summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/cadi.properties4
-rw-r--r--kubernetes/appc/resources/config/certs/org.onap.appc.keyfile27
-rw-r--r--kubernetes/appc/resources/config/certs/org.onap.appc.p12bin0 -> 4143 bytes
-rw-r--r--kubernetes/appc/templates/secrets.yaml14
-rw-r--r--kubernetes/appc/templates/statefulset.yaml12
-rw-r--r--kubernetes/common/common/templates/_aafconfig.tpl168
-rw-r--r--kubernetes/common/common/templates/_storage.tpl244
-rwxr-xr-xkubernetes/onap/values.yaml4
-rwxr-xr-xkubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml2
-rwxr-xr-xkubernetes/so/charts/so-bpmn-infra/values.yaml3
-rwxr-xr-xkubernetes/so/charts/so-sdnc-adapter/resources/config/overrides/override.yaml20
-rwxr-xr-xkubernetes/so/charts/so-sdnc-adapter/values.yaml3
-rwxr-xr-xkubernetes/so/values.yaml3
-rw-r--r--kubernetes/vnfsdk/values.yaml2
14 files changed, 323 insertions, 183 deletions
diff --git a/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/cadi.properties b/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/cadi.properties
index e7399f6f04..2986ee9e5b 100644
--- a/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/cadi.properties
+++ b/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/cadi.properties
@@ -29,11 +29,11 @@ cadi_bath_convert=/opt/onap/appc/data/properties/bath_config.csv
cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US
cadi_keyfile=/opt/onap/appc/data/stores/org.onap.appc.keyfile
cadi_keystore=/opt/onap/appc/data/stores/org.onap.appc.p12
-cadi_keystore_password=enc:tQTHVtbdCuzqrQY1TBRt9SkFL9tCY3OzwbsfaVyAa2dOfZlI0krFOJSBnkm1WdGr
+cadi_keystore_password=enc:j5wAY4JjI6Gg8KbPRT3CK55kCaBZcrSq9XMe0vU2Hj3_TWfhln414p_og8-0u4EV
#cadi_key_password=enc:<KEY PASSWORD (optional if the same as KEYSTORE PASSWORD)>
cadi_alias=appc@appc.onap.org
cadi_truststore=/opt/onap/appc/data/stores/truststoreONAPall.jks
-cadi_truststore_password=enc:O3Vtv5e77OQWJ_OiLC9Atj3ngyYfulRK519JYFmbKl7
+cadi_truststore_password=enc:9WJ6CRlrFmHiQrFlckhHybFXOwPW3tRetofp3AZ5nyt
##
## org.osaaf.location.props
diff --git a/kubernetes/appc/resources/config/certs/org.onap.appc.keyfile b/kubernetes/appc/resources/config/certs/org.onap.appc.keyfile
new file mode 100644
index 0000000000..b7dd5ff9e7
--- /dev/null
+++ b/kubernetes/appc/resources/config/certs/org.onap.appc.keyfile
@@ -0,0 +1,27 @@
+EVYIj42lKzRyMicebf8OOUa9CVwvaKie3N7fTGeDT-GjiR6M6AHQCwBD9Bj95VxgVWOyXGAYy7eT
+SSfnkVBgcdZWXlRL7HSUocs52DneRTGYcYGIBGz24O6EpmeZQyWluCKBcVCALKClPzqBNsHa2W06
+XwAccZzYPkDV-taGqF5kP10RiYvKe5YoZEQYBfauS3lDqf47AP-Dh1wLUIpvTSAUfBgDW9FBx9Ay
+8Wy2geTuAXcPduBtTGIj3law-5ePDFRqwVVkXmSaEmEn34NvJ4z6Ww7VHqzqBxKAvLErV-KCEHEa
+L3L1CCqNCXjUUa_D8CReDA-LPAG_v0yrjQxrdqzcYJ76Q0uIlNmEi_85AlAUXx6KGC03TqaGqICW
+nNs4ouxM6U4ekiDi9qbFh7RlTEXw6bHhJPCq-G5ID-crWDHSarQ3IUR5qOmgIFIxpkPksBSGmUI4
+OIScgb2TtqG94EAZ3qu3PmzVlJrxbHYHVFlNLEecu7tGtiQJTLUHpJ0Z8O2GOc8bBz6o6NBT72Pv
+i068VkLyUyrSNnVo9rNVFWAc3HREFi85KszBdk58kPTr2AQFH9iK2hmrXTdnPMjhmQgRh4xiAn4J
+v5Gsb4DL2si3ZjD2E36Fy5XlPhyFFc8gdB6-v-Et1XJTU6mwV5DgKgg5o3WdHTuHZjYgWmcATZiQ
+yLOQ6ZdjTF_004yOSkUzHbArOEmS6LIPTuLibvN6CY1Q0u_ucl5iaIbcwo_sVFisnVXQBHYXblBm
+MgZZFg0n5ugL-bdUSdJtU7yIU5t79n0aMxnN84QhuREMSvCUioCrBD5c5H22iqbY7UCPO9Yy7lM-
+aPVDRPwHAKEVjYqf4Z4k0Jthn7wqWS2iAKVOEi4R1oniAuuIcM9xoha0-LdRe8hWTV-qXDbtCVDz
+h6Rw3dqtS5mCGBMC0TCrLJzG5n3Ed_4kGl5Emb3SXHWNqI_BuIalU4uot7seCv464E3QWQgAkv8w
