diff options
9 files changed, 266 insertions, 13 deletions
diff --git a/kubernetes/aai/charts/aai-graphadmin/templates/job.yaml b/kubernetes/aai/charts/aai-graphadmin/templates/job.yaml index fb2ee005d4..cdcf2b1d9f 100644 --- a/kubernetes/aai/charts/aai-graphadmin/templates/job.yaml +++ b/kubernetes/aai/charts/aai-graphadmin/templates/job.yaml @@ -68,7 +68,7 @@ spec: imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }}-readiness containers: - - name: {{ include "common.name" . }} + - name: {{ include "common.name" . }}-job image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: diff --git a/kubernetes/clamp/values.yaml b/kubernetes/clamp/values.yaml index cc96ce8078..f9b8466d2e 100644 --- a/kubernetes/clamp/values.yaml +++ b/kubernetes/clamp/values.yaml @@ -53,12 +53,12 @@ config: "clamp.config.sdc.servicePassword": "b7acccda32b98c5bb7acccda32b98c5b05D511BD6D93626E90D18E9D24D9B78CD34C7EE8012F0A189A28763E82271E50A5D4EC10C7D93E06E0A2D27CAE66B981", "clamp.config.files.sdcController": "file:/opt/clamp/sdc-controllers-config.json", "clamp.config.dcae.inventory.url": "http://inventory.{{ include "common.namespace" . }}:8080", - "clamp.config.dcae.dispatcher.url": "http://deployment-handler.{{ include "common.namespace" . }}:8443", - "clamp.config.policy.pdpUrl1": "http://pdp.{{ include "common.namespace" . }}:8081/pdp/ , testpdp, alpha123", - "clamp.config.policy.pdpUrl2": "http://pdp.{{ include "common.namespace" . }}:8081/pdp/ , testpdp, alpha123", - "clamp.config.policy.papUrl": "http://pap.{{ include "common.namespace" . }}:9091/pap/ , testpap, alpha123", + "clamp.config.dcae.dispatcher.url": "https://deployment-handler.{{ include "common.namespace" . }}:8443", + "clamp.config.policy.pdpUrl1": "https://pdp.{{ include "common.namespace" . }}:8081/pdp/ , testpdp, alpha123", + "clamp.config.policy.pdpUrl2": "https://pdp.{{ include "common.namespace" . }}:8081/pdp/ , testpdp, alpha123", + "clamp.config.policy.papUrl": "https://pap.{{ include "common.namespace" . }}:9091/pap/ , testpap, alpha123", "clamp.config.policy.clientKey": "dGVzdA==", - "clamp.config.cadi.aafLocateUrl": "https://aaf-onap-test.osaaf.org:8095", + "clamp.config.cadi.aafLocateUrl": "https://aaf-locate.{{ include "common.namespace" . }}:8095", "com.att.eelf.logging.path": "/opt/clamp", "com.att.eelf.logging.file": "logback.xml" } diff --git a/kubernetes/dmaap/charts/dmaap-bus-controller/resources/config/dmaapbc.properties b/kubernetes/dmaap/charts/dmaap-bus-controller/resources/config/dmaapbc.properties new file mode 100644 index 0000000000..f2a6dd9648 --- /dev/null +++ b/kubernetes/dmaap/charts/dmaap-bus-controller/resources/config/dmaapbc.properties @@ -0,0 +1,214 @@ +# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +##################################################### +# +# ONAP Casablanca oom configurable deployment params: +# +##################################################### + + +##################################################### +# +# Hooks for specific environment configurations +# +##################################################### +# Indicator for whether to use AAF +UseAAF: false + +# csit: stubs out some southbound APIs for csit +csit: No + +# name of this DMaaP instance (deprecated) +DmaapName: demo + +##################################################### +# +# Settings for Southbound API: Datarouter +# +##################################################### +# FQDN of DR Prov Server (deprecated) +DR.provhost: dcae-drps.domain.not.set + +# URI to retrieve dynamic DR configuration +ProvisioningURI: /internal/prov + +# indicator for handling feed delete: +# DeleteOnDR - means use the DR API to DELETE a feed. (default for backwards compatibility) +# SimulateDelete - means preserve the feed on DR (after cleaning it up), and mark as DELETED in DBCL. Better for cfy environments. +Feed.deleteHandling: SimulateDelete + +##################################################### +# +# Settings for Soutbound API: Postgresql +# +##################################################### +# flag indieonapdemodbates if we are using postgresql +UsePGSQL: true + +# postgres host name +# Need to connect to PG primary service, designated by service.name2 +DB.host: {{ .Values.postgres.service.name2 }} + +# postgres schema name +#DB.schema: {{ .Values.postgres.config.pgDatabase }} + +# postgres user name +#DB.user: {{ .Values.postgres.config.pgUserName }} + +# postgres user password +DB.cred: {{ .Values.postgres.config.pgUserPassword }} + + +##################################################### +# +# Settings