diff options
99 files changed, 844 insertions, 2342 deletions
diff --git a/docs/oom_cloud_setup_guide.rst b/docs/oom_cloud_setup_guide.rst index 899f0d7e65..e3790f88db 100644 --- a/docs/oom_cloud_setup_guide.rst +++ b/docs/oom_cloud_setup_guide.rst @@ -53,6 +53,7 @@ The versions of Kubernetes that are supported by OOM are as follows: casablanca 1.11.5 2.9.1 1.11.5 17.03.x dublin 1.13.5 2.12.3 1.13.5 18.09.5 el alto 1.15.2 2.14.2 1.15.2 18.09.x + frankfurt 1.15.9 2.16.3 1.15.9 18.09.x ============== =========== ====== ======== ======== Minimum Hardware Configuration diff --git a/docs/oom_user_guide.rst b/docs/oom_user_guide.rst index 48701f7c31..4cc1ab6d22 100644 --- a/docs/oom_user_guide.rst +++ b/docs/oom_user_guide.rst @@ -114,7 +114,7 @@ stable which should be removed to avoid confusion:: To prepare your system for an installation of ONAP, you'll need to:: - > git clone -b casablanca http://gerrit.onap.org/r/oom + > git clone -b frankfurt http://gerrit.onap.org/r/oom > cd oom/kubernetes @@ -294,7 +294,7 @@ value for the vnfDeployment/openstack/oam_network_cidr key as shown below. To deploy ONAP with this environment file, enter:: - > helm deploy local/onap -n casablanca -f environments/onap-production.yaml + > helm deploy local/onap -n onap -f environments/onap-production.yaml .. include:: environments_onap_demo.yaml :code: yaml @@ -600,14 +600,14 @@ sequence of events described in the previous paragraph would be initiated. For example, to upgrade a container by changing configuration, specifically an environment value:: - > helm deploy casablanca onap/so --version 2.0.1 --set enableDebug=true + > helm deploy onap onap/so --version 2.0.1 --set enableDebug=true Issuing this command will result in the appropriate container being stopped by Kubernetes and replaced with a new container with the new environment value. To upgrade a component to a new version with a new configuration file enter:: - > helm deploy casablanca onap/so --version 2.0.2 -f environments/demo.yaml + > helm deploy onbap onap/so --version 2.0.2 -f environments/demo.yaml To fetch release history enter:: @@ -700,19 +700,19 @@ from a running deployment the operator perform a 'dry-run' to display exactly what will happen with a given command prior to actually deleting anything. For example:: - > helm undeploy casablanca --dry-run + > helm undeploy onap --dry-run -will display the outcome of deleting the 'casablanca' release from the +will display the outcome of deleting the 'onap' release from the deployment. To completely delete a release and remove it from the internal store enter:: - > helm undeploy casablanca --purge + > helm undeploy onap --purge One can also remove individual components from a deployment by changing the ONAP configuration values. For example, to remove `so` from a running deployment enter:: - > helm undeploy casablanca-so --purge + > helm undeploy onap-so --purge will remove `so` as the configuration indicates it's no longer part of the deployment. This might be useful if a one wanted to replace just `so` by diff --git a/kubernetes/aaf/charts/aaf-gui/values.yaml b/kubernetes/aaf/charts/aaf-gui/values.yaml index 1f7abd4b9d..a6033220a5 100644 --- a/kubernetes/aaf/charts/aaf-gui/values.yaml +++ b/kubernetes/aaf/charts/aaf-gui/values.yaml @@ -67,7 +67,7 @@ ingress: resources: small: limits: - cpu: 20m + cpu: 200m memory: 280Mi requests: cpu: 1m diff --git a/kubernetes/aaf/charts/aaf-sms/values.yaml b/kubernetes/aaf/charts/aaf-sms/values.yaml index 41bde75677..c0d43b88ee 100644 --- a/kubernetes/aaf/charts/aaf-sms/values.yaml +++ b/kubernetes/aaf/charts/aaf-sms/values.yaml @@ -89,7 +89,7 @@ resources: small: limits: cpu: 100m - memory: 30Mi + memory: 400Mi requests: cpu: 25m memory: 10Mi @@ -98,6 +98,6 @@ resources: cpu: 400m memory: 1Gi requests: - cpu: 10m + cpu: 25m memory: 100Mi unlimited: {} diff --git a/kubernetes/aai b/kubernetes/aai -Subproject 23f076495d36081f34a367067918d15fcc5ada8 +Subproject c9fad710ea31ae6695c3914429266621d37ce8b diff --git a/kubernetes/clamp/charts/clamp-dash-es/values.yaml b/kubernetes/clamp/charts/clamp-dash-es/values.yaml index ae7abd5ec4..27158a6668 100644 --- a/kubernetes/clamp/charts/clamp-dash-es/values.yaml +++ b/kubernetes/clamp/charts/clamp-dash-es/values.yaml @@ -32,7 +32,7 @@ busyboxImage: library/busybox:latest # application image repository: nexus3.onap.org:10001 -image: onap/clamp-dashboard-elasticsearch:5.0.2 +image: onap/clamp-dashboard-elasticsearch:5.0.3 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/clamp/charts/clamp-dash-kibana/values.yaml b/kubernetes/clamp/charts/clamp-dash-kibana/values.yaml index be0c40e1e1..8e640a4b3a 100644 --- a/kubernetes/clamp/charts/clamp-dash-kibana/values.yaml +++ b/kubernetes/clamp/charts/clamp-dash-kibana/values.yaml @@ -34,7 +34,7 @@ busyboxImage: library/busybox:latest # application image repository: nexus3.onap.org:10001 -image: onap/clamp-dashboard-kibana:5.0.2 +image: onap/clamp-dashboard-kibana:5.0.3 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/clamp/charts/clamp-dash-logstash/values.yaml b/kubernetes/clamp/charts/clamp-dash-logstash/values.yaml index 9a0321a478..3ec5684f6b 100644 --- a/kubernetes/clamp/charts/clamp-dash-logstash/values.yaml +++ b/kubernetes/clamp/charts/clamp-dash-logstash/values.yaml @@ -30,7 +30,7 @@ flavor: small # application image repository: nexus3.onap.org:10001 -image: onap/clamp-dashboard-logstash:5.0.2 +image: onap/clamp-dashboard-logstash:5.0.3 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/common/cassandra/values.yaml b/kubernetes/common/cassandra/values.yaml index dfa0a3e250..090dbcc2a2 100644 --- a/kubernetes/common/cassandra/values.yaml +++ b/kubernetes/common/cassandra/values.yaml @@ -27,7 +27,7 @@ global: # global defaults # application image repository: nexus3.onap.org:10001 -image: library/cassandra:2.2.14 +image: library/cassandra:3.11.4 pullPolicy: Always # flag to enable debugging - application support required @@ -90,6 +90,7 @@ service: port: 7199 - name: tcp-cql port: 9042 + ## thrift protocol is deprecated . Should be removed. Being left until all project removes it. - name: tcp-thrift port: 9160 - name: tcp-agent diff --git a/kubernetes/common/common/templates/_service.tpl b/kubernetes/common/common/templates/_service.tpl index 075f7965b9..55f73c1635 100644 --- a/kubernetes/common/common/templates/_service.tpl +++ b/kubernetes/common/common/templates/_service.tpl @@ -56,15 +56,18 @@ labels: {{- include "common.labels" $dot | nindent 2 -}} - .dot : environment (.) - .ports : an array of ports - .portType: the type of the service + - .prefix: NodePort prefix to be used + */}} {{- define "common.servicePorts" -}} {{- $portType := .portType -}} {{- $dot := .dot -}} {{- range $index, $port := .ports }} +{{- $portPrefix := default "nodePortPrefix" $port.prefix }} - port: {{ $port.port }} targetPort: {{ $port.name }} {{- if (eq $portType "NodePort") }} - nodePort: {{ $dot.Values.global.nodePortPrefix | default $dot.Values.nodePortPrefix }}{{ $port.nodePort }} + nodePort: {{ index $dot.Values "global" $portPrefix | default (index $dot.Values $portPrefix) }}{{ $port.nodePort }} {{- end }} name: {{ $port.name }} {{- end -}} diff --git a/kubernetes/common/postgres-legacy/.helmignore b/kubernetes/common/postgres-legacy/.helmignore deleted file mode 100644 index f0c1319444..0000000000 --- a/kubernetes/common/postgres-legacy/.helmignore +++ /dev/null @@ -1,21 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj diff --git a/kubernetes/common/postgres-legacy/charts/pgpool/configs/pgpool.conf b/kubernetes/common/postgres-legacy/charts/pgpool/configs/pgpool.conf deleted file mode 100644 index f335174f40..0000000000 --- a/kubernetes/common/postgres-legacy/charts/pgpool/configs/pgpool.conf +++ /dev/null @@ -1,677 +0,0 @@ -# ---------------------------- -# pgPool-II configuration file a custom version -# ---------------------------- -# -# This file consists of lines of the form: -# -# name = value -# -# Whitespace may be used. Comments are introduced with "#" anywhere on a line. -# The complete list of parameter names and allowed values can be found in the -# pgPool-II documentation. -# -# This file is read on server startup and when the server receives a SIGHUP -# signal. If you edit the file on a running system, you have to SIGHUP the -# server for the changes to take effect, or use "pgpool reload". Some -# parameters, which are marked below, require a server shutdown and restart to -# take effect. -# - - -#------------------------------------------------------------------------------ -# CONNECTIONS -#------------------------------------------------------------------------------ - -# - pgpool Connection Settings - - -listen_addresses = '*' - # Host name or IP address to listen on: - # '*' for all, '' for no TCP/IP connections - # (change requires restart) -#port = 9999 -port = 5432 - # Port number - # (change requires restart) -socket_dir = '/tmp' - # Unix domain socket path - # The Debian package defaults to - # /var/run/postgresql - # (change requires restart) - - -# - pgpool Communication Manager Connection Settings - - -pcp_port = 9898 - # Port number for pcp - # (change requires restart) -pcp_socket_dir = '/tmp' - # Unix domain socket path for pcp - # The Debian package defaults to - # /var/run/postgresql - # (change requires restart) - -# - Backend Connection Settings - - -backend_hostname0 = '{{.Values.container.name.primary}}' -backend_port0 = 5432 -backend_weight0= 1 -backend_flag0= 'DISALLOW_TO_FAILOVER' - -backend_hostname1 = '{{.Values.container.name.replica}}' -backend_port1 = 5432 -backend_weight1= 1 -backend_flag1= 'DISALLOW_TO_FAILOVER' - -#backend_hostname0 = 'master' - # Host name or IP address to connect to for backend 0 -#backend_port0 = 5432 - # Port number for backend 0 -#backend_weight0 = 1 - # Weight for backend 0 (only in load balancing mode) -#backend_data_directory0 = '/data' - # Data directory for backend 0 -#backend_flag0 = 'ALLOW_TO_FAILOVER' - # Controls various backend behavior - # ALLOW_TO_FAILOVER or DISALLOW_TO_FAILOVER -#backend_hostname1 = 'standby' -#backend_port1 = 5432 -#backend_weight1 = 1 -#backend_data_directory1 = '/data1' -#backend_flag1 = 'ALLOW_TO_FAILOVER' - -# - Authentication - - -enable_pool_hba = on - # Use pool_hba.conf for client authentication -pool_passwd = 'pool_passwd' - # File name of pool_passwd for md5 authentication. - # "" disables pool_passwd. - # (change requires restart) -authentication_timeout = 60 - # Delay in seconds to complete client authentication - # 0 means no timeout. - -# - SSL Connections - - -ssl = off - # Enable SSL support - # (change requires restart) -#ssl_key = './server.key' - # Path to the SSL private key file - # (change requires restart) -#ssl_cert = './server.cert' - # Path to the SSL public certificate file - # (change requires restart) -#ssl_ca_cert = '' - # Path to a single PEM format file - # containing CA root certificate(s) - # (change requires restart) -#ssl_ca_cert_dir = '' - # Directory containing CA root certificate(s) - # (change requires restart) - - -#------------------------------------------------------------------------------ -# POOLS -#------------------------------------------------------------------------------ - -# - Pool size - - -num_init_children = 5 - # Number of pools - # (change requires restart) -max_pool = 1 - # Number of connections per pool - # (change requires restart) - -# - Life time - - -child_life_time = 300 - # Pool exits after being idle for this many seconds -child_max_connections = 0 - # Pool exits after receiving that many connections - # 0 means no exit -connection_life_time = 0 - # Connection to backend closes after being idle for this many seconds - # 0 means no close -client_idle_limit = 0 - # Client is disconnected after being idle for that many seconds - # (even inside an explicit transactions!) - # 0 means no disconnection - - -#------------------------------------------------------------------------------ -# LOGS -#------------------------------------------------------------------------------ - -# - Where to log - - -log_destination = 'stderr' - # Where to log - # Valid values are combinations of stderr, - # and syslog. Default to stderr. - -# - What to log - - -print_timestamp = on - # Print timestamp on each line - # (change requires restart) - -log_connections = on - # Log connections -log_hostname = on - # Hostname will be shown in ps status - # and in logs if connections are logged -log_statement = on - # Log all statements -log_per_node_statement = off - # Log all statements - # with node and backend informations -log_standby_delay = 'if_over_threshold' - # Log standby delay - # Valid values are combinations of always, - # if_over_threshold, none - -# - Syslog specific - - -syslog_facility = 'LOCAL0' - # Syslog local facility. Default to LOCAL0 -syslog_ident = 'pgpool' - # Syslog program identification string - # Default to 'pgpool' - -# - Debug - - -debug_level = 1 - # Debug message verbosity level - # 0 means no message, 1 or more mean verbose - - -#------------------------------------------------------------------------------ -# FILE LOCATIONS -#------------------------------------------------------------------------------ - -pid_file_name = '/tmp/pgpool.pid' - # PID file name - # (change requires restart) -logdir = '/tmp' - # Directory of pgPool status file - # (change requires restart) - - -#------------------------------------------------------------------------------ -# CONNECTION POOLING -#------------------------------------------------------------------------------ - -connection_cache = off - # Activate connection pools - # (change requires restart) - - # Semicolon separated list of queries - # to be issued at the end of a session - # The default is for 8.3 and later -reset_query_list = 'ABORT; DISCARD ALL' - # The following one is for 8.2 and before -#reset_query_list = 'ABORT; RESET ALL; SET SESSION AUTHORIZATION DEFAULT' - - -#------------------------------------------------------------------------------ -# REPLICATION MODE -#------------------------------------------------------------------------------ - -replication_mode = off - # Activate replication mode - # (change requires restart) -replicate_select = off - # Replicate SELECT statements - # when in replication or parallel mode - # replicate_select is higher priority than - # load_balance_mode. - -insert_lock = off - # Automatically locks a dummy row or a table - # with INSERT statements to keep SERIAL data - # consistency - # Without SERIAL, no lock will be issued -lobj_lock_table = '' - # When rewriting lo_creat command in - # replication mode, specify table name to - # lock - -# - Degenerate handling - - -replication_stop_on_mismatch = off - # On disagreement with the packet kind - # sent from backend, degenerate the node - # which is most likely "minority" - # If off, just force to exit this session - -failover_if_affected_tuples_mismatch = off - # On disagreement with the number of affected - # tuples in UPDATE/DELETE queries, then - # degenerate the node which is most likely - # "minority". - # If off, just abort the transaction to - # keep the consistency - - -#------------------------------------------------------------------------------ -# LOAD BALANCING MODE -#------------------------------------------------------------------------------ - -load_balance_mode = on - # Activate load balancing mode - # (change requires restart) -ignore_leading_white_space = on - # Ignore leading white spaces of each query -white_function_list = '' - # Comma separated list of function names - # that don't write to database - # Regexp are accepted -black_function_list = 'currval,lastval,nextval,setval' - # Comma separated list of function names - # that write to database - # Regexp are accepted - - -#------------------------------------------------------------------------------ -# MASTER/SLAVE MODE -#------------------------------------------------------------------------------ - -master_slave_mode = on - # Activate master/slave mode - # (change requires restart) -master_slave_sub_mode = 'stream' - # Master/slave sub mode - # Valid values are combinations slony or - # stream. Default is slony. - # (change requires restart) - -# - Streaming - - -sr_check_period = 10 - # Streaming replication check period - # Disabled (0) by default -sr_check_user = '{{.Values.credentials.pgusername}}' - # Streaming replication check user - # This is neccessary even if you disable streaming - # replication delay check by