summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pvc.yaml3
m---------kubernetes/aai0
-rwxr-xr-xkubernetes/cds/charts/cds-blueprints-processor/resources/config/application.properties3
-rwxr-xr-xkubernetes/common/mariadb-init/resources/config/db_init.sh34
-rw-r--r--kubernetes/common/mariadb-init/templates/job.yaml9
-rw-r--r--kubernetes/common/postgres-legacy/.helmignore21
-rw-r--r--kubernetes/common/postgres-legacy/Chart.yaml18
-rw-r--r--kubernetes/common/postgres-legacy/charts/pgpool/Chart.yaml18
-rw-r--r--kubernetes/common/postgres-legacy/charts/pgpool/configs/pgpool.conf677
-rw-r--r--kubernetes/common/postgres-legacy/charts/pgpool/configs/pool_hba.conf67
-rw-r--r--kubernetes/common/postgres-legacy/charts/pgpool/configs/pool_passwd (renamed from kubernetes/common/postgres/charts/pgpool/configs/pool_passwd)0
-rw-r--r--kubernetes/common/postgres-legacy/charts/pgpool/requirements.yaml18
-rwxr-xr-xkubernetes/common/postgres-legacy/charts/pgpool/templates/configmap.yaml26
-rw-r--r--kubernetes/common/postgres-legacy/charts/pgpool/templates/deployment.yaml68
-rw-r--r--kubernetes/common/postgres-legacy/charts/pgpool/templates/service.yaml26
-rw-r--r--kubernetes/common/postgres-legacy/charts/pgpool/values.yaml44
-rw-r--r--kubernetes/common/postgres-legacy/requirements.yaml18
-rw-r--r--kubernetes/common/postgres-legacy/templates/pv.yaml (renamed from kubernetes/common/postgres/templates/pv.yaml)0
-rw-r--r--kubernetes/common/postgres-legacy/templates/secrets.yaml31
-rw-r--r--kubernetes/common/postgres-legacy/templates/service.yaml (renamed from kubernetes/common/postgres/templates/service.yaml)0
-rw-r--r--kubernetes/common/postgres-legacy/templates/statefulset.yaml (renamed from kubernetes/common/postgres/templates/statefulset.yaml)0
-rw-r--r--kubernetes/common/postgres-legacy/values.yaml139
-rw-r--r--kubernetes/common/postgres/charts/pgpool/configs/pool_hba.conf1
-rw-r--r--kubernetes/common/postgres/charts/pgpool/templates/deployment.yaml34
-rw-r--r--kubernetes/common/postgres/charts/pgpool/templates/secrets.yaml28
-rw-r--r--kubernetes/common/postgres/charts/pgpool/templates/service.yaml4
-rw-r--r--kubernetes/common/postgres/charts/pgpool/values.yaml3
-rw-r--r--kubernetes/common/postgres/configs/pg_hba.conf68
-rw-r--r--kubernetes/common/postgres/templates/configmap.yaml27
-rw-r--r--kubernetes/common/postgres/templates/deployment-primary.yaml138
-rw-r--r--kubernetes/common/postgres/templates/deployment-replica.yaml138
-rw-r--r--kubernetes/common/postgres/templates/pv-primary.yaml39
-rw-r--r--kubernetes/common/postgres/templates/pv-replica.yaml39
-rw-r--r--kubernetes/common/postgres/templates/pvc-primary.yaml45
-rw-r--r--kubernetes/common/postgres/templates/pvc-replica.yaml44
-rw-r--r--kubernetes/common/postgres/templates/service-common.yaml41
-rw-r--r--kubernetes/common/postgres/templates/service-primary.yaml41
-rw-r--r--kubernetes/common/postgres/templates/service-replica.yaml41
-rw-r--r--kubernetes/common/postgres/values.yaml8
-rw-r--r--kubernetes/dcaegen2/components/dcae-bootstrap/requirements.yaml3
-rw-r--r--kubernetes/dcaegen2/components/dcae-inventory-api/requirements.yaml3
m---------kubernetes/robot0
-rwxr-xr-xkubernetes/sdnc/resources/config/bin/startODL.sh21
-rw-r--r--kubernetes/sdnc/resources/env.yaml1
-rw-r--r--kubernetes/sdnc/templates/secret-aaf.yaml15
-rw-r--r--kubernetes/sdnc/templates/service.yaml5
-rw-r--r--kubernetes/sdnc/templates/statefulset.yaml55
-rw-r--r--kubernetes/sdnc/values.yaml14
-rwxr-xr-xkubernetes/so/charts/so-vnfm-adapter/resources/config/overrides/override.yaml8
-rwxr-xr-xkubernetes/so/values.yaml3
50 files changed, 2054 insertions, 33 deletions
diff --git a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pvc.yaml b/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pvc.yaml
index 8272597f0b..201d456fec 100644
--- a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pvc.yaml
+++ b/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pvc.yaml
@@ -31,9 +31,6 @@ metadata:
{{ toYaml .Values.persistence.annotations | indent 4 }}
{{- end }}
spec:
- selector:
- matchLabels:
- name: {{ include "common.fullname" . }}
accessModes:
- {{ .Values.persistence.accessMode }}
resources:
diff --git a/kubernetes/aai b/kubernetes/aai
-Subproject d801a6ee395220b11bfac773c3111489282e735
+Subproject f636b1cc2bf7d391dc76956e906a6f497ef1b09
diff --git a/kubernetes/cds/charts/cds-blueprints-processor/resources/config/application.properties b/kubernetes/cds/charts/cds-blueprints-processor/resources/config/application.properties
index 2a67aa58d4..b102b7c365 100755
--- a/kubernetes/cds/charts/cds-blueprints-processor/resources/config/application.properties
+++ b/kubernetes/cds/charts/cds-blueprints-processor/resources/config/application.properties
@@ -94,6 +94,9 @@ blueprintsprocessor.restclient.aai-data.type=basic-auth
blueprintsprocessor.restclient.aai-data.url=https://aai:8443
blueprintsprocessor.restclient.aai-data.username=aai@aai.onap.org
blueprintsprocessor.restclient.aai-data.password=demo123456!
+blueprintsprocessor.restclient.aai-data.additionalHeaders.X-TransactionId=cds-transaction-id
+blueprintsprocessor.restclient.aai-data.additionalHeaders.X-FromAppId=cds-app-id
+blueprintsprocessor.restclient.aai-data.additionalHeaders.Accept=application/json
# Self Service Request Kafka Message Consumer
blueprintsprocessor.messageconsumer.self-service-api.kafkaEnable=false
diff --git a/kubernetes/common/mariadb-init/resources/config/db_init.sh b/kubernetes/common/mariadb-init/resources/config/db_init.sh
index 304835bdd5..b2fdb14b12 100755
--- a/kubernetes/common/mariadb-init/resources/config/db_init.sh
+++ b/kubernetes/common/mariadb-init/resources/config/db_init.sh
@@ -1,5 +1,6 @@
-#!/bin/sh
+#!/bin/bash
# Copyright © 2019 Orange
+# Copyright © 2020 Samsung Electronics
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -13,20 +14,23 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-echo "Creating database {{ .Values.config.mysqlDatabase }} and user {{ .Values.config.userName }}..."
+while read DB ; do
+ USER_VAR="MYSQL_USER_${DB^^}"
+ PASS_VAR="MYSQL_PASSWORD_${DB^^}"
+ USER=${!USER_VAR}
+ PASS=${!PASS_VAR}
+ MYSQL_OPTS=( -h ${DB_HOST} -P ${DB_PORT} -uroot -p${MYSQL_ROOT_PASSWORD} )
-mysql -h ${DB_HOST} -P ${DB_PORT} -uroot -p$MYSQL_ROOT_PASSWORD -e "CREATE OR REPLACE USER '{{ .Values.config.userName }}'@'%' IDENTIFIED BY '${MYSQL_PASSWORD}'"
-mysql -h ${DB_HOST} -P ${DB_PORT} -uroot -p$MYSQL_ROOT_PASSWORD -e "CREATE DATABASE IF NOT EXISTS {{ .Values.config.mysqlDatabase }}"
-mysql -h ${DB_HOST} -P ${DB_PORT} -uroot -p$MYSQL_ROOT_PASSWORD -e "GRANT ALL PRIVILEGES ON {{ .Values.config.mysqlDatabase }}.* TO '{{ .Values.config.userName }}'@'%'"
+ echo "Creating database ${DB} and user ${USER}..."
-echo "Created database {{ .Values.config.mysqlDatabase }} and user {{ .Values.config.userName }}."
+ mysql "${MYSQL_OPTS[@]}" -e "CREATE OR REPLACE USER '${USER}'@'%' IDENTIFIED BY '${PASS}'"
+ mysql "${MYSQL_OPTS[@]}" -e "CREATE DATABASE IF NOT EXISTS ${DB}"
+ mysql "${MYSQL_OPTS[@]}" -e "GRANT ALL PRIVILEGES ON ${DB}.* TO '${USER}'@'%'"
-{{ range $db, $dbInfos := .Values.config.mysqlAdditionalDatabases -}}
-echo "Creating database {{ $db }} and user {{ $dbInfos.user }}..."
-
-mysql -h ${DB_HOST} -P ${DB_PORT} -uroot -p$MYSQL_ROOT_PASSWORD -e "CREATE OR REPLACE USER '{{ $dbInfos.user }}'@'%' IDENTIFIED BY '${MYSQL_PASSWORD_{{ $db | upper }}}'"
-mysql -h ${DB_HOST} -P ${DB_PORT} -uroot -p$MYSQL_ROOT_PASSWORD -e "CREATE DATABASE IF NOT EXISTS {{ $db }}"
-mysql -h ${DB_HOST} -P ${DB_PORT} -uroot -p$MYSQL_ROOT_PASSWORD -e "GRANT ALL PRIVILEGES ON {{ $db }}.* TO '{{ $dbInfos.user }}'@'%'"
-
-echo "Created database {{ $db }} and user {{ $dbInfos.user }}."
-{{ end }}
+ echo "Created database ${DB} and user ${USER}."
