diff options
17 files changed, 207 insertions, 251 deletions
diff --git a/kubernetes/common/common/templates/_strimzikafka.tpl b/kubernetes/common/common/templates/_strimzikafka.tpl index f8f562e223..a2e9c90a4f 100644 --- a/kubernetes/common/common/templates/_strimzikafka.tpl +++ b/kubernetes/common/common/templates/_strimzikafka.tpl @@ -112,7 +112,11 @@ spec: apiVersion: kafka.strimzi.io/v1beta2 kind: KafkaTopic metadata: + {{- if (hasKey $topic "strimziTopicName") }} + name: {{ ($topic.strimziTopicName) }}-kt + {{- else }} name: {{ ($topic.name) | lower }}-kt + {{- end }} labels: strimzi.io/cluster: {{ include "common.release" $ }}-strimzi spec: diff --git a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl index 3b68ad52de..6713031d9a 100644 --- a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl +++ b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl @@ -60,11 +60,19 @@ the the literal string "An example value". - name: {{ $envName }} value: {{ tpl $envValue $global | quote }} {{- else }} - {{ if or (not $envValue.secretUid) (not $envValue.key) }} - {{ fail (printf "Env %s definition is not a string and does not contain secretUid or key fields" $envName) }} - {{- end }} + {{- if and (hasKey $envValue "externalSecret") ($envValue.externalSecret) }} +- name: {{ $envName }} + valueFrom: + secretKeyRef: + name: {{ tpl $envValue.externalSecretUid $global | quote }} + key: {{ tpl $envValue.key $global | quote }} + {{- else }} + {{ if or (not $envValue.secretUid) (not $envValue.key) }} + {{ fail (printf "Env %s definition is not a string and does not contain secretUid or key fields" $envName) }} + {{- end }} - name: {{ $envName }} {{- include "common.secret.envFromSecretFast" (dict "global" $global "uid" $envValue.secretUid "key" $envValue.key) | indent 2 }} + {{- end }} {{- end -}} {{- end }} {{- end }} diff --git a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/hv-ves-kafka-user.yaml b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/hv-ves-kafka-user.yaml deleted file mode 100644 index ff977aaa32..0000000000 --- a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/hv-ves-kafka-user.yaml +++ /dev/null @@ -1,47 +0,0 @@ -{{/* -# Copyright © 2022 Nordix Foundation -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} -apiVersion: kafka.strimzi.io/v1beta2 -kind: KafkaUser -metadata: - name: {{ include "common.release" . }}-{{ .Values.hvVesKafkaUser }} - labels: - strimzi.io/cluster: {{ include "common.release" . }}-strimzi -spec: - authentication: - type: scram-sha-512 - authorization: - type: simple - acls: - - resource: - type: topic - name: {{ index .Values "applicationConfig" "streams_publishes" "ves-3gpp-fault-supervision" "kafka_info" "topic_name" }} - operation: Write - - resource: - type: topic - name: {{ index .Values "applicationConfig" "streams_publishes" "ves-3gpp-provisioning" "kafka_info" "topic_name" }} - operation: Write - - resource: - type: topic - name: {{ index .Values "applicationConfig" "streams_publishes" "ves-3gpp-heartbeat" "kafka_info" "topic_name" }} - operation: Write - - resource: - type: topic - name: {{ index .Values "applicationConfig" "streams_publishes" "ves-3gpp-performance-assurance" "kafka_info" "topic_name" }} - operation: Write - - resource: - type: topic - name: {{ .Values.applicationConfig.streams_publishes.perf3gpp.kafka_info.topic_name }} - operation: Write diff --git a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/hv-ves-topics.yaml b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/hv-ves-topics.yaml deleted file mode 100644 index e40775833a..0000000000 --- a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/hv-ves-topics.yaml +++ /dev/null @@ -1,79 +0,0 @@ -{{/* -# Copyright © 