summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--kubernetes/common/common/templates/_strimzikafka.tpl4
-rw-r--r--kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl14
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/hv-ves-kafka-user.yaml47
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/hv-ves-topics.yaml79
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/kafkatopic.yaml16
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/kafkauser.yaml16
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml89
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/templates/deployment.yaml12
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/templates/kafkauser.yaml16
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/templates/ves-openapi-sdc-dist-kafka-user.yaml36
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/values.yaml44
-rw-r--r--kubernetes/dcaegen2-services/values.yaml8
-rw-r--r--kubernetes/robot/values.yaml2
-rw-r--r--kubernetes/strimzi/components/strimzi-kafka-bridge/resources/config/log4j2.properties38
-rw-r--r--kubernetes/strimzi/components/strimzi-kafka-bridge/templates/configmap.yaml24
-rw-r--r--kubernetes/strimzi/components/strimzi-kafka-bridge/templates/strimzi-kb.yaml6
-rw-r--r--kubernetes/strimzi/templates/strimzi-kafka-admin-user.yaml7
17 files changed, 207 insertions, 251 deletions
diff --git a/kubernetes/common/common/templates/_strimzikafka.tpl b/kubernetes/common/common/templates/_strimzikafka.tpl
index f8f562e223..a2e9c90a4f 100644
--- a/kubernetes/common/common/templates/_strimzikafka.tpl
+++ b/kubernetes/common/common/templates/_strimzikafka.tpl
@@ -112,7 +112,11 @@ spec:
apiVersion: kafka.strimzi.io/v1beta2
kind: KafkaTopic
metadata:
+ {{- if (hasKey $topic "strimziTopicName") }}
+ name: {{ ($topic.strimziTopicName) }}-kt
+ {{- else }}
name: {{ ($topic.name) | lower }}-kt
+ {{- end }}
labels:
strimzi.io/cluster: {{ include "common.release" $ }}-strimzi
spec:
diff --git a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl
index 3b68ad52de..6713031d9a 100644
--- a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl
+++ b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl
@@ -60,11 +60,19 @@ the the literal string "An example value".
- name: {{ $envName }}
value: {{ tpl $envValue $global | quote }}
{{- else }}
- {{ if or (not $envValue.secretUid) (not $envValue.key) }}
- {{ fail (printf "Env %s definition is not a string and does not contain secretUid or key fields" $envName) }}
- {{- end }}
+ {{- if and (hasKey $envValue "externalSecret") ($envValue.externalSecret) }}
+- name: {{ $envName }}
+ valueFrom:
+ secretKeyRef:
+ name: {{ tpl $envValue.externalSecretUid $global | quote }}
+ key: {{ tpl $envValue.key $global | quote }}
+ {{- else }}
+ {{ if or (not $envValue.secretUid) (not $envValue.key) }}
+ {{ fail (printf "Env %s definition is not a string and does not contain secretUid or key fields" $envName) }}
+ {{- end }}
- name: {{ $envName }}
{{- include "common.secret.envFromSecretFast" (dict "global" $global "uid" $envValue.secretUid "key" $envValue.key) | indent 2 }}
+ {{- end }}
{{- end -}}
{{- end }}
{{- end }}
diff --git a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/hv-ves-kafka-user.yaml b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/hv-ves-kafka-user.yaml
deleted file mode 100644
index ff977aaa32..0000000000
--- a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/hv-ves-kafka-user.yaml
+++ /dev/null
@@ -1,47 +0,0 @@
-{{/*
-# Copyright © 2022 Nordix Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-apiVersion: kafka.strimzi.io/v1beta2
-kind: KafkaUser
-metadata:
- name: {{ include "common.release" . }}-{{ .Values.hvVesKafkaUser }}
- labels:
- strimzi.io/cluster: {{ include "common.release" . }}-strimzi
-spec:
- authentication:
- type: scram-sha-512
- authorization:
- type: simple
- acls:
- - resource:
- type: topic
- name: {{ index .Values "applicationConfig" "streams_publishes" "ves-3gpp-fault-supervision" "kafka_info" "topic_name" }}
- operation: Write
- - resource:
- type: topic
- name: {{ index .Values "applicationConfig" "streams_publishes" "ves-3gpp-provisioning" "kafka_info" "topic_name" }}
- operation: Write
- - resource:
- type: topic
