diff options
95 files changed, 726 insertions, 708 deletions
diff --git a/.gitignore b/.gitignore index 8b573a454f..71fed48208 100644 --- a/.gitignore +++ b/.gitignore @@ -32,6 +32,9 @@ Chart.lock .idea/* *.iml +# VSCode +.vscode/* + # Mac OS *DS_Store* @@ -51,6 +51,16 @@ committers: company: 'Individual' id: 'jackl' timezone: 'USA/EST' + - name: 'Fiachra Corcoran' + email: 'fiachra.corcoran@est.tech' + company: 'ericsson' + id: 'efiacor' + timezone: 'Europe/Dublin' + - name: 'Dan Timoney' + email: 'dtimoney@att.com' + id: 'djtimoney' + company: 'ATT' + timezone: 'America/New_York' tsc: approval: 'https://lists.onap.org/pipermail/onap-tsc' changes: @@ -62,3 +72,11 @@ tsc: name: 'Jack Lucas' # yamllint disable-line rule:line-length link: 'https://wiki.onap.org/display/DW/Committer+Promotion+for+%5BOOM%5D+%3A+Jack+Lucas' + - type: 'Addition' + name: 'Fiachra Corcoran' + # yamllint disable-line rule:line-length + link: 'https://wiki.onap.org/display/DW/Committer+Promotion+Request+for+%5BOOM%5D+-+Fiachra+Corcoran' + - type: 'Addition' + name: 'Dan Timoney' + # yamllint disable-line rule:line-length + link: 'https://wiki.onap.org/display/DW/Committer+Promotion+Request+for+%5BOOM%5D+-+Dan+Timoney' diff --git a/kubernetes/aai/components/aai-graphadmin/values.yaml b/kubernetes/aai/components/aai-graphadmin/values.yaml index 6f372f9bd9..a232d53c84 100644 --- a/kubernetes/aai/components/aai-graphadmin/values.yaml +++ b/kubernetes/aai/components/aai-graphadmin/values.yaml @@ -76,7 +76,7 @@ global: # global defaults version: # Current version of the REST API api: - default: v26 + default: v24 # Specifies which version the depth parameter is configurable depth: v11 # List of all the supported versions of the API diff --git a/kubernetes/aai/components/aai-resources/values.yaml b/kubernetes/aai/components/aai-resources/values.yaml index b1f8c085b8..fdb243de0a 100644 --- a/kubernetes/aai/components/aai-resources/values.yaml +++ b/kubernetes/aai/components/aai-resources/values.yaml @@ -77,7 +77,7 @@ global: # global defaults version: # Current version of the REST API api: - default: v26 + default: v24 # Specifies which version the depth parameter is configurable depth: v11 # List of all the supported versions of the API diff --git a/kubernetes/aai/components/aai-schema-service/values.yaml b/kubernetes/aai/components/aai-schema-service/values.yaml index 1dd374c4dc..b03032677e 100644 --- a/kubernetes/aai/components/aai-schema-service/values.yaml +++ b/kubernetes/aai/components/aai-schema-service/values.yaml @@ -40,7 +40,7 @@ global: # global defaults version: # Current version of the REST API api: - default: v26 + default: v24 # Specifies which version the depth parameter is configurable depth: v11 # List of all the supported versions of the API diff --git a/kubernetes/aai/components/aai-traversal/values.yaml b/kubernetes/aai/components/aai-traversal/values.yaml index b1c8fdd221..921d2dc832 100644 --- a/kubernetes/aai/components/aai-traversal/values.yaml +++ b/kubernetes/aai/components/aai-traversal/values.yaml @@ -84,7 +84,7 @@ global: # global defaults version: # Current version of the REST API api: - default: v26 + default: v24 # Specifies which version the depth parameter is configurable depth: v11 # List of all the supported versions of the API diff --git a/kubernetes/aai/values.yaml b/kubernetes/aai/values.yaml index 62d1d2eabd..aa0e376b29 100644 --- a/kubernetes/aai/values.yaml +++ b/kubernetes/aai/values.yaml @@ -231,7 +231,7 @@ global: # global defaults version: # Current version of the REST API api: - default: v26 + default: v24 # Specifies which version the depth parameter is configurable depth: v11 # List of all the supported versions of the API diff --git a/kubernetes/common/certInitializer/templates/_certInitializer.yaml b/kubernetes/common/certInitializer/templates/_certInitializer.yaml index b1e85c00cc..1312d98009 100644 --- a/kubernetes/common/certInitializer/templates/_certInitializer.yaml +++ b/kubernetes/common/certInitializer/templates/_certInitializer.yaml @@ -47,6 +47,8 @@ - name: {{ include "common.name" $dot }}-aaf-config image: {{ include "repositoryGenerator.repository" $subchartDot }}/{{ $subchartDot.Values.global.aafAgentImage }} imagePullPolicy: {{ $subchartDot.Values.global.pullPolicy | default $subchartDot.Values.pullPolicy }} + securityContext: + runAsUser: 0 volumeMounts: - mountPath: {{ $initRoot.mountPath }} name: {{ include "common.certInitializer._aafConfigVolumeName" $dot }} diff --git a/kubernetes/common/common/templates/_ingress.tpl b/kubernetes/common/common/templates/_ingress.tpl index 7fee67a7a4..f2741079c7 100644 --- a/kubernetes/common/common/templates/_ingress.tpl +++ b/kubernetes/common/common/templates/_ingress.tpl @@ -13,11 +13,18 @@ http: paths: - backend: - serviceName: {{ .name }} - servicePort: {{ .port }} + service: + name: {{ .name }} + port: + {{- if kindIs "string" .port }} + name: {{ .port }} + {{- else }} + number: {{ .port }} + {{- end }} {{- if .path }} path: {{ .path }} {{- end }} + pathType: ImplementationSpecific {{- end }} {{- end -}} @@ -69,7 +76,7 @@ nginx.ingress.kubernetes.io/ssl-redirect: "false" {{- $ingressEnabled := include "common.ingress._overrideIfDefined" (dict "currVal" $ingressEnabled "parent" (default (dict) .Values.global.ingress) "var" "enabled") }} {{- $ingressEnabled := include "common.ingress._overrideIfDefined" (dict "currVal" $ingressEnabled "parent" .Values.ingress "var" "enabledOverride") }} {{- if $ingressEnabled }} -apiVersion: networking.k8s.io/v1beta1 +apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: {{ include "common.fullname" . }}-ingress diff --git a/kubernetes/common/common/templates/_serviceMonitor.tpl b/kubernetes/common/common/templates/_serviceMonitor.tpl index eb6c047c2f..81d7a74578 100644 --- a/kubernetes/common/common/templates/_serviceMonitor.tpl +++ b/kubernetes/common/common/templates/_serviceMonitor.tpl @@ -110,8 +110,12 @@ namespace: {{ $dot.Values.metrics.serviceMonitor.namespace }} {{- else }} namespace: {{ include "common.namespace" $dot }} {{- end }} +{{- if $dot.Values.metrics.serviceMonitor.labels }} +labels: {{- include "common.tplValue" ( dict "value" $dot.Values.metrics.serviceMonitor.labels "context" $dot) | nindent 2 }} +{{- else }} labels: {{- include "common.labels" (dict "labels" $labels "dot" $dot) | nindent 2 }} {{- end -}} +{{- end -}} {{/* Create service monitor template @@ -133,14 +137,31 @@ spec: {{- else }} port: metrics {{- end }} + {{- if $dot.Values.metrics.serviceMonitor.isHttps }} + scheme: https + {{- if $dot.Values.metrics.serviceMonitor.tlsConfig }} + tlsConfig: {{- include "common.tplValue" ( dict "value" $dot.Values.metrics.serviceMonitor.tlsConfig "context" $dot) | nindent 6 }} + {{- else }} + tlsConfig: + insecureSkipVerify: true + {{- end }} + {{- end }} {{- if $dot.Values.metrics.serviceMonitor.basicAuth.enabled }} basicAuth: username: key: {{ $dot.Values.metrics.serviceMonitor.basicAuth.externalSecretUserKey }} + {{- if $dot.Values.metrics.serviceMonitor.basicAuth.externalSecretNameSuffix }} + name: {{ include "common.release" . }}-{{ $dot.Values.metrics.serviceMonitor.basicAuth.externalSecretNameSuffix }} + {{- else }} name: {{ $dot.Values.metrics.serviceMonitor.basicAuth.externalSecretName }} + {{- end }} password: key: {{ $dot.Values.metrics.serviceMonitor.basicAuth.externalSecretPasswordKey }} + {{- if $dot.Values.metrics.serviceMonitor.basicAuth.externalSecretNameSuffix }} + name: {{ include "common.release" . }}-{{ $dot.Values.metrics.serviceMonitor.basicAuth.externalSecretNameSuffix }} + {{- else }} name: {{ $dot.Values.metrics.serviceMonitor.basicAuth.externalSecretName }} + {{- end }} {{- end }} {{- if $dot.Values.metrics.serviceMonitor.interval }} interval: {{ $dot.Values.metrics.serviceMonitor.interval }} diff --git a/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml b/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml index 210fbd02ba..4248cfe85c 100644 --- a/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml +++ b/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml @@ -15,7 +15,7 @@ # limitations under the License. */}} -{{- if .Values.backup.enabled }} +{{- if and .Values.backup.enabled .Values.persistence.enabled }} apiVersion: batch/v1beta1 kind: CronJob metadata: @@ -37,7 +37,10 @@ spec: - name: mariadb-galera-backup-init image: {{ include "repositoryGenerator.image.mariadb" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - {{ include "common.containerSecurityContext" . | indent 14 | trim }} + securityContext: + allowPrivilegeEscalation: false + privileged: false + readOnlyRootFilesystem: false command: - /bin/bash - -c @@ -52,7 +55,7 @@ spec: target_dir=/backup/backup-`date +%s` mkdir -p $target_dir - mysqlhost={{ include "common.servicename" . }}.{{ include "common.namespace" . }} + mysqlhost={{ include "common.fullname" . }}-0.{{ include "common.servicename" . }}-headless.{{ include "common.namespace" . }} mariabackup --backup --target-dir=$target_dir --user=root --password=$DB_PASS --host=$mysqlhost @@ -78,13 +81,18 @@ spec: volumeMounts: - name: backup-dir mountPath: /backup + - name: data + mountPath: /bitnami/mariadb containers: - name: mariadb-backup-validate image: {{ include "repositoryGenerator.image.mariadb" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - {{ include "common.containerSecurityContext" . | indent 14 | trim }} + securityContext: + allowPrivilegeEscalation: false + privileged: false + readOnlyRootFilesystem: false env: - - name: MYSQL_ROOT_PASSWORD + - name: MARIADB_ROOT_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" (include "common.mariadb.secret.rootPassUID" .) "key" "password") | indent 18 }} command: - /bin/bash @@ -105,17 +113,17 @@ spec: fi target_dir=$(ls -td -- /backup/backup-* | head -n 1) - cp -Ra $target_dir/* /var/lib/mysql/ + cp -Ra $target_dir/* /bitnami/mariadb/data - if [ ! "$(ls -A /var/lib/mysql)" ]; then + if [ ! "$(ls -A /bitnami/mariadb/data)" ]; then remove_dir $target_dir exit 0 fi - /docker-entrypoint.sh mysqld & + /opt/bitnami/scripts/mariadb/entrypoint.sh /opt/bitnami/scripts/mariadb/run.sh & count=0 - until mysql --user=root --password=$MYSQL_ROOT_PASSWORD -e "SELECT 1"; + until mysql --user=root --password=$MARIADB_ROOT_PASSWORD -e "SELECT 1"; do sleep 3; count=`expr $count + 1`; if [ $count -ge 30 ]; then @@ -124,7 +132,7 @@ spec: fi; done - mysqlcheck -A --user=root --password=$MYSQL_ROOT_PASSWORD > /tmp/output.log + mysqlcheck -A --user=root --password=$MARIADB_ROOT_PASSWORD > /tmp/output.log error_lines=`cat /tmp/output.log| grep -v "OK" | wc -l` cat /tmp/output.log @@ -142,6 +150,10 @@ spec: fi resources: {{ include "common.resources" . | nindent 12 }} volumeMounts: + - mountPath: /bitnami/mariadb/data + name: tmp-data + - mountPath: /opt/bitnami/mariadb/tmp + name: tmp - mountPath: /etc/localtime name: localtime readOnly: true @@ -153,7 +165,18 @@ spec: - name: localtime hostPath: path: /etc/localtime + - name: data + persistentVolumeClaim: + {{- if .Values.persistence.existingClaim }} + claimName: {{ .Values.persistence.existingClaim }} + {{- else }} + claimName: {{ include "common.fullname" . }}-{{ include "common.fullname" . }}-0 + {{- end }} - name: backup-dir persistentVolumeClaim: claimName: {{ include "common.fullname" . }}-backup-data + - name: tmp-data + emptyDir: {} + - name: tmp + emptyDir: {} {{- end }} diff --git a/kubernetes/common/mariadb-galera/templates/statefulset.yaml b/kubernetes/common/mariadb-galera/templates/statefulset.yaml index bb3af76115..22832c936d 100644 --- a/kubernetes/common/mariadb-galera/templates/statefulset.yaml +++ b/kubernetes/common/mariadb-galera/templates/statefulset.yaml @@ -78,7 +78,7 @@ spec: - -ec - | {{- if (not (empty (.Values.galera.bootstrap.bootstrapFromNode | quote)))}} - {{- $fullname := include "common.names.fullname" . }} + {{- $fullname := include "common.fullname" . }} {{- $bootstrapFromNode := int .Values.galera.bootstrap.bootstrapFromNode }} # Bootstrap from the indicated node NODE_ID="${MY_POD_NAME#"{{ $fullname }}-"}" diff --git a/kubernetes/common/mariadb-galera/values.yaml b/kubernetes/common/mariadb-galera/values.yaml index 9f7c882134..d65c4f7943 100644 --- a/kubernetes/common/mariadb-galera/values.yaml +++ b/kubernetes/common/mariadb-galera/values.yaml @@ -174,6 +174,8 @@ galera: # password: # externalSecret: +## The backup job will mount the mariadb data pvc in order to run mariabackup. +## For this reason the db data pvc needs to have accessMode: ReadWriteMany. backup: enabled: false cron: "00 00 * * *" @@ -458,6 +460,7 @@ persistence: ## annotations: ## Persistent Volume Access Mode + ## Use ReadWriteMany if backup is enabled, see backup section. ## accessMode: ReadWriteOnce ## Persistent Volume size diff --git a/kubernetes/cps/Chart.yaml b/kubernetes/cps/Chart.yaml index 5e951d7beb..9052e00058 100644 --- a/kubernetes/cps/Chart.yaml +++ b/kubernetes/cps/Chart.yaml @@ -23,6 +23,10 @@ dependencies: - name: common version: ~10.x-0 repository: '@local' + - name: roles-wrapper + version: ~10.x-0 + repository: '@local' + condition: standaloneDeployment - name: cps-core version: ~10.x-0 repository: '@local' diff --git a/kubernetes/cps/components/cps-core/values.yaml b/kubernetes/cps/components/cps-core/values.yaml index 3da5d170b7..d65924e90f 100644 --- a/kubernetes/cps/components/cps-core/values.yaml +++ b/kubernetes/cps/components/cps-core/values.yaml @@ -67,7 +67,7 @@ global: container: name: postgres -image: onap/cps-and-ncmp:2.0.1 +image: onap/cps-and-ncmp:3.0.0 containerPort: &svc_port 8080 managementPort: &mgt_port 8081 