diff options
14 files changed, 93 insertions, 27 deletions
diff --git a/kubernetes/aai/components/aai-graphadmin/values.yaml b/kubernetes/aai/components/aai-graphadmin/values.yaml index 6f372f9bd9..a232d53c84 100644 --- a/kubernetes/aai/components/aai-graphadmin/values.yaml +++ b/kubernetes/aai/components/aai-graphadmin/values.yaml @@ -76,7 +76,7 @@ global: # global defaults version: # Current version of the REST API api: - default: v26 + default: v24 # Specifies which version the depth parameter is configurable depth: v11 # List of all the supported versions of the API diff --git a/kubernetes/aai/components/aai-resources/values.yaml b/kubernetes/aai/components/aai-resources/values.yaml index b1f8c085b8..fdb243de0a 100644 --- a/kubernetes/aai/components/aai-resources/values.yaml +++ b/kubernetes/aai/components/aai-resources/values.yaml @@ -77,7 +77,7 @@ global: # global defaults version: # Current version of the REST API api: - default: v26 + default: v24 # Specifies which version the depth parameter is configurable depth: v11 # List of all the supported versions of the API diff --git a/kubernetes/aai/components/aai-schema-service/values.yaml b/kubernetes/aai/components/aai-schema-service/values.yaml index 1dd374c4dc..b03032677e 100644 --- a/kubernetes/aai/components/aai-schema-service/values.yaml +++ b/kubernetes/aai/components/aai-schema-service/values.yaml @@ -40,7 +40,7 @@ global: # global defaults version: # Current version of the REST API api: - default: v26 + default: v24 # Specifies which version the depth parameter is configurable depth: v11 # List of all the supported versions of the API diff --git a/kubernetes/aai/components/aai-traversal/values.yaml b/kubernetes/aai/components/aai-traversal/values.yaml index b1c8fdd221..921d2dc832 100644 --- a/kubernetes/aai/components/aai-traversal/values.yaml +++ b/kubernetes/aai/components/aai-traversal/values.yaml @@ -84,7 +84,7 @@ global: # global defaults version: # Current version of the REST API api: - default: v26 + default: v24 # Specifies which version the depth parameter is configurable depth: v11 # List of all the supported versions of the API diff --git a/kubernetes/aai/values.yaml b/kubernetes/aai/values.yaml index 62d1d2eabd..aa0e376b29 100644 --- a/kubernetes/aai/values.yaml +++ b/kubernetes/aai/values.yaml @@ -231,7 +231,7 @@ global: # global defaults version: # Current version of the REST API api: - default: v26 + default: v24 # Specifies which version the depth parameter is configurable depth: v11 # List of all the supported versions of the API diff --git a/kubernetes/common/common/templates/_ingress.tpl b/kubernetes/common/common/templates/_ingress.tpl index 7fee67a7a4..f2741079c7 100644 --- a/kubernetes/common/common/templates/_ingress.tpl +++ b/kubernetes/common/common/templates/_ingress.tpl @@ -13,11 +13,18 @@ http: paths: - backend: - serviceName: {{ .name }} - servicePort: {{ .port }} + service: + name: {{ .name }} + port: + {{- if kindIs "string" .port }} + name: {{ .port }} + {{- else }} + number: {{ .port }} + {{- end }} {{- if .path }} path: {{ .path }} {{- end }} + pathType: ImplementationSpecific {{- end }} {{- end -}} @@ -69,7 +76,7 @@ nginx.ingress.kubernetes.io/ssl-redirect: "false" {{- $ingressEnabled := include "common.ingress._overrideIfDefined" (dict "currVal" $ingressEnabled "parent" (default (dict) .Values.global.ingress) "var" "enabled") }} {{- $ingressEnabled := include "common.ingress._overrideIfDefined" (dict "currVal" $ingressEnabled "parent" .Values.ingress "var" "enabledOverride") }} {{- if $ingressEnabled }} -apiVersion: networking.k8s.io/v1beta1 +apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: {{ include "common.fullname" . }}-ingress diff --git a/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml b/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml index 210fbd02ba..4248cfe85c 100644 --- a/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml +++ b/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml @@ -15,7 +15,7 @@ # limitations under the License. */}} -{{- if .Values.backup.enabled }} +{{- if and .Values.backup.enabled .Values.persistence.enabled }} apiVersion: batch/v1beta1 kind: CronJob metadata: @@ -37,7 +37,10 @@ spec: - name: mariadb-galera-backup-init image: {{ include "repositoryGenerator.image.mariadb" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - {{ include "common.containerSecurityContext" . | indent 14 | trim }} + securityContext: + allowPrivilegeEscalation: false + privileged: false + readOnlyRootFilesystem: false command: - /bin/bash - -c @@ -52,7 +55,7 @@ spec: target_dir=/backup/backup-`date +%s` mkdir -p $target_dir - mysqlhost={{ include "common.servicename" . }}.