2022 Nordix Foundation -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} -apiVersion: kafka.strimzi.io/v1beta2 -kind: KafkaTopic -metadata: - name: ves-3gpp-fault-supervision - labels: - strimzi.io/cluster: {{ include "common.release" . }}-strimzi -spec: - topicName: {{ index .Values "applicationConfig" "streams_publishes" "ves-3gpp-fault-supervision" "kafka_info" "topic_name" }} - partitions: 10 - config: - retention.ms: 7200000 - segment.bytes: 1073741824 ---- -apiVersion: kafka.strimzi.io/v1beta2 -kind: KafkaTopic -metadata: - name: ves-3gpp-provisioning - labels: - strimzi.io/cluster: {{ include "common.release" . }}-strimzi -spec: - topicName: {{ index .Values "applicationConfig" "streams_publishes" "ves-3gpp-provisioning" "kafka_info" "topic_name" }} - partitions: 10 - config: - retention.ms: 7200000 - segment.bytes: 1073741824 ---- -apiVersion: kafka.strimzi.io/v1beta2 -kind: KafkaTopic -metadata: - name: ves-3gpp-heartbeat - labels: - strimzi.io/cluster: {{ include "common.release" . }}-strimzi -spec: - topicName: {{ index .Values "applicationConfig" "streams_publishes" "ves-3gpp-heartbeat" "kafka_info" "topic_name" }} - partitions: 10 - config: - retention.ms: 7200000 - segment.bytes: 1073741824 ---- -apiVersion: kafka.strimzi.io/v1beta2 -kind: KafkaTopic -metadata: - name: ves-3gpp-performance-assurance - labels: - strimzi.io/cluster: {{ include "common.release" . }}-strimzi -spec: - topicName: {{ index .Values "applicationConfig" "streams_publishes" "ves-3gpp-performance-assurance" "kafka_info" "topic_name" }} - partitions: 10 - config: - retention.ms: 7200000 - segment.bytes: 1073741824 ---- -apiVersion: kafka.strimzi.io/v1beta2 -kind: KafkaTopic -metadata: - name: perf3gpp - labels: - strimzi.io/cluster: {{ include "common.release" . }}-strimzi -spec: - topicName: {{ .Values.applicationConfig.streams_publishes.perf3gpp.kafka_info.topic_name }} - partitions: 10 - config: - retention.ms: 7200000 - segment.bytes: 1073741824 diff --git a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/kafkatopic.yaml b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/kafkatopic.yaml new file mode 100644 index 0000000000..d1d21a6dbc --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/kafkatopic.yaml @@ -0,0 +1,16 @@ +{{/* +# Copyright © 2023 Nordix Foundation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} +{{ include "common.kafkatopic" . }} diff --git a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/kafkauser.yaml b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/kafkauser.yaml new file mode 100644 index 0000000000..6fc37c3d01 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/kafkauser.yaml @@ -0,0 +1,16 @@ +{{/* +# Copyright © 2023 Nordix Foundation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} +{{ include "common.kafkauser" . }} diff --git a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml index 351998a725..482d88e883 100644 --- a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml @@ -2,7 +2,7 @@ # ================================================================================ # Copyright (c) 2021-2022 J. F. Lucas. All rights reserved. # Copyright (c) 2021-2022 Nokia. All rights reserved. -# Copyright © 2022 Nordix Foundation +# Modifications Copyright (C) 2022-2023 Nordix Foundation. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -45,6 +45,9 @@ certPostProcessorImage: onap/org.onap.oom.platform.cert-service.oom-certservice- image: onap/org.onap.dcaegen2.collectors.hv-ves.hv-collector-main:1.11.0 pullPolicy: Always +commonName: &commonName dcae-hv-ves-collector +containerPort: &containerPort 6061 + # log directory where logging sidecar should look for log files # if path is set to null sidecar won't be deployed in spite of # global.centralizedLoggingEnabled setting. @@ -61,17 +64,6 @@ certDirectory: /etc/ves-hv/ssl # and key from AAF and mount them in certDirectory. tlsServer: false -secrets: - - uid: hv-ves-kafka-secret - externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}' - type: genericKV - envs: - - name: sasl.jaas.config - value: '{{ .Values.config.someConfig }}' - policy: generate -config: - someConfig: blah - # CMPv2 certificate # It is used only when: # - certDirectory is set @@ -81,9 +73,9 @@ config: useCmpv2Certificates: false certificates: - mountPath: /etc/ves-hv/ssl/external - commonName: dcae-hv-ves-collector + commonName: *commonName dnsNames: - - dcae-hv-ves-collector + - *commonName - hv-ves-collector - hv-ves keystore: @@ -106,16 +98,16 @@ readiness: # since there are problems receiving binary data via the sidecar # the service port is excluded in the sidecar processing podAnnotations: - traffic.sidecar.istio.io/excludeInboundPorts: "6061" + traffic.sidecar.istio.io/excludeInboundPorts: '6061' traffic.sidecar.istio.io/includeInboundPorts: '*' # service configuration service: type: NodePort - name: dcae-hv-ves-collector + name: *commonName ports: - name: tcp - port: 6061 + port: *containerPort port_protocol: tcp app_protocol: tcp nodePort: 22 @@ -124,19 +116,16 @@ ingress: enabled: false service: - baseaddr: "dcae-hv-ves-collector-api" - name: "dcae-hv-ves-collector" - port: 6061 + name: *commonName + port: *containerPort config: ssl: "redirect" -#strimzi kafka config -hvVesKafkaUser: dcae-hv-ves-kafka-user - # initial application configuration applicationConfig: logLevel: INFO server.idleTimeoutSec: 300 - server.listenPort: 6061 + server.listenPort: *containerPort cbs.requestIntervalSec: 5 security.sslDisable: true security.keys.keyStoreFile: /etc/ves-hv/ssl/cert.jks @@ -145,40 +134,70 @@ applicationConfig: security.keys.trustStorePasswordFile: /etc/ves-hv/ssl/trust.pass streams_publishes: ves-3gpp-fault-supervision: - type: kafka + type: ${MESSAGING_TYPE} kafka_info: bootstrap_servers: ${KAFKA_BOOTSTRAP_SERVERS} - topic_name: SEC_3GPP_FAULTSUPERVISION_OUTPUT + topic_name: &ves3gppFaultSupervision SEC_3GPP_FAULTSUPERVISION_OUTPUT ves-3gpp-provisioning: - type: kafka + type: ${MESSAGING_TYPE} kafka_info: bootstrap_servers: ${KAFKA_BOOTSTRAP_SERVERS} - topic_name: SEC_3GPP_PROVISIONING_OUTPUT + topic_name: &ves3gppProvisioning SEC_3GPP_PROVISIONING_OUTPUT ves-3gpp-heartbeat: - type: kafka + type: ${MESSAGING_TYPE} kafka_info: bootstrap_servers: ${KAFKA_BOOTSTRAP_SERVERS} - topic_name: SEC_3GPP_HEARTBEAT_OUTPUT + topic_name: &ves3gppHeartbeat SEC_3GPP_HEARTBEAT_OUTPUT ves-3gpp-performance-assurance: - type: kafka + type: ${MESSAGING_TYPE} kafka_info: bootstrap_servers: ${KAFKA_BOOTSTRAP_SERVERS} - topic_name: SEC_3GPP_PERFORMANCEASSURANCE_OUTPUT + topic_name: &ves3gppPerformanceAssurance SEC_3GPP_PERFORMANCEASSURANCE_OUTPUT perf3gpp: - type: kafka + type: ${MESSAGING_TYPE} kafka_info: bootstrap_servers: ${KAFKA_BOOTSTRAP_SERVERS} - topic_name: HV_VES_PERF3GPP + topic_name: &perf3gpp HV_VES_PERF3GPP + +# Strimzi Kafka config +kafkaUser: + acls: + - name: SEC_3GPP + type: topic + patternType: prefix + operations: [Write, DescribeConfigs] + - name: *perf3gpp + type: topic + operations: [Write, DescribeConfigs] + +kafkaTopic: + - name: *ves3gppFaultSupervision + strimziTopicName: dcae-ves-3gpp-fault-supervision + # the default retention values below can be updated + # to meet use case requirements for each topic. + retentionMs: 7200000 + segmentBytes: 1073741824 + - name: *ves3gppProvisioning + strimziTopicName: dcae-ves-3gpp-provisioning + - name: *ves3gppHeartbeat + strimziTopicName: dcae-ves-3gpp-heartbeat + - name: *ves3gppPerformanceAssurance + strimziTopicName: dcae-ves-3gpp-performance-assurance + - name: *perf3gpp + strimziTopicName: dcae-ves-3gpp-perf + applicationEnv: JAVA_OPTS: '-Dlogback.configurationFile=/etc/ONAP/dcae-hv-ves-collector/logback.xml' CBS_CLIENT_CONFIG_PATH: '/app-config-input/application_config.yaml' #Temporary Dummy CBS Port Value until internal SDK library is updated CONFIG_BINDING_SERVICE_SERVICE_PORT: '0000' + MESSAGING_TYPE: 'kafka' KAFKA_BOOTSTRAP_SERVERS: '{{ include "common.release" . }}-strimzi-kafka-bootstrap:9092' USE_SCRAM: 'true' JAAS_CONFIG: - secretUid: hv-ves-kafka-secret + externalSecret: true + externalSecretUid: '{{ include "common.name" . }}-ku' key: sasl.jaas.config # Resource Limit flavor -By Default using small @@ -203,6 +222,6 @@ resources: #Pods Service Account serviceAccount: - nameOverride: dcae-hv-ves-collector + nameOverride: *commonName roles: - read diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/templates/deployment.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/templates/deployment.yaml index 25658390b2..368c9d35d5 100644 --- a/kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/templates/deployment.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/templates/deployment.yaml @@ -2,6 +2,7 @@ #============LICENSE_START======================================================== # ================================================================================ # Copyright (c) 2021 Nokia. All rights reserved. +# Modifications Copyright © 2023 Nordix Foundation. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -46,15 +47,14 @@ spec: {{ end }} env: - name: SDC_ADDRESS - value: {{ .Values.externalServices.sdc_be_https }} + value: sdc-be.{{include "common.namespace" .}}:8080 - name: SCHEMA_MAP_PATH value: {{ .Values.schemaMap.directory }}/{{ .Values.schemaMap.filename }} - - name: SECURITY_PROTOCOL - value: {{ .Values.config.kafka.securityProtocol }} - - name: SASL_MECHANISM - value: {{ .Values.config.kafka.saslMechanism }} - name: SASL_JAAS_CONFIG - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "ves-openapi-kafka-secret" "key" "sasl.jaas.config") | indent 12 }} + valueFrom: + secretKeyRef: + name: {{ include "common.name" . }}-ku + key: sasl.jaas.config volumeMounts: - name: schema-map mountPath: {{ .Values.schemaMap.directory }} diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/templates/kafkauser.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/templates/kafkauser.yaml new file mode 100644 index 0000000000..6fc37c3d01 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/templates/kafkauser.yaml @@ -0,0 +1,16 @@ +{{/* +# Copyright © 2023 Nordix Foundation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} +{{ include "common.kafkauser" . }} diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/templates/ves-openapi-sdc-dist-kafka-user.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/templates/ves-openapi-sdc-dist-kafka-user.yaml deleted file mode 100644 index 3f9d0ca123..0000000000 --- a/kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/templates/ves-openapi-sdc-dist-kafka-user.yaml +++ /dev/null @@ -1,36 +0,0 @@ -{{/* -# Copyright © 2022 Nordix Foundation -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} -apiVersion: kafka.strimzi.io/v1beta2 -kind: KafkaUser -metadata: - name: {{ include "common.release" . }}-{{ .Values.vesOpenApiKafkaUser }} - labels: - strimzi.io/cluster: {{ include "common.release" . }}-strimzi -spec: - authentication: - type: {{ .Values.config.kafka.saslMechanism | lower }} - authorization: - type: {{ .Values.config.kafka.authType }} - acls: - - resource: - type: group - name: {{ .Values.config.kafka.sdcTopic.consumerGroup }} - operation: Read - - resource: - type: topic - patternType: prefix - name: {{ .Values.config.kafka.sdcTopic.pattern }} - operation: All diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/values.