diff options
75 files changed, 449 insertions, 286 deletions
diff --git a/docs/oom_cloud_setup_guide.rst b/docs/oom_cloud_setup_guide.rst index 70f5190e8a..4b3ec92ccb 100644 --- a/docs/oom_cloud_setup_guide.rst +++ b/docs/oom_cloud_setup_guide.rst @@ -60,10 +60,6 @@ The versions of Kubernetes that are supported by OOM are as follows: Istanbul 1.19.11 3.6.3 1.19.11 19.03.x 1.5.4 ============== =========== ======= ======== ======== ============ -.. note:: - Guilin version also supports Kubernetes up to version 1.19.x and should work - with Helm with version up to 3.3.x but has not been thoroughly tested. - Minimum Hardware Configuration ============================== diff --git a/docs/oom_user_guide.rst b/docs/oom_user_guide.rst index 2059251928..74f8c57f6e 100644 --- a/docs/oom_user_guide.rst +++ b/docs/oom_user_guide.rst @@ -15,8 +15,8 @@ .. _Kubernetes LoadBalancer: https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer .. _user-guide-label: -OOM User Guide helm3 (experimental) -################################### +OOM User Guide +############## The ONAP Operations Manager (OOM) provide the ability to manage the entire life-cycle of an ONAP installation, from the initial deployment to final @@ -64,7 +64,7 @@ Enter the following to install kubectl (on Ubuntu, there are slight differences on other O/Ss), the Kubernetes command line interface used to manage a Kubernetes cluster:: - > curl -LO https://storage.googleapis.com/kubernetes-release/release/v1.15.11/bin/linux/amd64/kubectl + > curl -LO https://storage.googleapis.com/kubernetes-release/release/v1.19.11/bin/linux/amd64/kubectl > chmod +x ./kubectl > sudo mv ./kubectl /usr/local/bin/kubectl > mkdir ~/.kube @@ -88,8 +88,8 @@ Install Helm Helm is used by OOM for package and configuration management. To install Helm, enter the following:: - > wget https://get.helm.sh/helm-v3.5.2-linux-amd64.tar.gz - > tar -zxvf helm-v3.5.2-linux-amd64.tar.gz + > wget https://get.helm.sh/helm-v3.6.3-linux-amd64.tar.gz + > tar -zxvf helm-v3.6.3-linux-amd64.tar.gz > sudo mv linux-amd64/helm /usr/local/bin/helm Verify the Helm version with:: diff --git a/kubernetes/common/common/templates/_log.tpl b/kubernetes/common/common/templates/_log.tpl index dc714aecc4..81420468b0 100644 --- a/kubernetes/common/common/templates/_log.tpl +++ b/kubernetes/common/common/templates/_log.tpl @@ -31,10 +31,12 @@ {{- end -}} {{- define "common.log.volumes" -}} -{{- if .Values.global.centralizedLoggingEnabled }} +{{- $dot := default . .dot }} +{{- if $dot.Values.global.centralizedLoggingEnabled }} +{{- $configMapName := printf "%s-filebeat" (default (include "common.fullname" $dot) .configMapNamePrefix) }} - name: filebeat-conf configMap: - name: {{ include "common.fullname" . }}-filebeat + name: {{ $configMapName }} - name: filebeat-data emptyDir: {} {{- end -}} diff --git a/kubernetes/cps/components/cps-core/values.yaml b/kubernetes/cps/components/cps-core/values.yaml index d41c44ddbc..eb7aa54130 100644 --- a/kubernetes/cps/components/cps-core/values.yaml +++ b/kubernetes/cps/components/cps-core/values.yaml @@ -73,7 +73,7 @@ service: ports: - name: &port http port: *svc_port - - name: management + - name: http-management port: *mgt_port targetPort: *mgt_port @@ -83,7 +83,7 @@ prometheus: metrics: serviceMonitor: enabled: true - port: management + port: http-management ## specify target port if name is not given to the port in the service definition ## # targetPort: 8080 diff --git a/kubernetes/cps/components/cps-temporal/values.yaml b/kubernetes/cps/components/cps-temporal/values.yaml index da055d0242..f8311697f5 100644 --- a/kubernetes/cps/components/cps-temporal/values.yaml +++ b/kubernetes/cps/components/cps-temporal/values.yaml @@ -54,14 +54,14 @@ service: - name: http port: *svc_port targetPort: *svc_port - - name: management + - name: http-management port: *mgt_port targetPort: *mgt_port metrics: serviceMonitor: enabled: true - port: management + port: http-management ## specify target port if name is not given to the port in the service definition ## # targetPort: 8080 diff --git a/kubernetes/cps/components/ncmp-dmi-plugin/resources/config/application-helm.yml b/kubernetes/cps/components/ncmp-dmi-plugin/resources/config/application-helm.yml index 2e5018807c..8e71114c8c 100644 --- a/kubernetes/cps/components/ncmp-dmi-plugin/resources/config/application-helm.yml +++ b/kubernetes/cps/components/ncmp-dmi-plugin/resources/config/application-helm.yml @@ -20,7 +20,7 @@ dmi: service: - name: {{ .Values.config.dmiServiceName }} + url: {{ .Values.config.dmiServiceUrl }} cps-core: baseUrl: {{ .Values.config.cpsCore.url }} diff --git a/kubernetes/cps/components/ncmp-dmi-plugin/values.yaml b/kubernetes/cps/components/ncmp-dmi-plugin/values.yaml index 3f40a79b84..a4a56dee80 100644 --- a/kubernetes/cps/components/ncmp-dmi-plugin/values.yaml +++ b/kubernetes/cps/components/ncmp-dmi-plugin/values.yaml @@ -47,7 +47,7 @@ global: virtualhost: baseurl: "simpledemo.onap.org" -image: onap/ncmp-dmi-plugin:1.0.0 +image: onap/ncmp-dmi-plugin:1.0.1 containerPort: &svc_port 8080 managementPort: &mgt_port 8081 @@ -60,14 +60,14 @@ service: ports: - name: &port http port: *svc_port - - name: management + - name: http-management port: *mgt_port targetPort: *mgt_port metrics: serviceMonitor: enabled: true - port: management + port: http-management ## specify target port if name is not given to the port in the service definition ## # targetPort: 8080 @@ -147,7 +147,7 @@ config: spring: profile: helm - dmiServiceName: http://*svc_name:*svc_port + dmiServiceUrl: http://*svc_name:*svc_port sdnc: url: http://sdnc:8181 username: admin diff --git a/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml b/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml index 420814f6c2..1e60d24d7a 100644 --- a/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml @@ -56,7 +56,7 @@ consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1. # Application Configuration Defaults. ################################################################# # Application Image -image: onap/org.onap.dcaegen2.services.son-handler:2.1.4 +image: onap/org.onap.dcaegen2.services.son-handler:2.1.5 pullPolicy: Always # Log directory where logging sidecar should look for log files diff --git a/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/job.yaml b/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/job.yaml index 2e8b4cd4e8..f01edd240b 100644 --- a/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/job.yaml +++ b/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/job.yaml @@ -37,8 +37,10 @@ spec: app: {{ include "common.name" . }} release: {{ include "common.release" . }} spec: + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" restartPolicy: Never containers: - name: dcae-cleanup image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.cleanupImage }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