diff --git a/kubernetes/cps/components/cps-temporal/values.yaml b/kubernetes/cps/components/cps-temporal/values.yaml index 8b3f16b64c..68bc2a7e8a 100644 --- a/kubernetes/cps/components/cps-temporal/values.yaml +++ b/kubernetes/cps/components/cps-temporal/values.yaml @@ -40,7 +40,7 @@ secrets: password: '{{ .Values.config.appUserPassword }}' passwordPolicy: generate -image: onap/cps-temporal:1.0.0 +image: onap/cps-temporal:1.1.0 containerPort: &svc_port 8080 managementPort: &mgt_port 8081 diff --git a/kubernetes/cps/components/ncmp-dmi-plugin/values.yaml b/kubernetes/cps/components/ncmp-dmi-plugin/values.yaml index 753b8baaff..0edb648327 100644 --- a/kubernetes/cps/components/ncmp-dmi-plugin/values.yaml +++ b/kubernetes/cps/components/ncmp-dmi-plugin/values.yaml @@ -47,7 +47,7 @@ global: virtualhost: baseurl: "simpledemo.onap.org" -image: onap/ncmp-dmi-plugin:1.0.1 +image: onap/ncmp-dmi-plugin:1.1.0 containerPort: &svc_port 8080 managementPort: &mgt_port 8081 diff --git a/kubernetes/cps/values.yaml b/kubernetes/cps/values.yaml index 6093fa72fa..754b016fe8 100755 --- a/kubernetes/cps/values.yaml +++ b/kubernetes/cps/values.yaml @@ -32,6 +32,9 @@ secrets: passwordPolicy: generate passwordStrengthOverride: basic + +standaloneDeployment: false + global: ingress: virtualhost: diff --git a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl index ef49f8c5d4..5a45fa1004 100644 --- a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl +++ b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl @@ -1,7 +1,7 @@ {{/* #============LICENSE_START======================================================== # ================================================================================ -# Copyright (c) 2021 J. F. Lucas. All rights reserved. +# Copyright (c) 2021-2022 J. F. Lucas. All rights reserved. # Copyright (c) 2021 AT&T Intellectual Property. All rights reserved. # Copyright (c) 2021 Nokia. All rights reserved. # Copyright (c) 2021 Nordix Foundation. @@ -176,18 +176,11 @@ The Deployment always includes a single Pod, with a container that uses the DCAE microservice image. The Deployment Pod may also include a logging sidecar container. -The sidecar is included if .Values.logDirectory is set. The +The sidecar is included if .Values.log.path is set. The logging sidecar and the DCAE microservice container share a volume where the microservice logs are written. -The Deployment includes an initContainer that pushes the -microservice's initial configuration (from .Values.applicationConfig) -into Consul. All DCAE microservices retrieve their initial -configurations by making an API call to a DCAE platform component called -the config-binding-service. The config-binding-service currently -retrieves configuration information from Consul. - -The Deployment also includes an initContainer that checks for the +The Deployment includes an initContainer that checks for the readiness of other components that the microservice relies on. This container is generated by the "common.readinessCheck.waitfor" template. @@ -222,7 +215,8 @@ policies: */}} {{- define "dcaegen2-services-common.microserviceDeployment" -}} -{{- $logDir := default "" .Values.log.path -}} +{{- $log := default dict .Values.log -}} +{{- $logDir := default "" $log.path -}} {{- $certDir := default "" .Values.certDirectory . -}} {{- $tlsServer := default "" .Values.tlsServer -}} {{- $commonRelease := print (include "common.release" .) -}} @@ -268,19 +262,6 @@ spec: {{- end }} {{ include "common.readinessCheck.waitFor" . | indent 6 | trim }} {{- include "common.dmaap.provisioning.initContainer" . | nindent 6 }} - - name: init-consul - image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.consulLoaderImage }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - args: - - --key-yaml - - "{{ include "common.name" . }}|/app-config/application_config.yaml" - env: - - name: CONSUL_HOST - value: {{ .Values.consulHost | default "consul-server-ui" }}.{{ include "common.namespace" . }} - resources: {{ include "common.resources" . | nindent 2 }} - volumeMounts: - - mountPath: /app-config - name: app-config {{- if $certDir }} - name: init-tls image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.tlsImage }} diff --git a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_job.tpl b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_job.tpl deleted file mode 100644 index f3c09161cc..0000000000 --- a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_job.tpl +++ /dev/null @@ -1,62 +0,0 @@ -{{/* -#============LICENSE_START======================================================== -# ================================================================================ -# Copyright (c) 2021 J. F. Lucas. All rights reserved. -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= -*/}} -{{/* -dcaegen2-services-common.consulDeleteJob: -This template generates a Kubernetes Job that runs when a -DCAE microservice is deleted. The Job deletes the Consul -entry that contains the microservice's configuration. - -The template expects the full chart context as input. A chart for a -DCAE microservice references this template using: -{{ include "dcaegen2-services-common.consulDeleteJob" . }} -The template directly references data in .Values, and indirectly (through its -use of templates from the ONAP "common" collection) references data in -.Release. - -The microservice configuration data is loaded into Consul by an -initContainer that is part of the Kubernetes Deployment for the microservice. -See the documentation for dcaegen2-services-common.microserviceDeployment -for more information. -*/}} -{{- define "dcaegen2-services-common.consulDeleteJob" -}} -apiVersion: batch/v1 -kind: Job -metadata: - name: {{ include "common.fullname" . }}-delete-config - namespace: {{ include "common.namespace" . }} - labels: {{ include "common.labels" . | nindent 4 }} - annotations: - "helm.sh/hook": pre-delete - "helm.sh/hook-delete-policy": hook-succeeded,hook-failed -spec: - template: - metadata: - name: {{ include "common.fullname" . }}-delete-config - labels: {{ include "common.labels" . | nindent 8 }} - spec: - restartPolicy: Never - containers: - - name: dcae-config-delete - image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.consulLoaderImage }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: - - /opt/app/delete_key.sh - args: - - {{ include "common.name" . }} -{{ end -}} diff --git a/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/templates/job.yaml b/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/templates/job.yaml deleted file mode 100644 index c7722ea098..0000000000 --- a/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/templates/job.yaml +++ /dev/null @@ -1,20 +0,0 @@ -{{/* -#============LICENSE_START======================================================== -# ================================================================================ -# Copyright (c) 2021 J. F. Lucas. All rights reserved. -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= -*/}} - -{{ include "dcaegen2-services-common.consulDeleteJob" . }} diff --git a/kubernetes/dcaegen2-services/components/dcae-datafile-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-datafile-collector/values.yaml index 2ce6c89775..14dd89a186 100644 --- a/kubernetes/dcaegen2-services/components/dcae-datafile-collector/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-datafile-collector/values.yaml @@ -1,6 +1,8 @@ # ================================ LICENSE_START ========================== # ========================================================================= # Copyright (c) 2021 Nordix Foundation. +# Copyright (c) 2022 Nokia. All rights reserved. +# Copyright (c) 2022 J. F. Lucas. All rights reserved. # ========================================================================= # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -44,14 +46,13 @@ secrets: # InitContainer Images. ################################################################# tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 -consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.1 certPostProcessorImage: onap/org.onap.oom.platform.cert-service.oom-certservice-post-processor:2.5.0 ################################################################# # Application Configuration Defaults. ################################################################# # Application Image -image: onap/org.onap.dcaegen2.collectors.datafile.datafile-app-server:1.6.1 +image: onap/org.onap.dcaegen2.collectors.datafile.datafile-app-server:1.7.1 pullPolicy: Always # Log directory where logging sidecar should look for log files @@ -96,7 +97,6 @@ certificates: readinessCheck: wait_for: containers: - - dcae-config-binding-service - aaf-cm - dmaap-bc - dmaap-provisioning-job @@ -120,12 +120,6 @@ service: plain_port: 8100 port_protocol: http -# Environment variables -applicationEnv: -# Empty path forces DFC to use Consul configuration, which allows app runtime reconfiguration. -# It's a workaround because DMAAP specific env variables are not available in main container. - CBS_CLIENT_CONFIG_PATH: '' - # Data Router Publisher Credentials drPubscriberCreds: username: username diff --git a/kubernetes/dcaegen2-services/components/dcae-datalake-admin-ui/values.yaml b/kubernetes/dcaegen2-services/components/dcae-datalake-admin-ui/values.yaml index 22a5a5b1cb..8573e077f5 100644 --- a/kubernetes/dcaegen2-services/components/dcae-datalake-admin-ui/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-datalake-admin-ui/values.yaml @@ -1,6 +1,7 @@ # ============= LICENSE_START ================================================ # ============================================================================ # Copyright (C) 2021 Wipro Limited. +# Copyright (c) 2022 J. F. Lucas. All rights reserved. # ============================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -44,7 +45,6 @@ secrets: # InitContainer Images. ################################################################# tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 -consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.1 ################################################################# # Application Configuration Defaults. diff --git a/kubernetes/dcaegen2-services/components/dcae-datalake-des/values.yaml b/kubernetes/dcaegen2-services/components/dcae-datalake-des/values.yaml index 051a7a4673..bab9c05097 100644 --- a/kubernetes/dcaegen2-services/components/dcae-datalake-des/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-datalake-des/values.yaml @@ -1,6 +1,7 @@ # ============= LICENSE_START ================================================ # ============================================================================ # Copyright (C) 2021 Wipro Limited. +# Copyright (c) 2022 J. F. Lucas. All rights reserved. # ============================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -50,7 +51,6 @@ secrets: # InitContainer Images. ################################################################# tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 -consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.1 ################################################################# # Application Configuration Defaults. diff --git a/kubernetes/dcaegen2-services/components/dcae-datalake-feeder/values.yaml b/kubernetes/dcaegen2-services/components/dcae-datalake-feeder/values.yaml index 07306e1286..4de71c3ece 100644 --- a/kubernetes/dcaegen2-services/components/dcae-datalake-feeder/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-datalake-feeder/values.yaml @@ -1,6 +1,7 @@ # ================================ LICENSE_START ============================= # ============================================================================ # Copyright (C) 2021 Wipro Limited. +# Copyright (c) 2022 J. F. Lucas. All rights reserved. # ============================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -51,7 +52,6 @@ secrets: # InitContainer Images. ################################################################# tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 -consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.1 ################################################################# # Application Configuration Defaults. @@ -79,7 +79,6 @@ tlsServer: true # Dependencies readinessCheck: wait_for: - - dcae-config-binding-service - aaf-cm - &postgresName dcae-datalake-postgres diff --git a/kubernetes/dcaegen2-services/components/dcae-heartbeat/templates/job.yaml b/kubernetes/dcaegen2-services/components/dcae-heartbeat/templates/job.yaml deleted file mode 100644 index 177cc03347..0000000000 --- a/kubernetes/dcaegen2-services/components/dcae-heartbeat/templates/job.yaml +++ /dev/null @@ -1,19 +0,0 @@ -{{/* -#============LICENSE_START======================================================== -# ================================================================================ -# Copyright (c) 2021 J. F. Lucas. All rights reserved. -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= -*/}} -{{ include "dcaegen2-services-common.consulDeleteJob" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-heartbeat/values.yaml b/kubernetes/dcaegen2-services/components/dcae-heartbeat/values.yaml index 4ed0a83677..b76656727a 100644 --- a/kubernetes/dcaegen2-services/components/dcae-heartbeat/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-heartbeat/values.yaml @@ -1,6 +1,7 @@ # ================================ LICENSE_START ============================= # ============================================================================ # Copyright (c) 2021 AT&T Intellectual Property. All rights reserved. +# Copyright (c) 2022 J. F. Lucas. All rights reserved. # ============================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -51,7 +52,6 @@ secrets: # InitContainer Images. ################################################################# tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 -consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.1 ################################################################# # Application Configuration Defaults. @@ -79,7 +79,6 @@ tlsServer: true # Dependencies readinessCheck: wait_for: - - dcae-config-binding-service - aaf-cm - &postgresName dcae-heartbeat-postgres diff --git a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/job.yaml b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/job.yaml deleted file mode 100644 index 177cc03347..0000000000 --- a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/job.yaml +++ /dev/null @@ -1,19 +0,0 @@ -{{/* -#============LICENSE_START======================================================== -# ================================================================================ -# Copyright (c) 2021 J. F. Lucas. All rights reserved. -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= -*/}} -{{ include "dcaegen2-services-common.consulDeleteJob" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml index 65a5d04d80..5a6283697c 100644 --- a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml @@ -1,6 +1,6 @@ #============LICENSE_START======================================================== # ================================================================================ -# Copyright (c) 2021 J. F. Lucas. All rights reserved. +# Copyright (c) 2021-2022 J. F. Lucas. All rights reserved. # Copyright (c) 2021-2022 Nokia. All rights reserved. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); @@ -35,7 +35,6 @@ filebeatConfig: # initContainer images. ################################################################# tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 -consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.1 certPostProcessorImage: onap/org.onap.oom.platform.cert-service.oom-certservice-post-processor:2.5.0 ################################################################# @@ -93,7 +92,6 @@ certificates: # dependencies readinessCheck: wait_for: - - dcae-config-binding-service - aaf-cm # probe configuration diff --git a/kubernetes/dcaegen2-services/components/dcae-kpi-ms/templates/job.yaml b/kubernetes/dcaegen2-services/components/dcae-kpi-ms/templates/job.yaml deleted file mode 100644 index 177cc03347..0000000000 --- a/kubernetes/dcaegen2-services/components/dcae-kpi-ms/templates/job.yaml +++ /dev/null @@ -1,19 +0,0 @@ -{{/* -#============LICENSE_START======================================================== -# ================================================================================ -# Copyright (c) 2021 J. F. Lucas. All rights reserved. -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= -*/}} -{{ include "dcaegen2-services-common.consulDeleteJob" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-kpi-ms/values.yaml b/kubernetes/dcaegen2-services/components/dcae-kpi-ms/values.yaml index 037dd0aec0..72c6a4bcce 100644 --- a/kubernetes/dcaegen2-services/components/dcae-kpi-ms/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-kpi-ms/values.yaml @@ -1,6 +1,7 @@ # ============= LICENSE_START ================================================ # ============================================================================ -# Copyright (C) 2021 Wipro Limited. +# Copyright (C) 2021-2022 Wipro Limited. +# Copyright (c) 2022 J. F. Lucas. All rights reserved. # ============================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -44,13 +45,12 @@ secrets: # InitContainer Images. ################################################################# tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 -consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.1 ################################################################# # Application Configuration Defaults. ################################################################# # Application Image -image: onap/org.onap.dcaegen2.services.components.kpi-ms:1.0.1 +image: onap/org.onap.dcaegen2.services.components.kpi-ms:1.0.4 pullPolicy: Always # Log directory where logging sidecar should look for log files @@ -78,7 +78,6 @@ policies: # Dependencies readinessCheck: wait_for: - - dcae-config-binding-service - aaf-cm # Probe Configuration @@ -114,8 +113,6 @@ credentials: # Initial Application Configuration applicationConfig: - aafUsername: ${AAF_IDENTITY} - aafPassword: ${AAF_PASSWORD} trust_store_path: '/opt/app/kpims/etc/cert/trust.jks' trust_store_pass_path: '/opt/app/kpims/etc/cert/trust.pass' pollingInterval: 20 @@ -130,14 +127,14 @@ applicationConfig: aafPassword: ${AAF_PASSWORD} type: message-router dmaap_info: - topic_url: https://message-router.onap.svc.cluster.local:3905/events/org.onap.dmaap.mr.PERFORMANCE_MEASUREMENTS + topic_url: http://message-router:3904/events/unauthenticated.PERFORMANCE_MEASUREMENTS streams_publishes: kpi_topic: aafUsername: ${AAF_IDENTITY} aafPassword: ${AAF_PASSWORD} type: message-router dmaap_info: - topic_url: https://message-router.onap.svc.cluster.local:3905/events/unauthenticated.DCAE_KPI_OUTPUT + topic_url: http://message-router:3904/events/unauthenticated.DCAE_KPI_OUTPUT kpi.policy: '{"domain":"measurementsForKpi","methodForKpi":[{"eventName":"perf3gpp_CORE-AMF_pmMeasResult","controlLoopSchemaType":"SLICE","policyScope":"resource=networkSlice;type=configuration","policyName":"configuration.dcae.microservice.kpi-computation","policyVersion":"v0.0.1","kpis":[{"measType":"AMFRegNbr","operation":"SUM","operands":"RM.RegisteredSubNbrMean"}]},{"eventName":"perf3gpp_CORE-UPF_pmMeasResult","controlLoopSchemaType":"SLICE","policyScope":"resource=networkSlice;type=configuration","policyName":"configuration.dcae.microservice.kpi-computation","policyVersion":"v0.0.1","kpis":[{"measType":"UpstreamThr","operation":"SUM","operands":"GTP.InDataOctN3UPF"},{"measType":"DownstreamThr","operation":"SUM","operands":"GTP.OutDataOctN3UPF"}]}]}' applicationEnv: diff --git a/kubernetes/dcaegen2-services/components/dcae-pm-mapper/templates/job.yaml b/kubernetes/dcaegen2-services/components/dcae-pm-mapper/templates/job.yaml deleted file mode 100644 index 177cc03347..0000000000 --- a/kubernetes/dcaegen2-services/components/dcae-pm-mapper/templates/job.yaml +++ /dev/null @@ -1,19 +0,0 @@ -{{/* -#============LICENSE_START======================================================== -# ================================================================================ -# Copyright (c) 2021 J. F. Lucas. All rights reserved. -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= -*/}} -{{ include "dcaegen2-services-common.consulDeleteJob" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-pm-mapper/values.yaml b/kubernetes/dcaegen2-services/components/dcae-pm-mapper/values.yaml index 39c4a8ed50..d2062700f3 100644 --- a/kubernetes/dcaegen2-services/components/dcae-pm-mapper/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-pm-mapper/values.yaml @@ -1,6 +1,8 @@ # ================================ LICENSE_START ========================== # ========================================================================= # Copyright (C) 2021 Nordix Foundation. +# Copyright (c) 2022 Nokia. All rights reserved. +# Copyright (c) 2022 J. F. Lucas. All rights reserved. # ========================================================================= # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -49,13 +51,12 @@ secrets: # InitContainer Images. ################################################################# tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 -consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.1 ################################################################# # Application Configuration Defaults. ################################################################# # Application Image -image: onap/org.onap.dcaegen2.services.pm-mapper:1.7.2 +image: onap/org.onap.dcaegen2.services.pm-mapper:1.8.0 pullPolicy: Always # Log directory where logging sidecar should look for log files @@ -78,7 +79,6 @@ tlsServer: true readinessCheck: wait_for: containers: - - dcae-config-binding-service - aaf-cm - dmaap-bc - dmaap-provisioning-job @@ -131,14 +131,14 @@ credentials: # Initial Application Configuration applicationConfig: enable_tls: true - enable_http: false - aaf_identity: ${AAF_IDENTITY} - aaf_password: ${AAF_PASSWORD} + enable_http: true + aaf_identity: "" + aaf_password: "" pm-mapper-filter: "{ \"filters\":[] }" - key_store_path: /opt/app/pm-mapper/etc/cert/cert.jks - key_store_pass_path: /opt/app/pm-mapper/etc/cert/jks.pass - trust_store_path: /opt/app/pm-mapper/etc/cert/trust.jks - trust_store_pass_path: /opt/app/pm-mapper/etc/cert/trust.pass + key_store_path: "" + key_store_pass_path: "" + trust_store_path: "" + trust_store_pass_path: "" dmaap_dr_delete_endpoint: https://dmaap-dr-node:8443/delete streams_publishes: dmaap_publisher: @@ -147,7 +147,7 @@ applicationConfig: client_id: ${MR_FILES_PUBLISHER_CLIENT_ID_0} location: san-francisco client_role: org.onap.dcae.pmPublisher - topic_url: http://message-router:3904/events/org.onap.dmaap.mr.PERFORMANCE_MEASUREMENTS + topic_url: http://message-router:3904/events/unauthenticated.PERFORMANCE_MEASUREMENTS streams_subscribes: dmaap_subscriber: type: data_router diff --git a/kubernetes/dcaegen2-services/components/dcae-pmsh/templates/job.yaml b/kubernetes/dcaegen2-services/components/dcae-pmsh/templates/job.yaml deleted file mode 100644 index 177cc03347..0000000000 --- a/kubernetes/dcaegen2-services/components/dcae-pmsh/templates/job.yaml +++ /dev/null @@ -1,19 +0,0 @@ -{{/* -#============LICENSE_START======================================================== -# ================================================================================ -# Copyright (c) 2021 J. F. Lucas. All rights reserved. -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= -*/}} -{{ include "dcaegen2-services-common.consulDeleteJob" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-pmsh/values.yaml b/kubernetes/dcaegen2-services/components/dcae-pmsh/values.yaml index 4bdd2b8088..1c6d68969c 100644 --- a/kubernetes/dcaegen2-services/components/dcae-pmsh/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-pmsh/values.yaml @@ -1,6 +1,7 @@ # ================================ LICENSE_START ============================= # ============================================================================ # Copyright (C) 2021 Nordix Foundation. +# Copyright (c) 2022 J. F. Lucas. All rights reserved. # ============================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -51,13 +52,12 @@ secrets: # InitContainer Images. ################################################################# tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 -consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.1 ################################################################# # Application Configuration Defaults. ################################################################# # Application Image -image: onap/org.onap.dcaegen2.services.pmsh:1.3.2 +image: onap/org.onap.dcaegen2.services.pmsh:2.0.0 pullPolicy: Always # Log directory where logging sidecar should look for log files @@ -79,7 +79,6 @@ tlsServer: true # Dependencies readinessCheck: wait_for: - - dcae-config-binding-service - aaf-cm - &postgresName dcae-pmsh-postgres diff --git a/kubernetes/dcaegen2-services/components/dcae-prh/templates/job.yaml b/kubernetes/dcaegen2-services/components/dcae-prh/templates/job.yaml deleted file mode 100644 index 177cc03347..0000000000 --- a/kubernetes/dcaegen2-services/components/dcae-prh/templates/job.yaml +++ /dev/null @@ -1,19 +0,0 @@ -{{/* -#============LICENSE_START======================================================== -# ================================================================================ -# Copyright (c) 2021 J. F. Lucas. All rights reserved. -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= -*/}} -{{ include "dcaegen2-services-common.consulDeleteJob" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-prh/values.yaml b/kubernetes/dcaegen2-services/components/dcae-prh/values.yaml index a4ed6994f7..cac362a3a8 100644 --- a/kubernetes/dcaegen2-services/components/dcae-prh/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-prh/values.yaml @@ -1,6 +1,7 @@ #============LICENSE_START======================================================== # ================================================================================ -# Copyright (c) 2021 J. F. Lucas. All rights reserved. +# Copyright (c) 2021-2022 J. F. Lucas. All rights reserved. +# Copyright (c) 2022 Nokia. All rights reserved. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -34,13 +35,12 @@ filebeatConfig: # initContainer images. ################################################################# tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 -consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.1 ################################################################# # Application configuration defaults. ################################################################# # application image -image: onap/org.onap.dcaegen2.services.prh.prh-app-server:1.7.1 +image: onap/org.onap.dcaegen2.services.prh.prh-app-server:1.8.0 pullPolicy: Always # log directory where logging sidecar should look for log files @@ -69,7 +69,6 @@ secrets: # dependencies readinessCheck: wait_for: - - dcae-config-binding-service - aaf-cm # probe configuration diff --git a/kubernetes/dcaegen2-services/components/dcae-restconf-collector/templates/job.yaml b/kubernetes/dcaegen2-services/components/dcae-restconf-collector/templates/job.yaml deleted file mode 100644 index 177cc03347..0000000000 --- a/kubernetes/dcaegen2-services/components/dcae-restconf-collector/templates/job.yaml +++ /dev/null @@ -1,19 +0,0 @@ -{{/* -#============LICENSE_START======================================================== -# ================================================================================ -# Copyright (c) 2021 J. F. Lucas. All rights reserved. -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= -*/}} -{{ include "dcaegen2-services-common.consulDeleteJob" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-restconf-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-restconf-collector/values.yaml index 543b79b9c0..41b671d66d 100644 --- a/kubernetes/dcaegen2-services/components/dcae-restconf-collector/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-restconf-collector/values.yaml @@ -1,6 +1,7 @@ # ================================ LICENSE_START ============================= # ============================================================================ # Copyright (c) 2021-2022 AT&T Intellectual Property. All rights reserved. +# Copyright (c) 2022 J. F. Lucas. All rights reserved. # ============================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -45,13 +46,12 @@ secrets: # InitContainer Images. ################################################################# tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 -consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.1 ################################################################# # Application Configuration Defaults. ################################################################# # Application Image -image: onap/org.onap.dcaegen2.collectors.restconfcollector:1.2.7 +image: onap/org.onap.dcaegen2.collectors.restconfcollector:1.3.2 pullPolicy: Always # Log directory where logging sidecar should look for log files @@ -73,7 +73,6 @@ tlsServer: true # Dependencies readinessCheck: wait_for: - - dcae-config-binding-service - aaf-cm # Probe Configuration diff --git a/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/templates/job.yaml b/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/templates/job.yaml deleted file mode 100644 index 177cc03347..0000000000 --- a/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/templates/job.yaml +++ /dev/null @@ -1,19 +0,0 @@ -{{/* -#============LICENSE_START======================================================== -# ================================================================================ -# Copyright (c) 2021 J. F. Lucas. All rights reserved. -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= -*/}} -{{ include "dcaegen2-services-common.consulDeleteJob" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml b/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml index 6cebca6412..9261b8ebe0 100644 --- a/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml @@ -1,6 +1,7 @@ # ============= LICENSE_START ================================================ # ============================================================================ -# Copyright (C) 2021 Wipro Limited. +# Copyright (C) 2021-2022 Wipro Limited. +# Copyright (c) 2022 J. F. Lucas. All rights reserved. # ============================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -51,13 +52,12 @@ secrets: # InitContainer Images. ################################################################# tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 -consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.1 ################################################################# # Application Configuration Defaults. ################################################################# # Application Image -image: onap/org.onap.dcaegen2.services.components.slice-analysis-ms:1.0.6 +image: onap/org.onap.dcaegen2.services.components.slice-analysis-ms:1.0.7 # Log directory where logging sidecar should look for log files # if path is set to null sidecar won't be deployed in spite of @@ -78,7 +78,6 @@ tlsServer: true # Dependencies readinessCheck: wait_for: - - dcae-config-binding-service - aaf-cm - &postgresName dcae-sliceanalysisms-postgres @@ -121,8 +120,6 @@ credentials: # Initial Application Configuration applicationConfig: - aafUsername: ${AAF_IDENTITY} - aafPassword: ${AAF_PASSWORD} postgres.host: dcae-sliceanalysisms-pg-primary postgres.port: 5432 postgres.username: ${PG_USERNAME} @@ -144,32 +141,35 @@ applicationConfig: sliceanalysisms.samples: 3 sliceanalysisms.minPercentageChange: 5 sliceanalysisms.initialDelaySeconds: 120000 + sliceanalysisms.rannfnssiDetailsTemplateId: get-rannfnssiid-details + sliceanalysisms.desUrl: http://dl-des:1681/datalake/v1/exposure/pm_data + sliceanalysisms.pmDataDurationInWeeks: 4 streams_publishes: CL_topic: type: message-router aaf_username: ${AAF_IDENTITY} aaf_password: ${AAF_PASSWORD} dmaap_info: - topic_url: https://message-router.onap.svc.cluster.local:3905/events/unauthenticated.DCAE_CL_OUTPUT + topic_url: http://message-router:3904/events/unauthenticated.DCAE_CL_OUTPUT streams_subscribes: performance_management_topic: type: message-router aaf_username: ${AAF_IDENTITY} aaf_password: ${AAF_PASSWORD} dmaap_info: - topic_url: https://message-router.onap.svc.cluster.local:3905/events/org.onap.dmaap.mr.PERFORMANCE_MEASUREMENTS + topic_url: http://message-router:3904/events/unauthenticated.PERFORMANCE_MEASUREMENTS intelligent_slicing_topic: type: message-router aaf_username: ${AAF_IDENTITY} aaf_password: ${AAF_PASSWORD} dmaap_info: - topic_url: https://message-router.onap.svc.cluster.local:3905/events/unauthenticated.ML_RESPONSE_TOPIC + topic_url: http://message-router:3904/events/unauthenticated.ML_RESPONSE_TOPIC dcae_cl_response_topic: type: message-router aaf_username: ${AAF_IDENTITY} aaf_password: ${AAF_PASSWORD} dmaap_info: - topic_url: https://message-router.onap.svc.cluster.local:3905/events/DCAE_CL_RSP + topic_url: http://message-router:3904/events/DCAE_CL_RSP applicationEnv: STANDALONE: 'false' diff --git a/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/templates/job.yaml b/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/templates/job.yaml deleted file mode 100644 index 177cc03347..0000000000 --- a/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/templates/job.yaml +++ /dev/null @@ -1,19 +0,0 @@ -{{/* -#============LICENSE_START======================================================== -# ================================================================================ -# Copyright (c) 2021 J. F. Lucas. All rights reserved. -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= -*/}} -{{ include "dcaegen2-services-common.consulDeleteJob" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/values.yaml index 51ec337724..63844a1da2 100644 --- a/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/values.yaml @@ -1,6 +1,7 @@ # ================================ LICENSE_START ============================= # ============================================================================ # Copyright (c) 2021 AT&T Intellectual Property. All rights reserved. +# Copyright (c) 2022 J. F. Lucas. All rights reserved. # ============================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -35,7 +36,6 @@ filebeatConfig: # InitContainer Images. ################################################################# tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 -consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.1 ################################################################# # Application Configuration Defaults. @@ -57,10 +57,11 @@ logConfigMapNamePrefix: '{{ include "common.fullname" . }}' # and key from AAF and mount them in certDirectory. tlsServer: true + # Dependencies readinessCheck: wait_for: - - dcae-config-binding-service + - message-router # Probe Configuration readiness: diff --git a/kubernetes/dcaegen2-services/components/dcae-son-handler/templates/job.yaml b/kubernetes/dcaegen2-services/components/dcae-son-handler/templates/job.yaml deleted file mode 100644 index 177cc03347..0000000000 --- a/kubernetes/dcaegen2-services/components/dcae-son-handler/templates/job.yaml +++ /dev/null @@ -1,19 +0,0 @@ -{{/* -#============LICENSE_START======================================================== -# ================================================================================ -# Copyright (c) 2021 J. F. Lucas. All rights reserved. -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= -*/}} -{{ include "dcaegen2-services-common.consulDeleteJob" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml b/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml index 94c4d880dd..88ceac0e8d 100644 --- a/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml @@ -1,6 +1,7 @@ # ============= LICENSE_START ================================================ # ============================================================================ -# Copyright (C) 2021 Wipro Limited. +# Copyright (C) 2021-2022 Wipro Limited. +# Copyright (c) 2022 J. F. Lucas. All rights reserved. # ============================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -56,13 +57,12 @@ secrets: # InitContainer Images. ################################################################# tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 -consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.1 ################################################################# # Application Configuration Defaults. ################################################################# # Application Image -image: onap/org.onap.dcaegen2.services.son-handler:2.1.5 +image: onap/org.onap.dcaegen2.services.son-handler:2.1.6 pullPolicy: Always # Log directory where logging sidecar should look for log files @@ -91,7 +91,6 @@ policies: # Dependencies readinessCheck: wait_for: - - dcae-config-binding-service - aaf-cm - &postgresName dcae-sonhms-postgres @@ -190,32 +189,32 @@ applicationConfig: aaf_username: ${AAF_IDENTITY} aaf_password: ${AAF_PASSWORD} dmaap_info: - topic_url: https://message-router:3905/events/unauthenticated.DCAE_CL_OUTPUT + topic_url: http://message-router:3904/events/unauthenticated.DCAE_CL_OUTPUT streams_subscribes: performance_management_topic: type: message-router aaf_username: ${AAF_IDENTITY} aaf_password: ${AAF_PASSWORD} dmaap_info: - topic_url: https://message-router:3905/events/unauthenticated.VES_MEASUREMENT_OUTPUT + topic_url: http://message-router:3904/events/unauthenticated.VES_MEASUREMENT_OUTPUT fault_management_topic: type: message-router aaf_username: ${AAF_IDENTITY} aaf_password: ${AAF_PASSWORD} dmaap_info: - topic_url: https://message-router:3905/events/unauthenticated.SEC_FAULT_OUTPUT + topic_url: http://message-router:3904/events/unauthenticated.SEC_FAULT_OUTPUT nbr_list_change_topic: type: message-router aaf_username: ${AAF_IDENTITY} aaf_password: ${AAF_PASSWORD} dmaap_info: - topic_url: https://message-router:3905/events/PCI-NOTIF-TOPIC-NGHBR-LIST-CHANGE-INFO + topic_url: http://message-router:3904/events/PCI-NOTIF-TOPIC-NGHBR-LIST-CHANGE-INFO dcae_cl_response_topic: type: message-router aaf_username: ${AAF_IDENTITY} aaf_password: ${AAF_PASSWORD} dmaap_info: - topic_url: https://message-router:3905/events/DCAE_CL_RSP + topic_url: http://message-router:3904/events/DCAE_CL_RSP service_calls: sdnr-getpnfname: [] sdnr-getpci: [] diff --git a/kubernetes/dcaegen2-services/components/dcae-tcagen2/templates/job.yaml b/kubernetes/dcaegen2-services/components/dcae-tcagen2/templates/job.yaml deleted file mode 100644 index 177cc03347..0000000000 --- a/kubernetes/dcaegen2-services/components/dcae-tcagen2/templates/job.yaml +++ /dev/null @@ -1,19 +0,0 @@ -{{/* -#============LICENSE_START======================================================== -# ================================================================================ -# Copyright (c) 2021 J. F. Lucas. All rights reserved. -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= -*/}} -{{ include "dcaegen2-services-common.consulDeleteJob" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-tcagen2/values.yaml b/kubernetes/dcaegen2-services/components/dcae-tcagen2/values.yaml index a65fa7c347..abf0371412 100644 --- a/kubernetes/dcaegen2-services/components/dcae-tcagen2/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-tcagen2/values.yaml @@ -1,6 +1,6 @@ #============LICENSE_START======================================================== # ================================================================================ -# Copyright (c) 2021 J. F. Lucas. All rights reserved. +# Copyright (c) 2021-2022 J. F. Lucas. All rights reserved. # Copyright (c) 2021 AT&T Intellectual Property. All rights reserved. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); @@ -35,8 +35,6 @@ filebeatConfig: # initContainer images. ################################################################# tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 -consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.1 - ################################################################# # Application configuration defaults. @@ -71,7 +69,6 @@ secrets: # dependencies readinessCheck: wait_for: - - dcae-config-binding-service - aaf-cm # probe configuration diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-collector/templates/job.