sr_check_period = 0 -sr_check_password = '{{.Values.credentials.pgpassword}}' - # Password for streaming replication check user -delay_threshold = 10000000 - # Threshold before not dispatching query to standby node - # Unit is in bytes - # Disabled (0) by default - -# - Special commands - - -follow_master_command = '' - # Executes this command after master failover - # Special values: - # %d = node id - # %h = host name - # %p = port number - # %D = database cluster path - # %m = new master node id - # %H = hostname of the new master node - # %M = old master node id - # %P = old primary node id - # %r = new master port number - # %R = new master database cluster path - # %% = '%' character - - -#------------------------------------------------------------------------------ -# PARALLEL MODE -#------------------------------------------------------------------------------ - -parallel_mode = off - # Activates parallel query mode - # (change requires restart) -pgpool2_hostname = '' - # Set pgpool2 hostname - # (change requires restart) - -# - System DB info - - -#system_db_hostname = 'localhost' - # (change requires restart) -#system_db_port = 5432 - # (change requires restart) -#system_db_dbname = 'pgpool' - # (change requires restart) -#system_db_schema = 'pgpool_catalog' - # (change requires restart) -#system_db_user = 'pgpool' - # (change requires restart) -#system_db_password = '' - # (change requires restart) - - -#------------------------------------------------------------------------------ -# HEALTH CHECK -#------------------------------------------------------------------------------ - -health_check_period = 20 - # Health check period - # Disabled (0) by default -health_check_timeout = 10 - # Health check timeout - # 0 means no timeout -health_check_user = '{{.Values.credentials.pgusername}}' - # Health check user -health_check_password = '{{.Values.credentials.pgpassword}}' - # Password for health check user -health_check_max_retries = 3 -connect_timeout = 10000 # Timeout value in milliseconds before giving up to connect to backend. - - # Maximum number of times to retry a failed health check before giving up. -health_check_retry_delay = 1 - # Amount of time to wait (in seconds) between retries. - - -#------------------------------------------------------------------------------ -# FAILOVER AND FAILBACK -#------------------------------------------------------------------------------ - -failover_command = '' - # Executes this command at failover - # Special values: - # %d = node id - # %h = host name - # %p = port number - # %D = database cluster path - # %m = new master node id - # %H = hostname of the new master node - # %M = old master node id - # %P = old primary node id - # %r = new master port number - # %R = new master database cluster path - # %% = '%' character -failback_command = '' - # Executes this command at failback. - # Special values: - # %d = node id - # %h = host name - # %p = port number - # %D = database cluster path - # %m = new master node id - # %H = hostname of the new master node - # %M = old master node id - # %P = old primary node id - # %r = new master port number - # %R = new master database cluster path - # %% = '%' character - -fail_over_on_backend_error = off - # Initiates failover when reading/writing to the - # backend communication socket fails - # If set to off, pgpool will report an - # error and disconnect the session. - -search_primary_node_timeout = 10 - # Timeout in seconds to search for the - # primary node when a failover occurs. - # 0 means no timeout, keep searching - # for a primary node forever. - -#------------------------------------------------------------------------------ -# ONLINE RECOVERY -#------------------------------------------------------------------------------ - -recovery_user = '{{.Values.credentials.pgusername}}' - # Online recovery user -recovery_password = '{{.Values.credentials.pgpassword}}' - # Online recovery password -recovery_1st_stage_command = '' - # Executes a command in first stage -recovery_2nd_stage_command = '' - # Executes a command in second stage -recovery_timeout = 90 - # Timeout in seconds to wait for the - # recovering node's postmaster to start up - # 0 means no wait -client_idle_limit_in_recovery = 0 - # Client is disconnected after being idle - # for that many seconds in the second stage - # of online recovery - # 0 means no disconnection - # -1 means immediate disconnection - - -#------------------------------------------------------------------------------ -# WATCHDOG -#------------------------------------------------------------------------------ - -# - Enabling - - -use_watchdog = off - # Activates watchdog - # (change requires restart) - -# -Connection to up stream servers - - -trusted_servers = '' - # trusted server list which are used - # to confirm network connection - # (hostA,hostB,hostC,...) - # (change requires restart) -ping_path = '/bin' - # ping command path - # (change requires restart) - -# - Watchdog communication Settings - - -wd_hostname = '' - # Host name or IP address of this watchdog - # (change requires restart) -wd_port = 9000 - # port number for watchdog service - # (change requires restart) -wd_authkey = '' - # Authentication key for watchdog communication - # (change requires restart) - -# - Virtual IP control Setting - - -delegate_IP = '' - # delegate IP address - # If this is empty, virtual IP never bring up. - # (change requires restart) -ifconfig_path = '/sbin' - # ifconfig command path - # (change requires restart) -if_up_cmd = 'ifconfig eth0:0 inet $_IP_$ netmask 255.255.255.0' - # startup delegate IP command - # (change requires restart) -if_down_cmd = 'ifconfig eth0:0 down' - # shutdown delegate IP command - # (change requires restart) - -arping_path = '/usr/sbin' # arping command path - # (change requires restart) - -arping_cmd = 'arping -U $_IP_$ -w 1' - # arping command - # (change requires restart) - -# - Behaivor on escalation Setting - - -clear_memqcache_on_escalation = on - # Clear all the query cache on shared memory - # when standby pgpool escalate to active pgpool - # (= virtual IP holder). - # This should be off if client connects to pgpool - # not using virtual IP. - # (change requires restart) -wd_escalation_command = '' - # Executes this command at escalation on new active pgpool. - # (change requires restart) - -# - Lifecheck Setting - - -# -- common -- - -wd_lifecheck_method = 'heartbeat' - # Method of watchdog lifecheck ('heartbeat' or 'query') - # (change requires restart) -wd_interval = 10 - # lifecheck interval (sec) > 0 - # (change requires restart) - -# -- heartbeat mode -- - -wd_heartbeat_port = 9694 - # Port number for receiving heartbeat signal - # (change requires restart) -wd_heartbeat_keepalive = 2 - # Interval time of sending heartbeat signal (sec) - # (change requires restart) -wd_heartbeat_deadtime = 30 - # Deadtime interval for heartbeat signal (sec) - # (change requires restart) -heartbeat_destination0 = 'host0_ip1' - # Host name or IP address of destination 0 - # for sending heartbeat signal. - # (change requires restart) -heartbeat_destination_port0 = 9694 - # Port number of destination 0 for sending - # heartbeat signal. Usually this is the - # same as wd_heartbeat_port. - # (change requires restart) -heartbeat_device0 = '' - # Name of NIC device (such like 'eth0') - # used for sending/receiving heartbeat - # signal to/from destination 0. - # This works only when this is not empty - # and pgpool has root privilege. - # (change requires restart) - -#heartbeat_destination1 = 'host0_ip2' -#heartbeat_destination_port1 = 9694 -#heartbeat_device1 = '' - -# -- query mode -- - -wd_life_point = 3 - # lifecheck retry times - # (change requires restart) -wd_lifecheck_query = 'SELECT 1' - # lifecheck query to pgpool from watchdog - # (change requires restart) -wd_lifecheck_dbname = 'template1' - # Database name connected for lifecheck - # (change requires restart) -wd_lifecheck_user = 'nobody' - # watchdog user monitoring pgpools in lifecheck - # (change requires restart) -wd_lifecheck_password = '' - # Password for watchdog user in lifecheck - # (change requires restart) - -# - Other pgpool Connection Settings - - -#other_pgpool_hostname0 = 'host0' - # Host name or IP address to connect to for other pgpool 0 - # (change requires restart) -#other_pgpool_port0 = 5432 - # Port number for othet pgpool 0 - # (change requires restart) -#other_wd_port0 = 9000 - # Port number for othet watchdog 0 - # (change requires restart) -#other_pgpool_hostname1 = 'host1' -#other_pgpool_port1 = 5432 -#other_wd_port1 = 9000 - - -#------------------------------------------------------------------------------ -# OTHERS -#------------------------------------------------------------------------------ -relcache_expire = 0 - # Life time of relation cache in seconds. - # 0 means no cache expiration(the default). - # The relation cache is used for cache the - # query result against PostgreSQL system - # catalog to obtain various information - # including table structures or if it's a - # temporary table or not. The cache is - # maintained in a pgpool child local memory - # and being kept as long as it survives. - # If someone modify the table by using - # ALTER TABLE or some such, the relcache is - # not consistent anymore. - # For this purpose, cache_expiration - # controls the life time of the cache. -relcache_size = 256 - # Number of relation cache - # entry. If you see frequently: - # "pool_search_relcache: cache replacement happend" - # in the pgpool log, you might want to increate this number. - -check_temp_table = on - # If on, enable temporary table check in SELECT statements. - # This initiates queries against system catalog of primary/master - # thus increases load of master. - # If you are absolutely sure that your system never uses temporary tables - # and you want to save access to primary/master, you could turn this off. - # Default is on. - - -#------------------------------------------------------------------------------ -# ON MEMORY QUERY MEMORY CACHE -#------------------------------------------------------------------------------ -memory_cache_enabled = off - # If on, use the memory cache functionality, off by default -memqcache_method = 'shmem' - # Cache storage method. either 'shmem'(shared memory) or - # 'memcached'. 'shmem' by default - # (change requires restart) -memqcache_memcached_host = 'localhost' - # Memcached host name or IP address. Mandatory if - # memqcache_method = 'memcached'. - # Defaults to localhost. - # (change requires restart) -memqcache_memcached_port = 11211 - # Memcached port number. Mondatory if memqcache_method = 'memcached'. - # Defaults to 11211. - # (change requires restart) -memqcache_total_size = 67108864 - # Total memory size in bytes for storing memory cache. - # Mandatory if memqcache_method = 'shmem'. - # Defaults to 64MB. - # (change requires restart) -memqcache_max_num_cache = 1000000 - # Total number of cache entries. Mandatory - # if memqcache_method = 'shmem'. - # Each cache entry consumes 48 bytes on shared memory. - # Defaults to 1,000,000(45.8MB). - # (change requires restart) -memqcache_expire = 0 - # Memory cache entry life time specified in seconds. - # 0 means infinite life time. 0 by default. - # (change requires restart) -memqcache_auto_cache_invalidation = on - # If on, invalidation of query cache is triggered by corresponding - # DDL/DML/DCL(and memqcache_expire). If off, it is only triggered - # by memqcache_expire. on by default. - # (change requires restart) -memqcache_maxcache = 409600 - # Maximum SELECT result size in bytes. - # Must be smaller than memqcache_cache_block_size. Defaults to 400KB. - # (change requires restart) -memqcache_cache_block_size = 1048576 - # Cache block size in bytes. Mandatory if memqcache_method = 'shmem'. - # Defaults to 1MB. - # (change requires restart) -memqcache_oiddir = '/var/log/pgpool/oiddir' - # Temporary work directory to record table oids - # (change requires restart) -white_memqcache_table_list = '' - # Comma separated list of table names to memcache - # that don't write to database - # Regexp are accepted -black_memqcache_table_list = '' - # Comma separated list of table names not to memcache - # that don't write to database - # Regexp are accepted diff --git a/kubernetes/common/postgres-legacy/charts/pgpool/configs/pool_hba.conf b/kubernetes/common/postgres-legacy/charts/pgpool/configs/pool_hba.conf deleted file mode 100644 index d8918409e8..0000000000 --- a/kubernetes/common/postgres-legacy/charts/pgpool/configs/pool_hba.conf +++ /dev/null @@ -1,67 +0,0 @@ -# pgpool Client Authentication Configuration File a custom version -# =============================================== -# -# The format rule in this file follows the rules in the PostgreSQL -# Administrator's Guide. Refer to chapter "Client Authentication" for a -# complete description. A short synopsis follows. -# -# This file controls: which hosts are allowed to connect, how clients -# are authenticated, which user names they can use, which databases they -# can access. Records take one of these forms: -# -# local DATABASE USER METHOD [OPTION] -# host DATABASE USER CIDR-ADDRESS METHOD [OPTION] -# -# (The uppercase items must be replaced by actual values.) -# -# The first field is the connection type: "local" is a Unix-domain -# socket, "host" is either a plain or SSL-encrypted TCP/IP socket. -# -# DATABASE can be "all", "sameuser", a database name, or a comma-separated -# list thereof. Note that "samegroup" like in PostgreSQL's pg_hba.conf -# file is not supported, since pgpool does not know which group a user -# belongs to. Also note that the database specified here may not exist in -# the backend PostgreSQL. pgpool will authenticate based on the database's -# name, not based on whether it exists or not. -# -# USER can be "all", a user name, or a comma-separated list thereof. In -# both the DATABASE and USER fields you can also write a file name prefixed -# with "@" to include names from a separate file. Note that a group name -# prefixed with "+" like in PostgreSQL's pg_hba.conf file is not supported -# because of the same reason as "samegroup" token. Also note that a user -# name specified here may not exist in the backend PostgreSQL. pgpool will -# authenticate based on the user's name, not based on whether he/she exists. -# -# CIDR-ADDRESS specifies the set of hosts the record matches. -# It is made up of an IP address and a CIDR mask that is an integer -# (between 0 and 32 (IPv4) that specifies the number of significant bits in -# the mask. Alternatively, you can write an IP address and netmask in -# separate columns to specify the set of hosts. -# -# METHOD can be "trust", "reject", "md5" or "pam". Note that "pam" sends passwords -# in clear text. -# -# OPTION is the name of the PAM service. Default service name is "pgpool" -# -# Database and user names containing spaces, commas, quotes and other special -# characters must be quoted. Quoting one of the keywords "all" or "sameuser" -# makes the name lose its special character, and just match a database or -# username with that name. -# -# This file is read on pgpool startup. If you edit the file on a running -# system, you have to restart the pgpool for the changes to take effect. - -# Put your actual configuration here -# ---------------------------------- -# -# If you want to allow non-local connections, you need to add more -# "host" records. In that case you will also need to make pgpool listen -# on a non-local interface via the listen_addresses configuration parameter. -# - -# TYPE DATABASE USER CIDR-ADDRESS METHOD - -# "local" is for Unix domain socket connections only -#local all all trust -# IPv4 local connections: -host all all 0.0.0.0/0 md5 diff --git a/kubernetes/common/postgres-legacy/charts/pgpool/configs/pool_passwd b/kubernetes/common/postgres-legacy/charts/pgpool/configs/pool_passwd deleted file mode 100644 index 3636d1de74..0000000000 --- a/kubernetes/common/postgres-legacy/charts/pgpool/configs/pool_passwd +++ /dev/null @@ -1,2 +0,0 @@ -testuser:md599e8713364988502fa6189781bcf648f -postgres:md53175bce1d3201d16594cebf9d7eb3f9d diff --git a/kubernetes/common/postgres-legacy/charts/pgpool/templates/deployment.yaml b/kubernetes/common/postgres-legacy/charts/pgpool/templates/deployment.yaml deleted file mode 100644 index 7572d7f444..0000000000 --- a/kubernetes/common/postgres-legacy/charts/pgpool/templates/deployment.yaml +++ /dev/null @@ -1,68 +0,0 @@ -{{/* -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# # -# # Licensed under the Apache License, Version 2.0 (the "License"); -# # you may not use this file except in compliance with the License. -# # You may obtain a copy of the License at -# # -# # http://www.apache.org/licenses/LICENSE-2.0 -# # -# # Unless required by applicable law or agreed to in writing, software -# # distributed under the License is distributed on an "AS IS" BASIS, -# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# # See the License for the specific language governing permissions and -# # limitations under the License. -*/}} -kind: Deployment -apiVersion: extensions/v1beta1 -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - replicas: 2 - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} - spec: - containers: - - image: "{{.Values.repository}}/{{.Values.image}}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }} - env: - - name: PG_PRIMARY_SERVICE_NAME - value: {{.Values.container.name.primary}} - - name: PG_REPLICA_SERVICE_NAME - value: {{.Values.container.name.replica}} - - name: PG_USERNAME - value: {{.Values.credentials.pgusername}} - - name: PG_PASSWORD - value: {{.Values.credentials.pgpassword}} - ports: - - containerPort: 5432 - name: pgpool - protocol: TCP - readinessProbe: - tcpSocket: - port: 5432 - initialDelaySeconds: 20 - periodSeconds: 10 - livenessProbe: - tcpSocket: - port: 5432 - initialDelaySeconds: 15 - periodSeconds: 20 - volumeMounts: - - name: pgpool-pgconf - mountPath: /pgconf/pgpoolconfigdir - readOnly: false - volumes: - - name: pgpool-pgconf - configMap: - name: {{ include "common.fullname" . }}-pgpool-configmap diff --git a/kubernetes/common/postgres-legacy/charts/pgpool/templates/service.yaml b/kubernetes/common/postgres-legacy/charts/pgpool/templates/service.yaml deleted file mode 100644 index 8c066e5b7a..0000000000 --- a/kubernetes/common/postgres-legacy/charts/pgpool/templates/service.yaml +++ /dev/null @@ -1,26 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: {{ .Values.service.name }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} - annotations: -spec: - type: {{ .Values.service.type }} - ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.externalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.name }} - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.name }} - {{- end}} - selector: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} diff --git a/kubernetes/common/postgres-legacy/charts/pgpool/values.yaml b/kubernetes/common/postgres-legacy/charts/pgpool/values.yaml deleted file mode 100644 index cb732b7cd7..0000000000 --- a/kubernetes/common/postgres-legacy/charts/pgpool/values.yaml +++ /dev/null @@ -1,44 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration defaults. -################################################################# -global: - nodePortPrefix: 302 - persistence: {} - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 - -################################################################# -# Application configuration defaults. -################################################################# -# application image -repository: crunchydata -image: crunchy-pgpool:centos7-10.4-2.0.0 -pullPolicy: Always - -container: - port: 5432 - name: - primary: pgset-primary - replica: pgset-replica -credentials: - pgusername: testuser - pgpassword: password -service: - name: pgpool - type: ClusterIP - externalPort: 5432 - internalPort: 5432 diff --git a/kubernetes/common/postgres-legacy/templates/pv.yaml b/kubernetes/common/postgres-legacy/templates/pv.yaml deleted file mode 100644 index 2ac5d979d5..0000000000 --- a/kubernetes/common/postgres-legacy/templates/pv.yaml +++ /dev/null @@ -1,45 +0,0 @@ -{{/* -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# # -# # Licensed under the Apache License, Version 2.0 (the "License"); -# # you may not use this file except in compliance with the License. -# # You may obtain a copy of the License at -# # -# # http://www.apache.org/licenses/LICENSE-2.0 -# # -# # Unless required by applicable law or agreed to in writing, software -# # distributed under the License is distributed on an "AS IS" BASIS, -# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# # See the License for the specific language governing permissions and -# # limitations under the License. -*/}} -{{- $global := . }} -{{- if and $global.Values.persistence.enabled (not $global.Values.persistence.existingClaim) }} -{{- if eq "True" (include "common.needPV" .) -}} -{{- range $i := until (int $global.Values.replicaCount)}} -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.fullname" $global }}-data-{{ $i }} - namespace: {{ include "common.namespace" $global }} - labels: - app: {{ include "common.fullname" $global }} - chart: "{{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}" - release: "{{ include "common.release" $global }}" - heritage: "{{ $global.Release.Service }}" - name: {{ include "common.fullname" $global }} -spec: - capacity: - storage: {{ $global.Values.persistence.size}} - accessModes: - - {{ $global.Values.persistence.accessMode }} - persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }} - storageClassName: "{{ include "common.fullname" $global }}-data" - hostPath: - path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ include "common.release" $global }}/{{ $global.Values.persistence.mountSubPath }}-{{$i}} -{{if ne $i (int $global.Values.replicaCount) }} ---- -{{- end -}} -{{- end -}} -{{- end -}} -{{- end -}} diff --git a/kubernetes/common/postgres-legacy/templates/secrets.yaml b/kubernetes/common/postgres-legacy/templates/secrets.yaml deleted file mode 100644 index db1bc5bb15..0000000000 --- a/kubernetes/common/postgres-legacy/templates/secrets.yaml +++ /dev/null @@ -1,31 +0,0 @@ -{{/* -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# # -# # Licensed under the Apache License, Version 2.0 (the "License"); -# # you may not use this file except in compliance with the License. -# # You may obtain a copy of the License at -# # -# # http://www.apache.org/licenses/LICENSE-2.0 -# # -# # Unless required by applicable law or agreed to in writing, software -# # distributed under the License is distributed on an "AS IS" BASIS, -# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# # See the License for the specific language governing permissions and -# # limitations under the License. -*/}} -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.fullname" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -type: Opaque -data: - pg-primary-password: {{ .Values.config.pgPrimaryPassword | b64enc | quote }} - pg-user-password: {{ .Values.config.pgUserPassword | b64enc | quote }} - pg-root-password: {{ .Values.config.pgRootPassword | b64enc | quote }} - diff --git a/kubernetes/common/postgres-legacy/templates/service.yaml b/kubernetes/common/postgres-legacy/templates/service.yaml deleted file mode 100644 index 30d824bbd7..0000000000 --- a/kubernetes/common/postgres-legacy/templates/service.yaml +++ /dev/null @@ -1,95 +0,0 @@ -{{/* -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# # -# # Licensed under the Apache License, Version 2.0 (the "License"); -# # you may not use this file except in compliance with the License. -# # You may obtain a copy of the License at -# # -# # http://www.apache.org/licenses/LICENSE-2.0 -# # -# # Unless required by applicable law or agreed to in writing, software -# # distributed under the License is distributed on an "AS IS" BASIS, -# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# # See the License for the specific language governing permissions and -# # limitations under the License. -*/}} -apiVersion: v1 -kind: Service -metadata: - name: {{ .Values.service.name }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} - annotations: -spec: - type: {{ .Values.service.type }} - ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.externalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.name }} - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.name }} - {{- end}} - selector: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} ---- -apiVersion: v1 -kind: Service -metadata: - name: {{ .Values.service.name2 }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} - annotations: -spec: - type: {{ .Values.service.type2 }} - ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.externalPort2 }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }} - name: {{ .Values.service.name2 }} - {{- else -}} - - port: {{ .Values.service.externalPort2 }} - targetPort: {{ .Values.service.internalPort2 }} - name: {{ .Values.service.name2 }} - {{- end}} - selector: - name: "{{.Values.container.name.primary}}" - release: {{ include "common.release" . }} ---- -apiVersion: v1 -kind: Service -metadata: - name: {{ .Values.service.name3 }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} - annotations: -spec: - type: {{ .Values.service.type3 }} - ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.externalPort3 }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort3 }} - name: {{ .Values.service.name3 }} - {{- else -}} - - port: {{ .Values.service.externalPort3 }} - targetPort: {{ .Values.service.internalPort3 }} - name: {{ .Values.service.name3 }} - {{- end}} - selector: - name: "{{.Values.container.name.replica}}" - release: {{ include "common.release" . }} diff --git a/kubernetes/common/postgres-legacy/templates/statefulset.yaml b/kubernetes/common/postgres-legacy/templates/statefulset.yaml deleted file mode 100644 index 5333a0d310..0000000000 --- a/kubernetes/common/postgres-legacy/templates/statefulset.yaml +++ /dev/null @@ -1,143 +0,0 @@ -{{/* -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# # -# # Licensed under the Apache License, Version 2.0 (the "License"); -# # you may not use this file except in compliance with the License. -# # You may obtain a copy of the License at -# # -# # http://www.apache.org/licenses/LICENSE-2.0 -# # -# # Unless required by applicable law or agreed to in writing, software -# # distributed under the License is distributed on an "AS IS" BASIS, -# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# # See the License for the specific language governing permissions and -# # limitations under the License. -*/}} -apiVersion: apps/v1beta1 -kind: StatefulSet -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - serviceName: {{ .Values.service.name }} - replicas: {{ .Values.replicaCount }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} - spec: - initContainers: - - command: - - /bin/sh - - -c - - | - chown -R 26:26 /podroot/; - chmod 700 /podroot/; - image: {{ .Values.global.busyboxRepository | default .Values.busyboxRepository }}/{{ .Values.busyboxImage }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-prepare - volumeMounts: - - name: {{ include "common.fullname" . }}-data - mountPath: /podroot/ - containers: - - name: {{ include "common.name" . }} - image: "{{ .Values.postgresRepository }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - ports: - - containerPort: {{ .Values.service.internalPort }} - name: postgres - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container - {{- if eq .Values.liveness.enabled true }} - livenessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} - {{end -}} - readinessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - env: - - name: PGHOST - value: /tmp - - name: PG_PRIMARY_USER - value: primaryuser - - name: PG_MODE - value: set - - name: PG_PRIMARY_HOST - value: "{{.Values.container.name.primary}}" - - name: PG_REPLICA_HOST - value: "{{.Values.container.name.replica}}" - - name: PG_PRIMARY_PORT - value: "{{.Values.service.internalPort}}" - - name: PG_PRIMARY_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }} - key: pg-primary-password - - name: PG_USER - value: "{{.Values.config.pgUserName}}" - - name: PG_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }} - key: pg-user-password - - name: PG_DATABASE - value: "{{.Values.config.pgDatabase}}" - - name: PG_ROOT_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }} - key: pg-root-password - volumeMounts: - - mountPath: /pgdata - name: {{ include "common.fullname" . }}-data - - mountPath: /backup - name: {{ include "common.fullname" . }}-backup - readOnly: true - resources: -{{ include "common.resources" . | indent 12 }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 10 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 10 }} - {{- end }} - volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name: {{ include "common.fullname" . }}-backup - emptyDir: {} -{{- if not .Values.persistence.enabled }} - - name: {{ include "common.fullname" . }}-data - emptyDir: {} -{{- else }} - volumeClaimTemplates: - - metadata: - name: {{ include "common.fullname" . }}-data - labels: - name: {{ include "common.fullname" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ include "common.release" . }}" - heritage: "{{ .Release.Service }}" - spec: - accessModes: - - {{ .Values.persistence.accessMode | quote }} - storageClassName: {{ include "common.storageClass" . }} - resources: - requests: - storage: {{ .Values.persistence.size | quote }} -{{- end }} diff --git a/kubernetes/common/postgres-legacy/values.yaml b/kubernetes/common/postgres-legacy/values.yaml deleted file mode 100644 index 8dd5d0aaac..0000000000 --- a/kubernetes/common/postgres-legacy/values.yaml +++ /dev/null @@ -1,139 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration defaults. -################################################################# -global: - nodePortPrefix: 302 - persistence: {} - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 - -################################################################# -# Application configuration defaults. -################################################################# - -# BusyBox image -busyboxRepository: registry.hub.docker.com -busyboxImage: library/busybox:latest - -postgresRepository: crunchydata -image: crunchy-postgres:centos7-10.4-2.0.0 -pullPolicy: Always - -# application configuration -config: - pgUserName: testuser - pgDatabase: userdb - pgPrimaryPassword: password - pgUserPassword: password - pgRootPassword: password - -container: - name: - primary: pgset-primary - replica: pgset-replica - -pgpool: - container: - port: 5432 - name: - primary: pgset-primary - replica: pgset-replica - credentials: - pgusername: testuser - pgpassword: password - service: - name: pgpool - - -# default number of instances -replicaCount: 2 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 300 - periodSeconds: 10 - timeoutSeconds: 5 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 10 - periodSeconds: 10 - -## Persist data to a persitent volume -persistence: - enabled: true - - ## A manually managed Persistent Volume and Claim - ## Requires persistence.enabled: true - ## If defined, PVC must be created manually before volume will be bound - # existingClaim: - volumeReclaimPolicy: Retain - - ## database data Persistent Volume Storage Class - ## If defined, storageClassName: <storageClass> - ## If set to "-", storageClassName: "", which disables dynamic provisioning - ## If undefined (the default) or set to null, no storageClassName spec is - ## set, choosing the default provisioner. (gp2 on AWS, standard on - ## GKE, AWS & OpenStack) - accessMode: ReadWriteOnce - size: 1Gi - mountPath: /dockerdata-nfs - mountSubPath: postgres/data - mountInitPath: postgres - -service: - type: ClusterIP - name: pgset - externalPort: 5432 - internalPort: 5432 - type2: ClusterIP - name2: pgset-primary - externalPort2: 5432 - internalPort2: 5432 - type3: ClusterIP - name3: pgset-replica - externalPort3: 5432 - internalPort3: 5432 - -ingress: - enabled: false - -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # - # Example: - # Configure resource requests and limits - # ref: http://kubernetes.io/docs/user-guide/compute-resources/ - # Minimum memory for development is 2 CPU cores and 4GB memory - # Minimum memory for production is 4 CPU cores and 8GB memory -#resources: -# limits: -# cpu: 2 -# memory: 4Gi -# requests: -# cpu: 2 -# memory: 4Gi - diff --git a/kubernetes/consul/charts/consul-server/values.yaml b/kubernetes/consul/charts/consul-server/values.yaml index 2eb3c25717..e9c96d1bc6 100644 --- a/kubernetes/consul/charts/consul-server/values.yaml +++ b/kubernetes/consul/charts/consul-server/values.yaml @@ -56,7 +56,7 @@ service: name: consul-server portName: consul-join internalPort: 8301 - type2: NodePort + type2: ClusterIP portName2: consul-ui internalPort2: 8500 nodePort2: 70 diff --git a/kubernetes/contrib/tools/rke/rke_setup.sh b/kubernetes/contrib/tools/rke/rke_setup.sh index 409da3987c..cde7d4caa0 100755 --- a/kubernetes/contrib/tools/rke/rke_setup.sh +++ b/kubernetes/contrib/tools/rke/rke_setup.sh @@ -21,7 +21,7 @@ # https://wiki.onap.org/display/DW/OOM+RKE+Kubernetes+Deployment # source from https://jira.onap.org/browse/OOM-1598 # -# master/dublin +# master/dublin # RKE 0.1.16 Kubernetes 1.11.6, kubectl 1.11.6, Helm 2.9.1, Docker 18.06 # 20190428 RKE 0.2.1, Kubernetes 1.13.5, kubectl 1.13.5, Helm 2.12.3, Docker 18.09.5 # single node install, HA pending @@ -30,7 +30,7 @@ usage() { cat <<EOF Usage: $0 [PARAMs] example -sudo ./rke_setup.sh -b dublin -s rke.onap.cloud -e onap -l amdocs -v true +sudo ./rke_setup.sh -b master -s rke.onap.cloud -e onap -l amdocs -v true -u : Display usage -b [branch] : branch = master or dublin (required) -s [server] : server = IP or DNS name (required) @@ -48,16 +48,16 @@ install_onap() { KUBECTL_VERSION=1.13.5 HELM_VERSION=2.12.3 DOCKER_VERSION=18.09 - + # copy your private ssh key and cluster.yml file to the vm # on your dev machine #sudo cp ~/.ssh/onap_rsa . - #sudo chmod 777 onap_rsa + #sudo chmod 777 onap_rsa #scp onap_rsa ubuntu@192.168.241.132:~/ # on this vm - #sudo chmod 400 onap_rsa + #sudo chmod 400 onap_rsa #sudo cp onap_rsa ~/.ssh - # make sure public key is insetup correctly in + # make sure public key is insetup correctly in # sudo vi ~/.ssh/authorized_keys echo "please supply your ssh key as provided by the -k keyname - it must be be chmod 400 and chown user:user in ~/.ssh/" @@ -66,8 +66,8 @@ install_onap() { echo "specifically" echo "address: $SERVER" echo "user: $USERNAME" - echo "ssh_key_path: $SSHPATH_PREFIX/$SSHKEY" - + echo "ssh_key_path: $SSHPATH_PREFIX/$SSHKEY" + RKETOOLS= HYPERCUBE= POD_INFRA_CONTAINER= diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/requirements.