diff options
199 files changed, 3632 insertions, 2568 deletions
diff --git a/TOSCA/cloudify-environment-setup/scripts/manager/tasks.py b/TOSCA/cloudify-environment-setup/scripts/manager/tasks.py index e929d55098..6fd2aa5537 100644 --- a/TOSCA/cloudify-environment-setup/scripts/manager/tasks.py +++ b/TOSCA/cloudify-environment-setup/scripts/manager/tasks.py @@ -162,7 +162,7 @@ def create(private_ip, if not ctx.instance.runtime_properties.get('plugins_uploaded'): try: run( - "cfy plugins upload https://nexus.onap.org/content/sites/raw/org.onap.ccsdk.platform.plugins/plugins/helm-3.0.0-py27-none-linux_x86_64.wgn -y https://nexus.onap.org/content/sites/raw/org.onap.ccsdk.platform.plugins/type_files/helm/1.1.0/helm-type.yaml") + "cfy plugins upload https://nexus.onap.org/content/sites/raw/org.onap.ccsdk.platform.plugins/plugins/helm-3.0.0-py27-none-linux_x86_64.wgn -y https://nexus.onap.org/content/sites/raw/org.onap.ccsdk.platform.plugins/type_files/helm/3.0.0/helm-type.yaml") except Exception as e: raise NonRecoverableError(str(e)) ctx.instance.runtime_properties['plugins_uploaded'] = plugins_upload() diff --git a/kubernetes/aaf/.helmignore b/kubernetes/aaf/.helmignore index daebc7da77..542b3390d8 100644 --- a/kubernetes/aaf/.helmignore +++ b/kubernetes/aaf/.helmignore @@ -18,4 +18,4 @@ # Various IDEs
.project
.idea/
-*.tmproj
+*.tmproj
\ No newline at end of file diff --git a/kubernetes/aaf/charts/aaf-cm/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-cm/templates/deployment.yaml index 11b0811af3..39544258fd 100644 --- a/kubernetes/aaf/charts/aaf-cm/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-cm/templates/deployment.yaml @@ -31,11 +31,12 @@ spec: release: {{ .Release.Name }} spec: initContainers: - - command: + - name: {{ include "common.name" . }}-job-complete + command: - /root/job_complete.py args: - - -j - - {{ .Release.Name }}-aaf-create-config + - --job-name + - {{ .Release.Name }}-create-config env: - name: NAMESPACE valueFrom: @@ -44,13 +45,11 @@ spec: fieldPath: metadata.namespace image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-job-complete - - command: + - name: {{ include "common.name" . }}-readiness + command: - /root/ready.py args: - --container-name - - aaf-cs - - --container-name - aaf-locate env: - name: NAMESPACE @@ -60,23 +59,17 @@ spec: fieldPath: metadata.namespace image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness containers: - - env: - - name: CASSANDRA_CLUSTER - value: cassandra_container - name: {{ include "common.name" . }} + - name: {{ include "common.name" . }} + command: ["/bin/bash","/opt/app/aaf/bin/cm"] image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/cm/bin/cm"] volumeMounts: - - mountPath: /opt/app/osaaf - name: aaf-persistent-vol + - mountPath: "/opt/app/osaaf" + name: shared-config-volume - mountPath: /etc/localtime name: localtime readOnly: true - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container {{- if eq .Values.liveness.enabled true }} livenessProbe: tcpSocket: @@ -103,12 +96,12 @@ spec: - name: localtime hostPath: path: /etc/localtime - - name: aaf-persistent-vol + - name: shared-config-volume {{- if .Values.global.persistence.enabled }} persistentVolumeClaim: - claimName: {{ .Release.Name }}-aaf-pvc + claimName: {{ .Release.Name }}-config {{- else }} emptyDir: {} {{- end }} imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" + - name: "{{ include "common.namespace" . }}-docker-registry-key"
\ No newline at end of file diff --git a/kubernetes/aaf/charts/aaf-cm/values.yaml b/kubernetes/aaf/charts/aaf-cm/values.yaml index 1cd5cb4a26..9ddb366064 100644 --- a/kubernetes/aaf/charts/aaf-cm/values.yaml +++ b/kubernetes/aaf/charts/aaf-cm/values.yaml @@ -19,7 +19,7 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s readinessImage: readiness-check:2.0.0 - +flavor: small ################################################################# # Application configuration defaults. ################################################################# @@ -28,11 +28,6 @@ repository: nexus3.onap.org:10001 image: onap/aaf/aaf_cm:2.1.2-SNAPSHOT pullPolicy: Always -# flag to enable debugging - application support required -debugEnabled: false - -# application configuration -config: {} # default number of instances replicaCount: 1 @@ -43,14 +38,14 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 10 + initialDelaySeconds: 300 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: - initialDelaySeconds: 10 + initialDelaySeconds: 30 periodSeconds: 10 service: @@ -65,21 +60,20 @@ service: ingress: enabled: false -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # - # Example: - # Configure resource requests and limits - # ref: http://kubernetes.io/docs/user-guide/compute-resources/ - # Minimum memory for development is 2 CPU cores and 4GB memory - # Minimum memory for production is 4 CPU cores and 8GB memory -#resources: -# limits: -# cpu: 2 -# memory: 4Gi -# requests: -# cpu: 2 -# memory: 4Gi +# Configure resource requests and limits +resources: + small: + limits: + cpu: 200m + memory: 800Mi + requests: + cpu: 20m + memory: 500Mi + large: + limits: + cpu: 400m + memory: 1Gi + requests: + cpu: 40m + memory: 600Mi + unlimited: {}
\ No newline at end of file diff --git a/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/init.cql b/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/init.cql deleted file mode 100644 index c4f77d80c9..0000000000 --- a/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/init.cql +++ /dev/null @@ -1,279 +0,0 @@ -/* # Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. */ - -// Table Initialization -// First make sure the keyspace exists. - -USE authz; - -// -// CORE Table function -// - -// Namespace - establish hierarchical authority to modify -// Permissions and Roles -// "scope" is flag to determine Policy. Typical important scope -// is "company" (1) -CREATE TABLE ns ( - name varchar, - scope int, // deprecated 2.0.11 - description varchar, - parent varchar, - type int, - PRIMARY KEY (name) -); -CREATE INDEX ns_parent on ns(parent); - -CREATE TABLE ns_attrib ( - ns varchar, - key varchar, - value varchar, - PRIMARY KEY (ns,key) -); -create index ns_attrib_key on ns_attrib(key); - -// Will be cached -CREATE TABLE role ( - ns varchar, - name varchar, - perms set<varchar>, // Use "Key" of "name|type|action" - description varchar, - PRIMARY KEY (ns,name) -); -CREATE INDEX role_name ON role(name); - -// Will be cached -CREATE TABLE perm ( - ns varchar, - type varchar, - instance varchar, - action varchar, - roles set<varchar>, // Need to find Roles given Permissions - description varchar, - PRIMARY KEY (ns,type,instance,action) -); - -// This table is user for Authorization -CREATE TABLE user_role ( - user varchar, - role varchar, // deprecated: change to ns/rname after 2.0.11 - ns varchar, - rname varchar, - expires timestamp, - PRIMARY KEY(user,role) - ); -CREATE INDEX user_role_ns ON user_role(ns); -CREATE INDEX user_role_role ON user_role(role); - -// This table is only for the case where return User Credential (MechID) Authentication -CREATE TABLE cred ( - id varchar, - type int, - expires timestamp, - ns varchar, - other int, - notes varchar, - cred blob, - prev blob, - PRIMARY KEY (id,type,expires) - ); -CREATE INDEX cred_ns ON cred(ns); - -// Certificate Cross Table -// coordinated with CRED type 2 -CREATE TABLE cert ( - fingerprint blob, - id varchar, - x500 varchar, - expires timestamp, - PRIMARY KEY (fingerprint) - ); -CREATE INDEX cert_id ON cert(id); -CREATE INDEX cert_x500 ON cert(x500); - -CREATE TABLE notify ( - user text, - type int, - last timestamp, - checksum int, - PRIMARY KEY (user,type) -); - -CREATE TABLE x509 ( - ca text, - serial blob, - id text, - x500 text, - x509 text, - PRIMARY KEY (ca,serial) -); - - -CREATE INDEX x509_id ON x509 (id); -CREATE INDEX x509_x500 ON x509 (x500); - -// -// Deployment Artifact (for Certman) -// -CREATE TABLE artifact ( - mechid text, - machine text, - type Set<text>, - sponsor text, - ca text, - dir text, - os_user text, - ns text, - notify text, - expires timestamp, - renewDays int, - sans Set<text>, - PRIMARY KEY (mechid,machine) -); -CREATE INDEX artifact_machine ON artifact(machine); -CREATE INDEX artifact_ns ON artifact(ns); - -// -// Non-Critical Table functions -// -// Table Info - for Caching -CREATE TABLE cache ( - name varchar, - seg int, // cache Segment - touched timestamp, - PRIMARY KEY(name,seg) -); - -CREATE TABLE history ( - id timeuuid, - yr_mon int, - user varchar, - action varchar, - target varchar, // user, user_role, - subject varchar, // field for searching main portion of target key - memo varchar, //description of the action - reconstruct blob, //serialized form of the target - // detail Map<varchar, varchar>, // additional information - PRIMARY KEY (id) -); -CREATE INDEX history_yr_mon ON history(yr_mon); -CREATE INDEX history_user ON history(user); -CREATE INDEX history_subject ON history(subject); - -// -// A place to hold objects to be created at a future time. -// -CREATE TABLE future ( - id uuid, // uniquify - target varchar, // Target Table - memo varchar, // Description - start timestamp, // When it should take effect - expires timestamp, // When not longer valid - construct blob, // How to construct this object (like History) - PRIMARY KEY(id) -); -CREATE INDEX future_idx ON future(target); -CREATE INDEX future_start_idx ON future(start); - - -CREATE TABLE approval ( - id timeuuid, // unique Key - ticket uuid, // Link to Future Record - user varchar, // the user who needs to be approved - approver varchar, // user approving - type varchar, // approver types i.e. Supervisor, Owner - status varchar, // approval status. pending, approved, denied - memo varchar, // Text for Approval to know what's going on - operation varchar, // List operation to perform - last_notified timestamp, // Timestamp for the last time approver was notified - PRIMARY KEY(id) - ); -CREATE INDEX appr_approver_idx ON approval(approver); -CREATE INDEX appr_user_idx ON approval(user); -CREATE INDEX appr_ticket_idx ON approval(ticket); -CREATE INDEX appr_status_idx ON approval(status); - -CREATE TABLE approved ( - id timeuuid, // unique Key - user varchar, // the user who needs to be approved - approver varchar, // user approving - type varchar, // approver types i.e. Supervisor, Owner - status varchar, // approval status. pending, approved, denied - memo varchar, // Text for Approval to know what's going on - operation varchar, // List operation to perform - PRIMARY KEY(id) - ); -CREATE INDEX approved_approver_idx ON approved(approver); -CREATE INDEX approved_user_idx ON approved(user); - -CREATE TABLE delegate ( - user varchar, - delegate varchar, - expires timestamp, - PRIMARY KEY (user) -); -CREATE INDEX delg_delg_idx ON delegate(delegate); - -// OAuth Tokens -CREATE TABLE oauth_token ( - id text, // Reference - client_id text, // Creating Client ID - user text, // User requesting - active boolean, // Active or not - type int, // Type of Token - refresh text, // Refresh Token - expires timestamp, // Expiration time/Date (signed long) - exp_sec bigint, // Seconds from Jan 1, 1970 - content text, // Content of Token - scopes Set<text>, // Scopes - state text, // Context string (Optional) - req_ip text, // Requesting IP (for logging purpose) - PRIMARY KEY(id) -) with default_time_to_live = 21600; // 6 hours -CREATE INDEX oauth_token_user_idx ON oauth_token(user); - -CREATE TABLE locate ( - name text, // Component/Server name - hostname text, // FQDN of Service/Component - port int, // Port of Service - major int, // Version, Major - minor int, // Version, Minor - patch int, // Version, Patch - pkg int, // Version, Package (if available) - latitude float, // Latitude - longitude float, // Longitude - protocol text, // Protocol (i.e. http https) - subprotocol set<text>, // Accepted SubProtocols, ie. TLS1.1 for https - port_key uuid, // Key into locate_ports - PRIMARY KEY(name,hostname,port) -) with default_time_to_live = 1200; // 20 mins - -CREATE TABLE locate_ports ( - id uuid, // Id into locate - port int, // SubPort - name text, // Name of Other Port - protocol text, // Protocol of Other (i.e. JMX, DEBUG) - subprotocol set<text>, // Accepted sub protocols or versions - PRIMARY KEY(id, port) -) with default_time_to_live = 1200; // 20 mins; - -// -// Used by authz-batch processes to ensure only 1 runs at a time -// -CREATE TABLE run_lock ( - class text, - host text, - start timestamp, - PRIMARY KEY ((class)) -); diff --git a/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/keyspace.cql b/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/keyspace.cql deleted file mode 100644 index 2951b2a197..0000000000 --- a/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/keyspace.cql +++ /dev/null @@ -1,25 +0,0 @@ -/* # Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. */ - -// For Developer Machine single instance -// CREATE KEYSPACE authz -// WITH REPLICATION = {'class' : 'SimpleStrategy','replication_factor':1}; -// -// - -// Example of Network Topology, with Datacenter dc1 & dc2 -// CREATE KEYSPACE authz WITH replication = { 'class': 'NetworkTopologyStrategy', 'dc1': '2', 'dc2': '2' }; -// Out of the box Docker Cassandra comes with "datacenter1", one instance -CREATE KEYSPACE authz WITH replication = { 'class': 'NetworkTopologyStrategy', 'datacenter1': '1' }; -// diff --git a/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/osaaf.cql b/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/osaaf.cql deleted file mode 100644 index 89da60f9db..0000000000 --- a/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/osaaf.cql +++ /dev/null @@ -1,136 +0,0 @@ -/* # Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. */ - -USE authz; - -// Create 'org' root NS -INSERT INTO ns (name,description,parent,scope,type) - VALUES('org','Root Namespace','.',1,1); - -INSERT INTO role(ns, name, perms, description) - VALUES('org','admin',{'org.access|*|*'},'Org Admins'); - -INSERT INTO role(ns, name, perms, description) - VALUES('org','owner',{'org.access|*|read,approve'},'Org Owners'); - -INSERT INTO perm(ns, type, instance, action, roles, description) - VALUES ('org','access','*','read,approve',{'org.owner'},'Org Read Access'); - -INSERT INTO perm(ns, type, instance, action, roles, description) - VALUES ('org','access','*','*',{'org.admin'},'Org Write Access'); - -// Create Root pass -INSERT INTO cred (id,ns,type,cred,expires) - VALUES ('initial@osaaf.org','org.osaaf',1,0x008c5926ca861023c1d2a36653fd88e2,'2099-12-31') using TTL 14400; - -INSERT INTO user_role(user,role,expires,ns,rname) - VALUES ('initial@osaaf.org','org.admin','2099-12-31','org','admin') using TTL 14400; - - -// Create org.osaaf -INSERT INTO ns (name,description,parent,scope,type) - VALUES('org.osaaf','OSAAF Namespace','org',2,2); - -INSERT INTO role(ns, name, perms,description) - VALUES('org.osaaf','admin',{'org.osaaf.access|*|*'},'OSAAF Admins'); - -INSERT INTO perm(ns, type, instance, action, roles,description) - VALUES ('org.osaaf','access','*','*',{'org.osaaf.admin'},'OSAAF Write Access'); - -INSERT INTO role(ns, name, perms,description) - VALUES('org.osaaf','owner',{'org.osaaf.access|*|read,approve'},'OSAAF Owners'); - -INSERT INTO perm(ns, type, instance, action, roles,description) - VALUES ('org.osaaf','access','*','read,appove',{'org.osaaf.owner'},'OSAAF Read Access'); - -// Create org.osaaf.aaf -INSERT INTO ns (name,description,parent,scope,type) - VALUES('org.osaaf.aaf','Application Authorization Framework','org.osaaf',3,3); - -INSERT INTO role(ns, name, perms, description) - VALUES('org.osaaf.aaf','admin',{'org.osaaf.aaf.access|*|*'},'AAF Admins'); - -INSERT INTO perm(ns, type, instance, action, roles, description) - VALUES ('org.osaaf.aaf','access','*','*',{'org.osaaf.aaf.admin'},'AAF Write Access'); - -INSERT INTO perm(ns, type, instance, action, roles, description) - VALUES ('org.osaaf.aaf','access','*','read,approve',{'org.osaaf.aaf.owner'},'AAF Read Access'); - -INSERT INTO role(ns, name, perms, description) - VALUES('org.osaaf.aaf','owner',{'org.osaaf.aaf.access|*|read,approve'},'AAF Owners'); - -INSERT INTO user_role(user,role,expires,ns,rname) - VALUES ('initial@osaaf.org','org.osaaf.aaf.admin','2099-12-31','org.osaaf.aaf','admin') using TTL 14400; - - -// ONAP Specific Entities -// ONAP initial env Namespace -INSERT INTO ns (name,description,parent,scope,type) - VALUES('org.onap','ONAP','org',2,2); - -INSERT INTO ns (name,description,parent,scope,type) - VALUES('org.onap.portal','ONAP Portal','org.onap.portal',3,3); - -INSERT INTO perm(ns, type, instance, action, roles, description) - VALUES ('org.onap.portal','access','*','read',{ - 'org.onap.portal.owner','org.onap.portal.designer','org.onap.portal.tester','org.onap.portal.ops','org.onap.portal.governor' - },'Portal Read Access'); - -INSERT INTO role(ns, name, perms, description) - VALUES('org.onap.portal','owner',{'org.onap.portal.access|*|read'},'Portal Owner'); - -INSERT INTO perm(ns, type, instance, action, roles, description) - VALUES ('org.onap.portal','access','*','*',{'org.onap.portal.admin'},'Portal Write Access'); - -INSERT INTO role(ns, name, perms, description) - VALUES('org.onap.portal','admin',{'org.onap.portal.access|*|*'},'Portal Admins'); - -// DEMO ID (OPS) -insert into cred (id,type,expires,cred,notes,ns,other) values('demo@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344); -INSERT INTO user_role(user,role,expires,ns,rname) - VALUES ('demo@people.osaaf.org','org.onap.portal.admin','2018-10-31','org.onap.portal','admin'); - -// ADMIN -insert into cred (id,type,expires,cred,notes,ns,other) values('jh0003@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344); -INSERT INTO user_role(user,role,expires,ns,rname) - VALUES ('jh0003@people.osaaf.org','org.onap.portal.admin','2018-10-31','org.onap.portal','admin'); - -// DESIGNER -INSERT INTO cred (id,type,expires,cred,notes,ns,other) values('cs0008@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344); -INSERT INTO role(ns, name, perms, description) - VALUES('org.onap.portal','designer',{'org.onap.portal.access|*|read'},'Portal Designer'); -INSERT INTO user_role(user,role,expires,ns,rname) - VALUES ('cs0008@people.osaaf.org','org.onap.portal.designer','2018-10-31','org.onap.portal','designer'); - -// TESTER -INSERT INTO cred (id,type,expires,cred,notes,ns,other) values('jm0007@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344); -INSERT INTO role(ns, name, perms, description) - VALUES('org.onap.portal','tester',{'org.onap.portal.access|*|read'},'Portal Tester'); -INSERT INTO user_role(user,role,expires,ns,rname) - VALUES ('jm0007@people.osaaf.org','org.onap.portal.tester','2018-10-31','org.onap.portal','tester'); - -// OPS -INSERT INTO cred (id,type,expires,cred,notes,ns,other) values('op0001@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344); -INSERT INTO role(ns, name, perms, description) - VALUES('org.onap.portal','ops',{'org.onap.portal.access|*|read'},'Portal Operations'); -INSERT INTO user_role(user,role,expires,ns,rname) - VALUES ('op0001@people.osaaf.org','org.onap.portal.ops','2018-10-31','org.onap.portal','ops'); - -// GOVERNOR -INSERT INTO cred (id,type,expires,cred,notes,ns,other) values('gv0001@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344); -INSERT INTO role(ns, name, perms, description) - VALUES('org.onap.portal','governor',{'org.onap.portal.access|*|read'},'Portal Governor'); -INSERT INTO user_role(user,role,expires,ns,rname) - VALUES ('gv0001@people.osaaf.org','org.onap.portal.governor','2018-10-31','org.onap.portal','governor'); - diff --git a/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/temp_identity.cql b/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/temp_identity.cql deleted file mode 100644 index 4b6bf44140..0000000000 --- a/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/temp_identity.cql +++ /dev/null @@ -1,22 +0,0 @@ -/* # Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. */ - -USE authz; - -INSERT INTO user_role(user,role,expires,ns,rname) - VALUES ('demo@people.osaaf.org','org.admin','2099-12-31','org','admin') ; - -INSERT INTO user_role(user,role,expires,ns,rname) - VALUES ('demo@people.osaaf.org','org.osaaf.aaf.admin','2099-12-31','org.osaaf.aaf','admin') ; - diff --git a/kubernetes/aaf/charts/aaf-cs/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-cs/templates/deployment.yaml index cfece7093b..e0d500c420 100644 --- a/kubernetes/aaf/charts/aaf-cs/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-cs/templates/deployment.yaml @@ -30,25 +30,31 @@ spec: app: {{ include "common.name" . }} release: {{ .Release.Name }} spec: - hostname: {{ include "common.name" . }} containers: - - args: + - name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }} + command: ["/bin/bash","/opt/app/aaf/cass_init/cmd.sh","onap"] ports: - containerPort: {{ .Values.service.externalPort }} - containerPort: {{ .Values.service.externalPort2 }} - containerPort: {{ .Values.service.externalPort3 }} - containerPort: {{ .Values.service.externalPort4 }} + env: + - name: CASSANDRA_CLUSTER_NAME + value: "osaaf" + - name: CASSANDRA_DC + value: "dc1" + - name: HEAP_NEWSIZE + value: "512M" + - name: MAX_HEAP_SIZE + value: "1024M" volumeMounts: - - mountPath: /data - name: aaf-cs-data + - mountPath: /var/lib/cassandra + name: cassandra-storage - mountPath: /etc/localtime name: localtime readOnly: true - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container {{- if eq .Values.liveness.enabled true }} livenessProbe: tcpSocket: @@ -57,25 +63,12 @@ spec: periodSeconds: {{ .Values.liveness.periodSeconds }} {{ end -}} readinessProbe: - tcpSocket: - port: {{ .Values.service.internalPort3 }} + exec: + command: ["/bin/bash","/opt/app/aaf/cass_init/cmd.sh","wait"] initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} - lifecycle: - postStart: - exec: - command: - - /bin/sh - - -c - - > - /bin/sleep {{ .Values.readiness.initialDelaySeconds }}; - cd /data/; - cqlsh -u root -p root -f keyspace.cql ; - cqlsh -u root -p root -f init.cql ; - cqlsh -u root -p root -f osaaf.cql ; - cqlsh -u root -p root -f temp_identity.cql resources: -{{ include "common.resources" . | indent 12 }} +{{ include "common.resources" . | indent 10 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} @@ -85,11 +78,15 @@ spec: {{ toYaml .Values.affinity | indent 10 }} {{- end }} volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name: aaf-cs-data - secret: - secretName: {{ include "common.fullname" . }} + - name: localtime + hostPath: + path: /etc/localtime + - name: cassandra-storage + {{- if .Values.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }} + {{- else }} + emptyDir: {} + {{- end }} imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" + - name: "{{ include "common.namespace" . }}-docker-registry-key"
\ No newline at end of file diff --git a/kubernetes/aaf/charts/aaf-cs/templates/pv.yaml b/kubernetes/aaf/charts/aaf-cs/templates/pv.yaml new file mode 100644 index 0000000000..4209179af8 --- /dev/null +++ b/kubernetes/aaf/charts/aaf-cs/templates/pv.yaml @@ -0,0 +1,44 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} +spec: + capacity: + storage: {{ .Values.persistence.size}} + accessModes: + - {{ .Values.persistence.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} +{{- if .Values.persistence.storageClass }} +{{- if (eq "-" .Values.persistence.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.storageClass }}" +{{- end }} +{{- end }} +{{- end -}}
\ No newline at end of file diff --git a/kubernetes/aaf/charts/aaf-cs/templates/pvc.yaml b/kubernetes/aaf/charts/aaf-cs/templates/pvc.yaml new file mode 100644 index 0000000000..b102ffa08d --- /dev/null +++ b/kubernetes/aaf/charts/aaf-cs/templates/pvc.yaml @@ -0,0 +1,48 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + selector: + matchLabels: + app: {{ include "common.name" . }} + accessModes: + - {{ .Values.persistence.accessMode }} + resources: + requests: + storage: {{ .Values.persistence.size }} +{{- if .Values.persistence.storageClass }} +{{- if (eq "-" .Values.persistence.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.storageClass }}" +{{- end }} +{{- end }} +{{- end -}}
\ No newline at end of file diff --git a/kubernetes/aaf/charts/aaf-cs/values.yaml b/kubernetes/aaf/charts/aaf-cs/values.yaml index 83eaf15e38..a914b542f4 100644 --- a/kubernetes/aaf/charts/aaf-cs/values.yaml +++ b/kubernetes/aaf/charts/aaf-cs/values.yaml @@ -17,19 +17,16 @@ ################################################################# global: nodePortPrefix: 302 - +flavor: small ################################################################# # Application configuration defaults. ################################################################# # application image repository: nexus3.onap.org:10001 -image: library/cassandra:3.11 +image: onap/aaf/aaf_cass:2.1.2-SNAPSHOT pullPolicy: Always -# flag to enable debugging - application support required -debugEnabled: false - # application configuration config: {} @@ -42,14 +39,14 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 180 + initialDelaySeconds: 300 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: - initialDelaySeconds: 180 + initialDelaySeconds: 120 periodSeconds: 10 service: @@ -71,21 +68,30 @@ service: ingress: enabled: false -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # - # Example: - # Configure resource requests and limits - # ref: http://kubernetes.io/docs/user-guide/compute-resources/ - # Minimum memory for development is 2 CPU cores and 4GB memory - # Minimum memory for production is 4 CPU cores and 8GB memory -#resources: -# limits: -# cpu: 2 -# memory: 4Gi -# requests: -# cpu: 2 -# memory: 4Gi +# Configure resource requests and limits +resources: + small: + limits: + cpu: 200m + memory: 10000Mi + requests: + cpu: 10m + memory: 8500Mi + large: + limits: + cpu: 400m + memory: 12000Mi + requests: + cpu: 40m + memory: 9000Mi + unlimited: {} + +persistence: + enabled: true + #existingClaim: + mountPath: /dockerdata-nfs + mountSubPath: "cass" + volumeReclaimPolicy: Retain + accessMode: ReadWriteOnce + size: 10Gi + storageClass: "manual"
\ No newline at end of file diff --git a/kubernetes/aaf/charts/aaf-fs/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-fs/templates/deployment.yaml index d269dc6536..5125eb161e 100644 --- a/kubernetes/aaf/charts/aaf-fs/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-fs/templates/deployment.yaml @@ -31,11 +31,12 @@ spec: release: {{ .Release.Name }} spec: initContainers: - - command: + - name: {{ include "common.name" . }}-job-complete + command: - /root/job_complete.py args: - - -j - - {{ .Release.Name }}-aaf-create-config + - --job-name + - {{ .Release.Name }}-create-config env: - name: NAMESPACE valueFrom: @@ -44,13 +45,11 @@ spec: fieldPath: metadata.namespace image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-job-complete - - command: + - name: {{ include "common.name" . }}-readiness + command: - /root/ready.py args: - --container-name - - aaf-cs - - --container-name - aaf-locate env: - name: NAMESPACE @@ -60,23 +59,17 @@ spec: fieldPath: metadata.namespace image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness containers: - - env: - - name: CASSANDRA_CLUSTER - value: cassandra_container - name: {{ include "common.name" . }} + - name: {{ include "common.name" . }} + command: ["/bin/bash","/opt/app/aaf/bin/fs"] image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: ["/bin/bash","-c","ln -s /opt/app/osaaf/data /data;/opt/app/aaf/fs/bin/fs "] volumeMounts: - - mountPath: /opt/app/osaaf - name: aaf-persistent-vol + - mountPath: "/opt/app/osaaf" + name: shared-config-volume - mountPath: /etc/localtime name: localtime readOnly: true - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container {{- if eq .Values.liveness.enabled true }} livenessProbe: tcpSocket: @@ -103,12 +96,12 @@ spec: - name: localtime hostPath: path: /etc/localtime - - name: aaf-persistent-vol + - name: shared-config-volume {{- if .Values.global.persistence.enabled }} persistentVolumeClaim: - claimName: {{ .Release.Name }}-aaf-pvc + claimName: {{ .Release.Name }}-config {{- else }} emptyDir: {} {{- end }} imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" + - name: "{{ include "common.namespace" . }}-docker-registry-key"
\ No newline at end of file diff --git a/kubernetes/aaf/charts/aaf-fs/values.yaml b/kubernetes/aaf/charts/aaf-fs/values.yaml index f484883f71..0f0d7c47e7 100644 --- a/kubernetes/aaf/charts/aaf-fs/values.yaml +++ b/kubernetes/aaf/charts/aaf-fs/values.yaml @@ -19,7 +19,7 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s readinessImage: readiness-check:2.0.0 - +flavor: small ################################################################# # Application configuration defaults. ################################################################# @@ -28,11 +28,6 @@ repository: nexus3.onap.org:10001 image: onap/aaf/aaf_fs:2.1.2-SNAPSHOT pullPolicy: Always -# flag to enable debugging - application support required -debugEnabled: false - -# application configuration -config: {} # default number of instances replicaCount: 1 @@ -43,14 +38,14 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 10 + initialDelaySeconds: 300 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: - initialDelaySeconds: 10 + initialDelaySeconds: 30 periodSeconds: 10 service: @@ -65,21 +60,20 @@ service: ingress: enabled: false -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # - # Example: - # Configure resource requests and limits - # ref: http://kubernetes.io/docs/user-guide/compute-resources/ - # Minimum memory for development is 2 CPU cores and 4GB memory - # Minimum memory for production is 4 CPU cores and 8GB memory -#resources: -# limits: -# cpu: 2 -# memory: 4Gi -# requests: -# cpu: 2 -# memory: 4Gi +# Configure resource requests and limits +resources: + small: + limits: + cpu: 200m + memory: 600Mi + requests: + cpu: 10m + memory: 300Mi + large: + limits: + cpu: 500m + memory: 700Mi + requests: + cpu: 100m + memory: 400Mi + unlimited: {}
\ No newline at end of file diff --git a/kubernetes/aaf/charts/aaf-gui/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-gui/templates/deployment.yaml index b24a008fac..24c8e68cec 100644 --- a/kubernetes/aaf/charts/aaf-gui/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-gui/templates/deployment.yaml @@ -31,11 +31,12 @@ spec: release: {{ .Release.Name }} spec: initContainers: - - command: + - name: {{ include "common.name" . }}-job-complete + command: - /root/job_complete.py args: - - -j - - {{ .Release.Name }}-aaf-create-config + - --job-name + - {{ .Release.Name }}-create-config env: - name: NAMESPACE valueFrom: @@ -44,14 +45,12 @@ spec: fieldPath: metadata.namespace image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-job-complete - - command: + - name: {{ include "common.name" . }}-readiness + command: - /root/ready.py args: - --container-name - - aaf-cs - - --container-name - - aaf-locate + - aaf-cm env: - name: NAMESPACE valueFrom: @@ -60,23 +59,17 @@ spec: fieldPath: metadata.namespace image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness containers: - - env: - - name: CASSANDRA_CLUSTER - value: cassandra_container - name: {{ include "common.name" . }} + - name: {{ include "common.name" . }} + command: ["/bin/bash","/opt/app/aaf/bin/gui"] image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/gui/bin/gui "] volumeMounts: - - mountPath: /opt/app/osaaf - name: aaf-persistent-vol + - mountPath: "/opt/app/osaaf" + name: shared-config-volume - mountPath: /etc/localtime name: localtime readOnly: true - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container {{- if eq .Values.liveness.enabled true }} livenessProbe: tcpSocket: @@ -103,12 +96,12 @@ spec: - name: localtime hostPath: path: /etc/localtime - - name: aaf-persistent-vol + - name: shared-config-volume {{- if .Values.global.persistence.enabled }} persistentVolumeClaim: - claimName: {{ .Release.Name }}-aaf-pvc + claimName: {{ .Release.Name }}-config {{- else }} emptyDir: {} {{- end }} imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" + - name: "{{ include "common.namespace" . }}-docker-registry-key"
\ No newline at end of file diff --git a/kubernetes/aaf/charts/aaf-gui/values.yaml b/kubernetes/aaf/charts/aaf-gui/values.yaml index 92faa6c564..d44ac5ed46 100644 --- a/kubernetes/aaf/charts/aaf-gui/values.yaml +++ b/kubernetes/aaf/charts/aaf-gui/values.yaml @@ -19,7 +19,7 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s readinessImage: readiness-check:2.0.0 - +flavor: small ################################################################# # Application configuration defaults. ################################################################# @@ -28,11 +28,6 @@ repository: nexus3.onap.org:10001 image: onap/aaf/aaf_gui:2.1.2-SNAPSHOT pullPolicy: Always -# flag to enable debugging - application support required -debugEnabled: false - -# application configuration -config: {} # default number of instances replicaCount: 1 @@ -43,14 +38,14 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 10 + initialDelaySeconds: 300 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: - initialDelaySeconds: 10 + initialDelaySeconds: 30 periodSeconds: 10 service: @@ -66,21 +61,20 @@ service: ingress: enabled: false -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # - # Example: - # Configure resource requests and limits - # ref: http://kubernetes.io/docs/user-guide/compute-resources/ - # Minimum memory for development is 2 CPU cores and 4GB memory - # Minimum memory for production is 4 CPU cores and 8GB memory -#resources: -# limits: -# cpu: 2 -# memory: 4Gi -# requests: -# cpu: 2 -# memory: 4Gi +# Configure resource requests and limits +resources: + small: + limits: + cpu: 100m + memory: 500Mi + requests: + cpu: 10m + memory: 200Mi + large: + limits: + cpu: 200m + memory: 1Gi + requests: + cpu: 100m + memory: 500Mi + unlimited: {}
\ No newline at end of file diff --git a/kubernetes/aaf/charts/aaf-hello/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-hello/templates/deployment.yaml index c76c0849ab..f932228cd9 100644 --- a/kubernetes/aaf/charts/aaf-hello/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-hello/templates/deployment.yaml @@ -31,11 +31,12 @@ spec: release: {{ .Release.Name }} spec: initContainers: - - command: + - name: {{ include "common.name" . }}-job-complete + command: - /root/job_complete.py args: - - -j - - {{ .Release.Name }}-aaf-create-config + - --job-name + - {{ .Release.Name }}-create-config env: - name: NAMESPACE valueFrom: @@ -44,13 +45,11 @@ spec: fieldPath: metadata.namespace image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-job-complete - - command: + - name: {{ include "common.name" . }}-readiness + command: - /root/ready.py args: - --container-name - - aaf-cs - - --container-name - aaf-locate env: - name: NAMESPACE @@ -60,23 +59,17 @@ spec: fieldPath: metadata.namespace image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness containers: - - env: - - name: CASSANDRA_CLUSTER - value: cassandra_container - name: {{ include "common.name" . }} + - name: {{ include "common.name" . }} + command: ["/bin/bash","/opt/app/aaf/bin/hello"] image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/hello/bin/hello "] volumeMounts: - - mountPath: /opt/app/osaaf - name: aaf-persistent-vol + - mountPath: "/opt/app/osaaf" + name: shared-config-volume - mountPath: /etc/localtime name: localtime readOnly: true - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container {{- if eq .Values.liveness.enabled true }} livenessProbe: tcpSocket: @@ -103,12 +96,12 @@ spec: - name: localtime hostPath: path: /etc/localtime - - name: aaf-persistent-vol + - name: shared-config-volume {{- if .Values.global.persistence.enabled }} persistentVolumeClaim: - claimName: {{ .Release.Name }}-aaf-pvc + claimName: {{ .Release.Name }}-config {{- else }} emptyDir: {} {{- end }} imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" + - name: "{{ include "common.namespace" . }}-docker-registry-key"
\ No newline at end of file diff --git a/kubernetes/aaf/charts/aaf-hello/values.yaml b/kubernetes/aaf/charts/aaf-hello/values.yaml index 27f59d1802..9f694be8b8 100644 --- a/kubernetes/aaf/charts/aaf-hello/values.yaml +++ b/kubernetes/aaf/charts/aaf-hello/values.yaml @@ -19,7 +19,7 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s readinessImage: readiness-check:2.0.0 - +flavor: small ################################################################# # Application configuration defaults. ################################################################# @@ -28,11 +28,6 @@ repository: nexus3.onap.org:10001 image: onap/aaf/aaf_hello:2.1.2-SNAPSHOT pullPolicy: Always -# flag to enable debugging - application support required -debugEnabled: false - -# application configuration -config: {} # default number of instances replicaCount: 1 @@ -43,14 +38,14 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 10 + initialDelaySeconds: 300 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: - initialDelaySeconds: 10 + initialDelaySeconds: 30 periodSeconds: 10 service: @@ -65,21 +60,20 @@ service: ingress: enabled: false -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # - # Example: - # Configure resource requests and limits - # ref: http://kubernetes.io/docs/user-guide/compute-resources/ - # Minimum memory for development is 2 CPU cores and 4GB memory - # Minimum memory for production is 4 CPU cores and 8GB memory -#resources: -# limits: -# cpu: 2 -# memory: 4Gi -# requests: -# cpu: 2 -# memory: 4Gi +# Configure resource requests and limits +resources: + small: + limits: + cpu: 200m + memory: 500Mi + requests: + cpu: 10m + memory: 200Mi + large: + limits: + cpu: 400m + memory: 1Gi + requests: + cpu: 20m + memory: 500Mi + unlimited: {}