{{ include "common.namespace" . }} + mysqlhost={{ include "common.fullname" . }}-0.{{ include "common.servicename" . }}-headless.{{ include "common.namespace" . }} mariabackup --backup --target-dir=$target_dir --user=root --password=$DB_PASS --host=$mysqlhost @@ -78,13 +81,18 @@ spec: volumeMounts: - name: backup-dir mountPath: /backup + - name: data + mountPath: /bitnami/mariadb containers: - name: mariadb-backup-validate image: {{ include "repositoryGenerator.image.mariadb" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - {{ include "common.containerSecurityContext" . | indent 14 | trim }} + securityContext: + allowPrivilegeEscalation: false + privileged: false + readOnlyRootFilesystem: false env: - - name: MYSQL_ROOT_PASSWORD + - name: MARIADB_ROOT_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" (include "common.mariadb.secret.rootPassUID" .) "key" "password") | indent 18 }} command: - /bin/bash @@ -105,17 +113,17 @@ spec: fi target_dir=$(ls -td -- /backup/backup-* | head -n 1) - cp -Ra $target_dir/* /var/lib/mysql/ + cp -Ra $target_dir/* /bitnami/mariadb/data - if [ ! "$(ls -A /var/lib/mysql)" ]; then + if [ ! "$(ls -A /bitnami/mariadb/data)" ]; then remove_dir $target_dir exit 0 fi - /docker-entrypoint.sh mysqld & + /opt/bitnami/scripts/mariadb/entrypoint.sh /opt/bitnami/scripts/mariadb/run.sh & count=0 - until mysql --user=root --password=$MYSQL_ROOT_PASSWORD -e "SELECT 1"; + until mysql --user=root --password=$MARIADB_ROOT_PASSWORD -e "SELECT 1"; do sleep 3; count=`expr $count + 1`; if [ $count -ge 30 ]; then @@ -124,7 +132,7 @@ spec: fi; done - mysqlcheck -A --user=root --password=$MYSQL_ROOT_PASSWORD > /tmp/output.log + mysqlcheck -A --user=root --password=$MARIADB_ROOT_PASSWORD > /tmp/output.log error_lines=`cat /tmp/output.log| grep -v "OK" | wc -l` cat /tmp/output.log @@ -142,6 +150,10 @@ spec: fi resources: {{ include "common.resources" . | nindent 12 }} volumeMounts: + - mountPath: /bitnami/mariadb/data + name: tmp-data + - mountPath: /opt/bitnami/mariadb/tmp + name: tmp - mountPath: /etc/localtime name: localtime readOnly: true @@ -153,7 +165,18 @@ spec: - name: localtime hostPath: path: /etc/localtime + - name: data + persistentVolumeClaim: + {{- if .Values.persistence.existingClaim }} + claimName: {{ .Values.persistence.existingClaim }} + {{- else }} + claimName: {{ include "common.fullname" . }}-{{ include "common.fullname" . }}-0 + {{- end }} - name: backup-dir persistentVolumeClaim: claimName: {{ include "common.fullname" . }}-backup-data + - name: tmp-data + emptyDir: {} + - name: tmp + emptyDir: {} {{- end }} diff --git a/kubernetes/common/mariadb-galera/values.yaml b/kubernetes/common/mariadb-galera/values.yaml index 9f7c882134..d65c4f7943 100644 --- a/kubernetes/common/mariadb-galera/values.yaml +++ b/kubernetes/common/mariadb-galera/values.yaml @@ -174,6 +174,8 @@ galera: # password: # externalSecret: +## The backup job will mount the mariadb data pvc in order to run mariabackup. +## For this reason the db data pvc needs to have accessMode: ReadWriteMany. backup: enabled: false cron: "00 00 * * *" @@ -458,6 +460,7 @@ persistence: ## annotations: ## Persistent Volume Access Mode + ## Use ReadWriteMany if backup is enabled, see backup section. ## accessMode: ReadWriteOnce ## Persistent Volume size diff --git a/kubernetes/dcaemod/components/dcaemod-runtime-api/resources/config/base/Chart.yaml b/kubernetes/dcaemod/components/dcaemod-runtime-api/resources/config/base/Chart.yaml index dee6adddc2..555e63767e 100644 --- a/kubernetes/dcaemod/components/dcaemod-runtime-api/resources/config/base/Chart.yaml +++ b/kubernetes/dcaemod/components/dcaemod-runtime-api/resources/config/base/Chart.yaml @@ -1,6 +1,6 @@ #============LICENSE_START======================================================== #================================================================================= -# Copyright (c) 2021 AT&T Intellectual Property. All rights reserved. +# Copyright (c) 2021-2022 AT&T Intellectual Property. All rights reserved. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -16,7 +16,7 @@ # ============LICENSE_END========================================================= apiVersion: v2 -appVersion: "Istanbul" +appVersion: "Jakarta" description: TBD name: TBD version: TBD @@ -41,3 +41,7 @@ dependencies: - name: serviceAccount version: ~10.x-0 repository: '@local' + - name: mongo + version: ~10.x-0 + repository: '@local' + condition: mongo.enabled diff --git a/kubernetes/dcaemod/components/dcaemod-runtime-api/resources/config/base/values.yaml b/kubernetes/dcaemod/components/dcaemod-runtime-api/resources/config/base/values.yaml index 139e3d308f..7609ba6568 100644 --- a/kubernetes/dcaemod/components/dcaemod-runtime-api/resources/config/base/values.yaml +++ b/kubernetes/dcaemod/components/dcaemod-runtime-api/resources/config/base/values.yaml @@ -1,6 +1,6 @@ #============LICENSE_START======================================================== #================================================================================= -# Copyright (c) 2021 AT&T Intellectual Property. All rights reserved. +# Copyright (c) 2021-2022 AT&T Intellectual Property. All rights reserved. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -48,10 +48,32 @@ dcaePolicySyncImage: onap/org.onap.dcaegen2.deployments.dcae-services-policy-syn postgres: enabled: false +#mongo enable/disable +mongo: + enabled: false + nameOverride: dcae-mongo + config: + dbName: dcaecommondb + service: + name: dcae-mongohost + internalPort: 27017 + nfsprovisionerPrefix: dcaemongo + sdnctlPrefix: tcagen2 + persistence: + mountSubPath: dcae/mongo/data + enabled: true + disableNfsProvisioner: true + # log directory where logging sidecar should look for log files # if absent, no sidecar will be deployed #logDirectory: TBD #/opt/app/VESCollector/logs #DONE +# Following requires manual override until fix for DCAEGEN2-3087 +# is available to switch logDirectory setting to log.path +log: + path: /opt/app/ +logConfigMapNamePrefix: '{{ include "common.fullname" . }}' + # directory where TLS certs should be stored # if absent, no certs will be retrieved and stored #certDirectory: TBD #/opt/app/dcae-certificate #DONE @@ -64,7 +86,6 @@ postgres: # dependencies readinessCheck: wait_for: - - dcae-config-binding-service - aaf-cm # probe configuration #NEED DISCUSSION diff --git a/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml b/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml index e7d3fa2fa2..5c50381309 100644 --- a/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml +++ b/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml @@ -93,7 +93,7 @@ readiness: # application image -image: onap/org.onap.dcaegen2.platform.mod.runtime-web:1.3.1 +image: onap/org.onap.dcaegen2.platform.mod.runtime-web:1.3.2 # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/dmaap/components/dmaap-dr-node/values.yaml b/kubernetes/dmaap/components/dmaap-dr-node/values.yaml index 6ad3e454d7..d1d2c54833 100644 --- a/kubernetes/dmaap/components/dmaap-dr-node/values.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-node/values.yaml @@ -44,7 +44,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/dmaap/datarouter-node:2.1.9 +image: onap/dmaap/datarouter-node:2.1.10 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml index 9e6effac8b..12eb1fb041 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml @@ -42,7 +42,7 @@ secrets: # Application configuration defaults. ################################################################# # application image -image: onap/dmaap/datarouter-prov:2.1.9 +image: onap/dmaap/datarouter-prov:2.1.10 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/components/policy-clamp-cl-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml b/kubernetes/policy/components/policy-clamp-cl-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml index 184adb6f0a..7227ee8ded 100644 --- a/kubernetes/policy/components/policy-clamp-cl-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml +++ b/kubernetes/policy/components/policy-clamp-cl-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml @@ -63,7 +63,7 @@ server: logging: # Configuration of logging level: - ROOT: ERROR + ROOT: INFO org.springframework: ERROR org.springframework.data: ERROR org.springframework.web.reactive.function.client.ExchangeFunctions: ERROR @@ -74,4 +74,12 @@ logging: chart: api: - enabled: false
\ No newline at end of file + enabled: false + +# Sample Permitted list of helm repositories. Before deployment update the repositories where the helm charts are located. +# The Kubernetes participant accept only HTTPS Address +helm: + repos: + - + repoName: bitnami + address: https://charts.bitnami.com/bitnami
\ No newline at end of file |