diff options
38 files changed, 265 insertions, 564 deletions
diff --git a/kubernetes/aai b/kubernetes/aai -Subproject 46961c4794a17f72643bd491af6c159ea7e5338 +Subproject 5071da297b9e7f58c796bad7d4ae1e3415a039c diff --git a/kubernetes/common/cassandra/resources/exec.py b/kubernetes/common/cassandra/resources/exec.py index 5b3ae33371..a7f297399e 100644 --- a/kubernetes/common/cassandra/resources/exec.py +++ b/kubernetes/common/cassandra/resources/exec.py @@ -1,4 +1,4 @@ -#!/usr/bin/python +#!/usr/bin/env python import getopt import logging import os @@ -7,7 +7,7 @@ import time from kubernetes import config from kubernetes.client import Configuration -from kubernetes.client.apis import core_v1_api +from kubernetes.client.api import core_v1_api from kubernetes.client.rest import ApiException from kubernetes.stream import stream diff --git a/kubernetes/common/cassandra/resources/restore.sh b/kubernetes/common/cassandra/resources/restore.sh index b9deb32316..798ab6c53c 100644 --- a/kubernetes/common/cassandra/resources/restore.sh +++ b/kubernetes/common/cassandra/resources/restore.sh @@ -1,4 +1,4 @@ -#!/bin/bash +#!/bin/sh # Initialize variables ss_dir="" diff --git a/kubernetes/common/cassandra/templates/backup/cronjob.yaml b/kubernetes/common/cassandra/templates/backup/cronjob.yaml index e4f2aabfa0..f536be5053 100644 --- a/kubernetes/common/cassandra/templates/backup/cronjob.yaml +++ b/kubernetes/common/cassandra/templates/backup/cronjob.yaml @@ -13,6 +13,7 @@ # See the License for the specific language governing permissions and # limitations under the License. */}} +{{- $global := . }} {{- if .Values.backup.enabled }} apiVersion: batch/v1beta1 kind: CronJob @@ -52,7 +53,7 @@ spec: image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: - - /bin/bash + - /bin/sh - -c - | clearSnapshot(){ @@ -237,7 +238,7 @@ spec: {{- range $i := until (int .Values.replicaCount)}} - name: data-dir-{{ $i }} persistentVolumeClaim: - claimName: {{ include "common.fullname" . }}-data-{{ $i }} + claimName: {{ include "common.fullname" $global }}-data-{{ include "common.fullname" $global }}-{{ $i }} {{- end }} - name: backup-dir persistentVolumeClaim: diff --git a/kubernetes/common/certInitializer/resources/import-custom-certs.sh b/kubernetes/common/certInitializer/resources/import-custom-certs.sh new file mode 100755 index 0000000000..dd311830e7 --- /dev/null +++ b/kubernetes/common/certInitializer/resources/import-custom-certs.sh @@ -0,0 +1,61 @@ +#!/bin/bash + +# Copyright © 2020 Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +CERTS_DIR=${CERTS_DIR:-/certs} +WORK_DIR=${WORK_DIR:-/updatedTruststore} +ONAP_TRUSTSTORE=${ONAP_TRUSTSTORE:-truststoreONAPall.jks} +JRE_TRUSTSTORE=${JRE_TRUSTSTORE:-$JAVA_HOME/lib/security/cacerts} +TRUSTSTORE_OUTPUT_FILENAME=${TRUSTSTORE_OUTPUT_FILENAME:-truststore.jks} + +mkdir -p $WORK_DIR + +# Decrypt and move relevant files to WORK_DIR +for f in $CERTS_DIR/*; do + if [[ $AAF_ENABLED == false ]] && [[ $f == *$ONAP_TRUSTSTORE* ]]; then + # Dont use onap truststore when aaf is disabled + continue + fi + if [[ $f == *.sh ]]; then + continue + fi + if [[ $f == *.b64 ]] + then + base64 -d $f > $WORK_DIR/`basename $f .b64` + else + cp $f $WORK_DIR/. + fi +done + +# Prepare truststore output file +if [[ $AAF_ENABLED == true ]] + then + mv $WORK_DIR/$ONAP_TRUSTSTORE $WORK_DIR/$TRUSTSTORE_OUTPUT_FILENAME + else + echo "AAF is disabled, using JRE truststore" + cp $JRE_TRUSTSTORE $WORK_DIR/$TRUSTSTORE_OUTPUT_FILENAME +fi + +# Import Custom Certificates +for f in $WORK_DIR/*; do + if [[ $f == *.pem ]]; then + echo "importing certificate: $f" + keytool -import -file $f -alias `basename $f` -keystore $WORK_DIR/$TRUSTSTORE_OUTPUT_FILENAME -storepass $TRUSTSTORE_PASSWORD -noprompt + if [[ $? != 0 ]]; then + echo "failed importing certificate: $f" + exit 1 + fi + fi +done diff --git a/kubernetes/common/certInitializer/templates/_certInitializer.yaml b/kubernetes/common/certInitializer/templates/_certInitializer.yaml index 1250c1225e..c453f11c85 100644 --- a/kubernetes/common/certInitializer/templates/_certInitializer.yaml +++ b/kubernetes/common/certInitializer/templates/_certInitializer.yaml @@ -1,5 +1,5 @@ {{/* -# Copyright © 2020 Samsung Electronics +# Copyright © 2020 Bell Canada, Samsung Electronics # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -96,6 +96,51 @@ value: "{{ $initRoot.public_fqdn | default "" }}" {{- end -}} +{{/* + This init container will import custom .pem certificates to truststoreONAPall.jks + Custom certificates must be placed in common/certInitializer/resources directory. + + The feature is enabled by setting Values.global.importCustomCertsEnabled = true + It can be used independently of aafEnabled, however it requires the same includes + as describe above for _initContainer. + + When AAF is enabled the truststoreONAPAll.jks (which contains AAF CA) will be used + to import custom certificates, otherwise the default java keystore will be used. + + The updated truststore file will be placed in /updatedTruststore and can be mounted per component + to a specific path by defining Values.certInitializer.truststoreMountpath (see _trustStoreVolumeMount) + The truststore file will be available to mount even if no custom certificates were imported. +*/}} +{{- define "common.certInitializer._initImportCustomCertsContainer" -}} +{{- $dot := default . .dot -}} +{{- $initRoot := default $dot.Values.certInitializer .initRoot -}} +{{- $subchartDot := fromJson (include "common.subChartDot" (dict "dot" $dot "initRoot" $initRoot)) }} +- name: {{ include "common.name" $dot }}-import-custom-certs + image: {{ $subchartDot.Values.global.jreImage }} + imagePullPolicy: {{ $subchartDot.Values.global.pullPolicy | default $subchartDot.Values.pullPolicy }} + securityContext: + runAsUser: 0 + command: + - /bin/bash + - -c + - /root/import-custom-certs.sh + env: + - name: AAF_ENABLED + value: "{{ $subchartDot.Values.global.aafEnabled }}" + - name: TRUSTSTORE_OUTPUT_FILENAME + value: "{{ $initRoot.truststoreOutputFileName }}" + - name: TRUSTSTORE_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" $subchartDot "uid" "truststore-creds" "key" "password") | indent 6 }} + volumeMounts: + - mountPath: /certs + name: aaf-agent-certs + - mountPath: /root/import-custom-certs.sh + name: aaf-agent-certs + subPath: import-custom-certs.sh + - mountPath: /updatedTruststore + name: updated-truststore +{{- end -}} + {{- define "common.certInitializer._volumeMount" -}} {{- $dot := default . .dot -}} {{- $initRoot := default $dot.Values.certInitializer .initRoot -}} @@ -103,6 +148,21 @@ name: {{ include "common.certInitializer._aafConfigVolumeName" $dot }} {{- end -}} +{{/* + This is used together with _initImportCustomCertsContainer + It mounts the updated truststore (with imported custom certificates) to the + truststoreMountpath defined in the values file for the component. +*/}} +{{- define "common.certInitializer._trustStoreVolumeMount" -}} +{{- $dot := default . .dot -}} +{{- $initRoot := default $dot.Values.certInitializer .initRoot -}} +{{- if gt (len $initRoot.truststoreMountpath) 0 }} +- mountPath: {{ $initRoot.truststoreMountpath }}/{{ $initRoot.truststoreOutputFileName }} + name: updated-truststore + subPath: {{ $initRoot.truststoreOutputFileName }} +{{- end -}} +{{- end -}} + {{- define "common.certInitializer._volumes" -}} {{- $dot := default . .dot -}} {{- $initRoot := default $dot.Values.certInitializer .initRoot -}} @@ -121,10 +181,17 @@ name: {{ include "common.fullname" $subchartDot }}-add-config defaultMode: 0700 {{- end -}} +{{- if $dot.Values.global.importCustomCertsEnabled }} +- name: updated-truststore + emptyDir: {} +{{- end -}} {{- end -}} {{- define "common.certInitializer.initContainer" -}} {{- $dot := default . .dot -}} + {{- if $dot.Values.global.importCustomCertsEnabled }} + {{ include "common.certInitializer._initImportCustomCertsContainer" . }} + {{- end -}} {{- if $dot.Values.global.aafEnabled }} {{ include "common.certInitializer._initContainer" . }} {{- end -}} @@ -135,11 +202,14 @@ {{- if $dot.Values.global.aafEnabled }} {{- include "common.certInitializer._volumeMount" . }} {{- end -}} + {{- if $dot.Values.global.importCustomCertsEnabled }} + {{- include "common.certInitializer._trustStoreVolumeMount" . }} + {{- end -}} {{- end -}} {{- define "common.certInitializer.volumes" -}} {{- $dot := default . .dot -}} - {{- if $dot.Values.global.aafEnabled }} + {{- if or ($dot.Values.global.aafEnabled ) ($dot.Values.global.importCustomCertsEnabled) }} {{- include "common.certInitializer._volumes" . }} {{- end -}} {{- end -}} diff --git a/kubernetes/common/certInitializer/values.yaml b/kubernetes/common/certInitializer/values.yaml index 416282f72a..271e410069 100644 --- a/kubernetes/common/certInitializer/values.yaml +++ b/kubernetes/common/certInitializer/values.yaml @@ -1,4 +1,4 @@ -# Copyright © 2020 Samsung Electronics +# Copyright © 2020 Bell Canada, Samsung Electronics # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -16,6 +16,7 @@ global: repository: nexus3.onap.org:10001 aafAgentImage: onap/aaf/aaf_agent:2.1.20 aafEnabled: true + jreImage: registry.gitlab.com/onap-integration/docker/onap-java pullPolicy: Always @@ -26,6 +27,11 @@ secrets: login: '{{ .Values.aafDeployFqi }}' password: '{{ .Values.aafDeployPass }}' passwordPolicy: required + - uid: truststore-creds + type: password + externalSecret: '{{ tpl (default "" .Values.truststoreCredsExternalSecret) . }}' + password: '{{ .Values.truststorePassword }}' + passwordPolicy: required readinessCheck: wait_for: @@ -45,3 +51,7 @@ cadi_latitude: "38.0" cadi_longitude: "-72.0" aaf_add_config: "" mountPath: "/opt/app/osaaf" +importCustomCertsEnabled: false +truststoreMountpath: "" +truststoreOutputFileName: truststore.jks +truststorePassword: changeit diff --git a/kubernetes/dcaegen2/components/dcae-redis/Chart.yaml b/kubernetes/common/logConfiguration/Chart.yaml index d4c264f713..1d13dcbd56 100644 --- a/kubernetes/dcaegen2/components/dcae-redis/Chart.yaml +++ b/kubernetes/common/logConfiguration/Chart.yaml @@ -1,5 +1,4 @@ -# Copyright © 2017 Amdocs, AT&T, Bell Canada -# Modifications Copyright © 2018 AT&T +# Copyright © 2017 Amdocs, Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -14,6 +13,6 @@ # limitations under the License. apiVersion: v1 -description: ONAP DCAE Redis -name: dcae-redis +description: Template used to create same STDOUT log configuration +name: logConfiguration version: 6.0.0 diff --git a/kubernetes/dcaegen2/components/dcae-redis/requirements.yaml b/kubernetes/common/logConfiguration/requirements.yaml index c593f60ae4..237f1d1354 100644 --- a/kubernetes/dcaegen2/components/dcae-redis/requirements.yaml +++ b/kubernetes/common/logConfiguration/requirements.yaml @@ -1,4 +1,4 @@ -# Copyright © 2017 Amdocs, AT&T, Bell Canada +# Copyright © 2018 Amdocs, Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -15,4 +15,4 @@ dependencies: - name: common version: ~6.x-0 - repository: '@local' + repository: 'file://../common' diff --git a/kubernetes/common/logConfiguration/templates/_log.tpl b/kubernetes/common/logConfiguration/templates/_log.tpl new file mode 100644 index 0000000000..bf19f210e4 --- /dev/null +++ b/kubernetes/common/logConfiguration/templates/_log.tpl @@ -0,0 +1,41 @@ +{{/* +# Copyright © 2020 Orange +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{/* + Resolve the level of the logs. + The value for .Values.logLevel is used by default, + unless either override mechanism is used. + + - .Values.global.logLevel : override default log level for all components + - .Values.logLevelOverride : override global and default log level on a per + component basis + + The function can takes below arguments (inside a dictionary): + - .dot : environment (.) + - .initRoot : the root dictionary of logConfiguration submodule + (default to .Values.logConfiguration) +*/}} +{{- define "common.log.level" -}} +{{- $dot := default . .dot -}} +{{- $initRoot := default $dot.Values.logConfiguration .initRoot -}} +{{/* Our version of helm doesn't support deepCopy so we need this nasty trick */}} +{{- $subchartDot := fromJson (include "common.subChartDot" (dict "dot" $dot "initRoot" $initRoot)) }} + {{- if $subchartDot.Values.logLevelOverride }} + {{- printf "%s" $subchartDot.Values.logLevelOverride -}} + {{- else }} + {{- default $subchartDot.Values.logLevel $subchartDot.Values.global.logLevel -}} + {{- end }} +{{- end -}} diff --git a/kubernetes/common/logConfiguration/values.yaml b/kubernetes/common/logConfiguration/values.yaml new file mode 100644 index 0000000000..7ebb0ff84e --- /dev/null +++ b/kubernetes/common/logConfiguration/values.yaml @@ -0,0 +1,15 @@ +# Copyright © 2020 Samsung Electronics +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +logLevel: INFO diff --git a/kubernetes/dcaegen2/Makefile b/kubernetes/dcaegen2/Makefile index f10f2fc682..0561f20f5e 100644 --- a/kubernetes/dcaegen2/Makefile +++ b/kubernetes/dcaegen2/Makefile @@ -11,7 +11,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. -make-dcaegen2: make-dcae-bootstrap make-dcae-cloudify-manager make-dcae-config-binding-service make-dcae-healthcheck make-dcae-redis make-dcae-servicechange-handler make-dcae-inventory-api make-dcae-deployment-handler make-dcae-policy-handler make-dcae-dashboard +make-dcaegen2: make-dcae-bootstrap make-dcae-cloudify-manager make-dcae-config-binding-service make-dcae-healthcheck make-dcae-servicechange-handler make-dcae-inventory-api make-dcae-deployment-handler make-dcae-policy-handler make-dcae-dashboard make-dcae-bootstrap: cd components && helm dep up dcae-bootstrap && helm lint dcae-bootstrap @@ -25,9 +25,6 @@ make-dcae-config-binding-service: make-dcae-healthcheck: cd components && helm dep up dcae-healthcheck && helm lint dcae-healthcheck -make-dcae-redis: - cd components && helm dep up dcae-redis && helm lint dcae-redis - make-dcae-servicechange-handler: cd components && helm dep up dcae-servicechange-handler && helm lint dcae-servicechange-handler diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-tca-inputs.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-tca-inputs.yaml deleted file mode 100644 index 9240094fa9..0000000000 --- a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-tca-inputs.yaml +++ /dev/null @@ -1,28 +0,0 @@ -#============LICENSE_START======================================================== -#================================================================================= -# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. -# Modifications Copyright © 2018 Amdocs, Bell Canada -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= - -{{ if .Values.componentImages.tca }} -tag_version: {{ include "common.repository" . }}/{{ .Values.componentImages.tca }} -{{ end }} -dmaap_host: {{ .Values.config.address.message_router }}.{{include "common.namespace" . }} -consul_host: {{ .Values.config.address.consul.host }}.{{include "common.namespace" . }} -cbs_host: config-binding-service -enableRedisCaching: {{ .Values.config.redisCaching }} -{{ if .Values.config.redisHosts }} -redisHosts: {{ .Values.config.redisHosts }} -{{ end }} diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml index 33682e7dbe..0c402d24bf 100644 --- a/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml +++ b/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml @@ -1,6 +1,6 @@ #============LICENSE_START======================================================== #================================================================================= -# Copyright (c) 2018-2019 AT&T Intellectual Property. All rights reserved. +# Copyright (c) 2018-2020 AT&T Intellectual Property. All rights reserved. # Modifications Copyright © 2018 Amdocs, Bell Canada # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); @@ -70,8 +70,6 @@ config: ves: port: 30235 portSecure: 30417 - # redisCaching is a string not a boolean! - redisCaching: "false" # postgres values--overriding defaults in the postgres subchart postgres: @@ -107,7 +105,7 @@ mongo: # application image repository: nexus3.onap.org:10001 -image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:2.0.2 +image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:2.0.3 default_k8s_location: central # DCAE component images to be deployed via Cloudify Manager @@ -115,8 +113,7 @@ default_k8s_location: central componentImages: holmes_rules: onap/holmes/rule-management:1.2.7 holmes_engine: onap/holmes/engine-management:1.2.6 - tca: onap/org.onap.dcaegen2.deployments.tca-cdap-container:1.2.2 - tcagen2: onap/org.onap.dcaegen2.analytics.tca-gen2.dcae-analytics-tca-web:1.0.1 + tcagen2: onap/org.onap.dcaegen2.analytics.tca-gen2.dcae-analytics-tca-web:1.2.0 ves: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.7.1 snmptrap: onap/org.onap.dcaegen2.collectors.snmptrap:1.4.0 