diff options
8 files changed, 77 insertions, 20 deletions
diff --git a/kubernetes/common/mariadb-galera/values.yaml b/kubernetes/common/mariadb-galera/values.yaml index afd6c547ea..8a46098a21 100644 --- a/kubernetes/common/mariadb-galera/values.yaml +++ b/kubernetes/common/mariadb-galera/values.yaml @@ -150,11 +150,11 @@ externalConfig: "" resources: small: limits: - cpu: 2 - memory: 4Gi + cpu: 500m + memory: 1.5Gi requests: - cpu: 1 - memory: 2Gi + cpu: 100m + memory: 750Mi large: limits: cpu: 2 diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-ves-inputs-tls.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-ves-inputs-tls.yaml index 4ff23b7b2d..a804e785b2 100644 --- a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-ves-inputs-tls.yaml +++ b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-ves-inputs-tls.yaml @@ -21,8 +21,9 @@ tag_version: {{ include "common.repository" . }}/{{ .Values.componentImages.ves external_port: 0 external_port_tls: {{ .Values.config.address.ves.portSecure }} auth_method: "certBasicAuth" -component_name: "dcae-ves-collector" -dns_component_name: "dcae-ves-collector" +service_component_type: "dcae-ves-collector" +service_id: "dcae-ves-collector" +service_component_name_override: "dcae-ves-collector" enable_tls: true ves_other_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.SEC_OTHER_OUTPUT/" ves_heartbeat_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.SEC_HEARTBEAT_OUTPUT/" diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-ves-inputs.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-ves-inputs.yaml index 0cbe71a224..84194cf311 100644 --- a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-ves-inputs.yaml +++ b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-ves-inputs.yaml @@ -23,8 +23,9 @@ tag_version: {{ include "common.repository" . }}/{{ .Values.componentImages.ves external_port_tls: 0 external_port: {{ .Values.config.address.ves.port }} auth_method: "noAuth" -component_name: "dcae-ves-collector-http" -dns_component_name: "dcae-ves-collector-http" +service_component_type: "dcae-ves-collector-http" +service_id: "dcae-ves-collector-http" +service_component_name_override: "dcae-ves-collector-http" ves_other_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.SEC_OTHER_OUTPUT/" ves_heartbeat_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.SEC_HEARTBEAT_OUTPUT/" ves_fault_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.SEC_FAULT_OUTPUT/" @@ -34,4 +35,4 @@ ves_notification_publish_url: "http://{{ .Values.config.address.message_router } ves_3gpp_fault_supervision_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.SEC_3GPP_FAULTSUPERVISION_OUTPUT/" ves_3gpp_provisioning_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.SEC_3GPP_PROVISIONING_OUTPUT/" ves_3gpp_hearbeat_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.SEC_3GPP_HEARTBEAT_OUTPUT/" -ves_3gpp_performance_assurance_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.SEC_3GPP_PERFORMANCEASSURANCE_OUTPUT/"
\ No newline at end of file +ves_3gpp_performance_assurance_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.SEC_3GPP_PERFORMANCEASSURANCE_OUTPUT/" diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml index f35a6863d4..9342d32572 100644 --- a/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml +++ b/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml @@ -108,16 +108,16 @@ mongo: # application image repository: nexus3.onap.org:10001 -image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:2.1.6 +image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:2.1.7 default_k8s_location: central # DCAE component images to be deployed via Cloudify Manager # Use to override default setting in blueprints componentImages: - holmes_rules: onap/holmes/rule-management:1.2.7 - holmes_engine: onap/holmes/engine-management:1.2.6 - tcagen2: onap/org.onap.dcaegen2.analytics.tca-gen2.dcae-analytics-tca-web:1.2.0 - ves: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.7.6 + holmes_rules: onap/holmes/rule-management:1.2.8 + holmes_engine: onap/holmes/engine-management:1.2.8 + tcagen2: onap/org.onap.dcaegen2.analytics.tca-gen2.dcae-analytics-tca-web:1.2.1 + ves: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.7.8 snmptrap: onap/org.onap.dcaegen2.collectors.snmptrap:1.4.0 prh: onap/org.onap.dcaegen2.services.prh.prh-app-server:1.5.4 hv_ves: onap/org.onap.dcaegen2.collectors.hv-ves.hv-collector-main:1.5.0 diff --git a/kubernetes/so/components/so-etsi-nfvo-ns-lcm/resources/config/overrides/override.yaml b/kubernetes/so/components/so-etsi-nfvo-ns-lcm/resources/config/overrides/override.yaml index 64fd243a27..52f8276844 100644 --- a/kubernetes/so/components/so-etsi-nfvo-ns-lcm/resources/config/overrides/override.yaml +++ b/kubernetes/so/components/so-etsi-nfvo-ns-lcm/resources/config/overrides/override.yaml @@ -17,6 +17,22 @@ aai: version: v19 endpoint: https://aai.