+done <<EOF
+{{ .Values.config.mysqlDatabase }}
+{{- range $db, $_value := .Values.config.mysqlAdditionalDatabases }}
+{{ $db }}
+{{- end }}
+EOF
diff --git a/kubernetes/common/mariadb-init/templates/job.yaml b/kubernetes/common/mariadb-init/templates/job.yaml
index 679c10c9a3..f3ff9934ab 100644
--- a/kubernetes/common/mariadb-init/templates/job.yaml
+++ b/kubernetes/common/mariadb-init/templates/job.yaml
@@ -1,4 +1,5 @@
# Copyright © 2019 Orange
+# Copyright © 2020 Samsung Electronics
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -63,13 +64,17 @@ spec:
secretKeyRef:
name: {{ include "mariadbInit.mariadbClusterSecret" . }}
key: {{ .Values.global.mariadbGalera.userRootSecretKey }}
- - name: MYSQL_PASSWORD
+ - name: {{ printf "MYSQL_USER_%s" .Values.config.mysqlDatabase | upper }}
+ value: "{{ .Values.config.userName }}"
+ - name: {{ printf "MYSQL_PASSWORD_%s" .Values.config.mysqlDatabase | upper }}
valueFrom:
secretKeyRef:
name: {{ template "common.fullname" . }}
key: db-user-password
{{- $root := . }}
-{{ range $db, $_value := .Values.config.mysqlAdditionalDatabases }}
+{{ range $db, $dbInfos := .Values.config.mysqlAdditionalDatabases }}
+ - name: {{ printf "MYSQL_USER_%s" $db | upper }}
+ value: {{ $dbInfos.user }}
- name: {{ printf "MYSQL_PASSWORD_%s" $db | upper }}
valueFrom:
secretKeyRef:
diff --git a/kubernetes/common/postgres-legacy/.helmignore b/kubernetes/common/postgres-legacy/.helmignore
new file mode 100644
index 0000000000..f0c1319444
--- /dev/null
+++ b/kubernetes/common/postgres-legacy/.helmignore
@@ -0,0 +1,21 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
diff --git a/kubernetes/common/postgres-legacy/Chart.yaml b/kubernetes/common/postgres-legacy/Chart.yaml
new file mode 100644
index 0000000000..eff8e36eba
--- /dev/null
+++ b/kubernetes/common/postgres-legacy/Chart.yaml
@@ -0,0 +1,18 @@
+# Copyright © 2018 Amdocs, AT&T, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+description: ONAP Postgres Server
+name: postgres-legacy
+version: 5.0.0
diff --git a/kubernetes/common/postgres-legacy/charts/pgpool/Chart.yaml b/kubernetes/common/postgres-legacy/charts/pgpool/Chart.yaml
new file mode 100644
index 0000000000..e2818139fa
--- /dev/null
+++ b/kubernetes/common/postgres-legacy/charts/pgpool/Chart.yaml
@@ -0,0 +1,18 @@
+# Copyright © 2018 Amdocs, AT&T, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+description: ONAP Postgres Server
+name: pgpool
+version: 5.0.0
diff --git a/kubernetes/common/postgres-legacy/charts/pgpool/configs/pgpool.conf b/kubernetes/common/postgres-legacy/charts/pgpool/configs/pgpool.conf
new file mode 100644
index 0000000000..f335174f40
--- /dev/null
+++ b/kubernetes/common/postgres-legacy/charts/pgpool/configs/pgpool.conf
@@ -0,0 +1,677 @@
+# ----------------------------
+# pgPool-II configuration file a custom version
+# ----------------------------
+#
+# This file consists of lines of the form:
+#
+# name = value
+#
+# Whitespace may be used. Comments are introduced with "#" anywhere on a line.
+# The complete list of parameter names and allowed values can be found in the
+# pgPool-II documentation.
+#
+# This file is read on server startup and when the server receives a SIGHUP
+# signal. If you edit the file on a running system, you have to SIGHUP the
+# server for the changes to take effect, or use "pgpool reload". Some
+# parameters, which are marked below, require a server shutdown and restart to
+# take effect.
+#
+
+
+#------------------------------------------------------------------------------
+# CONNECTIONS
+#------------------------------------------------------------------------------
+
+# - pgpool Connection Settings -
+
+listen_addresses = '*'
+ # Host name or IP address to listen on:
+ # '*' for all, '' for no TCP/IP connections
+ # (change requires restart)
+#port = 9999
+port = 5432
+ # Port number
+ # (change requires restart)
+socket_dir = '/tmp'
+ # Unix domain socket path
+ # The Debian package defaults to
+ # /var/run/postgresql
+ # (change requires restart)
+
+
+# - pgpool Communication Manager Connection Settings -
+
+pcp_port = 9898
+ # Port number for pcp
+ # (change requires restart)
+pcp_socket_dir = '/tmp'
+ # Unix domain socket path for pcp
+ # The Debian package defaults to
+ # /var/run/postgresql
+ # (change requires restart)
+
+# - Backend Connection Settings -
+
+backend_hostname0 = '{{.Values.container.name.primary}}'
+backend_port0 = 5432
+backend_weight0= 1
+backend_flag0= 'DISALLOW_TO_FAILOVER'
+
+backend_hostname1 = '{{.Values.container.name.replica}}'
+backend_port1 = 5432
+backend_weight1= 1
+backend_flag1= 'DISALLOW_TO_FAILOVER'
+
+#backend_hostname0 = 'master'
+ # Host name or IP address to connect to for backend 0
+#backend_port0 = 5432
+ # Port number for backend 0
+#backend_weight0 = 1
+ # Weight for backend 0 (only in load balancing mode)
+#backend_data_directory0 = '/data'
+ # Data directory for backend 0
+#backend_flag0 = 'ALLOW_TO_FAILOVER'
+ # Controls various backend behavior
+ # ALLOW_TO_FAILOVER or DISALLOW_TO_FAILOVER
+#backend_hostname1 = 'standby'
+#backend_port1 = 5432
+#backend_weight1 = 1
+#backend_data_directory1 = '/data1'
+#backend_flag1 = 'ALLOW_TO_FAILOVER'
+
+# - Authentication -
+
+enable_pool_hba = on
+ # Use pool_hba.conf for client authentication
+pool_passwd = 'pool_passwd'
+ # File name of pool_passwd for md5 authentication.
+ # "" disables pool_passwd.
+ # (change requires restart)
+authentication_timeout = 60
+ # Delay in seconds to complete client authentication
+ # 0 means no timeout.
+
+# - SSL Connections -
+
+ssl = off
+ # Enable SSL support
+ # (change requires restart)
+#ssl_key = './server.key'
+ # Path to the SSL private key file
+ # (change requires restart)
+#ssl_cert = './server.cert'
+ # Path to the SSL public certificate file
+ # (change requires restart)
+#ssl_ca_cert = ''
+ # Path to a single PEM format file
+ # containing CA root certificate(s)
+ # (change requires restart)
+#ssl_ca_cert_dir = ''
+ # Directory containing CA root certificate(s)
+ # (change requires restart)
+
+
+#------------------------------------------------------------------------------
+# POOLS
+#------------------------------------------------------------------------------
+
+# - Pool size -
+
+num_init_children = 5
+ # Number of pools
+ # (change requires restart)
+max_pool = 1
+ # Number of connections per pool
+ # (change requires restart)
+
+# - Life time -
+
+child_life_time = 300
+ # Pool exits after being idle for this many seconds
+child_max_connections = 0
+ # Pool exits after receiving that many connections
+ # 0 means no exit
+connection_life_time = 0
+ # Connection to backend closes after being idle for this many seconds
+ # 0 means no close
+client_idle_limit = 0
+ # Client is disconnected after being idle for that many seconds
+ # (even inside an explicit transactions!)
+ # 0 means no disconnection
+
+
+#------------------------------------------------------------------------------
+# LOGS
+#------------------------------------------------------------------------------
+
+# - Where to log -
+
+log_destination = 'stderr'
+ # Where to log
+ # Valid values are combinations of stderr,
+ # and syslog. Default to stderr.
+
+# - What to log -
+
+print_timestamp = on
+ # Print timestamp on each line
+ # (change requires restart)
+
+log_connections = on
+ # Log connections
+log_hostname = on
+ # Hostname will be shown in ps status
+ # and in logs if connections are logged
+log_statement = on
+ # Log all statements
+log_per_node_statement = off
+ # Log all statements
+ # with node and backend informations
+log_standby_delay = 'if_over_threshold'
+ # Log standby delay
+ # Valid values are combinations of always,
+ # if_over_threshold, none
+
+# - Syslog specific -
+
+syslog_facility = 'LOCAL0'
+ # Syslog local facility. Default to LOCAL0
+syslog_ident = 'pgpool'
+ # Syslog program identification string
+ # Default to 'pgpool'
+
+# - Debug -
+
+debug_level = 1
+ # Debug message verbosity level
+ # 0 means no message, 1 or more mean verbose
+
+
+#------------------------------------------------------------------------------
+# FILE LOCATIONS
+#------------------------------------------------------------------------------
+
+pid_file_name = '/tmp/pgpool.pid'
+ # PID file name
+ # (change requires restart)
+logdir = '/tmp'
+ # Directory of pgPool status file
+ # (change requires restart)
+
+
+#------------------------------------------------------------------------------
+# CONNECTION POOLING
+#------------------------------------------------------------------------------
+
+connection_cache = off
+ # Activate connection pools
+ # (change requires restart)
+
+ # Semicolon separated list of queries
+ # to be issued at the end of a session
+ # The default is for 8.3 and later
+reset_query_list = 'ABORT; DISCARD ALL'
+ # The following one is for 8.2 and before
+#reset_query_list = 'ABORT; RESET ALL; SET SESSION AUTHORIZATION DEFAULT'
+
+
+#------------------------------------------------------------------------------
+# REPLICATION MODE
+#------------------------------------------------------------------------------
+
+replication_mode = off
+ # Activate replication mode
+ # (change requires restart)
+replicate_select = off
+ # Replicate SELECT statements
+ # when in replication or parallel mode
+ # replicate_select is higher priority than
+ # load_balance_mode.
+
+insert_lock = off
+ # Automatically locks a dummy row or a table
+ # with INSERT statements to keep SERIAL data
+ # consistency
+ # Without SERIAL, no lock will be issued
+lobj_lock_table = ''
+ # When rewriting lo_creat command in
+ # replication mode, specify table name to
+ # lock
+
+# - Degenerate handling -
+
+replication_stop_on_mismatch = off
+ # On disagreement with the packet kind
+ # sent from backend, degenerate the node
+ # which is most likely "minority"
+ # If off, just force to exit this session
+
+failover_if_affected_tuples_mismatch = off
+ # On disagreement with the number of affected
+ # tuples in UPDATE/DELETE queries, then
+ # degenerate the node which is most likely
+ # "minority".
+ # If off, just abort the transaction to
+ # keep the consistency
+
+
+#------------------------------------------------------------------------------
+# LOAD BALANCING MODE
+#------------------------------------------------------------------------------
+
+load_balance_mode = on
+ # Activate load balancing mode
+ # (change requires restart)
+ignore_leading_white_space = on
+ # Ignore leading white spaces of each query
+white_function_list = ''
+ # Comma separated list of function names
+ # that don't write to database
+ # Regexp are accepted
+black_function_list = 'currval,lastval,nextval,setval'
+ # Comma separated list of function names
+ # that write to database
+ # Regexp are accepted
+
+
+#------------------------------------------------------------------------------
+# MASTER/SLAVE MODE
+#------------------------------------------------------------------------------
+
+master_slave_mode = on
+ # Activate master/slave mode
+ # (change requires restart)
+master_slave_sub_mode = 'stream'
+ # Master/slave sub mode
+ # Valid values are combinations slony or
+ # stream. Default is slony.
