diff options
54 files changed, 1065 insertions, 408 deletions
diff --git a/docs/onap_values.yaml b/docs/onap_values.yaml deleted file mode 100644 index 663b05fb84..0000000000 --- a/docs/onap_values.yaml +++ /dev/null @@ -1,104 +0,0 @@ -################################################################# -# Global configuration overrides. -# -# These overrides will affect all helm charts (ie. applications) -# that are listed below and are 'enabled'. -################################################################# -global: - # Change to an unused port prefix range to prevent port conflicts - # with other instances running within the same k8s cluster - nodePortPrefix: 302 - - # image repositories - repository: nexus3.onap.org:10001 - repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== - # readiness check - readinessRepository: oomk8s - # logging agent - loggingRepository: docker.elastic.co - - # image pull policy - pullPolicy: Always - - # default mount path root directory referenced - # by persistent volumes and log files - persistence: - mountPath: /dockerdata-nfs - - # flag to enable debugging - application support required - debugEnabled: false - - -################################################################# -# Enable/disable and configure helm charts (ie. applications) -# to customize the ONAP deployment. -################################################################# -aaf: - enabled: true -aai: - enabled: true -appc: - enabled: true -clamp: - enabled: true -cli: - enabled: true -consul: # Consul Health Check Monitoring - enabled: true -dcaegen2: - enabled: true -esr: - enabled: true -log: # ONAP Logging ElasticStack - enabled: true -message-router: - enabled: true -mock: - enabled: true -msb: - enabled: true -multicloud: - enabled: true -policy: - enabled: true -portal: - enabled: true -robot: # Robot Health Check - enabled: true -sdc: - enabled: true -sdnc: - enabled: true -so: # Service Orchestrator - enabled: true - - replicaCount: 1 - - liveness: - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - - # so server configuration - config: - # message router configuration - dmaapTopic: "AUTO" - # openstack configuration - openStackUserName: "vnf_user" - openStackRegion: "RegionOne" - openStackKeyStoneUrl: "http://1.2.3.4:5000" - openStackServiceTenantName: "service" - openStackEncryptedPasswordHere: "c124921a3a0efbe579782cde8227681e" - - # configure embedded mariadb - mariadb: - config: - mariadbRootPassword: password -uui: - enabled: true -vfc: - enabled: true -vid: - enabled: true -vnfsdk: - enabled: true diff --git a/docs/oom_cloud_setup_guide.rst b/docs/oom_cloud_setup_guide.rst index 4fe943cf18..9fb3ab73b1 100644 --- a/docs/oom_cloud_setup_guide.rst +++ b/docs/oom_cloud_setup_guide.rst @@ -45,34 +45,33 @@ The versions of Kubernetes that are supported by OOM are as follows: .. table:: OOM Software Requirements - ============== ========== ===== ======= ======== - Release Kubernetes Helm kubectl Docker - ============== ========== ===== ======= ======== - amsterdam 1.7.x 2.3.x 1.7.x 1.12.x - beijing 1.8.10 2.8.2 1.8.10 17.03.x - casablanca/master 1.8.10 2.9.1 1.8.10 17.03.x - ============== ========== ===== ======= ======== + ============== =========== ===== ======== ======== + Release Kubernetes Helm kubectl Docker + ============== =========== ===== ======== ======== + amsterdam 1.7.x 2.3.x 1.7.x 1.12.x + beijing 1.8.10 2.8.2 1.8.10 17.03.x + casablanca 1.11.2 2.9.1 1.11.2 17.03.x + ============== =========== ===== ======== ======== Minimum Hardware Configuration ============================== -The minimum hardware requirements are provided below. Note that although ONAP -may operate on a single node as described production deployments will need at -least three if not six nodes to ensure there is no single point of failure. +The hardware requirements are provided below. Note that this is for a +full ONAP deployment (all components). Customizing ONAP to deploy only +components that are needed will drastically reduce the requirements. .. table:: OOM Hardware Requirements ===== ===== ====== ==================== RAM HD vCores Ports ===== ===== ====== ==================== - 128GB 160GB 32 0.0.0.0/0 (all open) + 224GB 160GB 112 0.0.0.0/0 (all open) ===== ===== ====== ==================== .. note:: - Kubernetes supports a maximum of 110 pods per node which forces one to use at - least two nodes to deploy all of ONAP although at least three are recommended - (for example 4x32GB - 8 vCores each). Subsets of ONAP may still be deployed - on a single node. + Kubernetes supports a maximum of 110 pods per node. The use of many small + nodes is preferred over a few larger nodes (for example 14x16GB - 8 vCores each). + Subsets of ONAP may still be deployed on a single node. Cloud Installation ================== diff --git a/docs/oom_quickstart_guide.rst b/docs/oom_quickstart_guide.rst index 077e7e7e1c..0029d5fb9a 100644 --- a/docs/oom_quickstart_guide.rst +++ b/docs/oom_quickstart_guide.rst @@ -16,119 +16,18 @@ available), follow the following instructions to deploy ONAP. **Step 1.** Clone the OOM repository from ONAP gerrit:: - > git clone -b beijing http://gerrit.onap.org/r/oom + > git clone -b casablanca http://gerrit.onap.org/r/oom > cd oom/kubernetes +**Step 2.** Install Helm Plugins required to deploy the ONAP Casablanca release:: + sudo cp -R ~/oom/kubernetes/helm/plugins/ ~/.helm -**Step 2.** Customize the onap/values.yaml file to suit your deployment. You +**Step 3.** Customize the onap/values.yaml file to suit your deployment. You may want to selectively enable or disable ONAP components by changing the `enabled: true/false` flags as shown below: -.. code-block:: yaml - - ################################################################# - # Global configuration overrides. - # - # These overrides will affect all helm charts (ie. applications) - # that are listed below and are 'enabled'. - ################################################################# - global: - # Change to an unused port prefix range to prevent port conflicts - # with other instances running within the same k8s cluster - nodePortPrefix: 302 - - # image repositories - repository: nexus3.onap.org:10001 - repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== - # readiness check - readinessRepository: oomk8s - # logging agent - loggingRepository: docker.elastic.co - - # image pull policy - pullPolicy: Always - - # default mount path root directory referenced - # by persistent volumes and log files - persistence: - mountPath: /dockerdata-nfs - - # flag to enable debugging - application support required - debugEnabled: false - - ################################################################# - # Enable/disable and configure helm charts (ie. applications) - # to customize the ONAP deployment. - ################################################################# - aaf: - enabled: true - aai: - enabled: true - appc: - enabled: true - clamp: - enabled: true - cli: - enabled: true - consul: # Consul Health Check Monitoring - enabled: true - dcaegen2: - enabled: true - esr: - enabled: true - log: - enabled: true - message-router: - enabled: true - mock: - enabled: true - msb: - enabled: true - multicloud: - enabled: true - policy: - enabled: true - portal: - enabled: true - robot: # Robot Health Check - enabled: true - sdc: - enabled: true - sdnc: - enabled: true - so: # Service Orchestrator - enabled: true - - replicaCount: 1 - - liveness: - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - - # so server configuration - config: - # message router configuration - dmaapTopic: "AUTO" - # openstack configuration - openStackUserName: "vnf_user" - openStackRegion: "RegionOne" - openStackKeyStoneUrl: "http://1.2.3.4:5000" - openStackServiceTenantName: "service" - openStackEncryptedPasswordHere: "c124921a3a0efbe579782cde8227681e" - - # configure embedded mariadb - mariadb: - config: - mariadbRootPassword: password - uui: - enabled: true - vfc: - enabled: true - vid: - enabled: true - vnfsdk: - enabled: true +.. literalinclude:: onap-values.yaml + :language: yaml .. note:: To generate openStackEncryptedPasswordHere : @@ -154,18 +53,12 @@ follows:: **Step 5.** Build a local Helm repository (from the kubernetes directory):: - > make all + > make all; make onap **Step 6.** Display the charts that available to be deployed:: > helm search -l - NAME VERSION DESCRIPTION - local/appc 2.0.0 Application Controller - local/clamp 2.0.0 ONAP Clamp - local/common 2.0.0 Common templates for inclusion in other charts - local/onap 2.0.0 Open Network Automation Platform (ONAP) - local/robot 2.0.0 A helm Chart for kubernetes-ONAP Robot - local/so 2.0.0 ONAP Service Orchestrator +.. literalinclude:: helm-search.txt .. note:: The setup of the Helm repository is a one time activity. If you make changes to your deployment charts or values be sure to use `make` to update your local Helm repository. @@ -173,11 +66,15 @@ follows:: **Step 7.** Once the repo is setup, installation of ONAP can be done with a single command:: - > helm install local/onap -n dev --namespace onap + > helm deploy dev local/onap --namespace onap -.. note:: - The requirement for the use of the `onap` namespace will be lifted once the OOM team completes their Beijing deveivers. Use the following to monitor your deployment and determine when ONAP is ready for use:: > kubectl get pods --all-namespaces -o=wide + +Undeploying onap can be done using the following command:: + > helm undeploy dev --purge + + +More examples of using the deploy and undeploy plugins can be found here: https://wiki.onap.org/display/DW/OOM+Helm+%28un%29Deploy+plugins
