 +0,0 @@ -{{/* -#------------------------------------------------------------------------------- -# ============LICENSE_START============================================== -# Copyright (c) 2019 AT&T Intellectual Property. -# ======================================================================= -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain a -# copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express -# or implied. See the License for the specific language governing -# permissions and limitations under the License. -# ============LICENSE_END================================================= -# -#------------------------------------------------------------------------------- -*/}} -cadi_loglevel=DEBUG -cadi_prop_files=/share/etc/osaaf/local/org.onap.oof.props - diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/resources/config/cmso.properties b/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/resources/config/cmso.properties deleted file mode 100644 index 363aecbc03..0000000000 --- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/resources/config/cmso.properties +++ /dev/null @@ -1,112 +0,0 @@ - -#------------------------------------------------------------------------------- -# Copyright (c) 2017-2018 AT&T Intellectual Property. -# Modifications Copyright (c) 2018 IBM. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# -# Unless otherwise specified, all documentation contained herein is licensed -# under the Creative Commons License, Attribution 4.0 Intl. (the ???License???); -# you may not use this documentation except in compliance with the License. -# You may obtain a copy of the License at -# -# https://creativecommons.org/licenses/by/4.0/ -# -# Unless required by applicable law or agreed to in writing, documentation -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -#------------------------------------------------------------------------------- - -#------------------------------------------------------------------------------- -spring.datasource.url=jdbc:mariadb://${DB_HOST}:${DB_PORT}/${DB_SCHEMA} -spring.datasource.driver-class-name=org.mariadb.jdbc.Driver -spring.datasource.username=${DB_USERNAME} -spring.datasource.password=${DB_PASSWORD} -cmso.database.password=${DB_PASSWORD} - -spring.datasource.initialize=false -spring.datasource.tomcat.max-wait=10000 -spring.datasource.tomcat.initialSize=5 -spring.datasource.tomcat.max-active=25 -spring.datasource.tomcat.test-on-borrow=true - -spring.jpa.show-sql=false -spring.jpa.hibernate.ddl-auto=none -spring.jpa.hibernate.naming.strategy=org.hibernate.cfg.EJB3NamingStrategy -spring.jpa.database-platform=org.hibernate.dialect.MySQL5InnoDBDialect -spring.jpa.hibernate.naming.physical-strategy=org.hibernate.boot.model.naming.PhysicalNamingStrategyStandardImpl -spring.jpa.hibernate.id.new_generator_mappings=false -hibernate.id.new_generator_mappings=false - -logging.level.org.hibernate.SQL=WARN -logging.level.org.hibernate=WARN -#------------------------------------------------------------------------------- - -# -cmso.aaf.enabled=false - -# Enable swagger - Enable in development and test only -cmso.swagger.enabled=true - -# Enable schedule immediate to be dispatched without ticket approvals -# Has no effect when in vTM loopback mode as always approved. -cmso.cm.dispatch.immediate.enabled = true - -# NUmber of seconds between sniro dispatch jobs -cmso.optimizer.job.interval.ms=10000 - -# NUmber of seconds between change management cmso polling jobs -# Controls frequenct of polling to the ChangeManagementScheduler table... -cmso.cm.polling.job.interval.ms=10000 -# How many management cmso polling intervals to look ahead to dispatch -# (To account for possible latency of the polling job) -cmso.cm.polling.job.lookahead.intervals=5 -# Lead time before event time to enable dispatcher to -# test that it is safe to dispatch (i.e. meeting reminder lead time) -cmso.cm.dispatcher.lead.time.ms=5000 -# Lead time to prepare and call VID to dispatch work to MSO -# Includes latency from VID call to the start of the workflow -cmso.cm.dispatch.lead.time.ms=1000 - -# Interval between polling to check status of schedules in Notifications Initiated status -cmso.status.job.interval.ms=60000 - -org.quartz.jobStore.class=org.quartz.simpl.RAMJobStore - -loopback.mso.requestId=dummy123 - -so.polling.interval.ms=10000 -#mso.user=cmso@onap.org -#mso.pass=enc:bfodXf8qRfCqMvlxVBYNWQ== - -## loopback settings -so.url=http://127.0.0.1:5000/onap/so/infra/orchestrationRequests/v7 -so.user=${AAF_USER} -so.pass=${AAF_USER} - -mechid.user=${AAF_USER} -mechid.pass=${AAF_PASSWORD} - -cmso.dispatch.url=http://localhost:8089 - -aaf.urls=https://aaf-locate:8095 -aaf.user.role.properties=/share/etc/certs/AAFUserRoles.properties -aaf.enabled=true -aaf.namespace=org.onap.oof - -cadi_loglevel=DEBUG -cadi_prop_files=/share/etc/osaaf/local/org.onap.oof.props -aaf.user.roles=/share/etc/certs/AAFUserRoles.properties diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/resources/config/liquibase.properties b/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/resources/config/liquibase.properties deleted file mode 100644 index 4d3bcd9b21..0000000000 --- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/resources/config/liquibase.properties +++ /dev/null @@ -1,57 +0,0 @@ -{{/* -### -# Copyright © 2017-2018 AT&T Intellectual Property. -# Modifications Copyright © 2018 IBM. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Unless otherwise specified, all documentation contained herein is licensed -# under the Creative Commons License, Attribution 4.0 Intl. (the “License”); -# you may not use this documentation except in compliance with the License. -# You may obtain a copy of the License at -# -# https://creativecommons.org/licenses/by/4.0/ -# -# Unless required by applicable law or agreed to in writing, documentation -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# -### -*/}} -spring.datasource.jdbcUrl=jdbc:mariadb://${DB_HOST}:${DB_PORT}/${DB_SCHEMA}?createDatabaseIfNotExist=true -spring.datasource.driver-class-name=org.mariadb.jdbc.Driver -spring.datasource.username=${DB_USERNAME} -spring.datasource.password=${DB_PASSWORD} - -spring.datasource.initialize=false -spring.datasource.tomcat.max-wait=10000 -spring.datasource.tomcat.initialSize=5 -spring.datasource.tomcat.max-active=25 -spring.datasource.tomcat.test-on-borrow=true - - -#changeLogFile=calendar-liquibase-changeLog.xml -changeLogFile=cmso-liquibase-changeLog.xml - - -#spring.main.web-environment=false -#outputChangeLogFile=src/main/resources/cmso-output-changelog.xml -#url=jdbc:mariadb://localhost:3306/calendar -#url=jdbc:mysql://localhost:3306/cmso -#username=root -#password=root -#driver=org.mariadb.jdbc.Driver -#driver=com.mysql.jdbc.Driver diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/resources/config/logback.xml b/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/resources/config/logback.xml deleted file mode 100644 index e288419211..0000000000 --- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/resources/config/logback.xml +++ /dev/null @@ -1,253 +0,0 @@ -<?xml version = "1.0" encoding = "UTF-8" ?> -<!-- -# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. ---> -<configuration> - <jmxConfigurator /> - <!-- Example evaluator filter applied against console appender --> -<property name="p_tim" value="%d{"yyyy-MM-dd'T'HH:mm:ss.SSSXXX", UTC}"/> - <property name="p_lvl" value="%level"/> - <property name="p_log" value="%logger"/> - <property name="p_mdc" value="%replace(%replace(%mdc){'\t','\\\\t'}){'\n', '\\\\n'}"/> - <property name="p_msg" value="%replace(%replace(%msg){'\t', '\\\\t'}){'\n','\\\\n'}"/> - <property name="p_exc" value="%replace(%replace(%rootException){'\t', '\\\\t'}){'\n','\\\\n'}"/> - <property name="p_mak" value="%replace(%replace(%marker){'\t', '\\\\t'}){'\n','\\\\n'}"/> - <property name="p_thr" value="%thread"/> - <property name="defaultPattern" value="%nopexception${p_tim}\t${p_thr}\t${p_lvl}\t${p_log}\t${p_mdc}\t${p_msg}\t${p_exc}\t${p_mak}\t%n"/> - <property name="debugPattern" value="%nopexception${p_tim}|${p_lvl}|${p_mdc}|${p_exc}|%msg%n"/> - - <!-- Example evaluator filter applied against console appender --> - <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> - <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> - <level>INFO</level> - </filter> - <encoder> - <pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n</pattern> - </encoder> - </appender> - - <appender name="ERROR" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> - <level>INFO</level> - </filter> - <file>${logDirectory}/error2.log</file> - <append>true</append> - <encoder> - <pattern>${defaultPattern}</pattern> - </encoder> - <rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy"> - <fileNamePattern>${outputDirectory}/cmso/error.%d{yyyy-MM-dd}.%i.log.zip</fileNamePattern> - <maxFileSize>50MB</maxFileSize> - <maxHistory>30</maxHistory> - <totalSizeCap>10GB</totalSizeCap> - </rollingPolicy> - <triggeringPolicy - class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> - <maxFileSize>10MB</maxFileSize> - </triggeringPolicy> - </appender> - - <appender name="DEBUG" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <file>${logDirectory}/debug.log</file> - <append>true</append> - <encoder> - <pattern>${debugPattern}</pattern> - </encoder> - <rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy"> - <fileNamePattern>${outputDirectory}/cmso/debug.%d{yyyy-MM-dd}.%i.log.zip</fileNamePattern> - <maxFileSize>50MB</maxFileSize> - <maxHistory>30</maxHistory> - <totalSizeCap>10GB</totalSizeCap> - </rollingPolicy> - </appender> - - - <appender name="AUDIT" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <file>${logDirectory}/audit.log</file> - <append>true</append> - <encoder> - <pattern>%X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|%msg%n - </pattern> - </encoder> - <rollingPolicy - class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> - <maxIndex>10</maxIndex> - <FileNamePattern>${logDirectory}/audit.%i.log.zip - </FileNamePattern> - </rollingPolicy> - <triggeringPolicy - class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> - <maxFileSize>10MB</maxFileSize> - </triggeringPolicy> - </appender> - <appender name="asyncEELFAudit" - class="ch.qos.logback.classic.AsyncAppender"> - <queueSize>256</queueSize> - <appender-ref ref="AUDIT" /> - </appender> - - <appender name="METRIC" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <file>${logDirectory}/metric.log</file> - <append>true</append> - <encoder> - <pattern>%X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{TargetEntity}|%X{TargetServiceName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{TargetVirtualEntity}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}| - %msg%n</pattern> - </encoder> - <rollingPolicy - class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> - <maxIndex>10</maxIndex> - <FileNamePattern>${logDirectory}/metric.%i.log.zip - </FileNamePattern> - </rollingPolicy> - <triggeringPolicy - class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> - <maxFileSize>10MB</maxFileSize> - </triggeringPolicy> - </appender> - <appender name="asyncEELFMetrics" - class="ch.qos.logback.classic.AsyncAppender"> - <queueSize>256</queueSize> - <appender-ref ref="METRIC" /> - </appender> - - <!-- SECURITY related loggers --> - <appender name="SECURITY" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <file>${logDirectory}/security.log</file> - <append>true</append> - <encoder> - <pattern>%X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|%msg%n - </pattern> - </encoder> - <rollingPolicy - class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> - <maxIndex>10</maxIndex> - <FileNamePattern>${logDirectory}/security.%i.log.zip - </FileNamePattern> - </rollingPolicy> - <triggeringPolicy - class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> - <maxFileSize>10MB</maxFileSize> - </triggeringPolicy> - </appender> - <appender name="asyncEELFSecurity" - class="ch.qos.logback.classic.AsyncAppender"> - <queueSize>256</queueSize> - <appender-ref ref="SECURITY" /> - </appender> - <!-- AAF related loggers --> - <logger name="org.onap.aaf" level="INFO" additivity="true"> - <appender-ref ref="DEBUG" /> - </logger> - <logger name="org.apache.catalina.core" level="INFO" - additivity="true"> - <appender-ref ref="DEBUG" /> - </logger> - <logger name="org.onap.cmso" level="INFO" - additivity="true"> - <appender-ref ref="ERROR" /> - </logger> - - <!-- CLDS related loggers --> - <logger name="com.att.eelf.error" level="OFF" additivity="true"> - <appender-ref ref="ERROR" /> - </logger> - <!-- EELF related loggers --> - <logger name="com.att.eelf.audit" level="INFO" - additivity="false"> - <appender-ref ref="asyncEELFAudit" /> - </logger> - <logger name="com.att.eelf.metrics" level="DEBUG" - additivity="false"> - <appender-ref ref="asyncEELFMetrics" /> - </logger> - <logger name="com.att.eelf.security" level="DEBUG" - additivity="false"> - <appender-ref ref="asyncEELFSecurity" /> - </logger> - - <!-- Spring related loggers --> - <logger name="org.springframework" level="DEBUG" /> - - <!-- Other Loggers that may help troubleshoot --> - <logger name="org.apache" level="DEBUG" /> - - <!-- logback internals logging --> - <logger name="ch.qos.logback.classic" level="INFO" /> - <logger name="ch.qos.logback.core" level="INFO" /> - - <!-- logback jms appenders & loggers definition starts here --> - <appender name="auditLogs" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> - </filter> - <file>${logDirectory}/Audit-${lrmRVer}-${lrmRO}-${Pid}.log</file> - <rollingPolicy - class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> - <fileNamePattern>${logDirectory}/Audit-${lrmRVer}-${lrmRO}-${Pid}.%i.log.zip - </fileNamePattern> - <minIndex>1</minIndex> - <maxIndex>9</maxIndex> - </rollingPolicy> - <triggeringPolicy - class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> - <maxFileSize>5MB</maxFileSize> - </triggeringPolicy> - <encoder> - <pattern>"%d [%thread] %-5level %logger{1024} - %msg%n"</pattern> - </encoder> - </appender> - <appender name="perfLogs" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> - </filter> - <file>${logDirectory}/Perform-${lrmRVer}-${lrmRO}-${Pid}.log</file> - <rollingPolicy - class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> - <fileNamePattern>${logDirectory}/Perform-${lrmRVer}-${lrmRO}-${Pid}.%i.log.zip - </fileNamePattern> - <minIndex>1</minIndex> - <maxIndex>9</maxIndex> - </rollingPolicy> - <triggeringPolicy - class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> - <maxFileSize>5MB</maxFileSize> - </triggeringPolicy> - <encoder> - <pattern>"%d [%thread] %-5level %logger{1024} - %msg%n"</pattern> - </encoder> - </appender> - <logger name="AuditRecord" level="INFO" additivity="FALSE"> - <appender-ref ref="auditLogs" /> - </logger> - <logger name="AuditRecord_DirectCall" level="INFO" - additivity="FALSE"> - <appender-ref ref="auditLogs" /> - </logger> - <logger name="PerfTrackerRecord" level="INFO" additivity="FALSE"> - <appender-ref ref="perfLogs" /> - </logger> - <!-- logback jms appenders & loggers definition ends here --> - - <root level="INFO"> - <appender-ref ref="DEBUG" /> - <appender-ref ref="STDOUT" /> - </root> -</configuration> - diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/resources/config/optimizer.properties b/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/resources/config/optimizer.properties deleted file mode 100644 index dcb7fd24c3..0000000000 --- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/resources/config/optimizer.properties +++ /dev/null @@ -1,36 +0,0 @@ -{{/* -#------------------------------------------------------------------------------- -# Copyright (c) 2017-2018 AT&T Intellectual Property. -# Modifications Copyright (c) 2018 IBM. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Unless otherwise specified, all documentation contained herein is licensed -# under the Creative Commons License, Attribution 4.0 Intl. (the “License”); -# you may not use this documentation except in compliance with the License. -# You may obtain a copy of the License at -# -# https://creativecommons.org/licenses/by/4.0/ -# -# Unless required by applicable law or agreed to in writing, documentation -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# -*/}} - -cmso.optimizer.request.url=https://oof-cmso-optimizer:7997/optimizer/v1/optimize/schedule -cmso.optimizer.status.url=https://oof-cmso-optimizer:7997/optimizer/v1/optimize/schedule -cmso.optimizer.health.url=https://oof-cmso-optimizer:7997/optimizer/v1/health?checkInterfaces=true diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/resources/config/ticketmgt.properties b/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/resources/config/ticketmgt.properties deleted file mode 100644 index c376be5ae7..0000000000 --- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/resources/config/ticketmgt.properties +++ /dev/null @@ -1,40 +0,0 @@ -{{/* -#------------------------------------------------------------------------------- -# Copyright © 2017-2018 AT&T Intellectual Property. -# Modifications Copyright © 2018 IBM. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Unless otherwise specified, all documentation contained herein is licensed -# under the Creative Commons License, Attribution 4.0 Intl. (the “License”); -# you may not use this documentation except in compliance with the License. -# You may obtain a copy of the License at -# -# https://creativecommons.org/licenses/by/4.0/ -# -# Unless required by applicable law or agreed to in writing, documentation -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# -*/}} - -tm.vnfs.per.ticket=1 -tm.getPath=http://localhost:8089/cmso/v1/tm/getChangeRecord -tm.createPath=http://localhost:8089/cmso/v1/tm/createChangeRecord -tm.closePath=http://localhost:8089/cmso/v1/tm/closeCancelChangeRecord -tm.updatePath=http://localhost:8089/cmso/v1/tm/updateChangeRecord -tm.approvalStatus=Approved|Scheduled,Approved|Assigned -tm.template.folder=data/templates/tm diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/templates/NOTES.txt b/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/templates/NOTES.txt deleted file mode 100644 index 1103affff1..0000000000 --- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/templates/NOTES.txt +++ /dev/null @@ -1,32 +0,0 @@ -# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -1. Get the application URL by running these commands: -{{- if .Values.ingress.enabled }} -{{- range .Values.ingress.hosts }} - http://{{ . }} -{{- end }} -{{- else if contains "NodePort" .Values.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT -{{- else if contains "LoadBalancer" .Values.service.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - echo http://$SERVICE_IP:{{ .Values.service.externalPort }} -{{- else if contains "ClusterIP" .Values.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - echo "Visit http://127.0.0.1:8080 to use your application" - kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} -{{- end }} diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/templates/deployment.yaml b/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/templates/deployment.yaml deleted file mode 100644 index 3fd0112928..0000000000 --- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/templates/deployment.yaml +++ /dev/null @@ -1,213 +0,0 @@ -{{/* -# Copyright (c) 2018 AT&T -# Copyright (C) 2020 Wipro Limited. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - selector: - matchLabels: - app: {{ include "common.name" . }} - replicas: {{ .Values.replicaCount }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} - spec: - initContainers: - - command: - - /app/ready.py - args: - - --container-name - - {{ .Values.config.db.container }} - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: {{ include "repositoryGenerator.image.readiness" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness - - name: {{ include "common.name" . }}-db-config-readiness - command: - - /app/ready.py - args: - - -j - - "{{ include "common.release" . }}-cmso-db-config-config-job" - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: {{ include "repositoryGenerator.image.readiness" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - - name: {{ include "common.name" . }}-chown - command: ["/bin/sh", "-c", "chown -Rf 1000:1000 /share/"] - image: {{ include "repositoryGenerator.image.busybox" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - - name: {{ include "common.fullname" . }}-logs - mountPath: /share/logs - - name: db-init - image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.dbinit.image }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - env: - - name: DB_HOST - value: {{ .Values.config.db.host }}.{{.Release.Namespace}} - - name: DB_PORT - value: {{ .Values.config.db.port | quote}} - - name: DB_USERNAME - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cmso-db-user-secret" "key" "login") | indent 10}} - - name: DB_SCHEMA - value: {{ .Values.config.db.mysqlDatabase }} - - name: DB_PASSWORD - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cmso-db-user-secret" "key" "password") | indent 10}} - terminationMessagePolicy: File - volumeMounts: - - name: {{ include "common.fullname" . }}-config - mountPath: /share/etc/config - - name: {{ include "common.fullname" . }}-logs - mountPath: /share/logs -{{ include "common.certInitializer.initContainer" . | indent 6 }} - containers: - # side car containers - - name: filebeat-onap - image: {{ include "repositoryGenerator.image.logging" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - - mountPath: /usr/share/filebeat/filebeat.yml - subPath: filebeat.yml - name: filebeat-conf - - mountPath: /var/log/onap - name: {{ include "common.fullname" . }}-logs - - mountPath: /usr/share/filebeat/data - name: {{ include "common.fullname" . }}-filebeat - resources: -{{ include "common.resources" . }} - - name: {{ include "common.name" . }} - image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - env: - - name: DB_HOST - value: {{ .Values.config.db.host }}.{{.Release.Namespace}} - - name: DB_PORT - value: {{ .Values.config.db.port | quote}} - - name: DB_USERNAME - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cmso-db-user-secret" "key" "login") | indent 10}} - - name: DB_SCHEMA - value: {{ .Values.config.db.mysqlDatabase }} - - name: DB_PASSWORD - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cmso-db-user-secret" "key" "password") | indent 10}} - - name: JAVA_TRUSTSTORE - value: /share/etc/osaaf/local/{{ .Values.global.truststoreFile }} - - name: SSL_KEYSTORE - value: /share/etc/osaaf/local/{{ .Values.global.keystoreFile }} - - name: JAVA_TRUSTSTORE_PASSWORD - value: {{ .Values.global.truststorePassword }} - - name: AUTHENTICATION - value: {{ .Values.global.authentication }} - - name: AAF_USER - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cmso-aaf-creds" "key" "login") | indent 10}} - - name: AAF_PASSWORD - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cmso-aaf-creds" "key" "password") | indent 10}} - - name: VM_ARGS - value: "-Dcom.att.eelf.logging.file=logback.xml -Dcom.att.eelf.logging.path=/share/etc/config" - command: - - /bin/sh - args: - - "-c" - - | - export SSL_KEYSTORE_PASSWORD=$(cat /share/etc/osaaf/local/.pass) - ./startService.sh - ports: - - containerPort: {{ .Values.service.internalPort }} - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container - {{- if eq .Values.liveness.enabled true }} - livenessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - {{ end -}} - readinessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - volumeMounts: -{{ include "common.certInitializer.volumeMount" . | indent 8 }} - - name: {{ include "common.fullname" . }}-logs - mountPath: /share/logs - - name: {{ include "common.fullname" . }}-logs - mountPath: /share/debug-logs - - name: {{ include "common.fullname" . }}-config - mountPath: /share/etc/config - - name: {{ include "common.fullname" . }}-certs - mountPath: /share/etc/certs - - name: {{ include "common.fullname" . }}-certs - mountPath: /opt/app/cmso/src/main/resources/aaf - resources: -{{ include "common.resources" . | indent 12 }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 10 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 10 }} - {{- end }} - volumes: - {{ include "common.certInitializer.volumes" . | nindent 8 }} - - name: {{ include "common.fullname" . }}-config - configMap: - name: {{ include "common.fullname" . }} - items: - - key: logback.xml - path: logback.xml - - key: cmso.properties - path: cmso.properties - - key: cadi.properties - path: cadi.properties - - key: optimizer.properties - path: optimizer.properties - - key: ticketmgt.properties - path: ticketmgt.properties - - key: liquibase.properties - path: liquibase.properties - - name: {{ include "common.fullname" . }}-logs - emptyDir: {} - - name: {{ include "common.fullname" . }}-filebeat - emptyDir: {} - - name: filebeat-conf - configMap: - name: {{ include "common.release" . }}-cmso-filebeat-configmap - - name: {{ include "common.fullname" . }}-certs - secret: - secretName: {{ include "common.release" . }}-{{ .Values.global.commonConfigPrefix }}-certs - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/templates/service.yaml b/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/templates/service.yaml deleted file mode 100644 index e8db9f7b2e..0000000000 --- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/templates/service.yaml +++ /dev/null @@ -1,41 +0,0 @@ -{{/* -# Copyright © 2018 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - type: {{ .Values.service.type }} - ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - {{- end}} - selector: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/values.yaml b/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/values.yaml deleted file mode 100644 index 105163e95c..0000000000 --- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/values.yaml +++ /dev/null @@ -1,136 +0,0 @@ -# Copyright © 2018-2019 AT&T -# Copyright (C) 2020 Wipro Limited. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration defaults. -################################################################# -global: # global defaults - nodePortPrefix: 302 - -subChartsOnly: - enabled: true - -# application image -image: onap/optf-cmso-service:2.3.4 -pullPolicy: Always - -#init container image -dbinit: - image: onap/optf-cmso-dbinit:2.3.4 - -# flag to enable debugging - application support required -debugEnabled: false - -################################################################# -# Secrets metaconfig -################################################################# -secrets: - - uid: cmso-db-user-secret - type: basicAuth - externalSecret: '{{ tpl (default "" .Values.config.db.userCredentialsExternalSecret) . }}' - login: '{{ .Values.config.db.user }}' - password: '{{ .Values.config.db.password }}' - passwordPolicy: required - - uid: cmso-aaf-creds - type: basicAuth - externalSecret: '{{ tpl (default "" .Values.config.aaf.userCredentialsExternalSecret) . }}' - login: '{{ .Values.config.aaf.user }}' - password: '{{ .Values.config.aaf.password }}' - passwordPolicy: required - -################################################################# -# Application configuration defaults. -################################################################# -# default number of instances -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 120 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 120 - periodSeconds: 10 - - -service: - type: ClusterIP - name: oof-cmso - portName: cmso - internalPort: 8080 - externalPort: 8080 - #nodePort: 23 - # as of 20181022 port 23 is reserved for cmso - # see https://wiki.onap.org/display/DW/OOM+NodePort+List - - -config: - aaf: - user: user - password: pass -# userCredentialsExternalSecret: some-secret - db: - port: 3306 -# rootPassword: pass -# rootPasswordExternalSecret: some secret - user: cmso-admin - password: pass -# userCredentialsExternalSecret: some-secret -# host: host -# container: container -# mysqlDatabase: cmso - optimizer_host: oof-cmso-optimizer - optimizer_port: 7997 - - -ingress: - enabled: false - -#resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # - # Example: - # Configure resource requests and limits - # ref: http://kubernetes.io/docs/user-guide/compute-resources/ - # Minimum memory for development is 2 CPU cores and 4GB memory - # Minimum memory for production is 4 CPU cores and 8GB memory -flavor: small -resources: - small: - limits: - cpu: 1 - memory: 1.2Gi - requests: - cpu: 10m - memory: 800Mi - large: - limits: - cpu: 1 - memory: 1.2Gi - requests: - cpu: 10m - memory: 800Mi - unlimited: {} diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-ticketmgt/Chart.yaml b/kubernetes/oof/components/oof-cmso/components/oof-cmso-ticketmgt/Chart.yaml deleted file mode 100644 index b37f14428f..0000000000 --- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-ticketmgt/Chart.yaml +++ /dev/null @@ -1,18 +0,0 @@ -# Copyright © 2019 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -description: Chart for Change Management Service Orchestrator (CMSO) Ticket Management -name: oof-cmso-ticketmgt -version: 8.0.0 diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-ticketmgt/resources/config/cadi.properties b/kubernetes/oof/components/oof-cmso/components/oof-cmso-ticketmgt/resources/config/cadi.properties deleted file mode 100644 index d7387dd1e1..0000000000 --- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-ticketmgt/resources/config/cadi.properties +++ /dev/null @@ -1,23 +0,0 @@ -{{/* -#------------------------------------------------------------------------------- -# ============LICENSE_START============================================== -# Copyright (c) 2019 AT&T Intellectual Property. -# ======================================================================= -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain a -# copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express -# or implied. See the License for the specific language governing -# permissions and limitations under the License. -# ============LICENSE_END================================================= -# -#------------------------------------------------------------------------------- -*/}} -cadi_loglevel=DEBUG -cadi_prop_files=/share/etc/osaaf/local/org.onap.oof.props - diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-ticketmgt/resources/config/logback.xml b/kubernetes/oof/components/oof-cmso/components/oof-cmso-ticketmgt/resources/config/logback.xml deleted file mode 100644 index e288419211..0000000000 --- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-ticketmgt/resources/config/logback.xml +++ /dev/null @@ -1,253 +0,0 @@ -<?xml version = "1.0" encoding = "UTF-8" ?> -<!-- -# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. ---> -<configuration> - <jmxConfigurator /> - <!-- Example evaluator filter applied against console appender --> -<property name="p_tim" value="%d{"yyyy-MM-dd'T'HH:mm:ss.SSSXXX", UTC}"/> - <property name="p_lvl" value="%level"/> - <property name="p_log" value="%logger"/> - <property name="p_mdc" value="%replace(%replace(%mdc){'\t','\\\\t'}){'\n', '\\\\n'}"/> - <property name="p_msg" value="%replace(%replace(%msg){'\t', '\\\\t'}){'\n','\\\\n'}"/> - <property name="p_exc" value="%replace(%replace(%rootException){'\t', '\\\\t'}){'\n','\\\\n'}"/> - <property name="p_mak" value="%replace(%replace(%marker){'\t', '\\\\t'}){'\n','\\\\n'}"/> - <property name="p_thr" value="%thread"/> - <property name="defaultPattern" value="%nopexception${p_tim}\t${p_thr}\t${p_lvl}\t${p_log}\t${p_mdc}\t${p_msg}\t${p_exc}\t${p_mak}\t%n"/> - <property name="debugPattern" value="%nopexception${p_tim}|${p_lvl}|${p_mdc}|${p_exc}|%msg%n"/> - - <!-- Example evaluator filter applied against console appender --> - <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> - <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> - <level>INFO</level> - </filter> - <encoder> - <pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n</pattern> - </encoder> - </appender> - - <appender name="ERROR" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> - <level>INFO</level> - </filter> - <file>${logDirectory}/error2.log</file> - <append>true</append> - <encoder> - <pattern>${defaultPattern}</pattern> - </encoder> - <rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy"> - <fileNamePattern>${outputDirectory}/cmso/error.%d{yyyy-MM-dd}.%i.log.zip</fileNamePattern> - <maxFileSize>50MB</maxFileSize> - <maxHistory>30</maxHistory> - <totalSizeCap>10GB</totalSizeCap> - </rollingPolicy> - <triggeringPolicy - class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> - <maxFileSize>10MB</maxFileSize> - </triggeringPolicy> - </appender> - - <appender name="DEBUG" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <file>${logDirectory}/debug.log</file> - <append>true</append> - <encoder> - <pattern>${debugPattern}</pattern> - </encoder> - <rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy"> - <fileNamePattern>${outputDirectory}/cmso/debug.%d{yyyy-MM-dd}.%i.log.zip</fileNamePattern> - <maxFileSize>50MB</maxFileSize> - <maxHistory>30</maxHistory> - <totalSizeCap>10GB</totalSizeCap> - </rollingPolicy> - </appender> - - - <appender name="AUDIT" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <file>${logDirectory}/audit.log</file> - <append>true</append> - <encoder> - <pattern>%X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|%msg%n - </pattern> - </encoder> - <rollingPolicy - class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> - <maxIndex>10</maxIndex> - <FileNamePattern>${logDirectory}/audit.%i.log.zip - </FileNamePattern> - </rollingPolicy> - <triggeringPolicy - class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> - <maxFileSize>10MB</maxFileSize> - </triggeringPolicy> - </appender> - <appender name="asyncEELFAudit" - class="ch.qos.logback.classic.AsyncAppender"> - <queueSize>256</queueSize> - <appender-ref ref="AUDIT" /> - </appender> - - <appender name="METRIC" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <file>${logDirectory}/metric.log</file> - <append>true</append> - <encoder> - <pattern>%X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{TargetEntity}|%X{TargetServiceName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{TargetVirtualEntity}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}| - %msg%n</pattern> - </encoder> - <rollingPolicy - class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> - <maxIndex>10</maxIndex> - <FileNamePattern>${logDirectory}/metric.