diff options
200 files changed, 3949 insertions, 1776 deletions
diff --git a/.gitmodules b/.gitmodules index 31bff54529..e01f7e520f 100644 --- a/.gitmodules +++ b/.gitmodules @@ -3,3 +3,9 @@ url = ../aai/oom branch = . ignore = dirty +[submodule "kubernetes/robot"] + path = kubernetes/robot + url = ../testsuite/oom + branch = . + ignore = dirty +
\ No newline at end of file diff --git a/docs/release-notes.rst b/docs/release-notes.rst index dc10400dfb..01e3524666 100644 --- a/docs/release-notes.rst +++ b/docs/release-notes.rst @@ -10,6 +10,19 @@ ONAP Operations Manager Release Notes ===================================== +Version 5.0.0 (El Alto Early Drop) +---------------------------------- + +:Release Date: 2019-08-19 + +Summary +------- + +**Software Requirements** + +* Upgraded to Kubernetes 1.15.x and Helm 1.14.x + + Version 4.0.0 (Dublin Release) ------------------------------ diff --git a/kubernetes/aaf/charts/aaf-cass/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-cass/templates/deployment.yaml index c664d034bb..5bbb1d731f 100644 --- a/kubernetes/aaf/charts/aaf-cass/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-cass/templates/deployment.yaml @@ -32,7 +32,7 @@ spec: spec: containers: - name: {{ include "common.name" . }} - image: {{ .Values.global.repository }}/onap/aaf/aaf_cass:{{.Values.global.aaf.imageVersion}} + image: {{ .Values.global.repository }}/{{.Values.global.aaf.cass.image}} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} # installing with cmd "onap" will not only initialize the DB, but add ONAP bootstrap data as well command: ["/bin/bash","/opt/app/aaf/cass_init/cmd.sh","onap"] diff --git a/kubernetes/aaf/charts/aaf-cm/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-cm/templates/deployment.yaml index 87bcaa4b7c..19d762557a 100644 --- a/kubernetes/aaf/charts/aaf-cm/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-cm/templates/deployment.yaml @@ -32,7 +32,7 @@ spec: spec: initContainers: - name: {{ include "common.name" . }}-config-container - image: {{ .Values.global.repository }}/onap/aaf/aaf_config:{{.Values.global.aaf.imageVersion}} + image: {{ .Values.global.repository }}/{{.Values.global.aaf.config.image}} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: ["bash","-c","cd /opt/app/aaf_config && bin/pod_wait.sh config aaf-service remove && bin/agent.sh"] volumeMounts: @@ -57,14 +57,14 @@ spec: value: "{{ .Values.global.aaf.aaf_release }}" - name: aaf_locator_container_ns value: "{{ .Release.Namespace }}" - - name: aaf_locator_container - value: "oom" - name: aaf_locator_public_fqdn value: "{{.Values.global.aaf.public_fqdn}}" - name: aaf_locator_name value: "{{.Values.global.aaf.aaf_locator_name}}" - name: aaf_locator_name_oom value: "{{.Values.global.aaf.aaf_locator_name_oom}}" + - name: cm_always_ignore_ips + value: "true" - name: CASSANDRA_CLUSTER value: "{{.Values.global.aaf.cass.fqdn}}.{{ .Release.Namespace }}" # - name: CASSANDRA_USER @@ -76,7 +76,7 @@ spec: containers: - name: {{ include "common.name" . }} command: ["/bin/bash","-c","cd /opt/app/aaf && /bin/bash bin/pod_wait.sh aaf-cm aaf-locate && exec bin/cm"] - image: {{ .Values.global.repository }}/onap/aaf/aaf_cm:{{.Values.global.aaf.imageVersion}} + image: {{ .Values.global.repository }}/{{.Values.global.aaf.image}} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: - mountPath: "/opt/app/osaaf" diff --git a/kubernetes/aaf/charts/aaf-fs/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-fs/templates/deployment.yaml index 9f97da96ec..cd72fddb58 100644 --- a/kubernetes/aaf/charts/aaf-fs/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-fs/templates/deployment.yaml @@ -32,7 +32,7 @@ spec: spec: initContainers: - name: {{ include "common.name" . }}-config-container - image: {{ .Values.global.repository }}/onap/aaf/aaf_config:{{.Values.global.aaf.imageVersion}} + image: {{ .Values.global.repository }}/{{.Values.global.aaf.config.image}} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: ["bash","-c","cd /opt/app/aaf_config && bin/pod_wait.sh config aaf-service remove && bin/agent.sh"] volumeMounts: @@ -57,14 +57,14 @@ spec: value: "{{ .Values.global.aaf.aaf_release }}" - name: aaf_locator_container_ns value: "{{ .Release.Namespace }}" - - name: aaf_locator_container - value: "oom" - name: aaf_locator_public_fqdn value: "{{.Values.global.aaf.public_fqdn}}" - name: aaf_locator_name value: "{{.Values.global.aaf.aaf_locator_name}}" - name: aaf_locator_name_oom value: "{{.Values.global.aaf.aaf_locator_name_oom}}" + - name: cm_always_ignore_ips + value: "true" - name: CASSANDRA_CLUSTER value: "{{.Values.global.aaf.cass.fqdn}}.{{ .Release.Namespace }}" # - name: CASSANDRA_USER @@ -72,10 +72,11 @@ spec: # - name: CASSANDRA_PASSWORD # value: "" # - name: CASSANDRA_PORT +# value: "" containers: - name: {{ include "common.name" . }} command: ["/bin/bash","-c","cd /opt/app/aaf && /bin/bash bin/pod_wait.sh aaf-fs aaf-locate && exec bin/fs"] - image: {{ .Values.global.repository }}/onap/aaf/aaf_fs:{{.Values.global.aaf.imageVersion}} + image: {{ .Values.global.repository }}/{{.Values.global.aaf.image}} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: - mountPath: "/opt/app/osaaf" diff --git a/kubernetes/aaf/charts/aaf-gui/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-gui/templates/deployment.yaml index d067b5ec25..4a433cccfd 100644 --- a/kubernetes/aaf/charts/aaf-gui/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-gui/templates/deployment.yaml @@ -32,7 +32,7 @@ spec: spec: initContainers: - name: {{ include "common.name" . }}-config-container - image: {{ .Values.global.repository }}/onap/aaf/aaf_config:{{.Values.global.aaf.imageVersion}} + image: {{ .Values.global.repository }}/{{.Values.global.aaf.config.image}} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: ["bash","-c","cd /opt/app/aaf_config && bin/pod_wait.sh config aaf-service remove && bin/agent.sh"] volumeMounts: @@ -57,14 +57,14 @@ spec: value: "{{ .Values.global.aaf.aaf_release }}" - name: aaf_locator_container_ns value: "{{ .Release.Namespace }}" - - name: aaf_locator_container - value: "oom" - name: aaf_locator_public_fqdn value: "{{.Values.global.aaf.public_fqdn}}" - name: aaf_locator_name value: "{{.Values.global.aaf.aaf_locator_name}}" - name: aaf_locator_name_oom value: "{{.Values.global.aaf.aaf_locator_name_oom}}" + - name: cm_always_ignore_ips + value: "true" - name: CASSANDRA_CLUSTER value: "{{.Values.global.aaf.cass.fqdn}}.{{ .Release.Namespace }}" # - name: CASSANDRA_USER @@ -72,10 +72,11 @@ spec: # - name: CASSANDRA_PASSWORD # value: "" # - name: CASSANDRA_PORT +# value: "" containers: - name: {{ include "common.name" . }} command: ["/bin/bash","-c","cd /opt/app/aaf && /bin/bash bin/pod_wait.sh aaf-gui aaf-locate && exec bin/gui"] - image: {{ .Values.global.repository }}/onap/aaf/aaf_gui:{{.Values.global.aaf.imageVersion}} + image: {{ .Values.global.repository }}/{{.Values.global.aaf.image}} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: - mountPath: "/opt/app/osaaf" diff --git a/kubernetes/aaf/charts/aaf-hello/templates/NOTES.txt b/kubernetes/aaf/charts/aaf-hello/templates/NOTES.txt index bd74a42cd5..ef4d8e7d23 100644 --- a/kubernetes/aaf/charts/aaf-hello/templates/NOTES.txt +++ b/kubernetes/aaf/charts/aaf-hello/templates/NOTES.txt @@ -12,22 +12,3 @@ # See the License for the specific language governing permissions and # limitations under the License. -1. Get the application URL by running these commands: -{{- if .Values.ingress.enabled }} -{{- range .Values.ingress.hosts }} - http://{{ . }} -{{- end }} -{{- else if contains "NodePort" .Values.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT -{{- else if contains "LoadBalancer" .Values.service.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - echo http://$SERVICE_IP:{{ .Values.service.externalPort }} -{{- else if contains "ClusterIP" .Values.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - echo "Visit http://127.0.0.1:8080 to use your application" - kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} -{{- end }} diff --git a/kubernetes/aaf/charts/aaf-hello/templates/aaf-hello-pv.yaml b/kubernetes/aaf/charts/aaf-hello/templates/aaf-hello-pv.yaml new file mode 100644 index 0000000000..066bf38f2f --- /dev/null +++ b/kubernetes/aaf/charts/aaf-hello/templates/aaf-hello-pv.yaml @@ -0,0 +1,48 @@ +{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} +######### +## ============LICENSE_START==================================================== +## org.onap.aaf +## =========================================================================== +## Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. +## =========================================================================== +## Licensed under the Apache License, Version 2.0 (the "License"); +## you may not use this file except in compliance with the License. +## You may obtain a copy of the License at +## +## http://www.apache.org/licenses/LICENSE-2.0 +## +## Unless required by applicable law or agreed to in writing, software +## distributed under the License is distributed on an "AS IS" BASIS, +## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +## See the License for the specific language governing permissions and +## limitations under the License. +## ============LICENSE_END==================================================== +## + +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ .Release.Name }}-aaf-hello-pv + namespace: {{ include "common.namespace" . }} + labels: + app: {{ .Chart.Name }}-hello + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} +spec: + capacity: + storage: {{ .Values.persistence.config.size}} + accessModes: + - {{ .Values.persistence.config.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.config.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.persistence.config.mountPath }} +{{- if .Values.persistence.config.storageClass }} +{{- if (eq "-" .Values.persistence.config.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.config.storageClass }}" +{{- end }} +{{- end }} +{{- end -}} diff --git a/kubernetes/aaf/charts/aaf-hello/templates/aaf-hello-pvc.yaml b/kubernetes/aaf/charts/aaf-hello/templates/aaf-hello-pvc.yaml new file mode 100644 index 0000000000..7c45b8bd7f --- /dev/null +++ b/kubernetes/aaf/charts/aaf-hello/templates/aaf-hello-pvc.yaml @@ -0,0 +1,52 @@ +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +######### +## ============LICENSE_START==================================================== +## org.onap.aaf +## =========================================================================== +## Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. +## =========================================================================== +## Licensed under the Apache License, Version 2.0 (the "License"); +## you may not use this file except in compliance with the License. +## You may obtain a copy of the License at +## +## http://www.apache.org/licenses/LICENSE-2.0 +## +## Unless required by applicable law or agreed to in writing, software +## distributed under the License is distributed on an "AS IS" BASIS, +## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +## See the License for the specific language governing permissions and +## limitations under the License. +## ============LICENSE_END==================================================== +## +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ .Release.Name }}-aaf-hello-pvc + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + selector: + matchLabels: + app: {{ include "common.name" . }}-hello + accessModes: + - {{ .Values.persistence.config.accessMode }} + resources: + requests: + storage: {{ .Values.persistence.config.size }} +{{- if .Values.persistence.config.storageClass }} +{{- if (eq "-" .Values.persistence.config.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.config.storageClass }}" +{{- end }} +{{- end }} +{{- end -}} + diff --git a/kubernetes/aaf/charts/aaf-hello/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-hello/templates/deployment.yaml index 9faa580023..c5fcf68a58 100644 --- a/kubernetes/aaf/charts/aaf-hello/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-hello/templates/deployment.yaml @@ -11,7 +11,6 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - apiVersion: extensions/v1beta1 kind: Deployment metadata: @@ -30,75 +29,71 @@ spec: app: {{ include "common.name" . }} release: {{ .Release.Name }} spec: + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: aaf-hello-vol + persistentVolumeClaim: + claimName: {{ .Release.Name }}-aaf-hello-pvc + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" initContainers: - - name: {{ include "common.name" . }}-config-container - image: {{ .Values.global.repository }}/onap/aaf/aaf_agent:{{.Values.global.aaf.imageVersion}} + - name: {{ include "common.name" . }}-config + image: {{ .Values.global.repository }}/{{.Values.aaf_init.image}} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: - - mountPath: "/opt/app/osaaf/local" + - mountPath: "/opt/app/osaaf" name: aaf-hello-vol - command: ["bash","-c","/opt/app/aaf_config/bin/pod_wait.sh config nc aaf-cm.{{.Release.Namespace}} 8150 remove && cd /opt/app/osaaf/local && /opt/app/aaf_config/bin/agent.sh"] +# NOTE: Before this, need Liveness Attached to aaf-certman + command: ["bash","-c","exec /opt/app/aaf_config/bin/agent.sh"] env: - - name: aaf_env - value: "{{ .Values.global.aaf.aaf_env }}" - - name: cadi_latitude - value: "{{ .Values.global.aaf.cadi_latitude }}" - - name: cadi_longitude - value: "{{ .Values.global.aaf.cadi_longitude }}" + - name: APP_FQI + value: "{{ .Values.aaf_init.fqi }}" - name: aaf_locate_url - value: "https://aaf-locate.{{ .Release.Namespace}}:{{.Values.global.aaf.locate.internal_port}}" - - name: aaf_locator_container - value: "oom" - - name: aaf_release - value: "{{ .Values.global.aaf.aaf_release }}" - - name: aaf_locator_container_ns - value: "{{ .Release.Namespace }}" + value: "https://aaf-locate.{{ .Release.Namespace}}:8095" - name: aaf_locator_container value: "oom" - name: aaf_locator_container_ns value: "{{ .Release.Namespace }}" + - name: aaf_locator_fqdn + value: "{{ .Values.aaf_init.fqdn }}" - name: aaf_locator_app_ns - value: "org.osaaf.aaf" - - name: "APP_FQDN" - value: "{{ .Values.global.aaf.hello.fqdn }}" - - name: "APP_FQI" - value: "aaf@aaf.osaaf.org" - - name: "DEPLOY_FQI" + value: "{{ .Values.aaf_init.app_ns }}" + - name: DEPLOY_FQI value: "deployer@people.osaaf.org" - - name: "DEPLOY_PASSWORD" +# Note: We want to put this in Secrets or at LEAST ConfigMaps + - name: DEPLOY_PASSWORD value: "demo123456!" -# Hello specific. Clients don't necessarily need this +# Note: want to put this on Nodes, evenutally + - name: cadi_longitude + value: "{{ .Values.aaf_init.cadi_longitude }}" + - name: cadi_latitude + value: "{{ .Values.aaf_init.cadi_latitude }}" +# Hello specific. Clients don't don't need this, unless Registering with AAF Locator - name: aaf_locator_public_fqdn value: "{{.Values.global.aaf.public_fqdn}}" - - name: aaf_locator_name - value: "{{.Values.global.aaf.aaf_locator_name}}" - - name: aaf_locator_name_oom - value: "{{.Values.global.aaf.aaf_locator_name_oom}}" - - name: aaf_locator_fqdn_oom - value: "%N.%CNS" containers: - name: {{ include "common.name" . }} - command: ["/bin/bash","-c","cd /opt/app/aaf && exec bin/hello"] - image: {{ .Values.global.repository }}/onap/aaf/aaf_hello:{{.Values.global.aaf.imageVersion}} + command: ["bash","-c","cd /opt/app/aaf && if [ ! -d /opt/app/osaaf/etc ]; then cp -Rf etc logs /opt/app/osaaf; fi && exec bin/hello"] + image: {{ .Values.global.repository }}/{{.Values.service.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: - - mountPath: "/opt/app/osaaf/local" + - mountPath: "/opt/app/osaaf" name: aaf-hello-vol - - mountPath: "/opt/app/aaf/status" - name: aaf-status-vol - mountPath: /etc/localtime name: localtime readOnly: true {{- if eq .Values.liveness.enabled true }} livenessProbe: tcpSocket: - port: {{ .Values.service.internalPort }} + port: {{ .Values.service.port }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} {{ end -}} readinessProbe: tcpSocket: - port: {{ .Values.service.internalPort }} + port: {{ .Values.service.port }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} resources: @@ -111,14 +106,3 @@ spec: affinity: {{ toYaml .Values.affinity | indent 10 }} {{- end }} - volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name: aaf-status-vol - persistentVolumeClaim: - claimName: {{ .Release.Name }}-aaf-status-pvc - - name: aaf-hello-vol - emptyDir: {} - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/aaf/charts/aaf-hello/templates/service.yaml b/kubernetes/aaf/charts/aaf-hello/templates/service.yaml index 102e85d39e..ab89171c50 100644 --- a/kubernetes/aaf/charts/aaf-hello/templates/service.yaml +++ b/kubernetes/aaf/charts/aaf-hello/templates/service.yaml @@ -24,8 +24,8 @@ metadata: heritage: {{ .Release.Service }} spec: ports: - - port: {{ .Values.global.aaf.hello.internal_port }} - nodePort: {{ .Values.global.aaf.hello.public_port }} + - port: {{ .Values.service.port }} + nodePort: {{ .Values.service.public_port }} name: aaf-hello selector: app: {{ include "common.name" . }} diff --git a/kubernetes/aaf/charts/aaf-hello/values.yaml b/kubernetes/aaf/charts/aaf-hello/values.yaml index c3ed9e1a64..ea6665c61a 100644 --- a/kubernetes/aaf/charts/aaf-hello/values.yaml +++ b/kubernetes/aaf/charts/aaf-hello/values.yaml @@ -24,7 +24,34 @@ flavor: small # Application configuration defaults. ################################################################# # application image +aaf_init: + # You might want this in your own app. For AAF, we store in global + # replicas: 1 + fqdn: "aaf-hello" + image: onap/aaf/aaf_agent:2.1.15 + app_ns: "org.osaaf.aaf" + fqi: "aaf@aaf.osaaf.org" + fqdn: "aaf-hello" + public_fqdn: "aaf.osaaf.org" + deploy_fqi: "deployer@people.osaaf.org" + cadi_latitude: "38.0" + cadi_longitude: "-72.0" +service: + image: onap/aaf/aaf_hello:2.1.15 + port: "8130" + public_port: "31119" + +persistence: + enabled: true + config: + #existingClaim: + # You will want "Reatan" in non-Hello Example. + volumeReclaimPolicy: Delete + accessMode: ReadWriteMany + size: 40M + storageClass: "manual" + mountPath: "/mnt/data/aaf/hello" nodeSelector: {} @@ -42,15 +69,6 @@ readiness: initialDelaySeconds: 5 periodSeconds: 10 -service: - name: aaf-hello - type: ClusterIP - portName: aaf-hello - #targetPort - internalPort: 8130 - #port - externalPort: 8130 - ingress: enabled: false diff --git a/kubernetes/aaf/charts/aaf-locate/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-locate/templates/deployment.yaml index f504063555..69d16121c9 100644 --- a/kubernetes/aaf/charts/aaf-locate/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-locate/templates/deployment.yaml @@ -32,7 +32,7 @@ spec: spec: initContainers: - name: {{ include "common.name" . }}-config-container - image: {{ .Values.global.repository }}/onap/aaf/aaf_config:{{.Values.global.aaf.imageVersion}} + image: {{ .Values.global.repository }}/{{.Values.global.aaf.config.image}} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: ["bash","-c","cd /opt/app/aaf_config && bin/pod_wait.sh config aaf-service remove && bin/agent.sh"] volumeMounts: @@ -57,14 +57,14 @@ spec: value: "{{ .Values.global.aaf.aaf_release }}" - name: aaf_locator_container_ns value: "{{ .Release.Namespace }}" - - name: aaf_locator_container - value: "oom" - name: aaf_locator_public_fqdn value: "{{.Values.global.aaf.public_fqdn}}" - name: aaf_locator_name value: "{{.Values.global.aaf.aaf_locator_name}}" - name: aaf_locator_name_oom value: "{{.Values.global.aaf.aaf_locator_name_oom}}" + - name: cm_always_ignore_ips + value: "true" - name: CASSANDRA_CLUSTER value: "{{.Values.global.aaf.cass.fqdn}}.{{ .Release.Namespace }}" # - name: CASSANDRA_USER @@ -72,10 +72,11 @@ spec: # - name: CASSANDRA_PASSWORD # value: "" # - name: CASSANDRA_PORT +# value: "" containers: - name: {{ include "common.name" . }} command: ["/bin/bash","-c","cd /opt/app/aaf && /bin/bash bin/pod_wait.sh aaf-locate aaf-service && exec bin/locate"] - image: {{ .Values.global.repository }}/onap/aaf/aaf_locate:{{.Values.global.aaf.imageVersion}} + image: {{ .Values.global.repository }}/{{.Values.global.aaf.image}} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: - mountPath: "/opt/app/osaaf" diff --git a/kubernetes/aaf/charts/aaf-oauth/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-oauth/templates/deployment.yaml index cc328d5ca6..b371c86541 100644 --- a/kubernetes/aaf/charts/aaf-oauth/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-oauth/templates/deployment.yaml @@ -32,7 +32,7 @@ spec: spec: initContainers: - name: {{ include "common.name" . }}-config-container - image: {{ .Values.global.repository }}/onap/aaf/aaf_config:{{.Values.global.aaf.imageVersion}} + image: {{ .Values.global.repository }}/{{.Values.global.aaf.config.image}} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: ["bash","-c","cd /opt/app/aaf_config && bin/pod_wait.sh config aaf-service remove && bin/agent.sh"] volumeMounts: @@ -57,14 +57,14 @@ spec: value: "{{ .Values.global.aaf.aaf_release }}" - name: aaf_locator_container_ns value: "{{ .Release.Namespace }}" - - name: aaf_locator_container - value: "oom" - name: aaf_locator_public_fqdn value: "{{.Values.global.aaf.public_fqdn}}" - name: aaf_locator_name value: "{{.Values.global.aaf.aaf_locator_name}}" - name: aaf_locator_name_oom value: "{{.Values.global.aaf.aaf_locator_name_oom}}" + - name: cm_always_ignore_ips + value: "true" - name: CASSANDRA_CLUSTER value: "{{.Values.global.aaf.cass.fqdn}}.{{ .Release.Namespace }}" # - name: CASSANDRA_USER @@ -72,10 +72,11 @@ spec: # - name: CASSANDRA_PASSWORD # value: "" # - name: CASSANDRA_PORT +# value: "" containers: - name: {{ include "common.name" . }} command: ["/bin/bash","-c","cd /opt/app/aaf && /bin/bash bin/pod_wait.sh aaf-oauth aaf-service && exec bin/oauth"] - image: {{ .Values.global.repository }}/onap/aaf/aaf_oauth:{{.Values.global.aaf.imageVersion}} + image: {{ .Values.global.repository }}/{{.Values.global.aaf.image}} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: - mountPath: "/opt/app/osaaf" diff --git a/kubernetes/aaf/charts/aaf-service/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-service/templates/deployment.yaml index 1801bfec0c..1c09718262 100644 --- a/kubernetes/aaf/charts/aaf-service/templates/deployment.yaml +++ b/kubernetes/aaf/charts/aaf-service/templates/deployment.yaml @@ -32,7 +32,7 @@ spec: spec: initContainers: - name: {{ include "common.name" . }}-config-container - image: {{ .Values.global.repository }}/onap/aaf/aaf_config:{{.Values.global.aaf.imageVersion}} + image: {{ .Values.global.repository }}/{{.Values.global.aaf.config.image}} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: ["bash","-c","cd /opt/app/aaf_config && bin/pod_wait.sh config nc aaf-cass.{{ .Release.Namespace }} 9042 sleep 15 remove && bin/agent.sh"] volumeMounts: @@ -63,6 +63,8 @@ spec: value: "{{.Values.global.aaf.aaf_locator_name}}" - name: aaf_locator_name_oom value: "{{.Values.global.aaf.aaf_locator_name_oom}}" + - name: cm_always_ignore_ips + value: "true" - name: CASSANDRA_CLUSTER value: "{{.Values.global.aaf.cass.fqdn}}.{{ .Release.Namespace }}" # - name: CASSANDRA_USER @@ -73,9 +75,12 @@ spec: # value: "" containers: - name: {{ include "common.name" . }} - command: ["/bin/bash","-c","cd /opt/app/aaf && bin/pod_wait.sh aaf-service aaf-cass && exec bin/service"] - image: {{ .Values.global.repository }}/onap/aaf/aaf_service:{{.Values.global.aaf.imageVersion}} + command: ["/bin/bash","-c","cd /opt/app/aaf && bin/pod_wait.sh aaf-service aaf-cass && exec bin/service"] + image: {{.Values.global.repository}}/{{.Values.global.aaf.image}} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + env: + - name: cm_always_ignore_ips + value: "true" lifecycle: preStop: exec: diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/service.yaml b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/service.yaml index de6130cb1d..04e9a5a92f 100644 --- a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/service.yaml +++ b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/service.yaml @@ -28,7 +28,7 @@ spec: - name: {{ .Values.service.portName }} {{if eq .Values.service.type "NodePort" -}} port: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + nodePort: {{ .Values.global.nodePortPrefix | default "302" }}{{ .Values.service.nodePort }} {{- else -}} port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} diff --git a/kubernetes/aaf/charts/aaf-sms/templates/service.yaml b/kubernetes/aaf/charts/aaf-sms/templates/service.yaml index 5e6bffb89f..18334a301c 100644 --- a/kubernetes/aaf/charts/aaf-sms/templates/service.yaml +++ b/kubernetes/aaf/charts/aaf-sms/templates/service.yaml @@ -28,7 +28,7 @@ spec: - name: {{ .Values.service.PortName }} {{if eq .Values.service.type "NodePort" -}} port: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + nodePort: {{ .Values.global.nodePortPrefix | default "302" }}{{ .Values.service.nodePort }} {{- else -}} port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} diff --git a/kubernetes/aaf/values.yaml b/kubernetes/aaf/values.yaml index 1ddb604c02..0109a5e90d 100644 --- a/kubernetes/aaf/values.yaml +++ b/kubernetes/aaf/values.yaml @@ -23,30 +23,35 @@ global: ubuntuInitImage: oomk8s/ubuntu-init:2.0.0 persistence: enabled: true - pullPolicy: Always + # Standard OOM + pullPolicy: "Always" repository: "nexus3.onap.org:10001" - # pullPolicy: IfNotPresent - # repository: "nexus3.onap.org:10003" + + # Use Local + #pullPolicy: IfNotPresent + #repository: "nexus3.onap.org:10003" aaf: - imageVersion: 2.1.13 - #imageVersion: latest readiness: false + image: onap/aaf/aaf_core:2.1.15 aaf_env: "DEV" public_fqdn: "aaf.osaaf.org" - aaf_release: "Dublin" + aaf_release: "El Alto" # DUBLIN ONLY - for M4 compatibility with Casablanca - aaf_locator_name: "public.%NS.%N" - aaf_locator_name_oom: "%NS.%N" + # aaf_locator_name: "public.%NS.%N" + # aaf_locator_name_oom: "%NS.%N" # EL ALTO and Beyond - # aaf_locator_name: "%NS.%N" - # aaf_locator_name_oom: "%CNS.%NS.%N" + aaf_locator_name: "%NS.%N" + aaf_locator_name_oom: "%CNS.%NS.%N" cadi_latitude: "38.0" cadi_longitude: "-72.0" cadi_x509_issuers: "CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US" + config: + image: onap/aaf/aaf_config:2.1.15 cass: replicas: 1 + image: onap/aaf/aaf_cass:2.1.15 fqdn: "aaf-cass" cluster_name: "osaaf" heap_new_size: "512M" @@ -88,9 +93,6 @@ global: public_port: 31115 hello: replicas: 0 - fqdn: "aaf-hello" - internal_port: 8130 - public_port: 31116 ################################################################# # Application configuration defaults. diff --git a/kubernetes/aai b/kubernetes/aai -Subproject c2d6e68b32be2bc2a421f21d23b12abdf314198 +Subproject 55cb73cadc59537643c0fe5cb7ededadc9ff2b4 diff --git a/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/cadi.properties b/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/cadi.properties index 0e8b71cf53..e7399f6f04 100644 --- a/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/cadi.properties +++ b/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/cadi.properties @@ -19,7 +19,7 @@ ### #hostname=localhost -cadi_loglevel=INFO +cadi_loglevel=DEBUG cadi_bath_convert=/opt/onap/appc/data/properties/bath_config.csv ############################################################ @@ -48,11 +48,11 @@ cadi_longitude=-122.26147 aaf_locate_url=https://aaf-locate.{{.Release.Namespace}}:8095 # AAF URL -aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.0 +aaf_url=https://AAF_LOCATE_URL/onap.org.osaaf.aaf.service:2.1 # AAF Environment Designation aaf_env=DEV # OAuth2 Endpoints -aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.0/token -aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.0/introspect +aaf_oauth2_token_url=https://AAF_LOCATE_URL/onap.org.osaaf.aaf.token:2.1/token +aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/onap.org.osaaf.aaf.introspect:2.1/introspect diff --git a/kubernetes/appc/templates/service.yaml b/kubernetes/appc/templates/service.yaml index 32938cc565..fdd31a4ed0 100644 --- a/kubernetes/appc/templates/service.yaml +++ b/kubernetes/appc/templates/service.yaml @@ -41,7 +41,7 @@ spec: - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: "{{ .Values.service.portName }}-8282" + name: "{{ .Values.service.portName }}-8443" - port: {{ .Values.service.externalPort2 }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }} name: "{{ .Values.service.portName }}-1830" @@ -52,7 +52,7 @@ spec: {{- else -}} - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }}-8282 + name: {{ .Values.service.portName }}-8443 - port: {{ .Values.service.externalPort2 }} targetPort: {{ .Values.service.internalPort2 }} name: {{ .Values.service.portName }}-1830 diff --git a/kubernetes/appc/values.yaml b/kubernetes/appc/values.yaml index 6fa7e65ca6..578dbc7453 100644 --- a/kubernetes/appc/values.yaml +++ b/kubernetes/appc/values.yaml @@ -120,9 +120,9 @@ service: name: appc portName: appc #targetPort - internalPort: 8181 + internalPort: 8443 #port - externalPort: 8282 + externalPort: 8443 nodePort: 30 externalPort2: 1830 diff --git a/kubernetes/cds/charts/cds-blueprints-processor/resources/config/ONAP_RootCA.cer b/kubernetes/cds/charts/cds-blueprints-processor/resources/config/ONAP_RootCA.cer new file mode 100755 index 0000000000..e9a50d7ea0 --- /dev/null +++ b/kubernetes/cds/charts/cds-blueprints-processor/resources/config/ONAP_RootCA.cer @@ -0,0 +1,31 @@ +-----BEGIN CERTIFICATE----- +MIIFPjCCAyagAwIBAgIJAJ6u7cCnzrWdMA0GCSqGSIb3DQEBCwUAMCwxDjAMBgNV +BAsMBU9TQUFGMQ0wCwYDVQQKDARPTkFQMQswCQYDVQQGEwJVUzAeFw0xODA0MDUx +NDE1MjhaFw0zODAzMzExNDE1MjhaMCwxDjAMBgNVBAsMBU9TQUFGMQ0wCwYDVQQK +DARPTkFQMQswCQYDVQQGEwJVUzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC +ggIBAMA5pkgRs7NhGG4ew5JouhyYakgYUyFaG121+/h8qbSdt0hVQv56+EA41Yq7 +XGie7RYDQK9NmAFF3gruE+6X7wvJiChp+Cyd7sFMnb65uWhxEdxWTM2BJFrgfzUn +H8ZCxgaCo3XH4PzlKRy2LQQJEJECwl/RZmRCXijMt5e9h8XoZY/fKkKcZZUsWNCM +pTo266wjvA9MXLmdgReRj0+vrCjrNqy+htwJDztoiHWiYPqT6o8EvGcgjNqjlZx7 +NUNf8MfLDByqKF6+wRbHv1GKjn3/Vijd45Fv8riyRYROiFanvbV6jIfBkv8PZbXg +2VDWsYsgp8NAvMxK+iV8cO+Ck3lBI2GOPZbCEqpPVTYbLUz6sczAlCXwQoPzDIZY +wYa3eR/gYLY1gP2iEVHORag3bLPap9ZX5E8DZkzTNTjovvLk8KaCmfcaUMJsBtDd +ApcUitz10cnRyZc1sX3gE1f3DpzQM6t9C5sOVyRhDcSrKqqwb9m0Ss04XAS9FsqM +P3UWYQyqDXSxlUAYaX892u8mV1hxnt2gjb22RloXMM6TovM3sSrJS0wH+l1nznd6 +aFXftS/G4ZVIVZ/LfT1is4StoyPWZCwwwly1z8qJQ/zhip5NgZTxQw4mi7ww35DY +PdAQOCoajfSvFjqslQ/cPRi/MRCu079heVb5fQnnzVtnpFQRAgMBAAGjYzBhMB0G +A1UdDgQWBBRTVTPyS+vQUbHBeJrBKDF77+rtSTAfBgNVHSMEGDAWgBRTVTPyS+vQ +UbHBeJrBKDF77+rtSTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAN +BgkqhkiG9w0BAQsFAAOCAgEAPx/IaK94n02wPxpnYTy+LVLIxwdq/kawNd6IbiMz +L87zmNMDmHcGbfoRCj8OkhuggX9Lx1/CkhpXimuYsZOFQi5blr/u+v4mIbsgbmi9 +7j+cUHDP0zLycvSvxKHty51LwmaX9a4wkJl5zBU4O1sd/H9tWcEmwJ39ltKoBKBx +c94Zc3iMm5ytRWGj+0rKzLDAXEWpoZ5bE5PLJauA6UDCxDLfs3FwhbS7uDggxYvf +jySF5FCNET94oJ+m8s7VeHvoa8iPGKvXrIqdd7XDHnqJJlVKr7m9S0fMbyEB8ci2 +RtOXDt93ifY1uhoEtEykn4dqBSp8ezvNMnwoXdYPDvTd9uCAFeWFLVreBAWxd25h +PsBTkZA5hpa/rA+mKv6Af4VBViYr8cz4dZCsFChuioVebe9ighrfjB//qKepFjPF +CyjzKN1u0JKm/2x/ORqxkTONG8p3uDwoIOyimUcTtTMv42bfYD88RKakqSFXE9G+ +Z0LlaKABqfjK49o/tsAp+c5LoNlYllKhnetO3QAdraHwdmC36BhoghzR1jpX751A +cZn2VH3Q4XKyp01cJNCJIrua+A+bx6zh3RyW6zIIkbRCbET+UD+4mr8WIcSE3mtR +ZVlnhUDO4z9//WKMVzwS9Rh8/kuszrGFI1KQozXCHLrce3YP6RYZfOed79LXaRwX +dYY= +-----END CERTIFICATE----- diff --git a/kubernetes/cds/charts/cds-blueprints-processor/resources/config/application.properties b/kubernetes/cds/charts/cds-blueprints-processor/resources/config/application.properties index 1317300570..6cb952f460 100755 --- a/kubernetes/cds/charts/cds-blueprints-processor/resources/config/application.properties +++ b/kubernetes/cds/charts/cds-blueprints-processor/resources/config/application.properties @@ -14,6 +14,30 @@ # limitations under the License. # # Web server config +### START -Controller Blueprints Properties +# Load Resource Source Mappings +resourceSourceMappings=processor-db=source-db,input=source-input,default=source-default,config-data=source-rest,aai-data=source-rest,capability=source-capability + +# Controller Blueprints Core Configuration +controllerblueprints.blueprintDeployPath=/opt/app/onap/blueprints/deploy +controllerblueprints.blueprintArchivePath=/opt/app/onap/blueprints/archive +controllerblueprints.blueprintWorkingPath=/opt/app/onap/blueprints/working + +# Controller Blueprint Load Configurations +# blueprints.load.initial-data may be overridden by ENV variables +controllerblueprints.loadInitialData=true +controllerblueprints.loadBluePrint=true +controllerblueprints.loadBluePrintPaths=/opt/app/onap/model-catalog/blueprint-model/service-blueprint +controllerblueprints.loadModelType=true +controllerblueprints.loadModeTypePaths=/opt/app/onap/model-catalog/definition-type/starter-type +controllerblueprints.loadResourceDictionary=true +controllerblueprints.loadResourceDictionaryPaths=/opt/app/onap/model-catalog/resource-dictionary/starter-dictionary + +# CBA file extension +controllerblueprints.loadCbaExtension=zip + +### END -Controller Blueprints Properties + blueprintsprocessor.grpcEnable=true blueprintsprocessor.httpPort=8080 blueprintsprocessor.grpcPort=9111 @@ -24,14 +48,14 @@ blueprintsprocessor.blueprintArchivePath=/opt/app/onap/blueprints/archive blueprintsprocessor.blueprintWorkingPath=/opt/app/onap/blueprints/work # Primary Database Configuration -blueprintsprocessor.db.primary.url=jdbc:mysql://cds-db:3306/sdnctl -blueprintsprocessor.db.primary.username=sdnctl -blueprintsprocessor.db.primary.password=sdnctl -blueprintsprocessor.db.primary.driverClassName=org.mariadb.jdbc.Driver -blueprintsprocessor.db.primary.hibernateHbm2ddlAuto=update -blueprintsprocessor.db.primary.hibernateDDLAuto=update -blueprintsprocessor.db.primary.hibernateNamingStrategy=org.hibernate.cfg.ImprovedNamingStrategy -blueprintsprocessor.db.primary.hibernateDialect=org.hibernate.dialect.MySQL5InnoDBDialect +blueprintsprocessor.db.url=jdbc:mysql://db:3306/sdnctl +blueprintsprocessor.db.username=sdnctl +blueprintsprocessor.db.password=sdnctl +blueprintsprocessor.db.driverClassName=org.mariadb.jdbc.Driver +blueprintsprocessor.db.hibernateHbm2ddlAuto=update +blueprintsprocessor.db.hibernateDDLAuto=update +blueprintsprocessor.db.hibernateNamingStrategy=org.hibernate.cfg.ImprovedNamingStrategy +blueprintsprocessor.db.hibernateDialect=org.hibernate.dialect.MySQL5InnoDBDialect # Python executor blueprints.processor.functions.python.executor.executionPath=/opt/app/onap/scripts/jython/ccsdk_blueprints @@ -59,15 +83,27 @@ blueprintsprocessor.grpcclient.remote-python.host=cds-command-executor blueprintsprocessor.grpcclient.remote-python.port=50051 blueprintsprocessor.grpcclient.remote-python.token=Basic Y2NzZGthcHBzOmNjc2RrYXBwcw== -# Primary Config Data REST client settings -blueprintsprocessor.restclient.primary-config-data.type=basic-auth -blueprintsprocessor.restclient.primary-config-data.url=http://sdnc:8282 -blueprintsprocessor.restclient.primary-config-data.username=admin -blueprintsprocessor.restclient.primary-config-data.password=Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U - -# Primary AAI Data REST Client settings -blueprintsprocessor.restclient.primary-aai-data.type=basic-auth -blueprintsprocessor.restclient.primary-aai-data.url=https://aai.onap:8443 -blueprintsprocessor.restclient.primary-aai-data.username=aai@aai.onap.org -blueprintsprocessor.restclient.primary-aai-data.password=demo123456! +# Config Data REST client settings +blueprintsprocessor.restclient.config-data.type=basic-auth +blueprintsprocessor.restclient.config-data.url=http://sdnc:8282 +blueprintsprocessor.restclient.config-data.username=admin +blueprintsprocessor.restclient.config-data.password=Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U + +# AAI Data REST Client settings +blueprintsprocessor.restclient.aai-data.type=basic-auth +blueprintsprocessor.restclient.aai-data.url=https://aai.onap:8443 +blueprintsprocessor.restclient.aai-data.username=aai@aai.onap.org +blueprintsprocessor.restclient.aai-data.password=demo123456! + +# Kafka-message-lib Configuration +blueprintsprocessor.messageclient.self-service-api.topic=cds-producer +blueprintsprocessor.messageclient.self-service-api.type=kafka-basic-auth + +##ONAP Message Router Kafka Service## +blueprintsprocessor.messageclient.self-service-api.bootstrapServers=message-router-kafka:9092 + +blueprintsprocessor.messageclient.self-service-api.consumerTopic=cds-consumer +blueprintsprocessor.messageclient.self-service-api.groupId=cds-consumer-group +blueprintsprocessor.messageclient.self-service-api.clientId=cds-client +blueprintsprocessor.messageclient.self-service-api.kafkaEnable=false diff --git a/kubernetes/cds/charts/cds-blueprints-processor/templates/deployment.yaml b/kubernetes/cds/charts/cds-blueprints-processor/templates/deployment.yaml index 736b5cea24..ef7d8d4442 100755 --- a/kubernetes/cds/charts/cds-blueprints-processor/templates/deployment.yaml +++ b/kubernetes/cds/charts/cds-blueprints-processor/templates/deployment.yaml @@ -36,6 +36,10 @@ spec: args: - --container-name - cds-db + {{- if .Values.dmaapEnabled }} + - --container-name + - message-router + {{ end }} env: - name: NAMESPACE valueFrom: @@ -60,7 +64,7 @@ spec: {{ if .Values.liveness.enabled }} livenessProbe: httpGet: - path: /api/v1/execution-service/ping + path: /api/v1/execution-service/health-check port: {{ .Values.service.http.internalPort }} httpHeaders: - name: Authorization @@ -70,7 +74,7 @@ spec: {{ end }} readinessProbe: httpGet: - path: /api/v1/execution-service/ping + path: /api/v1/execution-service/health-check port: {{ .Values.service.http.internalPort }} httpHeaders: - name: Authorization @@ -87,6 +91,11 @@ spec: - mountPath: {{ .Values.config.appConfigDir }}/logback.xml name: {{ include "common.fullname" . }}-config subPath: logback.xml + + - mountPath: {{ .Values.config.appConfigDir }}/ONAP_RootCA.cer + name: {{ include "common.fullname" . }}-config + subPath: ONAP_RootCA.cer + - mountPath: {{ .Values.persistence.deployedBlueprint }} name: {{ include "common.fullname" . }}-blueprints resources: diff --git a/kubernetes/cds/charts/cds-blueprints-processor/values.yaml b/kubernetes/cds/charts/cds-blueprints-processor/values.yaml index a2e3da688f..7ac3274f32 100755 --- a/kubernetes/cds/charts/cds-blueprints-processor/values.yaml +++ b/kubernetes/cds/charts/cds-blueprints-processor/values.yaml @@ -40,7 +40,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/ccsdk-blueprintsprocessor:0.4.5 +image: onap/ccsdk-blueprintsprocessor:0.5.1 pullPolicy: Always # flag to enable debugging - application support required @@ -57,6 +57,10 @@ nodeSelector: {} affinity: {} +# flag for kafka-listener dependency. Set to true if you are using message-router otherwise set to false if you are using +# custom kafka cluster. +dmaapEnabled: true + # probe configuration parameters liveness: initialDelaySeconds: 120 @@ -82,7 +86,6 @@ service: internalPort: 9111 externalPort: 9111 - persistence: volumeReclaimPolicy: Retain accessMode: ReadWriteMany diff --git a/kubernetes/cds/charts/cds-command-executor/values.yaml b/kubernetes/cds/charts/cds-command-executor/values.yaml index 14432ecab2..0db73be134 100755 --- a/kubernetes/cds/charts/cds-command-executor/values.yaml +++ b/kubernetes/cds/charts/cds-command-executor/values.yaml @@ -40,7 +40,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/ccsdk-commandexecutor:0.4.5 +image: onap/ccsdk-commandexecutor:0.5.1 pullPolicy: Always # application configuration diff --git a/kubernetes/cds/charts/cds-controller-blueprints/resources/config/application.properties b/kubernetes/cds/charts/cds-controller-blueprints/resources/config/application.properties index ebc1d2e9a9..1b38665c4b 100755 --- a/kubernetes/cds/charts/cds-controller-blueprints/resources/config/application.properties +++ b/kubernetes/cds/charts/cds-controller-blueprints/resources/config/application.properties @@ -44,7 +44,7 @@ spring.jpa.hibernate.naming-strategy=org.hibernate.cfg.ImprovedNamingStrategy spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.MySQL5InnoDBDialect # Load Resource Source Mappings -resourceSourceMappings=processor-db=source-processor-db,primary-db=source-processor-db,input=source-input,default=source-default,primary-config-data=source-rest,primary-aai-data=source-rest,capability=source-capability +resourceSourceMappings=processor-db=source-db,input=source-input,default=source-default,config-data=source-rest,aai-data=source-rest,capability=source-capability # Controller Blueprints Core Configuration controllerblueprints.blueprintDeployPath=/etc/blueprints/deploy @@ -64,4 +64,4 @@ controllerblueprints.loadResourceDictionaryPaths=/opt/app/onap/model-catalog/res controllerblueprints.loadCbaExtension=zip # Web server config -server.port=8080