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/requirements.yaml index 6b90aa3144..c404c32d70 100644 --- a/kubernetes/dcaegen2/components/dcae-bootstrap/requirements.yaml +++ b/kubernetes/dcaegen2/components/dcae-bootstrap/requirements.yaml @@ -20,7 +20,10 @@ dependencies: - name: common version: ~5.x-0 repository: '@local' - - name: postgres-legacy + - name: postgres version: ~5.x-0 repository: '@local' alias: postgres + - name: mongo + version: ~5.x-0 + repository: '@local' diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-hv_ves-inputs.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-hv_ves-inputs.yaml index a6fbea1e1d..5ece12c46b 100644 --- a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-hv_ves-inputs.yaml +++ b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-hv_ves-inputs.yaml @@ -18,3 +18,4 @@ {{ if .Values.componentImages.hv_ves }} tag_version: {{ include "common.repository" . }}/{{ .Values.componentImages.hv_ves }} {{ end }} +use_tls: true
\ No newline at end of file diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-tcagen2-inputs.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-tcagen2-inputs.yaml new file mode 100644 index 0000000000..5074cb8a7f --- /dev/null +++ b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-tcagen2-inputs.yaml @@ -0,0 +1,22 @@ +#============LICENSE_START======================================================== +#================================================================================= +# Copyright (c) 2020 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +{{ if .Values.componentImages.tcagen2 }} +tag_version: {{ include "common.repository" . }}/{{ .Values.componentImages.tcagen2 }} +{{ end }} +tca_handle_in_subscribe_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.VES_MEASUREMENT_OUTPUT/" +tca_handle_out_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.TCAGEN2_OUTPUT/" diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-ves-inputs-tls.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-ves-inputs-tls.yaml new file mode 100644 index 0000000000..17d0fc4254 --- /dev/null +++ b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-ves-inputs-tls.yaml @@ -0,0 +1,32 @@ +#============LICENSE_START======================================================== +#================================================================================= +# Copyright (c) 2020 Nokia. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +{{ if .Values.componentImages.ves }} +tag_version: {{ include "common.repository" . }}/{{ .Values.componentImages.ves }} +{{ end }} +external_port: 0 +external_port_tls: {{ .Values.config.address.ves.portSecure }} +auth_method: "certBasicAuth" +component_name: "dcae-ves-collector-tls" +dns_component_name: "dcae-ves-collector-tls" +enable_tls: true +ves_other_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.SEC_OTHER_OUTPUT/" +ves_heartbeat_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.SEC_HEARTBEAT_OUTPUT/" +ves_fault_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.SEC_FAULT_OUTPUT/" +ves_measurement_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.VES_MEASUREMENT_OUTPUT/" +ves_pnfRegistration_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.VES_PNFREG_OUTPUT/" +ves_notification_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.VES_NOTIFICATION_OUTPUT/"
\ No newline at end of file diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-ves-inputs.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-ves-inputs.yaml index 69e7cb76de..c113d643af 100644 --- a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-ves-inputs.yaml +++ b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-ves-inputs.yaml @@ -2,6 +2,7 @@ #================================================================================= # Copyright (c) 2017-2018 AT&T Intellectual Property. All rights reserved. # Modifications Copyright © 2018 Amdocs, Bell Canada +# Modifications (c) 2020 Nokia. All rights reserved. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -19,11 +20,14 @@ {{ if .Values.componentImages.ves }} tag_version: {{ include "common.repository" . }}/{{ .Values.componentImages.ves }} {{ end }} -external_port : {{ .Values.config.address.ves.port }} -external_tls_port : {{ .Values.config.address.ves.portSecure }} +external_port_tls: 0 +external_port: {{ .Values.config.address.ves.port }} +auth_method: "noAuth" +component_name: "dcae-ves-collector" +dns_component_name: "dcae-ves-collector" ves_other_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.SEC_OTHER_OUTPUT/" ves_heartbeat_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.SEC_HEARTBEAT_OUTPUT/" ves_fault_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.SEC_FAULT_OUTPUT/" ves_measurement_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.VES_MEASUREMENT_OUTPUT/" ves_pnfRegistration_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.VES_PNFREG_OUTPUT/" -ves_notification_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.VES_NOTIFICATION_OUTPUT/" +ves_notification_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.VES_NOTIFICATION_OUTPUT/"
\ No newline at end of file diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml index 20caa5c122..cfdff5ad72 100644 --- a/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml +++ b/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml @@ -93,9 +93,23 @@ postgres: primary: dcae-pgpool-primary replica: dcae-pgpool-replica +mongo: + nameOverride: dcae-mongo + config: + dbName: dcaecommondb + service: + name: dcae-mongohost + internalPort: 27017 + nfsprovisionerPrefix: dcaemongo + sdnctlPrefix: tcagen2 + persistence: + mountSubPath: dcae/mongo/data + enabled: true + disableNfsProvisioner: true + # application image repository: nexus3.onap.org:10001 -image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:1.9.0 +image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:1.10.0 default_k8s_location: central # DCAE component images to be deployed via Cloudify Manager @@ -104,10 +118,12 @@ componentImages: holmes_rules: onap/holmes/rule-management:1.2.7 holmes_engine: onap/holmes/engine-management:1.2.6 tca: onap/org.onap.dcaegen2.deployments.tca-cdap-container:1.2.2 - ves: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.5.2 + #placeholder until tca-gen2 release image is available + #tcagen2: onap/org.onap.dcaegen2.analytics.tca-gen2.dcae-analytics-tca-web:1.0.0 + ves: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.5.3 snmptrap: onap/org.onap.dcaegen2.collectors.snmptrap:1.4.0 prh: onap/org.onap.dcaegen2.services.prh.prh-app-server:1.5.0 - hv_ves: onap/org.onap.dcaegen2.collectors.hv-ves.hv-collector-main:1.3.0 + hv_ves: onap/org.onap.dcaegen2.collectors.hv-ves.hv-collector-main:1.4.0 # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/dcaegen2/components/dcae-dashboard/templates/deployment.yaml b/kubernetes/dcaegen2/components/dcae-dashboard/templates/deployment.yaml index 116a77fd8b..a926fb396b 100644 --- a/kubernetes/dcaegen2/components/dcae-dashboard/templates/deployment.yaml +++ b/kubernetes/dcaegen2/components/dcae-dashboard/templates/deployment.yaml @@ -104,6 +104,8 @@ spec: volumeMounts: - mountPath: /usr/local/share/ca-certificates/ name: tls-info + - mountPath: /opt/logs/dcae/dashboard + name: component-log env: - name: CONSUL_HOST value: consul-server.{{ include "common.namespace" . }} diff --git a/kubernetes/dcaegen2/components/dcae-dashboard/values.yaml b/kubernetes/dcaegen2/components/dcae-dashboard/values.yaml index 03cb99ad14..22076e5c6a 100644 --- a/kubernetes/dcaegen2/components/dcae-dashboard/values.yaml +++ b/kubernetes/dcaegen2/components/dcae-dashboard/values.yaml @@ -44,7 +44,7 @@ config: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/org.onap.ccsdk.dashboard.ccsdk-app-os:1.1.0 +image: onap/org.onap.ccsdk.dashboard.ccsdk-app-os:1.3.0 pullPolicy: Always # probe configuration parameters @@ -60,13 +60,13 @@ readiness: initialDelaySeconds: 30 periodSeconds: 30 path: /ccsdk-app/health - scheme: HTTP + scheme: HTTPS service: type: NodePort name: dashboard - externalPort: 8080 - internalPort: 8080 + externalPort: 8443 + internalPort: 8443 nodePort: 18 # application configuration override for postgres postgres: diff --git a/kubernetes/dcaegen2/components/dcae-healthcheck/values.yaml b/kubernetes/dcaegen2/components/dcae-healthcheck/values.yaml index fb5a195e60..ba8648a5be 100644 --- a/kubernetes/dcaegen2/components/dcae-healthcheck/values.yaml +++ b/kubernetes/dcaegen2/components/dcae-healthcheck/values.yaml @@ -28,7 +28,7 @@ global: service: name: dcae-healthcheck - internalPort: 80 + internalPort: 8080 externalPort: 80 type: ClusterIP @@ -45,7 +45,7 @@ readiness: periodSeconds: 10 # application image repository: nexus3.onap.org:10001 -image: onap/org.onap.dcaegen2.deployments.healthcheck-container:1.2.5 +image: onap/org.onap.dcaegen2.deployments.healthcheck-container:1.3.0 # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/dcaegen2/components/dcae-inventory-api/requirements.yaml b/kubernetes/dcaegen2/components/dcae-inventory-api/requirements.yaml index 3e79830cc1..4c4f567956 100644 --- a/kubernetes/dcaegen2/components/dcae-inventory-api/requirements.yaml +++ b/kubernetes/dcaegen2/components/dcae-inventory-api/requirements.yaml @@ -17,7 +17,7 @@ dependencies: - name: common version: ~5.x-0 repository: '@local' - - name: postgres-legacy + - name: postgres version: ~5.x-0 repository: '@local' alias: postgres diff --git a/kubernetes/dcaegen2/components/dcae-inventory-api/resources/config/config.json b/kubernetes/dcaegen2/components/dcae-inventory-api/resources/config/config.json index c8c7dd79f1..d9927314e1 100644 --- a/kubernetes/dcaegen2/components/dcae-inventory-api/resources/config/config.json +++ b/kubernetes/dcaegen2/components/dcae-inventory-api/resources/config/config.json @@ -36,7 +36,7 @@ "type": "https", "port": 8080, "keyStorePath": "/opt/cert/cert.jks", - "keyStorePassword": "hD:!w:CxF]lGvM6Mz9l^j[7U", + "keyStorePassword": "/opt/cert/jks.pass", "keyStoreType": "JKS" }] } diff --git a/kubernetes/dcaegen2/components/dcae-inventory-api/resources/log/filebeat.yml b/kubernetes/dcaegen2/components/dcae-inventory-api/resources/log/filebeat.yml new file mode 100644 index 0000000000..0e5ee9bffa --- /dev/null +++ b/kubernetes/dcaegen2/components/dcae-inventory-api/resources/log/filebeat.yml @@ -0,0 +1,72 @@ +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2018-2019 AT&T Intellectual Property. All rights reserved. +# Modifications Copyright © 2018 Amdocs, Bell Canada +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +filebeat.prospectors: +#it is mandatory, in our case it's log +- input_type: log + #This is the canolical path as mentioned in logback.xml, *.* means it will monitor all files in the directory. + paths: + - /var/log/onap/*/*/*/*.log + - /var/log/onap/*/*/*.log + - /var/log/onap/*/*.log + #Files older than this should be ignored.In our case it will be 48 hours i.e. 2 days. It is a helping flag for clean_inactive + ignore_older: 48h + # Remove the registry entry for a file that is more than the specified time. In our case it will be 96 hours, i.e. 4 days. It will help to keep registry records with in limit + clean_inactive: 96h + + +# Name of the registry file. If a relative path is used, it is considered relative to the +# data path. Else full qualified file name. +#filebeat.registry_file: ${path.data}/registry + + +output.logstash: + #List of logstash server ip addresses with port number. + #But, in our case, this will be the loadbalancer IP address. + #For the below property to work the loadbalancer or logstash should expose 5044 port to listen the filebeat events or port in the property should be changed appropriately. + hosts: ["{{.Values.config.logstashServiceName}}.{{.Release.Namespace}}:{{.Values.config.logstashPort}}"] + #If enable will do load balancing among availabe Logstash, automatically. + loadbalance: true + + #The list of root certificates for server verifications. + #If certificate_authorities is empty or not set, the trusted + #certificate authorities of the host system are used. + #ssl.certificate_authorities: $ssl.certificate_authorities + + #The path to the certificate for SSL client authentication. If the certificate is not specified, + #client authentication is not available. + #ssl.certificate: $ssl.certificate + + #The client certificate key used for client authentication. + #ssl.key: $ssl.key + + #The passphrase used to decrypt an encrypted key stored in the configured key file + #ssl.key_passphrase: $ssl.key_passphrase + +logging: + level: debug + + # enable file rotation with default configuration + to_files: true + + # do not log to syslog + to_syslog: false + + files: + path: /usr/share/filebeat/logs + name: mybeat.log + keepfiles: 7 diff --git a/kubernetes/dcaegen2/components/dcae-inventory-api/templates/configmap.yaml b/kubernetes/dcaegen2/components/dcae-inventory-api/templates/configmap.yaml index 96ba64f945..5b7a244835 100644 --- a/kubernetes/dcaegen2/components/dcae-inventory-api/templates/configmap.yaml +++ b/kubernetes/dcaegen2/components/dcae-inventory-api/templates/configmap.yaml @@ -24,3 +24,11 @@ metadata: heritage: {{ .Release.Service }} data: {{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{include "common.fullname" . }}-filebeat-configmap + namespace: {{include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/log/*").AsConfig . | indent 2 }} diff --git a/kubernetes/dcaegen2/components/dcae-inventory-api/templates/deployment.yaml b/kubernetes/dcaegen2/components/dcae-inventory-api/templates/deployment.yaml index 2bfb01d970..f056079fe4 100644 --- a/kubernetes/dcaegen2/components/dcae-inventory-api/templates/deployment.yaml +++ b/kubernetes/dcaegen2/components/dcae-inventory-api/templates/deployment.yaml @@ -101,10 +101,38 @@ spec: subPath: config.json - mountPath: /opt/cert/ name: tls-info + - mountPath: /opt/logs/ + name: component-log env: - name: CONSUL_HOST value: consul.