%i.log.zip - </FileNamePattern> - </rollingPolicy> - <triggeringPolicy - class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> - <maxFileSize>10MB</maxFileSize> - </triggeringPolicy> - </appender> - <appender name="asyncEELFMetrics" - class="ch.qos.logback.classic.AsyncAppender"> - <queueSize>256</queueSize> - <appender-ref ref="METRIC" /> - </appender> - - <!-- SECURITY related loggers --> - <appender name="SECURITY" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <file>${logDirectory}/security.log</file> - <append>true</append> - <encoder> - <pattern>%X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|%msg%n - </pattern> - </encoder> - <rollingPolicy - class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> - <maxIndex>10</maxIndex> - <FileNamePattern>${logDirectory}/security.%i.log.zip - </FileNamePattern> - </rollingPolicy> - <triggeringPolicy - class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> - <maxFileSize>10MB</maxFileSize> - </triggeringPolicy> - </appender> - <appender name="asyncEELFSecurity" - class="ch.qos.logback.classic.AsyncAppender"> - <queueSize>256</queueSize> - <appender-ref ref="SECURITY" /> - </appender> - <!-- AAF related loggers --> - <logger name="org.onap.aaf" level="INFO" additivity="true"> - <appender-ref ref="DEBUG" /> - </logger> - <logger name="org.apache.catalina.core" level="INFO" - additivity="true"> - <appender-ref ref="DEBUG" /> - </logger> - <logger name="org.onap.cmso" level="INFO" - additivity="true"> - <appender-ref ref="ERROR" /> - </logger> - - <!-- CLDS related loggers --> - <logger name="com.att.eelf.error" level="OFF" additivity="true"> - <appender-ref ref="ERROR" /> - </logger> - <!-- EELF related loggers --> - <logger name="com.att.eelf.audit" level="INFO" - additivity="false"> - <appender-ref ref="asyncEELFAudit" /> - </logger> - <logger name="com.att.eelf.metrics" level="DEBUG" - additivity="false"> - <appender-ref ref="asyncEELFMetrics" /> - </logger> - <logger name="com.att.eelf.security" level="DEBUG" - additivity="false"> - <appender-ref ref="asyncEELFSecurity" /> - </logger> - - <!-- Spring related loggers --> - <logger name="org.springframework" level="DEBUG" /> - - <!-- Other Loggers that may help troubleshoot --> - <logger name="org.apache" level="DEBUG" /> - - <!-- logback internals logging --> - <logger name="ch.qos.logback.classic" level="INFO" /> - <logger name="ch.qos.logback.core" level="INFO" /> - - <!-- logback jms appenders & loggers definition starts here --> - <appender name="auditLogs" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> - </filter> - <file>${logDirectory}/Audit-${lrmRVer}-${lrmRO}-${Pid}.log</file> - <rollingPolicy - class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> - <fileNamePattern>${logDirectory}/Audit-${lrmRVer}-${lrmRO}-${Pid}.%i.log.zip - </fileNamePattern> - <minIndex>1</minIndex> - <maxIndex>9</maxIndex> - </rollingPolicy> - <triggeringPolicy - class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> - <maxFileSize>5MB</maxFileSize> - </triggeringPolicy> - <encoder> - <pattern>"%d [%thread] %-5level %logger{1024} - %msg%n"</pattern> - </encoder> - </appender> - <appender name="perfLogs" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> - </filter> - <file>${logDirectory}/Perform-${lrmRVer}-${lrmRO}-${Pid}.log</file> - <rollingPolicy - class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> - <fileNamePattern>${logDirectory}/Perform-${lrmRVer}-${lrmRO}-${Pid}.%i.log.zip - </fileNamePattern> - <minIndex>1</minIndex> - <maxIndex>9</maxIndex> - </rollingPolicy> - <triggeringPolicy - class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> - <maxFileSize>5MB</maxFileSize> - </triggeringPolicy> - <encoder> - <pattern>"%d [%thread] %-5level %logger{1024} - %msg%n"</pattern> - </encoder> - </appender> - <logger name="AuditRecord" level="INFO" additivity="FALSE"> - <appender-ref ref="auditLogs" /> - </logger> - <logger name="AuditRecord_DirectCall" level="INFO" - additivity="FALSE"> - <appender-ref ref="auditLogs" /> - </logger> - <logger name="PerfTrackerRecord" level="INFO" additivity="FALSE"> - <appender-ref ref="perfLogs" /> - </logger> - <!-- logback jms appenders & loggers definition ends here --> - - <root level="INFO"> - <appender-ref ref="DEBUG" /> - <appender-ref ref="STDOUT" /> - </root> -</configuration> - diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-ticketmgt/resources/config/ticketmgt.properties b/kubernetes/oof/components/oof-cmso/components/oof-cmso-ticketmgt/resources/config/ticketmgt.properties deleted file mode 100644 index 6480537988..0000000000 --- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-ticketmgt/resources/config/ticketmgt.properties +++ /dev/null @@ -1,40 +0,0 @@ -{{/* -#------------------------------------------------------------------------------- -# Copyright 2017-2019 AT&T Intellectual Property. -# Modifications Copyright 2018 IBM. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# -# Unless otherwise specified, all documentation contained herein is licensed -# under the Creative Commons License, Attribution 4.0 Intl. (the ??License?); -# you may not use this documentation except in compliance with the License. -# You may obtain a copy of the License at -# -# https://creativecommons.org/licenses/by/4.0/ -# -# Unless required by applicable law or agreed to in writing, documentation -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -#------------------------------------------------------------------------------- -*/}} -cadi_loglevel=DEBUG -cadi_prop_files=/share/etc/osaaf/local/org.onap.oof.props -aaf.user.roles=/share/etc/certs/AAFUserRoles.properties - -aaf.urls=https://aaf-locate:8095 -aaf.user.role.properties=/share/etc/certs/AAFUserRoles.properties -aaf.enabled=true -aaf.namespace=org.onap.oof diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-ticketmgt/templates/NOTES.txt b/kubernetes/oof/components/oof-cmso/components/oof-cmso-ticketmgt/templates/NOTES.txt deleted file mode 100644 index 1103affff1..0000000000 --- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-ticketmgt/templates/NOTES.txt +++ /dev/null @@ -1,32 +0,0 @@ -# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -1. Get the application URL by running these commands: -{{- if .Values.ingress.enabled }} -{{- range .Values.ingress.hosts }} - http://{{ . }} -{{- end }} -{{- else if contains "NodePort" .Values.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT -{{- else if contains "LoadBalancer" .Values.service.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - echo http://$SERVICE_IP:{{ .Values.service.externalPort }} -{{- else if contains "ClusterIP" .Values.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - echo "Visit http://127.0.0.1:8080 to use your application" - kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} -{{- end }} diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-ticketmgt/templates/configmap.yaml b/kubernetes/oof/components/oof-cmso/components/oof-cmso-ticketmgt/templates/configmap.yaml deleted file mode 100644 index 69614344fc..0000000000 --- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-ticketmgt/templates/configmap.yaml +++ /dev/null @@ -1,28 +0,0 @@ -{{/* -# Copyright © 2018 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-ticketmgt/templates/deployment.yaml b/kubernetes/oof/components/oof-cmso/components/oof-cmso-ticketmgt/templates/deployment.yaml deleted file mode 100644 index 45c7fc475f..0000000000 --- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-ticketmgt/templates/deployment.yaml +++ /dev/null @@ -1,125 +0,0 @@ -{{/* -# Copyright © 2018 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - selector: - matchLabels: - app: {{ include "common.name" . }} - replicas: {{ .Values.replicaCount }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} - spec: - initContainers: - - name: {{ include "common.name" . }}-chown - command: ["/bin/sh", "-c", "chown -Rf 1000:1000 /share/"] - image: {{ include "repositoryGenerator.image.busybox" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - - name: {{ include "common.fullname" . }}-logs - mountPath: /share/logs -{{ include "common.certInitializer.initContainer" . | indent 6 }} - containers: - - name: {{ include "common.name" . }} - image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - env: - - name: JAVA_TRUSTSTORE - value: /share/etc/osaaf/local/{{ .Values.global.truststoreFile }} - - name: SSL_KEYSTORE - value: /share/etc/osaaf/local/{{ .Values.global.keystoreFile }} - - name: JAVA_TRUSTSTORE_PASSWORD - value: {{ .Values.global.truststorePassword }} - - name: AUTHENTICATION - value: proprietary-auth - - name: VM_ARGS - value: "-Dcom.att.eelf.logging.file=logback.xml -Dcom.att.eelf.logging.path=/share/etc/config" - command: - - /bin/sh - args: - - "-c" - - | - export SSL_KEYSTORE_PASSWORD=$(cat /share/etc/osaaf/local/.pass) - ./startService.sh - ports: - - containerPort: {{ .Values.service.internalPort }} - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container - {{- if eq .Values.liveness.enabled true }} - livenessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - {{ end -}} - readinessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - volumeMounts: -{{ include "common.certInitializer.volumeMount" . | indent 8 }} - - name: {{ include "common.fullname" . }}-logs - mountPath: /share/logs - - name: {{ include "common.fullname" . }}-logs - mountPath: /share/debug-logs - - name: {{ include "common.fullname" . }}-config - mountPath: /share/etc/config - - name: {{ include "common.fullname" . }}-certs - mountPath: /share/etc/certs - - name: {{ include "common.fullname" . }}-certs - mountPath: /opt/app/cmso/src/main/resources/aaf - resources: -{{ include "common.resources" . | indent 12 }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 10 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 10 }} - {{- end }} - volumes: - {{ include "common.certInitializer.volumes" . | nindent 8 }} - - name: {{ include "common.fullname" . }}-config - configMap: - name: {{ include "common.fullname" . }} - items: - - key: logback.xml - path: logback.xml - - key: ticketmgt.properties - path: ticketmgt.properties - - key: cadi.properties - path: cadi.properties - - name: {{ include "common.fullname" . }}-logs - emptyDir: {} - - name: {{ include "common.fullname" . }}-certs - secret: - secretName: {{ include "common.release" . }}-{{ .Values.global.commonConfigPrefix }}-certs - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-ticketmgt/templates/service.yaml b/kubernetes/oof/components/oof-cmso/components/oof-cmso-ticketmgt/templates/service.yaml deleted file mode 100644 index e8db9f7b2e..0000000000 --- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-ticketmgt/templates/service.yaml +++ /dev/null @@ -1,41 +0,0 @@ -{{/* -# Copyright © 2018 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - type: {{ .Values.service.type }} - ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - {{- end}} - selector: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-ticketmgt/values.yaml b/kubernetes/oof/components/oof-cmso/components/oof-cmso-ticketmgt/values.yaml deleted file mode 100644 index 7ef7ace48b..0000000000 --- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-ticketmgt/values.yaml +++ /dev/null @@ -1,100 +0,0 @@ -# Copyright (c) 2019 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration defaults. -################################################################# -global: # global defaults - nodePortPrefix: 302 - readinessImage: onap/oom/readiness:3.0.1 - authentication: proprietary-auth -subChartsOnly: - enabled: true - -# application image -image: onap/optf-cmso-ticketmgt:2.3.4 -pullPolicy: Always - - -# flag to enable debugging - application support required -debugEnabled: false - -################################################################# -# Application configuration defaults. -################################################################# -# default number of instances -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 120 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 120 - periodSeconds: 10 - - -service: - type: ClusterIP - name: oof-cmso-ticketmgt - portName: cmso-ticketmgt - internalPort: 7999 - externalPort: 7999 - #nodePort: 23 - # as of 20181022 port 23 is reserved for cmso - # see https://wiki.onap.org/display/DW/OOM+NodePort+List - - -config: - - -ingress: - enabled: false - -#resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # - # Example: - # Configure resource requests and limits - # ref: http://kubernetes.io/docs/user-guide/compute-resources/ - # Minimum memory for development is 2 CPU cores and 4GB memory - # Minimum memory for production is 4 CPU cores and 8GB memory -flavor: small -resources: - small: - limits: - cpu: 1 - memory: 1.2Gi - requests: - cpu: 10m - memory: 800Mi - large: - limits: - cpu: 1 - memory: 1.2Gi - requests: - cpu: 10m - memory: 800Mi - unlimited: {} diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-topology/Chart.yaml b/kubernetes/oof/components/oof-cmso/components/oof-cmso-topology/Chart.yaml deleted file mode 100644 index c3b9e69dc0..0000000000 --- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-topology/Chart.yaml +++ /dev/null @@ -1,18 +0,0 @@ -# Copyright © 2018 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -description: Chart for Change Management Service Orchestrator (CMSO) Service -name: oof-cmso-topology -version: 8.0.0 diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-topology/resources/config/cadi.properties b/kubernetes/oof/components/oof-cmso/components/oof-cmso-topology/resources/config/cadi.properties deleted file mode 100644 index d7387dd1e1..0000000000 --- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-topology/resources/config/cadi.properties +++ /dev/null @@ -1,23 +0,0 @@ -{{/* -#------------------------------------------------------------------------------- -# ============LICENSE_START============================================== -# Copyright (c) 2019 AT&T Intellectual Property. -# ======================================================================= -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain a -# copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express -# or implied. See the License for the specific language governing -# permissions and limitations under the License. -# ============LICENSE_END================================================= -# -#------------------------------------------------------------------------------- -*/}} -cadi_loglevel=DEBUG -cadi_prop_files=/share/etc/osaaf/local/org.onap.oof.props - diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-topology/resources/config/logback.xml b/kubernetes/oof/components/oof-cmso/components/oof-cmso-topology/resources/config/logback.xml deleted file mode 100644 index e288419211..0000000000 --- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-topology/resources/config/logback.xml +++ /dev/null @@ -1,253 +0,0 @@ -<?xml version = "1.0" encoding = "UTF-8" ?> -<!-- -# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. ---> -<configuration> - <jmxConfigurator /> - <!-- Example evaluator filter applied against console appender --> -<property name="p_tim" value="%d{"yyyy-MM-dd'T'HH:mm:ss.SSSXXX", UTC}"/> - <property name="p_lvl" value="%level"/> - <property name="p_log" value="%logger"/> - <property name="p_mdc" value="%replace(%replace(%mdc){'\t','\\\\t'}){'\n', '\\\\n'}"/> - <property name="p_msg" value="%replace(%replace(%msg){'\t', '\\\\t'}){'\n','\\\\n'}"/> - <property name="p_exc" value="%replace(%replace(%rootException){'\t', '\\\\t'}){'\n','\\\\n'}"/> - <property name="p_mak" value="%replace(%replace(%marker){'\t', '\\\\t'}){'\n','\\\\n'}"/> - <property name="p_thr" value="%thread"/> - <property name="defaultPattern" value="%nopexception${p_tim}\t${p_thr}\t${p_lvl}\t${p_log}\t${p_mdc}\t${p_msg}\t${p_exc}\t${p_mak}\t%n"/> - <property name="debugPattern" value="%nopexception${p_tim}|${p_lvl}|${p_mdc}|${p_exc}|%msg%n"/> - - <!-- Example evaluator filter applied against console appender --> - <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> - <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> - <level>INFO</level> - </filter> - <encoder> - <pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n</pattern> - </encoder> - </appender> - - <appender name="ERROR" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> - <level>INFO</level> - </filter> - <file>${logDirectory}/error2.log</file> - <append>true</append> - <encoder> - <pattern>${defaultPattern}</pattern> - </encoder> - <rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy"> - <fileNamePattern>${outputDirectory}/cmso/error.%d{yyyy-MM-dd}.%i.log.zip</fileNamePattern> - <maxFileSize>50MB</maxFileSize> - <maxHistory>30</maxHistory> - <totalSizeCap>10GB</totalSizeCap> - </rollingPolicy> - <triggeringPolicy - class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> - <maxFileSize>10MB</maxFileSize> - </triggeringPolicy> - </appender> - - <appender name="DEBUG" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <file>${logDirectory}/debug.log</file> - <append>true</append> - <encoder> - <pattern>${debugPattern}</pattern> - </encoder> - <rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy"> - <fileNamePattern>${outputDirectory}/cmso/debug.%d{yyyy-MM-dd}.%i.log.zip</fileNamePattern> - <maxFileSize>50MB</maxFileSize> - <maxHistory>30</maxHistory> - <totalSizeCap>10GB</totalSizeCap> - </rollingPolicy> - </appender> - - - <appender name="AUDIT" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <file>${logDirectory}/audit.log</file> - <append>true</append> - <encoder> - <pattern>%X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|%msg%n - </pattern> - </encoder> - <rollingPolicy - class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> - <maxIndex>10</maxIndex> - <FileNamePattern>${logDirectory}/audit.%i.log.zip - </FileNamePattern> - </rollingPolicy> - <triggeringPolicy - class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> - <maxFileSize>10MB</maxFileSize> - </triggeringPolicy> - </appender> - <appender name="asyncEELFAudit" - class="ch.qos.logback.classic.AsyncAppender"> - <queueSize>256</queueSize> - <appender-ref ref="AUDIT" /> - </appender> - - <appender name="METRIC" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <file>${logDirectory}/metric.log</file> - <append>true</append> - <encoder> - <pattern>%X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{TargetEntity}|%X{TargetServiceName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{TargetVirtualEntity}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}| - %msg%n</pattern> - </encoder> - <rollingPolicy - class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> - <maxIndex>10</maxIndex> - <FileNamePattern>${logDirectory}/metric.%i.log.zip - </FileNamePattern> - </rollingPolicy> - <triggeringPolicy - class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> - <maxFileSize>10MB</maxFileSize> - </triggeringPolicy> - </appender> - <appender name="asyncEELFMetrics" - class="ch.qos.logback.classic.AsyncAppender"> - <queueSize>256</queueSize> - <appender-ref ref="METRIC" /> - </appender> - - <!-- SECURITY related loggers --> - <appender name="SECURITY" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <file>${logDirectory}/security.log</file> - <append>true</append> - <encoder> - <pattern>%X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|%msg%n - </pattern> - </encoder> - <rollingPolicy - class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> - <maxIndex>10</maxIndex> - <FileNamePattern>${logDirectory}/security.%i.log.zip - </FileNamePattern> - </rollingPolicy> - <triggeringPolicy - class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> - <maxFileSize>10MB</maxFileSize> - </triggeringPolicy> - </appender> - <appender name="asyncEELFSecurity" - class="ch.qos.logback.classic.AsyncAppender"> - <queueSize>256</queueSize> - <appender-ref ref="SECURITY" /> - </appender> - <!-- AAF related loggers --> - <logger name="org.onap.aaf" level="INFO" additivity="true"> - <appender-ref ref="DEBUG" /> - </logger> - <logger name="org.apache.catalina.core" level="INFO" - additivity="true"> - <appender-ref ref="DEBUG" /> - </logger> - <logger name="org.onap.cmso" level="INFO" - additivity="true"> - <appender-ref ref="ERROR" /> - </logger> - - <!-- CLDS related loggers --> - <logger name="com.att.eelf.error" level="OFF" additivity="true"> - <appender-ref ref="ERROR" /> - </logger> - <!-- EELF related loggers --> - <logger name="com.att.eelf.audit" level="INFO" - additivity="false"> - <appender-ref ref="asyncEELFAudit" /> - </logger> - <logger name="com.att.eelf.metrics" level="DEBUG" - additivity="false"> - <appender-ref ref="asyncEELFMetrics" /> - </logger> - <logger name="com.att.eelf.security" level="DEBUG" - additivity="false"> - <appender-ref ref="asyncEELFSecurity" /> - </logger> - - <!-- Spring related loggers --> - <logger name="org.springframework" level="DEBUG" /> - - <!-- Other Loggers that may help troubleshoot --> - <logger name="org.apache" level="DEBUG" /> - - <!-- logback internals logging --> - <logger name="ch.qos.logback.classic" level="INFO" /> - <logger name="ch.qos.logback.core" level="INFO" /> - - <!-- logback jms appenders & loggers definition starts here --> - <appender name="auditLogs" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> - </filter> - <file>${logDirectory}/Audit-${lrmRVer}-${lrmRO}-${Pid}.log</file> - <rollingPolicy - class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> - <fileNamePattern>${logDirectory}/Audit-${lrmRVer}-${lrmRO}-${Pid}.%i.log.zip - </fileNamePattern> - <minIndex>1</minIndex> - <maxIndex>9</maxIndex> - </rollingPolicy> - <triggeringPolicy - class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> - <maxFileSize>5MB</maxFileSize> - </triggeringPolicy> - <encoder> - <pattern>"%d [%thread] %-5level %logger{1024} - %msg%n"</pattern> - </encoder> - </appender> - <appender name="perfLogs" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> - </filter> - <file>${logDirectory}/Perform-${lrmRVer}-${lrmRO}-${Pid}.log</file> - <rollingPolicy - class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> - <fileNamePattern>${logDirectory}/Perform-${lrmRVer}-${lrmRO}-${Pid}.%i.log.zip - </fileNamePattern> - <minIndex>1</minIndex> - <maxIndex>9</maxIndex> - </rollingPolicy> - <triggeringPolicy - class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> - <maxFileSize>5MB</maxFileSize> - </triggeringPolicy> - <encoder> - <pattern>"%d [%thread] %-5level %logger{1024} - %msg%n"</pattern> - </encoder> - </appender> - <logger name="AuditRecord" level="INFO" additivity="FALSE"> - <appender-ref ref="auditLogs" /> - </logger> - <logger name="AuditRecord_DirectCall" level="INFO" - additivity="FALSE"> - <appender-ref ref="auditLogs" /> - </logger> - <logger name="PerfTrackerRecord" level="INFO" additivity="FALSE"> - <appender-ref ref="perfLogs" /> - </logger> - <!-- logback jms appenders & loggers definition ends here --> - - <root level="INFO"> - <appender-ref ref="DEBUG" /> - <appender-ref ref="STDOUT" /> - </root> -</configuration> - diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-topology/resources/config/topology.properties b/kubernetes/oof/components/oof-cmso/components/oof-cmso-topology/resources/config/topology.properties deleted file mode 100644 index 6480537988..0000000000 --- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-topology/resources/config/topology.properties +++ /dev/null @@ -1,40 +0,0 @@ -{{/* -#------------------------------------------------------------------------------- -# Copyright 2017-2019 AT&T Intellectual Property. -# Modifications Copyright 2018 IBM. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# -# Unless otherwise specified, all documentation contained herein is licensed -# under the Creative Commons License, Attribution 4.0 Intl. (the ??License?); -# you may not use this documentation except in compliance with the License. -# You may obtain a copy of the License at -# -# https://creativecommons.org/licenses/by/4.0/ -# -# Unless required by applicable law or agreed to in writing, documentation -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -#------------------------------------------------------------------------------- -*/}} -cadi_loglevel=DEBUG -cadi_prop_files=/share/etc/osaaf/local/org.onap.oof.props -aaf.user.roles=/share/etc/certs/AAFUserRoles.properties - -aaf.urls=https://aaf-locate:8095 -aaf.user.role.properties=/share/etc/certs/AAFUserRoles.properties -aaf.enabled=true -aaf.namespace=org.onap.oof diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-topology/templates/configmap.yaml b/kubernetes/oof/components/oof-cmso/components/oof-cmso-topology/templates/configmap.yaml deleted file mode 100644 index 69614344fc..0000000000 --- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-topology/templates/configmap.yaml +++ /dev/null @@ -1,28 +0,0 @@ -{{/* -# Copyright © 2018 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-topology/templates/deployment.yaml b/kubernetes/oof/components/oof-cmso/components/oof-cmso-topology/templates/deployment.yaml deleted file mode 100644 index cd9814a776..0000000000 --- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-topology/templates/deployment.yaml +++ /dev/null @@ -1,125 +0,0 @@ -{{/* -# Copyright © 2018 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - selector: - matchLabels: - app: {{ include "common.name" . }} - replicas: {{ .Values.replicaCount }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} - spec: - initContainers: - - name: {{ include "common.name" . }}-chown - command: ["/bin/sh", "-c", "chown -Rf 1000:1000 /share/"] - image: {{ include "repositoryGenerator.image.busybox" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - - name: {{ include "common.fullname" . }}-logs - mountPath: /share/logs -{{ include "common.certInitializer.initContainer" . | indent 6 }} - containers: - - name: {{ include "common.name" . }} - image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - env: - - name: JAVA_TRUSTSTORE - value: /share/etc/osaaf/local/{{ .Values.global.truststoreFile }} - - name: SSL_KEYSTORE - value: /share/etc/osaaf/local/{{ .Values.global.keystoreFile }} - - name: JAVA_TRUSTSTORE_PASSWORD - value: {{ .Values.global.truststorePassword }} - - name: AUTHENTICATION - value: {{ .Values.global.authentication }} - - name: VM_ARGS - value: "-Dcom.att.eelf.logging.file=logback.xml -Dcom.att.eelf.logging.path=/share/etc/config" - command: - - /bin/sh - args: - - "-c" - - | - export SSL_KEYSTORE_PASSWORD=$(cat /share/etc/osaaf/local/.pass) - ./startService.sh - ports: - - containerPort: {{ .Values.service.internalPort }} - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container - {{- if eq .Values.liveness.enabled true }} - livenessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - {{ end -}} - readinessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - volumeMounts: -{{ include "common.certInitializer.volumeMount" . | indent 8 }} - - name: {{ include "common.fullname" . }}-logs - mountPath: /share/logs - - name: {{ include "common.fullname" . }}-logs - mountPath: /share/debug-logs - - name: {{ include "common.fullname" . }}-config - mountPath: /share/etc/config - - name: {{ include "common.fullname" . }}-certs - mountPath: /share/etc/certs - - name: {{ include "common.fullname" . }}-certs - mountPath: /opt/app/cmso/src/main/resources/aaf - resources: -{{ include "common.resources" . | indent 12 }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 10 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 10 }} - {{- end }} - volumes: - {{ include "common.certInitializer.volumes" . | nindent 8 }} - - name: {{ include "common.fullname" . }}-config - configMap: - name: {{ include "common.fullname" . }} - items: - - key: logback.xml - path: logback.xml - - key: cadi.properties - path: cadi.properties - - key: topology.properties - path: topology.properties - - name: {{ include "common.fullname" . }}-logs - emptyDir: {} - - name: {{ include "common.fullname" . }}-certs - secret: - secretName: {{ include "common.release" . }}-{{ .Values.global.commonConfigPrefix }}-certs - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-topology/templates/service.yaml b/kubernetes/oof/components/oof-cmso/components/oof-cmso-topology/templates/service.yaml deleted file mode 100644 index e8db9f7b2e..0000000000 --- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-topology/templates/service.yaml +++ /dev/null @@ -1,41 +0,0 @@ -{{/* -# Copyright © 2018 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - type: {{ .Values.service.type }} - ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - {{- end}} - selector: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-topology/values.yaml b/kubernetes/oof/components/oof-cmso/components/oof-cmso-topology/values.yaml deleted file mode 100644 index 40eed4e568..0000000000 --- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-topology/values.yaml +++ /dev/null @@ -1,98 +0,0 @@ -# Copyright © 2018 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration defaults. -################################################################# -global: # global defaults - nodePortPrefix: 302 - -subChartsOnly: - enabled: true - -# application image -image: onap/optf-cmso-topology:2.3.4 -pullPolicy: Always - - -# flag to enable debugging - application support required -debugEnabled: false - -################################################################# -# Application configuration defaults. -################################################################# -# default number of instances -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 120 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 120 - periodSeconds: 10 - - -service: - type: ClusterIP - name: oof-cmso-topology - portName: cmso-topology - internalPort: 7998 - externalPort: 7998 - #nodePort: 23 - # as of 20181022 port 23 is reserved for cmso - # see https://wiki.onap.org/display/DW/OOM+NodePort+List - - -config: - -ingress: - enabled: false - -#resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # - # Example: - # Configure resource requests and limits - # ref: http://kubernetes.io/docs/user-guide/compute-resources/ - # Minimum memory for development is 2 CPU cores and 4GB memory - # Minimum memory for production is 4 CPU cores and 8GB memory -flavor: small -resources: - small: - limits: - cpu: 1 - memory: 1.2Gi - requests: - cpu: 10m - memory: 800Mi - large: - limits: - cpu: 1 - memory: 1.2Gi - requests: - cpu: 10m - memory: 800Mi - unlimited: {} diff --git a/kubernetes/oof/components/oof-cmso/requirements.yaml b/kubernetes/oof/components/oof-cmso/requirements.yaml deleted file mode 100644 index 535a1e1696..0000000000 --- a/kubernetes/oof/components/oof-cmso/requirements.yaml +++ /dev/null @@ -1,47 +0,0 @@ -# Copyright © 2018 AT&T -# Copyright (C) 2020 Wipro Limited. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -dependencies: - - name: common - version: ~8.x-0 - # local reference to common chart, as it is - # a part of this chart's package and will not - # be published independently to a repo (at this point) - repository: '@local' - - name: mariadb-galera - version: ~8.x-0 - repository: '@local' - - name: mariadb-init - version: ~8.x-0 - repository: '@local' - - name: oof-cmso-optimizer - version: ~8.x-0 - repository: 'file://components/oof-cmso-optimizer' - condition: oof-cmso-optimizer.enabled - - name: oof-cmso-service - version: ~8.x-0 - repository: 'file://components/oof-cmso-service' - condition: oof-cmso-service.enabled - - name: oof-cmso-ticketmgt - version: ~8.x-0 - repository: 'file://components/oof-cmso-ticketmgt' - condition: oof-cmso-ticketmgt.enabled - - name: oof-cmso-topology - version: ~8.x-0 - repository: 'file://components/oof-cmso-topology' - condition: oof-cmso-topology.enabled - - name: repositoryGenerator - version: ~8.x-0 - repository: '@local' diff --git a/kubernetes/oof/components/oof-cmso/resources/certs/AAFUserRoles.properties b/kubernetes/oof/components/oof-cmso/resources/certs/AAFUserRoles.properties deleted file mode 100644 index e7fc221a20..0000000000 --- a/kubernetes/oof/components/oof-cmso/resources/certs/AAFUserRoles.properties +++ /dev/null @@ -1 +0,0 @@ -/**=org.onap.oof.access|*|get ALL
\ No newline at end of file diff --git a/kubernetes/oof/components/oof-cmso/resources/log/filebeat/filebeat.yml b/kubernetes/oof/components/oof-cmso/resources/log/filebeat/filebeat.yml deleted file mode 100644 index 450b6f427e..0000000000 --- a/kubernetes/oof/components/oof-cmso/resources/log/filebeat/filebeat.yml +++ /dev/null @@ -1,57 +0,0 @@ -{{/* -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -filebeat.prospectors: -#it is mandatory, in our case it's log -- input_type: log - #This is the canolical path as mentioned in logback.xml, *.* means it will monitor all files in the directory. - paths: - - /var/log/onap/*/*/*/*.log - - /var/log/onap/*/*/*.log - - /var/log/onap/*/*.log - #Files older than this should be ignored.In our case it will be 48 hours i.e. 2 days. It is a helping flag for clean_inactive - ignore_older: 48h - # Remove the registry entry for a file that is more than the specified time. In our case it will be 96 hours, i.e. 4 days. It will help to keep registry records with in limit - clean_inactive: 96h - - -# Name of the registry file. If a relative path is used, it is considered relative to the -# data path. Else full qualified file name. -#filebeat.registry_file: ${path.data}/registry - - -output.logstash: - #List of logstash server ip addresses with port number. - #But, in our case, this will be the loadbalancer IP address. - #For the below property to work the loadbalancer or logstash should expose 5044 port to listen the filebeat events or port in the property should be changed appropriately. - hosts: ["{{.Values.config.log.logstashServiceName}}.{{.Release.Namespace}}:{{.Values.config.log.logstashPort}}"] - #If enable will do load balancing among availabe Logstash, automatically. - loadbalance: true - - #The list of root certificates for server verifications. - #If certificate_authorities is empty or not set, the trusted - #certificate authorities of the host system are used. - #ssl.certificate_authorities: $ssl.certificate_authorities - - #The path to the certificate for SSL client authentication. If the certificate is not specified, - #client authentication is not available. - #ssl.certificate: $ssl.certificate - - #The client certificate key used for client authentication. - #ssl.key: $ssl.key - - #The passphrase used to decrypt an encrypted key stored in the configured key file - #ssl.key_passphrase: $ssl.key_passphrase diff --git a/kubernetes/oof/components/oof-cmso/templates/secret.yaml b/kubernetes/oof/components/oof-cmso/templates/secret.yaml deleted file mode 100644 index 992a471e08..0000000000 --- a/kubernetes/oof/components/oof-cmso/templates/secret.yaml +++ /dev/null @@ -1,32 +0,0 @@ -{{/* -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# Copyright © 2020 Samsung Electronics -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{ include "common.secretFast" . }} ---- -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.fullname" . }}-certs - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -type: Opaque -data: -{{ tpl (.Files.Glob "resources/certs/*").AsSecrets . | indent 2 }} diff --git a/kubernetes/oof/components/oof-cmso/values.yaml b/kubernetes/oof/components/oof-cmso/values.yaml deleted file mode 100644 index c46fd0a33a..0000000000 --- a/kubernetes/oof/components/oof-cmso/values.yaml +++ /dev/null @@ -1,154 +0,0 @@ -# Copyright © 2018 AT&T -# Copyright (C) 2020 Wipro Limited. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Secrets metaconfig -################################################################# -secrets: - - uid: cmso-db-root-password - name: &rootPassword '{{ include "common.release" . }}-cmso-db-root-password' - type: password - password: '' - policy: generate - - uid: cmso-service-db-secret - name: &serviceDbCreds '{{ include "common.release" . }}-cmso-service-db-secret' - type: basicAuth - externalSecret: '{{ tpl (default "" .Values.config.db.service.userCredentialsExternalSecret) . }}' - login: '{{ .Values.config.db.service.userName }}' - password: '{{ .Values.config.db.service.userPassword }}' - passwordPolicy: generate - - uid: cmso-db-secret - name: &optimizerDbCreds '{{ include "common.release" . }}-cmso-optimizer-db-secret' - type: basicAuth - externalSecret: '{{ tpl (default "" .Values.config.db.optimizer.userCredentialsExternalSecret) . }}' - login: '{{ .Values.config.db.optimizer.userName }}' - password: '{{ .Values.config.db.optimizer.userPassword }}' - passwordPolicy: generate - - uid: cmso-aaf-creds - name: &aafCreds '{{ include "common.release" . }}-cmso-aaf-creds' - type: basicAuth - login: '{{ .Values.config.aaf.user }}' - password: '{{ .Values.config.aaf.password }}' - -mariadb-galera: - replicaCount: 1 - nameOverride: &dbName cmso-db - nfsprovisionerPrefix: cmso - sdnctlPrefix: cmso - persistence: - mountSubPath: cmso/data - enabled: true - disableNfsProvisioner: true - rootUser: - externalSecret: *rootPassword - serviceAccount: - nameOverride: *dbName - -global: - commonConfigPrefix: "oof-cmso" - truststoreFile: "truststoreONAPall.jks" - keystoreFile: "org.onap.oof.jks" - truststorePassword: - authentication: aaf-auth - -mariadb-init: - mariadbGalera: - containerName: *dbName - serviceName: *dbName - servicePort: 3306 - userRootSecret: *rootPassword - config: - userCredentialsExternalSecret: *serviceDbCreds - mysqlDatabase: cmso - mysqlAdditionalDatabases: - optimizer: - externalSecret: *optimizerDbCreds - nameOverride: cmso-db-config - -flavor: small - -config: - aaf: - user: oof@oof.onap.org - password: demo123456! - log: - logstashServiceName: log-ls - logstashPort: 5044 - db: - service: - # userCredentialsExternalsecret: some secret - userName: cmso-admin - # userPassword: password - optimizer: - userName: cmso-optimizer - -#sub-charts configuration -certInitializer: &certInitConfig - fqdn: "oof.onap" - app_ns: "org.osaaf.aaf" - fqi: "oof@oof.onap.org" - fqi_namespace: org.onap.oof - public_fqdn: "oof.onap.org" - aafDeployFqi: "deployer@people.osaaf.org" - aafDeployPass: demo123456! - cadi_latitude: "0.0" - cadi_longitude: "0.0" - credsPath: /opt/app/osaaf/local - appMountPath: /share/etc/osaaf - aaf_add_config: > - cd {{ .Values.credsPath }}; - /opt/app/aaf_config/bin/agent.sh local showpass {{.Values.fqi}} {{ .Values.fqdn }} | grep cadi_keystore_password_jks= | cut -d= -f 2 > {{ .Values.credsPath }}/.pass 2>&1; - find ./ -type f -exec sed -i -e 's/\/opt\/app\/osaaf\/local/\/share\/etc\/osaaf\/local/g' {} \; - -oof-cmso-service: - enabled: true - certInitializer: - << : *certInitConfig - nameOverride: oof-cmso-service-cert-initializer - config: - db: - userCredentialsExternalSecret: *serviceDbCreds - host: *dbName - container: *dbName - mysqlDatabase: cmso - aaf: - userCredentialsExternalSecret: *aafCreds - -oof-cmso-optimizer: - enabled: true - certInitializer: - << : *certInitConfig - nameOverride: oof-cmso-optimizer-cert-initializer - config: - enabled: true - db: - userCredentialsExternalSecret: *optimizerDbCreds - host: *dbName - container: *dbName - mysqlDatabase: optimizer - aaf: - userCredentialsExternalSecret: *aafCreds - -oof-cmso-topology: - enabled: true - certInitializer: - << : *certInitConfig - nameOverride: oof-cmso-topology-cert-initializer - -oof-cmso-ticketmgt: - enabled: true - certInitializer: - << : *certInitConfig - nameOverride: oof-cmso-ticketmgt-cert-initializer diff --git a/kubernetes/oof/components/oof-has/resources/config/conductor.conf b/kubernetes/oof/components/oof-has/resources/config/conductor.conf index 18b60bba4a..7d724a593d 100755 --- a/kubernetes/oof/components/oof-has/resources/config/conductor.conf +++ b/kubernetes/oof/components/oof-has/resources/config/conductor.conf @@ -240,7 +240,7 @@ server_url = https://{{.Values.config.aai.serviceName}}.{{ include "common.names #aai_retries = 3 # The version of A&AI in v# format. (string value) -server_url_version = v19 +server_url_version = v21 # SSL/TLS certificate file in pem format. This certificate must be registered # with the A&AI endpoint. (string value) diff --git a/kubernetes/oof/requirements.yaml b/kubernetes/oof/requirements.yaml index 7c00c3f8e9..c17c89f4d0 100755 --- a/kubernetes/oof/requirements.yaml +++ b/kubernetes/oof/requirements.yaml @@ -20,10 +20,6 @@ dependencies: - name: certInitializer version: ~8.x-0 repository: '@local' - - name: oof-cmso - version: ~8.x-0 - repository: 'file://components/oof-cmso' - condition: oof-cmso.enabled - name: oof-has version: ~8.x-0 repository: 'file://components/oof-has' diff --git a/kubernetes/oof/resources/config/conf/common_config.yaml b/kubernetes/oof/resources/config/conf/common_config.yaml index 78afa5e5f8..b1bd0edea4 100644 --- a/kubernetes/oof/resources/config/conf/common_config.yaml +++ b/kubernetes/oof/resources/config/conf/common_config.yaml @@ -151,3 +151,11 @@ PCI: filter: interval: 10 ml_enabled: false + +nxi_termination: + query_templates: + nsi: "service-instance*('service-instance-id','{{ printf "{{instance_id}}" }}') > service-instance*('service-role','e2eserviceprofile-service')" + nsi_with_profile: "service-instance*('service-instance-id','{{ printf "{{instance_id}}" }}') > service-instance*('service-role','e2eserviceprofile-service')('service-instance-id','{{ printf "{{profile_id}}" }}')" + nssi: "service-instance*('service-instance-id','{{ printf "{{instance_id}}" }}') > service-instance*('service-role','nsi')" + nssi_with_nsi: "service-instance*('service-instance-id','{{ printf "{{instance_id}}" }}') > service-instance*('service-role','nsi')('service-instance-id','{{ printf "{{nsi_id}}" }}')" + diff --git a/kubernetes/oof/resources/config/conf/osdf_config.yaml b/kubernetes/oof/resources/config/conf/osdf_config.yaml index 6df3ed948b..aff63428eb 100755 --- a/kubernetes/oof/resources/config/conf/osdf_config.yaml +++ b/kubernetes/oof/resources/config/conf/osdf_config.yaml @@ -55,6 +55,7 @@ aaiServiceInstanceUrl : {{ .Values.config.aaiServiceInstanceUrl }} aaiGetControllersUrl: {{ .Values.config.aaiGetControllersUrl }} controllerQueryUrl: {{ .Values.config.controllerQueryUrl }} aaiGetInterDomainLinksUrl: {{ .Values.config.aaiGetInterDomainLinksUrl }} +dslQueryPath: /aai/v23/dsl?format= #DES api desUrl: {{ .Values.config.desUrl }} diff --git a/kubernetes/oof/values.yaml b/kubernetes/oof/values.yaml index 7362ec70a6..c7400e860f 100644 --- a/kubernetes/oof/values.yaml +++ b/kubernetes/oof/values.yaml @@ -167,8 +167,6 @@ ingress: #component overrides -oof-cmso: - enabled: true oof-has: enabled: true certSecret: *oof-certs diff --git a/kubernetes/platform/components/chartmuseum/Chart.yaml b/kubernetes/platform/components/chartmuseum/Chart.yaml new file mode 100644 index 0000000000..1aa8d929d5 --- /dev/null +++ b/kubernetes/platform/components/chartmuseum/Chart.yaml @@ -0,0 +1,21 @@ +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2021 AT&T. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +apiVersion: v1 +description: ONAP Chart Museum +name: chartmuseum +version: 8.0.0 diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/requirements.yaml b/kubernetes/platform/components/chartmuseum/requirements.yaml index 2159c5f3a8..07ac4b4224 100644 --- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/requirements.yaml +++ b/kubernetes/platform/components/chartmuseum/requirements.yaml @@ -1,24 +1,29 @@ -# Copyright (C) 2020 Wipro Limited. -# +#============LICENSE_START======================================================== +# Copyright (c) 2021 AT&T. All rights reserved. +# ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # -# http://www.apache.org/licenses/LICENSE-2.0 +# http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +# ============LICENSE_END========================================================= dependencies: - name: common version: ~8.x-0 repository: '@local' - - name: certInitializer + - name: repositoryGenerator version: ~8.x-0 repository: '@local' - - name: repositoryGenerator + - name: readinessCheck version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local'
\ No newline at end of file diff --git a/kubernetes/platform/components/chartmuseum/templates/deployment.yaml b/kubernetes/platform/components/chartmuseum/templates/deployment.yaml new file mode 100644 index 0000000000..cc07f27bb1 --- /dev/null +++ b/kubernetes/platform/components/chartmuseum/templates/deployment.yaml @@ -0,0 +1,83 @@ +{{/* +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2021 AT&T. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +*/}} + +apiVersion: apps/v1 +kind: Deployment +metadata: {{- include "common.resourceMetadata" . | nindent 2 }} +spec: + replicas: 1 + selector: {{- include "common.selectors" . | nindent 4 }} + template: + metadata: {{- include "common.templateMetadata" . | nindent 6 }} + spec: + {{ include "common.podSecurityContext" . | indent 7 | trim}} + initContainers: + - name: volume-permissions + image: {{ include "repositoryGenerator.image.busybox" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - sh + args: + - "-c" + - | + chown -R {{ .Values.securityContext.user_id }}:{{ .Values.securityContext.group_id }} //chartmuseum-persist + securityContext: + runAsUser: 0 + volumeMounts: + - name: chart-persistent + mountPath: "/chartmuseum-persist" + containers: + - name: {{ include "common.name" . }} + image: {{ include "repositoryGenerator.githubContainerRegistry" . }}/{{ .Values.image }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + {{ include "common.containerSecurityContext" . | indent 12 | trim }} + resources: {{ include "common.resources" . | nindent 12 }} + ports: {{ include "common.containerPorts" . | nindent 12 }} + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + httpGet: + path: {{ .Values.liveness.path }} + port: {{ .Values.liveness.port }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end }} + env: + - name: STORAGE + value: local + - name: STORAGE_LOCAL_ROOTDIR + value: "/chartmuseum-persist" + - name: BASIC_AUTH_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "registrycred" "key" "login") | indent 14 }} + - name: BASIC_AUTH_PASS + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "registrycred" "key" "password") | indent 14 }} + volumeMounts: + - mountPath: /chartmuseum-persist + name: chart-persistent + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} + volumes: + - name: chart-persistent + {{- if .Values.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }} + {{- else }} + emptyDir: {} + {{- end }} + + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key"
\ No newline at end of file diff --git a/kubernetes/platform/components/chartmuseum/templates/pv.yaml b/kubernetes/platform/components/chartmuseum/templates/pv.yaml new file mode 100644 index 0000000000..a05ebfb207 --- /dev/null +++ b/kubernetes/platform/components/chartmuseum/templates/pv.yaml @@ -0,0 +1,20 @@ +{{/* +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2021 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +*/}} + +{{ include "common.PV" . }}
\ No newline at end of file diff --git a/kubernetes/platform/components/chartmuseum/templates/pvc.yaml b/kubernetes/platform/components/chartmuseum/templates/pvc.yaml new file mode 100644 index 0000000000..2bd21dde5c --- /dev/null +++ b/kubernetes/platform/components/chartmuseum/templates/pvc.yaml @@ -0,0 +1,19 @@ +{{/* +################################################################################ +# Copyright (c) 2021 AT&T # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ +*/}} + +{{ include "common.PVC" . }}
\ No newline at end of file diff --git a/kubernetes/platform/components/chartmuseum/templates/secret.yaml b/kubernetes/platform/components/chartmuseum/templates/secret.yaml new file mode 100644 index 0000000000..c8fbd04150 --- /dev/null +++ b/kubernetes/platform/components/chartmuseum/templates/secret.yaml @@ -0,0 +1,21 @@ +{{/* +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2017-2020 AT&T Intellectual Property. All rights reserved. +# Modifications Copyright © 2018 Amdocs, Bell Canada +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +*/}} + +{{ include "common.secretFast" . }} diff --git a/kubernetes/platform/components/chartmuseum/templates/service.yaml b/kubernetes/platform/components/chartmuseum/templates/service.yaml new file mode 100644 index 0000000000..40aaa735e2 --- /dev/null +++ b/kubernetes/platform/components/chartmuseum/templates/service.yaml @@ -0,0 +1,20 @@ +{{/* +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2021 AT&T. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +*/}} + +{{ include "common.service" . }} diff --git a/kubernetes/platform/components/chartmuseum/values.yaml b/kubernetes/platform/components/chartmuseum/values.yaml new file mode 100644 index 0000000000..05a8b1537b --- /dev/null +++ b/kubernetes/platform/components/chartmuseum/values.yaml @@ -0,0 +1,97 @@ +#============LICENSE_START======================================================== +#================================================================================= +# Copyright (c) 2021 AT&T. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +# Global values +global: + pullPolicy: Always + persistence: {} + githubContainerRegistry: ghcr.io +image: helm/chartmuseum:v0.13.1 +containerPort: &cont_port 8080 + + +# Secrets Configuration. +secrets: + - uid: registrycred + type: basicAuth + login: '{{ .Values.registryCred.username }}' + password: '{{ .Values.registryCred.password }}' + passwordPolicy: required + + +# service configuration +service: + type: ClusterIP + name: chart-museum + ports: + - port: 80 + internal_port: *cont_port + name: &port http + +chartsMap: + directory: "/charts/components/" + +liveness: + initialDelaySeconds: 30 + periodSeconds: 30 + path: /health + port: *port + enabled: true + +# Below parameter should match setting in all clients +# including contrib\tools\registry-initialize.sh +# which does preload +registryCred: + username: onapinitializer + password: demo123456! + +# Parameters for persistent storage +persistence: + enabled: true + accessMode: ReadWriteOnce + size: 4Gi + mountPath: /dockerdata-nfs + mountSubPath: chartmuseum/data + volumeReclaimPolicy: Retain + + +serviceAccount: + nameOverride: chartmuseum + roles: + - read + +securityContext: + user_id: 2000 + group_id: 3000 + +flavor: small +resources: + small: + limits: + cpu: 1 + memory: 1Gi + requests: + cpu: 0.5 + memory: 512Mi + large: + limits: + cpu: 2 + memory: 2Gi + requests: + cpu: 1 + memory: 1Gi + unlimited: {}
\ No newline at end of file diff --git a/kubernetes/platform/components/cmpv2-cert-provider/crds/cmpv2issuer.yaml b/kubernetes/platform/components/cmpv2-cert-provider/crds/cmpv2issuer.yaml index 0bc24afe86..e8418355d3 100644 --- a/kubernetes/platform/components/cmpv2-cert-provider/crds/cmpv2issuer.yaml +++ b/kubernetes/platform/components/cmpv2-cert-provider/crds/cmpv2issuer.yaml @@ -56,7 +56,10 @@ spec: description: Path of health check endpoint. type: string certEndpoint: - description: Path of cerfificate signing enpoint. + description: Path of cerfificate signing endpoint. + type: string + updateEndpoint: + description: Path of certificate update endpoint. type: string caName: description: Name of the external CA server configured on CertService API side. diff --git a/kubernetes/platform/components/cmpv2-cert-provider/templates/configuration.yaml b/kubernetes/platform/components/cmpv2-cert-provider/templates/configuration.yaml index ae4ae81f02..52e35375d3 100644 --- a/kubernetes/platform/components/cmpv2-cert-provider/templates/configuration.yaml +++ b/kubernetes/platform/components/cmpv2-cert-provider/templates/configuration.yaml @@ -25,6 +25,7 @@ spec: url: {{ .Values.cmpv2issuer.url }} healthEndpoint: {{ .Values.cmpv2issuer.healthcheckEndpoint }} certEndpoint: {{ .Values.cmpv2issuer.certEndpoint }} + updateEndpoint: {{ .Values.cmpv2issuer.updateEndpoint }} caName: {{ .Values.cmpv2issuer.caName }} certSecretRef: name: {{ .Values.cmpv2issuer.certSecretRef.name }} diff --git a/kubernetes/platform/components/cmpv2-cert-provider/templates/deployment.yaml b/kubernetes/platform/components/cmpv2-cert-provider/templates/deployment.yaml index 8bcbc1f7d0..c49762202b 100644 --- a/kubernetes/platform/components/cmpv2-cert-provider/templates/deployment.yaml +++ b/kubernetes/platform/components/cmpv2-cert-provider/templates/deployment.yaml @@ -1,7 +1,7 @@ {{ if .Values.global.cmpv2Enabled }} # ============LICENSE_START======================================================= -# Copyright (c) 2020 Nokia +# Copyright (c) 2020-2021 Nokia # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -33,27 +33,11 @@ spec: labels: control-plane: controller-manager spec: + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" initContainers: {{ include "common.readinessCheck.waitFor" . | indent 6 | trim }} containers: - - name: {{ .Values.deploymentProxy.name }} - image: {{ .Values.deploymentProxy.image }} - imagePullPolicy: {{ .Values.deploymentProxy.pullPolicy }} - args: - - --secure-listen-address=0.0.0.0:8443 - - --upstream=http://127.0.0.1:8080/ - - --logtostderr=true - - --v=10 - ports: - - containerPort: 8443 - name: https - resources: - limits: - cpu: {{ .Values.deploymentProxy.resources.limits.cpu }} - memory: {{ .Values.deploymentProxy.resources.limits.memory }} - requests: - cpu: {{ .Values.deploymentProxy.resources.requests.cpu }} - memory: {{ .Values.deploymentProxy.resources.requests.memory }} - name: provider image: {{ .Values.global.repository }}{{if .Values.global.repository }}/{{ end }}{{ .Values.deployment.image }} imagePullPolicy: {{ .Values.deployment.pullPolicy }} diff --git a/kubernetes/platform/components/cmpv2-cert-provider/values.yaml b/kubernetes/platform/components/cmpv2-cert-provider/values.yaml index 55c4d0beac..2237811465 100644 --- a/kubernetes/platform/components/cmpv2-cert-provider/values.yaml +++ b/kubernetes/platform/components/cmpv2-cert-provider/values.yaml @@ -1,4 +1,4 @@ -# Copyright © 2020, Nokia +# Copyright © 2020-2021, Nokia # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -25,19 +25,10 @@ global: namespace: onap -# Service configuration -service: - name: oom-certservice-cmpv2issuer-metrics-service - type: ClusterIP - ports: - name: https - port: 8443 - targetPort: https - # Deployment configuration deployment: name: oom-certservice-cmpv2issuer - image: onap/org.onap.oom.platform.cert-service.oom-certservice-k8s-external-provider:2.3.2 + image: onap/org.onap.oom.platform.cert-service.oom-certservice-k8s-external-provider:2.4.0 proxyImage: gcr.io/kubebuilder/kube-rbac-proxy:v0.4.0 # fol local development use IfNotPresent pullPolicy: Always @@ -49,17 +40,6 @@ deployment: requests: cpu: 100m memory: 64Mi -deploymentProxy: - name: kube-rbac-proxy - image: gcr.io/kubebuilder/kube-rbac-proxy:v0.4.0 - pullPolicy: IfNotPresent - resources: - limits: - cpu: 250m - memory: 128Mi - requests: - cpu: 50m - memory: 32Mi readinessCheck: wait_for: - oom-cert-service @@ -70,6 +50,7 @@ cmpv2issuer: url: https://oom-cert-service:8443 healthcheckEndpoint: actuator/health certEndpoint: v1/certificate + updateEndpoint: v1/certificate-update caName: RA certSecretRef: name: oom-cert-service-client-tls-secret diff --git a/kubernetes/platform/components/oom-cert-service/resources/test/cmpServers.json b/kubernetes/platform/components/oom-cert-service/resources/test/cmpServers.json index 06e1087f60..5a967f0405 100644 --- a/kubernetes/platform/components/oom-cert-service/resources/test/cmpServers.json +++ b/kubernetes/platform/components/oom-cert-service/resources/test/cmpServers.json @@ -3,7 +3,7 @@ { "caName": "CLIENT", "url": "http://ejbca:8080/ejbca/publicweb/cmp/cmp", - "issuerDN": "CN=ManagementCA", + "issuerDN": "O=EJBCA Container Quickstart,CN=ManagementCA,UID=12345", "caMode": "CLIENT", "authentication": { "iak": "${CLIENT_IAK}", @@ -13,7 +13,7 @@ { "caName": "RA", "url": "http://ejbca:8080/ejbca/publicweb/cmp/cmpRA", - "issuerDN": "CN=ManagementCA", + "issuerDN": "O=EJBCA Container Quickstart,CN=ManagementCA,UID=12345", "caMode": "RA", "authentication": { "iak": "${RA_IAK}", @@ -21,4 +21,4 @@ } } ] -}
\ No newline at end of file +} diff --git a/kubernetes/platform/components/oom-cert-service/templates/deployment.yaml b/kubernetes/platform/components/oom-cert-service/templates/deployment.yaml index 9a6abd4eb9..8215ed949e 100644 --- a/kubernetes/platform/components/oom-cert-service/templates/deployment.yaml +++ b/kubernetes/platform/components/oom-cert-service/templates/deployment.yaml @@ -23,6 +23,8 @@ spec: template: metadata: {{- include "common.templateMetadata" . | nindent 6 }} spec: + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" volumes: {{- if .Values.global.addTestingComponents }} - name: cmp-servers-template-volume diff --git a/kubernetes/platform/components/oom-cert-service/values.yaml b/kubernetes/platform/components/oom-cert-service/values.yaml index 2e149683d7..fbd545c12e 100644 --- a/kubernetes/platform/components/oom-cert-service/values.yaml +++ b/kubernetes/platform/components/oom-cert-service/values.yaml @@ -34,7 +34,7 @@ service: # Deployment configuration repository: "nexus3.onap.org:10001" -image: onap/org.onap.oom.platform.cert-service.oom-certservice-api:2.3.3 +image: onap/org.onap.oom.platform.cert-service.oom-certservice-api:2.4.0 pullPolicy: Always replicaCount: 1 diff --git a/kubernetes/platform/requirements.yaml b/kubernetes/platform/requirements.yaml index 84ad7f8699..ce3310151f 100644 --- a/kubernetes/platform/requirements.yaml +++ b/kubernetes/platform/requirements.yaml @@ -22,3 +22,6 @@ dependencies: - name: cmpv2-cert-provider version: ~8.x-0 repository: 'file://components/cmpv2-cert-provider' + - name: chartmuseum + version: ~8.x-0 + repository: 'file://components/chartmuseum'
\ No newline at end of file diff --git a/kubernetes/policy/components/policy-apex-pdp/requirements.yaml b/kubernetes/policy/components/policy-apex-pdp/requirements.yaml index 1c57aa449b..f320b219dc 100755 --- a/kubernetes/policy/components/policy-apex-pdp/requirements.yaml +++ b/kubernetes/policy/components/policy-apex-pdp/requirements.yaml @@ -27,3 +27,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/policy/components/policy-apex-pdp/templates/statefulset.yaml b/kubernetes/policy/components/policy-apex-pdp/templates/statefulset.yaml index 586f468334..4d9ff9250e 100755 --- a/kubernetes/policy/components/policy-apex-pdp/templates/statefulset.yaml +++ b/kubernetes/policy/components/policy-apex-pdp/templates/statefulset.yaml @@ -115,6 +115,7 @@ spec: affinity: {{ toYaml .Values.affinity | indent 10 }} {{- end }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "common.certInitializer.volumes" . | indent 8 }} - name: localtime diff --git a/kubernetes/policy/components/policy-apex-pdp/values.yaml b/kubernetes/policy/components/policy-apex-pdp/values.yaml index aa1daf703f..eb6292a039 100755 --- a/kubernetes/policy/components/policy-apex-pdp/values.yaml +++ b/kubernetes/policy/components/policy-apex-pdp/values.yaml @@ -133,3 +133,9 @@ resources: cpu: 20m memory: 2Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: policy-apex-pdp + roles: + - read diff --git a/kubernetes/policy/components/policy-api/requirements.yaml b/kubernetes/policy/components/policy-api/requirements.yaml index 7bc531a759..2365cd729a 100755 --- a/kubernetes/policy/components/policy-api/requirements.yaml +++ b/kubernetes/policy/components/policy-api/requirements.yaml @@ -26,3 +26,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/policy/components/policy-api/templates/deployment.yaml b/kubernetes/policy/components/policy-api/templates/deployment.yaml index 899e74e674..de0558e4cd 100755 --- a/kubernetes/policy/components/policy-api/templates/deployment.yaml +++ b/kubernetes/policy/components/policy-api/templates/deployment.yaml @@ -107,6 +107,7 @@ spec: affinity: {{ toYaml .Values.affinity | indent 10 }} {{- end }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "common.certInitializer.volumes" . | indent 8 }} - name: localtime diff --git a/kubernetes/policy/components/policy-api/values.yaml b/kubernetes/policy/components/policy-api/values.yaml index da983e5b5b..36eb5c4899 100755 --- a/kubernetes/policy/components/policy-api/values.yaml +++ b/kubernetes/policy/components/policy-api/values.yaml @@ -143,3 +143,9 @@ resources: cpu: 200m memory: 2Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: policy-api + roles: + - read diff --git a/kubernetes/policy/components/policy-clamp-be/requirements.yaml b/kubernetes/policy/components/policy-clamp-be/requirements.yaml index 88fd9d90eb..670f8cb65a 100644 --- a/kubernetes/policy/components/policy-clamp-be/requirements.yaml +++ b/kubernetes/policy/components/policy-clamp-be/requirements.yaml @@ -20,3 +20,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/policy/components/policy-clamp-be/templates/deployment.yaml b/kubernetes/policy/components/policy-clamp-be/templates/deployment.yaml index c243e30540..e61cca0e49 100644 --- a/kubernetes/policy/components/policy-clamp-be/templates/deployment.yaml +++ b/kubernetes/policy/components/policy-clamp-be/templates/deployment.yaml @@ -114,6 +114,7 @@ spec: {{- if .Values.affinity }} affinity: {{ toYaml .Values.affinity | nindent 10 }} {{- end }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }} - name: {{ include "common.fullname" . }}-config configMap: diff --git a/kubernetes/policy/components/policy-clamp-be/templates/job.yaml b/kubernetes/policy/components/policy-clamp-be/templates/job.yaml index c5c968a2e1..8fe711b825 100755 --- a/kubernetes/policy/components/policy-clamp-be/templates/job.yaml +++ b/kubernetes/policy/components/policy-clamp-be/templates/job.yaml @@ -30,6 +30,8 @@ spec: app: {{ include "common.name" . }}-policy-clamp-job release: {{ include "common.release" . }} spec: + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" initContainers: #This container checks that all galera instances are up before initializing it. - name: {{ include "common.name" . }}-readiness diff --git a/kubernetes/policy/components/policy-clamp-be/values.yaml b/kubernetes/policy/components/policy-clamp-be/values.yaml index 71d2517be1..dcbe59c382 100644 --- a/kubernetes/policy/components/policy-clamp-be/values.yaml +++ b/kubernetes/policy/components/policy-clamp-be/values.yaml @@ -156,3 +156,9 @@ resources: cpu: 10m memory: 3Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: policy-clamp-be + roles: + - read diff --git a/kubernetes/policy/components/policy-clamp-fe/requirements.yaml b/kubernetes/policy/components/policy-clamp-fe/requirements.yaml index 88fd9d90eb..670f8cb65a 100644 --- a/kubernetes/policy/components/policy-clamp-fe/requirements.yaml +++ b/kubernetes/policy/components/policy-clamp-fe/requirements.yaml @@ -20,3 +20,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/policy/components/policy-clamp-fe/templates/deployment.yaml b/kubernetes/policy/components/policy-clamp-fe/templates/deployment.yaml index 97c7919389..1349558651 100644 --- a/kubernetes/policy/components/policy-clamp-fe/templates/deployment.yaml +++ b/kubernetes/policy/components/policy-clamp-fe/templates/deployment.yaml @@ -91,6 +91,7 @@ spec: affinity: {{ toYaml .Values.affinity | indent 10 }} {{- end }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }} - name: {{ include "common.fullname" . }}-config configMap: diff --git a/kubernetes/policy/components/policy-clamp-fe/values.yaml b/kubernetes/policy/components/policy-clamp-fe/values.yaml index 9712a38e10..a7c8d6defa 100644 --- a/kubernetes/policy/components/policy-clamp-fe/values.yaml +++ b/kubernetes/policy/components/policy-clamp-fe/values.yaml @@ -146,3 +146,9 @@ resources: cpu: 10m memory: 50Mi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: policy-clamp-fe + roles: + - read diff --git a/kubernetes/policy/components/policy-distribution/requirements.yaml b/kubernetes/policy/components/policy-distribution/requirements.yaml index 0006e4965a..db84102327 100755 --- a/kubernetes/policy/components/policy-distribution/requirements.yaml +++ b/kubernetes/policy/components/policy-distribution/requirements.yaml @@ -27,3 +27,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/policy/components/policy-distribution/templates/deployment.yaml b/kubernetes/policy/components/policy-distribution/templates/deployment.yaml index 04db6d70c7..4745aac23b 100755 --- a/kubernetes/policy/components/policy-distribution/templates/deployment.yaml +++ b/kubernetes/policy/components/policy-distribution/templates/deployment.yaml @@ -121,6 +121,7 @@ spec: affinity: {{ toYaml .Values.affinity | indent 10 }} {{- end }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "common.certInitializer.volumes" . | indent 8 }} - name: localtime diff --git a/kubernetes/policy/components/policy-distribution/values.yaml b/kubernetes/policy/components/policy-distribution/values.yaml index 6788613ceb..fb6ef6e039 100755 --- a/kubernetes/policy/components/policy-distribution/values.yaml +++ b/kubernetes/policy/components/policy-distribution/values.yaml @@ -155,3 +155,9 @@ resources: cpu: 200m memory: 2Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: policy-distribution + roles: + - read diff --git a/kubernetes/policy/components/policy-drools-pdp/requirements.yaml b/kubernetes/policy/components/policy-drools-pdp/requirements.yaml index 29b1053600..6c540a4bcf 100755 --- a/kubernetes/policy/components/policy-drools-pdp/requirements.yaml +++ b/kubernetes/policy/components/policy-drools-pdp/requirements.yaml @@ -23,3 +23,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/policy/components/policy-drools-pdp/templates/statefulset.yaml b/kubernetes/policy/components/policy-drools-pdp/templates/statefulset.yaml index 7e9c6cfde8..d389246b5c 100755 --- a/kubernetes/policy/components/policy-drools-pdp/templates/statefulset.yaml +++ b/kubernetes/policy/components/policy-drools-pdp/templates/statefulset.yaml @@ -125,6 +125,7 @@ spec: affinity: {{ toYaml .Values.affinity | indent 10 }} {{- end }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "common.certInitializer.volumes" . | indent 8 }} - name: localtime diff --git a/kubernetes/policy/components/policy-drools-pdp/values.yaml b/kubernetes/policy/components/policy-drools-pdp/values.yaml index 4eb37c6106..38d398998c 100755 --- a/kubernetes/policy/components/policy-drools-pdp/values.yaml +++ b/kubernetes/policy/components/policy-drools-pdp/values.yaml @@ -188,3 +188,9 @@ resources: cpu: 200m memory: 2Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: policy-drools-pdp + roles: + - read diff --git a/kubernetes/policy/components/policy-nexus/requirements.yaml b/kubernetes/policy/components/policy-nexus/requirements.yaml index 343812db25..20cc48f360 100755 --- a/kubernetes/policy/components/policy-nexus/requirements.yaml +++ b/kubernetes/policy/components/policy-nexus/requirements.yaml @@ -23,3 +23,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/policy/components/policy-nexus/templates/deployment.yaml b/kubernetes/policy/components/policy-nexus/templates/deployment.yaml index 3d5d59fea2..4c945f4605 100755 --- a/kubernetes/policy/components/policy-nexus/templates/deployment.yaml +++ b/kubernetes/policy/components/policy-nexus/templates/deployment.yaml @@ -83,6 +83,7 @@ spec: affinity: {{ toYaml .Values.affinity | indent 10 }} {{- end }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "nothing" "dot" . )}} volumes: - name: localtime hostPath: diff --git a/kubernetes/policy/components/policy-nexus/values.yaml b/kubernetes/policy/components/policy-nexus/values.yaml index 7801b525f2..3d77e67456 100755 --- a/kubernetes/policy/components/policy-nexus/values.yaml +++ b/kubernetes/policy/components/policy-nexus/values.yaml @@ -92,3 +92,9 @@ resources: cpu: 2m memory: 1Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: policy-nexus + roles: + - nothing diff --git a/kubernetes/policy/components/policy-pap/requirements.yaml b/kubernetes/policy/components/policy-pap/requirements.yaml