\ No newline at end of file +server.port=8080 diff --git a/kubernetes/cds/charts/cds-controller-blueprints/values.yaml b/kubernetes/cds/charts/cds-controller-blueprints/values.yaml index b629c5109a..4e32c5eac4 100755 --- a/kubernetes/cds/charts/cds-controller-blueprints/values.yaml +++ b/kubernetes/cds/charts/cds-controller-blueprints/values.yaml @@ -38,7 +38,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/ccsdk-controllerblueprints:0.4.5 +image: onap/ccsdk-controllerblueprints:0.5.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/cds/charts/cds-sdc-listener/values.yaml b/kubernetes/cds/charts/cds-sdc-listener/values.yaml index cd2fbf5ad4..c14b997acc 100644 --- a/kubernetes/cds/charts/cds-sdc-listener/values.yaml +++ b/kubernetes/cds/charts/cds-sdc-listener/values.yaml @@ -37,7 +37,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/ccsdk-sdclistener:0.4.5 +image: onap/ccsdk-sdclistener:0.5.1 name: sdc-listener pullPolicy: Always diff --git a/kubernetes/cds/charts/cds-ui/values.yaml b/kubernetes/cds/charts/cds-ui/values.yaml index 1ba8a17049..60c0a8a037 100644 --- a/kubernetes/cds/charts/cds-ui/values.yaml +++ b/kubernetes/cds/charts/cds-ui/values.yaml @@ -28,7 +28,7 @@ subChartsOnly: # application image repository: nexus3.onap.org:10001 -image: onap/ccsdk-cds-ui-server:0.4.5 +image: onap/ccsdk-cds-ui-server:0.5.1 pullPolicy: Always # application configuration diff --git a/kubernetes/clamp/charts/clamp-dash-es/values.yaml b/kubernetes/clamp/charts/clamp-dash-es/values.yaml index f25e40bf2a..f385128f92 100644 --- a/kubernetes/clamp/charts/clamp-dash-es/values.yaml +++ b/kubernetes/clamp/charts/clamp-dash-es/values.yaml @@ -31,8 +31,8 @@ busyboxRepository: registry.hub.docker.com busyboxImage: library/busybox:latest # application image -loggingRepository: docker.elastic.co -image: elasticsearch/elasticsearch-oss:6.6.2 +repository: nexus3.onap.org:10001 +image: onap/clamp-dashboard-elasticsearch:4.1.0 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/clamp/charts/clamp-dash-kibana/resources/config/kibana.yml b/kubernetes/clamp/charts/clamp-dash-kibana/resources/config/kibana.yml index a94413ce06..2173039252 100644 --- a/kubernetes/clamp/charts/clamp-dash-kibana/resources/config/kibana.yml +++ b/kubernetes/clamp/charts/clamp-dash-kibana/resources/config/kibana.yml @@ -125,3 +125,11 @@ server.ssl.key: {{.Values.config.sslPemkeyFilePath}} # The default locale. This locale can be used in certain circumstances to substitute any missing # translations. #i18n.defaultLocale: "en" + +## Search Guard +# +xpack.security.enabled: false +elasticsearch.username: {{.Values.config.elasticUSR}} +elasticsearch.password: {{.Values.config.elasticPWD}} + +searchguard.cookie.password: 123567818187654rwrwfsfshdhdhtegdhfzftdhncn diff --git a/kubernetes/clamp/charts/clamp-dash-kibana/values.yaml b/kubernetes/clamp/charts/clamp-dash-kibana/values.yaml index 954de3a953..276ac5d32a 100644 --- a/kubernetes/clamp/charts/clamp-dash-kibana/values.yaml +++ b/kubernetes/clamp/charts/clamp-dash-kibana/values.yaml @@ -34,7 +34,7 @@ busyboxImage: library/busybox:latest # application image repository: nexus3.onap.org:10001 -image: onap/clamp-dashboard-kibana:4.0.5 +image: onap/clamp-dashboard-kibana:4.1.0 pullPolicy: Always # flag to enable debugging - application support required @@ -44,6 +44,8 @@ debugEnabled: false config: elasticsearchServiceName: cdash-es elasticsearchPort: 9200 + elasticUSR: kibanaserver + elasticPWD: kibanaserver sslEnabled: true sslPemCertFilePath: /usr/share/kibana/config/keystore/org.onap.clamp.crt.pem sslPemkeyFilePath: /usr/share/kibana/config/keystore/org.onap.clamp.key.pem diff --git a/kubernetes/clamp/charts/clamp-dash-logstash/resources/config/pipeline.conf b/kubernetes/clamp/charts/clamp-dash-logstash/resources/config/pipeline.conf index b4b5071ba5..05d8085d43 100644 --- a/kubernetes/clamp/charts/clamp-dash-logstash/resources/config/pipeline.conf +++ b/kubernetes/clamp/charts/clamp-dash-logstash/resources/config/pipeline.conf @@ -219,6 +219,8 @@ output { elasticsearch { codec => "json" hosts => ["${elasticsearch_base_url}"] + user => ["${logstash_user}"] + password => ["${logstash_pwd}"] index => "errors-%{+YYYY.MM.DD}" doc_as_upsert => true } @@ -227,6 +229,8 @@ output { elasticsearch { codec => "json" hosts => ["${elasticsearch_base_url}"] + user => ["${logstash_user}"] + password => ["${logstash_pwd}"] document_id => "%{requestID}" index => "events-cl-%{+YYYY.MM.DD}" # creates daily indexes for control loop doc_as_upsert => true @@ -237,6 +241,8 @@ output { elasticsearch { codec => "json" hosts => ["${elasticsearch_base_url}"] + user => ["${logstash_user}"] + password => ["${logstash_pwd}"] index => "events-%{+YYYY.MM.DD}" # creates daily indexes doc_as_upsert => true } diff --git a/kubernetes/clamp/charts/clamp-dash-logstash/templates/deployment.yaml b/kubernetes/clamp/charts/clamp-dash-logstash/templates/deployment.yaml index 6c6331a9c2..a72f6b6e78 100644 --- a/kubernetes/clamp/charts/clamp-dash-logstash/templates/deployment.yaml +++ b/kubernetes/clamp/charts/clamp-dash-logstash/templates/deployment.yaml @@ -63,6 +63,10 @@ spec: value: "{{ .Values.config.requestTopic }}" - name: dmaap_base_url value: {{ .Values.config.dmaapScheme }}://{{ .Values.config.dmaapHost }}.{{ include "common.namespace" . }}:{{ .Values.config.dmaapPort }} + - name: logstash_user + value: "{{ .Values.config.logstash_user }}" + - name: logstash_pwd + value: "{{ .Values.config.logstash_pwd }}" - name: elasticsearch_base_url value: "http://{{.Values.config.elasticsearchServiceName}}.{{.Release.Namespace}}.svc.cluster.local:{{.Values.config.elasticsearchPort}}" ports: diff --git a/kubernetes/clamp/charts/clamp-dash-logstash/values.yaml b/kubernetes/clamp/charts/clamp-dash-logstash/values.yaml index 893860b839..e7ab68fc5b 100644 --- a/kubernetes/clamp/charts/clamp-dash-logstash/values.yaml +++ b/kubernetes/clamp/charts/clamp-dash-logstash/values.yaml @@ -30,7 +30,7 @@ flavor: small # application image repository: nexus3.onap.org:10001 -image: onap/clamp-dashboard-logstash:4.0.5 +image: onap/clamp-dashboard-logstash:4.1.0 pullPolicy: Always # flag to enable debugging - application support required @@ -48,6 +48,8 @@ config: eventTopic: "DCAE-CL-EVENT" notificationTopic: "POLICY-CL-MGT" requestTopic: "APPC-CL" + logstash_user: "logstash" + logstash_pwd: "logstash" # default number of instances replicaCount: 1 diff --git a/kubernetes/clamp/values.yaml b/kubernetes/clamp/values.yaml index 398c9ead9e..030460401f 100644 --- a/kubernetes/clamp/values.yaml +++ b/kubernetes/clamp/values.yaml @@ -30,7 +30,7 @@ flavor: small # application image repository: nexus3.onap.org:10001 -image: onap/clamp:4.0.5 +image: onap/clamp:4.1.0 pullPolicy: Always # flag to enable debugging - application support required @@ -54,7 +54,7 @@ config: "clamp.config.sdc.serviceUsername": "clamp", "clamp.config.sdc.servicePassword": "b7acccda32b98c5bb7acccda32b98c5b05D511BD6D93626E90D18E9D24D9B78CD34C7EE8012F0A189A28763E82271E50A5D4EC10C7D93E06E0A2D27CAE66B981", "clamp.config.files.sdcController": "file:/opt/clamp/sdc-controllers-config.json", - "clamp.config.dcae.inventory.url": "http://inventory.{{ include "common.namespace" . }}:8080", + "clamp.config.dcae.inventory.url": "https://inventory.{{ include "common.namespace" . }}:8080", "clamp.config.dcae.dispatcher.url": "https4://deployment-handler.{{ include "common.namespace" . }}:8443", "clamp.config.dcae.deployment.url": "https4://deployment-handler.{{ include "common.namespace" . }}:8443", "clamp.config.dcae.deployment.userName": "none", diff --git a/kubernetes/common/common/templates/_ingress.tpl b/kubernetes/common/common/templates/_ingress.tpl new file mode 100644 index 0000000000..9b274ad190 --- /dev/null +++ b/kubernetes/common/common/templates/_ingress.tpl @@ -0,0 +1,55 @@ +{{- define "ingress.config.port" -}} +{{- if .Values.ingress -}} +{{- if .Values.ingress.service -}} +{{- range .Values.ingress.service }} + - path: {{ .path }} + backend: + serviceName: {{ .name }} + servicePort: {{ .port }} +{{- end }} +{{- else -}} + - path: {{ printf "/%s" .Chart.Name }} + backend: + serviceName: {{ .Chart.Name }} + servicePort: {{ .Values.service.externalPort }} +{{- end -}} +{{- end -}} +{{- end -}} + + +{{- define "ingress.config.annotations" -}} +{{- if .Values.ingress -}} +{{- if .Values.ingress.annotations -}} +{{ toYaml .Values.ingress.annotations | indent 4 | trim }} +{{- end -}} +{{- end -}} +{{- end -}} + + +{{- define "common.ingress" -}} +{{- if .Values.ingress -}} +{{- if .Values.ingress.enabled -}} +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + name: {{ include "common.fullname" . }}-ingress + annotations: + {{ include "ingress.config.annotations" . }} + labels: + app: {{ .Chart.Name }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + rules: + - http: + paths: + {{- include "ingress.config.port" . }} +{{- if .Values.ingress.tls }} + tls: +{{ toYaml .Values.ingress.tls | indent 4 }} + {{- end -}} +{{- end -}} +{{- end -}} +{{- end -}} + diff --git a/kubernetes/common/dgbuilder/values.yaml b/kubernetes/common/dgbuilder/values.yaml index 4094801949..8cf95d6aba 100644 --- a/kubernetes/common/dgbuilder/values.yaml +++ b/kubernetes/common/dgbuilder/values.yaml @@ -47,7 +47,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/ccsdk-dgbuilder-image:0.4.4 +image: onap/ccsdk-dgbuilder-image:0.5.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/contrib/charts/awx/Chart.yaml b/kubernetes/contrib/charts/awx/Chart.yaml new file mode 100755 index 0000000000..90f73801b0 --- /dev/null +++ b/kubernetes/contrib/charts/awx/Chart.yaml @@ -0,0 +1,20 @@ +# Copyright © 2019 Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: Ansible AWX +name: awx +sources: + - https://github.com/ansible/awx +version: 5.0.0 diff --git a/kubernetes/contrib/charts/awx/Makefile b/kubernetes/contrib/charts/awx/Makefile new file mode 100644 index 0000000000..d8a50339d6 --- /dev/null +++ b/kubernetes/contrib/charts/awx/Makefile @@ -0,0 +1,16 @@ +# Copyright © 2019 Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +make-awx: + cd charts && helm dep up awx-postgres diff --git a/kubernetes/robot/Chart.yaml b/kubernetes/contrib/charts/awx/charts/awx-postgres/Chart.yaml index 7dbed546dc..ae3befc6e8 100644..100755 --- a/kubernetes/robot/Chart.yaml +++ b/kubernetes/contrib/charts/awx/charts/awx-postgres/Chart.yaml @@ -1,4 +1,4 @@ -# Copyright © 2017 Amdocs, Bell Canada +# Copyright © 2019 Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,6 +13,6 @@ # limitations under the License. apiVersion: v1 -description: A helm Chart for kubernetes-ONAP Robot -name: robot +description: Ansible AWX database +name: awx-postgres version: 5.0.0 diff --git a/kubernetes/robot/templates/NOTES.txt b/kubernetes/contrib/charts/awx/charts/awx-postgres/templates/NOTES.txt index fe7c9313df..3ab092e848 100644..100755 --- a/kubernetes/robot/templates/NOTES.txt +++ b/kubernetes/contrib/charts/awx/charts/awx-postgres/templates/NOTES.txt @@ -1,8 +1,16 @@ -# Copyright © 2018 Amdocs, Bell Canada +# Copyright © 2019 Bell Canada # -# This file is licensed under the CREATIVE COMMONS ATTRIBUTION 4.0 INTERNATIONAL LICENSE +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at # -# Full license text at https://creativecommons.org/licenses/by/4.0/legalcode +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. 1. Get the application URL by running these commands: {{- if .Values.ingress.enabled }} @@ -19,7 +27,7 @@ export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') echo http://$SERVICE_IP:{{ .Values.service.externalPort }} {{- else if contains "ClusterIP" .Values.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") echo "Visit http://127.0.0.1:8080 to use your application" kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} {{- end }} diff --git a/kubernetes/robot/templates/deployment.yaml b/kubernetes/contrib/charts/awx/charts/awx-postgres/templates/deployment.yaml index 7b0c140269..3ac0e1a76c 100644..100755 --- a/kubernetes/robot/templates/deployment.yaml +++ b/kubernetes/contrib/charts/awx/charts/awx-postgres/templates/deployment.yaml @@ -1,4 +1,5 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T +{{/* +# Copyright © 2019 Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -11,6 +12,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} apiVersion: extensions/v1beta1 kind: Deployment @@ -32,59 +34,53 @@ spec: spec: containers: - name: {{ include "common.name" . }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" + image: {{ .Values.global.repository | default .Values.repository }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} ports: - containerPort: {{ .Values.service.internalPort }} - {{ if .Values.liveness.enabled }} - livenessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - {{ end }} readinessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} + exec: + command: + - /bin/sh + - -i + - -c + - psql -h 127.0.0.1 -U $POSTGRES_USER -q -d {{ .Values.config.postgresDB }} + -c 'SELECT 1' + initialDelaySeconds: 5 + timeoutSeconds: 1 + env: + - name: POSTGRES_USER + value: "{{ .Values.config.postgresUser }}" + - name: POSTGRES_PASSWORD + value: "{{ .Values.config.postgresPassword }}" + - name: POSTGRES_DB + value: "{{ .Values.config.postgresDB }}" volumeMounts: - - name: dshm - mountPath: /dev/shm - - name: localtime - mountPath: /etc/localtime + - mountPath: /etc/localtime + name: localtime readOnly: true - - name: robot-eteshare - mountPath: /share/config - - name: robot-logs - mountPath: /share/logs + - name: {{ include "common.fullname" . }}-data + mountPath: /var/lib/postgresql/data resources: -{{ include "common.resources" . }} +{{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} nodeSelector: -{{ toYaml .Values.nodeSelector | indent 8 }} +{{ toYaml .Values.nodeSelector | indent 10 }} {{- end -}} {{- if .Values.affinity }} affinity: -{{ toYaml .Values.affinity | indent 8 }} +{{ toYaml .Values.affinity | indent 10 }} {{- end }} volumes: - {{- if .Values.persistence.enabled }} - - name: robot-logs - persistentVolumeClaim: - claimName: {{ include "common.fullname" . }} - {{- else }} - emptyDir: {} - {{- end }} - - name: dshm - emptyDir: - medium: Memory - - name: localtime - hostPath: - path: /etc/localtime - - name: robot-eteshare - configMap: - name: {{ include "common.fullname" . }}-eteshare-configmap - defaultMode: 0755 + - name: localtime + hostPath: + path: /etc/localtime + {{- if .Values.persistence.enabled }} + - name: {{ include "common.fullname" . }}-data + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }} + {{- else }} + emptyDir: {} + {{- end }} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/robot/templates/pv.yaml b/kubernetes/contrib/charts/awx/charts/awx-postgres/templates/pv.yaml index 184728f8ad..a8cf9f6d9d 100644..100755 --- a/kubernetes/robot/templates/pv.yaml +++ b/kubernetes/contrib/charts/awx/charts/awx-postgres/templates/pv.yaml @@ -1,5 +1,5 @@ {{/* -# Copyright © 2017 Amdocs, Bell Canada +# Copyright © 2019 Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -15,6 +15,7 @@ */}} {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if not .Values.persistence.storageClass -}} kind: PersistentVolume apiVersion: v1 metadata: @@ -35,3 +36,4 @@ spec: hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} {{- end -}} +{{- end -}}
\ No newline at end of file diff --git a/kubernetes/robot/templates/pvc.yaml b/kubernetes/contrib/charts/awx/charts/awx-postgres/templates/pvc.yaml index e27c3311e9..52891ffda0 100644..100755 --- a/kubernetes/robot/templates/pvc.yaml +++ b/kubernetes/contrib/charts/awx/charts/awx-postgres/templates/pvc.yaml @@ -1,5 +1,5 @@ {{/* -# Copyright © 2017 Amdocs, Bell Canada +# Copyright © 2019 Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -27,12 +27,14 @@ metadata: heritage: "{{ .Release.Service }}" {{- if .Values.persistence.annotations }} annotations: -{{ toYaml .Values.persistence.annotations | indent 4 }} +{{ .Values.persistence.annotations | indent 4 }} {{- end }} spec: +{{- if not .Values.persistence.storageClass }} selector: matchLabels: name: {{ include "common.fullname" . }} +{{- end }} accessModes: - {{ .Values.persistence.accessMode }} resources: diff --git a/kubernetes/robot/templates/service.yaml b/kubernetes/contrib/charts/awx/charts/awx-postgres/templates/service.yaml index 3fc21b4550..9dffb536ee 100644..100755 --- a/kubernetes/robot/templates/service.yaml +++ b/kubernetes/contrib/charts/awx/charts/awx-postgres/templates/service.yaml @@ -1,4 +1,5 @@ -# Copyright © 2017 Amdocs, Bell Canada +{{/* +# Copyright © 2019 Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -11,6 +12,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} apiVersion: v1 kind: Service @@ -27,13 +29,14 @@ spec: ports: {{if eq .Values.service.type "NodePort" -}} - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName | default "http" }} + name: {{ .Values.service.portName }} {{- else -}} - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName | default "http" }} + name: {{ .Values.service.portName }} {{- end}} selector: app: {{ include "common.name" . }} - release: {{ .Release.Name }}
\ No newline at end of file + release: {{ .Release.Name }} diff --git a/kubernetes/contrib/charts/awx/charts/awx-postgres/values.yaml b/kubernetes/contrib/charts/awx/charts/awx-postgres/values.yaml new file mode 100755 index 0000000000..79fe5104b2 --- /dev/null +++ b/kubernetes/contrib/charts/awx/charts/awx-postgres/values.yaml @@ -0,0 +1,83 @@ +# Copyright © 2019 Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Default values for mariadb. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +global: # global defaults + nodePortPrefixExt: 304 + persistence: {} + +# application image +repository: docker.io +image: postgres:10.4-alpine +pullPolicy: Always + +# application configuration +config: + postgresUser: awx + postgresPassword: awx + postgresDB: awx + +ingress: + enabled: false + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + +## Persist data to a persitent volume +persistence: + enabled: true + volumeReclaimPolicy: Retain + + # Uncomment the storageClass parameter to use an existing PV + # that will match the following class. + # When uncomment the storageClass, the PV is not created anymore. + + # storageClass: "nfs-dev-sc" + + accessMode: ReadWriteMany + size: 1Gi + + # When using storage class, mountPath and mountSubPath are + # simply ignored. + + mountPath: /dockerdata-nfs + mountSubPath: awx/pgdata + +service: + type: ClusterIP + name: awx-postgresql + portName: awx-postgresql + internalPort: 5432 + externalPort: 5432 + +resources: {} diff --git a/kubernetes/contrib/charts/awx/charts/awx/Chart.yaml b/kubernetes/contrib/charts/awx/charts/awx/Chart.yaml new file mode 100755 index 0000000000..1a34dcd174 --- /dev/null +++ b/kubernetes/contrib/charts/awx/charts/awx/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2019 Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: Ansible AWX application +name: awx +version: 5.0.0 diff --git a/kubernetes/contrib/charts/awx/charts/awx/resources/config/credentials.py b/kubernetes/contrib/charts/awx/charts/awx/resources/config/credentials.py new file mode 100644 index 0000000000..39350e05d0 --- /dev/null +++ b/kubernetes/contrib/charts/awx/charts/awx/resources/config/credentials.py @@ -0,0 +1,36 @@ +# Copyright © 2019 Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +DATABASES = { + 'default': { + 'ATOMIC_REQUESTS': True, + 'ENGINE': 'awx.main.db.profiled_pg', + 'NAME': "{{ .Values.config.postgresDB }}", + 'USER': "{{ .Values.config.postgresUser }}", + 'PASSWORD': "{{ .Values.config.postgresPassword }}", + 'HOST': "awx-postgresql", + 'PORT': "5432", + } +} +BROKER_URL = 'amqp://{}:{}@{}:{}/{}'.format( + "{{ .Values.config.rabbitmqUser }}", + "{{ .Values.config.rabbitmqPassword }}", + "localhost", + "5672", + "{{ .Values.config.rabbitmqVhost }}") +CHANNEL_LAYERS = { + 'default': {'BACKEND': 'asgi_amqp.AMQPChannelLayer', + 'ROUTING': 'awx.main.routing.channel_routing', + 'CONFIG': {'url': BROKER_URL}} +}
\ No newline at end of file diff --git a/kubernetes/contrib/charts/awx/charts/awx/resources/config/environment.sh b/kubernetes/contrib/charts/awx/charts/awx/resources/config/environment.sh new file mode 100644 index 0000000000..7c58c6bb48 --- /dev/null +++ b/kubernetes/contrib/charts/awx/charts/awx/resources/config/environment.sh @@ -0,0 +1,23 @@ +# Copyright © 2019 Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +DATABASE_USER={{ .Values.config.postgresUser }} +DATABASE_NAME={{ .Values.config.postgresDB }} +DATABASE_HOST=awx-postgresql +DATABASE_PORT=5432 +DATABASE_PASSWORD={{ .Values.config.postgresPassword }} +MEMCACHED_HOST=localhost +RABBITMQ_HOST=localhost +AWX_ADMIN_USER={{ .Values.config.awxAdminUser }} +AWX_ADMIN_PASSWORD={{ .Values.config.awxAdminPassword }}
\ No newline at end of file diff --git a/kubernetes/contrib/charts/awx/charts/awx/templates/configmap.yaml b/kubernetes/contrib/charts/awx/charts/awx/templates/configmap.yaml new file mode 100644 index 0000000000..9bc62b0856 --- /dev/null +++ b/kubernetes/contrib/charts/awx/charts/awx/templates/configmap.yaml @@ -0,0 +1,146 @@ +{{/* +# Copyright © 2019 Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-init-mgnt + namespace: {{ include "common.namespace" . }} +data: + entrypoint: | + #/bin/sh + + awx-manage migrate --noinput + if [[ `echo 'from django.contrib.auth.models import User; nsu = User.objects.filter(is_superuser=True).count(); exit(0 if nsu > 0 else 1)' | awx-manage shell` > 0 ]] + then + echo 'from django.contrib.auth.models import User; User.objects.create_superuser('{{ .Values.config.awxAdminUser }}', '{{ .Values.config.awxAdminEmail }}', '{{ .Values.config.awxAdminPassword }}')' | awx-manage shell + awx-manage update_password --username='{{ .Values.config.awxAdminUser }}' --password='{{ .Values.config.awxAdminPassword }}' + fi +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-settings + namespace: {{ include "common.namespace" . }} +data: + awx_settings: | + import os + import socket + ADMINS = () + + AWX_PROOT_ENABLED = True + + # Automatically deprovision pods that go offline + AWX_AUTO_DEPROVISION_INSTANCES = True + + SYSTEM_TASK_ABS_CPU = 6 + SYSTEM_TASK_ABS_MEM = 20 + + INSIGHTS_URL_BASE = "https://example.org" + + #Autoprovisioning should replace this + CLUSTER_HOST_ID = socket.gethostname() + SYSTEM_UUID = '00000000-0000-0000-0000-000000000000' + + SESSION_COOKIE_SECURE = False + CSRF_COOKIE_SECURE = False + + REMOTE_HOST_HEADERS = ['HTTP_X_FORWARDED_FOR'] + + STATIC_ROOT = '/var/lib/awx/public/static' + PROJECTS_ROOT = '/var/lib/awx/projects' + JOBOUTPUT_ROOT = '/var/lib/awx/job_status' + SECRET_KEY = open('/etc/tower/SECRET_KEY', 'rb').read().strip() + ALLOWED_HOSTS = ['*'] + INTERNAL_API_URL = 'http://127.0.0.1:8052' + SERVER_EMAIL = 'root@localhost' + DEFAULT_FROM_EMAIL = 'webmaster@localhost' + EMAIL_SUBJECT_PREFIX = '[AWX] ' + EMAIL_HOST = 'localhost' + EMAIL_PORT = 25 + EMAIL_HOST_USER = '' + EMAIL_HOST_PASSWORD = '' + EMAIL_USE_TLS = False + + LOGGING['handlers']['console'] = { + '()': 'logging.StreamHandler', + 'level': 'DEBUG', + 'formatter': 'simple', + } + + LOGGING['loggers']['django.request']['handlers'] = ['console'] + LOGGING['loggers']['rest_framework.request']['handlers'] = ['console'] + LOGGING['loggers']['awx']['handlers'] = ['console'] + LOGGING['loggers']['awx.main.commands.run_callback_receiver']['handlers'] = ['console'] + LOGGING['loggers']['awx.main.commands.inventory_import']['handlers'] = ['console'] + LOGGING['loggers']['awx.main.tasks']['handlers'] = ['console'] + LOGGING['loggers']['awx.main.scheduler']['handlers'] = ['console'] + LOGGING['loggers']['django_auth_ldap']['handlers'] = ['console'] + LOGGING['loggers']['social']['handlers'] = ['console'] + LOGGING['loggers']['system_tracking_migrations']['handlers'] = ['console'] + LOGGING['loggers']['rbac_migrations']['handlers'] = ['console'] + LOGGING['loggers']['awx.isolated.manager.playbooks']['handlers'] = ['console'] + LOGGING['handlers']['callback_receiver'] = {'class': 'logging.NullHandler'} + LOGGING['handlers']['task_system'] = {'class': 'logging.NullHandler'} + LOGGING['handlers']['tower_warnings'] = {'class': 'logging.NullHandler'} + LOGGING['handlers']['rbac_migrations'] = {'class': 'logging.NullHandler'} + LOGGING['handlers']['system_tracking_migrations'] = {'class': 'logging.NullHandler'} + LOGGING['handlers']['management_playbooks'] = {'class': 'logging.NullHandler'} + + CACHES = { + 'default': { + 'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache', + 'LOCATION': '{}:{}'.format("localhost", "11211") + }, + 'ephemeral': { + 'BACKEND': 'django.core.cache.backends.locmem.LocMemCache', + }, + } + + USE_X_FORWARDED_PORT = True +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-rabbitmq + namespace: {{ include "common.namespace" . }} +data: + enabled_plugins: | + [rabbitmq_management,rabbitmq_peer_discovery_k8s]. + rabbitmq.conf: | + ## Clustering + management.load_definitions = /etc/rabbitmq/rabbitmq_definitions.json + cluster_formation.peer_discovery_backend = rabbit_peer_discovery_k8s + cluster_formation.k8s.host = kubernetes.default.svc + cluster_formation.k8s.address_type = ip + cluster_formation.node_cleanup.interval = 10 + cluster_formation.node_cleanup.only_log_warning = false + cluster_partition_handling = autoheal + ## queue master locator + queue_master_locator=min-masters + ## enable guest user + loopback_users.guest = false + rabbitmq_definitions.json: | + { + "users":[{"name": "{{ .Values.config.rabbitmqUser }}", "password": "{{ .Values.config.rabbitmqPassword }}", "tags": ""}], + "permissions":[ + {"user":"{{ .Values.config.rabbitmqUser }}","vhost":"{{ .Values.config.rabbitmqVhost }}","configure":".*","write":".*","read":".*"} + ], + "vhosts":[{"name":"{{ .Values.config.rabbitmqVhost }}"}], + "policies":[ + {"vhost":"{{ .Values.config.rabbitmqVhost }}","name":"ha-all","pattern":".*","definition":{"ha-mode":"all","ha-sync-mode":"automatic"}} + ] + } diff --git a/kubernetes/contrib/charts/awx/charts/awx/templates/job.yaml b/kubernetes/contrib/charts/awx/charts/awx/templates/job.yaml new file mode 100644 index 0000000000..dd538ae0ce --- /dev/null +++ b/kubernetes/contrib/charts/awx/charts/awx/templates/job.yaml @@ -0,0 +1,125 @@ +{{/* +# Copyright © 2019 Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + backoffLimit: 5 + template: + metadata: + labels: + app: {{ include "common.name" . }}-mgnt + release: {{ .Release.Name }} + spec: + serviceAccount: {{ include "common.fullname" . }} + serviceAccountName: {{ include "common.fullname" . }} + restartPolicy: Never + initContainers: + - name: {{ include "common.name" . }}-init-readiness + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - /root/ready.py + args: + - --container-name + - awx-postgres + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + containers: + - command: ["/bin/sh","-c"] + args: ["/etc/tower/job-entrypoint.sh"] + image: "{{ .Values.repository }}/{{ .Values.image.task }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-mgnt + resources: + requests: + cpu: 1500m + memory: 2Gi + securityContext: + privileged: true + volumeMounts: + - mountPath: /etc/tower/job-entrypoint.sh + name: awx-mgnt + readOnly: true + subPath: job-entrypoint.py + - mountPath: /etc/tower/settings.py + name: awx-application-config + readOnly: true + subPath: settings.py + - mountPath: /etc/tower/conf.d/ + name: awx-application-credentials + readOnly: true + - mountPath: /etc/tower/SECRET_KEY + name: awx-secret-key + readOnly: true + subPath: SECRET_KEY + + volumes: + - configMap: + defaultMode: 0777 + items: + - key: entrypoint + path: job-entrypoint.py + name: {{ include "common.fullname" . }}-init-mgnt + name: awx-mgnt + - configMap: + defaultMode: 420 + items: + - key: awx_settings + path: settings.py + name: {{ include "common.fullname" . }}-settings + name: awx-application-config + - name: awx-application-credentials + secret: + defaultMode: 420 + items: + - key: credentials_py + path: credentials.py + - key: environment_sh + path: environment.sh + secretName: {{ include "common.fullname" . }}-secrets + - name: awx-secret-key + secret: + defaultMode: 420 + items: + - key: secret_key + path: SECRET_KEY + secretName: {{ include "common.fullname" . }}-secrets + - configMap: + defaultMode: 420 + items: + - key: rabbitmq.conf + path: rabbitmq.conf + - key: enabled_plugins + path: enabled_plugins + - key: rabbitmq_definitions.json + path: rabbitmq_definitions.json + name: {{ include "common.fullname" . }}-rabbitmq + name: rabbitmq-config + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key"
\ No newline at end of file diff --git a/kubernetes/robot/templates/configmap.yaml b/kubernetes/contrib/charts/awx/charts/awx/templates/secret.yaml index da5093471a..8b504d55cc 100644 --- a/kubernetes/robot/templates/configmap.yaml +++ b/kubernetes/contrib/charts/awx/charts/awx/templates/secret.yaml @@ -1,4 +1,5 @@ -# Copyright © 2017 Amdocs, Bell Canada +{{/* +# Copyright © 2019 Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -11,16 +12,20 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - +*/}} apiVersion: v1 -kind: ConfigMap +kind: Secret +type: Opaque metadata: - name: {{ include "common.fullname" . }}-eteshare-configmap + name: {{ include "common.fullname" . }}-secrets namespace: {{ include "common.namespace" . }} labels: - app: {{ include "common.name" . }} + app: {{ include "common.fullname" . }} chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} data: -{{ tpl (.Files.Glob "resources/config/eteshare/config/*").AsConfig . | indent 2 }} + credentials_py: {{ tpl (.Files.Get "resources/config/credentials.py") . | b64enc }} + environment_sh: {{ tpl (.Files.Get "resources/config/environment.sh") . | b64enc }} + rabbitmq_erlang_cookie: {{ .Values.config.rabbitmqErlangCookie | b64enc | quote }} + secret_key: {{ .Values.config.secretKey | b64enc | quote }}
\ No newline at end of file diff --git a/kubernetes/contrib/charts/awx/charts/awx/templates/service.yaml b/kubernetes/contrib/charts/awx/charts/awx/templates/service.yaml new file mode 100755 index 0000000000..ed3fd7274d --- /dev/null +++ b/kubernetes/contrib/charts/awx/charts/awx/templates/service.yaml @@ -0,0 +1,80 @@ +{{/* +# Copyright © 2019 Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }}-rmq-mgmt + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.rmqmgmt.type }} + ports: + - port: {{ .Values.service.rmqmgmt.externalPort }} + targetPort: {{ .Values.service.rmqmgmt.internalPort }} + name: {{ .Values.service.rmqmgmt.portName }} + selector: + app: {{ include "common.fullname" . }} + release: {{ .Release.Name }} +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }}-web + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.web.type }} + ports: + - port: {{ .Values.service.web.externalPort }} + targetPort: {{ .Values.service.web.internalPort }} + nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{ .Values.service.web.nodePort }} + name: {{ .Values.service.web.portName }} + selector: + app: {{ include "common.fullname" . }} + release: {{ .Release.Name }} +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }}-rabbitmq + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.fullname" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + type: LoadBalancer +spec: + type: {{ .Values.service.rabbitmq.type }} + ports: + - port: {{ .Values.service.rabbitmq.http.externalPort }} + targetPort: {{ .Values.service.rabbitmq.http.internalPort }} + name: {{ .Values.service.rabbitmq.http.portName }} + - port: {{ .Values.service.rabbitmq.amqp.externalPort }} + targetPort: {{ .Values.service.rabbitmq.amqp.internalPort }} + name: {{ .Values.service.rabbitmq.amqp.portName }} + selector: + app: {{ include "common.fullname" . }} + release: {{ .Release.Name }}
\ No newline at end of file diff --git a/kubernetes/contrib/charts/awx/charts/awx/templates/serviceaccout.yaml b/kubernetes/contrib/charts/awx/charts/awx/templates/serviceaccout.yaml new file mode 100644 index 0000000000..0f52ce800a --- /dev/null +++ b/kubernetes/contrib/charts/awx/charts/awx/templates/serviceaccout.yaml @@ -0,0 +1,47 @@ +{{/* +# Copyright © 2019 Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ include "common.fullname" . }}-endpoint-reader + namespace: {{ include "common.namespace" . }} +rules: +- apiGroups: ["", "extensions", "apps", "batch"] + resources: ["endpoints", "deployments", "pods", "replicasets/status", "jobs/status"] + verbs: ["get", "list"] +--- +apiVersion: v1 +items: +- apiVersion: rbac.authorization.k8s.io/v1 + kind: RoleBinding + metadata: + name: {{ include "common.fullname" . }}-endpoint-reader + namespace: {{ include "common.namespace" . }} + roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ include "common.fullname" . }}-endpoint-reader + subjects: + - kind: ServiceAccount + name: {{ include "common.fullname" . }} +kind: List
