diff options
30 files changed, 1054 insertions, 242 deletions
diff --git a/kubernetes/common/controller-blueprints/resources/config/application.properties b/kubernetes/common/controller-blueprints/resources/config/application.properties index 48678fcef8..7eec7f9115 100644..100755 --- a/kubernetes/common/controller-blueprints/resources/config/application.properties +++ b/kubernetes/common/controller-blueprints/resources/config/application.properties @@ -1,6 +1,6 @@ -# -# Copyright (c) 2017-2018 AT&T Intellectual Property. -# Modifications Copyright (c) 2018 IBM. +# Copyright © 2017-2018 AT&T Intellectual Property. +# Modifications Copyright © 2018 IBM. +# Modifications Copyright © 2019 Bell Canada. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -20,7 +20,7 @@ appVersion=1.0.0 # Basic Authentication basic-auth.user-name=ccsdkapps -basic-auth.hashed-pwd=$2a$10$MJxhNiOAffxbyrV9.rrOUewP9Q/ASg5Nit2cmP.yBaXGsVXo8BW3y +basic-auth.hashed-pwd={bcrypt}$2a$10$MJxhNiOAffxbyrV9.rrOUewP9Q/ASg5Nit2cmP.yBaXGsVXo8BW3y logging.level.org.springframework.web=INFO logging.level.org.hibernate.SQL=warn @@ -43,19 +43,30 @@ spring.datasource.url=jdbc:mysql://controller-blueprints-db:3306/sdnctl spring.datasource.username=sdnctl spring.datasource.password=sdnctl spring.datasource.driver-class-name=org.mariadb.jdbc.Driver -spring.jpa.show-sql = true -spring.jpa.hibernate.ddl-auto = none -spring.jpa.hibernate.naming-strategy = org.hibernate.cfg.ImprovedNamingStrategy -spring.jpa.properties.hibernate.dialect = org.hibernate.dialect.MySQL5Dialect +spring.jpa.show-sql=true +spring.jpa.hibernate.ddl-auto=none +spring.jpa.hibernate.naming-strategy=org.hibernate.cfg.ImprovedNamingStrategy +spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.MySQL5InnoDBDialect + +# Load Resource Source Mappings +resourceSourceMappings=primary-db=source-primary-db,input=source-input,default=source-default,primary-config-data=source-rest,capability=source-capability -#Load Blueprints +# Controller Blueprints Core Configuration +controllerblueprints.blueprintDeployPath=/etc/blueprints/deploy +controllerblueprints.blueprintArchivePath=/etc/blueprints/archive +controllerblueprints.blueprintEnrichmentPath=/etc/blueprints/enrichment +# Controller Blueprint Load Configurations # blueprints.load.initial-data may be overridden by ENV variables -blueprints.load.initial-data=true -load.dataTypePath=load/model_type/data_type -load.nodeTypePath=load/model_type/node_type -load.artifactTypePath=load/model_type/artifact_type -load.resourceDictionaryPath=load/resource_dictionary -load.blueprintsPath=load/blueprints +controllerblueprints.loadInitialData={{ .Values.config.initDataLoad }} +controllerblueprints.loadBluePrint=true +controllerblueprints.loadBluePrintPaths=/opt/app/onap/model-catalog/blueprint-model/service-blueprint +controllerblueprints.loadModelType=true +controllerblueprints.loadModeTypePaths=/opt/app/onap/model-catalog/definition-type/starter-type +controllerblueprints.loadResourceDictionary=true +controllerblueprints.loadResourceDictionaryPaths=/opt/app/onap/model-catalog/resource-dictionary/starter-dictionary -# Load Resource Source Mappings -resourceSourceMappings=db=source-db,input=source-input,default=source-default,mdsal=source-rest +# CBA file extension +controllerblueprints.loadCbaExtension=zip + +# Web server config +server.port=8080
\ No newline at end of file diff --git a/kubernetes/common/controller-blueprints/templates/deployment.yaml b/kubernetes/common/controller-blueprints/templates/deployment.yaml index 15ed32fbd2..ef8b38fc10 100644..100755 --- a/kubernetes/common/controller-blueprints/templates/deployment.yaml +++ b/kubernetes/common/controller-blueprints/templates/deployment.yaml @@ -1,5 +1,7 @@ # Copyright (c) 2018 Amdocs, Bell Canada # +# Modifications Copyright (c) 2019 IBM, Bell Canada +# # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -49,6 +51,9 @@ spec: - name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + env: + - name: APP_CONFIG_HOME + value: {{ .Values.config.appConfigDir }} ports: - containerPort: {{ .Values.service.internalPort }} # disable liveness probe when breakpoints set in debugger @@ -65,38 +70,6 @@ spec: port: {{ .Values.service.internalPort }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} - env: - - name: APPLICATIONNAME - value: {{ .Values.config.applicationName }} - - name: BUNDLEVERSION - value: {{ .Values.config.bundleVersion }} - - name: APP_CONFIG_HOME - value: {{ .Values.config.appConfigDir }} - - name: DB_URL - value: {{ .Values.config.dbUrl }} - - name: DB_USER - value: {{ index .Values "mariadb-galera" "config" "userName" }} - - name: DB_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }} - key: db-root-password - - name: MS_USER - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }} - key: restUser - - name: MS_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }} - key: restPassword - - name: INIT_DATA_LOAD - value: {{ .Values.config.initDataLoad | quote }} - - name: STICKYSELECTORKEY - value: {{ .Values.config.stickySelectorKey | quote }} - - name: ENVCONTEXT - value: {{ .Values.config.envContext }} volumeMounts: - mountPath: /etc/localtime name: localtime @@ -117,7 +90,6 @@ spec: affinity: {{ toYaml .Values.affinity | indent 10 }} {{- end }} - volumes: - name: localtime hostPath: diff --git a/kubernetes/common/controller-blueprints/templates/service.yaml b/kubernetes/common/controller-blueprints/templates/service.yaml index 438ca19699..e0a66d2483 100644..100755 --- a/kubernetes/common/controller-blueprints/templates/service.yaml +++ b/kubernetes/common/controller-blueprints/templates/service.yaml @@ -1,5 +1,7 @@ # Copyright (c) 2018 Amdocs, Bell Canada # +# Modifications Copyright (c) 2019 IBM, Bell Canada +# # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -37,16 +39,12 @@ metadata: spec: type: {{ .Values.service.type }} ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName | default "http" }} - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName | default "http" }} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + {{- if eq .Values.service.type "NodePort"}} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} {{- end}} + name: {{ .Values.service.portName | default "http" }} selector: app: {{ include "common.name" . }} release: {{ .Release.Name }}