{{ include "common.namespace" . }} + - name: {{ include "common.name" . }}-filebeat + env: + - name: POD_IP + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: status.podIP + image: {{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }} + imagePullPolicy: IfNotPresent + resources: {} + volumeMounts: + - mountPath: /var/log/onap/inventory + name: component-log + - mountPath: /usr/share/filebeat/data + name: filebeat-data + - mountPath: /usr/share/filebeat/filebeat.yml + name: filebeat-conf + subPath: filebeat.yml volumes: + - emptyDir: {} + name: component-log + - emptyDir: {} + name: filebeat-data + - configMap: + defaultMode: 420 + name: {{ include "common.fullname" . }}-filebeat-configmap + name: filebeat-conf - name: {{ include "common.fullname" . }}-inv-config configMap: name: {{ include "common.fullname" . }}-configmap @@ -112,3 +140,4 @@ spec: name: tls-info imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" + diff --git a/kubernetes/dcaegen2/components/dcae-inventory-api/values.yaml b/kubernetes/dcaegen2/components/dcae-inventory-api/values.yaml index 8e4430c37e..a6e51256b9 100644 --- a/kubernetes/dcaegen2/components/dcae-inventory-api/values.yaml +++ b/kubernetes/dcaegen2/components/dcae-inventory-api/values.yaml @@ -44,7 +44,7 @@ config: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/org.onap.dcaegen2.platform.inventory-api:3.4.0 +image: onap/org.onap.dcaegen2.platform.inventory-api:3.4.1 pullPolicy: Always diff --git a/kubernetes/dmaap/components/dmaap-bc/values.yaml b/kubernetes/dmaap/components/dmaap-bc/values.yaml index 513963067f..046f64d9a8 100644 --- a/kubernetes/dmaap/components/dmaap-bc/values.yaml +++ b/kubernetes/dmaap/components/dmaap-bc/values.yaml @@ -30,7 +30,7 @@ pullPolicy: Always # application images repository: nexus3.onap.org:10001 -image: onap/dmaap/dmaap-bc:1.1.5 +image: onap/dmaap/dmaap-bc:2.0.3 # application configuration diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/provserver.properties b/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/provserver.properties index 34662ae9e3..b6723117a3 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/provserver.properties +++ b/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/provserver.properties @@ -7,9 +7,9 @@ # * Licensed under the Apache License, Version 2.0 (the "License"); # * you may not use this file except in compliance with the License. # * You may obtain a copy of the License at -# * +# * # * http://www.apache.org/licenses/LICENSE-2.0 -# * +# * # * Unless required by applicable law or agreed to in writing, software # * distributed under the License is distributed on an "AS IS" BASIS, # * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -40,9 +40,9 @@ org.onap.dmaap.datarouter.provserver.isaddressauthenabled = false # Database access org.onap.dmaap.datarouter.db.driver = org.mariadb.jdbc.Driver -org.onap.dmaap.datarouter.db.url = jdbc:mariadb://{{.Values.config.dmaapDrDb.mariadbServiceName}}:{{.Values.config.dmaapDrDb.mariadbServicePort}}/datarouter -org.onap.dmaap.datarouter.db.login = datarouter -org.onap.dmaap.datarouter.db.password = datarouter +org.onap.dmaap.datarouter.db.url = jdbc:mariadb://{{.Values.config.dmaapDrDb.mariadbServiceName}}:{{.Values.config.dmaapDrDb.mariadbServicePort}}/{{.Values.mariadb.config.mysqlDatabase}} +org.onap.dmaap.datarouter.db.login = ${DB_USERNAME} +org.onap.dmaap.datarouter.db.password = ${DB_PASSWORD} # PROV - DEFAULT ENABLED TLS PROTOCOLS org.onap.dmaap.datarouter.provserver.https.include.protocols = TLSv1.1|TLSv1.2 @@ -55,4 +55,3 @@ org.onap.dmaap.datarouter.provserver.aaf.sub.type = org.onap.dmaap-dr.su org.onap.dmaap.datarouter.provserver.aaf.instance = legacy org.onap.dmaap.datarouter.provserver.aaf.action.publish = publish org.onap.dmaap.datarouter.provserver.aaf.action.subscribe = subscribe - diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml index 6435b0a641..104fcdc54a 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml @@ -56,6 +56,8 @@ spec: - aaf-locate - --container-name - aaf-cm + - --container-name + - aaf-service env: - name: NAMESPACE valueFrom: @@ -118,6 +120,11 @@ spec: port: {{ .Values.config.dmaapDrProv.internalPort }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} + env: + - name: DB_USERNAME + {{- include "common.secret.envFromSecret" (dict "global" . "uid" "dmaap-dr-db-user-secret" "key" "login") | indent 12 }} + - name: DB_PASSWORD + {{- include "common.secret.envFromSecret" (dict "global" . "uid" "dmaap-dr-db-user-secret" "key" "password") | indent 12 }} volumeMounts: {{- if .Values.global.aafEnabled }} - mountPath: {{ .Values.persistence.aafCredsPath }} diff --git a/kubernetes/common/postgres-legacy/requirements.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/templates/secret.yaml index 5b097f3ab7..dee311c336 100644 --- a/kubernetes/common/postgres-legacy/requirements.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/templates/secret.yaml @@ -1,4 +1,4 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada +# Copyright © 2020 Samsung Electronics # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -12,7 +12,4 @@ # See the License for the specific language governing permissions and # limitations under the License. -dependencies: - - name: common - version: ~5.x-0 - repository: '@local' +{{ include "common.secret" . }} diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml index 4dcd7c3319..6165568971 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml @@ -20,6 +20,17 @@ global: loggingDirectory: /opt/app/datartr/logs ################################################################# +# Secrets metaconfig +################################################################# +secrets: + - uid: dmaap-dr-db-user-secret + name: '{{ include "common.release" . }}-dmaap-dr-db-user-secret' + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.config.dmaapDrDb.userCredentialsExternalSecret) . }}' + login: '{{ .Values.config.dmaapDrDb.userName }}' + password: '{{ .Values.config.dmaapDrDb.userPassword }}' + +################################################################# # Application configuration defaults. ################################################################# # application image @@ -88,6 +99,9 @@ config: mariadbServiceName: dmaap-dr-db-svc mariadbServicePort: 3306 mariadbContName: dmaap-dr-db + userName: datarouter +# userPassword: password +# userCredentialsExternalSecret: some secret # mariadb-galera configuration mariadb: @@ -95,9 +109,7 @@ mariadb: nameOverride: dmaap-dr-db replicaCount: 2 config: - mariadbRootPassword: datarouter - userName: datarouter - userPassword: datarouter + userCredentialsExternalSecret: '{{ include "common.release" . }}-dmaap-dr-db-user-secret' mysqlDatabase: datarouter service: name: dmaap-dr-db-svc @@ -136,4 +148,4 @@ resources: requests: cpu: 1000m memory: 2Gi - unlimited: {}
\ No newline at end of file + unlimited: {} diff --git a/kubernetes/esr/charts/esr-gui/values.yaml b/kubernetes/esr/charts/esr-gui/values.yaml index 952dd0ab48..a191739948 100644 --- a/kubernetes/esr/charts/esr-gui/values.yaml +++ b/kubernetes/esr/charts/esr-gui/values.yaml @@ -26,7 +26,7 @@ global: repository: nexus3.onap.org:10001 image: onap/aai/esr-gui:1.4.0 pullPolicy: Always -msbaddr: msb-iag.{{ include "common.namespace" . }}:80 +msbaddr: msb-iag.{{ include "common.namespace" . }}:443 # default number of instances replicaCount: 1 diff --git a/kubernetes/esr/charts/esr-server/values.yaml b/kubernetes/esr/charts/esr-server/values.yaml index 5316210f38..354e8e3624 100644 --- a/kubernetes/esr/charts/esr-server/values.yaml +++ b/kubernetes/esr/charts/esr-server/values.yaml @@ -29,7 +29,7 @@ subChartsOnly: repository: nexus3.onap.org:10001 image: onap/aai/esr-server:1.5.1 pullPolicy: Always -msbaddr: msb-iag.{{ include "common.namespace" . }}:80 +msbaddr: msb-iag.{{ include "common.namespace" . }}:443 # application configuration config: diff --git a/kubernetes/oof/charts/oof-has/resources/config/conductor.conf b/kubernetes/oof/charts/oof-has/resources/config/conductor.conf index 2b5a0115bb..fd87adc4b4 100755 --- a/kubernetes/oof/charts/oof-has/resources/config/conductor.conf +++ b/kubernetes/oof/charts/oof-has/resources/config/conductor.conf @@ -560,8 +560,7 @@ concurrent = true #table_prefix = sdnc # Base URL for SDN-C, up to and including the version. (string value) -#server_url = https://controller:8443/restconf/ -server_url = https://sdncodl-conexus-e2e.ecomp.cci.att.com:8543/restconf/ +server_url = https://controller:8443/restconf/ # Basic Authentication Username (string value) #username = <None> @@ -577,7 +576,6 @@ password = Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U # Retry Numbers for SDNC Rest Call (string value) #sdnc_retries = 3 - [service_controller] # diff --git a/kubernetes/portal/charts/portal-app/resources/server/web.xml b/kubernetes/portal/charts/portal-app/resources/server/web.xml new file mode 100644 index 0000000000..8f88e12666 --- /dev/null +++ b/kubernetes/portal/charts/portal-app/resources/server/web.xml @@ -0,0 +1,155 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- + ============LICENSE_START========================================== + ONAP Portal + =================================================================== + Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. + =================================================================== + + Unless otherwise specified, all software contained herein is licensed + under the Apache License, Version 2.0 (the "License"); + you may not use this software except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + + Unless otherwise specified, all documentation contained herein is licensed + under the Creative Commons License, Attribution 4.0 Intl. (the "License"); + you may not use this documentation except in compliance with the License. + You may obtain a copy of the License at + + https://creativecommons.org/licenses/by/4.0/ + + Unless required by applicable law or agreed to in writing, documentation + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + + ============LICENSE_END============================================ + + + --> + +<web-app xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd" version="2.4"> + <display-name>fusion</display-name> + + <!-- + <context-param> + <param-name>log4jConfigLocation</param-name> + <param-value>/WEB-INF/conf/log4j.properties</param-value> + </context-param> + + <listener> + <listener-class>org.springframework.web.util.Log4jConfigListener</listener-class> + </listener> + --> + + <!-- The Portal app can function on a HA cluster --> + <distributable/> + + <!-- <context-param> + <param-name>contextConfigLocation</param-name> + <param-value>/WEB-INF/oid-context.xml</param-value> + </context-param> + + <listener> + <listener-class> + org.springframework.web.context.ContextLoaderListener + </listener-class> + </listener> --> + + + <listener> + <listener-class>org.onap.portalapp.portal.listener.UserSessionListener</listener-class> + </listener> + <!-- + <filter> + <filter-name>springSessionRepositoryFilter</filter-name> + <filter-class>org.onap.portalapp.music.filter.MusicSessionRepositoryFilter</filter-class> + </filter> + <filter-mapping> + <filter-name>springSessionRepositoryFilter</filter-name> + <url-pattern>/*</url-pattern> + <dispatcher>REQUEST</dispatcher> + <dispatcher>ERROR</dispatcher> + </filter-mapping> + --> + <filter> + <filter-name>CorsFilter</filter-name> + <filter-class>org.apache.catalina.filters.CorsFilter</filter-class> + <init-param> + <param-name>cors.allowed.origins</param-name> + <param-value>http://www.portal.onap.org:9200,http://www.portal.onap.org:9000</param-value> + </init-param> + <init-param> + <param-name>cors.allowed.methods</param-name> + <param-value>GET,POST,HEAD,OPTIONS,PUT,DELETE</param-value> + </init-param> + <init-param> + <param-name>cors.allowed.headers</param-name> + <param-value>EPService,JSESSIONID,X-ECOMP-RequestID,X-Widgets-Type,Content-Type,X-Requested-With,accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers</param-value> + </init-param> + <init-param> + <param-name>cors.exposed.headers</param-name> + <param-value>Access-Control-Allow-Origin,Access-Control-Allow-Credentials</param-value> + </init-param> + <init-param> + <param-name>cors.support.credentials</param-name> + <param-value>true</param-value> + </init-param> + <init-param> + <param-name>cors.preflight.maxage</param-name> + <param-value>10</param-value> + </init-param> + </filter> + + <filter-mapping> + <filter-name>CorsFilter</filter-name> + <url-pattern>/*</url-pattern> + </filter-mapping> + + <filter> + <filter-name>SecurityXssFilter</filter-name> + <filter-class>org.onap.portalapp.filter.SecurityXssFilter</filter-class> + </filter> + + <filter-mapping> + <filter-name>SecurityXssFilter</filter-name> + <url-pattern>/*</url-pattern> + </filter-mapping> +<!-- <filter> --> +<!-- <filter-name>CadiAuthFilter</filter-name> --> +<!-- <filter-class>org.onap.portalsdk.core.onboarding.crossapi.CadiAuthFilter</filter-class> --> +<!-- <init-param> --> +<!-- <param-name>cadi_prop_files</param-name> --> +<!-- Add Absolute path of cadi.properties --> +<!-- <param-value>{Path}/cadi.properties --> +<!-- </param-value> --> +<!-- </init-param> --> +<!-- Add param values with comma delimited values --> +<!-- <init-param> --> +<!-- <param-name>include_url_endpoints</param-name> --> +<!-- <param-value>/auxapi/*</param-value> --> +<!-- </init-param> --> +<!-- <init-param> --> +<!-- <param-name>exclude_url_endpoints</param-name> --> +<!-- <param-value>/api/v3/analytics,/api/v3/storeAnalytics</param-value> --> +<!-- </init-param> --> +<!-- </filter> --> +<!-- <filter-mapping> --> +<!-- <filter-name>CadiAuthFilter</filter-name> --> +<!-- <url-pattern>/auxapi/v3/*</url-pattern> --> +<!-- </filter-mapping> --> +<!-- <filter-mapping> --> +<!-- <filter-name>CadiAuthFilter</filter-name> --> +<!-- <url-pattern>/auxapi/v4/*</url-pattern> --> + +<!-- </filter-mapping> --> +</web-app> diff --git a/kubernetes/portal/charts/portal-app/templates/deployment.yaml b/kubernetes/portal/charts/portal-app/templates/deployment.yaml index fe44c76ca6..eb0dee0f73 100644 --- a/kubernetes/portal/charts/portal-app/templates/deployment.yaml +++ b/kubernetes/portal/charts/portal-app/templates/deployment.yaml @@ -114,6 +114,9 @@ spec: - name: properties-onapportal mountPath: "{{ .Values.global.env.tomcatDir }}/conf/server.xml" subPath: server.xml + - name: properties-onapportal + mountPath: "{{ .Values.global.env.tomcatDir }}/webapps/ONAPPORTAL/WEB-INF/web.xml" + subPath: web.xml - name: authz-onapportal mountPath: "{{ .Values.global.env.tomcatDir }}/{{ .Values.global.keystoreFile}}" subPath: {{ .Values.global.keystoreFile}} diff --git a/kubernetes/sdc/charts/sdc-be/templates/deployment.yaml b/kubernetes/sdc/charts/sdc-be/templates/deployment.yaml index ca1390a407..1aa0010289 100644 --- a/kubernetes/sdc/charts/sdc-be/templates/deployment.yaml +++ b/kubernetes/sdc/charts/sdc-be/templates/deployment.yaml @@ -70,7 +70,7 @@ spec: {{ if eq .Values.liveness.enabled true }} livenessProbe: httpGet: - path: /sdc2/rest/version + path: /sdc2/rest/healthCheck port: {{ .Values.service.internalPort }} scheme: HTTPS initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} diff --git a/kubernetes/sdc/charts/sdc-be/values.yaml b/kubernetes/sdc/charts/sdc-be/values.yaml index 8ac6c27dba..a9e5b292fb 100644 --- a/kubernetes/sdc/charts/sdc-be/values.yaml +++ b/kubernetes/sdc/charts/sdc-be/values.yaml @@ -28,8 +28,8 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/sdc-backend:1.5.2 -backendInitImage: onap/sdc-backend-init:1.5.2 +image: onap/sdc-backend:1.6.1 +backendInitImage: onap/sdc-backend-init:1.6.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/sdc/charts/sdc-cs/values.yaml b/kubernetes/sdc/charts/sdc-cs/values.yaml index 21b35cefd8..150b9618ef 100644 --- a/kubernetes/sdc/charts/sdc-cs/values.yaml +++ b/kubernetes/sdc/charts/sdc-cs/values.yaml @@ -28,8 +28,8 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/sdc-cassandra:1.5.2 -cassandraInitImage: onap/sdc-cassandra-init:1.5.2 +image: onap/sdc-cassandra:1.6.1 +cassandraInitImage: onap/sdc-cassandra-init:1.6.1 pullPolicy: Always @@ -61,10 +61,8 @@ service: type: ClusterIP name: sdc-cs portName: sdc-cs - externalPort: 9160 - internalPort: 9160 - externalPort2: 9042 - internalPort2: 9042 + externalPort: 9042 + internalPort: 9042 ## Persist data to a persitent volume diff --git a/kubernetes/sdc/charts/sdc-es/.helmignore b/kubernetes/sdc/charts/sdc-es/.helmignore deleted file mode 100644 index 542b3390d8..0000000000 --- a/kubernetes/sdc/charts/sdc-es/.helmignore +++ /dev/null @@ -1,21 +0,0 @@ -# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