\ No newline at end of file + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} diff --git a/kubernetes/msb/components/kube2msb/requirements.yaml b/kubernetes/msb/components/kube2msb/requirements.yaml index dbb7638914..dfda28d9c9 100644 --- a/kubernetes/msb/components/kube2msb/requirements.yaml +++ b/kubernetes/msb/components/kube2msb/requirements.yaml @@ -19,3 +19,4 @@ dependencies: - name: repositoryGenerator version: ~9.x-0 repository: '@local' + diff --git a/kubernetes/msb/components/msb-consul/requirements.yaml b/kubernetes/msb/components/msb-consul/requirements.yaml index dbb7638914..ca01ea6e9d 100644 --- a/kubernetes/msb/components/msb-consul/requirements.yaml +++ b/kubernetes/msb/components/msb-consul/requirements.yaml @@ -19,3 +19,6 @@ dependencies: - name: repositoryGenerator version: ~9.x-0 repository: '@local' + - name: serviceAccount + version: ~9.x-0 + repository: '@local' diff --git a/kubernetes/msb/components/msb-consul/templates/deployment.yaml b/kubernetes/msb/components/msb-consul/templates/deployment.yaml index 97dd1781f2..d03829d89d 100644 --- a/kubernetes/msb/components/msb-consul/templates/deployment.yaml +++ b/kubernetes/msb/components/msb-consul/templates/deployment.yaml @@ -36,7 +36,6 @@ spec: annotations: sidecar.istio.io/inject: "{{.Values.istioSidecar}}" spec: - serviceAccountName: msb containers: - name: {{ include "common.name" . }} image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image }} @@ -85,6 +84,7 @@ spec: affinity: {{ toYaml .Values.affinity | indent 10 }} {{- end }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: - name: localtime hostPath: diff --git a/kubernetes/msb/components/msb-consul/values.yaml b/kubernetes/msb/components/msb-consul/values.yaml index 1c7fa38171..258d49e30b 100644 --- a/kubernetes/msb/components/msb-consul/values.yaml +++ b/kubernetes/msb/components/msb-consul/values.yaml @@ -87,3 +87,9 @@ securityContext: fsGroup: 1000 runAsUser: 100 runAsGroup: 1000 + +#Pods Service Account +serviceAccount: + nameOverride: msb-consul + roles: + - read diff --git a/kubernetes/msb/components/msb-discovery/requirements.yaml b/kubernetes/msb/components/msb-discovery/requirements.yaml index dbb7638914..ca01ea6e9d 100644 --- a/kubernetes/msb/components/msb-discovery/requirements.yaml +++ b/kubernetes/msb/components/msb-discovery/requirements.yaml @@ -19,3 +19,6 @@ dependencies: - name: repositoryGenerator version: ~9.x-0 repository: '@local' + - name: serviceAccount + version: ~9.x-0 + repository: '@local' diff --git a/kubernetes/msb/components/msb-discovery/templates/deployment.yaml b/kubernetes/msb/components/msb-discovery/templates/deployment.yaml index e5e5f9eb0f..00d91fe646 100644 --- a/kubernetes/msb/components/msb-discovery/templates/deployment.yaml +++ b/kubernetes/msb/components/msb-discovery/templates/deployment.yaml @@ -36,7 +36,6 @@ spec: annotations: sidecar.istio.io/inject: "{{.Values.istioSidecar}}" spec: - serviceAccountName: msb initContainers: - command: - /app/ready.py @@ -107,6 +106,7 @@ spec: - mountPath: /opt/ajsc/etc/config/logback.xml name: {{ include "common.fullname" . }}-log-conf subPath: logback.xml + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: - name: {{ include "common.fullname" . }}-log-conf configMap: diff --git a/kubernetes/msb/components/msb-discovery/values.yaml b/kubernetes/msb/components/msb-discovery/values.yaml index f0eabde79f..e9800233e3 100644 --- a/kubernetes/msb/components/msb-discovery/values.yaml +++ b/kubernetes/msb/components/msb-discovery/values.yaml @@ -82,3 +82,9 @@ resources: cpu: 400m memory: 400Mi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: msb-discovery + roles: + - read diff --git a/kubernetes/msb/components/msb-eag/requirements.yaml b/kubernetes/msb/components/msb-eag/requirements.yaml index 3fea5d0f52..a4fb34c5a6 100644 --- a/kubernetes/msb/components/msb-eag/requirements.yaml +++ b/kubernetes/msb/components/msb-eag/requirements.yaml @@ -22,3 +22,6 @@ dependencies: - name: certInitializer version: ~9.x-0 repository: '@local' + - name: serviceAccount + version: ~9.x-0 + repository: '@local' diff --git a/kubernetes/msb/components/msb-eag/templates/deployment.yaml b/kubernetes/msb/components/msb-eag/templates/deployment.yaml index 113a174eb6..c30fc343de 100644 --- a/kubernetes/msb/components/msb-eag/templates/deployment.yaml +++ b/kubernetes/msb/components/msb-eag/templates/deployment.yaml @@ -37,7 +37,6 @@ spec: annotations: sidecar.istio.io/inject: "{{.Values.istioSidecar}}" spec: - serviceAccountName: msb initContainers: {{ include "common.certInitializer.initContainer" . | indent 6 | trim }} - command: @@ -119,6 +118,7 @@ spec: - mountPath: /opt/ajsc/etc/config/logback.xml name: {{ include "common.fullname" . }}-log-conf subPath: logback.xml + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "common.certInitializer.volumes" . | indent 8 | trim }} - name: {{ include "common.fullname" . }}-log-conf diff --git a/kubernetes/msb/components/msb-eag/values.yaml b/kubernetes/msb/components/msb-eag/values.yaml index 5faae36fb0..9345341437 100644 --- a/kubernetes/msb/components/msb-eag/values.yaml +++ b/kubernetes/msb/components/msb-eag/values.yaml @@ -116,3 +116,9 @@ resources: cpu: 200m memory: 400Mi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: msb-eag + roles: + - read diff --git a/kubernetes/msb/components/msb-iag/requirements.yaml b/kubernetes/msb/components/msb-iag/requirements.yaml index 3fea5d0f52..a4fb34c5a6 100644 --- a/kubernetes/msb/components/msb-iag/requirements.yaml +++ b/kubernetes/msb/components/msb-iag/requirements.yaml @@ -22,3 +22,6 @@ dependencies: - name: certInitializer version: ~9.x-0 repository: '@local' + - name: serviceAccount + version: ~9.x-0 + repository: '@local' diff --git a/kubernetes/msb/components/msb-iag/templates/deployment.yaml b/kubernetes/msb/components/msb-iag/templates/deployment.yaml index 7bae325b1e..2a855c713f 100644 --- a/kubernetes/msb/components/msb-iag/templates/deployment.yaml +++ b/kubernetes/msb/components/msb-iag/templates/deployment.yaml @@ -37,7 +37,6 @@ spec: annotations: sidecar.istio.io/inject: "{{.Values.istioSidecar}}" spec: - serviceAccountName: msb initContainers: {{ include "common.certInitializer.initContainer" . | indent 6 | trim }} - command: @@ -119,6 +118,7 @@ spec: - mountPath: /opt/ajsc/etc/config/logback.xml name: {{ include "common.fullname" . }}-log-conf subPath: logback.xml + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "common.certInitializer.volumes" . | indent 8 | trim }} - name: {{ include "common.fullname" . }}-log-conf diff --git a/kubernetes/msb/components/msb-iag/values.yaml b/kubernetes/msb/components/msb-iag/values.yaml index 9b9f805802..21f22dd3ac 100644 --- a/kubernetes/msb/components/msb-iag/values.yaml +++ b/kubernetes/msb/components/msb-iag/values.yaml @@ -117,3 +117,9 @@ resources: cpu: 100m memory: 400Mi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: msb-iag + roles: + - read diff --git a/kubernetes/multicloud/components/multicloud-k8s/values.yaml b/kubernetes/multicloud/components/multicloud-k8s/values.yaml index 30319683a2..9cf505d473 100644 --- a/kubernetes/multicloud/components/multicloud-k8s/values.yaml +++ b/kubernetes/multicloud/components/multicloud-k8s/values.yaml @@ -18,7 +18,7 @@ global: nodePortPrefixExt: 304 persistence: {} - artifactImage: onap/multicloud/framework-artifactbroker:1.7.0 + artifactImage: onap/multicloud/framework-artifactbroker:1.7.1 ################################################################# # Application configuration defaults. diff --git a/kubernetes/multicloud/components/multicloud-starlingx/values.yaml b/kubernetes/multicloud/components/multicloud-starlingx/values.yaml index cde6f67cc5..fb6f3b3592 100644 --- a/kubernetes/multicloud/components/multicloud-starlingx/values.yaml +++ b/kubernetes/multicloud/components/multicloud-starlingx/values.yaml @@ -17,7 +17,7 @@ ################################################################# global: nodePortPrefixExt: 304 - artifactImage: onap/multicloud/framework-artifactbroker:1.6.0 + artifactImage: onap/multicloud/framework-artifactbroker:1.7.1 ################################################################# # Application configuration defaults. diff --git a/kubernetes/multicloud/components/multicloud-windriver/values.yaml b/kubernetes/multicloud/components/multicloud-windriver/values.yaml index e25a96ba05..dee6ba7a87 100644 --- a/kubernetes/multicloud/components/multicloud-windriver/values.yaml +++ b/kubernetes/multicloud/components/multicloud-windriver/values.yaml @@ -18,7 +18,7 @@ ################################################################# global: nodePortPrefix: 302 - artifactImage: onap/multicloud/framework-artifactbroker:1.6.0 + artifactImage: onap/multicloud/framework-artifactbroker:1.7.1 persistence: {} ################################################################# diff --git a/kubernetes/multicloud/values.yaml b/kubernetes/multicloud/values.yaml index 93d299e16f..d378ec2b1f 100644 --- a/kubernetes/multicloud/values.yaml +++ b/kubernetes/multicloud/values.yaml @@ -18,7 +18,7 @@ ################################################################# global: nodePortPrefix: 302 - artifactImage: onap/multicloud/framework-artifactbroker:1.7.0 + artifactImage: onap/multicloud/framework-artifactbroker:1.7.1 prometheus: enabled: false persistence: {} diff --git a/kubernetes/nbi/requirements.yaml b/kubernetes/nbi/requirements.yaml index f54b915d77..69d6f51433 100644 --- a/kubernetes/nbi/requirements.yaml +++ b/kubernetes/nbi/requirements.yaml @@ -37,3 +37,6 @@ dependencies: - name: repositoryGenerator version: ~9.x-0 repository: '@local' + - name: serviceAccount + version: ~9.x-0 + repository: '@local' diff --git a/kubernetes/nbi/templates/deployment.yaml b/kubernetes/nbi/templates/deployment.yaml index d5f209e94a..b9ed35b0f7 100644 --- a/kubernetes/nbi/templates/deployment.yaml +++ b/kubernetes/nbi/templates/deployment.yaml @@ -146,6 +146,7 @@ spec: affinity: {{ toYaml .Values.affinity | indent 10 }} {{- end }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }} - name: localtime hostPath: diff --git a/kubernetes/nbi/values.yaml b/kubernetes/nbi/values.yaml index a3dc897718..92788e430f 100644 --- a/kubernetes/nbi/values.yaml +++ b/kubernetes/nbi/values.yaml @@ -181,3 +181,9 @@ resources: cpu: 200m memory: 2Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: nbi + roles: + - read diff --git a/kubernetes/onap/Chart.yaml b/kubernetes/onap/Chart.yaml index 21ff5a5c89..d9525c5750 100644 --- a/kubernetes/onap/Chart.yaml +++ b/kubernetes/onap/Chart.yaml @@ -21,4 +21,4 @@ home: https://www.onap.org/ sources: - https://gerrit.onap.org/r/#/admin/projects/ icon: https://wiki.onap.org/download/thumbnails/1015829/onap_704x271%20copy.png?version=1&modificationDate=1488326334000&api=v2 -kubeVersion: ">=1.19" +kubeVersion: ">=1.19.0-0" diff --git a/kubernetes/oof/components/oof-has/components/oof-has-api/requirements.yaml b/kubernetes/oof/components/oof-has/components/oof-has-api/requirements.yaml index 15694713a0..3e9b0a1c91 100644 --- a/kubernetes/oof/components/oof-has/components/oof-has-api/requirements.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-api/requirements.yaml @@ -26,3 +26,6 @@ dependencies: - name: repositoryGenerator version: ~9.x-0 repository: '@local' + - name: serviceAccount + version: ~9.x-0 + repository: '@local' diff --git a/kubernetes/oof/components/oof-has/components/oof-has-api/templates/deployment.yaml b/kubernetes/oof/components/oof-has/components/oof-has-api/templates/deployment.yaml index ba4a657c1a..3ed20ba8a6 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-api/templates/deployment.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-api/templates/deployment.yaml @@ -162,6 +162,7 @@ spec: affinity: {{ toYaml .Values.affinity | indent 10 }} {{- end }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }} - name: localtime diff --git a/kubernetes/oof/components/oof-has/components/oof-has-api/values.yaml b/kubernetes/oof/components/oof-has/components/oof-has-api/values.yaml index fb402143c6..72c5ddc9c2 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-api/values.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-api/values.yaml @@ -111,3 +111,9 @@ ingress: port: 8091 config: ssl: "redirect" + +#Pods Service Account +serviceAccount: + nameOverride: oof-has-api + roles: + - read diff --git a/kubernetes/oof/components/oof-has/components/oof-has-controller/requirements.yaml b/kubernetes/oof/components/oof-has/components/oof-has-controller/requirements.yaml index a199ea899d..03f20196b5 100644 --- a/kubernetes/oof/components/oof-has/components/oof-has-controller/requirements.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-controller/requirements.yaml @@ -23,3 +23,6 @@ dependencies: - name: repositoryGenerator version: ~9.x-0 repository: '@local' + - name: serviceAccount + version: ~9.x-0 + repository: '@local' diff --git a/kubernetes/oof/components/oof-has/components/oof-has-controller/templates/deployment.yaml b/kubernetes/oof/components/oof-has/components/oof-has-controller/templates/deployment.yaml index 895a305b53..55bb4f620d 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-controller/templates/deployment.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-controller/templates/deployment.yaml @@ -126,6 +126,7 @@ spec: affinity: {{ toYaml .Values.affinity | indent 10 }} {{- end }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: - name: localtime hostPath: diff --git a/kubernetes/oof/components/oof-has/components/oof-has-controller/values.yaml b/kubernetes/oof/components/oof-has/components/oof-has-controller/values.yaml index aa5b8fca2e..0157c569a0 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-controller/values.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-controller/values.yaml @@ -71,3 +71,9 @@ liveness: readiness: initialDelaySeconds: 10 periodSeconds: 10 + +#Pods Service Account +serviceAccount: + nameOverride: oof-has-controller + roles: + - read diff --git a/kubernetes/oof/components/oof-has/components/oof-has-data/requirements.yaml b/kubernetes/oof/components/oof-has/components/oof-has-data/requirements.yaml index a199ea899d..03f20196b5 100644 --- a/kubernetes/oof/components/oof-has/components/oof-has-data/requirements.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-data/requirements.yaml @@ -23,3 +23,6 @@ dependencies: - name: repositoryGenerator version: ~9.x-0 repository: '@local' + - name: serviceAccount + version: ~9.x-0 + repository: '@local' diff --git a/kubernetes/oof/components/oof-has/components/oof-has-data/templates/deployment.yaml b/kubernetes/oof/components/oof-has/components/oof-has-data/templates/deployment.yaml index cc4eaf08b9..4f58ec3b94 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-data/templates/deployment.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-data/templates/deployment.yaml @@ -131,6 +131,7 @@ spec: affinity: {{ toYaml .Values.affinity | indent 10 }} {{- end }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: - name: localtime hostPath: diff --git a/kubernetes/oof/components/oof-has/components/oof-has-data/values.yaml b/kubernetes/oof/components/oof-has/components/oof-has-data/values.yaml index 666818da73..5623cde904 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-data/values.