\ No newline at end of file diff --git a/kubernetes/contrib/charts/awx/charts/awx/templates/statefulset.yaml b/kubernetes/contrib/charts/awx/charts/awx/templates/statefulset.yaml new file mode 100644 index 0000000000..bf85447b8e --- /dev/null +++ b/kubernetes/contrib/charts/awx/charts/awx/templates/statefulset.yaml @@ -0,0 +1,213 @@ +{{/* +# Copyright © 2019 Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + podManagementPolicy: OrderedReady + replicas: {{ .Values.replicaCount }} + serviceName: {{ include "common.fullname" . }} + selector: + matchLabels: + app: {{ include "common.fullname" . }} + name: {{ include "common.name" . }}-web-deploy + service: django + template: + metadata: + labels: + app: {{ include "common.fullname" . }} + name: {{ include "common.name" . }}-web-deploy + release: {{ .Release.Name }} + service: django + spec: + + initContainers: + - name: {{ include "common.name" . }}-init-readiness + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - /root/ready.py + args: + - --container-name + - {{ include "common.name" . }}-mgnt + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + + containers: + + - image: "{{ .Values.repository }}/{{ .Values.image.web }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-web + ports: + - containerPort: {{ .Values.service.web.internalPort }} + protocol: TCP + resources: + requests: + cpu: 500m + memory: 1Gi + volumeMounts: + - mountPath: /etc/tower/settings.py + name: awx-application-config + readOnly: true + subPath: settings.py + - mountPath: /etc/tower/conf.d/ + name: awx-application-credentials + readOnly: true + - mountPath: /etc/tower/SECRET_KEY + name: awx-secret-key + readOnly: true + subPath: SECRET_KEY + - command: ["/bin/sh","-c"] + args: ["/usr/bin/launch_awx_task.sh"] + env: + - name: AWX_SKIP_MIGRATIONS + value: "1" + + image: "{{ .Values.repository }}/{{ .Values.image.task }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-celery + resources: + requests: + cpu: 1500m + memory: 2Gi + securityContext: + privileged: true + volumeMounts: + - mountPath: /etc/tower/settings.py + name: awx-application-config + readOnly: true + subPath: settings.py + - mountPath: /etc/tower/conf.d/ + name: awx-application-credentials + readOnly: true + - mountPath: /etc/tower/SECRET_KEY + name: awx-secret-key + readOnly: true + subPath: SECRET_KEY + - env: + - name: MY_POD_IP + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: status.podIP + - name: RABBITMQ_USE_LONGNAME + value: "true" + - name: RABBITMQ_NODENAME + value: rabbit@$(MY_POD_IP) + - name: RABBITMQ_ERLANG_COOKIE + valueFrom: + secretKeyRef: + key: rabbitmq_erlang_cookie + name: {{ include "common.fullname" . }}-secrets + - name: K8S_SERVICE_NAME + value: {{ include "common.servicename" . }}-rabbitmq + + image: "{{ .Values.repository }}/{{ .Values.image.rabbitmq }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-rabbit + livenessProbe: + exec: + command: + - rabbitmqctl + - status + failureThreshold: 3 + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + successThreshold: 1 + timeoutSeconds: 10 + ports: + - containerPort: {{ .Values.service.rabbitmq.http.internalPort }} + name: {{ .Values.service.rabbitmq.http.portName }} + protocol: TCP + - containerPort: {{ .Values.service.rabbitmq.amqp.internalPort }} + name: {{ .Values.service.rabbitmq.amqp.portName }} + protocol: TCP + readinessProbe: + exec: + command: + - rabbitmqctl + - status + failureThreshold: 3 + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + successThreshold: 1 + timeoutSeconds: 10 + resources: + requests: + cpu: 500m + memory: 2Gi + volumeMounts: + - mountPath: /etc/rabbitmq + name: rabbitmq-config + + - image: "{{ .Values.image.memcached }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-memcached + resources: + requests: + cpu: 500m + memory: 1Gi + serviceAccount: {{ include "common.fullname" . }} + serviceAccountName: {{ include "common.fullname" . }} + volumes: + - configMap: + defaultMode: 420 + items: + - key: awx_settings + path: settings.py + name: {{ include "common.fullname" . }}-settings + name: awx-application-config + - name: awx-application-credentials + secret: + defaultMode: 420 + items: + - key: credentials_py + path: credentials.py + - key: environment_sh + path: environment.sh + secretName: {{ include "common.fullname" . }}-secrets + - name: awx-secret-key + secret: + defaultMode: 420 + items: + - key: secret_key + path: SECRET_KEY + secretName: {{ include "common.fullname" . }}-secrets + - configMap: + defaultMode: 420 + items: + - key: rabbitmq.conf + path: rabbitmq.conf + - key: enabled_plugins + path: enabled_plugins + - key: rabbitmq_definitions.json + path: rabbitmq_definitions.json + name: {{ include "common.fullname" . }}-rabbitmq + name: rabbitmq-config + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key"
\ No newline at end of file diff --git a/kubernetes/contrib/charts/awx/charts/awx/values.yaml b/kubernetes/contrib/charts/awx/charts/awx/values.yaml new file mode 100755 index 0000000000..5974de32ff --- /dev/null +++ b/kubernetes/contrib/charts/awx/charts/awx/values.yaml @@ -0,0 +1,111 @@ +# Copyright © 2019 Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Default values for mariadb. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +global: # global defaults + nodePortPrefixExt: 304 + persistence: {} + +# application image +repository: ansible +image: + web: awx_web:latest + task: awx_task:latest + rabbitmq: awx_rabbitmq:3.7.4 + memcached: memcached:latest +pullPolicy: Always + +# application configuration +config: + postgresUser: awx + postgresPassword: awx + postgresDB: awx +# RabbitMQ Configuration + rabbitmqUser: awx + rabbitmqPassword: awxpass + rabbitmqVhost: awx + rabbitmqErlangCookie: cookiemonster3 +# This will create or update a default admin (superuser) account in AWX, if not provided +# then these default values are used + awxAdminUser: admin + awxAdminPassword: password + awxAdminEmail: cds@onap.org +# AWX Secret key +# It's *very* important that this stay the same between upgrades or you will lose the ability to decrypt +# your credentials + secretKey: awxsecret + +ingress: + enabled: false + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + enabled: true + +## Persist data to a persitent volume +persistence: + enabled: true + volumeReclaimPolicy: Retain + + # Uncomment the storageClass parameter to use an existing PV + # that will match the following class. + # When uncomment the storageClass, the PV is not created anymore. + + # storageClass: "nfs-dev-sc" + + accessMode: ReadWriteMany + size: 5Gi + + # When using storage class, mountPath and mountSubPath are + # simply ignored. + + mountPath: /dockerdata-nfs + mountSubPath: awx/pgdata + +service: + rmqmgmt: + type: ClusterIP + portName: rmqmgmt + internalPort: 15672 + externalPort: 15672 + web: + type: NodePort + portName: web + internalPort: 8052 + externalPort: 80 + nodePort: 78 + rabbitmq: + type: ClusterIP + http: + portName: http + internalPort: 15672 + externalPort: 15672 + amqp: + portName: amqp + internalPort: 5672 + externalPort: 5672 + +resources: {} diff --git a/kubernetes/contrib/charts/awx/requirements.yaml b/kubernetes/contrib/charts/awx/requirements.yaml new file mode 100755 index 0000000000..486fc6585c --- /dev/null +++ b/kubernetes/contrib/charts/awx/requirements.yaml @@ -0,0 +1,18 @@ +# Copyright © 2019 Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~4.x-0 + repository: '@local'
\ No newline at end of file diff --git a/kubernetes/contrib/charts/awx/values.yaml b/kubernetes/contrib/charts/awx/values.yaml new file mode 100755 index 0000000000..6c6a90e0de --- /dev/null +++ b/kubernetes/contrib/charts/awx/values.yaml @@ -0,0 +1,39 @@ +# Copyright © 2019 Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefixExt: 304 + commonConfigPrefix: awx + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.2 + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: hub.docker.io +pullPolicy: Always + +# default number of instances +replicaCount: 1 +nodeSelector: {} +affinity: {} + +ingress: + enabled: false + +resources: {} diff --git a/kubernetes/contrib/values.yaml b/kubernetes/contrib/values.yaml index 882cc5cdf4..e15806ff1c 100644 --- a/kubernetes/contrib/values.yaml +++ b/kubernetes/contrib/values.yaml @@ -1,4 +1,4 @@ -# Copyright © 2018 Amdocs, Bell Canada +# Copyright © 2019 Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -12,5 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. +awx: + enabled: true netbox: enabled: true
\ No newline at end of file diff --git a/kubernetes/dcaegen2/Makefile b/kubernetes/dcaegen2/Makefile index f77bc8fb16..fcd62da048 100644 --- a/kubernetes/dcaegen2/Makefile +++ b/kubernetes/dcaegen2/Makefile @@ -1,4 +1,4 @@ -make-dcaegen2: make-dcae-bootstrap make-dcae-cloudify-manager make-dcae-config-binding-service make-dcae-healthcheck make-dcae-redis make-dcae-servicechange-handler make-dcae-inventory-api make-dcae-deployment-handler make-dcae-policy-handler +make-dcaegen2: make-dcae-bootstrap make-dcae-cloudify-manager make-dcae-config-binding-service make-dcae-healthcheck make-dcae-redis make-dcae-servicechange-handler make-dcae-inventory-api make-dcae-deployment-handler make-dcae-policy-handler make-dcae-dashboard make-dcae-bootstrap: cd charts && helm dep up dcae-bootstrap && helm lint dcae-bootstrap @@ -26,3 +26,6 @@ make-dcae-deployment-handler: make-dcae-policy-handler: cd charts && helm dep up dcae-policy-handler && helm lint dcae-policy-handler + +make-dcae-dashboard: + cd charts && helm dep up dcae-dashboard && helm lint dcae-dashboard diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/certs/cacert.pem b/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/certs/cacert.pem new file mode 100644 index 0000000000..897c8ae499 --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/certs/cacert.pem @@ -0,0 +1,31 @@ +-----BEGIN CERTIFICATE----- +MIIFPjCCAyagAwIBAgIJAJ6u7cCnzrWdMA0GCSqGSIb3DQEBCwUAMCwxDjAMBgNV +BAsMBU9TQUFGMQ0wCwYDVQQKDARPTkFQMQswCQYDVQQGEwJVUzAeFw0xODA0MDUx +NDE1MjhaFw0zODAzMzExNDE1MjhaMCwxDjAMBgNVBAsMBU9TQUFGMQ0wCwYDVQQK +DARPTkFQMQswCQYDVQQGEwJVUzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC +ggIBAMA5pkgRs7NhGG4ew5JouhyYakgYUyFaG121+/h8qbSdt0hVQv56+EA41Yq7 +XGie7RYDQK9NmAFF3gruE+6X7wvJiChp+Cyd7sFMnb65uWhxEdxWTM2BJFrgfzUn +H8ZCxgaCo3XH4PzlKRy2LQQJEJECwl/RZmRCXijMt5e9h8XoZY/fKkKcZZUsWNCM +pTo266wjvA9MXLmdgReRj0+vrCjrNqy+htwJDztoiHWiYPqT6o8EvGcgjNqjlZx7 +NUNf8MfLDByqKF6+wRbHv1GKjn3/Vijd45Fv8riyRYROiFanvbV6jIfBkv8PZbXg +2VDWsYsgp8NAvMxK+iV8cO+Ck3lBI2GOPZbCEqpPVTYbLUz6sczAlCXwQoPzDIZY +wYa3eR/gYLY1gP2iEVHORag3bLPap9ZX5E8DZkzTNTjovvLk8KaCmfcaUMJsBtDd +ApcUitz10cnRyZc1sX3gE1f3DpzQM6t9C5sOVyRhDcSrKqqwb9m0Ss04XAS9FsqM +P3UWYQyqDXSxlUAYaX892u8mV1hxnt2gjb22RloXMM6TovM3sSrJS0wH+l1nznd6 +aFXftS/G4ZVIVZ/LfT1is4StoyPWZCwwwly1z8qJQ/zhip5NgZTxQw4mi7ww35DY +PdAQOCoajfSvFjqslQ/cPRi/MRCu079heVb5fQnnzVtnpFQRAgMBAAGjYzBhMB0G +A1UdDgQWBBRTVTPyS+vQUbHBeJrBKDF77+rtSTAfBgNVHSMEGDAWgBRTVTPyS+vQ +UbHBeJrBKDF77+rtSTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAN +BgkqhkiG9w0BAQsFAAOCAgEAPx/IaK94n02wPxpnYTy+LVLIxwdq/kawNd6IbiMz +L87zmNMDmHcGbfoRCj8OkhuggX9Lx1/CkhpXimuYsZOFQi5blr/u+v4mIbsgbmi9 +7j+cUHDP0zLycvSvxKHty51LwmaX9a4wkJl5zBU4O1sd/H9tWcEmwJ39ltKoBKBx +c94Zc3iMm5ytRWGj+0rKzLDAXEWpoZ5bE5PLJauA6UDCxDLfs3FwhbS7uDggxYvf +jySF5FCNET94oJ+m8s7VeHvoa8iPGKvXrIqdd7XDHnqJJlVKr7m9S0fMbyEB8ci2 +RtOXDt93ifY1uhoEtEykn4dqBSp8ezvNMnwoXdYPDvTd9uCAFeWFLVreBAWxd25h +PsBTkZA5hpa/rA+mKv6Af4VBViYr8cz4dZCsFChuioVebe9ighrfjB//qKepFjPF +CyjzKN1u0JKm/2x/ORqxkTONG8p3uDwoIOyimUcTtTMv42bfYD88RKakqSFXE9G+ +Z0LlaKABqfjK49o/tsAp+c5LoNlYllKhnetO3QAdraHwdmC36BhoghzR1jpX751A +cZn2VH3Q4XKyp01cJNCJIrua+A+bx6zh3RyW6zIIkbRCbET+UD+4mr8WIcSE3mtR +ZVlnhUDO4z9//WKMVzwS9Rh8/kuszrGFI1KQozXCHLrce3YP6RYZfOed79LXaRwX +dYY= +-----END CERTIFICATE-----
\ No newline at end of file diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/config/dmaap-plugin.json b/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/config/dmaap-plugin.json new file mode 100644 index 0000000000..41404b0199 --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/config/dmaap-plugin.json @@ -0,0 +1,8 @@ +{ + "dmaap": { + "username": "notused", + "password": "doesnotmatter", + "owner": "dcaecm", + "protocol": "http" + } +}
\ No newline at end of file diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/config/k8s-plugin.json b/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/config/k8s-plugin.json index 51d31a355b..d459d5bb95 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/config/k8s-plugin.json +++ b/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/config/k8s-plugin.json @@ -33,6 +33,8 @@ "tls": { "cert_path": "/opt/tls/shared", - "image": "{{ .Values.global.tlsRepository }}/{{ .Values.global.tlsImage }}" + "image": "{{ .Values.global.tlsRepository }}/{{ .Values.global.tlsImage }}", + "component_ca_cert_path": "/opt/dcae/cacert/cacert.pem", + "ca_cert_configmap": "{{ include "common.fullname" . }}-dcae-cacert" } } diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-dashboard-inputs.yaml b/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-dashboard-inputs.yaml index e40a03068c..2718e1882f 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-dashboard-inputs.yaml +++ b/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-dashboard-inputs.yaml @@ -24,7 +24,7 @@ external_tls_port: {{ .Values.config.address.dashboard.portSecure }} database_cluster_name: {{ .Values.postgres.service.name2 }}.{{ include "common.namespace" . }} database_cluster_fqdn: {{ .Values.postgres.service.name2 }}.{{ include "common.namespace" . }}.{{ .Values.postgres.suffix }} database_name: "dashboard_pg" -cloudify_ip: {{ .Values.config.address.cm }} +cloudify_ip: {{ .Values.config.address.cm.host }} cloudify_user: "admin" cloudify_password: "admin" consul_url: {{ .Values.config.address.consul_ui }} diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/templates/configmap.yaml b/kubernetes/dcaegen2/charts/dcae-bootstrap/templates/configmap.yaml index 878d94bfc6..21134ada9f 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/templates/configmap.yaml +++ b/kubernetes/dcaegen2/charts/dcae-bootstrap/templates/configmap.yaml @@ -31,4 +31,11 @@ metadata: namespace: {{ include "common.namespace" . }} data: {{ tpl (.Files.Glob "resources/inputs/*").AsConfig . | indent 2 }} - +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-dcae-cacert + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/certs/*").AsConfig . | indent 2 }} diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/templates/deployment.yaml b/kubernetes/dcaegen2/charts/dcae-bootstrap/templates/deployment.yaml index 0463655c79..be5a769a37 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/templates/deployment.yaml +++ b/kubernetes/dcaegen2/charts/dcae-bootstrap/templates/deployment.yaml @@ -61,6 +61,19 @@ spec: fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
+ - name: init-tls
+ env:
+ - name: POD_IP
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: status.podIP
+ image: {{ .Values.global.tlsRepository }}/{{ .Values.global.tlsImage }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ resources: {}
+ volumeMounts:
+ - mountPath: /opt/tls/shared
+ name: tls-info
containers:
- name: {{ include "common.name" . }}
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
@@ -75,14 +88,21 @@ spec: - mountPath: /etc/localtime
name: localtime
readOnly: true
+ - mountPath: /certs
+ name: tls-info
+ readOnly: true
env:
- name: CMADDR
- value: {{ .Values.config.address.cm }}
+ value: {{ .Values.config.address.cm.host }}
- name: CMPASS
valueFrom:
secretKeyRef:
name: {{ include "common.name" . }}-cmpass
key: password
+ - name: CMPROTO
+ value: {{ .Values.config.address.cm.proto }}
+ - name: CMPORT
+ value: !!string {{ .Values.config.address.cm.port }}
- name: CONSUL
value: {{ .Values.config.address.consul.host }}:{{ .Values.config.address.consul.port }}
- name: DCAE_NAMESPACE
@@ -99,5 +119,7 @@ spec: - name: localtime
hostPath:
path: /etc/localtime
+ - name: tls-info
+ emptyDir: {}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml b/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml index aec082fe15..7e93715e29 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml +++ b/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml @@ -38,10 +38,15 @@ config: host: consul-server port: 8500 consul_ui: consul-server-ui - cm: dcae-cloudify-manager + cm: + host: dcae-cloudify-manager + port: 443 + proto: https + #Temporary assignment to avoid conflict + #To be removed after bootstrap changes done to remove dashboard dashboard: - port: 30418 - portSecure: 30419 + port: 30473 + portSecure: 30474 datafile_collector: port: 30223 portSecure: 30262 @@ -90,7 +95,7 @@ postgres: # application image repository: nexus3.onap.org:10001 -image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:1.4.18 +image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:1.6.2 default_k8s_location: central # DCAE component images to be deployed via Cloudify Manager diff --git a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/templates/deployment.yaml b/kubernetes/dcaegen2/charts/dcae-cloudify-manager/templates/deployment.yaml index d6c58cd75f..b3e90a2efb 100644 --- a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/templates/deployment.yaml +++ b/kubernetes/dcaegen2/charts/dcae-cloudify-manager/templates/deployment.yaml @@ -34,6 +34,12 @@ spec: app: {{ include "common.name" . }} release: {{ .Release.Name }} spec: + # host alias allows local 'cfy' command to use https and match + # the host name in the certificate + hostAliases: + - ip: "127.0.0.1" + hostnames: + - "dcae-cloudify-manager" initContainers: - name: {{ include "common.name" . }}-multisite-init image: {{ include "common.repository" . }}/{{ .Values.multisiteInitImage }} @@ -44,10 +50,26 @@ spec: - --configmap - {{ .Values.multisiteConfigMapName }} restartPolicy: Never + - name: init-tls + env: + - name: POD_IP + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: status.podIP + image: {{ .Values.global.tlsRepository }}/{{ .Values.global.tlsImage }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + resources: {} + volumeMounts: + - mountPath: /opt/tls/shared + name: tls-info containers: - name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + env: + - name: REQUESTS_CA_BUNDLE + value: "/opt/onap/certs/cacert.pem" resources: {{ include "common.resources" . | indent 12 }} ports: @@ -86,6 +108,8 @@ spec: readOnly: true - mountPath: /cfy-persist name: cm-persistent + - mountPath: /opt/onap/certs + name: tls-info securityContext: privileged: True volumes: @@ -107,5 +131,7 @@ spec: - name: cm-persistent persistentVolumeClaim: claimName: {{ include "common.fullname" . }}-data + - emptyDir: {} + name: tls-info imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/values.yaml b/kubernetes/dcaegen2/charts/dcae-cloudify-manager/values.yaml index 41f0750c78..70504efd75 100644 --- a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/values.yaml +++ b/kubernetes/dcaegen2/charts/dcae-cloudify-manager/values.yaml @@ -44,7 +44,7 @@ config: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/org.onap.dcaegen2.deployments.cm-container:1.6.2 +image: onap/org.onap.dcaegen2.deployments.cm-container:2.0.2 pullPolicy: Always # name of shared ConfigMap with kubeconfig for multiple clusters @@ -69,8 +69,8 @@ readiness: service: type: ClusterIP name: dcae-cloudify-manager - externalPort: 80 - internalPort: 80 + externalPort: 443 + internalPort: 443 # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/dcaegen2/charts/dcae-config-binding-service/templates/deployment.yaml b/kubernetes/dcaegen2/charts/dcae-config-binding-service/templates/deployment.yaml index a968204575..19fe038d44 100644 --- a/kubernetes/dcaegen2/charts/dcae-config-binding-service/templates/deployment.yaml +++ b/kubernetes/dcaegen2/charts/dcae-config-binding-service/templates/deployment.yaml @@ -50,36 +50,60 @@ spec: fieldRef: apiVersion: v1 fieldPath: metadata.namespace + {{- if .Values.service.secure.enabled }} + - name: init-tls + env: + - name: POD_IP + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: status.podIP + image: {{ .Values.global.tlsRepository }}/{{ .Values.global.tlsImage }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + resources: {} + volumeMounts: + - mountPath: /opt/tls/shared + name: tls-info + {{ end }} containers: + {{- if .Values.service.secure.enabled }} - name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} resources: {{ include "common.resources" . | indent 12 }} ports: - - containerPort: {{ .Values.service.internalPort }} + - containerPort: {{ .Values.service.secure.internalPort }} # disable liveness probe when breakpoints set in debugger # so K8s doesn't restart unresponsive container {{- if eq .Values.liveness.enabled true }} livenessProbe: tcpSocket: - port: {{ .Values.service.internalPort }} + port: {{ .Values.service.secure.internalPort }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} {{ end -}} readinessProbe: httpGet: + scheme: "HTTPS" path: {{ .Values.readiness.path }} - port: {{ .Values.service.internalPort }} + port: {{ .Values.service.secure.internalPort }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} volumeMounts: - name: {{ include "common.fullname" . }}-logs mountPath: /opt/logs + - name: tls-info + mountPath: /opt/tls env: - name: CONSUL_HOST value: consul.{{ include "common.namespace" . }} - + - name: USE_HTTPS + value: "1" + - name: HTTPS_CERT_PATH + value: "/opt/tls/cert.pem" + - name: HTTPS_KEY_PATH + value: "/opt/tls/key.pem" - name: {{ include "common.name" . }}-filebeat-onap image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} @@ -91,13 +115,67 @@ spec: mountPath: /usr/share/filebeat/data - name: {{ include "common.fullname" . }}-logs mountPath: /var/log/onap + {{ end }} + {{- if .Values.service.insecure.enabled }} + - name: {{ include "common.name" . }}-insecure + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + resources: +{{ include "common.resources" . | indent 12 }} + ports: + - containerPort: {{ .Values.service.insecure.internalPort }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.insecure.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + httpGet: + scheme: "HTTP" + path: {{ .Values.readiness.path }} + port: {{ .Values.service.insecure.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + volumeMounts: + - name: {{ include "common.fullname" . }}-logs-insecure + mountPath: /opt/logs + env: + - name: CONSUL_HOST + value: consul.{{ include "common.namespace" . }} + - name: {{ include "common.name" . }}-filebeat-onap-insecure + image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - name: {{ include "common.fullname" . }}-filebeat-conf + mountPath: /usr/share/filebeat/filebeat.yml + subPath: filebeat.yml + - name: {{ include "common.fullname" . }}-data-filebeat-insecure + mountPath: /usr/share/filebeat/data + - name: {{ include "common.fullname" . }}-logs-insecure + mountPath: /var/log/onap + {{ end }} volumes: - name: {{ include "common.fullname" . }}-filebeat-conf configMap: name: {{ .Release.Name }}-cbs-filebeat-configmap + {{- if .Values.service.secure.enabled }} - name: {{ include "common.fullname" . }}-data-filebeat emptyDir: {} - name: {{ include "common.fullname" . }}-logs emptyDir: {} + - name: tls-info + emptyDir: {} + {{ end }} + {{- if .Values.service.insecure.enabled }} + - name: {{ include "common.fullname" . }}-data-filebeat-insecure + emptyDir: {} + - name: {{ include "common.fullname" . }}-logs-insecure + emptyDir: {} + {{ end }} + imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/dcaegen2/charts/dcae-config-binding-service/templates/service.yaml b/kubernetes/dcaegen2/charts/dcae-config-binding-service/templates/service.yaml index 794b896eef..8176e77c1e 100644 --- a/kubernetes/dcaegen2/charts/dcae-config-binding-service/templates/service.yaml +++ b/kubernetes/dcaegen2/charts/dcae-config-binding-service/templates/service.yaml @@ -28,16 +28,29 @@ metadata: spec: type: {{ .Values.service.type }} ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.externalPort }} - nodePort: {{ .Values.global.nodePortPrefixExt| default .Values.nodePortPrefixExt }}{{ .Values.service.nodePort }} - name: {{ .Values.service.name }} + {{ if eq .Values.service.type "NodePort" -}} + {{ if .Values.service.insecure.enabled -}} + - port: {{ .Values.service.insecure.externalPort }} + nodePort: {{ .Values.global.nodePortPrefixExt| default .Values.nodePortPrefixExt }}{{ .Values.service.insecure.nodePort }} + name: {{ .Values.service.name }}-insecure + {{- end }} + {{ if .Values.service.secure.enabled -}} + - port: {{ .Values.service.secure.externalPort }} + nodePort: {{ .Values.global.nodePortPrefixExt| default .Values.nodePortPrefixExt }}{{ .Values.service.secure.nodePort }} + name: {{ .Values.service.name }}-secure + {{- end }} {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.name }} - {{- end}} + {{ if .Values.service.insecure.enabled -}} + - port: {{ .Values.service.insecure.externalPort }} + targetPort: {{ .Values.service.insecure.internalPort }} + name: {{ .Values.service.name }}-insecure + {{- end }} + {{ if .Values.service.secure.enabled -}} + - port: {{ .Values.service.secure.externalPort }} + targetPort: {{ .Values.service.secure.internalPort }} + name: {{ .Values.service.name }}-secure + {{- end }} + {{- end }} selector: app: {{ include "common.name" . }} release: {{ .Release.Name }} - diff --git a/kubernetes/dcaegen2/charts/dcae-config-binding-service/values.yaml b/kubernetes/dcaegen2/charts/dcae-config-binding-service/values.yaml index 4605e88c09..c7db0d5518 100644 --- a/kubernetes/dcaegen2/charts/dcae-config-binding-service/values.yaml +++ b/kubernetes/dcaegen2/charts/dcae-config-binding-service/values.yaml @@ -25,6 +25,8 @@ global: readinessImage: readiness-check:2.0.0 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 + tlsRepository: nexus3.onap.org:10001 + tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:1.0.3 repositoryCred: user: docker password: docker @@ -43,7 +45,7 @@ config: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/org.onap.dcaegen2.platform.configbinding.app-app:2.3.0 +image: onap/org.onap.dcaegen2.platform.configbinding:2.5.1 pullPolicy: Always # probe configuration parameters @@ -63,9 +65,18 @@ readiness: service: type: NodePort name: config-binding-service - externalPort: 10000 - internalPort: 10000 - nodePort: 15 + # TLS service + secure: + enabled: true + externalPort: 10443 + internalPort: 10443 + nodePort: 14 + # Non-TLS service + insecure: + enabled: true + externalPort: 10000 + internalPort: 10000 + nodePort: 15 # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/robot/.helmignore b/kubernetes/dcaegen2/charts/dcae-dashboard/.helmignore index f0c1319444..50af031725 100644 --- a/kubernetes/robot/.helmignore +++ b/kubernetes/dcaegen2/charts/dcae-dashboard/.helmignore @@ -19,3 +19,4 @@ .project .idea/ *.tmproj +.vscode/ diff --git a/kubernetes/dcaegen2/charts/dcae-dashboard/Chart.yaml b/kubernetes/dcaegen2/charts/dcae-dashboard/Chart.yaml new file mode 100644 index 0000000000..5250c17584 --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-dashboard/Chart.yaml @@ -0,0 +1,5 @@ +apiVersion: v1 +appVersion: "1.0" +description: DCAE Dashboard +name: dcae-dashboard +version: 5.0.0 diff --git a/kubernetes/robot/requirements.yaml b/kubernetes/dcaegen2/charts/dcae-dashboard/requirements.yaml index 537ede6137..b0e70b3c2f 100644 --- a/kubernetes/robot/requirements.yaml +++ b/kubernetes/dcaegen2/charts/dcae-dashboard/requirements.yaml @@ -1,4 +1,4 @@ -# Copyright © 2017 Amdocs, Bell Canada +# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -15,7 +15,7 @@ dependencies: - name: common version: ~5.x-0 - # local reference to common chart, as it is - # a part of this chart's package and will not - # be published independently to a repo (at this point) - repository: '@local'
\ No newline at end of file + repository: '@local' + - name: postgres + version: ~5.x-0 + repository: '@local' diff --git a/kubernetes/dcaegen2/charts/dcae-dashboard/resources/log/filebeat.yml b/kubernetes/dcaegen2/charts/dcae-dashboard/resources/log/filebeat.yml new file mode 100644 index 0000000000..0e5ee9bffa --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-dashboard/resources/log/filebeat.yml @@ -0,0 +1,72 @@ +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2018-2019 AT&T Intellectual Property. All rights reserved. +# Modifications Copyright © 2018 Amdocs, Bell Canada +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +filebeat.prospectors: +#it is mandatory, in our case it's log +- input_type: log + #This is the canolical path as mentioned in logback.xml, *.* means it will monitor all files in the directory. + paths: + - /var/log/onap/*/*/*/*.log + - /var/log/onap/*/*/*.log + - /var/log/onap/*/*.log + #Files older than this should be ignored.In our case it will be 48 hours i.e. 2 days. It is a helping flag for clean_inactive + ignore_older: 48h + # Remove the registry entry for a file that is more than the specified time. In our case it will be 96 hours, i.e. 4 days. It will help to keep registry records with in limit + clean_inactive: 96h + + +# Name of the registry file. If a relative path is used, it is considered relative to the +# data path. Else full qualified file name. +#filebeat.registry_file: ${path.data}/registry + + +output.logstash: + #List of logstash server ip addresses with port number. + #But, in our case, this will be the loadbalancer IP address. + #For the below property to work the loadbalancer or logstash should expose 5044 port to listen the filebeat events or port in the property should be changed appropriately. + hosts: ["{{.Values.config.logstashServiceName}}.{{.Release.Namespace}}:{{.Values.config.logstashPort}}"] + #If enable will do load balancing among availabe Logstash, automatically. + loadbalance: true + + #The list of root certificates for server verifications. + #If certificate_authorities is empty or not set, the trusted + #certificate authorities of the host system are used. + #ssl.certificate_authorities: $ssl.certificate_authorities + + #The path to the certificate for SSL client authentication. If the certificate is not specified, + #client authentication is not available. + #ssl.certificate: $ssl.certificate + + #The client certificate key used for client authentication. + #ssl.key: $ssl.key + + #The passphrase used to decrypt an encrypted key stored in the configured key file + #ssl.key_passphrase: $ssl.key_passphrase + +logging: + level: debug + + # enable file rotation with default configuration + to_files: true + + # do not log to syslog + to_syslog: false + + files: + path: /usr/share/filebeat/logs + name: mybeat.log + keepfiles: 7 diff --git a/kubernetes/dcaegen2/charts/dcae-dashboard/templates/configmap.yaml b/kubernetes/dcaegen2/charts/dcae-dashboard/templates/configmap.yaml new file mode 100644 index 0000000000..41d5826e13 --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-dashboard/templates/configmap.yaml @@ -0,0 +1,22 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2019 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{include "common.fullname" . }}-filebeat-configmap + namespace: {{include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/log/*").AsConfig . | indent 2 }} + diff --git a/kubernetes/dcaegen2/charts/dcae-dashboard/templates/deployment.yaml b/kubernetes/dcaegen2/charts/dcae-dashboard/templates/deployment.yaml new file mode 100644 index 0000000000..779844c0e3 --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-dashboard/templates/deployment.yaml @@ -0,0 +1,168 @@ +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: 1 + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - name: {{ include "common.name" . }}-readiness + image: {{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - /root/ready.py + args: + - --container-name + - dcae-cloudify-manager + - --container-name + - consul-server + - --container-name + - dcae-inventory-api + - --container-name + - dcae-deployment-handler + - --container-name + - {{ .Values.postgres.nameOverride }} + - "-t" + - "45" + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + - name: init-tls + env: + - name: POD_IP + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: status.podIP + image: {{ .Values.global.tlsRepository }}/{{ .Values.global.tlsImage }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + resources: {} + volumeMounts: + - mountPath: /opt/tls/shared + name: tls-info + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + resources: +{{ include "common.resources" . | indent 12 }} + ports: + - containerPort: {{ .Values.service.internalPort }} + protocol: TCP + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end }} + readinessProbe: + httpGet: + path: {{ .Values.readiness.path }} + port: {{ .Values.service.internalPort }} + scheme: {{ .Values.readiness.scheme }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + failureThreshold: 1 + successThreshold: 1 + timeoutSeconds: 1 + volumeMounts: + - mountPath: /usr/local/share/ca-certificates/ + name: tls-info + env: + - name: CONSUL_HOST + value: consul-server.{{ include "common.namespace" . }} + - name: CONFIG_BINDING_SERVICE + value: config-binding-service + - name: inventory_url + value: {{ .Values.config.inventory_url }} + - name: postgres_port + value: "{{ .Values.postgres.config.pgPort }}" + - name: cloudify_password + value: admin + - name: dhandler_url + value: {{ .Values.config.dhandler_url }} + - name: cfy_url + value: {{ .Values.config.cfy_url }} + - name: cloudify_user + value: admin + - name: consul_url + value: http://consul-server-ui:8500 + - name: postgres_user_dashboard + value: {{ .Values.postgres.config.pgUserName }} + - name: postgres_db_name + value: {{ .Values.postgres.config.pgDatabase }} + - name: postgres_password_dashboard + value: {{ .Values.postgres.config.pgUserPassword }} + - name: postgres_ip + value: {{ .Values.postgres.service.name2 }} + - name: POD_IP + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: status.podIP + - name: {{ include "common.name" . }}-filebeat + env: + - name: POD_IP + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: status.podIP + image: {{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }} + imagePullPolicy: IfNotPresent + resources: {} + volumeMounts: + - mountPath: /var/log/onap/dashboard + name: component-log + - mountPath: /usr/share/filebeat/data + name: filebeat-data + - mountPath: /usr/share/filebeat/filebeat.yml + name: filebeat-conf + subPath: filebeat.yml + volumes: + - emptyDir: {} + name: component-log + - emptyDir: {} + name: filebeat-data + - configMap: + defaultMode: 420 + name: {{ include "common.fullname" . }}-filebeat-configmap + name: filebeat-conf + - emptyDir: {} + name: tls-info + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" + diff --git a/kubernetes/dcaegen2/charts/dcae-dashboard/templates/service.yaml b/kubernetes/dcaegen2/charts/dcae-dashboard/templates/service.yaml new file mode 100644 index 0000000000..39f16bd6b1 --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-dashboard/templates/service.yaml @@ -0,0 +1,43 @@ +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort }} + nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{ .Values.service.nodePort }} + name: {{ .Values.service.name }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.name }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + diff --git a/kubernetes/dcaegen2/charts/dcae-dashboard/values.yaml b/kubernetes/dcaegen2/charts/dcae-dashboard/values.yaml new file mode 100644 index 0000000000..615afc42c2 --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-dashboard/values.yaml @@ -0,0 +1,126 @@ +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefixExt: 304 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + loggingRepository: docker.elastic.co + loggingImage: beats/filebeat:5.5.0 + tlsRepository: nexus3.onap.org:10001 + tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:1.0.3 + +config: + logstashServiceName: log-ls + logstashPort: 5044 + dhandler_url: https://deployment-handler:8443 + cfy_url: https://dcae-cloudify-manager/api/v3.1 + inventory_url: https://inventory:8080 + # Addresses of other ONAP entities + address: + consul: + host: consul-server + port: 8500 + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/org.onap.ccsdk.dashboard.ccsdk-app-os:1.1.0 +pullPolicy: Always + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + # liveness not desirable for Cloudify Manager container + enabled: false + +readiness: + initialDelaySeconds: 30 + periodSeconds: 30 + path: /ccsdk-app/health + scheme: HTTP + +service: + type: NodePort + name: dashboard + externalPort: 8080 + internalPort: 8080 + nodePort: 18 +# application configuration override for postgres +postgres: + nameOverride: dcae-dashboard-pg + service: + name: dcae-dashboard-postgres + name2: dcae-dashboard-pg-primary + name3: dcae-dashboard-pg-replica + container: + name: + primary: dcae-dashboard-pg-primary + replica: dcae-dashboard-pg-replica + config: + pgUserName: dashboard_pg_admin + pgDatabase: dashboard_pg_db_common + pgPrimaryPassword: onapdemodb + pgUserPassword: onapdemodb + pgRootPassword: onapdemodb + pgPort: "5432" + persistence: + mountSubPath: dcae-dashboard/data + mountInitPath: dcae-dashboard + pgpool: + nameOverride: dcae-dashboard-pgpool + service: + name: dcae-dashboard-pgpool + credentials: + pgusername: dcae_dashboard + pgpassword: onapdemodb + container: + name: + primary: dcae-dashboard-pgpool-primary + replica: dcae-dashboard-pgpool-replica + +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 2 + memory: 2Gi + requests: + cpu: 1 + memory: 1Gi + large: + limits: + cpu: 4 + memory: 4Gi + requests: + cpu: 2 + memory: 2Gi + unlimited: {} +# Kubernetes namespace for components deployed via Cloudify manager +# If empty, use the common namespace +# dcae_ns: "dcae" + diff --git a/kubernetes/dcaegen2/charts/dcae-deployment-handler/resources/config/config.json b/kubernetes/dcaegen2/charts/dcae-deployment-handler/resources/config/config.json index 600f07c457..026355a909 100644 --- a/kubernetes/dcaegen2/charts/dcae-deployment-handler/resources/config/config.json +++ b/kubernetes/dcaegen2/charts/dcae-deployment-handler/resources/config/config.json @@ -1,8 +1,8 @@ { "cloudify": { - "protocol": "http" + "protocol": "https" }, "inventory": { - "protocol": "http" + "protocol": "https" } -}