\ No newline at end of file diff --git a/kubernetes/sdc/charts/sdc-es/Chart.yaml b/kubernetes/sdc/charts/sdc-es/Chart.yaml deleted file mode 100644 index d1c46d06ba..0000000000 --- a/kubernetes/sdc/charts/sdc-es/Chart.yaml +++ /dev/null @@ -1,17 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T, ZTE -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: v1 -description: ONAP Service Design and Creation Elasticsearch -name: sdc-es -version: 5.0.0 diff --git a/kubernetes/sdc/charts/sdc-es/templates/NOTES.txt b/kubernetes/sdc/charts/sdc-es/templates/NOTES.txt deleted file mode 100644 index 3a5553b84f..0000000000 --- a/kubernetes/sdc/charts/sdc-es/templates/NOTES.txt +++ /dev/null @@ -1,33 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T, ZTE -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -1. Get the application URL by running these commands: -{{- if .Values.ingress.enabled }} -{{- range .Values.ingress.hosts }} - http://{{ . }} -{{- end }} -{{- else if contains "NodePort" .Values.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.fullname" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT -{{- else if contains "LoadBalancer" .Values.service.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get svc -w {{ include "common.fullname" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - echo http://$SERVICE_IP:{{ .Values.service.externalPort }} -{{- else if contains "ClusterIP" .Values.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - echo "Visit http://127.0.0.1:8080 to use your application" - kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} -{{- end }} diff --git a/kubernetes/sdc/charts/sdc-es/templates/deployment.yaml b/kubernetes/sdc/charts/sdc-es/templates/deployment.yaml deleted file mode 100644 index c5ab2be09c..0000000000 --- a/kubernetes/sdc/charts/sdc-es/templates/deployment.yaml +++ /dev/null @@ -1,92 +0,0 @@ -# Copyright © 2017 Amdocs, AT&T, Bell Canada -# Modifications Copyright © 2018 ZTE -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - replicas: {{ .Values.replicaCount }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} - spec: - containers: - - name: {{ include "common.name" . }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - ports: - - containerPort: {{ .Values.service.internalPort }} - - containerPort: {{ .Values.service.internalPort2 }} - {{ if eq .Values.liveness.enabled true }} - livenessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - {{ end }} - readinessProbe: - httpGet: - path: "_cluster/health?wait_for_status=yellow&timeout=120s" - port: {{ .Values.service.internalPort }} - scheme: HTTP - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - resources: -{{ include "common.resources" . | indent 12 }} - env: - - name: ENVNAME - value: {{ .Values.global.env.name }} - - name: HOST_IP - valueFrom: - fieldRef: - fieldPath: status.podIP - - name: ES_HEAP_SIZE - value: {{ .Values.config.JvmHeapSize }} - - name: ES_JAVA_OPTS - value: {{ .Values.config.JvmOptions }} - volumeMounts: - - name: {{ include "common.fullname" . }}-environments - mountPath: /root/chef-solo/environments/ - - name: {{ include "common.fullname" . }}-localtime - mountPath: /etc/localtime - readOnly: true - - name: {{ include "common.fullname" . }}-data - mountPath: /usr/share/elasticsearch/data/ - volumes: - - name: {{ include "common.fullname" . }}-localtime - hostPath: - path: /etc/localtime - {{- if .Values.persistence.enabled }} - - name: {{ include "common.fullname" . }}-data - persistentVolumeClaim: - claimName: {{ include "common.fullname" . }} - {{- else }} - emptyDir: {} - {{- end }} - - name: {{ include "common.fullname" . }}-environments - configMap: - name: {{ include "common.release" . }}-sdc-environments-configmap - defaultMode: 0755 - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/sdc/charts/sdc-es/templates/job.yaml b/kubernetes/sdc/charts/sdc-es/templates/job.yaml deleted file mode 100644 index 8a73eaec17..0000000000 --- a/kubernetes/sdc/charts/sdc-es/templates/job.yaml +++ /dev/null @@ -1,67 +0,0 @@ -# Copyright © 2017 Amdocs, AT&T, Bell Canada -# Modifications Copyright © 2018 ZTE -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: batch/v1 -kind: Job -metadata: - name: {{ include "common.fullname" . }}-config-elasticsearch - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }}-job - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - backoffLimit: 20 - template: - metadata: - labels: - app: {{ include "common.name" . }}-job - release: {{ include "common.release" . }} - spec: - restartPolicy: Never - initContainers: - - name: {{ include "common.name" . }}-init-readiness - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: - - /root/ready.py - args: - - --container-name - - sdc-es - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - containers: - - name: {{ include "common.name" . }}-job - image: "{{ include "common.repository" . }}/{{ .Values.elasticInitImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - - name: {{ include "common.fullname" . }}-environments - mountPath: /root/chef-solo/environments/ - env: - - name: ENVNAME - value: {{ .Values.global.env.name }} - volumes: - - name: {{ include "common.fullname" . }}-environments - configMap: - name: {{ include "common.release" . }}-sdc-environments-configmap - defaultMode: 0755 - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" - restartPolicy: Never diff --git a/kubernetes/sdc/charts/sdc-es/templates/pv.yaml b/kubernetes/sdc/charts/sdc-es/templates/pv.yaml deleted file mode 100644 index 4733fed749..0000000000 --- a/kubernetes/sdc/charts/sdc-es/templates/pv.yaml +++ /dev/null @@ -1,41 +0,0 @@ -{{/* -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T, ZTE -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} -{{- if eq "True" (include "common.needPV" .) -}} -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ include "common.release" . }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }} -spec: - capacity: - storage: {{ .Values.persistence.size}} - accessModes: - - {{ .Values.persistence.accessMode }} - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} - storageClassName: "{{ include "common.fullname" . }}-data" - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ include "common.release" . }}/{{ .Values.persistence.mountSubPath }} -{{- end -}} -{{- end -}} diff --git a/kubernetes/sdc/charts/sdc-es/templates/pvc.yaml b/kubernetes/sdc/charts/sdc-es/templates/pvc.yaml deleted file mode 100644 index ab97f9541a..0000000000 --- a/kubernetes/sdc/charts/sdc-es/templates/pvc.yaml +++ /dev/null @@ -1,40 +0,0 @@ -{{/* -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T, ZTE -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ include "common.release" . }}" - heritage: "{{ .Release.Service }}" -{{- if .Values.persistence.annotations }} - annotations: -{{ toYaml .Values.persistence.annotations | indent 4 }} -{{- end }} -spec: - accessModes: - - {{ .Values.persistence.accessMode }} - storageClassName: {{ include "common.storageClass" . }} - resources: - requests: - storage: {{ .Values.persistence.size }} -{{- end -}}
\ No newline at end of file diff --git a/kubernetes/sdc/charts/sdc-es/templates/service.yaml b/kubernetes/sdc/charts/sdc-es/templates/service.yaml deleted file mode 100644 index a49982c432..0000000000 --- a/kubernetes/sdc/charts/sdc-es/templates/service.yaml +++ /dev/null @@ -1,46 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T, ZTE -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - type: {{ .Values.service.type }} - ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} - - port: {{ .Values.service.internalPort2 }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }} - name: {{ .Values.service.portName }}2 - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - - port: {{ .Values.service.externalPort2 }} - targetPort: {{ .Values.service.internalPort2 }} - name: {{ .Values.service.portName }}2 - {{- end}} - selector: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} diff --git a/kubernetes/sdc/charts/sdc-es/values.yaml b/kubernetes/sdc/charts/sdc-es/values.yaml deleted file mode 100644 index adb0595b3d..0000000000 --- a/kubernetes/sdc/charts/sdc-es/values.yaml +++ /dev/null @@ -1,119 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T, ZTE -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration defaults. -################################################################# -global: - nodePortPrefix: 302 - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.2 - loggingRepository: docker.elastic.co - loggingImage: beats/filebeat:5.5.0 - ubuntuInitRepository: oomk8s - ubuntuInitImage: ubuntu-init:1.0.0 - - -################################################################# -# Application configuration defaults. -################################################################# -# application image -repository: nexus3.onap.org:10001 -image: onap/sdc-elasticsearch:1.5.2 -elasticInitImage: onap/sdc-init-elasticsearch:1.5.2 -pullPolicy: Always - -# flag to enable debugging - application support required -debugEnabled: false - -# application configuration -config: - JvmHeapSize: "1024M" - JvmOptions: "-Xms512m -Xmx512m" - -# default number of instances -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 60 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 60 - periodSeconds: 10 - -service: - type: ClusterIP - name: sdc-es - portName: sdc-es - externalPort: 9200 - internalPort: 9200 - externalPort2: 9300 - internalPort2: 9300 - -## Persist data to a persitent volume -persistence: - enabled: true - - ## A manually managed Persistent Volume and Claim - ## Requires persistence.enabled: true - ## If defined, PVC must be created manually before volume will be bound - # existingClaim: - volumeReclaimPolicy: Retain - - ## database data Persistent Volume Storage Class - ## If defined, storageClassName: <storageClass> - ## If set to "-", storageClassName: "", which disables dynamic provisioning - ## If undefined (the default) or set to null, no storageClassName spec is - ## set, choosing the default provisioner. (gp2 on AWS, standard on - ## GKE, AWS & OpenStack) - ## - # storageClass: "-" - accessMode: ReadWriteOnce - size: 2Gi - mountPath: /dockerdata-nfs - mountSubPath: /sdc/sdc-es/ES - -ingress: - enabled: false - -# Resource Limit flavor -By Default using small -flavor: small -# Segregation for Different environment (Small and Large) -resources: - small: - limits: - cpu: 1 - memory: 4Gi - requests: - cpu: 10m - memory: 1Gi - large: - limits: - cpu: 2 - memory: 8Gi - requests: - cpu: 20m - memory: 2Gi - unlimited: {} - diff --git a/kubernetes/sdc/charts/sdc-fe/templates/deployment.yaml b/kubernetes/sdc/charts/sdc-fe/templates/deployment.yaml index 4c2baaf57f..6f35f6bd06 100644 --- a/kubernetes/sdc/charts/sdc-fe/templates/deployment.yaml +++ b/kubernetes/sdc/charts/sdc-fe/templates/deployment.yaml @@ -32,20 +32,6 @@ spec: release: {{ include "common.release" . }} spec: initContainers: - - name: {{ include "common.name" . }}-readiness - command: - - /root/ready.py - args: - - --container-name - - "sdc-kb" - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-job-completion image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: "{{ .Values.global.pullPolicy | default .Values.pullPolicy }}" diff --git a/kubernetes/sdc/charts/sdc-fe/values.yaml b/kubernetes/sdc/charts/sdc-fe/values.yaml index c6f39f9822..78f8b90f66 100644 --- a/kubernetes/sdc/charts/sdc-fe/values.yaml +++ b/kubernetes/sdc/charts/sdc-fe/values.yaml @@ -28,7 +28,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/sdc-frontend:1.5.2 +image: onap/sdc-frontend:1.6.1 pullPolicy: Always config: diff --git a/kubernetes/sdc/charts/sdc-kb/.helmignore b/kubernetes/sdc/charts/sdc-kb/.helmignore deleted file mode 100644 index ce90c2db1e..0000000000 --- a/kubernetes/sdc/charts/sdc-kb/.helmignore +++ /dev/null @@ -1,25 +0,0 @@ -# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
-
-
-#TODO:REMOVE
-sdc-kb.yaml
\ No newline at end of file diff --git a/kubernetes/sdc/charts/sdc-kb/Chart.yaml b/kubernetes/sdc/charts/sdc-kb/Chart.yaml deleted file mode 100644 index d6f0b32e26..0000000000 --- a/kubernetes/sdc/charts/sdc-kb/Chart.yaml +++ /dev/null @@ -1,19 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T, ZTE -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -description: ONAP Service Design and Creation Kibana -name: sdc-kb -version: 5.0.0 diff --git a/kubernetes/sdc/charts/sdc-kb/templates/NOTES.txt b/kubernetes/sdc/charts/sdc-kb/templates/NOTES.txt deleted file mode 100644 index 3a5553b84f..0000000000 --- a/kubernetes/sdc/charts/sdc-kb/templates/NOTES.txt +++ /dev/null @@ -1,33 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T, ZTE -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -1. Get the application URL by running these commands: -{{- if .Values.ingress.enabled }} -{{- range .Values.ingress.hosts }} - http://{{ . }} -{{- end }} -{{- else if contains "NodePort" .Values.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.fullname" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT -{{- else if contains "LoadBalancer" .Values.service.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get svc -w {{ include "common.fullname" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - echo http://$SERVICE_IP:{{ .Values.service.externalPort }} -{{- else if contains "ClusterIP" .Values.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - echo "Visit http://127.0.0.1:8080 to use your application" - kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} -{{- end }} diff --git a/kubernetes/sdc/charts/sdc-kb/templates/deployment.yaml b/kubernetes/sdc/charts/sdc-kb/templates/deployment.yaml deleted file mode 100644 index 8911dbc5a3..0000000000 --- a/kubernetes/sdc/charts/sdc-kb/templates/deployment.yaml +++ /dev/null @@ -1,93 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T, ZTE -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - replicas: {{ .Values.replicaCount }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} - spec: - initContainers: - - name: {{ include "common.name" . }}-job-completion - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" - imagePullPolicy: "{{ .Values.global.pullPolicy | default .Values.pullPolicy }}" - command: - - /root/job_complete.py - args: - - --job-name - - {{ include "common.release" . }}-sdc-es-config-elasticsearch - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - containers: - - name: {{ include "common.name" . }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - ports: - - containerPort: {{ .Values.service.internalPort }} - {{ if eq .Values.liveness.enabled true }} - livenessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - {{ end }} - readinessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - resources: -{{ include "common.resources" . | indent 12 }} - env: - - name: ENVNAME - value: {{ .Values.global.env.name }} - - name: NODE_OPTIONS - value: {{ .Values.config.nodeOptions }} - - name: HOST_IP - valueFrom: - fieldRef: - fieldPath: status.podIP - volumeMounts: - - name: {{ include "common.fullname" . }}-environments - mountPath: /root/chef-solo/environments/ - - name: {{ include "common.fullname" . }}-localtime - mountPath: /etc/localtime - readOnly: true - volumes: - - name: {{ include "common.fullname" . }}-localtime - hostPath: - path: /etc/localtime - - name: {{ include "common.fullname" . }}-environments - configMap: - name: {{ include "common.release" . }}-sdc-environments-configmap - defaultMode: 0755 - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/sdc/charts/sdc-kb/templates/service.yaml b/kubernetes/sdc/charts/sdc-kb/templates/service.yaml deleted file mode 100644 index 2d1c27df86..0000000000 --- a/kubernetes/sdc/charts/sdc-kb/templates/service.yaml +++ /dev/null @@ -1,40 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T, ZTE -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - type: {{ .Values.service.type }} - ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.externalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - {{- end}} - selector: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} diff --git a/kubernetes/sdc/charts/sdc-kb/values.yaml b/kubernetes/sdc/charts/sdc-kb/values.yaml deleted file mode 100644 index c2859e2983..0000000000 --- a/kubernetes/sdc/charts/sdc-kb/values.yaml +++ /dev/null @@ -1,89 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T, ZTE -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration defaults. -################################################################# -global: - nodePortPrefix: 302 - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.2 - loggingRepository: docker.elastic.co - loggingImage: beats/filebeat:5.5.0 - -################################################################# -# Application configuration defaults. -################################################################# -# application image -repository: nexus3.onap.org:10001 -image: onap/sdc-kibana:1.5.2 -pullPolicy: Always - -config: - nodeOptions: "--max-old-space-size=200" - -# default number of instances -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 10 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: false - -readiness: - initialDelaySeconds: 10 - periodSeconds: 10 - -service: - type: ClusterIP - name: sdc-kb - portName: sdc-kb - externalPort: 5601 - internalPort: 5601 - - -sdc-es: - service: - name: sdc-es - -ingress: - enabled: false - -# Resource Limit flavor -By Default using small -flavor: small -# Segregation for Different environment (Small and Large) -resources: - small: - limits: - cpu: 1 - memory: 4Gi - requests: - cpu: 10m - memory: 1Gi - large: - limits: - cpu: 2 - memory: 8Gi - requests: - cpu: 20m - memory: 2Gi - unlimited: {} diff --git a/kubernetes/sdc/charts/sdc-onboarding-be/values.yaml b/kubernetes/sdc/charts/sdc-onboarding-be/values.yaml index a7deeaeca0..7e026f9da5 100644 --- a/kubernetes/sdc/charts/sdc-onboarding-be/values.yaml +++ b/kubernetes/sdc/charts/sdc-onboarding-be/values.yaml @@ -28,8 +28,8 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/sdc-onboard-backend:1.5.2 -onboardingInitImage: onap/sdc-onboard-cassandra-init:1.5.2 +image: onap/sdc-onboard-backend:1.6.1 +onboardingInitImage: onap/sdc-onboard-cassandra-init:1.6.