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/values.yaml index d2f73e6814..2327ac310b 100644 --- a/kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/values.yaml @@ -1,6 +1,7 @@ #============LICENSE_START======================================================== #================================================================================= # Copyright (c) 2021-2022 Nokia. All rights reserved. +# Modifications Copyright © 2023 Nordix Foundation. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -18,41 +19,14 @@ # Global values global: pullPolicy: Always -image: onap/org.onap.dcaegen2.platform.ves-openapi-manager:1.3.0 +image: onap/org.onap.dcaegen2.platform.ves-openapi-manager:1.3.1 containerPort: &svc_port 8080 -secrets: - - uid: ves-openapi-kafka-secret - externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}' - type: genericKV - envs: - - name: sasl.jaas.config - value: '{{ .Values.config.someConfig }}' - policy: generate - -# application configuration -config: - someConfig: blah - kafka: - bootstrapServer: strimzi-kafka-bootstrap:9092 - securityProtocol: SASL_PLAINTEXT - saslMechanism: SCRAM-SHA-512 - authType: simple - sdcTopic: - pattern: SDC-DIST - consumerGroup: dcaegen2 - clientId: ves-openapi-manager - -vesOpenApiKafkaUser: ves-open-api-kafka-user - service: ports: - name: &port http port: *svc_port -externalServices: - sdc_be_https: "sdc-be:8080" - schemaMap: filename: "schema-map.json" directory: "/app/mappings" @@ -104,12 +78,24 @@ applicationConfig: eventSchemaReferencePath: /event/structure/stndDefinedFields/structure/schemaReference/value distribution: sdcAddress: ${SDC_ADDRESS:sdc-be.onap:8080} + isUseHttpsWithSDC: false user: dcae password: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U pollingInterval: 20 pollingTimeout: 20 consumerGroup: dcaegen2 environmentName: AUTO - consumerID: ves-openapi-manager + consumerID: dcae-ves-openapi-manager activateServerTLSAuth: false isFilterInEmptyResources: false + +# Strimzi KafkaUser config +kafkaUser: + acls: + - name: dcaegen2 + type: group + operations: [Read] + - name: SDC-DISTR + type: topic + patternType: prefix + operations: [Read, Write]
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/values.yaml b/kubernetes/dcaegen2-services/values.yaml index a73fceb529..ba3607f047 100644 --- a/kubernetes/dcaegen2-services/values.yaml +++ b/kubernetes/dcaegen2-services/values.yaml @@ -1,6 +1,6 @@ # Copyright (c) 2021 J. F. Lucas. All rights reserved. # Copyright (c) 2021 AT&T. All rights reserved. -# Modifications Copyright (C) 2021 Nordix Foundation. +# Modifications Copyright (C) 2021-2023 Nordix Foundation. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -16,8 +16,6 @@ global: centralizedLoggingEnabled: true - hvVesKafkaUser: dcae-hv-ves-kafka-user - vesOpenApiKafkaUser: ves-open-api-kafka-user ################################################################# # Filebeat Configuration Defaults. @@ -30,8 +28,6 @@ filebeatConfig: # Control deployment of DCAE microservices at ONAP installation time dcae-ves-openapi-manager: enabled: true - config: - jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.vesOpenApiKafkaUser }}' dcae-datafile-collector: enabled: false logConfigMapNamePrefix: '{{ include "common.release" . }}-dcaegen2-services' @@ -50,8 +46,6 @@ dcae-heartbeat: dcae-hv-ves-collector: enabled: true logConfigMapNamePrefix: '{{ include "common.release" . }}-dcaegen2-services' - config: - jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.hvVesKafkaUser }}' dcae-kpi-ms: enabled: false