+wTk_IEWIFZhKJIcy5Brsw7Fz-XWQWkExEU3xKButC9hFXpdszF0y8CYUI6EPt2mPqaxB6zu3s4Bv
+bKrVxFPX97mOeD8TpmxElmF0vpdhJ9Ee8clvBrGtLl1UIP6B80PrAPEZMLNhLV8S-ZJMKL5PTZh0
+_HNpj1EfiXnBz02cbes5Fuq9M8Dk7f16tP8prYzJ1JbnLTNHHcW4Z1quKrN8RIoYw3qzlXuYRm6Y
+8rbuPlZ1wTllIxf00omnonJw8Fx9XzArv_UvqTvAYrv22YliUSl-lcFi8cOK58bmM5rBmkWoFObK
+DsCMicfyPWhKf3DEwg1Y0j0qKppFqtKcSxnIbQ-VPRCrRv2yTjauEW6iNlq3RQKSJqFjUVmSUn2w
+7tYQzeNv0tYgfRtHgSy_CA9q_ANJFFlxDtqtrFTsgrEH4jOlLs2_UN96RNUhVqSu95X5hEukI574
+kQBUMc5gGQvQ2_Xug15O_-cFfhtalI7NBZkGNNPY5K8h7xYZp2aAl-pNPwKHAmrOWAvFwy64A1NT
+_RrZxrtVkj-k3f8Mv_p56yChUpujZ_ZDwLgYKWraqDxyEctpXyMMgjOYRy2CZ6oZfuAygrN5Gw4k
+zMKBDkz_5LO_rYU2RUa2NRDLlh2Y47Gxt90IEw_i8y7nxn7K6y3nApI11tfsiiotYq8DLk6jYh07
+mJg-D8lb0q9JRYmnJcNkIQNVJ06bmJnaJQZ7GXUz9MF8_zuTdm4D8m_Ly2Ai4KFq_lw5CBVrLM5k
+pfJveSw_6_uF5pda_EZoR4bBoWdrFvLNwob3lsdgiIYGTafQx2SFfQiiEB_CwpGuj4_Dv-TkUT2O
+Ui2UWI9Gr-HxSITnvUR0UHStrDb5miXEr8E_Znwc4Db2juh30L57aEtl5N0TYwKI925qLNLHbFg0
+FKEvIt-o7HmvPY6UqajwAtIAdKpxWpWD-hl-eNVNsT4mVzdegIrM2wzzKIcLOvCEEvyWei_E8mIp
+nqYw9LoFrQf3dCh8XeamqYkbPE00E8p1zXPNRow5iz9NQ-BNksp1e-ghqF_xr3L4eh7BkEu2 \ No newline at end of file
diff --git a/kubernetes/appc/resources/config/certs/org.onap.appc.p12 b/kubernetes/appc/resources/config/certs/org.onap.appc.p12
new file mode 100644
index 0000000000..352c4f562a
--- /dev/null
+++ b/kubernetes/appc/resources/config/certs/org.onap.appc.p12
Binary files differ
diff --git a/kubernetes/appc/templates/secrets.yaml b/kubernetes/appc/templates/secrets.yaml
index 075c24a064..c6aeb1e102 100644
--- a/kubernetes/appc/templates/secrets.yaml
+++ b/kubernetes/appc/templates/secrets.yaml
@@ -13,3 +13,17 @@
# limitations under the License.
{{ include "common.secretFast" . }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "common.fullname" . }}-certs
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/config/certs/*").AsSecrets . | indent 2 }}
diff --git a/kubernetes/appc/templates/statefulset.yaml b/kubernetes/appc/templates/statefulset.yaml
index 68e108d9b7..5fd34ece79 100644
--- a/kubernetes/appc/templates/statefulset.yaml
+++ b/kubernetes/appc/templates/statefulset.yaml
@@ -190,6 +190,12 @@ spec:
- mountPath: /opt/onap/appc/data/org.ops4j.pax.logging.cfg
name: log-config
subPath: org.ops4j.pax.logging.cfg
+ - mountPath: /opt/onap/appc/data/stores/org.onap.appc.p12
+ name: p12-certs
+ subPath: org.onap.appc.p12
+ - mountPath: /opt/onap/appc/data/stores/org.onap.appc.keyfile
+ name: keyfile-certs
+ subPath: org.onap.appc.keyfile
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
@@ -214,6 +220,12 @@ spec:
- mountPath: /usr/share/filebeat/data
name: data-filebeat
volumes:
+ - name: keyfile-certs
+ secret:
+ secretName: {{ include "common.fullname" . }}-certs
+ - name: p12-certs
+ secret:
+ secretName: {{ include "common.fullname" . }}-certs
- name: localtime
hostPath:
path: /etc/localtime
diff --git a/kubernetes/common/common/templates/_aafconfig.tpl b/kubernetes/common/common/templates/_aafconfig.tpl
index db7cbe8d8d..0c78cc11b9 100644
--- a/kubernetes/common/common/templates/_aafconfig.tpl
+++ b/kubernetes/common/common/templates/_aafconfig.tpl
@@ -18,11 +18,10 @@
common templates to enable aaf configs for applictaions
Parameter for aafConfig to be defined in values.yaml
- aafConfig: --> if a different key is used, call templates with argument (dict "aafRoot" "<yourkey>" "dot" .)