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/sdc/charts/sdc-wfd-be/templates/job.yaml b/kubernetes/sdc/charts/sdc-wfd-be/templates/job.yaml index 97caae2727..cc9f38be6d 100644 --- a/kubernetes/sdc/charts/sdc-wfd-be/templates/job.yaml +++ b/kubernetes/sdc/charts/sdc-wfd-be/templates/job.yaml @@ -56,7 +56,7 @@ spec: - name: CS_HOST value: "{{ .Values.global.cassandra.serviceName }}" - name: CS_PORT - value: "{{ .Values.config.cassandraThriftClientPort }}" + value: "{{ .Values.config.cassandraClientPort }}" - name: CS_AUTHENTICATE value: "{{ .Values.config.cassandraAuthenticationEnabled }}" - name: CS_USER diff --git a/kubernetes/sdc/charts/sdc-wfd-be/values.yaml b/kubernetes/sdc/charts/sdc-wfd-be/values.yaml index 68f487674d..3e5a83aee7 100644 --- a/kubernetes/sdc/charts/sdc-wfd-be/values.yaml +++ b/kubernetes/sdc/charts/sdc-wfd-be/values.yaml @@ -28,8 +28,8 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/workflow-backend:1.6.0 -configInitImage: onap/workflow-init:1.6.0 +image: onap/workflow-backend:1.6.1 +configInitImage: onap/workflow-init:1.6.1 pullPolicy: Always initJob: @@ -38,7 +38,6 @@ initJob: config: javaOptions: "-Xmx1536m -Xms1536m" cassandraAuthenticationEnabled: true - cassandraThriftClientPort: 9160 cassandraClientPort: 9042 sdcProtocol: HTTPS diff --git a/kubernetes/sdc/charts/sdc-wfd-fe/values.yaml b/kubernetes/sdc/charts/sdc-wfd-fe/values.yaml index fc30297885..66eb22e50c 100644 --- a/kubernetes/sdc/charts/sdc-wfd-fe/values.yaml +++ b/kubernetes/sdc/charts/sdc-wfd-fe/values.yaml @@ -28,7 +28,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/workflow-frontend:1.6.0 +image: onap/workflow-frontend:1.6.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/sdc/resources/config/environments/AUTO.json b/kubernetes/sdc/resources/config/environments/AUTO.json index b642e859f7..67ee6f9973 100755 --- a/kubernetes/sdc/resources/config/environments/AUTO.json +++ b/kubernetes/sdc/resources/config/environments/AUTO.json @@ -16,8 +16,6 @@ "DCAE_FE_VIP": "sdc-dcae-fe.{{include "common.namespace" .}}", "DCAE_TOSCA_LAB_VIP": "sdc-dcae-tosca-lab.{{include "common.namespace" .}}", "FE_VIP": "sdc-fe.{{include "common.namespace" .}}", - "ES_VIP": "sdc-es.{{include "common.namespace" .}}", - "KB_VIP": "sdc-kb.{{include "common.namespace" .}}", "interfaces": { "application": "eth0", "private": "eth0" @@ -46,11 +44,7 @@ ], "BE": "sdc-be.{{include "common.namespace" .}}", "ONBOARDING_BE": "sdc-onboarding-be.{{include "common.namespace" .}}", - "FE": "sdc-fe.{{include "common.namespace" .}}", - "ES": [ - "sdc-es.{{include "common.namespace" .}}" - ], - "KB": "sdc-kb.{{include "common.namespace" .}}" + "FE": "sdc-fe.{{include "common.namespace" .}}" }, "VnfRepo": { "vnfRepoPort": "{{.Values.config.environment.vnfRepoPort}}", @@ -71,14 +65,6 @@ "https_port": "8445", "catalog_notification_url": "%s://%s:%s/sdc2/rest/v1/catalog/notif/vsp/" }, - "elasticsearch": { - "cluster_name": "SDC-ES-", - "ES_path_home": "/usr/share/elasticsearch", - "ES_path_data": "/usr/share/elasticsearch/data", - "num_of_replicas": "0", - "num_of_shards": "1" - }, - "cassandra": { "cassandra_port": 9042, "concurrent_reads": "32", @@ -99,6 +85,25 @@ "socket_connect_timeout": "20000", "janusgraph_connection_timeout": "10000", "replication_factor": "{{.Values.global.cassandra.replicaCount}}" - } + }, + "DMAAP": { + "consumer": { + "host": "dcae-mrtr.com:3905", + "topic": "operationalEnvironmentEvent", + "serviceName": "dcae-mrtr.com:3905/events", + "environment": "TEST", + "partner": "BOT_R", + "username": "user1@sdc.com", + "password": "password==" + }, + "producer": { + "host": "olsd004.com:3905", + "topic": "SDC-FACADE-NOTIF-v1 ", + "serviceName": "dmaap.com:3905/events", + "environment": "TEST", + "username": "user1@sdc.com", + "password": "password==" + } + } } } diff --git a/kubernetes/sdc/values.yaml b/kubernetes/sdc/values.yaml index 6abf911a89..3d35814f2e 100644 --- a/kubernetes/sdc/values.yaml +++ b/kubernetes/sdc/values.yaml @@ -47,10 +47,6 @@ config: workflowUrl: 10.0.2.15 vnfRepoPort: 8702 -sdc-es: - service: - name: sdc-es - #Used only if localCluster is enabled. Instantiates SDC's own cassandra cluster cassandra: nameOverride: sdc-cs diff --git a/kubernetes/common/postgres-legacy/charts/pgpool/requirements.yaml b/kubernetes/sdnc/charts/dmaap-listener/templates/secret.yaml index 5b097f3ab7..dee311c336 100644 --- a/kubernetes/common/postgres-legacy/charts/pgpool/requirements.yaml +++ b/kubernetes/sdnc/charts/dmaap-listener/templates/secret.yaml @@ -1,4 +1,4 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada +# Copyright © 2020 Samsung Electronics # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -12,7 +12,4 @@ # See the License for the specific language governing permissions and # limitations under the License. -dependencies: - - name: common - version: ~5.x-0 - repository: '@local' +{{ include "common.secret" . }} diff --git a/kubernetes/sdnc/charts/dmaap-listener/values.yaml b/kubernetes/sdnc/charts/dmaap-listener/values.yaml index d90da63e6d..bec4d1cac1 100644 --- a/kubernetes/sdnc/charts/dmaap-listener/values.yaml +++ b/kubernetes/sdnc/charts/dmaap-listener/values.yaml @@ -46,7 +46,7 @@ secrets: passwordPolicy: required - uid: odl-creds type: basicAuth - externalSecret: '{{ .Values.config.odlCredsExternalSecret }}' + externalSecret: '{{ tpl (default "" .Values.config.odlCredsExternalSecret) . }}' login: '{{ .Values.config.odlUser }}' password: '{{ .Values.config.odlPassword }}' passwordPolicy: required diff --git a/kubernetes/sdnc/charts/sdnc-ansible-server/values.yaml b/kubernetes/sdnc/charts/sdnc-ansible-server/values.yaml index b0b3c81c8f..4ee7c6f25d 100644 --- a/kubernetes/sdnc/charts/sdnc-ansible-server/values.yaml +++ b/kubernetes/sdnc/charts/sdnc-ansible-server/values.yaml @@ -46,7 +46,7 @@ secrets: passwordPolicy: required - uid: rest-creds type: basicAuth - externalSecret: '{{ .Values.config.restCredsExternalSecret }}' + externalSecret: '{{ tpl (default "" .Values.config.restCredsExternalSecret) . }}' login: '{{ .Values.config.restUser }}' password: '{{ .Values.config.restPassword }}' passwordPolicy: required diff --git a/kubernetes/sdnc/charts/sdnc-portal/resources/config/admportal.json b/kubernetes/sdnc/charts/sdnc-portal/resources/config/admportal.json index 8560ca1acc..e845e96b7f 100644 --- a/kubernetes/sdnc/charts/sdnc-portal/resources/config/admportal.json +++ b/kubernetes/sdnc/charts/sdnc-portal/resources/config/admportal.json @@ -27,26 +27,26 @@ }, "svclogicPropertiesDb01": "{{.Values.config.configDir}}/svclogic.properties.sdnctldb01", "databases": [ - "{{.Values.config.mariadbGalera.serviceName}}.{{.Release.Namespace}}|sdnc-sdnctldb01.{{.Release.Namespace}}" + "{{include "common.mariadbService" $}}|sdnc-sdnctldb01.{{.Release.Namespace}}" ], "dbFabricServer": "localhost", "dbFabricPort": "32275", "dbFabricGroupId": "hagroup1", - "dbFabricUser": "admin", - "dbFabricPassword": "admin", - "dbFabricDB": "mysql", - "dbUser": "sdnctl", - "dbPassword": "{{.Values.config.dbSdnctlPassword}}", - "dbName": "sdnctl", + "dbFabricUser": "${DB_FABRIC_USER}", + "dbFabricPassword": "${DB_FABRIC_PASSWORD", + "dbFabricDB": "{{.Values.config.dbFabricDB}}", + "dbUser": "${SDNC_DB_USER}", + "dbPassword": "${SDNC_DB_PASSWORD}", + "dbName": "{{index $.Values "mariadb-galera" "config" "mysqlDatabase"}}", "odlProtocol": "http", "odlHost": "sdnc.{{.Release.Namespace}}", "odlConexusHost": "sdnc.{{.Release.Namespace}}", "odlPort": "8181", "odlConexusPort": "8181", - "odlUser": "admin", - "odlPasswd": "{{.Values.config.odlPassword}}", + "odlUser": "${ODL_USER}", + "odlPasswd": "${ODL_PASSWORD}", "ConexusNetwork_sslCert": "{{.Values.config.storesDir}}/org.onap.sdnc.p12", - "ConexusNetwork_sslKey": "{{.Values.config.keystorePwd}}", + "ConexusNetwork_sslKey": "${KEYSTORE_PASSWORD}", "AppNetwork_sslCert": "", "AppNetwork_sslKey": "", "hostnameList": [ diff --git a/kubernetes/sdnc/charts/sdnc-portal/resources/config/dblib.properties b/kubernetes/sdnc/charts/sdnc-portal/resources/config/dblib.properties index 7a5475ed20..beb514e583 100644 --- a/kubernetes/sdnc/charts/sdnc-portal/resources/config/dblib.properties +++ b/kubernetes/sdnc/charts/sdnc-portal/resources/config/dblib.properties @@ -1,7 +1,6 @@ ### # ============LICENSE_START======================================================= -# Copyright (C) 2018 ONAP Intellectual Property. All rights -# reserved. +# Copyright (C) 2018 ONAP Intellectual Property. All rights reserved. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -18,11 +17,11 @@ ### org.onap.ccsdk.sli.dbtype=jdbc org.onap.ccsdk.sli.jdbc.hosts=sdnctldb01 -org.onap.ccsdk.sli.jdbc.url=jdbc:mysql://{{.Values.config.mariadbGalera.serviceName}}.{{.Release.Namespace}}:{{.Values.config.mariadbGalera.internalPort}}/sdnctl +org.onap.ccsdk.sli.jdbc.url=jdbc:mysql://{{include "common.mariadbService" $}}:{{include "common.mariadbPort" $}}/{{index $.Values "mariadb-galera" "config" "mysqlDatabase"}} org.onap.ccsdk.sli.jdbc.driver=org.mariadb.jdbc.Driver -org.onap.ccsdk.sli.jdbc.database=sdnctl -org.onap.ccsdk.sli.jdbc.user=sdnctl -org.onap.ccsdk.sli.jdbc.password={{.Values.config.dbSdnctlPassword}} +org.onap.ccsdk.sli.jdbc.database={{index $.Values "mariadb-galera" "config" "mysqlDatabase"}} +org.onap.ccsdk.sli.jdbc.user=${SDNC_DB_USER} +org.onap.ccsdk.sli.jdbc.password=${SDNC_DB_PASSWORD} org.onap.ccsdk.sli.jdbc.connection.name=sdnctldb01 org.onap.ccsdk.sli.jdbc.connection.timeout=50 org.onap.ccsdk.sli.jdbc.request.timeout=100 diff --git a/kubernetes/sdnc/charts/sdnc-portal/resources/config/svclogic.properties b/kubernetes/sdnc/charts/sdnc-portal/resources/config/svclogic.properties index cc13a9d707..a2570cd8a1 100644 --- a/kubernetes/sdnc/charts/sdnc-portal/resources/config/svclogic.properties +++ b/kubernetes/sdnc/charts/sdnc-portal/resources/config/svclogic.properties @@ -1,5 +1,5 @@ org.openecomp.sdnctl.sli.dbtype = jdbc -org.openecomp.sdnctl.sli.jdbc.url = jdbc:mysql://sdnc-sdnctldb01:3306/sdnctl -org.openecomp.sdnctl.sli.jdbc.database = sdnctl -org.openecomp.sdnctl.sli.jdbc.user = sdnctl -org.openecomp.sdnctl.sli.jdbc.password = {{.Values.config.dbSdnctlPassword}}
\ No newline at end of file +org.openecomp.sdnctl.sli.jdbc.url = jdbc:mysql://sdnc-sdnctldb01:3306/{{index $.Values "mariadb-galera" "config" "mysqlDatabase"}} +org.openecomp.sdnctl.sli.jdbc.database = {{index $.Values "mariadb-galera" "config" "mysqlDatabase"}} +org.openecomp.sdnctl.sli.jdbc.user = ${SDNC_DB_USER} +org.openecomp.sdnctl.sli.jdbc.password = ${SDNC_DB_PASSWORD} diff --git a/kubernetes/sdnc/charts/sdnc-portal/resources/config/svclogic.properties.sdnctldb02 b/kubernetes/sdnc/charts/sdnc-portal/resources/config/svclogic.properties.sdnctldb02 index c75c603f22..267bc2085a 100644 --- a/kubernetes/sdnc/charts/sdnc-portal/resources/config/svclogic.properties.sdnctldb02 +++ b/kubernetes/sdnc/charts/sdnc-portal/resources/config/svclogic.properties.sdnctldb02 @@ -1,5 +1,5 @@ org.openecomp.sdnctl.sli.dbtype = jdbc -org.openecomp.sdnctl.sli.jdbc.url = jdbc:mysql://sdnc-sdnctldb02:3306/sdnctl -org.openecomp.sdnctl.sli.jdbc.database = sdnctl -org.openecomp.sdnctl.sli.jdbc.user = sdnctl -org.openecomp.sdnctl.sli.jdbc.password = {{.Values.config.dbSdnctlPassword}}
\ No newline at end of file +org.openecomp.sdnctl.sli.jdbc.url = jdbc:mysql://sdnc-sdnctldb02:3306/{{index $.Values "mariadb-galera" "config" "mysqlDatabase"}} +org.openecomp.sdnctl.sli.jdbc.database = {{index $.Values "mariadb-galera" "config" "mysqlDatabase"}} +org.openecomp.sdnctl.sli.jdbc.user = ${SDNC_DB_USER} +org.openecomp.sdnctl.sli.jdbc.password = ${SDNC_DB_PASSWORD} diff --git a/kubernetes/sdnc/charts/sdnc-portal/templates/deployment.yaml b/kubernetes/sdnc/charts/sdnc-portal/templates/deployment.yaml index db92b20186..3a728ad92f 100644 --- a/kubernetes/sdnc/charts/sdnc-portal/templates/deployment.yaml +++ b/kubernetes/sdnc/charts/sdnc-portal/templates/deployment.yaml @@ -32,10 +32,39 @@ spec: spec: initContainers: - command: + - sh + args: + - -c + - "cd /config-input && for PFILE in `ls -1 .`; do envsubst <${PFILE} >/config/${PFILE}; done" + env: + - name: SDNC_DB_USER + {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-secret" "key" "login") | indent 10 }} + - name: SDNC_DB_PASSWORD + {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-secret" "key" "password") | indent 10 }} + - name: DB_FABRIC_USER + {{- include "common.secret.envFromSecret" (dict "global" . "uid" "fabric-db-creds" "key" "login") | indent 10 }} + - name: DB_FABRIC_PASSWORD + {{- include "common.secret.envFromSecret" (dict "global" . "uid" "fabric-db-creds" "key" "password") | indent 10 }} + - name: ODL_USER + {{- include "common.secret.envFromSecret" (dict "global" . "uid" "odl-creds" "key" "login") | indent 10 }} + - name: ODL_PASSWORD + {{- include "common.secret.envFromSecret" (dict "global" . "uid" "odl-creds" "key" "password") | indent 10 }} + - name: KEYSTORE_PASSWORD + {{- include "common.secret.envFromSecret" (dict "global" . "uid" "keystore-password" "key" "password") | indent 10 }} + volumeMounts: + - mountPath: /config-input + name: config-input + - mountPath: /config + name: properties + image: "{{ .Values.global.envsubstImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-update-config + + - command: - /root/ready.py args: - --container-name - - {{ .Values.config.mariadbGalera.chartName }} + - {{ include "common.mariadbService" . }} - --container-name - {{ .Values.config.sdncChartName }} env: @@ -71,10 +100,7 @@ spec: periodSeconds: {{ .Values.readiness.periodSeconds }} env: - name: MYSQL_ROOT_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }} - key: db-root-password + {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-root-password" "key" "password") | indent 14 }} - name: SDNC_CONFIG_DIR value: "{{ .Values.config.configDir }}" volumeMounts: @@ -110,9 +136,12 @@ spec: - name: localtime hostPath: path: /etc/localtime - - name: properties + - name: config-input configMap: name: {{ include "common.fullname" . }} defaultMode: 0644 + - name: properties + emptyDir: + medium: Memory imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/sdnc/charts/sdnc-portal/templates/secrets.yaml b/kubernetes/sdnc/charts/sdnc-portal/templates/secrets.yaml index 239f734276..dee311c336 100644 --- a/kubernetes/sdnc/charts/sdnc-portal/templates/secrets.yaml +++ b/kubernetes/sdnc/charts/sdnc-portal/templates/secrets.yaml @@ -1,13 +1,15 @@ -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.fullname" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -type: Opaque -data: - db-root-password: {{ .Values.config.dbRootPassword | b64enc | quote }} +# Copyright © 2020 Samsung Electronics +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +{{ include "common.secret" . }} diff --git a/kubernetes/sdnc/charts/sdnc-portal/values.yaml b/kubernetes/sdnc/charts/sdnc-portal/values.yaml index 7ff000e8cb..94ea5d75fc 100644 --- a/kubernetes/sdnc/charts/sdnc-portal/values.yaml +++ b/kubernetes/sdnc/charts/sdnc-portal/values.yaml @@ -21,6 +21,52 @@ global: readinessImage: readiness-check:2.0.2 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 + # envsusbt + envsubstImage: dibi/envsubst + + mariadbGalera: + #This flag allows SO to instantiate its own mariadb-galera cluster + #If shared instance is used, this chart assumes that DB already exists + localCluster: false + service: mariadb-galera + internalPort: 3306 + nameOverride: mariadb-galera + +################################################################# +# Secrets metaconfig +################################################################# +secrets: + - uid: db-root-password + type: password + externalSecret: '{{ .Values.global.mariadbGalera.localCluster | ternary (default (include "common.mariadb.secret.rootPassSecretName" (dict "dot" . "chartName" (index .Values "mariadb-galera" "nameOverride"))) (index .Values "mariadb-galera" "config" "mariadbRootPasswordExternalSecret")) (include "common.mariadb.secret.rootPassSecretName" (dict "dot" . "chartName" .Values.global.mariadbGalera.nameOverride)) }}' + password: '{{ (index .Values "mariadb-galera" "config" "mariadbRootPassword" }}' + passwordPolicy: required + - uid: db-secret + name: &dbSecretName '{{ include "common.release" . }}-sdnc-portal-db-secret' + type: basicAuth + # This is a nasty trick that allows you override this secret using external one + # with the same field that is used to pass this to subchart + externalSecret: '{{ ternary "" (tpl (default "" (index .Values "mariadb-galera" "config" "userCredentialsExternalSecret")) .) (hasSuffix "sdnc-portal-db-secret" (index .Values "mariadb-galera" "config" "userCredentialsExternalSecret"))}}' + login: '{{ index .Values "mariadb-galera" "config" "userName" }}' + password: '{{ index .Values "mariadb-galera" "config" "userPassword" }}' + passwordPolicy: required + - uid: odl-creds + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.config.odlCredsExternalSecret) . }}' + login: '{{ .Values.config.odlUser }}' + password: '{{ .Values.config.odlPassword }}' + passwordPolicy: required + - uid: fabric-db-creds + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.config.odlCredsExternalSecret) . }}' + login: '{{ .Values.config.dbFabricUser }}' + password: '{{ .Values.config.dbFabricPassword }}' + passwordPolicy: required + - uid: keystore-password + type: password + externalSecret: '{{ tpl (default "" .Values.config.KeyStorePwdExternalSecret) . }}' + password: '{{ .Values.config.keystorePwd }}' + passwordPolicy: required ################################################################# # Application configuration defaults. @@ -29,17 +75,34 @@ global: repository: nexus3.onap.org:10001 image: onap/admportal-sdnc-image:1.7.6 config: - dbRootPassword: secretpassword - dbSdnctlPassword: gamma + dbFabricDB: mysql + dbFabricUser: admin + dbFabricPassword: admin + # dbFabricDBCredsExternalSecret: some secret sdncChartName: sdnc configDir: /opt/onap/sdnc/data/properties storesDir: /opt/onap/sdnc/data/stores + odlUser: admin odlPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U + # odlCredsExternalSecret: some secret keystorePwd: ff^G9D]yf&r}Ktum@BJ0YB?N - mariadbGalera: - chartName: mariadb-galera - serviceName: mariadb-galera + # keystorePwdExternalSecret: some secret + +mariadb-galera: + config: + userCredentialsExternalSecret: *dbSecretName + userName: sdnctl + userPassword: gamma + mysqlDatabase: sdnctl + nameOverride: sdnc-portal-galera + service: + name: sdnc-portal-galera + portName: sdnc-portal-galera internalPort: 3306 + replicaCount: 1 + persistence: + enabled: true + mountSubPath: sdnc-portal/maria/data # default number of instances replicaCount: 0 diff --git a/kubernetes/sdnc/charts/ueb-listener/values.yaml b/kubernetes/sdnc/charts/ueb-listener/values.yaml index 03fbf52f9b..9b7dcb054b 100644 --- a/kubernetes/sdnc/charts/ueb-listener/values.yaml +++ b/kubernetes/sdnc/charts/ueb-listener/values.yaml @@ -46,13 +46,13 @@ secrets: passwordPolicy: required - uid: odl-creds type: basicAuth - externalSecret: '{{ .Values.config.odlCredsExternalSecret }}' + externalSecret: '{{ tpl (default "" .Values.config.odlCredsExternalSecret) . }}' login: '{{ .Values.config.odlUser }}' password: '{{ .Values.config.odlPassword }}' passwordPolicy: required - uid: ueb-creds type: basicAuth - externalSecret: '{{ .Values.config.odlCredsExternalSecret }}' + externalSecret: '{{ tpl (default "" .Values.config.odlCredsExternalSecret) . }}' login: '{{ .Values.config.uebUser }}' password: '{{ .Values.config.uebPassword }}' passwordPolicy: required diff --git a/kubernetes/so/charts/so-bpmn-infra/templates/deployment.yaml b/kubernetes/so/charts/so-bpmn-infra/templates/deployment.yaml index c0ac078039..40b19871da 100755 --- a/kubernetes/so/charts/so-bpmn-infra/templates/deployment.yaml +++ b/kubernetes/so/charts/so-bpmn-infra/templates/deployment.yaml @@ -66,26 +66,14 @@ spec: name: {{ include "common.release" . }}-so-db-secrets key: mariadb.readwrite.port - name: DB_USERNAME - valueFrom: - secretKeyRef: - name: {{ include "common.release" . }}-so-db-secrets - key: mariadb.readwrite.rolename + {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-user-creds" "key" "login") | indent 10 }} - name: DB_PASSWORD - valueFrom: - secretKeyRef: - name: {{ include "common.release" . }}-so-db-secrets - key: mariadb.readwrite.password + {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-user-creds" "key" "password") | indent 10 }} - name: DB_ADMIN_USERNAME - valueFrom: - secretKeyRef: - name: {{ include "common.release" . }}-so-db-secrets - key: mariadb.admin.rolename + {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-admin-creds" "key" "login") | indent 10 }} - name: DB_ADMIN_PASSWORD - valueFrom: - secretKeyRef: - name: {{ include "common.release" . }}-so-db-secrets - key: mariadb.admin.password - {{- if eq .Values.global.security.aaf.enabled true }} + {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-admin-creds" "key" "password") | indent 10 }} + {{- if eq .Values.global.security.aaf.enabled true }} - name: TRUSTSTORE value: /app/org.onap.so.trust.jks - name: TRUSTSTORE_PASSWORD diff --git a/kubernetes/common/postgres-legacy/Chart.yaml b/kubernetes/so/charts/so-bpmn-infra/templates/secret.yaml index eff8e36eba..dee311c336 100644 --- a/kubernetes/common/postgres-legacy/Chart.yaml +++ b/kubernetes/so/charts/so-bpmn-infra/templates/secret.yaml @@ -1,4 +1,4 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada +# Copyright © 2020 Samsung Electronics # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -12,7 +12,4 @@ # See the License for the specific language governing permissions and # limitations under the License. -apiVersion: v1 -description: ONAP Postgres Server -name: postgres-legacy -version: 5.0.0 +{{ include "common.secret" . }} diff --git a/kubernetes/so/charts/so-bpmn-infra/values.yaml b/kubernetes/so/charts/so-bpmn-infra/values.yaml index a7925b79e5..357a8fd62c 100755 --- a/kubernetes/so/charts/so-bpmn-infra/values.yaml +++ b/kubernetes/so/charts/so-bpmn-infra/values.yaml @@ -24,12 +24,39 @@ global: mountPath: /dockerdata-nfs ################################################################# +# Secrets metaconfig +################################################################# +secrets: + - uid: db-user-creds + name: '{{ include "common.release" . }}-so-bpmn-infra-db-user-creds' + type: basicAuth + externalSecret: '{{ .Values.db.userCredsExternalSecret }}' + login: '{{ .Values.db.userName }}' + password: '{{ .Values.db.userPassword }}' + passwordPolicy: required + - uid: db-admin-creds + name: '{{ include "common.release" . }}-so-bpmn-infra-db-admin-creds' + type: basicAuth + externalSecret: '{{ .Values.db.adminCredsExternalSecret }}' + login: '{{ .Values.db.adminName }}' + password: '{{ .Values.db.adminPassword }}' + passwordPolicy: required + + +################################################################# # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 image: onap/so/bpmn-infra:1.5.3 pullPolicy: Always +db: + userName: so_user + userPassword: so_User123 + # userCredsExternalSecret: some secret + adminName: so_admin + adminPassword: so_Admin123 + # adminCredsExternalSecret: some secret replicaCount: 1 minReadySeconds: 10 containerPort: 8081 diff --git a/kubernetes/so/charts/so-openstack-adapter/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-openstack-adapter/resources/config/overrides/override.yaml index 4710fea218..ffebc4c794 100755 --- a/kubernetes/so/charts/so-openstack-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/charts/so-openstack-adapter/resources/config/overrides/override.yaml @@ -99,7 +99,8 @@ mso: auth: {{ include "helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.aaf.auth.encrypted "value2" .Values.mso.auth )}} logPath: ./logs/openstack msb-ip: msb-iag.{{ include "common.namespace" . }} - msb-port: 80 + msb-port: 443 + msb-scheme: https workflow: endpoint: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/sobpmnengine msoKey: {{ .Values.mso.msoKey }} diff --git a/kubernetes/common/postgres-legacy/charts/pgpool/Chart.yaml b/kubernetes/so/charts/so-ve-vnfm-adapter/Chart.yaml index e2818139fa..9ea7a7efc2 100644..100755 --- a/kubernetes/common/postgres-legacy/charts/pgpool/Chart.yaml +++ b/kubernetes/so/charts/so-ve-vnfm-adapter/Chart.yaml @@ -1,4 +1,4 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada +# Copyright © 2020 Samsung # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,6 +13,6 @@ # limitations under the License. apiVersion: v1 -description: ONAP Postgres Server -name: pgpool +description: ONAP SO VE VNFM Adapter (SOL002) +name: so-ve-vnfm-adapter version: 5.0.0 diff --git a/kubernetes/so/charts/so-ve-vnfm-adapter/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-ve-vnfm-adapter/resources/config/overrides/override.yaml new file mode 100755 index 0000000000..88d805d81e --- /dev/null +++ b/kubernetes/so/charts/so-ve-vnfm-adapter/resources/config/overrides/override.yaml @@ -0,0 +1,25 @@ +# Copyright © 2020 Samsung# Copyright © 2020 Samsung +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +server: + port: {{ (index .Values.service.ports 0).port }} + +vevnfmadapter: + endpoint: https://msb-iag:30283/api/{{ include "common.servicename" . }}/v1 + +aai: + endpoint: https://aai.{{ include "common.namespace" . }}:8443 + +dmaap: + endpoint: http://message-router.{{ include "common.namespace" . }}:3904 diff --git a/kubernetes/common/postgres-legacy/charts/pgpool/templates/configmap.yaml b/kubernetes/so/charts/so-ve-vnfm-adapter/templates/configmap.yaml index 099c8dd12e..e940811883 100755 --- a/kubernetes/common/postgres-legacy/charts/pgpool/templates/configmap.yaml +++ b/kubernetes/so/charts/so-ve-vnfm-adapter/templates/configmap.yaml @@ -1,4 +1,4 @@ -# Copyright © 2017 Amdocs, Bell Canada +# Copyright © 2020 Samsung # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -15,12 +15,17 @@ apiVersion: v1 kind: ConfigMap metadata: - name: {{ include "common.fullname" . }}-pgpool-configmap + name: {{ include "common.fullname" . }}-configmap namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} + labels: {{- include "common.labels" . | nindent 4 }} data: -{{ tpl (.Files.Glob "configs/*").AsConfig . | indent 2 }} + APP: {{ include "common.name" . }} +--- + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-app-configmap + namespace: {{ include "common.namespace" . }} + labels: {{- include "common.labels" . | nindent 4 }} +data: {{ tpl (.Files.Glob "resources/config/overrides/*").AsConfig . | nindent 2 }} diff --git a/kubernetes/so/charts/so-ve-vnfm-adapter/templates/deployment.yaml b/kubernetes/so/charts/so-ve-vnfm-adapter/templates/deployment.yaml new file mode 100755 index 0000000000..03b3441c93 --- /dev/null +++ b/kubernetes/so/charts/so-ve-vnfm-adapter/templates/deployment.yaml @@ -0,0 +1,69 @@ +# Copyright © 2020 Samsung +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: apps/v1 +kind: Deployment +metadata: {{- include "common.resourceMetadata" . | nindent 2 }} +spec: + selector: {{- include "common.selectors" . | nindent 4 }} + replicas: {{ index .Values.replicaCount }} + template: + metadata: + labels: {{- include "common.labels" . | nindent 8 }} + spec: + initContainers: + - name: {{ include "common.name" . }}-readiness + command: + - /root/ready.py + args: + - --container-name + - aai + - --container-name + - message-router + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: {{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + containers: + - name: {{ include "common.name" . }} + envFrom: + - configMapRef: + name: {{ include "common.fullname" . }}-configmap + image: {{ include "common.repository" . }}/{{ .Values.image }} + resources: {{ include "common.resources" . | nindent 12 }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - name: logs + mountPath: /app/logs + - name: config + mountPath: /app/config + readOnly: true + livenessProbe: + tcpSocket: + port: {{ index .Values.livenessProbe.port }} + initialDelaySeconds: {{ index .Values.livenessProbe.initialDelaySeconds}} + periodSeconds: {{ index .Values.livenessProbe.periodSeconds}} + successThreshold: {{ index .Values.livenessProbe.successThreshold}} + failureThreshold: {{ index .Values.livenessProbe.failureThreshold}} + ports: {{- include "common.containerPorts" . | nindent 10 }} + volumes: + - name: logs + emptyDir: {} + - name: config + configMap: + name: {{ include "common.fullname" . }}-app-configmap diff --git a/kubernetes/so/charts/so-ve-vnfm-adapter/templates/service.yaml b/kubernetes/so/charts/so-ve-vnfm-adapter/templates/service.yaml new file mode 100755 index 0000000000..f3ef1138b8 --- /dev/null +++ b/kubernetes/so/charts/so-ve-vnfm-adapter/templates/service.yaml @@ -0,0 +1,15 @@ +# Copyright © 2020 Samsung +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +{{ include "common.service" . }} diff --git a/kubernetes/so/charts/so-ve-vnfm-adapter/values.yaml b/kubernetes/so/charts/so-ve-vnfm-adapter/values.yaml new file mode 100755 index 0000000000..53106004a9 --- /dev/null +++ b/kubernetes/so/charts/so-ve-vnfm-adapter/values.yaml @@ -0,0 +1,68 @@ +# Copyright © 2020 Samsung +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +global: + repository: nexus3.onap.org:10001 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.2 + persistence: + mountPath: /dockerdata-nfs +image: onap/so/ve-vnfm-adapter:1.6.0 +pullPolicy: Always +replicaCount: 1 +service: + name: ve-vnfm-adapter + type: ClusterIP + annotations: + msb.onap.org/service-info: | + {{ if not .Values.global.msbDisabled -}}[ + { + "serviceName": "{{ include "common.servicename" . }}", + "version": "v1", + "url": "/", + "protocol": "REST", + "port": "{{ (index .Values.service.ports 0).port }}", + "visualRange": "1" + } + ]{{ end }} + ports: + - name: http + port: 9098 +flavor: small +resources: + small: + limits: + memory: 512Mi + cpu: 500m + requests: + memory: 256Mi + cpu: 250m + large: + limits: + memory: 8Gi + cpu: 4000m + requests: + memory: 2Gi + cpu: 1000m + unlimited: {} +livenessProbe: + port: 9098 + initialDelaySeconds: 600 + periodSeconds: 60 + timeoutSeconds: 10 + successThreshold: 1 + failureThreshold: 3 +nodeSelector: {} +tolerations: [] +affinity: {} diff --git a/kubernetes/uui/charts/uui-server/templates/service.yaml b/kubernetes/uui/charts/uui-server/templates/service.yaml index 353fb308dd..9c799cffec 100644 --- a/kubernetes/uui/charts/uui-server/templates/service.yaml +++ b/kubernetes/uui/charts/uui-server/templates/service.yaml @@ -30,7 +30,8 @@ metadata: "url": "/api/usecaseui-server/v1", "protocol": "REST", "port": "{{.Values.service.internalPort}}", - "visualRange":"1" + "visualRange":"1", + "enable_ssl": true } ]' spec: diff --git a/kubernetes/uui/charts/uui-server/values.yaml b/kubernetes/uui/charts/uui-server/values.yaml index e7856d3a4d..3da0bdf976 100644 --- a/kubernetes/uui/charts/uui-server/values.yaml +++ b/kubernetes/uui/charts/uui-server/values.yaml @@ -30,7 +30,7 @@ pullPolicy: Always # application configuration -msbaddr: msb-iag.{{include "common.namespace" .}}:80 +msbaddr: msb-iag.{{include "common.namespace" .}}:443 mraddr: message-router.{{include "common.namespace" .}}:3904 # flag to enable debugging - application support required @@ -85,10 +85,10 @@ resources: small: limits: cpu: 250m - memory: 250Mi + memory: 500Mi requests: cpu: 250m - memory: 250Mi + memory: 500Mi large: limits: cpu: 500m diff --git a/kubernetes/vid/values.yaml b/kubernetes/vid/values.yaml index e8d0595284..fb8f1a04f8 100644 --- a/kubernetes/vid/values.yaml +++ b/kubernetes/vid/values.yaml @@ -39,7 +39,7 @@ subChartsOnly: # application image repository: nexus3.onap.org:10001 -image: onap/vid:6.0.2 +image: onap/vid:6.0.3 pullPolicy: Always # mariadb image for initializing |