+ # (change requires restart)
+
+# - Streaming -
+
+sr_check_period = 10
+ # Streaming replication check period
+ # Disabled (0) by default
+sr_check_user = '{{.Values.credentials.pgusername}}'
+ # Streaming replication check user
+ # This is neccessary even if you disable streaming
+ # replication delay check by sr_check_period = 0
+sr_check_password = '{{.Values.credentials.pgpassword}}'
+ # Password for streaming replication check user
+delay_threshold = 10000000
+ # Threshold before not dispatching query to standby node
+ # Unit is in bytes
+ # Disabled (0) by default
+
+# - Special commands -
+
+follow_master_command = ''
+ # Executes this command after master failover
+ # Special values:
+ # %d = node id
+ # %h = host name
+ # %p = port number
+ # %D = database cluster path
+ # %m = new master node id
+ # %H = hostname of the new master node
+ # %M = old master node id
+ # %P = old primary node id
+ # %r = new master port number
+ # %R = new master database cluster path
+ # %% = '%' character
+
+
+#------------------------------------------------------------------------------
+# PARALLEL MODE
+#------------------------------------------------------------------------------
+
+parallel_mode = off
+ # Activates parallel query mode
+ # (change requires restart)
+pgpool2_hostname = ''
+ # Set pgpool2 hostname
+ # (change requires restart)
+
+# - System DB info -
+
+#system_db_hostname = 'localhost'
+ # (change requires restart)
+#system_db_port = 5432
+ # (change requires restart)
+#system_db_dbname = 'pgpool'
+ # (change requires restart)
+#system_db_schema = 'pgpool_catalog'
+ # (change requires restart)
+#system_db_user = 'pgpool'
+ # (change requires restart)
+#system_db_password = ''
+ # (change requires restart)
+
+
+#------------------------------------------------------------------------------
+# HEALTH CHECK
+#------------------------------------------------------------------------------
+
+health_check_period = 20
+ # Health check period
+ # Disabled (0) by default
+health_check_timeout = 10
+ # Health check timeout
+ # 0 means no timeout
+health_check_user = '{{.Values.credentials.pgusername}}'
+ # Health check user
+health_check_password = '{{.Values.credentials.pgpassword}}'
+ # Password for health check user
+health_check_max_retries = 3
+connect_timeout = 10000 # Timeout value in milliseconds before giving up to connect to backend.
+
+ # Maximum number of times to retry a failed health check before giving up.
+health_check_retry_delay = 1
+ # Amount of time to wait (in seconds) between retries.
+
+
+#------------------------------------------------------------------------------
+# FAILOVER AND FAILBACK
+#------------------------------------------------------------------------------
+
+failover_command = ''
+ # Executes this command at failover
+ # Special values:
+ # %d = node id
+ # %h = host name
+ # %p = port number
+ # %D = database cluster path
+ # %m = new master node id
+ # %H = hostname of the new master node
+ # %M = old master node id
+ # %P = old primary node id
+ # %r = new master port number
+ # %R = new master database cluster path
+ # %% = '%' character
+failback_command = ''
+ # Executes this command at failback.
+ # Special values:
+ # %d = node id
+ # %h = host name
+ # %p = port number
+ # %D = database cluster path
+ # %m = new master node id
+ # %H = hostname of the new master node
+ # %M = old master node id
+ # %P = old primary node id
+ # %r = new master port number
+ # %R = new master database cluster path
+ # %% = '%' character
+
+fail_over_on_backend_error = off
+ # Initiates failover when reading/writing to the
+ # backend communication socket fails
+ # If set to off, pgpool will report an
+ # error and disconnect the session.
+
+search_primary_node_timeout = 10
+ # Timeout in seconds to search for the
+ # primary node when a failover occurs.
+ # 0 means no timeout, keep searching
+ # for a primary node forever.
+
+#------------------------------------------------------------------------------
+# ONLINE RECOVERY
+#------------------------------------------------------------------------------
+
+recovery_user = '{{.Values.credentials.pgusername}}'
+ # Online recovery user
+recovery_password = '{{.Values.credentials.pgpassword}}'
+ # Online recovery password
+recovery_1st_stage_command = ''
+ # Executes a command in first stage
+recovery_2nd_stage_command = ''
+ # Executes a command in second stage
+recovery_timeout = 90
+ # Timeout in seconds to wait for the
+ # recovering node's postmaster to start up
+ # 0 means no wait
+client_idle_limit_in_recovery = 0
+ # Client is disconnected after being idle
+ # for that many seconds in the second stage
+ # of online recovery
+ # 0 means no disconnection
+ # -1 means immediate disconnection
+
+
+#------------------------------------------------------------------------------
+# WATCHDOG
+#------------------------------------------------------------------------------
+
+# - Enabling -
+
+use_watchdog = off
+ # Activates watchdog
+ # (change requires restart)
+
+# -Connection to up stream servers -
+
+trusted_servers = ''
+ # trusted server list which are used
+ # to confirm network connection
+ # (hostA,hostB,hostC,...)
+ # (change requires restart)
+ping_path = '/bin'
+ # ping command path
+ # (change requires restart)
+
+# - Watchdog communication Settings -
+
+wd_hostname = ''
+ # Host name or IP address of this watchdog
+ # (change requires restart)
+wd_port = 9000
+ # port number for watchdog service
+ # (change requires restart)
+wd_authkey = ''
+ # Authentication key for watchdog communication
+ # (change requires restart)
+
+# - Virtual IP control Setting -
+
+delegate_IP = ''
+ # delegate IP address
+ # If this is empty, virtual IP never bring up.
+ # (change requires restart)
+ifconfig_path = '/sbin'
+ # ifconfig command path
+ # (change requires restart)
+if_up_cmd = 'ifconfig eth0:0 inet $_IP_$ netmask 255.255.255.0'
+ # startup delegate IP command
+ # (change requires restart)
+if_down_cmd = 'ifconfig eth0:0 down'
+ # shutdown delegate IP command
+ # (change requires restart)
+
+arping_path = '/usr/sbin' # arping command path
+ # (change requires restart)
+
+arping_cmd = 'arping -U $_IP_$ -w 1'
+ # arping command
+ # (change requires restart)
+
+# - Behaivor on escalation Setting -
+
+clear_memqcache_on_escalation = on
+ # Clear all the query cache on shared memory
+ # when standby pgpool escalate to active pgpool
+ # (= virtual IP holder).
+ # This should be off if client connects to pgpool
+ # not using virtual IP.
+ # (change requires restart)
+wd_escalation_command = ''
+ # Executes this command at escalation on new active pgpool.
+ # (change requires restart)
+
+# - Lifecheck Setting -
+
+# -- common --
+
+wd_lifecheck_method = 'heartbeat'
+ # Method of watchdog lifecheck ('heartbeat' or 'query')
+ # (change requires restart)
+wd_interval = 10
+ # lifecheck interval (sec) > 0
+ # (change requires restart)
+
+# -- heartbeat mode --
+
+wd_heartbeat_port = 9694
+ # Port number for receiving heartbeat signal
+ # (change requires restart)
+wd_heartbeat_keepalive = 2
+ # Interval time of sending heartbeat signal (sec)
+ # (change requires restart)
+wd_heartbeat_deadtime = 30
+ # Deadtime interval for heartbeat signal (sec)
+ # (change requires restart)
+heartbeat_destination0 = 'host0_ip1'
+ # Host name or IP address of destination 0
+ # for sending heartbeat signal.
+ # (change requires restart)
+heartbeat_destination_port0 = 9694
+ # Port number of destination 0 for sending
+ # heartbeat signal. Usually this is the
+ # same as wd_heartbeat_port.
+ # (change requires restart)
+heartbeat_device0 = ''
+ # Name of NIC device (such like 'eth0')
+ # used for sending/receiving heartbeat
+ # signal to/from destination 0.
+ # This works only when this is not empty
+ # and pgpool has root privilege.
+ # (change requires restart)
+
+#heartbeat_destination1 = 'host0_ip2'
+#heartbeat_destination_port1 = 9694
+#heartbeat_device1 = ''
+
+# -- query mode --
+
+wd_life_point = 3
+ # lifecheck retry times
+ # (change requires restart)
+wd_lifecheck_query = 'SELECT 1'
+ # lifecheck query to pgpool from watchdog
+ # (change requires restart)
+wd_lifecheck_dbname = 'template1'
+ # Database name connected for lifecheck
+ # (change requires restart)
+wd_lifecheck_user = 'nobody'
+ # watchdog user monitoring pgpools in lifecheck
+ # (change requires restart)
+wd_lifecheck_password = ''
+ # Password for watchdog user in lifecheck
+ # (change requires restart)
+
+# - Other pgpool Connection Settings -
+
+#other_pgpool_hostname0 = 'host0'
+ # Host name or IP address to connect to for other pgpool 0
+ # (change requires restart)
+#other_pgpool_port0 = 5432
+ # Port number for othet pgpool 0
+ # (change requires restart)
+#other_wd_port0 = 9000
+ # Port number for othet watchdog 0
+ # (change requires restart)
+#other_pgpool_hostname1 = 'host1'
+#other_pgpool_port1 = 5432
+#other_wd_port1 = 9000
+
+
+#------------------------------------------------------------------------------
+# OTHERS
+#------------------------------------------------------------------------------
+relcache_expire = 0
+ # Life time of relation cache in seconds.
+ # 0 means no cache expiration(the default).
+ # The relation cache is used for cache the
+ # query result against PostgreSQL system
+ # catalog to obtain various information
+ # including table structures or if it's a
+ # temporary table or not. The cache is
+ # maintained in a pgpool child local memory
+ # and being kept as long as it survives.
+ # If someone modify the table by using
+ # ALTER TABLE or some such, the relcache is
+ # not consistent anymore.
+ # For this purpose, cache_expiration
+ # controls the life time of the cache.
+relcache_size = 256
+ # Number of relation cache
+ # entry. If you see frequently:
+ # "pool_search_relcache: cache replacement happend"
+ # in the pgpool log, you might want to increate this number.
+
+check_temp_table = on
+ # If on, enable temporary table check in SELECT statements.
+ # This initiates queries against system catalog of primary/master
+ # thus increases load of master.
+ # If you are absolutely sure that your system never uses temporary tables
+ # and you want to save access to primary/master, you could turn this off.
+ # Default is on.
+
+
+#------------------------------------------------------------------------------
+# ON MEMORY QUERY MEMORY CACHE
+#------------------------------------------------------------------------------
+memory_cache_enabled = off
+ # If on, use the memory cache functionality, off by default
+memqcache_method = 'shmem'
+ # Cache storage method. either 'shmem'(shared memory) or
+ # 'memcached'. 'shmem' by default
+ # (change requires restart)
+memqcache_memcached_host = 'localhost'
+ # Memcached host name or IP address. Mandatory if
+ # memqcache_method = 'memcached'.
+ # Defaults to localhost.
+ # (change requires restart)
+memqcache_memcached_port = 11211
+ # Memcached port number. Mondatory if memqcache_method = 'memcached'.
+ # Defaults to 11211.
+ # (change requires restart)
+memqcache_total_size = 67108864
+ # Total memory size in bytes for storing memory cache.
+ # Mandatory if memqcache_method = 'shmem'.
+ # Defaults to 64MB.
+ # (change requires restart)
+memqcache_max_num_cache = 1000000
+ # Total number of cache entries. Mandatory
+ # if memqcache_method = 'shmem'.
