aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--kubernetes/cds/values.yaml120
-rw-r--r--kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl61
-rw-r--r--kubernetes/sdc/components/sdc-helm-validator/Chart.yaml20
-rw-r--r--kubernetes/sdc/components/sdc-helm-validator/requirements.yaml23
-rw-r--r--kubernetes/sdc/components/sdc-helm-validator/templates/deployment.yaml44
-rw-r--r--kubernetes/sdc/components/sdc-helm-validator/templates/service.yaml19
-rw-r--r--kubernetes/sdc/components/sdc-helm-validator/values.yaml58
-rw-r--r--kubernetes/sdc/requirements.yaml4
-rw-r--r--kubernetes/sdc/values.yaml2
-rwxr-xr-xkubernetes/so/components/so-bpmn-infra/values.yaml2
-rwxr-xr-xkubernetes/so/components/so-catalog-db-adapter/values.yaml2
-rwxr-xr-xkubernetes/so/components/so-openstack-adapter/values.yaml2
-rwxr-xr-xkubernetes/so/components/so-request-db-adapter/values.yaml2
-rwxr-xr-xkubernetes/so/components/so-sdc-controller/values.yaml2
-rwxr-xr-xkubernetes/so/components/so-sdnc-adapter/values.yaml2
-rwxr-xr-xkubernetes/so/values.yaml2
16 files changed, 350 insertions, 15 deletions
diff --git a/kubernetes/cds/values.yaml b/kubernetes/cds/values.yaml
index 5510b3a3a0..edac066f6f 100644
--- a/kubernetes/cds/values.yaml
+++ b/kubernetes/cds/values.yaml
@@ -84,6 +84,126 @@ mariadb-galera:
serviceAccount:
nameOverride: *dbServer
+ mariadbConfiguration: |-
+ [client]
+ port=3306
+ socket=/opt/bitnami/mariadb/tmp/mysql.sock
+ plugin_dir=/opt/bitnami/mariadb/plugin
+
+ [mysqld]
+ lower_case_table_names = 1
+ default_storage_engine=InnoDB
+ basedir=/opt/bitnami/mariadb
+ datadir=/bitnami/mariadb/data
+ plugin_dir=/opt/bitnami/mariadb/plugin
+ tmpdir=/opt/bitnami/mariadb/tmp
+ socket=/opt/bitnami/mariadb/tmp/mysql.sock
+ pid_file=/opt/bitnami/mariadb/tmp/mysqld.pid
+ bind_address=0.0.0.0
+
+ ## Character set
+ collation_server=utf8_unicode_ci
+ init_connect='SET NAMES utf8'
+ character_set_server=utf8
+
+ ## MyISAM
+ key_buffer_size=32M
+ myisam_recover_options=FORCE,BACKUP
+
+ ## Safety
+ skip_host_cache
+ skip_name_resolve
+ max_allowed_packet=16M
+ max_connect_errors=1000000
+ sql_mode=STRICT_TRANS_TABLES,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_AUTO_VALUE_ON_ZERO,NO_ENGINE_SUBSTITUTION,NO_ZERO_DATE,NO_ZERO_IN_DATE,ONLY_FULL_GROUP_BY
+ sysdate_is_now=1
+
+ ## Binary Logging
+ log_bin=mysql-bin
+ expire_logs_days=14
+ # Disabling for performance per http://severalnines.com/blog/9-tips-going-production-galera-cluster-mysql
+ sync_binlog=0
+ # Required for Galera
+ binlog_format=row
+
+ ## Caches and Limits
+ tmp_table_size=32M
+ max_heap_table_size=32M
+ # Re-enabling as now works with Maria 10.1.2
+ query_cache_type=1
+ query_cache_limit=4M
+ query_cache_size=256M
+ max_connections=500
+ thread_cache_size=50
+ open_files_limit=65535
+ table_definition_cache=4096
+ table_open_cache=4096
+
+ ## InnoDB
+ innodb=FORCE
+ innodb_strict_mode=1
+ # Mandatory per https://github.com/codership/documentation/issues/25
+ innodb_autoinc_lock_mode=2
+ # Per https://www.percona.com/blog/2006/08/04/innodb-double-write/
+ innodb_doublewrite=1
+ innodb_flush_method=O_DIRECT
+ innodb_log_files_in_group=2
+ innodb_log_file_size=128M
+ innodb_flush_log_at_trx_commit=1
+ innodb_file_per_table=1
+ # 80% Memory is default reco.