\ No newline at end of file diff --git a/kubernetes/common/controller-blueprints/values.yaml b/kubernetes/common/controller-blueprints/values.yaml index 4243210d20..02b5685fa4 100644..100755 --- a/kubernetes/common/controller-blueprints/values.yaml +++ b/kubernetes/common/controller-blueprints/values.yaml @@ -46,13 +46,8 @@ debugEnabled: false # application configuration config: - applicationName: ControllerBluePrints - bundleVersion: 1.0.0 appConfigDir: /opt/app/onap/config - dbUrl: jdbc:mysql://controller-blueprints-db:3306/sdnctl initDataLoad: true - stickySelectorKey: - envContext: DEV restUser: ccsdkapps restPassword: ccsdkapps diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-inventory-inputs.yaml b/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-inventory-inputs.yaml deleted file mode 100644 index 2f897db54e..0000000000 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-inventory-inputs.yaml +++ /dev/null @@ -1,32 +0,0 @@ -#============LICENSE_START======================================================== -#================================================================================= -# Copyright (c) 2017-2018 AT&T Intellectual Property. All rights reserved. -# Modifications Copyright © 2018 Amdocs, Bell Canada -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= - -sdc_address: '{{ .Values.config.address.sdc }}.{{include "common.namespace" . }}:8443' -sdc_uri: 'https://{{ .Values.config.address.sdc }}.{{include "common.namespace" . }}:8443' -sdc_user: "dcae" -sdc_password: !!str Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U -sdc_environment_name: "AUTO" -sdc_msg_bus_address: '{{ .Values.config.address.message_router }}.{{include "common.namespace" . }}' -postgres_user_inventory: "postgres" -postgres_password_inventory: "onap123" -{{ if .Values.componentImages.service_change_handler }} -service_change_handler_image: '{{ include "common.repository" . }}/{{ .Values.componentImages.service_change_handler }}' -{{ end }} -{{ if .Values.componentImages.inventory }} -inventory_image: '{{ include "common.repository" . }}/{{ .Values.componentImages.inventory }}' -{{ end }} diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-policy_handler-inputs.yaml b/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-policy_handler-inputs.yaml deleted file mode 100644 index 9cd37b5e2a..0000000000 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-policy_handler-inputs.yaml +++ /dev/null @@ -1,113 +0,0 @@ -#============LICENSE_START======================================================== -#================================================================================= -# Copyright (c) 2017-2018 AT&T Intellectual Property. All rights reserved. -# Modifications Copyright © 2018 Amdocs, Bell Canada -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= - -{{ if .Values.componentImages.policy_handler }} -policy_handler_image: {{ include "common.repository" . }}/{{ .Values.componentImages.policy_handler }} -{{ end }} -application_config: - policy_handler : - # parallelize the getConfig queries to policy-engine on each policy-update notification - thread_pool_size : 4 - - # parallelize requests to policy-engine and keep them alive - pool_connections : 20 - - # retry to getConfig from policy-engine on policy-update notification - policy_retry_count : 5 - policy_retry_sleep : 5 - - # mode of operation for the policy-handler - # either active or passive - # in passive mode the policy-hanlder will not listen to - # and will not bring the policy-updates from policy-engine - mode_of_operation : "active" - - # config of automatic catch_up for resiliency - catch_up : - # interval in seconds on how often to call automatic catch_up - # example: 1200 is 20*60 seconds that is 20 minutes - interval : 1200 - - # config of periodic reconfigure-rediscover for adaptability - reconfigure: - # interval in seconds on how often to call automatic reconfigure - # example: 600 is 10*60 seconds that is 10 minutes - interval : 600 - - # policy-engine config - # These are the url of and the auth for the external system, namely the policy-engine (PDP). - # We obtain that info manually from PDP folks at the moment. - # In long run we should figure out a way of bringing that info into consul record - # related to policy-engine itself. - # - k8s specific routing to policy-engine by hostname "pdp" - # - relying on dns to resolve hostname "pdp" to ip address - # - expecing to find "pdp" as the hostname in server cert from policy-engine - policy_engine : - url : "https://{{ .Values.config.address.policy_pdp }}.