\ No newline at end of file diff --git a/docs/oom_setup_kubernetes_rancher.rst b/docs/oom_setup_kubernetes_rancher.rst index a20c0dfe96..fddccf8068 100644 --- a/docs/oom_setup_kubernetes_rancher.rst +++ b/docs/oom_setup_kubernetes_rancher.rst @@ -48,7 +48,7 @@ Select "No" on "Create New Volume" Select Flavor ------------- Known issues exist if flavor is too small for Rancher. Please select a flavor -with at least 4 vCPU and 8GB ram. +with at least 4 vCPU and 8GB ram. A size of 8 vCPU and 16GB ram is recommended. .. image:: Rancher-Select_Flavor.jpeg @@ -88,7 +88,7 @@ This customization script will: * install nfs server .. note:: - The Beijing release of OOM only supports Helm 2.8.2 not the 2.7.2 shown in + The Casablanca release of OOM only supports Helm 2.9.1 not the 2.7.2 shown in the screen capture below. The supported versions of all the software components are listed in the :ref:`cloud-setup-guide-label`. @@ -133,8 +133,9 @@ Select Flavor The size of a Kubernetes host depends on the size of the ONAP deployment that will be installed. -As of the Beijing release a minimum of 3 x 32GB hosts will be needed to run a -full ONAP deployment (all components). +As of the Casablanca release a minimum 224GB will be needed to run a +full ONAP deployment (all components). It is recommended that more hosts are used +with fewer resources instead of only a few large hosts. For example 14 x 16GB hosts. If a small subset of ONAP components are being deployed for testing purposes, then a single 16GB or 32GB host should suffice. diff --git a/docs/oom_user_guide.rst b/docs/oom_user_guide.rst index db410a69aa..ea658f0893 100644 --- a/docs/oom_user_guide.rst +++ b/docs/oom_user_guide.rst @@ -108,7 +108,7 @@ stable which should be removed to avoid confusion:: To prepare your system for an installation of ONAP, you'll need to:: - > git clone -b beijing http://gerrit.onap.org/r/oom + > git clone -b casablanca http://gerrit.onap.org/r/oom > cd oom/kubernetes @@ -282,7 +282,7 @@ value for the vnfDeployment/openstack/oam_network_cidr key as shown below. To deploy ONAP with this environment file, enter:: - > helm install local/onap -n beijing -f environments/onap-production.yaml + > helm deploy local/onap -n casablanca -f environments/onap-production.yaml .. include:: environments_onap_demo.yaml :code: yaml @@ -381,16 +381,31 @@ below:: 10.12.6.155 portal.api.simpledemo.onap.org 10.12.6.155 vid.api.simpledemo.onap.org 10.12.6.155 sdc.api.fe.simpledemo.onap.org + 10.12.6.155 sdc.workflow.plugin.simpledemo.onap.org + 10.12.6.155 sdc.dcae.plugin.simpledemo.onap.org 10.12.6.155 portal-sdk.simpledemo.onap.org 10.12.6.155 policy.api.simpledemo.onap.org 10.12.6.155 aai.api.sparky.simpledemo.onap.org 10.12.6.155 cli.api.simpledemo.onap.org 10.12.6.155 msb.api.discovery.simpledemo.onap.org + 10.12.6.155 msb.api.simpledemo.onap.org + 10.12.6.155 clamp.api.simpledemo.onap.org + 10.12.6.155 so.api.simpledemo.onap.org Ensure you've disabled any proxy settings the browser you are using to access -the portal and then simply access the familiar URL: -http://portal.api.simpledemo.onap.org:8989/ONAPPORTAL/login.htm +the portal and then simply access now the new ssl-encrypted URL: +https://portal.api.simpledemo.onap.org:30225/ONAPPORTAL/login.htm +.. note:: + Using the HTTPS based Portal URL the Browser needs to be configured to accept + unsecure credentials. + Additionally when opening an Application inside the Portal, the Browser + might block the content, which requires to disable the blocking and reloading + of the page + +.. note:: + Besides the ONAP Portal the Components can deliver additional user interfaces, + please check the Component specific documentation. .. note:: @@ -572,14 +587,14 @@ sequence of events described in the previous paragraph would be initiated. For example, to upgrade a container by changing configuration, specifically an environment value:: - > helm upgrade beijing onap/so --version 2.0.1 --set enableDebug=true + > helm deploy casablanca onap/so --version 2.0.1 --set enableDebug=true Issuing this command will result in the appropriate container being stopped by Kubernetes and replaced with a new container with the new environment value. To upgrade a component to a new version with a new configuration file enter:: - > helm upgrade beijing onap/so --version 2.0.2 -f environments/demo.yaml + > helm deploy casablanca onap/so --version 2.0.2 -f environments/demo.yaml To fetch release history enter:: @@ -672,18 +687,18 @@ from a running deployment the operator perform a 'dry-run' to display exactly what will happen with a given command prior to actually deleting anything. For example:: - > helm delete --dry-run beijing + > helm undeploy casablanca --dry-run -will display the outcome of deleting the 'beijing' release from the deployment. +will display the outcome of deleting the 'casablanca' release from the deployment. To completely delete a release and remove it from the internal store enter:: - > helm delete --purge beijing + > helm undeploy casablanca --purge One can also remove individual components from a deployment by changing the ONAP configuration values. For example, to remove `so` from a running deployment enter:: - > helm upgrade beijing osn/onap --set so.enabled=false + > helm undeploy casablanca-so --purge will remove `so` as the configuration indicates it's no longer part of the deployment. This might be useful if a one wanted to replace just `so` by diff --git a/docs/openstack-k8s-node.sh b/docs/openstack-k8s-node.sh index 66dc629398..b8462aa5e9 100644 --- a/docs/openstack-k8s-node.sh +++ b/docs/openstack-k8s-node.sh @@ -1,7 +1,7 @@ #!/bin/bash DOCKER_VERSION=17.03 -KUBECTL_VERSION=1.8.10 +KUBECTL_VERSION=1.11.2 HELM_VERSION=2.9.1 # setup root access - default login: oom/oom - comment out to restrict access too ssh key only diff --git a/docs/openstack-rancher.sh b/docs/openstack-rancher.sh index 1f1d2e4639..bcf542aedc 100644 --- a/docs/openstack-rancher.sh +++ b/docs/openstack-rancher.sh @@ -1,8 +1,8 @@ #!/bin/bash DOCKER_VERSION=17.03 -RANCHER_VERSION=1.6.18 -KUBECTL_VERSION=1.8.10 +RANCHER_VERSION=1.6.22 +KUBECTL_VERSION=1.11.2 HELM_VERSION=2.9.1 # setup root access - default login: oom/oom - comment out to restrict access too ssh key only diff --git a/docs/release-notes.rst b/docs/release-notes.rst index c87eee0114..3e8a1be1b7 100644 --- a/docs/release-notes.rst +++ b/docs/release-notes.rst @@ -8,6 +8,49 @@ Release Notes ============= +Version 3.0.0 Casablanca Release +-------------------------------- + +:Release Date: 2018-11-30 + +Summary +======= + +The focus of this release was on incremental improvements in the following areas: +* Pluggable persistent storage with support for GlusterFS as the first storage class provisioner +* CPU and Memory limits in Helm Charts to improve Pod placement based on resource availablity in Kubernetes Cluster +* Support of Node Selectors for Pod placement +* Common "shared" Helm Charts referencing common images + - mariadb-galera + - postgres + - cassandra + - mysql + - mongo +* Integration of ARK Backup and Restore solution +* Introduction of Helm deploy and undeploy plugins to better manage ONAP deployments + + +**Security Notes** + +OOM code has been formally scanned during build time using NexusIQ and no Critical vulnerability was found. + +Quick Links: + - `OOM project page <https://wiki.onap.org/display/DW/ONAP+Operations+Manager+Project>`_ + + - `Passing Badge information for OOM <https://bestpractices.coreinfrastructure.org/en/projects/1631>`_ + + +**Known Issues** + +Problem: kubectl connections to pods (kubectl exec|logs) will fail after a while due to a known bug in Kubernetes (1.11.2) +Workaround: Restart of the kubelet daemons on the k8s hosts +Fix: Will be delivered in the next release via a new Kubernetes version (1.12) +- `K8S Bug Report <https://github.com/kubernetes/kubernetes/issues/67659>`_ +- `OOM-1532 <https://jira.onap.org/browse/OOM-1532>`_ +- `OOM-1516 <https://jira.onap.org/browse/OOM-1516>`_ +- `OOM-1520 <https://jira.onap.org/browse/OOM-1520>`_ + + Version 2.0.0 Beijing Release ----------------------------- diff --git a/kubernetes/aai/charts/aai-data-router/values.yaml b/kubernetes/aai/charts/aai-data-router/values.yaml index dbcea40a51..367fb2b032 100644 --- a/kubernetes/aai/charts/aai-data-router/values.yaml +++ b/kubernetes/aai/charts/aai-data-router/values.yaml @@ -88,8 +88,8 @@ resources: cpu: 2 memory: 4Gi requests: - cpu: 1 - memory: 2Gi + cpu: 0.25 + memory: 750Mi large: limits: cpu: 4 diff --git a/kubernetes/aai/charts/aai-elasticsearch/values.yaml b/kubernetes/aai/charts/aai-elasticsearch/values.yaml index 8eb4d279bd..2351f4f6d4 100644 --- a/kubernetes/aai/charts/aai-elasticsearch/values.yaml +++ b/kubernetes/aai/charts/aai-elasticsearch/values.yaml @@ -86,7 +86,7 @@ resources: cpu: 2 memory: 4Gi requests: - cpu: 1 + cpu: 0.5 memory: 2Gi large: limits: diff --git a/kubernetes/aai/charts/aai-gizmo/resources/config/crud-beans.xml b/kubernetes/aai/charts/aai-gizmo/resources/config/crud-beans.xml index 48db706b1f..e0ab32b584 100644 --- a/kubernetes/aai/charts/aai-gizmo/resources/config/crud-beans.xml +++ b/kubernetes/aai/charts/aai-gizmo/resources/config/crud-beans.xml @@ -44,8 +44,4 @@ <constructor-arg name="graphDataService" ref="graphDataService" /> </bean> - <bean id="aaiResourceService" class="org.onap.crud.service.AaiResourceService" init-method="startup" > - <constructor-arg name="graphDataService" ref="graphDataService" /> - </bean> - </beans> diff --git a/kubernetes/aai/charts/aai-gizmo/resources/config/edgeprops-ingest.properties b/kubernetes/aai/charts/aai-gizmo/resources/config/edgeprops-ingest.properties new file mode 100644 index 0000000000..fbefd30219 --- /dev/null +++ b/kubernetes/aai/charts/aai-gizmo/resources/config/edgeprops-ingest.properties @@ -0,0 +1,3 @@ +# DB Edge Property files are copied here: +edgePropsDir=/opt/app/crud-service/config/model + diff --git a/kubernetes/aai/charts/aai-gizmo/resources/config/model/edge_properties_v14.json b/kubernetes/aai/charts/aai-gizmo/resources/config/model/edge_properties_v14.json new file mode 100644 index 0000000000..8d00636d27 --- /dev/null +++ b/kubernetes/aai/charts/aai-gizmo/resources/config/model/edge_properties_v14.json @@ -0,0 +1,6 @@ +{ + "contains-other-v": "java.lang.String", + "delete-other-v": "java.lang.String", + "SVC-INFRA": "java.lang.String", + "prevent-delete": "java.lang.String" +}
\ No newline at end of file diff --git a/kubernetes/aai/charts/aai-gizmo/resources/config/schema-ingest.properties b/kubernetes/aai/charts/aai-gizmo/resources/config/schema-ingest.properties new file mode 100644 index 0000000000..39e08edf1b --- /dev/null +++ b/kubernetes/aai/charts/aai-gizmo/resources/config/schema-ingest.properties @@ -0,0 +1,22 @@ +# Schema Version Related Attributes +schema.uri.base.path=/aai +# Lists all of the versions in the schema +schema.version.list=v9,v10,v11,v12,v13,v14 +# Specifies from which version should the depth parameter to default to zero +schema.version.depth.start=v9 +# Specifies from which version should the related link be displayed in response payload +schema.version.related.link.start=v10 +# Specifies from which version should the client see only the uri excluding host info +# Before this version server base will also be included +schema.version.app.root.start=v11 +# Specifies from which version should the namespace be changed +schema.version.namespace.change.start=v12 +# Specifies from which version should the client start seeing the edge label in payload +schema.version.edge.label.start=v12 +# Specifies the version that the application should default to +schema.version.api.default=v14 + +# Schema Location Related Attributes +schema.configuration.location=NA +schema.nodes.location=/opt/app/crud-api/bundleconfig/etc/onap/oxm +schema.edges.location=/opt/app/crud-api/bundleconfig/etc/onap/dbedgerules diff --git a/kubernetes/aai/charts/aai-gizmo/resources/config/schemaIngest.properties b/kubernetes/aai/charts/aai-gizmo/resources/config/schemaIngest.properties deleted file mode 100644 index 605f7e3ba6..0000000000 --- a/kubernetes/aai/charts/aai-gizmo/resources/config/schemaIngest.properties +++ /dev/null @@ -1,32 +0,0 @@ -#
-# ============LICENSE_START=======================================================
-# org.onap.aai
-# ================================================================================
-# Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved.