for Soutbound API: Message Router +# +##################################################### +# indicator for multi-site (locations) deployment. Give clue to buscontroller whether +# there is a need for message replication between edge and central. +# ONAP Casablanca is a single site deployment +MR.multisite: false + +# FQDN of primary message router. +# In ONAP Casablanca, there is only 1 message router service, so use that. +# In a multi-site, MR cluster deployment, use the CNAME DNS entry which resolves to the primary central MR +MR.CentralCname: {{ .Values.dmaapMessageRouterService }} + +# MR Client Delete Level thoroughness: +# 0 = don't delete +# 1 = delete from persistent store +# 2 = delete from persistent store (DB) and authorization store (AAF) +MR.ClientDeleteLevel: 1 + +# namespace of MR Topic Factory +MR.TopicFactoryNS: org.onap.dmaap.mr.topicFactory + +# AAF Role assigned to Topic Manager Identity +MR.TopicMgrRole: org.onap.dmaap-bc-topic-mgr.client + +# MR topic ProjectID (used in certain topic name generation formats) +MR.projectID: ONAP + + +##################################################### +# +# Settings for Southbound API: CADI +# +##################################################### +# path to cadi.properties +cadi.properties: /opt/app/osaaf/lcoal/org.onap.dmaap-bc.props + +##################################################### +# +# Settings for Southbound API: AAF proxy +# +##################################################### +# URL of the AAF server +aaf.URL: {{ .Values.aafURL }} + +# TopicMgr Identity +aaf.TopicMgrUser: {{ .Values.topicMgrUser }} + +# Password for TopicMgr identity +aaf.TopicMgrPassword: {{ .Values.topicMgrPwd }} + +# Buscontroller Admin Identity +aaf.AdminUser: {{ .Values.adminUser }} + +# Admin Password +aaf.AdminPassword: {{ .Values.adminPwd }} + +# location of the codec keyfile used to decrypt passwords in this properties file before they are passed to AAF +CredentialCodeKeyfile: etc/LocalKey + +# this overrides the Class used for Decryption. +# This allows for a plugin encryption/decryption method if needed. +# Call this Class for decryption at runtime. +#AafDecryption.Class: com.company.proprietaryDecryptor + + +##################################################### +# +# Settings for authorization of DBCAPI +# +##################################################### +# Namespace for URI values for the API used to create AAF permissions +# e.g. if ApiNamespace is X.Y.dmaapbc.api then for URI /mr_clients we create AAF perm X.Y.dmaapbc.api.mr_clients +ApiNamespace: org.onap.dmaap-bc.api + +# If API authorization is required, then implement a class to enforce it. +# This overrides the Class used for API permission check. +#ApiPermission.Class: com.company.policy.DecisionPolicy + +##################################################### +# +# Settings for Southbound API: MirrorMaker provisioning +# +##################################################### +# AAF Role of client publishing MM prov cmds +MM.ProvRole: org.onap.dmaap-bc-mm-prov.prov + +# AAF identity when publishing MM prov cmds +MM.ProvUserMechId: dmaap-bc-mm-prov@dmaap-bc-mm-prov.onap.org + +# pwd for Identity used to publish MM prov cmds +MM.ProvUserPwd: demo123456! + +# AAF Role of MirrorMaker agent subscribed to prov cmds +MM.AgentRole: org.onal.dmaap-bc-mm-prov.agent + +##################################################### +# +# HTTP Server Configuration +# +##################################################### + +# Allow http access to dbcapi +HttpAllowed: true + +# listen to http port within this container (server) +IntHttpPort: 8080 + +# listen to https port within this container (server) +# set to 0 if no certificates are available. +IntHttpsPort: 8443 + +# external port number for https taking port mapping into account +ExtHttpsPort: 443 + +# the type of keystore for https +KeyStoreType: jks + +# path to the keystore file +KeyStoreFile: etc/keystore + +# password for the https keystore +KeyStorePassword: *j&Z*Ma;.4My4M]W0eB*fal$ + +# password for the private key in the https keystore +KeyPassword: *j&Z*Ma;.4My4M]W0eB*fal$ + +# type of truststore for https +TrustStoreType: jks + +# path to the truststore for https +TrustStoreFile: etc/org.onap.dmaap-bc.trust.jks + +# password for the https truststore +TrustStorePassword: pi8HuuSbN03MtQQ7(5TcyQ6; + +# path to the file used to trigger an orderly shutdown +QuiesceFile: etc/SHUTDOWN + diff --git a/kubernetes/dmaap/charts/dmaap-bus-controller/resources/topics/PNF_READY.json