{{include "common.namespace" . }}:8081" - path_notifications : "/pdp/notifications" - path_api : "/pdp/api/" - headers : - Accept : "application/json" - "Content-Type" : "application/json" - ClientAuth : "cHl0aG9uOnRlc3Q=" - Authorization : "Basic dGVzdHBkcDphbHBoYTEyMw==" - Environment : "TEST" - target_entity : "policy_engine" - # optional tls_ca_mode specifies where to find the cacert.pem for tls - # can be one of these: - # "cert_directory" - use the cacert.pem stored locally in cert_directory. - # this is the default if cacert.pem file is found - # - # "os_ca_bundle" - use the public ca_bundle provided by linux system. - # this is the default if cacert.pem file not found - # - # "do_not_verify" - special hack to turn off the verification by cacert and hostname - tls_ca_mode : "cert_directory" - # optional tls_wss_ca_mode specifies the same for the tls based web-socket - tls_wss_ca_mode : "cert_directory" - # optional timeout_in_secs specifies the timeout for the http requests - timeout_in_secs: 60 - # optional ws_ping_interval_in_secs specifies the ping interval for the web-socket connection - ws_ping_interval_in_secs: 30 - # deploy_handler config - # changed from string "deployment_handler" in 2.3.1 to structure in 2.4.0 - deploy_handler : - # name of deployment-handler service used by policy-handler for logging - target_entity : "deployment_handler" - # url of the deployment-handler service for policy-handler to direct the policy-updates to - # - expecting dns to resolve the hostname deployment-handler to ip address - url : "https://deployment-handler:8443" - # limit the size of a single data segment for policy-update messages - # from policy-handler to deployment-handler in megabytes - max_msg_length_mb : 5 - query : - # optionally specify the tenant name for the cloudify under deployment-handler - # if not specified the "default_tenant" is used by the deployment-handler - cfy_tenant_name : "default_tenant" - # optional tls_ca_mode specifies where to find the cacert.pem or skip tls verification - # can be one of these: - # "cert_directory" - use the cacert.pem stored locally in cert_directory. - # this is the default if cacert.pem file is found - # - # "os_ca_bundle" - use the public ca_bundle provided by linux system. - # this is the default if cacert.pem file not found - # - # "do_not_verify" - special hack to turn off the verification by cacert and hostname - tls_ca_mode : "cert_directory" - # optional timeout_in_secs specifies the timeout for the http requests - timeout_in_secs: 60 diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/templates/deployment.yaml b/kubernetes/dcaegen2/charts/dcae-bootstrap/templates/deployment.yaml index a1adfa1dce..0463655c79 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/templates/deployment.yaml +++ b/kubernetes/dcaegen2/charts/dcae-bootstrap/templates/deployment.yaml @@ -1,6 +1,6 @@ #============LICENSE_START========================================================
# ================================================================================
-# Copyright (c) 2017-2018 AT&T Intellectual Property. All rights reserved.
+# Copyright (c) 2017-2019 AT&T Intellectual Property. All rights reserved.
# Modifications Copyright © 2018 Amdocs, Bell Canada
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
@@ -51,6 +51,8 @@ spec: - kube2msb
- --container-name
- dcae-config-binding-service
+ - --container-name
+ - dcae-db
- "-t"
- "15"
env:
diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml b/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml index 81119c5e32..07b203699c 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml +++ b/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml @@ -1,6 +1,6 @@ #============LICENSE_START======================================================== #================================================================================= -# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. +# Copyright (c) 2018-2019 AT&T Intellectual Property. All rights reserved. # Modifications Copyright © 2018 Amdocs, Bell Canada # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); @@ -79,20 +79,18 @@ postgres: # application image repository: nexus3.onap.org:10001 -image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:1.4.7 +image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:1.4.9 # DCAE component images to be deployed via Cloudify Manager # Use to override default setting in blueprints componentImages: datafile_collector: onap/org.onap.dcaegen2.collectors.datafile.datafile-app-server:1.1.1 - deployment_handler: onap/org.onap.dcaegen2.platform.deployment-handler:3.1.0 holmes_rules: onap/holmes/rule-management:1.2.3 holmes_engine: onap/holmes/engine-management:1.2.2 - policy_handler: onap/org.onap.dcaegen2.platform.policy-handler:4.6.0 tca: onap/org.onap.dcaegen2.deployments.tca-cdap-container:1.1.0 ves: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.3.1 snmptrap: onap/org.onap.dcaegen2.collectors.snmptrap:1.4.0 - prh: onap/org.onap.dcaegen2.services.prh.prh-app-server:1.2.0-SNAPSHOT + prh: onap/org.onap.dcaegen2.services.prh.prh-app-server:1.2.1-SNAPSHOT hv_ves: onap/org.onap.dcaegen2.collectors.hv-ves.hv-collector-main:1.1.0-SNAPSHOT # Resource Limit flavor -By Default using small diff --git a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/values.yaml b/kubernetes/dcaegen2/charts/dcae-cloudify-manager/values.yaml index a4694e0e95..5b541fb19d 100644 --- a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/values.yaml +++ b/kubernetes/dcaegen2/charts/dcae-cloudify-manager/values.yaml @@ -1,6 +1,6 @@ #============LICENSE_START======================================================== # ================================================================================ -# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. +# Copyright (c) 2018-2019 AT&T Intellectual Property. All rights reserved. # Modifications Copyright © 2018 Amdocs, Bell Canada # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); @@ -44,7 +44,7 @@ config: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/org.onap.dcaegen2.deployments.cm-container:1.5.0 +image: onap/org.onap.dcaegen2.deployments.cm-container:1.5.1 pullPolicy: Always # probe configuration parameters @@ -57,7 +57,7 @@ liveness: enabled: false readiness: - initialDelaySeconds: 10 + initialDelaySeconds: 60 periodSeconds: 10 service: diff --git a/kubernetes/dcaegen2/charts/dcae-deployment-handler/.helmignore b/kubernetes/dcaegen2/charts/dcae-deployment-handler/.helmignore new file mode 100644 index 0000000000..f0c1319444 --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-deployment-handler/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-config_binding_service-inputs.yaml b/kubernetes/dcaegen2/charts/dcae-deployment-handler/Chart.yaml index f4770ac29f..35d892a9cf 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-config_binding_service-inputs.yaml +++ b/kubernetes/dcaegen2/charts/dcae-deployment-handler/Chart.yaml @@ -1,7 +1,6 @@ #============LICENSE_START======================================================== #================================================================================= -# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. -# Modifications Copyright © 2018 Amdocs, Bell Canada +# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -16,8 +15,7 @@ # limitations under the License. # ============LICENSE_END========================================================= -#TODO would like to make this conditional, as with the other input templates -# but having template expansion issues trying to do that -{{ if .Values.componentImages.config_binding_service }} -cbs_image: {{ include "common.repository" . }}/{{ .Values.componentImages.config_binding_service }} -{{ end }} +apiVersion: v1 +description: ONAP DCAE Deployment Handler +name: dcae-deployment-handler +version: 4.0.0 diff --git a/kubernetes/dcaegen2/charts/dcae-deployment-handler/requirements.yaml b/kubernetes/dcaegen2/charts/dcae-deployment-handler/requirements.yaml new file mode 100644 index 0000000000..d2b64d33b2 --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-deployment-handler/requirements.yaml @@ -0,0 +1,19 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2019 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~4.0.0 + repository: '@local' diff --git a/kubernetes/dcaegen2/charts/dcae-deployment-handler/resources/config/config.json b/kubernetes/dcaegen2/charts/dcae-deployment-handler/resources/config/config.json new file mode 100644 index 0000000000..600f07c457 --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-deployment-handler/resources/config/config.json @@ -0,0 +1,8 @@ +{ + "cloudify": { + "protocol": "http" + }, + "inventory": { + "protocol": "http" + } +}
\ No newline at end of file diff --git a/kubernetes/dcaegen2/charts/dcae-deployment-handler/resources/log/filebeat.yml b/kubernetes/dcaegen2/charts/dcae-deployment-handler/resources/log/filebeat.yml new file mode 100644 index 0000000000..0e5ee9bffa --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-deployment-handler/resources/log/filebeat.yml @@ -0,0 +1,72 @@ +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2018-2019 AT&T Intellectual Property. All rights reserved. +# Modifications Copyright © 2018 Amdocs, Bell Canada +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +filebeat.prospectors: +#it is mandatory, in our case it's log +- input_type: log + #This is the canolical path as mentioned in logback.xml, *.* means it will monitor all files in the directory. + paths: + - /var/log/onap/*/*/*/*.log + - /var/log/onap/*/*/*.log + - /var/log/onap/*/*.log + #Files older than this should be ignored.In our case it will be 48 hours i.e. 2 days. It is a helping flag for clean_inactive + ignore_older: 48h + # Remove the registry entry for a file that is more than the specified time. In our case it will be 96 hours, i.e. 4 days. It will help to keep registry records with in limit + clean_inactive: 96h + + +# Name of the registry file. If a relative path is used, it is considered relative to the +# data path. Else full qualified file name. +#filebeat.registry_file: ${path.data}/registry + + +output.logstash: + #List of logstash server ip addresses with port number. + #But, in our case, this will be the loadbalancer IP address. + #For the below property to work the loadbalancer or logstash should expose 5044 port to listen the filebeat events or port in the property should be changed appropriately. + hosts: ["{{.Values.config.logstashServiceName}}.