\ No newline at end of file +} diff --git a/kubernetes/dcaegen2/charts/dcae-deployment-handler/templates/deployment.yaml b/kubernetes/dcaegen2/charts/dcae-deployment-handler/templates/deployment.yaml index 3e4e53b679..a67197849f 100644 --- a/kubernetes/dcaegen2/charts/dcae-deployment-handler/templates/deployment.yaml +++ b/kubernetes/dcaegen2/charts/dcae-deployment-handler/templates/deployment.yaml @@ -72,7 +72,7 @@ spec: imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} args: - --service - - "cloudify_manager|dcae-cloudify-manager.{{ include "common.namespace" . }}|80" + - "cloudify_manager|dcae-cloudify-manager.{{ include "common.namespace" . }}|443" - --service - "inventory|inventory.{{ include "common.namespace" . }}|8080" - --key @@ -119,6 +119,8 @@ spec: value: admin - name: CONFIG_BINDING_SERVICE value: config-binding-service + - name: NODE_EXTRA_CA_CERTS + value: /opt/app/dh/etc/cert/cacert.pem - name: POD_IP valueFrom: fieldRef: diff --git a/kubernetes/dcaegen2/charts/dcae-deployment-handler/values.yaml b/kubernetes/dcaegen2/charts/dcae-deployment-handler/values.yaml index 0eddf7c1a0..30893b6d7c 100644 --- a/kubernetes/dcaegen2/charts/dcae-deployment-handler/values.yaml +++ b/kubernetes/dcaegen2/charts/dcae-deployment-handler/values.yaml @@ -46,7 +46,7 @@ config: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/org.onap.dcaegen2.platform.deployment-handler:4.0.1 +image: onap/org.onap.dcaegen2.platform.deployment-handler:4.2.0 pullPolicy: Always # probe configuration parameters diff --git a/kubernetes/dcaegen2/charts/dcae-healthcheck/values.yaml b/kubernetes/dcaegen2/charts/dcae-healthcheck/values.yaml index 913cb714d6..fb5a195e60 100644 --- a/kubernetes/dcaegen2/charts/dcae-healthcheck/values.yaml +++ b/kubernetes/dcaegen2/charts/dcae-healthcheck/values.yaml @@ -45,7 +45,7 @@ readiness: periodSeconds: 10 # application image repository: nexus3.onap.org:10001 -image: onap/org.onap.dcaegen2.deployments.healthcheck-container:1.2.4 +image: onap/org.onap.dcaegen2.deployments.healthcheck-container:1.2.5 # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/resources/config/config.json b/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/resources/config/config.json index a8329f674b..c8c7dd79f1 100644 --- a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/resources/config/config.json +++ b/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/resources/config/config.json @@ -30,5 +30,14 @@ "gzipEnabledForRequests": false, "timeout": "5000milliseconds", "connectionTimeout": "5000milliseconds" + }, + "server": { + "applicationConnectors": [{ + "type": "https", + "port": 8080, + "keyStorePath": "/opt/cert/cert.jks", + "keyStorePassword": "hD:!w:CxF]lGvM6Mz9l^j[7U", + "keyStoreType": "JKS" + }] } - }
\ No newline at end of file + } diff --git a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/templates/deployment.yaml b/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/templates/deployment.yaml index e3e4aaf5cd..28eeae23a1 100644 --- a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/templates/deployment.yaml +++ b/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/templates/deployment.yaml @@ -50,6 +50,19 @@ spec: fieldRef: apiVersion: v1 fieldPath: metadata.namespace + - name: init-tls + env: + - name: POD_IP + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: status.podIP + image: {{ .Values.global.tlsRepository }}/{{ .Values.global.tlsImage }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + resources: {} + volumeMounts: + - mountPath: /opt/tls/shared + name: tls-info containers: - name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" @@ -79,12 +92,15 @@ spec: httpGet: path: {{ .Values.readiness.path }} port: {{ .Values.service.internalPort }} + scheme: {{ .Values.readiness.scheme }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} volumeMounts: - name: {{ include "common.fullname" . }}-inv-config mountPath: /opt/config.json subPath: config.json + - mountPath: /opt/cert/ + name: tls-info env: - name: CONSUL_HOST value: consul.{{ include "common.namespace" . }} @@ -92,5 +108,7 @@ spec: - name: {{ include "common.fullname" . }}-inv-config configMap: name: {{ include "common.fullname" . }}-configmap + - emptyDir: {} + name: tls-info imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/values.yaml b/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/values.yaml index f12040210b..8e4430c37e 100644 --- a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/values.yaml +++ b/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/values.yaml @@ -24,6 +24,8 @@ global: readinessImage: readiness-check:2.0.0 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 + tlsRepository: nexus3.onap.org:10001 + tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:1.0.3 repositoryCred: user: docker password: docker @@ -42,7 +44,7 @@ config: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/org.onap.dcaegen2.platform.inventory-api:3.2.0 +image: onap/org.onap.dcaegen2.platform.inventory-api:3.4.0 pullPolicy: Always @@ -59,6 +61,7 @@ readiness: initialDelaySeconds: 30 periodSeconds: 30 path: /dcae-service-types + scheme: HTTPS service: type: ClusterIP diff --git a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/resources/config/config.json b/kubernetes/dcaegen2/charts/dcae-servicechange-handler/resources/config/config.json index 7ddc800817..4578d4c4ee 100644 --- a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/resources/config/config.json +++ b/kubernetes/dcaegen2/charts/dcae-servicechange-handler/resources/config/config.json @@ -17,6 +17,6 @@ "isFilterInEmptyResources": false }, "dcaeInventoryClient": { - "uri": "http://inventory:8080" + "uri": "https://inventory:8080" } } diff --git a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/templates/deployment.yaml b/kubernetes/dcaegen2/charts/dcae-servicechange-handler/templates/deployment.yaml index 44ebc42412..d948d3425b 100644 --- a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/templates/deployment.yaml +++ b/kubernetes/dcaegen2/charts/dcae-servicechange-handler/templates/deployment.yaml @@ -54,16 +54,23 @@ spec: fieldRef: apiVersion: v1 fieldPath: metadata.namespace + - name: init-tls + env: + - name: POD_IP + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: status.podIP + image: {{ .Values.global.tlsRepository }}/{{ .Values.global.tlsImage }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + resources: {} + volumeMounts: + - mountPath: /opt/tls/shared + name: tls-info containers: - name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: ["java"] - args: - - "-jar" - - "/opt/servicechange-handler.jar" - - "prod" - - "/opt/config.json" resources: {{ include "common.resources" . | indent 12 }} # disable liveness probe when breakpoints set in debugger @@ -84,12 +91,21 @@ spec: - name: {{ include "common.fullname" . }}-sch-config mountPath: /opt/config.json subPath: config.json + # NOTE: This is tied to the PATH_TO_CACERT env variable + - mountPath: /opt/cert/ + name: tls-info env: - name: CONSUL_HOST value: consul.{{ include "common.namespace" . }} + - name: PATH_TO_CACERT + value: "/opt/cert/cacert.pem" + - name: SCH_ARGS + value: "prod /opt/config.json" volumes: - name: {{ include "common.fullname" . }}-sch-config configMap: name: {{ include "common.fullname" . }}-configmap + - emptyDir: {} + name: tls-info imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/values.yaml b/kubernetes/dcaegen2/charts/dcae-servicechange-handler/values.yaml index dd985163c1..0b88a65c69 100644 --- a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/values.yaml +++ b/kubernetes/dcaegen2/charts/dcae-servicechange-handler/values.yaml @@ -24,6 +24,8 @@ global: readinessImage: readiness-check:2.0.0 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 + tlsRepository: nexus3.onap.org:10001 + tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:1.0.3 repositoryCred: user: docker password: docker @@ -40,7 +42,7 @@ config: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/org.onap.dcaegen2.platform.servicechange-handler:1.1.5 +image: onap/org.onap.dcaegen2.platform.servicechange-handler:1.3.2 pullPolicy: Always diff --git a/kubernetes/dmaap/components/dmaap-dr-node/resources/config/feeds/createFeed.sh b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/feeds/createFeed.sh deleted file mode 100644 index 1289ecae86..0000000000 --- a/kubernetes/dmaap/components/dmaap-dr-node/resources/config/feeds/createFeed.sh +++ /dev/null @@ -1,14 +0,0 @@ -#!/bin/sh - -dr_prov_url="{{.Values.config.dmaapDrProv.name}}:{{.Values.config.dmaapDrProv.internalPort2}}" -ct_header="Content-Type:application/vnd.dmaap-dr.feed" -obo_header="X-DMAAP-DR-ON-BEHALF-OF:dradmin" -feed_payload=/opt/app/datartr/etc/dedicatedFeed.json - -sleep 20 - -if curl -k https://${dr_prov_url}/internal/prov | awk 'BEGIN{ORS=""} {print}' | egrep "\"feeds\":\s+\[\]"; then - curl -X POST -H ${ct_header} -H ${obo_header} --data-ascii @${feed_payload} --post301 --location-trusted -k https://${dr_prov_url}; -else - echo "NO feed creation required"; -fi diff --git a/kubernetes/dmaap/components/dmaap-dr-node/resources/config/feeds/dedicatedFeed.json b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/feeds/dedicatedFeed.json deleted file mode 100644 index a96f46d528..0000000000 --- a/kubernetes/dmaap/components/dmaap-dr-node/resources/config/feeds/dedicatedFeed.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "name": "Default PM Feed", - "version": "m1.0", - "description": "Default feed provisioned for PM File collector", - "business_description": "Default Feed", - "suspend": false, - "deleted": false, - "changeowner": true, - "authorization": { - "classification": "unclassified", - "endpoint_addrs": [], - "endpoint_ids": [ - { - "password": "dradmin", - "id": "dradmin" - }] - } -}
\ No newline at end of file diff --git a/kubernetes/dmaap/components/dmaap-dr-node/resources/config/log/filebeat/filebeat.yml b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/log/filebeat/filebeat.yml index f1cf7394b6..e0cb1dd21b 100644 --- a/kubernetes/dmaap/components/dmaap-dr-node/resources/config/log/filebeat/filebeat.yml +++ b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/log/filebeat/filebeat.yml @@ -16,6 +16,7 @@ # SPDX-License-Identifier: Apache-2.0 # ============LICENSE_END========================================================= +# dmaap-dr-node filebeat.yml filebeat.prospectors: #it is mandatory, in our case it's log - input_type: log @@ -24,7 +25,6 @@ filebeat.prospectors: - /var/log/onap/*/*/*/*.log - /var/log/onap/*/*/*.log - /var/log/onap/*/*.log - - /opt/app/datartr/logs/*.log #Files older than this should be ignored.In our case it will be 48 hours i.e. 2 days. It is a helping flag for clean_inactive ignore_older: 48h # Remove the registry entry for a file that is more than the specified time. In our case it will be 96 hours, i.e. 4 days. It will help to keep registry records with in limit @@ -40,7 +40,7 @@ output.logstash: #List of logstash server ip addresses with port number. #But, in our case, this will be the loadbalancer IP address. #For the below property to work the loadbalancer or logstash should expose 5044 port to listen the filebeat events or port in the property should be changed appropriately. - hosts: ["{{.Values.config.logstashServiceName}}.{{.Release.Namespace}}:{{.Values.config.logstashPort}}"] + hosts: ["{{.Values.global.logstashServiceName}}.{{.Release.Namespace}}:{{.Values.global.logstashPort}}"] #If enable will do load balancing among available Logstash, automatically. loadbalance: true diff --git a/kubernetes/dmaap/components/dmaap-dr-node/resources/config/logback.xml b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/logback.xml index 25a2c6e093..ba247e151c 100644 --- a/kubernetes/dmaap/components/dmaap-dr-node/resources/config/logback.xml +++ b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/logback.xml @@ -17,18 +17,21 @@ SPDX-License-Identifier: Apache-2.0 ============LICENSE_END========================================================= --> -<configuration scan="true" scanPeriod="3 seconds" debug="true"> +<configuration scan="true" scanPeriod="3 seconds" debug="false"> - <property name="generalLogName" value="apicalls" /> - <property name="errorLogName" value="errors" /> - <property name="jettyAndNodeLogName" value="node"/> + <property name="logDir" value="/var/log/onap/datarouter" /> + <!-- log file names --> + <property name="auditLog" value="audit" /> + <property name="errorLog" value="error" /> + <property name="debugLog" value="debug" /> + <property name="metricsLog" value="metrics" /> + <property name="jettyLog" value="jetty" /> - <property name="defaultPattern" value="%d{MM/dd-HH:mm:ss.SSS}|%logger|%X{RequestId}|%X{ServiceInstanceId}|%thread|%X{ServiceName}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ServerFQDN}|%X{RemoteHost}|%X{Timer}|%msg%n" /> - <property name="jettyAndNodeLoggerPattern" value="%d{MM/dd-HH:mm:ss.SSS}|%logger|%thread|%.-5level|%msg%n" /> - <property name="debugLoggerPattern" value="%d{MM/dd-HH:mm:ss.SSS}|%X{RequestId}|%X{ServiceInstanceId}|%thread|%X{ServiceName}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ServerFQDN}|%X{RemoteHost}|%X{Timer}|[%caller{3}]|%msg%n" /> - - <property name="logDirectory" value="/opt/app/datartr/logs" /> + <!-- log file names --> + <property name="defaultPattern" value="%d{MM/dd-HH:mm:ss.SSS}|%logger|%X{RequestId}|%X{InvocationId}|%X{ServiceInstanceId}|%thread|%X{ServiceName}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ServerFQDN}|%X{RemoteHost}|%X{Timer}%n|%msg%n" /> + <property name="logDirectory" value="${logDir}" /> + <!-- Example evaluator filter applied against console appender --> <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> <encoder> <pattern>${defaultPattern}</pattern> @@ -39,110 +42,181 @@ <!-- EELF Appenders --> <!-- ============================================================================ --> - <appender name="EELF" + <!-- The EELFAppender is used to record events to the general application + log --> + + + <appender name="Audit" class="ch.qos.logback.core.rolling.RollingFileAppender"> - <file>${logDirectory}/${generalLogName}.log</file> - <filter class="ch.qos.logback.classic.filter.LevelFilter"> - <level>INFO</level> - <onMatch>ACCEPT</onMatch> - <onMismatch>DENY</onMismatch> + <file>${logDirectory}/${auditLog}.log</file> + <filter class="org.onap.dmaap.datarouter.node.eelf.AuditFilter"> </filter> <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> - <fileNamePattern>${logDirectory}/${generalLogName}.%i.log.zip + <fileNamePattern>${logDirectory}/${auditLog}.%i.log.zip </fileNamePattern> <minIndex>1</minIndex> <maxIndex>9</maxIndex> </rollingPolicy> <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> - <maxFileSize>5MB</maxFileSize> + <maxFileSize>50MB</maxFileSize> + </triggeringPolicy> + <encoder> + <pattern>${defaultPattern}</pattern> + </encoder> + </appender> + + <appender name="asyncAudit" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>256</queueSize> + <appender-ref ref="Audit" /> + </appender> + + <!-- ============================================================================ --> + + <appender name="Metrics" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/${metricsLog}.log</file> + <filter class="org.onap.dmaap.datarouter.node.eelf.MetricsFilter"> + </filter> + <rollingPolicy + class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <fileNamePattern>${logDirectory}/${metricsLog}.%i.log.zip + </fileNamePattern> + <minIndex>1</minIndex> + <maxIndex>9</maxIndex> + </rollingPolicy> + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>50MB</maxFileSize> </triggeringPolicy> <encoder> <pattern>${defaultPattern}</pattern> </encoder> </appender> - <appender name="asyncEELF" class="ch.qos.logback.classic.AsyncAppender"> + <appender name="asyncMetrics" class="ch.qos.logback.classic.AsyncAppender"> <queueSize>256</queueSize> - <appender-ref ref="EELF" /> + <appender-ref ref="Metrics" /> </appender> - <appender name="EELFError" + <!-- ============================================================================ --> + + + <appender name="Debug" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/${debugLog}.log</file> + <filter class="org.onap.dmaap.datarouter.node.eelf.DebugFilter"> + </filter> + <rollingPolicy + class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <fileNamePattern>${logDirectory}/${debugLog}.%i.log.zip + </fileNamePattern> + <minIndex>1</minIndex> + <maxIndex>9</maxIndex> + </rollingPolicy> + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>50MB</maxFileSize> + </triggeringPolicy> + <encoder> + <pattern>${defaultPattern}</pattern> + </encoder> + </appender> + + <appender name="asyncDebug" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>256</queueSize> + <appender-ref ref="Debug" /> + </appender> + + <!-- ============================================================================ --> + + <appender name="Error" class="ch.qos.logback.core.rolling.RollingFileAppender"> - <file>${logDirectory}/${errorLogName}.log</file> - <filter class="ch.qos.logback.classic.filter.LevelFilter"> - <level>ERROR</level> - <onMatch>ACCEPT</onMatch> - <onMismatch>DENY</onMismatch> + <file>${logDirectory}/${errorLog}.log</file> + <filter class="org.onap.dmaap.datarouter.node.eelf.ErrorFilter"> </filter> <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> - <fileNamePattern>${logDirectory}/${errorLogName}.%i.log.zip + <fileNamePattern>${logDirectory}/${errorLog}.%i.log.zip </fileNamePattern> <minIndex>1</minIndex> <maxIndex>9</maxIndex> </rollingPolicy> <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> - <maxFileSize>5MB</maxFileSize> + <maxFileSize>50MB</maxFileSize> </triggeringPolicy> <encoder> <pattern>${defaultPattern}</pattern> </encoder> </appender> - <appender name="asyncEELFError" class="ch.qos.logback.classic.AsyncAppender"> + <appender name="asyncError" class="ch.qos.logback.classic.AsyncAppender"> <queueSize>256</queueSize> - <appender-ref ref="EELFError"/> + <appender-ref ref="Error"/> </appender> <!-- ============================================================================ --> - <appender name="jettyAndNodelog" + <appender name="Jetty" class="ch.qos.logback.core.rolling.RollingFileAppender"> - <file>${logDirectory}/${jettyAndNodeLogName}.log</file> - <filter class="org.onap.dmaap.datarouter.node.eelf.EELFFilter" /> + <file>${logDirectory}/${jettyLog}.log</file> + <filter class="org.onap.dmaap.datarouter.node.eelf.JettyFilter" /> <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> - <fileNamePattern>${logDirectory}/${jettyAndNodeLogName}.%i.log.zip + <fileNamePattern>${logDirectory}/${jettyLog}.%i.log.zip </fileNamePattern> <minIndex>1</minIndex> <maxIndex>9</maxIndex> </rollingPolicy> <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> - <maxFileSize>5MB</maxFileSize> + <maxFileSize>50MB</maxFileSize> </triggeringPolicy> <encoder> - <pattern>${jettyAndNodeLoggerPattern}</pattern> + <pattern>${defaultPattern}</pattern> </encoder> </appender> - <appender name="asyncEELFjettyAndNodelog" class="ch.qos.logback.classic.AsyncAppender"> + <appender name="asyncJettyLog" class="ch.qos.logback.classic.AsyncAppender"> <queueSize>256</queueSize> - <appender-ref ref="jettyAndNodelog" /> + <appender-ref ref="Jetty" /> <includeCallerData>true</includeCallerData> </appender> + <!-- ============================================================================ --> + + <!-- ============================================================================ --> <!-- EELF loggers --> <!-- ============================================================================ --> <logger name="com.att.eelf" level="info" additivity="false"> - <appender-ref ref="asyncEELF" /> + <appender-ref ref="asyncAudit" /> + </logger> + + <logger name="com.att.eelf" additivity="false"> + <appender-ref ref="asyncMetrics" /> + </logger> + + <logger name="com.att.eelf" additivity="false"> + <appender-ref ref="asyncDebug" /> </logger> - <logger name="com.att.eelf.error" level="error" additivity="false"> - <appender-ref ref="asyncEELFError" /> - </logger> + <logger name="com.att.eelf.error" additivity="false"> + <appender-ref ref="asyncError" /> + </logger> + + <logger name="log4j.logger.org.eclipse.jetty" additivity="false"> + <appender-ref ref="asyncJettyLog"/> + </logger> - <logger name="log4j.logger.org.eclipse.jetty" additivity="false" level="info"> - <appender-ref ref="asyncEELFjettyAndNodelog"/> - </logger> <root level="INFO"> - <appender-ref ref="asyncEELF" /> - <appender-ref ref="asyncEELFError" /> - <appender-ref ref="asyncEELFjettyAndNodelog" /> + <appender-ref ref="asyncAudit" /> + <appender-ref ref="asyncMetrics" /> + <appender-ref ref="asyncDebug" /> + <appender-ref ref="asyncError" /> + <appender-ref ref="asyncJettyLog" /> </root> -</configuration> +</configuration>
\ No newline at end of file diff --git a/kubernetes/dmaap/components/dmaap-dr-node/resources/config/node.properties b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/node.properties index 5de5fc1814..4379dfbf1d 100644 --- a/kubernetes/dmaap/components/dmaap-dr-node/resources/config/node.properties +++ b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/node.properties @@ -26,13 +26,13 @@ # URL to retrieve dynamic configuration # #ProvisioningURL: ${DRTR_PROV_INTURL} -ProvisioningURL=https://{{.Values.config.dmaapDrProv.name}}:{{.Values.config.dmaapDrProv.externalPort2}}/internal/prov +ProvisioningURL=https://{{ .Values.global.dmaapDrProvName }}:{{ .Values.global.dmaapDrProvExtPort2 }}/internal/prov # # URL to upload PUB/DEL/EXP logs # #LogUploadURL: ${DRTR_LOG_URL} -LogUploadURL=https://{{.Values.config.dmaapDrProv.name}}:{{.Values.config.dmaapDrProv.externalPort2}}/internal/logs +LogUploadURL=https://{{ .Values.global.dmaapDrProvName }}:{{ .Values.global.dmaapDrProvExtPort2 }}/internal/logs # # The port number for http as seen within the server diff --git a/kubernetes/dmaap/components/dmaap-dr-node/templates/configmap.yaml b/kubernetes/dmaap/components/dmaap-dr-node/templates/configmap.yaml index a3882bcb38..5c581beee7 100644 --- a/kubernetes/dmaap/components/dmaap-dr-node/templates/configmap.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-node/templates/configmap.yaml @@ -28,19 +28,6 @@ data: apiVersion: v1 kind: ConfigMap metadata: - name: {{ include "common.fullname" . }}-create-feed-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/feeds/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: name: {{ include "common.fullname" . }}-log namespace: {{ include "common.namespace" . }} data: @@ -62,7 +49,7 @@ data: apiVersion: v1 kind: ConfigMap metadata: - name: {{ include "common.fullname" . }}-dmaap-filebeat-configmap + name: {{ include "common.fullname" . }}-dmaap-dr-node-filebeat-configmap namespace: {{ include "common.namespace" . }} data: {{ tpl (.Files.Glob "resources/config/log/filebeat/filebeat.yml").AsConfig . | indent 2 }} diff --git a/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml b/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml index a508886f10..a190d0d7d2 100644 --- a/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml @@ -81,23 +81,17 @@ spec: - mountPath: /etc/localtime name: localtime readOnly: false - - mountPath: /opt/app/datartr/etc/dedicatedFeed.json - name: {{ include "common.fullname" . }}-create-feed-config - subPath: dedicatedFeed.json - - mountPath: /opt/app/datartr/etc/createFeed.sh - name: {{ include "common.fullname" . }}-create-feed-config - subPath: createFeed.sh - mountPath: /opt/app/datartr/etc/node.properties name: {{ include "common.fullname" . }}-config subPath: node.properties - mountPath: /opt/app/datartr/etc/drNodeCadi.properties name: {{ include "common.fullname" . }}-config subPath: drNodeCadi.properties - lifecycle: - postStart: - exec: - command: - - /opt/app/datartr/etc/createFeed.sh + - mountPath: /opt/app/datartr/etc/logback.xml + name: {{ include "common.fullname" . }}-log-conf + subPath: logback.xml + - mountPath: {{ .Values.global.loggingDirectory }} + name: {{ include "common.fullname" . }}-logs resources: {{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} @@ -118,7 +112,7 @@ spec: subPath: filebeat.yml - name: {{ include "common.fullname" . }}-data-filebeat mountPath: /usr/share/filebeat/data - - name: {{ include "common.fullname" . }}-event-logs-pvc + - name: {{ include "common.fullname" . }}-logs mountPath: /var/log/onap/datarouter-node imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" @@ -126,15 +120,6 @@ spec: - name: localtime hostPath: path: /etc/localtime - - name: {{ include "common.fullname" . }}-create-feed-config - configMap: - name: {{ include "common.fullname" . }}-create-feed-configmap - defaultMode: 0755 - items: - - key: createFeed.sh - path: createFeed.sh - - key: dedicatedFeed.json - path: dedicatedFeed.json - name: {{ include "common.fullname" . }}-config configMap: name: {{ include "common.fullname" . }}-configmap @@ -148,11 +133,13 @@ spec: name: {{ include "common.fullname" . }}-log - name: {{ include "common.fullname" . }}-filebeat-conf configMap: - name: {{ .Release.Name }}-dmaap-filebeat-configmap + name: {{ include "common.fullname" . }}-dmaap-dr-node-filebeat-configmap - name: {{ include "common.fullname" . }}-data-filebeat emptyDir: {} - name: {{ include "common.fullname" . }}-event-logs-pvc emptyDir: {} + - name: {{ include "common.fullname" . }}-logs + emptyDir: {} volumeClaimTemplates: - metadata: name: {{ include "common.fullname" . }}-spool-data-pvc diff --git a/kubernetes/dmaap/components/dmaap-dr-node/values.yaml b/kubernetes/dmaap/components/dmaap-dr-node/values.yaml index 154018a018..723d977867 100644 --- a/kubernetes/dmaap/components/dmaap-dr-node/values.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-node/values.yaml @@ -16,12 +16,7 @@ # Global configuration defaults. ################################################################# global: - nodePortPrefixExt: 304 - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 - loggingRepository: docker.elastic.co - loggingImage: beats/filebeat:5.5.0 - loggingDirectory: /opt/app/datartr/logs + loggingDirectory: /var/log/onap/datarouter busyBoxImage: busybox:1.30 busyBoxRepository: docker.io @@ -29,8 +24,7 @@ global: # Application configuration defaults. ################################################################# # application image -repository: nexus3.onap.org:10001 -image: onap/dmaap/datarouter-node:2.1.0 +image: onap/dmaap/datarouter-node:2.1.1 pullPolicy: Always # flag to enable debugging - application support required @@ -107,9 +101,3 @@ config: portName2: dr-node-port2 nodePort: 93 nodePort2: 94 - -# dr provisioning server configuration - dmaapDrProv: - name: dmaap-dr-prov - externalPort2: 8443 - internalPort2: 8443 diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/log/filebeat/filebeat.yml b/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/log/filebeat/filebeat.yml index f1cf7394b6..db02b2115d 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/log/filebeat/filebeat.yml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/log/filebeat/filebeat.yml @@ -16,6 +16,7 @@ # SPDX-License-Identifier: Apache-2.0 # ============LICENSE_END========================================================= +# dmaap-dr-prov filebeat.yml filebeat.prospectors: #it is mandatory, in our case it's log - input_type: log @@ -40,7 +41,7 @@ output.logstash: #List of logstash server ip addresses with port number. #But, in our case, this will be the loadbalancer IP address. #For the below property to work the loadbalancer or logstash should expose 5044 port to listen the filebeat events or port in the property should be changed appropriately. - hosts: ["{{.Values.config.logstashServiceName}}.{{.Release.Namespace}}:{{.Values.config.logstashPort}}"] + hosts: ["{{.Values.global.logstashServiceName}}.{{.Release.Namespace}}:{{.Values.global.logstashPort}}"] #If enable will do load balancing among available Logstash, automatically. loadbalance: true diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/logback.xml b/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/logback.xml index 942d898695..f67b1cf380 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/logback.xml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/logback.xml @@ -18,131 +18,390 @@ ============LICENSE_END========================================================= --> <configuration scan="true" scanPeriod="3 seconds" debug="true"> + <!--<jmxConfigurator /> --> + <!-- directory path for all other type logs --> + <!-- property name="logDir" value="/home/eby/dr2/logs" / --> + <property name="logDir" value="/opt/app/datartr/logs" /> - <property name="generalLogName" value="apicalls" /> - <property name="errorLogName" value="errors" /> - <property name="jettyLogName" value="jetty"/> - - <property name="defaultPattern" value="%d{MM/dd-HH:mm:ss.SSS}|%logger|%X{RequestId}|%X{ServiceInstanceId}|%thread|%X{ServiceName}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ServerFQDN}|%X{RemoteHost}|%X{Timer}|%msg%n" /> - <property name="jettyLoggerPattern" value="%d{MM/dd-HH:mm:ss.SSS}|%logger|%thread|%.-5level|%msg%n" /> - <property name="debugLoggerPattern" value="%d{MM/dd-HH:mm:ss.SSS}|%X{RequestId}|%X{ServiceInstanceId}|%thread|%X{ServiceName}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ServerFQDN}|%X{RemoteHost}|%X{Timer}|[%caller{3}]|%msg%n" /> - - <property name="logDirectory" value="/opt/app/datartr/logs" /> - - <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> - <encoder> - <pattern>${defaultPattern}</pattern> - </encoder> - </appender> - - <!-- ============================================================================ --> - <!-- EELF Appenders --> - <!-- ============================================================================ --> - - <appender name="EELF" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <file>${logDirectory}/${generalLogName}.log</file> - <filter class="ch.qos.logback.classic.filter.LevelFilter"> - <level>INFO</level> - <onMatch>ACCEPT</onMatch> - <onMismatch>DENY</onMismatch> - </filter> - <rollingPolicy - class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> - <fileNamePattern>${logDirectory}/${generalLogName}.%i.log.zip - </fileNamePattern> - <minIndex>1</minIndex> - <maxIndex>9</maxIndex> - </rollingPolicy> - <triggeringPolicy - class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> - <maxFileSize>5MB</maxFileSize> - </triggeringPolicy> - <encoder> - <pattern>${defaultPattern}</pattern> - </encoder> - </appender> - - <appender name="asyncEELF" class="ch.qos.logback.classic.AsyncAppender"> - <queueSize>256</queueSize> - <appender-ref ref="EELF" /> - </appender> - - <appender name="EELFError" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <file>${logDirectory}/${errorLogName}.log</file> - <filter class="ch.qos.logback.classic.filter.LevelFilter"> - <level>ERROR</level> - <onMatch>ACCEPT</onMatch> - <onMismatch>DENY</onMismatch> - </filter> - <rollingPolicy - class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> - <fileNamePattern>${logDirectory}/${errorLogName}.%i.log.zip - </fileNamePattern> - <minIndex>1</minIndex> - <maxIndex>9</maxIndex> - </rollingPolicy> - <triggeringPolicy - class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> - <maxFileSize>5MB</maxFileSize> - </triggeringPolicy> - <encoder> - <pattern>${defaultPattern}</pattern> - </encoder> - </appender> - - <appender name="asyncEELFError" class="ch.qos.logback.classic.AsyncAppender"> - <queueSize>256</queueSize> - <appender-ref ref="EELFError"/> - </appender> - - <!-- ============================================================================ --> - <appender name="jettylog" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <file>${logDirectory}/${jettyLogName}.log</file> - <filter class="org.onap.dmaap.datarouter.provisioning.eelf.JettyFilter" /> - <rollingPolicy - class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> - <fileNamePattern>${logDirectory}/${jettyLogName}.%i.log.zip - </fileNamePattern> - <minIndex>1</minIndex> - <maxIndex>9</maxIndex> - </rollingPolicy> - <triggeringPolicy - class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> - <maxFileSize>5MB</maxFileSize> - </triggeringPolicy> - <encoder> - <pattern>${jettyLoggerPattern}</pattern> - </encoder> - </appender> - - <appender name="asyncEELFjettylog" class="ch.qos.logback.classic.AsyncAppender"> - <queueSize>256</queueSize> - <appender-ref ref="jettylog" /> - <includeCallerData>true</includeCallerData> - </appender> - - <!-- ============================================================================ --> - <!-- EELF loggers --> - <!-- ============================================================================ --> - <logger name="com.att.eelf" level="info" additivity="false"> - <appender-ref ref="asyncEELF" /> - </logger> - - <logger name="com.att.eelf.error" level="error" additivity="false"> - <appender-ref ref="asyncEELFError" /> - </logger> - - <logger name="log4j.logger.org.eclipse.jetty" additivity="false" level="info"> + <!-- directory path for debugging type logs --> + <!-- property name="debugDir" value="/home/eby/dr2/debug-logs" /--> + + <!-- specify the component name + <ECOMP-component-name>::= "MSO" | "DCAE" | "ASDC " | "AAI" |"Policy" | "SDNC" | "AC" --> + <!-- This creates the MSO directory in in the LogDir which is not needed, mentioned last directory of the path--> + <!-- property name="componentName" value="logs"></property --> + + <!-- log file names --> + <property name="generalLogName" value="apicalls" /> + <!-- name="securityLogName" value="security" --> + <!-- name="performanceLogName" value="performance" --> + <!-- name="serverLogName" value="server" --> + <!-- name="policyLogName" value="policy"--> + <property name="errorLogName" value="errors" /> + <!-- name="metricsLogName" value="metrics" --> + <property name="debugLogName" value="debug"/> + <property name="jettyLogName" value="jetty"/> + <property name="defaultPattern" value="%d{MM/dd-HH:mm:ss.SSS}|%logger|%X{RequestId}|%X{InvocationId}|%X{ServiceInstanceId}|%thread|%X{ServiceName}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ServerFQDN}|%X{RemoteHost}|%X{Timer}|%msg%n" /> + <property name="jettyLoggerPattern" value="%d{MM/dd-HH:mm:ss.SSS}|%logger|%thread|%.-5level|%msg%n" /> + + <property name="debugLoggerPattern" value="%d{MM/dd-HH:mm:ss.SSS}|%logger|%X{RequestId}|%X{InvocationId}|%X{ServiceInstanceId}|%thread|%X{ServiceName}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ServerFQDN}|%X{RemoteHost}|%X{Timer}|[%caller{3}]|%msg%n" /> + + <property name="logDirectory" value="${logDir}" /> + <!-- property name="debugLogDirectory" value="${debugDir}/${componentName}" /--> + + + <!-- Example evaluator filter applied against console appender --> + <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> + <encoder> + <pattern>${defaultPattern}</pattern> + </encoder> + </appender> + + <!-- ============================================================================ --> + <!-- EELF Appenders --> + <!-- ============================================================================ --> + + <!-- The EELFAppender is used to record events to the general application + log --> + + + <appender name="EELF" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/${generalLogName}.log</file> + <filter class="ch.qos.logback.classic.filter.LevelFilter"> + <level>INFO</level> + <onMatch>ACCEPT</onMatch> + <onMismatch>DENY</onMismatch> + </filter> + <rollingPolicy + class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <fileNamePattern>${logDirectory}/${generalLogName}.