-# Copyright © 2017-2018 Amdocs
-# Modifications Copyright © 2018 Bell Canada
-# ================================================================================
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-# ============LICENSE_END=========================================================
-#
-
-# Properties for the SchemaLocationsBean
-
-# The AAI Schema jar will be unpacked to bundleconfig/etc
-schemaConfig=NA
-# OXM files named aai_oxm_v*.xml are unpacked here:
-nodeDir=/opt/app/crud-api/bundleconfig/etc/oxm
-# DB Edge Rules are unpacked here:
-edgeDir=/opt/app/crud-api/bundleconfig/etc/dbedgerules
-# DB Edge Property files are copied here:
-edgePropsDir=/opt/app/crud-service/config/model
diff --git a/kubernetes/aai/charts/aai-gizmo/templates/deployment.yaml b/kubernetes/aai/charts/aai-gizmo/templates/deployment.yaml index 1e68712749..0a30388279 100644 --- a/kubernetes/aai/charts/aai-gizmo/templates/deployment.yaml +++ b/kubernetes/aai/charts/aai-gizmo/templates/deployment.yaml @@ -86,8 +86,11 @@ spec: - mountPath: /opt/app/crud-service/config/crud-api.properties subPath: crud-api.properties name: {{ include "common.fullname" . }}-config - - mountPath: /opt/app/crud-service/config/schemaIngest.properties - subPath: schemaIngest.properties + - mountPath: /opt/app/crud-service/config/schema-ingest.properties + subPath: schema-ingest.properties + name: {{ include "common.fullname" . }}-config + - mountPath: /opt/app/crud-service/config/edgeprops-ingest.properties + subPath: edgeprops-ingest.properties name: {{ include "common.fullname" . }}-config - mountPath: /opt/app/crud-service/config/model/ name: {{ include "common.fullname" . }}-model-config @@ -217,8 +220,10 @@ spec: items: - key: crud-api.properties path: crud-api.properties - - key: schemaIngest.properties - path: schemaIngest.properties + - key: schema-ingest.properties + path: schema-ingest.properties + - key: edgeprops-ingest.properties + path: edgeprops-ingest.properties - key: crud-beans.xml path: crud-beans.xml - name: {{ include "common.fullname" . }}-logback-config diff --git a/kubernetes/aai/charts/aai-search-data/values.yaml b/kubernetes/aai/charts/aai-search-data/values.yaml index 292e23c59c..7022596e41 100644 --- a/kubernetes/aai/charts/aai-search-data/values.yaml +++ b/kubernetes/aai/charts/aai-search-data/values.yaml @@ -67,8 +67,8 @@ resources: cpu: 2 memory: 4Gi requests: - cpu: 1 - memory: 2Gi + cpu: 0.25 + memory: 750Mi large: limits: cpu: 4 diff --git a/kubernetes/aai/charts/aai-sparky-be/values.yaml b/kubernetes/aai/charts/aai-sparky-be/values.yaml index fdcb2ab6e9..102e800030 100644 --- a/kubernetes/aai/charts/aai-sparky-be/values.yaml +++ b/kubernetes/aai/charts/aai-sparky-be/values.yaml @@ -37,7 +37,7 @@ ubuntuInitImage: oomk8s/ubuntu-init:2.0.0 # application configuration config: elasticsearchHttpPort: 9200 - gerritBranch: master + gerritBranch: 3.0.0-ONAP gerritProject: http://gerrit.onap.org/r/aai/test-config portalUsername: aaiui portalPassword: 1t2v1vfv1unz1vgz1t3b @@ -90,8 +90,8 @@ resources: cpu: 2 memory: 4Gi requests: - cpu: 2 - memory: 4Gi + cpu: 0.25 + memory: 1Gi large: limits: cpu: 4 diff --git a/kubernetes/aai/charts/aai-spike/resources/config/schemaIngest.properties b/kubernetes/aai/charts/aai-spike/resources/config/edgeprops-ingest.properties index cc51f179dd..b0a315041d 100644 --- a/kubernetes/aai/charts/aai-spike/resources/config/schemaIngest.properties +++ b/kubernetes/aai/charts/aai-spike/resources/config/edgeprops-ingest.properties @@ -19,12 +19,5 @@ # ============LICENSE_END========================================================= # -# Properties for the SchemaLocationsBean -# The AAI Schema jar will be unpacked to bundleconfig/etc -schemaConfig=NA -# Files named aai_oxm_v*.xml are unpacked here: -nodeDir=/opt/app/spike/bundleconfig/etc/oxm -# DB Edge Rules are unpacked here: -edgeDir=/opt/app/spike/bundleconfig/etc/dbedgerules # DB Edge Property files are copied here: -edgePropsDir=/opt/app/spike/config/model/edge_props
\ No newline at end of file +edgePropsDir=/opt/app/spike/config/model/edge_props diff --git a/kubernetes/aai/charts/aai-spike/resources/config/schema-ingest.properties b/kubernetes/aai/charts/aai-spike/resources/config/schema-ingest.properties new file mode 100644 index 0000000000..7cec524c95 --- /dev/null +++ b/kubernetes/aai/charts/aai-spike/resources/config/schema-ingest.properties @@ -0,0 +1,49 @@ +# +# ============LICENSE_START======================================================= +# org.onap.aai +# ================================================================================ +# Copyright © 2018 AT&T Intellectual Property. All rights reserved. +# Copyright © 2018 Amdocs +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +# + +####################################### +# Schema Version Related Attributes +####################################### + +schema.uri.base.path=/aai +# Lists all of the versions in the schema +schema.version.list=v8,v9,v10,v11,v12,v13,v14 +# Specifies from which version should the depth parameter to default to zero +schema.version.depth.start=v9 +# Specifies from which version should the related link be displayed in response payload +schema.version.related.link.start=v10 +# Specifies from which version should the client see only the uri excluding host info +# Before this version server base will also be included +schema.version.app.root.start=v11 +# Specifies from which version should the namespace be changed +schema.version.namespace.change.start=v12 +# Specifies from which version should the client start seeing the edge label in payload +schema.version.edge.label.start=v12 +# Specifies the version that the application should default to +schema.version.api.default=v14 + +####################################### +# Schema Location Related Attributes +####################################### + +schema.configuration.location=NA +schema.nodes.location=/opt/app/spike/bundleconfig/etc/onap/oxm +schema.edges.location=/opt/app/spike/bundleconfig/etc/onap/dbedgerules diff --git a/kubernetes/aai/charts/aai-spike/templates/deployment.yaml b/kubernetes/aai/charts/aai-spike/templates/deployment.yaml index 38c5ac8a83..a3ff068971 100644 --- a/kubernetes/aai/charts/aai-spike/templates/deployment.yaml +++ b/kubernetes/aai/charts/aai-spike/templates/deployment.yaml @@ -92,8 +92,11 @@ spec: - mountPath: /opt/app/spike/config/spike.properties subPath: spike.properties name: {{ include "common.fullname" . }}-config - - mountPath: /opt/app/spike/config/schemaIngest.properties - subPath: schemaIngest.properties + - mountPath: /opt/app/spike/config/schema-ingest.properties + subPath: schema-ingest.properties + name: {{ include "common.fullname" . }}-config + - mountPath: /opt/app/spike/config/edgeprops-ingest.properties + subPath: edgeprops-ingest.properties name: {{ include "common.fullname" . }}-config - mountPath: /opt/app/spike/config/model/edge_props name: {{ include "common.fullname" . }}-edge-props-config @@ -141,8 +144,10 @@ spec: path: spike.properties - key: spike-beans.xml path: spike-beans.xml - - key: schemaIngest.properties - path: schemaIngest.properties + - key: schema-ingest.properties + path: schema-ingest.properties + - key: edgeprops-ingest.properties + path: edgeprops-ingest.properties - key: logback.xml path: logback.xml - name: {{ include "common.fullname" . }}-edge-props-config diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml b/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml index fcb0c73344..6cf2cb64a6 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml +++ b/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml @@ -85,7 +85,7 @@ image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:1.4.5 # Use to override default setting in blueprints componentImages: config_binding_service: onap/org.onap.dcaegen2.platform.configbinding.app-app:2.2.3 - datafile_collector: onap/org.onap.dcaegen2.collectors.datafile.datafile-app-server:1.0.4 + datafile_collector: onap/org.onap.dcaegen2.collectors.datafile.datafile-app-server:1.1.0 deployment_handler: onap/org.onap.dcaegen2.platform.deployment-handler:3.0.3 holmes_rules: onap/holmes/rule-management:1.2.3 holmes_engine: onap/holmes/engine-management:1.2.2 diff --git a/kubernetes/dmaap/charts/message-router/charts/message-router-kafka/values.yaml b/kubernetes/dmaap/charts/message-router/charts/message-router-kafka/values.yaml