diff options
20 files changed, 182 insertions, 23 deletions
diff --git a/docs/oom_user_guide.rst b/docs/oom_user_guide.rst index 6b0c00e25a..bb8ff0b27c 100644 --- a/docs/oom_user_guide.rst +++ b/docs/oom_user_guide.rst @@ -10,7 +10,7 @@ .. _Helm Documentation: https://docs.helm.sh/helm/ .. _Helm: https://docs.helm.sh/ .. _Kubernetes: https://Kubernetes.io/ - +.. _Kubernetes LoadBalancer: https://kubernetes.io/docs/concepts/services-networking/service/#type-loadbalancer .. _user-guide-label: OOM User Guide @@ -348,6 +348,60 @@ can be modified, for example the `so`'s `liveness` probe could be disabled <...> +Accessing the ONAP Portal using OOM and a Kubernetes Cluster +------------------------------------------------------------ + +The ONAP deployment created by OOM operates in a private IP network that isn't +publicly accessible (i.e. Openstack VMs with private internal network) which +blocks access to the ONAP Portal. To enable direct access to this Portal from a +user's own environment (a laptop etc.) the portal application's port 8989 is +exposed through a `Kubernetes LoadBalancer`_ object. + +Typically, to be able to access the Kubernetes nodes publicly a public address is +assigned. In Openstack this is a floating IP address. + +When the `portal-app` chart is deployed a Kubernetes service is created that +instantiates a load balancer. The LB chooses the private interface of one of +the nodes as in the example below (10.0.0.4 is private to the K8s cluster only). +Then to be able to access the portal on port 8989 from outside the K8s & +Openstack environment, the user needs to assign/get the floating IP address that +corresponds to the private IP as follows:: + + > kubectl -n onap get services|grep "portal-app" + portal-app LoadBalancer 10.43.142.201 10.0.0.4 8989:30215/TCP,8006:30213/TCP,8010:30214/TCP 1d app=portal-app,release=dev + + +In this example, use the 10.0.0.4 private address as a key find the +corresponding public address which in this example is 10.12.6.155. If you're +using OpenStack you'll do the lookup with the horizon GUI or the Openstack CLI +for your tenant (openstack server list). That IP is then used in your +`/etc/hosts` to map the fixed DNS aliases required by the ONAP Portal as shown +below:: + + 10.12.6.155 portal.api.simpledemo.onap.org + 10.12.6.155 vid.api.simpledemo.onap.org + 10.12.6.155 sdc.api.fe.simpledemo.onap.org + 10.12.6.155 portal-sdk.simpledemo.onap.org + 10.12.6.155 policy.api.simpledemo.onap.org + 10.12.6.155 aai.api.sparky.simpledemo.onap.org + 10.12.6.155 cli.api.simpledemo.onap.org + 10.12.6.155 msb.api.discovery.simpledemo.onap.org + +Ensure you've disabled any proxy settings the browser you are using to access +the portal and then simply access the familiar URL: +http://portal.api.simpledemo.onap.org:8989/ONAPPORTAL/login.htm + +.. note:: Alternatives Considered. + + Kubernetes port forwarding was considered but discarded as it would require + the end user to run a script that opens up port forwarding tunnels to each of + the pods that provides a portal application widget. + + Reverting to a VNC server similar to what was deployed in the Amsterdam + release was also considered but there were many issues with resolution, lack + of volume mount, /etc/hosts dynamic update, file upload that were a tall order + to solve in time for the Beijing release. + .. figure:: oomLogoV2-Monitor.png :align: right diff --git a/kubernetes/clamp/charts/clamp-dash-es/values.yaml b/kubernetes/clamp/charts/clamp-dash-es/values.yaml index 83fb73e9a8..7a8becf66f 100644 --- a/kubernetes/clamp/charts/clamp-dash-es/values.yaml +++ b/kubernetes/clamp/charts/clamp-dash-es/values.yaml @@ -32,8 +32,8 @@ busyboxImage: library/busybox:latest # application image loggingRepository: docker.elastic.co -image: elasticsearch/elasticsearch:5.6.8 -pullPolicy: IfNotPresent +image: elasticsearch/elasticsearch:5.6.9 +pullPolicy: Always # flag to enable debugging - application support required debugEnabled: false @@ -81,6 +81,7 @@ persistence: size: 4Gi mountPath: /dockerdata-nfs mountSubPath: clamp/dashboard-elasticsearch/data + mountSubPathLogs: clamp service: type: ClusterIP diff --git a/kubernetes/clamp/charts/clamp-dash-kibana/values.yaml b/kubernetes/clamp/charts/clamp-dash-kibana/values.yaml index 64b515c1d5..60a504d515 100644 --- a/kubernetes/clamp/charts/clamp-dash-kibana/values.yaml +++ b/kubernetes/clamp/charts/clamp-dash-kibana/values.yaml @@ -39,8 +39,8 @@ busyboxImage: library/busybox:latest # application image loggingRepository: docker.elastic.co -image: kibana/kibana:5.6.8 -pullPolicy: IfNotPresent +image: kibana/kibana:5.6.9 +pullPolicy: Always # flag to enable debugging - application support required debugEnabled: false diff --git a/kubernetes/clamp/charts/clamp-dash-logstash/values.yaml b/kubernetes/clamp/charts/clamp-dash-logstash/values.yaml index e3463e91ab..bb12210398 100644 --- a/kubernetes/clamp/charts/clamp-dash-logstash/values.yaml +++ b/kubernetes/clamp/charts/clamp-dash-logstash/values.yaml @@ -30,8 +30,8 @@ global: # application image loggingRepository: docker.elastic.co -image: logstash/logstash:5.6.8 -pullPolicy: IfNotPresent +image: logstash/logstash:5.6.9 +pullPolicy: Always # flag to enable debugging - application support required debugEnabled: false diff --git a/kubernetes/clamp/resources/config/sdc-controllers-config.json b/kubernetes/clamp/resources/config/sdc-controllers-config.json new file mode 100644 index 0000000000..3adda95c11 --- /dev/null +++ b/kubernetes/clamp/resources/config/sdc-controllers-config.json @@ -0,0 +1,18 @@ +{ + "sdc-connections":{ + "sdc-controller":{ + "user": "clamp", + "consumerGroup": "clamp", + "consumerId": "clamp", + "environmentName": "AUTO", + "sdcAddress": "sdc-be.{{ include "common.namespace" . }}:8443", + "password": "b7acccda32b98c5bb7acccda32b98c5b05D511BD6D93626E90D18E9D24D9B78CD34C7EE8012F0A189A28763E82271E50A5D4EC10C7D93E06E0A2D27CAE66B981", + "pollingInterval":30, + "pollingTimeout":30, + "activateServerTLSAuth":"false", + "keyStorePassword":"", + "keyStorePath":"", + "messageBusAddresses":["message-router.{{ include "common.namespace" . }}"] + } + } +} diff --git a/kubernetes/clamp/templates/configmap.yaml b/kubernetes/clamp/templates/configmap.yaml index bee8f132ea..7a66c64755 100644 --- a/kubernetes/clamp/templates/configmap.yaml +++ b/kubernetes/clamp/templates/configmap.yaml @@ -23,4 +23,5 @@ metadata: release: {{ .Release.Name }} heritage: {{ .Release.Service }} data: - spring_application_json: {{ tpl .Values.config.springApplicationJson . | quote }} +{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} + spring_application_json: {{ tpl .Values.config.springApplicationJson . | quote }} diff --git a/kubernetes/clamp/templates/deployment.yaml b/kubernetes/clamp/templates/deployment.yaml index 4a3a0f9e4f..38eabeb968 100644 --- a/kubernetes/clamp/templates/deployment.yaml +++ b/kubernetes/clamp/templates/deployment.yaml @@ -65,6 +65,10 @@ spec: port: {{ .Values.service.internalPort }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} + volumeMounts: + - mountPath: /opt/clamp/sdc-controllers-config.json + name: {{ include "common.fullname" . }}-config + subPath: sdc-controllers-config.json env: - name: SPRING_APPLICATION_JSON valueFrom: @@ -81,5 +85,12 @@ spec: affinity: {{ toYaml .Values.affinity | indent 10 }} {{- end }} + volumes: + - name: {{ include "common.fullname" . }}-config + configMap: + name: {{ include "common.fullname" . }} + items: + - key: sdc-controllers-config.json + path: sdc-controllers-config.json imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/clamp/values.yaml b/kubernetes/clamp/values.yaml index 06fe3d9d18..71752fcfc6 100644 --- a/kubernetes/clamp/values.yaml +++ b/kubernetes/clamp/values.yaml @@ -41,17 +41,18 @@ config: dataRootDir: /dockerdata-nfs springApplicationJson: > { - "spring.datasource.cldsdb.url": "jdbc:mariadb:sequential://clampdb:3306/cldsdb4?autoReconnect=true&connectTimeout=10000&socketTimeout=10000&retriesAllDown=3", - "clamp.config.sdc.catalog.url": "https://sdc-be:8443/sdc/v1/catalog/", - "clamp.config.sdc.hostUrl": "https://sdc-be:8443/", - "clamp.config.sdc.serviceUrl": "https://sdc-be:8443/sdc/v1/catalog/services", + "spring.datasource.cldsdb.url": "jdbc:mariadb:sequential://clampdb.{{ include "common.namespace" . }}:3306/cldsdb4?autoReconnect=true&connectTimeout=10000&socketTimeout=10000&retriesAllDown=3", + "clamp.config.sdc.catalog.url": "http://sdc-be.{{ include "common.namespace" . }}:8080/sdc/v1/catalog/", + "clamp.config.sdc.hostUrl": "http://sdc-be.{{ include "common.namespace" . }}:8080/", + "clamp.config.sdc.serviceUrl": "http://sdc-be.{{ include "common.namespace" . }}:8080/sdc/v1/catalog/services", "clamp.config.sdc.serviceUsername": "clamp", "clamp.config.sdc.servicePassword": "b7acccda32b98c5bb7acccda32b98c5b05D511BD6D93626E90D18E9D24D9B78CD34C7EE8012F0A189A28763E82271E50A5D4EC10C7D93E06E0A2D27CAE66B981", - "clamp.config.dcae.inventory.url": "http://dcaegen2:8080", - "clamp.config.dcae.dispatcher.url": "http://dcaegen2:8080", - "clamp.config.policy.pdpUrl1": "https://policy-pdp:9091/pdp/ , testpdp, alpha123", - "clamp.config.policy.pdpUrl2": "https://policy-pdp:9091/pdp/ , testpdp, alpha123", - "clamp.config.policy.papUrl": "https://policy-pap:8443/pap/ , testpap, alpha123", + "clamp.config.files.sdcController": "file:/opt/clamp/sdc-controllers-config.json", + "clamp.config.dcae.inventory.url": "http://dcaegen2.{{ include "common.namespace" . }}:8080", + "clamp.config.dcae.dispatcher.url": "http://dcaegen2.{{ include "common.namespace" . }}:8080", + "clamp.config.policy.pdpUrl1": "https://pdp.{{ include "common.namespace" . }}:9091/pdp/ , testpdp, alpha123", + "clamp.config.policy.pdpUrl2": "https://pdp.{{ include "common.namespace" . }}:9091/pdp/ , testpdp, alpha123", + "clamp.config.policy.papUrl": "https://pap.{{ include "common.namespace" . }}:8443/pap/ , testpap, alpha123", "clamp.config.policy.clientKey": "5CE79532B3A2CB4D132FC0C04BF916A7" } diff --git a/kubernetes/consul/resources/config/consul-agent-config/clamp-health.json b/kubernetes/consul/resources/config/consul-agent-config/clamp-health.json new file mode 100644 index 0000000000..5fb57b4b6b --- /dev/null +++ b/kubernetes/consul/resources/config/consul-agent-config/clamp-health.json @@ -0,0 +1,17 @@ +{ + "service": { + "name": "Health Check: CLAMP", + "check":[ + { + "id" : "clamp-health", + "name": "Clamp Health Check", + "http": "http://clamp:8080/restservices/clds/v1/clds/healthcheck", + "tls_skip_verify": true, + "method": "GET", + "interval": "10s", + "timeout": "1s" + } + ] + } +} + diff --git a/kubernetes/consul/resources/config/consul-agent-config/clamp-mariadb-health.json b/kubernetes/consul/resources/config/consul-agent-config/clamp-mariadb-health.json