+ aafConfig: --> if a different key is used, call templates with argument (dict "aafRoot" .Values.<yourkey> "dot" .)
# additional scripts can be defined to handle certs
addconfig: true|false
fqdn: "sdnc"
- image: onap/aaf/aaf_agent:2.1.15
app_ns: "org.osaaf.aaf"
fqi: "sdnc@sdnc.onap.org"
fqi_namespace: org.onap.sdnc
@@ -31,19 +30,13 @@
aafDeployPass: demo123456!
cadi_latitude: "38.0"
cadi_longitude: "-72.0"
- persistence:
- enabled: true
- config.volumeReclaimPolicy: Delete
- config.accessMode: ReadWriteMany
- config.size: 40M
- config.storageClass: "manual"
- config.mountPath: "/dockerdata-nfs"
- config.mountSubPath: "sdnc/aaf"
+ secret_uid: &aaf_secret_uid my-component-aaf-deploy-creds
+
# secrets configuration, Note: create a secrets template
secrets:
- - uid: aaf-deploy-creds
+ - uid: *aaf_secret_uid
type: basicAuth
- externalSecret: '{{ ternary (tpl (default "" .Values.aafConfig.aafDeployCredsExternalSecret) .) "aafIsDiabled" .Values.global.aafEnabled }}'
+ externalSecret: '{{ ternary (tpl (default "" .Values.aafConfig.aafDeployCredsExternalSecret) .) "aafIsDisabled" .Values.global.aafEnabled }}'
login: '{{ .Values.aafConfig.aafDeployFqi }}'
password: '{{ .Values.aafConfig.aafDeployPass }}'
passwordPolicy: required
@@ -56,25 +49,18 @@
volumeMounts:
{{- if .Values.global.aafEnabled }}
- mountPath: "/opt/app/osaaf"
- name: {{ include "common.fullname" . }}-aaf-config-vol
+ name: {{ include "common.fullname" . }}-aaf-config
{{- end }}
volumes:
{{- include "common.aaf-config-volumes" . | nindent XX}}
-
- If persistence.enabled = true
- Create pvc:
- {{ include "common.aaf-config-pvc" . }}
- Create pv
- {{ include "common.aaf-config-pv" . }}
-
*/}}
{{- define "common.aaf-config" -}}
-{{- $dot := default . .dot -}}
-{{- $aafRoot := default "aafConfig" .aafRoot -}}
-{{ if .Values.global.aafEnabled }}
-- name: {{ include "common.name" . }}-aaf-readiness
- image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+{{- $dot := default . .dot -}}
+{{- $aafRoot := default $dot.Values.aafConfig .aafRoot -}}
+{{- if $dot.Values.global.aafEnabled -}}
+- name: {{ include "common.name" $dot }}-aaf-readiness
+ image: "{{ $dot.Values.global.readinessRepository }}/{{ $dot.Values.global.readinessImage }}"
+ imagePullPolicy: {{ $dot.Values.global.pullPolicy | default $dot.Values.pullPolicy }}
command:
- /root/ready.py
args:
@@ -84,143 +70,79 @@
- aaf-cm
- --container-name
- aaf-service
-
env:
- name: NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
-- name: {{ include "common.name" . }}-aaf-config
- image: {{ .Values.global.repository }}/{{index .Values $aafRoot "image" }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+- name: {{ include "common.name" $dot }}-aaf-config
+ image: {{ (default $dot.Values.repository $dot.Values.global.repository) }}/{{ $dot.Values.global.aafAgentImage }}
+ imagePullPolicy: {{ $dot.Values.global.pullPolicy | default $dot.Values.pullPolicy }}
volumeMounts:
- mountPath: "/opt/app/osaaf"
- name: {{ include "common.fullname" . }}-aaf-config-vol
- {{- if (index .Values $aafRoot "addconfig") }}
+ name: {{ include "common.fullname" $dot }}-aaf-config
+{{- if $aafRoot.addconfig }}
- name: aaf-add-config
mountPath: /opt/app/aaf_config/bin/aaf-add-config.sh
subPath: aaf-add-config.sh
- {{- end }}
+{{- end }}
command:
- sh
- -c
- |
#!/usr/bin/env bash
/opt/app/aaf_config/bin/agent.sh
- {{- if (index .Values $aafRoot "addconfig") }}
+{{- if $aafRoot.addconfig }}
/opt/app/aaf_config/bin/aaf-add-config.sh
- {{- end }}
+{{- end }}
env:
- name: APP_FQI
- value: "{{ index .Values $aafRoot "fqi" }}"
+ value: "{{ $aafRoot.fqi }}"
- name: aaf_locate_url
- value: "https://aaf-locate.{{ .Release.Namespace}}:8095"
+ value: "https://aaf-locate.{{ $dot.Release.Namespace}}:8095"
- name: aaf_locator_container
value: "oom"
- name: aaf_locator_container_ns
- value: "{{ .Release.Namespace }}"
+ value: "{{ $dot.Release.Namespace }}"
- name: aaf_locator_fqdn
- value: "{{ index .Values $aafRoot "fqdn" }}"
+ value: "{{ $aafRoot.fqdn }}"
- name: aaf_locator_app_ns
- value: "{{ index .Values $aafRoot "app_ns" }}"
+ value: "{{ $aafRoot.app_ns }}"
- name: DEPLOY_FQI
- {{- include "common.secret.envFromSecret" (dict "global" . "uid" "aaf-deploy-creds" "key" "login") | indent 6 }}
+ {{- include "common.secret.envFromSecret" (dict "global" $dot "uid" $aafRoot.secret_uid "key" "login") | indent 6 }}
- name: DEPLOY_PASSWORD
- {{- include "common.secret.envFromSecret" (dict "global" . "uid" "aaf-deploy-creds" "key" "password") | indent 6 }}