index 7f26ce28e8..43c4d3aecd 100644 --- a/kubernetes/dmaap/charts/message-router/charts/message-router-kafka/values.yaml +++ b/kubernetes/dmaap/charts/message-router/charts/message-router-kafka/values.yaml @@ -44,7 +44,7 @@ debugEnabled: false # application configuration config: # gerrit branch where the latest code is checked in - gerritBranch: master + gerritBranch: 3.0.0-ONAP # gerrit project where the latest code is checked in gerritProject: http://gerrit.onap.org/r/dmaap/messagerouter/messageservice.git diff --git a/kubernetes/dmaap/charts/message-router/charts/message-router-zookeeper/values.yaml b/kubernetes/dmaap/charts/message-router/charts/message-router-zookeeper/values.yaml index 6e61206818..05963ab48c 100644 --- a/kubernetes/dmaap/charts/message-router/charts/message-router-zookeeper/values.yaml +++ b/kubernetes/dmaap/charts/message-router/charts/message-router-zookeeper/values.yaml @@ -40,7 +40,7 @@ debugEnabled: false # application configuration config: # gerrit branch where the latest code is checked in - gerritBranch: master + gerritBranch: 3.0.0-ONAP # gerrit project where the latest code is checked in gerritProject: http://gerrit.onap.org/r/dmaap/messagerouter/messageservice.git diff --git a/kubernetes/log/charts/log-logstash/values.yaml b/kubernetes/log/charts/log-logstash/values.yaml index 955a02a11e..246b812d42 100644 --- a/kubernetes/log/charts/log-logstash/values.yaml +++ b/kubernetes/log/charts/log-logstash/values.yaml @@ -41,7 +41,7 @@ config: # default number of instances # 30+ logs/sec will saturate a single node to 6+ vCores -replicaCount: 5 +replicaCount: 3 nodeSelector: {} @@ -93,4 +93,4 @@ resources: requests: cpu: 2 memory: 4Gi - unlimited: {}
\ No newline at end of file + unlimited: {} diff --git a/kubernetes/multicloud/charts/multicloud-ocata/values.yaml b/kubernetes/multicloud/charts/multicloud-ocata/values.yaml index c266bdbfae..8cc6b3baab 100644 --- a/kubernetes/multicloud/charts/multicloud-ocata/values.yaml +++ b/kubernetes/multicloud/charts/multicloud-ocata/values.yaml @@ -24,7 +24,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/multicloud/openstack-ocata:1.2.1 +image: onap/multicloud/openstack-ocata:1.2.2 pullPolicy: Always #Istio sidecar injection policy diff --git a/kubernetes/multicloud/charts/multicloud-pike/values.yaml b/kubernetes/multicloud/charts/multicloud-pike/values.yaml index 962a3ca175..eedef28483 100644 --- a/kubernetes/multicloud/charts/multicloud-pike/values.yaml +++ b/kubernetes/multicloud/charts/multicloud-pike/values.yaml @@ -23,7 +23,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/multicloud/openstack-pike:1.2.1 +image: onap/multicloud/openstack-pike:1.2.2 pullPolicy: Always #Istio sidecar injection policy diff --git a/kubernetes/multicloud/charts/multicloud-windriver/values.yaml b/kubernetes/multicloud/charts/multicloud-windriver/values.yaml index f9039d94e9..c453ed5a19 100644 --- a/kubernetes/multicloud/charts/multicloud-windriver/values.yaml +++ b/kubernetes/multicloud/charts/multicloud-windriver/values.yaml @@ -24,7 +24,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/multicloud/openstack-windriver:1.2.1 +image: onap/multicloud/openstack-windriver:1.2.2 pullPolicy: Always #Istio sidecar injection policy diff --git a/kubernetes/multicloud/values.yaml b/kubernetes/multicloud/values.yaml index 01358410fe..78f42ccbfb 100644 --- a/kubernetes/multicloud/values.yaml +++ b/kubernetes/multicloud/values.yaml @@ -26,7 +26,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/multicloud/framework:1.2.1 +image: onap/multicloud/framework:1.2.2 pullPolicy: Always #Istio sidecar injection policy diff --git a/kubernetes/onap/resources/environments/dev.yaml b/kubernetes/onap/resources/environments/dev.yaml index 386a3cf395..6be1a0073c 100644 --- a/kubernetes/onap/resources/environments/dev.yaml +++ b/kubernetes/onap/resources/environments/dev.yaml @@ -75,6 +75,8 @@ esr: enabled: false log: enabled: false + log-logstash: + replicaCount: 1 sniro-emulator: enabled: false oof: diff --git a/kubernetes/onap/values.yaml b/kubernetes/onap/values.yaml index 62999b2bdc..1ca2b8470a 100644 --- a/kubernetes/onap/values.yaml +++ b/kubernetes/onap/values.yaml @@ -1,4 +1,4 @@ -# Copyright © 2017 Amdocs, Bell Canada +# Copyright © 2018 Amdocs, Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -112,7 +112,7 @@ portal: robot: enabled: true config: -# openStackEncryptedPasswordHere should match the encrypted string used in SO and APPC and overridden per environment + # openStackEncryptedPasswordHere should match the encrypted string used in SO and APPC and overridden per environment openStackEncryptedPasswordHere: "c124921a3a0efbe579782cde8227681e" sdc: enabled: true diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/values.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/values.yaml index a970f38157..98c6b4a050 100644 --- a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/values.yaml +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/values.yaml @@ -65,7 +65,7 @@ service: internalPort: 8080 externalPort: 8080 #nodePort: 23 - # as of 20181022 port 23 is reserved for cmso + # as of 20181022 port 23 is reserved for cmso # see https://wiki.onap.org/display/DW/OOM+NodePort+List @@ -94,9 +94,18 @@ ingress: # Minimum memory for development is 2 CPU cores and 4GB memory # Minimum memory for production is 4 CPU cores and 8GB memory resources: - limits: - cpu: 1 - memory: 1.2Gi - requests: - cpu: 10m - memory: 800Mi + small: + limits: + cpu: 1 + memory: 1.2Gi + requests: + cpu: 10m + memory: 800Mi + large: + limits: + cpu: 1 + memory: 1.2Gi + requests: + cpu: 10m + memory: 800Mi + unlimited: {} diff --git a/kubernetes/oof/charts/oof-has/values.yaml b/kubernetes/oof/charts/oof-has/values.yaml index d825e4437b..d223f4b9a2 100755 --- a/kubernetes/oof/charts/oof-has/values.yaml +++ b/kubernetes/oof/charts/oof-has/values.yaml @@ -25,7 +25,7 @@ global: commonConfigPrefix: onap-oof-has image: readiness: oomk8s/readiness-check:2.0.0 - optf_has: onap/optf-has:1.2.4 + optf_has: onap/optf-has:1.2.5 filebeat: docker.elastic.co/beats/filebeat:5.5.0 pullPolicy: Always diff --git a/kubernetes/pnda/charts/dcae-pnda-bootstrap/resources/scripts/bootstrap.sh b/kubernetes/pnda/charts/dcae-pnda-bootstrap/resources/scripts/bootstrap.sh index 1c2608ac7d..e9b6f34bd3 100644 --- a/kubernetes/pnda/charts/dcae-pnda-bootstrap/resources/scripts/bootstrap.sh +++ b/kubernetes/pnda/charts/dcae-pnda-bootstrap/resources/scripts/bootstrap.sh @@ -49,17 +49,21 @@ KUBE_TOKEN=$(cat /var/run/secrets/kubernetes.io/serviceaccount/token) for i in 1 2 3 4 5 6 7 8 9 do - MIRROR_IP=$(curl -s $KUBE_API/namespaces/{{ include "common.namespace" . }}/services/dcae-pnda-mirror \ - --header "Authorization: Bearer $KUBE_TOKEN" \ - --insecure | jq -r '.status.loadBalancer.ingress[0].ip') + MIRROR_IP=$(curl -s $KUBE_API/namespaces/{{ include "common.namespace" . }}/pods \ + --header "Authorization: Bearer $KUBE_TOKEN" \ + --insecure | jq -r '.items[].status | select(.containerStatuses != null) | select(.containerStatuses[].ready and .containerStatuses[].name=="dcae-pnda-mirror") | .hostIP') + MIRROR_PORT=$(curl -s $KUBE_API/namespaces/{{ include "common.namespace" . }}/services/dcae-pnda-mirror \ + --header "Authorization: Bearer $KUBE_TOKEN" \ + --insecure | jq -r '.spec.ports[] | select(.name=="dcae-pnda-mirror") | .nodePort') - if [ "$MIRROR_IP" != "null" ]; then + if [ "x${MIRROR_IP}" != "xnull" -a "x${MIRROR_PORT}" != "xnull" ]; then + PNDA_MIRROR="http://$MIRROR_IP:$MIRROR_PORT" break fi sleep 5 done -PNDA_MIRROR="http://$MIRROR_IP:80" +[ -z "${PNDA_MIRROR}" ] && { echo "Unable to get PNDA mirror IP:PORT"; exit 1; } sed -i -e 's?CLIENT_IP/32?CLIENT_IP?' bootstrap-scripts/package-install.sh diff --git a/kubernetes/pnda/charts/dcae-pnda-bootstrap/values.yaml b/kubernetes/pnda/charts/dcae-pnda-bootstrap/values.yaml index 43f35b62d1..e22b8d26e7 100644 --- a/kubernetes/pnda/charts/dcae-pnda-bootstrap/values.yaml +++ b/kubernetes/pnda/charts/dcae-pnda-bootstrap/values.yaml @@ -18,7 +18,7 @@ # Global configuration defaults. ################################################################# global: - nodePortPrefix: 302 + nodePortPrefixExt: 304 readinessRepository: oomk8s readinessImage: readiness-check:2.0.0 loggingRepository: docker.elastic.co diff --git