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-data/values.yaml @@ -71,3 +71,9 @@ liveness: readiness: initialDelaySeconds: 10 periodSeconds: 10 + +#Pods Service Account +serviceAccount: + nameOverride: oof-has-data + roles: + - read diff --git a/kubernetes/oof/components/oof-has/components/oof-has-reservation/requirements.yaml b/kubernetes/oof/components/oof-has/components/oof-has-reservation/requirements.yaml index a199ea899d..03f20196b5 100644 --- a/kubernetes/oof/components/oof-has/components/oof-has-reservation/requirements.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-reservation/requirements.yaml @@ -23,3 +23,6 @@ dependencies: - name: repositoryGenerator version: ~9.x-0 repository: '@local' + - name: serviceAccount + version: ~9.x-0 + repository: '@local' diff --git a/kubernetes/oof/components/oof-has/components/oof-has-reservation/templates/deployment.yaml b/kubernetes/oof/components/oof-has/components/oof-has-reservation/templates/deployment.yaml index 095162bea2..f8755ea66b 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-reservation/templates/deployment.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-reservation/templates/deployment.yaml @@ -125,6 +125,7 @@ spec: affinity: {{ toYaml .Values.affinity | indent 10 }} {{- end }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: - name: localtime hostPath: diff --git a/kubernetes/oof/components/oof-has/components/oof-has-reservation/values.yaml b/kubernetes/oof/components/oof-has/components/oof-has-reservation/values.yaml index 666818da73..fa8bdd97ed 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-reservation/values.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-reservation/values.yaml @@ -71,3 +71,9 @@ liveness: readiness: initialDelaySeconds: 10 periodSeconds: 10 + +#Pods Service Account +serviceAccount: + nameOverride: oof-has-reservation + roles: + - read diff --git a/kubernetes/oof/components/oof-has/components/oof-has-solver/requirements.yaml b/kubernetes/oof/components/oof-has/components/oof-has-solver/requirements.yaml index a199ea899d..03f20196b5 100644 --- a/kubernetes/oof/components/oof-has/components/oof-has-solver/requirements.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-solver/requirements.yaml @@ -23,3 +23,6 @@ dependencies: - name: repositoryGenerator version: ~9.x-0 repository: '@local' + - name: serviceAccount + version: ~9.x-0 + repository: '@local' diff --git a/kubernetes/oof/components/oof-has/components/oof-has-solver/templates/deployment.yaml b/kubernetes/oof/components/oof-has/components/oof-has-solver/templates/deployment.yaml index d664ca0875..154bc78e41 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-solver/templates/deployment.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-solver/templates/deployment.yaml @@ -125,6 +125,7 @@ spec: affinity: {{ toYaml .Values.affinity | indent 10 }} {{- end }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: - name: localtime hostPath: diff --git a/kubernetes/oof/components/oof-has/components/oof-has-solver/values.yaml b/kubernetes/oof/components/oof-has/components/oof-has-solver/values.yaml index 666818da73..e7ceddd9a4 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-solver/values.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-solver/values.yaml @@ -71,3 +71,9 @@ liveness: readiness: initialDelaySeconds: 10 periodSeconds: 10 + +#Pods Service Account +serviceAccount: + nameOverride: oof-has-solver + roles: + - read diff --git a/kubernetes/oof/requirements.yaml b/kubernetes/oof/requirements.yaml index 16ecadb956..fbfb868bb0 100755 --- a/kubernetes/oof/requirements.yaml +++ b/kubernetes/oof/requirements.yaml @@ -31,3 +31,6 @@ dependencies: - name: repositoryGenerator version: ~9.x-0 repository: '@local' + - name: serviceAccount + version: ~9.x-0 + repository: '@local' diff --git a/kubernetes/oof/templates/deployment.yaml b/kubernetes/oof/templates/deployment.yaml index 6f1022ba63..58ff39e1e5 100644 --- a/kubernetes/oof/templates/deployment.yaml +++ b/kubernetes/oof/templates/deployment.yaml @@ -133,7 +133,7 @@ spec: affinity: {{ toYaml .Values.affinity | indent 10 }} {{- end }} - + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }} - name: localtime diff --git a/kubernetes/oof/values.yaml b/kubernetes/oof/values.yaml index 64c3e0ad29..f5873b404e 100644 --- a/kubernetes/oof/values.yaml +++ b/kubernetes/oof/values.yaml @@ -177,3 +177,9 @@ ingress: oof-has: enabled: true certSecret: *oof-certs + +#Pods Service Account +serviceAccount: + nameOverride: oof + roles: + - read diff --git a/kubernetes/policy/components/policy-apex-pdp/values.yaml b/kubernetes/policy/components/policy-apex-pdp/values.yaml index 3983d932a0..3318a199f1 100755 --- a/kubernetes/policy/components/policy-apex-pdp/values.yaml +++ b/kubernetes/policy/components/policy-apex-pdp/values.yaml @@ -49,7 +49,7 @@ secrets: # Application configuration defaults. ################################################################# # application image -image: onap/policy-apex-pdp:2.6.0 +image: onap/policy-apex-pdp:2.6.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/components/policy-api/values.yaml b/kubernetes/policy/components/policy-api/values.yaml index 87ddd73adf..11efaa1a1e 100755 --- a/kubernetes/policy/components/policy-api/values.yaml +++ b/kubernetes/policy/components/policy-api/values.yaml @@ -78,7 +78,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/policy-api:2.5.0 +image: onap/policy-api:2.5.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/components/policy-clamp-be/resources/config/application.properties b/kubernetes/policy/components/policy-clamp-be/resources/config/application.properties index a6334668b1..aa9870ae41 100644 --- a/kubernetes/policy/components/policy-clamp-be/resources/config/application.properties +++ b/kubernetes/policy/components/policy-clamp-be/resources/config/application.properties @@ -69,3 +69,9 @@ clamp.config.dcae.deployment.password=none #AAF related parameters clamp.config.cadi.aafLocateUrl=https://aaf-locate.{{ include "common.namespace" . }}:8095 + +# Configuration settings for ControlLoop Runtime Rest API +clamp.config.controlloop.runtime.url=http://policy-clamp-cl-runtime.{{ include "common.namespace" . }}:6969 +clamp.config.controlloop.runtime.userName=${RUNTIME_USER} +clamp.config.controlloop.runtime.password=${RUNTIME_PASSWORD} + diff --git a/kubernetes/policy/components/policy-clamp-be/resources/config/policy-clamp-create-tables.sql b/kubernetes/policy/components/policy-clamp-be/resources/config/policy-clamp-create-tables.sql index 1f153bce04..1652dc18c3 100644 --- a/kubernetes/policy/components/policy-clamp-be/resources/config/policy-clamp-create-tables.sql +++ b/kubernetes/policy/components/policy-clamp-be/resources/config/policy-clamp-create-tables.sql @@ -1,257 +1,275 @@ - - create table dictionary ( - name varchar(255) not null, - created_by varchar(255), - created_timestamp datetime(6) not null, - updated_by varchar(255), - updated_timestamp datetime(6) not null, - dictionary_second_level integer, - dictionary_type varchar(255), - primary key (name) - ) engine=InnoDB; - - create table dictionary_elements ( - short_name varchar(255) not null, - created_by varchar(255), - created_timestamp datetime(6) not null, - updated_by varchar(255), - updated_timestamp datetime(6) not null, - description varchar(255) not null, - name varchar(255) not null, - subdictionary_name varchar(255), - type varchar(255) not null, - primary key (short_name) +/* + * ============LICENSE_START======================================================= + * Copyright (C) 2021 Nordix Foundation + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * ============LICENSE_END========================================================= + */ + +create table if not exists dictionary ( + name varchar(255) not null, + created_by varchar(255), + created_timestamp datetime(6) not null, + updated_by varchar(255), + updated_timestamp datetime(6) not null, + dictionary_second_level integer, + dictionary_type varchar(255), + primary key (name) ) engine=InnoDB; - create table dictionary_to_dictionaryelements ( - dictionary_name varchar(255) not null, - dictionary_element_short_name varchar(255) not null, - primary key (dictionary_name, dictionary_element_short_name) +create table if not exists dictionary_elements ( + short_name varchar(255) not null, + created_by varchar(255), + created_timestamp datetime(6) not null, + updated_by varchar(255), + updated_timestamp datetime(6) not null, + description varchar(255) not null, + name varchar(255) not null, + subdictionary_name varchar(255), + type varchar(255) not null, + primary key (short_name) ) engine=InnoDB; - create table hibernate_sequence ( - next_val bigint +create table if not exists dictionary_to_dictionaryelements ( + dictionary_name varchar(255) not null, + dictionary_element_short_name varchar(255) not null, + primary key (dictionary_name, dictionary_element_short_name) ) engine=InnoDB; - insert into hibernate_sequence values ( 1 ); - - create table loop_element_models ( - name varchar(255) not null, - created_by varchar(255), - created_timestamp datetime(6) not null, - updated_by varchar(255), - updated_timestamp datetime(6) not null, - blueprint_yaml MEDIUMTEXT, - dcae_blueprint_id varchar(255), - loop_element_type varchar(255) not null, - short_name varchar(255), - primary key (name) +create table if not exists hibernate_sequence ( + next_val bigint +) engine=InnoDB; + +insert into hibernate_sequence values ( 1 ); + +create table if not exists loop_element_models ( + name varchar(255) not null, + created_by varchar(255), + created_timestamp datetime(6) not null, + updated_by varchar(255), + updated_timestamp datetime(6) not null, + blueprint_yaml MEDIUMTEXT, + dcae_blueprint_id varchar(255), + loop_element_type varchar(255) not null, + short_name varchar(255), + primary key (name) ) engine=InnoDB; - create table loop_logs ( - id bigint not null, - log_component varchar(255) not null, - log_instant datetime(6) not null, - log_type varchar(255) not null, - message MEDIUMTEXT not null, - loop_id varchar(255) not null, - primary key (id) +create table if not exists loop_logs ( + id bigint not null, + log_component varchar(255) not null, + log_instant datetime(6) not null, + log_type varchar(255) not null, + message MEDIUMTEXT not null, + loop_id varchar(255) not null, + primary key (id) ) engine=InnoDB; - create table loop_templates ( - name varchar(255) not null, - created_by varchar(255), - created_timestamp datetime(6) not null, - updated_by varchar(255), - updated_timestamp datetime(6) not null, - allowed_loop_type varchar(255), - blueprint_yaml MEDIUMTEXT, - dcae_blueprint_id varchar(255), - maximum_instances_allowed integer, - svg_representation MEDIUMTEXT, - unique_blueprint boolean default false, - service_uuid varchar(255), - primary key (name) +create table if not exists loop_templates ( + name varchar(255) not null, + created_by varchar(255), + created_timestamp datetime(6) not null, + updated_by varchar(255), + updated_timestamp datetime(6) not null, + allowed_loop_type varchar(255), + blueprint_yaml MEDIUMTEXT, + dcae_blueprint_id varchar(255), + maximum_instances_allowed integer, + svg_representation MEDIUMTEXT, + unique_blueprint boolean default false, + service_uuid varchar(255), + primary key (name) ) engine=InnoDB; - create table loopelementmodels_to_policymodels ( - loop_element_name varchar(255) not null, - policy_model_type varchar(255) not null, - policy_model_version varchar(255) not null, - primary key (loop_element_name, policy_model_type, policy_model_version) +create table if not exists loopelementmodels_to_policymodels ( + loop_element_name varchar(255) not null, + policy_model_type varchar(255) not null, + policy_model_version varchar(255) not null, + primary key (loop_element_name, policy_model_type, policy_model_version) ) engine=InnoDB; - create table loops ( - name varchar(255) not null, - created_by varchar(255), - created_timestamp datetime(6) not null, - updated_by varchar(255), - updated_timestamp datetime(6) not null, - dcae_deployment_id varchar(255), - dcae_deployment_status_url varchar(255), - global_properties_json json, - last_computed_state varchar(255) not null, - svg_representation MEDIUMTEXT, - loop_template_name varchar(255) not null, - service_uuid varchar(255), - primary key (name) +create table if not exists loops ( + name varchar(255) not null, + created_by varchar(255), + created_timestamp datetime(6) not null, + updated_by varchar(255), + updated_timestamp datetime(6) not null, + dcae_deployment_id varchar(255), + dcae_deployment_status_url varchar(255), + global_properties_json json, + last_computed_state varchar(255) not null, + svg_representation MEDIUMTEXT, + loop_template_name varchar(255) not null, + service_uuid varchar(255), + primary key (name) ) engine=InnoDB; - create table loops_to_microservicepolicies ( - loop_name varchar(255) not null, - microservicepolicy_name varchar(255) not null, - primary key (loop_name, microservicepolicy_name) +create table if not exists loops_to_microservicepolicies ( + loop_name varchar(255) not null, + microservicepolicy_name varchar(255) not null, + primary key (loop_name, microservicepolicy_name) ) engine=InnoDB; - create table looptemplates_to_loopelementmodels ( - loop_element_model_name varchar(255) not null, - loop_template_name varchar(255) not null, - flow_order integer not null, - primary key (loop_element_model_name, loop_template_name) +create table if not exists looptemplates_to_loopelementmodels ( + loop_element_model_name varchar(255) not null, + loop_template_name varchar(255) not null, + flow_order integer not null, + primary key (loop_element_model_name, loop_template_name) ) engine=InnoDB; - create table micro_service_policies ( - name varchar(255) not null, - created_by varchar(255), - created_timestamp datetime(6) not null, - updated_by varchar(255), - updated_timestamp datetime(6) not null, - configurations_json json, - json_representation json not null, - pdp_group varchar(255), - pdp_sub_group varchar(255), - context varchar(255), - dcae_blueprint_id varchar(255), - dcae_deployment_id varchar(255), - dcae_deployment_status_url varchar(255), - device_type_scope varchar(255), - shared bit not null, - loop_element_model_id varchar(255), - policy_model_type varchar(255), - policy_model_version varchar(255), - primary key (name) +create table if not exists micro_service_policies ( + name varchar(255) not null, + created_by varchar(255), + created_timestamp datetime(6) not null, + updated_by varchar(255), + updated_timestamp datetime(6) not null, + configurations_json json, + json_representation json not null, + pdp_group varchar(255), + pdp_sub_group varchar(255), + context varchar(255), + dcae_blueprint_id varchar(255), + dcae_deployment_id varchar(255), + dcae_deployment_status_url varchar(255), + device_type_scope varchar(255), + shared bit not null, + loop_element_model_id varchar(255), + policy_model_type varchar(255), + policy_model_version varchar(255), + primary key (name) ) engine=InnoDB; - create table operational_policies ( - name varchar(255) not