- name: {{ index .Values "applicationConfig" "streams_publishes" "ves-3gpp-heartbeat" "kafka_info" "topic_name" }}
- operation: Write
- - resource:
- type: topic
- name: {{ index .Values "applicationConfig" "streams_publishes" "ves-3gpp-performance-assurance" "kafka_info" "topic_name" }}
- operation: Write
- - resource:
- type: topic
- name: {{ .Values.applicationConfig.streams_publishes.perf3gpp.kafka_info.topic_name }}
- operation: Write
diff --git a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/hv-ves-topics.yaml b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/hv-ves-topics.yaml
deleted file mode 100644
index e40775833a..0000000000
--- a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/hv-ves-topics.yaml
+++ /dev/null
@@ -1,79 +0,0 @@
-{{/*
-# Copyright © 2022 Nordix Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-apiVersion: kafka.strimzi.io/v1beta2
-kind: KafkaTopic
-metadata:
- name: ves-3gpp-fault-supervision
- labels:
- strimzi.io/cluster: {{ include "common.release" . }}-strimzi
-spec:
- topicName: {{ index .Values "applicationConfig" "streams_publishes" "ves-3gpp-fault-supervision" "kafka_info" "topic_name" }}
- partitions: 10
- config:
- retention.ms: 7200000
- segment.bytes: 1073741824
----
-apiVersion: kafka.strimzi.io/v1beta2
-kind: KafkaTopic
-metadata:
- name: ves-3gpp-provisioning
- labels:
- strimzi.io/cluster: {{ include "common.release" . }}-strimzi
-spec:
- topicName: {{ index .Values "applicationConfig" "streams_publishes" "ves-3gpp-provisioning" "kafka_info" "topic_name" }}
- partitions: 10
- config:
- retention.ms: 7200000
- segment.bytes: 1073741824
----
-apiVersion: kafka.strimzi.io/v1beta2
-kind: KafkaTopic
-metadata:
- name: ves-3gpp-heartbeat
- labels:
- strimzi.io/cluster: {{ include "common.release" . }}-strimzi
-spec:
- topicName: {{ index .Values "applicationConfig" "streams_publishes" "ves-3gpp-heartbeat" "kafka_info" "topic_name" }}
- partitions: 10
- config:
- retention.ms: 7200000
- segment.bytes: 1073741824
----
-apiVersion: kafka.strimzi.io/v1beta2
-kind: KafkaTopic
-metadata:
- name: ves-3gpp-performance-assurance
- labels:
- strimzi.io/cluster: {{ include "common.release" . }}-strimzi
-spec:
- topicName: {{ index .Values "applicationConfig" "streams_publishes" "ves-3gpp-performance-assurance" "kafka_info" "topic_name" }}
- partitions: 10
- config:
- retention.ms: 7200000
- segment.bytes: 1073741824
----
-apiVersion: kafka.strimzi.io/v1beta2
-kind: KafkaTopic
-metadata:
- name: perf3gpp
- labels:
- strimzi.io/cluster: {{ include "common.release" . }}-strimzi
-spec:
- topicName: {{ .Values.applicationConfig.streams_publishes.perf3gpp.kafka_info.topic_name }}
- partitions: 10
- config:
- retention.ms: 7200000
- segment.bytes: 1073741824
diff --git a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/kafkatopic.yaml b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/kafkatopic.yaml
new file mode 100644
index 0000000000..d1d21a6dbc
--- /dev/null
+++ b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/kafkatopic.yaml
@@ -0,0 +1,16 @@
+{{/*
+# Copyright © 2023 Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+{{ include "common.kafkatopic" . }}
diff --git a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/kafkauser.yaml b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/kafkauser.yaml
new file mode 100644
index 0000000000..6fc37c3d01
--- /dev/null
+++ b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/kafkauser.yaml
@@ -0,0 +1,16 @@
+{{/*
+# Copyright © 2023 Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+{{ include "common.kafkauser" . }}
diff --git a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml
index 351998a725..482d88e883 100644
--- a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml
@@ -2,7 +2,7 @@
# ================================================================================
# Copyright (c) 2021-2022 J. F. Lucas. All rights reserved.
# Copyright (c) 2021-2022 Nokia. All rights reserved.
-# Copyright © 2022 Nordix Foundation
+# Modifications Copyright (C) 2022-2023 Nordix Foundation.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -45,6 +45,9 @@ certPostProcessorImage: onap/org.onap.oom.platform.cert-service.oom-certservice-