prh: onap/org.onap.dcaegen2.services.prh.prh-app-server:1.5.2 @@ -144,3 +141,4 @@ resources: # Kubernetes namespace for components deployed via Cloudify manager # If empty, use the common namespace # dcae_ns: "onap" + diff --git a/kubernetes/dcaegen2/components/dcae-redis/.helmignore b/kubernetes/dcaegen2/components/dcae-redis/.helmignore deleted file mode 100644 index f0c1319444..0000000000 --- a/kubernetes/dcaegen2/components/dcae-redis/.helmignore +++ /dev/null @@ -1,21 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj diff --git a/kubernetes/dcaegen2/components/dcae-redis/resources/redis/scripts/redis-cluster-config.sh b/kubernetes/dcaegen2/components/dcae-redis/resources/redis/scripts/redis-cluster-config.sh deleted file mode 100755 index 49872863a9..0000000000 --- a/kubernetes/dcaegen2/components/dcae-redis/resources/redis/scripts/redis-cluster-config.sh +++ /dev/null @@ -1,49 +0,0 @@ -#!/bin/bash -# ================================================================================ -# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. -# Modifications Copyright © 2018 Amdocs, Bell Canada -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= - -(if [[ "$HOSTNAME" == *{{.Chart.Name}}-0 ]]; then - echo "delay by 10 seconds for redis server starting" - sleep 10 - - NODES="" - echo "====> wait for all {{.Values.replicaCount}} redis pods up" - while [ "$(echo $NODES | wc -w)" -lt {{.Values.replicaCount}} ] - do - echo "======> $(echo $NODES |wc -w) / {{.Values.replicaCount}} pods up" - sleep 5 - RESP=$(wget -vO- --ca-certificate /var/run/secrets/kubernetes.io/serviceaccount/ca.crt --header "Authorization: Bearer $(</var/run/secrets/kubernetes.io/serviceaccount/token)" https://$KUBERNETES_SERVICE_HOST:$KUBERNETES_PORT_443_TCP_PORT/api/v1/namespaces/{{.Release.Namespace}}/pods?labelSelector=app={{.Chart.Name}}) - - IPS=$(echo $RESP | jq -r '.items[].status.podIP') - IPS2=$(echo $IPS | sed -e 's/[a-zA-Z]*//g') - echo "======> IPs: ["$IPS2"]" - NODES="" - for I in $IPS2; do NODES="$NODES $I:{{.Values.service.externalPort}}"; done - echo "======> nodes: ["$NODES"]" - done - echo "====> all {{.Values.replicaCount}} redis cluster pods are up. wait 10 seconds before the next step"; echo - sleep 10 - - echo "====> Configure the cluster" - - # $NODES w/o quotes - echo "======> nodes: [$(echo $NODES |paste -s)]" - redis-trib create --replicas 1 $(echo $NODES |paste -s) -fi ) & - -redis-server /conf/redis.conf - diff --git a/kubernetes/dcaegen2/components/dcae-redis/templates/NOTES.txt b/kubernetes/dcaegen2/components/dcae-redis/templates/NOTES.txt deleted file mode 100644 index 0a386aa131..0000000000 --- a/kubernetes/dcaegen2/components/dcae-redis/templates/NOTES.txt +++ /dev/null @@ -1,34 +0,0 @@ -{{/* -# Copyright © 2017 Amdocs, AT&T, Bell Canada -# # -# # Licensed under the Apache License, Version 2.0 (the "License"); -# # you may not use this file except in compliance with the License. -# # You may obtain a copy of the License at -# # -# # http://www.apache.org/licenses/LICENSE-2.0 -# # -# # Unless required by applicable law or agreed to in writing, software -# # distributed under the License is distributed on an "AS IS" BASIS, -# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# # See the License for the specific language governing permissions and -# # limitations under the License. -*/}} -1. Get the application URL by running these commands: -{{- if .Values.ingress.enabled }} -{{- range .Values.ingress.hosts }} - http://{{ . }} -{{- end }} -{{- else if contains "NodePort" .Values.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.fullname" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT -{{- else if contains "LoadBalancer" .Values.service.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get svc -w {{ include "common.fullname" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - echo http://$SERVICE_IP:{{ .Values.service.externalPort }} -{{- else if contains "ClusterIP" .Values.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - echo "Visit http://127.0.0.1:8080 to use your application" - kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} -{{- end }} diff --git a/kubernetes/dcaegen2/components/dcae-redis/templates/configmap.yaml b/kubernetes/dcaegen2/components/dcae-redis/templates/configmap.yaml deleted file mode 100644 index 85ebee672b..0000000000 --- a/kubernetes/dcaegen2/components/dcae-redis/templates/configmap.yaml +++ /dev/null @@ -1,36 +0,0 @@ -# Copyright © 2017 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} -data: - redis.conf: |+ - cluster-enabled yes - cluster-require-full-coverage no - cluster-node-timeout 15000 - cluster-config-file /data/nodes.conf - cluster-migration-barrier 1 - appendonly yes - protected-mode no ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-scripts - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/redis/scripts/*").AsConfig . | indent 2 }} diff --git a/kubernetes/dcaegen2/components/dcae-redis/templates/ingress.yaml b/kubernetes/dcaegen2/components/dcae-redis/templates/ingress.yaml deleted file mode 100644 index 8f87c68f1e..0000000000 --- a/kubernetes/dcaegen2/components/dcae-redis/templates/ingress.yaml +++ /dev/null @@ -1 +0,0 @@ -{{ include "common.ingress" . }} diff --git a/kubernetes/dcaegen2/components/dcae-redis/templates/pv.yaml b/kubernetes/dcaegen2/components/dcae-redis/templates/pv.yaml deleted file mode 100644 index 72bad411db..0000000000 --- a/kubernetes/dcaegen2/components/dcae-redis/templates/pv.yaml +++ /dev/null @@ -1,45 +0,0 @@ -{{/* -# Copyright © 2017 Amdocs, AT&T, Bell Canada -# # -# # Licensed under the Apache License, Version 2.0 (the "License"); -# # you may not use this file except in compliance with the License. -# # You may obtain a copy of the License at -# # -# # http://www.apache.org/licenses/LICENSE-2.0 -# # -# # Unless required by applicable law or agreed to in writing, software -# # distributed under the License is distributed on an "AS IS" BASIS, -# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# # See the License for the specific language governing permissions and -# # limitations under the License. -*/}} -{{- $global := . }} -{{- if and $global.Values.persistence.enabled (not $global.Values.persistence.existingClaim) }} -{{- if eq "True" (include "common.needPV" .) }} -{{- range $i := until (int $global.Values.replicaCount)}} -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.fullname" $global }}-data-{{$i}} - namespace: {{ include "common.namespace" $global }} - labels: - app: {{ include "common.fullname" $global }} - chart: "{{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}" - release: "{{ include "common.release" $global }}" - heritage: "{{ $global.Release.Service }}" - name: {{ include "common.fullname" $global }} -spec: - capacity: - storage: {{ $global.Values.persistence.size}} - accessModes: - - {{ $global.Values.persistence.accessMode }} - persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }} - storageClassName: "{{ include "common.fullname" $global }}-data" - hostPath: - path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ include "common.release" $global }}/{{ $global.Values.persistence.mountSubPath }}-{{$i}} -{{if ne $i (int $global.Values.replicaCount) }} ---- -{{- end -}} -{{- end -}} -{{- end -}} -{{- end -}} diff --git a/kubernetes/dcaegen2/components/dcae-redis/templates/service.yaml b/kubernetes/dcaegen2/components/dcae-redis/templates/service.yaml deleted file mode 100644 index 31c1c22b17..0000000000 --- a/kubernetes/dcaegen2/components/dcae-redis/templates/service.yaml +++ /dev/null @@ -1,48 +0,0 @@ -# Copyright © 2017 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} - annotations: -spec: - type: {{ .Values.service.type }} - ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.externalPort }} - #Example internal target port if required - #targetPort: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} - - port: {{ .Values.service.externalPort2 }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }} - name: {{ .Values.service.portName2 }} - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - - port: {{ .Values.service.externalPort2 }} - targetPort: {{ .Values.service.internalPort2 }} - name: {{ .Values.service.portName2 }} - {{- end}} - selector: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} diff --git a/kubernetes/dcaegen2/components/dcae-redis/templates/statefulset.yaml b/kubernetes/dcaegen2/components/dcae-redis/templates/statefulset.yaml deleted file mode 100644 index d4ac832e09..0000000000 --- a/kubernetes/dcaegen2/components/dcae-redis/templates/statefulset.yaml +++ /dev/null @@ -1,125 +0,0 @@ -{{/* -# Copyright © 2017 Amdocs, AT&T, Bell Canada -# # -# # Licensed under the Apache License, Version 2.0 (the "License"); -# # you may not use this file except in compliance with the License. -# # You may obtain a copy of the License at -# # -# # http://www.apache.org/licenses/LICENSE-2.0 -# # -# # Unless required by applicable law or agreed to in writing, software -# # distributed under the License is distributed on an "AS IS" BASIS, -# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# # See the License for the specific language governing permissions and -# # limitations under the License. -*/}} -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - serviceName: {{ .Values.service.name }} - replicas: {{ .Values.replicaCount }} - selector: - matchLabels: - app: {{ include "common.name" . }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} - spec: - initContainers: - containers: - - name: {{ include "common.name" . }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: - - /bin/sh - - -c - - | - /opt/scripts/redis-cluster-config.sh - ports: - - containerPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.name }} - - containerPort: {{ .Values.service.internalPort2 }} - name: {{ .Values.service.name2 }} - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container - {{- if eq .Values.liveness.enabled true }} - livenessProbe: - exec: - command: - - sh - - -c - - "redis-cli -h $(hostname) ping" - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} - {{end -}} - readinessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - env: - volumeMounts: - - mountPath: /etc/localtime - name: localtime - readOnly: true - - mountPath: /conf - name: {{ include "common.fullname" . }}-config - - mountPath: /data - name: {{ include "common.fullname" . }}-data - - mountPath: /opt/scripts - name: {{ include "common.fullname" . }}-scripts - resources: -{{ include "common.resources" . | indent 12 }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 10 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 10 }} - {{- end }} - volumes: - - name: {{ include "common.fullname" . }}-config - configMap: - name: {{ include "common.fullname" . }} - items: - - key: redis.conf - path: redis.conf - - name: {{ include "common.fullname" . }}-scripts - configMap: - name: {{ include "common.fullname" . }}-scripts - defaultMode: 0755 - - name: localtime - hostPath: - path: /etc/localtime - {{- if not .Values.persistence.enabled }} - - name: {{ include "common.fullname" . }}-data - emptyDir: {} - {{- end }} - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" - {{- if .Values.persistence.enabled }} - volumeClaimTemplates: - - metadata: - name: {{ include "common.fullname" . }}-data - labels: - name: {{ include "common.fullname" . }} - spec: - accessModes: - - {{ .Values.persistence.accessMode | quote }} - storageClassName: {{ include "common.storageClass" . }} - resources: - requests: - storage: {{ .Values.persistence.size | quote}} - {{- end }} diff --git a/kubernetes/dcaegen2/components/dcae-redis/values.yaml b/kubernetes/dcaegen2/components/dcae-redis/values.yaml deleted file mode 100644 index 3daa740312..0000000000 --- a/kubernetes/dcaegen2/components/dcae-redis/values.yaml +++ /dev/null @@ -1,121 +0,0 @@ -# Copyright © 2017 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration defaults. -################################################################# -global: - nodePortPrefix: 302 - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 - loggingRepository: docker.elastic.co - loggingImage: beats/filebeat:5.5.0 - persistence: {} - -################################################################# -# Application configuration defaults. -################################################################# -# application image -repository: nexus3.onap.org:10001 -image: onap/org.onap.dcaegen2.deployments.redis-cluster-container:1.0.0 -pullPolicy: Always - -# application configuration -# Example: -config: {} - -# default number of instances -replicaCount: 3 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 60 - periodSeconds: 10 - timeoutSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 15 - periodSeconds: 10 - -service: - #Example service definition with external, internal and node ports. - #Services may use any combination of ports depending on the 'type' of - #service being defined. - type: ClusterIP - name: dcae-redis - portName: client - externalPort: 6379 - internalPort: 6379 - portName2: gossip - externalPort2: 16379 - internalPort2: 16379 - -## Persist data to a persitent volume -persistence: - enabled: true - - ## A manually managed Persistent Volume and Claim - ## Requires persistence.enabled: true - ## If defined, PVC must be created manually before volume will be bound - # existingClaim: - volumeReclaimPolicy: Retain - - ## database data Persistent Volume Storage Class - ## If defined, storageClassName: <storageClass> - ## If set to "-", storageClassName: "", which disables dynamic provisioning - ## If undefined (the default) or set to null, no storageClassName spec is - ## set, choosing the default provisioner. (gp2 on AWS, standard on - ## GKE, AWS & OpenStack) - accessMode: ReadWriteOnce - size: 10Mi - mountPath: /dockerdata-nfs - mountSubPath: redis/data - -ingress: - enabled: false - service: - - baseaddr: "dcaeredis" - name: "dcae-redis" - port: 6379 - - baseaddr: "dcaeredisgossip" - name: "dcae-redis" - port: 16379 - config: - ssl: "none" -# Resource Limit flavor -By Default using small -flavor: small -# Segregation for Different environment (Small and Large) -resources: - small: - limits: - cpu: 2 - memory: 2Gi - requests: - cpu: 1 - memory: 1Gi - large: - limits: - cpu: 4 - memory: 4Gi - requests: - cpu: 2 - memory: 2Gi - unlimited: {} diff --git a/kubernetes/dcaegen2/components/dcae-servicechange-handler/values.yaml b/kubernetes/dcaegen2/components/dcae-servicechange-handler/values.yaml index 63ce3db3fc..92206f7e2f 100644 --- a/kubernetes/dcaegen2/components/dcae-servicechange-handler/values.yaml +++ b/kubernetes/dcaegen2/components/dcae-servicechange-handler/values.yaml @@ -1,6 +1,6 @@ #============LICENSE_START======================================================== # ================================================================================ -# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved. +# Copyright (c) 2019-2020 AT&T Intellectual Property. All rights reserved. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -42,7 +42,7 @@ config: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/org.onap.dcaegen2.platform.servicechange-handler:1.3.2 +image: onap/org.onap.dcaegen2.platform.servicechange-handler:1.4.0 pullPolicy: Always @@ -94,4 +94,4 @@ resources: unlimited: {} # Kubernetes namespace for components deployed via Cloudify manager # If empty, use the common namespace -# dcae_ns: "dcae" +# dcae_ns: "dcae"
\ No newline at end of file diff --git a/kubernetes/dcaegen2/requirements.yaml b/kubernetes/dcaegen2/requirements.yaml index 55931dc331..82629f7e21 100644 --- a/kubernetes/dcaegen2/requirements.yaml +++ b/kubernetes/dcaegen2/requirements.yaml @@ -32,10 +32,6 @@ dependencies: version: ~6.x-0 repository: 'file://components/dcae-healthcheck' condition: dcae-healthcheck.enabled - - name: dcae-redis - version: ~6.x-0 - repository: 'file://components/dcae-redis' - condition: dcae-redis.enabled - name: dcae-servicechange-handler version: ~6.x-0 repository: 'file://components/dcae-servicechange-handler' diff --git a/kubernetes/dcaegen2/resources/expected-components.json b/kubernetes/dcaegen2/resources/expected-components.json index fd3d04fcb8..d89203b070 100644 --- a/kubernetes/dcaegen2/resources/expected-components.json +++ b/kubernetes/dcaegen2/resources/expected-components.json @@ -1,10 +1,10 @@ [ {{- $ctx := . }} -{{- $components := tuple "dcae-cloudify-manager" "dcae-config-binding-service" "dcae-dashboard" "dcae-deployment-handler" "dcae-inventory-api" "dcae-policy-handler" "dcae-redis" "dcae-servicechange-handler" }} +{{- $components := tuple "dcae-cloudify-manager" "dcae-config-binding-service" "dcae-dashboard" "dcae-deployment-handler" "dcae-inventory-api" "dcae-policy-handler" "dcae-servicechange-handler" }} {{- range $i, $v := $components }} {{- if index $ctx.Values . "enabled" }} {{- if $i }},{{ end }} {{ $v | quote | indent 2 }} {{- end -}} {{- end }} -]