a/kubernetes/pnda/charts/dcae-pnda-mirror/templates/service.yaml b/kubernetes/pnda/charts/dcae-pnda-mirror/templates/service.yaml index b233a17348..fd376d16bb 100644 --- a/kubernetes/pnda/charts/dcae-pnda-mirror/templates/service.yaml +++ b/kubernetes/pnda/charts/dcae-pnda-mirror/templates/service.yaml @@ -30,7 +30,7 @@ spec: ports: {{if eq .Values.service.type "NodePort" -}} - port: {{ .Values.service.externalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{ .Values.service.nodePort }} name: {{ .Values.service.portName }} {{- else -}} - port: {{ .Values.service.externalPort }} diff --git a/kubernetes/pnda/charts/dcae-pnda-mirror/values.yaml b/kubernetes/pnda/charts/dcae-pnda-mirror/values.yaml index 6f346b8a8d..34de52a7be 100644 --- a/kubernetes/pnda/charts/dcae-pnda-mirror/values.yaml +++ b/kubernetes/pnda/charts/dcae-pnda-mirror/values.yaml @@ -18,7 +18,7 @@ # Global configuration defaults. ################################################################# global: - nodePortPrefix: 302 + nodePortPrefixExt: 304 readinessRepository: oomk8s readinessImage: readiness-check:2.0.0 loggingRepository: docker.elastic.co @@ -59,9 +59,9 @@ readiness: periodSeconds: 10 service: - type: LoadBalancer - name: dcae-pnda-mirror - portName: client + type: NodePort + portName: dcae-pnda-mirror + nodePort: "00" externalPort: 80 internalPort: 80 diff --git a/kubernetes/policy/resources/config/pe/push-policies.sh b/kubernetes/policy/resources/config/pe/push-policies.sh index f591096cd3..9074b9a63a 100644 --- a/kubernetes/policy/resources/config/pe/push-policies.sh +++ b/kubernetes/policy/resources/config/pe/push-policies.sh @@ -139,6 +139,26 @@ curl -k -v --silent -X PUT --header 'Content-Type: application/json' --header 'A } }' 'https://{{.Values.global.pdp.nameOverride}}:{{.Values.config.pdpPort}}/pdp/api/createPolicy' +sleep 2 + +echo "Create BRMSParamCCVPN Policy" +curl -k -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/html' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "policyConfigType": "BRMS_PARAM", + "policyName": "com.BRMSParamCCVPN", + "policyDescription": "BRMS Param CCVPN policy", + "policyScope": "com", + "attributes": { + "MATCHING": { + "controller" : "amsterdam" + }, + "RULE": { + "templateName": "ClosedLoopControlName", + "closedLoopControlName": "ControlLoop-CCVPN-2179b738-fd36-4843-a71a-a8c24c70c66b", + "controlLoopYaml": "controlLoop%3A%0D%0A++version%3A+2.0.0%0D%0A++controlLoopName%3A+ControlLoop-CCVPN-2179b738-fd36-4843-a71a-a8c24c70c66b%0D%0A++trigger_policy%3A+unique-policy-id-16-Reroute%0D%0A++timeout%3A+3600%0D%0A++abatement%3A+false%0D%0A+%0D%0Apolicies%3A%0D%0A++-+id%3A+unique-policy-id-16-Reroute%0D%0A++++name%3A+Connectivity Reroute%0D%0A++++description%3A%0D%0A++++actor%3A+SDNC%0D%0A++++recipe%3A+Reroute%0D%0A++++target%3A%0D%0A++++++type%3A+VM%0D%0A++++retry%3A+3%0D%0A++++timeout%3A+1200%0D%0A++++success%3A+final_success%0D%0A++++failure%3A+final_failure%0D%0A++++failure_timeout%3A+final_failure_timeout%0D%0A++++failure_retries%3A+final_failure_retries%0D%0A++++failure_exception%3A+final_failure_exception%0D%0A++++failure_guard%3A+final_failure_guard" + } + } +}' 'https://{{.Values.global.pdp.nameOverride}}:{{.Values.config.pdpPort}}/pdp/api/createPolicy' + #########################################Create Micro Service Config policies########################################## echo "Create MicroService Config Policies" @@ -414,6 +434,15 @@ curl -k -v --silent -X PUT --header 'Content-Type: application/json' --header 'A "policyType": "BRMS_Param" }' 'https://{{.Values.global.pdp.nameOverride}}:{{.Values.config.pdpPort}}/pdp/api/pushPolicy' +sleep 2 + +echo "pushPolicy : PUT : com.BRMSParamCCVPN" +curl -k -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "pdpGroup": "default", + "policyName": "com.BRMSParamCCVPN", + "policyType": "BRMS_Param" +}' 'https://{{.Values.global.pdp.nameOverride}}:{{.Values.config.pdpPort}}/pdp/api/pushPolicy' + #########################################Pushing MicroService Config policies########################################## echo "Pushing MicroService Config policies" diff --git a/kubernetes/pomba/charts/pomba-contextaggregator/resources/config/builders/sdnc.properties b/kubernetes/pomba/charts/pomba-contextaggregator/resources/config/builders/sdnc.properties new file mode 100644 index 0000000000..b36f0c3175 --- /dev/null +++ b/kubernetes/pomba/charts/pomba-contextaggregator/resources/config/builders/sdnc.properties @@ -0,0 +1,27 @@ +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +server.host={{ .Values.config.sdncCtxBuilderHost }} +basicauth.username={{ .Values.config.sdncCtxBuilderUsername }} +basicauth.password={{ .Values.config.sdncCtxBuilderPassword }} +server.port={{ .Values.config.ctxBuilderExternalPort }} +server.protocol=http +trust.store.path=/auth/tomcat_keystore +key.store.path=/auth/aai-client-cert.p12 +key.store.password=70c87528c88dcd9f9c2558d30e817868 +key.store.type=PKCS12 +key.manager.factory.algorithm=SunX509 +security.protocol=TLS +connection.timeout.ms=60000 +read.timeout.ms=60000 +base.uri=/sdnccontextbuilder/v1/service/context diff --git a/kubernetes/pomba/charts/pomba-data-router/templates/deployment.yaml b/kubernetes/pomba/charts/pomba-data-router/templates/deployment.yaml index 3244a74f1f..cb5c210da9 100644 --- a/kubernetes/pomba/charts/pomba-data-router/templates/deployment.yaml +++ b/kubernetes/pomba/charts/pomba-data-router/templates/deployment.yaml @@ -111,6 +111,8 @@ spec: name: {{ include "common.fullname" . }}-dynamic-policy - mountPath: /logs/ name: {{ include "common.fullname" . }}-logs + resources: +{{ include "common.resources" . | indent 10 }} ports: - containerPort: {{ .Values.service.internalPort }} {{- if eq .Values.liveness.enabled true }} diff --git a/kubernetes/pomba/charts/pomba-sdncctxbuilder/.helmignore b/kubernetes/pomba/charts/pomba-sdncctxbuilder/.helmignore new file mode 100644 index 0000000000..f0c1319444 --- /dev/null +++ b/kubernetes/pomba/charts/pomba-sdncctxbuilder/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/kubernetes/pomba/charts/pomba-sdncctxbuilder/Chart.yaml b/kubernetes/pomba/charts/pomba-sdncctxbuilder/Chart.yaml new file mode 100644 index 0000000000..c9dad032aa --- /dev/null +++ b/kubernetes/pomba/charts/pomba-sdncctxbuilder/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: ONAP POMBA SDNC Context Builder +name: pomba-sdncctxbuilder +version: 3.0.0 diff --git a/kubernetes/pomba/charts/pomba-sdncctxbuilder/requirements.yaml b/kubernetes/pomba/charts/pomba-sdncctxbuilder/requirements.yaml new file mode 100644 index 0000000000..cf4086962c --- /dev/null +++ b/kubernetes/pomba/charts/pomba-sdncctxbuilder/requirements.yaml @@ -0,0 +1,18 @@ +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~3.0.0 + repository: '@local' diff --git a/kubernetes/pomba/charts/pomba-sdncctxbuilder/resources/config/application.properties b/kubernetes/pomba/charts/pomba-sdncctxbuilder/resources/config/application.properties new file mode 100644 index 0000000000..e9bd107d94 --- /dev/null +++ b/kubernetes/pomba/charts/pomba-sdncctxbuilder/resources/config/application.properties @@ -0,0 +1,67 @@ +# Copyright © 2019 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License + +spring.jersey.type=filter +spring.mvc.urls=swagger,docs,prometheus,auditevents,info,heapdump,autoconfig,beans,loggers,dump,env,trace,health,configprops,mappings,metrics,webjars +camel.springboot.xmlRoutes = file:config/dynamic/routes/*.route +service.xml.beans = config/dynamic/conf/*.xml + +server.contextPath=/sdnccontextbuilder/v1 +spring.autoconfigure.exclude=org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration,org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration + +#This property is used to set the Tomcat connector attributes.developers can define multiple attributes separated by comma +#tomcat.connector.attributes=allowTrace-true +#The max number of active threads in this pool +server.tomcat.max-threads=200 +#The minimum number of threads always kept alive +server.tomcat.min-spare-threads=25 + +# Basic Authorization credentials for SDNC Context Builder REST Service +sdncCtxBuilder.userId={{ .Values.config.sdncCtxBuilderUserId }} +sdncCtxBuilder.password={{ .Values.config.sdncCtxBuilderPassword }} + +# AAI REST Client Configuration +aai.serviceName={{ .Values.config.aaiServiceName }}.