+ # Each cache entry consumes 48 bytes on shared memory.
+ # Defaults to 1,000,000(45.8MB).
+ # (change requires restart)
+memqcache_expire = 0
+ # Memory cache entry life time specified in seconds.
+ # 0 means infinite life time. 0 by default.
+ # (change requires restart)
+memqcache_auto_cache_invalidation = on
+ # If on, invalidation of query cache is triggered by corresponding
+ # DDL/DML/DCL(and memqcache_expire). If off, it is only triggered
+ # by memqcache_expire. on by default.
+ # (change requires restart)
+memqcache_maxcache = 409600
+ # Maximum SELECT result size in bytes.
+ # Must be smaller than memqcache_cache_block_size. Defaults to 400KB.
+ # (change requires restart)
+memqcache_cache_block_size = 1048576
+ # Cache block size in bytes. Mandatory if memqcache_method = 'shmem'.
+ # Defaults to 1MB.
+ # (change requires restart)
+memqcache_oiddir = '/var/log/pgpool/oiddir'
+ # Temporary work directory to record table oids
+ # (change requires restart)
+white_memqcache_table_list = ''
+ # Comma separated list of table names to memcache
+ # that don't write to database
+ # Regexp are accepted
+black_memqcache_table_list = ''
+ # Comma separated list of table names not to memcache
+ # that don't write to database
+ # Regexp are accepted
diff --git a/kubernetes/common/postgres-legacy/charts/pgpool/configs/pool_hba.conf b/kubernetes/common/postgres-legacy/charts/pgpool/configs/pool_hba.conf
new file mode 100644
index 0000000000..d8918409e8
--- /dev/null
+++ b/kubernetes/common/postgres-legacy/charts/pgpool/configs/pool_hba.conf
@@ -0,0 +1,67 @@
+# pgpool Client Authentication Configuration File a custom version
+# ===============================================
+#
+# The format rule in this file follows the rules in the PostgreSQL
+# Administrator's Guide. Refer to chapter "Client Authentication" for a
+# complete description. A short synopsis follows.
+#
+# This file controls: which hosts are allowed to connect, how clients
+# are authenticated, which user names they can use, which databases they
+# can access. Records take one of these forms:
+#
+# local DATABASE USER METHOD [OPTION]
+# host DATABASE USER CIDR-ADDRESS METHOD [OPTION]
+#
+# (The uppercase items must be replaced by actual values.)
+#
+# The first field is the connection type: "local" is a Unix-domain
+# socket, "host" is either a plain or SSL-encrypted TCP/IP socket.
+#
+# DATABASE can be "all", "sameuser", a database name, or a comma-separated
+# list thereof. Note that "samegroup" like in PostgreSQL's pg_hba.conf
+# file is not supported, since pgpool does not know which group a user
+# belongs to. Also note that the database specified here may not exist in
+# the backend PostgreSQL. pgpool will authenticate based on the database's
+# name, not based on whether it exists or not.
+#
+# USER can be "all", a user name, or a comma-separated list thereof. In
+# both the DATABASE and USER fields you can also write a file name prefixed
+# with "@" to include names from a separate file. Note that a group name
+# prefixed with "+" like in PostgreSQL's pg_hba.conf file is not supported
+# because of the same reason as "samegroup" token. Also note that a user
+# name specified here may not exist in the backend PostgreSQL. pgpool will
+# authenticate based on the user's name, not based on whether he/she exists.
+#
+# CIDR-ADDRESS specifies the set of hosts the record matches.
+# It is made up of an IP address and a CIDR mask that is an integer
+# (between 0 and 32 (IPv4) that specifies the number of significant bits in
+# the mask. Alternatively, you can write an IP address and netmask in
+# separate columns to specify the set of hosts.
+#
+# METHOD can be "trust", "reject", "md5" or "pam". Note that "pam" sends passwords
+# in clear text.
+#
+# OPTION is the name of the PAM service. Default service name is "pgpool"
+#
+# Database and user names containing spaces, commas, quotes and other special
+# characters must be quoted. Quoting one of the keywords "all" or "sameuser"
+# makes the name lose its special character, and just match a database or
+# username with that name.
+#
+# This file is read on pgpool startup. If you edit the file on a running
+# system, you have to restart the pgpool for the changes to take effect.
+
+# Put your actual configuration here
+# ----------------------------------
+#
+# If you want to allow non-local connections, you need to add more
+# "host" records. In that case you will also need to make pgpool listen
+# on a non-local interface via the listen_addresses configuration parameter.
+#
+
+# TYPE DATABASE USER CIDR-ADDRESS METHOD
+
+# "local" is for Unix domain socket connections only
+#local all all trust
+# IPv4 local connections:
+host all all 0.0.0.0/0 md5
diff --git a/kubernetes/common/postgres/charts/pgpool/configs/pool_passwd b/kubernetes/common/postgres-legacy/charts/pgpool/configs/pool_passwd
index 3636d1de74..3636d1de74 100644
--- a/kubernetes/common/postgres/charts/pgpool/configs/pool_passwd
+++ b/kubernetes/common/postgres-legacy/charts/pgpool/configs/pool_passwd
diff --git a/kubernetes/common/postgres-legacy/charts/pgpool/requirements.yaml b/kubernetes/common/postgres-legacy/charts/pgpool/requirements.yaml
new file mode 100644
index 0000000000..5b097f3ab7
--- /dev/null
+++ b/kubernetes/common/postgres-legacy/charts/pgpool/requirements.yaml
@@ -0,0 +1,18 @@
+# Copyright © 2018 Amdocs, AT&T, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+dependencies:
+ - name: common
+ version: ~5.x-0
+ repository: '@local'
diff --git a/kubernetes/common/postgres-legacy/charts/pgpool/templates/configmap.yaml b/kubernetes/common/postgres-legacy/charts/pgpool/templates/configmap.yaml
new file mode 100755
index 0000000000..e2c77ff910
--- /dev/null
+++ b/kubernetes/common/postgres-legacy/charts/pgpool/templates/configmap.yaml
@@ -0,0 +1,26 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-pgpool-configmap
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "configs/*").AsConfig . | indent 2 }}
diff --git a/kubernetes/common/postgres-legacy/charts/pgpool/templates/deployment.yaml b/kubernetes/common/postgres-legacy/charts/pgpool/templates/deployment.yaml
new file mode 100644
index 0000000000..15fa18d81d
--- /dev/null
+++ b/kubernetes/common/postgres-legacy/charts/pgpool/templates/deployment.yaml
@@ -0,0 +1,68 @@
+{{/*
+# Copyright © 2018 Amdocs, AT&T, Bell Canada
+# #
+# # Licensed under the Apache License, Version 2.0 (the "License");
+# # you may not use this file except in compliance with the License.
+# # You may obtain a copy of the License at
+# #
+# # http://www.apache.org/licenses/LICENSE-2.0
+# #
+# # Unless required by applicable law or agreed to in writing, software
+# # distributed under the License is distributed on an "AS IS" BASIS,
+# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# # See the License for the specific language governing permissions and
+# # limitations under the License.
+*/}}
+kind: Deployment
+apiVersion: extensions/v1beta1
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ replicas: 2
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ spec:
+ containers:
+ - image: "{{.Values.repository}}/{{.Values.image}}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ name: {{ include "common.name" . }}
+ env:
+ - name: PG_PRIMARY_SERVICE_NAME
+ value: {{.Values.container.name.primary}}
+ - name: PG_REPLICA_SERVICE_NAME
+ value: {{.Values.container.name.replica}}
+ - name: PG_USERNAME
+ value: {{.Values.credentials.pgusername}}
+ - name: PG_PASSWORD
+ value: {{.Values.credentials.pgpassword}}
+ ports:
+ - containerPort: 5432
+ name: pgpool
+ protocol: TCP
+ readinessProbe:
+ tcpSocket:
+ port: 5432
+ initialDelaySeconds: 20
+ periodSeconds: 10
+ livenessProbe:
+ tcpSocket:
+ port: 5432
+ initialDelaySeconds: 15
+ periodSeconds: 20
+ volumeMounts:
+ - name: pgpool-pgconf
+ mountPath: /pgconf/pgpoolconfigdir
+ readOnly: false
+ volumes:
+ - name: pgpool-pgconf
+ configMap:
+ name: {{ include "common.fullname" . }}-pgpool-configmap
diff --git a/kubernetes/common/postgres-legacy/charts/pgpool/templates/service.yaml b/kubernetes/common/postgres-legacy/charts/pgpool/templates/service.yaml
new file mode 100644
index 0000000000..86442a2740
--- /dev/null
+++ b/kubernetes/common/postgres-legacy/charts/pgpool/templates/service.yaml
@@ -0,0 +1,26 @@
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ .Values.service.name }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+ annotations:
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ {{if eq .Values.service.type "NodePort" -}}
+ - port: {{ .Values.service.externalPort }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.name }}
+ {{- else -}}
+ - port: {{ .Values.service.externalPort }}
+ targetPort: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.name }}
+ {{- end}}
+ selector:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
diff --git a/kubernetes/common/postgres-legacy/charts/pgpool/values.yaml b/kubernetes/common/postgres-legacy/charts/pgpool/values.yaml
new file mode 100644
index 0000000000..cb732b7cd7
--- /dev/null
+++ b/kubernetes/common/postgres-legacy/charts/pgpool/values.yaml
@@ -0,0 +1,44 @@
+# Copyright © 2018 Amdocs, AT&T, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ nodePortPrefix: 302
+ persistence: {}
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:2.0.0
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application image
+repository: crunchydata
+image: crunchy-pgpool:centos7-10.4-2.0.0
+pullPolicy: Always
+
+container:
+ port: 5432
+ name:
+ primary: pgset-primary
+ replica: pgset-replica
+credentials:
+ pgusername: testuser
+ pgpassword: password
+service:
+ name: pgpool
+ type: ClusterIP
+ externalPort: 5432
+ internalPort: 5432
diff --git a/kubernetes/common/postgres-legacy/requirements.yaml b/kubernetes/common/postgres-legacy/requirements.yaml
new file mode 100644
index 0000000000..5b097f3ab7
--- /dev/null
+++ b/kubernetes/common/postgres-legacy/requirements.yaml
@@ -0,0 +1,18 @@
+# Copyright © 2018 Amdocs, AT&T, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+dependencies:
+ - name: common
+ version: ~5.x-0
+ repository: '@local'
diff --git a/kubernetes/common/postgres/templates/pv.yaml b/kubernetes/common/postgres-legacy/templates/pv.yaml
index bcd67d79cb..bcd67d79cb 100644
--- a/kubernetes/common/postgres/templates/pv.yaml
+++ b/kubernetes/common/postgres-legacy/templates/pv.yaml
diff --git a/kubernetes/common/postgres-legacy/templates/secrets.yaml b/kubernetes/common/postgres-legacy/templates/secrets.yaml
new file mode 100644
index 0000000000..29de3af260
--- /dev/null
+++ b/kubernetes/common/postgres-legacy/templates/secrets.yaml
@@ -0,0 +1,31 @@
+{{/*
+# Copyright © 2018 Amdocs, AT&T, Bell Canada
+# #
+# # Licensed under the Apache License, Version 2.0 (the "License");
+# # you may not use this file except in compliance with the License.