logConfigMapNamePrefix: '{{ include "common.release" . }}-dcaegen2-services' diff --git a/kubernetes/robot/values.yaml b/kubernetes/robot/values.yaml index 599234e25d..e87a76d137 100644 --- a/kubernetes/robot/values.yaml +++ b/kubernetes/robot/values.yaml @@ -130,8 +130,6 @@ config: enabled: false policy_apex_pdp: enabled: false - policy_distribution: - enabled: false portal_app: enabled: false https: true diff --git a/kubernetes/strimzi/components/strimzi-kafka-bridge/resources/config/log4j2.properties b/kubernetes/strimzi/components/strimzi-kafka-bridge/resources/config/log4j2.properties new file mode 100644 index 0000000000..e6ad8e0920 --- /dev/null +++ b/kubernetes/strimzi/components/strimzi-kafka-bridge/resources/config/log4j2.properties @@ -0,0 +1,38 @@ +name=BridgeConfig + +appender.console.type=Console +appender.console.name=STDOUT + +appender.console.layout.type = PatternLayout +appender.console.layout.pattern = [%d] %-5p <%-12.12c{1}:%L> [%-12.12t] %m%n + +# Alternate JSONLayout pattern config +#appender.console.layout.type=JSONLayout +#appender.console.layout.compact=true +#appender.console.layout.eventEol=true +#appender.console.layout.complete=true +#appender.console.layout.properties=false +#appender.console.layout.propertiesAsList=false +#appender.console.layout.locationInfo=true +#appender.console.layout.includeStacktrace=true +#appender.console.layout.stacktraceAsString=true +#appender.console.layout.includeNullDelimiter=false +#appender.console.layout.objectMessageAsJsonObject=true + +rootLogger.level=INFO +rootLogger.appenderRefs=console +rootLogger.appenderRef.console.ref=STDOUT +rootLogger.additivity=false + +logger.bridge.name=io.strimzi.kafka.bridge +logger.bridge.level=INFO +logger.bridge.appenderRefs=console +logger.bridge.appenderRef.console.ref=STDOUT +logger.bridge.additivity=false + +logger.healthy.name=http.openapi.operation.healthy +logger.healthy.level=WARN +logger.ready.name=http.openapi.operation.ready +logger.ready.level=WARN + +monitorInterval=30 diff --git a/kubernetes/strimzi/components/strimzi-kafka-bridge/templates/configmap.yaml b/kubernetes/strimzi/components/strimzi-kafka-bridge/templates/configmap.yaml new file mode 100644 index 0000000000..25fbf3df77 --- /dev/null +++ b/kubernetes/strimzi/components/strimzi-kafka-bridge/templates/configmap.yaml @@ -0,0 +1,24 @@ +{{/* +# Copyright © 2023 Nordix Foundation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-kb-logging-cm + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/log4j2.properties").AsConfig . | indent 2 }} + diff --git a/kubernetes/strimzi/components/strimzi-kafka-bridge/templates/strimzi-kb.yaml b/kubernetes/strimzi/components/strimzi-kafka-bridge/templates/strimzi-kb.yaml index 3abb04af10..7788dc145a 100644 --- a/kubernetes/strimzi/components/strimzi-kafka-bridge/templates/strimzi-kb.yaml +++ b/kubernetes/strimzi/components/strimzi-kafka-bridge/templates/strimzi-kb.yaml @@ -28,3 +28,9 @@ spec: enableMetrics: {{ .Values.config.enableMetrics }} http: port: {{ .Values.config.port }} + logging: + type: external + valueFrom: + configMapKeyRef: + key: log4j2.properties + name: {{ include "common.fullname" . }}-kb-logging-cm diff --git a/kubernetes/strimzi/templates/strimzi-kafka-admin-user.yaml b/kubernetes/strimzi/templates/strimzi-kafka-admin-user.yaml index c1bf4b8b14..4532777f9e 100644 --- a/kubernetes/strimzi/templates/strimzi-kafka-admin-user.yaml +++ b/kubernetes/strimzi/templates/strimzi-kafka-admin-user.yaml @@ -22,10 +22,3 @@ metadata: spec: authentication: type: {{ .Values.config.saslMechanism }} - authorization: - type: {{ .Values.config.authType }} - acls: - - resource: - type: group - name: onap-group - operation: Read
\ No newline at end of file |