null, - created_by varchar(255), - created_timestamp datetime(6) not null, - updated_by varchar(255), - updated_timestamp datetime(6) not null, - configurations_json json, - json_representation json not null, - pdp_group varchar(255), - pdp_sub_group varchar(255), - loop_element_model_id varchar(255), - policy_model_type varchar(255), - policy_model_version varchar(255), - loop_id varchar(255) not null, - primary key (name) +create table if not exists operational_policies ( + name varchar(255) not null, + created_by varchar(255), + created_timestamp datetime(6) not null, + updated_by varchar(255), + updated_timestamp datetime(6) not null, + configurations_json json, + json_representation json not null, + pdp_group varchar(255), + pdp_sub_group varchar(255), + loop_element_model_id varchar(255), + policy_model_type varchar(255), + policy_model_version varchar(255), + loop_id varchar(255) not null, + primary key (name) ) engine=InnoDB; - create table policy_models ( - policy_model_type varchar(255) not null, - version varchar(255) not null, - created_by varchar(255), - created_timestamp datetime(6) not null, - updated_by varchar(255), - updated_timestamp datetime(6) not null, - policy_acronym varchar(255), - policy_tosca MEDIUMTEXT, - policy_pdp_group json, - primary key (policy_model_type, version) +create table if not exists policy_models ( + policy_model_type varchar(255) not null, + version varchar(255) not null, + created_by varchar(255), + created_timestamp datetime(6) not null, + updated_by varchar(255), + updated_timestamp datetime(6) not null, + policy_acronym varchar(255), + policy_tosca MEDIUMTEXT, + policy_pdp_group json, + primary key (policy_model_type, version) ) engine=InnoDB; - create table services ( - service_uuid varchar(255) not null, - name varchar(255) not null, - resource_details json, - service_details json, - version varchar(255), - primary key (service_uuid) +create table if not exists services ( + service_uuid varchar(255) not null, + name varchar(255) not null, + resource_details json, + service_details json, + version varchar(255), + primary key (service_uuid) ) engine=InnoDB; - alter table dictionary_to_dictionaryelements - add constraint FK68hjjinnm8nte2owstd0xwp23 - foreign key (dictionary_element_short_name) - references dictionary_elements (short_name); - - alter table dictionary_to_dictionaryelements - add constraint FKtqfxg46gsxwlm2gkl6ne3cxfe - foreign key (dictionary_name) - references dictionary (name); - - alter table loop_logs - add constraint FK1j0cda46aickcaoxqoo34khg2 - foreign key (loop_id) - references loops (name); - - alter table loop_templates - add constraint FKn692dk6281wvp1o95074uacn6 - foreign key (service_uuid) - references services (service_uuid); - - alter table loopelementmodels_to_policymodels - add constraint FK23j2q74v6kaexefy0tdabsnda - foreign key (policy_model_type, policy_model_version) - references policy_models (policy_model_type, version); - - alter table loopelementmodels_to_policymodels - add constraint FKjag1iu0olojfwryfkvb5o0rk5 - foreign key (loop_element_name) - references loop_element_models (name); - - alter table loops - add constraint FK844uwy82wt0l66jljkjqembpj - foreign key (loop_template_name) - references loop_templates (name); - - alter table loops - add constraint FK4b9wnqopxogwek014i1shqw7w - foreign key (service_uuid) - references services (service_uuid); - - alter table loops_to_microservicepolicies - add constraint FKle255jmi7b065fwbvmwbiehtb - foreign key (microservicepolicy_name) - references micro_service_policies (name); - - alter table loops_to_microservicepolicies - add constraint FK8avfqaf7xl71l7sn7a5eri68d - foreign key (loop_name) - references loops (name); - - alter table looptemplates_to_loopelementmodels - add constraint FK1k7nbrbugvqa0xfxkq3cj1yn9 - foreign key (loop_element_model_name) - references loop_element_models (name); - - alter table looptemplates_to_loopelementmodels - add constraint FKj29yxyw0x7ue6mwgi6d3qg748 - foreign key (loop_template_name) - references loop_templates (name); - - alter table micro_service_policies - add constraint FKqvvdypacbww07fuv8xvlvdjgl - foreign key (loop_element_model_id) - references loop_element_models (name); - - alter table micro_service_policies - add constraint FKn17j9ufmyhqicb6cvr1dbjvkt - foreign key (policy_model_type, policy_model_version) - references policy_models (policy_model_type, version); - - alter table operational_policies - add constraint FKi9kh7my40737xeuaye9xwbnko - foreign key (loop_element_model_id) - references loop_element_models (name); - - alter table operational_policies - add constraint FKlsyhfkoqvkwj78ofepxhoctip - foreign key (policy_model_type, policy_model_version) - references policy_models (policy_model_type, version); - - alter table operational_policies - add constraint FK1ddoggk9ni2bnqighv6ecmuwu - foreign key (loop_id) - references loops (name); +alter table dictionary_to_dictionaryelements + add constraint FK68hjjinnm8nte2owstd0xwp23 + foreign key (dictionary_element_short_name) + references dictionary_elements (short_name); + +alter table dictionary_to_dictionaryelements + add constraint FKtqfxg46gsxwlm2gkl6ne3cxfe + foreign key (dictionary_name) + references dictionary (name); + +alter table loop_logs + add constraint FK1j0cda46aickcaoxqoo34khg2 + foreign key (loop_id) + references loops (name); + +alter table loop_templates + add constraint FKn692dk6281wvp1o95074uacn6 + foreign key (service_uuid) + references services (service_uuid); + +alter table loopelementmodels_to_policymodels + add constraint FK23j2q74v6kaexefy0tdabsnda + foreign key (policy_model_type, policy_model_version) + references policy_models (policy_model_type, version); + +alter table loopelementmodels_to_policymodels + add constraint FKjag1iu0olojfwryfkvb5o0rk5 + foreign key (loop_element_name) + references loop_element_models (name); + +alter table loops + add constraint FK844uwy82wt0l66jljkjqembpj + foreign key (loop_template_name) + references loop_templates (name); + +alter table loops + add constraint FK4b9wnqopxogwek014i1shqw7w + foreign key (service_uuid) + references services (service_uuid); + +alter table loops_to_microservicepolicies + add constraint FKle255jmi7b065fwbvmwbiehtb + foreign key (microservicepolicy_name) + references micro_service_policies (name); + +alter table loops_to_microservicepolicies + add constraint FK8avfqaf7xl71l7sn7a5eri68d + foreign key (loop_name) + references loops (name); + +alter table looptemplates_to_loopelementmodels + add constraint FK1k7nbrbugvqa0xfxkq3cj1yn9 + foreign key (loop_element_model_name) + references loop_element_models (name); + +alter table looptemplates_to_loopelementmodels + add constraint FKj29yxyw0x7ue6mwgi6d3qg748 + foreign key (loop_template_name) + references loop_templates (name); + +alter table micro_service_policies + add constraint FKqvvdypacbww07fuv8xvlvdjgl + foreign key (loop_element_model_id) + references loop_element_models (name); + +alter table micro_service_policies + add constraint FKn17j9ufmyhqicb6cvr1dbjvkt + foreign key (policy_model_type, policy_model_version) + references policy_models (policy_model_type, version); + +alter table operational_policies + add constraint FKi9kh7my40737xeuaye9xwbnko + foreign key (loop_element_model_id) + references loop_element_models (name); + +alter table operational_policies + add constraint FKlsyhfkoqvkwj78ofepxhoctip + foreign key (policy_model_type, policy_model_version) + references policy_models (policy_model_type, version); + +alter table operational_policies + add constraint FK1ddoggk9ni2bnqighv6ecmuwu + foreign key (loop_id) + references loops (name); diff --git a/kubernetes/policy/components/policy-clamp-be/templates/deployment.yaml b/kubernetes/policy/components/policy-clamp-be/templates/deployment.yaml index e61cca0e49..4354c00a30 100644 --- a/kubernetes/policy/components/policy-clamp-be/templates/deployment.yaml +++ b/kubernetes/policy/components/policy-clamp-be/templates/deployment.yaml @@ -70,7 +70,7 @@ spec: export SDC_CLIENT_PASSWORD_ENC=`java -jar {{ .Values.certInitializer.credsPath }}/aaf-cadi-aaf-2.1.20-full.jar cadi digest ${SDC_CLIENT_PASSWORD} {{ .Values.certInitializer.credsPath }}/org.onap.clamp.keyfile`; envsubst < "/opt/policy/clamp/sdc-controllers-config.json" > "/opt/policy/clamp/sdc-controllers-config-pass.json" {{- end }} - java -Djava.security.egd=file:/dev/./urandom ${JAVA_RAM_CONFIGURATION} -jar ./policy-clamp-backend.jar + java -Djava.security.egd=file:/dev/./urandom ${JAVA_RAM_CONFIGURATION} -jar ./policy-clamp-backend.jar --spring.config.location=optional:classpath:/,optional:classpath:/config/,optional:file:./,optional:file:./config/ ports: - containerPort: {{ .Values.service.internalPort }} # disable liveness probe when breakpoints set in debugger @@ -97,6 +97,10 @@ spec: name: {{ include "common.fullname" . }}-config subPath: application.properties env: + - name: RUNTIME_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "runtime-be-secret" "key" "login") | indent 12 }} + - name: RUNTIME_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "runtime-be-secret" "key" "password") | indent 12 }} - name: MYSQL_USER {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-creds" "key" "login") | indent 12 }} - name: MYSQL_PASSWORD diff --git a/kubernetes/policy/components/policy-clamp-be/values.yaml b/kubernetes/policy/components/policy-clamp-be/values.yaml index dcbe59c382..35011dea1d 100644 --- a/kubernetes/policy/components/policy-clamp-be/values.yaml +++ b/kubernetes/policy/components/policy-clamp-be/values.yaml @@ -60,11 +60,17 @@ secrets: externalSecret: '{{ tpl (default "" .Values.sdc.sdcClientExternalSecret) . }}' password: '{{ .Values.sdc.clientPassword }}' passwordPolicy: required + - uid: runtime-be-secret + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.config.appUserExternalSecret) . }}' + login: '{{ .Values.config.policyAppUserName }}' + password: '{{ .Values.config.policyAppUserPassword }}' + passwordPolicy: required flavor: small # application image -image: onap/policy-clamp-backend:6.1.1 +image: onap/policy-clamp-backend:6.1.3 pullPolicy: Always # flag to enable debugging - application support required @@ -79,7 +85,6 @@ log: ################################################################# #####dummy values for db user and password to pass lint!!!####### - sdc: clientPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U @@ -92,6 +97,8 @@ db: internalPort: 3306 config: + policyAppUserName: runtimeUser + policyAppUserPassword: none log: logstashServiceName: log-ls logstashPort: 5044 diff --git a/kubernetes/policy/components/policy-clamp-cl-k8s-ppnt/values.yaml b/kubernetes/policy/components/policy-clamp-cl-k8s-ppnt/values.yaml index 74cf74f36d..f98fce1137 100644 --- a/kubernetes/policy/components/policy-clamp-cl-k8s-ppnt/values.yaml +++ b/kubernetes/policy/components/policy-clamp-cl-k8s-ppnt/values.yaml @@ -72,7 +72,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/policy-clamp-cl-k8s-ppnt:6.1.2 +image: onap/policy-clamp-cl-k8s-ppnt:6.1.3 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/components/policy-clamp-cl-runtime/values.yaml b/kubernetes/policy/components/policy-clamp-cl-runtime/values.yaml index 4cf9e67c99..c0044e2cd1 100644 --- a/kubernetes/policy/components/policy-clamp-cl-runtime/values.yaml +++ b/kubernetes/policy/components/policy-clamp-cl-runtime/values.yaml @@ -78,7 +78,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/policy-clamp-cl-runtime:6.1.2 +image: onap/policy-clamp-cl-runtime:6.1.3 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/components/policy-clamp-fe/values.yaml b/kubernetes/policy/components/policy-clamp-fe/values.yaml index 9e021c8d0e..e5587411d5 100644 --- a/kubernetes/policy/components/policy-clamp-fe/values.yaml +++ b/kubernetes/policy/components/policy-clamp-fe/values.yaml @@ -60,7 +60,7 @@ subChartsOnly: flavor: small # application image -image: onap/policy-clamp-frontend:6.1.2 +image: onap/policy-clamp-frontend:6.1.3 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/components/policy-distribution/values.yaml b/kubernetes/policy/components/policy-distribution/values.yaml index 1614bd840e..2d80fbb216 100755 --- a/kubernetes/policy/components/policy-distribution/values.yaml +++ b/kubernetes/policy/components/policy-distribution/values.yaml @@ -67,7 +67,7 @@ global: # Application configuration defaults. ################################################################# # application image -image: onap/policy-distribution:2.6.0 +image: onap/policy-distribution:2.6.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/components/policy-drools-pdp/values.yaml b/kubernetes/policy/components/policy-drools-pdp/values.yaml index 678cce74ee..fa0fda80e1 100755 --- a/kubernetes/policy/components/policy-drools-pdp/values.yaml +++ b/kubernetes/policy/components/policy-drools-pdp/values.yaml @@ -35,7 +35,7 @@ secrets: # Application configuration defaults. ################################################################# # application image -image: onap/policy-pdpd-cl:1.9.0 +image: onap/policy-pdpd-cl:1.9.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/components/policy-gui/values.yaml b/kubernetes/policy/components/policy-gui/values.yaml index 460a83d9b2..a1810d387c 100644 --- a/kubernetes/policy/components/policy-gui/values.yaml +++ b/kubernetes/policy/components/policy-gui/values.yaml @@ -63,7 +63,7 @@ subChartsOnly: flavor: small # application image -image: onap/policy-gui:2.1.0 +image: onap/policy-gui:2.1.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/components/policy-pap/values.yaml b/kubernetes/policy/components/policy-pap/values.yaml index c373e04cf2..5381892241 100755 --- a/kubernetes/policy/components/policy-pap/values.yaml +++ b/kubernetes/policy/components/policy-pap/values.yaml @@ -92,7 +92,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/policy-pap:2.5.0 +image: onap/policy-pap:2.5.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/components/policy-xacml-pdp/values.yaml b/kubernetes/policy/components/policy-xacml-pdp/values.yaml index 91984cc81b..7c2d1b13a8 100755 --- a/kubernetes/policy/components/policy-xacml-pdp/values.yaml +++ b/kubernetes/policy/components/policy-xacml-pdp/values.yaml @@ -83,7 +83,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/policy-xacml-pdp:2.5.0 +image: onap/policy-xacml-pdp:2.5.