%i.log.zip + </fileNamePattern> + <minIndex>1</minIndex> + <maxIndex>9</maxIndex> + </rollingPolicy> + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>50MB</maxFileSize> + </triggeringPolicy> + <encoder> + <pattern>${defaultPattern}</pattern> + </encoder> + </appender> + + <appender name="asyncEELF" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>256</queueSize> + <appender-ref ref="EELF" /> + </appender> + + <!-- EELF Security Appender. This appender is used to record security events + to the security log file. Security events are separate from other loggers + in EELF so that security log records can be captured and managed in a secure + way separate from the other logs. This appender is set to never discard any + events. --> + <!--appender name="EELFSecurity" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/${securityLogName}.log</file> + <rollingPolicy + class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <fileNamePattern>${logDirectory}/${securityLogName}.%i.log.zip + </fileNamePattern> + <minIndex>1</minIndex> + <maxIndex>9</maxIndex> + </rollingPolicy> + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>5MB</maxFileSize> + </triggeringPolicy> + <encoder> + <pattern>${defaultPattern}</pattern> + </encoder> + </appender> + + <appender name="asyncEELFSecurity" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>256</queueSize> + <discardingThreshold>0</discardingThreshold> + <appender-ref ref="EELFSecurity" /> + </appender--> + + <!-- EELF Performance Appender. This appender is used to record performance + records. --> + <!--appender name="EELFPerformance" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/${performanceLogName}.log</file> + <rollingPolicy + class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <fileNamePattern>${logDirectory}/${performanceLogName}.%i.log.zip + </fileNamePattern> + <minIndex>1</minIndex> + <maxIndex>9</maxIndex> + </rollingPolicy> + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>5MB</maxFileSize> + </triggeringPolicy> + <encoder> + <outputPatternAsHeader>true</outputPatternAsHeader> + <pattern>${defaultPattern}</pattern> + </encoder> + </appender> + <appender name="asyncEELFPerformance" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>256</queueSize> + <appender-ref ref="EELFPerformance" /> + </appender--> + + <!-- EELF Server Appender. This appender is used to record Server related + logging events. The Server logger and appender are specializations of the + EELF application root logger and appender. This can be used to segregate Server + events from other components, or it can be eliminated to record these events + as part of the application root log. --> + <!--appender name="EELFServer" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/${serverLogName}.log</file> + <rollingPolicy + class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <fileNamePattern>${logDirectory}/${serverLogName}.%i.log.zip + </fileNamePattern> + <minIndex>1</minIndex> + <maxIndex>9</maxIndex> + </rollingPolicy> + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>5MB</maxFileSize> + </triggeringPolicy> + <encoder> + <pattern>${defaultPattern}</pattern> + </encoder> + </appender> + <appender name="asyncEELFServer" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>256</queueSize> + <appender-ref ref="EELFServer" /> + </appender--> + + + <!-- EELF Policy Appender. This appender is used to record Policy engine + related logging events. The Policy logger and appender are specializations + of the EELF application root logger and appender. This can be used to segregate + Policy engine events from other components, or it can be eliminated to record + these events as part of the application root log. --> + <!--appender name="EELFPolicy" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/${policyLogName}.log</file> + <rollingPolicy + class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <fileNamePattern>${logDirectory}/${policyLogName}.%i.log.zip + </fileNamePattern> + <minIndex>1</minIndex> + <maxIndex>9</maxIndex> + </rollingPolicy> + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>5MB</maxFileSize> + </triggeringPolicy> + <encoder> + <pattern>${defaultPattern}</pattern> + </encoder> + </appender> + <appender name="asyncEELFPolicy" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>256</queueSize> + <appender-ref ref="EELFPolicy" > + </appender--> + + + <!-- EELF Audit Appender. This appender is used to record audit engine + related logging events. The audit logger and appender are specializations + of the EELF application root logger and appender. This can be used to segregate + Policy engine events from other components, or it can be eliminated to record + these events as part of the application root log. --> + + <!--appender name="EELFAudit" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/${auditLogName}.log</file> + <rollingPolicy + class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <fileNamePattern>${logDirectory}/${auditLogName}.%i.log.zip + </fileNamePattern> + <minIndex>1</minIndex> + <maxIndex>9</maxIndex> + </rollingPolicy> + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>5MB</maxFileSize> + </triggeringPolicy> + <encoder> + <pattern>${defaultPattern}</pattern> + </encoder> + </appender> + <appender name="asyncEELFAudit" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>256</queueSize> + <appender-ref ref="EELFAudit" /> + </appender--> + + <!--appender name="EELFMetrics" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/${metricsLogName}.log</file> + <rollingPolicy + class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <fileNamePattern>${logDirectory}/${metricsLogName}.%i.log.zip + </fileNamePattern> + <minIndex>1</minIndex> + <maxIndex>9</maxIndex> + </rollingPolicy> + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>5MB</maxFileSize> + </triggeringPolicy> + <encoder--> + <!-- <pattern>"%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - + %msg%n"</pattern> --> + <!--pattern>${defaultPattern}</pattern> + </encoder> +</appender> + + +<appender name="asyncEELFMetrics" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>256</queueSize> + <appender-ref ref="EELFMetrics"/> +</appender--> + + <appender name="EELFError" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/${errorLogName}.log</file> + <filter class="ch.qos.logback.classic.filter.LevelFilter"> + <level>ERROR</level> + <onMatch>ACCEPT</onMatch> + <onMismatch>DENY</onMismatch> + </filter> + <rollingPolicy + class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <fileNamePattern>${logDirectory}/${errorLogName}.%i.log.zip + </fileNamePattern> + <minIndex>1</minIndex> + <maxIndex>9</maxIndex> + </rollingPolicy> + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>50MB</maxFileSize> + </triggeringPolicy> + <encoder> + <pattern>${defaultPattern}</pattern> + </encoder> + </appender> + + <appender name="asyncEELFError" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>256</queueSize> + <appender-ref ref="EELFError"/> + </appender> + + <!-- ============================================================================ --> + <appender name="jettylog" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/${jettyLogName}.log</file> + <filter class="org.onap.dmaap.datarouter.provisioning.eelf.JettyFilter" /> + <rollingPolicy + class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <fileNamePattern>${logDirectory}/${jettyLogName}.%i.log.zip + </fileNamePattern> + <minIndex>1</minIndex> + <maxIndex>9</maxIndex> + </rollingPolicy> + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>50MB</maxFileSize> + </triggeringPolicy> + <encoder> + <pattern>${jettyLoggerPattern}</pattern> + </encoder> + </appender> + + <appender name="asyncEELFjettylog" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>256</queueSize> + <appender-ref ref="jettylog" /> + <includeCallerData>true</includeCallerData> + </appender> + + <!-- ============================================================================ --> + + + <appender name="EELFDebug" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/${debugLogName}.log</file> + <filter class="org.onap.dmaap.datarouter.provisioning.eelf.DebugTraceFilter" /> + <rollingPolicy + class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <fileNamePattern>${logDirectory}/${debugLogName}.%i.log.zip + </fileNamePattern> + <minIndex>1</minIndex> + <maxIndex>9</maxIndex> + </rollingPolicy> + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>50MB</maxFileSize> + </triggeringPolicy> + <encoder> + <pattern>${defaultPattern}</pattern> + </encoder> + </appender> + + <appender name="asyncEELFDebug" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>256</queueSize> + <appender-ref ref="EELFDebug" /> + <includeCallerData>true</includeCallerData> + </appender> + + + <!-- ============================================================================ --> + <!-- EELF loggers --> + <!-- ============================================================================ --> + <logger name="com.att.eelf" level="info" additivity="false"> + <appender-ref ref="asyncEELF" /> + </logger> + + <logger name="com.att.eelf.error" level="error" additivity="false"> + <appender-ref ref="asyncEELFError" /> + </logger> + + <logger name="log4j.logger.org.eclipse.jetty" additivity="false" level="info"> <appender-ref ref="asyncEELFjettylog"/> </logger> - <root level="INFO"> - <appender-ref ref="asyncEELF" /> - <appender-ref ref="asyncEELFError" /> - <appender-ref ref="asyncEELFjettylog" /> - </root> + <logger name="com.att.eelf.debug" level="debug" additivity="false"> + <appender-ref ref="asyncEELFDebug" /> + </logger> + + <!-- logger name="com.att.eelf.security" level="info" additivity="false"> + <appender-ref ref="asyncEELFSecurity" /> + </logger> + <logger name="com.att.eelf.perf" level="info" additivity="false"> + <appender-ref ref="asyncEELFPerformance" /> + </logger> + <logger name="com.att.eelf.server" level="info" additivity="false"> + <appender-ref ref="asyncEELFServer" /> + </logger> + <logger name="com.att.eelf.policy" level="info" additivity="false"> + <appender-ref ref="asyncEELFPolicy" /> + </logger> + + <logger name="com.att.eelf.audit" level="info" additivity="false"> + <appender-ref ref="asyncEELFAudit" /> + </logger> + + <logger name="com.att.eelf.metrics" level="info" additivity="false"> + <appender-ref ref="asyncEELFMetrics" /> + </logger> + + <logger name="com.att.eelf.debug" level="debug" additivity="false"> + <appender-ref ref="asyncEELFDebug" /> + </logger--> + + + + + <root level="INFO"> + <appender-ref ref="asyncEELF" /> + <appender-ref ref="asyncEELFError" /> + <appender-ref ref="asyncEELFjettylog" /> + <appender-ref ref="asyncEELFDebug" /> + </root> -</configuration> +</configuration>
\ No newline at end of file diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/provserver.properties b/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/provserver.properties index a4e96f0af6..52f1f3f5c0 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/provserver.properties +++ b/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/provserver.properties @@ -23,8 +23,8 @@ #Jetty Server properties -org.onap.dmaap.datarouter.provserver.http.port = {{.Values.config.dmaapDrProv.externalPort}} -org.onap.dmaap.datarouter.provserver.https.port = {{.Values.config.dmaapDrProv.externalPort2}} +org.onap.dmaap.datarouter.provserver.http.port = {{.Values.global.dmaapDrProvExtPort}} +org.onap.dmaap.datarouter.provserver.https.port = {{.Values.global.dmaapDrProvExtPort2}} org.onap.dmaap.datarouter.provserver.https.relaxation = true org.onap.dmaap.datarouter.provserver.keymanager.password = FZNkU,B%NJzcT1v7;^v]M#ZX diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/templates/configmap.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/templates/configmap.yaml index fe93cb0dcd..a39cb556a1 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/templates/configmap.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/templates/configmap.yaml @@ -36,7 +36,7 @@ data: apiVersion: v1 kind: ConfigMap metadata: - name: {{ include "common.fullname" . }}-dmaap-filebeat-configmap + name: {{ include "common.fullname" . }}-dmaap-dr-prov-filebeat-configmap namespace: {{ include "common.namespace" . }} data: {{ tpl (.Files.Glob "resources/config/log/filebeat/filebeat.yml").AsConfig . | indent 2 }} diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml index b9c144de72..ea487d0571 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml @@ -29,13 +29,13 @@ spec: app: {{ include "common.name" . }} release: {{ .Release.Name }} spec: - hostname: {{.Values.config.dmaapDrProv.name}} + hostname: {{ .Values.global.dmaapDrProvName }} initContainers: - command: - /root/ready.py args: - --container-name - - {{.Values.config.dmaapDrDb.mariadbContName}} + - {{ .Values.config.dmaapDrDb.mariadbContName }} env: - name: NAMESPACE valueFrom: @@ -50,18 +50,18 @@ spec: image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} ports: - - containerPort: {{.Values.config.dmaapDrProv.externalPort}} - - containerPort: {{.Values.config.dmaapDrProv.externalPort2}} + - containerPort: {{ .Values.global.dmaapDrProvExtPort }} + - containerPort: {{ .Values.global.dmaapDrProvExtPort2 }} {{- if eq .Values.liveness.enabled true }} livenessProbe: tcpSocket: - port: {{.Values.config.dmaapDrProv.externalPort}} + port: {{ .Values.global.dmaapDrProvExtPort }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} {{ end -}} readinessProbe: tcpSocket: - port: {{.Values.config.dmaapDrProv.externalPort}} + port: {{ .Values.global.dmaapDrProvExtPort }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} volumeMounts: @@ -74,6 +74,9 @@ spec: - mountPath: /opt/app/datartr/etc/drProvCadi.properties name: {{ include "common.fullname" . }}-config subPath: drProvCadi.properties + - mountPath: /opt/app/datartr/etc/logback.xml + name: {{ include "common.fullname" . }}-log-conf + subPath: logback.xml - mountPath: {{ .Values.global.loggingDirectory }} name: {{ include "common.fullname" . }}-logs resources: @@ -115,7 +118,7 @@ spec: name: {{ include "common.fullname" . }}-log - name: {{ include "common.fullname" . }}-filebeat-conf configMap: - name: {{ .Release.Name }}-dmaap-filebeat-configmap + name: {{ include "common.fullname" . }}-dmaap-dr-prov-filebeat-configmap - name: {{ include "common.fullname" . }}-data-filebeat emptyDir: {} - name: {{ include "common.fullname" . }}-logs diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/templates/service.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/templates/service.yaml index 0b40389b55..7a94fdb2cd 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/templates/service.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/templates/service.yaml @@ -15,7 +15,7 @@ apiVersion: v1 kind: Service metadata: - name: {{.Values.config.dmaapDrProv.name}} + name: {{ .Values.global.dmaapDrProvName }} namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} @@ -26,36 +26,36 @@ metadata: service.alpha.kubernetes.io/tolerate-unready-endpoints: "true" msb.onap.org/service-info: '[ { - "serviceName": "{{.Values.config.dmaapDrProv.name}}", + "serviceName": "{{ .Values.global.dmaapDrProvName }}", "version": "v1", "url": "/", "protocol": "REST", - "port": "{{.Values.config.dmaapDrProv.externalPort2}}", + "port": "{{ .Values.global.dmaapDrProvExtPort2 }}", "visualRange":"1" } ]' spec: - type: {{.Values.config.dmaapDrProv.servicetype}} + type: {{ .Values.config.dmaapDrProv.servicetype }} ports: - {{- if eq .Values.config.dmaapDrProv.servicetype "NodePort" }} + {{if eq .Values.config.dmaapDrProv.servicetype "NodePort" -}} {{- if .Values.global.allow_http }} - - port: {{.Values.config.dmaapDrProv.externalPort}} - targetPort: {{.Values.config.dmaapDrProv.internalPort}} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{.Values.config.dmaapDrProv.nodePort}} - name: {{.Values.config.dmaapDrProv.name}} + - port: {{ .Values.global.dmaapDrProvExtPort }} + targetPort: {{ .Values.config.dmaapDrProv.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.config.dmaapDrProv.nodePort }} + name: {{ .Values.config.dmaapDrProv.portName }} {{- end}} - - port: {{.Values.config.dmaapDrProv.externalPort2}} - targetPort: {{.Values.config.dmaapDrProv.internalPort2}} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{.Values.config.dmaapDrProv.nodePort2}} - name: {{.Values.config.dmaapDrProv.name}}2 + - port: {{ .Values.global.dmaapDrProvExtPort2 }} + targetPort: {{ .Values.config.dmaapDrProv.internalPort2 }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.config.dmaapDrProv.nodePort2 }} + name: {{ .Values.config.dmaapDrProv.portName }}2 {{- else -}} - - port: {{.Values.config.dmaapDrProv.externalPort}} - targetPort: {{.Values.config.dmaapDrProv.internalPort}} - name: {{.Values.config.dmaapDrProv.name}} - - port: {{.Values.config.dmaapDrProv.externalPort2}} - targetPort: {{.Values.config.dmaapDrProv.internalPort2}} - name: {{.Values.config.dmaapDrProv.name}}2 + - port: {{ .Values.global.dmaapDrProvExtPort }} + targetPort: {{ .Values.config.dmaapDrProv.internalPort }} + name: {{ .Values.config.dmaapDrProv.portName }} + - port: {{ .Values.global.dmaapDrProvExtPort2 }} + targetPort: {{ .Values.config.dmaapDrProv.internalPort2 }} + name: {{ .Values.config.dmaapDrProv.portName }}2 {{- end}} selector: app: {{ include "common.name" . }} diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml index 39977f80e3..aca2c83adb 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml @@ -17,18 +17,13 @@ ################################################################# global: nodePortPrefix: 302 - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 - loggingRepository: docker.elastic.co - loggingImage: beats/filebeat:5.5.0 loggingDirectory: /opt/app/datartr/logs ################################################################# # Application configuration defaults. ################################################################# # application image -repository: nexus3.onap.org:10001 -image: onap/dmaap/datarouter-prov:2.1.0 +image: onap/dmaap/datarouter-prov:2.1.1 pullPolicy: Always # flag to enable debugging - application support required @@ -86,9 +81,6 @@ config: # dr provisioning server configuration dmaapDrProv: servicetype: NodePort - name: dmaap-dr-prov - externalPort: 8080 - externalPort2: 8443 internalPort: 8080 internalPort2: 8443 portName: dr-prov-port diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/resources/config/cadi.properties b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/resources/config/cadi.properties new file mode 100644 index 0000000000..1e7d7d38ac --- /dev/null +++ b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/resources/config/cadi.properties @@ -0,0 +1,19 @@ +aaf_url=https://AAF_LOCATE_URL/onap.org.osaaf.aaf.service:2.1 +aaf_env=DEV +aaf_lur=org.onap.aaf.cadi.aaf.v2_0.AAFLurPerm + +cadi_truststore=/opt/kafka/config/org.onap.dmaap.mr.trust.jks +cadi_truststore_password=enc:gvXm0E9p-_SRNw5_feOUE7wqXBxgxV3S_bdAyB08Sq9F35cCUZHWgQyKIDtTAbEw + +cadi_keyfile=/opt/kafka/config/org.onap.dmaap.mr.keyfile + +cadi_alias=dmaapmr@mr.dmaap.onap.org +cadi_keystore=/opt/kafka/config/org.onap.dmaap.mr.p12 +cadi_keystore_password=enc:pLMCzQzk-OP7IpYNi0TPtQSkNcraFAdarZG8HbdOKq4BycW6g_7mfhphLhOZo6ht +cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US + + +cadi_loglevel=INFO +cadi_protocols=TLSv1.1,TLSv1.2 +cadi_latitude=37.78187 +cadi_longitude=-122.26147
\ No newline at end of file diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/resources/config/log4j.properties b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/resources/config/log4j.properties new file mode 100644 index 0000000000..8e20fa48aa --- /dev/null +++ b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/resources/config/log4j.properties @@ -0,0 +1,74 @@ +log4j.rootLogger=INFO, stdout, kafkaAppender + +log4j.appender.stdout=org.apache.log4j.ConsoleAppender +log4j.appender.stdout.layout=org.apache.log4j.PatternLayout +log4j.appender.stdout.layout.ConversionPattern=[%d] %p %m (%c)%n + +log4j.appender.kafkaAppender=org.apache.log4j.DailyRollingFileAppender +log4j.appender.kafkaAppender.DatePattern='.'yyyy-MM-dd-HH +log4j.appender.kafkaAppender.File=${kafka.logs.dir}/server.log +log4j.appender.kafkaAppender.layout=org.apache.log4j.PatternLayout +log4j.appender.kafkaAppender.layout.ConversionPattern=[%d] %p %m (%c)%n + +log4j.appender.stateChangeAppender=org.apache.log4j.DailyRollingFileAppender +log4j.appender.stateChangeAppender.DatePattern='.'yyyy-MM-dd-HH +log4j.appender.stateChangeAppender.File=${kafka.logs.dir}/state-change.log +log4j.appender.stateChangeAppender.layout=org.apache.log4j.PatternLayout +log4j.appender.stateChangeAppender.layout.ConversionPattern=[%d] %p %m (%c)%n + +log4j.appender.requestAppender=org.apache.log4j.DailyRollingFileAppender +log4j.appender.requestAppender.DatePattern='.'yyyy-MM-dd-HH +log4j.appender.requestAppender.File=${kafka.logs.dir}/kafka-request.log +log4j.appender.requestAppender.layout=org.apache.log4j.PatternLayout +log4j.appender.requestAppender.layout.ConversionPattern=[%d] %p %m (%c)%n + +log4j.appender.cleanerAppender=org.apache.log4j.DailyRollingFileAppender +log4j.appender.cleanerAppender.DatePattern='.'yyyy-MM-dd-HH +log4j.appender.cleanerAppender.File=${kafka.logs.dir}/log-cleaner.log +log4j.appender.cleanerAppender.layout=org.apache.log4j.PatternLayout +log4j.appender.cleanerAppender.layout.ConversionPattern=[%d] %p %m (%c)%n + +log4j.appender.controllerAppender=org.apache.log4j.DailyRollingFileAppender +log4j.appender.controllerAppender.DatePattern='.'yyyy-MM-dd-HH +log4j.appender.controllerAppender.File=${kafka.logs.dir}/controller.log +log4j.appender.controllerAppender.layout=org.apache.log4j.PatternLayout +log4j.appender.controllerAppender.layout.ConversionPattern=[%d] %p %m (%c)%n + +log4j.appender.authorizerAppender=org.apache.log4j.DailyRollingFileAppender +log4j.appender.authorizerAppender.DatePattern='.'yyyy-MM-dd-HH +log4j.appender.authorizerAppender.File=${kafka.logs.dir}/kafka-authorizer.log +log4j.appender.authorizerAppender.layout=org.apache.log4j.PatternLayout +log4j.appender.authorizerAppender.layout.ConversionPattern=[%d] %p %m (%c)%n + +# Change the two lines below to adjust ZK client logging +log4j.logger.org.I0Itec.zkclient.ZkClient=INFO +log4j.logger.org.apache.zookeeper=INFO + +# Change the two lines below to adjust the general broker logging level (output to server.log and stdout) +log4j.logger.kafka=INFO +log4j.logger.org.apache.kafka=INFO + +# Change to DEBUG or TRACE to enable request logging +log4j.logger.kafka.request.logger=WARN, requestAppender +log4j.additivity.kafka.request.logger=false + +# Uncomment the lines below and change log4j.logger.kafka.network.RequestChannel$ to TRACE for additional output +# related to the handling of requests +#log4j.logger.kafka.network.Processor=TRACE, requestAppender +#log4j.logger.kafka.server.KafkaApis=TRACE, requestAppender +#log4j.additivity.kafka.server.KafkaApis=false +log4j.logger.kafka.network.RequestChannel$=WARN, requestAppender +log4j.additivity.kafka.network.RequestChannel$=false + +log4j.logger.kafka.controller=TRACE, controllerAppender +log4j.additivity.kafka.controller=false + +log4j.logger.kafka.log.LogCleaner=INFO, cleanerAppender +log4j.additivity.kafka.log.LogCleaner=false + +log4j.logger.state.change.logger=TRACE, stateChangeAppender +log4j.additivity.state.change.logger=false + +# Access denials are logged at INFO level, change to DEBUG to also log allowed accesses +log4j.logger.kafka.authorizer.logger=INFO, authorizerAppender +log4j.additivity.kafka.authorizer.logger=false diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/resources/config/server.properties b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/resources/config/server.properties new file mode 100644 index 0000000000..48341167f6 --- /dev/null +++ b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/resources/config/server.properties @@ -0,0 +1,122 @@ +############################# Socket Server Settings ############################# + +# The address the socket server listens on. It will get the value returned from +# java.net.InetAddress.getCanonicalHostName() if not configured. +# FORMAT: +# listeners = listener_name://host_name:port +# EXAMPLE: +# listeners = PLAINTEXT://your.host.name:9092 +listeners=EXTERNAL_SASL_PLAINTEXT://0.0.0.0:9093,INTERNAL_SASL_PLAINTEXT://0.0.0.0:9092 + +# Maps listener names to security protocols, the default is for them to be the same. See the config documentation for more details +listener.security.protocol.map=INTERNAL_SASL_PLAINTEXT:SASL_PLAINTEXT,EXTERNAL_SASL_PLAINTEXT:SASL_PLAINTEXT + +# The number of threads that the server uses for receiving requests from the network and sending responses to the network +num.network.threads=3 + +# The number of threads that the server uses for processing requests, which may include disk I/O +num.io.threads=8 + +# The send buffer (SO_SNDBUF) used by the socket server +socket.send.buffer.bytes=102400 + +#The number of hours to keep a log file before deleting it +log.retention.hours=168 +#The maximum size of the log before deleting it +log.retention.bytes=21474836480 + +# The receive buffer (SO_RCVBUF) used by the socket server +socket.receive.buffer.bytes=102400 + +# The maximum size of a request that the socket server will accept (protection against OOM) +socket.request.max.bytes=104857600 + + +############################# Log Basics ############################# + +# A comma separated list of directories under which to store log files +log.dirs=/opt/kafka/data + +# The default number of log partitions per topic. More partitions allow greater +# parallelism for consumption, but this will also result in more files across +# the brokers. +num.partitions={{ .Values.defaultpartitions }} + +# The number of threads per data directory to be used for log recovery at startup and flushing at shutdown. +# This value is recommended to be increased for installations with data dirs located in RAID array. +num.recovery.threads.per.data.dir=1 + +############################# Internal Topic Settings ############################# +# The replication factor for the group metadata internal topics "__consumer_offsets" and "__transaction_state" +# For anything other than development testing, a value greater than 1 is recommended for to ensure availability such as 3. +offsets.topic.replication.factor={{ .Values.replicaCount }} +transaction.state.log.replication.factor=1 +transaction.state.log.min.isr=1 + +############################# Log Flush Policy ############################# + +# Messages are immediately written to the filesystem but by default we only fsync() to sync +# the OS cache lazily. The following configurations control the flush of data to disk. +# There are a few important trade-offs here: +# 1. Durability: Unflushed data may be lost if you are not using replication. +# 2. Latency: Very large flush intervals may lead to latency spikes when the flush does occur as there will be a lot of data to flush. +# 3. Throughput: The flush is generally the most expensive operation, and a small flush interval may lead to excessive seeks. +# The settings below allow one to configure the flush policy to flush data after a period of time or +# every N messages (or both). This can be done globally and overridden on a per-topic basis. + +# The number of messages to accept before forcing a flush of data to disk +#log.flush.interval.messages=10000 + +# The maximum amount of time a message can sit in a log before we force a flush +#log.flush.interval.ms=1000 + +############################# Log Retention Policy ############################# + +# The following configurations control the disposal of log segments. The policy can +# be set to delete segments after a period of time, or after a given size has accumulated. +# A segment will be deleted whenever *either* of these criteria are met. Deletion always happens +# from the end of the log. + +# The minimum age of a log file to be eligible for deletion due to age +log.retention.hours=168 + +# A size-based retention policy for logs. Segments are pruned from the log unless the remaining +# segments drop below log.retention.bytes. Functions independently of log.retention.hours. +#log.retention.bytes=1073741824 + +# The maximum size of a log segment file. When this size is reached a new log segment will be created. +log.segment.bytes=1073741824 + +# The interval at which log segments are checked to see if they can be deleted according +# to the retention policies +log.retention.check.interval.ms=300000 + +############################# Zookeeper ############################# + +# Zookeeper connection string (see zookeeper docs for details). +# This is a comma separated host:port pairs, each corresponding to a zk +# server. e.g. "127.0.0.1:3000,127.0.0.1:3001,127.0.0.1:3002". +# You can also append an optional chroot string to the urls to specify the +# root directory for all kafka znodes. +zookeeper.connect={{.Release.Name}}-{{.Values.zookeeper.name}}-0.{{.Values.zookeeper.name}}.{{.Release.Namespace}}.svc.cluster.local:{{.Values.zookeeper.port}},{{.Release.Name}}-{{.Values.zookeeper.name}}-1.{{.Values.zookeeper.name}}.{{.Release.Namespace}}.svc.cluster.local:{{.Values.zookeeper.port}},{{.Release.Name}}-{{.Values.zookeeper.name}}-2.{{.Values.zookeeper.name}}.{{.Release.Namespace}}.svc.cluster.local:{{.Values.zookeeper.port}} + +# Timeout in ms for connecting to zookeeper +zookeeper.connection.timeout.ms=6000 + + +############################# Group Coordinator Settings ############################# + +# The following configuration specifies the time, in milliseconds, that the GroupCoordinator will delay the initial consumer rebalance. +# The rebalance will be further delayed by the value of group.initial.rebalance.delay.ms as new members join the group, up to a maximum of max.poll.interval.ms. +# The default value for this is 3 seconds. +# We override this to 0 here as it makes for a better out-of-the-box experience for development and testing. +# However, in production environments the default value of 3 seconds is more suitable as this will help to avoid unnecessary, and potentially expensive, rebalances during application startup. +group.initial.rebalance.delay.ms=0 + +inter.broker.listener.name=INTERNAL_SASL_PLAINTEXT +default.replication.factor={{ .Values.replicaCount }} +delete.topic.enable=true +sasl.enabled.mechanisms=PLAIN +authorizer.class.name=org.onap.dmaap.kafkaAuthorize.KafkaCustomAuthorizer +version=1.1.1 +sasl.mechanism.inter.broker.protocol=PLAIN diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/configmap.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/configmap.yaml new file mode 100644 index 0000000000..f9900f6233 --- /dev/null +++ b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/configmap.yaml @@ -0,0 +1,55 @@ +# Copyright © 2019 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-server-prop-configmap + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/server.properties").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-cadi-prop-configmap + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/cadi.properties").AsConfig . | indent 2 }} +--- + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-log4j-prop-configmap + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/log4j.properties").AsConfig . | indent 2 }} +--- + diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml index 5e964231de..bfe4b11ba7 100644 --- a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml +++ b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml @@ -75,11 +75,20 @@ spec: - -exec - | chown -R 1000:1000 /opt/kafka/data; + cp /opt/kafka/tmpconfig/server.properties /opt/kafka/config/; + chown 1000:1000 /opt/kafka/config/server.properties; + cd /opt/kafka/config; + ls; image: "{{ .Values.busyBoxRepository }}/{{ .Values.busyBoxImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: - mountPath: /opt/kafka/data name: kafka-data + - mountPath: /opt/kafka/tmpconfig/server.properties + subPath: server.properties + name: server + - mountPath: /opt/kafka/config + name: config-data name: {{ include "common.name" . }}-permission-fixer containers: - name: {{ include "common.name" . }} @@ -116,38 +125,27 @@ spec: fieldRef: apiVersion: v1 fieldPath: status.hostIP - - name: KAFKA_ZOOKEEPER_CONNECT - value: "{{.Values.zookeeper.name}}:{{.Values.zookeeper.port}}" - - name: KAFKA_LISTENER_SECURITY_PROTOCOL_MAP - value: "INTERNAL_SASL_PLAINTEXT:SASL_PLAINTEXT,EXTERNAL_SASL_PLAINTEXT:SASL_PLAINTEXT" - - name: KAFKA_LISTENERS - value: "EXTERNAL_SASL_PLAINTEXT://0.0.0.0:{{ .Values.service.externalPort }},INTERNAL_SASL_PLAINTEXT://0.0.0.0:{{ .Values.service.internalPort }}" - - name: KAFKA_INTER_BROKER_LISTENER_NAME - value: "INTERNAL_SASL_PLAINTEXT" - - name: KAFKA_SASL_ENABLED_MECHANISMS - value: "PLAIN" - - name: KAFKA_SASL_MECHANISM_INTER_BROKER_PROTOCOL - value: "PLAIN" - - name: KAFKA_AUTHORIZER_CLASS_NAME - value: "{{ .Values.kafkaCustomAuthorizer }}" - - name: KAFKA_DELETE_TOPIC_ENABLE - value: "{{ .Values.deleteTopicEnable }}" - name: aaf_locate_url - value: "https://aaf-locate:8095" - - name: KAFKA_LOG_DIRS - value: "/opt/kafka/data" - - name: KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR - value: "{{ .Values.replicaCount }}" - - name: KAFKA_DEFAULT_REPLICATION_FACTOR - value: "{{ .Values.replicaCount }}" - - name: KAFKA_NUM_PARTITIONS - value: "{{ .Values.defaultpartitions }}" + value: https://aaf-locate.{{ include "common.namespace" . }}:8095 + volumeMounts: - mountPath: /etc/localtime name: localtime readOnly: true - mountPath: /var/run/docker.sock name: docker-socket + - mountPath: /opt/kafka/tmpconfig/server.properties + subPath: server.properties + name: server + - mountPath: /opt/kafka/config/server.properties + subPath: server.properties + name: config-data + - mountPath: /opt/kafka/config/log4j.properties + subPath: log4j.properties + name: log4j + - mountPath: /opt/kafka/config/cadi.properties + subPath: cadi.properties + name: cadi - mountPath: /opt/kafka/data name: kafka-data {{- if .Values.tolerations }} @@ -158,9 +156,20 @@ spec: - name: localtime hostPath: path: /etc/localtime + - name: config-data + emptyDir: {} - name: docker-socket hostPath: path: /var/run/docker.sock + - name: server + configMap: + name: {{ include "common.fullname" . }}-server-prop-configmap + - name: log4j + configMap: + name: {{ include "common.fullname" . }}-log4j-prop-configmap + - name: cadi + configMap: + name: {{ include "common.fullname" . }}-cadi-prop-configmap {{ if not .Values.persistence.enabled }} - name: kafka-data emptyDir: {} @@ -187,4 +196,4 @@ spec: heritage: "{{ .Release.Service }}" {{ end }} imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" + - name: "{{ include "common.namespace" . }}-docker-registry-key"