- #Note: want to put this on Nodes, evenutally
+ {{- include "common.secret.envFromSecret" (dict "global" $dot "uid" $aafRoot.secret_uid "key" "password") | indent 6 }}
+ #Note: want to put this on Nodes, eventually
- name: cadi_longitude
- value: "{{ default "52.3" (index .Values $aafRoot "cadi_longitude") }}"
+ value: "{{ default "52.3" $aafRoot.cadi_longitude }}"
- name: cadi_latitude
- value: "{{ default "13.2" (index .Values $aafRoot "cadi_latitude") }}"
+ value: "{{ default "13.2" $aafRoot.cadi_latitude }}"
#Hello specific. Clients don't don't need this, unless Registering with AAF Locator
- name: aaf_locator_public_fqdn
- value: "{{ (index .Values $aafRoot "public_fqdn") | default "" }}"
-{{- end -}}
+ value: "{{ $aafRoot.public_fqdn | default "" }}"
+{{- end -}}
{{- end -}}
-
{{- define "common.aaf-config-volume-mountpath" -}}
-{{ if .Values.global.aafEnabled }}
+{{- if .Values.global.aafEnabled -}}
- mountPath: "/opt/app/osaaf"
- name: {{ include "common.fullname" . }}-aaf-config-vol
-{{- end -}}
+ name: {{ include "common.fullname" . }}-aaf-config
+{{- end -}}
{{- end -}}
{{- define "common.aaf-config-volumes" -}}
-{{ if .Values.global.aafEnabled }}
-{{- $dot := default . .dot -}}
-{{- $aafRoot := default "aafConfig" .aafRoot -}}
-- name: {{ include "common.fullname" . }}-aaf-config-vol
- persistentVolumeClaim:
- claimName: {{ include "common.fullname" . }}-aaf-config-pvc
-{{- if (index .Values $aafRoot "addconfig") }}
+{{- $dot := default . .dot -}}
+{{- $aafRoot := default $dot.Values.aafConfig .aafRoot -}}
+{{- if $dot.Values.global.aafEnabled -}}
+- name: {{ include "common.fullname" $dot }}-aaf-config
+ emptyDir:
+ medium: Memory
+{{- if $aafRoot.addconfig }}
- name: aaf-add-config
configMap:
- name: {{ include "common.fullname" . }}-aaf-add-config
+ name: {{ include "common.fullname" $dot }}-aaf-add-config
defaultMode: 0700
-{{- end }}
-{{- end -}}
-{{- end }}
-
-{{- define "common.aaf-config-pv" -}}
-{{- $dot := default . .dot -}}
-{{- $aafRoot := default "aafConfig" .aafRoot -}}
-metadata:
- name: {{ include "common.fullname" . }}-aaf-config-pv
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}-aaf-config-pv
- chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
- name: {{ include "common.fullname" . }}
-spec:
- capacity:
- storage: {{ index .Values $aafRoot "persistence" "config" "size"}}
- accessModes:
- - {{ index .Values $aafRoot "persistence" "config" "accessMode" }}
- persistentVolumeReclaimPolicy: {{ index .Values $aafRoot "persistence" "config" "volumeReclaimPolicy" }}
- hostPath:
- path: {{ index .Values $aafRoot "persistence" "config" "mountPath" }}/{{ .Release.Name }}/{{ index .Values $aafRoot "persistence" "config" "mountSubPath" }}
-{{- if (index .Values $aafRoot "persistence" "config" "storageClass") }}
-{{- if (eq "-" (index .Values $aafRoot "persistence" "config" "storageClass")) }}
- storageClassName: ""
-{{- else }}
- storageClassName: "{{ index .Values $aafRoot "persistence" "config" "storageClass" }}"
-{{- end }}
-{{- end }}
-{{- end -}}
-
-{{- define "common.aaf-config-pvc" -}}
-{{- $dot := default . .dot -}}
-{{- $aafRoot := default "aafConfig" .aafRoot -}}
-metadata:
- name: {{ include "common.fullname" . }}-aaf-config-pvc
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
-{{- if (index .Values $aafRoot "persistence" "annotations") }}
- annotations:
-{{ toYaml (index .Values $aafRoot "persistence" "annotations" ) | indent 4 }}
-{{- end }}
-spec:
- selector:
- matchLabels:
- app: {{ include "common.name" . }}-aaf-config-pv
- accessModes:
- - {{ index .Values $aafRoot "persistence" "config" "accessMode" }}
- resources:
- requests:
- storage: {{ index .Values $aafRoot "persistence" "config" "size" }}
-{{- if (index .Values $aafRoot "persistence" "config" "storageClass") }}
-{{- if (eq "-" (index .Values $aafRoot "persistence" "config" "storageClass")) }}
- storageClassName: ""
-{{- else }}
- storageClassName: "{{ index .Values $aafRoot "persistence" "config" "storageClass" }}"
-{{- end }}
-{{- end }}
+{{- end -}}
+{{- end -}}
{{- end -}}
diff --git a/kubernetes/common/common/templates/_storage.tpl b/kubernetes/common/common/templates/_storage.tpl
index 45c8b7504a..2114d677e6 100644
--- a/kubernetes/common/common/templates/_storage.tpl
+++ b/kubernetes/common/common/templates/_storage.tpl
@@ -16,9 +16,20 @@
{{/*
Give the root folder for ONAP when using host pathes
+
+ The function takes up to two arguments (inside a dictionary):
+ - .dot : environment (.)