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-collector/templates/job.yaml deleted file mode 100644 index 177cc03347..0000000000 --- a/kubernetes/dcaegen2-services/components/dcae-ves-collector/templates/job.yaml +++ /dev/null @@ -1,19 +0,0 @@ -{{/* -#============LICENSE_START======================================================== -# ================================================================================ -# Copyright (c) 2021 J. F. Lucas. All rights reserved. -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= -*/}} -{{ include "dcaegen2-services-common.consulDeleteJob" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml index 508cea4766..9754ea8558 100644 --- a/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml @@ -1,7 +1,7 @@ #============LICENSE_START======================================================== # ================================================================================ -# Copyright (c) 2021 J. F. Lucas. All rights reserved. -# Copyright (c) 2021 Nokia. All rights reserved. +# Copyright (c) 2021-2022 Nokia. All rights reserved. +# Copyright (c) 2021-2022 J. F. Lucas. All rights reserved. # Copyright (c) 2022 AT&T Intellectual Property. All rights reserved. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); @@ -36,14 +36,13 @@ filebeatConfig: # initContainer images. ################################################################# tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 -consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.1 certPostProcessorImage: onap/org.onap.oom.platform.cert-service.oom-certservice-post-processor:2.5.0 ################################################################# # Application configuration defaults. ################################################################# # application image -image: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.10.3 +image: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.11.0 pullPolicy: Always # log directory where logging sidecar should look for log files @@ -87,7 +86,6 @@ certificates: # dependencies readinessCheck: wait_for: - - dcae-config-binding-service - aaf-cm # probe configuration diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-mapper/templates/job.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-mapper/templates/job.yaml deleted file mode 100644 index 177cc03347..0000000000 --- a/kubernetes/dcaegen2-services/components/dcae-ves-mapper/templates/job.yaml +++ /dev/null @@ -1,19 +0,0 @@ -{{/* -#============LICENSE_START======================================================== -# ================================================================================ -# Copyright (c) 2021 J. F. Lucas. All rights reserved. -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= -*/}} -{{ include "dcaegen2-services-common.consulDeleteJob" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-mapper/values.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-mapper/values.yaml index d11f167acf..b53e61690b 100644 --- a/kubernetes/dcaegen2-services/components/dcae-ves-mapper/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-ves-mapper/values.yaml @@ -1,6 +1,7 @@ # ================================ LICENSE_START ============================= # ============================================================================ # Copyright (c) 2021-2022 AT&T Intellectual Property. All rights reserved. +# Copyright (c) 2022 J. F. Lucas. All rights reserved. # ============================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -34,13 +35,12 @@ filebeatConfig: # InitContainer Images. ################################################################# tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 -consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.1 ################################################################# # Application Configuration Defaults. ################################################################# # Application Image -image: onap/org.onap.dcaegen2.services.mapper.vesadapter.universalvesadaptor:1.3.2 +image: onap/org.onap.dcaegen2.services.mapper.vesadapter.universalvesadaptor:1.3.3 pullPolicy: Always # Log directory where logging sidecar should look for log files @@ -62,7 +62,6 @@ logConfigMapNamePrefix: '{{ include "common.fullname" . }}' # Dependencies readinessCheck: wait_for: - - dcae-config-binding-service - aaf-cm # Service Configuration @@ -77,6 +76,9 @@ service: # application environments applicationEnv: LOG4J_FORMAT_MSG_NO_LOOKUPS: 'true' + CONFIG_BINDING_SERVICE_SERVICE_PORT: '10000' # Workaround until DCAEGEN2-3098 is addressed + CBS_CLIENT_CONFIG_PATH: '/app-config-input/application_config.yaml' + # Initial Application Configuration applicationConfig: diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml index b1671f00f5..417d968ac9 100644 --- a/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml +++ b/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml @@ -98,8 +98,8 @@ default_k8s_location: central # Use to override default setting in blueprints componentImages: tcagen2: onap/org.onap.dcaegen2.analytics.tca-gen2.dcae-analytics-tca-web:1.3.1 - ves: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.10.1 - prh: onap/org.onap.dcaegen2.services.prh.prh-app-server:1.7.1 + ves: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.11.0 + prh: onap/org.onap.dcaegen2.services.prh.prh-app-server:1.8.0 hv_ves: onap/org.onap.dcaegen2.collectors.hv-ves.hv-collector-main:1.10.0 # Resource Limit flavor -By Default using small diff --git a/kubernetes/dcaegen2/values.yaml b/kubernetes/dcaegen2/values.yaml index 2c276a7827..d4452480a0 100644 --- a/kubernetes/dcaegen2/values.yaml +++ b/kubernetes/dcaegen2/values.yaml @@ -48,7 +48,7 @@ dcae-cloudify-manager: config: cloudifyManagerPasswordExternalSecret: *cmPassSecretName dcae-config-binding-service: - enabled: true + enabled: false dcae-dashboard: enabled: false config: @@ -58,7 +58,7 @@ dcae-deployment-handler: config: cloudifyManagerPasswordExternalSecret: *cmPassSecretName dcae-healthcheck: - enabled: true + enabled: false dcae-inventory-api: enabled: false dcae-policy-handler: diff --git a/kubernetes/dcaemod/components/dcaemod-runtime-api/resources/config/base/Chart.yaml b/kubernetes/dcaemod/components/dcaemod-runtime-api/resources/config/base/Chart.yaml index dee6adddc2..555e63767e 100644 --- a/kubernetes/dcaemod/components/dcaemod-runtime-api/resources/config/base/Chart.yaml +++ b/kubernetes/dcaemod/components/dcaemod-runtime-api/resources/config/base/Chart.yaml @@ -1,6 +1,6 @@ #============LICENSE_START======================================================== #================================================================================= -# Copyright (c) 2021 AT&T Intellectual Property. All rights reserved. +# Copyright (c) 2021-2022 AT&T Intellectual Property. All rights reserved. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -16,7 +16,7 @@ # ============LICENSE_END========================================================= apiVersion: v2 -appVersion: "Istanbul" +appVersion: "Jakarta" description: TBD name: TBD version: TBD @@ -41,3 +41,7 @@ dependencies: - name: serviceAccount version: ~10.x-0 repository: '@local' + - name: mongo + version: ~10.x-0 + repository: '@local' + condition: mongo.enabled diff --git a/kubernetes/dcaemod/components/dcaemod-runtime-api/resources/config/base/values.yaml b/kubernetes/dcaemod/components/dcaemod-runtime-api/resources/config/base/values.yaml index 139e3d308f..7609ba6568 100644 --- a/kubernetes/dcaemod/components/dcaemod-runtime-api/resources/config/base/values.yaml +++ b/kubernetes/dcaemod/components/dcaemod-runtime-api/resources/config/base/values.yaml @@ -1,6 +1,6 @@ #============LICENSE_START======================================================== #================================================================================= -# Copyright (c) 2021 AT&T Intellectual Property. All rights reserved. +# Copyright (c) 2021-2022 AT&T Intellectual Property. All rights reserved. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -48,10 +48,32 @@ dcaePolicySyncImage: onap/org.onap.dcaegen2.deployments.dcae-services-policy-syn postgres: enabled: false +#mongo enable/disable +mongo: + enabled: false + nameOverride: dcae-mongo + config: + dbName: dcaecommondb + service: + name: dcae-mongohost + internalPort: 27017 + nfsprovisionerPrefix: dcaemongo + sdnctlPrefix: tcagen2 + persistence: + mountSubPath: dcae/mongo/data + enabled: true + disableNfsProvisioner: true + # log directory where logging sidecar should look for log files # if absent, no sidecar will be deployed #logDirectory: TBD #/opt/app/VESCollector/logs #DONE +# Following requires manual override until fix for DCAEGEN2-3087 +# is available to switch logDirectory setting to log.path +log: + path: /opt/app/ +logConfigMapNamePrefix: '{{ include "common.fullname" . }}' + # directory where TLS certs should be stored # if absent, no certs will be retrieved and stored #certDirectory: TBD #/opt/app/dcae-certificate #DONE @@ -64,7 +86,6 @@ postgres: # dependencies readinessCheck: wait_for: - - dcae-config-binding-service - aaf-cm # probe configuration #NEED DISCUSSION diff --git a/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml b/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml index e7d3fa2fa2..5c50381309 100644 --- a/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml +++ b/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml @@ -93,7 +93,7 @@ readiness: # application image -image: onap/org.onap.dcaegen2.platform.mod.runtime-web:1.3.1 +image: onap/org.onap.dcaegen2.platform.mod.runtime-web:1.3.2 # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml b/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml index a0b6fdad8d..c9b6800ffd 100644 --- a/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml +++ b/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml @@ -23,6 +23,7 @@ spec: template: metadata: {{- include "common.templateMetadata" . | nindent 6 }} spec: + {{ include "common.podSecurityContext" . | indent 6 | trim}} {{- if or .Values.global.aafEnabled .Values.PG.enabled }} initContainers: - command: @@ -45,6 +46,8 @@ spec: name: {{ include "common.name" . }}-update-config {{ include "common.certInitializer.initContainer" . | nindent 6 }} - name: {{ include "common.name" . }}-permission-fixer + securityContext: + runAsUser: 0 image: {{ include "repositoryGenerator.image.busybox" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 8 }} @@ -60,6 +63,9 @@ spec: command: ["/bin/sh"] args: [ "-c", "sed -i -e '/cadi_keystore_password=/d' -e '/cadi_keystore_password_jks/p' -e 's/cadi_keystore_password_jks/cadi_keystore_password/' -e 's/dmaap-bc.p12/dmaap-bc.jks/' /opt/app/osaaf/local/org.onap.dmaap-bc.cred.props" ] - name: {{ include "common.name" . }}-postgres-readiness + securityContext: + runAsUser: 100 + runAsGroup: 65533 command: - /app/ready.py args: diff --git a/kubernetes/dmaap/components/dmaap-bc/values.yaml b/kubernetes/dmaap/components/dmaap-bc/values.yaml index a8e7cf91c7..cc860823f9 100644 --- a/kubernetes/dmaap/components/dmaap-bc/values.yaml +++ b/kubernetes/dmaap/components/dmaap-bc/values.yaml @@ -146,6 +146,11 @@ ingress: # Resource Limit flavor -By Default using small flavor: small + +securityContext: + user_id: 1000 + group_id: 101 + # Segregation for Different environment (Small and Large) resources: small: diff --git a/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml b/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml index 2bfa496bcd..69f6fc1d6e 100644 --- a/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml @@ -23,8 +23,12 @@ spec: template: metadata: {{- include "common.templateMetadata" . | nindent 6 }} spec: + {{ include "common.podSecurityContext" . | indent 6 | trim}} initContainers: {{ include "common.certInitializer.initContainer" . | nindent 8 }} - name: {{ include "common.name" . }}-readiness + securityContext: + runAsUser: 100 + runAsGroup: 65533 image: {{ include "repositoryGenerator.image.readiness" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: @@ -39,6 +43,8 @@ spec: apiVersion: v1 fieldPath: metadata.namespace - name: {{ include "common.name" . }}-permission-fixer + securityContext: + runAsUser: 0 image: {{ include "repositoryGenerator.image.busybox" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }} diff --git a/kubernetes/dmaap/components/dmaap-dr-node/values.yaml b/kubernetes/dmaap/components/dmaap-dr-node/values.yaml index e34bc0068d..d1d2c54833 100644 --- a/kubernetes/dmaap/components/dmaap-dr-node/values.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-node/values.yaml @@ -44,7 +44,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/dmaap/datarouter-node:2.1.9 +image: onap/dmaap/datarouter-node:2.1.10 pullPolicy: Always # flag to enable debugging - application support required @@ -113,6 +113,11 @@ ingress: # Resource Limit flavor -By Default using small flavor: small + +securityContext: + user_id: 1000 + group_id: 1000 + # Segregation for Different environment (Small and Large) resources: small: diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml index b7acbc9d8d..325ca9f2a7 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml @@ -34,9 +34,13 @@ spec: app: {{ include "common.name" . }} release: {{ include "common.release" . }} spec: + {{ include "common.podSecurityContext" . | indent 6 | trim}} hostname: {{ .Values.global.dmaapDrProvName }} initContainers: - name: {{ include "common.name" . }}-readiness + securityContext: + runAsUser: 100 + runAsGroup: 65533 image: {{ include "repositoryGenerator.image.readiness" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: @@ -55,6 +59,8 @@ spec: {{ include "common.certInitializer.initContainer" . | nindent 8 }} - name: {{ include "common.name" . }}-permission-fixer + securityContext: + runAsUser: 0 image: {{ include "repositoryGenerator.image.busybox" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }} diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml index 1d9432afa2..12eb1fb041 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml @@ -42,7 +42,7 @@ secrets: # Application configuration defaults. ################################################################# # application image -image: onap/dmaap/datarouter-prov:2.1.9 +image: onap/dmaap/datarouter-prov:2.1.10 pullPolicy: Always # flag to enable debugging - application support required @@ -142,6 +142,11 @@ certInitializer: # Resource Limit flavor -By Default using small flavor: small + +securityContext: + user_id: 1000 + group_id: 1000 + # Segregation for Different environment (Small and Large) resources: small: diff --git a/kubernetes/holmes/components/holmes-engine-mgmt/templates/deployment.yaml b/kubernetes/holmes/components/holmes-engine-mgmt/templates/deployment.yaml index aef0c8c22a..dd7bb4552e 100644 --- a/kubernetes/holmes/components/holmes-engine-mgmt/templates/deployment.yaml +++ b/kubernetes/holmes/components/holmes-engine-mgmt/templates/deployment.yaml @@ -95,8 +95,12 @@ spec: value: consul-server.{{ include "common.namespace" . }} - name: CONFIG_BINDING_SERVICE value: config-binding-service - - name: msb_hostname - value: "msb-iag.onap" + - name: MSB_IAG_SERVICE_PROTOCOL + value: {{ .Values.global.msbProtocol }} + - name: MSB_IAG_SERVICE_HOST + value: {{ .Values.global.msbServiceName }}.{{ include "common.namespace" . }} + - name: MSB_IAG_SERVICE_PORT + value: {{ .Values.global.msbPort | quote }} - name: POD_IP valueFrom: fieldRef: diff --git a/kubernetes/holmes/components/holmes-engine-mgmt/values.yaml b/kubernetes/holmes/components/holmes-engine-mgmt/values.yaml index d9dfa2d96e..c8ec225545 100644 --- a/kubernetes/holmes/components/holmes-engine-mgmt/values.yaml +++ b/kubernetes/holmes/components/holmes-engine-mgmt/values.yaml @@ -20,12 +20,15 @@ ################################################################# global: nodePortPrefixExt: 302 + msbProtocol: https + msbServiceName: msb-iag + msbPort: 443 ################################################################# # Application configuration defaults. ################################################################# # application image -image: onap/holmes/engine-management:10.0.0 +image: onap/holmes/engine-management:10.0.2 consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0 ################################################################# diff --git a/kubernetes/holmes/components/holmes-rule-mgmt/templates/deployment.yaml b/kubernetes/holmes/components/holmes-rule-mgmt/templates/deployment.yaml index f3e9ce5dde..21a96568cb 100644 --- a/kubernetes/holmes/components/holmes-rule-mgmt/templates/deployment.yaml +++ b/kubernetes/holmes/components/holmes-rule-mgmt/templates/deployment.yaml @@ -93,8 +93,12 @@ spec: value: consul-server.{{ include "common.namespace" . }} - name: CONFIG_BINDING_SERVICE value: config-binding-service - - name: msb_hostname - value: "msb-iag.onap" + - name: MSB_IAG_SERVICE_PROTOCOL + value: {{ .Values.global.msbProtocol }} + - name: MSB_IAG_SERVICE_HOST + value: {{ .Values.global.msbServiceName }}.{{ include "common.namespace" . }} + - name: MSB_IAG_SERVICE_PORT + value: {{ .Values.global.msbPort | quote}} - name: POD_IP valueFrom: fieldRef: diff --git a/kubernetes/holmes/components/holmes-rule-mgmt/values.yaml b/kubernetes/holmes/components/holmes-rule-mgmt/values.yaml index d26e88d193..94076194e0 100644 --- a/kubernetes/holmes/components/holmes-rule-mgmt/values.yaml +++ b/kubernetes/holmes/components/holmes-rule-mgmt/values.yaml @@ -20,12 +20,15 @@ ################################################################# global: nodePortPrefixExt: 302 + msbProtocol: https + msbServiceName: msb-iag + msbPort: 443 ################################################################# # Application configuration defaults. ################################################################# # application image -image: onap/holmes/rule-management:10.0.0 +image: onap/holmes/rule-management:10.0.2 consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0 ################################################################# diff --git a/kubernetes/msb/components/msb-eag/values.yaml b/kubernetes/msb/components/msb-eag/values.yaml index 565ff1fe3e..dcd4aed13f 100644 --- a/kubernetes/msb/components/msb-eag/values.yaml +++ b/kubernetes/msb/components/msb-eag/values.yaml @@ -52,7 +52,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/msb/msb_apigateway:1.3.1 +image: onap/msb/msb_apigateway:1.4.0 pullPolicy: Always istioSidecar: true diff --git a/kubernetes/msb/components/msb-iag/values.yaml b/kubernetes/msb/components/msb-iag/values.yaml index ca4935e471..bbf4d83f9d 100644 --- a/kubernetes/msb/components/msb-iag/values.yaml +++ b/kubernetes/msb/components/msb-iag/values.yaml @@ -52,7 +52,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/msb/msb_apigateway:1.3.1 +image: onap/msb/msb_apigateway:1.4.0 pullPolicy: Always istioSidecar: true diff --git a/kubernetes/onap/resources/overrides/onap-all.yaml b/kubernetes/onap/resources/overrides/onap-all.yaml index f92bfa78bc..9306985d33 100644 --- a/kubernetes/onap/resources/overrides/onap-all.yaml +++ b/kubernetes/onap/resources/overrides/onap-all.yaml @@ -87,7 +87,7 @@ uui: vfc: enabled: true vid: - enabled: true + enabled: false vnfsdk: enabled: true modeling: diff --git a/kubernetes/onap/values.yaml b/kubernetes/onap/values.yaml index 73f96d3eb8..f5b5c8ed7d 100755 --- a/kubernetes/onap/values.yaml +++ b/kubernetes/onap/values.yaml @@ -135,7 +135,7 @@ global: # default password complexity # available options: phrase, name, pin, basic, short, medium, long, maximum security - # More datails: https://masterpassword.app/masterpassword-algorithm.pdf + # More datails: https://www.masterpasswordapp.com/masterpassword-algorithm.pdf passwordStrength: long # configuration to set log level to all components (the one that are using diff --git a/kubernetes/oof/components/oof-has/values.yaml b/kubernetes/oof/components/oof-has/values.yaml index 248d3afd57..bc129beb3e 100755 --- a/kubernetes/oof/components/oof-has/values.yaml +++ b/kubernetes/oof/components/oof-has/values.yaml @@ -155,3 +155,6 @@ etcd-init: keyPrefix: conductor flavor: *etcd-flavor resources: *etcd-resources + +# Python doesn't support well dollar sign in password +passwordStrengthOverride: basic
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-datalake-des/templates/job.yaml b/kubernetes/policy/components/policy-apex-pdp/templates/serviceMonitor.yaml index 177cc03347..dbf6a7cd6a 100644 --- a/kubernetes/dcaegen2-services/components/dcae-datalake-des/templates/job.yaml +++ b/kubernetes/policy/components/policy-apex-pdp/templates/serviceMonitor.yaml @@ -1,19 +1,23 @@ {{/* -#============LICENSE_START======================================================== -# ================================================================================ -# Copyright (c) 2021 J. F. Lucas. All rights reserved. +# ============LICENSE_START======================================================= +# Copyright (c) 2022 Bell Canada # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# + +# http://www.apache.org/licenses/LICENSE-2.0 + # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 # ============LICENSE_END========================================================= */}} -{{ include "dcaegen2-services-common.consulDeleteJob" . }}
\ No newline at end of file + +{{- if .Values.prometheus.enabled }} +{{ include "common.serviceMonitor" . }} +{{- end }}
\ No newline at end of file diff --git a/kubernetes/policy/components/policy-apex-pdp/values.yaml b/kubernetes/policy/components/policy-apex-pdp/values.yaml index 48e6802219..6adf0e6609 100755 --- a/kubernetes/policy/components/policy-apex-pdp/values.yaml +++ b/kubernetes/policy/components/policy-apex-pdp/values.yaml @@ -49,7 +49,7 @@ secrets: # Application configuration defaults. ################################################################# # application image -image: onap/policy-apex-pdp:2.7.0 +image: onap/policy-apex-pdp:2.7.1 pullPolicy: Always # flag to enable debugging - application support required @@ -139,3 +139,27 @@ serviceAccount: nameOverride: policy-apex-pdp roles: - read + +prometheus: + enabled: true + +metrics: + serviceMonitor: + # Override the labels based on the Prometheus config parameter: serviceMonitorSelector. + # The default operator for prometheus enforces the below label. + labels: + release: prometheus + enabled: true + port: policy-apex-pdp + interval: 60s + isHttps: true + basicAuth: + enabled: true + externalSecretNameSuffix: policy-apex-pdp-restserver-creds + externalSecretUserKey: login + externalSecretPasswordKey: password + selector: + app: '{{ include "common.name" . }}' + chart: '{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}' + release: '{{ include "common.release" . }}' + heritage: '{{ .Release.Service }}' diff --git a/kubernetes/policy/components/policy-api/resources/config/apiParameters.yaml b/kubernetes/policy/components/policy-api/resources/config/apiParameters.yaml new file mode 100644 index 0000000000..c08b035d53 --- /dev/null +++ b/kubernetes/policy/components/policy-api/resources/config/apiParameters.yaml @@ -0,0 +1,97 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2022 Bell Canada. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +server: + port: {{ .Values.service.internalPort }} + +spring: + security.user: + name: "${RESTSERVER_USER}" + password: "${RESTSERVER_PASSWORD}" + mvc.converters.preferred-json-mapper: gson + datasource: + url: jdbc:mariadb://{{ .Values.db.service.name }}:{{ .Values.db.service.internalPort}}/policyadmin + driverClassName: org.mariadb.jdbc.Driver + username: "${SQL_USER}" + password: "${SQL_PASSWORD}" + jpa: + properties: + hibernate: + dialect: org.hibernate.dialect.MariaDB103Dialect + hibernate: + ddl-auto: none + naming: + physical-strategy: org.hibernate.boot.model.naming.PhysicalNamingStrategyStandardImpl + implicit-strategy: org.onap.policy.common.spring.utils.CustomImplicitNamingStrategy + +policy-api: + name: ApiGroup + aaf: false + +database: + name: PolicyProviderParameterGroup + implementation: org.onap.policy.models.provider.impl.DatabasePolicyModelsProviderImpl + driver: org.mariadb.jdbc.Driver + url: jdbc:mariadb://{{ .Values.db.service.name }}:{{ .Values.db.service.internalPort}}/policyadmin + user: "${SQL_USER}" + password: "${SQL_PASSWORD}" + persistenceUnit: PolicyDb + +policy-preload: + policyTypes: + - policytypes/onap.policies.monitoring.tcagen2.yaml + - policytypes/onap.policies.monitoring.dcaegen2.collectors.datafile.datafile-app-server.yaml + - policytypes/onap.policies.monitoring.dcae-restconfcollector.yaml + - policytypes/onap.policies.monitoring.dcae-pm-subscription-handler.yaml + - policytypes/onap.policies.monitoring.dcae-pm-mapper.yaml + - policytypes/onap.policies.Optimization.yaml + - policytypes/onap.policies.optimization.Resource.yaml + - policytypes/onap.policies.optimization.Service.yaml + - policytypes/onap.policies.optimization.resource.AffinityPolicy.yaml + - policytypes/onap.policies.optimization.resource.DistancePolicy.yaml + - policytypes/onap.policies.optimization.resource.HpaPolicy.yaml + - policytypes/onap.policies.optimization.resource.OptimizationPolicy.yaml + - policytypes/onap.policies.optimization.resource.PciPolicy.yaml + - policytypes/onap.policies.optimization.service.QueryPolicy.yaml + - policytypes/onap.policies.optimization.service.SubscriberPolicy.yaml + - policytypes/onap.policies.optimization.resource.Vim_fit.yaml + - policytypes/onap.policies.optimization.resource.VnfPolicy.yaml + - policytypes/onap.policies.controlloop.guard.Common.yaml + - policytypes/onap.policies.controlloop.guard.common.Blacklist.yaml + - policytypes/onap.policies.controlloop.guard.common.FrequencyLimiter.yaml + - policytypes/onap.policies.controlloop.guard.common.MinMax.yaml + - policytypes/onap.policies.controlloop.guard.common.Filter.yaml + - policytypes/onap.policies.controlloop.guard.coordination.FirstBlocksSecond.yaml + - policytypes/onap.policies.Naming.yaml + - policytypes/onap.policies.Match.yaml + - policytypes/onap.policies.native.Drools.yaml + - policytypes/onap.policies.native.Xacml.yaml + - policytypes/onap.policies.native.Apex.yaml + - policytypes/onap.policies.controlloop.operational.Common.yaml + - policytypes/onap.policies.controlloop.operational.common.Apex.yaml + - policytypes/onap.policies.controlloop.operational.common.Drools.yaml + policies: + - policies/sdnc.policy.naming.input.tosca.yaml + +management: + endpoints: + web: + base-path: / + exposure: + include: health,metrics,prometheus + path-mapping.prometheus: metrics diff --git a/kubernetes/policy/components/policy-api/resources/config/config.json b/kubernetes/policy/components/policy-api/resources/config/config.json deleted file mode 100755 index ce59965521..0000000000 --- a/kubernetes/policy/components/policy-api/resources/config/config.json +++ /dev/null @@ -1,73 +0,0 @@ -{{/* -# ============LICENSE_START======================================================= -# Copyright (C) 2019-2020 AT&T Intellectual Property. All rights reserved. -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# SPDX-License-Identifier: Apache-2.0 -# ============LICENSE_END========================================================= -*/}} -{ - "name":"ApiGroup", - "restServerParameters":{ - "host":"0.0.0.0", - "port":6969, - "userName":"${RESTSERVER_USER}", - "password":"${RESTSERVER_PASSWORD}", - "https": true, - "aaf": false, - "prometheus": true - }, - "databaseProviderParameters": { - "name": "PolicyProviderParameterGroup", - "implementation": "org.onap.policy.models.provider.impl.DatabasePolicyModelsProviderImpl", - "databaseDriver": "org.mariadb.jdbc.Driver", - "databaseUrl": "jdbc:mariadb://{{ .Values.db.service.name }}:{{ .Values.db.service.internalPort }}/policyadmin", - "databaseUser": "${SQL_USER}", - "databasePassword": "${SQL_PASSWORD}", - "persistenceUnit": "PolicyMariaDb" - }, - "preloadPolicyTypes": [ - "policytypes/onap.policies.monitoring.tcagen2.yaml", - "policytypes/onap.policies.monitoring.dcaegen2.collectors.datafile.datafile-app-server.yaml", - "policytypes/onap.policies.Optimization.yaml", - "policytypes/onap.policies.optimization.Resource.yaml", - "policytypes/onap.policies.optimization.Service.yaml", - "policytypes/onap.policies.optimization.resource.AffinityPolicy.yaml", - "policytypes/onap.policies.optimization.resource.DistancePolicy.yaml", - "policytypes/onap.policies.optimization.resource.HpaPolicy.yaml", - "policytypes/onap.policies.optimization.resource.OptimizationPolicy.yaml", - "policytypes/onap.policies.optimization.resource.PciPolicy.yaml", - "policytypes/onap.policies.optimization.service.QueryPolicy.yaml", - "policytypes/onap.policies.optimization.service.SubscriberPolicy.yaml", - "policytypes/onap.policies.optimization.resource.Vim_fit.yaml", - "policytypes/onap.policies.optimization.resource.VnfPolicy.yaml", - "policytypes/onap.policies.controlloop.guard.Common.yaml", - "policytypes/onap.policies.controlloop.guard.common.Blacklist.yaml", - "policytypes/onap.policies.controlloop.guard.common.FrequencyLimiter.yaml", - "policytypes/onap.policies.controlloop.guard.common.MinMax.yaml", - "policytypes/onap.policies.controlloop.guard.common.Filter.yaml", - "policytypes/onap.policies.controlloop.guard.coordination.FirstBlocksSecond.yaml", - "policytypes/onap.policies.Naming.yaml", - "policytypes/onap.policies.Match.yaml", - "policytypes/onap.policies.native.Drools.yaml", - "policytypes/onap.policies.native.Xacml.yaml", - "policytypes/onap.policies.native.Apex.yaml", - "policytypes/onap.policies.controlloop.operational.Common.yaml", - "policytypes/onap.policies.controlloop.operational.common.Apex.yaml", - "policytypes/onap.policies.controlloop.operational.common.Drools.yaml" - ], - "preloadPolicies" : [ - "policies/sdnc.policy.naming.input.tosca.yaml" - ] -} diff --git a/kubernetes/policy/components/policy-api/templates/configmap.yaml b/kubernetes/policy/components/policy-api/templates/configmap.yaml index 0c4e870481..9ab25fe2ac 100755 --- a/kubernetes/policy/components/policy-api/templates/configmap.yaml +++ b/kubernetes/policy/components/policy-api/templates/configmap.yaml @@ -37,4 +37,4 @@ binaryData: {{- end }} {{- end }} data: -{{ tpl (.Files.Glob "resources/config/*.{json,xml}").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/config/*.{yaml,xml}").AsConfig . | indent 2 }}
\ No newline at end of file diff --git a/kubernetes/policy/components/policy-api/templates/deployment.yaml b/kubernetes/policy/components/policy-api/templates/deployment.yaml index de0558e4cd..f19233e3b4 100755 --- a/kubernetes/policy/components/policy-api/templates/deployment.yaml +++ b/kubernetes/policy/components/policy-api/templates/deployment.yaml @@ -64,10 +64,10 @@ spec: {{- if .Values.global.aafEnabled }} command: ["sh","-c"] args: ["source {{ .Values.certInitializer.credsPath }}/.ci;\ - /opt/app/policy/api/bin/policy-api.sh /opt/app/policy/api/etc/mounted/config.json"] + /opt/app/policy/api/bin/policy-api.sh /opt/app/policy/api/etc/mounted/apiParameters.yaml"] {{- else }} command: ["/opt/app/policy/api/bin/policy-api.sh"] - args: ["/opt/app/policy/api/etc/mounted/config.json"] + args: ["/opt/app/policy/api/etc/mounted/apiParameters.yaml"] env: - name: KEYSTORE_PASSWD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "keystore-password" "key" "password") | indent 12 }} @@ -86,10 +86,18 @@ spec: periodSeconds: {{ .Values.liveness.periodSeconds }} {{ end -}} readinessProbe: - tcpSocket: + httpGet: + path: {{ .Values.readiness.api }} port: {{ .Values.service.internalPort }} + httpHeaders: + - name: Authorization + value: Basic {{ printf "%s:%s" .Values.restServer.user .Values.restServer.password | b64enc }} + scheme: {{ .Values.readiness.scheme }} + successThreshold: {{ .Values.readiness.successThreshold }} + failureThreshold: {{ .Values.readiness.failureThreshold }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} + timeoutSeconds: {{ .Values.readiness.timeout }} volumeMounts: {{ include "common.certInitializer.volumeMount" . | indent 10 }} - mountPath: /etc/localtime @@ -121,4 +129,4 @@ spec: emptyDir: medium: Memory imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" + - name: "{{ include "common.namespace" . }}-docker-registry-key"
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-datalake-feeder/templates/job.yaml b/kubernetes/policy/components/policy-api/templates/serviceMonitor.yaml index 177cc03347..dbf6a7cd6a 100644 --- a/kubernetes/dcaegen2-services/components/dcae-datalake-feeder/templates/job.yaml +++ b/kubernetes/policy/components/policy-api/templates/serviceMonitor.yaml @@ -1,19 +1,23 @@ {{/* -#============LICENSE_START======================================================== -# ================================================================================ -# Copyright (c) 2021 J. F. Lucas. All rights reserved. +# ============LICENSE_START======================================================= +# Copyright (c) 2022 Bell Canada # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# + +# http://www.apache.org/licenses/LICENSE-2.0 + # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 # ============LICENSE_END========================================================= */}} -{{ include "dcaegen2-services-common.consulDeleteJob" . }}
\ No newline at end of file + +{{- if .Values.prometheus.enabled }} +{{ include "common.serviceMonitor" . }} +{{- end }}
\ No newline at end of file diff --git a/kubernetes/policy/components/policy-api/values.yaml b/kubernetes/policy/components/policy-api/values.yaml index e037c64e15..89608cfb6f 100755 --- a/kubernetes/policy/components/policy-api/values.yaml +++ b/kubernetes/policy/components/policy-api/values.yaml @@ -1,5 +1,6 @@ # ============LICENSE_START======================================================= # Copyright (C) 2019-2021 AT&T Intellectual Property. All rights reserved. +# Modifications Copyright (C) 2022 Bell Canada. All rights reserved. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -78,7 +79,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/policy-api:2.6.0 +image: onap/policy-api:2.6.1 pullPolicy: Always # flag to enable debugging - application support required @@ -94,7 +95,7 @@ db: restServer: user: policyadmin - password: none + password: zb!XztG34 # default number of instances replicaCount: 1 @@ -105,15 +106,20 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 20 + initialDelaySeconds: 60 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: - initialDelaySeconds: 20 - periodSeconds: 10 + initialDelaySeconds: 10 + periodSeconds: 120 + api: /policy/api/v1/healthcheck + scheme: HTTPS + successThreshold: 1 + failureThreshold: 3 + timeout: 60 service: type: ClusterIP @@ -149,3 +155,27 @@ serviceAccount: nameOverride: policy-api roles: - read + +prometheus: + enabled: true + +metrics: + serviceMonitor: + # Override the labels based on the Prometheus config parameter: serviceMonitorSelector. + # The default operator for prometheus enforces the below label. + labels: + release: prometheus + enabled: true + port: policy-api + interval: 60s + isHttps: true + basicAuth: + enabled: true + externalSecretNameSuffix: policy-api-user-creds + externalSecretUserKey: login + externalSecretPasswordKey: password + selector: + app: '{{ include "common.name" . }}' + chart: '{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}' + release: '{{ include "common.release" . }}' + heritage: '{{ .Release.Service }}' diff --git a/kubernetes/policy/components/policy-clamp-cl-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml b/kubernetes/policy/components/policy-clamp-cl-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml index 184adb6f0a..7227ee8ded 100644 --- a/kubernetes/policy/components/policy-clamp-cl-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml +++ b/kubernetes/policy/components/policy-clamp-cl-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml @@ -63,7 +63,7 @@ server: logging: # Configuration of logging level: - ROOT: ERROR + ROOT: INFO org.springframework: ERROR org.springframework.data: ERROR org.springframework.web.reactive.function.client.ExchangeFunctions: ERROR @@ -74,4 +74,12 @@ logging: chart: api: - enabled: false
\ No newline at end of file + enabled: false + +# Sample Permitted list of helm repositories. Before deployment update the repositories where the helm charts are located. +# The Kubernetes participant accept only HTTPS Address +helm: + repos: + - + repoName: bitnami + address: https://charts.bitnami.com/bitnami
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-datafile-collector/templates/job.yaml b/kubernetes/policy/components/policy-distribution/templates/serviceMonitor.yaml index 177cc03347..dbf6a7cd6a 100644 --- a/kubernetes/dcaegen2-services/components/dcae-datafile-collector/templates/job.yaml +++ b/kubernetes/policy/components/policy-distribution/templates/serviceMonitor.yaml @@ -1,19 +1,23 @@ {{/* -#============LICENSE_START======================================================== -# ================================================================================ -# Copyright (c) 2021 J. F. Lucas. All rights reserved. +# ============LICENSE_START======================================================= +# Copyright (c) 2022 Bell Canada # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# + +# http://www.apache.org/licenses/LICENSE-2.0 + # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 # ============LICENSE_END========================================================= */}} -{{ include "dcaegen2-services-common.consulDeleteJob" . }}
\ No newline at end of file + +{{- if .Values.prometheus.enabled }} +{{ include "common.serviceMonitor" . }} +{{- end }}
\ No newline at end of file diff --git a/kubernetes/policy/components/policy-distribution/values.yaml b/kubernetes/policy/components/policy-distribution/values.yaml index 42caed4163..db271a9c3f 100755 --- a/kubernetes/policy/components/policy-distribution/values.yaml +++ b/kubernetes/policy/components/policy-distribution/values.yaml @@ -67,7 +67,7 @@ global: # Application configuration defaults. ################################################################# # application image -image: onap/policy-distribution:2.7.0 +image: onap/policy-distribution:2.7.1 pullPolicy: Always # flag to enable debugging - application support required @@ -161,3 +161,27 @@ serviceAccount: nameOverride: policy-distribution roles: - read + +prometheus: + enabled: true + +metrics: + serviceMonitor: + # Override the labels based on the Prometheus config parameter: serviceMonitorSelector. + # The default operator for prometheus enforces the below label. + labels: + release: prometheus + enabled: true + port: policy-distribution + interval: 60s + isHttps: true + basicAuth: + enabled: true + externalSecretNameSuffix: policy-distribution-restserver-creds + externalSecretUserKey: login + externalSecretPasswordKey: password + selector: + app: '{{ include "common.name" . }}' + chart: '{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}' + release: '{{ include "common.release" . }}' + heritage: '{{ .Release.Service }}' diff --git a/kubernetes/policy/components/policy-drools-pdp/values.yaml b/kubernetes/policy/components/policy-drools-pdp/values.yaml index 411855e4b8..2ce7503015 100755 --- a/kubernetes/policy/components/policy-drools-pdp/values.yaml +++ b/kubernetes/policy/components/policy-drools-pdp/values.yaml @@ -35,7 +35,7 @@ secrets: # Application configuration defaults. ################################################################# # application image -image: onap/policy-pdpd-cl:1.10.0 +image: onap/policy-pdpd-cl:1.10.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/components/policy-pap/resources/config/config.json b/kubernetes/policy/components/policy-pap/resources/config/config.json deleted file mode 100755 index e5cbd22105..0000000000 --- a/kubernetes/policy/components/policy-pap/resources/config/config.json +++ /dev/null @@ -1,101 +0,0 @@ -{{/* -# ============LICENSE_START======================================================= -# Copyright (C) 2019 Nordix Foundation. -# Modifications Copyright (C) 2021 AT&T Intellectual Property. All rights reserved. -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# SPDX-License-Identifier: Apache-2.0 -# ============LICENSE_END========================================================= -*/}} -{ - "name":"PapGroup", - "restServerParameters":{ - "host":"0.0.0.0", - "port":6969, - "userName":"${RESTSERVER_USER}", - "password":"${RESTSERVER_PASSWORD}", - "https": true, - "aaf": false, - "prometheus": true - }, - "pdpParameters": { - "heartBeatMs": 120000, - "updateParameters": { - "maxRetryCount": 1, - "maxWaitMs": 30000 - }, - "stateChangeParameters": { - "maxRetryCount": 1, - "maxWaitMs": 30000 - } - }, - "databaseProviderParameters": { - "name": "PolicyProviderParameterGroup", - "implementation": "org.onap.policy.models.provider.impl.DatabasePolicyModelsProviderImpl", - "databaseDriver": "org.mariadb.jdbc.Driver", - "databaseUrl": "jdbc:mariadb://{{ .Values.db.service.name }}:{{ .Values.db.service.internalPort }}/policyadmin", - "databaseUser": "${SQL_USER}", - "databasePassword": "${SQL_PASSWORD}", - "persistenceUnit": "PolicyMariaDb" - }, - "savePdpStatisticsInDb": true, - "topicParameterGroup": { - "topicSources" : [{ - "topic" : "POLICY-PDP-PAP", - "servers" : [ "message-router" ], - "useHttps": true, - "fetchTimeout": 15000, - "topicCommInfrastructure" : "dmaap" - }, - { - "topic" : "POLICY-HEARTBEAT", - "effectiveTopic": "POLICY-PDP-PAP", - "consumerGroup": "policy-pap", - "servers" : [ "message-router" ], - "useHttps": true, - "fetchTimeout": 15000, - "topicCommInfrastructure" : "dmaap" - }], - "topicSinks" : [{ - "topic" : "POLICY-PDP-PAP", - "servers" : [ "message-router" ], - "useHttps" : true, - "topicCommInfrastructure" : "dmaap" - }, - { - "topic" : "POLICY-NOTIFICATION", - "servers" : [ "message-router" ], - "useHttps" : true, - "topicCommInfrastructure" : "dmaap" - }] - }, - "healthCheckRestClientParameters":[{ - "clientName": "api", - "hostname": "policy-api", - "port": 6969, - "userName": "${API_USER}", - "password": "${API_PASSWORD}", - "useHttps": true, - "basePath": "policy/api/v1/healthcheck" - }, - { - "clientName": "distribution", - "hostname": "policy-distribution", - "port": 6969, - "userName": "${DISTRIBUTION_USER}", - "password": "${DISTRIBUTION_PASSWORD}", - "useHttps": true, - "basePath": "healthcheck" - }] -} diff --git a/kubernetes/policy/components/policy-pap/resources/config/papParameters.yaml b/kubernetes/policy/components/policy-pap/resources/config/papParameters.yaml new file mode 100644 index 0000000000..6f501b8c21 --- /dev/null +++ b/kubernetes/policy/components/policy-pap/resources/config/papParameters.yaml @@ -0,0 +1,113 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2022 Bell Canada. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +spring: + security: + user: + name: "${RESTSERVER_USER}" + password: "${RESTSERVER_PASSWORD}" + http: + converters: + preferred-json-mapper: gson + datasource: + url: jdbc:mariadb://{{ .Values.db.service.name }}:{{ .Values.db.service.internalPort}}/policyadmin + driverClassName: org.mariadb.jdbc.Driver + username: "${SQL_USER}" + password: "${SQL_PASSWORD}" + jpa: + properties: + hibernate: + dialect: org.hibernate.dialect.MariaDB103Dialect + hibernate: + ddl-auto: none + naming: + physical-strategy: org.hibernate.boot.model.naming.PhysicalNamingStrategyStandardImpl + implicit-strategy: org.onap.policy.common.spring.utils.CustomImplicitNamingStrategy + +server: + port: 6969 + ssl: + enabled: true + +pap: + name: PapGroup + aaf: false + pdpParameters: + heartBeatMs: 120000 + updateParameters: + maxRetryCount: 1 + maxWaitMs: 30000 + stateChangeParameters: + maxRetryCount: 1 + maxWaitMs: 30000 + savePdpStatisticsInDb: false + topicParameterGroup: + topicSources: + - topic: POLICY-PDP-PAP + servers: + - message-router + useHttps: true + fetchTimeout: 15000 + topicCommInfrastructure: dmaap + - topic: POLICY-HEARTBEAT + effectiveTopic: POLICY-PDP-PAP + consumerGroup: policy-pap + servers: + - message-router + useHttps: true + fetchTimeout: 15000 + topicCommInfrastructure: dmaap + topicSinks: + - topic: POLICY-PDP-PAP + servers: + - message-router + useHttps: true + topicCommInfrastructure: dmaap + - topic: POLICY-NOTIFICATION + servers: + - message-router + useHttps: true + topicCommInfrastructure: dmaap + healthCheckRestClientParameters: + - clientName: api + hostname: policy-api + port: 6969 + userName: "${API_USER}" + password: "${API_PASSWORD}" + useHttps: true + basePath: policy/api/v1/healthcheck + - clientName: distribution + hostname: policy-distribution + port: 6969 + userName: "${DISTRIBUTION_USER}" + password: "${DISTRIBUTION_PASSWORD}" + useHttps: true + basePath: healthcheck + - clientName: dmaap + hostname: message-router + port: 3905 + useHttps: true + basePath: topics + +management: + endpoints: + web: + base-path: / + exposure: + include: health, metrics, prometheus + path-mapping.prometheus: metrics diff --git a/kubernetes/policy/components/policy-pap/templates/configmap.yaml b/kubernetes/policy/components/policy-pap/templates/configmap.yaml index e1a5360ac2..ee03f70b00 100755 --- a/kubernetes/policy/components/policy-pap/templates/configmap.yaml +++ b/kubernetes/policy/components/policy-pap/templates/configmap.yaml @@ -36,4 +36,4 @@ binaryData: {{- end }} {{- end }} data: -{{ tpl (.Files.Glob "resources/config/*.{json,xml}").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/config/*.{yaml,xml}").AsConfig . | indent 2 }} diff --git a/kubernetes/policy/components/policy-pap/templates/deployment.yaml b/kubernetes/policy/components/policy-pap/templates/deployment.yaml index 77474a8387..c33b80f4af 100755 --- a/kubernetes/policy/components/policy-pap/templates/deployment.yaml +++ b/kubernetes/policy/components/policy-pap/templates/deployment.yaml @@ -1,6 +1,7 @@ {{/* # ============LICENSE_START======================================================= # Copyright (C) 2020 AT&T Intellectual Property. +# Modifications Copyright (C) 2022 Bell Canada. All rights reserved. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -80,10 +81,10 @@ spec: {{- if .Values.global.aafEnabled }} command: ["sh","-c"] args: ["source {{ .Values.certInitializer.credsPath }}/.ci;\ - /opt/app/policy/pap/bin/policy-pap.sh /opt/app/policy/pap/etc/mounted/config.json"] + /opt/app/policy/pap/bin/policy-pap.sh /opt/app/policy/pap/etc/mounted/papParameters.yaml"] {{- else }} command: ["/opt/app/policy/pap/bin/policy-pap.sh"] - args: ["/opt/app/policy/pap/etc/mounted/config.json"] + args: ["/opt/app/policy/pap/etc/mounted/papParameters.yaml"] env: - name: KEYSTORE_PASSWD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "keystore-password" "key" "password") | indent 12 }} @@ -101,10 +102,18 @@ spec: periodSeconds: {{ .Values.liveness.periodSeconds }} {{ end -}} readinessProbe: - tcpSocket: + httpGet: + path: {{ .Values.readiness.api }} port: {{ .Values.readiness.port }} + httpHeaders: + - name: Authorization + value: Basic {{ printf "%s:%s" .Values.restServer.user .Values.restServer.password | b64enc }} + scheme: {{ .Values.readiness.scheme }} + successThreshold: {{ .Values.readiness.successThreshold }} + failureThreshold: {{ .Values.readiness.failureThreshold }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} + timeoutSeconds: {{ .Values.readiness.timeout }} volumeMounts: {{ include "common.certInitializer.volumeMount" . | indent 10 }} - mountPath: /etc/localtime diff --git a/kubernetes/dcaegen2-services/components/dcae-datalake-admin-ui/templates/job.yaml b/kubernetes/policy/components/policy-pap/templates/serviceMonitor.yaml index 177cc03347..dbf6a7cd6a 100644 --- a/kubernetes/dcaegen2-services/components/dcae-datalake-admin-ui/templates/job.yaml +++ b/kubernetes/policy/components/policy-pap/templates/serviceMonitor.yaml @@ -1,19 +1,23 @@ {{/* -#============LICENSE_START======================================================== -# ================================================================================ -# Copyright (c) 2021 J. F. Lucas. All rights reserved. +# ============LICENSE_START======================================================= +# Copyright (c) 2022 Bell Canada # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# + +# http://www.apache.org/licenses/LICENSE-2.0 + # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 # ============LICENSE_END========================================================= */}} -{{ include "dcaegen2-services-common.consulDeleteJob" . }}
\ No newline at end of file + +{{- if .Values.prometheus.enabled }} +{{ include "common.serviceMonitor" . }} +{{- end }}
\ No newline at end of file diff --git a/kubernetes/policy/components/policy-pap/values.yaml b/kubernetes/policy/components/policy-pap/values.yaml index a31de712ef..311653b860 100755 --- a/kubernetes/policy/components/policy-pap/values.yaml +++ b/kubernetes/policy/components/policy-pap/values.yaml @@ -1,7 +1,7 @@ # ============LICENSE_START======================================================= # Copyright (C) 2019 Nordix Foundation. # Modifications Copyright (C) 2019-2021 AT&T Intellectual Property. -# Modifications Copyright (C) 2020 Bell Canada. +# Modifications Copyright (C) 2020-2022 Bell Canada. All rights reserved. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -92,7 +92,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/policy-pap:2.6.0 +image: onap/policy-pap:2.6.1 pullPolicy: Always # flag to enable debugging - application support required @@ -109,7 +109,7 @@ db: restServer: user: policyadmin - password: none + password: zb!XztG34 healthCheckRestClient: api: @@ -128,7 +128,7 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 20 + initialDelaySeconds: 60 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container @@ -136,9 +136,14 @@ liveness: port: http-api readiness: - initialDelaySeconds: 20 - periodSeconds: 10 + initialDelaySeconds: 10 + periodSeconds: 120 port: http-api + api: /policy/pap/v1/healthcheck + scheme: HTTPS + successThreshold: 1 + failureThreshold: 3 + timeout: 60 service: type: ClusterIP @@ -175,3 +180,22 @@ serviceAccount: nameOverride: policy-pap roles: - read + +prometheus: + enabled: true + +metrics: + serviceMonitor: + # Override the labels based on the Prometheus config parameter: serviceMonitorSelector. + # The default operator for prometheus enforces the below label. + labels: + release: prometheus + enabled: true + port: http-api + interval: 60s + isHttps: true + basicAuth: + enabled: true + externalSecretNameSuffix: policy-pap-user-creds + externalSecretUserKey: login + externalSecretPasswordKey: password diff --git a/kubernetes/policy/components/policy-xacml-pdp/templates/serviceMonitor.yaml b/kubernetes/policy/components/policy-xacml-pdp/templates/serviceMonitor.yaml new file mode 100644 index 0000000000..dbf6a7cd6a --- /dev/null +++ b/kubernetes/policy/components/policy-xacml-pdp/templates/serviceMonitor.yaml @@ -0,0 +1,23 @@ +{{/* +# ============LICENSE_START======================================================= +# Copyright (c) 2022 Bell Canada +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at + +# http://www.apache.org/licenses/LICENSE-2.0 + +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +*/}} + +{{- if .Values.prometheus.enabled }} +{{ include "common.serviceMonitor" . }} +{{- end }}
\ No newline at end of file diff --git a/kubernetes/policy/components/policy-xacml-pdp/values.yaml b/kubernetes/policy/components/policy-xacml-pdp/values.yaml index 718c222307..504313832d 100755 --- a/kubernetes/policy/components/policy-xacml-pdp/values.yaml +++ b/kubernetes/policy/components/policy-xacml-pdp/values.yaml @@ -83,7 +83,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/policy-xacml-pdp:2.6.0 +image: onap/policy-xacml-pdp:2.6.1 pullPolicy: Always # flag to enable debugging - application support required @@ -158,3 +158,27 @@ serviceAccount: nameOverride: policy-xacml-pdp roles: - read + +prometheus: + enabled: true + +metrics: + serviceMonitor: + # Override the labels based on the Prometheus config parameter: serviceMonitorSelector. + # The default operator for prometheus enforces the below label. + labels: + release: prometheus + enabled: true + port: policy-xacml-pdp + interval: 60s + isHttps: true + basicAuth: + enabled: true + externalSecretNameSuffix: policy-xacml-pdp-restserver-creds + externalSecretUserKey: login + externalSecretPasswordKey: password + selector: + app: '{{ include "common.name" . }}' + chart: '{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}' + release: '{{ include "common.release" . }}' + heritage: '{{ .Release.Service }}' diff --git a/kubernetes/policy/values.yaml b/kubernetes/policy/values.yaml index 851c8957ae..c544467b53 100755 --- a/kubernetes/policy/values.yaml +++ b/kubernetes/policy/values.yaml @@ -130,7 +130,7 @@ mariadb: image: mariadb:10.5.8 dbmigrator: - image: onap/policy-db-migrator:2.3.1 + image: onap/policy-db-migrator:2.4.1 schema: policyadmin policy_home: "/opt/app/policy" diff --git a/kubernetes/uui/components/uui-nlp/values.yaml b/kubernetes/uui/components/uui-nlp/values.yaml index 3fb70fefae..b8c4b2fa69 100644 --- a/kubernetes/uui/components/uui-nlp/values.yaml +++ b/kubernetes/uui/components/uui-nlp/values.yaml @@ -19,7 +19,7 @@ global: pullPolicy: Always persistence: {} -image: onap/usecase-ui-nlp:1.0.2 +image: onap/usecase-ui-nlp:1.0.3 uui-nlp: enabled: true diff --git a/kubernetes/uui/components/uui-server/values.yaml b/kubernetes/uui/components/uui-server/values.yaml index 1b652d553b..5bd781eb2d 100644 --- a/kubernetes/uui/components/uui-server/values.yaml +++ b/kubernetes/uui/components/uui-server/values.yaml @@ -63,7 +63,7 @@ flavor: small # application image repository: nexus3.onap.org:10001 -image: onap/usecase-ui-server:4.0.5 +image: onap/usecase-ui-server:4.0.6 pullPolicy: Always # application configuration diff --git a/kubernetes/uui/values.yaml b/kubernetes/uui/values.yaml index 52301d63c8..1ed9b470d2 100644 --- a/kubernetes/uui/values.yaml +++ b/kubernetes/uui/values.yaml @@ -57,7 +57,7 @@ subChartsOnly: flavor: small # application image -image: onap/usecase-ui:4.0.5 +image: onap/usecase-ui:4.0.6 pullPolicy: Always # application configuration |