diff options
9 files changed, 73 insertions, 29 deletions
diff --git a/kubernetes/common/common/templates/_ingress.tpl b/kubernetes/common/common/templates/_ingress.tpl index 7823c544f3..c3c744358c 100644 --- a/kubernetes/common/common/templates/_ingress.tpl +++ b/kubernetes/common/common/templates/_ingress.tpl @@ -1,5 +1,6 @@ {{- define "ingress.config.port" -}} {{- if .Values.ingress -}} +{{- if .Values.global.ingress -}} {{- if or (not .Values.global.ingress.virtualhost) (not .Values.global.ingress.virtualhost.enabled) -}} - http: paths: @@ -27,6 +28,7 @@ {{- end -}} {{- end -}} {{- end -}} +{{- end -}} {{- define "ingress.config.annotations.ssl" -}} @@ -55,11 +57,27 @@ nginx.ingress.kubernetes.io/ssl-redirect: "false" {{ include "ingress.config.annotations.ssl" . | indent 4 | trim }} {{- end -}} +{{- define "common.ingress._overrideIfDefined" -}} + {{- $currValue := .currVal }} + {{- $parent := .parent }} + {{- $var := .var }} + {{- if $parent -}} + {{- if hasKey $parent $var }} + {{- default "" (index $parent $var) }} + {{- else -}} + {{- default "" $currValue -}} + {{- end -}} + {{- else -}} + {{- default "" $currValue }} + {{- end -}} +{{- end -}} {{- define "common.ingress" -}} {{- if .Values.ingress -}} -{{- if .Values.global.ingress -}} -{{- if and .Values.ingress.enabled .Values.global.ingress.enabled -}} + {{- $ingressEnabled := default false .Values.ingress.enabled -}} + {{- $ingressEnabled := include "common.ingress._overrideIfDefined" (dict "currVal" $ingressEnabled "parent" (default (dict) .Values.global.ingress) "var" "enabled") }} + {{- $ingressEnabled := include "common.ingress._overrideIfDefined" (dict "currVal" $ingressEnabled "parent" .Values.ingress "var" "enabledOverride") }} + {{- if $ingressEnabled }} apiVersion: extensions/v1beta1 kind: Ingress metadata: @@ -81,4 +99,3 @@ spec: {{- end -}} {{- end -}} {{- end -}} -{{- end -}}
\ No newline at end of file diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml index 3ecdff7d5d..60a8d912f7 100644 --- a/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml +++ b/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml @@ -104,9 +104,9 @@ componentImages: holmes_rules: onap/holmes/rule-management:1.2.7 holmes_engine: onap/holmes/engine-management:1.2.6 tca: onap/org.onap.dcaegen2.deployments.tca-cdap-container:1.1.2 - ves: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.4.5 + ves: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.5.2 snmptrap: onap/org.onap.dcaegen2.collectors.snmptrap:1.4.0 - prh: onap/org.onap.dcaegen2.services.prh.prh-app-server:1.3.2 + prh: onap/org.onap.dcaegen2.services.prh.prh-app-server:1.5.0 hv_ves: onap/org.onap.dcaegen2.collectors.hv-ves.hv-collector-main:1.3.0 # Resource Limit flavor -By Default using small diff --git a/kubernetes/dcaegen2/components/dcae-redis/values.yaml b/kubernetes/dcaegen2/components/dcae-redis/values.yaml index 0b342e81bb..3daa740312 100644 --- a/kubernetes/dcaegen2/components/dcae-redis/values.yaml +++ b/kubernetes/dcaegen2/components/dcae-redis/values.yaml @@ -36,7 +36,7 @@ pullPolicy: Always config: {} # default number of instances -replicaCount: 6 +replicaCount: 3 nodeSelector: {} @@ -59,16 +59,14 @@ service: #Example service definition with external, internal and node ports. #Services may use any combination of ports depending on the 'type' of #service being defined. - type: NodePort + type: ClusterIP name: dcae-redis portName: client externalPort: 6379 internalPort: 6379 - nodePort: 86 portName2: gossip externalPort2: 16379 internalPort2: 16379 - nodePort2: 87 ## Persist data to a persitent volume persistence: diff --git a/kubernetes/modeling/charts/modeling-etsicatalog/templates/deployment.yaml b/kubernetes/modeling/charts/modeling-etsicatalog/templates/deployment.yaml index d8790e7d5b..a2e03b8bf6 100644 --- a/kubernetes/modeling/charts/modeling-etsicatalog/templates/deployment.yaml +++ b/kubernetes/modeling/charts/modeling-etsicatalog/templates/deployment.yaml @@ -49,6 +49,11 @@ spec: name: {{ include "common.name" . }}-readiness containers: - name: {{ include "common.name" . }} + command: + - bash + args: + - -c + - 'MYSQL_AUTH=root:${MYSQL_ROOT_PASSWORD} ./docker-entrypoint.sh' image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} ports: @@ -68,14 +73,14 @@ spec: initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} env: - - name: MSB_ADDR - value: "{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}" - - name: MYSQL_ADDR - value: "{{ .Values.config.dbServiceName }}:{{ .Values.config.dbPort }}" - - name: MYSQL_AUTH - value: "{{ .Values.config.dbUser }}:{{ index .Values "mariadb-galera" "config" "mariadbRootPassword" }}" - - name: REDIS_ADDR - value: "{{ .Values.global.config.redisServiceName }}:{{ .Values.global.config.redisPort }}" + - name: MSB_ADDR + value: "{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}" + - name: MYSQL_ADDR + value: {{ (index .Values "mariadb-galera" "service" "name") }}:{{ (index .Values "mariadb-galera" "service" "internalPort") }} + - name: MYSQL_ROOT_PASSWORD + {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-root-pass" "key" "password") | indent 12}} + - name: REDIS_ADDR + value: "{{ .Values.global.config.redisServiceName }}:{{ .Values.global.config.redisPort }}" volumeMounts: - name: {{ include "common.fullname" . }}-etsicatalog mountPath: /service/modeling/etsicatalog/static diff --git a/kubernetes/modeling/charts/modeling-etsicatalog/templates/secrets.yaml b/kubernetes/modeling/charts/modeling-etsicatalog/templates/secrets.yaml new file mode 100644 index 0000000000..d053c484be --- /dev/null +++ b/kubernetes/modeling/charts/modeling-etsicatalog/templates/secrets.yaml @@ -0,0 +1,15 @@ +# Copyright (c) 2020 Samsung Electronics +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +{{ include "common.secret" . }} diff --git a/kubernetes/modeling/charts/modeling-etsicatalog/values.yaml b/kubernetes/modeling/charts/modeling-etsicatalog/values.yaml index 2244d5f3d9..bb5a76b0ee 100644 --- a/kubernetes/modeling/charts/modeling-etsicatalog/values.yaml +++ b/kubernetes/modeling/charts/modeling-etsicatalog/values.yaml @@ -32,16 +32,23 @@ global: mountPath: /dockerdata-nfs ################################################################# +# Secrets metaconfig +################################################################# +secrets: + - uid: "db-root-pass" + externalSecret: '{{- include "common.mariadb.secret.rootPassSecretName" (dict "dot" . "chartName" (index .Values "mariadb-galera" "nameOverride")) }}' + type: password + +################################################################# # Dependencies configuration ################################################################# mariadb-galera: - config: - mariadbRootPassword: secretpassword nameOverride: modeling-mariadb service: name: modeling-db portName: modeling-db + internalPort: 3306 nfsprovisionerPrefix: modeling persistence: mountSubPath: modeling/data @@ -64,12 +71,6 @@ istioSidecar: true # flag to enable debugging - application support required debugEnabled: false -# application configuration -config: - dbServiceName: modeling-db - dbPort: 3306 - dbUser: root - # default number of instances replicaCount: 1 diff --git a/kubernetes/multicloud/templates/deployment.yaml b/kubernetes/multicloud/templates/deployment.yaml index c6d6897bce..ed74032e85 100644 --- a/kubernetes/multicloud/templates/deployment.yaml +++ b/kubernetes/multicloud/templates/deployment.yaml @@ -39,6 +39,8 @@ spec: spec: containers: - env: + - name: MSB_PROTO + value: {{ .Values.config.msbprotocol }}.{{ include "common.namespace" . }} - name: MSB_ADDR value: {{ .Values.config.msbgateway }}.{{ include "common.namespace" . }} - name: MSB_PORT @@ -53,6 +55,8 @@ spec: value: "{{ .Values.config.aai.username }}" - name: AAI_PASSWORD value: "{{ .Values.config.aai.password }}" + - name: SSL_ENABLED + value: "{{ .Values.config.ssl_enabled }}" resources: {{ include "common.resources" . | indent 12 }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" @@ -76,7 +80,7 @@ spec: httpGet: path: /api/multicloud/v0/swagger.json port: {{ .Values.service.internalPort }} - scheme: HTTP + scheme: HTTPS initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} diff --git a/kubernetes/multicloud/templates/service.yaml b/kubernetes/multicloud/templates/service.yaml index 216ba047cf..12bbb298b8 100644 --- a/kubernetes/multicloud/templates/service.yaml +++ b/kubernetes/multicloud/templates/service.yaml @@ -33,6 +33,7 @@ metadata: "url": "/api/multicloud/v0", "protocol": "REST", "port": "{{ .Values.service.externalPort }}", + "enable_ssl": "{{ .Values.config.ssl_enabled }}", "visualRange": "1" }, { @@ -41,6 +42,7 @@ metadata: "url": "/api/multicloud/v1", "protocol": "REST", "port": "{{ .Values.service.externalPort }}", + "enable_ssl": "{{ .Values.config.ssl_enabled }}", "visualRange": "1" } ]' diff --git a/kubernetes/multicloud/values.yaml b/kubernetes/multicloud/values.yaml index 645b826efb..d075291db2 100644 --- a/kubernetes/multicloud/values.yaml +++ b/kubernetes/multicloud/values.yaml @@ -20,7 +20,7 @@ global: nodePortPrefix: 302 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 - artifactImage: onap/multicloud/framework-artifactbroker:1.4.2 + artifactImage: onap/multicloud/framework-artifactbroker:1.5.1 prometheus: enabled: false persistence: {} @@ -30,7 +30,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/multicloud/framework:1.4.2 +image: onap/multicloud/framework:1.5.1 pullPolicy: Always #Istio sidecar injection policy @@ -38,8 +38,10 @@ istioSidecar: true # application configuration config: + ssl_enabled: true + msbprotocol: https msbgateway: msb-iag - msbPort: 80 + msbPort: 443 logstashServiceName: log-ls logstashPort: 5044 aai: |