+ - .subPath: the sub path to use, default to
+ ".Values.persistence.mountSubPath"
+
+ Example calls:
+ {{ include "common.storageClass" . }}
+ {{ include "common.storageClass" (dict "dot" . "subPath" "my-awesome-subPath") }}
*/}}
{{- define "common.persistencePath" -}}
-{{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ include "common.release" . }}/{{ .Values.persistence.mountSubPath }}
+{{- $dot := default . .dot -}}
+{{- $subPath := default $dot.Values.persistence.mountSubPath .subPath -}}
+{{ $dot.Values.global.persistence.mountPath | default $dot.Values.persistence.mountPath }}/{{ include "common.release" $dot }}/{{ $subPath }}
{{- end -}}
{{/*
@@ -26,28 +37,61 @@
The value "common.fullname"-data is used by default,
unless either override mechanism is used.
- - .Values.global.persistence.storageClass : override default storageClass for all charts
- - .Values.persistence.storageClassOverride : override global and default storage class on a per chart basis
- - .Values.persistence.storageClass : override default storage class on a per chart basis
+ - .Values.global.persistence.storageClass : override default storageClass for
+ all charts
+ - .Values.persistence.storageClassOverride : override global and default
+ storage class on a per chart
+ basis
+ - .Values.persistence.storageClass : override default storage class on
+ per chart basis
+
+ The function takes up to two arguments (inside a dictionary):
+ - .dot : environment (.)
+ - .suffix: suffix to name. if not set, default to "data" when no override
+ mechanism is used.
+ - .persistenceInfos: the persitence values to use, default to
+ `.Values.persistence`.
+ Need to be the dict key from `.Values` in string
+ format.
+ let's say you have:
+
+ persistence:
+ logs:
+ enabled: true
+ size: 100Mi
+ accessMode: ReadWriteOnce
+ ...
+
+ then you have to put `.Values.persitence.logs` in
+ order to use it.
+
+
+ Example calls:
+ {{ include "common.storageClass" . }}
+ {{ include "common.storageClass" (dict "dot" . "suffix" "my-awesome-suffix") }}
+ {{ include "common.storageClass" (dict "dot" . "suffix" "my-awesome-suffix" "persistenceInfos" .Values.persistenceLog) }}
*/}}
{{- define "common.storageClass" -}}
- {{- if .Values.persistence.storageClassOverride -}}
- {{- if ne "-" .Values.persistence.storageClassOverride -}}
- {{- printf "%s" .Values.persistence.storageClassOverride -}}
+{{- $dot := default . .dot -}}
+{{- $suffix := default "data" .suffix -}}
+{{- $persistenceInfos := default $dot.Values.persistence .persistenceInfos -}}
+ {{- if $persistenceInfos.storageClassOverride -}}
+ {{- if ne "-" $persistenceInfos.storageClassOverride -}}
+ {{- $persistenceInfos.storageClassOverride -}}
{{- else -}}
{{- $storage_class := "" -}}
{{- printf "%q" $storage_class -}}
{{- end -}}
{{- else -}}
- {{- if or .Values.persistence.storageClass .Values.global.persistence.storageClass }}
- {{- if ne "-" (default .Values.persistence.storageClass .Values.global.persistence.storageClass) -}}
- {{- printf "%s" (default .Values.persistence.storageClass .Values.global.persistence.storageClass) -}}
+ {{- if or $persistenceInfos.storageClass $dot.Values.global.persistence.storageClass }}
+ {{- if ne "-" (default $persistenceInfos.storageClass $dot.Values.global.persistence.storageClass) -}}
+ {{- default $persistenceInfos.storageClass $dot.Values.global.persistence.storageClass -}}
{{- else -}}
{{- $storage_class := "" -}}
{{- printf "%q" $storage_class -}}
{{- end -}}
{{- else -}}
- {{- printf "%s-data" (include "common.fullname" .) -}}
+ {{- printf "%s-%s" (include "common.fullname" $dot) $suffix -}}
{{- end -}}
{{- end -}}
{{- end -}}
@@ -63,53 +107,104 @@
{{/*
Generate a PV
+
+ The function takes up to three arguments (inside a dictionary):
+ - .dot : environment (.)
+ - .suffix: suffix to name. if not set, default to "data".
+ - .persistenceInfos: the persitence values to use, default to
+ `.Values.persistence`.
+ Need to be the dict key from `.Values` in string
+ format.
+ let's say you have:
+
+ persistence:
+ logs:
+ enabled: true
+ size: 100Mi
+ accessMode: ReadWriteOnce
+ ...
+
+ then you have to put `.Values.persitence.logs` in
+ order to use it.