\ No newline at end of file diff --git a/kubernetes/aaf/charts/aaf-locate/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-locate/templates/deployment.yaml index 6e69f2c7ef..a3a9e285cf 100644 --- a/kubernetes/aaf/charts/aaf-locate/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-locate/templates/deployment.yaml @@ -31,11 +31,12 @@ spec: release: {{ .Release.Name }} spec: initContainers: - - command: + - name: {{ include "common.name" . }}-job-complete + command: - /root/job_complete.py args: - - -j - - {{ .Release.Name }}-aaf-create-config + - --job-name + - {{ .Release.Name }}-create-config env: - name: NAMESPACE valueFrom: @@ -44,12 +45,12 @@ spec: fieldPath: metadata.namespace image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-job-complete - - command: + - name: {{ include "common.name" . }}-readiness + command: - /root/ready.py args: - --container-name - - aaf-cs + - aaf-service env: - name: NAMESPACE valueFrom: @@ -58,23 +59,17 @@ spec: fieldPath: metadata.namespace image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness containers: - - env: - - name: CASSANDRA_CLUSTER - value: cassandra_container - name: {{ include "common.name" . }} + - name: {{ include "common.name" . }} + command: ["/bin/bash","/opt/app/aaf/bin/locate"] image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/locate/bin/locate "] volumeMounts: - - mountPath: /opt/app/osaaf - name: aaf-persistent-vol + - mountPath: "/opt/app/osaaf" + name: shared-config-volume - mountPath: /etc/localtime name: localtime readOnly: true - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container {{- if eq .Values.liveness.enabled true }} livenessProbe: tcpSocket: @@ -101,12 +96,12 @@ spec: - name: localtime hostPath: path: /etc/localtime - - name: aaf-persistent-vol + - name: shared-config-volume {{- if .Values.global.persistence.enabled }} persistentVolumeClaim: - claimName: {{ .Release.Name }}-aaf-pvc + claimName: {{ .Release.Name }}-config {{- else }} emptyDir: {} {{- end }} imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" + - name: "{{ include "common.namespace" . }}-docker-registry-key"
\ No newline at end of file diff --git a/kubernetes/aaf/charts/aaf-locate/values.yaml b/kubernetes/aaf/charts/aaf-locate/values.yaml index 86d67fc431..ba1e56373c 100644 --- a/kubernetes/aaf/charts/aaf-locate/values.yaml +++ b/kubernetes/aaf/charts/aaf-locate/values.yaml @@ -19,11 +19,7 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s readinessImage: readiness-check:2.0.0 - -# If mountPath is over NFS (e.g. /dockerdata-nfs is NFS mounted between the nodes), uncomment following lines. -# persistence: -# mountPath: /dockerdata - +flavor: small ################################################################# # Application configuration defaults. ################################################################# @@ -32,11 +28,6 @@ repository: nexus3.onap.org:10001 image: onap/aaf/aaf_locate:2.1.2-SNAPSHOT pullPolicy: Always -# flag to enable debugging - application support required -debugEnabled: false - -# application configuration -config: {} # default number of instances replicaCount: 1 @@ -47,14 +38,14 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 10 + initialDelaySeconds: 300 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: - initialDelaySeconds: 10 + initialDelaySeconds: 30 periodSeconds: 10 service: @@ -69,21 +60,20 @@ service: ingress: enabled: false -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # - # Example: - # Configure resource requests and limits - # ref: http://kubernetes.io/docs/user-guide/compute-resources/ - # Minimum memory for development is 2 CPU cores and 4GB memory - # Minimum memory for production is 4 CPU cores and 8GB memory -#resources: -# limits: -# cpu: 2 -# memory: 4Gi -# requests: -# cpu: 2 -# memory: 4Gi +# Configure resource requests and limits +resources: + small: + limits: + cpu: 200m + memory: 600Mi + requests: + cpu: 20m + memory: 300Mi + large: + limits: + cpu: 400m + memory: 1Gi + requests: + cpu: 40m + memory: 500Mi + unlimited: {}
\ No newline at end of file diff --git a/kubernetes/aaf/charts/aaf-oauth/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-oauth/templates/deployment.yaml index fd4ae21708..06cf2736ef 100644 --- a/kubernetes/aaf/charts/aaf-oauth/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-oauth/templates/deployment.yaml @@ -31,11 +31,12 @@ spec: release: {{ .Release.Name }} spec: initContainers: - - command: + - name: {{ include "common.name" . }}-job-complete + command: - /root/job_complete.py args: - - -j - - {{ .Release.Name }}-aaf-create-config + - --job-name + - {{ .Release.Name }}-create-config env: - name: NAMESPACE valueFrom: @@ -44,13 +45,11 @@ spec: fieldPath: metadata.namespace image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-job-complete - - command: - - /root/ready.py + - name: {{ include "common.name" . }}-readiness + command: + - /root/ready.py args: - --container-name - - aaf-cs - - --container-name - aaf-locate env: - name: NAMESPACE @@ -60,23 +59,17 @@ spec: fieldPath: metadata.namespace image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness containers: - - env: - - name: CASSANDRA_CLUSTER - value: cassandra_container - name: {{ include "common.name" . }} + - name: {{ include "common.name" . }} + command: ["/bin/bash","/opt/app/aaf/bin/oauth"] image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/oauth/bin/oauth "] volumeMounts: - - mountPath: /opt/app/osaaf - name: aaf-persistent-vol + - mountPath: "/opt/app/osaaf" + name: shared-config-volume - mountPath: /etc/localtime name: localtime readOnly: true - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container {{- if eq .Values.liveness.enabled true }} livenessProbe: tcpSocket: @@ -103,12 +96,12 @@ spec: - name: localtime hostPath: path: /etc/localtime - - name: aaf-persistent-vol + - name: shared-config-volume {{- if .Values.global.persistence.enabled }} persistentVolumeClaim: - claimName: {{ .Release.Name }}-aaf-pvc + claimName: {{ .Release.Name }}-config {{- else }} emptyDir: {} {{- end }} imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" + - name: "{{ include "common.namespace" . }}-docker-registry-key"
\ No newline at end of file diff --git a/kubernetes/aaf/charts/aaf-oauth/templates/service.yaml b/kubernetes/aaf/charts/aaf-oauth/templates/service.yaml index 281aa1cc8d..d94bcae31c 100644 --- a/kubernetes/aaf/charts/aaf-oauth/templates/service.yaml +++ b/kubernetes/aaf/charts/aaf-oauth/templates/service.yaml @@ -26,8 +26,6 @@ spec: ports: {{if eq .Values.service.type "NodePort" -}} - port: {{ .Values.service.externalPort }} - #Example internal target port if required - #targetPort: {{ .Values.service.internalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} name: {{ .Values.service.portName }} {{- else -}} diff --git a/kubernetes/aaf/charts/aaf-oauth/values.yaml b/kubernetes/aaf/charts/aaf-oauth/values.yaml index c349814f16..e52075a447 100644 --- a/kubernetes/aaf/charts/aaf-oauth/values.yaml +++ b/kubernetes/aaf/charts/aaf-oauth/values.yaml @@ -19,7 +19,7 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s readinessImage: readiness-check:2.0.0 - +flavor: small ################################################################# # Application configuration defaults. ################################################################# @@ -28,11 +28,6 @@ repository: nexus3.onap.org:10001 image: onap/aaf/aaf_oauth:2.1.2-SNAPSHOT pullPolicy: Always -# flag to enable debugging - application support required -debugEnabled: false - -# application configuration -config: {} # default number of instances replicaCount: 1 @@ -43,14 +38,14 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 10 + initialDelaySeconds: 300 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: - initialDelaySeconds: 10 + initialDelaySeconds: 30 periodSeconds: 10 service: @@ -65,21 +60,20 @@ service: ingress: enabled: false -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # - # Example: - # Configure resource requests and limits - # ref: http://kubernetes.io/docs/user-guide/compute-resources/ - # Minimum memory for development is 2 CPU cores and 4GB memory - # Minimum memory for production is 4 CPU cores and 8GB memory -#resources: -# limits: -# cpu: 2 -# memory: 4Gi -# requests: -# cpu: 2 -# memory: 4Gi +# Configure resource requests and limits +resources: + small: + limits: + cpu: 200m + memory: 400Mi + requests: + cpu: 20m + memory: 200Mi + large: + limits: + cpu: 400m + memory: 600Mi + requests: + cpu: 40m + memory: 200Mi + unlimited: {}
\ No newline at end of file diff --git a/kubernetes/aaf/charts/aaf-service/.helmignore b/kubernetes/aaf/charts/aaf-service/.helmignore new file mode 100644 index 0000000000..f0c1319444 --- /dev/null +++ b/kubernetes/aaf/charts/aaf-service/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/kubernetes/aaf/charts/aaf-service/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-service/templates/deployment.yaml index a07d06fd0a..c3c140a35d 100644 --- a/kubernetes/aaf/charts/aaf-service/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-service/templates/deployment.yaml @@ -31,11 +31,12 @@ spec: release: {{ .Release.Name }} spec: initContainers: - - command: + - name: {{ include "common.name" . }}-job-complete + command: - /root/job_complete.py args: - - -j - - {{ .Release.Name }}-aaf-create-config + - --job-name + - {{ .Release.Name }}-create-config env: - name: NAMESPACE valueFrom: @@ -44,14 +45,12 @@ spec: fieldPath: metadata.namespace image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-job-complete - - command: + - name: {{ include "common.name" . }}-readiness + command: - /root/ready.py args: - --container-name - aaf-cs - - --container-name - - aaf-locate env: - name: NAMESPACE valueFrom: @@ -60,23 +59,17 @@ spec: fieldPath: metadata.namespace image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness containers: - - env: - - name: CASSANDRA_CLUSTER - value: cassandra_container - name: {{ include "common.name" . }} + - name: {{ include "common.name" . }} + command: ["/bin/bash","/opt/app/aaf/bin/service"] image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/service/bin/service "] volumeMounts: - - mountPath: /opt/app/osaaf - name: aaf-persistent-vol + - mountPath: "/opt/app/osaaf" + name: shared-config-volume - mountPath: /etc/localtime name: localtime readOnly: true - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container {{- if eq .Values.liveness.enabled true }} livenessProbe: tcpSocket: @@ -103,12 +96,12 @@ spec: - name: localtime hostPath: path: /etc/localtime - - name: aaf-persistent-vol + - name: shared-config-volume {{- if .Values.global.persistence.enabled }} persistentVolumeClaim: - claimName: {{ .Release.Name }}-aaf-pvc + claimName: {{ .Release.Name }}-config {{- else }} emptyDir: {} {{- end }} imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" + - name: "{{ include "common.namespace" . }}-docker-registry-key"
\ No newline at end of file diff --git a/kubernetes/aaf/charts/aaf-service/values.yaml b/kubernetes/aaf/charts/aaf-service/values.yaml index 3e0ed61711..7ec6364f3c 100644 --- a/kubernetes/aaf/charts/aaf-service/values.yaml +++ b/kubernetes/aaf/charts/aaf-service/values.yaml @@ -19,7 +19,7 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s readinessImage: readiness-check:2.0.0 - +flavor: small ################################################################# # Application configuration defaults. ################################################################# @@ -28,11 +28,6 @@ repository: nexus3.onap.org:10001 image: onap/aaf/aaf_service:2.1.2-SNAPSHOT pullPolicy: Always -# flag to enable debugging - application support required -debugEnabled: false - -# application configuration -config: {} # default number of instances replicaCount: 1 @@ -43,14 +38,14 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 10 + initialDelaySeconds: 300 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: - initialDelaySeconds: 10 + initialDelaySeconds: 30 periodSeconds: 10 service: @@ -66,21 +61,20 @@ service: ingress: enabled: false -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # - # Example: - # Configure resource requests and limits - # ref: http://kubernetes.io/docs/user-guide/compute-resources/ - # Minimum memory for development is 2 CPU cores and 4GB memory - # Minimum memory for production is 4 CPU cores and 8GB memory -#resources: -# limits: -# cpu: 2 -# memory: 4Gi -# requests: -# cpu: 2 -# memory: 4Gi +# Configure resource requests and limits +resources: + small: + limits: + cpu: 200m + memory: 600Mi + requests: + cpu: 20m + memory: 300Mi + large: + limits: + cpu: 400m + memory: 1Gi + requests: + cpu: 40m + memory: 300Mi + unlimited: {}
\ No newline at end of file diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/statefulset.yaml b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/statefulset.yaml index 5eb7b330ba..0a83e85012 100644 --- a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/statefulset.yaml +++ b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/statefulset.yaml @@ -47,7 +47,7 @@ spec: - mountPath: /quorumclient/auth name: {{ include "common.fullname" . }}-auth resources: -{{ include "common.resources" . | indent 12 }} +{{ include "common.resources" . | indent 10 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml index c5fd489f31..d6ac1cb881 100644 --- a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml +++ b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml @@ -28,7 +28,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/smsquorumclient:2.0.0 +image: onap/aaf/smsquorumclient:latest pullPolicy: Always # flag to enable debugging - application support required @@ -54,21 +54,22 @@ persistence: ingress: enabled: false -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # - # Example: - # Configure resource requests and limits - # ref: http://kubernetes.io/docs/user-guide/compute-resources/ - # Minimum memory for development is 2 CPU cores and 4GB memory - # Minimum memory for production is 4 CPU cores and 8GB memory -#resources: -# limits: -# cpu: 2 -# memory: 4Gi -# requests: -# cpu: 2 -# memory: 4Gi +flavor: small + +# Configure resource requests and limits +resources: + small: + limits: + cpu: 200m + memory: 500Mi + requests: + cpu: 10m + memory: 10Mi + large: + limits: + cpu: 400m + memory: 700Mi + requests: + cpu: 10m + memory: 100Mi + unlimited: {}
\ No newline at end of file diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/statefulset.yaml b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/statefulset.yaml index ddfc7c61d0..ab0ad17b85 100644 --- a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/statefulset.yaml +++ b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/statefulset.yaml @@ -45,7 +45,8 @@ spec: - mountPath: /etc/localtime name: localtime readOnly: true - + resources: +{{ include "common.resources" . | indent 10 }} - image: "{{ include "common.repository" . }}/{{ .Values.image.consul }}" name: {{ include "common.name" . }}-backend imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} @@ -62,6 +63,8 @@ spec: - mountPath: /etc/localtime name: localtime readOnly: true + resources: +{{ include "common.resources" . | indent 10 }} volumes: - name: {{ include "common.fullname" . }}-consuldata persistentVolumeClaim: diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/values.yaml b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/values.yaml index 317abcda08..58017bdf40 100644 --- a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/values.yaml +++ b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/values.yaml @@ -90,21 +90,22 @@ service: ingress: enabled: false -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # - # Example: - # Configure resource requests and limits - # ref: http://kubernetes.io/docs/user-guide/compute-resources/ - # Minimum memory for development is 2 CPU cores and 4GB memory - # Minimum memory for production is 4 CPU cores and 8GB memory -#resources: -# limits: -# cpu: 2 -# memory: 4Gi -# requests: -# cpu: 2 -# memory: 4Gi +flavor: small + +# Configure resource requests and limits +resources: + small: + limits: + cpu: 200m + memory: 500Mi + requests: + cpu: 10m + memory: 10Mi + large: + limits: + cpu: 400m + memory: 700Mi + requests: + cpu: 10m + memory: 100Mi + unlimited: {}
\ No newline at end of file diff --git a/kubernetes/aaf/charts/aaf-sms/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-sms/templates/deployment.yaml index 189cc0d57d..ed24f67d44 100644 --- a/kubernetes/aaf/charts/aaf-sms/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-sms/templates/deployment.yaml @@ -81,7 +81,7 @@ spec: - mountPath: /sms/auth name: {{ include "common.fullname" . }}-auth resources: -{{ include "common.resources" . | indent 12 }} +{{ include "common.resources" . | indent 10 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/aaf/charts/aaf-sms/values.yaml b/kubernetes/aaf/charts/aaf-sms/values.yaml index b75038c973..7a25581908 100644 --- a/kubernetes/aaf/charts/aaf-sms/values.yaml +++ b/kubernetes/aaf/charts/aaf-sms/values.yaml @@ -22,13 +22,13 @@ global: loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 persistence: {} - +flavor: small ################################################################# # Application configuration defaults. ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/aaf/sms:2.0.0 +image: onap/aaf/sms:latest pullPolicy: Always # flag to enable debugging - application support required @@ -84,21 +84,20 @@ persistence: ingress: enabled: false -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # - # Example: - # Configure resource requests and limits - # ref: http://kubernetes.io/docs/user-guide/compute-resources/ - # Minimum memory for development is 2 CPU cores and 4GB memory - # Minimum memory for production is 4 CPU cores and 8GB memory -#resources: -# limits: -# cpu: 2 -# memory: 4Gi -# requests: -# cpu: 2 -# memory: 4Gi +# Configure resource requests and limits +resources: + small: + limits: + cpu: 200m + memory: 500Mi + requests: + cpu: 10m + memory: 10Mi + large: + limits: + cpu: 400m + memory: 1Gi + requests: + cpu: 10m + memory: 100Mi + unlimited: {}
\ No newline at end of file diff --git a/kubernetes/aaf/resources/config/backup/backup.sh b/kubernetes/aaf/resources/config/backup/backup.sh deleted file mode 100644 index 0cc2f6287f..0000000000 --- a/kubernetes/aaf/resources/config/backup/backup.sh +++ /dev/null @@ -1,46 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# BEGIN Store prev -BD=/opt/app/osaaf/backup -if [ -e "$BD/6day" ]; then - rm -Rf $BD/6day -fi - -PREV=$BD/6day -for D in $BD/5day $BD/4day $BD/3day $BD/2day $BD/yesterday; do - if [ -e "$D" ]; then - mv "$D" "$PREV" - fi - PREV="$D" -done - -if [ -e "$BD/today" ]; then - if [ -e "$BD/backup.log" ]; then - mv $BD/backup.log $BD/today - fi - gzip $BD/today/* - mv $BD/today $BD/yesterday -fi - -mkdir $BD/today - -# END Store prev -date -docker exec -t aaf_cass bash -c "mkdir -p /opt/app/cass_backup" -docker container cp $BD/cbackup.sh aaf_cass:/opt/app/cass_backup/backup.sh -# echo "login as Root, then run \nbash /opt/app/cass_backup/backup.sh" -docker exec -t aaf_cass bash /opt/app/cass_backup/backup.sh -docker container cp aaf_cass:/opt/app/cass_backup/. $BD/today -date diff --git a/kubernetes/aaf/resources/config/data/identities.dat b/kubernetes/aaf/resources/config/data/identities.dat deleted file mode 100644 index cb7f01db20..0000000000 --- a/kubernetes/aaf/resources/config/data/identities.dat +++ /dev/null @@ -1,41 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# -# Sample Identities.dat -# This file is for use with the "Default Organization". It is a simple mechanism to have a basic ILM structure to use with -# out-of-the-box tire-kicking, or even for Small companies -# -# For Larger Companies, you will want to create a new class implementing the "Organization" interface, making calls to your ILM, or utilizing -# batch feeds, as is appropriate for your company. -# -# Example Field Layout. note, in this example, Application IDs and People IDs are mixed. You may want to split -# out AppIDs, choose your own status indicators, or whatever you use. -# 0 - unique ID -# 1 - full name -# 2 - first name -# 3 - last name -# 4 - phone -# 5 - official email -# 6 - employment status e=employee, c=contractor, a=application, n=no longer with company -# 7 - responsible to (i.e Supervisor for People, or AppOwner, if it's an App ID) -# - -iowna|Ima D. Owner|Ima|Owner|314-123-2000|ima.d.owner@osaaf.com|e| -mmanager|Mark D. Manager|Mark|Manager|314-123-1234|mark.d.manager@osaaf.com|e|iowna -bdevl|Robert D. Developer|Bob|Developer|314-123-1235|bob.d.develper@osaaf.com|e|mmanager -mmarket|Mary D. Marketer|Mary|Marketer|314-123-1236|mary.d.marketer@osaaf.com|e|mmanager -ccontra|Clarice D. Contractor|Clarice|Contractor|314-123-1237|clarice.d.contractor@osaaf.com|c|mmanager -iretired|Ira Lee M. Retired|Ira|Retired|314-123-1238|clarice.d.contractor@osaaf.com|n|mmanager -osaaf|ID of AAF|||||a|bdevl diff --git a/kubernetes/aaf/resources/config/data/sample.identities.dat b/kubernetes/aaf/resources/config/data/sample.identities.dat deleted file mode 100644 index cf2ca6dcb6..0000000000 --- a/kubernetes/aaf/resources/config/data/sample.identities.dat +++ /dev/null @@ -1,40 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Sample Identities.dat -# This file is for use with the "Default Organization". It is a simple mechanism to have a basic ILM structure to use with -# out-of-the-box tire-kicking, or even for Small companies -# -# For Larger Companies, you will want to create a new class implementing the "Organization" interface, making calls to your ILM, or utilizing -# batch feeds, as is appropriate for your company. -# -# Example Field Layout. note, in this example, Application IDs and People IDs are mixed. You may want to split -# out AppIDs, choose your own status indicators, or whatever you use. -# 0 - unique ID -# 1 - full name -# 2 - first name -# 3 - last name -# 4 - phone -# 5 - official email -# 6 - employment status e=employee, c=contractor, a=application, n=no longer with company -# 7 - responsible to (i.e Supervisor for People, or AppOwner, if it's an App ID) -# - -iowna|Ima D. Owner|Ima|Owner|314-123-2000|ima.d.owner@osaaf.com|e| -mmanager|Mark D. Manager|Mark|Manager|314-123-1234|mark.d.manager@osaaf.com|e|iowna -bdevl|Robert D. Developer|Bob|Developer|314-123-1235|bob.d.develper@osaaf.com|e|mmanager -mmarket|Mary D. Marketer|Mary|Marketer|314-123-1236|mary.d.marketer@osaaf.com|e|mmanager -ccontra|Clarice D. Contractor|Clarice|Contractor|314-123-1237|clarice.d.contractor@osaaf.com|c|mmanager -iretired|Ira Lee M. Retired|Ira|Retired|314-123-1238|clarice.d.contractor@osaaf.com|n|mmanager -osaaf|ID of AAF|||||a|bdevl diff --git a/kubernetes/aaf/resources/config/etc/org.osaaf.cm.props b/kubernetes/aaf/resources/config/etc/org.osaaf.cm.props deleted file mode 100644 index ccd8a3329e..0000000000 --- a/kubernetes/aaf/resources/config/etc/org.osaaf.cm.props +++ /dev/null @@ -1,28 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -## -## org.osaaf.cm.props -## AAF Certificate Manager properties -## Note: Link to CA Properties in "local" dir -## -cadi_prop_files=/opt/app/osaaf/etc/org.osaaf.common.props:/opt/app/osaaf/local/org.osaaf.cassandra.props:/opt/app/osaaf/local/org.osaaf.cm.ca.props -aaf_component=AAF_NS.cm:2.1.0.0 -port=8150 -cadi_registration_hostname={{.Values.config.cmServiceName}} -#Certman -cm_public_dir=/opt/app/osaaf/public -cm_trust_cas=AAF_RootCA.cer - - diff --git a/kubernetes/aaf/resources/config/etc/org.osaaf.common.props b/kubernetes/aaf/resources/config/etc/org.osaaf.common.props deleted file mode 100644 index 052a2ec901..0000000000 --- a/kubernetes/aaf/resources/config/etc/org.osaaf.common.props +++ /dev/null @@ -1,43 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -############################################################ -# Common properties for all AAF Components -# on 2018-03-02 06:59.628-0500 -############################################################ -# Pull in Global Coordinates and Certificate Information -aaf_root_ns=org.osaaf.aaf -aaf_trust_perm=org.osaaf.aaf|org.onap|trust - -cadi_prop_files=/opt/app/osaaf/local/org.osaaf.location.props:/opt/app/osaaf/local/org.osaaf.aaf.props -cadi_protocols=TLSv1.1,TLSv1.2 - -aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.0 -cadi_loginpage_url=https://AAF_LOCATE_URL/AAF_NS.gui:2.0/login - -# Standard for this App/Machine -aaf_env=DEV -aaf_data_dir=/opt/app/osaaf/data -cadi_loglevel=DEBUG - -# Domain Support (which will accept) -aaf_domain_support=.com:.org - -# Basic Auth -aaf_default_realm=people.osaaf.org - -# OAuth2 -aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.0/token -aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.0/introspect - diff --git a/kubernetes/aaf/resources/config/etc/org.osaaf.fs.props b/kubernetes/aaf/resources/config/etc/org.osaaf.fs.props deleted file mode 100644 index 266e08e74b..0000000000 --- a/kubernetes/aaf/resources/config/etc/org.osaaf.fs.props +++ /dev/null @@ -1,25 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - - -## -## org.osaaf.locator -## AAF Locator Properties -## -cadi_prop_files=/opt/app/osaaf/etc/org.osaaf.common.props -aaf_component=AAF_NS.fs:2.1.0.0 -port=8096 -cadi_registration_hostname={{.Values.config.fsServiceName}} - -aaf_public_dir=/opt/app/osaaf/public diff --git a/kubernetes/aaf/resources/config/etc/org.osaaf.gui.props b/kubernetes/aaf/resources/config/etc/org.osaaf.gui.props deleted file mode 100644 index 6c40b40c34..0000000000 --- a/kubernetes/aaf/resources/config/etc/org.osaaf.gui.props +++ /dev/null @@ -1,46 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - - -## -## org.osaaf.locator -## AAF Locator Properties -## -cadi_prop_files=/opt/app/osaaf/etc/org.osaaf.common.props:/opt/app/osaaf/etc/org.osaaf.orgs.props -aaf_component=AAF_NS.gui:2.1.0.0 -port=8200 -cadi_registration_hostname={{.Values.config.guiServiceName}} - -aaf_gui_title=AAF -aaf_gui_copyright=(c) 2018 AT&T Intellectual Property. All rights reserved. -aaf_gui_theme=theme/onap -cadi_loginpage_url=https://AAF_LOCATE_URL/com.att.aaf.gui:2.0/login - -# GUI URLS and Help URLS -cm_url=https://{{.Values.config.cmServiceName}}:8150 -gw_url=https://{{.Values.config.locateServiceName}}:8095 -fs_url=http://{{.Values.config.fsServiceName}}:8096 - -aaf_url.gui_onboard=https://wiki.web.att.com/display/aaf/OnBoarding -aaf_url.cuigui=https://wiki.web.att.com/display/aaf/Using+the+Command+Prompt - -aaf_url.aaf_help=https://wiki.onap.org/display/DW/Application+Authorization+Framework+Documentation -aaf_url.aaf_help.sub=Bootstrapping+AAF,Installation+Guide -aaf_url.aaf_help.sub.Bootstrapping+AAF=https://wiki.onap.org/display/DW/Bootstrapping+AAF -aaf_url.aaf_help.sub.Installation+Guide=https://wiki.onap.org/display/DW/AAF+Installation+Guide -#aaf_url.cadi_help= -aaf_url.tools=AAF+Projects,AAF+Jira,AAF+Calendar -aaf_url.tool=AAF+Jira=https://jira.onap.org/secure/RapidBoard.jspa?rapidView=69&projectKey=AAF&view=detail&selectedIssue=AAF-134 -aaf_url.tool.AAF+Projects=https://gerrit.onap.org/r/#/admin/projects/?filter=aaf%2F -aaf_url.tool.AAF+Calendar=https://wiki.onap.org/pages/viewpage.action?pageId=6587439 diff --git a/kubernetes/aaf/resources/config/etc/org.osaaf.locate.props b/kubernetes/aaf/resources/config/etc/org.osaaf.locate.props deleted file mode 100644 index 1026dd85bd..0000000000 --- a/kubernetes/aaf/resources/config/etc/org.osaaf.locate.props +++ /dev/null @@ -1,23 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - - -## -## org.osaaf.locator -## AAF Locator Properties -## -cadi_prop_files=/opt/app/osaaf/etc/org.osaaf.common.props:/opt/app/osaaf/local/org.osaaf.cassandra.props -aaf_component=AAF_NS.locator:2.1.0.0 -port=8095 -cadi_registration_hostname={{.Values.config.locateServiceName}} diff --git a/kubernetes/aaf/resources/config/etc/org.osaaf.log4j.props b/kubernetes/aaf/resources/config/etc/org.osaaf.log4j.props deleted file mode 100644 index 9f10802821..0000000000 --- a/kubernetes/aaf/resources/config/etc/org.osaaf.log4j.props +++ /dev/null @@ -1,51 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. -# -log4j.appender.INIT=org.apache.log4j.DailyRollingFileAppender -log4j.appender.INIT.File=${LOG4J_FILENAME_init} -log4j.appender.INIT.DatePattern='.'yyyy-MM-dd -log4j.appender.INIT.layout=org.apache.log4j.PatternLayout -log4j.appender.INIT.layout.ConversionPattern=%d{yyyy-MM-dd HH:mm:ss,SSSZ} %m %n - -log4j.appender.SRVR=org.apache.log4j.DailyRollingFileAppender -log4j.appender.SRVR.File=${LOG4J_FILENAME_service} -log4j.appender.SRVR.DatePattern='.'yyyy-MM-dd -log4j.appender.SRVR.layout=org.apache.log4j.PatternLayout -log4j.appender.SRVR.layout.ConversionPattern=%d{yyyy-MM-dd HH:mm:ss,SSSZ} %p [%c] %m %n - -log4j.appender.AUDIT=org.apache.log4j.DailyRollingFileAppender -log4j.appender.AUDIT.File=${LOG4J_FILENAME_audit} -log4j.appender.AUDIT.DatePattern='.'yyyy-MM-dd -log4j.appender.AUDIT.layout=org.apache.log4j.PatternLayout -log4j.appender.AUDIT.layout.ConversionPattern=%d{yyyy-MM-dd HH:mm:ss,SSSZ} %m %n - -log4j.appender.stdout=org.apache.log4j.ConsoleAppender -log4j.appender.stdout.layout=org.apache.log4j.PatternLayout -log4j.appender.stdout.layout.ConversionPattern=%d %p [%c] %m %n - -# General Apache libraries -log4j.rootLogger=WARN.SRVR -log4j.logger.org.apache=WARN,SRVR -log4j.logger.com.datastax=WARN,SRVR -log4j.logger.init=INFO,INIT -log4j.logger.service=${LOGGING_LEVEL},SRVR -log4j.logger.audit=INFO,AUDIT -# Additional configs, not cauth with Root Logger -log4j.logger.io.netty=INFO,SRVR -log4j.logger.org.eclipse=INFO,SRVR - - diff --git a/kubernetes/aaf/resources/config/etc/org.osaaf.oauth.props b/kubernetes/aaf/resources/config/etc/org.osaaf.oauth.props deleted file mode 100644 index d2a5b97ec2..0000000000 --- a/kubernetes/aaf/resources/config/etc/org.osaaf.oauth.props +++ /dev/null @@ -1,22 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -## -## org.osaaf.locator -## AAF Locator Properties -## -cadi_prop_files=/opt/app/osaaf/etc/org.osaaf.common.props:/opt/app/osaaf/local/org.osaaf.cassandra.props -aaf_component=AAF_NS.oauth:2.1.0.0 -port=8140 -cadi_registration_hostname={{.Values.config.oauthServiceName}} diff --git a/kubernetes/aaf/resources/config/etc/org.osaaf.orgs.props b/kubernetes/aaf/resources/config/etc/org.osaaf.orgs.props deleted file mode 100644 index c609de2027..0000000000 --- a/kubernetes/aaf/resources/config/etc/org.osaaf.orgs.props +++ /dev/null @@ -1,25 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# -# Define Organizations for use in some of the components. Not all use them -# -Organization.org.osaaf=org.onap.aaf.org.DefaultOrg -org.osaaf.mailHost=smtp.mail.att.com -org.osaaf.mailFrom=DL-aaf-support@aaf.att.com -org.osaaf.default=true -org.osaaf.also_supports=org.osaaf.people - - - diff --git a/kubernetes/aaf/resources/config/etc/org.osaaf.service.props b/kubernetes/aaf/resources/config/etc/org.osaaf.service.props deleted file mode 100644 index adb9032929..0000000000 --- a/kubernetes/aaf/resources/config/etc/org.osaaf.service.props +++ /dev/null @@ -1,23 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - - -## -## org.osaaf.service -## AAF Service Properties -## -cadi_prop_files=/opt/app/osaaf/etc/org.osaaf.common.props:/opt/app/osaaf/local/org.osaaf.cassandra.props:/opt/app/osaaf/etc/org.osaaf.orgs.props -aaf_component=AAF_NS.service:2.1.0.0 -port=8100 -cadi_registration_hostname={{.Values.config.serviceServiceName}} diff --git a/kubernetes/aaf/resources/config/local/org.osaaf.aaf.cm.p12 b/kubernetes/aaf/resources/config/local/org.osaaf.aaf.cm.p12 Binary files differdeleted file mode 100644 index 63aedd2560..0000000000 --- a/kubernetes/aaf/resources/config/local/org.osaaf.aaf.cm.p12 +++ /dev/null diff --git a/kubernetes/aaf/resources/config/local/org.osaaf.aaf.cm.pkcs11 b/kubernetes/aaf/resources/config/local/org.osaaf.aaf.cm.pkcs11 deleted file mode 100644 index 05fe60fe6a..0000000000 --- a/kubernetes/aaf/resources/config/local/org.osaaf.aaf.cm.pkcs11 +++ /dev/null @@ -1 +0,0 @@ -name = localca diff --git a/kubernetes/aaf/resources/config/local/org.osaaf.aaf.keyfile b/kubernetes/aaf/resources/config/local/org.osaaf.aaf.keyfile deleted file mode 100644 index 7206ad9325..0000000000 --- a/kubernetes/aaf/resources/config/local/org.osaaf.aaf.keyfile +++ /dev/null @@ -1,27 +0,0 @@ -rmaOaytuFLnhz07oilUO0nO_mZ18XInIi56OoezdUTR5f1GR45lp_nX7marcYv7j2ZS-dpWOSur0 -sK5M-ByrgxfUPyk749Ex4nGSMLnAq-nFMaREpGZPmNP-ul_vCxCmaHUnWKPJB4jx_K_osKPb0-ng -tqX0hnpbmcq4okV94MUdUs084ymM5LU-qVU_oYbLUM4dXatobe1go8eX2umrutZbQTjz75i4UEcF -Dv9nDwVqHRGUFMU0NeJlrSlRSO-eiDgVtoSCBGtIkDdKPBTUT3wachHmUBiSBJ3GF05yQP1CwWzz -AQRSwphP11xKI7tSViT5RoxjxfQZiVEbeyg9g9BROe_pLyIDskoW_ujdnPOWRcSIx6Q4J0eew3kb -yqcWUPf1K2nSyBSshlsQ6A9NSOLz_KhyIvP_1OG82m1gir3I77Usl7QqMF8IBXCjJ-H_qqR1u-By -qm_AFjagYA2TgF2YQN-fcneom_5_cA74_xwJ41juhOP72ZWGkX1bAdbiKf85uYo2H3g5HeNWijQL -y4wJ4qFrSptQRyV2Ntf9OLgpOsKsPPiLlNBugmCjHBMaPMbQAYRbsyCH2nKdjjTG3c6iF5Cj9Jco -6McvcrYYuq3ynH-2HoL-T-Zgl2AXLxqK4_dl_H243H-GutoJsmIkELLGS_pCpSt4t7xaDvzqxrTj -4qZ1OjozcpnsqM8HebS28IgoqFaOmrCMqO1MLM_CjAyliTy31P28XEbcYvjEY-FWmnJRSpMLc1Pz --KOH-2V8uTqn5YlUsFt2TNnc8lEwMH6GSV1vkgxwPQaMUgWV2svc0FfBmTLZI4zNmpMu4cGjaG-f -Z8r_hX7pDPANBTaqFxTp999dnaS3lLdZMNbJNEKFF0xxdRuBzsPKDiLa7ItixInZlUcEnwJVWOhC -kcI2J0cEFGxHxWYmYdqyJIvQzjebk6iDqB-mLi0ai-_XYm1niCxZizT_XJADo9LQtTzq1V6pMgYR -PPfbDKoiYRK6D8nbWsGNOh6xOS7zs8qrnTPxwu5CuZX_EFoejmooHTrXEqw2RzRFw9XqXM8p50C3 -YrwI2lA6kTQItGm0yftAxqfbhbjJp_K1P91ckOYL3ZSYze_hXRmguwYuT5NWlKhBtm5aawuDjXEg -yn7PnRTT0smW40hbYbks5L-2VVxTd3tith6Ltqh95miL6vpG5ByDDQlZCWwkq7XH7iScejDvT6UN -jF1K86mNa8CLXuuSzGl1li1CMxoVzW55G3s0-ICDHqjytiUkiUen2V9VzGT9h4BgDfzbShf31M4_ -biO4NL-mkqlDBbh-KcrYjvNj5qQwHSiLSLuQQBoBtJ3hG9jCu4YBYVWJYctV8r3Js_sGDH4rl5w1 -ujEF6QHWZIF73-u53G_LtvoXBnQcrBW8oLpqP-1Pz5d1bio--bRsNa5qAAilNbYmttiKYOYJn4My -c6QvzF81SqTRZy0Fd0NK_hMCglPkH7sd32UX-LBquvQ_yDqB_ml_pADJhWcfuD4iPAQjR2Vgclxf -GPCDva6YpJDzjjnaExDYmGFVFpbIPLfvGUCit_9zAycx0nW1J_cVT1BWFHijjAh_gnIpa6MtY3BE -G3d8ee6_LAQvvVdBwZ955UwyRd-C7Buc7Xcccw-8hcNBKqOCDlE9j4tie2SdO9m53vZRzcLY6Aiw -BiulIAllqHZQYs0OBcaYgbNgJU-gn9ZMWgS9i3ijPvTTBSNX7y7k4L1a4QOceyuOtt7nkv024YUS -acTRmaGotRBuVfI-C0L4Q9NL56_nUATB5ca2GqgLEKnWKsiN3T9cBg4Ji88E8OdiVcoO8segB-0d -QwWCqCZ8_z_R7zBMlDqpfu5wbvoVx0w9JhLgO9f7eoRozqA3qGLv94i1pN6LuU-Q7YPz4jVxmbb_ -2CHyP1n-o1ZWHfWdz6aByXEzrAZdvjfEWwwMYV5l5jFilTXaCNOCjr9S4YjNn0HITdl7E64C06Im -3QWOsnDv9z1APjnFo12KH_1yWscU0t9gx7FG210Ug6C-G3Bko_tm_YOp0Lkum4qrnxgHMf_a