+# # You may obtain a copy of the License at
+# #
+# # http://www.apache.org/licenses/LICENSE-2.0
+# #
+# # Unless required by applicable law or agreed to in writing, software
+# # distributed under the License is distributed on an "AS IS" BASIS,
+# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# # See the License for the specific language governing permissions and
+# # limitations under the License.
+*/}}
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.fullname" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+type: Opaque
+data:
+ pg-primary-password: {{ .Values.config.pgPrimaryPassword | b64enc | quote }}
+ pg-user-password: {{ .Values.config.pgUserPassword | b64enc | quote }}
+ pg-root-password: {{ .Values.config.pgRootPassword | b64enc | quote }}
+
diff --git a/kubernetes/common/postgres/templates/service.yaml b/kubernetes/common/postgres-legacy/templates/service.yaml
index 2a4e369ef4..2a4e369ef4 100644
--- a/kubernetes/common/postgres/templates/service.yaml
+++ b/kubernetes/common/postgres-legacy/templates/service.yaml
diff --git a/kubernetes/common/postgres/templates/statefulset.yaml b/kubernetes/common/postgres-legacy/templates/statefulset.yaml
index 7c38d1d9d7..7c38d1d9d7 100644
--- a/kubernetes/common/postgres/templates/statefulset.yaml
+++ b/kubernetes/common/postgres-legacy/templates/statefulset.yaml
diff --git a/kubernetes/common/postgres-legacy/values.yaml b/kubernetes/common/postgres-legacy/values.yaml
new file mode 100644
index 0000000000..8dd5d0aaac
--- /dev/null
+++ b/kubernetes/common/postgres-legacy/values.yaml
@@ -0,0 +1,139 @@
+# Copyright © 2018 Amdocs, AT&T, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ nodePortPrefix: 302
+ persistence: {}
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:2.0.0
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+
+# BusyBox image
+busyboxRepository: registry.hub.docker.com
+busyboxImage: library/busybox:latest
+
+postgresRepository: crunchydata
+image: crunchy-postgres:centos7-10.4-2.0.0
+pullPolicy: Always
+
+# application configuration
+config:
+ pgUserName: testuser
+ pgDatabase: userdb
+ pgPrimaryPassword: password
+ pgUserPassword: password
+ pgRootPassword: password
+
+container:
+ name:
+ primary: pgset-primary
+ replica: pgset-replica
+
+pgpool:
+ container:
+ port: 5432
+ name:
+ primary: pgset-primary
+ replica: pgset-replica
+ credentials:
+ pgusername: testuser
+ pgpassword: password
+ service:
+ name: pgpool
+
+
+# default number of instances
+replicaCount: 2
+
+nodeSelector: {}
+
+affinity: {}
+
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 300
+ periodSeconds: 10
+ timeoutSeconds: 5
+ # necessary to disable liveness probe when setting breakpoints
+ # in debugger so K8s doesn't restart unresponsive container
+ enabled: true
+
+readiness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+
+## Persist data to a persitent volume
+persistence:
+ enabled: true
+
+ ## A manually managed Persistent Volume and Claim
+ ## Requires persistence.enabled: true
+ ## If defined, PVC must be created manually before volume will be bound
+ # existingClaim:
+ volumeReclaimPolicy: Retain
+
+ ## database data Persistent Volume Storage Class
+ ## If defined, storageClassName: <storageClass>
+ ## If set to "-", storageClassName: "", which disables dynamic provisioning
+ ## If undefined (the default) or set to null, no storageClassName spec is
+ ## set, choosing the default provisioner. (gp2 on AWS, standard on
+ ## GKE, AWS & OpenStack)
+ accessMode: ReadWriteOnce
+ size: 1Gi
+ mountPath: /dockerdata-nfs
+ mountSubPath: postgres/data
+ mountInitPath: postgres
+
+service:
+ type: ClusterIP
+ name: pgset
+ externalPort: 5432
+ internalPort: 5432
+ type2: ClusterIP
+ name2: pgset-primary
+ externalPort2: 5432
+ internalPort2: 5432
+ type3: ClusterIP
+ name3: pgset-replica
+ externalPort3: 5432
+ internalPort3: 5432
+
+ingress:
+ enabled: false
+
+resources: {}
+ # We usually recommend not to specify default resources and to leave this as a conscious
+ # choice for the user. This also increases chances charts run on environments with little
+ # resources, such as Minikube. If you do want to specify resources, uncomment the following
+ # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+ #
+ # Example:
+ # Configure resource requests and limits
+ # ref: http://kubernetes.io/docs/user-guide/compute-resources/
+ # Minimum memory for development is 2 CPU cores and 4GB memory
+ # Minimum memory for production is 4 CPU cores and 8GB memory
+#resources:
+# limits:
+# cpu: 2
+# memory: 4Gi
+# requests:
+# cpu: 2
+# memory: 4Gi
+
diff --git a/kubernetes/common/postgres/charts/pgpool/configs/pool_hba.conf b/kubernetes/common/postgres/charts/pgpool/configs/pool_hba.conf
index d8918409e8..580185c6f0 100644
--- a/kubernetes/common/postgres/charts/pgpool/configs/pool_hba.conf
+++ b/kubernetes/common/postgres/charts/pgpool/configs/pool_hba.conf
@@ -65,3 +65,4 @@
#local all all trust
# IPv4 local connections:
host all all 0.0.0.0/0 md5
+
diff --git a/kubernetes/common/postgres/charts/pgpool/templates/deployment.yaml b/kubernetes/common/postgres/charts/pgpool/templates/deployment.yaml
index 15fa18d81d..a4b0ca8657 100644
--- a/kubernetes/common/postgres/charts/pgpool/templates/deployment.yaml
+++ b/kubernetes/common/postgres/charts/pgpool/templates/deployment.yaml
@@ -31,6 +31,33 @@ spec:
app: {{ include "common.name" . }}
release: {{ .Release.Name }}
spec:
+ initContainers:
+ - name: {{ include "common.name" . }}-job
+ image: "{{.Values.repository}}/{{.Values.image}}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ volumeMounts:
+ - name: pgpool-pgconf
+ mountPath: /pgconf/pgpoolconfigdir
+ readOnly: false
+ - name: pgpool-pgconf-static
+ mountPath: /configdir/
+ readOnly: false
+ command:
+ - /bin/sh
+ args:
+ - -c
+ - |
+ cp /configdir/pgpool.conf /pgconf/pgpoolconfigdir/
+ cp /configdir/pool_hba.conf /pgconf/pgpoolconfigdir/
+ pg_md5 -f /pgconf/pgpoolconfigdir/pgpool.conf --md5auth --username=${PG_USER} ${PG_PASSWORD}
+ env:
+ - name: PG_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ template "common.fullname" . }}
+ key: db-user-password
+ - name: PG_USER
+ value: {{ index .Values.credentials.pgusername }}
containers:
- image: "{{.Values.repository}}/{{.Values.image}}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
@@ -43,7 +70,10 @@ spec:
- name: PG_USERNAME
value: {{.Values.credentials.pgusername}}
- name: PG_PASSWORD
- value: {{.Values.credentials.pgpassword}}
+ valueFrom:
+ secretKeyRef:
+ name: {{ template "common.fullname" . }}
+ key: db-user-password
ports:
- containerPort: 5432
name: pgpool
@@ -64,5 +94,7 @@ spec:
readOnly: false
volumes:
- name: pgpool-pgconf
+ emptyDir: {}
+ - name: pgpool-pgconf-static
configMap:
name: {{ include "common.fullname" . }}-pgpool-configmap
diff --git a/kubernetes/common/postgres/charts/pgpool/templates/secrets.yaml b/kubernetes/common/postgres/charts/pgpool/templates/secrets.yaml
new file mode 100644
index 0000000000..b449faca92
--- /dev/null
+++ b/kubernetes/common/postgres/charts/pgpool/templates/secrets.yaml
@@ -0,0 +1,28 @@
+# Copyright © 2018 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
+type: Opaque
+data:
+ db-user-password: {{ default "" .Values.credentials.pgpassword | b64enc | quote }}
+
diff --git a/kubernetes/common/postgres/charts/pgpool/templates/service.yaml b/kubernetes/common/postgres/charts/pgpool/templates/service.yaml
index 86442a2740..4306b264b2 100644
--- a/kubernetes/common/postgres/charts/pgpool/templates/service.yaml
+++ b/kubernetes/common/postgres/charts/pgpool/templates/service.yaml
@@ -15,11 +15,11 @@ spec:
{{if eq .Values.service.type "NodePort" -}}
- port: {{ .Values.service.externalPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.name }}
+ name: {{ .Values.service.portName }}
{{- else -}}
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.name }}
+ name: {{ .Values.service.portName }}
{{- end}}
selector:
app: {{ include "common.name" . }}
diff --git a/kubernetes/common/postgres/charts/pgpool/values.yaml b/kubernetes/common/postgres/charts/pgpool/values.yaml
index cb732b7cd7..8ceff8f964 100644
--- a/kubernetes/common/postgres/charts/pgpool/values.yaml
+++ b/kubernetes/common/postgres/charts/pgpool/values.yaml
@@ -38,7 +38,8 @@ credentials:
pgusername: testuser
pgpassword: password
service:
- name: pgpool
+ name: pgpool
+ portName: tcp-postgres
type: ClusterIP
externalPort: 5432
internalPort: 5432
diff --git a/kubernetes/common/postgres/configs/pg_hba.conf b/kubernetes/common/postgres/configs/pg_hba.conf
new file mode 100644
index 0000000000..580185c6f0
--- /dev/null
+++ b/kubernetes/common/postgres/configs/pg_hba.conf
@@ -0,0 +1,68 @@
+# pgpool Client Authentication Configuration File a custom version
+# ===============================================
+#
+# The format rule in this file follows the rules in the PostgreSQL
+# Administrator's Guide. Refer to chapter "Client Authentication" for a
+# complete description. A short synopsis follows.
+#
+# This file controls: which hosts are allowed to connect, how clients
+# are authenticated, which user names they can use, which databases they
+# can access. Records take one of these forms:
+#
+# local DATABASE USER METHOD [OPTION]
+# host DATABASE USER CIDR-ADDRESS METHOD [OPTION]
+#
+# (The uppercase items must be replaced by actual values.)
+#
+# The first field is the connection type: "local" is a Unix-domain
+# socket, "host" is either a plain or SSL-encrypted TCP/IP socket.
+#
+# DATABASE can be "all", "sameuser", a database name, or a comma-separated
+# list thereof. Note that "samegroup" like in PostgreSQL's pg_hba.conf
+# file is not supported, since pgpool does not know which group a user
+# belongs to. Also note that the database specified here may not exist in
+# the backend PostgreSQL. pgpool will authenticate based on the database's
+# name, not based on whether it exists or not.