+
+ Example calls:
+ {{ include "common.PV" . }}
+ {{ include "common.PV" (dict "dot" . "suffix" "my-awesome-suffix" "persistenceInfos".Values.persistenceLog ) }}
+ {{ include "common.PV" (dict "dot" . "subPath" "persistenceInfos" .Values.persistence.log) }}
*/}}
{{- define "common.PV" -}}
-{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
-{{- if (include "common.needPV" .) -}}
+{{- $dot := default . .dot -}}
+{{- $suffix := default "data" .suffix -}}
+{{- $metadata_suffix := ternary "" $suffix (eq $suffix "data") -}}
+{{- $persistenceInfos := default $dot.Values.persistence .persistenceInfos -}}
+{{- if and $persistenceInfos.enabled (not $persistenceInfos.existingClaim) -}}
+{{- if (include "common.needPV" $dot) -}}
kind: PersistentVolume
apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}-data
- namespace: {{ include "common.namespace" . }}
- labels: {{- include "common.labels" . | nindent 4 }}
+metadata: {{- include "common.resourceMetadata" (dict "dot" $dot "suffix" $suffix "labels" $persistenceInfos.labels) | nindent 2 }}
spec:
capacity:
- storage: {{ .Values.persistence.size }}
+ storage: {{ $persistenceInfos.size }}
accessModes:
- - {{ .Values.persistence.accessMode }}
- storageClassName: "{{ include "common.fullname" . }}-data"
- persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
+ - {{ $persistenceInfos.accessMode }}
+ persistentVolumeReclaimPolicy: {{ $persistenceInfos.volumeReclaimPolicy }}
+ storageClassName: "{{ include "common.fullname" $dot }}-{{ $suffix }}"
hostPath:
- path: {{ include "common.persistencePath" . }}
+ path: {{ include "common.persistencePath" (dict "dot" $dot "subPath" $persistenceInfos.mountSubPath) }}
{{- end -}}
{{- end -}}
{{- end -}}
{{/*
Generate N PV for a statefulset
+
+ The function takes up to two arguments (inside a dictionary):
+ - .dot : environment (.)
+ - .suffix: suffix to name. if not set, default to "data".
+ - .persistenceInfos: the persitence values to use, default to
+ `.Values.persistence`.
+ Need to be the dict key from `.Values` in string
+ format.
+ let's say you have:
+
+ persistence:
+ logs:
+ enabled: true
+ size: 100Mi
+ accessMode: ReadWriteOnce
+ ...
+
+ then you have to put `.Values.persitence.logs` in
+ order to use it.
+
+ Example calls:
+ {{ include "common.replicaPV" . }}
+ {{ include "common.replicaPV" (dict "dot" . "suffix" "my-awesome-suffix" "persistenceInfos" .Values.persistenceLog) }}
+ {{ include "common.replicaPV" (dict dot" . "subPath" "persistenceInfos" .Values.persistence.log) }}
*/}}
{{- define "common.replicaPV" -}}
-{{- $global := . }}
-{{- if and $global.Values.persistence.enabled (not $global.Values.persistence.existingClaim) }}
-{{- if (include "common.needPV" .) -}}
-{{- range $i := until (int $global.Values.replicaCount)}}
+{{- $dot := default . .dot -}}
+{{- $suffix := default "data" .suffix -}}
+{{- $metadata_suffix := ternary "" $suffix (eq $suffix "data") -}}
+{{- $persistenceInfos := default $dot.Values.persistence .persistenceInfos -}}
+{{- if and $persistenceInfos.enabled (not $persistenceInfos.existingClaim) -}}
+{{- if (include "common.needPV" $dot) -}}
+{{/* TODO: see if we can use "common.PV" after branching F release */}}
+{{- range $i := until (int $dot.Values.replicaCount) }}
+{{- $range_suffix := printf "%s-%d" $metadata_suffix $i }}
---
kind: PersistentVolume
apiVersion: v1
-metadata:
- name: {{ include "common.fullname" $global }}-data-{{$i}}
- namespace: {{ include "common.namespace" $global }}
- labels: {{- include "common.labels" $global | nindent 4 }}
+metadata: {{- include "common.resourceMetadata" (dict "dot" $dot "suffix" $range_suffix "labels" $persistenceInfos.labels) | nindent 2 }}
spec:
capacity:
- storage: {{ $global.Values.persistence.size}}
+ storage: {{ $persistenceInfos.size }}
accessModes:
- - {{ $global.Values.persistence.accessMode }}
- persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }}
- storageClassName: "{{ include "common.fullname" $global }}-data"
+ - {{ $persistenceInfos.accessMode }}
+ persistentVolumeReclaimPolicy: {{ $persistenceInfos.volumeReclaimPolicy }}
+ storageClassName: "{{ include "common.fullname" $dot }}-{{ $suffix }}"
hostPath:
- path: {{ include "common.persistencePath" $global }}-{{$i}}
+ path: {{ include "common.persistencePath" (dict "dot" $dot "subPath" $persistenceInfos.mountSubPath) }}-{{ $i }}
{{- end -}}
{{- end -}}
{{- end -}}
@@ -117,22 +212,81 @@ spec:
{{/*
Generate a PVC
+
+ The function takes up to two arguments (inside a dictionary):
+ - .dot : environment (.)
+ - .suffix: suffix to name. if not set, default to "data".
+ - .persistenceInfos: the persitence values to use, default to
+ `.Values.persistence`.
+ Need to be the dict key from `.Values` in string
+ format.
+ let's say you have:
+
+ persistence:
+ logs:
+ enabled: true
+ size: 100Mi
+ accessMode: ReadWriteOnce
+ ...