\ No newline at end of file diff --git a/kubernetes/dmaap/components/message-router/resources/config/dmaap/MsgRtrApi.properties b/kubernetes/dmaap/components/message-router/resources/config/dmaap/MsgRtrApi.properties index 8e446610d4..b07eaad9b5 100755 --- a/kubernetes/dmaap/components/message-router/resources/config/dmaap/MsgRtrApi.properties +++ b/kubernetes/dmaap/components/message-router/resources/config/dmaap/MsgRtrApi.properties @@ -36,7 +36,9 @@ ## Both Cambria and Kafka make use of Zookeeper. ## #config.zk.servers=172.18.1.1 -config.zk.servers={{.Values.zookeeper.name}}:{{.Values.zookeeper.port}} +#config.zk.servers={{.Values.zookeeper.name}}:{{.Values.zookeeper.port}} +config.zk.servers={{.Release.Name}}-{{.Values.zookeeper.name}}-0.{{.Values.zookeeper.name}}.{{.Release.Namespace}}.svc.cluster.local:{{.Values.zookeeper.port}},{{.Release.Name}}-{{.Values.zookeeper.name}}-1.{{.Values.zookeeper.name}}.{{.Release.Namespace}}.svc.cluster.local:{{.Values.zookeeper.port}},{{.Release.Name}}-{{.Values.zookeeper.name}}-2.{{.Values.zookeeper.name}}.{{.Release.Namespace}}.svc.cluster.local:{{.Values.zookeeper.port}} + #config.zk.root=/fe3c/cambria/config @@ -48,7 +50,8 @@ config.zk.servers={{.Values.zookeeper.name}}:{{.Values.zookeeper.port}} ## configurations (after removing "kafka.") ## if you want to change request.required.acks it can take this one value #kafka.metadata.broker.list=localhost:9092,localhost:9093 -kafka.metadata.broker.list={{.Values.kafka.name}}:{{.Values.kafka.port}} +#kafka.metadata.broker.list={{.Values.kafka.name}}:{{.Values.kafka.port}} +kafka.metadata.broker.list={{.Release.Name}}-{{.Values.kafka.name}}-0.{{.Values.kafka.name}}.{{.Release.Namespace}}.svc.cluster.local:{{.Values.kafka.port}},{{.Release.Name}}-{{.Values.kafka.name}}-1.{{.Values.kafka.name}}.{{.Release.Namespace}}.svc.cluster.local:{{.Values.kafka.port}},{{.Release.Name}}-{{.Values.kafka.name}}-2.{{.Values.kafka.name}}.{{.Release.Namespace}}.svc.cluster.local:{{.Values.kafka.port}} ##kafka.request.required.acks=-1 #kafka.client.zookeeper=${config.zk.servers} consumer.timeout.ms=100 diff --git a/kubernetes/dmaap/components/message-router/resources/config/dmaap/cadi.properties b/kubernetes/dmaap/components/message-router/resources/config/dmaap/cadi.properties index 4e0b085e20..36dafce986 100755 --- a/kubernetes/dmaap/components/message-router/resources/config/dmaap/cadi.properties +++ b/kubernetes/dmaap/components/message-router/resources/config/dmaap/cadi.properties @@ -1,5 +1,5 @@ -aaf_locate_url=https://aaf-locate:8095 -aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.1 +aaf_locate_url=https://aaf-locate.{{ include "common.namespace" . }}:8095 +aaf_url=https://AAF_LOCATE_URL/onap.org.osaaf.aaf.service:2.1 aaf_env=DEV aaf_lur=org.onap.aaf.cadi.aaf.v2_0.AAFLurPerm diff --git a/kubernetes/dmaap/components/message-router/resources/config/dmaap/logback.xml b/kubernetes/dmaap/components/message-router/resources/config/dmaap/logback.xml new file mode 100644 index 0000000000..5dac1c0de7 --- /dev/null +++ b/kubernetes/dmaap/components/message-router/resources/config/dmaap/logback.xml @@ -0,0 +1,212 @@ +<!-- + ============LICENSE_START======================================================= + Copyright © 2019 AT&T Intellectual Property. All rights reserved. + ================================================================================ + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + ============LICENSE_END========================================================= + --> + +<configuration scan="true" scanPeriod="3 seconds" debug="false"> + <contextName>${module.ajsc.namespace.name}</contextName> + <jmxConfigurator /> + <property name="logDirectory" value="${AJSC_HOME}/log" /> + <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> + <filter class="ch.qos.logback.classic.filter.LevelFilter"> + <level>ERROR</level> + <onMatch>ACCEPT</onMatch> + <onMismatch>DENY</onMismatch> + </filter> + <encoder> + <pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n + </pattern> + </encoder> + </appender> + + <appender name="INFO" + class="ch.qos.logback.core.ConsoleAppender"> + <filter class="ch.qos.logback.classic.filter.LevelFilter"> + <level>INFO</level> + <onMatch>ACCEPT</onMatch> + <onMismatch>DENY</onMismatch> + </filter> + </appender> + + <appender name="DEBUG" class="ch.qos.logback.core.ConsoleAppender"> + + <encoder> + <pattern>"%d [%thread] %-5level %logger{1024} - %msg%n"</pattern> + </encoder> + </appender> + + <appender name="ERROR" class="ch.qos.logback.core.ConsoleAppender"> + class="ch.qos.logback.core.ConsoleAppender"> + <filter class="ch.qos.logback.classic.filter.LevelFilter"> + <level>ERROR</level> + <onMatch>ACCEPT</onMatch> + <onMismatch>DENY</onMismatch> + </filter> + <encoder> + <pattern>"%d [%thread] %-5level %logger{1024} - %msg%n"</pattern> + </encoder> + </appender> + + + <!-- Msgrtr related loggers --> + <logger name="org.onap.dmaap.dmf.mr.service" level="INFO" /> + <logger name="org.onap.dmaap.dmf.mr.service.impl" level="INFO" /> + + <logger name="org.onap.dmaap.dmf.mr.resources" level="INFO" /> + <logger name="org.onap.dmaap.dmf.mr.resources.streamReaders" level="INFO" /> + + <logger name="org.onap.dmaap.dmf.mr.backends" level="INFO" /> + <logger name="org.onap.dmaap.dmf.mr.backends.kafka" level="INFO" /> + <logger name="org.onap.dmaap.dmf.mr.backends.memory" level="INFO" /> + + <logger name="org.onap.dmaap.dmf.mr.beans" level="INFO" /> + + <logger name="org.onap.dmaap.dmf.mr.constants" level="INFO" /> + + <logger name="org.onap.dmaap.dmf.mr.exception" level="INFO" /> + + <logger name="org.onap.dmaap.dmf.mr.listener" level="INFO" /> + + <logger name="org.onap.dmaap.dmf.mr.metabroker" level="INFO" /> + + <logger name="org.onap.dmaap.dmf.mr.metrics.publisher" level="INFO" /> + <logger name="org.onap.dmaap.dmf.mr.metrics.publisher.impl" level="INFO" /> + + + + <logger name="org.onap.dmaap.dmf.mr.security" level="INFO" /> + <logger name="org.onap.dmaap.dmf.mr.security.impl" level="INFO" /> + + <logger name="org.onap.dmaap.dmf.mr.transaction" level="INFO" /> + <logger name="com.att.dmf.mr.transaction.impl" level="INFO" /> + + <logger name="org.onap.dmaap.dmf.mr.metabroker" level="INFO" /> + <logger name="org.onap.dmaap.dmf.mr.metabroker" level="INFO" /> + + <logger name="org.onap.dmaap.dmf.mr.utils" level="INFO" /> + <logger name="org.onap.dmaap.mr.filter" level="INFO" /> + + <!--<logger name="com.att.nsa.cambria.*" level="INFO" />--> + + <!-- Msgrtr loggers in ajsc --> + <logger name="org.onap.dmaap.service" level="INFO" /> + <logger name="org.onap.dmaap" level="INFO" /> + + + <!-- Spring related loggers --> + <logger name="org.springframework" level="WARN" additivity="false"/> + <logger name="org.springframework.beans" level="WARN" additivity="false"/> + <logger name="org.springframework.web" level="WARN" additivity="false" /> + <logger name="com.blog.spring.jms" level="WARN" additivity="false" /> + + <!-- AJSC Services (bootstrap services) --> + <logger name="ajsc" level="WARN" additivity="false"/> + <logger name="ajsc.RouteMgmtService" level="INFO" additivity="false"/> + <logger name="ajsc.ComputeService" level="INFO" additivity="false" /> + <logger name="ajsc.VandelayService" level="WARN" additivity="false"/> + <logger name="ajsc.FilePersistenceService" level="WARN" additivity="false"/> + <logger name="ajsc.UserDefinedJarService" level="WARN" additivity="false" /> + <logger name="ajsc.UserDefinedBeansDefService" level="WARN" additivity="false" /> + <logger name="ajsc.LoggingConfigurationService" level="WARN" additivity="false" /> + + <!-- AJSC related loggers (DME2 Registration, csi logging, restlet, servlet + logging) --> + <logger name="ajsc.utils" level="WARN" additivity="false"/> + <logger name="ajsc.utils.DME2Helper" level="INFO" additivity="false" /> + <logger name="ajsc.filters" level="DEBUG" additivity="false" /> + <logger name="ajsc.beans.interceptors" level="DEBUG" additivity="false" /> + <logger name="ajsc.restlet" level="DEBUG" additivity="false" /> + <logger name="ajsc.servlet" level="DEBUG" additivity="false" /> + <logger name="com.att" level="WARN" additivity="false" /> + <logger name="com.att.ajsc.csi.logging" level="WARN" additivity="false" /> + <logger name="com.att.ajsc.filemonitor" level="WARN" additivity="false"/> + + <logger name="com.att.nsa.dmaap.util" level="INFO" additivity="false"/> + <logger name="com.att.cadi.filter" level="INFO" additivity="false" /> + + + <!-- Other Loggers that may help troubleshoot --> + <logger name="net.sf" level="WARN" additivity="false" /> + <logger name="org.apache.commons.httpclient" level="WARN" additivity="false"/> + <logger name="org.apache.commons" level="WARN" additivity="false" /> + <logger name="org.apache.coyote" level="WARN" additivity="false"/> + <logger name="org.apache.jasper" level="WARN" additivity="false"/> + + <!-- Camel Related Loggers (including restlet/servlet/jaxrs/cxf logging. + May aid in troubleshooting) --> + <logger name="org.apache.camel" level="WARN" additivity="false" /> + <logger name="org.apache.cxf" level="WARN" additivity="false" /> + <logger name="org.apache.camel.processor.interceptor" level="WARN" additivity="false"/> + <logger name="org.apache.cxf.jaxrs.interceptor" level="WARN" additivity="false" /> + <logger name="org.apache.cxf.service" level="WARN" additivity="false" /> + <logger name="org.restlet" level="DEBUG" additivity="false" /> + <logger name="org.apache.camel.component.restlet" level="DEBUG" additivity="false" /> + <logger name="org.apache.kafka" level="DEBUG" additivity="false" /> + <logger name="org.apache.zookeeper" level="INFO" additivity="false" /> + <logger name="org.I0Itec.zkclient" level="DEBUG" additivity="false" /> + + <!-- logback internals logging --> + <logger name="ch.qos.logback.classic" level="INFO" additivity="false"/> + <logger name="ch.qos.logback.core" level="INFO" additivity="false" /> + + <!-- logback jms appenders & loggers definition starts here --> + <!-- logback jms appenders & loggers definition starts here --> + <appender name="auditLogs" + class="ch.qos.logback.core.ConsoleAppender"> + <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> + </filter> + <encoder> + <pattern>"%d [%thread] %-5level %logger{1024} - %msg%n"</pattern> + </encoder> + </appender> + <appender name="perfLogs" + class="ch.qos.logback.core.ConsoleAppender"> + <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> + </filter> + <encoder> + <pattern>"%d [%thread] %-5level %logger{1024} - %msg%n"</pattern> + </encoder> + </appender> + <appender name="ASYNC-audit" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>1000</queueSize> + <discardingThreshold>0</discardingThreshold> + <appender-ref ref="Audit-Record-Queue" /> + </appender> + + <logger name="AuditRecord" level="INFO" additivity="FALSE"> + <appender-ref ref="STDOUT" /> + </logger> + <logger name="AuditRecord_DirectCall" level="INFO" additivity="FALSE"> + <appender-ref ref="STDOUT" /> + </logger> + <appender name="ASYNC-perf" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>1000</queueSize> + <discardingThreshold>0</discardingThreshold> + <appender-ref ref="Performance-Tracker-Queue" /> + </appender> + <logger name="PerfTrackerRecord" level="INFO" additivity="FALSE"> + <appender-ref ref="ASYNC-perf" /> + <appender-ref ref="perfLogs" /> + </logger> + <!-- logback jms appenders & loggers definition ends here --> + + <root level="DEBUG"> + <appender-ref ref="DEBUG" /> + <appender-ref ref="ERROR" /> + <appender-ref ref="INFO" /> + <appender-ref ref="STDOUT" /> + </root> + +</configuration>
\ No newline at end of file diff --git a/kubernetes/dmaap/components/message-router/templates/configmap.yaml b/kubernetes/dmaap/components/message-router/templates/configmap.yaml index e2e0da51fd..f84915a9e0 100644 --- a/kubernetes/dmaap/components/message-router/templates/configmap.yaml +++ b/kubernetes/dmaap/components/message-router/templates/configmap.yaml @@ -39,6 +39,21 @@ metadata: data: {{ tpl (.Files.Glob "resources/config/dmaap/cadi.properties").AsConfig . | indent 2 }} --- + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-logback-xml-configmap + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/dmaap/logback.xml").AsConfig . | indent 2 }} +--- + apiVersion: v1 kind: ConfigMap metadata: diff --git a/kubernetes/dmaap/components/message-router/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/templates/statefulset.yaml index 7bf88f5f8e..f7b51d1b9e 100644 --- a/kubernetes/dmaap/components/message-router/templates/statefulset.yaml +++ b/kubernetes/dmaap/components/message-router/templates/statefulset.yaml @@ -76,6 +76,9 @@ spec: - mountPath: /appl/dmaapMR1/bundleconfig/etc/appprops/MsgRtrApi.properties subPath: MsgRtrApi.properties name: appprops + - mountPath: /appl/dmaapMR1/bundleconfig/etc/logback.xml + subPath: logback.xml + name: logback - mountPath: /appl/dmaapMR1/etc/cadi.properties subPath: cadi.properties name: cadi @@ -91,6 +94,9 @@ spec: - name: appprops configMap: name: {{ include "common.fullname" . }}-msgrtrapi-prop-configmap + - name: logback + configMap: + name: {{ include "common.fullname" . }}-logback-xml-configmap - name: cadi configMap: name: {{ include "common.fullname" . }}-cadi-prop-configmap diff --git a/kubernetes/dmaap/components/message-router/values.yaml b/kubernetes/dmaap/components/message-router/values.yaml index 54c8982eca..7561bc24a3 100644 --- a/kubernetes/dmaap/components/message-router/values.yaml +++ b/kubernetes/dmaap/components/message-router/values.yaml @@ -28,7 +28,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/dmaap/dmaap-mr:1.1.14 +image: onap/dmaap/dmaap-mr:1.1.16 pullPolicy: Always kafka: diff --git a/kubernetes/dmaap/resources/config/log/filebeat/filebeat.yml b/kubernetes/dmaap/resources/config/log/filebeat/filebeat.yml index f1cf7394b6..40d2476b8e 100644 --- a/kubernetes/dmaap/resources/config/log/filebeat/filebeat.yml +++ b/kubernetes/dmaap/resources/config/log/filebeat/filebeat.yml @@ -40,7 +40,7 @@ output.logstash: #List of logstash server ip addresses with port number. #But, in our case, this will be the loadbalancer IP address. #For the below property to work the loadbalancer or logstash should expose 5044 port to listen the filebeat events or port in the property should be changed appropriately. - hosts: ["{{.Values.config.logstashServiceName}}.{{.Release.Namespace}}:{{.Values.config.logstashPort}}"] + hosts: ["{{.Values.global.logstashServiceName}}.{{.Release.Namespace}}:{{.Values.global.logstashPort}}"] #If enable will do load balancing among available Logstash, automatically. loadbalance: true diff --git a/kubernetes/dmaap/values.yaml b/kubernetes/dmaap/values.yaml index d5b7bffefe..89c8baa1a4 100644 --- a/kubernetes/dmaap/values.yaml +++ b/kubernetes/dmaap/values.yaml @@ -18,20 +18,28 @@ ################################################################# global: nodePortPrefix: 302 + nodePortPrefixExt: 304 readinessRepository: oomk8s readinessImage: readiness-check:2.0.0 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 clientImage: onap/dmaap/dbc-client:1.0.9 + repository: nexus3.onap.org:10001 #Global DMaaP app config allow_http: true -# application configuration -config: + #Logstash config logstashServiceName: log-ls logstashPort: 5044 + #dmaap-dr-prov server configuration + dmaapDrProvName: dmaap-dr-prov + dmaapDrProvExtPort2: 8443 + dmaapDrProvExtPort: 8080 + + +#Component overrides message-router: enabled: true dmaap-bc: diff --git a/kubernetes/nbi/values.yaml b/kubernetes/nbi/values.yaml index 08ba011631..aef2e599fa 100644 --- a/kubernetes/nbi/values.yaml +++ b/kubernetes/nbi/values.yaml @@ -28,7 +28,7 @@ subChartsOnly: # application image repository: nexus3.onap.org:10001 -image: onap/externalapi/nbi:4.0.0 +image: onap/externalapi/nbi:5.0.0 pullPolicy: Always sdc_authorization: Basic YWFpOktwOGJKNFNYc3pNMFdYbGhhazNlSGxjc2UyZ0F3ODR2YW9HR21KdlV5MlU= aai_authorization: Basic QUFJOkFBSQ== diff --git a/kubernetes/onap/requirements.yaml b/kubernetes/onap/requirements.yaml index 1d1dd8b7a5..1d1dd8b7a5 100644..100755 --- a/kubernetes/onap/requirements.yaml +++ b/kubernetes/onap/requirements.yaml diff --git a/kubernetes/onap/resources/overrides/onap-all-ingress-nginx.yaml b/kubernetes/onap/resources/overrides/onap-all-ingress-nginx.yaml new file mode 100644 index 0000000000..ee27269564 --- /dev/null +++ b/kubernetes/onap/resources/overrides/onap-all-ingress-nginx.yaml @@ -0,0 +1,80 @@ +# Copyright © 2019 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################### +# This override file enables helm charts for all ONAP applications. +################################################################### +cassandra: + enabled: true +mariadb-galera: + enabled: true + +aaf: + enabled: true +aai: + enabled: true +appc: + enabled: true +clamp: + enabled: true +cli: + enabled: true +consul: + enabled: true +contrib: + enabled: true +dcaegen2: + enabled: true +dmaap: + enabled: true +esr: + enabled: true +log: + enabled: true +sniro-emulator: + enabled: true +oof: + enabled: true +msb: + enabled: true +multicloud: + enabled: true +nbi: + enabled: true +policy: + enabled: true +pomba: + enabled: true +portal: + enabled: true +robot: + enabled: true +sdc: + enabled: true +sdnc: + enabled: true +so: + enabled: true +uui: + enabled: true +vfc: + enabled: true +vid: + enabled: true + ingress: + enabled: true +vnfsdk: + enabled: true +nginx-ingress: + enabled: true diff --git a/kubernetes/onap/values.yaml b/kubernetes/onap/values.yaml index c0095049b5..c0095049b5 100644..100755 --- a/kubernetes/onap/values.yaml +++ b/kubernetes/onap/values.yaml diff --git a/kubernetes/policy/charts/brmsgw/values.yaml b/kubernetes/policy/charts/brmsgw/values.yaml index da3a39ae1c..57ff2f4b49 100644 --- a/kubernetes/policy/charts/brmsgw/values.yaml +++ b/kubernetes/policy/charts/brmsgw/values.yaml @@ -26,7 +26,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/policy-pe:1.4.1 +image: onap/policy-pe:1.5.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/charts/drools/charts/nexus/values.yaml b/kubernetes/policy/charts/drools/charts/nexus/values.yaml index 62a17e515e..5d85f6c5b0 100644 --- a/kubernetes/policy/charts/drools/charts/nexus/values.yaml +++ b/kubernetes/policy/charts/drools/charts/nexus/values.yaml @@ -29,7 +29,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: sonatype/nexus:2.14.8-01 +image: sonatype/nexus:2.14.13-01 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/charts/drools/values.yaml b/kubernetes/policy/charts/drools/values.yaml index d9582013b1..21f9169462 100644 --- a/kubernetes/policy/charts/drools/values.yaml +++ b/kubernetes/policy/charts/drools/values.yaml @@ -28,7 +28,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/policy-pdpd-cl:1.4.2 +image: onap/policy-pdpd-cl:1.5.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/charts/mariadb/values.yaml b/kubernetes/policy/charts/mariadb/values.yaml index fcd7093607..15c75b753c 100644 --- a/kubernetes/policy/charts/mariadb/values.yaml +++ b/kubernetes/policy/charts/mariadb/values.yaml @@ -25,7 +25,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: mariadb:10.2.14 +image: mariadb:10.2.25 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/charts/pdp/values.yaml b/kubernetes/policy/charts/pdp/values.yaml index b57a67e4c4..07f1794bd2 100644 --- a/kubernetes/policy/charts/pdp/values.yaml +++ b/kubernetes/policy/charts/pdp/values.yaml @@ -28,7 +28,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/policy-pe:1.4.1 +image: onap/policy-pe:1.5.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/charts/policy-apex-pdp/resources/config/OnapPfConfig.json b/kubernetes/policy/charts/policy-apex-pdp/resources/config/OnapPfConfig.json index 9de4a8b5b5..f26f35a9f4 100644 --- a/kubernetes/policy/charts/policy-apex-pdp/resources/config/OnapPfConfig.json +++ b/kubernetes/policy/charts/policy-apex-pdp/resources/config/OnapPfConfig.json @@ -12,5 +12,17 @@ "pdpType":"apex", "description":"Pdp Heartbeat", "supportedPolicyTypes":[{"name":"onap.policies.controlloop.operational.Apex","version":"1.0.0"}] + }, + "topicParameterGroup": { + "topicSources" : [{ + "topic" : "POLICY-PDP-PAP", + "servers" : [ "message-router" ], + "topicCommInfrastructure" : "dmaap" + }], + "topicSinks" : [{ + "topic" : "POLICY-PDP-PAP", + "servers" : [ "message-router" ], + "topicCommInfrastructure" : "dmaap" + }] } } diff --git a/kubernetes/policy/charts/policy-apex-pdp/resources/config/topic.properties b/kubernetes/policy/charts/policy-apex-pdp/resources/config/topic.properties deleted file mode 100644 index b61626b2da..0000000000 --- a/kubernetes/policy/charts/policy-apex-pdp/resources/config/topic.properties +++ /dev/null @@ -1,23 +0,0 @@ -# ============LICENSE_START======================================================= -# Copyright (C) 2019 Nordix Foundation. -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# SPDX-License-Identifier: Apache-2.0 -# ============LICENSE_END========================================================= - -dmaap.source.topics=POLICY-PDP-PAP -dmaap.sink.topics=POLICY-PDP-PAP - -dmaap.source.topics.POLICY-PDP-PAP.servers= message-router -dmaap.sink.topics.POLICY-PDP-PAP.servers= message-router
\ No newline at end of file diff --git a/kubernetes/policy/charts/policy-apex-pdp/templates/statefulset.yaml b/kubernetes/policy/charts/policy-apex-pdp/templates/statefulset.yaml index f1c024bc4e..9ab1e055a8 100644 --- a/kubernetes/policy/charts/policy-apex-pdp/templates/statefulset.yaml +++ b/kubernetes/policy/charts/policy-apex-pdp/templates/statefulset.yaml @@ -45,8 +45,6 @@ spec: - /opt/app/policy/apex-pdp/bin/apexOnapPf.sh - -c - /home/apexuser/config/OnapPfConfig.json - - -p - - /home/apexuser/config/topic.properties imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} ports: - containerPort: {{ .Values.service.externalPort }} diff --git a/kubernetes/policy/charts/policy-apex-pdp/values.yaml b/kubernetes/policy/charts/policy-apex-pdp/values.yaml index f9e0c8d5b9..381c825311 100644 --- a/kubernetes/policy/charts/policy-apex-pdp/values.yaml +++ b/kubernetes/policy/charts/policy-apex-pdp/values.yaml @@ -29,7 +29,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/policy-apex-pdp:2.1.0 +image: onap/policy-apex-pdp:2.2.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/charts/policy-api/values.yaml b/kubernetes/policy/charts/policy-api/values.yaml index b34e9be747..bace88fe70 100644 --- a/kubernetes/policy/charts/policy-api/values.yaml +++ b/kubernetes/policy/charts/policy-api/values.yaml @@ -28,7 +28,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/policy-api:2.0.1 +image: onap/policy-api:2.1.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/charts/policy-distribution/values.yaml b/kubernetes/policy/charts/policy-distribution/values.yaml index 935e7e69f1..2cc0d444d6 100644 --- a/kubernetes/policy/charts/policy-distribution/values.yaml +++ b/kubernetes/policy/charts/policy-distribution/values.yaml @@ -28,7 +28,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/policy-distribution:2.1.0 +image: onap/policy-distribution:2.2.0 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/charts/policy-pap/resources/config/config.json b/kubernetes/policy/charts/policy-pap/resources/config/config.json index fa80bf2190..3f33ed95a0 100644 --- a/kubernetes/policy/charts/policy-pap/resources/config/config.json +++ b/kubernetes/policy/charts/policy-pap/resources/config/config.json @@ -26,6 +26,7 @@ "aaf": false }, "pdpParameters": { + "heartBeatMs": 120000, "updateParameters": { "maxRetryCount": 1, "maxWaitMs": 30000 @@ -43,5 +44,17 @@ "databaseUser": "policy_user", "databasePassword": "cG9saWN5X3VzZXI=", "persistenceUnit": "PolicyMariaDb" + }, + "topicParameterGroup": { + "topicSources" : [{ + "topic" : "POLICY-PDP-PAP", + "servers" : [ "message-router" ], + "topicCommInfrastructure" : "dmaap" + }], + "topicSinks" : [{ + "topic" : "POLICY-PDP-PAP", + "servers" : [ "message-router" ], + "topicCommInfrastructure" : "dmaap" + }] } } diff --git a/kubernetes/policy/charts/policy-pap/resources/config/topic.properties b/kubernetes/policy/charts/policy-pap/resources/config/topic.properties deleted file mode 100644 index c1124a1172..0000000000 --- a/kubernetes/policy/charts/policy-pap/resources/config/topic.properties +++ /dev/null @@ -1,22 +0,0 @@ -# ============LICENSE_START======================================================= -# ONAP PAP -# ================================================================================ -# Copyright (C) 2019 Nordix Foundation. -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= - -dmaap.sink.topics=POLICY-PDP-PAP -dmaap.sink.topics.POLICY-PDP-PAP.servers=message-router -dmaap.source.topics=POLICY-PDP-PAP -dmaap.source.topics.POLICY-PDP-PAP.servers=message-router diff --git a/kubernetes/policy/charts/policy-pap/templates/deployment.yaml b/kubernetes/policy/charts/policy-pap/templates/deployment.yaml index 4945f766d8..3332f60944 100644 --- a/kubernetes/policy/charts/policy-pap/templates/deployment.yaml +++ b/kubernetes/policy/charts/policy-pap/templates/deployment.yaml @@ -36,7 +36,7 @@ spec: image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: ["/opt/app/policy/pap/bin/policy-pap.sh"] - args: ["/opt/app/policy/pap/etc/mounted/config.json", "/opt/app/policy/pap/etc/mounted/topic.properties"] + args: ["/opt/app/policy/pap/etc/mounted/config.json"] ports: - containerPort: {{ .Values.service.internalPort }} # disable liveness probe when breakpoints set in debugger diff --git a/kubernetes/policy/charts/policy-pap/values.yaml b/kubernetes/policy/charts/policy-pap/values.yaml index bccdee5769..e3cb999af1 100644 --- a/kubernetes/policy/charts/policy-pap/values.yaml +++ b/kubernetes/policy/charts/policy-pap/values.yaml @@ -28,7 +28,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/policy-pap:2.0.1 +image: onap/policy-pap:2.1.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/charts/policy-xacml-pdp/resources/config/config.json b/kubernetes/policy/charts/policy-xacml-pdp/resources/config/config.json index 789dde4491..5635c05efa 100644 --- a/kubernetes/policy/charts/policy-xacml-pdp/resources/config/config.json +++ b/kubernetes/policy/charts/policy-xacml-pdp/resources/config/config.json @@ -25,5 +25,17 @@ "https": true, "aaf": false }, - "applicationPath": "/opt/app/policy/pdpx/apps" -}
\ No newline at end of file + "applicationPath": "/opt/app/policy/pdpx/apps", + "topicParameterGroup": { + "topicSources" : [{ + "topic" : "POLICY-PDP-PAP", + "servers" : [ "message-router" ], + "topicCommInfrastructure" : "dmaap" + }], + "topicSinks" : [{ + "topic" : "POLICY-PDP-PAP", + "servers" : [ "message-router" ], + "topicCommInfrastructure" : "dmaap" + }] + } +} diff --git a/kubernetes/policy/charts/policy-xacml-pdp/resources/config/topic.properties b/kubernetes/policy/charts/policy-xacml-pdp/resources/config/topic.properties deleted file mode 100644 index a56de8bc5e..0000000000 --- a/kubernetes/policy/charts/policy-xacml-pdp/resources/config/topic.properties +++ /dev/null @@ -1,22 +0,0 @@ -# ============LICENSE_START======================================================= -# ONAP PAP -# ================================================================================ -# Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= - -dmaap.sink.topics=POLICY-PDP-PAP -dmaap.sink.topics.POLICY-PDP-PAP.servers=message-router -dmaap.source.topics=POLICY-PDP-PAP -dmaap.source.topics.POLICY-PDP-PAP.servers=message-router
\ No newline at end of file diff --git a/kubernetes/policy/charts/policy-xacml-pdp/templates/deployment.yaml b/kubernetes/policy/charts/policy-xacml-pdp/templates/deployment.yaml index e5e94ccc95..da9b0197d3 100644 --- a/kubernetes/policy/charts/policy-xacml-pdp/templates/deployment.yaml +++ b/kubernetes/policy/charts/policy-xacml-pdp/templates/deployment.yaml @@ -36,7 +36,7 @@ spec: image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: ["/opt/app/policy/pdpx/bin/policy-pdpx.sh"] - args: ["/opt/app/policy/pdpx/etc/mounted/config.json","/opt/app/policy/pdpx/etc/mounted/topic.properties"] + args: ["/opt/app/policy/pdpx/etc/mounted/config.json"] ports: - containerPort: {{ .Values.service.internalPort }} # disable liveness probe when breakpoints set in debugger diff --git a/kubernetes/policy/charts/policy-xacml-pdp/values.yaml b/kubernetes/policy/charts/policy-xacml-pdp/values.yaml index 7e81ba8ddf..0f61c03939 100644 --- a/kubernetes/policy/charts/policy-xacml-pdp/values.yaml +++ b/kubernetes/policy/charts/policy-xacml-pdp/values.yaml @@ -27,7 +27,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/policy-xacml-pdp:2.0.1 +image: onap/policy-xacml-pdp:2.1.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/values.yaml b/kubernetes/policy/values.yaml index d1527ab6b8..f43d50defb 100644 --- a/kubernetes/policy/values.yaml +++ b/kubernetes/policy/values.yaml @@ -41,7 +41,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/policy-pe:1.4.1 +image: onap/policy-pe:1.5.1 pullPolicy: Always subChartsOnly: diff --git a/kubernetes/robot b/kubernetes/robot new file mode 160000 +Subproject b6b5b0e6f8880e3a922a2fef97e95e501347522 diff --git a/kubernetes/robot/demo-k8s.sh b/kubernetes/robot/demo-k8s.sh deleted file mode 100755 index eb6744b1ac..0000000000 --- a/kubernetes/robot/demo-k8s.sh +++ /dev/null @@ -1,223 +0,0 @@ -#!/bin/bash -# Copyright (C) 2018 Amdocs, Bell Canada -# Modifications Copyright (C) 2019 Samsung -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Execute tags built to support the hands-on demo -# -function usage -{ - echo "Usage: demo-k8s.sh <namespace> <command> [<parameters>]" - echo " " - echo " demo-k8s.sh <namespace> init" - echo " - Execute both init_customer + distribute" - echo " " - echo " demo-k8s.sh <namespace> init_customer" - echo " - Create demo customer (Demonstration) and services, etc." - echo " " - echo " demo-k8s.sh <namespace> distribute [<prefix>]" - echo " - Distribute demo models (demoVFW and demoVLB)" - echo " " - echo " demo-k8s.sh <namespace> preload <vnf_name> <module_name>" - echo " - Preload data for VNF for the <module_name>" - echo " " - echo " demo-k8s.sh <namespace> appc <module_name>" - echo " - provide APPC with vFW module mount point for closed loop" - echo " " - echo " demo-k8s.sh <namespace> init_robot [ <etc_hosts_prefix> ]" - echo " - Initialize robot after all ONAP VMs have started" - echo " " - echo " demo-k8s.sh <namespace> instantiateVFW" - echo " - Instantiate vFW module for the demo customer (DemoCust<uuid>)" - echo " " - echo " demo-k8s.sh <namespace> instantiateVFWdirectso csar_filename" - echo " - Instantiate vFW module using direct SO interface using previously distributed model " - echo " that is in /tmp/csar in robot container" - echo " " - echo " demo-k8s.sh <namespace> deleteVNF <module_name from instantiateVFW>" - echo " - Delete the module created by instantiateVFW" - echo " " - echo " demo-k8s.sh <namespace> heatbridge <stack_name> <service_instance_id> <service> <oam-ip-address>" - echo " - Run heatbridge against the stack for the given service instance and service" - echo " " - echo " demo-k8s.sh <namespace> vfwclosedloop <pgn-ip-address>" - echo " - vFWCL: Sets the packet generator to high and low rates, and checks whether the policy " - echo " kicks in to modulate the rates back to medium" - echo " " -} - -# Set the defaults - -echo "Number of parameters:" -echo $# - -if [ $# -lt 2 ];then - usage - exit -fi - -NAMESPACE=$1 -shift - -## -## if more than 1 tag is supplied, the must be provided with -i or -e -## -while [ $# -gt 0 ] -do - key="$1" - echo "KEY:" - echo $key - - case $key in - init_robot) - TAG="UpdateWebPage" - read -s -p "WEB Site Password for user 'test': " WEB_PASSWORD - if [ "$WEB_PASSWORD" = "" ]; then - echo "" - echo "WEB Password is required for user 'test'" - exit - fi - VARIABLES="$VARIABLES -v WEB_PASSWORD:$WEB_PASSWORD" - shift - if [ $# -eq 2 ];then - VARIABLES="$VARIABLES -v HOSTS_PREFIX:$1" - fi - shift - ;; - init) - TAG="InitDemo" - shift - ;; - init_customer) - TAG="InitCustomer" - shift - ;; - distribute) - TAG="InitDistribution" - shift - if [ $# -eq 1 ];then - VARIABLES="$VARIABLES -v DEMO_PREFIX:$1" - fi - shift - ;; - preload) - TAG="PreloadDemo" - shift - if [ $# -ne 2 ];then - echo "Usage: demo-k8s.sh <namespace> preload <vnf_name> <module_name>" - exit - fi - VARIABLES="$VARIABLES -v VNF_NAME:$1" - shift - VARIABLES="$VARIABLES -v MODULE_NAME:$1" - shift - ;; - appc) - TAG="APPCMountPointDemo" - shift - if [ $# -ne 1 ];then - echo "Usage: demo-k8s.sh <namespace> appc <module_name>" - exit - fi - VARIABLES="$VARIABLES -v MODULE_NAME:$1" - shift - ;; - instantiateVFW) - TAG="instantiateVFW" - VARIABLES="$VARIABLES -v GLOBAL_BUILD_NUMBER:$$" - shift - ;; - instantiateVFWdirectso) - TAG="instantiateVFWdirectso" - shift - if [ $# -ne 1 ];then - echo "Usage: demo-k8s.sh <namespace> instantiateVFWdirectso <csar_filename>" - exit - fi - VARIABLES="$VARIABLES -v CSAR_FILE:$1 -v GLOBAL_BUILD_NUMBER:$$" - shift - ;; - deleteVNF) - TAG="deleteVNF" - shift - if [ $# -ne 1 ];then - echo "Usage: demo-k8s.sh <namespace> deleteVNF <module_name from instantiateVFW>" - exit - fi - VARFILE=$1.py - if [ -e /opt/eteshare/${VARFILE} ]; then - VARIABLES="$VARIABLES -V /share/${VARFILE}" - else - echo "Cache file ${VARFILE} is not found" - exit - fi - shift - ;; - heatbridge) - TAG="heatbridge" - shift - if [ $# -ne 4 ];then - echo "Usage: demo-k8s.sh <namespace> heatbridge <stack_name> <service_instance_id> <service> <oam-ip-address>" - exit - fi - VARIABLES="$VARIABLES -v HB_STACK:$1" - shift - VARIABLES="$VARIABLES -v HB_SERVICE_INSTANCE_ID:$1" - shift - VARIABLES="$VARIABLES -v HB_SERVICE:$1" - shift - VARIABLES="$VARIABLES -v HB_IPV4_OAM_ADDRESS:$1" - shift - ;; - cds) - TAG="cds" - shift - ;; - distributeVFWNG) - TAG="distributeVFWNG" - shift - ;; - distributeDemoVFWDT) - TAG="DistributeDemoVFWDT" - shift - ;; - instantiateDemoVFWDT) - TAG="instantiateVFWDT" - shift - ;; - vfwclosedloop) - TAG="vfwclosedloop" - shift - VARIABLES="$VARIABLES -v PACKET_GENERATOR_HOST:$1 -v pkg_host:$1" - shift - ;; - *) - usage - exit - esac -done - -set -x - -POD=$(kubectl --namespace $NAMESPACE get pods | sed 's/ .*//'| grep robot) - -ETEHOME=/var/opt/ONAP - -export GLOBAL_BUILD_NUMBER=$(kubectl --namespace $NAMESPACE exec ${POD} -- bash -c "ls -1q /share/logs/ | wc -l") -OUTPUT_FOLDER=$(printf %04d $GLOBAL_BUILD_NUMBER)_demo_$key -DISPLAY_NUM=$(($GLOBAL_BUILD_NUMBER + 90)) - -VARIABLEFILES="-V /share/config/vm_properties.py -V /share/config/integration_robot_properties.py -V /share/config/integration_preload_parameters.py" - -kubectl --namespace $NAMESPACE exec ${POD} -- ${ETEHOME}/runTags.sh ${VARIABLEFILES} ${VARIABLES} -d /share/logs/${OUTPUT_FOLDER} -i ${TAG} --display $DISPLAY_NUM 2> ${TAG}.out diff --git a/kubernetes/robot/ete-k8s.sh b/kubernetes/robot/ete-k8s.sh deleted file mode 100755 index 5d42f048cd..0000000000 --- a/kubernetes/robot/ete-k8s.sh +++ /dev/null @@ -1,75 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -#!/bin/bash - -# -# Run the testsuite for the passed tag. Valid tags are listed in usage help -# Please clean up logs when you are done... -# -if [ "$1" == "" ] || [ "$2" == "" ]; then - echo "Usage: ete-k8s.sh [namespace] [tag]" - echo "" - echo " List of test case tags (filename for intent: tag)" - echo "" - echo " cds.robot: cds" - echo "" - echo " clamp.robot: clamp" - echo "" - echo " demo.robot: InitDemo, InitCustomer, APPCCDTPreloadDemo, APPCMountPointDemo, DistributeDemoVFWDT, DistributeVFWNG," - echo " InitDistribution, PreloadDemo, deleteVNF, heatbridge, instantiateDemoVFWCL, instantiateVFW, instantiateVFWCL, instantiateVFWDT" - echo "" - echo " health-check.robot: health, core, small, medium, 3rdparty, api, datarouter, externalapi, health-aaf, health-aai, health-appc," - echo " health-clamp, health-cli, health-dcae, health-dmaap, health-log, health-modeling, health-msb," - echo " health-multicloud, health-oof, health-policy, health-pomba, health-portal, health-sdc, health-sdnc," - echo " health-so, health-uui, health-vfc, health-vid, health-vnfsdk, healthdist, healthlogin, healthmr," - echo " healthportalapp, multicloud, oom" - echo "" - echo " hvves.robot: HVVES, ete" - echo "" - echo " model-distribution-vcpe.robot: distributevCPEResCust" - echo "" - echo " model-distribution.robot: distribute, distributeVFWDT, distributeVLB" - echo "" - echo " oof-*.robot: cmso, has, homing" - echo "" - echo " pnf-registration.robot: ete, pnf_registrate" - echo "" - echo " post-install-tests.robot dmaapacl, postinstall" - echo "" - echo " update_onap_page.robot: UpdateWebPage" - echo "" - echo " vnf-orchestration-direct-so.robot: instantiateVFWdirectso" - echo "" - echo " vnf-orchestration.robot: instantiate, instantiateNoDelete, stability72hr" - exit -fi - -set -x - -export NAMESPACE="$1" - -POD=$(kubectl --namespace $NAMESPACE get pods | sed 's/ .*//'| grep robot) - -TAGS="-i $2" - -ETEHOME=/var/opt/ONAP -export GLOBAL_BUILD_NUMBER=$(kubectl --namespace $NAMESPACE exec ${POD} -- bash -c "ls -1q /share/logs/ | wc -l") -OUTPUT_FOLDER=$(printf %04d $GLOBAL_BUILD_NUMBER)_ete_$2 -DISPLAY_NUM=$(($GLOBAL_BUILD_NUMBER + 90)) - -VARIABLEFILES="-V /share/config/vm_properties.py -V /share/config/integration_robot_properties.py -V /share/config/integration_preload_parameters.py" -VARIABLES="-v GLOBAL_BUILD_NUMBER:$$" - -kubectl --namespace $NAMESPACE exec ${POD} -- ${ETEHOME}/runTags.sh ${VARIABLEFILES} ${VARIABLES} -d /share/logs/${OUTPUT_FOLDER} ${TAGS} --display $DISPLAY_NUM diff --git a/kubernetes/robot/eteHelm-k8s.sh b/kubernetes/robot/eteHelm-k8s.sh deleted file mode 100755 index c58d8a8775..0000000000 --- a/kubernetes/robot/eteHelm-k8s.sh +++ /dev/null @@ -1,50 +0,0 @@ -# Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -#!/bin/bash - -# -# Run the health-check testsuites for the tags discovered by helm list -# Please clean up logs when you are done... -# -if [ "$1" == "" ] ; then - echo "Usage: eteHelm-k8s.sh [namespace]" - echo " list projects via helm list and runs health-check with those tags except dev and dev-consul" - exit -fi - -set -x - -export NAMESPACE="$1" - -POD=$(kubectl --namespace $NAMESPACE get pods | sed 's/ .*//'| grep robot) - -PROJECTS=$(helm list | tail +3 | grep '-' | cut -d' ' -f1 | sed -E 's/\w+-(\w+)/health-\1/g' | grep -v consul | grep -v nfs-provision) - -TAGS="" -for project in $PROJECTS ; -do -TAGS="$TAGS -i $project" -done - - -ETEHOME=/var/opt/ONAP -export GLOBAL_BUILD_NUMBER=$(kubectl --namespace $NAMESPACE exec ${POD} -- bash -c "ls -1q /share/logs/ | wc -l") -OUTPUT_FOLDER=$(printf %04d $GLOBAL_BUILD_NUMBER)_ete_helmlist -DISPLAY_NUM=$(($GLOBAL_BUILD_NUMBER + 90)) - -VARIABLEFILES="-V /share/config/vm_properties.py -V /share/config/integration_robot_properties.py -V /share/config/integration_preload_parameters.py" -VARIABLES="-v GLOBAL_BUILD_NUMBER:$$" - -kubectl --namespace $NAMESPACE exec ${POD} -- ${ETEHOME}/runTags.sh ${VARIABLEFILES} ${VARIABLES} -d /share/logs/${OUTPUT_FOLDER} ${TAGS} --display $DISPLAY_NUM diff --git a/kubernetes/robot/resources/config/eteshare/config/integration_robot_properties.py b/kubernetes/robot/resources/config/eteshare/config/integration_robot_properties.py deleted file mode 100644 index 2bbfa565bd..0000000000 --- a/kubernetes/robot/resources/config/eteshare/config/integration_robot_properties.py +++ /dev/null @@ -1,192 +0,0 @@ -# Copyright (c) 2018 Amdocs, Bell Canada, and others -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# aaf info - everything is from the private oam network (also called onap private network) -GLOBAL_AAF_SERVER = 'https://aaf-service.