aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--kubernetes/aai/templates/service.yaml22
-rw-r--r--kubernetes/common/common/templates/_aafconfig.tpl162
-rw-r--r--kubernetes/sdnc/components/sdnc-web/values.yaml15
-rw-r--r--kubernetes/sdnc/values.yaml3
4 files changed, 30 insertions, 172 deletions
diff --git a/kubernetes/aai/templates/service.yaml b/kubernetes/aai/templates/service.yaml
index 750e1babc3..aecb687852 100644
--- a/kubernetes/aai/templates/service.yaml
+++ b/kubernetes/aai/templates/service.yaml
@@ -35,3 +35,25 @@ spec:
type: {{ .Values.service.type }}
selector:
app: {{ include "common.name" . }}
+{{- if include "common.onServiceMesh" . }}
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "common.servicename" . }}-internal
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ include "common.release" . }}
+ heritage: {{ .Release.Service }}
+spec:
+ ports:
+ - name: {{ .Values.service.portName }}
+ port: {{ .Values.service.externalPlainPort }}
+ targetPort: {{ .Values.service.internalPlainPort }}
+ type: ClusterIP
+ selector:
+ app: {{ include "common.name" . }}
+{{- end }}
+
diff --git a/kubernetes/common/common/templates/_aafconfig.tpl b/kubernetes/common/common/templates/_aafconfig.tpl
deleted file mode 100644
index 930959337a..0000000000
--- a/kubernetes/common/common/templates/_aafconfig.tpl
+++ /dev/null
@@ -1,162 +0,0 @@
-{{/*
-# Copyright © 2020 Amdocs, Bell Canada, highstreet technologies GmbH
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{/*
- common templates to enable aaf configs for applictaions
-
- Parameter for aafConfig to be defined in values.yaml
- aafConfig: --> if a different key is used, call templates with argument (dict "aafRoot" .Values.<yourkey> "dot" .)
- # additional scripts can be defined to handle certs
- addconfig: true|false
- fqdn: "sdnc"
- app_ns: "org.osaaf.aaf"
- fqi: "sdnc@sdnc.onap.org"
- fqi_namespace: org.onap.sdnc
- public_fqdn: "aaf.osaaf.org"
- aafDeployFqi: "deployer@people.osaaf.org"
- aafDeployPass: demo123456!
- cadi_latitude: "38.0"
- cadi_longitude: "-72.0"
- secret_uid: &aaf_secret_uid my-component-aaf-deploy-creds
-
- # secrets configuration, Note: create a secrets template
- secrets:
- - uid: *aaf_secret_uid
- type: basicAuth
- externalSecret: '{{ ternary (tpl (default "" .Values.aafConfig.aafDeployCredsExternalSecret) .) "aafIsDisabled" .Values.global.aafEnabled }}'
- login: '{{ .Values.aafConfig.aafDeployFqi }}'
- password: '{{ .Values.aafConfig.aafDeployPass }}'
- passwordPolicy: required
-
- In deployments/jobs/stateful include:
- initContainers:
- {{ include "common.aaf-config" . | nindent XX}}
-
- containers:
- volumeMounts:
- {{- if .Values.global.aafEnabled }}
- - mountPath: "/opt/app/osaaf"
- name: {{ include "common.fullname" . }}-aaf-config
- {{- end }}
- volumes:
- {{- include "common.aaf-config-volumes" . | nindent XX}}
-*/}}
-{{- define "common.aaf-config" -}}
-{{- $dot := default . .dot -}}
-{{- $aafRoot := default $dot.Values.aafConfig .aafRoot -}}
-{{- if $dot.Values.global.aafEnabled -}}
-- name: {{ include "common.name" $dot }}-aaf-readiness
- image: {{ include "common.repository" $dot }}/{{ $dot.Values.global.readinessImage }}
- imagePullPolicy: {{ $dot.Values.global.pullPolicy | default $dot.Values.pullPolicy }}
- command:
- - /app/ready.py
- args:
- - --container-name
- - aaf-locate
- - --container-name
- - aaf-cm
- - --container-name
- - aaf-service
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- resources:
- limits:
- cpu: 100m
- memory: 100Mi
- requests:
- cpu: 3m
- memory: 20Mi
-- name: {{ include "common.name" $dot }}-aaf-config
- image: {{ (default $dot.Values.repository $dot.Values.global.repository) }}/{{ $dot.Values.global.aafAgentImage }}
- imagePullPolicy: {{ $dot.Values.global.pullPolicy | default $dot.Values.pullPolicy }}
- volumeMounts:
- - mountPath: "/opt/app/osaaf"
- name: {{ include "common.fullname" $dot }}-aaf-config
-{{- if $aafRoot.addconfig }}
- - name: aaf-add-config
- mountPath: /opt/app/aaf_config/bin/aaf-add-config.sh