new file mode 100644 index 0000000000..f5ae467d74 --- /dev/null +++ b/kubernetes/consul/resources/config/consul-agent-config/clamp-mariadb-health.json @@ -0,0 +1,16 @@ +{ + "service": { + "name": "Health Check: CLAMP - MariaDb", + "checks": [ + { + "id": "clamp-mariadb", + "name": "CLAMP Mariadb Health Check", + "script": "/consul/scripts/clamp-mariadb-script.sh", + "interval": "10s", + "timeout": "1s" + } + ] + + } +} + diff --git a/kubernetes/consul/resources/config/consul-agent-config/scripts/clamp-mariadb-script.sh b/kubernetes/consul/resources/config/consul-agent-config/scripts/clamp-mariadb-script.sh new file mode 100644 index 0000000000..2cf7fc78c5 --- /dev/null +++ b/kubernetes/consul/resources/config/consul-agent-config/scripts/clamp-mariadb-script.sh @@ -0,0 +1,15 @@ +NAME=$(/consul/bin/kubectl -n {{ include "common.namespace" . }} get pod | grep -o "[^[:space:]]*-clampdb[^[:space:]]*") + + if [ -n "$NAME" ]; then + if /consul/bin/kubectl -n {{ include "common.namespace" . }} exec -it $NAME -- bash -c 'mysqladmin status -u root -p$MYSQL_ROOT_PASSWORD' > /dev/null; then + echo Success. CLAMP DBHost is running. 2>&1 + exit 0 + else + echo Failed. CLAMP DBHost is not running. 2>&1 + exit 1 + fi + else + echo Failed. CLAMP DBHost is offline. 2>&1 + exit 1 + fi + diff --git a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/drools-tweaks.sh b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/drools-tweaks.sh index 65ef7053cd..54700078c5 100644 --- a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/drools-tweaks.sh +++ b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/drools-tweaks.sh @@ -16,3 +16,7 @@ ${POLICY_HOME}/bin/features enable healthcheck +${POLICY_HOME}/bin/features enable pooling-dmaap +${POLICY_HOME}/bin/features enable distributed-locking + +${POLICY_HOME}/bin/db-migrator -s pooling -o upgrade diff --git a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/feature-pooling-dmaap.conf b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/feature-pooling-dmaap.conf new file mode 100644 index 0000000000..82384075b5 --- /dev/null +++ b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/feature-pooling-dmaap.conf @@ -0,0 +1,15 @@ +# Copyright 2018 AT&T Intellectual Property. All rights reserved +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +POOLING_TOPIC=POOLING diff --git a/kubernetes/policy/charts/drools/templates/statefulset.yaml b/kubernetes/policy/charts/drools/templates/statefulset.yaml index 9041478c8c..68b415e989 100644 --- a/kubernetes/policy/charts/drools/templates/statefulset.yaml +++ b/kubernetes/policy/charts/drools/templates/statefulset.yaml @@ -88,6 +88,9 @@ spec: - mountPath: /tmp/policy-install/config/feature-healthcheck.conf name: drools-secret subPath: feature-healthcheck.conf + - mountPath: /tmp/policy-install/config/feature-pooling-dmaap.conf + name: drools-config + subPath: feature-pooling-dmaap.conf - mountPath: /tmp/policy-install/config/base.conf name: drools-config subPath: base.conf @@ -160,6 +163,9 @@ spec: - key: base.conf path: base.conf mode: 0755 + - key: feature-pooling-dmaap.conf + path: feature-pooling-dmaap.conf + mode: 0755 - key: policy-management.conf path: policy-management.conf mode: 0755 diff --git a/kubernetes/policy/charts/drools/values.yaml b/kubernetes/policy/charts/drools/values.yaml index f309520175..9ce804032e 100644 --- a/kubernetes/policy/charts/drools/values.yaml +++ b/kubernetes/policy/charts/drools/values.yaml @@ -51,7 +51,7 @@ liveness: periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container - enabled: false + enabled: true readiness: initialDelaySeconds: 10 diff --git a/kubernetes/policy/charts/mariadb/resources/config/db.sh b/kubernetes/policy/charts/mariadb/resources/config/db.sh index ead656ef0e..067b3c312f 100644 --- a/kubernetes/policy/charts/mariadb/resources/config/db.sh +++ b/kubernetes/policy/charts/mariadb/resources/config/db.sh @@ -14,7 +14,7 @@ #!