\ No newline at end of file +] diff --git a/kubernetes/dcaegen2/values.yaml b/kubernetes/dcaegen2/values.yaml index c66a786537..939bd115a4 100644 --- a/kubernetes/dcaegen2/values.yaml +++ b/kubernetes/dcaegen2/values.yaml @@ -24,10 +24,8 @@ global: consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0 busyboxRepository: docker.io busyboxImage: library/busybox:1.30 -redis: - replicaCount: 6 -# Enable all DCAE components except redis by default +# Enable all DCAE components by default dcae-bootstrap: enabled: true dcae-cloudify-manager: @@ -44,7 +42,5 @@ dcae-inventory-api: enabled: true dcae-policy-handler: enabled: true -dcae-redis: - enabled: false dcae-servicechange-handler: - enabled: true
\ No newline at end of file + enabled: true diff --git a/kubernetes/dcaemod/components/dcaemod-genprocessor/values.yaml b/kubernetes/dcaemod/components/dcaemod-genprocessor/values.yaml index 37bb861235..e390cba4e7 100644 --- a/kubernetes/dcaemod/components/dcaemod-genprocessor/values.yaml +++ b/kubernetes/dcaemod/components/dcaemod-genprocessor/values.yaml @@ -34,8 +34,8 @@ config: # application image repository: nexus3.onap.org:10001 -image: onap/org.onap.dcaegen2.platform.mod.genprocessor-job:1.0.1 -httpImage: onap/org.onap.dcaegen2.platform.mod.genprocessor-http:1.0.1 +image: onap/org.onap.dcaegen2.platform.mod.genprocessor-job:1.0.2 +httpImage: onap/org.onap.dcaegen2.platform.mod.genprocessor-http:1.0.2 service: type: ClusterIP @@ -97,3 +97,4 @@ resources: cpu: 2 memory: 2Gi unlimited: {} + diff --git a/kubernetes/dcaemod/components/dcaemod-onboarding-api/values.yaml b/kubernetes/dcaemod/components/dcaemod-onboarding-api/values.yaml index 28e79a1593..6d87223ff7 100644 --- a/kubernetes/dcaemod/components/dcaemod-onboarding-api/values.yaml +++ b/kubernetes/dcaemod/components/dcaemod-onboarding-api/values.yaml @@ -93,7 +93,7 @@ postgres: # application image repository: nexus3.onap.org:10001 -image: onap/org.onap.dcaegen2.platform.mod.onboardingapi:2.12.1 +image: onap/org.onap.dcaegen2.platform.mod.onboardingapi:2.12.2 # Resource Limit flavor -By Default using small flavor: small @@ -114,3 +114,4 @@ resources: cpu: 2 memory: 2Gi unlimited: {} + diff --git a/kubernetes/dcaemod/components/dcaemod-runtime-api/templates/deployment.yaml b/kubernetes/dcaemod/components/dcaemod-runtime-api/templates/deployment.yaml index 5a52e10d6e..ac58c70957 100644 --- a/kubernetes/dcaemod/components/dcaemod-runtime-api/templates/deployment.yaml +++ b/kubernetes/dcaemod/components/dcaemod-runtime-api/templates/deployment.yaml @@ -57,11 +57,14 @@ spec: value: {{ .Values.config.importK8S }} - name: ONAP_IMPORT_POLICYPLUGIN value: {{ .Values.config.importPolicy }} - - name: ONAP_INPORT_POSTGRESPLUGIN + - name: ONAP_IMPORT_POSTGRESPLUGIN value: {{ .Values.config.importPostgres }} - name: ONAP_IMPORT_CLAMPPLUGIN value: {{ .Values.config.importClamp }} - name: ONAP_IMPORT_DMAAPPLUGIN value: {{ .Values.config.importDMaaP }} + - name: ONAP_USEDMAAPPLUGIN + value: {{ .Values.config.useDmaapPlugin | quote }} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" + diff --git a/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml b/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml index 37f79a4a73..8e0fd2fb9d 100644 --- a/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml +++ b/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml @@ -35,11 +35,11 @@ config: #dashboardPassword: doesntmatter mrTopicURL: http://message-router:3904/events importCloudify: https://www.getcloudify.org/spec/cloudify/4.5.5/types.yaml - importK8S: https://nexus.onap.org/service/local/repositories/raw/content/org.onap.dcaegen2.platform.plugins/R6/k8splugin/1.7.2/k8splugin_types.yaml - importPolicy: https://nexus.onap.org/service/local/repositories/raw/content/org.onap.dcaegen2.platform.plugins/R6/dcaepolicyplugin/2.4.0/dcaepolicyplugin_types.yaml - importPostgres: https://nexus.onap.org/service/local/repositories/raw/content/org.onap.ccsdk.platform.plugins/type_files/pgaas/1.1.0/pgaas_types.yaml - importClamp: https://nexus.onap.org/service/local/repositories/raw/content/org.onap.dcaegen2.platform.plugins/R6/clamppolicyplugin/1.1.0/clamppolicyplugin_types.yaml - importDMaaP: https://nexus.onap.org/content/repositories/raw/org.onap.ccsdk.platform.plugins/type_files/dmaap/dmaap.yaml + importK8S: plugin:k8splugin?version=3.3.0 + importPostgres: plugin:pgaas?version=1.3.0 + importClamp: plugin:clamppolicyplugin?version=1.1.0 + importDMaaP: plugin:dmaap?version=1.5.0 + useDmaapPlugin: false secrets: - uid: "dashsecret" @@ -72,7 +72,7 @@ readiness: # application image repository: nexus3.onap.org:10001 -image: onap/org.onap.dcaegen2.platform.mod.runtime-web:1.0.3 +image: onap/org.onap.dcaegen2.platform.mod.runtime-web:1.0.6 # Resource Limit flavor -By Default using small flavor: small @@ -93,3 +93,4 @@ resources: cpu: 2 memory: 2Gi unlimited: {} + diff --git a/kubernetes/dmaap/components/dmaap-bc/templates/dmaap-provisioning-job.yaml b/kubernetes/dmaap/components/dmaap-bc/templates/dmaap-provisioning-job.yaml index cde35af14c..f8ef8d1452 100644 --- a/kubernetes/dmaap/components/dmaap-bc/templates/dmaap-provisioning-job.yaml +++ b/kubernetes/dmaap/components/dmaap-bc/templates/dmaap-provisioning-job.yaml @@ -5,7 +5,7 @@ metadata: namespace: {{ include "common.namespace" . }} labels: {{- include "common.labels" . | nindent 4 }} spec: - backoffLimit: 5 + backoffLimit: 