+
+ then you have to put `.Values.persitence.logs` in
+ order to use it.
+
+ Example calls:
+ {{ include "common.PVC" . }}
+ {{ include "common.PVC" (dict "dot" . "suffix" "my-awesome-suffix" "persistenceInfos" .Values.persistenceLog) }}
+ {{ include "common.PVC" (dict dot" . "subPath" "persistenceInfos" .Values.persistence.log) }}
*/}}
{{- define "common.PVC" -}}
-{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
+{{- $dot := default . .dot -}}
+{{- $persistenceInfos := default $dot.Values.persistence .persistenceInfos -}}
+{{- $suffix := default "data" .suffix -}}
+{{- $metadata_suffix := ternary "" $suffix (eq $suffix "data") -}}
+{{- if and $persistenceInfos.enabled (not $persistenceInfos.existingClaim) -}}
kind: PersistentVolumeClaim
apiVersion: v1
-metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
-{{- if .Values.persistence.annotations }}
- annotations:
-{{ toYaml .Values.persistence.annotations | indent 4 }}
-{{- end }}
+{{ include "common.PVCTemplate" (dict "dot" $dot "suffix" $suffix "persistenceInfos" $persistenceInfos) }}
+{{- end -}}
+{{- end -}}
+
+{{/*
+ Generate a PVC template for a statefulset
+
+ The function takes up to two arguments (inside a dictionary):
+ - .dot : environment (.)
+ - .suffix: suffix to name. if not set, default to "data".
+ - .persistenceInfos: the persitence values to use, default to
+ `.Values.persistence`.
+ Need to be the dict key from `.Values` in string
+ format.
+ let's say you have:
+
+ persistence:
+ logs:
+ enabled: true
+ size: 100Mi
+ accessMode: ReadWriteOnce
+ ...
+
+ then you have to put `.Values.persitence.logs` in
+ order to use it.
+
+ Example calls:
+ {{ include "common.PVCTemplate" . }}
+ {{ include "common.PVCTemplate" (dict "dot" . "suffix" "my-awesome-suffix" "persistenceInfos" .Values.persistenceLog) }}
+ {{ include "common.PVCTemplate" (dict dot" . "subPath" "persistenceInfos" .Values.persistence.log) }}
+*/}}
+{{- define "common.PVCTemplate" -}}
+{{- $dot := default . .dot -}}
+{{- $persistenceInfos := default $dot.Values.persistence .persistenceInfos -}}
+{{- $suffix := default "data" .suffix -}}
+{{- $metadata_suffix := ternary "" $suffix (eq $suffix "data") -}}
+metadata: {{- include "common.resourceMetadata" (dict "dot" $dot "suffix" $metadata_suffix "annotations" $persistenceInfos.annotations) | nindent 2 }}
spec:
accessModes:
- - {{ .Values.persistence.accessMode }}
- storageClassName: {{ include "common.storageClass" . }}
+ - {{ $persistenceInfos.accessMode }}
+ storageClassName: {{ include "common.storageClass" (dict "dot" $dot "suffix" $suffix "persistenceInfos" $persistenceInfos ) }}
resources:
requests:
- storage: {{ .Values.persistence.size }}
-{{- end -}}
+ storage: {{ $persistenceInfos.size }}
{{- end -}}
diff --git a/kubernetes/onap/values.yaml b/kubernetes/onap/values.yaml
index 4d69b9d3cb..40275a5696 100755
--- a/kubernetes/onap/values.yaml
+++ b/kubernetes/onap/values.yaml
@@ -71,8 +71,10 @@ global:
tls: true
# Disabling AAF
- # POC Mode, don't use it in production
+ # POC Mode, only for use in development environment
+ # Keep it enabled in production
aafEnabled: true
+ aafAgentImage: onap/aaf/aaf_agent:2.1.20
# TLS
# Set to false if you want to disable TLS for NodePorts. Be aware that this
diff --git a/kubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml
index 02947c6643..aa1189dcba 100755
--- a/kubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml
+++ b/kubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml
@@ -284,7 +284,7 @@ policy:
environment: TEST
sdnc:
auth: Basic YWRtaW46S3A4Yko0U1hzek0wV1hsaGFrM2VIbGNzZTJnQXc4NHZhb0dHbUp2VXkyVQ==
- host: http://sdnc.{{ include "common.namespace" . }}:8282
+ host: http://{{ .Values.global.sdncOamService }}.{{ include "common.namespace" . }}:{{ .Values.global.sdncOamPort }}
path: /restconf/operations/GENERIC-RESOURCE-API
si:
svc:
diff --git a/kubernetes/so/charts/so-bpmn-infra/values.yaml b/kubernetes/so/charts/so-bpmn-infra/values.yaml
index 1d2c5f17b1..b04343feef 100755
--- a/kubernetes/so/charts/so-bpmn-infra/values.yaml
+++ b/kubernetes/so/charts/so-bpmn-infra/values.yaml
@@ -22,6 +22,9 @@ global:
readinessImage: readiness-check:2.0.2
persistence:
mountPath: /dockerdata-nfs
+ #This configuration specifies Service and port for SDNC OAM interface
+ sdncOamService: sdnc-oam
+ sdncOamPort: 8282
#################################################################
# Secrets metaconfig
diff --git a/kubernetes/so/charts/so-sdnc-adapter/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-sdnc-adapter/resources/config/overrides/override.yaml