\ No newline at end of file diff --git a/kubernetes/aaf/resources/config/local/org.osaaf.aaf.p12 b/kubernetes/aaf/resources/config/local/org.osaaf.aaf.p12 Binary files differdeleted file mode 100644 index ac1dece85c..0000000000 --- a/kubernetes/aaf/resources/config/local/org.osaaf.aaf.p12 +++ /dev/null diff --git a/kubernetes/aaf/resources/config/local/org.osaaf.aaf.props b/kubernetes/aaf/resources/config/local/org.osaaf.aaf.props deleted file mode 100644 index 21910eb627..0000000000 --- a/kubernetes/aaf/resources/config/local/org.osaaf.aaf.props +++ /dev/null @@ -1,25 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -cm_url=https://{{.Values.config.cmServiceName}}:8150 -#hostname=aaf.osaaf.org -aaf_env=DEV -cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US -cadi_keyfile=/opt/app/osaaf/local/org.osaaf.aaf.keyfile -cadi_keystore=/opt/app/osaaf/local/org.osaaf.aaf.p12 -cadi_keystore_password=enc:fDY3WPPqHCMQaZdox2UfpRoEq6b9wUqS-aepo0NiqEFa2t7uYHBdxfQAuEwj9Lwb -#cadi_key_password=enc:<KEY PASSWORD (optional if the same as KEYSTORE PASSWORD)> -cadi_alias=aaf-authz@aaf.osaaf.org -cadi_truststore=/opt/app/osaaf/local/org.osaaf.aaf.trust.p12 -cadi_truststore_password=enc:5nzj6v3Rb0oZPV1zCxg8EJFfkFvWFGJflLB0i_FN0Np diff --git a/kubernetes/aaf/resources/config/local/org.osaaf.aaf.trust.p12 b/kubernetes/aaf/resources/config/local/org.osaaf.aaf.trust.p12 Binary files differdeleted file mode 100644 index d01e8569ab..0000000000 --- a/kubernetes/aaf/resources/config/local/org.osaaf.aaf.trust.p12 +++ /dev/null diff --git a/kubernetes/aaf/resources/config/local/org.osaaf.cassandra.props b/kubernetes/aaf/resources/config/local/org.osaaf.cassandra.props deleted file mode 100644 index 17f238b851..0000000000 --- a/kubernetes/aaf/resources/config/local/org.osaaf.cassandra.props +++ /dev/null @@ -1,29 +0,0 @@ -############################################################ -# Cassandra properties for AAF Components needing -# on 2018-03-02 06:59.628-0500 -############################################################ -# LOCAL Cassandra -cassandra.clusters={{.Values.config.csServiceName}} -cassandra.clusters.port=9042 -#need this to be fully qualified name when REAL AAF integration -cassandra.clusters.user=cassandra -cassandra.clusters.password=enc:gF_I93pTRMIvj3rof-dx-yK84XYT1UKGf98s1LAJyWV - -# Name for exception that has happened in the past -cassandra.reset.exceptions=com.datastax.driver.core.exceptions.NoHostAvailableException:"no host was tried":"Connection has been closed" - -# Example Consistency Settings for Clusters with at least instances -#cassandra.writeConsistency.ns=LOCAL_QUORUM -#cassandra.writeConsistency.perm=LOCAL_QUORUM -#cassandra.writeConsistency.role=LOCAL_QUORUM -#cassandra.writeConsistency.user_role=LOCAL_QUORUM -#cassandra.writeConsistency.cred=LOCAL_QUORUM -#cassandra.writeConsistency.ns_attrib=LOCAL_QUORUM - -# Consistency Settings when Single Instance -cassandra.writeConsistency.ns=ONE -cassandra.writeConsistency.perm=ONE -cassandra.writeConsistency.role=ONE -cassandra.writeConsistency.user_role=ONE -cassandra.writeConsistency.cred=ONE -cassandra.writeConsistency.ns_attrib=ONE diff --git a/kubernetes/aaf/resources/config/local/org.osaaf.cm.ca.props b/kubernetes/aaf/resources/config/local/org.osaaf.cm.ca.props deleted file mode 100644 index 8843705cbb..0000000000 --- a/kubernetes/aaf/resources/config/local/org.osaaf.cm.ca.props +++ /dev/null @@ -1,11 +0,0 @@ -## -## org.osaaf.cm.ca.props -## Properties to access Certifiate Authority -## - -#Certman -cm_ca.local=org.onap.aaf.auth.cm.ca.LocalCA,/opt/app/osaaf/local/org.osaaf.aaf.cm.p12;aaf_cm_ca;enc:asFEWMNqjH7GktBLb9EGl6L1zfS2qMH5ZS5Zd90KVT5B9ZyRsqx7Gb73YllO8Hyw -cm_ca.local.idDomains=org.osaaf -cm_ca.local.baseSubject=/OU=OSAAF/O=ONAP/C=US -cm_ca.local.perm_type=org.osaaf.aaf.ca - diff --git a/kubernetes/aaf/resources/config/local/org.osaaf.location.props b/kubernetes/aaf/resources/config/local/org.osaaf.location.props deleted file mode 100644 index fd52d6db11..0000000000 --- a/kubernetes/aaf/resources/config/local/org.osaaf.location.props +++ /dev/null @@ -1,12 +0,0 @@ -## -## org.osaaf.location.props -## -## Localized Machine Information -## -# Almeda California -cadi_latitude=37.78187 -cadi_longitude=-122.26147 - -#cadi_registration_hostname=aaf-onap-beijing-test.osaaf.org -cadi_trust_masks=10.12.6/24 -aaf_locate_url=https://{{.Values.config.locateServiceName}}:8095 diff --git a/kubernetes/aaf/resources/config/public/README.txt b/kubernetes/aaf/resources/config/public/README.txt deleted file mode 100644 index 48aaa96feb..0000000000 --- a/kubernetes/aaf/resources/config/public/README.txt +++ /dev/null @@ -1 +0,0 @@ -Public directory left empty on purpose. Content of https://gerrit.onap.org/r/gitweb?p=aaf/authz.git;a=tree;f=auth/sample/public;h=1b387b7858134f80446f006b6d570fa534da3153;hb=refs/heads/master is cloned and mounted into AAF container volume via init container. This is done to dramatically reduce the size of configuration that was being put into a configmap that was exceeding helm configmap limit of 1MB per deployment. diff --git a/kubernetes/aaf/templates/configmap.yaml b/kubernetes/aaf/templates/configmap.yaml deleted file mode 100644 index 9d21e057d6..0000000000 --- a/kubernetes/aaf/templates/configmap.yaml +++ /dev/null @@ -1,48 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ .Release.Name }}-aaf-backup - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/config/backup/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ .Release.Name }}-aaf-local - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/config/local/org.osaaf.location.props").AsConfig . | indent 2 }} -{{ tpl (.Files.Glob "resources/config/local/org.osaaf.cm.ca.props").AsConfig . | indent 2 }} -{{ tpl (.Files.Glob "resources/config/local/org.osaaf.cassandra.props").AsConfig . | indent 2 }} -{{ tpl (.Files.Glob "resources/config/local/org.osaaf.aaf.props").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ .Release.Name }}-aaf-etc - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/config/etc/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ .Release.Name }}-aaf-data - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/config/data/*").AsConfig . | indent 2 }} diff --git a/kubernetes/aaf/templates/job.yaml b/kubernetes/aaf/templates/job.yaml index 719b6dc2c2..103b908491 100644 --- a/kubernetes/aaf/templates/job.yaml +++ b/kubernetes/aaf/templates/job.yaml @@ -15,7 +15,7 @@ apiVersion: batch/v1 kind: Job metadata: - name: {{ include "common.fullname" . }}-create-config + name: {{ .Release.Name }}-create-config namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} @@ -29,79 +29,28 @@ spec: app: aaf-init-job release: {{ .Release.Name }} spec: - initContainers: - - name: {{ include "common.name" . }}-inject-config - command: - - /bin/bash - - -c - - > - git clone -b {{ .Values.config.gerritBranch }} --single-branch {{ .Values.config.gerritProject }} /tmp/gerrit; - echo "Clone complete. Copying from /tmp/gerrit/ to /public"; - cp -rf /tmp/gerrit/auth/sample/public/* /public; - echo "Done."; - image: "{{ .Values.global.ubuntuInitRepository }}/{{ .Values.global.ubuntuInitImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - - name: aaf-public - mountPath: "/public" containers: - - command: ["/bin/bash","-c","if [ ! -d /data/backup ]; then mkdir /data/data && cp -Ra /data1/data/..data/* /data/data/ && mkdir /data/etc && cp -Ra /data1/etc/..data/* data/etc/ && mkdir /data/backup && cp -Ra /data1/backup/..data/* /data/backup/ && cp -Ra /data1/public /data/ && cp -Ra /data1/local /data && mkdir -p /data/logs/oauth && mkdir -p /data/logs/hello && mkdir -p /data/logs/fs && mkdir -p /data/logs/gui && mkdir -p /data/logs/locate && mkdir -p /data/logs/cm && mkdir -p /data/logs/service; fi; exit 0"] - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + - name: {{ include "common.name" . }}-config-container + image: "{{ include "common.repository" . }}/{{ .Values.aaf_config.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: aaf-init-job volumeMounts: - - mountPath: /etc/localtime - name: localtime - readOnly: true - - mountPath: /data - name: aaf-persistent-data - - mountPath: /data1/etc - name: aaf-etc - - mountPath: /data1/data - name: aaf-data - - mountPath: /data1/public/iframe_denied_test.html - name: aaf-public - subPath: iframe_denied_test.html - - mountPath: /data1/public/aaf_2_0.xsd - name: aaf-public - subPath: aaf_2_0.xsd - - mountPath: /data1/public/truststoreONAP.p12 - name: aaf-public - subPath: truststoreONAP.p12 - - mountPath: /data1/public/AAF_RootCA.cer - name: aaf-public - subPath: AAF_RootCA.cer - - mountPath: /data1/public/truststoreONAPall.jks - name: aaf-public - subPath: truststoreONAPall.jks - - mountPath: /data1/local/org.osaaf.location.props - name: aaf-local - subPath: org.osaaf.location.props - - mountPath: /data1/local/org.osaaf.cm.ca.props - name: aaf-local - subPath: org.osaaf.cm.ca.props - - mountPath: /data1/local/org.osaaf.cassandra.props - name: aaf-local - subPath: org.osaaf.cassandra.props - - mountPath: /data1/local/org.osaaf.aaf.props - name: aaf-local - subPath: org.osaaf.aaf.props - - mountPath: /data1/local/org.osaaf.aaf.trust.p12 - name: aaf-local-secret - subPath: org.osaaf.aaf.trust.p12 - - mountPath: /data1/local/org.osaaf.aaf.p12 - name: aaf-local-secret - subPath: org.osaaf.aaf.p12 - - mountPath: /data1/local/org.osaaf.aaf.keyfile - name: aaf-local-secret - subPath: org.osaaf.aaf.keyfile - - mountPath: /data1/local/org.osaaf.aaf.cm.p12 - name: aaf-local-secret - subPath: org.osaaf.aaf.cm.p12 - - mountPath: /data1/backup - name: aaf-backup - - mountPath: /share - name: aaf-public + - mountPath: "/opt/app/osaaf" + name: {{ include "common.name" . }}-config-vol + env: + - name: HOSTNAME + value: "{{ .Values.global.cadi.hostname }}" + - name: AAF_ENV + value: "{{ .Values.global.cadi.aaf_env }}" + - name: AAF_REGISTER_AS + value: "{{ .Values.global.cadi.aaf_register_as }}" + - name: LATITUDE + value: "{{ .Values.global.cadi.cadi_latitude }}" + - name: LONGITUDE + value: "{{ .Values.global.cadi.cadi_longitude }}" + - name: CASS_HOST + value: "{{ .Values.global.cassandraServiceName }}" + - name: AAF_LOCATOR_AS + value: "{{ .Values.global.locateServiceName }}" resources: {{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} @@ -113,33 +62,13 @@ spec: {{ toYaml .Values.affinity | indent 10 }} {{- end }} volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name: aaf-local-secret - secret: - secretName: {{ .Release.Name }}-aaf-local-secret - - name: aaf-etc - configMap: - name: {{ .Release.Name }}-aaf-etc - - name: aaf-local - configMap: - name: {{ .Release.Name }}-aaf-local - - name: aaf-backup - configMap: - name: {{ .Release.Name }}-aaf-backup - - name: aaf-data - configMap: - name: {{ .Release.Name }}-aaf-data - - name: aaf-persistent-data + - name: {{ include "common.name" . }}-config-vol {{- if .Values.global.persistence.enabled }} persistentVolumeClaim: - claimName: {{ .Release.Name }}-aaf-pvc + claimName: {{ .Release.Name }}-config {{- else }} emptyDir: {} {{- end }} - - name: aaf-public - emptyDir: {} restartPolicy: OnFailure imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/aaf/templates/pv.yaml b/kubernetes/aaf/templates/pv.yaml index d9b58f62ad..9d28184985 100644 --- a/kubernetes/aaf/templates/pv.yaml +++ b/kubernetes/aaf/templates/pv.yaml @@ -14,24 +14,60 @@ # limitations under the License. */}} -{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if and .Values.global.persistence.enabled (not .Values.persistence.config.existingClaim) }} kind: PersistentVolume apiVersion: v1 metadata: - name: {{ include "common.fullname" . }} + name: {{ .Release.Name }}-config namespace: {{ include "common.namespace" . }} labels: - app: {{ include "common.name" . }} + app: {{ include "common.name" . }}-config chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" release: "{{ .Release.Name }}" heritage: "{{ .Release.Service }}" name: {{ include "common.fullname" . }} spec: capacity: - storage: {{ .Values.persistence.size}} + storage: {{ .Values.persistence.config.size}} accessModes: - - {{ .Values.persistence.accessMode }} - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + - {{ .Values.persistence.config.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.config.volumeReclaimPolicy }} hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} -{{- end -}} + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.config.mountSubPath }} +{{- if .Values.persistence.config.storageClass }} +{{- if (eq "-" .Values.persistence.config.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.config.storageClass }}" +{{- end }} +{{- end }} +{{- end }} +--- +{{- if and .Values.global.persistence.enabled (not .Values.persistence.logs.existingClaim) }} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ .Release.Name }}-logs + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }}-logs + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} +spec: + capacity: + storage: {{ .Values.persistence.logs.size}} + accessModes: + - {{ .Values.persistence.logs.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.logs.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.logs.mountSubPath }} +{{- if .Values.persistence.logs.storageClass }} +{{- if (eq "-" .Values.persistence.logs.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.logs.storageClass }}" +{{- end }} +{{- end }} +{{- end }}
\ No newline at end of file diff --git a/kubernetes/aaf/templates/pvc.yaml b/kubernetes/aaf/templates/pvc.yaml index 255c27751c..a9c8b908eb 100644 --- a/kubernetes/aaf/templates/pvc.yaml +++ b/kubernetes/aaf/templates/pvc.yaml @@ -14,35 +14,68 @@ # limitations under the License. */}} -{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if and .Values.global.persistence.enabled (not .Values.persistence.config.existingClaim) }} kind: PersistentVolumeClaim apiVersion: v1 metadata: - name: {{ .Release.Name }}-aaf-pvc + name: {{ .Release.Name }}-config namespace: {{ include "common.namespace" . }} labels: - app: {{ include "common.name" . }} + app: {{ include "common.name" . }}-config chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" release: "{{ .Release.Name }}" heritage: "{{ .Release.Service }}" -{{- if .Values.persistence.annotations }} +{{- if .Values.persistence.config.annotations }} annotations: -{{ toYaml .Values.persistence.annotations | indent 4 }} +{{ toYaml .Values.persistence.config.annotations | indent 4 }} {{- end }} spec: selector: matchLabels: - name: {{ include "common.fullname" . }} + app: {{ include "common.name" . }}-config accessModes: - - {{ .Values.persistence.accessMode }} + - {{ .Values.persistence.config.accessMode }} resources: requests: - storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} + storage: {{ .Values.persistence.config.size }} +{{- if .Values.persistence.config.storageClass }} +{{- if (eq "-" .Values.persistence.config.storageClass) }} storageClassName: "" {{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" + storageClassName: "{{ .Values.persistence.config.storageClass }}" {{- end }} {{- end }} -{{- end -}} +{{- end }} +--- +{{- if and .Values.global.persistence.enabled (not .Values.persistence.logs.existingClaim) }} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ .Release.Name }}-logs + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }}-logs + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +{{- if .Values.persistence.logs.annotations }} + annotations: +{{ toYaml .Values.persistence.logs.annotations | indent 4 }} +{{- end }} +spec: + selector: + matchLabels: + app: {{ include "common.name" . }}-logs + accessModes: + - {{ .Values.persistence.logs.accessMode }} + resources: + requests: + storage: {{ .Values.persistence.logs.size }} +{{- if .Values.persistence.logs.storageClass }} +{{- if (eq "-" .Values.persistence.logs.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.logs.storageClass }}" +{{- end }} +{{- end }} +{{- end -}}
\ No newline at end of file diff --git a/kubernetes/aaf/values.yaml b/kubernetes/aaf/values.yaml index c8f048438b..4cc69c264b 100644 --- a/kubernetes/aaf/values.yaml +++ b/kubernetes/aaf/values.yaml @@ -24,22 +24,23 @@ global: persistence: enabled: true + cadi: + hostname: "aaf.onap" + cadi_latitude: "38.0" + cadi_longitude: "-72.0" + aaf_env: "DEV" + aaf_register_as: "aaf.onap" + cassandraServiceName: aaf-cass + locateServiceName: aaf-locate + ################################################################# # Application configuration defaults. ################################################################# -config: - serviceServiceName: aaf-service - locateServiceName: aaf-locate - cmServiceName: aaf-cm - fsServiceName: aaf-fs - guiServiceName: aaf-gui - helloServiceName: aaf-hello - oauthServiceName: aaf-oauth - csServiceName: aaf-cass - # gerrit branch where the latest aaf/auth/sample/public code exists - gerritProject: http://gerrit.onap.org/r/aaf/authz.git - gerritBranch: master +repository: nexus3.onap.org:10001 +aaf_config: + image: onap/aaf/aaf_config:2.1.2-SNAPSHOT +flavor: small # default number of instances replicaCount: 1 @@ -64,40 +65,31 @@ ingress: ## Persist data to a persitent volume persistence: - ## A manually managed Persistent Volume and Claim - ## Requires persistence.enabled: true - ## If defined, PVC must be created manually before volume will be bound - # existingClaim: - volumeReclaimPolicy: Retain + mountPath: "/mnt/data/aaf" + enabled: true + config: + #existingClaim: + volumeReclaimPolicy: Retain + accessMode: ReadWriteMany + size: 2Gi + mountSubPath: "config" + storageClass: "manual" + logs: + #existingClaim: + volumeReclaimPolicy: Retain + accessMode: ReadWriteMany + size: 2Gi + mountSubPath: "logs" + storageClass: "manual" - ## database data Persistent Volume Storage Class - ## If defined, storageClassName: <storageClass> - ## If set to "-", storageClassName: "", which disables dynamic provisioning - ## If undefined (the default) or set to null, no storageClassName spec is - ## set, choosing the default provisioner. (gp2 on AWS, standard on - ## GKE, AWS & OpenStack) - ## - # storageClass: "-" - accessMode: ReadWriteMany - size: 2Gi - mountPath: /dockerdata-nfs - mountSubPath: aaf/data +aaf-cs: + persistence: + #existingClaim: + mountPath: /dockerdata-nfs + mountSubPath: "cass" + volumeReclaimPolicy: Retain + accessMode: ReadWriteOnce + size: 10Gi + storageClass: "manual" -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # - # Example: - # Configure resource requests and limits - # ref: http://kubernetes.io/docs/user-guide/compute-resources/ - # Minimum memory for development is 2 CPU cores and 4GB memory - # Minimum memory for production is 4 CPU cores and 8GB memory -#resources: -# limits: -# cpu: 2 -# memory: 4Gi -# requests: -# cpu: 2 -# memory: 4Gi +resources: {}
\ No newline at end of file diff --git a/kubernetes/aai/charts/aai-data-router/resources/config/auth/tomcat_keystore b/kubernetes/aai/charts/aai-data-router/resources/config/auth/tomcat_keystore Binary files differindex 9eec841aa2..de5325b4aa 100644 --- a/kubernetes/aai/charts/aai-data-router/resources/config/auth/tomcat_keystore +++ b/kubernetes/aai/charts/aai-data-router/resources/config/auth/tomcat_keystore diff --git a/kubernetes/aai/charts/aai-data-router/resources/config/log/logback.xml b/kubernetes/aai/charts/aai-data-router/resources/config/log/logback.xml new file mode 100644 index 0000000000..d7ff0143a1 --- /dev/null +++ b/kubernetes/aai/charts/aai-data-router/resources/config/log/logback.xml @@ -0,0 +1,193 @@ +<!-- + ============LICENSE_START======================================================= + org.onap.aai + ================================================================================ + Copyright © 2018 AT&T Intellectual Property. All rights reserved. + Copyright © 2018 Amdocs + ================================================================================ + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + ============LICENSE_END========================================================= +--> +<configuration scan="true" scanPeriod="3 seconds" debug="false"> + <!--<jmxConfigurator /> --> + <!-- directory path for all other type logs --> + + <property name="logDir" value="/var/log/onap" /> + + <!-- specify the component name --> + <property name="componentName" value="AAI-DR" /> + + <!-- default eelf log file names --> + <property name="generalLogName" value="error" /> + <property name="metricsLogName" value="metrics" /> + <property name="auditLogName" value="audit" /> + <property name="debugLogName" value="debug" /> + + <property name="errorLogPattern" value="%d{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}|%mdc{RequestId}|%thread|data-router|%mdc{PartnerName}|%logger||%.-5level|%msg%n" /> + <property name="auditMetricPattern" value="%m%n" /> + + <property name="logDirectory" value="${logDir}/${componentName}" /> + + <!-- Example evaluator filter applied against console appender --> + <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> + <encoder> + <pattern>${errorLogPattern}</pattern> + </encoder> + </appender> + + <!-- ============================================================================ --> + <!-- EELF Appenders --> + <!-- ============================================================================ --> + + <!-- The EELFAppender is used to record events to the general application + log --> + + <appender name="EELF" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/${generalLogName}.log</file> + <rollingPolicy + class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/${generalLogName}.%d{yyyy-MM-dd}.log.zip + </fileNamePattern> + <maxHistory>60</maxHistory> + </rollingPolicy> + <encoder> + <pattern>${errorLogPattern}</pattern> + </encoder> + </appender> + <appender name="asyncEELF" class="ch.qos.logback.classic.AsyncAppender"> + <!-- deny all events with a level below INFO, that is TRACE and DEBUG --> + <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> + <level>INFO</level> + </filter> + <queueSize>256</queueSize> + <appender-ref ref="EELF" /> + </appender> + + <!-- EELF Audit Appender. This appender is used to record audit engine + related logging events. The audit logger and appender are specializations + of the EELF application root logger and appender. This can be used to segregate + Policy engine events from other components, or it can be eliminated to record + these events as part of the application root log. --> + + <appender name="EELFAudit" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/${auditLogName}.log</file> + <rollingPolicy + class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.log.zip + </fileNamePattern> + <maxHistory>60</maxHistory> + </rollingPolicy> + <encoder> + <pattern>${auditMetricPattern}</pattern> + </encoder> + </appender> + <appender name="asyncEELFAudit" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>256</queueSize> + <appender-ref ref="EELFAudit" /> + </appender> + + <appender name="EELFMetrics" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/${metricsLogName}.log</file> + <rollingPolicy + class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.log.zip + </fileNamePattern> + <maxHistory>60</maxHistory> + </rollingPolicy> + <encoder> + <!-- <pattern>"%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - + %msg%n"</pattern> --> + <pattern>${auditMetricPattern}</pattern> + </encoder> + </appender> + + <appender name="asyncEELFMetrics" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>256</queueSize> + <appender-ref ref="EELFMetrics"/> + </appender> + + <appender name="EELFDebug" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/${debugLogName}.log</file> + <rollingPolicy + class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.log.zip + </fileNamePattern> + <maxHistory>60</maxHistory> + </rollingPolicy> + <encoder> + <pattern>${errorLogPattern}</pattern> + </encoder> + </appender> + + <appender name="asyncEELFDebug" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>256</queueSize> + <appender-ref ref="EELFDebug" /> + <includeCallerData>false</includeCallerData> + </appender> + + <!-- ============================================================================ --> + <!-- EELF loggers --> + <!-- ============================================================================ --> + <logger name="com.att.eelf" level="info" additivity="false"> + <appender-ref ref="asyncEELF" /> + <appender-ref ref="asyncEELFDebug" /> + </logger> + + <logger name="com.att.eelf.audit" level="info" additivity="false"> + <appender-ref ref="asyncEELFAudit" /> + </logger> + <logger name="com.att.eelf.metrics" level="info" additivity="false"> + <appender-ref ref="asyncEELFMetrics" /> + </logger> + + <!-- Spring related loggers --> + <logger name="org.springframework" level="WARN" /> + <logger name="org.springframework.beans" level="WARN" /> + <logger name="org.springframework.web" level="WARN" /> + <logger name="com.blog.spring.jms" level="WARN" /> + + <!-- Data Router service loggers --> + <logger name="org.onap.aai.data-router" level="INFO" /> + + <!-- Other Loggers that may help troubleshoot --> + <logger name="net.sf" level="WARN" /> + <logger name="org.apache" level="WARN" /> + <logger name="org.apache.commons.httpclient" level="WARN" /> + <logger name="org.apache.commons" level="WARN" /> + <logger name="org.apache.coyote" level="WARN" /> + <logger name="org.apache.jasper" level="WARN" /> + + <!-- Camel Related Loggers (including restlet/servlet/jaxrs/cxf logging. + May aid in troubleshooting) --> + <logger name="org.apache.camel" level="WARN" /> + <logger name="org.apache.cxf" level="WARN" /> + <logger name="org.apache.camel.processor.interceptor" level="WARN" /> + <logger name="org.apache.cxf.jaxrs.interceptor" level="WARN" /> + <logger name="org.apache.cxf.service" level="WARN" /> + <logger name="org.restlet" level="WARN" /> + <logger name="org.apache.camel.component.restlet" level="WARN" /> + + <!-- logback internals logging --> + <logger name="ch.qos.logback.classic" level="WARN" /> + <logger name="ch.qos.logback.core" level="WARN" /> + + <root> + <appender-ref ref="asyncEELF" /> + <!-- <appender-ref ref="asyncEELFDebug" /> --> + </root> + +</configuration> diff --git a/kubernetes/aai/charts/aai-data-router/resources/config/schemaIngest.properties b/kubernetes/aai/charts/aai-data-router/resources/config/schemaIngest.properties index d0916515fe..8c680b5820 100644 --- a/kubernetes/aai/charts/aai-data-router/resources/config/schemaIngest.properties +++ b/kubernetes/aai/charts/aai-data-router/resources/config/schemaIngest.properties @@ -20,13 +20,27 @@ # ============LICENSE_END=========================================================
#
-# Properties for the SchemaLocationsBean
-# The AAI Schema jar will be unpacked to bundleconfig/etc
-schemaConfig=NA
-# OXM files named aai_oxm_v*.xml are unpacked here:
-nodeDir=/opt/app/data-router/bundleconfig/etc/oxm
-# DB Edge Rules are unpacked here:
+# Properties for the SchemaLocationsBean
+# Files named aai_oxm_v*.xml are unpacked here:
+nodeDir=/opt/app/data-router/onap/oxm
+# Dummy folder/directory:
edgeDir=
-# DB Edge Property files are copied here:
-edgePropsDir=
+
+# Properties required by the aai-common - aai-schema-ingest lib as of 1.3.0
+schema.configuration.location=N/A
+schema.nodes.location=/opt/app/data-router/onap/oxm/
+schema.edges.location=
+# These versions need to exist if they are included in the list
+schema.version.list=v9,v10,v11,v12,v13,v14
+# Decalares the oxm version to load
+schema.version.api.default=v14
+
+# Don't use these properties in our application, need to be set to prevent an exception on startup (see SchemaVersions bean)
+schema.version.depth.start=v14
+schema.version.related.link.start=v14
+schema.version.app.root.start=v14
+schema.version.namespace.change.start=v14
+schema.version.edge.label.start=v14
+~
+
diff --git a/kubernetes/aai/charts/aai-data-router/resources/dynamic/conf/data-router-oxm.xml b/kubernetes/aai/charts/aai-data-router/resources/dynamic/conf/data-router-oxm.xml new file mode 100644 index 0000000000..c945c39876 --- /dev/null +++ b/kubernetes/aai/charts/aai-data-router/resources/dynamic/conf/data-router-oxm.xml @@ -0,0 +1,22 @@ +<beans xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xmlns="http://www.springframework.org/schema/beans" xmlns:context="http://www.springframework.org/schema/context" + xmlns:task="http://www.springframework.org/schema/task" + xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd + http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.2.xsd + http://www.springframework.org/schema/task http://www.springframework.org/schema/task/spring-task.xsd"> + + <context:property-placeholder + location="file:${CONFIG_HOME}/schemaIngest.properties" + ignore-unresolvable="true" /> + + <bean id="schemaLocationsBean" class="org.onap.aai.setup.SchemaLocationsBean"> + <!-- When running with AJSC these properties must be injected directly. + The reason for this is unknown. --> + <property name="nodeDirectory" value="${nodeDir}" /> + <property name="edgeDirectory" value="${edgeDir}" /> + </bean> + + <bean id="schemaVersions" class="org.onap.aai.setup.SchemaVersions"/> + +</beans> + diff --git a/kubernetes/aai/charts/aai-data-router/resources/dynamic/conf/entity-event-policy.xml b/kubernetes/aai/charts/aai-data-router/resources/dynamic/conf/entity-event-policy.xml index acfe0a5933..b5e4129595 100644 --- a/kubernetes/aai/charts/aai-data-router/resources/dynamic/conf/entity-event-policy.xml +++ b/kubernetes/aai/charts/aai-data-router/resources/dynamic/conf/entity-event-policy.xml @@ -32,11 +32,13 @@ <property name="searchCertName" value="client-cert-onap.p12" /> <property name="searchKeystorePwd" value="OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10" /> <property name="searchKeystore" value="tomcat_keystore" /> + <property name="schemaVersions" ref="schemaVersions" /> + <property name="schemaLocationsBean" ref="schemaLocationsBean" /> </bean> - <bean id="consumerBeanEntityEvent" class="org.onap.aai.event.client.DMaaPEventConsumer " > - <constructor-arg name="host" value="message-router.{{.Release.Namespace}}:3904" /> - <constructor-arg name="topic" value="AAI-EVENT" /> + <bean id="consumerBeanEntityEvent" class="org.onap.aai.event.client.DMaaPEventConsumer" > + <constructor-arg name="host" value="message-router.{{.Release.Namespace}}:{{.Values.event.port.dmaap}}" /> + <constructor-arg name="topic" value="{{.Values.event.consumer.topic}}" /> <constructor-arg name="username" value="" /> <constructor-arg name="password" value="" /> <constructor-arg name="consumerGroup" value="datarouter" /> @@ -44,6 +46,8 @@ <constructor-arg name="timeoutMs" value="1000" /> <constructor-arg name="messageLimit" value="100" /> <constructor-arg name="transportType" value="HTTPAUTH" /> + <constructor-arg name="protocol" value="{{.Values.event.protocol}}" /> + <constructor-arg name="filter"><null /></constructor-arg> </bean> <bean id="entityEventPolicy" class="org.onap.aai.datarouter.policy.EntityEventPolicy" init-method="startup" > diff --git a/kubernetes/aai/charts/aai-data-router/templates/configmap.yaml b/kubernetes/aai/charts/aai-data-router/templates/configmap.yaml index 6cfc3bef7a..c8532b2ffc 100644 --- a/kubernetes/aai/charts/aai-data-router/templates/configmap.yaml +++ b/kubernetes/aai/charts/aai-data-router/templates/configmap.yaml @@ -37,4 +37,32 @@ metadata: heritage: {{ .Release.Service }} data: {{ tpl (.Files.Glob "resources/dynamic/routes/entity-event.route").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/dynamic/conf/data-router-oxm.xml").AsConfig . | indent 2 }} {{ tpl (.Files.Glob "resources/dynamic/conf/entity-event-policy.xml").AsConfig . | indent 2 }} + +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-log-configmap + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/log/*").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-filebeat-configmap + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/log/filebeat/*").AsConfig . | indent 2 }} diff --git a/kubernetes/aai/charts/aai-data-router/templates/deployment.yaml b/kubernetes/aai/charts/aai-data-router/templates/deployment.yaml index 8ab2d3383a..a7ecbce96a 100644 --- a/kubernetes/aai/charts/aai-data-router/templates/deployment.yaml +++ b/kubernetes/aai/charts/aai-data-router/templates/deployment.yaml @@ -94,8 +94,17 @@ spec: - mountPath: /opt/app/data-router/dynamic/conf/entity-event-policy.xml subPath: entity-event-policy.xml name: {{ include "common.fullname" . }}-dynamic-policy - - mountPath: /logs/ + - mountPath: /opt/app/data-router/dynamic/conf/data-router-oxm.xml + subPath: data-router-oxm.xml + name: {{ include "common.fullname" . }}-dynamic-oxm + - mountPath: /opt/app/data-router/bundleconfig/etc/logback.xml + name: {{ include "common.fullname" . }}-logback-config + subPath: logback.xml + - mountPath: /var/log/onap name: {{ include "common.fullname" . }}-logs + - mountPath: /logs + name: {{ include "common.fullname" . }}-logs + ports: - containerPort: {{ .Values.service.internalPort }} {{- if eq .Values.liveness.enabled true }} @@ -112,10 +121,30 @@ spec: periodSeconds: {{ .Values.readiness.periodSeconds }} resources: {{ include "common.resources" . | indent 12 }} + + # side car containers + - name: filebeat-onap + image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - mountPath: /usr/share/filebeat/filebeat.yml + subPath: filebeat.yml + name: filebeat-conf + - mountPath: /var/log/onap + name: {{ include "common.fullname" . }}-logs + - mountPath: /logs + name: {{ include "common.fullname" . }}-logs + - mountPath: /usr/share/filebeat/data + name: aai-filebeat volumes: - name: localtime hostPath: path: /etc/localtime + - name: filebeat-conf + configMap: + name: aai-filebeat + - name: aai-filebeat + emptyDir: {} - name: {{ include "common.fullname" . }}-auth secret: secretName: {{ include "common.fullname" . }} @@ -133,9 +162,17 @@ spec: - name: {{ include "common.fullname" . }}-dynamic-policy configMap: name: {{ include "common.fullname" . }}-dynamic + - name: {{ include "common.fullname" . }}-dynamic-oxm + configMap: + name: {{ include "common.fullname" . }}-dynamic - name: {{ include "common.fullname" . }}-logs - hostPath: - path: {{ .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} + emptyDir: {} + - name: {{ include "common.fullname" . }}-logback-config + configMap: + name: {{ include "common.fullname" . }}-log-configmap + items: + - key: logback.xml + path: logback.xml restartPolicy: {{ .Values.global.restartPolicy | default .Values.restartPolicy }} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/aai/charts/aai-data-router/values.yaml b/kubernetes/aai/charts/aai-data-router/values.yaml index ba4258257a..c1fa49f3f0 100644 --- a/kubernetes/aai/charts/aai-data-router/values.yaml +++ b/kubernetes/aai/charts/aai-data-router/values.yaml @@ -17,7 +17,7 @@ # Declare variables to be passed into your templates. global: # global defaults nodePortPrefix: 302 - + loggingImage: beats/filebeat:5.5.0 # application image repository: nexus3.onap.org:10001 @@ -97,4 +97,12 @@ resources: requests: cpu: 4 memory: 8Gi - unlimited: {}
\ No newline at end of file + unlimited: {} + +# Entity Event route configuration +event: + port: + dmaap: 3905 + protocol: https + consumer: + topic: AAI-EVENT diff --git a/kubernetes/aai/charts/aai-graphadmin/resources/config/realm.properties b/kubernetes/aai/charts/aai-graphadmin/resources/config/realm.properties index 573cd2a11d..8a14f81606 100644 --- a/kubernetes/aai/charts/aai-graphadmin/resources/config/realm.properties +++ b/kubernetes/aai/charts/aai-graphadmin/resources/config/realm.properties @@ -39,3 +39,5 @@ sdc@sdc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin vid@vid.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin appc@appc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin oof@oof.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin +pomba@pomba.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin +vfc@vfc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin diff --git a/kubernetes/aai/charts/aai-resources/resources/config/realm.properties b/kubernetes/aai/charts/aai-resources/resources/config/realm.properties index 2aa3e01a3a..1efcfbee03 100644 --- a/kubernetes/aai/charts/aai-resources/resources/config/realm.properties +++ b/kubernetes/aai/charts/aai-resources/resources/config/realm.properties @@ -34,3 +34,5 @@ sdc@sdc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin vid@vid.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin appc@appc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin oof@oof.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin +pomba@pomba.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin +vfc@vfc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin diff --git a/kubernetes/aai/charts/aai-sparky-be/resources/config/portal/roles.config b/kubernetes/aai/charts/aai-sparky-be/resources/config/roles.config index ee131d8414..ee131d8414 100644 --- a/kubernetes/aai/charts/aai-sparky-be/resources/config/portal/roles.config +++ b/kubernetes/aai/charts/aai-sparky-be/resources/config/roles.config diff --git a/kubernetes/aai/charts/aai-sparky-be/resources/config/users.config b/kubernetes/aai/charts/aai-sparky-be/resources/config/users.config new file mode 100644 index 0000000000..ce69e88918 --- /dev/null +++ b/kubernetes/aai/charts/aai-sparky-be/resources/config/users.config @@ -0,0 +1,20 @@ +[{
+ "orgId": null,
+ "managerId": null,
+ "firstName": "Demo",
+ "middleInitial": null,
+ "lastName": "User",
+ "phone": null,
+ "email": "demo@email.com",
+ "hrid": null,
+ "orgUserId": "demo",
+ "orgCode": null,
+ "orgManagerUserId": null,
+ "jobTitle": null,
+ "loginId": "demo",
+ "active": false,
+ "roles": [{
+ "id": 1,
+ "name": "View"
+ }]
+}]
\ No newline at end of file diff --git a/kubernetes/aai/charts/aai-sparky-be/templates/configmap.yaml b/kubernetes/aai/charts/aai-sparky-be/templates/configmap.yaml index 055c5ba116..50238aaea3 100644 --- a/kubernetes/aai/charts/aai-sparky-be/templates/configmap.yaml +++ b/kubernetes/aai/charts/aai-sparky-be/templates/configmap.yaml @@ -29,6 +29,8 @@ data: {{ tpl (.Files.Glob "resources/config/application-oxm-default.properties").AsConfig . | indent 2 }} {{ tpl (.Files.Glob "resources/config/application-oxm-override.properties").AsConfig . | indent 2 }} {{ tpl (.Files.Glob "resources/config/application-oxm-schema-prod.properties").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/config/roles.config").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/config/users.config").AsConfig . | indent 2 }} --- apiVersion: v1 kind: ConfigMap diff --git a/kubernetes/aai/charts/aai-sparky-be/templates/deployment.yaml b/kubernetes/aai/charts/aai-sparky-be/templates/deployment.yaml index 3ecbd80340..6a992dd618 100644 --- a/kubernetes/aai/charts/aai-sparky-be/templates/deployment.yaml +++ b/kubernetes/aai/charts/aai-sparky-be/templates/deployment.yaml @@ -98,6 +98,14 @@ spec: - mountPath: /opt/app/sparky/config/application-oxm-schema-prod.properties name: {{ include "common.fullname" . }}-properties subPath: application-oxm-schema-prod.properties + + - mountPath: /opt/app/sparky/config/roles.config + name: {{ include "common.fullname" . }}-properties + subPath: roles.config + + mountPath: /opt/app/sparky/config/users.config + name: {{ include "common.fullname" . }}-properties + subPath: users.config ports: - containerPort: {{ .Values.service.internalPort }} diff --git a/kubernetes/aai/charts/aai-traversal/resources/config/realm.properties b/kubernetes/aai/charts/aai-traversal/resources/config/realm.properties index 2aa3e01a3a..1efcfbee03 100644 --- a/kubernetes/aai/charts/aai-traversal/resources/config/realm.properties +++ b/kubernetes/aai/charts/aai-traversal/resources/config/realm.properties @@ -34,3 +34,5 @@ sdc@sdc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin vid@vid.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin appc@appc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin oof@oof.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin +pomba@pomba.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin +vfc@vfc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin diff --git a/kubernetes/appc/resources/config/log/org.ops4j.pax.logging.cfg b/kubernetes/appc/resources/config/log/org.ops4j.pax.logging.cfg index 8e1160ec6b..0bbdbb7dcd 100644 --- a/kubernetes/appc/resources/config/log/org.ops4j.pax.logging.cfg +++ b/kubernetes/appc/resources/config/log/org.ops4j.pax.logging.cfg @@ -1,4 +1,3 @@ -# Modifications Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. ################################################################################ # # Licensed to the Apache Software Foundation (ASF) under one or more @@ -18,135 +17,76 @@ # ################################################################################ -# Root logger -log4j.rootLogger=INFO, async, osgi:* -log4j.throwableRenderer=org.apache.log4j.OsgiThrowableRenderer - -maxFileSize=100MB -maxBackupIndex=20 -logDir=/var/log/onap -componentName=appc -logDirectory=${logDir}/${componentName} -karafLogName=karaf -errorLogName=error -metricsLogName=metrics -auditLogName=audit -debugLogName=debug - - -# CONSOLE appender not used by default -log4j.appender.stdout=org.apache.log4j.ConsoleAppender -log4j.appender.stdout.layout=org.apache.log4j.PatternLayout -log4j.appender.stdout.layout.ConversionPattern=%d{yyyy-MM-dd'T'HH:mm:ss.SSS}\t%-16.16t\t%-5.5p\t%c{36}\t%X{bundle.id} - %X{bundle.name} - %X{bundle.version}\t%m%n - -# Async appender forwarding to file appender -log4j.appender.async=org.apache.log4j.AsyncAppender -log4j.appender.async.appenders=out - -# File appender -log4j.appender.out=org.apache.log4j.RollingFileAppender -log4j.appender.out.layout=org.apache.log4j.xml.XMLLayout -log4j.appender.out.layout.Properties=true -log4j.appender.out.file=${logDirectory}/${karafLogName}.log -log4j.appender.out.append=true -log4j.appender.out.maxFileSize=${maxFileSize} -log4j.appender.out.maxBackupIndex=${maxBackupIndex} - -# Sift appender -log4j.appender.sift=org.apache.log4j.sift.MDCSiftingAppender -log4j.appender.sift.key=bundle.name -log4j.appender.sift.default=karaf -log4j.appender.sift.appender=org.apache.log4j.RollingFileAppender -log4j.appender.sift.appender.layout=org.apache.log4j.xml.XMLLayout -log4j.appender.sift.appender.layout.Properties=true -log4j.appender.sift.appender.file=${logDirectory}/$\\{bundle.name\\}.log -log4j.appender.sift.appender.append=true - - - -log4j.category.org.opendaylight.controller.netconf.persist.impl.osgi.ConfigPusherImpl=DEBUG -log4j.category.org.opendaylight.controller.netconf.persist.impl.osgi.ConfigPersisterActivator=DEBUG - - -#ECOMP Debug appender -log4j.appender.debug=org.apache.log4j.RollingFileAppender -log4j.appender.debug.key=bundle.name -log4j.appender.debug.default=karaf -log4j.appender.debug.appName=EELFDebug -log4j.appender.debug.layout=org.apache.log4j.xml.XMLLayout -log4j.appender.debug.layout.Properties=true -log4j.appender.debug.file=${logDirectory}/${debugLogName}.log -log4j.appender.debug.append=true -log4j.appender.debug.maxFileSize=${maxFileSize} -log4j.appender.debug.maxBackupIndex=${maxBackupIndex} -#log4j.appender.debug.filter.f1=org.apache.log4j.varia.LevelRangeFilter -#log4j.appender.debug.filter.f1.LevelMax=WARN -#log4j.appender.debug.filter.f1.LevelMin=TRACE +# Common pattern layout for appenders +log4j2.pattern = %d{ISO8601} | %-5p | %-16t | %-32c{1} | %X{bundle.id} - %X{bundle.name} - %X{bundle.version} | %m%n +# Root logger +log4j2.rootLogger.level = INFO +# uncomment to use asynchronous loggers, which require mvn:com.lmax/disruptor/3.3.2 library +#log4j2.rootLogger.type = asyncRoot +#log4j2.rootLogger.includeLocation = false +log4j2.rootLogger.appenderRef.RollingFile.ref = RollingFile +log4j2.rootLogger.appenderRef.PaxOsgi.ref = PaxOsgi +log4j2.rootLogger.appenderRef.Console.ref = Console +log4j2.rootLogger.appenderRef.Console.filter.threshold.type = ThresholdFilter +log4j2.rootLogger.appenderRef.Console.filter.threshold.level = ${karaf.log.console:-OFF} + +# Loggers configuration + +# Spifly logger +log4j2.logger.spifly.name = org.apache.aries.spifly +log4j2.logger.spifly.level = WARN + +# Security audit logger +log4j2.logger.audit.name = org.apache.karaf.jaas.modules.audit +log4j2.logger.audit.level = INFO +log4j2.logger.audit.additivity = false +log4j2.logger.audit.appenderRef.AuditRollingFile.ref = AuditRollingFile + +# Appenders configuration + +# Console appender not used by default (see log4j2.rootLogger.appenderRefs) +log4j2.appender.console.type = Console +log4j2.appender.console.name = Console +log4j2.appender.console.layout.type = PatternLayout +log4j2.appender.console.layout.pattern = ${log4j2.pattern} + +# Rolling file appender +log4j2.appender.rolling.type = RollingRandomAccessFile +log4j2.appender.rolling.name = RollingFile +log4j2.appender.rolling.fileName = ${karaf.data}/log/karaf.log +log4j2.appender.rolling.filePattern = ${karaf.data}/log/karaf.log.%i +# uncomment to not force a disk flush +#log4j2.appender.rolling.immediateFlush = false +log4j2.appender.rolling.append = true +log4j2.appender.rolling.layout.type = PatternLayout +log4j2.appender.rolling.layout.pattern = ${log4j2.pattern} +log4j2.appender.rolling.policies.type = Policies +log4j2.appender.rolling.policies.size.type = SizeBasedTriggeringPolicy +log4j2.appender.rolling.policies.size.size = 16MB + +# Audit file appender +log4j2.appender.audit.type = RollingRandomAccessFile +log4j2.appender.audit.name = AuditRollingFile +log4j2.appender.audit.fileName = ${karaf.data}/security/audit.log +log4j2.appender.audit.filePattern = ${karaf.data}/security/audit.log.%i +log4j2.appender.audit.append = true +log4j2.appender.audit.layout.type = PatternLayout +log4j2.appender.audit.layout.pattern = ${log4j2.pattern} +log4j2.appender.audit.policies.type = Policies +log4j2.appender.audit.policies.size.type = SizeBasedTriggeringPolicy +log4j2.appender.audit.policies.size.size = 8MB + +# OSGi appender +log4j2.appender.osgi.type = PaxOsgi +log4j2.appender.osgi.name = PaxOsgi +log4j2.appender.osgi.filter = * + +# help with identification of maven-related problems with pax-url-aether +#log4j2.logger.aether.name = shaded.org.eclipse.aether +#log4j2.logger.aether.level = TRACE +#log4j2.logger.http-headers.name = shaded.org.apache.http.headers +#log4j2.logger.http-headers.level = DEBUG +#log4j2.logger.maven.name = org.ops4j.pax.url.mvn +#log4j2.logger.maven.level = TRACE -#Error appender -log4j.appender.error=org.apache.log4j.RollingFileAppender -log4j.appender.error.appName=EELFError -log4j.appender.error.File=${logDirectory}/${errorLogName}.log -log4j.appender.error.Threshold=ERROR -log4j.appender.error.maxFileSize=${maxFileSize} -log4j.appender.error.maxBackupIndex=${maxBackupIndex} -log4j.appender.error.layout=org.apache.log4j.xml.XMLLayout -log4j.appender.error.layout.Properties=true - -#Metrics appender -log4j.appender.metric=org.apache.log4j.RollingFileAppender -log4j.appender.metric.appName=EELFMetrics -log4j.appender.metric.File=${logDirectory}/${metricsLogName}.log -log4j.appender.metric.maxFileSize=${maxFileSize} -log4j.appender.metric.maxBackupIndex=${maxBackupIndex} -log4j.appender.metric.layout=org.apache.log4j.xml.XMLLayout -log4j.appender.metric.layout.Properties=true - -#Audit appender -log4j.appender.audit=org.apache.log4j.RollingFileAppender -log4j.appender.audit.appName=EELFAudit -log4j.appender.audit.File=${logDirectory}/${auditLogName}.log -log4j.appender.audit.maxFileSize=${maxFileSize} -log4j.appender.audit.maxBackupIndex=${maxBackupIndex} -log4j.appender.audit.layout=org.apache.log4j.xml.XMLLayout -log4j.appender.audit.layout.Properties=true - -#Loggers -#Routing of all messages from root logger -log4j.logger.com.att=TRACE, debug, error -#Store to the same log file messages from upper level appender or not -log4j.additivity.com.att=false - -#EELFManager loggers -#EELF parent logger -log4j.logger.com.att.eelf=TRACE, debug -log4j.additivity.com.att.eelf=false - -#Audit logger routing -log4j.logger.com.att.eelf.audit=DEBUG, audit -log4j.additivity.com.att.eelf.audit=false - -#Metric logger routing -log4j.logger.com.att.eelf.metrics=DEBUG, metric -log4j.additivity.com.att.eelf.metrics=false - -#Performance logger routing -log4j.logger.com.att.eelf.perf=DEBUG, metric -log4j.additivity.com.att.eelf.perf=false - -#Server logger routing -log4j.logger.com.att.eelf.server=DEBUG, debug -log4j.additivity.com.att.eelf.server=false - -#Policy logger routing -log4j.logger.com.att.eelf.policy=DEBUG, debug -log4j.additivity.com.att.eelf.policy=false - -#Error logger routing -log4j.logger.com.att.eelf.error=DEBUG, error -log4j.additivity.com.att.eelf.error=false - -#Debug logger routing -log4j.logger.com.att.eelf.debug=DEBUG, debug -log4j.additivity.com.att.eelf.debug=false diff --git a/kubernetes/clamp/charts/clamp-dash-es/resources/config/elasticsearch.yml b/kubernetes/clamp/charts/clamp-dash-es/resources/config/elasticsearch.yml index 15edc4528a..996d218ada 100644 --- a/kubernetes/clamp/charts/clamp-dash-es/resources/config/elasticsearch.yml +++ b/kubernetes/clamp/charts/clamp-dash-es/resources/config/elasticsearch.yml @@ -130,17 +130,17 @@ http.port: {{.Values.service.externalPort}} # More info: transport.tcp.port: {{.Values.service.externalPort2}} -xpack.graph.enabled: false +#xpack.graph.enabled: false #Set to false to disable X-Pack graph features. -xpack.ml.enabled: false +#xpack.ml.enabled: false #Set to false to disable X-Pack machine learning features. -xpack.monitoring.enabled: false +#xpack.monitoring.enabled: false #Set to false to disable X-Pack monitoring features. -xpack.security.enabled: false +#xpack.security.enabled: false #Set to false to disable X-Pack security features. -xpack.watcher.enabled: false +#xpack.watcher.enabled: false #Set to false to disable Watcher. diff --git a/kubernetes/clamp/charts/clamp-dash-es/values.yaml b/kubernetes/clamp/charts/clamp-dash-es/values.yaml index eb0588ff31..98ce044d03 100644 --- a/kubernetes/clamp/charts/clamp-dash-es/values.yaml +++ b/kubernetes/clamp/charts/clamp-dash-es/values.yaml @@ -31,7 +31,7 @@ busyboxImage: library/busybox:latest # application image loggingRepository: docker.elastic.co -image: elasticsearch/elasticsearch:5.6.9 +image: elasticsearch/elasticsearch-oss:6.1.3 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/clamp/charts/clamp-dash-kibana/resources/config/default.json b/kubernetes/clamp/charts/clamp-dash-kibana/resources/config/default.json deleted file mode 100644 index 6e8fa5f590..0000000000 --- a/kubernetes/clamp/charts/clamp-dash-kibana/resources/config/default.json +++ /dev/null @@ -1,18 +0,0 @@ -{"_index":".kibana","_type":"visualization","_id":"AWI967sW8kHy-lwNJZrR","_score":1,"_source":{"title":"CL Total Activity","visState":"{\"title\":\"CL Total Activity\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"type\":\"table\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"eventDuration\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"closedLoopControlName.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}","uiStateJSON":"{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}","description":"","savedSearchId":"AWIk9P-qDjJ4k3sPXRcQ","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"filter\":[]}"}}} -{"_index":".kibana","_type":"index-pattern","_id":"AWIk7j2UDjJ4k3sPXRaY","_score":1,"_source":{"title":"logstash-*","timeFieldName":"closedLoopAlarmStart","notExpandable":true,"fields":"[{\"name\":\"@timestamp\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"@version\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"@version.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"AAI.cloud-region.identity-url\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"AAI.cloud-region.identity-url.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"AAI.complex.physical-location-id\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"AAI.complex.physical-location-id.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"AAI.generic-vnf.service-id\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"AAI.generic-vnf.service-id.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"AAI.generic-vnf.vnf-name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"AAI.generic-vnf.vnf-name.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"AAI.tenant.tenant-id\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"AAI.tenant.tenant-id.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"AAI.vserver.is-closed-loop-disabled\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"AAI.vserver.is-closed-loop-disabled.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"AAI.vserver.prov-status\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"AAI.vserver.prov-status.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"AAI.vserver.vserver-id\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"AAI.vserver.vserver-id.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"AAI.vserver.vserver-name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"AAI.vserver.vserver-name.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"AAI.vserver.vserver-selflink\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"AAI.vserver.vserver-selflink.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"OPS_CL_timer\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"_id\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_index\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"_score\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_source\",\"type\":\"_source\",\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_type\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"closedLoopAlarmEnd\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"closedLoopAlarmStart\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"closedLoopControlName\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"closedLoopControlName.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"closedLoopEventClient\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"closedLoopEventClient.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"closedLoopEventStatus\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"closedLoopEventStatus.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"from\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"from.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"history.actor\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"history.actor.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"history.end\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"history.message\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"history.message.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"history.operation\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"history.operation.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"history.outcome\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"history.outcome.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"history.start\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"history.subRequestId\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"history.subRequestId.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"history.target\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"history.target.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"notification\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"notification.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"notificationTime\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"policyName\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"policyName.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"policyScope\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"policyScope.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"policyVersion\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"policyVersion.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"requestID\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"requestID.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"target\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"target.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"target_type\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"target_type.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"version\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"version.keyword\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"eventDuration\",\"type\":\"number\",\"count\":0,\"scripted\":true,\"script\":\"if (doc.containsKey('closedLoopEventStatus') && doc.get('closedLoopEventStatus.keyword').value == 'ABATED') { \\n return doc.get('closedLoopAlarmEnd').value- doc.get('closedLoopAlarmStart').value; \\n} \\nreturn null\",\"lang\":\"painless\",\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false}]","fieldFormatMap":"{\"eventDuration\":{\"id\":\"duration\",\"params\":{\"inputFormat\":\"milliseconds\"}}}"}} -{"_index":".kibana","_type":"visualization","_id":"AWIk-5O-DjJ4k3sPXRd1","_score":1,"_source":{"title":"ClosedLoopActivationsTable","visState":"{\"title\":\"ClosedLoopActivationsTable\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":true,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"type\":\"table\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"closedLoopControlName.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}","uiStateJSON":"{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}","description":"","savedSearchId":"AWIk8yDIDjJ4k3sPXRbu","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"filter\":[]}"}}} -{"_index":".kibana","_type":"search","_id":"AWIk9P-qDjJ4k3sPXRcQ","_score":1,"_source":{"title":"ABATED","description":"","columns":["closedLoopAlarmStart","closedLoopAlarmEnd","closedLoopControlName","closedLoopEventStatus","notification"],"sort":["closedLoopAlarmStart","desc"],"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"index\":\"AWIk7j2UDjJ4k3sPXRaY\",\"highlightAll\":true,\"version\":true,\"query\":{\"query_string\":{\"query\":\"closedLoopEventStatus: \\\"ABATED\\\"\",\"analyze_wildcard\":true}},\"filter\":[{\"meta\":{\"index\":\"AWIk7j2UDjJ4k3sPXRaY\",\"negate\":false,\"disabled\":false,\"alias\":\"ABATED\",\"type\":\"phrase\",\"key\":\"closedLoopEventStatus.keyword\",\"value\":\"ABATED\"},\"query\":{\"match\":{\"closedLoopEventStatus.keyword\":{\"query\":\"ABATED\",\"type\":\"phrase\"}}},\"$state\":{\"store\":\"appState\"}},{\"meta\":{\"index\":\"AWIk7j2UDjJ4k3sPXRaY\",\"negate\":false,\"disabled\":true,\"alias\":\"ONSET\",\"type\":\"phrase\",\"key\":\"closedLoopEventStatus.keyword\",\"value\":\"ONSET\"},\"query\":{\"match\":{\"closedLoopEventStatus.keyword\":{\"query\":\"ONSET\",\"type\":\"phrase\"}}},\"$state\":{\"store\":\"appState\"}}]}"}}} -{"_index":".kibana","_type":"config","_id":"5.6.7","_score":1,"_source":{"buildNum":15610,"defaultIndex":"AWIk7j2UDjJ4k3sPXRaY"}} -{"_index":".kibana","_type":"visualization","_id":"AWIlBLT7DjJ4k3sPXRe7","_score":1,"_source":{"title":"Closed loop failed action : needs attention","visState":"{\"title\":\"Closed loop failed action : needs attention\",\"type\":\"table\",\"params\":{\"perPage\":5,\"showMeticsAtAllLevels\":false,\"showPartialRows\":false,\"showTotal\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"totalFunc\":\"sum\",\"type\":\"table\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"closedLoopControlName.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}","uiStateJSON":"{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}","description":"","savedSearchId":"AWIlAjTaDjJ4k3sPXRe1","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"filter\":[]}"}}} -{"_index":".kibana","_type":"visualization","_id":"AWI91Rvl8kHy-lwNJZrN","_score":1,"_source":{"title":"CL efficiency - CL reponse time","visState":"{\"title\":\"CL efficiency - CL reponse time\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"type\":\"table\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"avg\",\"schema\":\"metric\",\"params\":{\"field\":\"eventDuration\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"closedLoopControlName.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}","uiStateJSON":"{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}","description":"","savedSearchId":"AWIk9P-qDjJ4k3sPXRcQ","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"filter\":[]}"}}} -{"_index":".kibana","_type":"visualization","_id":"AWJxqD67B2zw2CQxMIeq","_score":1,"_source":{"title":"Top Error Messages","visState":"{\"title\":\"Top Error Messages\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"type\":\"table\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"history.actor.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Actor\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"history.message.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Message\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"history.operation.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Operation\"}}],\"listeners\":{}}","uiStateJSON":"{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}","description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"index\":\"AWIk7j2UDjJ4k3sPXRaY\",\"query\":{\"match_all\":{}},\"filter\":[]}"}}} -{"_index":".kibana","_type":"visualization","_id":"AWI922pp8kHy-lwNJZrP","_score":1,"_source":{"title":"CLEventDurationTables","visState":"{\"title\":\"CLEventDurationTables\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"type\":\"table\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"max\",\"schema\":\"metric\",\"params\":{\"field\":\"eventDuration\",\"customLabel\":\"Event Duration\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"split\",\"params\":{\"field\":\"closedLoopControlName.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"_term\",\"row\":true}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"requestID.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"_term\"}}],\"listeners\":{}}","uiStateJSON":"{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}","description":"","savedSearchId":"AWIk9P-qDjJ4k3sPXRcQ","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"filter\":[]}"}}} -{"_index":".kibana","_type":"visualization","_id":"AWIk_VLEDjJ4k3sPXReS","_score":1,"_source":{"title":"Top 5 closed loop success action","visState":"{\"title\":\"Top 5 closed loop success action\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":true,\"totalFunc\":\"sum\",\"type\":\"table\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"closedLoopControlName.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}","uiStateJSON":"{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}","description":"","savedSearchId":"AWIk9P-qDjJ4k3sPXRcQ","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"filter\":[]}"}}} -{"_index":".kibana","_type":"visualization","_id":"AWJoFDTyr1AwiIiFoV5R","_score":1,"_source":{"title":"Hottest closed loops","visState":"{\"title\":\"Hottest closed loops\",\"type\":\"pie\",\"params\":{\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":false,\"type\":\"pie\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"closedLoopControlName.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}","uiStateJSON":"{\"vis\":{\"legendOpen\":true}}","description":"","savedSearchId":"AWIk8yDIDjJ4k3sPXRbu","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"filter\":[]}"}}} -{"_index":".kibana","_type":"search","_id":"AWJsTEvYr1AwiIiFoV6S","_score":1,"_source":{"title":"FINAL: FAILURE","description":"","columns":["notification"],"sort":["closedLoopAlarmStart","desc"],"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"index\":\"AWIk7j2UDjJ4k3sPXRaY\",\"highlightAll\":true,\"version\":true,\"query\":{\"match_all\":{}},\"filter\":[{\"meta\":{\"negate\":false,\"index\":\"AWIk7j2UDjJ4k3sPXRaY\",\"type\":\"phrase\",\"key\":\"notification\",\"value\":\"FINAL: FAILURE\",\"disabled\":false,\"alias\":null},\"query\":{\"match\":{\"notification\":{\"query\":\"FINAL: FAILURE\",\"type\":\"phrase\"}}},\"$state\":{\"store\":\"appState\"}}]}"}}} -{"_index":".kibana","_type":"visualization","_id":"AWJsT-HUr1AwiIiFoV6T","_score":1,"_source":{"title":"CL Efficiency - Failed actions","visState":"{\"title\":\"CL Efficiency - Failed actions\",\"type\":\"gauge\",\"params\":{\"addLegend\":true,\"addTooltip\":true,\"gauge\":{\"backStyle\":\"Full\",\"colorSchema\":\"Green to Red\",\"colorsRange\":[{\"from\":0,\"to\":4},{\"from\":4,\"to\":6},{\"from\":7,\"to\":10}],\"extendRange\":false,\"gaugeColorMode\":\"Labels\",\"gaugeStyle\":\"Full\",\"gaugeType\":\"Arc\",\"invertColors\":false,\"labels\":{\"color\":\"black\",\"show\":true},\"orientation\":\"vertical\",\"percentageMode\":false,\"scale\":{\"color\":\"#333\",\"labels\":false,\"show\":true},\"style\":{\"bgColor\":false,\"bgFill\":\"#eee\",\"bgMask\":false,\"bgWidth\":0.9,\"fontSize\":60,\"labelColor\":true,\"mask\":false,\"maskBars\":50,\"subText\":\"\",\"width\":0.9},\"type\":\"meter\",\"verticalSplit\":true},\"isDisplayWarning\":true,\"type\":\"gauge\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"closedLoopControlName.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}","uiStateJSON":"{\"vis\":{\"defaultColors\":{\"0 - 4\":\"rgb(0,104,55)\",\"4 - 6\":\"rgb(255,255,190)\",\"7 - 10\":\"rgb(165,0,38)\"}}}","description":"","savedSearchId":"AWJsTEvYr1AwiIiFoV6S","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"filter\":[]}"}}} -{"_index":".kibana","_type":"visualization","_id":"AWJoJdIjr1AwiIiFoV5T","_score":1,"_source":{"title":"CL Onset/Abated Variance","visState":"{\"title\":\"CL Onset/Abated Variance\",\"type\":\"histogram\",\"params\":{\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":200},\"title\":{\"text\":\"Closed Loop\"}}],\"valueAxes\":[{\"id\":\"ValueAxis-3\",\"name\":\"BottomAxis-1\",\"type\":\"value\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":75,\"filter\":true,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"normal\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-3\",\"drawLinesBetweenPoints\":true,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"type\":\"horizontal_bar\",\"radiusRatio\":\"13\",\"orderBucketsBySum\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"closedLoopControlName.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"_term\",\"customLabel\":\"Closed Loop\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"closedLoopEventStatus.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"_term\"}}],\"listeners\":{}}","uiStateJSON":"{}","description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"index\":\"AWIk7j2UDjJ4k3sPXRaY\",\"query\":{\"match_all\":{}},\"filter\":[]}"}}} -{"_index":".kibana","_type":"search","_id":"AWIlAjTaDjJ4k3sPXRe1","_score":1,"_source":{"title":"FAILURE NOTIFICATION","description":"","columns":["closedLoopAlarmStart","closedLoopAlarmEnd","closedLoopControlName","closedLoopEventStatus","notification"],"sort":["closedLoopAlarmStart","desc"],"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"index\":\"AWIk7j2UDjJ4k3sPXRaY\",\"highlightAll\":true,\"version\":true,\"query\":{\"match_all\":{}},\"filter\":[{\"$state\":{\"store\":\"appState\"},\"meta\":{\"alias\":\"ABATED\",\"disabled\":true,\"index\":\"AWIk7j2UDjJ4k3sPXRaY\",\"key\":\"closedLoopEventStatus.keyword\",\"negate\":false,\"type\":\"phrase\",\"value\":\"ABATED\"},\"query\":{\"match\":{\"closedLoopEventStatus.keyword\":{\"query\":\"ABATED\",\"type\":\"phrase\"}}}},{\"$state\":{\"store\":\"appState\"},\"meta\":{\"alias\":\"ONSET\",\"disabled\":true,\"index\":\"AWIk7j2UDjJ4k3sPXRaY\",\"key\":\"closedLoopEventStatus.keyword\",\"negate\":false,\"type\":\"phrase\",\"value\":\"ONSET\"},\"query\":{\"match\":{\"closedLoopEventStatus.keyword\":{\"query\":\"ONSET\",\"type\":\"phrase\"}}}},{\"$state\":{\"store\":\"appState\"},\"meta\":{\"alias\":\"FAILURE NOTIFICATION\",\"disabled\":false,\"index\":\"AWIk7j2UDjJ4k3sPXRaY\",\"key\":\"notification.keyword\",\"negate\":false,\"type\":\"phrase\",\"value\":\"FINAL: FAILURE\"},\"query\":{\"match\":{\"notification.keyword\":{\"query\":\"FINAL: FAILURE\",\"type\":\"phrase\"}}}}]}"}}} -{"_index":".kibana","_type":"search","_id":"AWIk8yDIDjJ4k3sPXRbu","_score":1,"_source":{"title":"ONSET","description":"","columns":["closedLoopAlarmStart","closedLoopAlarmEnd","closedLoopControlName","closedLoopEventStatus","notification"],"sort":["closedLoopAlarmStart","desc"],"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"index\":\"AWIk7j2UDjJ4k3sPXRaY\",\"highlightAll\":true,\"version\":true,\"query\":{\"match_all\":{}},\"filter\":[{\"meta\":{\"index\":\"AWIk7j2UDjJ4k3sPXRaY\",\"negate\":false,\"disabled\":false,\"alias\":null,\"type\":\"phrase\",\"key\":\"closedLoopEventStatus.keyword\",\"value\":\"ONSET\"},\"query\":{\"match\":{\"closedLoopEventStatus.keyword\":{\"query\":\"ONSET\",\"type\":\"phrase\"}}},\"$state\":{\"store\":\"appState\"}}]}"}}} -{"_index":".kibana","_type":"dashboard","_id":"AWI-9KyytmDBG_mksMZL","_score":1,"_source":{"title":"CLAMP Dashboard","description":"","panelsJSON":"[{\"col\":5,\"id\":\"AWIk_VLEDjJ4k3sPXReS\",\"panelIndex\":1,\"row\":1,\"size_x\":4,\"size_y\":3,\"type\":\"visualization\"},{\"col\":9,\"id\":\"AWIlBLT7DjJ4k3sPXRe7\",\"panelIndex\":2,\"row\":1,\"size_x\":4,\"size_y\":3,\"type\":\"visualization\"},{\"col\":1,\"id\":\"AWI967sW8kHy-lwNJZrR\",\"panelIndex\":3,\"row\":7,\"size_x\":5,\"size_y\":3,\"type\":\"visualization\"},{\"col\":1,\"id\":\"AWI91Rvl8kHy-lwNJZrN\",\"panelIndex\":4,\"row\":4,\"size_x\":5,\"size_y\":3,\"type\":\"visualization\"},{\"col\":1,\"id\":\"AWJoFDTyr1AwiIiFoV5R\",\"panelIndex\":5,\"row\":1,\"size_x\":4,\"size_y\":3,\"type\":\"visualization\"},{\"col\":9,\"id\":\"AWJoJdIjr1AwiIiFoV5T\",\"panelIndex\":6,\"row\":7,\"size_x\":4,\"size_y\":3,\"type\":\"visualization\"},{\"col\":9,\"id\":\"AWJoMx0_r1AwiIiFoV5V\",\"panelIndex\":7,\"row\":4,\"size_x\":4,\"size_y\":3,\"type\":\"visualization\"},{\"col\":6,\"id\":\"AWJsT-HUr1AwiIiFoV6T\",\"panelIndex\":8,\"row\":4,\"size_x\":3,\"size_y\":6,\"type\":\"visualization\"},{\"size_x\":6,\"size_y\":3,\"panelIndex\":9,\"type\":\"visualization\",\"id\":\"AWJxqD67B2zw2CQxMIeq\",\"col\":1,\"row\":10}]","optionsJSON":"{\"darkTheme\":false}","uiStateJSON":"{\"P-1\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"P-2\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"P-3\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"P-4\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"P-6\":{\"vis\":{\"legendOpen\":true}},\"P-8\":{\"vis\":{\"defaultColors\":{\"0 - 4\":\"rgb(0,104,55)\",\"4 - 6\":\"rgb(255,255,190)\",\"7 - 10\":\"rgb(165,0,38)\"},\"legendOpen\":false}},\"P-9\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}}","timeRestore":false,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"filter\":[{\"query\":{\"match_all\":{}}}],\"highlightAll\":true,\"version\":true}"}}} -{"_index":".kibana","_type":"visualization","_id":"AWJoMx0_r1AwiIiFoV5V","_score":1,"_source":{"title":"CL Efficiency - Total Activity","visState":"{\"title\":\"CL Efficiency - Total Activity\",\"type\":\"line\",\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"show\":true,\"truncate\":100},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"closedLoopAlarmStart per 10 seconds\"},\"type\":\"category\"}],\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"legendPosition\":\"right\",\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"Sum of eventDuration\"},\"drawLinesBetweenPoints\":true,\"interpolate\":\"cardinal\",\"lineWidth\":2,\"mode\":\"normal\",\"show\":\"true\",\"showCircles\":true,\"type\":\"line\",\"valueAxis\":\"ValueAxis-1\"}],\"times\":[],\"type\":\"line\",\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"defaultYExtents\":true,\"mode\":\"normal\",\"setYExtents\":false,\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Sum of eventDuration\"},\"type\":\"value\"}]},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"eventDuration\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"closedLoopControlName.keyword\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"_term\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"closedLoopAlarmStart\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":0,\"extended_bounds\":{}}}],\"listeners\":{}}","uiStateJSON":"{}","description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"index\":\"AWIk7j2UDjJ4k3sPXRaY\",\"query\":{\"match_all\":{}},\"filter\":[{\"meta\":{\"index\":\"AWIk7j2UDjJ4k3sPXRaY\",\"negate\":false,\"disabled\":false,\"alias\":null,\"type\":\"exists\",\"key\":\"closedLoopAlarmEnd\",\"value\":\"exists\"},\"exists\":{\"field\":\"closedLoopAlarmEnd\"},\"$state\":{\"store\":\"appState\"}}]}"}}} diff --git a/kubernetes/clamp/charts/clamp-dash-kibana/resources/config/kibana.yml b/kubernetes/clamp/charts/clamp-dash-kibana/resources/config/kibana.yml index f5297859c4..1747c75811 100644 --- a/kubernetes/clamp/charts/clamp-dash-kibana/resources/config/kibana.yml +++ b/kubernetes/clamp/charts/clamp-dash-kibana/resources/config/kibana.yml @@ -11,17 +11,17 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. -xpack.graph.enabled: false +#xpack.graph.enabled: false #Set to false to disable X-Pack graph features. -xpack.ml.enabled: false +#xpack.ml.enabled: false #Set to false to disable X-Pack machine learning features. -xpack.monitoring.enabled: false +#xpack.monitoring.enabled: false #Set to false to disable X-Pack monitoring features. -xpack.reporting.enabled: false +#xpack.reporting.enabled: false #Set to false to disable X-Pack reporting features. -xpack.security.enabled: false +#xpack.security.enabled: false #Set to false to disable X-Pack security features. -xpack.watcher.enabled: false +#xpack.watcher.enabled: false #Set to false to disable Watcher. # Kibana is served by a back end server. This setting specifies the port to use. server.port: {{.Values.service.externalPort}} diff --git a/kubernetes/clamp/charts/clamp-dash-kibana/templates/deployment.yaml b/kubernetes/clamp/charts/clamp-dash-kibana/templates/deployment.yaml index cd8e1026e7..0f5a93347a 100644 --- a/kubernetes/clamp/charts/clamp-dash-kibana/templates/deployment.yaml +++ b/kubernetes/clamp/charts/clamp-dash-kibana/templates/deployment.yaml @@ -46,26 +46,9 @@ spec: image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }}-readiness - - args: - - --output=http://{{.Values.config.elasticsearchServiceName}}.