{{.Release.Namespace}} +aai.servicePort={{ .Values.config.aaiPort }} +aai.username={{ .Values.config.aaiUsername }} +aai.password={{ .Values.config.aaiPassword }} +aai.httpProtocol={{ .Values.config.aaiHttpProtocol }} +aai.authentication={{ .Values.config.aaiAuthentication }} +aai.trustStorePath={{ .Values.config.aaiTrustStorePath }} +aai.keyStorePath={{ .Values.config.aaiKeyStorePath }} +aai.keyStorePassword={{ .Values.config.aaiKeyStorePassword }} +aai.connectionTimeout={{ .Values.config.aaiConnectionTimeout }} +aai.readTimeout={{ .Values.config.aaiReadTimeout }} + +# HTTP Basic Authorization credentials for AAI Rest Service API +aai.http.userId={{ .Values.config.aaiHttpUserId }} +aai.http.password={{ .Values.config.aaiHttpPassword }} + +aai.searchNodeQuery=/aai/v11/search/nodes-query?search-node-type=service-instance&filter=service-instance-id:EQUALS: +aai.customerQuery=/aai/v11/business/customers/customer/ +aai.serviceInstancePath=/aai/v11/business/customers/customer/{0}/service-subscriptions/service-subscription/{1}/service-instances/service-instance/{2} + +# SDNC REST Client Configuration +sdnc.serviceName={{ .Values.config.sdncServiceName }}.{{.Release.Namespace}} +sdnc.servicePort={{ .Values.config.sdncPort }} +sdnc.user={{ .Values.config.sdncUsername }} +sdnc.password={{ .Values.config.sdncPassword }} +sdnc.httpProtocol={{ .Values.config.sdncHttpProtocol }} +sdnc.connectionTimeout={{ .Values.config.sdncConnectionTimeout }} +sdnc.readTimeout={{ .Values.config.sdncReadTimeout }} +sdnc.genericResourcePath=/restconf/config/GENERIC-RESOURCE-API:services/service/{0} +sdnc.vnfPath=/restconf/config/VNF-API:vnfs/vnf-list/{0} + +#Servlet context parameters +server.context_parameters.p-name=value #context parameter with p-name as key and value as value. diff --git a/kubernetes/pomba/charts/pomba-sdncctxbuilder/resources/config/logback.xml b/kubernetes/pomba/charts/pomba-sdncctxbuilder/resources/config/logback.xml new file mode 100644 index 0000000000..bedfdcfc90 --- /dev/null +++ b/kubernetes/pomba/charts/pomba-sdncctxbuilder/resources/config/logback.xml @@ -0,0 +1,235 @@ +<configuration scan="true" scanPeriod="10 seconds" debug="false"> + <jmxConfigurator /> + <property name="logDirectory" value="/var/log/onap/pomba-aaictxbuilder" /> + <!-- Example evaluator filter applied against console appender --> + <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> + <!-- filter class="ch.qos.logback.classic.filter.LevelFilter"> <level>ERROR</level> + <onMatch>ACCEPT</onMatch> <onMismatch>DENY</onMismatch> </filter --> + <!-- deny all events with a level below INFO, that is TRACE and DEBUG --> + <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> + <level>INFO</level> + </filter> + <encoder> + <pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n + </pattern> + </encoder> + </appender> + + <appender name="ERROR" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> + <level>INFO</level> + </filter> + <file>${logDirectory}/error.log</file> + <append>true</append> + <encoder> + <pattern>%date{"yyyy-MM-dd'T'HH:mm:ss,SSSXXX", UTC}|%X{RequestId}|%.20thread|%X{ServiceName}|%X{PartnerName}|%X{TargetEntity}|%X{TargetServiceName}|%.-5level|%X{ErrorCode}|%X{ErrorDescription}|%msg%n</pattern> + </encoder> + <rollingPolicy + class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <maxIndex>10</maxIndex> + <FileNamePattern>${logDirectory}/error.%i.log.zip + </FileNamePattern> + </rollingPolicy> + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>10MB</maxFileSize> + </triggeringPolicy> + </appender> + + <appender name="DEBUG" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/debug.log</file> + <append>true</append> + <encoder> + <pattern>%date{"yyyy-MM-dd'T'HH:mm:ss,SSSXXX",UTC}|%X{RequestId}|%.20thread|%.-5level|%logger{36}|%msg%n</pattern> + </encoder> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/debug.%d{yyyy-MM-dd}.%i.log.zip</fileNamePattern> + <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP"> + <maxFileSize>10MB</maxFileSize> + </timeBasedFileNamingAndTriggeringPolicy> + <maxHistory>5</maxHistory> + </rollingPolicy> + </appender> + + <appender name="AUDIT" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/audit.log</file> + <append>true</append> + <encoder> + <pattern>%X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|%msg%n + </pattern> + </encoder> + <rollingPolicy + class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <maxIndex>10</maxIndex> + <FileNamePattern>${logDirectory}/audit.%i.log.zip + </FileNamePattern> + </rollingPolicy> + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>10MB</maxFileSize> + </triggeringPolicy> + </appender> + <appender name="asyncEELFAudit" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>256</queueSize> + <appender-ref ref="AUDIT" /> + </appender> + + <appender name="METRIC" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/metric.log</file> + <append>true</append> + <encoder> + <pattern>%X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{TargetEntity}|%X{TargetServiceName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{TargetVirtualEntity}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}| + %msg%n</pattern> + </encoder> + <rollingPolicy + class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <maxIndex>10</maxIndex> + <FileNamePattern>${logDirectory}/metric.%i.log.zip + </FileNamePattern> + </rollingPolicy> + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>10MB</maxFileSize> + </triggeringPolicy> + </appender> + <appender name="asyncEELFMetrics" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>256</queueSize> + <appender-ref ref="METRIC" /> + </appender> + + <!-- SECURITY related loggers --> + <appender name="SECURITY" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/security.log</file> + <append>true</append> + <encoder> + <pattern>%X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|%msg%n + </pattern> + </encoder> + <rollingPolicy + class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <maxIndex>10</maxIndex> + <FileNamePattern>${logDirectory}/security.%i.log.zip + </FileNamePattern> + </rollingPolicy> + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>10MB</maxFileSize> + </triggeringPolicy> + </appender> + <appender name="asyncEELFSecurity" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>256</queueSize> + <appender-ref ref="SECURITY" /> + </appender> + + <!-- CLDS related loggers --> + <logger name="org.onap.pomba.clds" level="INFO" additivity="true"> + <appender-ref ref="ERROR" /> + </logger> + + <!-- CLDS related loggers --> + <logger name="com.att.eelf.error" level="OFF" additivity="true"> + <appender-ref ref="ERROR" /> + </logger> + <!-- EELF related loggers --> + <logger name="com.att.eelf.audit" level="INFO" additivity="false"> + <appender-ref ref="asyncEELFAudit" /> + </logger> + <logger name="com.att.eelf.metrics" level="DEBUG" additivity="false"> + <appender-ref ref="asyncEELFMetrics" /> + </logger> + <logger name="com.att.eelf.security" level="DEBUG" additivity="false"> + <appender-ref ref="asyncEELFSecurity" /> + </logger> + + + <!-- Spring related loggers --> + <logger name="org.springframework" level="WARN" /> + <logger name="org.springframework.beans" level="WARN" /> + <logger name="org.springframework.web" level="WARN" /> + <logger name="com.blog.spring.jms" level="WARN" /> + + <!-- Other Loggers that may help troubleshoot --> + <logger name="net.sf" level="WARN" /> + <logger name="org.apache.commons.httpclient" level="WARN" /> + <logger name="org.apache.commons" level="WARN" /> + <logger name="org.apache.coyote" level="WARN" /> + <logger name="org.apache.jasper" level="WARN" /> + + <!-- Camel Related Loggers (including restlet/servlet/jaxrs/cxf logging. + May aid in troubleshooting) --> + <logger name="org.apache.camel" level="WARN" /> + <logger name="org.apache.cxf" level="WARN" /> + <logger name="org.apache.camel.processor.interceptor" level="WARN" /> + <logger name="org.apache.cxf.jaxrs.interceptor" level="WARN" /> + <logger name="org.apache.cxf.service" level="WARN" /> + <logger name="org.restlet" level="DEBUG" /> + <logger name="org.apache.camel.component.restlet" level="DEBUG" /> + + <!-- logback internals logging --> + <logger name="ch.qos.logback.classic" level="INFO" /> + <logger name="ch.qos.logback.core" level="INFO" /> + + <!-- logback jms appenders & loggers definition starts here --> + <!