{{.Release.Namespace}}:{{.Values.config.logstashPort}}"] + #If enable will do load balancing among availabe Logstash, automatically. + loadbalance: true + + #The list of root certificates for server verifications. + #If certificate_authorities is empty or not set, the trusted + #certificate authorities of the host system are used. + #ssl.certificate_authorities: $ssl.certificate_authorities + + #The path to the certificate for SSL client authentication. If the certificate is not specified, + #client authentication is not available. + #ssl.certificate: $ssl.certificate + + #The client certificate key used for client authentication. + #ssl.key: $ssl.key + + #The passphrase used to decrypt an encrypted key stored in the configured key file + #ssl.key_passphrase: $ssl.key_passphrase + +logging: + level: debug + + # enable file rotation with default configuration + to_files: true + + # do not log to syslog + to_syslog: false + + files: + path: /usr/share/filebeat/logs + name: mybeat.log + keepfiles: 7 diff --git a/kubernetes/dcaegen2/charts/dcae-deployment-handler/templates/configmap.yaml b/kubernetes/dcaegen2/charts/dcae-deployment-handler/templates/configmap.yaml new file mode 100644 index 0000000000..39af31a4f3 --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-deployment-handler/templates/configmap.yaml @@ -0,0 +1,34 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2019 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-configmap + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{include "common.fullname" . }}-filebeat-configmap + namespace: {{include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/log/*").AsConfig . | indent 2 }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2/charts/dcae-deployment-handler/templates/deployment.yaml b/kubernetes/dcaegen2/charts/dcae-deployment-handler/templates/deployment.yaml new file mode 100644 index 0000000000..3e4e53b679 --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-deployment-handler/templates/deployment.yaml @@ -0,0 +1,161 @@ +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: 1 + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - name: {{ include "common.name" . }}-readiness + image: {{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - /root/ready.py + args: + - --container-name + - dcae-cloudify-manager + - --container-name + - consul-server + - --container-name + - dcae-inventory-api + - "-t" + - "45" + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + - name: init-tls + env: + - name: POD_IP + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: status.podIP + image: {{ .Values.global.tlsRepository }}/{{ .Values.global.tlsImage }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + resources: {} + volumeMounts: + - mountPath: /opt/tls/shared + name: tls-info + - name: init-consul + image: {{ .Values.global.consulLoaderRepository }}/{{ .Values.global.consulLoaderImage }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + args: + - --service + - "cloudify_manager|dcae-cloudify-manager.{{ include "common.namespace" . }}|80" + - --service + - "inventory|inventory.{{ include "common.namespace" . }}|8080" + - --key + - deployment_handler|/dhconfig/config.json + resources: {} + volumeMounts: + - mountPath: /dhconfig + name: dh-config + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + resources: +{{ include "common.resources" . | indent 12 }} + ports: + - containerPort: {{ .Values.service.internalPort }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end }} + readinessProbe: + httpGet: + path: {{ .Values.readiness.path }} + port: {{ .Values.service.internalPort }} + scheme: {{ .Values.readiness.scheme }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + volumeMounts: + - mountPath: /opt/app/dh/log + name: component-log + - mountPath: /opt/app/dh/etc/cert/ + name: tls-info + env: + - name: CONSUL_HOST + value: consul-server.{{ include "common.namespace" . }} + - name: CLOUDIFY_USER + value: admin + - name: CLOUDIFY_PASSWORD + value: admin + - name: CONFIG_BINDING_SERVICE + value: config-binding-service + - name: POD_IP + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: status.podIP + - name: {{ include "common.name" . }}-filebeat + env: + - name: POD_IP + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: status.podIP + image: {{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }} + imagePullPolicy: IfNotPresent + resources: {} + volumeMounts: + - mountPath: /var/log/onap/deployment-handler + name: component-log + - mountPath: /usr/share/filebeat/data + name: filebeat-data + - mountPath: /usr/share/filebeat/filebeat.yml + name: filebeat-conf + subPath: filebeat.yml + volumes: + - emptyDir: {} + name: component-log + - emptyDir: {} + name: filebeat-data + - configMap: + defaultMode: 420 + name: {{ include "common.fullname" . }}-filebeat-configmap + name: filebeat-conf + - emptyDir: {} + name: tls-info + - configMap: + defaultMode: 422 + name: {{ include "common.fullname" . }}-configmap + name: dh-config + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/dcaegen2/charts/dcae-deployment-handler/templates/service.yaml b/kubernetes/dcaegen2/charts/dcae-deployment-handler/templates/service.yaml new file mode 100644 index 0000000000..088d381d50 --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-deployment-handler/templates/service.yaml @@ -0,0 +1,43 @@ +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.name }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.name }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + diff --git a/kubernetes/dcaegen2/charts/dcae-deployment-handler/values.yaml b/kubernetes/dcaegen2/charts/dcae-deployment-handler/values.yaml new file mode 100644 index 0000000000..d1fbe5b3b4 --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-deployment-handler/values.yaml @@ -0,0 +1,95 @@ +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + loggingRepository: docker.elastic.co + loggingImage: beats/filebeat:5.5.0 + tlsRepository: nexus3.onap.org:10001 + tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:1.0.0 + consulLoaderRepository: nexus3.onap.org:10001 + consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0 + repositoryCred: + user: docker + password: docker + +config: + logstashServiceName: log-ls + logstashPort: 5044 + # Addresses of other ONAP entities + address: + consul: + host: consul-server + port: 8500 + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/org.onap.dcaegen2.platform.deployment-handler:3.2.0 +pullPolicy: Always + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + # liveness not desirable for Cloudify Manager container + enabled: false + +readiness: + initialDelaySeconds: 30 + periodSeconds: 30 + path: / + scheme: HTTPS + +service: + type: ClusterIP + name: deployment-handler + externalPort: 8443 + internalPort: 8443 + + +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 2 + memory: 2Gi + requests: + cpu: 1 + memory: 1Gi + large: + limits: + cpu: 4 + memory: 4Gi + requests: + cpu: 2 + memory: 2Gi + unlimited: {} +# Kubernetes namespace for components deployed via Cloudify manager +# If empty, use the common namespace +# dcae_ns: "dcae" diff --git a/kubernetes/dcaegen2/charts/dcae-healthcheck/values.yaml b/kubernetes/dcaegen2/charts/dcae-healthcheck/values.yaml index 307046138b..913cb714d6 100644 --- a/kubernetes/dcaegen2/charts/dcae-healthcheck/values.yaml +++ b/kubernetes/dcaegen2/charts/dcae-healthcheck/values.yaml @@ -45,7 +45,7 @@ readiness: periodSeconds: 10 # application image repository: nexus3.onap.org:10001 -image: onap/org.onap.dcaegen2.deployments.healthcheck-container:1.2.3 +image: onap/org.onap.dcaegen2.deployments.healthcheck-container:1.2.4 # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/dcaegen2/charts/dcae-policy-handler/.helmignore b/kubernetes/dcaegen2/charts/dcae-policy-handler/.helmignore new file mode 100644 index 0000000000..f0c1319444 --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-policy-handler/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-deployment_handler-inputs.yaml b/kubernetes/dcaegen2/charts/dcae-policy-handler/Chart.yaml index 97ff037481..98844dce4f 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-deployment_handler-inputs.yaml +++ b/kubernetes/dcaegen2/charts/dcae-policy-handler/Chart.yaml @@ -1,7 +1,6 @@ #============LICENSE_START======================================================== #================================================================================= -# Copyright (c) 2017-2018 AT&T Intellectual Property. All rights reserved. -# Modifications Copyright © 2018 Amdocs, Bell Canada +# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -15,13 +14,8 @@ # See the License for the specific language governing permissions and # limitations under the License. # ============LICENSE_END========================================================= -# -# ECOMP is a trademark and service mark of AT&T Intellectual Property. -{{ if .Values.componentImages.deployment_handler }} -deployment_handler_image: {{ include "common.repository" . }}/{{ .Values.componentImages.deployment_handler }} -{{ end }} -application_config: - cloudify: - protocol: "http" - inventory: - protocol: "http" + +apiVersion: v1 +description: ONAP DCAE Policy Handler +name: dcae-policy-handler +version: 4.0.0 diff --git a/kubernetes/dcaegen2/charts/dcae-policy-handler/requirements.yaml b/kubernetes/dcaegen2/charts/dcae-policy-handler/requirements.yaml new file mode 100644 index 0000000000..d2b64d33b2 --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-policy-handler/requirements.yaml @@ -0,0 +1,19 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2019 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~4.0.0 + repository: '@local' diff --git a/kubernetes/dcaegen2/charts/dcae-policy-handler/resources/config/config.json b/kubernetes/dcaegen2/charts/dcae-policy-handler/resources/config/config.json new file mode 100644 index 0000000000..76aa3838aa --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-policy-handler/resources/config/config.json @@ -0,0 +1,41 @@ +{ + "policy_handler": { + "thread_pool_size": 4, + "pool_connections": 20, + "policy_retry_count": 5, + "policy_retry_sleep": 5, + "catch_up": { + "interval": 1200 + }, + "reconfigure": { + "interval": 600 + }, + "policy_engine": { + "url": "https://{{ .Values.config.address.policy_pdp }}.{{include "common.namespace" . }}:8081", + "path_notifications": "/pdp/notifications", + "path_api": "/pdp/api/", + "headers": { + "Accept": "application/json", + "Content-Type": "application/json", + "ClientAuth": "cHl0aG9uOnRlc3Q=", + "Authorization": "Basic dGVzdHBkcDphbHBoYTEyMw==", + "Environment": "TEST" + }, + "target_entity": "policy_engine", + "tls_ca_mode": "cert_directory", + "tls_wss_ca_mode": "cert_directory", + "timeout_in_secs": 60, + "ws_ping_interval_in_secs": 180 + }, + "deploy_handler": { + "target_entity": "deployment_handler", + "url": "https://deployment-handler:8443", + "max_msg_length_mb": 5, + "query": { + "cfy_tenant_name": "default_tenant" + }, + "tls_ca_mode": "cert_directory", + "timeout_in_secs": 60 + } + } +} diff --git a/kubernetes/dcaegen2/charts/dcae-policy-handler/resources/log/filebeat.yml b/kubernetes/dcaegen2/charts/dcae-policy-handler/resources/log/filebeat.yml new file mode 100644 index 0000000000..1a3f693a12 --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-policy-handler/resources/log/filebeat.yml @@ -0,0 +1,72 @@ +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. +# Modifications Copyright © 2018 Amdocs, Bell Canada +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +filebeat.prospectors: +#it is mandatory, in our case it's log +- input_type: log + #This is the canolical path as mentioned in logback.xml, *.