{{ include "common.namespace" . }}:{{.Values.config.elasticsearchPort}}/.kibana - - --input=/config/default.json - - --type=data - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ .Values.configRepository }}/{{ .Values.configImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-config - volumeMounts: - - mountPath: /config/default.json - name: {{ include "common.fullname" . }} - subPath: default.json containers: - name: {{ include "common.name" . }} - image: "{{ .Values.global.loggingRepository | default .Values.loggingRepository }}/{{ .Values.image }}" + image: "{{ .Values.global.imageRepository | default .Values.imageRepository }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} ports: - containerPort: {{ .Values.service.internalPort }} @@ -112,8 +95,5 @@ spec: items: - key: kibana.yml path: kibana.yml - - key: default.json - path: default.json - imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/clamp/charts/clamp-dash-kibana/values.yaml b/kubernetes/clamp/charts/clamp-dash-kibana/values.yaml index 1c32d39b98..88c541a091 100644 --- a/kubernetes/clamp/charts/clamp-dash-kibana/values.yaml +++ b/kubernetes/clamp/charts/clamp-dash-kibana/values.yaml @@ -27,18 +27,13 @@ global: # Application configuration defaults. ################################################################# -# Configuration image -configRepository: docker.io -configImage: taskrabbit/elasticsearch-dump - - # BusyBox image busyboxRepository: registry.hub.docker.com busyboxImage: library/busybox:latest # application image -loggingRepository: docker.elastic.co -image: kibana/kibana:5.6.9 +loggingRepository: nexus3.onap.org:10001 +image: onap/clamp-dashboard-kibana:3.0-STAGING-latest pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/clamp/charts/clamp-dash-logstash/resources/certs/aafca.pem b/kubernetes/clamp/charts/clamp-dash-logstash/resources/certs/aafca.pem new file mode 100644 index 0000000000..cf12ec4c61 --- /dev/null +++ b/kubernetes/clamp/charts/clamp-dash-logstash/resources/certs/aafca.pem @@ -0,0 +1,26 @@ +-----BEGIN CERTIFICATE----- +MIIEVDCCAjygAwIBAgIBAjANBgkqhkiG9w0BAQsFADAsMQ4wDAYDVQQLDAVPU0FB +RjENMAsGA1UECgwET05BUDELMAkGA1UEBhMCVVMwHhcNMTgwNjA1MDg1MTQxWhcN +MjMwNjA1MDg1MTQxWjBHMQswCQYDVQQGEwJVUzENMAsGA1UECgwET05BUDEOMAwG +A1UECwwFT1NBQUYxGTAXBgNVBAMMEGludGVybWVkaWF0ZUNBXzEwggEiMA0GCSqG +SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOXCdZIoWM0EnEEw3qPiVMhAgNolWCTaLt +eI2TjlTQdGDIcXdBZukHdNeOKYzOXRsLt6bLRtd5yARpn53EbzS/dgAyHuaz1HjE +5IPWSFRg9SulfHUmcS+GBt1+KiMJTlOsw6wSA73H/PjjXBbWs/uRJTnaNmV3so7W +DhNW6fHOrbom4p+3FucbB/QAM9b/3l/1LKnRgdXx9tekDnaKN5u3HVBmyOlRhaRp +tscLUCT3jijoGAPRcYZybgrpa0z3iCWquibTO/eLwuO/Dn7yHWau9ZZAHGPBSn9f +TiLKRYV55mNjr3zvs8diTPECFPW8w8sRIH3za1aKHgUC1gd87Yr3AgMBAAGjZjBk +MB0GA1UdDgQWBBQa1FdycErTZ6nr4dxiMbKH0P7vqjAfBgNVHSMEGDAWgBRTVTPy +S+vQUbHBeJrBKDF77+rtSTASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQE +AwIBhjANBgkqhkiG9w0BAQsFAAOCAgEAlA/RTPy5i09fJ4ytSAmAdytMwEwRaU9F +dshG7LU9q95ODsuM79yJvV9+ISIJZRsBqf5PDv93bUCKKHIYGvR6kNd+n3yx/fce +txDkC/tMj1T9D8TuDKAclGEO9K5+1roOQQFxr4SE6XKb/wjn8OMrCoJ75S0F3htF +LKL85T77JeGeNgSk8JEsZvQvj32m0gv9rxi5jM/Zi5E2vxrBR9T1v3kVvlt6+PSF +BoHXROk5HQmdHxnH+VYQtDHSwj9Xe9aoJMyL0WjYKd//8NUO+VACDOtK4Nia6gy9 +m/n9kMASMw6f9iF4n6t4902RWrRKTYM1CVu5wyVklVbEdE9i6Db4CpL9E8HpBUAP +t44JiNzuFkDmSE/z5XuQIimDt6nzOaSF8pX2KHY2ICDLwpMNUvxzqXD9ECbdspiy +JC2RGq8uARGGl6kQQBKDNO8SrO7rSBPANd1+LgqrKbCrHYfvFgkZPgT5MlQi+E1G +LNT+i6fzZha9ed/L6yjl5Em71flJGFwRZl2pfErZRxp8pLPcznYyIpSjcwnqNCRC +orhlp8nheiODC3oO3AFHDiFgUqvm8hgpnT2cPk2lpU2VY1TcZ8sW5qUDCxINIPcW +u1SAsa87IJK3vEzPZfTCs/S6XThoqRfXj0c0Rahj7YFRi/PqIPY0ejwdtmZ9m9pZ +8Lb0GYmlo44= +-----END CERTIFICATE----- diff --git a/kubernetes/clamp/charts/clamp-dash-logstash/resources/config/logstash.yml b/kubernetes/clamp/charts/clamp-dash-logstash/resources/config/logstash.yml index 51470d265b..369b5820d5 100644 --- a/kubernetes/clamp/charts/clamp-dash-logstash/resources/config/logstash.yml +++ b/kubernetes/clamp/charts/clamp-dash-logstash/resources/config/logstash.yml @@ -26,4 +26,4 @@ config.reload.automatic: true #xpack.monitoring.elasticsearch.url: ["http://10.247.186.12:9200", "http://10.247.186.13:9200"] #xpack.monitoring.elasticsearch.username: elastic #xpack.monitoring.elasticsearch.password: changeme -xpack.monitoring.enabled: false +#xpack.monitoring.enabled: false diff --git a/kubernetes/clamp/charts/clamp-dash-logstash/resources/config/pipeline.conf b/kubernetes/clamp/charts/clamp-dash-logstash/resources/config/pipeline.conf index f88e40da14..317b428c77 100644 --- a/kubernetes/clamp/charts/clamp-dash-logstash/resources/config/pipeline.conf +++ b/kubernetes/clamp/charts/clamp-dash-logstash/resources/config/pipeline.conf @@ -1,4 +1,4 @@ -# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -12,7 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. input { - http_poller { + http_poller { urls => { event_queue => { method => get @@ -20,8 +20,8 @@ input { headers => { Accept => "application/json" } - add_field => { "topic" => "${event_topic}" } - type => "dmaap_event" + topic => "${event_topic}" + tags => [ "dmaap_source" ] } notification_queue => { method => get @@ -29,8 +29,8 @@ input { headers => { Accept => "application/json" } - add_field => { "topic" => "${notification_topic}" } - type => "dmaap_notification" + topic => "${notification_topic}" + tags => [ "dmaap_source" ] } request_queue => { method => get @@ -38,66 +38,91 @@ input { headers => { Accept => "application/json" } - add_field => { "topic" => "${request_topic}" } - type => "dmaap_request" + topic => "${request_topic}" + tags => [ "dmaap_source" ] } } socket_timeout => 30 request_timeout => 30 - interval => 60 + schedule => { "every" => "1m" } codec => "plain" - } + cacert => "/certs.d/aafca.pem" + } } + filter { - if [type] != "dmaap_log" { - # avoid noise if no entry in the list - if [message] == "[]" { - drop { } - } + # avoid noise if no entry in the list + if [message] == "[]" { + drop { } + } + + if [http_request_failure] or [@metadata][code] != "200" { + mutate { + add_tag => [ "error" ] + } + } - # parse json, split the list into multiple events, and parse each event + if "dmaap_source" in [tags] { + # + # Dmaap provides a json list, whose items are Strings containing the event + # provided to Dmaap, which itself is an escaped json. + # + # We first need to parse the json as we have to use the plaintext as it cannot + # work with list of events, then split that list into multiple string events, + # that we then transform into json. + # json { - source => "[message]" - target => "message" + source => "[message]" + target => "message" } + ruby { + code => " + for ev in event.get('message', []) + ev.set('@metadata', event.get('@metadata')) + end + " + } + split { - field => "message" - add_field => { - "type" => "%{type}" - "topic" => "%{topic}" - } + field => "message" } json { - source => "message" + source => "message" + } + mutate { + remove_field => [ "message" ] } - mutate { remove_field => [ "message" ] } } - - # express timestamps in milliseconds instead of microseconds - ruby { + + # + # Some timestamps are expressed as milliseconds, some are in microseconds + # + if [closedLoopAlarmStart] { + ruby { code => " - if event.get('closedLoopAlarmStart').to_s.to_i(10) > 9999999999999 - event.set('closedLoopAlarmStart', event.get('closedLoopAlarmStart').to_s.to_i(10) / 1000) - else - event.set('closedLoopAlarmStart', event.get('closedLoopAlarmStart').to_s.to_i(10)) - end - " - } - date { - match => [ "closedLoopAlarmStart", UNIX_MS ] - target => "closedLoopAlarmStart" + if event.get('closedLoopAlarmStart').to_s.to_i(10) > 9999999999999 + event.set('closedLoopAlarmStart', event.get('closedLoopAlarmStart').to_s.to_i(10) / 1000) + else + event.set('closedLoopAlarmStart', event.get('closedLoopAlarmStart').to_s.to_i(10)) + end + " + } + date { + match => [ "closedLoopAlarmStart", UNIX_MS ] + target => "closedLoopAlarmStart" + } } if [closedLoopAlarmEnd] { ruby { code => " - if event.get('closedLoopAlarmEnd').to_s.to_i(10) > 9999999999999 - event.set('closedLoopAlarmEnd', event.get('closedLoopAlarmEnd').to_s.to_i(10) / 1000) - else - event.set('closedLoopAlarmEnd', event.get('closedLoopAlarmEnd').to_s.to_i(10)) - end - " + if event.get('closedLoopAlarmEnd').to_s.to_i(10) > 9999999999999 + event.set('closedLoopAlarmEnd', event.get('closedLoopAlarmEnd').to_s.to_i(10) / 1000) + else + event.set('closedLoopAlarmEnd', event.get('closedLoopAlarmEnd').to_s.to_i(10)) + end + " } date { match => [ "closedLoopAlarmEnd", UNIX_MS ] @@ -105,39 +130,122 @@ filter { } } - #"yyyy-MM-dd HH:mm:ss" + + + # + # Notification time are expressed under the form "yyyy-MM-dd HH:mm:ss", which + # is close to ISO8601, but lacks of T as spacer: "yyyy-MM-ddTHH:mm:ss" + # if [notificationTime] { - mutate { - gsub => [ - "notificationTime", " ", "T" - ] - } - date { + mutate { + gsub => [ + "notificationTime", " ", "T" + ] + } + date { match => [ "notificationTime", ISO8601 ] target => "notificationTime" - } + } + } + + + # + # Renaming some fields for readability + # + if [AAI][generic-vnf.vnf-name] { + mutate { + add_field => { "vnfName" => "%{[AAI][generic-vnf.vnf-name]}" } + } + } + if [AAI][generic-vnf.vnf-type] { + mutate { + add_field => { "vnfType" => "%{[AAI][generic-vnf.vnf-type]}" } + } + } + if [AAI][vserver.vserver-name] { + mutate { + add_field => { "vmName" => "%{[AAI][vserver.vserver-name]}" } + } + } + if [AAI][complex.city] { + mutate { + add_field => { "locationCity" => "%{[AAI][complex.city]}" } + } + } + if [AAI][complex.state] { + mutate { + add_field => { "locationState" => "%{[AAI][complex.state]}" } + } + } + + + # + # Adding some flags to ease aggregation + # + if [closedLoopEventStatus] =~ /(?i)ABATED/ { + mutate { + add_field => { "flagAbated" => "1" } + } + } + if [notification] =~ /^.*?(?:\b|_)FINAL(?:\b|_).*?(?:\b|_)FAILURE(?:\b|_).*?$/ { + mutate { + add_field => { "flagFinalFailure" => "1" } + } + } + + + if "error" not in [tags] { + # + # Creating data for a secondary index + # + clone { + clones => [ "event-cl-aggs" ] + add_tag => [ "event-cl-aggs" ] + } + + if "event-cl-aggs" in [tags] { + # + # we only need a few fields for aggregations; remove all fields from clone except : + # vmName,vnfName,vnfType,requestID,closedLoopAlarmStart, closedLoopControlName,closedLoopAlarmEnd,abated,nbrDmaapevents,finalFailure + # + prune { + whitelist_names => ["^@.*$","^topic$","^type$","^tags$","^flagFinalFailure$","^flagAbated$","^locationState$","^locationCity$","^vmName$","^vnfName$","^vnfType$","^requestID$","^closedLoopAlarmStart$","^closedLoopControlName$","^closedLoopAlarmEnd$","^target$","^target_type$","^triggerSourceName$","^policyScope$","^policyName$","^policyVersion$"] + } + + } } } + + output { stdout { codec => rubydebug } - if [http_request_failure] { + if "error" in [tags] { elasticsearch { codec => "json" hosts => ["${elasticsearch_base_url}"] index => "errors-%{+YYYY.MM.DD}" doc_as_upsert => true } - } else { + + } else if "event-cl-aggs" in [tags] { elasticsearch { codec => "json" hosts => ["${elasticsearch_base_url}"] - index => "logstash-%{+YYYY.MM.DD}" # creates daily indexes + document_id => "%{requestID}" + index => "events-cl-%{+YYYY.MM.DD}" # creates daily indexes for control loop doc_as_upsert => true + action => "update" + } + } else { + elasticsearch { + codec => "json" + hosts => ["${elasticsearch_base_url}"] + index => "events-%{+YYYY.MM.DD}" # creates daily indexes + doc_as_upsert => true } } - } diff --git a/kubernetes/clamp/charts/clamp-dash-logstash/templates/configmap.yaml b/kubernetes/clamp/charts/clamp-dash-logstash/templates/configmap.yaml index 9186cd919a..350a0e0fad 100644 --- a/kubernetes/clamp/charts/clamp-dash-logstash/templates/configmap.yaml +++ b/kubernetes/clamp/charts/clamp-dash-logstash/templates/configmap.yaml @@ -25,3 +25,13 @@ metadata: heritage: {{ .Release.Service }} data: {{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} + +--- +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "common.fullname" . }}-aaf-keys + namespace: {{ include "common.namespace" . }} +type: Opaque +data: +{{ tpl (.Files.Glob "resources/certs/*").AsSecrets . | indent 2 }} diff --git a/kubernetes/clamp/charts/clamp-dash-logstash/templates/deployment.yaml b/kubernetes/clamp/charts/clamp-dash-logstash/templates/deployment.yaml index 433e7ab24f..aff9a0de71 100644 --- a/kubernetes/clamp/charts/clamp-dash-logstash/templates/deployment.yaml +++ b/kubernetes/clamp/charts/clamp-dash-logstash/templates/deployment.yaml @@ -48,7 +48,7 @@ spec: name: {{ include "common.name" . }}-readiness containers: - name: {{ include "common.name" . }} - image: "{{ .Values.global.loggingRepository| default .Values.loggingRepository }}/{{ .Values.image }}" + image: "{{ .Values.global.imageRepository| default .Values.imageRepository }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} env: - name: dmaap_consumer_group @@ -92,6 +92,8 @@ spec: - mountPath: /usr/share/logstash/pipeline/logstash.conf name: {{ include "common.fullname" . }} subPath: pipeline.conf + - name: {{ include "common.fullname" . }}-aaf-certs + mountPath: /certs.d/ resources: {{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} @@ -114,5 +116,9 @@ spec: path: logstash.yml - key: pipeline.conf path: pipeline.conf + - name: {{ include "common.fullname" . }}-aaf-certs + secret: + secretName: {{ include "common.fullname" . }}-aaf-keys + imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/clamp/charts/clamp-dash-logstash/values.yaml b/kubernetes/clamp/charts/clamp-dash-logstash/values.yaml index 9be859cd78..52b66c6824 100644 --- a/kubernetes/clamp/charts/clamp-dash-logstash/values.yaml +++ b/kubernetes/clamp/charts/clamp-dash-logstash/values.yaml @@ -28,8 +28,8 @@ global: ################################################################# # application image -loggingRepository: docker.elastic.co -image: logstash/logstash:5.6.9 +imageRepository: nexus3.onap.org:10001 +image: onap/clamp-dashboard-logstash:3.0-STAGING-latest pullPolicy: Always # flag to enable debugging - application support required @@ -39,7 +39,7 @@ debugEnabled: false config: elasticsearchServiceName: cdash-es elasticsearchPort: 9200 - dmaapHost: message-router.{{ include "common.namespace" . }} + dmaapHost: message-router dmaapScheme: https dmaapPort: 3905 dmaapConsumerGroup: "clampdashboard" diff --git a/kubernetes/common/network-name-gen/resources/config/aai_keystore b/kubernetes/common/network-name-gen/resources/config/aai_keystore Binary files differnew file mode 100644 index 0000000000..83cae95273 --- /dev/null +++ b/kubernetes/common/network-name-gen/resources/config/aai_keystore diff --git a/kubernetes/common/network-name-gen/templates/deployment.yaml b/kubernetes/common/network-name-gen/templates/deployment.yaml index 743c8be02e..dac4e0d4ce 100644 --- a/kubernetes/common/network-name-gen/templates/deployment.yaml +++ b/kubernetes/common/network-name-gen/templates/deployment.yaml @@ -77,6 +77,13 @@ spec: value: "{{ .Values.config.aaiCertPath }}" - name: AAI_URI value: "{{ .Values.config.aaiUri }}" + - name: AAI_AUTH + value: "{{ .Values.config.aaiAuth }}" + volumeMounts: + - name: certs + mountPath: /opt/etc/config/aai_keystore + subPath: aai_keystore + readOnly: true resources: {{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} @@ -87,6 +94,9 @@ spec: affinity: {{ toYaml .Values.affinity | indent 10 }} {{- end }} - + volumes: + - name: certs + secret: + secretName: {{ .Release.Name}}-aai-keystore imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/common/network-name-gen/templates/secrets.yaml b/kubernetes/common/network-name-gen/templates/secrets.yaml index b50ad4eb26..4b6d97acad 100644 --- a/kubernetes/common/network-name-gen/templates/secrets.yaml +++ b/kubernetes/common/network-name-gen/templates/secrets.yaml @@ -25,3 +25,11 @@ metadata: type: Opaque data: db-root-password: {{ index .Values "mariadb-galera" "config" "mariadbRootPassword" | b64enc | quote }} +--- +apiVersion: v1 +data: +{{ tpl (.Files.Glob "resources/config/aai_keystore").AsConfig . | indent 2 }} +metadata: + name: {{ .Release.Name}}-aai-keystore + namespace: {{ include "common.namespace" . }} +kind: Secret diff --git a/kubernetes/common/network-name-gen/values.yaml b/kubernetes/common/network-name-gen/values.yaml index b40ac91cbc..67ba1ce274 100644 --- a/kubernetes/common/network-name-gen/values.yaml +++ b/kubernetes/common/network-name-gen/values.yaml @@ -61,14 +61,15 @@ pullPolicy: IfNotPresent config: dbUrl: jdbc:mysql://nengdb:3306/nengdb springProfile: live - polClientAuth: TBD - polBasicAuth: TBD - polUrl: TBD + polClientAuth: cHl0aG9uOnRlc3Q= + polBasicAuth: dGVzdHBkcDphbHBoYTEyMw== + polUrl: https://pdp:8081/pdp/api/getConfig polEnv: TEST polReqId: xx - aaiCertPass: TBD - aaiCertPath: TBD - aaiUri: TBD + aaiCertPass: changeit + aaiCertPath: /opt/etc/config/aai_keystore + aaiAuth: QUFJOkFBSQ== + aaiUri: https://aai:8443/aai/v14/ # default number of instances replicaCount: 1 diff --git a/kubernetes/common/pgpool/templates/configmap.yaml b/kubernetes/common/pgpool/templates/configmap.yaml deleted file mode 100755 index cc20b42581..0000000000 --- a/kubernetes/common/pgpool/templates/configmap.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ .Release.Name }}-pgpool-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "configs/*").AsConfig . | indent 2 }} diff --git a/kubernetes/common/pgpool/templates/service.yaml b/kubernetes/common/pgpool/templates/service.yaml deleted file mode 100644 index 0811fda593..0000000000 --- a/kubernetes/common/pgpool/templates/service.yaml +++ /dev/null @@ -1,14 +0,0 @@ -kind: "Service" -apiVersion: "v1" -metadata: - name: "pgpool" - labels: - name: "pgpool" -spec: - ports: - - protocol: "TCP" - port: 5432 - targetPort: 5432 - selector: - name: "pgpool" - type: ClusterIP diff --git a/kubernetes/common/pgpool/Chart.yaml b/kubernetes/common/postgres/charts/pgpool/Chart.yaml index b57e72a6ee..b57e72a6ee 100644 --- a/kubernetes/common/pgpool/Chart.yaml +++ b/kubernetes/common/postgres/charts/pgpool/Chart.yaml diff --git a/kubernetes/common/pgpool/configs/pgpool.conf b/kubernetes/common/postgres/charts/pgpool/configs/pgpool.conf index 9dd979ac6b..f335174f40 100644 --- a/kubernetes/common/pgpool/configs/pgpool.conf +++ b/kubernetes/common/postgres/charts/pgpool/configs/pgpool.conf @@ -52,12 +52,12 @@ pcp_socket_dir = '/tmp' # - Backend Connection Settings - -backend_hostname0 = '{{.Values.container.primary}}' +backend_hostname0 = '{{.Values.container.name.primary}}' backend_port0 = 5432 backend_weight0= 1 backend_flag0= 'DISALLOW_TO_FAILOVER' -backend_hostname1 = '{{.Values.container.replica}}' +backend_hostname1 = '{{.Values.container.name.replica}}' backend_port1 = 5432 backend_weight1= 1 backend_flag1= 'DISALLOW_TO_FAILOVER' @@ -259,7 +259,7 @@ failover_if_affected_tuples_mismatch = off # LOAD BALANCING MODE #------------------------------------------------------------------------------ -load_balance_mode = off +load_balance_mode = on # Activate load balancing mode # (change requires restart) ignore_leading_white_space = on @@ -358,7 +358,7 @@ health_check_period = 20 health_check_timeout = 10 # Health check timeout # 0 means no timeout -health_check_user = '{{.Values.credentials.pguser}}' +health_check_user = '{{.Values.credentials.pgusername}}' # Health check user health_check_password = '{{.Values.credentials.pgpassword}}' # Password for health check user @@ -419,7 +419,7 @@ search_primary_node_timeout = 10 # ONLINE RECOVERY #------------------------------------------------------------------------------ -recovery_user = '{{.Values.credentials.pguser}}' +recovery_user = '{{.Values.credentials.pgusername}}' # Online recovery user recovery_password = '{{.Values.credentials.pgpassword}}' # Online recovery password diff --git a/kubernetes/common/pgpool/configs/pool_hba.conf b/kubernetes/common/postgres/charts/pgpool/configs/pool_hba.conf index d8918409e8..d8918409e8 100644 --- a/kubernetes/common/pgpool/configs/pool_hba.conf +++ b/kubernetes/common/postgres/charts/pgpool/configs/pool_hba.conf diff --git a/kubernetes/common/pgpool/configs/pool_passwd b/kubernetes/common/postgres/charts/pgpool/configs/pool_passwd index d8e09a2afa..3636d1de74 100644 --- a/kubernetes/common/pgpool/configs/pool_passwd +++ b/kubernetes/common/postgres/charts/pgpool/configs/pool_passwd @@ -1 +1,2 @@ testuser:md599e8713364988502fa6189781bcf648f +postgres:md53175bce1d3201d16594cebf9d7eb3f9d diff --git a/kubernetes/common/pgpool/requirements.yaml b/kubernetes/common/postgres/charts/pgpool/requirements.yaml index 9f44c6df28..9f44c6df28 100644 --- a/kubernetes/common/pgpool/requirements.yaml +++ b/kubernetes/common/postgres/charts/pgpool/requirements.yaml diff --git a/kubernetes/aaf/templates/secrets.yaml b/kubernetes/common/postgres/charts/pgpool/templates/configmap.yaml index fe876e1c6c..e2c77ff910 100644..100755 --- a/kubernetes/aaf/templates/secrets.yaml +++ b/kubernetes/common/postgres/charts/pgpool/templates/configmap.yaml @@ -13,9 +13,9 @@ # limitations under the License. apiVersion: v1 -kind: Secret +kind: ConfigMap metadata: - name: {{ .Release.Name}}-aaf-local-secret + name: {{ include "common.fullname" . }}-pgpool-configmap namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} @@ -23,8 +23,4 @@ metadata: release: {{ .Release.Name }} heritage: {{ .Release.Service }} data: -{{ (.Files.Glob "resources/config/local/org.osaaf.aaf.trust.p12").AsSecrets | indent 2 }} -{{ (.Files.Glob "resources/config/local/org.osaaf.aaf.p12").AsSecrets | indent 2 }} -{{ (.Files.Glob "resources/config/local/org.osaaf.aaf.keyfile").AsSecrets | indent 2 }} -{{ (.Files.Glob "resources/config/local/org.osaaf.aaf.cm.p12").AsSecrets | indent 2 }} -type: Opaque +{{ tpl (.Files.Glob "configs/*").AsConfig . | indent 2 }} diff --git a/kubernetes/common/pgpool/templates/deployment.yaml b/kubernetes/common/postgres/charts/pgpool/templates/deployment.yaml index f598409848..4aa8d831fb 100644 --- a/kubernetes/common/pgpool/templates/deployment.yaml +++ b/kubernetes/common/postgres/charts/pgpool/templates/deployment.yaml @@ -15,7 +15,7 @@ */}} kind: Deployment apiVersion: extensions/v1beta1 -metadata: +metadata: name: {{ include "common.fullname" . }} namespace: {{ include "common.namespace" . }} labels: @@ -23,7 +23,7 @@ metadata: chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} -spec: +spec: replicas: 2 template: metadata: @@ -32,8 +32,9 @@ spec: release: {{ .Release.Name }} spec: containers: - - name: pgpool - image: "{{.Values.image.repository}}/{{.Values.image.container}}:{{.Values.image.tag}}" + - image: "{{.Values.repository}}/{{.Values.image}}" + imagePullPolicy: {{ .Values.pullPolicy | default .Values.global.pullPolicy }} + name: {{ include "common.name" . }} env: - name: PG_PRIMARY_SERVICE_NAME value: {{.Values.container.name.primary}} @@ -52,8 +53,8 @@ spec: port: 5432 initialDelaySeconds: 20 periodSeconds: 10 - livenessProbe: - tcpSocket: + livenessProbe: + tcpSocket: port: 5432 initialDelaySeconds: 15 periodSeconds: 20 @@ -64,4 +65,4 @@ spec: volumes: - name: pgpool-pgconf configMap: - name: {{ .Release.Name }}-pgpool-configmap + name: {{ include "common.fullname" . }}-pgpool-configmap diff --git a/kubernetes/common/postgres/charts/pgpool/templates/service.yaml b/kubernetes/common/postgres/charts/pgpool/templates/service.yaml new file mode 100644 index 0000000000..86442a2740 --- /dev/null +++ b/kubernetes/common/postgres/charts/pgpool/templates/service.yaml @@ -0,0 +1,26 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.service.name }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + annotations: +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.name }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.name }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} diff --git a/kubernetes/common/pgpool/values.yaml b/kubernetes/common/postgres/charts/pgpool/values.yaml index 8e7474203d..cb732b7cd7 100644 --- a/kubernetes/common/pgpool/values.yaml +++ b/kubernetes/common/postgres/charts/pgpool/values.yaml @@ -12,7 +12,23 @@ # See the License for the specific language governing permissions and # limitations under the License. -name: pgpool +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + persistence: {} + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: crunchydata +image: crunchy-pgpool:centos7-10.4-2.0.0 +pullPolicy: Always + container: port: 5432 name: @@ -21,8 +37,8 @@ container: credentials: pgusername: testuser pgpassword: password -serviceType: ClusterIP -image: - repository: crunchydata - container: crunchy-pgpool - tag: centos7-10.4-2.0.0 +service: + name: pgpool + type: ClusterIP + externalPort: 5432 + internalPort: 5432 diff --git a/kubernetes/consul/resources/config/consul-agent-config/multicloud-health-check.json b/kubernetes/consul/resources/config/consul-agent-config/multicloud-health-check.json index 8e19b3172e..51f2acc8f5 100644 --- a/kubernetes/consul/resources/config/consul-agent-config/multicloud-health-check.json +++ b/kubernetes/consul/resources/config/consul-agent-config/multicloud-health-check.json @@ -31,6 +31,20 @@ "timeout": "1s" }, { + "id": "multicloud-pike", + "name": "Multicloud Pike Health Check", + "http": "http://multicloud-pike:9007/api/multicloud-pike/v0/swagger.json", + "method": "HEAD", + "header": { + "Cache-Control": ["no-cache"], + "Content-Type": ["application/json"], + "Accept": ["application/json"] + }, + "tls_skip_verify": true, + "interval": "15s", + "timeout": "1s" + }, + { "id": "multicloud-vio", "name": "Multicloud Vio Health Check", "http": "http://multicloud-vio:9004/api/multicloud-vio/v0/swagger.json", diff --git a/kubernetes/consul/resources/config/consul-agent-config/policy-health.json b/kubernetes/consul/resources/config/consul-agent-config/policy-health.json index 62a6f31223..9cad9dc1d5 100644 --- a/kubernetes/consul/resources/config/consul-agent-config/policy-health.json +++ b/kubernetes/consul/resources/config/consul-agent-config/policy-health.json @@ -67,7 +67,7 @@ "http": "https://drools:6969/healthcheck", "method": "GET", "header": { - "Authorization": ["Basic aGVhbHRoY2hlY2s6emIhWHp0RzM0"], + "Authorization": ["Basic ZGVtb0BwZW9wbGUub3NhYWYub3JnOmRlbW8xMjM0NTYh"], "Cache-Control": ["no-cache"], "Content-Type": ["application/json"], "Accept": ["application/json"] diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-datafile-collector-input.yaml b/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-datafile-collector-inputs.yaml index ce7aa1e998..ce7aa1e998 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-datafile-collector-input.yaml +++ b/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-datafile-collector-inputs.yaml diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-policy_handler-inputs.yaml b/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-policy_handler-inputs.yaml index d4ee73e303..50da2cc49c 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-policy_handler-inputs.yaml +++ b/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-policy_handler-inputs.yaml @@ -81,7 +81,7 @@ application_config: target_entity : "deployment_handler" # url of the deployment-handler service for policy-handler to direct the policy-updates to # - expecting dns to resolve the hostname deployment-handler to ip address - url : "http://deployment-handler:8188" + url : "https://deployment-handler:8443" # limit the size of a single data segment for policy-update messages # from policy-handler to deployment-handler in megabytes max_msg_length_mb : 5 diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml b/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml index 9c45b9f62c..18632d1d39 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml +++ b/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml @@ -60,17 +60,27 @@ postgres: persistence: mountSubPath: dcae/data mountInitPath: dcae + pgpool: + nameOverride: dcae-pgpool + service: + name: dcae-pgpool + credentials: + pgpassword: onapdemodb + container: + name: + primary: dcae-pgpool-primary + replica: dcae-pgpool-replica # application image repository: nexus3.onap.org:10001 -image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:1.4.2 +image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:1.4.3 # DCAE component images to be deployed via Cloudify Manager # Use to override default setting in blueprints componentImages: config_binding_service: onap/org.onap.dcaegen2.platform.configbinding.app-app:2.2.3 - datafile_collector: onap/org.onap.dcaegen2.collectors.datafile.datafile-app-server:latest - deployment_handler: onap/org.onap.dcaegen2.platform.deployment-handler:3.0.2 + datafile_collector: onap/org.onap.dcaegen2.collectors.datafile.datafile-app-server:1.0.0 + deployment_handler: onap/org.onap.dcaegen2.platform.deployment-handler:3.0.3 holmes_rules: onap/holmes/rule-management:1.2.0-STAGING-latest holmes_engine: onap/holmes/engine-management:1.2.0-STAGING-latest inventory: onap/org.onap.dcaegen2.platform.inventory-api:3.0.4 diff --git a/kubernetes/dcaegen2/charts/dcae-healthcheck/values.yaml b/kubernetes/dcaegen2/charts/dcae-healthcheck/values.yaml index 9c89b8c729..6fc62af92e 100644 --- a/kubernetes/dcaegen2/charts/dcae-healthcheck/values.yaml +++ b/kubernetes/dcaegen2/charts/dcae-healthcheck/values.yaml @@ -45,7 +45,7 @@ readiness: periodSeconds: 10 # application image repository: nexus3.onap.org:10001 -image: onap/org.onap.dcaegen2.deployments.healthcheck-container:1.1.0 +image: onap/org.onap.dcaegen2.deployments.healthcheck-container:1.1.2 # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/dmaap/charts/dmaap-bus-controller/values.yaml b/kubernetes/dmaap/charts/dmaap-bus-controller/values.yaml index a14b1b7c98..e79a693382 100644 --- a/kubernetes/dmaap/charts/dmaap-bus-controller/values.yaml +++ b/kubernetes/dmaap/charts/dmaap-bus-controller/values.yaml @@ -92,6 +92,17 @@ postgres: persistence: mountSubPath: dbc/data mountInitPath: dbc + pgpool: + nameOverride: dbc-pgpool + service: + name: dbc-pgpool + credentials: + pgusername: dmaap_admin + pgpassword: onapdemodb + container: + name: + primary: dbc-pgpool-primary + replica: dbc-pgpool-replica ingress: enabled: false diff --git a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-node/values.yaml b/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-node/values.yaml index 9a48dbe64e..f8600b5825 100644 --- a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-node/values.yaml +++ b/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-node/values.yaml @@ -26,7 +26,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/dmaap/datarouter-node:latest +image: onap/dmaap/datarouter-node:1.0.2 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-prov/values.yaml b/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-prov/values.yaml index 855a64f913..dfdd38bfbf 100644 --- a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-prov/values.yaml +++ b/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-prov/values.yaml @@ -27,7 +27,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/dmaap/datarouter-prov:latest +image: onap/dmaap/datarouter-prov:1.0.2 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/msb/charts/kube2msb/values.yaml b/kubernetes/msb/charts/kube2msb/values.yaml index 7532c28d8a..af845939a5 100644 --- a/kubernetes/msb/charts/kube2msb/values.yaml +++ b/kubernetes/msb/charts/kube2msb/values.yaml @@ -51,21 +51,23 @@ service: {} ingress: enabled: false -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # - # Example: - # Configure resource requests and limits - # ref: http://kubernetes.io/docs/user-guide/compute-resources/ - # Minimum memory for development is 2 CPU cores and 4GB memory - # Minimum memory for production is 4 CPU cores and 8GB memory -#resources: -# limits: -# cpu: 2 -# memory: 4Gi -# requests: -# cpu: 2 -# memory: 4Gi +# Resource Limit flavor -By Default using small +flavor: small + +# Configure resource requests and limits +resources: + small: + limits: + cpu: 1 + memory: 1Gi + requests: + cpu: 500m + memory: 500Mi + large: + limits: + cpu: 2 + memory: 2Gi + requests: + cpu: 1 + memory: 1Gi + unlimited: {}
\ No newline at end of file diff --git a/kubernetes/msb/charts/msb-consul/values.yaml b/kubernetes/msb/charts/msb-consul/values.yaml index dd66349964..79a26404c6 100644 --- a/kubernetes/msb/charts/msb-consul/values.yaml +++ b/kubernetes/msb/charts/msb-consul/values.yaml @@ -58,21 +58,22 @@ service: ingress: enabled: false -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # - # Example: - # Configure resource requests and limits - # ref: http://kubernetes.io/docs/user-guide/compute-resources/ - # Minimum memory for development is 2 CPU cores and 4GB memory - # Minimum memory for production is 4 CPU cores and 8GB memory -#resources: -# limits: -# cpu: 2 -# memory: 4Gi -# requests: -# cpu: 2 -# memory: 4Gi +flavor: small + +# Configure resource requests and limits +resources: + small: + limits: + cpu: 20m + memory: 100Mi + requests: + cpu: 10m + memory: 50Mi + large: + limits: + cpu: 40m + memory: 200Mi + requests: + cpu: 20m + memory: 100Mi + unlimited: {}
\ No newline at end of file diff --git a/kubernetes/msb/charts/msb-discovery/values.yaml b/kubernetes/msb/charts/msb-discovery/values.yaml index db04320b4f..d36c153cac 100644 --- a/kubernetes/msb/charts/msb-discovery/values.yaml +++ b/kubernetes/msb/charts/msb-discovery/values.yaml @@ -24,7 +24,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/msb/msb_discovery:1.2.0-STAGING-latest +image: onap/msb/msb_discovery:1.2.0-SNAPSHOT-latest pullPolicy: Always istioSidecar: true @@ -60,21 +60,22 @@ service: ingress: enabled: false -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # - # Example: - # Configure resource requests and limits - # ref: http://kubernetes.io/docs/user-guide/compute-resources/ - # Minimum memory for development is 2 CPU cores and 4GB memory - # Minimum memory for production is 4 CPU cores and 8GB memory -#resources: -# limits: -# cpu: 2 -# memory: 4Gi -# requests: -# cpu: 2 -# memory: 4Gi +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 400m + memory: 400Mi + requests: + cpu: 200m + memory: 200Mi + large: + limits: + cpu: 800m + memory: 800Mi + requests: + cpu: 400m + memory: 400Mi + unlimited: {}
\ No newline at end of file diff --git a/kubernetes/msb/charts/msb-eag/values.yaml b/kubernetes/msb/charts/msb-eag/values.yaml index d611170e7d..cf20fdcbab 100644 --- a/kubernetes/msb/charts/msb-eag/values.yaml +++ b/kubernetes/msb/charts/msb-eag/values.yaml @@ -24,7 +24,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/msb/msb_apigateway:1.2.0-STAGING-latest +image: onap/msb/msb_apigateway:1.2.0-SNAPSHOT-latest pullPolicy: Always istioSidecar: true @@ -64,21 +64,22 @@ service: ingress: enabled: false -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # - # Example: - # Configure resource requests and limits - # ref: http://kubernetes.io/docs/user-guide/compute-resources/ - # Minimum memory for development is 2 CPU cores and 4GB memory - # Minimum memory for production is 4 CPU cores and 8GB memory -#resources: -# limits: -# cpu: 2 -# memory: 4Gi -# requests: -# cpu: 2 -# memory: 4Gi +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 200m + memory: 500Mi + requests: + cpu: 100m + memory: 200Mi + large: + limits: + cpu: 400m + memory: 800Mi + requests: + cpu: 200m + memory: 400Mi + unlimited: {}
\ No newline at end of file diff --git a/kubernetes/msb/charts/msb-iag/values.yaml b/kubernetes/msb/charts/msb-iag/values.yaml index e747bff78f..b6417de382 100644 --- a/kubernetes/msb/charts/msb-iag/values.yaml +++ b/kubernetes/msb/charts/msb-iag/values.yaml @@ -24,7 +24,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/msb/msb_apigateway:1.2.0-STAGING-latest +image: onap/msb/msb_apigateway:1.2.0-SNAPSHOT-latest pullPolicy: Always istioSidecar: true @@ -64,21 +64,22 @@ service: ingress: enabled: false -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # - # Example: - # Configure resource requests and limits - # ref: http://kubernetes.io/docs/user-guide/compute-resources/ - # Minimum memory for development is 2 CPU cores and 4GB memory - # Minimum memory for production is 4 CPU cores and 8GB memory -#resources: -# limits: -# cpu: 2 -# memory: 4Gi -# requests: -# cpu: 2 -# memory: 4Gi +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 100m + memory: 400Mi + requests: + cpu: 50m + memory: 200Mi + large: + limits: + cpu: 200m + memory: 800Mi + requests: + cpu: 100m + memory: 400Mi + unlimited: {}