{{include "common.namespace" .}}:8100' -GLOBAL_AAF_USERNAME = '{{ .Values.aafUsername }}' -GLOBAL_AAF_PASSWORD = '{{ .Values.aafPassword }}' -# aai info - everything is from the private oam network (also called onap private network) -GLOBAL_AAI_SERVER_PROTOCOL = "https" -GLOBAL_AAI_SERVER_PORT = "8443" -GLOBAL_AAI_USERNAME = '{{ .Values.aaiUsername }}' -GLOBAL_AAI_PASSWORD = '{{ .Values.aaiPassword}}' -# appc info - everything is from the private oam network (also called onap private network) -GLOBAL_APPC_SERVER_PROTOCOL = "http" -GLOBAL_APPC_SERVER_PORT = "8282" -GLOBAL_APPC_USERNAME = '{{ .Values.appcUsername }}' -GLOBAL_APPC_PASSWORD = '{{ .Values.appcPassword }}' -GLOBAL_APPC_CDT_SERVER_PROTOCOL = "https" -GLOBAL_APPC_CDT_SERVER_PORT = "18080" -GLOBAL_APPC_CDT_USERNAME = "demo" -# sdc info - everything is from the private oam network (also called onap private network) -GLOBAL_ASDC_SERVER_PROTOCOL = "http" -GLOBAL_ASDC_FE_PORT = "8181" -GLOBAL_ASDC_BE_PORT = "8080" -GLOBAL_ASDC_BE_ONBOARD_PORT = "8081" -GLOBAL_ASDC_BE_USERNAME = "beep" -GLOBAL_ASDC_BE_PASSWORD = "boop" -# clamp info - everything is from the private oam network (also called onap private network) -GLOBAL_CLAMP_SERVER_PROTOCOL = "https" -GLOBAL_CLAMP_SERVER_PORT = "8443" -# nbi info - everything is from the private oam network (also called onap private network) -GLOBAL_NBI_SERVER_PROTOCOL = "http" -GLOBAL_NBI_SERVER_PORT = "8080" -# cli info - everything is from the private oam network (also called onap private network) -GLOBAL_CLI_SERVER_PROTOCOL = "http" -GLOBAL_CLI_SERVER_PORT = "8080" -# dcae info - everything is from the private oam network (also called onap private network) -GLOBAL_DCAE_SERVER_PROTOCOL = "http" -GLOBAL_DCAE_HEALTH_SERVER_PORT = "80" -GLOBAL_DCAE_USERNAME = '{{ .Values.dcaeUsername }}' -GLOBAL_DCAE_PASSWORD = '{{ .Values.dcaePassword}}' -# dcae hv-ves info -GLOBAL_DCAE_HVVES_SERVER_NAME = 'dcae-hv-ves-collector.{{include "common.namespace" .}}' -GLOBAL_DCAE_HVVES_SERVER_PORT = "6061" -# data router info - everything is from the private oam network (also called onap private network) -GLOBAL_DMAAP_DR_PROV_SERVER_PROTOCOL = "http" -GLOBAL_DMAAP_DR_PROV_SERVER_PORT = "8080" -GLOBAL_DMAAP_DR_NODE_SERVER_PROTOCOL = "http" -GLOBAL_DMAAP_DR_NODE_SERVER_PORT = "8080" -# dmaap message router info -GLOBAL_DMAAP_MESSAGE_ROUTER_SERVER_NAME = 'message-router.{{include "common.namespace" .}}' -GLOBAL_DMAAP_MESSAGE_ROUTER_SERVER_PORT = "3904" -# dmaap kafka info -GLOBAL_DMAAP_KAFKA_SERVER_NAME = 'message-router-kafka.{{include "common.namespace" .}}' -GLOBAL_DMAAP_KAFKA_SERVER_PORT = "9092" -GLOBAL_DMAAP_KAFKA_JAAS_USERNAME = '{{ .Values.kafkaJaasUsername }}' -GLOBAL_DMAAP_KAFKA_JAAS_PASSWORD = '{{ .Values.kafkaJaasPassword }}' -# DROOL server port and credentials -GLOBAL_DROOLS_SERVER_PORT = "9696" -GLOBAL_DROOLS_USERNAME = '{{ .Values.droolsUsername }}' -GLOBAL_DROOLS_PASSWORD = '{{ .Values.droolsPassword }}' -# log server config - NOTE: no log server is run in HEAT; only on OOM -GLOBAL_LOG_SERVER_PROTOCOL = "http" -GLOBAL_LOG_ELASTICSEARCH_PORT = "9200" -GLOBAL_LOG_LOGSTASH_PORT = "9600" -GLOBAL_LOG_KIBANA_PORT = "5601" -# pomba info - NOTE: no pomba is run in HEAT; only on OOM -GLOBAL_POMBA_SERVER_PROTOCOL_HTTP = "http" -GLOBAL_POMBA_SERVER_PROTOCOL_HTTPS = "https" -GLOBAL_POMBA_AAICONTEXTBUILDER_PORT = "9530" -GLOBAL_POMBA_SDCCONTEXTBUILDER_PORT = "9530" -GLOBAL_POMBA_NETWORKDISCCONTEXTBUILDER_PORT = "9530" -GLOBAL_POMBA_SERVICEDECOMPOSITION_PORT = "9532" -GLOBAL_POMBA_SDNCCXTBUILDER_PORT = "9530" -GLOBAL_POMBA_NETWORKDISCOVERY_MICROSERVICE_PORT = "9531" -GLOBAL_POMBA_VALIDATIONSERVICE_PORT = "9529" -GLOBAL_POMBA_KIBANA_PORT = "5601" -GLOBAL_POMBA_ELASTICSEARCH_PORT = "9200" -GLOBAL_POMBA_CONTEXTAGGREGATOR_PORT = "9529" - -# microservice bus info - everything is from the private oam network (also called onap private network) -GLOBAL_MSB_SERVER_PROTOCOL = "http" -GLOBAL_MSB_SERVER_PORT = "80" -# message router info - everything is from the private oam network (also called onap private network) -GLOBAL_MR_SERVER_PROTOCOL = "http" -GLOBAL_MR_SERVER_PORT = "3904" -# bus controller info -GLOBAL_BC_HTTPS_SERVER_PORT = "8443" -GLOBAL_BC_USERNAME = '{{ .Values.bcUsername }}' -GLOBAL_BC_PASSWORD = '{{ .Values.bcPassword }}' -# mso info - everything is from the private oam network (also called onap private network) -GLOBAL_MSO_SERVER_PROTOCOL = "http" -GLOBAL_MSO_SERVER_PORT = "8080" -# SO containers -GLOBAL_MSO_APIHAND_SERVER_PORT = "8080" -GLOBAL_MSO_ASDCHAND_SERVER_PORT = "8085" -GLOBAL_MSO_BPMN_SERVER_PORT = "8081" -GLOBAL_MSO_CATDB_SERVER_PORT = "8082" -GLOBAL_MSO_OPENSTACK_SERVER_PORT = "8087" -GLOBAL_MSO_REQDB_SERVER_PORT = "8083" -GLOBAL_MSO_SDNC_SERVER_PORT = "8086" -GLOBAL_MSO_VFC_SERVER_PORT = "8084" -GLOBAL_MSO_VNFM_SERVER_PORT = "9092" -GLOBAL_MSO_USERNAME = '{{ .Values.soUsername }}' -GLOBAL_MSO_CATDB_USERNAME = '{{ .Values.soCatdbUsername }}' -GLOBAL_MSO_PASSWORD = '{{ .Values.soPassword }}' -# robot uses MSO_PASSWORD for both SO and CATDB -# music info - everything is from the private oam network (also called onap private network) -GLOBAL_MUSIC_SERVER_PROTOCOL = "http" -GLOBAL_MUSIC_SERVER_PORT = "8080" -# oof global info - everything is from the private oam network (also called onap private network) -GLOBAL_OOF_SERVER_PROTOCOL = "https" -# oof-homing info - everything is from the private oam network (also called onap private network) -GLOBAL_OOF_HOMING_SERVER_PORT = "8091" -GLOBAL_OOF_HOMING_USERNAME="{{ .Values.oofHomingUsername }}" -GLOBAL_OOF_HOMING_PASSWORD="{{ .Values.oofHomingPassword }}" -# oof-sniro info - everything is from the private oam network (also called onap private network) -GLOBAL_OOF_SNIRO_SERVER_PORT = "8698" -#oof user -GLOBAL_OOF_OSDF_USERNAME="{{ .Values.oofUsername }}" -GLOBAL_OOF_OSDF_PASSWORD="{{ .Values.oofPassword }}" -#oof pci user -GLOBAL_OOF_PCI_USERNAME="{{ .Values.oofOsdfPciOptUsername }}" -GLOBAL_OOF_PCI_PASSWORD="{{ .Values.oofOsdfPciOptPassword }}" -# oof cmso global info - everything is from the private oam network (also called onap private network) -GLOBAL_OOF_CMSO_PROTOCOL = "https" -GLOBAL_OOF_CMSO_SERVER_PORT = "8080" -GLOBAL_OOF_CMSO_USERNAME = "{{ .Values.oofCmsoUsername }}" -GLOBAL_OOF_CMSO_PASSWORD = "{{ .Values.oofCmsoPassword }}" -# openstack info - info to select right info in environment -# packet generate vnf info - everything is from the private oam network (also called onap private network) -GLOBAL_PACKET_GENERATOR_PORT = "8183" -GLOBAL_PACKET_GENERATOR_USERNAME = "admin" -GLOBAL_PACKET_GENERATOR_PASSWORD = "admin" -GLOBAL_PGN_PORT = "2831" -# policy info - everything is from the private oam network (also called onap private network) -GLOBAL_POLICY_SERVER_PROTOCOL = "https" -GLOBAL_POLICY_SERVER_PORT = "8081" -GLOBAL_POLICY_HEALTHCHECK_PORT = "6969" -GLOBAL_POLICY_AUTH = '{{ .Values.policyAuth}}' -GLOBAL_POLICY_CLIENTAUTH = '{{ .Values.policyClientAuth}}' -GLOBAL_POLICY_USERNAME = '{{ .Values.policyUsername }}' -GLOBAL_POLICY_PASSWORD = '{{ .Values.policyPassword }}' -GLOBAL_POLICY_HEALTHCHECK_USERNAME = '{{ .Values.policyComponentUsername }}' -GLOBAL_POLICY_HEALTHCHECK_PASSWORD = '{{ .Values.policyComponentPassword }}' -# portal info - everything is from the private oam network (also called onap private network) -GLOBAL_PORTAL_SERVER_PROTOCOL = "http" -GLOBAL_PORTAL_SERVER_PORT = "8989" -GLOBAL_PORTAL_USERNAME = '{{ .Values.portalUsername }}' -GLOBAL_PORTAL_PASSWORD = '{{ .Values.portalPassword }}' -# sdngc info - everything is from the private oam network (also called onap private network) -GLOBAL_SDNGC_SERVER_PROTOCOL = "http" -GLOBAL_SDNGC_REST_PORT = "8282" -GLOBAL_SDNGC_ADMIN_PORT = "8843" -GLOBAL_SDNGC_USERNAME = '{{ .Values.sdncUsername }}' -GLOBAL_SDNGC_PASSWORD = '{{ .Values.sdncPassword }}' -# sms (AAF) info -GLOBAL_SMS_SERVER_PROTOCOL = "https" -GLOBAL_SMS_SERVER_NAME = 'aaf-sms.{{include "common.namespace" .}}' -GLOBAL_SMS_SERVER_PORT = "10443" -# vid info - everything is from the private oam network (also called onap private network) -GLOBAL_VID_SERVER_PROTOCOL = '{{ .Values.vidServerProtocol }}' -GLOBAL_VID_SERVER_PORT = '{{ .Values.vidServerPort }}' -GLOBAL_VID_USERNAME = '{{ .Values.vidUsername }}' -GLOBAL_VID_PASSWORD = '{{ .Values.vidPassword}}' -GLOBAL_VID_HEALTH_USERNAME = '{{ .Values.vidHealthUsername }}' -GLOBAL_VID_HEALTH_PASSWORD = '{{ .Values.vidHealthPassword }}' -# vnfsdk info - everything is from the private oam network (also called onap private network) -GLOBAL_VNFSDK_SERVER_PROTOCOL = "http" -GLOBAL_VNFSDK_SERVER_PORT = "8702" - -GLOBAL_DCAE_VES_PROTOCOL = "http" -GLOBAL_DCAE_VES_SERVER_PORT = "8080" -#global selenium info -GLOBAL_PROXY_WARNING_TITLE="" -GLOBAL_PROXY_WARNING_CONTINUE_XPATH="" -# dns info -GLOBAL_DNS_TRAFFIC_DURATION = "600" -# location where heat templates and data are loaded from -GLOBAL_HEAT_TEMPLATES_FOLDER = "/var/opt/ONAP/demo/heat" -GLOBAL_PRELOAD_DATA_FOLDER = "/var/opt/ONAP/demo/preload-data" diff --git a/kubernetes/robot/resources/config/eteshare/config/vm_properties.py b/kubernetes/robot/resources/config/eteshare/config/vm_properties.py deleted file mode 100644 index 8a88fa60e3..0000000000 --- a/kubernetes/robot/resources/config/eteshare/config/vm_properties.py +++ /dev/null @@ -1,222 +0,0 @@ -# Copyright (c) 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# File generated from /opt/config -# -GLOBAL_INJECTED_AAF_IP_ADDR = 'aaf-service.{{include "common.namespace" .}}' -GLOBAL_INJECTED_AAI1_IP_ADDR = 'aai.{{include "common.namespace" .}}' -GLOBAL_INJECTED_AAI2_IP_ADDR = 'N/A' -GLOBAL_INJECTED_APPC_IP_ADDR = 'appc.{{include "common.namespace" .}}' -GLOBAL_INJECTED_APPC_CDT_IP_ADDR = 'appc-cdt.{{include "common.namespace" .}}' -GLOBAL_INJECTED_ARTIFACTS_VERSION = '{{.Values.demoArtifactsVersion}}' -GLOBAL_INJECTED_ARTIFACTS_REPO_URL = "{{ .Values.demoArtifactsRepoUrl }}" -GLOBAL_INJECTED_CLAMP_IP_ADDR = 'clamp.{{include "common.namespace" .}}' -GLOBAL_INJECTED_CLI_IP_ADDR = 'cli.{{include "common.namespace" .}}' -GLOBAL_INJECTED_CLOUD_ENV = 'openstack' -GLOBAL_INJECTED_DCAE_COLLECTOR_IP = "{{ .Values.dcaeCollectorIp }}" -GLOBAL_INJECTED_DCAE_IP_ADDR = 'dcae-healthcheck.{{include "common.namespace" .}}' -GLOBAL_INJECTED_DCAE_VES_HOST = 'dcae-ves-collector.{{include "common.namespace" .}}' -GLOBAL_INJECTED_DMAAP_DR_PROV_IP_ADDR = 'dmaap-dr-prov.{{include "common.namespace" .}}' -GLOBAL_INJECTED_DMAAP_DR_NODE_IP_ADDR = 'dmaap-dr-node.{{include "common.namespace" .}}' -GLOBAL_INJECTED_DNS_IP_ADDR = 'N/A' -GLOBAL_INJECTED_DOCKER_VERSION = '1.2-STAGING-latest' -GLOBAL_INJECTED_EXTERNAL_DNS = 'N/A' -GLOBAL_INJECTED_LOG_ELASTICSEARCH_IP_ADDR = 'log-es.{{include "common.namespace" .}}' -GLOBAL_INJECTED_LOG_KIBANA_IP_ADDR = 'log-kibana.{{include "common.namespace" .}}' -GLOBAL_INJECTED_LOG_LOGSTASH_IP_ADDR = 'log-ls-http.{{include "common.namespace" .}}' -GLOBAL_INJECTED_POMBA_AAI_CONTEXT_BUILDER_IP_ADDR = 'pomba-aaictxbuilder.{{include "common.namespace" .}}' -GLOBAL_INJECTED_POMBA_SDC_CONTEXT_BUILDER_IP_ADDR = 'pomba-sdcctxbuilder.{{include "common.namespace" .}}' -GLOBAL_INJECTED_POMBA_NETWORK_DISC_CONTEXT_BUILDER_IP_ADDR = 'pomba-networkdiscoveryctxbuilder.{{include "common.namespace" .}}' -GLOBAL_INJECTED_POMBA_SERVICE_DECOMPOSITION_IP_ADDR = 'pomba-servicedecomposition.{{include "common.namespace" .}}' -GLOBAL_INJECTED_POMBA_SDNC_CTX_BUILDER_IP_ADDR = 'pomba-sdncctxbuilder.{{include "common.namespace" .}}' -GLOBAL_INJECTED_POMBA_NETWORKDISCOVERY_MICROSERVICE_IP_ADDR = 'pomba-networkdiscovery.{{include "common.namespace" .}}' -GLOBAL_INJECTED_POMBA_VALIDATION_SERVICE_IP_ADDR = 'pomba-validation-service.{{include "common.namespace" .}}' -GLOBAL_INJECTED_POMBA_KIBANA_IP_ADDR = 'pomba-kibana.{{include "common.namespace" .}}' -GLOBAL_INJECTED_POMBA_ELASTIC_SEARCH_IP_ADDR = 'pomba-es.{{include "common.namespace" .}}' -GLOBAL_INJECTED_POMBA_CONTEX_TAGGREGATOR_IP_ADDR = 'pomba-contextaggregator.{{include "common.namespace" .}}' -GLOBAL_INJECTED_KEYSTONE = '{{ .Values.openStackKeyStoneUrl }}' -GLOBAL_INJECTED_MR_IP_ADDR = 'message-router.{{include "common.namespace" .}}' -GLOBAL_INJECTED_BC_IP_ADDR = 'dmaap-bc.{{include "common.namespace" .}}' -GLOBAL_INJECTED_MUSIC_IP_ADDR = 'music.{{include "common.namespace" .}}' -GLOBAL_INJECTED_NBI_IP_ADDR = 'nbi.{{include "common.namespace" .}}' -GLOBAL_INJECTED_NETWORK = '{{ .Values.openStackPrivateNetId }}' -GLOBAL_INJECTED_NEXUS_DOCKER_REPO = 'nexus3.onap.org:10001' -GLOBAL_INJECTED_NEXUS_PASSWORD = 'docker' -GLOBAL_INJECTED_NEXUS_REPO ='https://nexus.onap.org/content/sites/raw' -GLOBAL_INJECTED_NEXUS_USERNAME = 'docker' -GLOBAL_INJECTED_OOF_IP_ADDR = 'N/A' -GLOBAL_INJECTED_OOF_HOMING_IP_ADDR = 'oof-has-api.{{include "common.namespace" .}}' -GLOBAL_INJECTED_OOF_SNIRO_IP_ADDR = 'oof-osdf.{{include "common.namespace" .}}' -GLOBAL_INJECTED_OOF_CMSO_IP_ADDR = 'oof-cmso.{{include "common.namespace" .}}' -GLOBAL_INJECTED_MSB_IP_ADDR = 'msb-iag.{{include "common.namespace" .}}' -GLOBAL_INJECTED_OPENSTACK_API_KEY = '{{ .Values.config.openStackEncryptedPasswordHere}}' -GLOBAL_INJECTED_OPENSTACK_PASSWORD = '{{ .Values.openStackPassword }}' -GLOBAL_INJECTED_OPENSTACK_TENANT_ID = '{{ .Values.openStackTenantId }}' -GLOBAL_INJECTED_OPENSTACK_USERNAME = '{{ .Values.openStackUserName }}' -GLOBAL_INJECTED_OPENSTACK_PROJECT_NAME = '{{ .Values.openStackProjectName }}' -GLOBAL_INJECTED_OPENSTACK_DOMAIN_ID = '{{ .Values.openStackDomainId }}' -GLOBAL_INJECTED_OPENSTACK_USER_DOMAIN = '{{ .Values.openStackUserDomain }}' -GLOBAL_INJECTED_OPENSTACK_KEYSTONE_API_VERSION = '{{ .Values.openStackKeystoneAPIVersion }}' -GLOBAL_INJECTED_REGION_THREE = '{{ .Values.openStackRegionRegionThree }}' -GLOBAL_INJECTED_KEYSTONE_REGION_THREE = '{{ .Values.openStackKeyStoneUrlRegionThree }}' -GLOBAL_INJECTED_OPENSTACK_KEYSTONE_API_VERSION_REGION_THREE = '{{ .Values.openStackKeystoneAPIVersionRegionThree }}' -GLOBAL_INJECTED_OPENSTACK_USERNAME_REGION_THREE = '{{ .Values.openStackUserNameRegionThree }}' -GLOBAL_INJECTED_OPENSTACK_PASSWORD_REGION_THREE = '{{ .Values.openStackPasswordRegionThree }}' -GLOBAL_INJECTED_OPENSTACK_MSO_ENCRYPTED_PASSWORD_REGION_THREE = '{{ .Values.openSackMsoEncryptdPasswordRegionThree }}' -GLOBAL_INJECTED_OPENSTACK_SO_ENCRYPTED_PASSWORD = '{{ .Values.config.openStackSoEncryptedPassword}}' -GLOBAL_INJECTED_OPENSTACK_TENANT_ID_REGION_THREE = '{{ .Values.openStackTenantIdRegionThree }}' -GLOBAL_INJECTED_OPENSTACK_PROJECT_DOMAIN_REGION_THREE = '{{ .Values.openStackProjectNameRegionThree }}' -GLOBAL_INJECTED_OPENSTACK_USER_DOMAIN_REGION_THREE = '{{ .Values.openStackDomainIdRegionThree }}' -GLOBAL_INJECTED_OPENSTACK_OAM_NETWORK_CIDR_PREFIX = '{{ .Values.openStackOamNetworkCidrPrefix }}' -GLOBAL_INJECTED_OPENSTACK_PUBLIC_NETWORK = '{{ .Values.openStackPublicNetworkName }}' -GLOBAL_INJECTED_OPENSTACK_SECURITY_GROUP = '{{ .Values.openStackSecurityGroup }}' -GLOBAL_INJECTED_OPENSTACK_PRIVATE_SUBNET_ID = "{{ .Values.openStackPrivateSubnetId }}" -GLOBAL_INJECTED_OPENSTACK_PRIVATE_NET_CIDR = "{{ .Values.openStackPrivateNetCidr }}" -GLOBAL_INJECTED_POLICY_IP_ADDR = 'pdp.{{include "common.namespace" .}}' -GLOBAL_INJECTED_POLICY_HEALTHCHECK_IP_ADDR = 'drools.{{include "common.namespace" .}}' -GLOBAL_INJECTED_PORTAL_IP_ADDR = 'portal-app.{{include "common.namespace" .}}' -GLOBAL_INJECTED_POLICY_API_IP_ADDR = 'policy-api.{{include "common.namespace" .}}' -GLOBAL_INJECTED_POLICY_PAP_IP_ADDR = 'policy-pap.{{include "common.namespace" .}}' -GLOBAL_INJECTED_POLICY_DISTRIBUTION_IP_ADDR = 'policy-distribution.{{include "common.namespace" .}}' -GLOBAL_INJECTED_POLICY_PDPX_IP_ADDR = 'policy-xacml-pdp.{{include "common.namespace" .}}' -GLOBAL_INJECTED_POLICY_APEX_PDP_IP_ADDR = 'policy-apex-pdp.{{include "common.namespace" .}}' -GLOBAL_INJECTED_PUBLIC_NET_ID = '{{ .Values.openStackPublicNetId }}' -GLOBAL_INJECTED_PUBLIC_KEY = "{{ .Values.vnfPubKey }}" -GLOBAL_INJECTED_REGION = '{{ .Values.openStackRegion }}' -GLOBAL_INJECTED_SCRIPT_VERSION = '{{ .Values.scriptVersion }}' -GLOBAL_INJECTED_SDC_BE_IP_ADDR = 'sdc-be.{{include "common.namespace" .}}' -GLOBAL_INJECTED_SDC_BE_ONBOARD_IP_ADDR = 'sdc-onboarding-be.{{include "common.namespace" .}}' -GLOBAL_INJECTED_SDC_FE_IP_ADDR = 'sdc-fe.{{include "common.namespace" .}}' -GLOBAL_INJECTED_SDC_IP_ADDR = 'N/A' -GLOBAL_INJECTED_SDNC_IP_ADDR = 'sdnc.{{include "common.namespace" .}}' -GLOBAL_INJECTED_SDNC_PORTAL_IP_ADDR = 'sdnc-portal.{{include "common.namespace" .}}' -GLOBAL_INJECTED_SO_APIHAND_IP_ADDR = 'so.{{include "common.namespace" .}}' -GLOBAL_INJECTED_SO_ASDCHAND_IP_ADDR = 'so-sdc-controller.{{include "common.namespace" .}}' -GLOBAL_INJECTED_SO_BPMN_IP_ADDR = 'so-bpmn-infra.{{include "common.namespace" .}}' -GLOBAL_INJECTED_SO_CATDB_IP_ADDR = 'so-catalog-db-adapter.{{include "common.namespace" .}}' -GLOBAL_INJECTED_SO_IP_ADDR = 'so.{{include "common.namespace" .}}' -GLOBAL_INJECTED_SO_OPENSTACK_IP_ADDR = 'so-openstack-adapter.{{include "common.namespace" .}}' -GLOBAL_INJECTED_SO_REQDB_IP_ADDR = 'so-request-db-adapter.{{include "common.namespace" .}}' -GLOBAL_INJECTED_SO_SDNC_IP_ADDR = 'so-sdnc-adapter.{{include "common.namespace" .}}' -GLOBAL_INJECTED_SO_VFC_IP_ADDR = 'so-vfc-adapter.{{include "common.namespace" .}}' -GLOBAL_INJECTED_SO_VNFM_IP_ADDR = 'so-vnfm-adapter.{{include "common.namespace" .}}' -GLOBAL_INJECTED_UBUNTU_1404_IMAGE = '{{ .Values.ubuntu14Image }}' -GLOBAL_INJECTED_UBUNTU_1604_IMAGE = '{{ .Values.ubuntu16Image }}' -GLOBAL_INJECTED_VM_IMAGE_NAME = '{{ .Values.ubuntu14Image }}' -GLOBAL_INJECTED_VID_IP_ADDR = 'vid.{{include "common.namespace" .}}' -GLOBAL_INJECTED_VM_FLAVOR = '{{ .Values.openStackFlavourMedium }}' -GLOBAL_INJECTED_VNFSDK_IP_ADDR = 'refrepo.{{include "common.namespace" .}}' - -GLOBAL_INJECTED_PROPERTIES = { - "GLOBAL_INJECTED_AAF_IP_ADDR" : 'aaf-service.{{include "common.namespace" .}}', - "GLOBAL_INJECTED_AAI1_IP_ADDR" : 'aai.{{include "common.namespace" .}}', - "GLOBAL_INJECTED_AAI2_IP_ADDR" : 'N/A', - "GLOBAL_INJECTED_APPC_IP_ADDR" : 'appc.{{include "common.namespace" .}}', - "GLOBAL_INJECTED_APPC_CDT_IP_ADDR" : 'appc-cdt.{{include "common.namespace" .}}', - "GLOBAL_INJECTED_ARTIFACTS_VERSION" : '{{.Values.demoArtifactsVersion}}', - "GLOBAL_INJECTED_ARTIFACTS_REPO_URL" : "{{ .Values.demoArtifactsRepoUrl }}", - "GLOBAL_INJECTED_CLAMP_IP_ADDR" : 'clamp.{{include "common.namespace" .}}', - "GLOBAL_INJECTED_CLI_IP_ADDR" : 'cli.{{include "common.namespace" .}}', - "GLOBAL_INJECTED_CLOUD_ENV" : 'openstack', - "GLOBAL_INJECTED_DCAE_COLLECTOR_IP" : "{{ .Values.dcaeCollectorIp }}", - "GLOBAL_INJECTED_DCAE_IP_ADDR" : 'dcae-healthcheck.{{include "common.namespace" .}}', - "GLOBAL_INJECTED_DCAE_VES_HOST" : 'dcae-ves-collector.{{include "common.namespace" .}}', - "GLOBAL_INJECTED_DMAAP_DR_PROV_IP_ADDR" : 'dmaap-dr-prov.{{include "common.namespace" .}}', - "GLOBAL_INJECTED_DMAAP_DR_NODE_IP_ADDR" : 'dmaap-dr-node.{{include "common.namespace" .}}', - "GLOBAL_INJECTED_DNS_IP_ADDR" : 'N/A', - "GLOBAL_INJECTED_DOCKER_VERSION" : '1.2-STAGING-latest', - "GLOBAL_INJECTED_EXTERNAL_DNS" : 'N/A', - "GLOBAL_INJECTED_KEYSTONE" : '{{ .Values.openStackKeyStoneUrl }}', - "GLOBAL_INJECTED_LOG_ELASTICSEARCH_IP_ADDR" : 'log-es.{{include "common.namespace" .}}', - "GLOBAL_INJECTED_LOG_KIBANA_IP_ADDR" : 'log-kibana.{{include "common.namespace" .}}', - "GLOBAL_INJECTED_LOG_LOGSTASH_IP_ADDR" : 'log-ls.{{include "common.namespace" .}}', - "GLOBAL_INJECTED_MR_IP_ADDR" : 'message-router.{{include "common.namespace" .}}', - "GLOBAL_INJECTED_BC_IP_ADDR" : 'dmaap-bc.{{include "common.namespace" .}}', - "GLOBAL_INJECTED_POMBA_AAI_CONTEXT_BUILDER_IP_ADDR" : 'pomba-aaictxbuilder.{{include "common.namespace" .}}', - "GLOBAL_INJECTED_POMBA_SDC_CONTEXT_BUILDER_IP_ADDR" : 'pomba-sdcctxbuilder.{{include "common.namespace" .}}', - "GLOBAL_INJECTED_POMBA_NETWORK_DISC_CONTEXT_BUILDER_IP_ADDR" : 'pomba-networkdiscovery.{{include "common.namespace" .}}', - "GLOBAL_INJECTED_POMBA_SERVICE_DECOMPOSITION_IP_ADDR" : 'pomba-servicedecomposition.{{include "common.namespace" .}}', - "GLOBAL_INJECTED_POMBA_SDNC_CTX_BUILDER_IP_ADDR" : 'pomba-sdncctxbuilder.{{include "common.namespace" .}}', - "GLOBAL_INJECTED_POMBA_CONTEX_TAGGREGATOR_IP_ADDR" : 'pomba-contextaggregator.{{include "common.namespace" .}}', - "GLOBAL_INJECTED_MUSIC_IP_ADDR" : 'music.{{include "common.namespace" .}}', - "GLOBAL_INJECTED_NBI_IP_ADDR" : 'nbi.{{include "common.namespace" .}}', - "GLOBAL_INJECTED_NETWORK" : '{{ .Values.openStackPrivateNetId }}', - "GLOBAL_INJECTED_NEXUS_DOCKER_REPO" : 'nexus3.onap.org:10001', - "GLOBAL_INJECTED_NEXUS_PASSWORD" : 'docker', - "GLOBAL_INJECTED_NEXUS_REPO" : 'https://nexus.onap.org/content/sites/raw', - "GLOBAL_INJECTED_NEXUS_USERNAME" : 'docker', - "GLOBAL_INJECTED_OOF_IP_ADDR" : 'N/A', - "GLOBAL_INJECTED_OOF_HOMING_IP_ADDR" : 'oof-has-api.{{include "common.namespace" .}}', - "GLOBAL_INJECTED_OOF_SNIRO_IP_ADDR" : 'oof-osdf.{{include "common.namespace" .}}', - "GLOBAL_INJECTED_OOF_CMSO_IP_ADDR" : 'oof-cmso.{{include "common.namespace" .}}', - "GLOBAL_INJECTED_MSB_IP_ADDR" : 'msb-iag.{{include "common.namespace" .}}', - "GLOBAL_INJECTED_OPENSTACK_API_KEY" : '{{ .Values.config.openStackEncryptedPasswordHere}}', - "GLOBAL_INJECTED_OPENSTACK_PASSWORD" : '{{ .Values.openStackPassword }}', - "GLOBAL_INJECTED_OPENSTACK_TENANT_ID" : '{{ .Values.openStackTenantId }}', - "GLOBAL_INJECTED_OPENSTACK_USERNAME" : '{{ .Values.openStackUserName }}', - "GLOBAL_INJECTED_OPENSTACK_PROJECT_NAME" : '{{ .Values.openStackProjectName }}', - "GLOBAL_INJECTED_OPENSTACK_DOMAIN_ID" : '{{ .Values.openStackDomainId }}', - "GLOBAL_INJECTED_OPENSTACK_USER_DOMAIN" : '{{ .Values.openStackUserDomain }}', - "GLOBAL_INJECTED_OPENSTACK_KEYSTONE_API_VERSION" : '{{ .Values.openStackKeystoneAPIVersion }}', - "GLOBAL_INJECTED_REGION_THREE" : '{{ .Values.openStackRegionRegionThree }}', - "GLOBAL_INJECTED_KEYSTONE_REGION_THREE" : '{{ .Values.openStackKeyStoneUrlRegionThree }}', - "GLOBAL_INJECTED_OPENSTACK_KEYSTONE_API_VERSION_REGION_THREE" : '{{ .Values.openStackKeystoneAPIVersionRegionThree }}', - "GLOBAL_INJECTED_OPENSTACK_USERNAME_REGION_THREE" : '{{ .Values.openStackUserNameRegionThree }}', - "GLOBAL_INJECTED_OPENSTACK_PASSWORD_REGION_THREE" : '{{ .Values.openStackPasswordRegionThree }}', - "GLOBAL_INJECTED_OPENSTACK_MSO_ENCRYPTED_PASSWORD_REGION_THREE" : '{{ .Values.openSackMsoEncryptdPasswordRegionThree }}', - "GLOBAL_INJECTED_OPENSTACK_SO_ENCRYPTED_PASSWORD" : '{{ .Values.config.openStackSoEncryptedPassword}}', - "GLOBAL_INJECTED_OPENSTACK_TENANT_ID_REGION_THREE" : '{{ .Values.openStackTenantIdRegionThree }}', - "GLOBAL_INJECTED_OPENSTACK_PROJECT_DOMAIN_REGION_THREE" : '{{ .Values.openStackProjectNameRegionThree }}', - "GLOBAL_INJECTED_OPENSTACK_USER_DOMAIN_REGION_THREE" : '{{ .Values.openStackDomainIdRegionThree }}', - "GLOBAL_INJECTED_OPENSTACK_OAM_NETWORK_CIDR_PREFIX" : '{{ .Values.openStackOamNetworkCidrPrefix }}', - "GLOBAL_INJECTED_OPENSTACK_PUBLIC_NETWORK" : '{{ .Values.openStackPublicNetworkName }}', - "GLOBAL_INJECTED_OPENSTACK_SECURITY_GROUP": '{{ .Values.openStackSecurityGroup }}', - "GLOBAL_INJECTED_OPENSTACK_PRIVATE_SUBNET_ID" : "{{ .Values.openStackPrivateSubnetId }}", - "GLOBAL_INJECTED_OPENSTACK_PRIVATE_NET_CIDR" : "{{ .Values.openStackPrivateNetCidr }}", - "GLOBAL_INJECTED_POLICY_IP_ADDR" : 'pdp.{{include "common.namespace" .}}', - "GLOBAL_INJECTED_POLICY_HEALTHCHECK_IP_ADDR" : 'drools.{{include "common.namespace" .}}', - "GLOBAL_INJECTED_POLICY_API_IP_ADDR" : 'policy-api.{{include "common.namespace" .}}', - "GLOBAL_INJECTED_POLICY_PAP_IP_ADDR" : 'policy-pap.{{include "common.namespace" .}}', - "GLOBAL_INJECTED_POLICY_DISTRIBUTION_IP_ADDR" : 'policy-distribution.{{include "common.namespace" .}}', - "GLOBAL_INJECTED_POLICY_PDPX_IP_ADDR" : 'policy-xacml-pdp.{{include "common.namespace" .}}', - "GLOBAL_INJECTED_POLICY_APEX_PDP_IP_ADDR" : 'policy-apex-pdp.{{include "common.namespace" .}}', - "GLOBAL_INJECTED_PORTAL_IP_ADDR" : 'portal-app.{{include "common.namespace" .}}', - "GLOBAL_INJECTED_PUBLIC_NET_ID" : '{{ .Values.openStackPublicNetId }}', - "GLOBAL_INJECTED_PUBLIC_KEY" : "{{ .Values.vnfPubKey }}", - "GLOBAL_INJECTED_REGION" : '{{ .Values.openStackRegion }}', - "GLOBAL_INJECTED_SDC_BE_IP_ADDR" : 'sdc-be.{{include "common.namespace" .}}', - "GLOBAL_INJECTED_SDC_BE_ONBOARD_IP_ADDR" : 'sdc-onboarding-be.{{include "common.namespace" .}}', - "GLOBAL_INJECTED_SDC_FE_IP_ADDR" : 'sdc-fe.{{include "common.namespace" .}}', - "GLOBAL_INJECTED_SDC_IP_ADDR" : 'N/A', - "GLOBAL_INJECTED_SCRIPT_VERSION" : '{{ .Values.scriptVersion }}', - "GLOBAL_INJECTED_SDNC_IP_ADDR" : 'sdnc.{{include "common.namespace" .}}', - "GLOBAL_INJECTED_SDNC_PORTAL_IP_ADDR" : 'sdnc-portal.{{include "common.namespace" .}}', - "GLOBAL_INJECTED_SO_APIHAND_IP_ADDR" : 'so.{{include "common.namespace" .}}', - "GLOBAL_INJECTED_SO_ASDCHAND_IP_ADDR" : 'so-sdc-controller.{{include "common.namespace" .}}', - "GLOBAL_INJECTED_SO_BPMN_IP_ADDR" : 'so-bpmn-infra.{{include "common.namespace" .}}', - "GLOBAL_INJECTED_SO_CATDB_IP_ADDR" : 'so-catalog-db-adapter.{{include "common.namespace" .}}', - "GLOBAL_INJECTED_SO_IP_ADDR" : 'so.{{include "common.namespace" .}}', - "GLOBAL_INJECTED_SO_OPENSTACK_IP_ADDR" : 'so-openstack-adapter.{{include "common.namespace" .}}', - "GLOBAL_INJECTED_SO_REQDB_IP_ADDR" : 'so-request-db-adapter.{{include "common.namespace" .}}', - "GLOBAL_INJECTED_SO_SDNC_IP_ADDR" : 'so-sdnc-adapter.{{include "common.namespace" .}}', - "GLOBAL_INJECTED_SO_VFC_IP_ADDR" : 'so-vfc-adapter.{{include "common.namespace" .}}', - "GLOBAL_INJECTED_SO_VNFM_IP_ADDR" : 'so-vnfm-adapter.{{include "common.namespace" .}}', - "GLOBAL_INJECTED_UBUNTU_1404_IMAGE" : '{{.Values.ubuntu14Image}}', - "GLOBAL_INJECTED_UBUNTU_1604_IMAGE" : '{{.Values.ubuntu16Image}}', - "GLOBAL_INJECTED_VM_IMAGE_NAME" : '{{ .Values.ubuntu14Image }}', - "GLOBAL_INJECTED_VID_IP_ADDR" : 'vid.{{include "common.namespace" .}}', - "GLOBAL_INJECTED_VM_FLAVOR" : '{{ .Values.openStackFlavourMedium }}', - "GLOBAL_INJECTED_VNFSDK_IP_ADDR" : 'refrepo.{{include "common.namespace" .}}' - -} diff --git a/kubernetes/robot/values.yaml b/kubernetes/robot/values.yaml deleted file mode 100644 index 29b8aa73f7..0000000000 --- a/kubernetes/robot/values.yaml +++ /dev/null @@ -1,260 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration defaults. -################################################################# -global: # global defaults - nodePortPrefix: 302 - ubuntuInitRepository: registry.hub.docker.com - persistence: {} - -# application image -repository: nexus3.onap.org:10001 -image: onap/testsuite:1.4.2 -pullPolicy: Always - -ubuntuInitImage: oomk8s/ubuntu-init:2.0.0 - -# flag to enable debugging - application support required -debugEnabled: false - -################################################################# -# Application configuration defaults. -################################################################# -config: - -# openStackEncryptedPasswordHere should match the encrypted string used in SO and APPC and overridden per environment - openStackEncryptedPasswordHere: "c124921a3a0efbe579782cde8227681e" - openStackSoEncryptedPassword: "SAME_STRING_AS_SO_JAVA_ENCRYPTED_PASSWORD" - -# Demo configuration -# Nexus demo artifact version. Maps to GLOBAL_INJECTED_ARTIFACTS_VERSION -demoArtifactsVersion: "1.4.0" -# Nexus demo artifact URL. -demoArtifactsRepoUrl: "https://nexus.onap.org/content/repositories/releases" -# Openstack medium sized flavour name. Maps GLOBAL_INJECTED_VM_FLAVOR -openStackFlavourMedium: "m1.medium" - -################# Openstack .RC Parameters ################################333 -# KEYSTONE Version 3 Required for Rocky and beyond -# Openstack Keystone API version. Valid values are [ v2.0, v3 ]. Maps to GLOBAL_INJECTED_OPENSTACK_KEYSTONE_API_VERSION -openStackKeystoneAPIVersion: "v2.0" - -# OS_AUTH_URL without the /v3 or /v2.0 from the openstack .RC file -# Openstack keystone URL. Maps to GLOBAL_INJECTED_KEYSTONE -openStackKeyStoneUrl: "http://1.2.3.4:5000" - -# OS_PROJECT_ID from the openstack .RC file -# Openstack tenant UUID where VNFs will be spawned. Maps to GLOBAL_INJECTED_OPENSTACK_TENANT_ID -openStackTenantId: "47899782ed714295b1151681fdfd51f5" - -# OS_PROJECT_NAME from the openstack .RC file -# Project name of Openstack where VNFs will be spawned. Maps to GLOBAL_INJECTED_OPENSTACK_PROJECT_NAME -openStackProjectName: "onap" - -# OS_USERNAME from the openstack .RC file -# username for Openstack tenant where VNFs will be spawned. Maps to GLOBAL_INJECTED_OPENSTACK_USERNAME -openStackUserName: "tenantUsername" - -# OS_PROJECT_DOMAIN_ID from the openstack .RC file -# in some environments it is a string but in other environmens it may be a numeric -# Domain id of openstack where VNFs will be deployed. Maps to GLOBAL_INJECTED_OPENSTACK_DOMAIN_ID -openStackDomainId: "default" - -# OS_USER_DOMAIN from the openstack .RC file -# Use Domain of openstack where VNFs will be deployed. Maps to GLOBAL_INJECTED_OPENSTACK_USER_DOMAIN -openStackUserDomain: "Default" - - -# UUID of the Openstack network that can assign floating ips. Maps to GLOBAL_INJECTED_PUBLIC_NET_ID -openStackPublicNetId: "e8f51958045716781ffc" -openStackPublicNetworkName: "public" -# password for Openstack tenant where VNFs will be spawned. Maps to GLOBAL_INJECTED_OPENSTACK_PASSWORD -openStackPassword: "tenantPassword" -# Openstack region. Maps to GLOBAL_INJECTED_REGION -openStackRegion: "RegionOne" - - -# Values for second cloud instante for VNF instantiatioen testing and keystone v3 -openStackRegionRegionThree: "RegionThree" -openStackKeyStoneUrlRegionThree: "http://1.2.3.4:5000" -openStackKeystoneAPIVersionRegionThree: "v3" -openStackUserNameRegionThree: "demo" -openStackPasswordRegionThree: "tenantPassword" -# this is the java encrypted password that is needed for SO -openSackMsoEncryptdPasswordRegionThree: "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" -openStackTenantIdRegionThree: "3583253e932845a09cd4c8ca2f31d095" -openStackProjectNameRegionThree: "Integration-SB-RegionThree" -openStackDomainIdRegionThree: "Default" -# -# Openstack glance image name for Ubuntu 14. Maps to GLOBAL_INJECTED_UBUNTU_1404_IMAGE -ubuntu14Image: "Ubuntu_14_trusty" -# Openstack glance image name for Ubuntu 16. Maps to GLOBAL_INJECTED_UBUNTU_1604_IMAGE -ubuntu16Image: "Ubuntu_16_xenial" -# GLOBAL_INJECTED_SCRIPT_VERSION. Maps to GLOBAL_INJECTED_SCRIPT_VERSION -scriptVersion: "1.4.0" -# Openstack network to which VNFs will bind their primary (first) interface. Maps to GLOBAL_INJECTED_NETWORK -openStackPrivateNetId: "e8f51956-00dd-4425-af36-045716781ffc" -# Openstack security group for instantiating VNFs -openStackSecurityGroup: "onap_sg" -# SDNC Preload configuration -# Openstack subnet UUID for the network defined by openStackPrivateNetId. Maps to onap_private_subnet_id -openStackPrivateSubnetId: "e8f51956-00dd-4425-af36-045716781ffc" -# CIDR notation for the Openstack private network where VNFs will be spawned. Maps to onap_private_net_cidr -openStackPrivateNetCidr: "10.0.0.0/8" -# The first 2 octets of the private Openstack subnet where VNFs will be spawned. -# Needed because sdnc preload templates hardcodes things like this 10.0.${ecompnet}.X -openStackOamNetworkCidrPrefix: "10.0" -# VID protocol/port until Selenium issue with SSL resolved -# https/8443 vs http/8080 -vidServerProtocol: "http" -vidServerPort: "8080" -# Override with Pub Key for access to VNF -vnfPubKey: "FILL_IN_WITH_PUB_KEY" -# Override with DCAE VES Collector external IP -dcaeCollectorIp: "FILL_IN_WITH_DCAE_VES_COLLECTOR_IP" - -# Credentials for ONAP Component -# AAF -aafUsername: "demo@people.osaaf.org" -aafPassword: "demo123456!" -# AAI -aaiUsername: "aai@aai.onap.org" -aaiPassword: "demo123456!" -# APPC -appcUsername: "appc@appc.onap.org" -appcPassword: "demo123456!" -# DCAE -dcaeUsername: "console" -dcaePassword: "ZjJkYjllMjljMTI2M2Iz" -# DROOLS -droolsUsername: "demo@people.osaaf.org" -droolsPassword: "demo123456!" -# OOF -oofCmsoUsername: "oof@oof.onap.org" -oofCmsoPassword: "demo123456!" -# POLICY -policyAuth: "dGVzdHBkcDphbHBoYTEyMw==" -policyClientAuth: "cHl0aG9uOnRlc3Q=" -policyUsername: "demo@people.osaaf.org" -policyPassword: "demo123456!" -policyComponentUsername: "healthcheck" -policyComponentPassword: "zb!XztG34" -# PORTAL -portalUsername: "demo" -portalPassword: "Kp8bJ4SXszM0WXlhak3eHlcse" -# SO -soUsername: "InfraPortalClient" -soPassword: "password1$" -soCatdbUsername: "bpel" -soCatdbPassword: "password1$" -# SDNC -sdncUsername: "admin" -sdncPassword: "Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U" -# VID -vidUsername: "demo" -vidPassword: "Kp8bJ4SXszM0WX" -vidHealthUsername: "Default" -vidHealthPassword: "AppPassword!1" -# DMAAP BC -bcUsername: "dmaap-bc@dmaap-bc.onap.org" -bcPassword: "demo123456!" -# DMAAP KAFKA JAAS -kafkaJaasUsername: "admin" -kafkaJaasPassword: "admin_secret" - -#OOF -oofUsername: "oof@oof.onap.org" -oofPassword: "demo123456!" -cmsoUsername: "oof@oof.onap.org" -cmsoPassword: "demo123456!" -oofOsdfPciOptUsername: "oof@oof.onap.org" -oofOsdfPciOptPassword: "demo123456!" -oofHomingUsername: "admin1" -oofHomingPassword: "plan.15" - - -# default number of instances -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# Resource Limit flavor -By Default using small -flavor: small -# Segregation for Different environment (Small and Large) -resources: - small: - limits: - cpu: 2000m - memory: 4Gi - requests: - cpu: 500m - memory: 1Gi - large: - limits: - cpu: 4000m - memory: 8Gi - requests: - cpu: 1000m - memory: 2Gi - unlimited: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 180 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 180 - periodSeconds: 10 - -service: - name: robot - type: NodePort - portName: httpd - externalPort: 88 - internalPort: 88 - nodePort: "09" - -ingress: - enabled: false - -## Persist data to a persitent volume -persistence: - enabled: true - - ## A manually managed Persistent Volume and Claim - ## Requires persistence.enabled: true - ## If defined, PVC must be created manually before volume will be bound - # existingClaim: - volumeReclaimPolicy: Retain - - ## database data Persistent Volume Storage Class - ## If defined, storageClassName: <storageClass> - ## If set to "-", storageClassName: "", which disables dynamic provisioning - ## If undefined (the default) or set to null, no storageClassName spec is - ## set, choosing the default provisioner. (gp2 on AWS, standard on - ## GKE, AWS & OpenStack) - ## - # storageClass: "-" - accessMode: ReadWriteMany - size: 2Gi - mountPath: /dockerdata-nfs - mountSubPath: robot/logs diff --git a/kubernetes/sdc/charts/sdc-be/values.yaml b/kubernetes/sdc/charts/sdc-be/values.yaml index 3363700f8e..b20288072b 100644 --- a/kubernetes/sdc/charts/sdc-be/values.yaml +++ b/kubernetes/sdc/charts/sdc-be/values.yaml @@ -28,8 +28,8 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/sdc-backend:1.4.1 -backendInitImage: onap/sdc-backend-init:1.4.1 +image: onap/sdc-backend:1.5.1 +backendInitImage: onap/sdc-backend-init:1.5.1 pullPolicy: Always # flag to enable debugging - application support required @@ -93,3 +93,4 @@ resources: cpu: 20m memory: 2Gi unlimited: {} + diff --git a/kubernetes/sdc/charts/sdc-cs/values.yaml b/kubernetes/sdc/charts/sdc-cs/values.yaml index bf909ad9e9..49e5ac05f6 100644 --- a/kubernetes/sdc/charts/sdc-cs/values.yaml +++ b/kubernetes/sdc/charts/sdc-cs/values.yaml @@ -28,8 +28,8 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/sdc-cassandra:1.4.1 -cassandraInitImage: onap/sdc-cassandra-init:1.4.1 +image: onap/sdc-cassandra:1.5.1 +cassandraInitImage: onap/sdc-cassandra-init:1.5.1 pullPolicy: Always diff --git a/kubernetes/sdc/charts/sdc-dcae-be/values.yaml b/kubernetes/sdc/charts/sdc-dcae-be/values.yaml index bf1d9b4584..0e4d4fb82d 100644 --- a/kubernetes/sdc/charts/sdc-dcae-be/values.yaml +++ b/kubernetes/sdc/charts/sdc-dcae-be/values.yaml @@ -27,9 +27,9 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/dcae-be:1.3.0 +image: onap/dcae-be:1.3.1 pullPolicy: Always -backendInitImage: onap/dcae-tools:1.3.0 +backendInitImage: onap/dcae-tools:1.3.1 # flag to enable debugging - application support required debugEnabled: false diff --git a/kubernetes/sdc/charts/sdc-dcae-dt/values.yaml b/kubernetes/sdc/charts/sdc-dcae-dt/values.yaml index 2b8fd9027f..f586f27dc3 100644 --- a/kubernetes/sdc/charts/sdc-dcae-dt/values.yaml +++ b/kubernetes/sdc/charts/sdc-dcae-dt/values.yaml @@ -27,7 +27,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/dcae-dt:1.2.0 +image: onap/dcae-dt:1.3.1 pullPolicy: IfNotPresent config: javaOptions: -XX:MaxPermSize=256m -Xmx1024m -Dconfig.home=config -Dlog.home=/var/lib/jetty/logs/ -Dlogging.config=config/dcae-dt/logback-spring.xml diff --git a/kubernetes/sdc/charts/sdc-dcae-fe/values.yaml b/kubernetes/sdc/charts/sdc-dcae-fe/values.yaml index 4b40bcea8f..b6ea577ee5 100644 --- a/kubernetes/sdc/charts/sdc-dcae-fe/values.yaml +++ b/kubernetes/sdc/charts/sdc-dcae-fe/values.yaml @@ -27,7 +27,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/dcae-fe:1.3.0 +image: onap/dcae-fe:1.3.1 pullPolicy: Always config: javaOptions: -XX:MaxPermSize=256m -Xmx1024m -Dconfig.home=config -Dlog.home=/var/lib/jetty/logs/ -Dlogging.config=config/dcae-fe/logback-spring.xml diff --git a/kubernetes/sdc/charts/sdc-dcae-tosca-lab/values.yaml b/kubernetes/sdc/charts/sdc-dcae-tosca-lab/values.yaml index e787948ce2..06169df566 100644 --- a/kubernetes/sdc/charts/sdc-dcae-tosca-lab/values.yaml +++ b/kubernetes/sdc/charts/sdc-dcae-tosca-lab/values.yaml @@ -27,7 +27,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/dcae-tosca-app:1.3.0 +image: onap/dcae-tosca-app:1.3.