+ # Need to re-evaluate when DB size grows
+ innodb_buffer_pool_size=2G
+ innodb_file_format=Barracuda
+
+ ## Logging
+ log_error=/opt/bitnami/mariadb/logs/mysqld.log
+ slow_query_log_file=/opt/bitnami/mariadb/logs/mysqld.log
+ log_queries_not_using_indexes=1
+ slow_query_log=1
+
+ ## SSL
+ ## Use extraVolumes and extraVolumeMounts to mount /certs filesystem
+ # ssl_ca=/certs/ca.pem
+ # ssl_cert=/certs/server-cert.pem
+ # ssl_key=/certs/server-key.pem
+
+ [galera]
+ wsrep_on=ON
+ wsrep_provider=/opt/bitnami/mariadb/lib/libgalera_smm.so
+ wsrep_sst_method=mariabackup
+ wsrep_slave_threads=4
+ wsrep_cluster_address=gcomm://
+ wsrep_cluster_name=galera
+ wsrep_sst_auth="root:"
+ # Enabled for performance per https://mariadb.com/kb/en/innodb-system-variables/#innodb_flush_log_at_trx_commit
+ innodb_flush_log_at_trx_commit=2
+ # MYISAM REPLICATION SUPPORT #
+ wsrep_replicate_myisam=ON
+
+ [mariadb]
+ plugin_load_add=auth_pam
+
+ ## Data-at-Rest Encryption
+ ## Use extraVolumes and extraVolumeMounts to mount /encryption filesystem
+ # plugin_load_add=file_key_management
+ # file_key_management_filename=/encryption/keyfile.enc
+ # file_key_management_filekey=FILE:/encryption/keyfile.key
+ # file_key_management_encryption_algorithm=AES_CTR
+ # encrypt_binlog=ON
+ # encrypt_tmp_files=ON
+
+ ## InnoDB/XtraDB Encryption
+ # innodb_encrypt_tables=ON
+ # innodb_encrypt_temporary_tables=ON
+ # innodb_encrypt_log=ON
+ # innodb_encryption_threads=4
+ # innodb_encryption_rotate_key_age=1
+
+ ## Aria Encryption
+ # aria_encrypt_tables=ON
+ # encrypt_tmp_disk_tables=ON
+
cds-blueprints-processor:
enabled: true
config:
diff --git a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl
index c03be83264..80b4cbc77b 100644
--- a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl
+++ b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl
@@ -17,6 +17,56 @@
# ============LICENSE_END=========================================================
*/}}
{{/*
+For internal use only!
+
+dcaegen2-services-common._ms-specific-env-vars:
+This template generates a list of microservice-specific environment variables
+as specified in .Values.applicationEnv. The
+dcaegen2-services-common.microServiceDeployment uses this template
+to add the microservice-specific environment variables to the microservice's container.
+These environment variables are in addition to a standard set of environment variables
+provided to all microservices.
+
+The template expects a single argument, pointing to the caller's global context.
+
+Microservice-specific environment variables can be specified in two ways:
+ 1. As literal string values.
+ 2. As values that are sourced from a secret, identified by the secret's
+ uid and the key within the secret that provides the value.
+
+The following example shows an example of each type. The example assumes
+that a secret has been created using the OOM common secret mechanism, with
+a secret uid "example-secret" and a key called "password".
+
+applicationEnv:
+ APPLICATION_PASSWORD:
+ secretUid: example-secret
+ key: password
+ APPLICATION_EXAMPLE: "An example value"
+
+The example would set two environment variables on the microservice's container,
+one called "APPLICATION_PASSWORD" with the value set from the "password" key in
+the secret with uid "example-secret", and one called "APPLICATION_EXAMPLE" set to
+the the literal string "An example value".
+*/}}
+{{- define "dcaegen2-services-common._ms-specific-env-vars" -}}
+ {{- $global := . }}
+ {{- if .Values.applicationEnv }}
+ {{- range $envName, $envValue := .Values.applicationEnv }}
+ {{- if kindIs "string" $envValue }}
+- name: {{ $envName }}
+ value: {{ $envValue | quote }}
+ {{- else }}
+ {{ if or (not $envValue.secretUid) (not $envValue.key) }}
+ {{ fail (printf "Env %s definition is not a string and does not contain secretUid or key fields" $envName) }}
+ {{- end }}
+- name: {{ $envName }}
+ {{- include "common.secret.envFromSecretFast" (dict "global" $global "uid" $envValue.secretUid "key" $envValue.key) | indent 2 }}
+ {{- end -}}
+ {{- end }}
+ {{- end }}
+{{- end -}}
+{{/*
dcaegen2-services-common.microserviceDeployment:
This template produces a Kubernetes Deployment for a DCAE microservice.
@@ -150,12 +200,7 @@ spec:
fieldRef:
apiVersion: v1
fieldPath: status.podIP
- {{- if .Values.applicationEnv }}
- {{- range $envName, $envValue := .Values.applicationEnv }}
- - name: {{ $envName }}
- value: {{ $envValue | quote }}
- {{- end }}
- {{- end }}
+ {{- include "dcaegen2-services-common._ms-specific-env-vars" . | nindent 8 }}
{{- if .Values.service }}
ports: {{ include "common.containerPorts" . | nindent 10 }}
{{- end }}
@@ -180,8 +225,9 @@ spec:
{{- end }}
{{- end }}
resources: {{ include "common.resources" . | nindent 2 }}
- {{- if or $logDir $certDir }}
volumeMounts:
+ - mountPath: /app-config
+ name: app-config
{{- if $logDir }}
- mountPath: {{ $logDir}}
name: component-log
@@ -190,7 +236,6 @@ spec:
- mountPath: {{ $certDir }}
name: tls-info
{{- end }}
- {{- end }}
{{- if $logDir }}
- image: {{ include "repositoryGenerator.image.logging" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
diff --git a/kubernetes/sdc/components/sdc-helm-validator/Chart.yaml b/kubernetes/sdc/components/sdc-helm-validator/Chart.yaml
new file mode 100644
index 0000000000..5af3bf737b
--- /dev/null
+++ b/kubernetes/sdc/components/sdc-helm-validator/Chart.yaml
@@ -0,0 +1,20 @@
+# ===========LICENSE_START========================================================
+# Copyright (c) 2021 Nokia. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+apiVersion: v1
+description: ONAP Service Design and Creation Helm Validator
+name: sdc-helm-validator
+version: 8.0.0
diff --git a/kubernetes/sdc/components/sdc-helm-validator/requirements.yaml b/kubernetes/sdc/components/sdc-helm-validator/requirements.yaml
new file mode 100644
index 0000000000..8e1160ad44
--- /dev/null
+++ b/kubernetes/sdc/components/sdc-helm-validator/requirements.yaml
@@ -0,0 +1,23 @@
+# ===========LICENSE_START========================================================
+# Copyright (c) 2021 Nokia. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+dependencies:
+ - name: repositoryGenerator
+ version: ~8.x-0
+ repository: '@local'
+ - name: common
+ version: ~8.x-0
+ repository: '@local'
diff --git a/kubernetes/sdc/components/sdc-helm-validator/templates/deployment.yaml b/kubernetes/sdc/components/sdc-helm-validator/templates/deployment.yaml
new file mode 100644
index 0000000000..08228ad99c
--- /dev/null
+++ b/kubernetes/sdc/components/sdc-helm-validator/templates/deployment.yaml
@@ -0,0 +1,44 @@
+{{/*
+# ===========LICENSE_START========================================================
+# Copyright (c) 2021 Nokia. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+*/}}
+
+apiVersion: apps/v1
+kind: Deployment
+metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
+spec:
+ selector: {{- include "common.selectors" . | nindent 4 }}
+ replicas: 1
+ template:
+ metadata: {{- include "common.templateMetadata" . | nindent 6 }}
+ spec:
+ containers:
+ - name: {{ include "common.name" . }}
+ image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ resources: {{ include "common.resources" . | nindent 12 }}
+ ports: {{ include "common.containerPorts" . | nindent 12 }}
+ env:
+ - name: LOG_LEVEL
+ value: {{ .Values.config.loggingLevel }}
+ livenessProbe:
+ httpGet:
+ path: {{ .Values.liveness.path }}
+ port: {{ .Values.liveness.port }}
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/sdc/components/sdc-helm-validator/templates/service.yaml b/kubernetes/sdc/components/sdc-helm-validator/templates/service.yaml
new file mode 100644
index 0000000000..a5837afc84
--- /dev/null
+++ b/kubernetes/sdc/components/sdc-helm-validator/templates/service.yaml
@@ -0,0 +1,19 @@
+{{/*
+# ===========LICENSE_START========================================================
+# Copyright (c) 2021 Nokia. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+*/}}
+
+{{ include "common.service" . }}
diff --git a/kubernetes/sdc/components/sdc-helm-validator/values.yaml b/kubernetes/sdc/components/sdc-helm-validator/values.yaml
new file mode 100644
index 0000000000..9c0d90649f
--- /dev/null
+++ b/kubernetes/sdc/components/sdc-helm-validator/values.yaml
@@ -0,0 +1,58 @@
+# ===========LICENSE_START========================================================
+# Copyright (c) 2021 Nokia. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+# Global values
+global:
+ pullPolicy: Always
+
+image: onap/org.onap.sdc.sdc-helm-validator:1.2.0
+containerPort: &svc_port 8080
+
+config:
+ loggingLevel: INFO
+
+service:
+ type: ClusterIP
+ ports:
+ - name: &port http
+ port: *svc_port
+
+liveness:
+ initialDelaySeconds: 30
+ periodSeconds: 30
+ path: /actuator/health
+ port: *port
+ # necessary to disable liveness probe when setting breakpoints
+ # in debugger so K8s doesn't restart unresponsive container
+ enabled: true
+
+flavor: small
+resources:
+ small:
+ limits:
+ cpu: 1
+ memory: 256Mi
+ requests:
+ cpu: 1
+ memory: 256Mi
+ large:
+ limits:
+ cpu: 2
+ memory: 1Gi
+ requests:
+ cpu: 1
+ memory: 256Mi
+ unlimited: {}
diff --git a/kubernetes/sdc/requirements.yaml b/kubernetes/sdc/requirements.yaml
index 7ed88c50cc..2f2cb6c373 100644
--- a/kubernetes/sdc/requirements.yaml
+++ b/kubernetes/sdc/requirements.yaml
@@ -34,3 +34,7 @@ dependencies:
version: ~8.x-0
repository: 'file://components/sdc-wfd-fe'
condition: sdc-wfd.enabled
+ - name: sdc-helm-validator
+ version: ~8.x-0
+ repository: 'file://components/sdc-helm-validator'
+ condition: sdc-helm-validator.enabled
diff --git a/kubernetes/sdc/values.yaml b/kubernetes/sdc/values.yaml
index fef7dab310..b7476a584e 100644
--- a/kubernetes/sdc/values.yaml
+++ b/kubernetes/sdc/values.yaml
@@ -63,3 +63,5 @@ cassandra:
# dependency / sub-chart configuration
sdc-wfd:
enabled: true
+sdc-helm-validator:
+ enabled: true
diff --git a/kubernetes/so/components/so-bpmn-infra/values.yaml b/kubernetes/so/components/so-bpmn-infra/values.yaml
index c7ec266f7c..3e59cbfd74 100755
--- a/kubernetes/so/components/so-bpmn-infra/values.yaml
+++ b/kubernetes/so/components/so-bpmn-infra/values.yaml
@@ -62,7 +62,7 @@ secrets:
#################################################################
# Application configuration defaults.
#################################################################
-image: onap/so/bpmn-infra:1.8.1
+image: onap/so/bpmn-infra:1.8.2
pullPolicy: Always
db:
diff --git a/kubernetes/so/components/so-catalog-db-adapter/values.yaml b/kubernetes/so/components/so-catalog-db-adapter/values.yaml
index c83172dc24..6308e9f8de 100755
--- a/kubernetes/so/components/so-catalog-db-adapter/values.yaml
+++ b/kubernetes/so/components/so-catalog-db-adapter/values.yaml
@@ -61,7 +61,7 @@ secrets:
#################################################################
# Application configuration defaults.
#################################################################
-image: onap/so/catalog-db-adapter:1.8.1
+image: onap/so/catalog-db-adapter:1.8.2
pullPolicy: Always
db:
diff --git a/kubernetes/so/components/so-openstack-adapter/values.yaml b/kubernetes/so/components/so-openstack-adapter/values.yaml
index 0ecb925802..29fc50b2b2 100755
--- a/kubernetes/so/components/so-openstack-adapter/values.yaml
+++ b/kubernetes/so/components/so-openstack-adapter/values.yaml
@@ -57,7 +57,7 @@ secrets:
#################################################################
# Application configuration defaults.
#################################################################
-image: onap/so/openstack-adapter:1.8.1
+image: onap/so/openstack-adapter:1.8.2
pullPolicy: Always
db:
diff --git a/kubernetes/so/components/so-request-db-adapter/values.yaml b/kubernetes/so/components/so-request-db-adapter/values.yaml
index 8cf78749de..c117a7434a 100755
--- a/kubernetes/so/components/so-request-db-adapter/values.yaml
+++ b/kubernetes/so/components/so-request-db-adapter/values.yaml
@@ -57,7 +57,7 @@ secrets:
#################################################################
# Application configuration defaults.
#################################################################
-image: onap/so/request-db-adapter:1.8.1
+image: onap/so/request-db-adapter:1.8.2
pullPolicy: Always
db:
diff --git a/kubernetes/so/components/so-sdc-controller/values.yaml b/kubernetes/so/components/so-sdc-controller/values.yaml
index 36770ad22e..b1d7173a62 100755
--- a/kubernetes/so/components/so-sdc-controller/values.yaml
+++ b/kubernetes/so/components/so-sdc-controller/values.yaml
@@ -57,7 +57,7 @@ secrets:
#################################################################
# Application configuration defaults.
#################################################################
-image: onap/so/sdc-controller:1.8.1
+image: onap/so/sdc-controller:1.8.2
pullPolicy: Always
db:
diff --git a/kubernetes/so/components/so-sdnc-adapter/values.yaml b/kubernetes/so/components/so-sdnc-adapter/values.yaml
index c8e2abc4b3..9a67ef8220 100755
--- a/kubernetes/so/components/so-sdnc-adapter/values.yaml
+++ b/kubernetes/so/components/so-sdnc-adapter/values.yaml
@@ -72,7 +72,7 @@ secrets:
#################################################################
# Application configuration defaults.
#################################################################
-image: onap/so/sdnc-adapter:1.8.1
+image: onap/so/sdnc-adapter:1.8.2
pullPolicy: Always
org:
diff --git a/kubernetes/so/values.yaml b/kubernetes/so/values.yaml
index 1358795cec..ba98c344ac 100755
--- a/kubernetes/so/values.yaml
+++ b/kubernetes/so/values.yaml
@@ -162,7 +162,7 @@ dbCreds:
userName: so_user
adminName: so_admin
-image: onap/so/api-handler-infra:1.8.1
+image: onap/so/api-handler-infra:1.8.2
server:
aaf: