diff options
12 files changed, 397 insertions, 4 deletions
diff --git a/kubernetes/common/elasticsearch/values.yaml b/kubernetes/common/elasticsearch/values.yaml index b91ac76056..a3f15645a3 100644 --- a/kubernetes/common/elasticsearch/values.yaml +++ b/kubernetes/common/elasticsearch/values.yaml @@ -279,7 +279,6 @@ certInitializer: aaf_add_config: > cd {{ .Values.credsPath }}; mkdir -p certs; - export $(/opt/app/aaf_config/bin/agent.sh local showpass | grep '^c' | xargs -0); keytool -exportcert -rfc -file certs/cacert.pem -keystore {{ .Values.fqi_namespace }}.trust.jks -alias ca_local_0 -storepass $cadi_truststore_password; openssl pkcs12 -in {{ .Values.fqi_namespace }}.p12 -out certs/cert.pem -passin pass:$cadi_keystore_password_p12 -passout pass:$cadi_keystore_password_p12; cp {{ .Values.fqi_namespace }}.key certs/key.pem; diff --git a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_configmap.tpl b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_configmap.tpl index 46f52b805e..1dff4d0f77 100644 --- a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_configmap.tpl +++ b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_configmap.tpl @@ -40,6 +40,7 @@ information for the logging sidecar. */}} {{- define "dcaegen2-services-common.configMap" -}} +{{- $appConf := .Values.applicationConfig | default (dict) -}} apiVersion: v1 kind: ConfigMap metadata: @@ -48,7 +49,7 @@ metadata: labels: {{ include "common.labels" . | nindent 6 }} data: application_config.yaml: | -{{ .Values.applicationConfig | toYaml | indent 4 }} +{{ $appConf | toYaml | indent 4 }} {{- if .Values.logDirectory }} --- diff --git a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl index 328a4c625f..ffff46fab5 100644 --- a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl +++ b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl @@ -79,7 +79,7 @@ to give the microservice access to data in volumes created else. This initial implementation supports ConfigMaps only, as this is the only external volume mounting required by current microservices. -.Values.externalValues is a list of objects. Each object has 3 required fields and 1 optional field: +.Values.externalVolumes is a list of objects. Each object has 3 required fields and 2 optional fields: - name: the name of the resource (in the current implementation, it must be a ConfigMap) that is to be set up as a volume. The value is a case sensitive string. Because the names of resources are sometimes set at deployment time (for instance, to prefix the Helm @@ -91,6 +91,11 @@ external volume mounting required by current microservices. value is a case-sensitive string. - readOnly: (Optional) Boolean flag. Set to true to mount the volume as read-only. Defaults to false. + - optional: (Optional) Boolean flag. Set to true to make the configMap optional (i.e., to allow the + microservice's pod to start even if the configMap doesn't exist). If set to false, the configMap must + be present in order for the microservice's pod to start. Defaults to true. (Note that this + default is the opposite of the Kubernetes default. We've done this to be consistent with the behavior + of the DCAE Cloudify plugin for Kubernetes [k8splugin], which always set "optional" to true.) Here is an example fragment from a values.yaml file for a microservice: @@ -101,16 +106,19 @@ externalVolumes: - name: '{{ include "common.release" . }}-another-example' type: configmap mountPath: /opt/app/otherconfig + optional: false */}} {{- define "dcaegen2-services-common._externalVolumes" -}} {{- $global := . -}} {{- if .Values.externalVolumes }} {{- range $vol := .Values.externalVolumes }} {{- if eq (lower $vol.type) "configmap" }} - {{- $vname := (tpl $vol.name $global) }} + {{- $vname := (tpl $vol.name $global) -}} + {{- $opt := hasKey $vol "optional" | ternary $vol.optional true }} - configMap: defaultMode: 420 name: {{ $vname }} + optional: {{ $opt }} name: {{ $vname }} {{- end }} {{- end }} diff --git a/kubernetes/dcaegen2-services/components/dcae-son-handler/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-son-handler/Chart.yaml new file mode 100644 index 0000000000..f57b63ac86 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-son-handler/Chart.yaml @@ -0,0 +1,22 @@ +# ============= LICENSE_START ================================================ +# ============================================================================ +# Copyright (C) 2021 Wipro Limited. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============= LICENSE_END ================================================== + +apiVersion: v1 +appVersion: "Honolulu" +description: DCAE Son-handler helm chart +name: dcae-son-handler +version: 8.0.0 diff --git a/kubernetes/dcaegen2-services/components/dcae-son-handler/requirements.yaml b/kubernetes/dcaegen2-services/components/dcae-son-handler/requirements.yaml new file mode 100644 index 0000000000..3f52d6fce8 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-son-handler/requirements.yaml @@ -0,0 +1,33 @@ +# ============= LICENSE_START ================================================ +# ============================================================================ +# Copyright (C) 2021 Wipro Limited. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============= LICENSE_END ================================================== + +dependencies: + - name: common + version: ~8.x-0 + repository: '@local' + - name: postgres + version: ~8.x-0 + repository: '@local' + - name: readinessCheck + version: ~8.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~8.x-0 + repository: '@local' + - name: dcaegen2-services-common + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/dcaegen2-services/components/dcae-son-handler/templates/configmap.yaml b/kubernetes/dcaegen2-services/components/dcae-son-handler/templates/configmap.yaml new file mode 100644 index 0000000000..48a203963e --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-son-handler/templates/configmap.yaml @@ -0,0 +1,20 @@ +{{/* +# ============= LICENSE_START ================================================ +# ============================================================================ +# Copyright (C) 2021 Wipro Limited. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============= LICENSE_END ================================================== +*/}} + +{{ include "dcaegen2-services-common.configMap" . }} diff --git a/kubernetes/dcaegen2-services/components/dcae-son-handler/templates/deployment.yaml b/kubernetes/dcaegen2-services/components/dcae-son-handler/templates/deployment.yaml new file mode 100644 index 0000000000..c8cd4d40e5 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-son-handler/templates/deployment.yaml @@ -0,0 +1,20 @@ +{{/* +# ============= LICENSE_START ================================================ +# ============================================================================ +# Copyright (C) 2021 Wipro Limited. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============= LICENSE_END ================================================== +*/}} + +{{ include "dcaegen2-services-common.microserviceDeployment" . }} diff --git a/kubernetes/dcaegen2-services/components/dcae-son-handler/templates/secret.yaml b/kubernetes/dcaegen2-services/components/dcae-son-handler/templates/secret.yaml new file mode 100644 index 0000000000..26b7b5dbdd --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-son-handler/templates/secret.yaml @@ -0,0 +1,20 @@ +{{/* +# ============= LICENSE_START ================================================ +# ============================================================================ +# Copyright (C) 2021 Wipro Limited. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============= LICENSE_END ================================================== +*/}} + +{{ include "common.secretFast" . }} diff --git a/kubernetes/dcaegen2-services/components/dcae-son-handler/templates/service.yaml b/kubernetes/dcaegen2-services/components/dcae-son-handler/templates/service.yaml new file mode 100644 index 0000000000..41133e5abc --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-son-handler/templates/service.yaml @@ -0,0 +1,20 @@ +{{/* +# ============= LICENSE_START ================================================ +# ============================================================================ +# Copyright (C) 2021 Wipro Limited. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============= LICENSE_END ================================================== +*/}} + +{{ include "common.service" . }} diff --git a/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml b/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml new file mode 100644 index 0000000000..78c6144979 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml @@ -0,0 +1,244 @@ +# ============= LICENSE_START ================================================ +# ============================================================================ +# Copyright (C) 2021 Wipro Limited. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============= LICENSE_END ================================================== + +################################################################# +# Global Configuration Defaults. +################################################################# +global: + nodePortPrefix: 302 + nodePortPrefixExt: 304 + +################################################################# +# Filebeat Configuration Defaults. +################################################################# +filebeatConfig: + logstashServiceName: log-ls + logstashPort: 5044 + +################################################################# +# Secrets Configuration. +################################################################# +secrets: + - uid: &aafCredsUID aafcreds + type: basicAuth + login: '{{ .Values.aafCreds.identity }}' + password: '{{ .Values.aafCreds.password }}' + passwordPolicy: required + - uid: &pgUserCredsSecretUid pg-user-creds + name: &pgUserCredsSecretName '{{ include "common.release" . }}-sonhms-pg-user-creds' + type: basicAuth + externalSecret: '{{ ternary "" (tpl (default "" .Values.postgres.config.pgUserExternalSecret) .) (hasSuffix "sonhms-pg-user-creds" .Values.postgres.config.pgUserExternalSecret) }}' + login: '{{ .Values.postgres.config.pgUserName }}' + password: '{{ .Values.postgres.config.pgUserPassword }}' + passwordPolicy: generate + +################################################################# +# InitContainer Images. +################################################################# +tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 +consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.0 + +################################################################# +# Application Configuration Defaults. +################################################################# +# Application Image +image: onap/org.onap.dcaegen2.services.son-handler:2.1.3 +pullPolicy: Always + +# Log directory where logging sidecar should look for log files +# if absent, no sidecar will be deployed +logDirectory: /var/log/ONAP/dcaegen2/services/sonhms + +# Directory where TLS certs should be stored +# if absent, no certs will be retrieved and stored +certDirectory: /opt/app/sonhms/etc/certs + +# TLS role -- set to true if microservice acts as server +# If true, an init container will retrieve a server cert +# and key from AAF and mount them in certDirectory. +tlsServer: true + +# Policy configuraiton properties +# if present, policy-sync side car will be deployed +dcaePolicySyncImage: onap/org.onap.dcaegen2.deployments.dcae-services-policy-sync:1.0.1 +policies: + policyID: | + '["com.Config_PCIMS_CONFIG_POLICY"]' + +# Dependencies +readinessCheck: + wait_for: + - dcae-config-binding-service + - aaf-cm + - &postgresName dcae-sonhms-postgres + +# Probe Configuration +readiness: + initialDelaySeconds: 10 + periodSeconds: 15 + timeoutSeconds: 1 + path: /healthcheck + scheme: HTTPS + port: 8080 + +# Service Configuration +service: + type: ClusterIP + name: dcae-son-handler + ports: + - name: https + port: 8080 + port_protocol: http + +# AAF Credentials +aafCreds: + identity: dcae@dcae.onap.org + password: demo123456! + +credentials: +- name: AAF_IDENTITY + uid: *aafCredsUID + key: login +- name: AAF_PASSWORD + uid: *aafCredsUID + key: password +- name: PG_USERNAME + uid: *pgUserCredsSecretUid + key: login +- name: PG_PASSWORD + uid: *pgUserCredsSecretUid + key: password + + +# Initial Application Configuration +applicationConfig: + postgres.host: &dcaeSonhmsPgPrimary dcae-sonhms-pg-primary + postgres.port: 5432 + postgres.username: ${PG_USERNAME} + postgres.password: ${PG_PASSWORD} + sonhandler.pollingInterval: 20 + sonhandler.pollingTimeout: 60 + cbsPollingInterval: 60 + sonhandler.numSolutions: 5 + sonhandler.minCollision: 5 + sonhandler.minConfusion: 5 + sonhandler.maximumClusters: 5 + sonhandler.badThreshold: 50 + sonhandler.poorThreshold: 70 + sonhandler.namespace: onap + sonhandler.sourceId: SONHMS + sonhandler.dmaap.server: ["message-router"] + sonhandler.bufferTime: 60 + sonhandler.cg: sonhms-cg + sonhandler.cid: sonhms-cid + sonhandler.configDb.service: http://configdb:8080 + sonhandler.oof.service: https://oof-osdf:8698 + sonhandler.oof.endpoint: /api/oof/v1/pci + sonhandler.pciOptimizer: pci + sonhandler.pciAnrOptimizer: pci_anr + sonhandler.poorCountThreshold: 3 + sonhandler.badCountThreshold: 3 + sonhandler.oofTriggerCountTimer: 30 + sonhandler.oofTriggerCountThreshold: 5 + sonhandler.policyRespTimer: 10 + sonhandler.policyNegativeAckThreshold: 3 + sonhandler.policyFixedPciTimeInterval: 30000 + sonhandler.nfNamingCode: RansimAgent + streams_publishes: + CL_topic: + type: message-router + aaf_username: ${AAF_IDENTITY} + aaf_password: ${AAF_PASSWORD} + dmaap_info: + topic_url: https://message-router:3905/events/unauthenticated.DCAE_CL_OUTPUT + streams_subscribes: + performance_management_topic: + type: message-router + aaf_username: ${AAF_IDENTITY} + aaf_password: ${AAF_PASSWORD} + dmaap_info: + topic_url: https://message-router:3905/events/unauthenticated.VES_MEASUREMENT_OUTPUT + fault_management_topic: + type: message-router + aaf_username: ${AAF_IDENTITY} + aaf_password: ${AAF_PASSWORD} + dmaap_info: + topic_url: https://message-router:3905/events/unauthenticated.SEC_FAULT_OUTPUT + nbr_list_change_topic: + type: message-router + aaf_username: ${AAF_IDENTITY} + aaf_password: ${AAF_PASSWORD} + dmaap_info: + topic_url: https://message-router:3905/events/PCI-NOTIF-TOPIC-NGHBR-LIST-CHANGE-INFO + dcae_cl_response_topic: + type: message-router + aaf_username: ${AAF_IDENTITY} + aaf_password: ${AAF_PASSWORD} + dmaap_info: + topic_url: https://message-router:3905/events/DCAE_CL_RSP + service_calls: + sdnr-getpnfname: [] + sdnr-getpci: [] + sdnr-getnbrlist: [] + sdnr-getcelllist: [] + oof-req: [] + policy-req: [] + +applicationEnv: + STANDALONE: 'false' + +# Resource Limit Flavor -By Default Using Small +flavor: small + +# Segregation for Different Environment (Small and Large) +resources: + small: + limits: + cpu: 1 + memory: 1Gi + requests: + cpu: 1 + memory: 1Gi + large: + limits: + cpu: 2 + memory: 2Gi + requests: + cpu: 2 + memory: 2Gi + unlimited: {} + +################################################################# +# Application configuration Overriding Defaults in the Postgres. +################################################################# +postgres: + nameOverride: *postgresName + service: + name: *postgresName + name2: *dcaeSonhmsPgPrimary + name3: dcae-sonhms-pg-replica + container: + name: + primary: dcae-sonhms-pg-primary + replica: dcae-sonhms-pg-replica + persistence: + mountSubPath: sonhms/data + mountInitPath: sonhms + config: + pgUserName: sonhms + pgDatabase: sonhms + pgUserExternalSecret: *pgUserCredsSecretName diff --git a/kubernetes/dcaegen2-services/requirements.yaml b/kubernetes/dcaegen2-services/requirements.yaml index e59fe98205..2bbeb9869c 100644 --- a/kubernetes/dcaegen2-services/requirements.yaml +++ b/kubernetes/dcaegen2-services/requirements.yaml @@ -52,3 +52,7 @@ dependencies: repository: '@local' #repository: 'file://components/dcae-slice-analysis-ms' condition: dcae-slice-analysis-ms.enabled + - name: dcae-son-handler + version: ~8.x-0 + repository: '@local' + condition: dcae-son-handler.enabled diff --git a/kubernetes/dcaegen2-services/values.yaml b/kubernetes/dcaegen2-services/values.yaml index 50aa21741b..687c9b2bab 100644 --- a/kubernetes/dcaegen2-services/values.yaml +++ b/kubernetes/dcaegen2-services/values.yaml @@ -27,3 +27,5 @@ dcae-ves-collector: enabled: true dcae-slice-analysis-ms: enabled: false +dcae-son-handler: + enabled: false |