index 3f0071ab7c..18de3a6517 100755 --- a/kubernetes/policy/components/policy-pap/requirements.yaml +++ b/kubernetes/policy/components/policy-pap/requirements.yaml @@ -27,3 +27,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/policy/components/policy-pap/templates/deployment.yaml b/kubernetes/policy/components/policy-pap/templates/deployment.yaml index a02752c033..77474a8387 100755 --- a/kubernetes/policy/components/policy-pap/templates/deployment.yaml +++ b/kubernetes/policy/components/policy-pap/templates/deployment.yaml @@ -122,6 +122,7 @@ spec: affinity: {{ toYaml .Values.affinity | indent 10 }} {{- end }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "common.certInitializer.volumes" . | indent 8 }} - name: localtime diff --git a/kubernetes/policy/components/policy-pap/values.yaml b/kubernetes/policy/components/policy-pap/values.yaml index 18e0e3e171..3c4c3e5ec6 100755 --- a/kubernetes/policy/components/policy-pap/values.yaml +++ b/kubernetes/policy/components/policy-pap/values.yaml @@ -169,3 +169,9 @@ resources: cpu: 200m memory: 2Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: policy-pap + roles: + - read diff --git a/kubernetes/policy/components/policy-xacml-pdp/requirements.yaml b/kubernetes/policy/components/policy-xacml-pdp/requirements.yaml index 7bc531a759..2365cd729a 100755 --- a/kubernetes/policy/components/policy-xacml-pdp/requirements.yaml +++ b/kubernetes/policy/components/policy-xacml-pdp/requirements.yaml @@ -26,3 +26,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/policy/components/policy-xacml-pdp/templates/deployment.yaml b/kubernetes/policy/components/policy-xacml-pdp/templates/deployment.yaml index 73ae6dd55a..2da0035fa0 100755 --- a/kubernetes/policy/components/policy-xacml-pdp/templates/deployment.yaml +++ b/kubernetes/policy/components/policy-xacml-pdp/templates/deployment.yaml @@ -131,6 +131,7 @@ spec: affinity: {{ toYaml .Values.affinity | indent 10 }} {{- end }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "common.certInitializer.volumes" . | indent 8 }} - name: localtime diff --git a/kubernetes/policy/components/policy-xacml-pdp/values.yaml b/kubernetes/policy/components/policy-xacml-pdp/values.yaml index 64c00e9bed..9eda53ee9b 100755 --- a/kubernetes/policy/components/policy-xacml-pdp/values.yaml +++ b/kubernetes/policy/components/policy-xacml-pdp/values.yaml @@ -152,3 +152,9 @@ resources: cpu: 200m memory: 2Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: policy-xacml-pdp + roles: + - read diff --git a/kubernetes/policy/requirements.yaml b/kubernetes/policy/requirements.yaml index 33447a2571..c98d4fc7a8 100755 --- a/kubernetes/policy/requirements.yaml +++ b/kubernetes/policy/requirements.yaml @@ -59,3 +59,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/policy/templates/job.yaml b/kubernetes/policy/templates/job.yaml index f2a55879ee..72c94f30c5 100755 --- a/kubernetes/policy/templates/job.yaml +++ b/kubernetes/policy/templates/job.yaml @@ -30,6 +30,8 @@ spec: app: {{ include "common.name" . }}-job release: {{ include "common.release" . }} spec: + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" initContainers: #This container checks that all galera instances are up before initializing it. - name: {{ include "common.name" . }}-readiness @@ -70,6 +72,7 @@ spec: resources: {{ include "common.resources" . }} restartPolicy: Never + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: - name: {{ include "common.fullname" . }}-config configMap: diff --git a/kubernetes/policy/values.yaml b/kubernetes/policy/values.yaml index 678772c481..92344dd2fe 100755 --- a/kubernetes/policy/values.yaml +++ b/kubernetes/policy/values.yaml @@ -148,3 +148,8 @@ resources: memory: 2Gi unlimited: {} +#Pods Service Account +serviceAccount: + nameOverride: policy + roles: + - read diff --git a/kubernetes/portal/components/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh b/kubernetes/portal/components/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh index c4a21b927f..f5dcbff6bf 100644 --- a/kubernetes/portal/components/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh +++ b/kubernetes/portal/components/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh @@ -1,4 +1,5 @@ #!/bin/bash + set -eo pipefail shopt -s nullglob @@ -30,10 +31,15 @@ file_env() { mysql_error "Both $var and $fileVar are set (but are exclusive)" fi local val="$def" + # val="${!var}" + # val="$(< "${!fileVar}")" + # eval replacement of the bashism equivalents above presents no security issue here + # since var and fileVar variables contents are derived from the file_env() function arguments. + # This method is only called inside this script with a limited number of possible values. if [ "${!var:-}" ]; then - val="${!var}" + eval val=\$$var elif [ "${!fileVar:-}" ]; then - val="$(< "${!fileVar}")" + val="$(< "$(eval echo "\$$fileVar")")" fi export "$var"="$val" unset "$fileVar" @@ -81,7 +87,7 @@ docker_process_init_files() { mysql_check_config() { local toRun=( "$@" --verbose --help --log-bin-index="$(mktemp -u)" ) errors if ! errors="$("${toRun[@]}" 2>&1 >/dev/null)"; then - mysql_error $'mysqld failed while attempting to check config\n\tcommand was: '"${toRun[*]}"$'\n\t'"$errors" + mysql_error "$(printf 'mysqld failed while attempting to check config\n\tcommand was: ')${toRun[*]}$(printf'\n\t')$errors" fi } @@ -100,14 +106,14 @@ docker_temp_server_start() { "$@" --skip-networking --socket="${SOCKET}" & mysql_note "Waiting for server startup" local i - for i in {30..0}; do + for i in $(seq 30 -1 0); do # only use the root password if the database has already been initializaed # so that it won't try to fill in a password file when it hasn't been set yet - extraArgs=() + extraArgs="" if [ -z "$DATABASE_ALREADY_EXISTS" ]; then - extraArgs+=( '--dont-use-mysql-root-password' ) + extraArgs=${extraArgs}" --dont-use-mysql-root-password" fi - if echo 'SELECT 1' |docker_process_sql "${extraArgs[@]}" --database=mysql >/dev/null 2>&1; then + if echo 'SELECT 1' |docker_process_sql ${extraArgs} --database=mysql >/dev/null 2>&1; then break fi sleep 1 @@ -128,7 +134,7 @@ docker_temp_server_stop() { # Verify that the minimally required password settings are set for new databases. docker_verify_minimum_env() { if [ -z "$MYSQL_ROOT_PASSWORD" -a -z "$MYSQL_ALLOW_EMPTY_PASSWORD" -a -z "$MYSQL_RANDOM_ROOT_PASSWORD" ]; then - mysql_error $'Database is uninitialized and password option is not specified\n\tYou need to specify one of MYSQL_ROOT_PASSWORD, MYSQL_ALLOW_EMPTY_PASSWORD and MYSQL_RANDOM_ROOT_PASSWORD' + mysql_error "$(printf'Database is uninitialized and password option is not specified\n\tYou need to specify one of MYSQL_ROOT_PASSWORD, MYSQL_ALLOW_EMPTY_PASSWORD and MYSQL_RANDOM_ROOT_PASSWORD')" fi } @@ -150,15 +156,15 @@ docker_create_db_directories() { # initializes the database directory docker_init_database_dir() { mysql_note "Initializing database files" - installArgs=( --datadir="$DATADIR" --rpm ) + installArgs=" --datadir=$DATADIR --rpm " if { mysql_install_db --help || :; } | grep -q -- '--auth-root-authentication-method'; then # beginning in 10.4.3, install_db uses "socket" which only allows system user root to connect, switch back to "normal" to allow mysql root without a password # see https://github.com/MariaDB/server/commit/b9f3f06857ac6f9105dc65caae19782f09b47fb3 # (this flag doesn't exist in 10.0 and below) - installArgs+=( --auth-root-authentication-method=normal ) + installArgs=${installArgs}" --auth-root-authentication-method=normal" fi # "Other options are passed to mysqld." (so we pass all "mysqld" arguments directly here) - mysql_install_db "${installArgs[@]}" "${@:2}" + mysql_install_db ${installArgs} "$(echo ${@} | sed 's/^ *[^ ]* *//')" mysql_note "Database files initialized" } @@ -189,9 +195,9 @@ docker_setup_env() { # ie: docker_process_sql --database=mydb <<<'INSERT ...' # ie: docker_process_sql --dont-use-mysql-root-password --database=mydb <my-file.sql docker_process_sql() { - passfileArgs=() + passfileArgs="" if [ '--dont-use-mysql-root-password' = "$1" ]; then - passfileArgs+=( "$1" ) + passfileArgs=${passfileArgs}" $1" shift fi # args sent in can override this db, since they will be later in the command @@ -199,7 +205,7 @@ docker_process_sql() { set -- --database="$MYSQL_DATABASE" "$@" fi - mysql --defaults-extra-file=<( _mysql_passfile "${passfileArgs[@]}") --protocol=socket -uroot -hlocalhost --socket="${SOCKET}" "$@" + mysql --defaults-extra-file=<( _mysql_passfile ${passfileArgs}) --protocol=socket -uroot -hlocalhost --socket="${SOCKET}" "$@" } # Initializes database with timezone info and root password, plus optional extra db/user @@ -272,10 +278,10 @@ docker_setup_db() { if [ -n "$MYSQL_DATABASE" ]; then mysql_note "Giving user ${MYSQL_USER} access to schema ${MYSQL_DATABASE}" - echo "GRANT ALL ON \`${MYSQL_DATABASE//_/\\_}\`.* TO '$MYSQL_USER'@'%' ;" |docker_process_sql --database=mysql + echo "GRANT ALL ON \`$(echo $MYSQL_DATABASE | sed 's@_@\\_@g')\`.* TO '$MYSQL_USER'@'%' ;" | docker_process_sql --database=mysql fi - echo "FLUSH PRIVILEGES ;" |docker_process_sql --database=mysql + echo "FLUSH PRIVILEGES ;" | docker_process_sql --database=mysql fi } @@ -307,7 +313,7 @@ _mysql_want_help() { _main() { # if command starts with an option, prepend mysqld - if [ "${1:0:1}" = '-' ]; then + if echo "$1" | grep '^-' >/dev/null; then set -- mysqld "$@" fi @@ -323,7 +329,7 @@ _main() { # If container is started as root user, restart as dedicated mysql user if [ "$(id -u)" = "0" ]; then mysql_note "Switching to dedicated user 'mysql'" - exec gosu mysql "$BASH_SOURCE" "$@" + exec gosu mysql "$0" "$@" fi # there's no database, so it needs to be initialized diff --git a/kubernetes/robot/demo-k8s.sh b/kubernetes/robot/demo-k8s.sh index 099f80ccff..0d30557220 100755 --- a/kubernetes/robot/demo-k8s.sh +++ b/kubernetes/robot/demo-k8s.sh @@ -93,7 +93,10 @@ do case $key in init_robot) TAG="UpdateWebPage" - read -s -p "WEB Site Password for user 'test': " WEB_PASSWORD + echo "WEB Site Password for user 'test': " + stty -echo + read WEB_PASSWORD + stty echo if [ "$WEB_PASSWORD" = "" ]; then echo "" echo "WEB Password is required for user 'test'" @@ -222,7 +225,7 @@ ETEHOME=/var/opt/ONAP if [ $execscript ]; then for script in $(ls -1 "$DIR/$SCRIPTDIR"); do - [ -f "$DIR/$SCRIPTDIR/$script" ] && [ -x "$DIR/$SCRIPTDIR/$script" ] && source "$DIR/$SCRIPTDIR/$script" + [ -f "$DIR/$SCRIPTDIR/$script" ] && [ -x "$DIR/$SCRIPTDIR/$script" ] && . "$DIR/$SCRIPTDIR/$script" done fi diff --git a/kubernetes/robot/ete-k8s.sh b/kubernetes/robot/ete-k8s.sh index 15d07fb3ee..01cf0922fa 100755 --- a/kubernetes/robot/ete-k8s.sh +++ b/kubernetes/robot/ete-k8s.sh @@ -78,7 +78,7 @@ ETEHOME=/var/opt/ONAP if [ "${!#}" = "execscript" ]; then for script in $(ls -1 "$DIR/$SCRIPTDIR"); do - [ -f "$DIR/$SCRIPTDIR/$script" ] && [ -x "$DIR/$SCRIPTDIR/$script" ] && source "$DIR/$SCRIPTDIR/$script" + [ -f "$DIR/$SCRIPTDIR/$script" ] && [ -x "$DIR/$SCRIPTDIR/$script" ] && . "$DIR/$SCRIPTDIR/$script" done fi diff --git a/kubernetes/robot/eteHelm-k8s.sh b/kubernetes/robot/eteHelm-k8s.sh index d5e2fa41c3..8b74da77f8 100755 --- a/kubernetes/robot/eteHelm-k8s.sh +++ b/kubernetes/robot/eteHelm-k8s.sh @@ -46,7 +46,7 @@ ETEHOME=/var/opt/ONAP if [ "${!#}" = "execscript" ]; then for script in $(ls -1 "$DIR/$SCRIPTDIR"); do - [ -f "$DIR/$SCRIPTDIR/$script" ] && [ -x "$DIR/$SCRIPTDIR/$script" ] && source "$DIR/$SCRIPTDIR/$script" + [ -f "$DIR/$SCRIPTDIR/$script" ] && [ -x "$DIR/$SCRIPTDIR/$script" ] && . "$DIR/$SCRIPTDIR/$script" done fi diff --git a/kubernetes/robot/instantiate-k8s.sh b/kubernetes/robot/instantiate-k8s.sh index f4f6b04e4c..623870b9f3 100755 --- a/kubernetes/robot/instantiate-k8s.sh +++ b/kubernetes/robot/instantiate-k8s.sh @@ -1,4 +1,5 @@ #!/bin/bash + # Copyright 2019 AT&T Intellectual Property. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -13,7 +14,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -THIS_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )" +THIS_DIR="$( cd "$( dirname "$0" )" >/dev/null 2>&1 && pwd )" NAMESPACE= FOLDER= @@ -138,13 +139,13 @@ kubectl --namespace $NAMESPACE cp ${POD}:share/logs/$OUTPUT_FOLDER/summary/stack kubectl --namespace $NAMESPACE cp ${POD}:share/logs/$OUTPUT_FOLDER/summary/results.json "$OUTPUT_DIRECTORY"/results.json kubectl --namespace $NAMESPACE cp ${POD}:share/logs/$OUTPUT_FOLDER/log.html "$OUTPUT_DIRECTORY"/log.html -pushd . +initdir=$(pwd) # echo -e "import hashlib\nwith open(\"README.md\", \"r\") as f: bytes = f.read()\nreadable_hash = hashlib.sha256(bytes).hexdigest()\nprint(readable_hash)" | python cd "$OUTPUT_DIRECTORY" tar -czvf vnf_heat_results.tar.gz * -popd +cd $initdir echo "VNF test results: $OUTPUT_DIRECTORY/vnf_heat_results.tar.gz" diff --git a/kubernetes/robot/scripts/etescript/hvves-etescript.sh b/kubernetes/robot/scripts/etescript/hvves-etescript.sh index b47051f7e2..63e90cdec6 100755 --- a/kubernetes/robot/scripts/etescript/hvves-etescript.sh +++ b/kubernetes/robot/scripts/etescript/hvves-etescript.sh @@ -49,21 +49,21 @@ create_pkcs12_ca_and_server () { } copy_server_certs_to_hvves () { - for f in {ca.p12,server.p12} + for f in ca.p12 server.p12 do kubectl cp $1/$f $2/$3:$4 done } copy_client_certs_to_robot () { - for f in {ca.pem,client.key,client.pem} + for f in ca.pem client.key client.pem do kubectl cp $1/$f $2/$3:$4 done } cleanup () { - rm -f $1/{ca,server,client}.??? + rm -f $1/ca.??? $1/server.??? s$1/client.??? } diff --git a/kubernetes/sdc/components/sdc-helm-validator/values.yaml b/kubernetes/sdc/components/sdc-helm-validator/values.yaml index ede80a6af0..4cd4a76506 100644 --- a/kubernetes/sdc/components/sdc-helm-validator/values.yaml +++ b/kubernetes/sdc/components/sdc-helm-validator/values.yaml @@ -18,7 +18,7 @@ global: pullPolicy: Always -image: onap/org.onap.sdc.sdc-helm-validator:1.2.0 +image: onap/org.onap.sdc.sdc-helm-validator:1.2.2 containerPort: &svc_port 8080 config: diff --git a/kubernetes/sdnc/components/dmaap-listener/requirements.yaml b/kubernetes/sdnc/components/dmaap-listener/requirements.yaml index bdf33d53ea..2c0b1081dd 100644 --- a/kubernetes/sdnc/components/dmaap-listener/requirements.yaml +++ b/kubernetes/sdnc/components/dmaap-listener/requirements.yaml @@ -19,3 +19,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/sdnc/components/dmaap-listener/templates/deployment.yaml b/kubernetes/sdnc/components/dmaap-listener/templates/deployment.yaml index fd45eae0d1..69b0fd3bb8 100644 --- a/kubernetes/sdnc/components/dmaap-listener/templates/deployment.yaml +++ b/kubernetes/sdnc/components/dmaap-listener/templates/deployment.yaml @@ -107,17 +107,14 @@ spec: - mountPath: {{ .Values.config.configDir }}/dmaap-consumer-RANSlice.properties name: properties subPath: dmaap-consumer-RANSlice.properties - resources: -{{ include "common.resources" . | indent 12 }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 10 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 10 }} - {{- end }} - + resources: {{ include "common.resources" . | nindent 10 }} + {{- if .Values.nodeSelector }} + nodeSelector: {{ toYaml .Values.nodeSelector | nindent 8 }} + {{- end }} + {{- if .Values.affinity }} + affinity: {{ toYaml .Values.affinity | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: - name: localtime hostPath: diff --git a/kubernetes/sdnc/components/dmaap-listener/values.yaml b/kubernetes/sdnc/components/dmaap-listener/values.yaml index c32a6a6230..0d180ec029 100644 --- a/kubernetes/sdnc/components/dmaap-listener/values.yaml +++ b/kubernetes/sdnc/components/dmaap-listener/values.yaml @@ -127,3 +127,9 @@ resources: cpu: 1 memory: 2Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: sdnc-dmaap-listener + roles: + - read diff --git a/kubernetes/sdnc/components/sdnc-ansible-server/requirements.yaml b/kubernetes/sdnc/components/sdnc-ansible-server/requirements.yaml index bdf33d53ea..2c0b1081dd 100644 --- a/kubernetes/sdnc/components/sdnc-ansible-server/requirements.yaml +++ b/kubernetes/sdnc/components/sdnc-ansible-server/requirements.yaml @@ -19,3 +19,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/sdnc/components/sdnc-ansible-server/templates/deployment.yaml b/kubernetes/sdnc/components/sdnc-ansible-server/templates/deployment.yaml index 41a5c09a10..1f0dbdeced 100644 --- a/kubernetes/sdnc/components/sdnc-ansible-server/templates/deployment.yaml +++ b/kubernetes/sdnc/components/sdnc-ansible-server/templates/deployment.yaml @@ -94,16 +94,14 @@ spec: - mountPath: {{ .Values.config.configDir }}/RestServer_config name: config subPath: RestServer_config - resources: -{{ include "common.resources" . | indent 12 }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 10 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 10 }} - {{- end }} + resources: {{ include "common.resources" . | nindent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: {{ toYaml .Values.nodeSelector | nindent 8 }} + {{- end }} + {{- if .Values.affinity }} + affinity: {{ toYaml .Values.affinity | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: - name: localtime hostPath: diff --git a/kubernetes/sdnc/components/sdnc-ansible-server/values.yaml b/kubernetes/sdnc/components/sdnc-ansible-server/values.yaml index b8d59f96c9..13c53d3fe1 100644 --- a/kubernetes/sdnc/components/sdnc-ansible-server/values.yaml +++ b/kubernetes/sdnc/components/sdnc-ansible-server/values.yaml @@ -129,3 +129,9 @@ resources: cpu: 1 memory: 1Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: sdnc-ansible-server + roles: + - read diff --git a/kubernetes/sdnc/components/sdnc-prom/requirements.yaml b/kubernetes/sdnc/components/sdnc-prom/requirements.yaml index 3f33591953..1cc295e2c3 100644 --- a/kubernetes/sdnc/components/sdnc-prom/requirements.yaml +++ b/kubernetes/sdnc/components/sdnc-prom/requirements.yaml @@ -19,3 +19,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/sdnc/components/sdnc-prom/resources/bin/ensureSdncActive.sh b/kubernetes/sdnc/components/sdnc-prom/resources/bin/ensureSdncActive.sh index feb6662196..099103ca79 100755 --- a/kubernetes/sdnc/components/sdnc-prom/resources/bin/ensureSdncActive.sh +++ b/kubernetes/sdnc/components/sdnc-prom/resources/bin/ensureSdncActive.sh @@ -1,6 +1,6 @@ #!