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/sdc/charts/sdc-es/values.yaml b/kubernetes/sdc/charts/sdc-es/values.yaml index 25d75b7aea..4c0a6cc768 100644 --- a/kubernetes/sdc/charts/sdc-es/values.yaml +++ b/kubernetes/sdc/charts/sdc-es/values.yaml @@ -31,8 +31,8 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/sdc-elasticsearch:1.4.1 -elasticInitImage: onap/sdc-init-elasticsearch:1.4.1 +image: onap/sdc-elasticsearch:1.5.1 +elasticInitImage: onap/sdc-init-elasticsearch:1.5.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/sdc/charts/sdc-fe/values.yaml b/kubernetes/sdc/charts/sdc-fe/values.yaml index 36607c7b06..fba4c568f0 100644 --- a/kubernetes/sdc/charts/sdc-fe/values.yaml +++ b/kubernetes/sdc/charts/sdc-fe/values.yaml @@ -28,7 +28,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/sdc-frontend:1.4.1 +image: onap/sdc-frontend:1.5.1 pullPolicy: Always config: diff --git a/kubernetes/sdc/charts/sdc-kb/values.yaml b/kubernetes/sdc/charts/sdc-kb/values.yaml index 64ab496647..e120365119 100644 --- a/kubernetes/sdc/charts/sdc-kb/values.yaml +++ b/kubernetes/sdc/charts/sdc-kb/values.yaml @@ -28,7 +28,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/sdc-kibana:1.4.1 +image: onap/sdc-kibana:1.5.1 pullPolicy: Always config: diff --git a/kubernetes/sdc/charts/sdc-onboarding-be/values.yaml b/kubernetes/sdc/charts/sdc-onboarding-be/values.yaml index 2a6918dfb4..32b8cdb18d 100644 --- a/kubernetes/sdc/charts/sdc-onboarding-be/values.yaml +++ b/kubernetes/sdc/charts/sdc-onboarding-be/values.yaml @@ -28,8 +28,8 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/sdc-onboard-backend:1.4.1 -onboardingInitImage: onap/sdc-onboard-cassandra-init:1.4.1 +image: onap/sdc-onboard-backend:1.5.1 +onboardingInitImage: onap/sdc-onboard-cassandra-init:1.5.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/sdc/resources/config/environments/AUTO.json b/kubernetes/sdc/resources/config/environments/AUTO.json index 0c42d860ca..577eb96a0e 100755 --- a/kubernetes/sdc/resources/config/environments/AUTO.json +++ b/kubernetes/sdc/resources/config/environments/AUTO.json @@ -97,7 +97,7 @@ "commitlog_dir": "/var/lib/cassandra/commitlog", "socket_read_timeout": "20000", "socket_connect_timeout": "20000", - "titan_connection_timeout": "10000", + "janusgraph_connection_timeout": "10000", "replication_factor": "{{.Values.global.cassandra.replicaCount}}" } } diff --git a/kubernetes/sdnc/charts/dmaap-listener/values.yaml b/kubernetes/sdnc/charts/dmaap-listener/values.yaml index cd1a88793a..b921564b92 100644 --- a/kubernetes/sdnc/charts/dmaap-listener/values.yaml +++ b/kubernetes/sdnc/charts/dmaap-listener/values.yaml @@ -27,7 +27,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/sdnc-dmaap-listener-image:1.5.4 +image: onap/sdnc-dmaap-listener-image:1.6.2 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/sdnc/charts/sdnc-ansible-server/values.yaml b/kubernetes/sdnc/charts/sdnc-ansible-server/values.yaml index a7e249a212..df256a3890 100644 --- a/kubernetes/sdnc/charts/sdnc-ansible-server/values.yaml +++ b/kubernetes/sdnc/charts/sdnc-ansible-server/values.yaml @@ -27,7 +27,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/sdnc-ansible-server-image:1.5.4 +image: onap/sdnc-ansible-server-image:1.6.2 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/sdnc/charts/sdnc-portal/values.yaml b/kubernetes/sdnc/charts/sdnc-portal/values.yaml index ef76ed345a..cf6eaf9b79 100644 --- a/kubernetes/sdnc/charts/sdnc-portal/values.yaml +++ b/kubernetes/sdnc/charts/sdnc-portal/values.yaml @@ -27,7 +27,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/admportal-sdnc-image:1.5.4 +image: onap/admportal-sdnc-image:1.6.2 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/sdnc/charts/ueb-listener/values.yaml b/kubernetes/sdnc/charts/ueb-listener/values.yaml index 7c985ce1b6..f0c8ab5ab8 100644 --- a/kubernetes/sdnc/charts/ueb-listener/values.yaml +++ b/kubernetes/sdnc/charts/ueb-listener/values.yaml @@ -27,7 +27,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/sdnc-ueb-listener-image:1.5.4 +image: onap/sdnc-ueb-listener-image:1.6.2 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/sdnc/resources/config/conf/akka.conf b/kubernetes/sdnc/resources/config/conf/akka.conf new file mode 100644 index 0000000000..8440a9de56 --- /dev/null +++ b/kubernetes/sdnc/resources/config/conf/akka.conf @@ -0,0 +1,80 @@ + +odl-cluster-data { + akka { + remote { + artery { + enabled = off + canonical.hostname = "127.0.0.1" + canonical.port = 2550 + } + netty.tcp { + hostname = "127.0.0.1" + port = 2550 + } + + use-passive-connections = off + # when under load we might trip a false positive on the failure detector + # transport-failure-detector { + # heartbeat-interval = 4 s + # acceptable-heartbeat-pause = 16s + # } + } + + actor { + debug { + autoreceive = on + lifecycle = on + unhandled = on + fsm = on + event-stream = on + } + } + + cluster { + # Remove ".tcp" when using artery. + seed-nodes = ["akka.tcp://opendaylight-cluster-data@127.0.0.1:2550"] + + seed-node-timeout = {{.Values.config.odl.akka.seedNodeTimeout}} + + roles = ["member-1"] + + } + + persistence { + # By default the snapshots/journal directories live in KARAF_HOME. You can choose to put it somewhere else by + # modifying the following two properties. The directory location specified may be a relative or absolute path. + # The relative path is always relative to KARAF_HOME. + + # snapshot-store.local.dir = "target/snapshots" + # journal.leveldb.dir = "target/journal" + + journal { + leveldb { + # Set native = off to use a Java-only implementation of leveldb. + # Note that the Java-only version is not currently considered by Akka to be production quality. + + # native = off + } + + journal-plugin-fallback { + circuit-breaker { + max-failures = {{.Values.config.odl.akka.circuitBreaker.maxFailures}} + call-timeout = {{.Values.config.odl.akka.circuitBreaker.callTimeout}} + reset-timeout = {{.Values.config.odl.akka.circuitBreaker.resetTimeout}} + } + recovery-event-timeout = {{.Values.config.odl.akka.recoveryEventTimeout}} + } + + snapshot-store-plugin-fallback { + circuit-breaker { + max-failures = {{.Values.config.odl.akka.circuitBreaker.maxFailures}} + call-timeout = {{.Values.config.odl.akka.circuitBreaker.callTimeout}} + reset-timeout = {{.Values.config.odl.akka.circuitBreaker.resetTimeout}} + } + recovery-event-timeout = {{.Values.config.odl.akka.recoveryEventTimeout}} + } + } + } + } +} + diff --git a/kubernetes/sdnc/resources/config/conf/org.opendaylight.controller.cluster.datastore.cfg b/kubernetes/sdnc/resources/config/conf/org.opendaylight.controller.cluster.datastore.cfg new file mode 100644 index 0000000000..29dd0e54dd --- /dev/null +++ b/kubernetes/sdnc/resources/config/conf/org.opendaylight.controller.cluster.datastore.cfg @@ -0,0 +1,107 @@ +# This file specifies property settings for the clustered data store to control its behavior. A +# property may be applied to every data store type ("config" and "operational") or can be customized +# differently for each data store type by prefixing the data store type + '.'. For example, specifying +# the "shard-election-timeout-factor" property would be applied to both data stores whereas specifying +# "operational.shard-election-timeout-factor" would only apply to the "operational" data store. Similarly, +# specifying "config.shard-election-timeout-factor" would only apply to the "config" data store. + +# The multiplication factor to be used to determine shard election timeout. The shard election timeout +# is determined by multiplying shardHeartbeatIntervalInMillis with the shardElectionTimeoutFactor. +shard-election-timeout-factor=20 + +# The interval at which a shard will send a heart beat message to its remote shard. +#shard-heartbeat-interval-in-millis=500 + +# The amount by which to divide election timeout in case of a candidate. This serves as a counter-balance +# to shard-election-timeout-factor. The default value is 1, i.e. election timeout is the same in all +# situations. +#shard-candidate-election-timeout-divisor=1 + +# The maximum amount of time to wait for a shard to elect a leader before failing an operation (eg transaction create). +#shard-leader-election-timeout-in-seconds=30 + +# Enable or disable data persistence. +#persistent=true + +# Disable persistence for the operational data store by default. +operational.persistent=false + +# The maximum amount of time a shard transaction can be idle without receiving any messages before it self-destructs. +#shard-transaction-idle-timeout-in-minutes=10 + +# The maximum amount of time a shard transaction three-phase commit can be idle without receiving the +# next messages before it aborts the transaction. +#shard-transaction-commit-timeout-in-seconds=30 + +# The maximum allowed capacity for each shard's transaction commit queue. +#shard-transaction-commit-queue-capacity=20000 + +# The maximum amount of time to wait for a shard to initialize from persistence on startup before +# failing an operation (eg transaction create and change listener registration). +#shard-initialization-timeout-in-seconds=300 + +# The minimum number of entries to be present in the in-memory journal log before a snapshot is to be taken. +#shard-snapshot-batch-count=20000 + +# The percentage of Runtime.totalMemory() used by the in-memory journal log before a snapshot is to be taken. +#shard-snapshot-data-threshold-percentage=12 + +# The interval at which the leader of the shard will check if its majority followers are active and +# term itself as isolated. +#shard-isolated-leader-check-interval-in-millis=5000 + +# The number of transaction modification operations (put, merge, delete) to batch before sending to the +# shard transaction actor. Batching improves performance as less modifications messages are sent to the +# actor and thus lessens the chance that the transaction actor's mailbox queue could get full. +#shard-batched-modification-count=1000 + +# The maximum amount of time for akka operations (remote or local) to complete before failing. +#operation-timeout-in-seconds=5 + +# The initial number of transactions per second that are allowed before the data store should begin +# applying back pressure. This number is only used as an initial guidance, subsequently the datastore +# measures the latency for a commit and auto-adjusts the rate limit. +#transaction-creation-initial-rate-limit=100 + +# The maximum thread pool size for each shard's data store data change notification executor. +#max-shard-data-change-executor-pool-size=20 + +# The maximum queue size for each shard's data store data change notification executor. +#max-shard-data-change-executor-queue-size=1000 + +# The maximum queue size for each shard's data store data change listener. +#max-shard-data-change-listener-queue-size=1000 + +# The maximum queue size for each shard's data store executor. +#max-shard-data-store-executor-queue-size=5000 + +# A fully qualified java class name. The class should implement +# org.opendaylight.controller.cluster.raft.policy.RaftPolicy. This java class should be +# accessible to the distributed data store OSGi module so that it can be dynamically loaded via +# reflection. For now let's assume that these classes to customize raft behaviors should be +# present in the distributed data store module itself. If this property is set to a class which +# cannot be found then the default raft policy will be applied +#custom-raft-policy-implementation= + +# When fragmenting messages thru the akka remoting framework, this is the maximum size in bytes +# for a message slice. +#maximum-message-slice-size=20480000 + +# Enable tell-based protocol between frontend (applications) and backend (shards). Using this protocol +# should avoid AskTimeoutExceptions seen under heavy load. Defaults to false (use ask-based protocol). +#use-tell-based-protocol=true + +# Tune the maximum number of entries a follower is allowed to lag behind the leader before it is +# considered out-of-sync. This flag may require tuning in face of a large number of small transactions. +#sync-index-threshold=10 + +# Record new transaction allocation stack trace, useful for debugging. This makes the log include +# the stack trace of the creator of the Tx when there is an exception when the transaction is submitted +# (e.g. for a failed validation). Defaults to false due to performance impact. +#transaction-debug-context-enabled=true +persistent-actor-restart-min-backoff-in-seconds={{.Values.config.odl.datastore.persistentActorRestartMinBackoffInSeconds}} +persistent-actor-restart-max-backoff-in-seconds={{.Values.config.odl.datastore.persistentActorRestartMaxBackoffInSeconds}} +persistent-actor-restart-reset-backoff-in-seconds={{.Values.config.odl.datastore.persistentActorRestartResetBackoffInSeconds}} +shard-transaction-commit-timeout-in-seconds={{.Values.config.odl.datastore.shardTransactionCommitTimeoutInSeconds}} +shard-isolated-leader-check-interval-in-millis={{.Values.config.odl.datastore.shardIsolatedLeaderCheckIntervalInMillis}} +operation-timeout-in-seconds={{.Values.config.odl.datastore.operationTimeoutInSeconds}} diff --git a/kubernetes/sdnc/resources/config/conf/setenv b/kubernetes/sdnc/resources/config/conf/setenv new file mode 100644 index 0000000000..7476e6849a --- /dev/null +++ b/kubernetes/sdnc/resources/config/conf/setenv @@ -0,0 +1,61 @@ +#!/bin/sh +# +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +# +# handle specific scripts; the SCRIPT_NAME is exactly the name of the Karaf +# script: client, instance, shell, start, status, stop, karaf +# +# if [ "${KARAF_SCRIPT}" == "SCRIPT_NAME" ]; then +# Actions go here... +# fi + +# +# general settings which should be applied for all scripts go here; please keep +# in mind that it is possible that scripts might be executed more than once, e.g. +# in example of the start script where the start script is executed first and the +# karaf script afterwards. +# + +# +# The following section shows the possible configuration options for the default +# karaf scripts +# +# export JAVA_HOME # Location of Java installation +# export JAVA_MIN_MEM # Minimum memory for the JVM +# export JAVA_MAX_MEM # Maximum memory for the JVM +# export JAVA_PERM_MEM # Minimum perm memory for the JVM +# export JAVA_MAX_PERM_MEM # Maximum perm memory for the JVM +# export EXTRA_JAVA_OPTS # Additional JVM options +# export KARAF_HOME # Karaf home folder +# export KARAF_DATA # Karaf data folder +# export KARAF_BASE # Karaf base folder +# export KARAF_ETC # Karaf etc folder +# export KARAF_SYSTEM_OPTS # First citizen Karaf options +# export KARAF_OPTS # Additional available Karaf options +# export KARAF_DEBUG # Enable debug mode +# export KARAF_REDIRECT # Enable/set the std/err redirection when using bin/start +# export KARAF_NOROOT # Prevent execution as root if set to true +if [ "x$JAVA_MAX_MEM" = "x" ]; then + export JAVA_MAX_MEM="2048m" +fi + +EXTRA_JAVA_OPTS: "-XX:+UseG1GC -XX:MaxGCPauseMillis={{.Values.config.odl.javaOptions.maxGCPauseMillis}} \ + -XX:ParallelGCThreads={{.Values.config.odl.javaOptions.parallelGCThreads}} -XX:+ParallelRefProcEnabled \ + -XX:+UseStringDeduplication -XX:+PrintGC -XX:+PrintGCDateStamps -XX:+PrintGCDetails \ + -XX:+PrintGCTimeStamps -XX:+UseGCLogFileRotation \ + -XX:NumberOfGCLogFiles={{.Values.config.odl.javaOptions.numberGGLogFiles}} -Xloggc:/var/log/onap/sdnc/gc-%t.log" diff --git a/kubernetes/sdnc/resources/config/overrides/image-versions.yaml b/kubernetes/sdnc/resources/config/overrides/image-versions.yaml new file mode 100644 index 0000000000..fa4d8d2012 --- /dev/null +++ b/kubernetes/sdnc/resources/config/overrides/image-versions.yaml @@ -0,0 +1,25 @@ +sdnc: + image: onap/sdnc-image:1.6.1 + sdnc-ansible-server: + image: onap/sdnc-ansible-server-image:1.6.1 + dmaap-listener: + image: onap/sdnc-dmaap-listener-image:1.6.1 + sdnc-portal: + image: onap/admportal-sdnc-image:1.6.1 + ueb-listener: + image: onap/sdnc-ueb-listener-image:1.6.1 +cds: + cds-command-executor: + image: onap/ccsdk-commandexecutor:0.5.1 + cds-blueprints-processor: + image: onap/ccsdk-blueprintsprocessor:0.5.1 + cds-ui: + image: onap/ccsdk-cds-ui-server:0.5.1 + cds-controller-blueprints: + image: onap/ccsdk-controllerblueprints:0.5.1 + cds-sdc-listener: + image: onap/ccsdk-sdclistener:0.5.1 +common: + dgbuilder: + image: onap/ccsdk-dgbuilder-image:0.5.1 + diff --git a/kubernetes/sdnc/templates/job.yaml b/kubernetes/sdnc/templates/job.yaml index 9e79ebeec1..6b5a7bfef3 100755 --- a/kubernetes/sdnc/templates/job.yaml +++ b/kubernetes/sdnc/templates/job.yaml @@ -52,7 +52,7 @@ spec: imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} containers: - name: {{ include "common.name" . }} - image: "{{.Values.image}}" + image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} env: - name: MYSQL_PASSWORD diff --git a/kubernetes/sdnc/templates/service.yaml b/kubernetes/sdnc/templates/service.yaml index e74202ca43..db6d73a3c5 100644 --- a/kubernetes/sdnc/templates/service.yaml +++ b/kubernetes/sdnc/templates/service.yaml @@ -40,11 +40,9 @@ spec: {{if eq .Values.service.type "NodePort" -}} - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} name: "{{ .Values.service.portName }}-8282" - port: {{ .Values.service.externalPort2 }} targetPort: {{ .Values.service.internalPort2 }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }} name: "{{ .Values.service.portName }}-8202" - port: {{ .Values.service.externalPort3 }} targetPort: {{ .Values.service.internalPort3 }} diff --git a/kubernetes/sdnc/templates/statefulset.yaml b/kubernetes/sdnc/templates/statefulset.yaml index d60319fa1c..e3ac50fc61 100644 --- a/kubernetes/sdnc/templates/statefulset.yaml +++ b/kubernetes/sdnc/templates/statefulset.yaml @@ -145,6 +145,15 @@ spec: name: logs - mountPath: {{ .Values.certpersistence.certPath }} name: {{ include "common.fullname" . }}-certs + - mountPath: {{ .Values.config.odl.salConfigDir }}/{{ .Values.config.odl.salConfigVersion}}/sal-clustering-config-{{ .Values.config.odl.salConfigVersion}}-akkaconf.xml + name: properties + subPath: akka.conf + - mountPath: {{ .Values.config.odl.etcDir }}/org.opendaylight.controller.cluster.datastore.cfg + name: properties + subPath: org.opendaylight.controller.cluster.datastore.cfg + - mountPath: {{ .Values.config.odl.binDir }}/setenv + name: properties + subPath: setenv resources: {{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} diff --git a/kubernetes/sdnc/values.yaml b/kubernetes/sdnc/values.yaml index dcf6938f0e..dfad46ac79 100644 --- a/kubernetes/sdnc/values.yaml +++ b/kubernetes/sdnc/values.yaml @@ -32,7 +32,7 @@ global: # application images repository: nexus3.onap.org:10001 pullPolicy: Always -image: onap/sdnc-image:1.5.4 +image: onap/sdnc-image:1.6.2 # flag to enable debugging - application support required @@ -66,6 +66,32 @@ config: ansiblePort: 8000 javaHome: /usr/lib/jvm/java-1.8-openjdk + odl: + etcDir: /opt/opendaylight/etc + binDir: /opt/opendaylight/bin + salConfigDir: /opt/opendaylight/system/org/opendaylight/controller/sal-clustering-config + salConfigVersion: 1.8.2 + akka: + seedNodeTimeout: 15s + circuitBreaker: + maxFailures: 10 + callTimeout: 90s + resetTimeout: 30s + recoveryEventTimeout: 90s + datastore: + persistentActorRestartMinBackoffInSeconds: 10 + persistentActorRestartMaxBackoffInSeconds: 40 + persistentActorRestartResetBackoffInSeconds: 20 + shardTransactionCommitTimeoutInSeconds: 120 + shardIsolatedLeaderCheckIntervalInMillis: 30000 + operationTimeoutInSeconds: 120 + javaOptions: + maxGCPauseMillis: 100 + parallelGCThreads : 3 + numberGGLogFiles: 10 + + + #local Mariadb-galera cluster localDBCluster: false @@ -163,7 +189,7 @@ service: internalPort: 8181 internalPort2: 8101 internalPort3: 8080 - internalPort4: 2550 + internalPort4: 8443 #port externalPort: 8282 diff --git a/kubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml index 35b86a33a0..74e44012f3 100755 --- a/kubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml +++ b/kubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml @@ -323,6 +323,14 @@ server: tomcat: max-threads: 50 spring: + datasource: + hikari: + jdbcUrl: jdbc:mariadb://${DB_HOST}:${DB_PORT}/camundabpmn + username: ${DB_USERNAME} + password: ${DB_PASSWORD} + driver-class-name: org.mariadb.jdbc.Driver + pool-name: bpmn-pool + registerMbeans: true security: usercredentials: - diff --git a/kubernetes/so/charts/so-bpmn-infra/values.yaml b/kubernetes/so/charts/so-bpmn-infra/values.yaml index d97a6291db..beda24033f 100755 --- a/kubernetes/so/charts/so-bpmn-infra/values.yaml +++ b/kubernetes/so/charts/so-bpmn-infra/values.yaml @@ -27,7 +27,7 @@ global: # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 -image: onap/so/bpmn-infra:1.4.4 +image: onap/so/bpmn-infra:1.5.0 pullPolicy: Always replicaCount: 1 diff --git a/kubernetes/so/charts/so-catalog-db-adapter/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-catalog-db-adapter/resources/config/overrides/override.yaml index c59949c900..b643c4ae9e 100755 --- a/kubernetes/so/charts/so-catalog-db-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/charts/so-catalog-db-adapter/resources/config/overrides/override.yaml @@ -26,6 +26,14 @@ mso: db: auth: Basic YnBlbDpwYXNzd29yZDEk spring: + datasource: + hikari: + jdbcUrl: jdbc:mariadb://${DB_HOST}:${DB_PORT}/catalogdb + username: ${DB_USERNAME} + password: ${DB_PASSWORD} + driver-class-name: org.mariadb.jdbc.Driver + pool-name: catdb-pool + registerMbeans: true security: usercredentials: - diff --git a/kubernetes/so/charts/so-catalog-db-adapter/values.yaml b/kubernetes/so/charts/so-catalog-db-adapter/values.yaml index 614986bdd5..ecfeec2312 100755 --- a/kubernetes/so/charts/so-catalog-db-adapter/values.yaml +++ b/kubernetes/so/charts/so-catalog-db-adapter/values.yaml @@ -27,7 +27,7 @@ global: # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 -image: onap/so/catalog-db-adapter:1.4.4 +image: onap/so/catalog-db-adapter:1.5.0 pullPolicy: Always replicaCount: 1 diff --git a/kubernetes/so/charts/so-monitoring/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-monitoring/resources/config/overrides/override.yaml index c2e6ad06f3..dd649c14b8 100644 --- a/kubernetes/so/charts/so-monitoring/resources/config/overrides/override.yaml +++ b/kubernetes/so/charts/so-monitoring/resources/config/overrides/override.yaml @@ -15,3 +15,11 @@ mso: api: url: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083/infraActiveRequests/ auth: Basic YnBlbDpwYXNzd29yZDEk + +spring: + security: + usercredentials: + - + username: gui + password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke' + role: GUI-Client diff --git a/kubernetes/so/charts/so-monitoring/values.yaml b/kubernetes/so/charts/so-monitoring/values.yaml index ade711693b..494c38c6d5 100644 --- a/kubernetes/so/charts/so-monitoring/values.yaml +++ b/kubernetes/so/charts/so-monitoring/values.yaml @@ -32,7 +32,7 @@ global: # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 -image: onap/so/so-monitoring:1.4.4 +image: onap/so/so-monitoring:1.5.0 pullPolicy: Always replicaCount: 1 @@ -85,4 +85,3 @@ ingress: nodeSelector: {} tolerations: [] affinity: {} - diff --git a/kubernetes/so/charts/so-openstack-adapter/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-openstack-adapter/resources/config/overrides/override.yaml index 62351b8388..4bf20a683b 100755 --- a/kubernetes/so/charts/so-openstack-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/charts/so-openstack-adapter/resources/config/overrides/override.yaml @@ -17,6 +17,14 @@ aai: server: port: {{ index .Values.containerPort }} spring: + datasource: + hikari: + jdbcUrl: jdbc:mariadb://${DB_HOST}:${DB_PORT}/catalogdb + username: ${DB_USERNAME} + password: ${DB_PASSWORD} + driver-class-name: org.mariadb.jdbc.Driver + pool-name: catdb-pool + registerMbeans: false security: usercredentials: - diff --git a/kubernetes/so/charts/so-openstack-adapter/values.yaml b/kubernetes/so/charts/so-openstack-adapter/values.yaml index 02379cd807..965a306626 100755 --- a/kubernetes/so/charts/so-openstack-adapter/values.yaml +++ b/kubernetes/so/charts/so-openstack-adapter/values.yaml @@ -26,7 +26,7 @@ global: ################################################################# # Application configuration defaults. ################################################################# -image: onap/so/openstack-adapter:1.4.4 +image: onap/so/openstack-adapter:1.5.0 pullPolicy: Always repository: nexus3.onap.org:10001 diff --git a/kubernetes/so/charts/so-request-db-adapter/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-request-db-adapter/resources/config/overrides/override.yaml index 7a326d39a9..6d746ede18 100755 --- a/kubernetes/so/charts/so-request-db-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/charts/so-request-db-adapter/resources/config/overrides/override.yaml @@ -25,6 +25,14 @@ mso: auth: Basic YnBlbDpwYXNzd29yZDEk endpoint: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083 spring: + datasource: + hikari: + jdbcUrl: jdbc:mariadb://${DB_HOST}:${DB_PORT}/requestdb + username: ${DB_USERNAME} + password: ${DB_PASSWORD} + driver-class-name: org.mariadb.jdbc.Driver + pool-name: reqdb-pool + registerMbeans: true security: usercredentials: - diff --git a/kubernetes/so/charts/so-request-db-adapter/values.yaml b/kubernetes/so/charts/so-request-db-adapter/values.yaml index a6d29f52df..5c0329e509 100755 --- a/kubernetes/so/charts/so-request-db-adapter/values.yaml +++ b/kubernetes/so/charts/so-request-db-adapter/values.yaml @@ -27,7 +27,7 @@ global: # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 -image: onap/so/request-db-adapter:1.4.4 +image: onap/so/request-db-adapter:1.5.0 pullPolicy: Always replicaCount: 1 diff --git a/kubernetes/so/charts/so-sdc-controller/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-sdc-controller/resources/config/overrides/override.yaml index f74ef8fe35..44544f49e7 100755 --- a/kubernetes/so/charts/so-sdc-controller/resources/config/overrides/override.yaml +++ b/kubernetes/so/charts/so-sdc-controller/resources/config/overrides/override.yaml @@ -16,6 +16,14 @@ aai: server: port: {{ index .Values.containerPort }} spring: + datasource: + hikari: + jdbcUrl: jdbc:mariadb://${DB_HOST}:${DB_PORT}/catalogdb + username: ${DB_USERNAME} + password: ${DB_PASSWORD} + driver-class-name: org.mariadb.jdbc.Driver + pool-name: catdb-pool + registerMbeans: false security: usercredentials: - @@ -28,10 +36,13 @@ spring: role: ACTUATOR request: datasource: - jdbc-url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/requestdb - username: ${DB_USERNAME} - password: ${DB_PASSWORD} - driver-class-name: org.mariadb.jdbc.Driver + hikari: + jdbcUrl: jdbc:mariadb://${DB_HOST}:${DB_PORT}/requestdb + username: ${DB_USERNAME} + password: ${DB_PASSWORD} + driver-class-name: org.mariadb.jdbc.Driver + pool-name: reqdb-pool + registerMbeans: false mso: msoKey: 07a7159d3bf51a0e53be7a8f89699be7 logPath: ./logs/sdc diff --git a/kubernetes/so/charts/so-sdc-controller/values.yaml b/kubernetes/so/charts/so-sdc-controller/values.yaml index 90b5e773c8..2354edfea8 100755 --- a/kubernetes/so/charts/so-sdc-controller/values.yaml +++ b/kubernetes/so/charts/so-sdc-controller/values.yaml @@ -27,7 +27,7 @@ global: # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 -image: onap/so/sdc-controller:1.4.4 +image: onap/so/sdc-controller:1.5.0 pullPolicy: Always replicaCount: 1 diff --git a/kubernetes/so/charts/so-sdnc-adapter/values.yaml b/kubernetes/so/charts/so-sdnc-adapter/values.yaml index 32ab607ea5..0969452424 100755 --- a/kubernetes/so/charts/so-sdnc-adapter/values.yaml +++ b/kubernetes/so/charts/so-sdnc-adapter/values.yaml @@ -27,7 +27,7 @@ global: # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 -image: onap/so/sdnc-adapter:1.4.4 +image: onap/so/sdnc-adapter:1.5.0 pullPolicy: Always replicaCount: 1 diff --git a/kubernetes/so/charts/so-vfc-adapter/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-vfc-adapter/resources/config/overrides/override.yaml index 72a2f615d7..dee73abd41 100755 --- a/kubernetes/so/charts/so-vfc-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/charts/so-vfc-adapter/resources/config/overrides/override.yaml @@ -15,10 +15,13 @@ logging: path: logs spring: datasource: - driver-class-name: org.mariadb.jdbc.Driver - url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/requestdb - username: ${DB_USERNAME} - password: ${DB_PASSWORD} + hikari: + driver-class-name: org.mariadb.jdbc.Driver + jdbcUrl: jdbc:mariadb://${DB_HOST}:${DB_PORT}/requestdb + username: ${DB_USERNAME} + password: ${DB_PASSWORD} + pool-name: reqdb-pool + registerMbeans: true security: usercredentials: - username: bpel diff --git a/kubernetes/so/charts/so-vfc-adapter/values.yaml b/kubernetes/so/charts/so-vfc-adapter/values.yaml index 6265b83ed8..e69ceecc16 100755 --- a/kubernetes/so/charts/so-vfc-adapter/values.yaml +++ b/kubernetes/so/charts/so-vfc-adapter/values.yaml @@ -27,7 +27,7 @@ global: # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 -image: onap/so/vfc-adapter:1.4.4 +image: onap/so/vfc-adapter:1.5.0 pullPolicy: Always replicaCount: 1 diff --git a/kubernetes/so/charts/so-vnfm-adapter/values.yaml b/kubernetes/so/charts/so-vnfm-adapter/values.yaml index b3bd8f51db..a7051c5132 100755 --- a/kubernetes/so/charts/so-vnfm-adapter/values.yaml +++ b/kubernetes/so/charts/so-vnfm-adapter/values.yaml @@ -26,7 +26,7 @@ global: # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 -image: onap/so/vnfm-adapter:1.4.4 +image: onap/so/vnfm-adapter:1.5.0 pullPolicy: Always replicaCount: 1 diff --git a/kubernetes/so/resources/config/overrides/override.yaml b/kubernetes/so/resources/config/overrides/override.yaml index 143a594330..1aeb50dd23 100755 --- a/kubernetes/so/resources/config/overrides/override.yaml +++ b/kubernetes/so/resources/config/overrides/override.yaml @@ -60,7 +60,23 @@ mso: auth: 51EA5414022D7BE536E7516C4D1A6361416921849B72C0D6FC1C7F262FD9F2BBC2AD124190A332D9845A188AD80955567A4F975C84C221EEA8243BFD92FFE6896CDD1EA16ADD34E1E3D47D4A publisher: topic: com.att.ecomp.mso.operationalEnvironmentEvent + health: + auth: Basic bXNvX2FkbWlufHBhc3N3b3JkMSQ= + endpoints: + - subsystem: apih + uri: http://so-bpmn-infra:8081 + - subsystem: catalogdb + uri: http://so-catalog-db-adapter:8082 + spring: + datasource: + hikari: + jdbcUrl: jdbc:mariadb://${DB_HOST}:${DB_PORT}/catalogdb + username: ${DB_USERNAME} + password: ${DB_PASSWORD} + driver-class-name: org.mariadb.jdbc.Driver + pool-name: catdb-pool + registerMbeans: true jersey: type: filter security: @@ -91,10 +107,13 @@ spring: role: ACTUATOR request: datasource: - jdbc-url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/requestdb - username: ${DB_USERNAME} - password: ${DB_PASSWORD} - driver-class-name: org.mariadb.jdbc.Driver + hikari: + jdbcUrl: jdbc:mariadb://${DB_HOST}:${DB_PORT}/requestdb + username: ${DB_USERNAME} + password: ${DB_PASSWORD} + driver-class-name: org.mariadb.jdbc.Driver + pool-name: reqdb-pool + registerMbeans: true org: onap: so: diff --git a/kubernetes/so/values.yaml b/kubernetes/so/values.yaml index f94ddc8de3..862f7a61c8 100755 --- a/kubernetes/so/values.yaml +++ b/kubernetes/so/values.yaml @@ -25,7 +25,7 @@ global: serviceName: mariadb-galera servicePort: "3306" mariadbRootPassword: secretpassword - #This flag allows SO to instantiate its own mariadb-galera cluster, + #This flag allows SO to instantiate its own mariadb-galera cluster, #serviceName and nameOverride should be so-mariadb-galera if this flag is enabled localCluster: false persistence: @@ -38,12 +38,12 @@ global: dbPort: 3306 dbUser: root dbPassword: secretpassword - + ################################################################# # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 -image: onap/so/api-handler-infra:1.4.4 +image: onap/so/api-handler-infra:1.5.0 pullPolicy: Always replicaCount: 1 diff --git a/kubernetes/vid/charts/vid-mariadb-galera/values.yaml b/kubernetes/vid/charts/vid-mariadb-galera/values.yaml index d5ed703767..e0da745ebe 100644 --- a/kubernetes/vid/charts/vid-mariadb-galera/values.yaml +++ b/kubernetes/vid/charts/vid-mariadb-galera/values.yaml @@ -27,7 +27,7 @@ global: #repository: mysql repository: nexus3.onap.org:10001 -image: adfinissygroup/k8s-mariadb-galera-centos:v002 +image: adfinissygroup/k8s-mariadb-galera-centos:v004 imageInit: busybox pullPolicy: IfNotPresent @@ -43,8 +43,7 @@ config: # default number of instances in the StatefulSet -# keep in mind that if the number is increased you need to update vid-galera-config-job.yaml so that the job will know to wait for all pods. -replicaCount: 1 +replicaCount: 2 nodeSelector: {} diff --git a/kubernetes/vid/resources/certs/org.onap.vid.jks b/kubernetes/vid/resources/certs/org.onap.vid.jks Binary files differnew file mode 100644 index 0000000000..3c2ce9157d --- /dev/null +++ b/kubernetes/vid/resources/certs/org.onap.vid.jks diff --git a/kubernetes/vid/resources/certs/org.onap.vid.trust.jks b/kubernetes/vid/resources/certs/org.onap.vid.trust.jks Binary files differnew file mode 100644 index 0000000000..4caf7be652 --- /dev/null +++ b/kubernetes/vid/resources/certs/org.onap.vid.trust.jks diff --git a/kubernetes/vid/templates/deployment.yaml b/kubernetes/vid/templates/deployment.yaml index 8bce2cf1dc..a4e821ed78 100644 --- a/kubernetes/vid/templates/deployment.yaml +++ b/kubernetes/vid/templates/deployment.yaml @@ -109,6 +109,8 @@ spec: - name: VID_MYSQL_MAXCONNECTIONS value: "{{ .Values.config.vidmysqlmaxconnections }}" volumeMounts: + - mountPath: /opt/app/vid/etc + name: vid-certs - mountPath: /etc/localtime name: localtime readOnly: true @@ -140,6 +142,9 @@ spec: - mountPath: /usr/share/filebeat/data name: vid-data-filebeat volumes: + - name: vid-certs + secret: + secretName: {{ include "common.fullname" . }}-certs - name: localtime hostPath: path: /etc/localtime diff --git a/kubernetes/vid/templates/secrets.yaml b/kubernetes/vid/templates/secrets.yaml index 729e0b17c0..222a3d582a 100644 --- a/kubernetes/vid/templates/secrets.yaml +++ b/kubernetes/vid/templates/secrets.yaml @@ -25,3 +25,17 @@ metadata: type: Opaque data: vid-password: {{ .Values.config.vidmysqlpassword | b64enc | quote }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "common.fullname" . }}-certs + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +type: Opaque +data: +{{ tpl (.Files.Glob "resources/certs/*").AsSecrets . | indent 2 }} diff --git a/kubernetes/vid/templates/service.yaml b/kubernetes/vid/templates/service.yaml index 36b35e40da..1e465c95e0 100644 --- a/kubernetes/vid/templates/service.yaml +++ b/kubernetes/vid/templates/service.yaml @@ -29,17 +29,32 @@ spec: - port: {{ .Values.service.internalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} name: {{ .Values.service.portName }} - - port: {{ .Values.service.internalPort2 }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }} - name: {{ .Values.service.portName2 }} {{- else -}} - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} name: {{ .Values.service.portName }} - - port: {{ .Values.service.externalPort2 }} - targetPort: {{ .Values.service.internalPort2 }} - name: {{ .Values.service.portName2 }} {{- end}} selector: app: {{ include "common.name" . }} release: {{ .Release.Name }} +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }}-http + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + type: ClusterIP + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + ports: + - name: {{ .Values.service.portName }}-http + port: {{ .Values.service.externalHttpPort }} + targetPort: {{ .Values.service.internalHttpPort }} + protocol: TCP diff --git a/kubernetes/vid/values.yaml b/kubernetes/vid/values.yaml index 0825c76fb0..6d365a4493 100644 --- a/kubernetes/vid/values.yaml +++ b/kubernetes/vid/values.yaml @@ -27,7 +27,7 @@ subChartsOnly: # application image repository: nexus3.onap.org:10001 -image: onap/vid:4.3.1 +image: onap/vid:5.0.1 pullPolicy: Always # mariadb image for initializing @@ -86,10 +86,8 @@ service: externalPort: 8443 internalPort: 8443 nodePort: "00" - portName2: vid-http - externalPort2: 8080 - internalPort2: 8080 - nodePort2: "38" + externalHttpPort: 8080 + internalHttpPort: 8080 ingress: enabled: false |