diff options
11 files changed, 280 insertions, 56 deletions
diff --git a/kubernetes/aaf/charts/aaf-sms/resources/config/has.json b/kubernetes/aaf/charts/aaf-sms/resources/config/has.json new file mode 100644 index 0000000000..9d017f99ed --- /dev/null +++ b/kubernetes/aaf/charts/aaf-sms/resources/config/has.json @@ -0,0 +1,36 @@ +{ + "domain": { + "name": "has", + "secrets": [ + { + "name": "aai", + "values": { + "username": "OOF", + "password": "OOF" + } + }, + { + "name": "conductor_api", + "values": { + "username": "admin1", + "password": "plan.15" + } + }, + { + "name": "sdnc", + "values": { + "username": "admin", + "password": "Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U" + } + }, + { + "name": "music_api", + "values": { + "aafuser": "conductor", + "aafpass": "c0nduct0r", + "aafns": "conductor" + } + } + ] + } +} diff --git a/kubernetes/aaf/charts/aaf-sms/resources/config/osdf.json b/kubernetes/aaf/charts/aaf-sms/resources/config/osdf.json new file mode 100644 index 0000000000..0950957b11 --- /dev/null +++ b/kubernetes/aaf/charts/aaf-sms/resources/config/osdf.json @@ -0,0 +1,98 @@ +{ + "domain": { + "name": "osdf", + "secrets": [ + { + "name": "so", + "values": { + "UserName": "", + "Password": "" + } + }, + { + "name": "conductor", + "values": { + "UserName": "admin1", + "Password": "plan.15" + } + }, + { + "name": "policyPlatform", + "values": { + "UserName": "testpdp", + "Password": "alpha123" + } + }, + { + "name": "policyClient", + "values": { + "UserName": "python", + "Password": "test" + } + }, + { + "name": "dmaap", + "values": { + "UserName": "NA", + "Password": "NA" + } + }, + { + "name": "sdc", + "values": { + "UserName": "NA", + "Password": "NA" + } + }, + { + "name": "osdfPlacement", + "values": { + "UserName": "test", + "Password": "testpwd" + } + }, + { + "name": "osdfPlacementSO", + "values": { + "UserName": "so_test", + "Password": "so_testpwd" + } + }, + { + "name": "osdfPlacementVFC", + "values": { + "UserName": "vfc_test", + "Password": "vfc_testpwd" + } + }, + { + "name": "osdfCMScheduler", + "values": { + "UserName": "test1", + "Password": "testpwd1" + } + }, + { + "name": "configDb", + "values": { + "UserName": "osdf", + "Password": "passwd" + } + }, + { + "name": "pciHMS", + "values": { + "UserName": "", + "Password": "" + } + }, + { + "name": "osdfPCIOpt", + "values": { + "UserName": "pci_test", + "Password": "pci_testpwd" + } + } + ] + } +}
\ No newline at end of file diff --git a/kubernetes/aaf/charts/aaf-sms/templates/configmap.yaml b/kubernetes/aaf/charts/aaf-sms/templates/configmap.yaml index 72ce6fbadb..b513d992ef 100644 --- a/kubernetes/aaf/charts/aaf-sms/templates/configmap.yaml +++ b/kubernetes/aaf/charts/aaf-sms/templates/configmap.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright 2018 Intel Corporation, Inc # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -11,6 +12,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} apiVersion: v1 kind: ConfigMap @@ -25,3 +27,16 @@ metadata: data: smsconfig.json: | {{ .Values.config | toJson }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-preload + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }}-preload + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} diff --git a/kubernetes/aaf/charts/aaf-sms/templates/job.yaml b/kubernetes/aaf/charts/aaf-sms/templates/job.yaml new file mode 100644 index 0000000000..2cee8d5e90 --- /dev/null +++ b/kubernetes/aaf/charts/aaf-sms/templates/job.yaml @@ -0,0 +1,92 @@ +{{/* +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ include "common.fullname" . }}-preload + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness + command: + - /root/ready.py + args: + - --container-name + - "aaf-sms" + - --container-name + - "aaf-sms-quorumclient" + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + containers: + - image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.pullPolicy }} + name: {{ include "common.name" . }}-preload + command: + - "/sms/bin/preload" + - "-cacert" + - "/sms/certs/aaf_root_ca.cer" + - "-jsondir" + - "/preload/config" + - "-serviceport" + - "{{ .Values.service.internalPort }}" + - "-serviceurl" + - "https://aaf-sms.{{ include "common.namespace" . }}" + workingDir: /sms + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /preload/config + name: {{ include "common.name" . }}-preload + resources: +{{ include "common.resources" . | indent 10 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name : {{ include "common.name" . }}-preload + configMap: + name: {{ include "common.fullname" . }}-preload + restartPolicy: OnFailure + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.p12 b/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.p12 Binary files differnew file mode 100644 index 0000000000..df2f4f6cd3 --- /dev/null +++ b/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.p12 diff --git a/kubernetes/portal/values.yaml b/kubernetes/portal/values.yaml index 719116b7dd..14d35098a6 100644 --- a/kubernetes/portal/values.yaml +++ b/kubernetes/portal/values.yaml @@ -20,9 +20,9 @@ global: portalPort: "8989" # application's front end hostname. Must be resolvable on the client side environment portalHostName: "portal.api.simpledemo.onap.org" - keystoreFile: "keystoreONAPPortal.jks" + keystoreFile: "keystoreONAPPortal.p12" truststoreFile: "truststoreONAPall.jks" - keypass: "changeit" + keypass: ",@{9!OOv%HO@#c+0Z}axu!xV" trustpass: "changeit" config: diff --git a/kubernetes/robot/resources/config/eteshare/config/integration_robot_properties.py b/kubernetes/robot/resources/config/eteshare/config/integration_robot_properties.py index ad09e444d8..f459e9d1b7 100644 --- a/kubernetes/robot/resources/config/eteshare/config/integration_robot_properties.py +++ b/kubernetes/robot/resources/config/eteshare/config/integration_robot_properties.py @@ -37,8 +37,8 @@ GLOBAL_ASDC_BE_ONBOARD_PORT = "8081" GLOBAL_ASDC_BE_USERNAME = "beep" GLOBAL_ASDC_BE_PASSWORD = "boop" # clamp info - everything is from the private oam network (also called onap private network) -GLOBAL_CLAMP_SERVER_PROTOCOL = "http" -GLOBAL_CLAMP_SERVER_PORT = "8080" +GLOBAL_CLAMP_SERVER_PROTOCOL = "https" +GLOBAL_CLAMP_SERVER_PORT = "8443" # nbi info - everything is from the private oam network (also called onap private network) GLOBAL_NBI_SERVER_PROTOCOL = "http" GLOBAL_NBI_SERVER_PORT = "8080" @@ -147,4 +147,3 @@ GLOBAL_PROXY_WARNING_CONTINUE_XPATH="" GLOBAL_DNS_TRAFFIC_DURATION = "600" # location where heat templates are loaded from GLOBAL_HEAT_TEMPLATES_FOLDER = "/var/opt/OpenECOMP_ETE/demo/heat" - diff --git a/kubernetes/so/charts/so-catalog-db-adapter/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-catalog-db-adapter/resources/config/overrides/override.yaml index 601cd49eae..bdf82b6fbd 100755 --- a/kubernetes/so/charts/so-catalog-db-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/charts/so-catalog-db-adapter/resources/config/overrides/override.yaml @@ -26,26 +26,6 @@ mso: db: auth: Basic YnBlbDpwYXNzd29yZDEk spring: - datasource: - url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/catalogdb - username: ${DB_USERNAME} - password: ${DB_PASSWORD} - driver-class-name: org.mariadb.jdbc.Driver - initialize: false - initialization-mode: never - dbcp2: - initial-size: 5 - max-total: 20 - validation-query: select 1 - test-on-borrow: true - jpa: - generate-ddl: false - show-sql: false - hibernate: - ddl-auto: validate - naming-strategy: org.hibernate.cfg.ImprovedNamingStrategy - enable-lazy-load-no-trans: true - database-platform: org.hibernate.dialect.MySQL5InnoDBDialect security: usercredentials: - @@ -59,8 +39,3 @@ spring: #Actuator management: context-path: /manage -flyway: - baseline-on-migrate: true - url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/catalogdb - username: ${DB_USERNAME} - password: ${DB_PASSWORD} diff --git a/kubernetes/so/charts/so-monitoring/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-monitoring/resources/config/overrides/override.yaml new file mode 100644 index 0000000000..c7e958c5a9 --- /dev/null +++ b/kubernetes/so/charts/so-monitoring/resources/config/overrides/override.yaml @@ -0,0 +1,17 @@ +server: + port: 8088 + tomcat: + max-threads: 50 +ssl-enable: false +camunda: + rest: + api: + url: http://bpmn-infra.{{ include "common.namespace" . }}:8081/engine-rest/engine/ + engine: default + auth: Basic YWRtaW46S3A4Yko0U1hzek0wV1hsaGFrM2VIbGNzZTJnQXc4NHZhb0dHbUp2VXkyVQ== +mso: + database: + rest: + api: + url: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083/infraActiveRequests/ + auth: Basic YnBlbDpwYXNzd29yZDEk diff --git a/kubernetes/so/charts/so-monitoring/templates/configmap.yaml b/kubernetes/so/charts/so-monitoring/templates/configmap.yaml index f7860108d8..489d5f48fc 100644 --- a/kubernetes/so/charts/so-monitoring/templates/configmap.yaml +++ b/kubernetes/so/charts/so-monitoring/templates/configmap.yaml @@ -24,3 +24,21 @@ kind: ConfigMap metadata: name: {{ include "common.fullname" . }}-configmap namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-app-configmap + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/overrides/*").AsConfig . | indent 2 }} diff --git a/kubernetes/so/charts/so-monitoring/templates/deployment.yaml b/kubernetes/so/charts/so-monitoring/templates/deployment.yaml index 79d466227d..e11e404e8d 100644 --- a/kubernetes/so/charts/so-monitoring/templates/deployment.yaml +++ b/kubernetes/so/charts/so-monitoring/templates/deployment.yaml @@ -84,26 +84,6 @@ spec: secretKeyRef: name: {{ .Release.Name}}-so-db-secrets key: mariadb.admin.password - - name: CADI_KEYSTORE_PASSWORD - valueFrom: - secretKeyRef: - name: {{ .Release.Name}}-so-ssl-pwd-secret - key: cadi_keystore_password - - name: CADI_TRUSTSTORE_PASSWORD - valueFrom: - secretKeyRef: - name: {{ .Release.Name}}-so-ssl-pwd-secret - key: cadi_truststore_password - - name: MSO_KEYSTORE_PASSWORD - valueFrom: - secretKeyRef: - name: {{ .Release.Name}}-so-ssl-client-secret - key: keystore_password - - name: MSO_TRUSTSTORE_PASSWORD - valueFrom: - secretKeyRef: - name: {{ .Release.Name}}-so-ssl-client-secret - key: truststore_password envFrom: - configMapRef: name: {{ include "common.fullname" . }}-configmap @@ -111,9 +91,6 @@ spec: volumeMounts: - name: logs mountPath: /app/logs - - name: certs - mountPath: /app/certs/ - readOnly: true - name: config mountPath: /app/config readOnly: true @@ -137,9 +114,6 @@ spec: volumes: - name: logs emptyDir: {} - - name: certs - secret: - secretName: {{ .Release.Name}}-so-ssl-secret - name: config configMap: name: {{ include "common.fullname" . }}-app-configmap |