/bin/bash -xv -for db in support onap_sdk log +for db in support onap_sdk log migration operationshistory10 pooling do mysql -uroot -p"${MYSQL_ROOT_PASSWORD}" --execute "CREATE DATABASE IF NOT EXISTS ${db};" mysql -uroot -p"${MYSQL_ROOT_PASSWORD}" --execute "GRANT ALL PRIVILEGES ON \`${db}\`.* TO '${MYSQL_USER}'@'%' ;" diff --git a/kubernetes/policy/resources/config/pe/pap.conf b/kubernetes/policy/resources/config/pe/pap.conf index ae9d47c491..3fe9bd0cf9 100644 --- a/kubernetes/policy/resources/config/pe/pap.conf +++ b/kubernetes/policy/resources/config/pe/pap.conf @@ -39,7 +39,7 @@ REST_ADMIN_REPOSITORY=repository REST_ADMIN_WORKSPACE=workspace # PDP related properties -PAP_PDP_URL=http://{{ .Release.Name }}-{{ .Values.global.pdp.nameOverride }}-0.{{ .Values.global.pdp.nameOverride }}.{{ include "common.namespace" . }}.svc.cluster.local:{{ .Values.config.pdpPort }}/pdp/,testpdp,alpha123;http://{{ .Release.Name }}-{{ .Values.global.pdp.nameOverride }}-1.{{ .Values.global.pdp.nameOverride }}.{{ include "common.namespace" . }}.svc.cluster.local:{{ .Values.config.pdpPort }}/pdp/ +PAP_PDP_URL=http://{{ .Release.Name }}-{{ .Values.global.pdp.nameOverride }}-0.{{ .Values.global.pdp.nameOverride }}.{{ include "common.namespace" . }}.svc.cluster.local:{{ .Values.config.pdpPort }}/pdp/,testpdp,alpha123;http://{{ .Release.Name }}-{{ .Values.global.pdp.nameOverride }}-1.{{ .Values.global.pdp.nameOverride }}.{{ include "common.namespace" . }}.svc.cluster.local:{{ .Values.config.pdpPort }}/pdp/,testpdp,alpha123;http://{{ .Release.Name }}-{{ .Values.global.pdp.nameOverride }}-3.{{ .Values.global.pdp.nameOverride }}.{{ include "common.namespace" . }}.svc.cluster.local:{{ .Values.config.pdpPort }}/pdp/,testpdp,alpha123;http://{{ .Release.Name }}-{{ .Values.global.pdp.nameOverride }}-4.{{ .Values.global.pdp.nameOverride }}.{{ include "common.namespace" . }}.svc.cluster.local:{{ .Values.config.pdpPort }}/pdp/ PAP_PDP_HTTP_USER_ID=testpdp PAP_PDP_HTTP_PASSWORD=alpha123 diff --git a/kubernetes/robot/values.yaml b/kubernetes/robot/values.yaml index e3a2e13027..54d72a7431 100644 --- a/kubernetes/robot/values.yaml +++ b/kubernetes/robot/values.yaml @@ -21,7 +21,7 @@ global: # global defaults # application image repository: nexus3.onap.org:10001 -image: onap/testsuite:1.2-STAGING-latest +image: onap/testsuite:1.2.0 pullPolicy: Always ubuntuInitImage: oomk8s/ubuntu-init:2.0.0 diff --git a/kubernetes/sniro-emulator/values.yaml b/kubernetes/sniro-emulator/values.yaml index 389696061b..970578d063 100644 --- a/kubernetes/sniro-emulator/values.yaml +++ b/kubernetes/sniro-emulator/values.yaml @@ -20,7 +20,7 @@ global: # global defaults # application image repository: nexus3.onap.org:10001 -image: onap/sniroemulator +image: onap/sniroemulator:latest pullPolicy: IfNotPresent # flag to enable debugging - application support required diff --git a/kubernetes/vnfsdk/values.yaml b/kubernetes/vnfsdk/values.yaml index cf1be0095a..200821c434 100644 --- a/kubernetes/vnfsdk/values.yaml +++ b/kubernetes/vnfsdk/values.yaml @@ -28,7 +28,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/vnfsdk/refrepo:1.1-STAGING-latest +image: onap/vnfsdk/refrepo:1.1.1 pullPolicy: Always postgres: |