\ No newline at end of file diff --git a/kubernetes/multicloud/charts/multicloud-azure/.helmignore b/kubernetes/multicloud/charts/multicloud-azure/.helmignore new file mode 100644 index 0000000000..f0c1319444 --- /dev/null +++ b/kubernetes/multicloud/charts/multicloud-azure/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/kubernetes/aaf/resources/config/etc/org.osaaf.hello.props b/kubernetes/multicloud/charts/multicloud-azure/Chart.yaml index eeacc1da94..d4b60c68b9 100644 --- a/kubernetes/aaf/resources/config/etc/org.osaaf.hello.props +++ b/kubernetes/multicloud/charts/multicloud-azure/Chart.yaml @@ -1,4 +1,5 @@ # Copyright © 2018 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -12,12 +13,7 @@ # See the License for the specific language governing permissions and # limitations under the License. - -## -## org.osaaf.locator -## AAF Locator Properties -## -cadi_prop_files=/opt/app/osaaf/etc/org.osaaf.common.props -aaf_component=AAF_NS.hello:2.1.0.0 -port=8130 -cadi_registration_hostname={{.Values.config.helloServiceName}} +apiVersion: v1 +description: ONAP multicloud Azure plugin +name: multicloud-azure +version: 3.0.0 diff --git a/kubernetes/multicloud/charts/multicloud-azure/resources/config/log/log.yml b/kubernetes/multicloud/charts/multicloud-azure/resources/config/log/log.yml new file mode 100644 index 0000000000..5e29829cc2 --- /dev/null +++ b/kubernetes/multicloud/charts/multicloud-azure/resources/config/log/log.yml @@ -0,0 +1,37 @@ +# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +version: 1 +disable_existing_loggers: False + +loggers: + vio: + handlers: [azure_handler] + level: "DEBUG" + propagate: False +handlers: + vio_handler: + level: "DEBUG" + class: "logging.handlers.RotatingFileHandler" + filename: "/var/log/onap/multicloud/azure/azure.log" + formatter: "mdcFormat" + maxBytes: 52428800 + backupCount: 10 +formatters: + standard: + format: "%(asctime)s|||||%(name)s||%(thread)||%(funcName)s||%(levelname)s||%(message)s" + mdcFormat: + format: "%(asctime)s|||||%(name)s||%(thread)s||%(funcName)s||%(levelname)s||%(message)s||||%(mdc)s \t" + mdcfmt: "{requestID} {invocationID} {serviceName} {serviceIP}" + datefmt: "%Y-%m-%d %H:%M:%S" + (): onaplogging.mdcformatter.MDCFormatter diff --git a/kubernetes/multicloud/charts/multicloud-azure/templates/NOTES.txt b/kubernetes/multicloud/charts/multicloud-azure/templates/NOTES.txt new file mode 100644 index 0000000000..befedf4578 --- /dev/null +++ b/kubernetes/multicloud/charts/multicloud-azure/templates/NOTES.txt @@ -0,0 +1,34 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} +{{- end }} diff --git a/kubernetes/multicloud/charts/multicloud-azure/templates/configmap.yaml b/kubernetes/multicloud/charts/multicloud-azure/templates/configmap.yaml new file mode 100644 index 0000000000..5d69f74dc1 --- /dev/null +++ b/kubernetes/multicloud/charts/multicloud-azure/templates/configmap.yaml @@ -0,0 +1,29 @@ +{{/* +# Copyright © 2018 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# # +# # Licensed under the Apache License, Version 2.0 (the "License"); +# # you may not use this file except in compliance with the License. +# # You may obtain a copy of the License at +# # +# # http://www.apache.org/licenses/LICENSE-2.0 +# # +# # Unless required by applicable law or agreed to in writing, software +# # distributed under the License is distributed on an "AS IS" BASIS, +# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# # See the License for the specific language governing permissions and +# # limitations under the License. +*/}} + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-log-configmap + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/log/*").AsConfig . | indent 2 }} diff --git a/kubernetes/multicloud/charts/multicloud-azure/templates/deployment.yaml b/kubernetes/multicloud/charts/multicloud-azure/templates/deployment.yaml new file mode 100644 index 0000000000..d850eba3c9 --- /dev/null +++ b/kubernetes/multicloud/charts/multicloud-azure/templates/deployment.yaml @@ -0,0 +1,110 @@ +{{/* +# Copyright © 2018 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + selector: + matchLabels: + app: multicloud-azure + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + name: {{ include "common.name" . }} + annotations: + sidecar.istio.io/inject: "{{.Values.istioSidecar}}" + spec: + containers: + - env: + - name: MSB_ADDR + value: "{{ .Values.config.msbgateway }}" + - name: MSB_PORT + value: "{{ .Values.config.msbPort }}.{{ include "common.namespace" . }}" + - name: AAI_ADDR + value: aai.{{ include "common.namespace" . }} + - name: AAI_PORT + value: "{{ .Values.config.aai.port }}" + - name: AAI_SCHEMA_VERSION + value: "{{ .Values.config.aai.schemaVersion }}" + - name: AAI_USERNAME + value: "{{ .Values.config.aai.username }}" + - name: AAI_PASSWORD + value: "{{ .Values.config.aai.password }}" + name: {{ include "common.name" . }} + volumeMounts: + - mountPath: /var/log/onap + name: azure-log + - mountPath: /opt/multicloud_azure/multicloud_azure/pub/config/log.yml + name: azure-logconfig + subPath: log.yml + resources: +{{ toYaml (pluck .Values.flavor .Values.resources| first) | indent 12 }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.internalPort }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + httpGet: + path: /api/multicloud-azure/v0/swagger.json + port: {{ .Values.service.internalPort }} + scheme: HTTP + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} + successThreshold: {{ .Values.liveness.successThreshold }} + failureThreshold: {{ .Values.liveness.failureThreshold }} + {{ end -}} + # side car containers + - image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: filebeat-onap + volumeMounts: + - mountPath: /usr/share/filebeat/filebeat.yml + name: filebeat-conf + subPath: filebeat.yml + - mountPath: /var/log/onap + name: azure-log + - mountPath: /usr/share/filebeat/data + name: azure-data-filebeat + volumes: + - name: azure-log + emptyDir: {} + - name: azure-data-filebeat + emptyDir: {} + - name: filebeat-conf + configMap: + name: multicloud-filebeat-configmap + - name: azure-logconfig + configMap: + name: {{ include "common.fullname" . }}-log-configmap + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" + restartPolicy: Always diff --git a/kubernetes/multicloud/charts/multicloud-azure/templates/service.yaml b/kubernetes/multicloud/charts/multicloud-azure/templates/service.yaml new file mode 100644 index 0000000000..b48aa6da7a --- /dev/null +++ b/kubernetes/multicloud/charts/multicloud-azure/templates/service.yaml @@ -0,0 +1,53 @@ +{{/* +# Copyright © 2018 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# # +# # Licensed under the Apache License, Version 2.0 (the "License"); +# # you may not use this file except in compliance with the License. +# # You may obtain a copy of the License at +# # +# # http://www.apache.org/licenses/LICENSE-2.0 +# # +# # Unless required by applicable law or agreed to in writing, software +# # distributed under the License is distributed on an "AS IS" BASIS, +# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# # See the License for the specific language governing permissions and +# # limitations under the License. +*/}} + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + annotations: + msb.onap.org/service-info: '[ + { + "serviceName": "multicloud-azure", + "version": "v0", + "url": "/api/multicloud-azure/v0", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange": "1" + } + ]' +spec: + ports: + {{if eq .Values.service.type "NodePort" -}} + - name: {{ .Values.service.portName }} + port: {{ .Values.service.externalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + type: {{ .Values.service.type }} diff --git a/kubernetes/multicloud/charts/multicloud-azure/values.yaml b/kubernetes/multicloud/charts/multicloud-azure/values.yaml new file mode 100644 index 0000000000..7b9d9c7e4b --- /dev/null +++ b/kubernetes/multicloud/charts/multicloud-azure/values.yaml @@ -0,0 +1,86 @@ +# Copyright © 2018 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/multicloud/azure:1.2.0-SNAPSHOT +pullPolicy: Always + +#Istio sidecar injection policy +istioSidecar: true + +# application configuration +config: + msbgateway: msb-iag + msbPort: 80 + aai: + port: 8443 + schemaVersion: v13 + username: AAI + password: AAI + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 30 + periodSeconds: 10 + timeoutSeconds: 10 + successThreshold: 1 + failureThreshold: 5 + enabled: true + +service: + type: NodePort + portName: multicloud-azure + externalPort: 9008 + internalPort: 9008 + nodePort: 61 + +ingress: + enabled: false + +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 1 + memory: 4Gi + requests: + cpu: 10m + memory: 1Gi + large: + limits: + cpu: 2 + memory: 8Gi + requests: + cpu: 20m + memory: 2Gi diff --git a/kubernetes/multicloud/charts/multicloud-pike/.helmignore b/kubernetes/multicloud/charts/multicloud-pike/.helmignore new file mode 100644 index 0000000000..f0c1319444 --- /dev/null +++ b/kubernetes/multicloud/charts/multicloud-pike/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/kubernetes/aaf/charts/aaf-cs/templates/secret.yaml b/kubernetes/multicloud/charts/multicloud-pike/Chart.yaml index 4ae60f17c9..cdcfb72f5e 100644 --- a/kubernetes/aaf/charts/aaf-cs/templates/secret.yaml +++ b/kubernetes/multicloud/charts/multicloud-pike/Chart.yaml @@ -1,4 +1,4 @@ -# Copyright © 2017 Amdocs, Bell Canada +# Copyright (c) 2018 Intel Corporation. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,10 +13,6 @@ # limitations under the License. apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} -type: Opaque -data: -{{ (.Files.Glob "resources/config/aaf-cs-data/*").AsSecrets | indent 2 }} +description: ONAP multicloud OpenStack Pike Plugin +name: multicloud-pike +version: 3.0.0 diff --git a/kubernetes/multicloud/charts/multicloud-pike/resources/config/log/log.yml b/kubernetes/multicloud/charts/multicloud-pike/resources/config/log/log.yml new file mode 100644 index 0000000000..935d9ca62e --- /dev/null +++ b/kubernetes/multicloud/charts/multicloud-pike/resources/config/log/log.yml @@ -0,0 +1,47 @@ +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +version: 1 +disable_existing_loggers: False + +loggers: + pike: + handlers: [pike_handler] + level: "DEBUG" + propagate: False + newton_base: + handlers: [pike_handler] + level: "DEBUG" + propagate: False + common: + handlers: [pike_handler] + level: "DEBUG" + propagate: False + +handlers: + pike_handler: + level: "DEBUG" + class: "logging.handlers.RotatingFileHandler" + filename: "/var/log/onap/multicloud/openstack/pike/pike.log" + formatter: "mdcFormat" + maxBytes: 1024*1024*50 + backupCount: 10 + +formatters: + standard: + format: "%(asctime)s|||||%(name)s||%(thread)||%(funcName)s||%(levelname)s||%(message)s" + mdcFormat: + format: "%(asctime)s|||||%(name)s||%(thread)s||%(funcName)s||%(levelname)s||%(message)s||||%(mdc)s \t" + mdcfmt: "{requestID} {invocationID} {serviceName} {serviceIP}" + datefmt: "%Y-%m-%d %H:%M:%S" + (): onaplogging.mdcformatter.MDCFormatter diff --git a/kubernetes/multicloud/charts/multicloud-pike/templates/NOTES.txt b/kubernetes/multicloud/charts/multicloud-pike/templates/NOTES.txt new file mode 100644 index 0000000000..7adeb620b5 --- /dev/null +++ b/kubernetes/multicloud/charts/multicloud-pike/templates/NOTES.txt @@ -0,0 +1,34 @@ +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} +{{- end }} diff --git a/kubernetes/multicloud/charts/multicloud-pike/templates/configmap.yaml b/kubernetes/multicloud/charts/multicloud-pike/templates/configmap.yaml new file mode 100644 index 0000000000..db636e7bca --- /dev/null +++ b/kubernetes/multicloud/charts/multicloud-pike/templates/configmap.yaml @@ -0,0 +1,28 @@ +{{/* +# Copyright (c) 2018 Intel Corporation. +# # +# # Licensed under the Apache License, Version 2.0 (the "License"); +# # you may not use this file except in compliance with the License. +# # You may obtain a copy of the License at +# # +# # http://www.apache.org/licenses/LICENSE-2.0 +# # +# # Unless required by applicable law or agreed to in writing, software +# # distributed under the License is distributed on an "AS IS" BASIS, +# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# # See the License for the specific language governing permissions and +# # limitations under the License. +*/}} + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-log-configmap + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/log/*").AsConfig . | indent 2 }} diff --git a/kubernetes/multicloud/charts/multicloud-pike/templates/deployment.yaml b/kubernetes/multicloud/charts/multicloud-pike/templates/deployment.yaml new file mode 100644 index 0000000000..a7c54444b0 --- /dev/null +++ b/kubernetes/multicloud/charts/multicloud-pike/templates/deployment.yaml @@ -0,0 +1,110 @@ +{{/* +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + selector: + matchLabels: + app: {{ include "common.name" . }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + name: {{ include "common.name" . }} + annotations: + sidecar.istio.io/inject: "{{.Values.istioSidecar}}" + spec: + containers: + - env: + - name: MSB_ADDR + value: "{{ .Values.config.msbgateway }}.{{ include "common.namespace" . }}" + - name: MSB_PORT + value: "{{ .Values.config.msbPort }}" + - name: AAI_ADDR + value: aai.{{ include "common.namespace" . }} + - name: AAI_PORT + value: "{{ .Values.config.aai.port }}" + - name: AAI_SCHEMA_VERSION + value: "{{ .Values.config.aai.schemaVersion }}" + - name: AAI_USERNAME + value: "{{ .Values.config.aai.username }}" + - name: AAI_PASSWORD + value: "{{ .Values.config.aai.password }}" + name: {{ include "common.name" . }} + volumeMounts: + - mountPath: /var/log/onap + name: pike-log + - mountPath: /opt/pike/pike/pub/config/log.yml + name: pike-logconfig + subPath: log.yml + resources: +{{ include "common.resources" . | indent 12 }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.internalPort }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{ if .Values.liveness.enabled }} + livenessProbe: + httpGet: + path: /api/multicloud-pike/v0/swagger.json + port: {{ .Values.service.internalPort }} + scheme: HTTP + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} + successThreshold: {{ .Values.liveness.successThreshold }} + failureThreshold: {{ .Values.liveness.failureThreshold }} + {{ end }} + # side car containers + - image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: filebeat-onap + volumeMounts: + - mountPath: /usr/share/filebeat/filebeat.yml + name: filebeat-conf + subPath: filebeat.yml + - mountPath: /var/log/onap + name: pike-log + - mountPath: /usr/share/filebeat/data + name: pike-data-filebeat + + volumes: + - name: pike-log + emptyDir: {} + - name: pike-data-filebeat + emptyDir: {} + - name: filebeat-conf + configMap: + name: multicloud-filebeat-configmap + - name: pike-logconfig + configMap: + name: {{ include "common.fullname" . }}-log-configmap + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" + restartPolicy: Always diff --git a/kubernetes/multicloud/charts/multicloud-pike/templates/service.yaml b/kubernetes/multicloud/charts/multicloud-pike/templates/service.yaml new file mode 100644 index 0000000000..7953b0d6d9 --- /dev/null +++ b/kubernetes/multicloud/charts/multicloud-pike/templates/service.yaml @@ -0,0 +1,61 @@ +{{/* +# Copyright (c) 2018 Intel Corporation. +# # +# # Licensed under the Apache License, Version 2.0 (the "License"); +# # you may not use this file except in compliance with the License. +# # You may obtain a copy of the License at +# # +# # http://www.apache.org/licenses/LICENSE-2.0 +# # +# # Unless required by applicable law or agreed to in writing, software +# # distributed under the License is distributed on an "AS IS" BASIS, +# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# # See the License for the specific language governing permissions and +# # limitations under the License. +*/}} + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + annotations: + msb.onap.org/service-info: '[ + { + "serviceName": "multicloud-pike", + "version": "v0", + "url": "/api/multicloud-pike/v0", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange": "1" + }, + { + "serviceName": "multicloud-pike", + "version": "v1", + "url": "/api/multicloud-pike/v1", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange": "1" + } + ]' + +spec: + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + type: {{ .Values.service.type }} diff --git a/kubernetes/multicloud/charts/multicloud-pike/values.yaml b/kubernetes/multicloud/charts/multicloud-pike/values.yaml new file mode 100644 index 0000000000..ee937ae2ac --- /dev/null +++ b/kubernetes/multicloud/charts/multicloud-pike/values.yaml @@ -0,0 +1,87 @@ +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/multicloud/openstack-pike:1.2.0-STAGING +pullPolicy: Always + +#Istio sidecar injection policy +istioSidecar: true + +# application configuration +config: + msbgateway: msb-iag + msbPort: 80 + aai: + port: 8443 + schemaVersion: v13 + username: AAI + password: AAI + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 30 + periodSeconds: 10 + timeoutSeconds: 10 + successThreshold: 1 + failureThreshold: 5 + enabled: true + +service: + type: NodePort + name: multicloud-pike + portName: multicloud-pike + externalPort: 9007 + internalPort: 9007 + nodePort: 96 + +ingress: + enabled: false + +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 1 + memory: 4Gi + requests: + cpu: 10m + memory: 1Gi + large: + limits: + cpu: 2 + memory: 8Gi + requests: + cpu: 20m + memory: 2Gi + unlimited: {} diff --git a/kubernetes/multicloud/resources/config/provider-plugin.json b/kubernetes/multicloud/resources/config/provider-plugin.json index 2f799e5cdb..2bc98943a5 100644 --- a/kubernetes/multicloud/resources/config/provider-plugin.json +++ b/kubernetes/multicloud/resources/config/provider-plugin.json @@ -7,6 +7,11 @@ "extra_info_hint": "", "provider_plugin": "multicloud-titaniumcloud" }, + "pike": { + "version": "pike", + "extra_info_hint": "", + "provider_plugin": "multicloud-pike" + }, "ocata": { "version": "ocata", "extra_info_hint": "", @@ -25,5 +30,16 @@ } }, "provider_plugin": "multicloud-vio" + }, + "azure": { + "vim_type": "azure", + "versions": { + "1.0": { + "version": "1.0", + "extra_info_hint": "", + "provider_plugin": "multicloud-azure" + } + }, + "provider_plugin": "multicloud-azure" } } diff --git a/kubernetes/nbi/charts/mariadb/values.yaml b/kubernetes/nbi/charts/mariadb/values.yaml index dd93b924ae..dc5aa89e7d 100644 --- a/kubernetes/nbi/charts/mariadb/values.yaml +++ b/kubernetes/nbi/charts/mariadb/values.yaml @@ -80,16 +80,16 @@ flavor: small resources: small: limits: - cpu: 2 - memory: 4Gi - requests: cpu: 1 - memory: 2Gi + memory: 500Mi + requests: + cpu: 10m + memory: 200Mi large: limits: - cpu: 4 - memory: 8Gi + cpu: 1 + memory: 1Gi requests: - cpu: 2 - memory: 4Gi + cpu: 20m + memory: 400Mi unlimited: {} diff --git a/kubernetes/nbi/values.yaml b/kubernetes/nbi/values.yaml index 703398d71e..f904b4cece 100644 --- a/kubernetes/nbi/values.yaml +++ b/kubernetes/nbi/values.yaml @@ -84,15 +84,21 @@ affinity: {} # probe configuration parameters liveness: + httpGet: + path: /nbi/api/v3/status + port: 8080 initialDelaySeconds: 120 - periodSeconds: 10 + periodSeconds: 20 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: - initialDelaySeconds: 10 - periodSeconds: 10 + httpGet: + path: /nbi/api/v3/status + port: 8080 + initialDelaySeconds: 125 + periodSeconds: 20 service: type: NodePort @@ -121,4 +127,4 @@ resources: requests: cpu: 200m memory: 2Gi - unlimited: {}
\ No newline at end of file + unlimited: {} diff --git a/kubernetes/onap/resources/environments/dev.yaml b/kubernetes/onap/resources/environments/dev.yaml index 4c9e7046c3..386a3cf395 100644 --- a/kubernetes/onap/resources/environments/dev.yaml +++ b/kubernetes/onap/resources/environments/dev.yaml @@ -42,7 +42,7 @@ global: # override default mount path root directory # referenced by persistent volumes and log files persistence: - mountPath: /dockerdata + mountPath: /dockerdata-nfs # flag to enable debugging - application support required debugEnabled: true @@ -55,14 +55,18 @@ aaf: enabled: false aai: enabled: false + aai-cassandra: + replicaCount: 1 appc: enabled: false clamp: - enabled: true + enabled: false cli: enabled: false consul: enabled: false +contrib: + enabled: false dcaegen2: enabled: false dmaap: @@ -83,6 +87,8 @@ nbi: enabled: false policy: enabled: false +pomba: + enabled: false portal: enabled: false robot: @@ -97,7 +103,7 @@ sdnc: mysql: replicaCount: 1 so: - enabled: true + enabled: false replicaCount: 1 diff --git a/kubernetes/onap/resources/environments/disable-allcharts.yaml b/kubernetes/onap/resources/environments/disable-allcharts.yaml index 1cf1ab1b37..dd30e1d87e 100644 --- a/kubernetes/onap/resources/environments/disable-allcharts.yaml +++ b/kubernetes/onap/resources/environments/disable-allcharts.yaml @@ -37,6 +37,8 @@ cli: enabled: false consul: enabled: false +contrib: + enabled: false dcaegen2: enabled: false dmaap: diff --git a/kubernetes/oof/resources/config/aaf_root_ca.cer b/kubernetes/oof/resources/config/aaf_root_ca.cer new file mode 100755 index 0000000000..e9a50d7ea0 --- /dev/null +++ b/kubernetes/oof/resources/config/aaf_root_ca.cer @@ -0,0 +1,31 @@ +-----BEGIN CERTIFICATE----- +MIIFPjCCAyagAwIBAgIJAJ6u7cCnzrWdMA0GCSqGSIb3DQEBCwUAMCwxDjAMBgNV +BAsMBU9TQUFGMQ0wCwYDVQQKDARPTkFQMQswCQYDVQQGEwJVUzAeFw0xODA0MDUx +NDE1MjhaFw0zODAzMzExNDE1MjhaMCwxDjAMBgNVBAsMBU9TQUFGMQ0wCwYDVQQK +DARPTkFQMQswCQYDVQQGEwJVUzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC +ggIBAMA5pkgRs7NhGG4ew5JouhyYakgYUyFaG121+/h8qbSdt0hVQv56+EA41Yq7 +XGie7RYDQK9NmAFF3gruE+6X7wvJiChp+Cyd7sFMnb65uWhxEdxWTM2BJFrgfzUn +H8ZCxgaCo3XH4PzlKRy2LQQJEJECwl/RZmRCXijMt5e9h8XoZY/fKkKcZZUsWNCM +pTo266wjvA9MXLmdgReRj0+vrCjrNqy+htwJDztoiHWiYPqT6o8EvGcgjNqjlZx7 +NUNf8MfLDByqKF6+wRbHv1GKjn3/Vijd45Fv8riyRYROiFanvbV6jIfBkv8PZbXg +2VDWsYsgp8NAvMxK+iV8cO+Ck3lBI2GOPZbCEqpPVTYbLUz6sczAlCXwQoPzDIZY +wYa3eR/gYLY1gP2iEVHORag3bLPap9ZX5E8DZkzTNTjovvLk8KaCmfcaUMJsBtDd +ApcUitz10cnRyZc1sX3gE1f3DpzQM6t9C5sOVyRhDcSrKqqwb9m0Ss04XAS9FsqM +P3UWYQyqDXSxlUAYaX892u8mV1hxnt2gjb22RloXMM6TovM3sSrJS0wH+l1nznd6 +aFXftS/G4ZVIVZ/LfT1is4StoyPWZCwwwly1z8qJQ/zhip5NgZTxQw4mi7ww35DY +PdAQOCoajfSvFjqslQ/cPRi/MRCu079heVb5fQnnzVtnpFQRAgMBAAGjYzBhMB0G +A1UdDgQWBBRTVTPyS+vQUbHBeJrBKDF77+rtSTAfBgNVHSMEGDAWgBRTVTPyS+vQ +UbHBeJrBKDF77+rtSTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAN +BgkqhkiG9w0BAQsFAAOCAgEAPx/IaK94n02wPxpnYTy+LVLIxwdq/kawNd6IbiMz +L87zmNMDmHcGbfoRCj8OkhuggX9Lx1/CkhpXimuYsZOFQi5blr/u+v4mIbsgbmi9 +7j+cUHDP0zLycvSvxKHty51LwmaX9a4wkJl5zBU4O1sd/H9tWcEmwJ39ltKoBKBx +c94Zc3iMm5ytRWGj+0rKzLDAXEWpoZ5bE5PLJauA6UDCxDLfs3FwhbS7uDggxYvf +jySF5FCNET94oJ+m8s7VeHvoa8iPGKvXrIqdd7XDHnqJJlVKr7m9S0fMbyEB8ci2 +RtOXDt93ifY1uhoEtEykn4dqBSp8ezvNMnwoXdYPDvTd9uCAFeWFLVreBAWxd25h +PsBTkZA5hpa/rA+mKv6Af4VBViYr8cz4dZCsFChuioVebe9ighrfjB//qKepFjPF +CyjzKN1u0JKm/2x/ORqxkTONG8p3uDwoIOyimUcTtTMv42bfYD88RKakqSFXE9G+ +Z0LlaKABqfjK49o/tsAp+c5LoNlYllKhnetO3QAdraHwdmC36BhoghzR1jpX751A +cZn2VH3Q4XKyp01cJNCJIrua+A+bx6zh3RyW6zIIkbRCbET+UD+4mr8WIcSE3mtR +ZVlnhUDO4z9//WKMVzwS9Rh8/kuszrGFI1KQozXCHLrce3YP6RYZfOed79LXaRwX +dYY= +-----END CERTIFICATE----- diff --git a/kubernetes/oof/resources/config/osdf_config.yaml b/kubernetes/oof/resources/config/osdf_config.yaml index f286be4595..d39a83222f 100755 --- a/kubernetes/oof/resources/config/osdf_config.yaml +++ b/kubernetes/oof/resources/config/osdf_config.yaml @@ -1,18 +1,29 @@ -osdfPlacementSOUsername: {{ .Values.config.osdfPlacementSOUsername }} -osdfPlacementSOPassword: {{ .Values.config.osdfPlacementSOPassword }} +placementVersioningEnabled: {{ .Values.config.placementVersioningEnabled }} -osdfCMSchedulerUsername: {{ .Values.config.osdfCMSchedulerUsername }} -osdfCMSchedulerPassword: {{ .Values.config.osdfCMSchedulerPassword }} +# Placement API latest version numbers to be set in HTTP header +placementMajorVersion: {{ .Values.config.placementMajorVersion }} +placementMinorVersion: {{ .Values.config.placementMinorVersion }} +placementPatchVersion: {{ .Values.config.placementPatchVersion }} + +# Placement API default version numbers to be set in HTTP header +placementDefaultMajorVersion: {{ .Values.config.placementDefaultMajorVersion }} +placementDefaultMinorVersion: {{ .Values.config.placementDefaultMinorVersion }} +placementDefaultPatchVersion: {{ .Values.config.placementDefaultPatchVersion }} +# Credentials for SO soUsername: {{ .Values.config.soUsername }} soPassword: {{ .Values.config.soPassword }} +# Credentials for Conductor conductorUrl: {{ .Values.config.conductorUrl }} conductorUsername: {{ .Values.config.conductorUsername }} conductorPassword: {{ .Values.config.conductorPassword }} conductorPingWaitTime: {{ .Values.config.conductorPingWaitTime }} conductorMaxRetries: {{ .Values.config.conductorMaxRetries }} +# versions to be set in HTTP header +conductorMinorVersion: {{ .Values.config.conductorMinorVersion }} +# Policy Platform -- requires ClientAuth, Authorization, and Environment policyPlatformUrl: {{ .Values.config.policyPlatformUrl }} policyPlatformEnv: {{ .Values.config.policyPlatformEnv }} policyPlatformUsername: {{ .Values.config.policyPlatformUsername }} @@ -20,15 +31,59 @@ policyPlatformPassword: {{ .Values.config.policyPlatformPassword }} policyClientUsername: {{ .Values.config.policyClientUsername }} policyClientPassword: {{ .Values.config.policyClientPassword }} +# Credentials for DMaaP messageReaderHosts: {{ .Values.config.messageReaderHosts }} messageReaderTopic: {{ .Values.config.messageReaderTopic }} messageReaderAafUserId: {{ .Values.config.messageReaderAafUserId }} messageReaderAafPassword: {{ .Values.config.messageReaderAafPassword }} +# Credentials for SDC sdcUrl: {{ .Values.config.sdcUrl }} sdcUsername: {{ .Values.config.sdcUsername }} sdcPassword: {{ .Values.config.sdcPassword }} sdcONAPInstanceID: {{ .Values.config.sdcONAPInstanceID }} +# Credentials for the OOF placement service - Generic osdfPlacementUsername: {{ .Values.config.osdfPlacementUsername }} osdfPlacementPassword: {{ .Values.config.osdfPlacementPassword }} + +# Credentials for the OOF placement service - SO +osdfPlacementSOUsername: {{ .Values.config.osdfPlacementSOUsername }} +osdfPlacementSOPassword: {{ .Values.config.osdfPlacementSOPassword }} + +# Credentials for the OOF placement service - VFC +osdfPlacementVFCUsername: {{ .Values.config.osdfPlacementVFCUsername }} +osdfPlacementVFCPassword: {{ .Values.config.osdfPlacementVFCPassword }} + +# Credentials for the OOF CM scheduling service - Generic +osdfCMSchedulerUsername: {{ .Values.config.osdfCMSchedulerUsername }} +osdfCMSchedulerPassword: {{ .Values.config.osdfCMSchedulerPassword }} + +is_aaf_enabled: {{ .Values.config.is_aaf_enabled }} +aaf_cache_expiry_hrs: {{ .Values.config.aaf_cache_expiry_hrs }} +aaf_url: {{ .Values.config.aaf_url }} +aaf_user_roles: + {{- range .Values.config.aaf_user_roles }} + - {{ . }} + {{- end }} + +# Secret Management Service from AAF +aaf_sms_url: {{ .Values.config.aaf_sms_url }} +aaf_sms_timeout: {{ .Values.config.aaf_sms_timeout }} +secret_domain: {{ .Values.config.secret_domain }} +aaf_ca_certs: {{ .Values.config.aaf_ca_certs }} + +# config db api +configDbUrl: {{ .Values.config.configDbUrl }} +configDbUserName: {{ .Values.config.configDbUserName }} +configDbPassword: {{ .Values.config.configDbPassword }} +configDbGetCellListUrl: {{ .Values.config.configDbGetCellListUrl }} +configDbGetNbrListUrl: {{ .Values.config.configDbGetNbrListUrl }} + +# Credentials for PCIHandler +pciHMSUsername: {{ .Values.config.pciHMSUsername }} +pciHMSPassword: {{ .Values.config.pciHMSPassword }} + +# Credentials for the OOF PCI Opt service +osdfPCIOptUsername: {{ .Values.config.osdfPCIOptUsername }} +osdfPCIOptPassword: {{ .Values.config.osdfPCIOptPassword }} diff --git a/kubernetes/oof/templates/deployment.yaml b/kubernetes/oof/templates/deployment.yaml index ed64166b59..07f1ff44a9 100644 --- a/kubernetes/oof/templates/deployment.yaml +++ b/kubernetes/oof/templates/deployment.yaml @@ -38,6 +38,10 @@ spec: - --container-name - pdp - --container-name + - aaf-service + - --container-name + - aaf-sms + - --container-name - oof-has-api env: - name: NAMESPACE @@ -76,6 +80,9 @@ spec: - mountPath: /opt/app/config/osdf_config.yaml name: {{ include "common.fullname" . }}-config subPath: osdf_config.yaml + - mountPath: /opt/app/ssl_cert/aaf_root_ca.cer + name: {{ include "common.fullname" . }}-config + subPath: aaf_root_ca.cer resources: {{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} @@ -97,5 +104,7 @@ spec: items: - key: osdf_config.yaml path: osdf_config.yaml + - key: aaf_root_ca.cer + path: aaf_root_ca.cer imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/oof/values.yaml b/kubernetes/oof/values.yaml index c249f26569..da69c42b9e 100644 --- a/kubernetes/oof/values.yaml +++ b/kubernetes/oof/values.yaml @@ -36,12 +36,15 @@ debugEnabled: false config: msbgateway: msb-iag msbPort: 80 - # Credentials for the OOF placement service – SO. - osdfPlacementSOUsername: so_test - osdfPlacementSOPassword: so_testpwd - # Credentials for the OOF CM scheduling service – Generic. - osdfCMSchedulerUsername: test1 - osdfCMSchedulerPassword: testpwd1 + placementVersioningEnabled: False + # Placement API latest version numbers to be set in HTTP header + placementMajorVersion: "1" + placementMinorVersion: "0" + placementPatchVersion: "0" + # Placement API default version numbers to be set in HTTP header + placementDefaultMajorVersion: "1" + placementDefaultMinorVersion: "0" + placementDefaultPatchVersion: "0" # Credentials of the callback url for SO. soUsername: "" # SO username for call back. soPassword: "" # SO password for call back. @@ -51,6 +54,8 @@ config: conductorPassword: plan.15 conductorPingWaitTime: 60 conductorMaxRetries: 30 + # versions to be set in HTTP header + conductorMinorVersion: 0 # Url and credentials for the Policy Platform policyPlatformUrl: http://pdp:8081/pdp/api/getConfig # Policy Dev platform URL policyPlatformEnv: TEST # Environment for policy platform @@ -71,6 +76,38 @@ config: # Credentials for the placement service – Generic. osdfPlacementUsername: "test" osdfPlacementPassword: "testpwd" + # Credentials for the OOF placement service – SO. + osdfPlacementSOUsername: so_test + osdfPlacementSOPassword: so_testpwd + # Credentials for the OOF placement service - VFC + osdfPlacementVFCUsername: vfc_test + osdfPlacementVFCPassword: vfc_testpwd + # Credentials for the OOF CM scheduling service – Generic. + osdfCMSchedulerUsername: test1 + osdfCMSchedulerPassword: testpwd1 + #AAF Authentication + is_aaf_enabled: False + aaf_cache_expiry_hrs: 3 + aaf_url: https://aaf-service:8100 + aaf_user_roles: + - '/api/oof/v1/placement:org.onap.osdf.access|*|read ALL' + # Secret Management Service from AAF + aaf_sms_url: https://aaf-sms:10443 + aaf_sms_timeout: 30 + secret_domain: osdf + aaf_ca_certs: /opt/app/ssl_cert/aaf_root_ca.cer + # config db api + configDbUrl: http://config.db.url:8080 + configDbUserName: osdf + configDbPassword: passwd + configDbGetCellListUrl: 'SDNCConfigDBAPI/getCellList' + configDbGetNbrListUrl: 'SDNCConfigDBAPI/getNbrList' + # Credentials for PCIHandler + pciHMSUsername: "" # pcihandler username for call back. + pciHMSPassword: "" # pcihandler password for call back. + # Credentials for the OOF PCI Opt service + osdfPCIOptUsername: pci_test + osdfPCIOptPassword: pci_testpwd # default number of instances replicaCount: 1 nodeSelector: {} diff --git a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/base.conf b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/base.conf index c5c35d84b9..a67f32f368 100644 --- a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/base.conf +++ b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/base.conf @@ -24,8 +24,8 @@ TRUSTSTORE_PASSWD=Pol1cy_0nap ENGINE_MANAGEMENT_PORT=9696 ENGINE_MANAGEMENT_HOST=0.0.0.0 -ENGINE_MANAGEMENT_USER=@1b3rt -ENGINE_MANAGEMENT_PASSWORD=31nst31n +ENGINE_MANAGEMENT_USER=demo@people.osaaf.org +ENGINE_MANAGEMENT_PASSWORD=demo123456! # nexus repository @@ -99,3 +99,9 @@ SO_PASSWORD=password1$ VFC_URL= VFC_USERNAME= VFC_PASSWORD= + +# SDNC + +SDNC_URL= +SDNC_USERNAME= +SDNC_PASSWORD= diff --git a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/keys/feature-healthcheck.conf b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/keys/feature-healthcheck.conf index cbb45a5828..20d8298472 100644 --- a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/keys/feature-healthcheck.conf +++ b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/keys/feature-healthcheck.conf @@ -1,4 +1,4 @@ -# Copyright © 2017 Amdocs, Bell Canada, AT&T +# Copyright © 2017-2018 Amdocs, Bell Canada, AT&T # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -12,5 +12,5 @@ # See the License for the specific language governing permissions and # limitations under the License. -HEALTHCHECK_USER=healthcheck -HEALTHCHECK_PASSWORD=zb!XztG34 +HEALTHCHECK_USER=demo@people.osaaf.org +HEALTHCHECK_PASSWORD=demo123456! diff --git a/kubernetes/policy/charts/drools/resources/scripts/update-vfw-op-policy.sh b/kubernetes/policy/charts/drools/resources/scripts/update-vfw-op-policy.sh index e85449a6da..ff7a64bdb9 100644 --- a/kubernetes/policy/charts/drools/resources/scripts/update-vfw-op-policy.sh +++ b/kubernetes/policy/charts/drools/resources/scripts/update-vfw-op-policy.sh @@ -95,7 +95,7 @@ echo "PDP-D amsterdam maven coordinates .." echo echo -curl -vvv -k --silent --user @1b3rt:31nst31n -X GET https://${K8S_HOST}:${POLICY_DROOLS_PORT}/policy/pdp/engine/controllers/amsterdam/drools | python -m json.tool +curl -vvv -k --silent --user "demo@people.osaaf.org:demo123456!" -X GET https://${K8S_HOST}:${POLICY_DROOLS_PORT}/policy/pdp/engine/controllers/amsterdam/drools | python -m json.tool echo @@ -104,4 +104,4 @@ echo "PDP-D control loop updated .." echo echo -curl -v -k --silent --user @1b3rt:31nst31n -X GET https://${K8S_HOST}:${POLICY_DROOLS_PORT}/policy/pdp/engine/controllers/amsterdam/drools/facts/closedloop-amsterdam/org.onap.policy.controlloop.Params | python -m json.tool +curl -v -k --silent --user "demo@people.osaaf.org:demo123456!" -X GET https://${K8S_HOST}:${POLICY_DROOLS_PORT}/policy/pdp/engine/controllers/amsterdam/drools/facts/closedloop-amsterdam/org.onap.policy.controlloop.Params | python -m json.tool diff --git a/kubernetes/policy/resources/config/pe/console.conf b/kubernetes/policy/resources/config/pe/console.conf index 9cf8a29612..deb213e4b6 100644 --- a/kubernetes/policy/resources/config/pe/console.conf +++ b/kubernetes/policy/resources/config/pe/console.conf @@ -135,8 +135,8 @@ onap_application_name= #-----------------------ONAP-PORTAL-Properties---------------------- -ONAP_REDIRECT_URL=http://portal-app.{{.Release.Namespace}}:8989/ONAPPORTAL/login.htm -ONAP_REST_URL=http://portal-app.{{.Release.Namespace}}:8989/ONAPPORTAL/auxapi +ONAP_REDIRECT_URL=https://portal-app.{{.Release.Namespace}}:30225/ONAPPORTAL/login.htm +ONAP_REST_URL=https://portal-app:8443/ONAPPORTAL/auxapi ONAP_UEB_URL_LIST= ONAP_PORTAL_INBOX_NAME= ONAP_UEB_APP_KEY= diff --git a/kubernetes/pomba/charts/pomba-contextaggregator/resources/config/builders/ndcb.properties b/kubernetes/pomba/charts/pomba-contextaggregator/resources/config/builders/ndcb.properties index aa80aed310..f07cb65c31 100755 --- a/kubernetes/pomba/charts/pomba-contextaggregator/resources/config/builders/ndcb.properties +++ b/kubernetes/pomba/charts/pomba-contextaggregator/resources/config/builders/ndcb.properties @@ -12,7 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -server.host={{ .Values.config.networkdiscoveryCtxBuilderHost }} +server.host={{ .Values.global.networkdiscoveryCtxBuilderHost }} basicauth.username={{ .Values.config.networkdiscoveryCtxBuilderUsername }} basicauth.password={{ .Values.config.networkdiscoveryCtxBuilderPassword }} server.port={{ .Values.config.ctxBuilderExternalPort }} diff --git a/kubernetes/pomba/charts/pomba-contextaggregator/values.yaml b/kubernetes/pomba/charts/pomba-contextaggregator/values.yaml index 905ea87efa..9535a7ebd5 100755 --- a/kubernetes/pomba/charts/pomba-contextaggregator/values.yaml +++ b/kubernetes/pomba/charts/pomba-contextaggregator/values.yaml @@ -40,7 +40,6 @@ config: sdncCtxBuilderHost: pomba-sdncctxbuilder sdncCtxBuilderUsername: admin sdncCtxBuilderPassword: OBF:1u2a1toa1w8v1tok1u30 - networkdiscoveryCtxBuilderHost: pomba-networkdiscoveryctxbuilder networkdiscoveryCtxBuilderUsername: admin networkdiscoveryCtxBuilderPassword: OBF:1u2a1toa1w8v1tok1u30 ctxBuilderExternalPort: 9530 diff --git a/kubernetes/pomba/charts/pomba-networkdiscoveryctxbuilder/resources/config/application.properties b/kubernetes/pomba/charts/pomba-networkdiscoveryctxbuilder/resources/config/application.properties index f84906e9ef..5317ab353c 100644 --- a/kubernetes/pomba/charts/pomba-networkdiscoveryctxbuilder/resources/config/application.properties +++ b/kubernetes/pomba/charts/pomba-networkdiscoveryctxbuilder/resources/config/application.properties @@ -31,6 +31,7 @@ server.tomcat.max-idle-time=60000 # Network Discovery Context Builder REST Service networkDiscoveryCtxBuilder.httpProtocol={{ .Values.config.networkDiscoveryCtxBuilderHttpProtocol }} +networkDiscoveryCtxBuilder.serviceName={{ .Values.global.networkdiscoveryCtxBuilderHost }} networkDiscoveryCtxBuilder.port={{ .Values.config.networkDiscoveryCtxBuilderPort }} # Basic Authorization credentials for Network Discovery Context Builder REST Service networkDiscoveryCtxBuilder.userId={{ .Values.config.networkDiscoveryCtxBuilderUserId }} diff --git a/kubernetes/pomba/charts/pomba-validation-service/resources/bundleconfig/etc/rules/poa-event/default-rules.groovy b/kubernetes/pomba/charts/pomba-validation-service/resources/bundleconfig/etc/rules/poa-event/default-rules.groovy index ec38724b40..f74d832449 100644 --- a/kubernetes/pomba/charts/pomba-validation-service/resources/bundleconfig/etc/rules/poa-event/default-rules.groovy +++ b/kubernetes/pomba/charts/pomba-validation-service/resources/bundleconfig/etc/rules/poa-event/default-rules.groovy @@ -87,7 +87,7 @@ entity { rule { name 'SDC-AAI-vnfc-type' - category 'INVALID_VALUE' + category 'VNFC Consistency' description 'Validate that each VNFC instance in AAI conforms to a VNFC type defined in SDC model' errorText 'AAI VNFC instance includes non-specified type in design SDC model' severity 'ERROR' @@ -102,13 +102,13 @@ rule { def aaiTypes = getVnfcTypes(slurper.parseText(aaiList.toString())) // each type in AAI must exist in SDC - return aaiTypes.containsAll(sdcTypes) + return sdcTypes.containsAll(aaiTypes) ''' } rule { name 'SDC-AAI-vnfc-node-count' - category 'INVALID_VALUE' + category 'VNFC Consistency' description 'Validate that for each VNFC node defined in SDC model, there is at least one VNFC instance in AAI' errorText 'Design has specified types but not all of them exist in AAI' severity 'WARNING' @@ -132,7 +132,7 @@ rule { rule { name 'SDC-AAI-vf-module-instance-check' - category 'INVALID_VALUE' + category 'VF Consistency' description 'Validate that each VF module instance in AAI conforms to a VF module defined in SDC service model' errorText 'One or more AAI VF module instance(s) not defined in SDC model' severity 'CRITICAL' @@ -153,7 +153,7 @@ rule { rule { name 'NDCB-AAI-attribute-comparison' - category 'INVALID_VALUE' + category 'Attribute Mismatch' description 'Verify that all attributes in Network-Discovery are the same as in AAI' errorText 'Error found with attribute "{0}"; value "{1}" does not exist in Network-Discovery' severity 'ERROR' diff --git a/kubernetes/pomba/values.yaml b/kubernetes/pomba/values.yaml index f0acaa5b88..04e89f07b3 100644 --- a/kubernetes/pomba/values.yaml +++ b/kubernetes/pomba/values.yaml @@ -22,6 +22,7 @@ global: loggingImage: beats/filebeat:5.5.0 repository: nexus3.onap.org:10001 dockerhubRepository: docker.io + networkdiscoveryCtxBuilderHost: pomba-networkdiscoveryctxbuilder # application configuration config: diff --git a/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.jks b/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.jks Binary files differnew file mode 100644 index 0000000000..4b7e115d8c --- /dev/null +++ b/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.jks diff --git a/kubernetes/portal/charts/portal-app/resources/certs/truststoreONAPall.jks b/kubernetes/portal/charts/portal-app/resources/certs/truststoreONAPall.jks Binary files differnew file mode 100644 index 0000000000..ff844b109d --- /dev/null +++ b/kubernetes/portal/charts/portal-app/resources/certs/truststoreONAPall.jks diff --git a/kubernetes/portal/charts/portal-app/resources/server/server.xml b/kubernetes/portal/charts/portal-app/resources/server/server.xml new file mode 100644 index 0000000000..c87e6c377a --- /dev/null +++ b/kubernetes/portal/charts/portal-app/resources/server/server.xml @@ -0,0 +1,147 @@ +<?xml version='1.0' encoding='utf-8'?