b/kubernetes/dmaap/charts/dmaap-bus-controller/resources/topics/PNF_READY.json index 0010f22cb4..8f4cf8bd64 100644 --- a/kubernetes/dmaap/charts/dmaap-bus-controller/resources/topics/PNF_READY.json +++ b/kubernetes/dmaap/charts/dmaap-bus-controller/resources/topics/PNF_READY.json @@ -2,5 +2,16 @@ "topicName": "PNF_READY", "topicDescription": "This topic will be used to publish the PNF_READY events generated by the PNF REgistration Handler service in the DCAE platform.", "owner": "PNFRegistrationHandler", - "txenabled": false + "txenabled": false, + "clients": [ + { + "dcaeLocationName": "san-francisco", + "clientRole": "org.onap.dmaap.mr.PNF_READY.pub", + "action": [ + "pub", + "view" + ] + + } + ] } diff --git a/kubernetes/dmaap/charts/dmaap-bus-controller/resources/topics/PNF_REGISTRATION.json b/kubernetes/dmaap/charts/dmaap-bus-controller/resources/topics/PNF_REGISTRATION.json index 2b5c8a523d..f0dd2c7829 100644 --- a/kubernetes/dmaap/charts/dmaap-bus-controller/resources/topics/PNF_REGISTRATION.json +++ b/kubernetes/dmaap/charts/dmaap-bus-controller/resources/topics/PNF_REGISTRATION.json @@ -2,5 +2,16 @@ "topicName": "PNF_REGISTRATION", "topicDescription": "the VES collector will be publishing pnfRegistration events in this topic", "owner": "VEScollector", - "txenabled": false + "txenabled": false, + "clients": [ + { + "dcaeLocationName": "san-francisco", + "clientRole": "org.onap.dmaap.mr.PNF_REGISTRATION.sub", + "action": [ + "sub", + "view" + ] + + } + ] } diff --git a/kubernetes/dmaap/charts/dmaap-bus-controller/templates/deployment.yaml b/kubernetes/dmaap/charts/dmaap-bus-controller/templates/deployment.yaml index 8ef03d43a9..9cf147fdab 100644 --- a/kubernetes/dmaap/charts/dmaap-bus-controller/templates/deployment.yaml +++ b/kubernetes/dmaap/charts/dmaap-bus-controller/templates/deployment.yaml @@ -62,8 +62,9 @@ spec: periodSeconds: {{ .Values.liveness.periodSeconds }} readinessProbe: httpGet: - port: {{ .Values.service.internalPort }} - path: /webapi/info + host: {{ .Values.dmaapMessageRouterService }} + port: 3904 + path: /topics initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} {{ end -}} diff --git a/kubernetes/onap/resources/environments/public-cloud.yaml b/kubernetes/onap/resources/environments/public-cloud.yaml index 35c164218d..489176b0a5 100644 --- a/kubernetes/onap/resources/environments/public-cloud.yaml +++ b/kubernetes/onap/resources/environments/public-cloud.yaml @@ -72,6 +72,17 @@ dmaap: initialDelaySeconds: 120 readiness: initialDelaySeconds: 120 + dmaap-dr-prov: + liveness: + initialDelaySeconds: 120 + readiness: + initialDelaySeconds: 120 + dmaap-dr-node: + liveness: + initialDelaySeconds: 120 + readiness: + initialDelaySeconds: 120 + portal: portal-app: liveness: diff --git a/kubernetes/vid/templates/deployment.yaml b/kubernetes/vid/templates/deployment.yaml index 24cce14f8d..a236754c75 100644 --- a/kubernetes/vid/templates/deployment.yaml +++ b/kubernetes/vid/templates/deployment.yaml @@ -87,9 +87,11 @@ spec: - name: MSO_DME2_ENABLED value: {{ .Values.global.debugEnabled | default .Values.debugEnabled | quote }} - name: VID_ECOMP_REDIRECT_URL - value: http://portal-app.{{ include "common.namespace" . }}:{{ .Values.config.onapport }}/ONAPPORTAL/login.htm + value: https://{{ .Values.config.portalhost }}:{{ .Values.config.onapport }}/ONAPPORTAL/login.htm - name: VID_ECOMP_REST_URL - value: http://portal-app.{{ include "common.namespace" . }}:{{ .Values.config.onapport }}/ONAPPORTAL/auxapi + value: https://portal-app.{{ include "common.namespace" . }}:{{ .Values.config.onapportrest }}/ONAPPORTAL/auxapi + - name: VID_ROLE_ACCESS_CENTRALIZED + value: "{{ .Values.config.roleaccesscentralized }}" - name: VID_CONTACT_US_LINK value: "{{ .Values.config.vidcontactuslink }}" - name: VID_UEB_URL_LIST diff --git a/kubernetes/vid/values.yaml b/kubernetes/vid/values.yaml index ba712ca9ab..c36b873a60 100644 --- a/kubernetes/vid/values.yaml +++ b/kubernetes/vid/values.yaml @@ -39,7 +39,9 @@ config: asdcclientrestauth: "Basic dmlkOktwOGJKNFNYc3pNMFdYbGhhazNlSGxjc2UyZ0F3ODR2YW9HR21KdlV5MlU=" asdcclientrestport: "8080" vidaaiport: "8443" - onapport: "8989" + onapport: "30225" + onapportrest: "8443" + portalhost: "portal.api.simpledemo.onap.org" msoport: "8080" vidmsopass: OBF:1ih71i271vny1yf41ymf1ylz1yf21vn41hzj1icz msodme2serverurl: http://localhost:8081 @@ -51,6 +53,7 @@ config: vidmysqlmaxconnections: "5" logstashServiceName: log-ls logstashPort: 5044 + roleaccesscentralized: remote # subchart configuration vid_mariadb_galera: |