-- logback jms appenders & loggers definition starts here --> + <appender name="auditLogs" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> + </filter> + <file>${logDirectory}/Audit.log</file> + <rollingPolicy + class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <fileNamePattern>${logDirectory}/Audit.%i.log.zip + </fileNamePattern> + <minIndex>1</minIndex> + <maxIndex>9</maxIndex> + </rollingPolicy> + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>5MB</maxFileSize> + </triggeringPolicy> + <encoder> + <pattern>"%d [%thread] %-5level %logger{1024} - %msg%n"</pattern> + </encoder> + </appender> + <appender name="perfLogs" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> + </filter> + <file>${logDirectory}/Perform.log</file> + <rollingPolicy + class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <fileNamePattern>${logDirectory}/Perform.%i.log.zip + </fileNamePattern> + <minIndex>1</minIndex> + <maxIndex>9</maxIndex> + </rollingPolicy> + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>5MB</maxFileSize> + </triggeringPolicy> + <encoder> + <pattern>"%d [%thread] %-5level %logger{1024} - %msg%n"</pattern> + </encoder> + </appender> + <logger name="AuditRecord" level="INFO" additivity="FALSE"> + <appender-ref ref="auditLogs" /> + </logger> + <logger name="AuditRecord_DirectCall" level="INFO" additivity="FALSE"> + <appender-ref ref="auditLogs" /> + </logger> + <logger name="PerfTrackerRecord" level="INFO" additivity="FALSE"> + <appender-ref ref="perfLogs" /> + </logger> + <!-- logback jms appenders & loggers definition ends here --> + + <root level="WARN"> + <appender-ref ref="DEBUG" /> + <appender-ref ref="STDOUT" /> + </root> + +</configuration> diff --git a/kubernetes/pomba/charts/pomba-sdncctxbuilder/templates/configmap.yaml b/kubernetes/pomba/charts/pomba-sdncctxbuilder/templates/configmap.yaml new file mode 100644 index 0000000000..7c47fea02c --- /dev/null +++ b/kubernetes/pomba/charts/pomba-sdncctxbuilder/templates/configmap.yaml @@ -0,0 +1,30 @@ +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-log + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/logback.xml").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-configmap + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/application.properties").AsConfig . | indent 2 }} diff --git a/kubernetes/pomba/charts/pomba-sdncctxbuilder/templates/deployment.yaml b/kubernetes/pomba/charts/pomba-sdncctxbuilder/templates/deployment.yaml new file mode 100644 index 0000000000..ca96dc6a12 --- /dev/null +++ b/kubernetes/pomba/charts/pomba-sdncctxbuilder/templates/deployment.yaml @@ -0,0 +1,111 @@ +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.internalPort }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{ if .Values.liveness.enabled }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end }} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + env: + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - name: {{ include "common.fullname" . }}-logs + mountPath: /var/log/onap + - mountPath: /opt/app/config/logback.xml + name: {{ include "common.fullname" . }}-log-conf + subPath: logback.xml + - mountPath: /opt/app/config/application.properties + name: {{ include "common.fullname" . }}-config + subPath: application.properties + readOnly: true + + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + + # Filebeat sidecar container + - name: {{ include "common.name" . }}-filebeat-onap + image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - name: {{ include "common.fullname" . }}-filebeat-conf + mountPath: /usr/share/filebeat/filebeat.yml + subPath: filebeat.yml + - name: {{ include "common.fullname" . }}-data-filebeat + mountPath: /usr/share/filebeat/data + - name: {{ include "common.fullname" . }}-logs + mountPath: /var/log/onap + + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: {{ include "common.fullname" . }}-config + configMap: + name: {{ include "common.fullname" . }}-configmap + - name: {{ include "common.fullname" . }}-log-conf + configMap: + name: {{ include "common.fullname" . }}-log + - name: {{ include "common.fullname" . }}-filebeat-conf + configMap: + name: {{ .Release.Name }}-pomba-filebeat-configmap + - name: {{ include "common.fullname" . }}-data-filebeat + emptyDir: {} + - name: {{ include "common.fullname" . }}-logs + emptyDir: {} + + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/pomba/charts/pomba-sdncctxbuilder/templates/service.yaml b/kubernetes/pomba/charts/pomba-sdncctxbuilder/templates/service.yaml new file mode 100644 index 0000000000..defd063d2f --- /dev/null +++ b/kubernetes/pomba/charts/pomba-sdncctxbuilder/templates/service.yaml @@ -0,0 +1,41 @@ +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort }} + #Example internal target port if required + #targetPort: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName | default "http" }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName | default "http" }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} diff --git a/kubernetes/pomba/charts/pomba-sdncctxbuilder/values.yaml b/kubernetes/pomba/charts/pomba-sdncctxbuilder/values.yaml new file mode 100644 index 0000000000..1627328ceb --- /dev/null +++ b/kubernetes/pomba/charts/pomba-sdncctxbuilder/values.yaml @@ -0,0 +1,119 @@ +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + repository: nexus3.onap.org:10001 + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/pomba-sdnc-context-builder:1.4.0-SNAPSHOT-latest +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration +# Example: +config: + # AAI Rest Client Connection + aaiServiceName: aai + aaiPort: 8443 + aaiUsername: AAI + aaiPassword: OBF:1gfr1ev31gg7 + aaiHttpProtocol: https + aaiAuthentication: basic_auth + aaiTrustStorePath: n/a + aaiKeyStorePath: n/a + aaiKeyStorePassword: n/a + aaiConnectionTimeout: 5000 + aaiReadTimeout: 1000 + # HTTP Basic Authorization credentials for Rest Service API + aaiHttpUserId: admin + aaiHttpPassword: OBF:1u2a1toa1w8v1tok1u30 + sdncCtxBuilderUserId: admin + sdncCtxBuilderPassword: OBF:1u2a1toa1w8v1tok1u30 + + # SDNC Rest Client Connection + sdncServiceName: sdnc + sdncPort: 8443 + sdncUsername: SDNC + sdncPassword: OBF:1gfr1ev31gg7 + sdncHttpProtocol: https + sdncConnectionTimeout: 5000 + sdncReadTimeout: 1000 + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + +#Example service definition with external, internal and node ports. +service: + # The default service name (exposed in the service.yaml) will be the same + # name as the chart. If the service name needs to be overriden (such as + # when a subchart is shared), uncomment the value below. + #name: <service-name-override> + + #Services may use any combination of ports depending on the 'type' of + #service being defined. + type: ClusterIP + externalPort: 9530 + internalPort: 8080 +# nodePort: <replace with unused node port suffix eg. 23> + # optional port name override - default can be defined in service.yaml + #portName: http + +ingress: + enabled: false + +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 1 + memory: 800Mi + requests: + cpu: 100m + memory: 400Mi + large: + limits: + cpu: 2 + memory: 1600Mi + requests: + cpu: 200m + memory: 800Mi + unlimited: {}
\ No newline at end of file diff --git a/kubernetes/portal/charts/portal-mariadb/resources/config/mariadb/oom_updates.sql b/kubernetes/portal/charts/portal-mariadb/resources/config/mariadb/oom_updates.sql index 964e3e8cdd..f6120e4254 100644 --- a/kubernetes/portal/charts/portal-mariadb/resources/config/mariadb/oom_updates.sql +++ b/kubernetes/portal/charts/portal-mariadb/resources/config/mariadb/oom_updates.sql @@ -1,62 +1,75 @@ -/*
-# Copyright © 2018 Amdocs, Bell Canada, AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-*/
-
-USE portal;
-/*
-Any updates required by OOM to the portaldb are made here.
-1. split up SDC-FE and SDC-BE. Originally both FE and BE point to the same IP
-while the OOM K8s version has these service split up.
-*/
--- app_url is the FE, app_rest_endpoint is the BE
---portal-sdk => TODO: doesn't open a node port yet
-update fn_app set app_url = 'http://{{.Values.config.portalSdkHostName}}:{{.Values.config.portalSdkPort}}/ONAPPORTALSDK/welcome.htm', app_rest_endpoint = 'http://portal-sdk:8080/ONAPPORTALSDK/api/v3' where app_name = 'xDemo App';
---dmaap-bc => the dmaap-bc doesn't open a node port..