20 template: metadata: {{- include "common.templateMetadata" . | nindent 6 }} spec: diff --git a/kubernetes/multicloud/charts/multicloud-k8s/resources/config/config.json b/kubernetes/multicloud/charts/multicloud-k8s/resources/config/config.json index 27df701b80..2ce2d8564b 100644 --- a/kubernetes/multicloud/charts/multicloud-k8s/resources/config/config.json +++ b/kubernetes/multicloud/charts/multicloud-k8s/resources/config/config.json @@ -45,7 +45,8 @@ "HEAT_VOL", "OTHER", "VF_MODULES_METADATA", - "CLOUD_TECHNOLOGY_SPECIFIC_ARTIFACT" + "CLOUD_TECHNOLOGY_SPECIFIC_ARTIFACT", + "HELM" ], "consumerGroup": "multicloud-k8s-group", "environmentName": "AUTO", diff --git a/kubernetes/onap/values.yaml b/kubernetes/onap/values.yaml index b96385cf07..dd80323216 100755 --- a/kubernetes/onap/values.yaml +++ b/kubernetes/onap/values.yaml @@ -90,6 +90,12 @@ global: # flag to enable debugging - application support required debugEnabled: false + # configuration to set log level to all components (the one that are using + # "common.log.level" to set this) + # can be overrided per components by setting logConfiguration.logLevelOverride + # to the desired value + # logLevel: DEBUG + #Global ingress configuration ingress: enabled: false diff --git a/kubernetes/sdnc/requirements.yaml b/kubernetes/sdnc/requirements.yaml index a283678bc5..c1d679bd48 100644 --- a/kubernetes/sdnc/requirements.yaml +++ b/kubernetes/sdnc/requirements.yaml @@ -19,6 +19,9 @@ dependencies: - name: certInitializer version: ~6.x-0 repository: '@local' + - name: logConfiguration + version: ~6.x-0 + repository: '@local' - name: network-name-gen version: ~6.x-0 repository: '@local' diff --git a/kubernetes/sdnc/resources/config/log/org.ops4j.pax.logging.cfg b/kubernetes/sdnc/resources/config/log/org.ops4j.pax.logging.cfg index a2daef1833..8a608f081a 100644 --- a/kubernetes/sdnc/resources/config/log/org.ops4j.pax.logging.cfg +++ b/kubernetes/sdnc/resources/config/log/org.ops4j.pax.logging.cfg @@ -42,7 +42,7 @@ log4j2.rootLogger.appenderRef.Console.ref = Console log4j2.rootLogger.appenderRef.DebugFile.ref = DebugFile log4j2.rootLogger.appenderRef.ErrorFile.ref = ErrorFile log4j2.rootLogger.appenderRef.Console.filter.threshold.type = ThresholdFilter -log4j2.rootLogger.appenderRef.Console.filter.threshold.level = ${karaf.log.console:-OFF} +log4j2.rootLogger.appenderRef.Console.filter.threshold.level = ${env:KARAF_CONSOLE_LOG_LEVEL\:-OFF} log4j2.bundle.info = %X{bundle.id} - %.50X{bundle.name} - %X{bundle.version} # Veracode: Address Improper Output Neutralization for Logs CWE ID 117 flaw @@ -113,7 +113,6 @@ log4j2.appender.error.strategy.max = ${maxBackupIndex} log4j2.appender.error.strategy.fileIndex = min log4j2.appender.error.filter.threshold.type = ThresholdFilter log4j2.appender.error.filter.threshold.level = WARN -log4j2.appender.error.filter.threshold.match = ACCEPT log4j2.appender.metric.type = RollingRandomAccessFile log4j2.appender.metric.name = MetricFile @@ -163,7 +162,7 @@ log4j2.appender.rr.strategy.max = 100 log4j2.appender.rr.strategy.fileIndex = min log4j2.appender.security.type = RollingRandomAccessFile -log4j2.appender.security.name = securityRollingFile +log4j2.appender.security.name = SecurityFile log4j2.appender.security.fileName = ${logDirectory}/${securityLogName}.log log4j2.appender.security.filePattern = ${logDirectory}/${securityLogName}.log.%i log4j2.appender.security.append = true @@ -177,7 +176,7 @@ log4j2.appender.security.policies.size.size = ${maxFileSize} log4j2.logger.security.name = org.apache.karaf.jaas.modules.audit log4j2.logger.security.level = INFO log4j2.logger.security.additivity = false -log4j2.logger.security.appenderRef.AuditRollingFile.ref = AuditRollingFile +log4j2.logger.security.appenderRef.SecurityFile.ref = SecurityFile log4j2.logger.audit.name = org.onap.logging.filter.base.AbstractAuditLogFilter log4j2.logger.audit.level = INFO diff --git a/kubernetes/sdnc/templates/statefulset.yaml b/kubernetes/sdnc/templates/statefulset.yaml index 437cb31a8e..265d3af7be 100644 --- a/kubernetes/sdnc/templates/statefulset.yaml +++ b/kubernetes/sdnc/templates/statefulset.yaml @@ -99,7 +99,14 @@ spec: - name: {{ include "common.name" . }}-chown image: "busybox" - command: ["sh", "-c", "chown -R {{ .Values.config.odlUid }}:{{ .Values.config.odlGid}} {{ .Values.persistence.mdsalPath }} ; chown -R {{ .Values.config.odlUid }}:{{ .Values.config.odlGid}} {{ .Values.certInitializer.credsPath }}"] + command: + - sh + args: + - -c + - chown -R {{ .Values.config.odlUid }}:{{ .Values.config.odlGid}} {{ .Values.persistence.mdsalPath }} +{{- if .Values.global.aafEnabled }} + - chown -R {{ .Values.config.odlUid }}:{{ .Values.config.odlGid}} {{ .Values.certInitializer.credsPath }} +{{- end }} volumeMounts: {{ include "common.certInitializer.volumeMount" . | indent 10 }} - mountPath: {{ .Values.persistence.mdsalPath }} @@ -151,6 +158,8 @@ spec: value: {{ include "common.mariadbService" . }} - name: JAVA_HOME value: "{{ .Values.config.javaHome}}" + - name: KARAF_CONSOLE_LOG_LEVEL + value: "{{ include "common.log.level" . }}" volumeMounts: {{ include "common.certInitializer.volumeMount" . | indent 10 }} - mountPath: /etc/localtime diff --git a/kubernetes/sdnc/values.yaml b/kubernetes/sdnc/values.yaml index 212f17d0f4..c01245a928 100644 --- a/kubernetes/sdnc/values.yaml +++ b/kubernetes/sdnc/values.yaml @@ -190,6 +190,7 @@ config: # dependency / sub-chart configuration certInitializer: nameOverride: sdnc-cert-initializer + truststoreMountpath: /opt/onap/sdnc/data/stores fqdn: "sdnc" app_ns: "org.osaaf.aaf" fqi: "sdnc@sdnc.onap.org" |