+#
+# USER can be "all", a user name, or a comma-separated list thereof. In
+# both the DATABASE and USER fields you can also write a file name prefixed
+# with "@" to include names from a separate file. Note that a group name
+# prefixed with "+" like in PostgreSQL's pg_hba.conf file is not supported
+# because of the same reason as "samegroup" token. Also note that a user
+# name specified here may not exist in the backend PostgreSQL. pgpool will
+# authenticate based on the user's name, not based on whether he/she exists.
+#
+# CIDR-ADDRESS specifies the set of hosts the record matches.
+# It is made up of an IP address and a CIDR mask that is an integer
+# (between 0 and 32 (IPv4) that specifies the number of significant bits in
+# the mask. Alternatively, you can write an IP address and netmask in
+# separate columns to specify the set of hosts.
+#
+# METHOD can be "trust", "reject", "md5" or "pam". Note that "pam" sends passwords
+# in clear text.
+#
+# OPTION is the name of the PAM service. Default service name is "pgpool"
+#
+# Database and user names containing spaces, commas, quotes and other special
+# characters must be quoted. Quoting one of the keywords "all" or "sameuser"
+# makes the name lose its special character, and just match a database or
+# username with that name.
+#
+# This file is read on pgpool startup. If you edit the file on a running
+# system, you have to restart the pgpool for the changes to take effect.
+
+# Put your actual configuration here
+# ----------------------------------
+#
+# If you want to allow non-local connections, you need to add more
+# "host" records. In that case you will also need to make pgpool listen
+# on a non-local interface via the listen_addresses configuration parameter.
+#
+
+# TYPE DATABASE USER CIDR-ADDRESS METHOD
+
+# "local" is for Unix domain socket connections only
+#local all all trust
+# IPv4 local connections:
+host all all 0.0.0.0/0 md5
+
diff --git a/kubernetes/common/postgres/templates/configmap.yaml b/kubernetes/common/postgres/templates/configmap.yaml
new file mode 100644
index 0000000000..7abd39b9b9
--- /dev/null
+++ b/kubernetes/common/postgres/templates/configmap.yaml
@@ -0,0 +1,27 @@
+# Copyright © 2019 Amdocs, Bell Canada, Orange
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "configs/*").AsConfig . | indent 2 }}
+
diff --git a/kubernetes/common/postgres/templates/deployment-primary.yaml b/kubernetes/common/postgres/templates/deployment-primary.yaml
new file mode 100644
index 0000000000..9cb3007400
--- /dev/null
+++ b/kubernetes/common/postgres/templates/deployment-primary.yaml
@@ -0,0 +1,138 @@
+{{/*
+# Copyright © 2018 Amdocs, AT&T, Bell Canada
+# #
+# # Licensed under the Apache License, Version 2.0 (the "License");
+# # you may not use this file except in compliance with the License.
+# # You may obtain a copy of the License at
+# #
+# # http://www.apache.org/licenses/LICENSE-2.0
+# #
+# # Unless required by applicable law or agreed to in writing, software
+# # distributed under the License is distributed on an "AS IS" BASIS,
+# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# # See the License for the specific language governing permissions and
+# # limitations under the License.
+*/}}
+apiVersion: apps/v1beta1
+kind: Deployment
+metadata:
+ name: {{ include "common.fullname" . }}-primary
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}-primary
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+ name: "{{ .Values.container.name.primary }}"
+spec:
+ serviceName: {{ .Values.service.name }}
+ replicas: 1
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}-primary
+ release: {{ .Release.Name }}
+ name: "{{ .Values.container.name.primary }}"
+ spec:
+ initContainers:
+ - name: init-sysctl
+ command:
+ - /bin/sh
+ - -c
+ - |
+ chown 26:26 /podroot/;
+ chmod 700 /podroot/;
+ image: {{ .Values.global.busyboxRepository | default .Values.busyboxRepository }}/{{ .Values.busyboxImage }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ volumeMounts:
+ - name: {{ include "common.fullname" . }}-data
+ mountPath: /podroot/
+ containers:
+ - name: {{ include "common.name" . }}
+ image: "{{ .Values.postgresRepository }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ ports:
+ - containerPort: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.portName }}
+ # disable liveness probe when breakpoints set in debugger
+ # so K8s doesn't restart unresponsive container
+ {{- if eq .Values.liveness.enabled true }}
+ livenessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
+ {{- end }}
+ readinessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.readiness.periodSeconds }}
+ env:
+ - name: PGHOST
+ value: /tmp
+ - name: PG_PRIMARY_USER
+ value: primaryuser
+ - name: PG_MODE
+ value: primary
+ - name: PG_PRIMARY_HOST
+ value: "{{ .Values.container.name.primary }}"
+ - name: PG_REPLICA_HOST
+ value: "{{ .Values.container.name.replica }}"
+ - name: PG_PRIMARY_PORT
+ value: "{{ .Values.service.internalPort }}"
+ - name: PG_PRIMARY_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ template "common.fullname" . }}
+ key: pg-primary-password
+ - name: PG_USER
+ value: "{{ .Values.config.pgUserName }}"
+ - name: PG_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ template "common.fullname" . }}
+ key: pg-user-password
+ - name: PG_DATABASE
+ value: "{{ .Values.config.pgDatabase }}"
+ - name: PG_ROOT_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ template "common.fullname" . }}
+ key: pg-root-password
+ volumeMounts:
+ - name: pool-hba-conf
+ mountPath: /pgconf/pool_hba.conf
+ subPath: pool_hba.conf
+ - mountPath: /pgdata
+ name: {{ include "common.fullname" . }}-data
+ - mountPath: /backup
+ name: {{ include "common.fullname" . }}-backup
+ readOnly: true
+ resources:
+{{ include "common.resources" . | indent 12 }}
+ {{- if .Values.nodeSelector }}
+ nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 10 }}
+ {{- end -}}
+ {{- if .Values.affinity }}
+ affinity:
+{{ toYaml .Values.affinity | indent 10 }}
+ {{- end }}
+ volumes:
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+ - name: {{ include "common.fullname" . }}-backup
+ emptyDir: {}
+ - name: {{ include "common.fullname" . }}-data
+{{- if .Values.persistence.enabled }}
+ persistentVolumeClaim:
+ claimName: {{ include "common.fullname" . }}-primary
+{{- else }}
+ emptyDir: {}
+{{ end }}
+ - name: pool-hba-conf
+ configMap:
+ name: {{ include "common.fullname" . }}
diff --git a/kubernetes/common/postgres/templates/deployment-replica.yaml b/kubernetes/common/postgres/templates/deployment-replica.yaml
new file mode 100644
index 0000000000..8f09a2f48f
--- /dev/null
+++ b/kubernetes/common/postgres/templates/deployment-replica.yaml
@@ -0,0 +1,138 @@
+{{/*
+# Copyright © 2018 Amdocs, AT&T, Bell Canada
+# #
+# # Licensed under the Apache License, Version 2.0 (the "License");
+# # you may not use this file except in compliance with the License.
+# # You may obtain a copy of the License at
+# #
+# # http://www.apache.org/licenses/LICENSE-2.0
+# #
+# # Unless required by applicable law or agreed to in writing, software
+# # distributed under the License is distributed on an "AS IS" BASIS,
+# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# # See the License for the specific language governing permissions and
+# # limitations under the License.
+*/}}
+apiVersion: apps/v1beta1
+kind: Deployment
+metadata:
+ name: {{ include "common.fullname" . }}-replica
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}-replica
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+ name: "{{ .Values.container.name.replica }}"
+spec:
+ serviceName: {{ .Values.service.name }}
+ replicas: 1
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}-replica
+ release: {{ .Release.Name }}
+ name: "{{ .Values.container.name.replica }}"
+ spec:
+ initContainers:
+ - name: init-sysctl
+ command:
+ - /bin/sh
+ - -c
+ - |
+ chown 26:26 /podroot/;
+ chmod 700 /podroot/;
+ image: {{ .Values.global.busyboxRepository | default .Values.busyboxRepository }}/{{ .Values.busyboxImage }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ volumeMounts:
+ - name: {{ include "common.fullname" . }}-data
+ mountPath: /podroot/
+ containers:
+ - name: {{ include "common.name" . }}
+ image: "{{ .Values.postgresRepository }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ ports:
+ - containerPort: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.portName }}
+ # disable liveness probe when breakpoints set in debugger
+ # so K8s doesn't restart unresponsive container
+ {{- if eq .Values.liveness.enabled true }}
+ livenessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
+ {{end -}}
+ readinessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.readiness.periodSeconds }}
+ env:
+ - name: PGHOST
+ value: /tmp
+ - name: PG_PRIMARY_USER
+ value: primaryuser
+ - name: PG_MODE
+ value: replica
+ - name: PG_PRIMARY_HOST
+ value: "{{.Values.container.name.primary}}"
+ - name: PG_REPLICA_HOST
+ value: "{{.Values.container.name.replica}}"
+ - name: PG_PRIMARY_PORT
+ value: "{{.Values.service.internalPort}}"
+ - name: PG_PRIMARY_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ template "common.fullname" . }}
+ key: pg-primary-password
+ - name: PG_USER
+ value: "{{.Values.config.pgUserName}}"
+ - name: PG_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ template "common.fullname" . }}
+ key: pg-user-password
+ - name: PG_DATABASE
+ value: "{{.Values.config.pgDatabase}}"
+ - name: PG_ROOT_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ template "common.fullname" . }}
+ key: pg-root-password
+ volumeMounts:
+ - name: pool-hba-conf
+ mountPath: /pgconf/pool_hba.conf
+ subPath: pool_hba.conf
+ - mountPath: /pgdata
+ name: {{ include "common.fullname" . }}-data
+ - mountPath: /backup
+ name: {{ include "common.fullname" . }}-backup
+ readOnly: true
+ resources:
+{{ include "common.resources" . | indent 12 }}
+ {{- if .Values.nodeSelector }}
+ nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 10 }}
+ {{- end -}}
+ {{- if .Values.affinity }}
+ affinity:
+{{ toYaml .Values.affinity | indent 10 }}
+ {{- end }}
+ volumes:
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+ - name: {{ include "common.fullname" . }}-backup
+ emptyDir: {}
+ - name: {{ include "common.fullname" . }}-data
+{{- if .Values.persistence.enabled }}
+ persistentVolumeClaim:
+ claimName: {{ include "common.fullname" . }}-replica
+{{- else }}
+ emptyDir: {}
+{{ end }}
+ - name: pool-hba-conf
+ configMap:
+ name: {{ include "common.fullname" . }}
diff --git a/kubernetes/common/postgres/templates/pv-primary.yaml b/kubernetes/common/postgres/templates/pv-primary.yaml
new file mode 100644
index 0000000000..1764868ffc
--- /dev/null
+++ b/kubernetes/common/postgres/templates/pv-primary.yaml
@@ -0,0 +1,39 @@
+{{/*
+# Copyright © 2018 Amdocs, AT&T, Bell Canada
+# #
+# # Licensed under the Apache License, Version 2.0 (the "License");
+# # you may not use this file except in compliance with the License.