-update fn_app set app_url = 'http://{{.Values.config.dmaapBcHostName}}:{{.Values.config.dmaapBcPort}}/ECOMPDBCAPP/dbc#/dmaap', app_rest_endpoint = 'http://dmaap-bc:8989/ECOMPDBCAPP/api/v2' where app_name = 'DMaaP Bus Ctrl';
---sdc-be => 8443:30204, 8080:30205
---sdc-fe => 8181:30206, 9443:30207
-update fn_app set app_url = 'http://{{.Values.config.sdcFeHostName}}:{{.Values.config.sdcFePort}}/sdc1/portal', app_rest_endpoint = 'http://sdc-be:8080/api/v3' where app_name = 'SDC';
---pap => 8443:30219
-update fn_app set app_url = 'https://{{.Values.config.papHostName}}:{{.Values.config.papPort}}/onap/policy', app_rest_endpoint = 'https://pap:8443/onap/api/v3' where app_name = 'Policy';
---vid => 8080:30200
-update fn_app set app_url = 'https://{{.Values.config.vidHostName}}:{{.Values.config.vidPort}}/vid/welcome.htm', app_rest_endpoint = 'https://vid:8443/vid/api/v3' where app_name = 'Virtual Infrastructure Deployment';
---sparky => TODO: sparky doesn't open a node port yet
-update fn_app set app_url = 'http://{{.Values.config.aaiSparkyHostName}}:{{.Values.config.aaiSparkyPort}}/services/aai/webapp/index.html#/viewInspect', app_rest_endpoint = 'http://aai-sparky-be.{{.Release.Namespace}}:9517/api/v2' where app_name = 'A&AI UI';
---cli => 8080:30260
-update fn_app set app_url = 'http://{{.Values.config.cliHostName}}:{{.Values.config.cliPort}}/', app_type = 1 where app_name = 'CLI';
---msb-iag => 80:30280
-update fn_app set app_url = 'http://{{.Values.config.msbHostName}}:{{.Values.config.msbPort}}/iui/microservices/default.html' where app_name = 'MSB';
-
-
-/*
-Additionally, some more update statments; these should be refactored to another SQL file in future releases
-*/
-
--- portal
-update fn_app set auth_central = 'Y' , auth_namespace = 'org.onap.portal' where app_id = 1;
--- portal-sdk
-update fn_app set app_username='Default', app_password='2VxipM8Z3SETg32m3Gp0FvKS6zZ2uCbCw46WDyK6T5E=', ueb_key='ueb_key' where app_id = 2;
--- SDC
-update fn_app set app_username='sdc', app_password='j85yNhyIs7zKYbR1VlwEfNhS6b7Om4l0Gx5O8931sCI=', ueb_key='ueb_key' where app_id = 4;
--- policy
-update fn_app set app_username='Default', app_password='2VxipM8Z3SETg32m3Gp0FvKS6zZ2uCbCw46WDyK6T5E=', ueb_key='ueb_key_5', auth_central = 'Y' , auth_namespace = 'org.onap.policy' where app_id = 5;
--- vid
-update fn_app set app_username='Default', app_password='2VxipM8Z3SETg32m3Gp0FvKS6zZ2uCbCw46WDyK6T5E=', ueb_key='2Re7Pvdkgw5aeAUD', auth_central = 'Y' , auth_namespace = 'org.onap.vid' where app_id = 6;
--- aai sparky
-update fn_app set app_username='aaiui', app_password='4LK69amiIFtuzcl6Gsv97Tt7MLhzo03aoOx7dTvdjKQ=', ueb_key='ueb_key' where app_id = 7;
-
-
-
+/* +# Copyright © 2018 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +*/ + +USE portal; +/* +Any updates required by OOM to the portaldb are made here. +1. split up SDC-FE and SDC-BE. Originally both FE and BE point to the same IP +while the OOM K8s version has these service split up. +*/ +-- app_url is the FE, app_rest_endpoint is the BE +--portal-sdk => TODO: doesn't open a node port yet +update fn_app set app_url = 'http://{{.Values.config.portalSdkHostName}}:{{.Values.config.portalSdkPort}}/ONAPPORTALSDK/welcome.htm', app_rest_endpoint = 'http://portal-sdk:8080/ONAPPORTALSDK/api/v3' where app_name = 'xDemo App'; +--dmaap-bc => the dmaap-bc doesn't open a node port.. +update fn_app set app_url = 'http://{{.Values.config.dmaapBcHostName}}:{{.Values.config.dmaapBcPort}}/ECOMPDBCAPP/dbc#/dmaap', app_rest_endpoint = 'http://dmaap-bc:8989/ECOMPDBCAPP/api/v2' where app_name = 'DMaaP Bus Ctrl'; +--sdc-be => 8443:30204, 8080:30205 +--sdc-fe => 8181:30206, 9443:30207 +update fn_app set app_url = 'http://{{.Values.config.sdcFeHostName}}:{{.Values.config.sdcFePort}}/sdc1/portal', app_rest_endpoint = 'http://sdc-be:8080/api/v3' where app_name = 'SDC'; +--pap => 8443:30219 +update fn_app set app_url = 'https://{{.Values.config.papHostName}}:{{.Values.config.papPort}}/onap/policy', app_rest_endpoint = 'https://pap:8443/onap/api/v3' where app_name = 'Policy'; +--vid => 8080:30200 +update fn_app set app_url = 'https://{{.Values.config.vidHostName}}:{{.Values.config.vidPort}}/vid/welcome.htm', app_rest_endpoint = 'https://vid:8443/vid/api/v3' where app_name = 'Virtual Infrastructure Deployment'; +--sparky => TODO: sparky doesn't open a node port yet +update fn_app set app_url = 'http://{{.Values.config.aaiSparkyHostName}}:{{.Values.config.aaiSparkyPort}}/services/aai/webapp/index.html#/viewInspect', app_rest_endpoint = 'http://aai-sparky-be.{{.Release.Namespace}}:9517/api/v2' where app_name = 'A&AI UI'; +--cli => 8080:30260 +update fn_app set app_url = 'http://{{.Values.config.cliHostName}}:{{.Values.config.cliPort}}/', app_type = 1 where app_name = 'CLI'; +--msb-iag => 80:30280 +update fn_app set app_url = 'http://{{.Values.config.msbHostName}}:{{.Values.config.msbPort}}/iui/microservices/default.html' where app_name = 'MSB'; + + +/* +Create SO-Monitoring App +*/ +INSERT IGNORE INTO `fn_app` (`app_id`, `app_name`, `app_image_url`, `app_description`, `app_notes`, `app_url`, `app_alternate_url`, `app_rest_endpoint`, `ml_app_name`, `ml_app_admin_id`, `mots_id`, `app_password`, `open`, `enabled`, `thumbnail`, `app_username`, `ueb_key`, `ueb_secret`, `ueb_topic_name`, `app_type`,`auth_central`,`auth_namespace`) VALUES +(10, 'SO-Monitoring', 'images/cache/portal-345993588_92550.png', NULL, NULL, 'http://{{.Values.config.soMonitoringHostName}}:{{.Values.soMonitoringPort}}', NULL, 'http://so-monitoring:30224', '', '', NULL, 'password', 'Y', 'Y', NULL, 'user', '', '', '', 1,'N','SO-Monitoring'); + +/* +Add SO Monitoring to Default apps +*/ +INSERT IGNORE INTO `fn_pers_user_app_sel` VALUES (10,1,10,'S'); + +/* +Add Contact information for SO Monitoring +*/ +INSERT IGNORE INTO `fn_app_contact_us` (app_id, contact_name, contact_email, url, active_yn, description) VALUES ( 10,"SO Team","so@lists.onap.org","https://wiki.onap.org/display/DW/Approved+Projects",NULL, "Service Orchestration (SO)."); + +/* +Additionally, some more update statments; these should be refactored to another SQL file in future releases +*/ + +-- portal +update fn_app set auth_central = 'Y' , auth_namespace = 'org.onap.portal' where app_id = 1; +-- portal-sdk +update fn_app set app_username='Default', app_password='2VxipM8Z3SETg32m3Gp0FvKS6zZ2uCbCw46WDyK6T5E=', ueb_key='ueb_key' where app_id = 2; +-- SDC +update fn_app set app_username='sdc', app_password='j85yNhyIs7zKYbR1VlwEfNhS6b7Om4l0Gx5O8931sCI=', ueb_key='ueb_key' where app_id = 4; +-- policy +update fn_app set app_username='Default', app_password='2VxipM8Z3SETg32m3Gp0FvKS6zZ2uCbCw46WDyK6T5E=', ueb_key='ueb_key_5', auth_central = 'Y' , auth_namespace = 'org.onap.policy' where app_id = 5; +-- vid +update fn_app set app_username='Default', app_password='2VxipM8Z3SETg32m3Gp0FvKS6zZ2uCbCw46WDyK6T5E=', ueb_key='2Re7Pvdkgw5aeAUD', auth_central = 'Y' , auth_namespace = 'org.onap.vid' where app_id = 6; +-- aai sparky +update fn_app set app_username='aaiui', app_password='4LK69amiIFtuzcl6Gsv97Tt7MLhzo03aoOx7dTvdjKQ=', ueb_key='ueb_key' where app_id = 7;
\ No newline at end of file diff --git a/kubernetes/portal/charts/portal-mariadb/values.yaml b/kubernetes/portal/charts/portal-mariadb/values.yaml index 4b4463af40..d84253d483 100644 --- a/kubernetes/portal/charts/portal-mariadb/values.yaml +++ b/kubernetes/portal/charts/portal-mariadb/values.yaml @@ -68,6 +68,11 @@ config: msbPort: "30280" # application's front end hostname. Must be resolvable on the client side environment msbHostName: "msb.api.simpledemo.onap.org" + # SO Monitoring assignment for port 30224 + soMonitoringPort: "30224" + # application's front end hostname. Must be resolvable on the client side environment + soMonitoringHostName: "http://so-monitoring" + # default number of instances replicaCount: 1 diff --git a/kubernetes/portal/docker/init/mariadb-client/Dockerfile b/kubernetes/portal/docker/init/mariadb-client/Dockerfile index 5eb5ad1843..72f60d35ad 100644 --- a/kubernetes/portal/docker/init/mariadb-client/Dockerfile +++ b/kubernetes/portal/docker/init/mariadb-client/Dockerfile @@ -14,7 +14,7 @@ FROM boxfuse/flyway:5.0.7-alpine -ARG branch=master +ARG branch=3.0.0-ONAP ENV no_proxy "localhost,127.0.0.1,.cluster.local,$KUBERNETES_SERVICE_HOST" # Setup Corporate proxy ENV https_proxy ${HTTP_PROXY} diff --git a/kubernetes/so/charts/so-mariadb/values.yaml b/kubernetes/so/charts/so-mariadb/values.yaml index fa16a7b11e..b1544aa5f7 100755 --- a/kubernetes/so/charts/so-mariadb/values.yaml +++ b/kubernetes/so/charts/so-mariadb/values.yaml @@ -40,7 +40,7 @@ ubuntuInitImage: oomk8s/ubuntu-init:2.0.0 config: mariadbRootPassword: password # gerrit branch where the latest heat code is checked in - gerritBranch: master + gerritBranch: 3.0.0-ONAP # gerrit project where the latest heat code is checked in gerritProject: http://gerrit.onap.org/r/so/docker-config.git # default number of instances diff --git a/kubernetes/so/charts/so-vfc-adapter/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-vfc-adapter/resources/config/overrides/override.yaml index 0eb083dbac..b06a975333 100755 --- a/kubernetes/so/charts/so-vfc-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/charts/so-vfc-adapter/resources/config/overrides/override.yaml @@ -24,6 +24,14 @@ spring: max-total: 20 validation-query: select 1 test-on-borrow: true + security: + usercredentials: + - username: bpel + password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke' + role: BPEL-Client + - username: mso_admin + password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke' + role: ACTUATOR server: port: {{ index .Values.containerPort }} tomcat: |