* means it will monitor all files in the directory. + paths: + - /var/log/onap/*/*/*/*.log + - /var/log/onap/*/*/*.log + - /var/log/onap/*/*.log + #Files older than this should be ignored.In our case it will be 48 hours i.e. 2 days. It is a helping flag for clean_inactive + ignore_older: 48h + # Remove the registry entry for a file that is more than the specified time. In our case it will be 96 hours, i.e. 4 days. It will help to keep registry records with in limit + clean_inactive: 96h + + +# Name of the registry file. If a relative path is used, it is considered relative to the +# data path. Else full qualified file name. +#filebeat.registry_file: ${path.data}/registry + + +output.logstash: + #List of logstash server ip addresses with port number. + #But, in our case, this will be the loadbalancer IP address. + #For the below property to work the loadbalancer or logstash should expose 5044 port to listen the filebeat events or port in the property should be changed appropriately. + hosts: ["{{.Values.config.logstashServiceName}}.{{.Release.Namespace}}:{{.Values.config.logstashPort}}"] + #If enable will do load balancing among availabe Logstash, automatically. + loadbalance: true + + #The list of root certificates for server verifications. + #If certificate_authorities is empty or not set, the trusted + #certificate authorities of the host system are used. + #ssl.certificate_authorities: $ssl.certificate_authorities + + #The path to the certificate for SSL client authentication. If the certificate is not specified, + #client authentication is not available. + #ssl.certificate: $ssl.certificate + + #The client certificate key used for client authentication. + #ssl.key: $ssl.key + + #The passphrase used to decrypt an encrypted key stored in the configured key file + #ssl.key_passphrase: $ssl.key_passphrase + +logging: + level: debug + + # enable file rotation with default configuration + to_files: true + + # do not log to syslog + to_syslog: false + + files: + path: /usr/share/filebeat/logs + name: mybeat.log + keepfiles: 7 diff --git a/kubernetes/dcaegen2/charts/dcae-policy-handler/templates/configmap.yaml b/kubernetes/dcaegen2/charts/dcae-policy-handler/templates/configmap.yaml new file mode 100644 index 0000000000..39af31a4f3 --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-policy-handler/templates/configmap.yaml @@ -0,0 +1,34 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2019 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-configmap + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{include "common.fullname" . }}-filebeat-configmap + namespace: {{include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/log/*").AsConfig . | indent 2 }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2/charts/dcae-policy-handler/templates/deployment.yaml b/kubernetes/dcaegen2/charts/dcae-policy-handler/templates/deployment.yaml new file mode 100644 index 0000000000..a6b87bf3eb --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-policy-handler/templates/deployment.yaml @@ -0,0 +1,157 @@ +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: 1 + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - name: {{ include "common.name" . }}-readiness + image: {{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - /root/ready.py + args: + - --container-name + - dcae-deployment-handler + - --container-name + - consul-server + - --container-name + - pdp + - "-t" + - "45" + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + - name: init-tls + env: + - name: POD_IP + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: status.podIP + image: {{ .Values.global.tlsRepository }}/{{ .Values.global.tlsImage }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + resources: {} + volumeMounts: + - mountPath: /opt/tls/shared + name: tls-info + - name: init-consul + image: {{ .Values.global.consulLoaderRepository }}/{{ .Values.global.consulLoaderImage }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + args: + - --key + - policy_handler|/phconfig/config.json + resources: {} + volumeMounts: + - mountPath: /phconfig + name: ph-config + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + resources: +{{ include "common.resources" . | indent 12 }} + ports: + - containerPort: {{ .Values.service.internalPort }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end }} + readinessProbe: + httpGet: + path: {{ .Values.readiness.path }} + port: {{ .Values.service.internalPort }} + scheme: {{ .Values.readiness.scheme }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + volumeMounts: + - mountPath: /opt/app/policy_handler/logs + name: component-log + - mountPath: /opt/app/policy_handler/etc/tls/certs/ + name: tls-info + env: + - name: CONSUL_HOST + value: consul-server.