+# # You may obtain a copy of the License at
+# #
+# # http://www.apache.org/licenses/LICENSE-2.0
+# #
+# # Unless required by applicable law or agreed to in writing, software
+# # distributed under the License is distributed on an "AS IS" BASIS,
+# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# # See the License for the specific language governing permissions and
+# # limitations under the License.
+*/}}
+{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
+{{- if include "common.needPV" . -}}
+kind: PersistentVolume
+apiVersion: v1
+metadata:
+ name: {{ include "common.fullname" . }}-primary
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.fullname" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
+ name: {{ include "common.fullname" . }}
+spec:
+ capacity:
+ storage: {{ .Values.persistence.size}}
+ accessModes:
+ - {{ .Values.persistence.accessMode }}
+ storageClassName: "{{ include "common.fullname" . }}-primary"
+ persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
+ hostPath:
+ path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}/primary
+{{- end -}}
+{{- end -}}
diff --git a/kubernetes/common/postgres/templates/pv-replica.yaml b/kubernetes/common/postgres/templates/pv-replica.yaml
new file mode 100644
index 0000000000..b67cac0c26
--- /dev/null
+++ b/kubernetes/common/postgres/templates/pv-replica.yaml
@@ -0,0 +1,39 @@
+{{/*
+# Copyright © 2018 Amdocs, AT&T, Bell Canada
+# #
+# # Licensed under the Apache License, Version 2.0 (the "License");
+# # you may not use this file except in compliance with the License.
+# # You may obtain a copy of the License at
+# #
+# # http://www.apache.org/licenses/LICENSE-2.0
+# #
+# # Unless required by applicable law or agreed to in writing, software
+# # distributed under the License is distributed on an "AS IS" BASIS,
+# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# # See the License for the specific language governing permissions and
+# # limitations under the License.
+*/}}
+{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
+{{- if include "common.needPV" . -}}
+kind: PersistentVolume
+apiVersion: v1
+metadata:
+ name: {{ include "common.fullname" . }}-replica
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.fullname" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
+ name: {{ include "common.fullname" . }}
+spec:
+ capacity:
+ storage: {{ .Values.persistence.size}}
+ accessModes:
+ - {{ .Values.persistence.accessMode }}
+ storageClassName: "{{ include "common.fullname" . }}-replica"
+ persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
+ hostPath:
+ path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}/replica
+{{- end -}}
+{{- end -}}
diff --git a/kubernetes/common/postgres/templates/pvc-primary.yaml b/kubernetes/common/postgres/templates/pvc-primary.yaml
new file mode 100644
index 0000000000..e529da1bd5
--- /dev/null
+++ b/kubernetes/common/postgres/templates/pvc-primary.yaml
@@ -0,0 +1,45 @@
+{{/*
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+ name: {{ include "common.fullname" . }}-primary
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.fullname" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
+ name: {{ include "common.fullname" . }}
+{{- if .Values.persistence.annotations }}
+ annotations:
+{{ toYaml .Values.persistence.annotations | indent 4 }}
+{{- end }}
+spec:
+ accessModes:
+ - {{ .Values.persistence.accessMode }}
+ resources:
+ requests:
+ storage: {{ .Values.persistence.size }}
+{{- if include "common.needPV" . }}
+ storageClassName: "{{ include "common.fullname" . }}-primary"
+{{- else }}
+ storageClassName: {{ include "common.storageClass" . }}
+{{- end }}
+ storageClassName: "{{ include "common.fullname" . }}-primary"
+{{- end -}}
diff --git a/kubernetes/common/postgres/templates/pvc-replica.yaml b/kubernetes/common/postgres/templates/pvc-replica.yaml
new file mode 100644
index 0000000000..41199b6861
--- /dev/null
+++ b/kubernetes/common/postgres/templates/pvc-replica.yaml
@@ -0,0 +1,44 @@
+{{/*
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+ name: {{ include "common.fullname" . }}-replica
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.fullname" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
+ name: {{ include "common.fullname" . }}
+{{- if .Values.persistence.annotations }}
+ annotations:
+{{ toYaml .Values.persistence.annotations | indent 4 }}
+{{- end }}
+spec:
+ accessModes:
+ - {{ .Values.persistence.accessMode }}
+ resources:
+ requests:
+ storage: {{ .Values.persistence.size }}
+{{- if include "common.needPV" . }}
+ storageClassName: "{{ include "common.fullname" . }}-replica"
+{{- else }}
+ storageClassName: {{ include "common.storageClass" . }}
+{{- end }}
+{{- end -}}
diff --git a/kubernetes/common/postgres/templates/service-common.yaml b/kubernetes/common/postgres/templates/service-common.yaml
new file mode 100644
index 0000000000..da0505cfa6
--- /dev/null
+++ b/kubernetes/common/postgres/templates/service-common.yaml
@@ -0,0 +1,41 @@
+{{/*
+# Copyright © 2018 Amdocs, AT&T, Bell Canada
+# #
+# # Licensed under the Apache License, Version 2.0 (the "License");
+# # you may not use this file except in compliance with the License.
+# # You may obtain a copy of the License at
+# #
+# # http://www.apache.org/licenses/LICENSE-2.0
+# #
+# # Unless required by applicable law or agreed to in writing, software
+# # distributed under the License is distributed on an "AS IS" BASIS,
+# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# # See the License for the specific language governing permissions and
+# # limitations under the License.
+*/}}
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ .Values.service.name }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+ annotations:
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ {{if eq .Values.service.type "NodePort" -}}
+ - port: {{ .Values.service.externalPort }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.portName }}
+ {{- else -}}
+ - port: {{ .Values.service.externalPort }}
+ targetPort: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.portName }}
+ {{- end}}
+ selector:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
diff --git a/kubernetes/common/postgres/templates/service-primary.yaml b/kubernetes/common/postgres/templates/service-primary.yaml
new file mode 100644
index 0000000000..501c01ecfe
--- /dev/null
+++ b/kubernetes/common/postgres/templates/service-primary.yaml
@@ -0,0 +1,41 @@
+{{/*
+# Copyright © 2018 Amdocs, AT&T, Bell Canada
+# #
+# # Licensed under the Apache License, Version 2.0 (the "License");
+# # you may not use this file except in compliance with the License.
+# # You may obtain a copy of the License at
+# #
+# # http://www.apache.org/licenses/LICENSE-2.0
+# #
+# # Unless required by applicable law or agreed to in writing, software
+# # distributed under the License is distributed on an "AS IS" BASIS,
+# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# # See the License for the specific language governing permissions and
+# # limitations under the License.
+*/}}
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ .Values.service.name2 }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}-primary
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+ annotations:
+spec:
+ type: {{ .Values.service.type2 }}
+ ports:
+ {{if eq .Values.service.type "NodePort" -}}
+ - port: {{ .Values.service.externalPort2 }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }}
+ name: {{ .Values.service.portName2 }}
+ {{- else -}}
+ - port: {{ .Values.service.externalPort2 }}
+ targetPort: {{ .Values.service.internalPort2 }}
+ name: {{ .Values.service.portName2 }}
+ {{- end}}
+ selector:
+ name: "{{.Values.container.name.primary}}"
+ release: {{ .Release.Name }}
diff --git a/kubernetes/common/postgres/templates/service-replica.yaml b/kubernetes/common/postgres/templates/service-replica.yaml
new file mode 100644
index 0000000000..34f76d125e
--- /dev/null
+++ b/kubernetes/common/postgres/templates/service-replica.yaml
@@ -0,0 +1,41 @@
+{{/*
+# Copyright © 2018 Amdocs, AT&T, Bell Canada
+# #
+# # Licensed under the Apache License, Version 2.0 (the "License");
+# # you may not use this file except in compliance with the License.
+# # You may obtain a copy of the License at
+# #
+# # http://www.apache.org/licenses/LICENSE-2.0
+# #
+# # Unless required by applicable law or agreed to in writing, software
+# # distributed under the License is distributed on an "AS IS" BASIS,
+# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# # See the License for the specific language governing permissions and
+# # limitations under the License.
+*/}}
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ .Values.service.name3 }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}-replica
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+ annotations:
+spec:
+ type: {{ .Values.service.type3 }}
+ ports:
+ {{if eq .Values.service.type "NodePort" -}}
+ - port: {{ .Values.service.externalPort3 }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort3 }}
+ name: {{ .Values.service.portName3 }}
+ {{- else -}}
+ - port: {{ .Values.service.externalPort3 }}
+ targetPort: {{ .Values.service.internalPort3 }}
+ name: {{ .Values.service.portName3 }}
+ {{- end}}
+ selector:
+ name: "{{.Values.container.name.replica}}"
+ release: {{ .Release.Name }}
diff --git a/kubernetes/common/postgres/values.yaml b/kubernetes/common/postgres/values.yaml
index 8dd5d0aaac..3104ee79d2 100644
--- a/kubernetes/common/postgres/values.yaml
+++ b/kubernetes/common/postgres/values.yaml
@@ -104,14 +104,17 @@ persistence:
service:
type: ClusterIP
name: pgset
+ portName: tcp-postgres
externalPort: 5432
internalPort: 5432
type2: ClusterIP
- name2: pgset-primary
+ name2: tcp-pgset-primary
+ portName2: tcp-postgres
externalPort2: 5432
internalPort2: 5432
type3: ClusterIP
- name3: pgset-replica
+ name3: tcp-pgset-replica
+ portName3: tcp-postgres
externalPort3: 5432
internalPort3: 5432
@@ -136,4 +139,3 @@ resources: {}
# requests:
# cpu: 2
# memory: 4Gi
-
diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/requirements.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/requirements.yaml
index 4b650c06dd..6b90aa3144 100644
--- a/kubernetes/dcaegen2/components/dcae-bootstrap/requirements.yaml
+++ b/kubernetes/dcaegen2/components/dcae-bootstrap/requirements.yaml
@@ -20,6 +20,7 @@ dependencies:
- name: common
version: ~5.x-0
repository: '@local'
- - name: postgres
+ - name: postgres-legacy
version: ~5.x-0
repository: '@local'
+ alias: postgres
diff --git a/kubernetes/dcaegen2/components/dcae-inventory-api/requirements.yaml b/kubernetes/dcaegen2/components/dcae-inventory-api/requirements.yaml
index 9136278557..3e79830cc1 100644
--- a/kubernetes/dcaegen2/components/dcae-inventory-api/requirements.yaml
+++ b/kubernetes/dcaegen2/components/dcae-inventory-api/requirements.yaml
@@ -17,6 +17,7 @@ dependencies:
- name: common
version: ~5.x-0
repository: '@local'
- - name: postgres
+ - name: postgres-legacy
version: ~5.x-0
repository: '@local'
+ alias: postgres
diff --git a/kubernetes/robot b/kubernetes/robot
-Subproject ff678657c0fa534840d063131432e1994829f66
+Subproject 4bd799e5dbcbf2131a685bf73319e962ace86f5
diff --git a/kubernetes/sdnc/resources/config/bin/startODL.sh b/kubernetes/sdnc/resources/config/bin/startODL.sh
index 5586ebbca6..5f5f811fd0 100755
--- a/kubernetes/sdnc/resources/config/bin/startODL.sh
+++ b/kubernetes/sdnc/resources/config/bin/startODL.sh
@@ -120,6 +120,7 @@ SDNC_BIN=${SDNC_BIN:-/opt/onap/sdnc/bin}
CCSDK_HOME=${CCSDK_HOME:-/opt/onap/ccsdk}
ENABLE_ODL_CLUSTER=${ENABLE_ODL_CLUSTER:-false}
GEO_ENABLED=${GEO_ENABLED:-false}
+SDNC_AAF_ENABLED=${SDNC_AAF_ENABLED:-false}
SDNRWT=${SDNRWT:-false}
SDNRWT_BOOTFEATURES=${SDNRWT_BOOTFEATURES:-sdnr-wt-feature-aggregator}
export ODL_ADMIN_PASSWORD ODL_ADMIN_USERNAME
@@ -128,8 +129,24 @@ echo "Settings:"
echo " ENABLE_ODL_CLUSTER=$ENABLE_ODL_CLUSTER"
echo " SDNC_REPLICAS=$SDNC_REPLICAS"
echo " SDNRWT=$SDNRWT"
-
-
+echo " AAF_ENABLED=$SDNC_AAF_ENABLED"
+
+
+if $SDNC_AAF_ENABLED; then
+ export SDNC_STORE_DIR=/opt/app/osaaf/local
+ export SDNC_CONFIG_DIR=/opt/app/osaaf/local
+ export SDNC_KEYPASS=`cat /opt/app/osaaf/local/.pass`
+ export SDNC_KEYSTORE=org.onap.sdnc.p12
+ sed -i '/cadi_prop_files/d' $ODL_HOME/etc/system.properties
+ echo "cadi_prop_files=$SDNC_CONFIG_DIR/org.onap.sdnc.props" >> $ODL_HOME/etc/system.properties
+
+ sed -i '/org.ops4j.pax.web.ssl.keystore/d' $ODL_HOME/etc/custom.properties
+ sed -i '/org.ops4j.pax.web.ssl.password/d' $ODL_HOME/etc/custom.properties
+ sed -i '/org.ops4j.pax.web.ssl.keypassword/d' $ODL_HOME/etc/custom.properties
+ echo org.ops4j.pax.web.ssl.keystore=$SDNC_STORE_DIR/$SDNC_KEYSTORE >> $ODL_HOME/etc/custom.properties
+ echo org.ops4j.pax.web.ssl.password=$SDNC_KEYPASS >> $ODL_HOME/etc/custom.properties
+ echo org.ops4j.pax.web.ssl.keypassword=$SDNC_KEYPASS >> $ODL_HOME/etc/custom.properties
+fi
if [ ! -f ${SDNC_HOME}/.installed ]
then
diff --git a/kubernetes/sdnc/resources/env.yaml b/kubernetes/sdnc/resources/env.yaml