> +<!-- + Licensed to the Apache Software Foundation (ASF) under one or more + contributor license agreements. See the NOTICE file distributed with + this work for additional information regarding copyright ownership. + The ASF licenses this file to You under the Apache License, Version 2.0 + (the "License"); you may not use this file except in compliance with + the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +--> +<!-- Note: A "Server" is not itself a "Container", so you may not + define subcomponents such as "Valves" at this level. + Documentation at /docs/config/server.html + --> +<Server port="8005" shutdown="SHUTDOWN"> + <Listener className="org.apache.catalina.startup.VersionLoggerListener" /> + <!-- Security listener. Documentation at /docs/config/listeners.html + <Listener className="org.apache.catalina.security.SecurityListener" /> + --> + <!--APR library loader. Documentation at /docs/apr.html --> + <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" /> + <!-- Prevent memory leaks due to use of particular java/javax APIs--> + <Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" /> + <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" /> + <Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" /> + + <!-- Global JNDI resources + Documentation at /docs/jndi-resources-howto.html + --> + <GlobalNamingResources> + <!-- Editable user database that can also be used by + UserDatabaseRealm to authenticate users + --> + <Resource name="UserDatabase" auth="Container" + type="org.apache.catalina.UserDatabase" + description="User database that can be updated and saved" + factory="org.apache.catalina.users.MemoryUserDatabaseFactory" + pathname="conf/tomcat-users.xml" /> + </GlobalNamingResources> + + <!-- A "Service" is a collection of one or more "Connectors" that share + a single "Container" Note: A "Service" is not itself a "Container", + so you may not define subcomponents such as "Valves" at this level. + Documentation at /docs/config/service.html + --> + <Service name="Catalina"> + + <!--The connectors can use a shared executor, you can define one or more named thread pools--> + <!-- + <Executor name="tomcatThreadPool" namePrefix="catalina-exec-" + maxThreads="150" minSpareThreads="4"/> + --> + + + <!-- A "Connector" represents an endpoint by which requests are received + and responses are returned. Documentation at : + Java HTTP Connector: /docs/config/http.html (blocking & non-blocking) + Java AJP Connector: /docs/config/ajp.html + APR (HTTP/AJP) Connector: /docs/apr.html + Define a non-SSL/TLS HTTP/1.1 Connector on port 8080 + --> + <Connector port="8080" protocol="HTTP/1.1" + connectionTimeout="20000" + redirectPort="8443" /> + <!-- A "Connector" using the shared thread pool--> + <!-- + <Connector executor="tomcatThreadPool" + port="8080" protocol="HTTP/1.1" + connectionTimeout="20000" + redirectPort="8443" /> + --> + <!-- Define a SSL/TLS HTTP/1.1 Connector on port 8443 + This connector uses the NIO implementation that requires the JSSE + style configuration. When using the APR/native implementation, the + OpenSSL style configuration is required as described in the APR/native + documentation --> + <!-- + <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" + maxThreads="150" SSLEnabled="true" scheme="https" secure="true" + clientAuth="false" sslProtocol="TLS" /> + --> + + <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" + maxThreads="150" SSLEnabled="true" scheme="https" secure="true" + keystoreFile="{{.Values.global.keystoreFile}}" keystorePass="{{.Values.global.keypass}}" + clientAuth="false" sslProtocol="TLS" /> + + <!-- Define an AJP 1.3 Connector on port 8009 --> + <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" /> + + + <!-- An Engine represents the entry point (within Catalina) that processes + every request. The Engine implementation for Tomcat stand alone + analyzes the HTTP headers included with the request, and passes them + on to the appropriate Host (virtual host). + Documentation at /docs/config/engine.html --> + + <!-- You should set jvmRoute to support load-balancing via AJP ie : + <Engine name="Catalina" defaultHost="localhost" jvmRoute="jvm1"> + --> + <Engine name="Catalina" defaultHost="localhost"> + + <!--For clustering, please take a look at documentation at: + /docs/cluster-howto.html (simple how to) + /docs/config/cluster.html (reference documentation) --> + <!-- + <Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster"/> + --> + + <!-- Use the LockOutRealm to prevent attempts to guess user passwords + via a brute-force attack --> + <Realm className="org.apache.catalina.realm.LockOutRealm"> + <!-- This Realm uses the UserDatabase configured in the global JNDI + resources under the key "UserDatabase". Any edits + that are performed against this UserDatabase are immediately + available for use by the Realm. --> + <Realm className="org.apache.catalina.realm.UserDatabaseRealm" + resourceName="UserDatabase"/> + </Realm> + + <Host name="localhost" appBase="webapps" + unpackWARs="true" autoDeploy="true"> + + <!-- SingleSignOn valve, share authentication between web applications + Documentation at: /docs/config/valve.html --> + <!-- + <Valve className="org.apache.catalina.authenticator.SingleSignOn" /> + --> + + <!-- Access log processes all example. + Documentation at: /docs/config/valve.html + Note: The pattern used is equivalent to using pattern="common" --> + <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs" + prefix="localhost_access_log" suffix=".txt" + pattern="%h %l %u %t "%r" %s %b" /> + + </Host> + </Engine> + </Service> +</Server>
\ No newline at end of file diff --git a/kubernetes/portal/charts/portal-app/templates/configmap.yaml b/kubernetes/portal/charts/portal-app/templates/configmap.yaml index 178e91c5fc..28de588aa0 100644 --- a/kubernetes/portal/charts/portal-app/templates/configmap.yaml +++ b/kubernetes/portal/charts/portal-app/templates/configmap.yaml @@ -24,3 +24,4 @@ metadata: heritage: {{ .Release.Service }} data: {{ tpl (.Files.Glob "resources/config/deliveries/properties/ONAPPORTAL/*").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/server/*").AsConfig . | indent 2 }} diff --git a/kubernetes/portal/charts/portal-app/templates/deployment.yaml b/kubernetes/portal/charts/portal-app/templates/deployment.yaml index 2ab570aab2..fb9f35ba19 100644 --- a/kubernetes/portal/charts/portal-app/templates/deployment.yaml +++ b/kubernetes/portal/charts/portal-app/templates/deployment.yaml @@ -55,10 +55,20 @@ spec: - "" - -n - "" + env: + - name: javax.net.ssl.keyStore + value: {{ .Values.global.env.tomcatDir }}/{{ .Values.global.truststoreFile}} + - name: javax.net.ssl.keyStorePassword + value: {{ .Values.global.trustpass }} + - name: javax.net.ssl.trustStore + value: {{ .Values.global.env.tomcatDir }}/{{ .Values.global.truststoreFile}} + - name: javax.net.ssl.trustStorePassword + value: {{ .Values.global.trustpass }} ports: - containerPort: {{ .Values.service.internalPort }} - containerPort: {{ .Values.service.internalPort2 }} - containerPort: {{ .Values.service.internalPort3 }} + - containerPort: {{ .Values.service.internalPort4 }} {{- if eq .Values.liveness.enabled true }} livenessProbe: tcpSocket: @@ -93,8 +103,15 @@ spec: - name: properties-onapportal mountPath: "{{ .Values.global.env.tomcatDir }}/webapps/ONAPPORTAL/WEB-INF/classes/logback.xml" subPath: logback.xml - - name: portal-tomcat-logs - mountPath: "{{ .Values.global.env.tomcatDir }}/logs" + - name: properties-onapportal + mountPath: "{{ .Values.global.env.tomcatDir }}/conf/server.xml" + subPath: server.xml + - name: authz-onapportal + mountPath: "{{ .Values.global.env.tomcatDir }}/{{ .Values.global.keystoreFile}}" + subPath: {{ .Values.global.keystoreFile}} + - name: authz-onapportal + mountPath: "{{ .Values.global.env.tomcatDir }}/{{ .Values.global.truststoreFile}}" + subPath: {{ .Values.global.truststoreFile}} - name: var-log-onap mountPath: /var/log/onap resources: @@ -126,6 +143,9 @@ spec: configMap: name: {{ include "common.fullname" . }}-onapportal defaultMode: 0755 + - name: authz-onapportal + secret: + secretName: {{ include "common.fullname" . }}-authz-onapportal - name: filebeat-conf configMap: name: portal-filebeat diff --git a/kubernetes/aaf/resources/config/backup/cbackup.sh b/kubernetes/portal/charts/portal-app/templates/secret.yaml index de918520c6..18f85c1698 100644 --- a/kubernetes/aaf/resources/config/backup/cbackup.sh +++ b/kubernetes/portal/charts/portal-app/templates/secret.yaml @@ -1,4 +1,4 @@ -# Copyright © 2018 Amdocs, Bell Canada +# Copyright © 2018 Amdocs, Bell Canada, AT&T # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -12,11 +12,16 @@ # See the License for the specific language governing permissions and # limitations under the License. -cd /opt/app/cass_backup -DATA="ns role perm ns_attrib user_role cred cert x509 delegate approval approved future notify artifact health history" -PWD=cassandra -CQLSH="cqlsh -u cassandra -k authz -p $PWD" -for T in $DATA ; do - echo "Creating $T.dat" - $CQLSH -e "COPY authz.$T TO '$T.dat' WITH DELIMITER='|'" -done +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "common.fullname" . }}-authz-onapportal + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +type: Opaque +data: +{{ tpl (.Files.Glob "resources/certs/*").AsSecrets . | indent 2 }} diff --git a/kubernetes/portal/charts/portal-app/templates/service.yaml b/kubernetes/portal/charts/portal-app/templates/service.yaml index 4ccf2b02b8..9d7073243d 100644 --- a/kubernetes/portal/charts/portal-app/templates/service.yaml +++ b/kubernetes/portal/charts/portal-app/templates/service.yaml @@ -49,6 +49,10 @@ spec: targetPort: {{ .Values.service.internalPort3 }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort3 }} name: {{ .Values.service.portName }}3 + - port: {{ .Values.service.externalPort4 }} + targetPort: {{ .Values.service.internalPort4 }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort4 }} + name: {{ .Values.service.portName }}4 {{- else -}} - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} diff --git a/kubernetes/portal/charts/portal-app/values.yaml b/kubernetes/portal/charts/portal-app/values.yaml index a71e0c4da3..d34a08bb45 100644 --- a/kubernetes/portal/charts/portal-app/values.yaml +++ b/kubernetes/portal/charts/portal-app/values.yaml @@ -63,6 +63,9 @@ service: externalPort3: 8010 internalPort3: 8009 nodePort3: 14 + externalPort4: 8443 + internalPort4: 8443 + nodePort4: 25 mariadb: service: diff --git a/kubernetes/portal/charts/portal-mariadb/resources/config/mariadb/oom_updates.sql b/kubernetes/portal/charts/portal-mariadb/resources/config/mariadb/oom_updates.sql index 1dcf0d8606..6b9e8a957c 100644 --- a/kubernetes/portal/charts/portal-mariadb/resources/config/mariadb/oom_updates.sql +++ b/kubernetes/portal/charts/portal-mariadb/resources/config/mariadb/oom_updates.sql @@ -1,41 +1,41 @@ -/* -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -*/ - -USE portal; -/* -Any updates required by OOM to the portaldb are made here. -1. split up SDC-FE and SDC-BE. Originally both FE and BE point to the same IP -while the OOM K8s version has these service split up. -*/ --- app_url is the FE, app_rest_endpoint is the BE ---portal-sdk => TODO: doesn't open a node port yet -update fn_app set app_url = 'http://{{.Values.config.portalSdkHostName}}:{{.Values.config.portalSdkPort}}/ONAPPORTALSDK/welcome.htm', app_rest_endpoint = 'http://portal-sdk:8990/ONAPPORTALSDK/api/v2' where app_name = 'xDemo App'; ---dmaap-bc => the dmaap-bc doesn't open a node port.. -update fn_app set app_url = 'http://{{.Values.config.dmaapBcHostName}}:{{.Values.config.dmaapBcPort}}/ECOMPDBCAPP/dbc#/dmaap', app_rest_endpoint = 'http://dmaap-bc:8989/ECOMPDBCAPP/api/v2' where app_name = 'DMaaP Bus Ctrl'; ---sdc-be => 8443:30204, 8080:30205 ---sdc-fe => 8181:30206, 9443:30207 -update fn_app set app_url = 'http://{{.Values.config.sdcFeHostName}}:{{.Values.config.sdcFePort}}/sdc1/portal', app_rest_endpoint = 'http://sdc-be:8080/api/v2' where app_name = 'SDC'; ---pap => 8443:30219 -update fn_app set app_url = 'http://{{.Values.config.papHostName}}:{{.Values.config.papPort}}/onap/policy', app_rest_endpoint = 'http://pap:8443/onap/api/v2' where app_name = 'Policy'; ---vid => 8080:30200 -update fn_app set app_url = 'https://{{.Values.config.vidHostName}}:{{.Values.config.vidPort}}/vid/welcome.htm', app_rest_endpoint = 'https://vid:8443/vid/api/v2' where app_name = 'Virtual Infrastructure Deployment'; ---sparky => TODO: sparky doesn't open a node port yet -update fn_app set app_url = 'http://{{.Values.config.aaiSparkyHostName}}:{{.Values.config.aaiSparkyPort}}/services/aai/webapp/index.html#/viewInspect', app_rest_endpoint = 'http://aai-sparky-be.{{.Release.Namespace}}:9517/api/v2' where app_name = 'A&AI UI'; ---cli => 8080:30260 -update fn_app set app_url = 'http://{{.Values.config.cliHostName}}:{{.Values.config.cliPort}}/', app_type = 1 where app_name = 'CLI'; ---msb-discovery => 10081:30281 this is clearly incorrect -update fn_app set app_url = 'http://{{.Values.config.msbDiscoveryHostName}}:{{.Values.config.msbDiscoveryPort}}/iui/microservices/default.html' where app_name = 'MSB'; +/*
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+*/
+
+USE portal;
+/*
+Any updates required by OOM to the portaldb are made here.
+1. split up SDC-FE and SDC-BE. Originally both FE and BE point to the same IP
+while the OOM K8s version has these service split up.
+*/
+-- app_url is the FE, app_rest_endpoint is the BE
+--portal-sdk => TODO: doesn't open a node port yet
+update fn_app set app_url = 'http://{{.Values.config.portalSdkHostName}}:{{.Values.config.portalSdkPort}}/ONAPPORTALSDK/welcome.htm', app_rest_endpoint = 'http://portal-sdk:8990/ONAPPORTALSDK/api/v2' where app_name = 'xDemo App';
+--dmaap-bc => the dmaap-bc doesn't open a node port..
+update fn_app set app_url = 'http://{{.Values.config.dmaapBcHostName}}:{{.Values.config.dmaapBcPort}}/ECOMPDBCAPP/dbc#/dmaap', app_rest_endpoint = 'http://dmaap-bc:8989/ECOMPDBCAPP/api/v2' where app_name = 'DMaaP Bus Ctrl';
+--sdc-be => 8443:30204, 8080:30205
+--sdc-fe => 8181:30206, 9443:30207
+update fn_app set app_url = 'http://{{.Values.config.sdcFeHostName}}:{{.Values.config.sdcFePort}}/sdc1/portal', app_rest_endpoint = 'http://sdc-be:8080/api/v2' where app_name = 'SDC';
+--pap => 8443:30219
+update fn_app set app_url = 'https://{{.Values.config.papHostName}}:{{.Values.config.papPort}}/onap/policy', app_rest_endpoint = 'https://pap:8443/onap/api/v2' where app_name = 'Policy';
+--vid => 8080:30200
+update fn_app set app_url = 'https://{{.Values.config.vidHostName}}:{{.Values.config.vidPort}}/vid/welcome.htm', app_rest_endpoint = 'https://vid:8443/vid/api/v2' where app_name = 'Virtual Infrastructure Deployment';
+--sparky => TODO: sparky doesn't open a node port yet
+update fn_app set app_url = 'http://{{.Values.config.aaiSparkyHostName}}:{{.Values.config.aaiSparkyPort}}/services/aai/webapp/index.html#/viewInspect', app_rest_endpoint = 'http://aai-sparky-be.{{.Release.Namespace}}:9517/api/v2' where app_name = 'A&AI UI';
+--cli => 8080:30260
+update fn_app set app_url = 'http://{{.Values.config.cliHostName}}:{{.Values.config.cliPort}}/', app_type = 1 where app_name = 'CLI';
+--msb-discovery => 10081:30281 this is clearly incorrect
+update fn_app set app_url = 'http://{{.Values.config.msbDiscoveryHostName}}:{{.Values.config.msbDiscoveryPort}}/iui/microservices/default.html' where app_name = 'MSB';
diff --git a/kubernetes/portal/values.yaml b/kubernetes/portal/values.yaml index ac575b3c30..719116b7dd 100644 --- a/kubernetes/portal/values.yaml +++ b/kubernetes/portal/values.yaml @@ -20,11 +20,15 @@ global: portalPort: "8989" # application's front end hostname. Must be resolvable on the client side environment portalHostName: "portal.api.simpledemo.onap.org" + keystoreFile: "keystoreONAPPortal.jks" + truststoreFile: "truststoreONAPall.jks" + keypass: "changeit" + trustpass: "changeit" config: logstashServiceName: log-ls logstashPort: 5044 - + portal-mariadb: nameOverride: portal-db diff --git a/kubernetes/robot/resources/config/eteshare/config/integration_robot_properties.py b/kubernetes/robot/resources/config/eteshare/config/integration_robot_properties.py index a3e25e7418..ad09e444d8 100644 --- a/kubernetes/robot/resources/config/eteshare/config/integration_robot_properties.py +++ b/kubernetes/robot/resources/config/eteshare/config/integration_robot_properties.py @@ -57,8 +57,8 @@ GLOBAL_DMAAP_DR_NODE_SERVER_PROTOCOL = "http" GLOBAL_DMAAP_DR_NODE_SERVER_PORT = "8080" # DROOL server port and credentials GLOBAL_DROOLS_SERVER_PORT = "9696" -GLOBAL_DROOLS_USERNAME = "@1b3rt" -GLOBAL_DROOLS_PASSWORD = "31nst31n" +GLOBAL_DROOLS_USERNAME = "demo@people.osaaf.org" +GLOBAL_DROOLS_PASSWORD = "demo123456!" # log server config - NOTE: no log server is run in HEAT; only on OOM GLOBAL_LOG_SERVER_PROTOCOL = "http" GLOBAL_LOG_ELASTICSEARCH_PORT = "9200" @@ -113,8 +113,8 @@ GLOBAL_POLICY_SERVER_PORT = "8081" GLOBAL_POLICY_HEALTHCHECK_PORT = "6969" GLOBAL_POLICY_AUTH = "dGVzdHBkcDphbHBoYTEyMw==" GLOBAL_POLICY_CLIENTAUTH = "cHl0aG9uOnRlc3Q=" -GLOBAL_POLICY_USERNAME = "healthcheck" -GLOBAL_POLICY_PASSWORD = "zb!XztG34" +GLOBAL_POLICY_USERNAME = "demo@people.osaaf.org" +GLOBAL_POLICY_PASSWORD = "demo123456!" # portal info - everything is from the private oam network (also called onap private network) GLOBAL_PORTAL_SERVER_PROTOCOL = "http" GLOBAL_PORTAL_SERVER_PORT = "8989" diff --git a/kubernetes/robot/resources/config/eteshare/config/vm_properties.py b/kubernetes/robot/resources/config/eteshare/config/vm_properties.py index ad74cdf913..55d8f1a92f 100644 --- a/kubernetes/robot/resources/config/eteshare/config/vm_properties.py +++ b/kubernetes/robot/resources/config/eteshare/config/vm_properties.py @@ -52,6 +52,9 @@ GLOBAL_INJECTED_OPENSTACK_API_KEY = "{{ .Values.config.openStackEncryptedPasswor GLOBAL_INJECTED_OPENSTACK_PASSWORD = "{{ .Values.openStackPassword }}" GLOBAL_INJECTED_OPENSTACK_TENANT_ID = "{{ .Values.openStackTenantId }}" GLOBAL_INJECTED_OPENSTACK_USERNAME = "{{ .Values.openStackUserName }}" +GLOBAL_INJECTED_OPENSTACK_PROJECT_NAME = "{{ .Values.openStackProjectName }}" +GLOBAL_INJECTED_OPENSTACK_DOMAIN_ID = "{{ .Values.openStackDomainId }}" +GLOBAL_INJECTED_OPENSTACK_KEYSTONE_API_VERSION = "{{ .Values.openStackKeystoneAPIVersion }}" GLOBAL_INJECTED_POLICY_IP_ADDR = "pdp.{{include "common.namespace" .}}" GLOBAL_INJECTED_POLICY_HEALTHCHECK_IP_ADDR = "drools.{{include "common.namespace" .}}" GLOBAL_INJECTED_PORTAL_IP_ADDR = "portal-app.{{include "common.namespace" .}}" @@ -119,6 +122,9 @@ GLOBAL_INJECTED_PROPERTIES = { "GLOBAL_INJECTED_OPENSTACK_PASSWORD" : "{{ .Values.openStackPassword }}", "GLOBAL_INJECTED_OPENSTACK_TENANT_ID" : "{{ .Values.openStackTenantId }}", "GLOBAL_INJECTED_OPENSTACK_USERNAME" : "{{ .Values.openStackUserName }}", + "GLOBAL_INJECTED_OPENSTACK_PROJECT_NAME" : "{{ .Values.openStackProjectName }}", + "GLOBAL_INJECTED_OPENSTACK_DOMAIN_ID" : "{{ .Values.openStackDomainId }}", + "GLOBAL_INJECTED_OPENSTACK_KEYSTONE_API_VERSION" : "{{ .Values.openStackKeystoneAPIVersion }}", "GLOBAL_INJECTED_POLICY_IP_ADDR" : "pdp.{{include "common.namespace" .}}", "GLOBAL_INJECTED_POLICY_HEALTHCHECK_IP_ADDR" : "drools.{{include "common.namespace" .}}", "GLOBAL_INJECTED_PORTAL_IP_ADDR" : "portal-app.{{include "common.namespace" .}}", diff --git a/kubernetes/robot/values.yaml b/kubernetes/robot/values.yaml index 4d320dde76..7fb9885596 100755 --- a/kubernetes/robot/values.yaml +++ b/kubernetes/robot/values.yaml @@ -55,6 +55,12 @@ openStackRegion: "RegionOne" openStackTenantId: "47899782ed714295b1151681fdfd51f5" # username for Openstack tenant where VNFs will be spawned. Maps to GLOBAL_INJECTED_OPENSTACK_USERNAME openStackUserName: "tenantUsername" +# Project name of Openstack where VNFs will be spawned. Maps to GLOBAL_INJECTED_OPENSTACK_PROJECT_NAME +openStackProjectName: "onap" +# Domain id of openstack where VNFs will be deployed. Maps to GLOBAL_INJECTED_OPENSTACK_DOMAIN_ID +openStackDomainId: "default" +# Openstack Keystone API version. Valid values are [ v2.0, v3 ]. Maps to GLOBAL_INJECTED_OPENSTACK_KEYSTONE_API_VERSION +openStackKeystoneAPIVersion: "" # Openstack glance image name for Ubuntu 14. Maps to GLOBAL_INJECTED_UBUNTU_1404_IMAGE ubuntu14Image: "Ubuntu_14_trusty" # Openstack glance image name for Ubuntu 16. Maps to GLOBAL_INJECTED_UBUNTU_1604_IMAGE @@ -106,14 +112,14 @@ resources: # probe configuration parameters liveness: - initialDelaySeconds: 10 + initialDelaySeconds: 180 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: - initialDelaySeconds: 10 + initialDelaySeconds: 180 periodSeconds: 10 service: diff --git a/kubernetes/sdnc/resources/config/conf/blueprints-processor-adaptor.properties b/kubernetes/sdnc/resources/config/conf/blueprints-processor-adaptor.properties index eb17d09882..3a6b5a08f0 100644 --- a/kubernetes/sdnc/resources/config/conf/blueprints-processor-adaptor.properties +++ b/kubernetes/sdnc/resources/config/conf/blueprints-processor-adaptor.properties @@ -18,18 +18,18 @@ # Configuration file for SDNC Controller Module # -org.onap.ccsdk.features.rest.adaptors.envtype=solo +org.onap.ccsdk.features.blueprints.adaptors.envtype=solo # Config Generator Microservices -org.onap.ccsdk.features.rest.adaptors.modelservice.type=generic -org.onap.ccsdk.features.rest.adaptors.modelservice.enable=true -org.onap.ccsdk.features.rest.adaptors.modelservice.url=http://controller-blueprints:8080/api/v1/ -org.onap.ccsdk.features.rest.adaptors.modelservice.user=ccsdkapps -org.onap.ccsdk.features.rest.adaptors.modelservice.passwd=ccsdkapps +org.onap.ccsdk.features.blueprints.adaptors.modelservice.type=generic +org.onap.ccsdk.features.blueprints.adaptors.modelservice.enable=true +org.onap.ccsdk.features.blueprints.adaptors.modelservice.url=http://controller-blueprints:8080/api/v1/ +org.onap.ccsdk.features.blueprints.adaptors.modelservice.user=ccsdkapps +org.onap.ccsdk.features.blueprints.adaptors.modelservice.passwd=ccsdkapps # Generic RESTCONF Adaptor -org.onap.ccsdk.features.rest.adaptors.restconf.type=generic -org.onap.ccsdk.features.rest.adaptors.restconf.enable=true -org.onap.ccsdk.features.rest.adaptors.restconf.user=admin -org.onap.ccsdk.features.rest.adaptors.restconf.passwd={{ .Values.config.odlPassword}} -org.onap.ccsdk.features.rest.adaptors.restconf.url=http://sdnc:8282/restconf/ +org.onap.ccsdk.features.blueprints.adaptors.restconf.type=generic +org.onap.ccsdk.features.blueprints.adaptors.restconf.enable=true +org.onap.ccsdk.features.blueprints.adaptors.restconf.user=admin +org.onap.ccsdk.features.blueprints.adaptors.restconf.passwd={{ .Values.config.odlPassword}} +org.onap.ccsdk.features.blueprints.adaptors.restconf.url=http://sdnc:8282/restconf/ diff --git a/kubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml index 5d9e3251d9..7bab7fbbac 100755 --- a/kubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml +++ b/kubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml @@ -37,11 +37,11 @@ mso: max-pool-size: 50 queue-capacity: 500 adapters: - requestDb: - auth: Basic YnBlbDpwYXNzd29yZDEk - endpoint: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083 completemsoprocess: endpoint: http://so-openstack-adapter.{{ include "common.namespace" . }}:8087/CompleteMsoProcess + requestDb: + endpoint: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083 + auth: Basic YnBlbDpwYXNzd29yZDEk db: auth: 33293332AEC4930F655D8E2E8BB08937 password: wLg4sjrAFUS8rfVfdvTXeQ== @@ -59,9 +59,9 @@ mso: auth: 33293332AEC4930F655D8E2E8BB08937 password: B8EBDE0311F0AF355CF3F2FD505A8CAD sdnc: - endpoint: http://mso-sdnc-adapter.{{ include "common.namespace" . }}:8086/adapters/SDNCAdapter + endpoint: http://so-sdnc-adapter.{{ include "common.namespace" . }}:8086/adapters/SDNCAdapter rest: - endpoint: http://mso-sdnc-adapter.{{ include "common.namespace" . }}:8086/adapters/rest/v1/sdnc + endpoint: http://so-sdnc-adapter.{{ include "common.namespace" . }}:8086/adapters/rest/v1/sdnc timeout: PT60S tenant: endpoint: http://so-openstack-adapter.{{ include "common.namespace" . }}:8087/services/TenantAdapter @@ -120,11 +120,32 @@ mso: uri: /aai/v6/cloud-infrastructure/volume-groups/volume-group default: aai: - version: '8' + version: '14' cloud-region: - version: '9' + version: '14' generic-vnf: - version: '9' + version: '14' + v14: + customer: + uri: /aai/v14/business/customers/customer + generic-query: + uri: /aai/v14/search/generic-query + generic-vnf: + uri: /aai/v14/network/generic-vnfs/generic-vnf + l3-network: + uri: /aai/v14/network/l3-networks/l3-network + network-policy: + uri: /aai/v14/network/network-policies/network-policy + nodes-query: + uri: /aai/v14/search/nodes-query + route-table-reference: + uri: /aai/v14/network/route-table-references/route-table-reference + tenant: + uri: /aai/v14/cloud-infrastructure/cloud-regions/cloud-region/CloudOwner/RegionOne/tenants/tenant + vce: + uri: /aai/v14/network/vces/vce + vpn-binding: + uri: /aai/v14/network/vpn-bindings/vpn-binding v11: customer: uri: /aai/v11/business/customers/customer @@ -141,7 +162,7 @@ mso: route-table-reference: uri: /aai/v11/network/route-table-references/route-table-reference tenant: - uri: /aai/v11/cloud-infrastructure/cloud-regions/cloud-region/att-aic/AAIAIC25/tenants/tenant + uri: /aai/v11/cloud-infrastructure/cloud-regions/cloud-region/CloudOwner/RegionOne/tenants/tenant vce: uri: /aai/v11/network/vces/vce vpn-binding: @@ -162,14 +183,14 @@ mso: route-table-reference: uri: /aai/v8/network/route-table-references/route-table-reference tenant: - uri: /aai/v8/cloud-infrastructure/cloud-regions/cloud-region/att-aic/AAIAIC25/tenants/tenant + uri: /aai/v8/cloud-infrastructure/cloud-regions/cloud-region/CloudOwner/RegionOne/tenants/tenant vce: uri: /aai/v8/network/vces/vce vpn-binding: uri: /aai/v8/network/vpn-bindings/vpn-binding v9: cloud-region: - uri: /aai/v9/cloud-infrastructure/cloud-regions/cloud-region/att-aic + uri: /aai/v9/cloud-infrastructure/cloud-regions/cloud-region/CloudOwner generic-vnf: uri: /aai/v9/network/generic-vnfs/generic-vnf retry: @@ -182,6 +203,7 @@ mso: default: aai: namespace: http://org.onap.aai.inventory/ + version: 14 message: endpoint: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/WorkflowMessage notification: @@ -214,6 +236,9 @@ sdnc: auth: Basic YWRtaW46S3A4Yko0U1hzek0wV1hsaGFrM2VIbGNzZTJnQXc4NHZhb0dHbUp2VXkyVQ== host: http://sdnc.{{ include "common.namespace" . }}:8282 path: /restconf/operations/GENERIC-RESOURCE-API + si: + svc: + types: PORT-MIRROR,PPROBE appc: client: topic: @@ -236,6 +261,16 @@ server: tomcat: max-threads: 50 spring: + datasource: + driver-class-name: org.mariadb.jdbc.Driver + url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/camundabpmn + username: ${DB_USERNAME} + password: ${DB_PASSWORD} + dbcp2: + initial-size: 5 + max-total: 20 + validation-query: select 1 + test-on-borrow: true security: usercredentials: - diff --git a/kubernetes/so/charts/so-catalog-db-adapter/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-catalog-db-adapter/resources/config/overrides/override.yaml index bdf82b6fbd..601cd49eae 100755 --- a/kubernetes/so/charts/so-catalog-db-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/charts/so-catalog-db-adapter/resources/config/overrides/override.yaml @@ -26,6 +26,26 @@ mso: db: auth: Basic YnBlbDpwYXNzd29yZDEk spring: + datasource: + url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/catalogdb + username: ${DB_USERNAME} + password: ${DB_PASSWORD} + driver-class-name: org.mariadb.jdbc.Driver + initialize: false + initialization-mode: never + dbcp2: + initial-size: 5 + max-total: 20 + validation-query: select 1 + test-on-borrow: true + jpa: + generate-ddl: false + show-sql: false + hibernate: + ddl-auto: validate + naming-strategy: org.hibernate.cfg.ImprovedNamingStrategy + enable-lazy-load-no-trans: true + database-platform: org.hibernate.dialect.MySQL5InnoDBDialect security: usercredentials: - @@ -39,3 +59,8 @@ spring: #Actuator management: context-path: /manage +flyway: + baseline-on-migrate: true + url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/catalogdb + username: ${DB_USERNAME} + password: ${DB_PASSWORD} diff --git a/kubernetes/so/charts/so-db-secrets/templates/secrets.yaml b/kubernetes/so/charts/so-db-secrets/templates/secrets.yaml index e787b57a88..f53c67f067 100755 --- a/kubernetes/so/charts/so-db-secrets/templates/secrets.yaml +++ b/kubernetes/so/charts/so-db-secrets/templates/secrets.yaml @@ -22,10 +22,10 @@ metadata: release: {{ .Release.Name }} heritage: {{ .Release.Service }} data: - mariadb.readwrite.host : {{ .Values.db_host | b64enc | quote}} - mariadb.readwrite.port : {{ .Values.db_port | b64enc | quote}} - mariadb.readwrite.rolename: {{ .Values.db_admin_username | b64enc | quote}} - mariadb.readwrite.password: {{ .Values.db_admin_password | b64enc | quote}} - mariadb.admin.rolename: {{ .Values.db_username | b64enc | quote}} - mariadb.admin.password: {{ .Values.db_password | b64enc | quote}} + mariadb.readwrite.host : {{ .Values.db_host | b64enc | quote }} + mariadb.readwrite.port : {{ .Values.db_port | b64enc | quote }} + mariadb.readwrite.rolename: {{ .Values.db_username | b64enc | quote }} + mariadb.readwrite.password: {{ .Values.db_password | b64enc | quote }} + mariadb.admin.rolename: {{ .Values.db_admin_username| b64enc | quote }} + mariadb.admin.password: {{ .Values.db_admin_password | b64enc | quote }} type: Opaque diff --git a/kubernetes/so/charts/so-db-secrets/values.yaml b/kubernetes/so/charts/so-db-secrets/values.yaml index f3387efad3..8836802069 100644 --- a/kubernetes/so/charts/so-db-secrets/values.yaml +++ b/kubernetes/so/charts/so-db-secrets/values.yaml @@ -13,7 +13,8 @@ # limitations under the License. db_host: so-mariadb db_port: "3306" -db_admin_username: root -db_admin_password: password -db_username: root -db_password: password +db_admin_username: so_admin +db_admin_password: so_Admin123 +db_username: so_user +db_password: so_User123 + diff --git a/kubernetes/so/charts/so-monitoring/Chart.yaml b/kubernetes/so/charts/so-monitoring/Chart.yaml new file mode 100644 index 0000000000..f46d9f7876 --- /dev/null +++ b/kubernetes/so/charts/so-monitoring/Chart.yaml @@ -0,0 +1,22 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2018 Ericsson. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +# @author: gareth.roper@ericsson.com +apiVersion: v1 +description: A Helm chart for ONAP Service Orchestration Monitoring +name: so-monitoring +version: 3.0.0
\ No newline at end of file diff --git a/kubernetes/so/charts/so-monitoring/templates/configmap.yaml b/kubernetes/so/charts/so-monitoring/templates/configmap.yaml new file mode 100644 index 0000000000..f7860108d8 --- /dev/null +++ b/kubernetes/so/charts/so-monitoring/templates/configmap.yaml @@ -0,0 +1,26 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2018 Ericsson. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +# @author: gareth.roper@ericsson.com +apiVersion: v1 +data: + LOG_PATH: {{ index .Values.logPath }} + APP: {{ index .Values.app }} +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-configmap + namespace: {{ include "common.namespace" . }} diff --git a/kubernetes/so/charts/so-monitoring/templates/deployment.yaml b/kubernetes/so/charts/so-monitoring/templates/deployment.yaml new file mode 100644 index 0000000000..79d466227d --- /dev/null +++ b/kubernetes/so/charts/so-monitoring/templates/deployment.yaml @@ -0,0 +1,149 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2018 Ericsson. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +# @author: gareth.roper@ericsson.com +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.fullname" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} +spec: + replicas: {{ index .Values.replicaCount }} + minReadySeconds: {{ index .Values.minReadySeconds }} + strategy: + type: {{ index .Values.updateStrategy.type }} + rollingUpdate: + maxUnavailable: {{ index .Values.updateStrategy.maxUnavailable }} + maxSurge: {{ index .Values.updateStrategy.maxSurge }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - name: so-chown + image: alpine:3.6 + volumeMounts: + - name: logs + mountPath: /app/logs + imagePullPolicy: {{ index .Values.pullPolicy }} + command: ["/bin/sh", "-c", "chown -Rf 1000:1000 /app/logs"] + restartPolicy: Always + containers: + - name: {{ include "common.name" . }} + image: {{ include "common.repository" . }}/{{ .Values.image }} + resources: +{{ include "common.resources" . | indent 12 }} + env: + - name: DB_HOST + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-db-secrets + key: mariadb.readwrite.host + - name: DB_PORT + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-db-secrets + key: mariadb.readwrite.port + - name: DB_USERNAME + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-db-secrets + key: mariadb.readwrite.rolename + - name: DB_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-db-secrets + key: mariadb.readwrite.password + - name: DB_ADMIN_USERNAME + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-db-secrets + key: mariadb.admin.rolename + - name: DB_ADMIN_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-db-secrets + key: mariadb.admin.password + - name: CADI_KEYSTORE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-ssl-pwd-secret + key: cadi_keystore_password + - name: CADI_TRUSTSTORE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-ssl-pwd-secret + key: cadi_truststore_password + - name: MSO_KEYSTORE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-ssl-client-secret + key: keystore_password + - name: MSO_TRUSTSTORE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-so-ssl-client-secret + key: truststore_password + envFrom: + - configMapRef: + name: {{ include "common.fullname" . }}-configmap + imagePullPolicy: {{ index .Values "global" "pullPolicy" }} + volumeMounts: + - name: logs + mountPath: /app/logs + - name: certs + mountPath: /app/certs/ + readOnly: true + - name: config + mountPath: /app/config + readOnly: true + readinessProbe: + tcpSocket: + port: {{ index .Values.readinessProbe.port }} + initialDelaySeconds: {{ index .Values.readinessProbe.initialDelaySeconds}} + periodSeconds: {{ index .Values.readinessProbe.periodSeconds}} + livenessProbe: + tcpSocket: + port: {{ index .Values.livenessProbe.port }} + initialDelaySeconds: {{ index .Values.livenessProbe.initialDelaySeconds}} + periodSeconds: {{ index .Values.livenessProbe.periodSeconds}} + successThreshold: {{ index .Values.livenessProbe.successThreshold}} + failureThreshold: {{ index .Values.livenessProbe.failureThreshold}} + + ports: + - containerPort: {{ index .Values.containerPort }} + name: {{ .Values.service.portName }} + protocol: TCP + volumes: + - name: logs + emptyDir: {} + - name: certs + secret: + secretName: {{ .Release.Name}}-so-ssl-secret + - name: config + configMap: + name: {{ include "common.fullname" . }}-app-configmap + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" + + diff --git a/kubernetes/so/charts/so-monitoring/templates/service.yaml b/kubernetes/so/charts/so-monitoring/templates/service.yaml new file mode 100644 index 0000000000..053af9b5c2 --- /dev/null +++ b/kubernetes/so/charts/so-monitoring/templates/service.yaml @@ -0,0 +1,45 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2018 Ericsson. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +# @author: gareth.roper@ericsson.com +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + + diff --git a/kubernetes/so/charts/so-monitoring/values.yaml b/kubernetes/so/charts/so-monitoring/values.yaml new file mode 100644 index 0000000000..79170eb5d2 --- /dev/null +++ b/kubernetes/so/charts/so-monitoring/values.yaml @@ -0,0 +1,70 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2018 Ericsson. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +# @author: gareth.roper@ericsson.com +image: onap/so/so-monitoring:latest +pullPolicy: IfNotPresent +replicaCount: 1 +minReadySeconds: 10 +containerPort: 9091 +logPath: app/logs/ +app: so-monitoring +service: + type: ClusterIP + internalPort: 9091 + externalPort: 9091 + portName: so-monitor-port +updateStrategy: + type: RollingUpdate + maxUnavailable: 1 + maxSurge: 1 +# Resource Limit flavor -By Default using small +flavor: small +#Segregation for different environment (Small or large) +resources: + small: + requests: + memory: 1Gi + cpu: 10m + limits: + memory: 4Gi + cpu: 1 + large: + requests: + memory: 2Gi + cpu: 20m + limits: + memory: 8Gi + cpu: 2 +readinessProbe: + port: 9091 + initialDelaySeconds: 20 + periodSeconds: 10 + timeoutSeconds: 10 +livenessProbe: + port: 9091 + initialDelaySeconds: 40 + periodSeconds: 10 + timeoutSeconds: 10 + successThreshold: 1 + failureThreshold: 3 +ingress: + enabled: false +nodeSelector: {} +tolerations: [] +affinity: {} + diff --git a/kubernetes/so/charts/so-openstack-adapter/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-openstack-adapter/resources/config/overrides/override.yaml index 331ee65b36..c0f7851103 100755 --- a/kubernetes/so/charts/so-openstack-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/charts/so-openstack-adapter/resources/config/overrides/override.yaml @@ -14,6 +14,16 @@ server: port: 8087 spring: + datasource: + url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/catalogdb + username: ${DB_USERNAME} + password: ${DB_PASSWORD} + driver-class-name: org.mariadb.jdbc.Driver + dbcp2: + initial-size: 5 + max-total: 20 + validation-query: select 1 + test-on-borrow: true security: usercredentials: - @@ -47,7 +57,7 @@ org: default_keystone_url_version: /v2.0 default_keystone_reg_ex: "/[vV][0-9]" vnf: - bpelauth: 5119D1AF37F671FC01FFAD2151D93EFB2BBB503E879FD07104D024EDDF118FD1 + bpelauth: A7FC9B308B7AF7A269072BA729A345625E0381E3071DE7EE50603677CB69C515 checkRequiredParameters: true addGetFilesOnVolumeReq: false sockettimeout: 30 @@ -58,7 +68,7 @@ org: valet_enabled: false fail_requests_on_valet_failure: false network: - bpelauth: 5119D1AF37F671FC01FFAD2151D93EFB2BBB503E879FD07104D024EDDF118FD1 + bpelauth: A7FC9B308B7AF7A269072BA729A345625E0381E3071DE7EE50603677CB69C515 sockettimeout: 5 connecttimeout: 5 retrycount: 5 @@ -90,7 +100,7 @@ mso: spring: endpoint: http://so-catalog-db-adapter.{{ include "common.namespace" . }}:8082 db: - auth: Basic YnBlbDptc28tZGItMTUwNyE= + auth: Basic YnBlbDpwYXNzd29yZDEk site-name: localDevEnv async: core-pool-size: 50 diff --git a/kubernetes/so/charts/so-request-db-adapter/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-request-db-adapter/resources/config/overrides/override.yaml index f995d94b3a..49ccdeb097 100755 --- a/kubernetes/so/charts/so-request-db-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/charts/so-request-db-adapter/resources/config/overrides/override.yaml @@ -22,9 +22,29 @@ mso: site-name: localSite adapters: requestDb: - auth: Basic YnBlbDptc28tZGItMTUwNyE= + auth: Basic YnBlbDpwYXNzd29yZDEk endpoint: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083 spring: + datasource: + url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/requestdb + username: ${DB_USERNAME} + password: ${DB_PASSWORD} + driver-class-name: org.mariadb.jdbc.Driver + initialize: false + initialization-mode: never + dbcp2: + initial-size: 5 + max-total: 20 + validation-query: select 1 + test-on-borrow: true + jpa: + generate-ddl: false + show-sql: false + hibernate: + ddl-auto: validate + naming-strategy: org.hibernate.cfg.ImprovedNamingStrategy + enable-lazy-load-no-trans: true + database-platform: org.hibernate.dialect.MySQL5InnoDBDialect security: usercredentials: - @@ -38,3 +58,8 @@ spring: #Actuator management: context-path: /manage +flyway: + baseline-on-migrate: true + url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/requestdb + user: ${DB_ADMIN_USERNAME} + password: ${DB_ADMIN_PASSWORD} diff --git a/kubernetes/so/charts/so-sdc-controller/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-sdc-controller/resources/config/overrides/override.yaml index 38c3848892..8b33067a8a 100755 --- a/kubernetes/so/charts/so-sdc-controller/resources/config/overrides/override.yaml +++ b/kubernetes/so/charts/so-sdc-controller/resources/config/overrides/override.yaml @@ -16,6 +16,16 @@ aai: server: port: 8085 spring: + datasource: + url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/catalogdb + username: ${DB_USERNAME} + password: ${DB_PASSWORD} + driver-class-name: org.mariadb.jdbc.Driver + dbcp2: + initial-size: 5 + max-total: 20 + validation-query: select 1 + test-on-borrow: true security: usercredentials: - @@ -26,6 +36,17 @@ spring: username: mso_admin password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke' role: ACTUATOR +request: + datasource: + url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/requestdb + username: ${DB_USERNAME} + password: ${DB_PASSWORD} + driver-class-name: org.mariadb.jdbc.Driver + dbcp2: + initial-size: 5 + max-total: 20 + validation-query: select 1 + test-on-borrow: true mso: msoKey: 07a7159d3bf51a0e53be7a8f89699be7 logPath: ./logs/sdc @@ -36,13 +57,17 @@ mso: db: auth: Basic YnBlbDpwYXNzd29yZDEk site-name: onapheat + adapters: + requestDb: + endpoint: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083 + auth: Basic YnBlbDpwYXNzd29yZDEk aai: endpoint: https://aai.{{ include "common.namespace" . }}:8443 asdc-connections: asdc-controller1: user: mso - consumerGroup: sdc-OpenSource-Env1 - consumerId: sdc-COpenSource-Env11 + consumerGroup: SO-OpenSource-Env11 + consumerId: SO-COpenSource-Env11 environmentName: AUTO asdcAddress: sdc-be.{{ include "common.namespace" . }}:8443 password: 613AF3483E695524F9857643B697FA51C7A9A0951094F53791485BF3458F9EADA37DBACCCEBD0CB242B85B4062745247 @@ -63,7 +88,3 @@ mso: componentNames: SO,AAI,SDNC scheduling: enabled: false - adapters: - requestDb: - auth: Basic YnBlbDptc28tZGItMTUwNyE= - endpoint: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083 diff --git a/kubernetes/so/charts/so-sdnc-adapter/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-sdnc-adapter/resources/config/overrides/override.yaml index 26916f92ed..615988066a 100755 --- a/kubernetes/so/charts/so-sdnc-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/charts/so-sdnc-adapter/resources/config/overrides/override.yaml @@ -24,7 +24,7 @@ mso: spring: endpoint: http://so-catalog-db-adapter.{{ include "common.namespace" . }}:8082 db: - auth: Basic cGFzc3dvcmQxJA== + auth: Basic YnBlbDpwYXNzd29yZDEk site-name: onapheat org: onap: @@ -83,7 +83,7 @@ org: changedelete: POST|270000|sdncurl6|sdnc-request-header|org:onap:sdnctl:vnf delete: POST|270000|sdncurl6|sdnc-request-header|org:onap:sdnctl:vnf rollback: POST|270000|sdncurl6|sdnc-request-header|org:onap:sdnctl:vnf - bpelauth: cGFzc3dvcmQxJA== + bpelauth: 023A0244AB819A0DE0131DBC3AC5FAB4D8544E1CB1A7FE3CE60F6E3292AC0D93 bpelurl: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/SDNCAdapterCallbackService generic-resource: network-topology-operation: @@ -118,15 +118,15 @@ org: myurl: http://so-sdnc-adapter{{ include "common.namespace" . }}:8086/adapters/rest/SDNCNotify rest: bpelurl: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/WorkflowMessage - sdncauth: 406B2AE613211B6FB52466DE6E1769AC + sdncauth: 263f7d5f944d4d0c76db74b4148bec67d0bc796a874bc0d2a2a12aae89a866aa69133f700f391f784719a37f6a68d29bf5a2fbae1dab0402db7788c800c5ba73 sdncconnecttime: 5000 - sdncurl10: http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/GENERIC-RESOURCE-API:' - sdncurl11: http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/VNFTOPOLOGYAIC-API:' - sdncurl12: http://sdnc.{{ include "common.namespace" . }}:8282/ - sdncurl5: http://sdnc.{{ include "common.namespace" . }}:8282/restconf/config - sdncurl6: http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/VNF-API:' - sdncurl8: http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/NBNC-API:' - sdncurl9: http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/NORTHBOUND-API:service-topology-operation + sdncurl10: 'http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/GENERIC-RESOURCE-API:' + sdncurl11: 'http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/VNFTOPOLOGYAIC-API:' + sdncurl12: 'http://sdnc.{{ include "common.namespace" . }}:8282/' + sdncurl5: 'http://sdnc.{{ include "common.namespace" . }}:8282/restconf/config' + sdncurl6: 'http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/VNF-API:' + sdncurl8: 'http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/NBNC-API:' + sdncurl9: 'http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/NORTHBOUND-API:service-topology-operation' service: infra: service-topology-infra-activate-operation: POST|90000|sdncurl9|sdnc-request-header|com:att:sdnctl:northbound-api:v1 diff --git a/kubernetes/so/charts/so-vfc-adapter/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-vfc-adapter/resources/config/overrides/override.yaml index 6f579e7c1d..b8108ab8f8 100755 --- a/kubernetes/so/charts/so-vfc-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/charts/so-vfc-adapter/resources/config/overrides/override.yaml @@ -13,6 +13,17 @@ # limitations under the License. logging: path: logs +spring: + datasource: + driver-class-name: org.mariadb.jdbc.Driver + url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/requestdb + username: ${DB_USERNAME} + password: ${DB_PASSWORD} + dbcp2: + initial-size: 5 + max-total: 20 + validation-query: select 1 + test-on-borrow: true server: port: 8084 tomcat: @@ -22,8 +33,8 @@ mso: logPath: ./logs/vfc adapters: requestDb: - auth: Basic YnBlbDptc28tZGItMTUwNyE= endpoint: https://so-request-db-adapter.{{ include "common.namespace" . }}:8083 + auth: Basic YnBlbDpwYXNzd29yZDEk #Actuator management: security: diff --git a/kubernetes/so/resources/config/overrides/override.yaml b/kubernetes/so/resources/config/overrides/override.yaml index afdf68e5c1..1806b20dbb 100755 --- a/kubernetes/so/resources/config/overrides/override.yaml +++ b/kubernetes/so/resources/config/overrides/override.yaml @@ -4,21 +4,21 @@ server: max-threads: 50 ssl-enable: false mso: - msoKey: "07a7159d3bf51a0e53be7a8f89699be7" + msoKey: 07a7159d3bf51a0e53be7a8f89699be7 logPath: logs site-name: onapheat + adapters: + requestDb: + endpoint: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083 + auth: Basic YnBlbDpwYXNzd29yZDEk catalog: db: spring: endpoint: http://so-catalog-db-adapter.{{ include "common.namespace" . }}:8082 db: auth: Basic YnBlbDpwYXNzd29yZDEk - adapters: - requestDb: - auth: Basic YnBlbDpwYXNzd29yZDEk - endpoint: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083 - config: - path: /src/main/resources/ + config: + path: /src/main/resources/ infra: default: alacarte: @@ -29,11 +29,6 @@ mso: macro: default: testApi: GR_API - apih: - homing: - sdna: - url: http://so-sdnc-adapter.{{ include "common.namespace" . }}:8086/ - password: 4112B789E942B161228F7D5AFC654C0F camundaURL: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/ camundaAuth: 1D9003AB8BAFFA0D2104B67FA89040AD70B5B495B2A5DF931DE236484EBC1681 async: @@ -63,6 +58,23 @@ mso: publisher: topic: com.att.ecomp.mso.operationalEnvironmentEvent spring: + datasource: + url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/catalogdb + username: ${DB_USERNAME} + password: ${DB_PASSWORD} + driver-class-name: org.mariadb.jdbc.Driver + dbcp2: + initial-size: 5 + max-total: 20 + validation-query: select 1 + test-on-borrow: true + jpa: + show-sql: true + hibernate: + dialect: org.hibernate.dialect.MySQL5Dialect + ddl-auto: validate + naming-strategy: org.hibernate.cfg.ImprovedNamingStrategy + enable-lazy-load-no-trans: true jersey: type: filter security: @@ -91,3 +103,14 @@ spring: username: mso_admin password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke' role: ACTUATOR +request: + datasource: + url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/requestdb + username: ${DB_USERNAME} + password: ${DB_PASSWORD} + driver-class-name: org.mariadb.jdbc.Driver + dbcp2: + initial-size: 5 + max-total: 20 + validation-query: select 1 + test-on-borrow: true diff --git a/kubernetes/vfc/charts/vfc-catalog/values.yaml b/kubernetes/vfc/charts/vfc-catalog/values.yaml index 8ecd40bcca..8b0561e558 100644 --- a/kubernetes/vfc/charts/vfc-catalog/values.yaml +++ b/kubernetes/vfc/charts/vfc-catalog/values.yaml @@ -26,6 +26,8 @@ global: # Application configuration defaults. ################################################################# # application image +flavor: small + repository: nexus3.onap.org:10001 image: onap/vfc/catalog:1.1.0 pullPolicy: Always @@ -69,21 +71,20 @@ service: ingress: enabled: false -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # - # Example: - # Configure resource requests and limits - # ref: http://kubernetes.io/docs/user-guide/compute-resources/ - # Minimum memory for development is 2 CPU cores and 4GB memory - # Minimum memory for production is 4 CPU cores and 8GB memory -#resources: -# limits: -# cpu: 2 -# memory: 4Gi -# requests: -# cpu: 2 -# memory: 4Gi +# Configure resource requests and limits +resources: + small: + limits: + cpu: 200m + memory: 500Mi + requests: + cpu: 100m + memory: 250Mi + large: + limits: + cpu: 400m + memory: 1000Mi + requests: + cpu: 200m + memory: 500Mi + unlimited: {}
\ No newline at end of file diff --git a/kubernetes/vfc/charts/vfc-db/values.yaml b/kubernetes/vfc/charts/vfc-db/values.yaml index 776a2816c9..83071e606e 100644 --- a/kubernetes/vfc/charts/vfc-db/values.yaml +++ b/kubernetes/vfc/charts/vfc-db/values.yaml @@ -26,8 +26,10 @@ global: # Application configuration defaults. ################################################################# # application image +flavor: small + repository: nexus3.onap.org:10001 -image: onap/vfc/db:1.1.0-STAGING-latest +image: onap/vfc/db:latest pullPolicy: Always # flag to enable debugging - application support required @@ -67,21 +69,20 @@ service: ingress: enabled: false -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # - # Example: - # Configure resource requests and limits - # ref: http://kubernetes.io/docs/user-guide/compute-resources/ - # Minimum memory for development is 2 CPU cores and 4GB memory - # Minimum memory for production is 4 CPU cores and 8GB memory -#resources: -# limits: -# cpu: 2 -# memory: 4Gi -# requests: -# cpu: 2 -# memory: 4Gi +# Configure resource requests and limits +resources: + small: + limits: + cpu: 200m + memory: 500Mi + requests: + cpu: 100m + memory: 250Mi + large: + limits: + cpu: 400m + memory: 1000Mi + requests: + cpu: 200m + memory: 500Mi + unlimited: {}
\ No newline at end of file diff --git a/kubernetes/vfc/charts/vfc-ems-driver/values.yaml b/kubernetes/vfc/charts/vfc-ems-driver/values.yaml index 1bd86010ea..2263bff214 100644 --- a/kubernetes/vfc/charts/vfc-ems-driver/values.yaml +++ b/kubernetes/vfc/charts/vfc-ems-driver/values.yaml @@ -26,6 +26,8 @@ global: # Application configuration defaults. ################################################################# # application image +flavor: small + repository: nexus3.onap.org:10001 image: onap/vfc/emsdriver:1.1.0 pullPolicy: Always @@ -73,21 +75,20 @@ service: ingress: enabled: false -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # - # Example: - # Configure resource requests and limits - # ref: http://kubernetes.io/docs/user-guide/compute-resources/ - # Minimum memory for development is 2 CPU cores and 4GB memory - # Minimum memory for production is 4 CPU cores and 8GB memory -#resources: -# limits: -# cpu: 2 -# memory: 4Gi -# requests: -# cpu: 2 -# memory: 4Gi +# Configure resource requests and limits +resources: + small: + limits: + cpu: 200m + memory: 500Mi + requests: + cpu: 100m + memory: 250Mi + large: + limits: + cpu: 400m + memory: 1000Mi + requests: + cpu: 200m + memory: 500Mi + unlimited: {}
\ No newline at end of file diff --git a/kubernetes/vfc/charts/vfc-generic-vnfm-driver/values.yaml b/kubernetes/vfc/charts/vfc-generic-vnfm-driver/values.yaml index a90c3e835c..6d2e283b24 100644 --- a/kubernetes/vfc/charts/vfc-generic-vnfm-driver/values.yaml +++ b/kubernetes/vfc/charts/vfc-generic-vnfm-driver/values.yaml @@ -26,6 +26,8 @@ global: # Application configuration defaults. ################################################################# # application image +flavor: small + repository: nexus3.onap.org:10001 image: onap/vfc/gvnfmdriver:1.1.0 pullPolicy: Always @@ -69,21 +71,20 @@ service: ingress: enabled: false -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # - # Example: - # Configure resource requests and limits - # ref: http://kubernetes.io/docs/user-guide/compute-resources/ - # Minimum memory for development is 2 CPU cores and 4GB memory - # Minimum memory for production is 4 CPU cores and 8GB memory -#resources: -# limits: -# cpu: 2 -# memory: 4Gi -# requests: -# cpu: 2 -# memory: 4Gi +# Configure resource requests and limits +resources: + small: + limits: + cpu: 200m + memory: 500Mi + requests: + cpu: 100m + memory: 250Mi + large: + limits: + cpu: 400m + memory: 1000Mi + requests: + cpu: 200m + memory: 500Mi + unlimited: {}
\ No newline at end of file diff --git a/kubernetes/vfc/charts/vfc-huawei-vnfm-driver/values.yaml b/kubernetes/vfc/charts/vfc-huawei-vnfm-driver/values.yaml index 75a667c214..9c2c8bbbd3 100644 --- a/kubernetes/vfc/charts/vfc-huawei-vnfm-driver/values.yaml +++ b/kubernetes/vfc/charts/vfc-huawei-vnfm-driver/values.yaml @@ -26,6 +26,8 @@ global: # Application configuration defaults. ################################################################# # application image +flavor: small + repository: nexus3.onap.org:10001 image: onap/vfc/nfvo/svnfm/huawei:1.1.0 pullPolicy: Always @@ -71,21 +73,20 @@ service: ingress: enabled: false -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # - # Example: - # Configure resource requests and limits - # ref: http://kubernetes.io/docs/user-guide/compute-resources/ - # Minimum memory for development is 2 CPU cores and 4GB memory - # Minimum memory for production is 4 CPU cores and 8GB memory -#resources: -# limits: -# cpu: 2 -# memory: 4Gi -# requests: -# cpu: 2 -# memory: 4Gi +# Configure resource requests and limits +resources: + small: + limits: + cpu: 200m + memory: 2000Mi + requests: + cpu: 100m + memory: 1000Mi + large: + limits: + cpu: 400m + memory: 4000Mi + requests: + cpu: 200m + memory: 2000Mi + unlimited: {}
\ No newline at end of file diff --git a/kubernetes/vfc/charts/vfc-juju-vnfm-driver/values.yaml b/kubernetes/vfc/charts/vfc-juju-vnfm-driver/values.yaml index aa6d5aaf27..cbdf9a513b 100644 --- a/kubernetes/vfc/charts/vfc-juju-vnfm-driver/values.yaml +++ b/kubernetes/vfc/charts/vfc-juju-vnfm-driver/values.yaml @@ -26,6 +26,8 @@ global: # Application configuration defaults. ################################################################# # application image +flavor: small + repository: nexus3.onap.org:10001 image: onap/vfc/jujudriver:1.1.0 pullPolicy: Always @@ -69,21 +71,21 @@ service: ingress: enabled: false -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # - # Example: - # Configure resource requests and limits - # ref: http://kubernetes.io/docs/user-guide/compute-resources/ - # Minimum memory for development is 2 CPU cores and 4GB memory - # Minimum memory for production is 4 CPU cores and 8GB memory -#resources: -# limits: -# cpu: 2 -# memory: 4Gi -# requests: -# cpu: 2 -# memory: 4Gi + +# Configure resource requests and limits +resources: + small: + limits: + cpu: 200m + memory: 2000Mi + requests: + cpu: 100m + memory: 1000Mi + large: + limits: + cpu: 400m + memory: 4000Mi + requests: + cpu: 200m + memory: 2000Mi + unlimited: {}
\ No newline at end of file diff --git a/kubernetes/vfc/charts/vfc-multivim-proxy/values.yaml b/kubernetes/vfc/charts/vfc-multivim-proxy/values.yaml index b58ac1908b..00fd3b8b50 100644 --- a/kubernetes/vfc/charts/vfc-multivim-proxy/values.yaml +++ b/kubernetes/vfc/charts/vfc-multivim-proxy/values.yaml @@ -26,6 +26,8 @@ global: # Application configuration defaults. ################################################################# # application image +flavor: small + repository: nexus3.onap.org:10001 image: onap/vfc/multivimproxy:1.0.0 pullPolicy: Always @@ -68,21 +70,20 @@ service: ingress: enabled: false -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # - # Example: - # Configure resource requests and limits - # ref: http://kubernetes.io/docs/user-guide/compute-resources/ - # Minimum memory for development is 2 CPU cores and 4GB memory - # Minimum memory for production is 4 CPU cores and 8GB memory -#resources: -# limits: -# cpu: 2 -# memory: 4Gi -# requests: -# cpu: 2 -# memory: 4Gi +# Configure resource requests and limits +resources: + small: + limits: + cpu: 200m + memory: 500Mi + requests: + cpu: 100m + memory: 250Mi + large: + limits: + cpu: 400m + memory: 1000Mi + requests: + cpu: 200m + memory: 500Mi + unlimited: {}
\ No newline at end of file diff --git a/kubernetes/vfc/charts/vfc-nokia-v2vnfm-driver/values.yaml b/kubernetes/vfc/charts/vfc-nokia-v2vnfm-driver/values.yaml index 912e80ff03..23fd17bcd8 100644 --- a/kubernetes/vfc/charts/vfc-nokia-v2vnfm-driver/values.yaml +++ b/kubernetes/vfc/charts/vfc-nokia-v2vnfm-driver/values.yaml @@ -26,6 +26,8 @@ global: # Application configuration defaults. ################################################################# # application image +flavor: small + repository: nexus3.onap.org:10001 image: onap/vfc/nfvo/svnfm/nokiav2:1.1.0 pullPolicy: Always @@ -70,21 +72,20 @@ service: ingress: enabled: false -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # - # Example: - # Configure resource requests and limits - # ref: http://kubernetes.io/docs/user-guide/compute-resources/ - # Minimum memory for development is 2 CPU cores and 4GB memory - # Minimum memory for production is 4 CPU cores and 8GB memory -#resources: -# limits: -# cpu: 2 -# memory: 4Gi -# requests: -# cpu: 2 -# memory: 4Gi +# Configure resource requests and limits +resources: + small: + limits: + cpu: 200m + memory: 5000Mi + requests: + cpu: 100m + memory: 3000Mi + large: + limits: + cpu: 400m + memory: 7000Mi + requests: + cpu: 200m + memory: 5000Mi + unlimited: {}
\ No newline at end of file diff --git a/kubernetes/vfc/charts/vfc-nokia-vnfm-driver/values.yaml b/kubernetes/vfc/charts/vfc-nokia-vnfm-driver/values.yaml index 90daf51dcd..23489536e4 100644 --- a/kubernetes/vfc/charts/vfc-nokia-vnfm-driver/values.yaml +++ b/kubernetes/vfc/charts/vfc-nokia-vnfm-driver/values.yaml @@ -26,6 +26,8 @@ global: # Application configuration defaults. ################################################################# # application image +flavor: small + repository: nexus3.onap.org:10001 image: onap/vfc/nfvo/svnfm/nokia:1.1.0 pullPolicy: Always @@ -69,21 +71,20 @@ service: ingress: enabled: false -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # - # Example: - # Configure resource requests and limits - # ref: http://kubernetes.io/docs/user-guide/compute-resources/ - # Minimum memory for development is 2 CPU cores and 4GB memory - # Minimum memory for production is 4 CPU cores and 8GB memory -#resources: -# limits: -# cpu: 2 -# memory: 4Gi -# requests: -# cpu: 2 -# memory: 4Gi +# Configure resource requests and limits +resources: + small: + limits: + cpu: 200m + memory: 2000Mi + requests: + cpu: 100m + memory: 1000Mi + large: + limits: + cpu: 400m + memory: 4000Mi + requests: + cpu: 200m + memory: 2000Mi + unlimited: {}
\ No newline at end of file diff --git a/kubernetes/vfc/charts/vfc-nslcm/values.yaml b/kubernetes/vfc/charts/vfc-nslcm/values.yaml index c3f6e9d0e8..7a9c8bd512 100644 --- a/kubernetes/vfc/charts/vfc-nslcm/values.yaml +++ b/kubernetes/vfc/charts/vfc-nslcm/values.yaml @@ -26,6 +26,8 @@ global: # Application configuration defaults. ################################################################# # application image +flavor: small + repository: nexus3.onap.org:10001 image: onap/vfc/nslcm:1.1.0 pullPolicy: Always @@ -69,21 +71,21 @@ service: ingress: enabled: false -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # - # Example: - # Configure resource requests and limits - # ref: http://kubernetes.io/docs/user-guide/compute-resources/ - # Minimum memory for development is 2 CPU cores and 4GB memory - # Minimum memory for production is 4 CPU cores and 8GB memory -#resources: -# limits: -# cpu: 2 -# memory: 4Gi -# requests: -# cpu: 2 -# memory: 4Gi + +# Configure resource requests and limits +resources: + small: + limits: + cpu: 200m + memory: 500Mi + requests: + cpu: 100m + memory: 250Mi + large: + limits: + cpu: 400m + memory: 1000Mi + requests: + cpu: 200m + memory: 500Mi + unlimited: {}
\ No newline at end of file diff --git a/kubernetes/vfc/charts/vfc-resmgr/values.yaml b/kubernetes/vfc/charts/vfc-resmgr/values.yaml index 20f4ecdea9..36b778b5f6 100644 --- a/kubernetes/vfc/charts/vfc-resmgr/values.yaml +++ b/kubernetes/vfc/charts/vfc-resmgr/values.yaml @@ -26,6 +26,8 @@ global: # Application configuration defaults. ################################################################# # application image +flavor: small + repository: nexus3.onap.org:10001 image: onap/vfc/resmanagement:1.1.0 pullPolicy: Always @@ -69,21 +71,21 @@ service: ingress: enabled: false -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # - # Example: - # Configure resource requests and limits - # ref: http://kubernetes.io/docs/user-guide/compute-resources/ - # Minimum memory for development is 2 CPU cores and 4GB memory - # Minimum memory for production is 4 CPU cores and 8GB memory -#resources: -# limits: -# cpu: 2 -# memory: 4Gi -# requests: -# cpu: 2 -# memory: 4Gi + +# Configure resource requests and limits +resources: + small: + limits: + cpu: 200m + memory: 2000Mi + requests: + cpu: 100m + memory: 1000Mi + large: + limits: + cpu: 400m + memory: 4000Mi + requests: + cpu: 200m + memory: 2000Mi + unlimited: {}
\ No newline at end of file diff --git a/kubernetes/vfc/charts/vfc-vnflcm/values.yaml b/kubernetes/vfc/charts/vfc-vnflcm/values.yaml index 8992679c24..13f3e2fdc9 100644 --- a/kubernetes/vfc/charts/vfc-vnflcm/values.yaml +++ b/kubernetes/vfc/charts/vfc-vnflcm/values.yaml @@ -26,6 +26,8 @@ global: # Application configuration defaults. ################################################################# # application image +flavor: small + repository: nexus3.onap.org:10001 image: onap/vfc/vnflcm:1.1.0 pullPolicy: Always @@ -69,21 +71,21 @@ service: ingress: enabled: false -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # - # Example: - # Configure resource requests and limits - # ref: http://kubernetes.io/docs/user-guide/compute-resources/ - # Minimum memory for development is 2 CPU cores and 4GB memory - # Minimum memory for production is 4 CPU cores and 8GB memory -#resources: -# limits: -# cpu: 2 -# memory: 4Gi -# requests: -# cpu: 2 -# memory: 4Gi + +# Configure resource requests and limits +resources: + small: + limits: + cpu: 200m + memory: 500Mi + requests: + cpu: 100m + memory: 250Mi + large: + limits: + cpu: 400m + memory: 1000Mi + requests: + cpu: 200m + memory: 500Mi + unlimited: {}
\ No newline at end of file diff --git a/kubernetes/vfc/charts/vfc-vnfmgr/values.yaml b/kubernetes/vfc/charts/vfc-vnfmgr/values.yaml index f828d52893..4625127ab5 100644 --- a/kubernetes/vfc/charts/vfc-vnfmgr/values.yaml +++ b/kubernetes/vfc/charts/vfc-vnfmgr/values.yaml @@ -26,6 +26,8 @@ global: # Application configuration defaults. ################################################################# # application image +flavor: small + repository: nexus3.onap.org:10001 image: onap/vfc/vnfmgr:1.1.0 pullPolicy: Always @@ -69,21 +71,20 @@ service: ingress: enabled: false -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # - # Example: - # Configure resource requests and limits - # ref: http://kubernetes.io/docs/user-guide/compute-resources/ - # Minimum memory for development is 2 CPU cores and 4GB memory - # Minimum memory for production is 4 CPU cores and 8GB memory -#resources: -# limits: -# cpu: 2 -# memory: 4Gi -# requests: -# cpu: 2 -# memory: 4Gi +# Configure resource requests and limits +resources: + small: + limits: + cpu: 200m + memory: 500Mi + requests: + cpu: 100m + memory: 250Mi + large: + limits: + cpu: 400m + memory: 1000Mi + requests: + cpu: 200m + memory: 500Mi + unlimited: {}
\ No newline at end of file diff --git a/kubernetes/vfc/charts/vfc-vnfres/values.yaml b/kubernetes/vfc/charts/vfc-vnfres/values.yaml index 5e70487df2..005b8a5863 100644 --- a/kubernetes/vfc/charts/vfc-vnfres/values.yaml +++ b/kubernetes/vfc/charts/vfc-vnfres/values.yaml @@ -26,6 +26,8 @@ global: # Application configuration defaults. ################################################################# # application image +flavor: small + repository: nexus3.onap.org:10001 image: onap/vfc/vnfres:1.1.0 pullPolicy: Always @@ -69,21 +71,21 @@ service: ingress: enabled: false -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # - # Example: - # Configure resource requests and limits - # ref: http://kubernetes.io/docs/user-guide/compute-resources/ - # Minimum memory for development is 2 CPU cores and 4GB memory - # Minimum memory for production is 4 CPU cores and 8GB memory -#resources: -# limits: -# cpu: 2 -# memory: 4Gi -# requests: -# cpu: 2 -# memory: 4Gi + +# Configure resource requests and limits +resources: + small: + limits: + cpu: 200m + memory: 500Mi + requests: + cpu: 100m + memory: 250Mi + large: + limits: + cpu: 400m + memory: 1000Mi + requests: + cpu: 200m + memory: 500Mi + unlimited: {}
\ No newline at end of file diff --git a/kubernetes/vfc/charts/vfc-workflow-engine/values.yaml b/kubernetes/vfc/charts/vfc-workflow-engine/values.yaml index fae22c67c5..2a486da1e2 100644 --- a/kubernetes/vfc/charts/vfc-workflow-engine/values.yaml +++ b/kubernetes/vfc/charts/vfc-workflow-engine/values.yaml @@ -26,6 +26,8 @@ global: # Application configuration defaults. ################################################################# # application image +flavor: small + repository: nexus3.onap.org:10001 image: onap/vfc/wfengine-activiti:1.1.0 pullPolicy: Always @@ -69,21 +71,20 @@ service: ingress: enabled: false -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # - # Example: - # Configure resource requests and limits - # ref: http://kubernetes.io/docs/user-guide/compute-resources/ - # Minimum memory for development is 2 CPU cores and 4GB memory - # Minimum memory for production is 4 CPU cores and 8GB memory -#resources: -# limits: -# cpu: 2 -# memory: 4Gi -# requests: -# cpu: 2 -# memory: 4Gi +# Configure resource requests and limits +resources: + small: + limits: + cpu: 200m + memory: 2000Mi + requests: + cpu: 100m + memory: 1000Mi + large: + limits: + cpu: 400m + memory: 4000Mi + requests: + cpu: 200m + memory: 2000Mi + unlimited: {}
\ No newline at end of file diff --git a/kubernetes/vfc/charts/vfc-workflow/values.yaml b/kubernetes/vfc/charts/vfc-workflow/values.yaml index 4be7845aa3..050e58fafe 100644 --- a/kubernetes/vfc/charts/vfc-workflow/values.yaml +++ b/kubernetes/vfc/charts/vfc-workflow/values.yaml @@ -26,6 +26,8 @@ global: # Application configuration defaults. ################################################################# # application image +flavor: small + repository: nexus3.onap.org:10001 image: onap/vfc/wfengine-mgrservice:1.1.0 pullPolicy: Always @@ -69,21 +71,21 @@ service: ingress: enabled: false -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # - # Example: - # Configure resource requests and limits - # ref: http://kubernetes.io/docs/user-guide/compute-resources/ - # Minimum memory for development is 2 CPU cores and 4GB memory - # Minimum memory for production is 4 CPU cores and 8GB memory -#resources: -# limits: -# cpu: 2 -# memory: 4Gi -# requests: -# cpu: 2 -# memory: 4Gi + +# Configure resource requests and limits +resources: + small: + limits: + cpu: 200m + memory: 500Mi + requests: + cpu: 100m + memory: 250Mi + large: + limits: + cpu: 400m + memory: 1000Mi + requests: + cpu: 200m + memory: 500Mi + unlimited: {}
\ No newline at end of file diff --git a/kubernetes/vfc/charts/vfc-zte-sdnc-driver/values.yaml b/kubernetes/vfc/charts/vfc-zte-sdnc-driver/values.yaml index 3ea6f8d77d..4c9dbaab10 100644 --- a/kubernetes/vfc/charts/vfc-zte-sdnc-driver/values.yaml +++ b/kubernetes/vfc/charts/vfc-zte-sdnc-driver/values.yaml @@ -26,6 +26,8 @@ global: # Application configuration defaults. ################################################################# # application image +flavor: small + repository: nexus3.onap.org:10001 image: onap/vfc/ztesdncdriver:1.1.0 pullPolicy: Always @@ -69,21 +71,21 @@ service: ingress: enabled: false -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # - # Example: - # Configure resource requests and limits - # ref: http://kubernetes.io/docs/user-guide/compute-resources/ - # Minimum memory for development is 2 CPU cores and 4GB memory - # Minimum memory for production is 4 CPU cores and 8GB memory -#resources: -# limits: -# cpu: 2 -# memory: 4Gi -# requests: -# cpu: 2 -# memory: 4Gi + +# Configure resource requests and limits +resources: + small: + limits: + cpu: 200m + memory: 500Mi + requests: + cpu: 100m + memory: 250Mi + large: + limits: + cpu: 400m + memory: 1000Mi + requests: + cpu: 200m + memory: 500Mi + unlimited: {}
\ No newline at end of file diff --git a/kubernetes/vfc/charts/vfc-zte-vnfm-driver/values.yaml b/kubernetes/vfc/charts/vfc-zte-vnfm-driver/values.yaml index e0e47882a5..288d86fa45 100644 --- a/kubernetes/vfc/charts/vfc-zte-vnfm-driver/values.yaml +++ b/kubernetes/vfc/charts/vfc-zte-vnfm-driver/values.yaml @@ -26,6 +26,8 @@ global: # Application configuration defaults. ################################################################# # application image +flavor: small + repository: nexus3.onap.org:10001 image: onap/vfc/ztevnfmdriver:1.1.0 pullPolicy: Always @@ -68,21 +70,21 @@ service: ingress: enabled: false -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # - # Example: - # Configure resource requests and limits - # ref: http://kubernetes.io/docs/user-guide/compute-resources/ - # Minimum memory for development is 2 CPU cores and 4GB memory - # Minimum memory for production is 4 CPU cores and 8GB memory -#resources: -# limits: -# cpu: 2 -# memory: 4Gi -# requests: -# cpu: 2 -# memory: 4Gi + +# Configure resource requests and limits +resources: + small: + limits: + cpu: 100m + memory: 500Mi + requests: + cpu: 50m + memory: 250Mi + large: + limits: + cpu: 200m + memory: 1000Mi + requests: + cpu: 100m + memory: 500Mi + unlimited: {}
\ No newline at end of file diff --git a/kubernetes/vid/templates/deployment.yaml b/kubernetes/vid/templates/deployment.yaml index 9a23c1d7fc..4c635facd2 100644 --- a/kubernetes/vid/templates/deployment.yaml +++ b/kubernetes/vid/templates/deployment.yaml @@ -79,7 +79,7 @@ spec: - name: VID_ECOMP_SHARED_CONTEXT_REST_URL value: http://portal-app.{{ include "common.namespace" . }}:{{ .Values.config.onapport }}/ONAPPORTAL/context - name: VID_MSO_SERVER_URL - value: https://so.{{ include "common.namespace" . }}:{{ .Values.config.msoport }} + value: http://so.{{ include "common.namespace" . }}:{{ .Values.config.msoport }}/onap/so/infra - name: VID_MSO_PASS value: "{{ .Values.config.vidmsopass }}" - name: MSO_DME2_SERVER_URL diff --git a/kubernetes/vnfsdk/values.yaml b/kubernetes/vnfsdk/values.yaml index b9b90166f2..067b3c57c0 100644 --- a/kubernetes/vnfsdk/values.yaml +++ b/kubernetes/vnfsdk/values.yaml @@ -53,6 +53,17 @@ postgres: pgPrimaryPassword: postgres pgUserPassword: postgres pgRootPassword: postgres + pgpool: + nameOverride: vnfsdk-pgpool + service: + name: vnfsdk-pgpool + credentials: + pgusername: postgres + pgpassword: postgres + container: + name: + primary: pgpool-primary + replica: pgpool-replica # flag to enable debugging - application support required debugEnabled: false |