image: onap/org.onap.dcaegen2.collectors.hv-ves.hv-collector-main:1.11.0
pullPolicy: Always
+commonName: &commonName dcae-hv-ves-collector
+containerPort: &containerPort 6061
+
# log directory where logging sidecar should look for log files
# if path is set to null sidecar won't be deployed in spite of
# global.centralizedLoggingEnabled setting.
@@ -61,17 +64,6 @@ certDirectory: /etc/ves-hv/ssl
# and key from AAF and mount them in certDirectory.
tlsServer: false
-secrets:
- - uid: hv-ves-kafka-secret
- externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}'
- type: genericKV
- envs:
- - name: sasl.jaas.config
- value: '{{ .Values.config.someConfig }}'
- policy: generate
-config:
- someConfig: blah
-
# CMPv2 certificate
# It is used only when:
# - certDirectory is set
@@ -81,9 +73,9 @@ config:
useCmpv2Certificates: false
certificates:
- mountPath: /etc/ves-hv/ssl/external
- commonName: dcae-hv-ves-collector
+ commonName: *commonName
dnsNames:
- - dcae-hv-ves-collector
+ - *commonName
- hv-ves-collector
- hv-ves
keystore:
@@ -106,16 +98,16 @@ readiness:
# since there are problems receiving binary data via the sidecar
# the service port is excluded in the sidecar processing
podAnnotations:
- traffic.sidecar.istio.io/excludeInboundPorts: "6061"
+ traffic.sidecar.istio.io/excludeInboundPorts: '6061'
traffic.sidecar.istio.io/includeInboundPorts: '*'
# service configuration
service:
type: NodePort
- name: dcae-hv-ves-collector
+ name: *commonName
ports:
- name: tcp
- port: 6061
+ port: *containerPort
port_protocol: tcp
app_protocol: tcp
nodePort: 22
@@ -124,19 +116,16 @@ ingress:
enabled: false
service:
- baseaddr: "dcae-hv-ves-collector-api"
- name: "dcae-hv-ves-collector"
- port: 6061
+ name: *commonName
+ port: *containerPort
config:
ssl: "redirect"
-#strimzi kafka config
-hvVesKafkaUser: dcae-hv-ves-kafka-user
-
# initial application configuration
applicationConfig:
logLevel: INFO
server.idleTimeoutSec: 300
- server.listenPort: 6061
+ server.listenPort: *containerPort
cbs.requestIntervalSec: 5
security.sslDisable: true
security.keys.keyStoreFile: /etc/ves-hv/ssl/cert.jks
@@ -145,40 +134,70 @@ applicationConfig:
security.keys.trustStorePasswordFile: /etc/ves-hv/ssl/trust.pass
streams_publishes:
ves-3gpp-fault-supervision:
- type: kafka
+ type: ${MESSAGING_TYPE}
kafka_info:
bootstrap_servers: ${KAFKA_BOOTSTRAP_SERVERS}
- topic_name: SEC_3GPP_FAULTSUPERVISION_OUTPUT
+ topic_name: &ves3gppFaultSupervision SEC_3GPP_FAULTSUPERVISION_OUTPUT
ves-3gpp-provisioning:
- type: kafka
+ type: ${MESSAGING_TYPE}
kafka_info:
bootstrap_servers: ${KAFKA_BOOTSTRAP_SERVERS}
- topic_name: SEC_3GPP_PROVISIONING_OUTPUT
+ topic_name: &ves3gppProvisioning SEC_3GPP_PROVISIONING_OUTPUT
ves-3gpp-heartbeat:
- type: kafka
+ type: ${MESSAGING_TYPE}
kafka_info:
bootstrap_servers: ${KAFKA_BOOTSTRAP_SERVERS}
- topic_name: SEC_3GPP_HEARTBEAT_OUTPUT
+ topic_name: &ves3gppHeartbeat SEC_3GPP_HEARTBEAT_OUTPUT
ves-3gpp-performance-assurance:
- type: kafka
+ type: ${MESSAGING_TYPE}
kafka_info:
bootstrap_servers: ${KAFKA_BOOTSTRAP_SERVERS}
- topic_name: SEC_3GPP_PERFORMANCEASSURANCE_OUTPUT
+ topic_name: &ves3gppPerformanceAssurance SEC_3GPP_PERFORMANCEASSURANCE_OUTPUT
perf3gpp:
- type: kafka
+ type: ${MESSAGING_TYPE}
kafka_info:
bootstrap_servers: ${KAFKA_BOOTSTRAP_SERVERS}
- topic_name: HV_VES_PERF3GPP
+ topic_name: &perf3gpp HV_VES_PERF3GPP
+
+# Strimzi Kafka config
+kafkaUser:
+ acls:
+ - name: SEC_3GPP
+ type: topic
+ patternType: prefix
+ operations: [Write, DescribeConfigs]
+ - name: *perf3gpp
+ type: topic
+ operations: [Write, DescribeConfigs]
+
+kafkaTopic:
+ - name: *ves3gppFaultSupervision
+ strimziTopicName: dcae-ves-3gpp-fault-supervision
+ # the default retention values below can be updated
+ # to meet use case requirements for each topic.
+ retentionMs: 7200000
+ segmentBytes: 1073741824
+ - name: *ves3gppProvisioning
+ strimziTopicName: dcae-ves-3gpp-provisioning
+ - name: *ves3gppHeartbeat
+ strimziTopicName: dcae-ves-3gpp-heartbeat
+ - name: *ves3gppPerformanceAssurance
+ strimziTopicName: dcae-ves-3gpp-performance-assurance
+ - name: *perf3gpp
+ strimziTopicName: dcae-ves-3gpp-perf
+
applicationEnv:
JAVA_OPTS: '-Dlogback.configurationFile=/etc/ONAP/dcae-hv-ves-collector/logback.xml'
CBS_CLIENT_CONFIG_PATH: '/app-config-input/application_config.yaml'
#Temporary Dummy CBS Port Value until internal SDK library is updated
CONFIG_BINDING_SERVICE_SERVICE_PORT: '0000'
+ MESSAGING_TYPE: 'kafka'
KAFKA_BOOTSTRAP_SERVERS: '{{ include "common.release" . }}-strimzi-kafka-bootstrap:9092'
USE_SCRAM: 'true'
JAAS_CONFIG:
- secretUid: hv-ves-kafka-secret
+ externalSecret: true
+ externalSecretUid: '{{ include "common.name" . }}-ku'
key: sasl.jaas.config
# Resource Limit flavor -By Default using small
@@ -203,6 +222,6 @@ resources:
#Pods Service Account
serviceAccount:
- nameOverride: dcae-hv-ves-collector
+ nameOverride: *commonName
roles:
- read
diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/templates/deployment.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/templates/deployment.yaml
index 25658390b2..368c9d35d5 100644
--- a/kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/templates/deployment.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/templates/deployment.yaml
@@ -2,6 +2,7 @@
#============LICENSE_START========================================================
# ================================================================================
# Copyright (c) 2021 Nokia. All rights reserved.
+# Modifications Copyright © 2023 Nordix Foundation.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -46,15 +47,14 @@ spec:
{{ end }}
env:
- name: SDC_ADDRESS
- value: {{ .Values.externalServices.sdc_be_https }}
+ value: sdc-be.{{include "common.namespace" .}}:8080
- name: SCHEMA_MAP_PATH
value: {{ .Values.schemaMap.directory }}/{{ .Values.schemaMap.filename }}
- - name: SECURITY_PROTOCOL
- value: {{ .Values.config.kafka.securityProtocol }}
- - name: SASL_MECHANISM
- value: {{ .Values.config.kafka.saslMechanism }}
- name: SASL_JAAS_CONFIG
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "ves-openapi-kafka-secret" "key" "sasl.jaas.config") | indent 12 }}
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "common.name" . }}-ku
+ key: sasl.jaas.config
volumeMounts:
- name: schema-map
mountPath: {{ .Values.schemaMap.directory }}
diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/templates/kafkauser.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/templates/kafkauser.yaml
new file mode 100644
index 0000000000..6fc37c3d01
--- /dev/null
+++ b/kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/templates/kafkauser.yaml
@@ -0,0 +1,16 @@
+{{/*
+# Copyright © 2023 Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+{{ include "common.kafkauser" . }}
diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/templates/ves-openapi-sdc-dist-kafka-user.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/templates/ves-openapi-sdc-dist-kafka-user.yaml
deleted file mode 100644
index 3f9d0ca123..0000000000
--- a/kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/templates/ves-openapi-sdc-dist-kafka-user.yaml
+++ /dev/null
@@ -1,36 +0,0 @@
-{{/*
-# Copyright © 2022 Nordix Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-apiVersion: kafka.strimzi.io/v1beta2
-kind: KafkaUser
-metadata:
- name: {{ include "common.release" . }}-{{ .Values.vesOpenApiKafkaUser }}
- labels:
- strimzi.io/cluster: {{ include "common.release" . }}-strimzi
-spec:
- authentication:
- type: {{ .Values.config.kafka.saslMechanism | lower }}
- authorization:
- type: {{ .Values.config.kafka.authType }}
- acls:
- - resource:
- type: group
- name: {{ .Values.config.kafka.sdcTopic.consumerGroup }}
- operation: Read
- - resource:
- type: topic
- patternType: prefix
- name: {{ .Values.config.kafka.sdcTopic.pattern }}
- operation: All
diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/values.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/values.yaml
index d2f73e6814..2327ac310b 100644
--- a/kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/values.yaml
@@ -1,6 +1,7 @@
#============LICENSE_START========================================================
#=================================================================================
# Copyright (c) 2021-2022 Nokia. All rights reserved.
+# Modifications Copyright © 2023 Nordix Foundation.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -18,41 +19,14 @@
# Global values
global:
pullPolicy: Always
-image: onap/org.onap.dcaegen2.platform.ves-openapi-manager:1.3.0
+image: onap/org.onap.dcaegen2.platform.ves-openapi-manager:1.3.1
containerPort: &svc_port 8080
-secrets:
- - uid: ves-openapi-kafka-secret
- externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}'
- type: genericKV
- envs:
- - name: sasl.jaas.config
- value: '{{ .Values.config.someConfig }}'
- policy: generate
-
-# application configuration
-config:
- someConfig: blah
- kafka:
- bootstrapServer: strimzi-kafka-bootstrap:9092
- securityProtocol: SASL_PLAINTEXT
- saslMechanism: SCRAM-SHA-512
- authType: simple
- sdcTopic:
- pattern: SDC-DIST
- consumerGroup: dcaegen2
- clientId: ves-openapi-manager
-
-vesOpenApiKafkaUser: ves-open-api-kafka-user
-
service:
ports:
- name: &port http
port: *svc_port
-externalServices:
- sdc_be_https: "sdc-be:8080"
-
schemaMap:
filename: "schema-map.json"
directory: "/app/mappings"
@@ -104,12 +78,24 @@ applicationConfig:
eventSchemaReferencePath: /event/structure/stndDefinedFields/structure/schemaReference/value
distribution:
sdcAddress: ${SDC_ADDRESS:sdc-be.onap:8080}
+ isUseHttpsWithSDC: false
user: dcae
password: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
pollingInterval: 20
pollingTimeout: 20
consumerGroup: dcaegen2
environmentName: AUTO
- consumerID: ves-openapi-manager
+ consumerID: dcae-ves-openapi-manager
activateServerTLSAuth: false
isFilterInEmptyResources: false
+
+# Strimzi KafkaUser config
+kafkaUser:
+ acls:
+ - name: dcaegen2
+ type: group
+ operations: [Read]
+ - name: SDC-DISTR
+ type: topic
+ patternType: prefix
+ operations: [Read, Write] \ No newline at end of file
diff --git a/kubernetes/dcaegen2-services/values.yaml b/kubernetes/dcaegen2-services/values.yaml
index a73fceb529..ba3607f047 100644
--- a/kubernetes/dcaegen2-services/values.yaml
+++ b/kubernetes/dcaegen2-services/values.yaml
@@ -1,6 +1,6 @@
# Copyright (c) 2021 J. F. Lucas. All rights reserved.
# Copyright (c) 2021 AT&T. All rights reserved.
-# Modifications Copyright (C) 2021 Nordix Foundation.
+# Modifications Copyright (C) 2021-2023 Nordix Foundation.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -16,8 +16,6 @@
global:
centralizedLoggingEnabled: true
- hvVesKafkaUser: dcae-hv-ves-kafka-user
- vesOpenApiKafkaUser: ves-open-api-kafka-user
#################################################################
# Filebeat Configuration Defaults.
@@ -30,8 +28,6 @@ filebeatConfig:
# Control deployment of DCAE microservices at ONAP installation time
dcae-ves-openapi-manager:
enabled: true
- config:
- jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.vesOpenApiKafkaUser }}'
dcae-datafile-collector:
enabled: false
logConfigMapNamePrefix: '{{ include "common.release" . }}-dcaegen2-services'
@@ -50,8 +46,6 @@ dcae-heartbeat:
dcae-hv-ves-collector:
enabled: true
logConfigMapNamePrefix: '{{ include "common.release" . }}-dcaegen2-services'
- config:
- jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.hvVesKafkaUser }}'
dcae-kpi-ms:
enabled: false
logConfigMapNamePrefix: '{{ include "common.release" . }}-dcaegen2-services'
diff --git a/kubernetes/robot/values.yaml b/kubernetes/robot/values.yaml
index 599234e25d..e87a76d137 100644
--- a/kubernetes/robot/values.yaml
+++ b/kubernetes/robot/values.yaml
@@ -130,8 +130,6 @@ config:
enabled: false
policy_apex_pdp:
enabled: false
- policy_distribution:
- enabled: false
portal_app:
enabled: false
https: true
diff --git a/kubernetes/strimzi/components/strimzi-kafka-bridge/resources/config/log4j2.properties b/kubernetes/strimzi/components/strimzi-kafka-bridge/resources/config/log4j2.properties
new file mode 100644
index 0000000000..e6ad8e0920
--- /dev/null
+++ b/kubernetes/strimzi/components/strimzi-kafka-bridge/resources/config/log4j2.properties
@@ -0,0 +1,38 @@
+name=BridgeConfig
+
+appender.console.type=Console
+appender.console.name=STDOUT
+
+appender.console.layout.type = PatternLayout
+appender.console.layout.pattern = [%d] %-5p <%-12.12c{1}:%L> [%-12.12t] %m%n
+
+# Alternate JSONLayout pattern config
+#appender.console.layout.type=JSONLayout
+#appender.console.layout.compact=true
+#appender.console.layout.eventEol=true
+#appender.console.layout.complete=true
+#appender.console.layout.properties=false
+#appender.console.layout.propertiesAsList=false
+#appender.console.layout.locationInfo=true
+#appender.console.layout.includeStacktrace=true
+#appender.console.layout.stacktraceAsString=true
+#appender.console.layout.includeNullDelimiter=false
+#appender.console.layout.objectMessageAsJsonObject=true
+
+rootLogger.level=INFO
+rootLogger.appenderRefs=console
+rootLogger.appenderRef.console.ref=STDOUT
+rootLogger.additivity=false
+
+logger.bridge.name=io.strimzi.kafka.bridge
+logger.bridge.level=INFO
+logger.bridge.appenderRefs=console
+logger.bridge.appenderRef.console.ref=STDOUT
+logger.bridge.additivity=false
+
+logger.healthy.name=http.openapi.operation.healthy
+logger.healthy.level=WARN
+logger.ready.name=http.openapi.operation.ready
+logger.ready.level=WARN
+
+monitorInterval=30
diff --git a/kubernetes/strimzi/components/strimzi-kafka-bridge/templates/configmap.yaml b/kubernetes/strimzi/components/strimzi-kafka-bridge/templates/configmap.yaml
new file mode 100644
index 0000000000..25fbf3df77
--- /dev/null
+++ b/kubernetes/strimzi/components/strimzi-kafka-bridge/templates/configmap.yaml
@@ -0,0 +1,24 @@
+{{/*
+# Copyright © 2023 Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-kb-logging-cm
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/config/log4j2.properties").AsConfig . | indent 2 }}
+
diff --git a/kubernetes/strimzi/components/strimzi-kafka-bridge/templates/strimzi-kb.yaml b/kubernetes/strimzi/components/strimzi-kafka-bridge/templates/strimzi-kb.yaml
index 3abb04af10..7788dc145a 100644
--- a/kubernetes/strimzi/components/strimzi-kafka-bridge/templates/strimzi-kb.yaml
+++ b/kubernetes/strimzi/components/strimzi-kafka-bridge/templates/strimzi-kb.yaml
@@ -28,3 +28,9 @@ spec:
enableMetrics: {{ .Values.config.enableMetrics }}
http:
port: {{ .Values.config.port }}
+ logging:
+ type: external
+ valueFrom:
+ configMapKeyRef:
+ key: log4j2.properties
+ name: {{ include "common.fullname" . }}-kb-logging-cm
diff --git a/kubernetes/strimzi/templates/strimzi-kafka-admin-user.yaml b/kubernetes/strimzi/templates/strimzi-kafka-admin-user.yaml
index c1bf4b8b14..4532777f9e 100644
--- a/kubernetes/strimzi/templates/strimzi-kafka-admin-user.yaml
+++ b/kubernetes/strimzi/templates/strimzi-kafka-admin-user.yaml
@@ -22,10 +22,3 @@ metadata:
spec:
authentication:
type: {{ .Values.config.saslMechanism }}
- authorization:
- type: {{ .Values.config.authType }}
- acls:
- - resource:
- type: group
- name: onap-group
- operation: Read \ No newline at end of file