- subPath: aaf-add-config.sh
-{{- end }}
- command:
- - sh
- - -c
- - |
- #!/usr/bin/env bash
- /opt/app/aaf_config/bin/agent.sh
-{{- if $aafRoot.addconfig }}
- /opt/app/aaf_config/bin/aaf-add-config.sh
-{{- end }}
- env:
- - name: APP_FQI
- value: "{{ $aafRoot.fqi }}"
- - name: aaf_locate_url
- value: "https://aaf-locate.{{ $dot.Release.Namespace}}:8095"
- - name: aaf_locator_container
- value: "oom"
- - name: aaf_locator_container_ns
- value: "{{ $dot.Release.Namespace }}"
- - name: aaf_locator_fqdn
- value: "{{ $aafRoot.fqdn }}"
- - name: aaf_locator_app_ns
- value: "{{ $aafRoot.app_ns }}"
- - name: DEPLOY_FQI
- {{- include "common.secret.envFromSecretFast" (dict "global" $dot "uid" $aafRoot.secret_uid "key" "login") | indent 6 }}
- - name: DEPLOY_PASSWORD
- {{- include "common.secret.envFromSecretFast" (dict "global" $dot "uid" $aafRoot.secret_uid "key" "password") | indent 6 }}
- #Note: want to put this on Nodes, eventually
- - name: cadi_longitude
- value: "{{ default "52.3" $aafRoot.cadi_longitude }}"
- - name: cadi_latitude
- value: "{{ default "13.2" $aafRoot.cadi_latitude }}"
- #Hello specific. Clients don't don't need this, unless Registering with AAF Locator
- - name: aaf_locator_public_fqdn
- value: "{{ $aafRoot.public_fqdn | default "" }}"
- resources:
- limits:
- cpu: 100m
- memory: 100Mi
- requests:
- cpu: 3m
- memory: 20Mi
-{{- end -}}
-{{- end -}}
-
-{{- define "common.aaf-config-volume-mountpath" -}}
-{{- if .Values.global.aafEnabled -}}
-- mountPath: "/opt/app/osaaf"
- name: {{ include "common.fullname" . }}-aaf-config
-{{- end -}}
-{{- end -}}
-
-{{- define "common.aaf-config-volumes" -}}
-{{- $dot := default . .dot -}}
-{{- $aafRoot := default $dot.Values.aafConfig .aafRoot -}}
-{{- if $dot.Values.global.aafEnabled -}}
-- name: {{ include "common.fullname" $dot }}-aaf-config
- emptyDir:
- medium: Memory
-{{- if $aafRoot.addconfig }}
-- name: aaf-add-config
- configMap:
- name: {{ include "common.fullname" $dot }}-aaf-add-config
- defaultMode: 0700
-{{- end -}}
-{{- end -}}
-{{- end -}}
diff --git a/kubernetes/sdnc/components/sdnc-web/values.yaml b/kubernetes/sdnc/components/sdnc-web/values.yaml
index e838fb7e79..979698ffef 100644
--- a/kubernetes/sdnc/components/sdnc-web/values.yaml
+++ b/kubernetes/sdnc/components/sdnc-web/values.yaml
@@ -69,14 +69,13 @@ certInitializer:
cadi_latitude: "38.0"
cadi_longitude: "-72.0"
credsPath: /opt/app/osaaf/local
- aaf_add_config: >
- cd /opt/app/osaaf/local;
- mkdir -p certs;
- export $(/opt/app/aaf_config/bin/agent.sh local showpass | grep '^c' | xargs -0);
- keytool -exportcert -rfc -file certs/cacert.pem -keystore {{ .Values.fqi_namespace }}.trust.jks -alias ca_local_0 -storepass $cadi_truststore_password;
- openssl pkcs12 -in {{ .Values.fqi_namespace }}.p12 -out certs/cert.pem -passin pass:$cadi_keystore_password_p12 -passout pass:$cadi_keystore_password_p12;
- cp {{ .Values.fqi_namespace }}.key certs/key.pem;
- chmod -R 755 certs;
+ aaf_add_config: |
+ cd /opt/app/osaaf/local
+ mkdir -p certs
+ keytool -exportcert -rfc -file certs/cacert.pem -keystore {{ .Values.fqi_namespace }}.trust.jks -alias ca_local_0 -storepass $cadi_truststore_password
+ openssl pkcs12 -in {{ .Values.fqi_namespace }}.p12 -out certs/cert.pem -passin pass:$cadi_keystore_password_p12 -passout pass:$cadi_keystore_password_p12
+ cp {{ .Values.fqi_namespace }}.key certs/key.pem
+ chmod -R 755 certs
# default number of instances
replicaCount: 1
diff --git a/kubernetes/sdnc/values.yaml b/kubernetes/sdnc/values.yaml
index 1e0da8aeb4..1fd5bf3363 100644
--- a/kubernetes/sdnc/values.yaml
+++ b/kubernetes/sdnc/values.yaml
@@ -386,8 +386,7 @@ certInitializer:
cadi_longitude: "-72.0"
credsPath: /opt/app/osaaf/local
aaf_add_config: >
- cd /opt/app/osaaf/local;
- /opt/app/aaf_config/bin/agent.sh local showpass {{.Values.fqi}} {{ .Values.fqdn }} | grep cadi_keystore_password= | cut -d= -f 2 > {{ .Values.credsPath }}/.pass 2>&1
+ echo "$cadi_keystore_password" > {{ .Values.credsPath }}/.pass 2>&1
# dependency / sub-chart configuration
network-name-gen: