summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--docs/oom_cloud_setup_guide.rst22
-rw-r--r--docs/oom_setup_kubernetes_rancher.rst4
-rw-r--r--docs/openstack-k8s-node.sh2
-rw-r--r--docs/openstack-rancher.sh2
-rw-r--r--kubernetes/aai/charts/aai-gizmo/resources/config/auth/client-cert.p12bin0 -> 2556 bytes
-rw-r--r--kubernetes/aai/charts/aai-gizmo/resources/config/model/edge_properties_v15.json6
-rw-r--r--kubernetes/aai/charts/aai-gizmo/resources/config/schema-ingest.properties31
-rw-r--r--kubernetes/aai/charts/aai-resources/resources/config/aaf/truststoreONAPall.jksbin114865 -> 0 bytes
-rw-r--r--kubernetes/aai/charts/aai-resources/templates/configmap.yaml1
-rw-r--r--kubernetes/aai/charts/aai-resources/templates/deployment.yaml139
-rw-r--r--kubernetes/aai/charts/aai-sparky-be/templates/deployment.yaml20
-rw-r--r--kubernetes/aai/charts/aai-spike/resources/config/auth/client-cert.p12bin0 -> 3617 bytes
-rw-r--r--kubernetes/aai/charts/aai-spike/resources/config/model/edge_props/edge_properties_v15.json6
-rw-r--r--kubernetes/aai/charts/aai-spike/resources/config/schema-ingest.properties28
-rw-r--r--kubernetes/aai/charts/aai-traversal/resources/config/aaf/truststoreONAPall.jksbin114865 -> 0 bytes
-rw-r--r--kubernetes/aai/charts/aai-traversal/templates/configmap.yaml1
-rw-r--r--kubernetes/aai/charts/aai-traversal/templates/deployment.yaml68
-rw-r--r--kubernetes/aai/resources/config/auth/truststoreONAPall.jks (renamed from kubernetes/aai/charts/aai-sparky-be/resources/config/auth/truststoreONAPall.jks)bin117990 -> 117990 bytes
-rw-r--r--kubernetes/aai/templates/secret.yaml22
-rw-r--r--kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/base.conf20
-rw-r--r--kubernetes/policy/charts/policy-apex-pdp/resources/config/config.json104
-rw-r--r--kubernetes/pomba/charts/pomba-contextaggregator/resources/config/logback.xml31
-rwxr-xr-xkubernetes/pomba/charts/pomba-contextaggregator/templates/configmap.yaml10
-rwxr-xr-xkubernetes/pomba/charts/pomba-contextaggregator/templates/deployment.yaml17
-rw-r--r--kubernetes/pomba/charts/pomba-networkdiscovery/resources/config/application.properties17
-rw-r--r--kubernetes/pomba/charts/pomba-sdcctxbuilder/resources/config/logback.xml31
-rw-r--r--kubernetes/pomba/charts/pomba-sdcctxbuilder/templates/configmap.yaml8
-rw-r--r--kubernetes/pomba/charts/pomba-sdcctxbuilder/templates/deployment.yaml16
-rw-r--r--kubernetes/pomba/charts/pomba-sdncctxbuilder/resources/config/logback.xml244
-rw-r--r--kubernetes/pomba/charts/pomba-sdncctxbuilder/templates/deployment.yaml12
-rw-r--r--kubernetes/pomba/charts/pomba-validation-service/resources/appconfig/rule-data-dictionary.properties9
-rw-r--r--kubernetes/pomba/charts/pomba-validation-service/resources/bundleconfig/etc/rules/poa-event/default-rules.groovy33
-rw-r--r--kubernetes/pomba/charts/pomba-validation-service/templates/deployment.yaml2
-rw-r--r--kubernetes/pomba/charts/pomba-validation-service/values.yaml5
-rw-r--r--kubernetes/portal/charts/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh190
-rw-r--r--kubernetes/portal/charts/portal-mariadb/templates/deployment.yaml7
36 files changed, 755 insertions, 353 deletions
diff --git a/docs/oom_cloud_setup_guide.rst b/docs/oom_cloud_setup_guide.rst
index 9fb3ab73b1..f43531a03a 100644
--- a/docs/oom_cloud_setup_guide.rst
+++ b/docs/oom_cloud_setup_guide.rst
@@ -1,18 +1,18 @@
.. This work is licensed under a Creative Commons Attribution 4.0
.. International License.
.. http://creativecommons.org/licenses/by/4.0
-.. Copyright 2018 Amdocs, Bell Canada
+.. Copyright 2019 Amdocs, Bell Canada
.. Links
-.. _Microsoft Azure: https://wiki.onap.org/display/DW/ONAP+on+Kubernetes+on+Microsoft+Azure
-.. _Amazon AWS: https://wiki.onap.org/display/DW/ONAP+on+Kubernetes+on+Amazon+EC2
-.. _Google GCE: https://wiki.onap.org/display/DW/ONAP+on+Kubernetes+on+Google+Compute+Engine
+.. _Microsoft Azure: https://wiki.onap.org/display/DW/Cloud+Native+Deployment#CloudNativeDeployment-MicrosoftAzure
+.. _Amazon AWS: https://wiki.onap.org/display/DW/Cloud+Native+Deployment#CloudNativeDeployment-AmazonAWS
+.. _Google GCE: https://wiki.onap.org/display/DW/Cloud+Native+Deployment#CloudNativeDeployment-GoogleGCE
.. _VMware VIO: https://wiki.onap.org/display/DW/ONAP+on+VMware+Integrated+OpenStack+-+Container+Orchestration
.. _OpenStack: https://wiki.onap.org/display/DW/ONAP+on+Kubernetes+on+OpenStack?src=contextnavpagetreemode
-.. _Setting Up Kubernetes with Rancher: https://wiki.onap.org/display/DW/ONAP+on+Kubernetes+on+Rancher
+.. _Setting Up Kubernetes with Rancher: https://wiki.onap.org/display/DW/Cloud+Native+Deployment
.. _Setting Up Kubernetes with Kubeadm: https://wiki.onap.org/display/DW/Deploying+Kubernetes+Cluster+with+kubeadm
-.. _Setting Up Kubernetes with Cloudify: https://wiki.onap.org/display/DW/ONAP+on+Kubernetes+on+Cloudify
-.. _ONAP on Kubernetes Wiki: https://wiki.onap.org/display/DW/ONAP+on+Kubernetes
+.. _Cloud Native Deployment Wiki: https://wiki.onap.org/display/DW/Cloud+Native+Deployment
+.. _ONAP Development - 110 pod limit Wiki: https://wiki.onap.org/display/DW/ONAP+Development#ONAPDevelopment-Changemax-podsfromdefault110podlimit
.. figure:: oomLogoV2-medium.png
:align: right
@@ -50,7 +50,7 @@ The versions of Kubernetes that are supported by OOM are as follows:
============== =========== ===== ======== ========
amsterdam 1.7.x 2.3.x 1.7.x 1.12.x
beijing 1.8.10 2.8.2 1.8.10 17.03.x
- casablanca 1.11.2 2.9.1 1.11.2 17.03.x
+ casablanca 1.11.5 2.9.1 1.11.5 17.03.x
============== =========== ===== ======== ========
Minimum Hardware Configuration
@@ -69,7 +69,9 @@ components that are needed will drastically reduce the requirements.
===== ===== ====== ====================
.. note::
- Kubernetes supports a maximum of 110 pods per node. The use of many small
+ Kubernetes supports a maximum of 110 pods per node - configurable in the --max-pods=n setting off the
+ "additional kubelet flags" box in the kubernetes template window described in 'ONAP Development - 110 pod limit Wiki'
+ - this limit does not need to be modified . The use of many small
nodes is preferred over a few larger nodes (for example 14x16GB - 8 vCores each).
Subsets of ONAP may still be deployed on a single node.
@@ -98,4 +100,4 @@ OOM can be deployed on a private set of physical hosts or VMs (or even a
combination of the two). The following guide describe the recommended method to
setup a Kubernetes cluster: :ref:`onap-on-kubernetes-with-rancher`.
-There are alternative deployment methods described on the `ONAP on Kubernetes Wiki`_
+There are alternative deployment methods described on the `Cloud Native Deployment Wiki`_
diff --git a/docs/oom_setup_kubernetes_rancher.rst b/docs/oom_setup_kubernetes_rancher.rst
index fddccf8068..35ab88eb06 100644
--- a/docs/oom_setup_kubernetes_rancher.rst
+++ b/docs/oom_setup_kubernetes_rancher.rst
@@ -415,10 +415,6 @@ procedure would remain the same.
- name: "SB4"
user:
token: "QmFzaWMgTlRBd01qZzBOemc)TkRrMk1UWkNOMFpDTlVFNlExcHdSa1JhVZreE5XSm1TRGhWU2t0Vk1sQjVhalZaY0dWaFVtZGFVMHQzWW1WWVJtVmpSQT09"
- ~
- ~
- ~
- - INSERT --
5. Validate that kubectl is able to connect to the kubernetes cluster::
diff --git a/docs/openstack-k8s-node.sh b/docs/openstack-k8s-node.sh
index b8462aa5e9..308f2204ff 100644
--- a/docs/openstack-k8s-node.sh
+++ b/docs/openstack-k8s-node.sh
@@ -1,7 +1,7 @@
#!/bin/bash
DOCKER_VERSION=17.03
-KUBECTL_VERSION=1.11.2
+KUBECTL_VERSION=1.11.5
HELM_VERSION=2.9.1
# setup root access - default login: oom/oom - comment out to restrict access too ssh key only
diff --git a/docs/openstack-rancher.sh b/docs/openstack-rancher.sh
index bcf542aedc..ac91ff5566 100644
--- a/docs/openstack-rancher.sh
+++ b/docs/openstack-rancher.sh
@@ -2,7 +2,7 @@
DOCKER_VERSION=17.03
RANCHER_VERSION=1.6.22
-KUBECTL_VERSION=1.11.2
+KUBECTL_VERSION=1.11.5
HELM_VERSION=2.9.1
# setup root access - default login: oom/oom - comment out to restrict access too ssh key only
diff --git a/kubernetes/aai/charts/aai-gizmo/resources/config/auth/client-cert.p12 b/kubernetes/aai/charts/aai-gizmo/resources/config/auth/client-cert.p12
new file mode 100644
index 0000000000..dbf4fcacec
--- /dev/null
+++ b/kubernetes/aai/charts/aai-gizmo/resources/config/auth/client-cert.p12
Binary files differ
diff --git a/kubernetes/aai/charts/aai-gizmo/resources/config/model/edge_properties_v15.json b/kubernetes/aai/charts/aai-gizmo/resources/config/model/edge_properties_v15.json
new file mode 100644
index 0000000000..8d00636d27
--- /dev/null
+++ b/kubernetes/aai/charts/aai-gizmo/resources/config/model/edge_properties_v15.json
@@ -0,0 +1,6 @@
+{
+ "contains-other-v": "java.lang.String",
+ "delete-other-v": "java.lang.String",
+ "SVC-INFRA": "java.lang.String",
+ "prevent-delete": "java.lang.String"
+} \ No newline at end of file
diff --git a/kubernetes/aai/charts/aai-gizmo/resources/config/schema-ingest.properties b/kubernetes/aai/charts/aai-gizmo/resources/config/schema-ingest.properties
index 39e08edf1b..647d4d963e 100644
--- a/kubernetes/aai/charts/aai-gizmo/resources/config/schema-ingest.properties
+++ b/kubernetes/aai/charts/aai-gizmo/resources/config/schema-ingest.properties
@@ -1,22 +1,45 @@
+###############################################################################
# Schema Version Related Attributes
+###############################################################################
schema.uri.base.path=/aai
# Lists all of the versions in the schema
-schema.version.list=v9,v10,v11,v12,v13,v14
+schema.version.list=v10,v11,v12,v13,v14,v15
# Specifies from which version should the depth parameter to default to zero
-schema.version.depth.start=v9
+schema.version.depth.start=v10
# Specifies from which version should the related link be displayed in response payload
schema.version.related.link.start=v10
# Specifies from which version should the client see only the uri excluding host info
# Before this version server base will also be included
schema.version.app.root.start=v11
# Specifies from which version should the namespace be changed
-schema.version.namespace.change.start=v12
+schema.version.namespace.change.start=v11
# Specifies from which version should the client start seeing the edge label in payload
schema.version.edge.label.start=v12
# Specifies the version that the application should default to
-schema.version.api.default=v14
+schema.version.api.default=v15
+###############################################################################
+# Schema Location Related Attributes
+###############################################################################
# Schema Location Related Attributes
schema.configuration.location=NA
schema.nodes.location=/opt/app/crud-api/bundleconfig/etc/onap/oxm
schema.edges.location=/opt/app/crud-api/bundleconfig/etc/onap/dbedgerules
+
+###############################################################################
+# Schema Service Related Attributes
+###############################################################################
+# Specifies whether to use the schema service or local schema files
+schema.translator.list=config
+
+schema.service.base.url=https://<host>:8452/aai/schema-service/v1/
+schema.service.nodes.endpoint=nodes?version=
+schema.service.edges.endpoint=edgerules?version=
+schema.service.versions.endpoint=versions
+
+#Default rest client is the two-way-ssl
+schema.service.client=two-way-ssl
+#Replace the below with the A&AI client key store
+schema.service.ssl.key-store=${CONFIG_HOME}/auth/client-cert.p12
+#Replace the below with the A&AI tomcat trust store
+schema.service.ssl.trust-store=${CONFIG_HOME}/auth/tomcat_keystore \ No newline at end of file
diff --git a/kubernetes/aai/charts/aai-resources/resources/config/aaf/truststoreONAPall.jks b/kubernetes/aai/charts/aai-resources/resources/config/aaf/truststoreONAPall.jks
deleted file mode 100644
index 2da1dcc4b4..0000000000
--- a/kubernetes/aai/charts/aai-resources/resources/config/aaf/truststoreONAPall.jks
+++ /dev/null
Binary files differ
diff --git a/kubernetes/aai/charts/aai-resources/templates/configmap.yaml b/kubernetes/aai/charts/aai-resources/templates/configmap.yaml
index 4fd939dbd0..b5a7fc562f 100644
--- a/kubernetes/aai/charts/aai-resources/templates/configmap.yaml
+++ b/kubernetes/aai/charts/aai-resources/templates/configmap.yaml
@@ -134,7 +134,6 @@ type: Opaque
data:
{{ tpl (.Files.Glob "resources/config/aaf/org.onap.aai.keyfile").AsSecrets . | indent 2 }}
{{ tpl (.Files.Glob "resources/config/aaf/org.onap.aai.p12").AsSecrets . | indent 2 }}
-{{ tpl (.Files.Glob "resources/config/aaf/truststoreONAPall.jks").AsSecrets . | indent 2 }}
{{ tpl (.Files.Glob "resources/config/aaf/bath_config.csv").AsSecrets . | indent 2 }}
{{ if .Values.global.installSidecarSecurity }}
diff --git a/kubernetes/aai/charts/aai-resources/templates/deployment.yaml b/kubernetes/aai/charts/aai-resources/templates/deployment.yaml
index 8d7b740276..cac8f4b89f 100644
--- a/kubernetes/aai/charts/aai-resources/templates/deployment.yaml
+++ b/kubernetes/aai/charts/aai-resources/templates/deployment.yaml
@@ -71,6 +71,17 @@ spec:
"path": "/aai/v13/cloud-infrastructure"
},
{
+ "serviceName": "_aai-cloudInfrastructure",
+ "version": "v14",
+ "url": "/aai/v14/cloud-infrastructure",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v14/cloud-infrastructure"
+ },
+ {
"serviceName": "_aai-business",
"version": "v11",
"url": "/aai/v11/business",
@@ -104,6 +115,17 @@ spec:
"path": "/aai/v13/business"
},
{
+ "serviceName": "_aai-business",
+ "version": "v14",
+ "url": "/aai/v14/business",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v14/business"
+ },
+ {
"serviceName": "_aai-actions",
"version": "v11",
"url": "/aai/v11/actions",
@@ -137,6 +159,17 @@ spec:
"path": "/aai/v13/actions"
},
{
+ "serviceName": "_aai-actions",
+ "version": "v14",
+ "url": "/aai/v14/actions",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v14/actions"
+ },
+ {
"serviceName": "_aai-service-design-and-creation",
"version": "v11",
"url": "/aai/v11/service-design-and-creation",
@@ -170,6 +203,17 @@ spec:
"path": "/aai/v13/service-design-and-creation"
},
{
+ "serviceName": "_aai-service-design-and-creation",
+ "version": "v14",
+ "url": "/aai/v14/service-design-and-creation",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v14/service-design-and-creation"
+ },
+ {
"serviceName": "_aai-network",
"version": "v11",
"url": "/aai/v11/network",
@@ -203,6 +247,17 @@ spec:
"path": "/aai/v13/network"
},
{
+ "serviceName": "_aai-network",
+ "version": "v14",
+ "url": "/aai/v14/network",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v14/network"
+ },
+ {
"serviceName": "_aai-externalSystem",
"version": "v11",
"url": "/aai/v11/external-system",
@@ -212,7 +267,7 @@ spec:
"lb_policy":"ip_hash",
"visualRange": "1",
"path": "/aai/v11/external-system"
- },
+ },
{
"serviceName": "_aai-externalSystem",
"version": "v12",
@@ -223,7 +278,7 @@ spec:
"lb_policy":"ip_hash",
"visualRange": "1",
"path": "/aai/v12/external-system"
- },
+ },
{
"serviceName": "_aai-externalSystem",
"version": "v13",
@@ -236,6 +291,17 @@ spec:
"path": "/aai/v13/external-system"
},
{
+ "serviceName": "_aai-externalSystem",
+ "version": "v14",
+ "url": "/aai/v14/external-system",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v14/external-system"
+ },
+ {
"serviceName": "aai-cloudInfrastructure",
"version": "v11",
"url": "/aai/v11/cloud-infrastructure",
@@ -266,6 +332,16 @@ spec:
"visualRange": "1"
},
{
+ "serviceName": "aai-cloudInfrastructure",
+ "version": "v14",
+ "url": "/aai/v14/cloud-infrastructure",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
"serviceName": "aai-business",
"version": "v11",
"url": "/aai/v11/business",
@@ -296,6 +372,16 @@ spec:
"visualRange": "1"
},
{
+ "serviceName": "aai-business",
+ "version": "v14",
+ "url": "/aai/v14/business",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
"serviceName": "aai-actions",
"version": "v11",
"url": "/aai/v11/actions",
@@ -326,6 +412,16 @@ spec:
"visualRange": "1"
},
{
+ "serviceName": "aai-actions",
+ "version": "v14",
+ "url": "/aai/v14/actions",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
"serviceName": "aai-service-design-and-creation",
"version": "v11",
"url": "/aai/v11/service-design-and-creation",
@@ -356,6 +452,16 @@ spec:
"visualRange": "1"
},
{
+ "serviceName": "aai-service-design-and-creation",
+ "version": "v14",
+ "url": "/aai/v14/service-design-and-creation",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
"serviceName": "aai-network",
"version": "v11",
"url": "/aai/v11/network",
@@ -386,6 +492,16 @@ spec:
"visualRange": "1"
},
{
+ "serviceName": "aai-network",
+ "version": "v14",
+ "url": "/aai/v14/network",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
"serviceName": "aai-externalSystem",
"version": "v11",
"url": "/aai/v11/external-system",
@@ -394,7 +510,7 @@ spec:
"enable_ssl": true,
"lb_policy":"ip_hash",
"visualRange": "1"
- },
+ },
{
"serviceName": "aai-externalSystem",
"version": "v12",
@@ -404,7 +520,7 @@ spec:
"enable_ssl": true,
"lb_policy":"ip_hash",
"visualRange": "1"
- },
+ },
{
"serviceName": "aai-externalSystem",
"version": "v13",
@@ -414,6 +530,16 @@ spec:
"enable_ssl": true,
"lb_policy":"ip_hash",
"visualRange": "1"
+ },
+ {
+ "serviceName": "aai-externalSystem",
+ "version": "v14",
+ "url": "/aai/v14/external-system",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
}
]'
spec:
@@ -515,7 +641,7 @@ spec:
name: {{ include "common.fullname" . }}-aaf-certs
subPath: org.onap.aai.p12
- mountPath: /opt/app/aai-resources/resources/aaf/truststoreONAPall.jks
- name: {{ include "common.fullname" . }}-aaf-certs
+ name: aai-common-aai-auth-mount
subPath: truststoreONAPall.jks
- mountPath: /opt/app/aai-resources/resources/application.properties
name: {{ include "common.fullname" . }}-springapp-conf
@@ -647,6 +773,9 @@ spec:
{{ end }}
volumes:
+ - name: aai-common-aai-auth-mount
+ secret:
+ secretName: aai-common-aai-auth
- name: localtime
hostPath:
path: /etc/localtime
diff --git a/kubernetes/aai/charts/aai-sparky-be/templates/deployment.yaml b/kubernetes/aai/charts/aai-sparky-be/templates/deployment.yaml
index a596a6b77d..ac9cf77fbb 100644
--- a/kubernetes/aai/charts/aai-sparky-be/templates/deployment.yaml
+++ b/kubernetes/aai/charts/aai-sparky-be/templates/deployment.yaml
@@ -63,8 +63,21 @@ spec:
- mountPath: /etc/localtime
name: localtime
readOnly: true
- - mountPath: /opt/app/sparky/config/auth/
+ - mountPath: /opt/app/sparky/config/auth/client-cert-onap.p12
name: {{ include "common.fullname" . }}-auth-config
+ subPath: client-cert-onap.p12
+
+ - mountPath: /opt/app/sparky/config/auth/csp-cookie-filter.properties
+ name: {{ include "common.fullname" . }}-auth-config
+ subPath: csp-cookie-filter.properties
+
+ - mountPath: /opt/app/sparky/config/auth/org.onap.aai.p12
+ name: {{ include "common.fullname" . }}-auth-config
+ subPath: org.onap.aai.p12
+
+ - mountPath: /opt/app/sparky/config/auth/truststoreONAPall.jks
+ name: aai-common-aai-auth-mount
+ subPath: truststoreONAPall.jks
- mountPath: /opt/app/sparky/config/portal/
name: {{ include "common.fullname" . }}-portal-config
@@ -171,6 +184,11 @@ spec:
- name: {{ include "common.fullname" . }}-auth-config
secret:
secretName: {{ include "common.fullname" . }}
+
+ - name: aai-common-aai-auth-mount
+ secret:
+ secretName: aai-common-aai-auth
+
- name: filebeat-conf
configMap:
name: aai-filebeat
diff --git a/kubernetes/aai/charts/aai-spike/resources/config/auth/client-cert.p12 b/kubernetes/aai/charts/aai-spike/resources/config/auth/client-cert.p12
new file mode 100644
index 0000000000..d9fe86e4ec
--- /dev/null
+++ b/kubernetes/aai/charts/aai-spike/resources/config/auth/client-cert.p12
Binary files differ
diff --git a/kubernetes/aai/charts/aai-spike/resources/config/model/edge_props/edge_properties_v15.json b/kubernetes/aai/charts/aai-spike/resources/config/model/edge_props/edge_properties_v15.json
new file mode 100644
index 0000000000..8d00636d27
--- /dev/null
+++ b/kubernetes/aai/charts/aai-spike/resources/config/model/edge_props/edge_properties_v15.json
@@ -0,0 +1,6 @@
+{
+ "contains-other-v": "java.lang.String",
+ "delete-other-v": "java.lang.String",
+ "SVC-INFRA": "java.lang.String",
+ "prevent-delete": "java.lang.String"
+} \ No newline at end of file
diff --git a/kubernetes/aai/charts/aai-spike/resources/config/schema-ingest.properties b/kubernetes/aai/charts/aai-spike/resources/config/schema-ingest.properties
index 7cec524c95..15697615df 100644
--- a/kubernetes/aai/charts/aai-spike/resources/config/schema-ingest.properties
+++ b/kubernetes/aai/charts/aai-spike/resources/config/schema-ingest.properties
@@ -22,28 +22,44 @@
#######################################
# Schema Version Related Attributes
#######################################
-
schema.uri.base.path=/aai
# Lists all of the versions in the schema
-schema.version.list=v8,v9,v10,v11,v12,v13,v14
+schema.version.list=v10,v11,v12,v13,v14,v15
# Specifies from which version should the depth parameter to default to zero
-schema.version.depth.start=v9
+schema.version.depth.start=v10
# Specifies from which version should the related link be displayed in response payload
schema.version.related.link.start=v10
# Specifies from which version should the client see only the uri excluding host info
# Before this version server base will also be included
schema.version.app.root.start=v11
# Specifies from which version should the namespace be changed
-schema.version.namespace.change.start=v12
+schema.version.namespace.change.start=v11
# Specifies from which version should the client start seeing the edge label in payload
schema.version.edge.label.start=v12
# Specifies the version that the application should default to
-schema.version.api.default=v14
+schema.version.api.default=v15
#######################################
# Schema Location Related Attributes
#######################################
-
schema.configuration.location=NA
schema.nodes.location=/opt/app/spike/bundleconfig/etc/onap/oxm
schema.edges.location=/opt/app/spike/bundleconfig/etc/onap/dbedgerules
+
+###############################################################################
+# Schema Service Related Attributes
+###############################################################################
+# Specifies whether to use the schema service (schema-service) or local schema files (config)
+schema.translator.list=config
+
+schema.service.base.url=https://<host>:8452/aai/schema-service/v1/
+schema.service.nodes.endpoint=nodes?version=
+schema.service.edges.endpoint=edgerules?version=
+schema.service.versions.endpoint=versions
+
+#Default rest client is the two-way-ssl
+schema.service.client=two-way-ssl
+#Replace the below with the A&AI client key store
+schema.service.ssl.key-store=${CONFIG_HOME}/auth/client-cert.p12
+#Replace the below with the A&AI tomcat trust store
+schema.service.ssl.trust-store=${CONFIG_HOME}/auth/tomcat_keystore
diff --git a/kubernetes/aai/charts/aai-traversal/resources/config/aaf/truststoreONAPall.jks b/kubernetes/aai/charts/aai-traversal/resources/config/aaf/truststoreONAPall.jks
deleted file mode 100644
index 2da1dcc4b4..0000000000
--- a/kubernetes/aai/charts/aai-traversal/resources/config/aaf/truststoreONAPall.jks
+++ /dev/null
Binary files differ
diff --git a/kubernetes/aai/charts/aai-traversal/templates/configmap.yaml b/kubernetes/aai/charts/aai-traversal/templates/configmap.yaml
index 79d6abd6c0..106031edbc 100644
--- a/kubernetes/aai/charts/aai-traversal/templates/configmap.yaml
+++ b/kubernetes/aai/charts/aai-traversal/templates/configmap.yaml
@@ -133,5 +133,4 @@ type: Opaque
data:
{{ tpl (.Files.Glob "resources/config/aaf/org.onap.aai.keyfile").AsSecrets . | indent 2 }}
{{ tpl (.Files.Glob "resources/config/aaf/org.onap.aai.p12").AsSecrets . | indent 2 }}
-{{ tpl (.Files.Glob "resources/config/aaf/truststoreONAPall.jks").AsSecrets . | indent 2 }}
{{ tpl (.Files.Glob "resources/config/aaf/bath_config.csv").AsSecrets . | indent 2 }}
diff --git a/kubernetes/aai/charts/aai-traversal/templates/deployment.yaml b/kubernetes/aai/charts/aai-traversal/templates/deployment.yaml
index 834ab322cd..3785de0bba 100644
--- a/kubernetes/aai/charts/aai-traversal/templates/deployment.yaml
+++ b/kubernetes/aai/charts/aai-traversal/templates/deployment.yaml
@@ -71,6 +71,17 @@ spec:
"path": "/aai/v13/search/generic-query"
},
{
+ "serviceName": "_aai-generic-query",
+ "version": "v14",
+ "url": "/aai/v14/search/generic-query",
+ "protocol": "REST",
+ "port": "8446",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v14/search/generic-query"
+ },
+ {
"serviceName": "_aai-nodes-query",
"version": "v11",
"url": "/aai/v11/search/nodes-query",
@@ -104,6 +115,17 @@ spec:
"path": "/aai/v13/search/nodes-query"
},
{
+ "serviceName": "_aai-nodes-query",
+ "version": "v14",
+ "url": "/aai/v14/search/nodes-query",
+ "protocol": "REST",
+ "port": "8446",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v14/search/nodes-query"
+ },
+ {
"serviceName": "_aai-query",
"version": "v11",
"url": "/aai/v11/query",
@@ -137,6 +159,17 @@ spec:
"path": "/aai/v13/query"
},
{
+ "serviceName": "_aai-query",
+ "version": "v14",
+ "url": "/aai/v14/query",
+ "protocol": "REST",
+ "port": "8446",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v14/query"
+ },
+ {
"serviceName": "_aai-named-query",
"url": "/aai/search",
"protocol": "REST",
@@ -177,6 +210,16 @@ spec:
"visualRange": "1"
},
{
+ "serviceName": "aai-generic-query",
+ "version": "v14",
+ "url": "/aai/v14/search/generic-query",
+ "protocol": "REST",
+ "port": "8446",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
"serviceName": "aai-nodes-query",
"version": "v11",
"url": "/aai/v11/search/nodes-query",
@@ -207,6 +250,16 @@ spec:
"visualRange": "1"
},
{
+ "serviceName": "aai-nodes-query",
+ "version": "v14",
+ "url": "/aai/v14/search/nodes-query",
+ "protocol": "REST",
+ "port": "8446",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
"serviceName": "aai-query",
"version": "v11",
"url": "/aai/v11/query",
@@ -237,6 +290,16 @@ spec:
"visualRange": "1"
},
{
+ "serviceName": "aai-query",
+ "version": "v14",
+ "url": "/aai/v14/query",
+ "protocol": "REST",
+ "port": "8446",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
"serviceName": "aai-named-query",
"url": "/aai/search",
"protocol": "REST",
@@ -329,7 +392,7 @@ spec:
name: {{ include "common.fullname" . }}-aaf-certs
subPath: org.onap.aai.p12
- mountPath: /opt/app/aai-traversal/resources/aaf/truststoreONAPall.jks
- name: {{ include "common.fullname" . }}-aaf-certs
+ name: aai-common-aai-auth-mount
subPath: truststoreONAPall.jks
- mountPath: /opt/app/aai-traversal/resources/application.properties
name: {{ include "common.fullname" . }}-springapp-conf
@@ -412,6 +475,9 @@ spec:
- name: {{ include "common.fullname" . }}-aaf-certs
secret:
secretName: {{ include "common.fullname" . }}-aaf-keys
+ - name: aai-common-aai-auth-mount
+ secret:
+ secretName: aai-common-aai-auth
- name: {{ include "common.fullname" . }}-springapp-conf
configMap:
name: {{ include "common.fullname" . }}-springapp-configmap
diff --git a/kubernetes/aai/charts/aai-sparky-be/resources/config/auth/truststoreONAPall.jks b/kubernetes/aai/resources/config/auth/truststoreONAPall.jks
index ff844b109d..ff844b109d 100644
--- a/kubernetes/aai/charts/aai-sparky-be/resources/config/auth/truststoreONAPall.jks
+++ b/kubernetes/aai/resources/config/auth/truststoreONAPall.jks
Binary files differ
diff --git a/kubernetes/aai/templates/secret.yaml b/kubernetes/aai/templates/secret.yaml
new file mode 100644
index 0000000000..8d00a9d41c
--- /dev/null
+++ b/kubernetes/aai/templates/secret.yaml
@@ -0,0 +1,22 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: Secret
+metadata:
+ name: aai-common-aai-auth
+ namespace: {{ include "common.namespace" . }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/config/auth/*").AsSecrets . | indent 2 }}
diff --git a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/base.conf b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/base.conf
index 7afaeaea61..cff0deec5a 100644
--- a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/base.conf
+++ b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/base.conf
@@ -22,19 +22,19 @@ TRUSTSTORE_PASSWD=Pol1cy_0nap
# Telemetry credentials
-ENGINE_MANAGEMENT_PORT=9696
-ENGINE_MANAGEMENT_HOST=0.0.0.0
-ENGINE_MANAGEMENT_USER=demo@people.osaaf.org
-ENGINE_MANAGEMENT_PASSWORD=demo123456!
+TELEMETRY_PORT=9696
+TELEMETRY_HOST=0.0.0.0
+TELEMETRY_USER=demo@people.osaaf.org
+TELEMETRY_PASSWORD=demo123456!
# nexus repository
-snapshotRepositoryID=policy-nexus-snapshots
-snapshotRepositoryUrl=http://{{.Values.global.nexus.nameOverride}}:{{.Values.config.nexusPort}}/nexus/content/repositories/snapshots/
-releaseRepositoryID=policy-nexus-releases
-releaseRepositoryUrl=http://{{.Values.global.nexus.nameOverride}}:{{.Values.config.nexusPort}}/nexus/content/repositories/releases/
-repositoryUsername=admin
-repositoryPassword=admin123
+SNAPSHOT_REPOSITORY_ID=policy-nexus-snapshots
+SNAPSHOT_REPOSITORY_URL=http://{{.Values.global.nexus.nameOverride}}:{{.Values.config.nexusPort}}/nexus/content/repositories/snapshots/
+RELEASE_REPOSITORY_ID=policy-nexus-releases
+RELEASE_REPOSITORY_URL=http://{{.Values.global.nexus.nameOverride}}:{{.Values.config.nexusPort}}/nexus/content/repositories/releases/
+REPOSITORY_USERNAME=admin
+REPOSITORY_PASSWORD=admin123
# Relational (SQL) DB access
diff --git a/kubernetes/policy/charts/policy-apex-pdp/resources/config/config.json b/kubernetes/policy/charts/policy-apex-pdp/resources/config/config.json
index c8908c7b91..57542c3510 100644
--- a/kubernetes/policy/charts/policy-apex-pdp/resources/config/config.json
+++ b/kubernetes/policy/charts/policy-apex-pdp/resources/config/config.json
@@ -5,7 +5,7 @@
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
-# http://www.apache.org/licenses/LICENSE-2.0
+# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
@@ -16,63 +16,49 @@
# SPDX-License-Identifier: Apache-2.0
# ============LICENSE_END=========================================================
{
- "engineServiceParameters": {
- "name": "PolicyApexPDPEngine",
- "version": "0.0.1",
- "id": 45,
- "instanceCount": 4,
- "deploymentPort": 12345,
- "engineParameters": {
- "executorParameters": {
- "JAVASCRIPT": {
- "parameterClassName": "org.onap.policy.apex.plugins.executor.javascript.JavascriptExecutorParameters"
- }
- },
- "contextParameters": {
- "parameterClassName": "org.onap.policy.apex.context.parameters.ContextParameters",
- "schemaParameters": {
- "Avro": {
- "parameterClassName": "org.onap.policy.apex.plugins.context.schema.avro.AvroSchemaHelperParameters"
- }
- }
- }
- }
- },
- "eventInputParameters": {
- "ApexConsumer": {
- "carrierTechnologyParameters" : {
- "carrierTechnology" : "RESTSERVER",
- "parameterClassName" :
- "org.onap.policy.apex.plugins.event.carrier.restserver.RestServerCarrierTechnologyParameters",
- "parameters" : {
- "standalone" : true,
- "host" : "localhost",
- "port" : 12346
- }
- },
- "eventProtocolParameters":{
- "eventProtocol" : "JSON"
- },
- "synchronousMode" : true,
- "synchronousPeer" : "ApexProducer",
- "synchronousTimeout" : 500
- }
- },
- "eventOutputParameters": {
- "ApexProducer": {
- "carrierTechnologyParameters":{
- "carrierTechnology" : "RESTSERVER",
- "parameterClassName" :
- "org.onap.policy.apex.plugins.event.carrier.restserver.RestServerCarrierTechnologyParameters"
- },
- "eventProtocolParameters":{
- "eventProtocol" : "JSON"
- },
- "synchronousMode" : true,
- "synchronousPeer" : "ApexConsumer",
- "synchronousTimeout" : 500
- }
+ "javaProperties" : [
+ ["javax.net.ssl.trustStore", "/opt/app/policy/apex-pdp/etc/ssl/policy-truststore"],
+ ["javax.net.ssl.trustStorePassword", "UG9sMWN5XzBuYXA="]
+ ],
+ "engineServiceParameters": {
+ "name": "MyApexEngine",
+ "version": "0.0.1",
+ "id": 45,
+ "instanceCount": 4,
+ "deploymentPort": 12345,
+ "policyModelFileName": "examples/models/SampleDomain/SamplePolicyModelJAVASCRIPT.json",
+ "engineParameters": {
+ "executorParameters": {
+ "JAVASCRIPT": {
+ "parameterClassName": "org.onap.policy.apex.plugins.executor.javascript.JavascriptExecutorParameters"
}
+ }
+ }
+ },
+ "eventOutputParameters": {
+ "FirstProducer": {
+ "carrierTechnologyParameters": {
+ "carrierTechnology": "FILE",
+ "parameters": {
+ "standardIo": true
+ }
+ },
+ "eventProtocolParameters": {
+ "eventProtocol": "JSON"
+ }
+ }
+ },
+ "eventInputParameters": {
+ "FirstConsumer": {
+ "carrierTechnologyParameters": {
+ "carrierTechnology": "FILE",
+ "parameters": {
+ "standardIo": true
+ }
+ },
+ "eventProtocolParameters": {
+ "eventProtocol": "JSON"
+ }
+ }
+ }
}
-
-
diff --git a/kubernetes/pomba/charts/pomba-contextaggregator/resources/config/logback.xml b/kubernetes/pomba/charts/pomba-contextaggregator/resources/config/logback.xml
new file mode 100644
index 0000000000..0a4b616453
--- /dev/null
+++ b/kubernetes/pomba/charts/pomba-contextaggregator/resources/config/logback.xml
@@ -0,0 +1,31 @@
+<configuration >
+ <property name="p_tim" value="%d{&quot;yyyy-MM-dd'T'HH:mm:ss.SSSXXX&quot;, UTC}"/>
+ <property name="p_lvl" value="%level"/>
+ <property name="p_log" value="%logger"/>
+ <property name="p_mdc" value="%replace(%replace(%mdc){'\t','\\\\t'}){'\n', '\\\\n'}"/>
+ <property name="p_msg" value="%replace(%replace(%msg){'\t', '\\\\t'}){'\n','\\\\n'}"/>
+ <property name="p_exc" value="%replace(%replace(%rootException){'\t', '\\\\t'}){'\n','\\\\n'}"/>
+ <!-- tabs -->
+ <property name="p_mak" value="%replace(%replace(%marker){'\t', '\\\\t'}){'\n','\\\\n'}"/>
+ <property name="p_thr" value="%thread"/>
+ <property name="pattern" value="%nopexception${p_tim}\t${p_thr}\t${p_lvl}\t${p_log}\t${p_mdc}\t${p_msg}\t${p_exc}\t${p_mak}\t%n"/>
+ <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+ <encoder>
+ <pattern>${pattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="FILE" class="ch.qos.logback.core.FileAppender">
+ <file>/opt/app/logs/EELF/output.log</file>
+ <encoder>
+ <pattern>${pattern}</pattern>
+ </encoder>
+ </appender>
+ <logger level="INFO" name="org.onap.logging.ref.slf4j" additivity="false">
+ <appender-ref ref="STDOUT" />
+ <appender-ref ref="FILE" />
+ </logger>
+ <root level="info">
+ <appender-ref ref="STDOUT" />
+ <appender-ref ref="FILE" />
+ </root>
+</configuration>
diff --git a/kubernetes/pomba/charts/pomba-contextaggregator/templates/configmap.yaml b/kubernetes/pomba/charts/pomba-contextaggregator/templates/configmap.yaml
index d5ce98e6f2..b984c52b15 100755
--- a/kubernetes/pomba/charts/pomba-contextaggregator/templates/configmap.yaml
+++ b/kubernetes/pomba/charts/pomba-contextaggregator/templates/configmap.yaml
@@ -34,4 +34,12 @@ metadata:
name: {{ include "common.fullname" . }}-pre-start-configmap
namespace: {{ include "common.namespace" . }}
data:
-{{ tpl (.Files.Glob "resources/bin/*").AsConfig . | indent 2 }} \ No newline at end of file
+{{ tpl (.Files.Glob "resources/bin/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-log
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/config/logback.xml").AsConfig . | indent 2 }} \ No newline at end of file
diff --git a/kubernetes/pomba/charts/pomba-contextaggregator/templates/deployment.yaml b/kubernetes/pomba/charts/pomba-contextaggregator/templates/deployment.yaml
index 52a28d012c..33e82ea5dc 100755
--- a/kubernetes/pomba/charts/pomba-contextaggregator/templates/deployment.yaml
+++ b/kubernetes/pomba/charts/pomba-contextaggregator/templates/deployment.yaml
@@ -82,6 +82,16 @@ spec:
name: {{ include "common.fullname" . }}-pre-start
subPath: pre_start.sh
readOnly: false
+ - name: {{ include "common.fullname" . }}-logs
+ mountPath: /opt/app/logs
+ readOnly: false
+ - mountPath: /opt/app/config/logback.xml
+ name: {{ include "common.fullname" . }}-log-conf
+ subPath: logback.xml
+ - name: {{ include "common.fullname" . }}-logs-eelf
+ mountPath: /opt/app/logs/EELF
+ readOnly: false
+
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
@@ -106,5 +116,12 @@ spec:
configMap:
name: {{ include "common.fullname" . }}-pre-start-configmap
defaultMode: 0777
+ - name: {{ include "common.fullname" . }}-logs
+ emptyDir: {}
+ - name: {{ include "common.fullname" . }}-log-conf
+ configMap:
+ name: {{ include "common.fullname" . }}-log
+ - name: {{ include "common.fullname" . }}-logs-eelf
+ emptyDir: {}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/pomba/charts/pomba-networkdiscovery/resources/config/application.properties b/kubernetes/pomba/charts/pomba-networkdiscovery/resources/config/application.properties
index cccba6b7bc..a5aeb71ec1 100644
--- a/kubernetes/pomba/charts/pomba-networkdiscovery/resources/config/application.properties
+++ b/kubernetes/pomba/charts/pomba-networkdiscovery/resources/config/application.properties
@@ -13,23 +13,6 @@
# limitations under the License
spring.jersey.type=filter
-spring.mvc.urls=swagger,docs,prometheus,auditevents,info,heapdump,autoconfig,beans,loggers,dump,env,trace,health,configprops,mappings,metrics,webjars
-
-
-server.contextPath=/network-discovery
-spring.autoconfigure.exclude=org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration,org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration
-
-#This property is used to set the Tomcat connector attributes.developers can define multiple attributes separated by comma
-#tomcat.connector.attributes=allowTrace-true
-#The max number of active threads in this pool
-server.tomcat.max-threads=200
-#The minimum number of threads always kept alive
-server.tomcat.min-Spare-Threads=25
-#The number of milliseconds before an idle thread shutsdown, unless the number of active threads are less or equal to minSpareThreads
-server.tomcat.max-idle-time=60000
-
-#Servlet context parameters
-server.context_parameters.p-name=value #context parameter with p-name as key and value as value.
#Enable HTTPS
server.port={{ .Values.config.serverSslPort }}
diff --git a/kubernetes/pomba/charts/pomba-sdcctxbuilder/resources/config/logback.xml b/kubernetes/pomba/charts/pomba-sdcctxbuilder/resources/config/logback.xml
new file mode 100644
index 0000000000..0a4b616453
--- /dev/null
+++ b/kubernetes/pomba/charts/pomba-sdcctxbuilder/resources/config/logback.xml
@@ -0,0 +1,31 @@
+<configuration >
+ <property name="p_tim" value="%d{&quot;yyyy-MM-dd'T'HH:mm:ss.SSSXXX&quot;, UTC}"/>
+ <property name="p_lvl" value="%level"/>
+ <property name="p_log" value="%logger"/>
+ <property name="p_mdc" value="%replace(%replace(%mdc){'\t','\\\\t'}){'\n', '\\\\n'}"/>
+ <property name="p_msg" value="%replace(%replace(%msg){'\t', '\\\\t'}){'\n','\\\\n'}"/>
+ <property name="p_exc" value="%replace(%replace(%rootException){'\t', '\\\\t'}){'\n','\\\\n'}"/>
+ <!-- tabs -->
+ <property name="p_mak" value="%replace(%replace(%marker){'\t', '\\\\t'}){'\n','\\\\n'}"/>
+ <property name="p_thr" value="%thread"/>
+ <property name="pattern" value="%nopexception${p_tim}\t${p_thr}\t${p_lvl}\t${p_log}\t${p_mdc}\t${p_msg}\t${p_exc}\t${p_mak}\t%n"/>
+ <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+ <encoder>
+ <pattern>${pattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="FILE" class="ch.qos.logback.core.FileAppender">
+ <file>/opt/app/logs/EELF/output.log</file>
+ <encoder>
+ <pattern>${pattern}</pattern>
+ </encoder>
+ </appender>
+ <logger level="INFO" name="org.onap.logging.ref.slf4j" additivity="false">
+ <appender-ref ref="STDOUT" />
+ <appender-ref ref="FILE" />
+ </logger>
+ <root level="info">
+ <appender-ref ref="STDOUT" />
+ <appender-ref ref="FILE" />
+ </root>
+</configuration>
diff --git a/kubernetes/pomba/charts/pomba-sdcctxbuilder/templates/configmap.yaml b/kubernetes/pomba/charts/pomba-sdcctxbuilder/templates/configmap.yaml
index 3d46e72053..bae6641e13 100644
--- a/kubernetes/pomba/charts/pomba-sdcctxbuilder/templates/configmap.yaml
+++ b/kubernetes/pomba/charts/pomba-sdcctxbuilder/templates/configmap.yaml
@@ -19,3 +19,11 @@ metadata:
namespace: {{ include "common.namespace" . }}
data:
{{ tpl (.Files.Glob "resources/config/application.properties").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-log
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/config/logback.xml").AsConfig . | indent 2 }} \ No newline at end of file
diff --git a/kubernetes/pomba/charts/pomba-sdcctxbuilder/templates/deployment.yaml b/kubernetes/pomba/charts/pomba-sdcctxbuilder/templates/deployment.yaml
index f2c7ec75b0..6ae5ee3e4e 100644
--- a/kubernetes/pomba/charts/pomba-sdcctxbuilder/templates/deployment.yaml
+++ b/kubernetes/pomba/charts/pomba-sdcctxbuilder/templates/deployment.yaml
@@ -59,6 +59,15 @@ spec:
name: {{ include "common.fullname" . }}-config
subPath: application.properties
readOnly: true
+ - name: {{ include "common.fullname" . }}-logs
+ mountPath: /opt/app/logs
+ readOnly: false
+ - mountPath: /opt/app/config/logback.xml
+ name: {{ include "common.fullname" . }}-log-conf
+ subPath: logback.xml
+ - name: {{ include "common.fullname" . }}-logs-eelf
+ mountPath: /opt/app/logs/EELF
+ readOnly: false
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
@@ -77,5 +86,12 @@ spec:
- name: {{ include "common.fullname" . }}-config
configMap:
name: {{ include "common.fullname" . }}-configmap
+ - name: {{ include "common.fullname" . }}-logs
+ emptyDir: {}
+ - name: {{ include "common.fullname" . }}-log-conf
+ configMap:
+ name: {{ include "common.fullname" . }}-log
+ - name: {{ include "common.fullname" . }}-logs-eelf
+ emptyDir: {}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/pomba/charts/pomba-sdncctxbuilder/resources/config/logback.xml b/kubernetes/pomba/charts/pomba-sdncctxbuilder/resources/config/logback.xml
index 519cf247ae..0a4b616453 100644
--- a/kubernetes/pomba/charts/pomba-sdncctxbuilder/resources/config/logback.xml
+++ b/kubernetes/pomba/charts/pomba-sdncctxbuilder/resources/config/logback.xml
@@ -1,235 +1,31 @@
-<configuration scan="true" scanPeriod="10 seconds" debug="false">
- <jmxConfigurator />
- <property name="logDirectory" value="/var/log/onap/pomba-sdncctxbuilder" />
- <!-- Example evaluator filter applied against console appender -->
+<configuration >
+ <property name="p_tim" value="%d{&quot;yyyy-MM-dd'T'HH:mm:ss.SSSXXX&quot;, UTC}"/>
+ <property name="p_lvl" value="%level"/>
+ <property name="p_log" value="%logger"/>
+ <property name="p_mdc" value="%replace(%replace(%mdc){'\t','\\\\t'}){'\n', '\\\\n'}"/>
+ <property name="p_msg" value="%replace(%replace(%msg){'\t', '\\\\t'}){'\n','\\\\n'}"/>
+ <property name="p_exc" value="%replace(%replace(%rootException){'\t', '\\\\t'}){'\n','\\\\n'}"/>
+ <!-- tabs -->
+ <property name="p_mak" value="%replace(%replace(%marker){'\t', '\\\\t'}){'\n','\\\\n'}"/>
+ <property name="p_thr" value="%thread"/>
+ <property name="pattern" value="%nopexception${p_tim}\t${p_thr}\t${p_lvl}\t${p_log}\t${p_mdc}\t${p_msg}\t${p_exc}\t${p_mak}\t%n"/>
<appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
- <!-- filter class="ch.qos.logback.classic.filter.LevelFilter"> <level>ERROR</level>
- <onMatch>ACCEPT</onMatch> <onMismatch>DENY</onMismatch> </filter -->
- <!-- deny all events with a level below INFO, that is TRACE and DEBUG -->
- <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
- <level>INFO</level>
- </filter>
<encoder>
- <pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n
- </pattern>
+ <pattern>${pattern}</pattern>
</encoder>
</appender>
-
- <appender name="ERROR"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
- <level>INFO</level>
- </filter>
- <file>${logDirectory}/error.log</file>
- <append>true</append>
+ <appender name="FILE" class="ch.qos.logback.core.FileAppender">
+ <file>/opt/app/logs/EELF/output.log</file>
<encoder>
- <pattern>%date{"yyyy-MM-dd'T'HH:mm:ss,SSSXXX", UTC}|%X{RequestId}|%.20thread|%X{ServiceName}|%X{PartnerName}|%X{TargetEntity}|%X{TargetServiceName}|%.-5level|%X{ErrorCode}|%X{ErrorDescription}|%msg%n</pattern>
+ <pattern>${pattern}</pattern>
</encoder>
- <rollingPolicy
- class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
- <maxIndex>10</maxIndex>
- <FileNamePattern>${logDirectory}/error.%i.log.zip
- </FileNamePattern>
- </rollingPolicy>
- <triggeringPolicy
- class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
- <maxFileSize>10MB</maxFileSize>
- </triggeringPolicy>
</appender>
-
- <appender name="DEBUG"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/debug.log</file>
- <append>true</append>
- <encoder>
- <pattern>%date{"yyyy-MM-dd'T'HH:mm:ss,SSSXXX",UTC}|%X{RequestId}|%.20thread|%.-5level|%logger{36}|%msg%n</pattern>
- </encoder>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/debug.%d{yyyy-MM-dd}.%i.log.zip</fileNamePattern>
- <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
- <maxFileSize>10MB</maxFileSize>
- </timeBasedFileNamingAndTriggeringPolicy>
- <maxHistory>5</maxHistory>
- </rollingPolicy>
- </appender>
-
- <appender name="AUDIT"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/audit.log</file>
- <append>true</append>
- <encoder>
- <pattern>%X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|%msg%n
- </pattern>
- </encoder>
- <rollingPolicy
- class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
- <maxIndex>10</maxIndex>
- <FileNamePattern>${logDirectory}/audit.%i.log.zip
- </FileNamePattern>
- </rollingPolicy>
- <triggeringPolicy
- class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
- <maxFileSize>10MB</maxFileSize>
- </triggeringPolicy>
- </appender>
- <appender name="asyncEELFAudit" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>256</queueSize>
- <appender-ref ref="AUDIT" />
- </appender>
-
- <appender name="METRIC"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/metric.log</file>
- <append>true</append>
- <encoder>
- <pattern>%X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{TargetEntity}|%X{TargetServiceName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{TargetVirtualEntity}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|
- %msg%n</pattern>
- </encoder>
- <rollingPolicy
- class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
- <maxIndex>10</maxIndex>
- <FileNamePattern>${logDirectory}/metric.%i.log.zip
- </FileNamePattern>
- </rollingPolicy>
- <triggeringPolicy
- class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
- <maxFileSize>10MB</maxFileSize>
- </triggeringPolicy>
- </appender>
- <appender name="asyncEELFMetrics" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>256</queueSize>
- <appender-ref ref="METRIC" />
- </appender>
-
- <!-- SECURITY related loggers -->
- <appender name="SECURITY"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/security.log</file>
- <append>true</append>
- <encoder>
- <pattern>%X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|%msg%n
- </pattern>
- </encoder>
- <rollingPolicy
- class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
- <maxIndex>10</maxIndex>
- <FileNamePattern>${logDirectory}/security.%i.log.zip
- </FileNamePattern>
- </rollingPolicy>
- <triggeringPolicy
- class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
- <maxFileSize>10MB</maxFileSize>
- </triggeringPolicy>
- </appender>
- <appender name="asyncEELFSecurity" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>256</queueSize>
- <appender-ref ref="SECURITY" />
- </appender>
-
- <!-- CLDS related loggers -->
- <logger name="org.onap.pomba.clds" level="INFO" additivity="true">
- <appender-ref ref="ERROR" />
- </logger>
-
- <!-- CLDS related loggers -->
- <logger name="com.att.eelf.error" level="OFF" additivity="true">
- <appender-ref ref="ERROR" />
- </logger>
- <!-- EELF related loggers -->
- <logger name="com.att.eelf.audit" level="INFO" additivity="false">
- <appender-ref ref="asyncEELFAudit" />
- </logger>
- <logger name="com.att.eelf.metrics" level="DEBUG" additivity="false">
- <appender-ref ref="asyncEELFMetrics" />
- </logger>
- <logger name="com.att.eelf.security" level="DEBUG" additivity="false">
- <appender-ref ref="asyncEELFSecurity" />
- </logger>
-
-
- <!-- Spring related loggers -->
- <logger name="org.springframework" level="WARN" />
- <logger name="org.springframework.beans" level="WARN" />
- <logger name="org.springframework.web" level="WARN" />
- <logger name="com.blog.spring.jms" level="WARN" />
-
- <!-- Other Loggers that may help troubleshoot -->
- <logger name="net.sf" level="WARN" />
- <logger name="org.apache.commons.httpclient" level="WARN" />
- <logger name="org.apache.commons" level="WARN" />
- <logger name="org.apache.coyote" level="WARN" />
- <logger name="org.apache.jasper" level="WARN" />
-
- <!-- Camel Related Loggers (including restlet/servlet/jaxrs/cxf logging.
- May aid in troubleshooting) -->
- <logger name="org.apache.camel" level="WARN" />
- <logger name="org.apache.cxf" level="WARN" />
- <logger name="org.apache.camel.processor.interceptor" level="WARN" />
- <logger name="org.apache.cxf.jaxrs.interceptor" level="WARN" />
- <logger name="org.apache.cxf.service" level="WARN" />
- <logger name="org.restlet" level="DEBUG" />
- <logger name="org.apache.camel.component.restlet" level="DEBUG" />
-
- <!-- logback internals logging -->
- <logger name="ch.qos.logback.classic" level="INFO" />
- <logger name="ch.qos.logback.core" level="INFO" />
-
- <!-- logback jms appenders & loggers definition starts here -->
- <!-- logback jms appenders & loggers definition starts here -->
- <appender name="auditLogs"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
- </filter>
- <file>${logDirectory}/Audit.log</file>
- <rollingPolicy
- class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
- <fileNamePattern>${logDirectory}/Audit.%i.log.zip
- </fileNamePattern>
- <minIndex>1</minIndex>
- <maxIndex>9</maxIndex>
- </rollingPolicy>
- <triggeringPolicy
- class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
- <maxFileSize>5MB</maxFileSize>
- </triggeringPolicy>
- <encoder>
- <pattern>"%d [%thread] %-5level %logger{1024} - %msg%n"</pattern>
- </encoder>
- </appender>
- <appender name="perfLogs"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
- </filter>
- <file>${logDirectory}/Perform.log</file>
- <rollingPolicy
- class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
- <fileNamePattern>${logDirectory}/Perform.%i.log.zip
- </fileNamePattern>
- <minIndex>1</minIndex>
- <maxIndex>9</maxIndex>
- </rollingPolicy>
- <triggeringPolicy
- class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
- <maxFileSize>5MB</maxFileSize>
- </triggeringPolicy>
- <encoder>
- <pattern>"%d [%thread] %-5level %logger{1024} - %msg%n"</pattern>
- </encoder>
- </appender>
- <logger name="AuditRecord" level="INFO" additivity="FALSE">
- <appender-ref ref="auditLogs" />
- </logger>
- <logger name="AuditRecord_DirectCall" level="INFO" additivity="FALSE">
- <appender-ref ref="auditLogs" />
- </logger>
- <logger name="PerfTrackerRecord" level="INFO" additivity="FALSE">
- <appender-ref ref="perfLogs" />
+ <logger level="INFO" name="org.onap.logging.ref.slf4j" additivity="false">
+ <appender-ref ref="STDOUT" />
+ <appender-ref ref="FILE" />
</logger>
- <!-- logback jms appenders & loggers definition ends here -->
-
- <root level="WARN">
- <appender-ref ref="DEBUG" />
+ <root level="info">
<appender-ref ref="STDOUT" />
+ <appender-ref ref="FILE" />
</root>
-
</configuration>
diff --git a/kubernetes/pomba/charts/pomba-sdncctxbuilder/templates/deployment.yaml b/kubernetes/pomba/charts/pomba-sdncctxbuilder/templates/deployment.yaml
index ca96dc6a12..bb5ed86834 100644
--- a/kubernetes/pomba/charts/pomba-sdncctxbuilder/templates/deployment.yaml
+++ b/kubernetes/pomba/charts/pomba-sdncctxbuilder/templates/deployment.yaml
@@ -56,15 +56,18 @@ spec:
name: localtime
readOnly: true
- name: {{ include "common.fullname" . }}-logs
- mountPath: /var/log/onap
+ mountPath: /opt/app/logs
+ readOnly: false
- mountPath: /opt/app/config/logback.xml
name: {{ include "common.fullname" . }}-log-conf
subPath: logback.xml
+ - name: {{ include "common.fullname" . }}-logs-eelf
+ mountPath: /opt/app/logs/EELF
+ readOnly: false
- mountPath: /opt/app/config/application.properties
name: {{ include "common.fullname" . }}-config
subPath: application.properties
readOnly: true
-
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
@@ -87,7 +90,7 @@ spec:
- name: {{ include "common.fullname" . }}-data-filebeat
mountPath: /usr/share/filebeat/data
- name: {{ include "common.fullname" . }}-logs
- mountPath: /var/log/onap
+ mountPath: /opt/app/logs
volumes:
- name: localtime
@@ -106,6 +109,7 @@ spec:
emptyDir: {}
- name: {{ include "common.fullname" . }}-logs
emptyDir: {}
-
+ - name: {{ include "common.fullname" . }}-logs-eelf
+ emptyDir: {}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/pomba/charts/pomba-validation-service/resources/appconfig/rule-data-dictionary.properties b/kubernetes/pomba/charts/pomba-validation-service/resources/appconfig/rule-data-dictionary.properties
new file mode 100644
index 0000000000..d93f030395
--- /dev/null
+++ b/kubernetes/pomba/charts/pomba-validation-service/resources/appconfig/rule-data-dictionary.properties
@@ -0,0 +1,9 @@
+rule.datadictionary.hostport={{ .Values.config.dataDictHostPort }}
+rule.datadictionary.connect.timeout=1000
+rule.datadictionary.read.timeout=1000
+
+# basic authentication: base64 encoding of username:password
+rule.datadictionary.credentials={{ .Values.config.dataDictCredentials }}
+
+# ex: /commonModelElements/instance~nfValuesCatalog~1.0/
+rule.datadictionary.uri=/commonModelElements/{0}~{1}~1.0/validateInstance
diff --git a/kubernetes/pomba/charts/pomba-validation-service/resources/bundleconfig/etc/rules/poa-event/default-rules.groovy b/kubernetes/pomba/charts/pomba-validation-service/resources/bundleconfig/etc/rules/poa-event/default-rules.groovy
index 1dc97da288..fd2385af08 100644
--- a/kubernetes/pomba/charts/pomba-validation-service/resources/bundleconfig/etc/rules/poa-event/default-rules.groovy
+++ b/kubernetes/pomba/charts/pomba-validation-service/resources/bundleconfig/etc/rules/poa-event/default-rules.groovy
@@ -481,3 +481,36 @@ rule {
return new Tuple2(result, details)
'''
}
+
+/*
+ * The data-dictionary rule below can be used with this useRule clause:
+ * useRule {
+ * name 'Data-Dictionary validate VF type'
+ * attributes 'context-list.ndcb.vfList[*].vfModuleList[*].networkList[*].type'
+ * }
+ */
+rule {
+ name 'Data-Dictionary validate VF type'
+ category 'INVALID_VALUE'
+ description 'Validate all VF type values against data-dictionary'
+ errorText 'VF type [{0}] failed data-dictionary validation: {1}'
+ severity 'ERROR'
+ attributes 'typeList'
+ validate '''
+ boolean success = true
+ List<String> details = new ArrayList<>()
+ typeList.any {
+ if(!success) {
+ // break out of 'any' loop
+ return false
+ }
+ def result = org.onap.aai.validation.ruledriven.rule.builtin.DataDictionary.validate("instance", "vfModuleNetworkType", "type", "$it")
+ if(!result.isEmpty()) {
+ success = false
+ details.add("$it")
+ details.add("$result")
+ }
+ }
+ return new Tuple2(success, details)
+ '''
+}
diff --git a/kubernetes/pomba/charts/pomba-validation-service/templates/deployment.yaml b/kubernetes/pomba/charts/pomba-validation-service/templates/deployment.yaml
index f802245c5a..df62915b64 100644
--- a/kubernetes/pomba/charts/pomba-validation-service/templates/deployment.yaml
+++ b/kubernetes/pomba/charts/pomba-validation-service/templates/deployment.yaml
@@ -104,6 +104,8 @@ spec:
path: validation-service-auth.properties
- key: rule-indexing.properties
path: rule-indexing.properties
+ - key: rule-data-dictionary.properties
+ path: rule-data-dictionary.properties
- key: aai-environment.properties
path: aai-environment.properties
- key: schemaIngest.properties
diff --git a/kubernetes/pomba/charts/pomba-validation-service/values.yaml b/kubernetes/pomba/charts/pomba-validation-service/values.yaml
index bb513cf001..2cb175a265 100644
--- a/kubernetes/pomba/charts/pomba-validation-service/values.yaml
+++ b/kubernetes/pomba/charts/pomba-validation-service/values.yaml
@@ -37,7 +37,6 @@ pullPolicy: IfNotPresent
debugEnabled: false
# application configuration
-# Example:
config:
appDir: /opt/app/validation-service
configDir: /opt/app/validation-service/appconfig
@@ -45,8 +44,8 @@ config:
configTopicsDir: /opt/app/validation-service/appconfig/topics
rulesDir: /opt/app/validation-service/bundleconfig/etc/rules/poa-event
maxHeap: 1024
-# username: myusername
-# password: mypassword
+ dataDictHostPort: http://dummy-host:443
+ dataDictCredentials: cG9tYmE6cG9tYmE=
# default number of instances
replicaCount: 1
diff --git a/kubernetes/portal/charts/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh b/kubernetes/portal/charts/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh
new file mode 100644
index 0000000000..f00bf8b71d
--- /dev/null
+++ b/kubernetes/portal/charts/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh
@@ -0,0 +1,190 @@
+#!/bin/bash
+set -eo pipefail
+shopt -s nullglob
+
+# if command starts with an option, prepend mysqld
+if [ "${1:0:1}" = '-' ]; then
+ set -- mysqld "$@"
+fi
+
+# skip setup if they want an option that stops mysqld
+wantHelp=
+for arg; do
+ case "$arg" in
+ -'?'|--help|--print-defaults|-V|--version)
+ wantHelp=1
+ break
+ ;;
+ esac
+done
+
+# usage: file_env VAR [DEFAULT]
+# ie: file_env 'XYZ_DB_PASSWORD' 'example'
+# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
+# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
+file_env() {
+ local var="$1"
+ local fileVar="${var}_FILE"
+ local def="${2:-}"
+ if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
+ echo >&2 "error: both $var and $fileVar are set (but are exclusive)"
+ exit 1
+ fi
+ local val="$def"
+ if [ "${!var:-}" ]; then
+ val="${!var}"
+ elif [ "${!fileVar:-}" ]; then
+ val="$(< "${!fileVar}")"
+ fi
+ export "$var"="$val"
+ unset "$fileVar"
+}
+
+_check_config() {
+ toRun=( "$@" --verbose --help --log-bin-index="$(mktemp -u)" )
+ if ! errors="$("${toRun[@]}" 2>&1 >/dev/null)"; then
+ cat >&2 <<-EOM
+
+ ERROR: mysqld failed while attempting to check config
+ command was: "${toRun[*]}"
+
+ $errors
+ EOM
+ exit 1
+ fi
+}
+
+# Fetch value from server config
+# We use mysqld --verbose --help instead of my_print_defaults because the
+# latter only show values present in config files, and not server defaults
+_get_config() {
+ local conf="$1"; shift
+ "$@" --verbose --help --log-bin-index="$(mktemp -u)" 2>/dev/null | awk '$1 == "'"$conf"'" { print $2; exit }'
+}
+
+# allow the container to be started with `--user`
+if [ "$1" = 'mysqld' -a -z "$wantHelp" -a "$(id -u)" = '0' ]; then
+ _check_config "$@"
+ DATADIR="$(_get_config 'datadir' "$@")"
+ mkdir -p "$DATADIR"
+ find "$DATADIR" \! -user mysql -exec chown mysql '{}' +
+ exec gosu mysql "$BASH_SOURCE" "$@"
+fi
+
+if [ "$1" = 'mysqld' -a -z "$wantHelp" ]; then
+ # still need to check config, container may have started with --user
+ _check_config "$@"
+ # Get config
+ DATADIR="$(_get_config 'datadir' "$@")"
+
+ if [ ! -d "$DATADIR/mysql" ]; then
+ file_env 'MYSQL_ROOT_PASSWORD'
+ if [ -z "$MYSQL_ROOT_PASSWORD" -a -z "$MYSQL_ALLOW_EMPTY_PASSWORD" -a -z "$MYSQL_RANDOM_ROOT_PASSWORD" ]; then
+ echo >&2 'error: database is uninitialized and password option is not specified '
+ echo >&2 ' You need to specify one of MYSQL_ROOT_PASSWORD, MYSQL_ALLOW_EMPTY_PASSWORD and MYSQL_RANDOM_ROOT_PASSWORD'
+ exit 1
+ fi
+
+ mkdir -p "$DATADIR"
+
+ echo 'Initializing database'
+ # "Other options are passed to mysqld." (so we pass all "mysqld" arguments directly here)
+ mysql_install_db --datadir="$DATADIR" --rpm "${@:2}"
+ echo 'Database initialized'
+
+ SOCKET="$(_get_config 'socket' "$@")"
+ "$@" --skip-networking --socket="${SOCKET}" &
+ pid="$!"
+
+ mysql=( mysql --protocol=socket -uroot -hlocalhost --socket="${SOCKET}" )
+
+ for i in {60..0}; do
+ if echo 'SELECT 1' | "${mysql[@]}" &> /dev/null; then
+ break
+ fi
+ echo 'MySQL init process in progress...'
+ sleep 1
+ done
+ if [ "$i" = 0 ]; then
+ echo >&2 'MySQL init process failed.'
+ exit 1
+ fi
+
+ if [ -z "$MYSQL_INITDB_SKIP_TZINFO" ]; then
+ # sed is for https://bugs.mysql.com/bug.php?id=20545
+ mysql_tzinfo_to_sql /usr/share/zoneinfo | sed 's/Local time zone must be set--see zic manual page/FCTY/' | "${mysql[@]}" mysql
+ fi
+
+ if [ ! -z "$MYSQL_RANDOM_ROOT_PASSWORD" ]; then
+ export MYSQL_ROOT_PASSWORD="$(pwgen -1 32)"
+ echo "GENERATED ROOT PASSWORD: $MYSQL_ROOT_PASSWORD"
+ fi
+
+ rootCreate=
+ # default root to listen for connections from anywhere
+ file_env 'MYSQL_ROOT_HOST' '%'
+ if [ ! -z "$MYSQL_ROOT_HOST" -a "$MYSQL_ROOT_HOST" != 'localhost' ]; then
+ # no, we don't care if read finds a terminating character in this heredoc
+ # https://unix.stackexchange.com/questions/265149/why-is-set-o-errexit-breaking-this-read-heredoc-expression/265151#265151
+ read -r -d '' rootCreate <<-EOSQL || true
+ CREATE USER 'root'@'${MYSQL_ROOT_HOST}' IDENTIFIED BY '${MYSQL_ROOT_PASSWORD}' ;
+ GRANT ALL ON *.* TO 'root'@'${MYSQL_ROOT_HOST}' WITH GRANT OPTION ;
+ EOSQL
+ fi
+
+ "${mysql[@]}" <<-EOSQL
+ -- What's done in this file shouldn't be replicated
+ -- or products like mysql-fabric won't work
+ SET @@SESSION.SQL_LOG_BIN=0;
+
+ DELETE FROM mysql.user WHERE user NOT IN ('mysql.sys', 'mysqlxsys', 'root') OR host NOT IN ('localhost') ;
+ SET PASSWORD FOR 'root'@'localhost'=PASSWORD('${MYSQL_ROOT_PASSWORD}') ;
+ GRANT ALL ON *.* TO 'root'@'localhost' WITH GRANT OPTION ;
+ ${rootCreate}
+ DROP DATABASE IF EXISTS test ;
+ FLUSH PRIVILEGES ;
+ EOSQL
+
+ if [ ! -z "$MYSQL_ROOT_PASSWORD" ]; then
+ mysql+=( -p"${MYSQL_ROOT_PASSWORD}" )
+ fi
+
+ file_env 'MYSQL_DATABASE'
+ if [ "$MYSQL_DATABASE" ]; then
+ echo "CREATE DATABASE IF NOT EXISTS \`$MYSQL_DATABASE\` ;" | "${mysql[@]}"
+ mysql+=( "$MYSQL_DATABASE" )
+ fi
+
+ file_env 'MYSQL_USER'
+ file_env 'MYSQL_PASSWORD'
+ if [ "$MYSQL_USER" -a "$MYSQL_PASSWORD" ]; then
+ echo "CREATE USER '$MYSQL_USER'@'%' IDENTIFIED BY '$MYSQL_PASSWORD' ;" | "${mysql[@]}"
+
+ if [ "$MYSQL_DATABASE" ]; then
+ echo "GRANT ALL ON \`$MYSQL_DATABASE\`.* TO '$MYSQL_USER'@'%' ;" | "${mysql[@]}"
+ fi
+ fi
+
+ echo
+ for f in /docker-entrypoint-initdb.d/*; do
+ case "$f" in
+ *.sh) echo "$0: running $f"; . "$f" ;;
+ *.sql) echo "$0: running $f"; "${mysql[@]}" < "$f"; echo ;;
+ *.sql.gz) echo "$0: running $f"; gunzip -c "$f" | "${mysql[@]}"; echo ;;
+ *) echo "$0: ignoring $f" ;;
+ esac
+ echo
+ done
+
+ if ! kill -s TERM "$pid" || ! wait "$pid"; then
+ echo >&2 'MySQL init process failed.'
+ exit 1
+ fi
+
+ echo
+ echo 'MySQL init process done. Ready for start up.'
+ echo
+ fi
+fi
+
+exec "$@" \ No newline at end of file
diff --git a/kubernetes/portal/charts/portal-mariadb/templates/deployment.yaml b/kubernetes/portal/charts/portal-mariadb/templates/deployment.yaml
index 20fa9cecc2..f826c9c297 100644
--- a/kubernetes/portal/charts/portal-mariadb/templates/deployment.yaml
+++ b/kubernetes/portal/charts/portal-mariadb/templates/deployment.yaml
@@ -65,6 +65,9 @@ spec:
- mountPath: /etc/localtime
name: localtime
readOnly: true
+ - mountPath: /usr/local/bin/docker-entrypoint.sh
+ subPath: docker-entrypoint.sh
+ name: docker-entry
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
@@ -86,5 +89,9 @@ spec:
- name: localtime
hostPath:
path: /etc/localtime
+ - name: docker-entry
+ configMap:
+ name: {{ include "common.fullname" . }}-mariadb
+ defaultMode: 0755
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"