{{ include "common.namespace" . }}:8443 spring: + datasource: + hikari: + camunda: + jdbcUrl: jdbc:mariadb://${DB_HOST}:${DB_PORT}/camundabpmn + username: ${DB_USERNAME} + password: ${DB_PASSWORD} + driver-class-name: org.mariadb.jdbc.Driver + pool-name: bpmn-pool + registerMbeans: true + nfvo: + jdbcUrl: jdbc:mariadb://${DB_HOST}:${DB_PORT}/nfvo + username: ${DB_ADMIN_USERNAME} + password: ${DB_ADMIN_PASSWORD} + driver-class-name: org.mariadb.jdbc.Driver + pool-name: nfvo-pool + registerMbeans: true security: usercredentials: - username: ${ETSI_NFVO_USERNAME} diff --git a/kubernetes/so/components/so-etsi-nfvo-ns-lcm/templates/deployment.yaml b/kubernetes/so/components/so-etsi-nfvo-ns-lcm/templates/deployment.yaml index fbba76f13f..45668eda98 100644 --- a/kubernetes/so/components/so-etsi-nfvo-ns-lcm/templates/deployment.yaml +++ b/kubernetes/so/components/so-etsi-nfvo-ns-lcm/templates/deployment.yaml @@ -51,6 +51,24 @@ spec: {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "etsi-nfvo-nslcm-creds" "key" "login") | indent 14 }} - name: ETSI_NFVO_PASSWORD_INPUT {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "etsi-nfvo-nslcm-creds" "key" "password") | indent 14 }} + - name: DB_HOST + valueFrom: + secretKeyRef: + name: {{ include "common.release" . }}-so-db-secrets + key: mariadb.readwrite.host + - name: DB_PORT + valueFrom: + secretKeyRef: + name: {{ include "common.release" . }}-so-db-secrets + key: mariadb.readwrite.port + - name: DB_USERNAME + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-user-creds" "key" "login") | indent 14 }} + - name: DB_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-user-creds" "key" "password") | indent 14 }} + - name: DB_ADMIN_USERNAME + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-admin-creds" "key" "login") | indent 14 }} + - name: DB_ADMIN_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-admin-creds" "key" "password") | indent 14 }} {{ include "so.certificates.env" . | indent 12 | trim }} envFrom: - configMapRef: diff --git a/kubernetes/so/components/so-etsi-nfvo-ns-lcm/values.yaml b/kubernetes/so/components/so-etsi-nfvo-ns-lcm/values.yaml index 79a8276df4..6af61820db 100644 --- a/kubernetes/so/components/so-etsi-nfvo-ns-lcm/values.yaml +++ b/kubernetes/so/components/so-etsi-nfvo-ns-lcm/values.yaml @@ -40,6 +40,18 @@ secrets: externalSecret: '{{ tpl (default "" .Values.etsi.nfvo.nslcm.credsExternalSecret) . }}' login: '{{ .Values.etsi.nfvo.nslcm.username }}' password: '{{ .Values.etsi.nfvo.nslcm.password }}' + - uid: db-user-creds + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.db.userCredsExternalSecret) . }}' + login: '{{ .Values.db.userName }}' + password: '{{ .Values.db.userPassword }}' + passwordPolicy: required + - uid: db-admin-creds + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.db.adminCredsExternalSecret) . }}' + login: '{{ .Values.db.adminName }}' + password: '{{ .Values.db.adminPassword }}' + passwordPolicy: required ################################################################# # Application configuration defaults. @@ -50,6 +62,13 @@ pullPolicy: Always aai: auth: 2A11B07DB6214A839394AA1EC5844695F5114FC407FF5422625FB00175A3DCB8A1FF745F22867EFA72D5369D599BBD88DA8BED4233CF5586 +db: + userName: so_user + userPassword: so_User123 + # userCredsExternalSecret: some secret + adminName: so_admin + adminPassword: so_Admin123 + # adminCredsExternalSecret: some secret etsi: nfvo: nslcm: diff --git a/kubernetes/so/values.yaml b/kubernetes/so/values.yaml index 0d3b3927ec..0a9dbf4f4e 100755 --- a/kubernetes/so/values.yaml +++ b/kubernetes/so/values.yaml @@ -26,7 +26,7 @@ global: mariadbGalera: nameOverride: mariadb-galera serviceName: mariadb-galera - servicePort: "3306" + servicePort: '3306' # mariadbRootPassword: secretpassword # rootPasswordExternalSecret: some secret #This flag allows SO to instantiate its own mariadb-galera cluster, @@ -87,7 +87,7 @@ secrets: passwordPolicy: required annotations: helm.sh/hook: pre-upgrade,pre-install - helm.sh/hook-weight: "0" + helm.sh/hook-weight: '0' helm.sh/hook-delete-policy: before-hook-creation - uid: db-user-creds name: &dbUserCredsSecretName '{{ include "common.release" . }}-so-db-user-creds' @@ -103,7 +103,7 @@ secrets: login: '{{ .Values.dbCreds.adminName }}' password: '{{ .Values.dbCreds.adminPassword }}' passwordPolicy: generate - - uid: "so-onap-certs" + - uid: 'so-onap-certs' name: &so-certs '{{ include "common.release" . }}-so-certs' externalSecret: '{{ tpl (default "" .Values.certSecret) . }}' type: generic @@ -219,11 +219,11 @@ mariadb-galera: ingress: enabled: false service: - - baseaddr: "so.api" - name: "so" + - baseaddr: 'so.api' + name: 'so' port: 8080 config: - ssl: "none" + ssl: 'none' mso: adapters: @@ -261,6 +261,8 @@ so-catalog-db-adapter: so-etsi-nfvo-ns-lcm: enabled: true + db: + <<: *dbSecrets so-monitoring: enabled: true |