index 7a1358cc88..d363122a33 100755
--- a/kubernetes/so/charts/so-sdnc-adapter/resources/config/overrides/override.yaml
+++ b/kubernetes/so/charts/so-sdnc-adapter/resources/config/overrides/override.yaml
@@ -148,16 +148,16 @@ org:
bpelurl: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/WorkflowMessage
sdncauth: {{ include "helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.encrypted "value2" .Values.org.onap.so.adapters.sdnc.sdncauth )}}
sdncconnecttime: 5000
- sdncurl10: 'http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/GENERIC-RESOURCE-API:'
- sdncurl11: 'http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/VNFTOPOLOGYAIC-API:'
- sdncurl12: 'http://sdnc.{{ include "common.namespace" . }}:8282/'
- sdncurl13: 'http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/opticalservice:'
- sdncurl5: 'http://sdnc.{{ include "common.namespace" . }}:8282/restconf/config'
- sdncurl6: 'http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/VNF-API:'
- sdncurl7: 'http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/L3UCPE-API:'
- sdncurl8: 'http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/NBNC-API:'
- sdncurl9: 'http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/NORTHBOUND-API:service-topology-operation'
- sdncurl20: 'http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/LCM:'
+ sdncurl10: 'http://{{ .Values.global.sdncOamService }}.{{ include "common.namespace" . }}:{{ .Values.global.sdncOamPort }}/restconf/operations/GENERIC-RESOURCE-API:'
+ sdncurl11: 'http://{{ .Values.global.sdncOamService }}.{{ include "common.namespace" . }}:{{ .Values.global.sdncOamPort }}/restconf/operations/VNFTOPOLOGYAIC-API:'
+ sdncurl12: 'http://{{ .Values.global.sdncOamService }}.{{ include "common.namespace" . }}:{{ .Values.global.sdncOamPort }}/'
+ sdncurl13: 'http://{{ .Values.global.sdncOamService }}.{{ include "common.namespace" . }}:{{ .Values.global.sdncOamPort }}/restconf/operations/opticalservice:'
+ sdncurl5: 'http://{{ .Values.global.sdncOamService }}.{{ include "common.namespace" . }}:{{ .Values.global.sdncOamPort }}/restconf/config'
+ sdncurl6: 'http://{{ .Values.global.sdncOamService }}.{{ include "common.namespace" . }}:{{ .Values.global.sdncOamPort }}/restconf/operations/VNF-API:'
+ sdncurl7: 'http://{{ .Values.global.sdncOamService }}.{{ include "common.namespace" . }}:{{ .Values.global.sdncOamPort }}/restconf/operations/L3UCPE-API:'
+ sdncurl8: 'http://{{ .Values.global.sdncOamService }}.{{ include "common.namespace" . }}:{{ .Values.global.sdncOamPort }}/restconf/operations/NBNC-API:'
+ sdncurl9: 'http://{{ .Values.global.sdncOamService }}.{{ include "common.namespace" . }}:{{ .Values.global.sdncOamPort }}/restconf/operations/NORTHBOUND-API:service-topology-operation'
+ sdncurl20: 'http://{{ .Values.global.sdncOamService }}.{{ include "common.namespace" . }}:{{ .Values.global.sdncOamPort }}/restconf/operations/LCM:'
service:
infra:
service-topology-infra-activate-operation: POST|90000|sdncurl9|sdnc-request-header|com:att:sdnctl:northbound-api:v1
diff --git a/kubernetes/so/charts/so-sdnc-adapter/values.yaml b/kubernetes/so/charts/so-sdnc-adapter/values.yaml
index a4b2496662..42c5d4ddb3 100755
--- a/kubernetes/so/charts/so-sdnc-adapter/values.yaml
+++ b/kubernetes/so/charts/so-sdnc-adapter/values.yaml
@@ -22,6 +22,9 @@ global:
readinessImage: readiness-check:2.0.2
persistence:
mountPath: /dockerdata-nfs
+ #This configuration specifies Service and port for SDNC OAM interface
+ sdncOamService: sdnc-oam
+ sdncOamPort: 8282
#################################################################
# Secrets metaconfig
diff --git a/kubernetes/so/values.yaml b/kubernetes/so/values.yaml
index 8a83427c4b..4cf991ea60 100755
--- a/kubernetes/so/values.yaml
+++ b/kubernetes/so/values.yaml
@@ -34,6 +34,9 @@ global:
localCluster: false
persistence:
mountPath: /dockerdata-nfs
+ #This configuration specifies Service and port for SDNC OAM interface
+ sdncOamService: sdnc-oam
+ sdncOamPort: 8282
#This configuration will run the migration. The configurations are for backing up the data
#from DB and then restoring it to the present versions preferred DB.
migration:
diff --git a/kubernetes/vnfsdk/values.yaml b/kubernetes/vnfsdk/values.yaml
index 9529e558a2..96cacfbf82 100644
--- a/kubernetes/vnfsdk/values.yaml
+++ b/kubernetes/vnfsdk/values.yaml
@@ -28,7 +28,7 @@ global:
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/vnfsdk/refrepo:1.3.2
+image: onap/vnfsdk/refrepo:1.5.1
postgresRepository: crunchydata
postgresImage: crunchy-postgres:centos7-10.3-1.8.2
pullPolicy: Always