index 2ad42f79a6..6e38ae99d6 100644
--- a/kubernetes/sdnc/resources/env.yaml
+++ b/kubernetes/sdnc/resources/env.yaml
@@ -12,6 +12,7 @@
# See the License for the specific language governing permissions and
# limitations under the License.
+SDNC_AAF_ENABLED: "{{ .Values.global.aafEnabled }}"
SDNC_GEO_ENABLED: "{{ .Values.config.geoEnabled }}"
SDNC_IS_PRIMARY_CLUSTER: "{{ .Values.config.isPrimaryCluster }}"
SDNC_ODL_COUNT: "{{ .Values.replicaCount }}"
diff --git a/kubernetes/sdnc/templates/secret-aaf.yaml b/kubernetes/sdnc/templates/secret-aaf.yaml
new file mode 100644
index 0000000000..cd2e539b28
--- /dev/null
+++ b/kubernetes/sdnc/templates/secret-aaf.yaml
@@ -0,0 +1,15 @@
+{{ if .Values.global.aafEnabled }}
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "common.fullname" . }}-aaf
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.fullname" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+type: Opaque
+data:
+ aaf-password: {{ .Values.aaf_init.deploy_pass | b64enc | quote }}
+{{ end }}
diff --git a/kubernetes/sdnc/templates/service.yaml b/kubernetes/sdnc/templates/service.yaml
index db6d73a3c5..d2136ccb0b 100644
--- a/kubernetes/sdnc/templates/service.yaml
+++ b/kubernetes/sdnc/templates/service.yaml
@@ -40,6 +40,9 @@ spec:
{{if eq .Values.service.type "NodePort" -}}
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
+ {{ if not .Values.global.aafEnabled }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort4 }}
+ {{ end }}
name: "{{ .Values.service.portName }}-8282"
- port: {{ .Values.service.externalPort2 }}
targetPort: {{ .Values.service.internalPort2 }}
@@ -50,7 +53,9 @@ spec:
name: "{{ .Values.service.portName }}-8280"
- port: {{ .Values.service.externalPort4 }}
targetPort: {{ .Values.service.internalPort4 }}
+ {{ if .Values.global.aafEnabled }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort4 }}
+ {{ end }}
name: "{{ .Values.service.portName }}-8443"
{{- else -}}
- port: {{ .Values.service.externalPort }}
diff --git a/kubernetes/sdnc/templates/statefulset.yaml b/kubernetes/sdnc/templates/statefulset.yaml
index 4ab8d1ccfe..536eaaf552 100644
--- a/kubernetes/sdnc/templates/statefulset.yaml
+++ b/kubernetes/sdnc/templates/statefulset.yaml
@@ -47,6 +47,59 @@ spec:
image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
name: {{ include "common.name" . }}-readiness
+ {{ if .Values.global.aafEnabled }}
+ - name: {{ include "common.name" . }}-aaf-readiness
+ image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command:
+ - /root/ready.py
+ args:
+ - --container-name
+ - aaf-locate
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ - name: {{ include "common.name" . }}-aaf
+ image: {{ .Values.global.repository }}/{{ .Values.aaf_init.agentImage }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ volumeMounts:
+ - mountPath: {{ .Values.certpersistence.certPath }}
+ name: {{ include "common.fullname" . }}-certs
+ command:
+ - bash
+ - -c
+ - |
+ /opt/app/aaf_config/bin/agent.sh &&
+ cd /opt/app/osaaf/local &&
+ /opt/app/aaf_config/bin/agent.sh local showpass | grep cadi_keystore_password= | cut -d= -f 2 > /opt/app/osaaf/local/.pass 2>&1
+ env:
+ - name: APP_FQI
+ value: "{{ .Values.aaf_init.fqi }}"
+ - name: aaf_locate_url
+ value: "https://aaf-locate.{{ .Release.Namespace}}:8095"
+ - name: aaf_locator_container
+ value: "oom"
+ - name: aaf_locator_container_ns
+ value: "{{ .Release.Namespace }}"
+ - name: aaf_locator_fqdn
+ value: "{{ .Values.aaf_init.fqdn }}"
+ - name: aaf_locator_app_ns
+ value: "{{ .Values.aaf_init.app_ns }}"
+ - name: DEPLOY_FQI
+ value: "{{ .Values.aaf_init.deploy_fqi }}"
+ - name: DEPLOY_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ template "common.fullname" .}}-aaf
+ key: aaf-password
+ - name: cadi_longitude
+ value: "{{ .Values.aaf_init.cadi_longitude }}"
+ - name: cadi_latitude
+ value: "{{ .Values.aaf_init.cadi_latitude }}"
+ {{ end }}
- name: {{ include "common.name" . }}-chown
image: "busybox"
command: ["sh", "-c", "chown -R {{ .Values.config.odlUid }}:{{ .Values.config.odlGid}} {{ .Values.persistence.mdsalPath }} ; chown -R {{ .Values.config.odlUid }}:{{ .Values.config.odlGid}} {{ .Values.certpersistence.certPath }}"]
@@ -99,6 +152,8 @@ spec:
value: "{{ .Values.config.isPrimaryCluster }}"
- name: GEO_ENABLED
value: "{{ .Values.config.geoEnabled}}"
+ - name: SDNC_AAF_ENABLED
+ value: "{{ .Values.global.aafEnabled}}"
- name: SDNC_REPLICAS
value: "{{ .Values.replicaCount }}"
- name: MYSQL_HOST
diff --git a/kubernetes/sdnc/values.yaml b/kubernetes/sdnc/values.yaml
index 555409f747..4447a7dfaa 100644
--- a/kubernetes/sdnc/values.yaml
+++ b/kubernetes/sdnc/values.yaml
@@ -25,6 +25,7 @@ global:
loggingImage: beats/filebeat:5.5.0
persistence:
mountPath: /dockerdata-nfs
+ aafEnabled: true
#################################################################
# Application configuration defaults.
@@ -102,6 +103,17 @@ config:
internalPort: 3306
# dependency / sub-chart configuration
+aaf_init:
+ agentImage: onap/aaf/aaf_agent:2.1.15
+ app_ns: "org.osaaf.aaf"
+ fqi: "sdnc@sdnc.onap.org"
+ fqdn: "sdnc"
+ public_fqdn: "sdnc.onap.org"
+ deploy_fqi: "deployer@people.osaaf.org"
+ deploy_pass: "demo123456!"
+ cadi_latitude: "38.0"
+ cadi_longitude: "-72.0"
+
cds:
enabled: false
@@ -250,7 +262,7 @@ certpersistence:
size: 50Mi
mountPath: /dockerdata-nfs
mountSubPath: sdnc/certs
- certPath: /opt/opendaylight/current/certs
+ certPath: /opt/app/osaaf
##storageClass: "manual"
ingress:
diff --git a/kubernetes/so/charts/so-vnfm-adapter/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-vnfm-adapter/resources/config/overrides/override.yaml
index 760fa16e75..5213700df0 100755
--- a/kubernetes/so/charts/so-vnfm-adapter/resources/config/overrides/override.yaml
+++ b/kubernetes/so/charts/so-vnfm-adapter/resources/config/overrides/override.yaml
@@ -49,3 +49,11 @@ sdc:
endpoint: https://sdc-be.{{ include "common.namespace" . }}:8443
vnfmadapter:
endpoint: https://so-vnfm-adapter.{{ include "common.namespace" . }}:9092
+etsi-catalog-manager:
+ vnfpkgm:
+ {{- if .Values.global.msbEnabled }}
+ endpoint: http://msb-iag.{{ include "common.namespace" . }}:80/api/vnfpkgm/v1
+ {{- else }}
+ endpoint: http://modeling-etsicatalog.{{ include "common.namespace" . }}:8806/api/vnfpkgm/v1
+ {{- end }}
+
diff --git a/kubernetes/so/values.yaml b/kubernetes/so/values.yaml
index 9d5ff4283e..9af34af88e 100755
--- a/kubernetes/so/values.yaml
+++ b/kubernetes/so/values.yaml
@@ -38,6 +38,7 @@ global:
dbPort: 3306
dbUser: root
dbPassword: secretpassword
+ msbEnabled: true
#################################################################
# Application configuration defaults.
@@ -113,4 +114,4 @@ ingress:
name: "so"
port: 8080
config:
- ssl: "none" \ No newline at end of file
+ ssl: "none"