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/values.yaml b/kubernetes/policy/values.yaml index 29603690b8..95164da5de 100755 --- a/kubernetes/policy/values.yaml +++ b/kubernetes/policy/values.yaml @@ -104,7 +104,7 @@ mariadb: image: mariadb:10.5.8 dbmigrator: - image: onap/policy-db-migrator:2.3.0 + image: onap/policy-db-migrator:2.3.1 schema: policyadmin policy_home: "/opt/app/policy" diff --git a/kubernetes/sdc/components/sdc-be/values.yaml b/kubernetes/sdc/components/sdc-be/values.yaml index d769f628eb..521912e1ce 100644 --- a/kubernetes/sdc/components/sdc-be/values.yaml +++ b/kubernetes/sdc/components/sdc-be/values.yaml @@ -35,8 +35,8 @@ global: # Application configuration defaults. ################################################################# # application image -image: onap/sdc-backend-all-plugins:1.9.3 -backendInitImage: onap/sdc-backend-init:1.9.3 +image: onap/sdc-backend-all-plugins:1.9.4 +backendInitImage: onap/sdc-backend-init:1.9.4 pullPolicy: Always diff --git a/kubernetes/sdc/components/sdc-cs/values.yaml b/kubernetes/sdc/components/sdc-cs/values.yaml index 223e023b28..a36fdb5c0d 100644 --- a/kubernetes/sdc/components/sdc-cs/values.yaml +++ b/kubernetes/sdc/components/sdc-cs/values.yaml @@ -38,8 +38,8 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/sdc-cassandra:1.9.3 -cassandraInitImage: onap/sdc-cassandra-init:1.9.3 +image: onap/sdc-cassandra:1.9.4 +cassandraInitImage: onap/sdc-cassandra-init:1.9.4 pullPolicy: Always config: diff --git a/kubernetes/sdc/components/sdc-fe/values.yaml b/kubernetes/sdc/components/sdc-fe/values.yaml index d563e80f42..24257994b3 100644 --- a/kubernetes/sdc/components/sdc-fe/values.yaml +++ b/kubernetes/sdc/components/sdc-fe/values.yaml @@ -47,7 +47,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/sdc-frontend:1.9.3 +image: onap/sdc-frontend:1.9.4 pullPolicy: Always config: diff --git a/kubernetes/sdc/components/sdc-onboarding-be/values.yaml b/kubernetes/sdc/components/sdc-onboarding-be/values.yaml index 1bce6b17af..4d20b7d626 100644 --- a/kubernetes/sdc/components/sdc-onboarding-be/values.yaml +++ b/kubernetes/sdc/components/sdc-onboarding-be/values.yaml @@ -59,8 +59,8 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/sdc-onboard-backend:1.9.3 -onboardingInitImage: onap/sdc-onboard-cassandra-init:1.9.3 +image: onap/sdc-onboard-backend:1.9.4 +onboardingInitImage: onap/sdc-onboard-cassandra-init:1.9.4 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/sdc/resources/config/environments/AUTO.json b/kubernetes/sdc/resources/config/environments/AUTO.json index d01f8557f3..bd76b97b98 100755 --- a/kubernetes/sdc/resources/config/environments/AUTO.json +++ b/kubernetes/sdc/resources/config/environments/AUTO.json @@ -89,7 +89,10 @@ "socket_read_timeout": "20000", "socket_connect_timeout": "20000", "janusgraph_connection_timeout": "10000", - "replication_factor": "{{.Values.global.cassandra.replicaCount}}" + "replication_factor": "{{.Values.global.cassandra.replicaCount}}", + "db_cache": "{{.Values.global.cassandra.dbCache}}", + "read_consistency_level": "{{.Values.global.cassandra.readConsistencyLevel}}", + "write_consistency_level":"{{.Values.global.cassandra.writeConsistencyLevel}}" }, "DMAAP": { "consumer": { diff --git a/kubernetes/sdc/values.yaml b/kubernetes/sdc/values.yaml index cd3dc1e5fd..18483e7f1e 100644 --- a/kubernetes/sdc/values.yaml +++ b/kubernetes/sdc/values.yaml @@ -34,6 +34,9 @@ global: #Shared cassandra cluster replicaCount, should be changed if localCluster is enabled #to match with its own cluster replica replicaCount: 3 + dbCache: true + readConsistencyLevel: ONE + writeConsistencyLevel: ALL clusterName: cassandra dataCenter: Pod security: diff --git a/kubernetes/so/components/so-cnf-adapter/values.yaml b/kubernetes/so/components/so-cnf-adapter/values.yaml index b7e8dd9098..2b6fff63c8 100755 --- a/kubernetes/so/components/so-cnf-adapter/values.yaml +++ b/kubernetes/so/components/so-cnf-adapter/values.yaml @@ -76,7 +76,7 @@ secrets: ################################################################# # Application configuration defaults. ################################################################# -image: onap/so/so-cnf-adapter:1.9.1 +image: onap/so/so-cnf-adapter:1.9.2 pullPolicy: Always readinessCheck: diff --git a/kubernetes/so/components/so-nssmf-adapter/values.yaml b/kubernetes/so/components/so-nssmf-adapter/values.yaml index 09f61a5320..2489ddd75e 100755 --- a/kubernetes/so/components/so-nssmf-adapter/values.yaml +++ b/kubernetes/so/components/so-nssmf-adapter/values.yaml @@ -75,7 +75,7 @@ secrets: ################################################################# # Application configuration defaults. ################################################################# -image: onap/so/so-nssmf-adapter:1.8.3 +image: onap/so/so-nssmf-adapter:1.9.1 pullPolicy: Always db: diff --git a/kubernetes/so/components/so-openstack-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-openstack-adapter/resources/config/overrides/override.yaml index 15f08bccc6..e332f98302 100755 --- a/kubernetes/so/components/so-openstack-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/components/so-openstack-adapter/resources/config/overrides/override.yaml @@ -57,7 +57,11 @@ org: onap: so: adapters: + {{- if eq .Values.config.openStackKeystoneVersion "KEYSTONE_V3" }} + default_keystone_url_version: /v3 + {{- else }} default_keystone_url_version: /v2.0 + {{- end }} default_keystone_reg_ex: "/[vV][0-9]" vnf: bpelauth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.encrypted "value2" .Values.org.onap.so.adapters.bpelauth )}} @@ -79,7 +83,11 @@ org: retrylist: 408,429,500,502,503,504,900 encryptionKey: 07a7159d3bf51a0e53be7a8f89699be7 tenant: + {{- if eq .Values.config.openStackKeystoneVersion "KEYSTONE_V3" }} + default_keystone_url_version: /v3 + {{- else }} default_keystone_url_version: /v2.0 + {{- end }} default_keystone_reg_ex: "/[vV][0-9]" default_tenant_description: Tenant default_region_type: single diff --git a/kubernetes/so/components/so-openstack-adapter/values.yaml b/kubernetes/so/components/so-openstack-adapter/values.yaml index 2ac829592c..ab97d406a4 100755 --- a/kubernetes/so/components/so-openstack-adapter/values.yaml +++ b/kubernetes/so/components/so-openstack-adapter/values.yaml @@ -150,6 +150,8 @@ config: openStackServiceTenantName: "service" openStackEncryptedPasswordHere: "c124921a3a0efbe579782cde8227681e" openStackTenantId: "d570c718cbc545029f40e50b75eb13df" + # "KEYSTONE" for keystone v2, "KEYSTONE_V3" for keystone v3 + openStackKeystoneVersion: "KEYSTONE" nodeSelector: {} tolerations: [] affinity: {} diff --git a/kubernetes/so/resources/config/mso/mso-docker.json b/kubernetes/so/resources/config/mso/mso-docker.json index 167a8edc09..119a31304a 100755 --- a/kubernetes/so/resources/config/mso/mso-docker.json +++ b/kubernetes/so/resources/config/mso/mso-docker.json @@ -84,13 +84,17 @@ [ { "dcp_clli": "DEFAULT_KEYSTONE", + {{- if eq .Values.config.openStackKeystoneVersion "KEYSTONE_V3" }} + "identity_url": "{{ .Values.config.openStackKeyStoneUrl }}/v3", + {{- else }} "identity_url": "{{ .Values.config.openStackKeyStoneUrl }}/v2.0", + {{- end }} "mso_id": "{{ .Values.config.openStackUserName }}", "mso_pass": "{{ .Values.config.openStackEncryptedPasswordHere }}", "admin_tenant":"{{ .Values.config.openStackServiceTenantName }}", "member_role": "admin", "tenant_metadata": "true", - "identity_server_type": "KEYSTONE", + "identity_server_type": "{{ .Values.config.openStackKeystoneVersion }}", "identity_authentication_type": "USERNAME_PASSWORD" } ], diff --git a/kubernetes/so/values.yaml b/kubernetes/so/values.yaml index 988b8ef585..b14c014bc0 100755 --- a/kubernetes/so/values.yaml +++ b/kubernetes/so/values.yaml @@ -257,6 +257,8 @@ affinity: {} config: logstashServiceName: log-ls logstashPort: 5044 + # "KEYSTONE" for keystone v2, "KEYSTONE_V3" for keystone v3 + openStackKeystoneVersion: "KEYSTONE" #Used only if localCluster is enabled. Instantiates SO's own cassandra cluster #helm deploy demo local/onap --namespace onap --verbose --set so.enabled=true \ |