/bin/bash -{{/* +{{/* # Copyright © 2018 Amdocs # # Licensed under the Apache License, Version 2.0 (the "License"); diff --git a/kubernetes/sdnc/components/sdnc-prom/resources/bin/ensureSdncStandby.sh b/kubernetes/sdnc/components/sdnc-prom/resources/bin/ensureSdncStandby.sh index 94858339e7..05a17017ab 100755 --- a/kubernetes/sdnc/components/sdnc-prom/resources/bin/ensureSdncStandby.sh +++ b/kubernetes/sdnc/components/sdnc-prom/resources/bin/ensureSdncStandby.sh @@ -1,6 +1,6 @@ -#!/bin/bash -{{/* +#!/bin/sh +{{/* # Copyright © 2018 Amdocs # # Licensed under the Apache License, Version 2.0 (the "License"); diff --git a/kubernetes/sdnc/components/sdnc-prom/templates/deployment.yaml b/kubernetes/sdnc/components/sdnc-prom/templates/deployment.yaml index 1c9adad5a0..803434cf09 100644 --- a/kubernetes/sdnc/components/sdnc-prom/templates/deployment.yaml +++ b/kubernetes/sdnc/components/sdnc-prom/templates/deployment.yaml @@ -62,17 +62,14 @@ spec: mountPath: /app/bin - name: core-dns-keyfile mountPath: /app/config/coredns - - resources: -{{ include "common.resources" . | indent 12 }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 10 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 10 }} - {{- end }} + resources: {{ include "common.resources" . | nindent 10 }} + {{- if .Values.nodeSelector }} + nodeSelector: {{ toYaml .Values.nodeSelector | nindent 8 }} + {{- end }} + {{- if .Values.affinity }} + affinity: {{ toYaml .Values.affinity | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: - name: localtime hostPath: diff --git a/kubernetes/sdnc/components/sdnc-prom/values.yaml b/kubernetes/sdnc/components/sdnc-prom/values.yaml index d9afd1aab0..eb11d646b3 100644 --- a/kubernetes/sdnc/components/sdnc-prom/values.yaml +++ b/kubernetes/sdnc/components/sdnc-prom/values.yaml @@ -94,3 +94,9 @@ ingress: enabled: false resources: {} + +#Pods Service Account +serviceAccount: + nameOverride: sdnc-prom + roles: + - read diff --git a/kubernetes/sdnc/components/sdnc-web/requirements.yaml b/kubernetes/sdnc/components/sdnc-web/requirements.yaml index 7e75730415..3d7968123b 100644 --- a/kubernetes/sdnc/components/sdnc-web/requirements.yaml +++ b/kubernetes/sdnc/components/sdnc-web/requirements.yaml @@ -23,3 +23,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/sdnc/components/sdnc-web/templates/deployment.yaml b/kubernetes/sdnc/components/sdnc-web/templates/deployment.yaml index 7b04773ec5..21416c9b5f 100644 --- a/kubernetes/sdnc/components/sdnc-web/templates/deployment.yaml +++ b/kubernetes/sdnc/components/sdnc-web/templates/deployment.yaml @@ -95,13 +95,13 @@ spec: readOnly: true resources: {{ include "common.resources" . | nindent 12 }} - {{- if .Values.nodeSelector }} - nodeSelector: {{ toYaml .Values.nodeSelector | nindent 10 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 10 }} - {{- end }} + {{- if .Values.nodeSelector }} + nodeSelector: {{ toYaml .Values.nodeSelector | nindent 8 }} + {{- end }} + {{- if .Values.affinity }} + affinity: {{ toYaml .Values.affinity | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }} - name: localtime hostPath: diff --git a/kubernetes/sdnc/components/sdnc-web/values.yaml b/kubernetes/sdnc/components/sdnc-web/values.yaml index 8514641a1c..3d9f86192f 100644 --- a/kubernetes/sdnc/components/sdnc-web/values.yaml +++ b/kubernetes/sdnc/components/sdnc-web/values.yaml @@ -127,3 +127,9 @@ resources: cpu: 1 memory: 1Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: sdnc-web + roles: + - read diff --git a/kubernetes/sdnc/components/ueb-listener/requirements.yaml b/kubernetes/sdnc/components/ueb-listener/requirements.yaml index bdf33d53ea..2c0b1081dd 100644 --- a/kubernetes/sdnc/components/ueb-listener/requirements.yaml +++ b/kubernetes/sdnc/components/ueb-listener/requirements.yaml @@ -19,3 +19,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/sdnc/components/ueb-listener/templates/deployment.yaml b/kubernetes/sdnc/components/ueb-listener/templates/deployment.yaml index 385fd9b651..603f3a3f99 100644 --- a/kubernetes/sdnc/components/ueb-listener/templates/deployment.yaml +++ b/kubernetes/sdnc/components/ueb-listener/templates/deployment.yaml @@ -94,17 +94,14 @@ spec: - mountPath: {{ .Values.config.configDir }}/ueb-listener.properties name: properties subPath: ueb-listener.properties - resources: -{{ include "common.resources" . | indent 12 }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 10 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 10 }} - {{- end }} - + resources: {{ include "common.resources" . | nindent 10 }} + {{- if .Values.nodeSelector }} + nodeSelector: {{ toYaml .Values.nodeSelector | nindent 8 }} + {{- end }} + {{- if .Values.affinity }} + affinity: {{ toYaml .Values.affinity | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: - name: localtime hostPath: diff --git a/kubernetes/sdnc/components/ueb-listener/values.yaml b/kubernetes/sdnc/components/ueb-listener/values.yaml index 5838809efe..c35095c158 100644 --- a/kubernetes/sdnc/components/ueb-listener/values.yaml +++ b/kubernetes/sdnc/components/ueb-listener/values.yaml @@ -137,3 +137,9 @@ resources: cpu: 1 memory: 2Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: sdnc-ueb-listener + roles: + - read diff --git a/kubernetes/sdnc/requirements.yaml b/kubernetes/sdnc/requirements.yaml index ac0e6ed868..f5f6226b06 100644 --- a/kubernetes/sdnc/requirements.yaml +++ b/kubernetes/sdnc/requirements.yaml @@ -1,3 +1,4 @@ + # Copyright © 2017 Amdocs, Bell Canada, # Copyright © 2020 highstreet technologies GmbH # Copyright © 2021 Nokia @@ -13,7 +14,6 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - dependencies: - name: common version: ~8.x-0 @@ -67,3 +67,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/sdnc/resources/geo/bin/switchVoting.sh b/kubernetes/sdnc/resources/geo/bin/switchVoting.sh index 65b76265fc..a276854d5c 100755 --- a/kubernetes/sdnc/resources/geo/bin/switchVoting.sh +++ b/kubernetes/sdnc/resources/geo/bin/switchVoting.sh @@ -1,6 +1,6 @@ -#!/bin/bash -{{/* +#!/bin/sh +{{/* # Copyright © 2018 Amdocs # # Licensed under the Apache License, Version 2.0 (the "License"); diff --git a/kubernetes/sdnc/templates/job.yaml b/kubernetes/sdnc/templates/job.yaml index 9f6273d5ff..11b1a87128 100755 --- a/kubernetes/sdnc/templates/job.yaml +++ b/kubernetes/sdnc/templates/job.yaml @@ -132,15 +132,12 @@ spec: - /bin/bash args: - {{.Values.config.binDir }}/installSdncDb.sh - resources: -{{ include "common.resources" . | indent 12 }} + resources: {{ include "common.resources" . | nindent 10 }} {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 10 }} - {{- end -}} + nodeSelector: {{ toYaml .Values.nodeSelector | nindent 8 }} + {{- end }} {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 10 }} + affinity: {{ toYaml .Values.affinity | nindent 8 }} {{- end }} volumes: - name: localtime diff --git a/kubernetes/sdnc/templates/statefulset.yaml b/kubernetes/sdnc/templates/statefulset.yaml index f0ee8a9456..01d51a21f6 100644 --- a/kubernetes/sdnc/templates/statefulset.yaml +++ b/kubernetes/sdnc/templates/statefulset.yaml @@ -380,17 +380,7 @@ spec: name: properties subPath: oauth-provider.config.json {{ end }} - resources: -{{ include "common.resources" . | indent 12 }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 10 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 10 }} - {{- end }} - + resources: {{ include "common.resources" . | nindent 12 }} # side car containers - name: filebeat-onap image: {{ include "repositoryGenerator.image.logging" . }} @@ -403,8 +393,15 @@ spec: name: logs - mountPath: /usr/share/filebeat/data name: data-filebeat + {{- if .Values.nodeSelector }} + nodeSelector: {{ toYaml .Values.nodeSelector | nindent 8 }} + {{- end }} + {{- if .Values.affinity }} + affinity: {{ toYaml .Values.affinity | nindent 8 }} + {{- end }} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: - name: localtime hostPath: diff --git a/kubernetes/sdnc/values.yaml b/kubernetes/sdnc/values.yaml index 6ab96adde7..1c9a422bab 100644 --- a/kubernetes/sdnc/values.yaml +++ b/kubernetes/sdnc/values.yaml @@ -577,7 +577,7 @@ persistence: mountSubPath: sdnc/mdsal mdsalPath: /opt/opendaylight/mdsal daeximPath: /opt/opendaylight/mdsal/daexim - journalPath: /opt/opendaylight/journal + journalPath: /opt/opendaylight/segmented-journal snapshotsPath: /opt/opendaylight/snapshots certpersistence: @@ -625,3 +625,9 @@ resources: cpu: 2 memory: 4Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: sdnc + roles: + - read diff --git a/kubernetes/so/components/so-bpmn-infra/values.yaml b/kubernetes/so/components/so-bpmn-infra/values.yaml index 09ad91191d..405017c400 100755 --- a/kubernetes/so/components/so-bpmn-infra/values.yaml +++ b/kubernetes/so/components/so-bpmn-infra/values.yaml @@ -34,7 +34,8 @@ global: readinessCheck: wait_for: - - so-mariadb-config + jobs: + - '{{ include "common.release" . }}-so-mariadb-config-job' ################################################################# # Secrets metaconfig @@ -62,7 +63,7 @@ secrets: ################################################################# # Application configuration defaults. ################################################################# -image: onap/so/bpmn-infra:1.8.2 +image: onap/so/bpmn-infra:1.9.0 pullPolicy: Always db: diff --git a/kubernetes/so/components/so-catalog-db-adapter/values.yaml b/kubernetes/so/components/so-catalog-db-adapter/values.yaml index f3d6bdbcb9..c3b615147c 100755 --- a/kubernetes/so/components/so-catalog-db-adapter/values.yaml +++ b/kubernetes/so/components/so-catalog-db-adapter/values.yaml @@ -33,7 +33,8 @@ global: readinessCheck: wait_for: - - so-mariadb-config + jobs: + - '{{ include "common.release" . }}-so-mariadb-config-job' ################################################################# # Secrets metaconfig @@ -61,7 +62,7 @@ secrets: ################################################################# # Application configuration defaults. ################################################################# -image: onap/so/catalog-db-adapter:1.8.2 +image: onap/so/catalog-db-adapter:1.9.0 pullPolicy: Always db: diff --git a/kubernetes/so/components/so-cnf-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-cnf-adapter/resources/config/overrides/override.yaml index 46793e7b75..922643404c 100755 --- a/kubernetes/so/components/so-cnf-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/components/so-cnf-adapter/resources/config/overrides/override.yaml @@ -29,6 +29,8 @@ server: port: {{ index .Values.containerPort }} tomcat: max-threads: 50 +multicloud: + endpoint: http://multicloud-k8s.{{ include "common.namespace" . }}:9015 mso: site-name: localSite logPath: ./logs/cnf-adapter diff --git a/kubernetes/so/components/so-etsi-sol005-adapter/values.yaml b/kubernetes/so/components/so-etsi-sol005-adapter/values.yaml index 31b925576b..f32587f9c0 100755 --- a/kubernetes/so/components/so-etsi-sol005-adapter/values.yaml +++ b/kubernetes/so/components/so-etsi-sol005-adapter/values.yaml @@ -31,7 +31,8 @@ global: readinessCheck: wait_for: - - so-mariadb-config + jobs: + - '{{ include "common.release" . }}-so-mariadb-config-job' ################################################################# # Secrets metaconfig diff --git a/kubernetes/so/components/so-nssmf-adapter/values.yaml b/kubernetes/so/components/so-nssmf-adapter/values.yaml index 583f9ad3e8..09f61a5320 100755 --- a/kubernetes/so/components/so-nssmf-adapter/values.yaml +++ b/kubernetes/so/components/so-nssmf-adapter/values.yaml @@ -31,7 +31,8 @@ global: readinessCheck: wait_for: - - so-mariadb-config + jobs: + - '{{ include "common.release" . }}-so-mariadb-config-job' ################################################################# diff --git a/kubernetes/so/components/so-openstack-adapter/values.yaml b/kubernetes/so/components/so-openstack-adapter/values.yaml index ff0277bf14..82b4061f4b 100755 --- a/kubernetes/so/components/so-openstack-adapter/values.yaml +++ b/kubernetes/so/components/so-openstack-adapter/values.yaml @@ -31,7 +31,8 @@ global: readinessCheck: wait_for: - - so-mariadb-config + jobs: + - '{{ include "common.release" . }}-so-mariadb-config-job' ################################################################# # Secrets metaconfig @@ -57,7 +58,7 @@ secrets: ################################################################# # Application configuration defaults. ################################################################# -image: onap/so/openstack-adapter:1.8.2 +image: onap/so/openstack-adapter:1.9.0 pullPolicy: Always db: diff --git a/kubernetes/so/components/so-request-db-adapter/values.yaml b/kubernetes/so/components/so-request-db-adapter/values.yaml index 61ec26d1f6..9461974a13 100755 --- a/kubernetes/so/components/so-request-db-adapter/values.yaml +++ b/kubernetes/so/components/so-request-db-adapter/values.yaml @@ -31,7 +31,8 @@ global: readinessCheck: wait_for: - - so-mariadb-config + jobs: + - '{{ include "common.release" . }}-so-mariadb-config-job' ################################################################# # Secrets metaconfig @@ -57,7 +58,7 @@ secrets: ################################################################# # Application configuration defaults. ################################################################# -image: onap/so/request-db-adapter:1.8.2 +image: onap/so/request-db-adapter:1.9.0 pullPolicy: Always db: diff --git a/kubernetes/so/components/so-sdc-controller/values.yaml b/kubernetes/so/components/so-sdc-controller/values.yaml index 4b6eceecdd..9151468502 100755 --- a/kubernetes/so/components/so-sdc-controller/values.yaml +++ b/kubernetes/so/components/so-sdc-controller/values.yaml @@ -31,7 +31,8 @@ global: readinessCheck: wait_for: - - so-mariadb-config + jobs: + - '{{ include "common.release" . }}-so-mariadb-config-job' ################################################################# # Secrets metaconfig @@ -57,7 +58,7 @@ secrets: ################################################################# # Application configuration defaults. ################################################################# -image: onap/so/sdc-controller:1.8.2 +image: onap/so/sdc-controller:1.9.0 pullPolicy: Always db: diff --git a/kubernetes/so/components/so-sdnc-adapter/values.yaml b/kubernetes/so/components/so-sdnc-adapter/values.yaml index 8f3565ed3e..b5352b09f9 100755 --- a/kubernetes/so/components/so-sdnc-adapter/values.yaml +++ b/kubernetes/so/components/so-sdnc-adapter/values.yaml @@ -72,7 +72,7 @@ secrets: ################################################################# # Application configuration defaults. ################################################################# -image: onap/so/sdnc-adapter:1.8.2 +image: onap/so/sdnc-adapter:1.9.0 pullPolicy: Always org: diff --git a/kubernetes/so/values.yaml b/kubernetes/so/values.yaml index f0bb7d1fe5..ca2fe07b22 100755 --- a/kubernetes/so/values.yaml +++ b/kubernetes/so/values.yaml @@ -63,7 +63,8 @@ global: readinessCheck: wait_for: - - so-mariadb-config + jobs: + - '{{ include "common.release" . }}-so-mariadb-config-job' ################################################################# # Secrets metaconfig @@ -162,7 +163,7 @@ dbCreds: userName: so_user adminName: so_admin -image: onap/so/api-handler-infra:1.8.2 +image: onap/so/api-handler-infra:1.9.0 server: aaf: diff --git a/kubernetes/uui/.helmignore b/kubernetes/uui/.helmignore index f0c1319444..7ddbad7ef4 100644 --- a/kubernetes/uui/.helmignore +++ b/kubernetes/uui/.helmignore @@ -19,3 +19,4 @@ .project .idea/ *.tmproj +components/ diff --git a/kubernetes/uui/values.yaml b/kubernetes/uui/values.yaml index 0fa4748e3d..61a0b5097a 100644 --- a/kubernetes/uui/values.yaml +++ b/kubernetes/uui/values.yaml @@ -24,7 +24,7 @@ subChartsOnly: flavor: small # application image -image: onap/usecase-ui:4.0.1 +image: onap/usecase-ui:4.0.2 pullPolicy: Always # application configuration diff --git a/kubernetes/vfc/.helmignore b/kubernetes/vfc/.helmignore new file mode 100644 index 0000000000..7ddbad7ef4 --- /dev/null +++ b/kubernetes/vfc/.helmignore @@ -0,0 +1,22 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj +components/ |