{{ include "common.namespace" . }} + - name: CLOUDIFY_USER + value: admin + - name: CLOUDIFY_PASSWORD + value: admin + - name: CONFIG_BINDING_SERVICE + value: config-binding-service + - name: POD_IP + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: status.podIP + - name: {{ include "common.name" . }}-filebeat + env: + - name: POD_IP + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: status.podIP + image: {{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }} + imagePullPolicy: IfNotPresent + resources: {} + volumeMounts: + - mountPath: /var/log/onap/deployment-handler + name: component-log + - mountPath: /usr/share/filebeat/data + name: filebeat-data + - mountPath: /usr/share/filebeat/filebeat.yml + name: filebeat-conf + subPath: filebeat.yml + volumes: + - emptyDir: {} + name: component-log + - emptyDir: {} + name: filebeat-data + - configMap: + defaultMode: 420 + name: {{ include "common.fullname" . }}-filebeat-configmap + name: filebeat-conf + - emptyDir: {} + name: tls-info + - configMap: + defaultMode: 422 + name: {{ include "common.fullname" . }}-configmap + name: ph-config + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/dcaegen2/charts/dcae-policy-handler/templates/service.yaml b/kubernetes/dcaegen2/charts/dcae-policy-handler/templates/service.yaml new file mode 100644 index 0000000000..088d381d50 --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-policy-handler/templates/service.yaml @@ -0,0 +1,43 @@ +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.name }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.name }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + diff --git a/kubernetes/dcaegen2/charts/dcae-policy-handler/values.yaml b/kubernetes/dcaegen2/charts/dcae-policy-handler/values.yaml new file mode 100644 index 0000000000..0494a9e1d4 --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-policy-handler/values.yaml @@ -0,0 +1,95 @@ +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + loggingRepository: docker.elastic.co + loggingImage: beats/filebeat:5.5.0 + tlsRepository: nexus3.onap.org:10001 + tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:1.0.0 + consulLoaderRepository: nexus3.onap.org:10001 + consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0 + repositoryCred: + user: docker + password: docker + +config: + logstashServiceName: log-ls + logstashPort: 5044 + # Addresses of other ONAP entities + address: + consul: + host: consul-server + port: 8500 + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/org.onap.dcaegen2.platform.policy-handler:4.6.0 +pullPolicy: Always + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + # liveness not desirable for Cloudify Manager container + enabled: false + +readiness: + initialDelaySeconds: 60 + periodSeconds: 300 + path: /healthcheck + scheme: HTTP + +service: + type: ClusterIP + name: policy-handler + externalPort: 25577 + internalPort: 25577 + + +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 2 + memory: 2Gi + requests: + cpu: 1 + memory: 1Gi + large: + limits: + cpu: 4 + memory: 4Gi + requests: + cpu: 2 + memory: 2Gi + unlimited: {} +# Kubernetes namespace for components deployed via Cloudify manager +# If empty, use the common namespace +# dcae_ns: "dcae" diff --git a/kubernetes/dmaap/charts/message-router/charts/message-router-kafka/values.yaml b/kubernetes/dmaap/charts/message-router/charts/message-router-kafka/values.yaml index 6569729bee..6c121f9693 100644 --- a/kubernetes/dmaap/charts/message-router/charts/message-router-kafka/values.yaml +++ b/kubernetes/dmaap/charts/message-router/charts/message-router-kafka/values.yaml @@ -54,14 +54,14 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 10 + initialDelaySeconds: 60 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: - initialDelaySeconds: 10 + initialDelaySeconds: 60 periodSeconds: 10 ## Persist data to a persitent volume diff --git a/kubernetes/pomba/charts/pomba-validation-service/resources/bundleconfig/etc/rules/poa-event/default-rules.groovy b/kubernetes/pomba/charts/pomba-validation-service/resources/bundleconfig/etc/rules/poa-event/default-rules.groovy index 1902a1050f..95206cf984 100644 --- a/kubernetes/pomba/charts/pomba-validation-service/resources/bundleconfig/etc/rules/poa-event/default-rules.groovy +++ b/kubernetes/pomba/charts/pomba-validation-service/resources/bundleconfig/etc/rules/poa-event/default-rules.groovy @@ -132,8 +132,13 @@ entity { attributes 'context-list.sdnc.vnfList[*].vfModuleList[*].vmList[*]', 'context-list.aai.vnfList[*].vfModuleList[*].vmList[*]' } - - + // AAI-SDNC PNF name validation + useRule { + name 'AAI-SDNC-pnf-name-check' + attributes 'context-list.aai.pnfList[*].name', 'context-list.sdnc.pnfList[*].name' + } + + // SDNC-NDCB comparison: Context level useRule { name 'Attribute-comparison' @@ -432,3 +437,52 @@ rule { return new Tuple2(success, details) ''' } + +rule { + name 'AAI-SDNC-pnf-name-check' + category 'PNF Consistency' + description 'Validate that each PNF name in AAI matches a PNF name in the SDNC model' + errorText 'AAI PNF names do not match SDNC - {0}' + severity 'ERROR' + attributes 'aaiNames', 'sdncNames' + validate ''' + def addName = { values, key -> + values.add("$key") + } + + List<String> errorReasons = new ArrayList(); + + if (aaiNames.size() != sdncNames.size()) { + errorReasons.add("Number of PNFs don't match; aai has ${aaiNames.size()}, sdnc has ${sdncNames.size()}") + return new Tuple2(false, errorReasons) + } + + // collect all the "name" values from AAI and SDNC into two Sets. + Set aaiNameSet = new java.util.HashSet() + aaiNames.each { + aValue -> addName(aaiNameSet, aValue) + } + + Set sdncNameSet = new java.util.HashSet() + sdncNames.each { + aValue -> addName(sdncNameSet, aValue) + } + + // Validate that the names match by comparing the size of the two Sets. + if (aaiNameSet.size() != sdncNameSet.size()) { + errorReasons.add("Number of distinct PNF names don't match; aai: ${aaiNameSet}, sdnc: ${sdncNameSet}") + return new Tuple2(false, errorReasons) + } + + Set combinedSet = new HashSet(); + combinedSet.addAll(aaiNameSet); + combinedSet.addAll(sdncNameSet); + if (combinedSet.size() != aaiNameSet.size()) { + errorReasons.add("PNF names don't match; aai names: ${aaiNameSet}, sdnc names: ${sdncNameSet}") + return new Tuple2(false, errorReasons) + } + + return true + + ''' +} |