diff options
163 files changed, 3212 insertions, 1229 deletions
diff --git a/kubernetes/aaf/charts/aaf-sms/values.yaml b/kubernetes/aaf/charts/aaf-sms/values.yaml index 8e7ea29300..28b46c24e1 100644 --- a/kubernetes/aaf/charts/aaf-sms/values.yaml +++ b/kubernetes/aaf/charts/aaf-sms/values.yaml @@ -67,11 +67,11 @@ readiness: periodSeconds: 30 service: - type: NodePort + type: ClusterIP name: aaf-sms portName: aaf-sms internalPort: 10443 - nodePort: 43 + externalPort: 10443 persistence: enabled: true diff --git a/kubernetes/aai/charts/aai-babel/resources/config/tosca-mappings.json b/kubernetes/aai/charts/aai-babel/resources/config/tosca-mappings.json index c67b3e2f97..a6fe82fb70 100644 --- a/kubernetes/aai/charts/aai-babel/resources/config/tosca-mappings.json +++ b/kubernetes/aai/charts/aai-babel/resources/config/tosca-mappings.json @@ -8,92 +8,128 @@ { "type": "SERVICE", "name": "service-instance", - "deleteFlag": true + "deleteFlag": true, + "modelVersionId": "46b92144-923a-4d20-b85a-3cbd847668a9", + "modelInvariantId": "82194af1-3c2c-485a-8f44-420e22a9eaa4" }, { "type": "VF", "name": "generic-vnf", - "deleteFlag": false + "deleteFlag": true, + "modelVersionId": "93a6166f-b3d5-4f06-b4ba-aed48d009ad9", + "modelInvariantId": "acc6edd8-a8d4-4b93-afaa-0994068be14c" }, { "type": "VFC", "name": "vnfc", - "deleteFlag": true + "deleteFlag": true, + "modelVersionId": "5761e0a7-c6df-4d8a-9ebd-b8f445054dec", + "modelInvariantId": "96129eb9-f0de-4e05-8af2-73146473f766" }, { "type": "VSERVER", "name": "vserver", - "deleteFlag": true + "deleteFlag": true, + "modelVersionId": "8ecb2c5d-7176-4317-a255-26274edfdd53", + "modelInvariantId": "ff69d4e0-a8e8-4108-bdb0-dd63217e63c7" }, { "type": "VOLUME", "name": "volume", - "deleteFlag": true + "deleteFlag": true, + "modelVersionId": "0fbe2e8f-4d91-4415-a772-88387049b38d", + "modelInvariantId": "ddd739b4-2b25-46c4-affc-41a32af5cc42" }, { "type": "FLAVOR", "name": "flavor", - "deleteFlag": false + "deleteFlag": false, + "modelVersionId": "36200fb5-f251-4f5d-a520-7c5ad5c2cd4b", + "modelInvariantId": "bace8d1c-a261-4041-9e37-823117415d0f" }, { "type": "TENANT", "name": "tenant", - "deleteFlag": false + "deleteFlag": false, + "modelVersionId": "abcc54bc-bb74-49dc-9043-7f7171707545", + "modelInvariantId": "97c26c99-6870-44c1-8a07-1d900d3f4ce6" }, { "type": "VOLUME_GROUP", "name": "volume-group", - "deleteFlag": true + "deleteFlag": true, + "modelVersionId": "99d44c90-1f61-4418-b9a6-56586bf38c79", + "modelInvariantId": "fcec1b02-b2d0-4834-aef8-d71be04717dd" }, { "type": "LINT", "name": "l-interface", - "deleteFlag": true + "deleteFlag": true, + "modelVersionId": "a32613fd-18b9-459e-aab8-fffb3912966a", + "modelInvariantId": "cea0a982-8d55-4093-921e-418fbccf7060" }, { "type": "L3_NET", "name": "l3-network", - "deleteFlag": true + "deleteFlag": true, + "modelVersionId": "9111f20f-e680-4001-b83f-19a2fc23bfc1", + "modelInvariantId": "3d560d81-57d0-438b-a2a1-5334dba0651a" }, { "type": "VFMODULE", "name": "vf-module", - "deleteFlag": true + "deleteFlag": true, + "modelVersionId": "c00563ae-812b-4e62-8330-7c4d0f47088a", + "modelInvariantId": "ef86f9c5-2165-44f3-8fc3-96018b609ea5" }, { "type": "IMAGE", "name": "image", - "deleteFlag": false + "deleteFlag": false, + "modelVersionId": "f6a038c2-820c-42ba-8c2b-375e24e8f932", + "modelInvariantId": "3f4c7204-739b-4bbb-87a7-8a6856439c90" }, { "type": "OAM_NETWORK", "name": "oam-network", - "deleteFlag": true + "deleteFlag": true, + "modelVersionId": "f4fb34f3-fd6e-4a8f-a3fb-4ab61a343b79", + "modelInvariantId": "2851cf01-9c40-4064-87d4-6184a6fcff35" }, { "type": "ALLOTTED_RESOURCE", "name": "allotted-resource", - "deleteFlag": true + "deleteFlag": true, + "modelVersionId": "7ad0915f-25c0-4a70-b9bc-185a75f87564", + "modelInvariantId": "f6d6a23d-a1a9-48ff-8419-b6530da2d381" }, { "type": "TUNNEL_XCONNECT", "name": "tunnel-xconnect", - "deleteFlag": true + "deleteFlag": true, + "modelVersionId": "e7cb4ca8-e1a5-4487-a716-4ae0bcd8aef5", + "modelInvariantId": "50b9e2fa-005c-4bbe-b651-3251dece4cd8" }, { "type": "CONFIGURATION", "name": "configuration", - "deleteFlag": true + "deleteFlag": true, + "modelVersionId": "5a175add-57e4-4a5d-8b02-c36f1d69c52b", + "modelInvariantId": "166c050d-f69d-4305-943e-0bc58c3a26cf" }, { "type": "CR", "name": "cr", - "deleteFlag": true + "deleteFlag": true, + "modelVersionId": "3f908abc-3a15-40d0-b674-2a639e52884d", + "modelInvariantId": "8bac3599-9a1c-4b7f-80e5-c1838f744c23" }, { "type": "INSTANCE_GROUP", "name": "instance-group", - "deleteFlag": true + "deleteFlag": true, + "modelVersionId": "8e6ee9dc-9017-444a-83b3-219edb018128", + "modelInvariantId": "3bf1e610-45f7-4ad6-b833-ca4c5ee6a3fd" } ], "widgetMappings": [ diff --git a/kubernetes/aai/charts/aai-champ/values.yaml b/kubernetes/aai/charts/aai-champ/values.yaml index b35171ecd6..331786cf18 100644 --- a/kubernetes/aai/charts/aai-champ/values.yaml +++ b/kubernetes/aai/charts/aai-champ/values.yaml @@ -25,7 +25,7 @@ global: ################################################################# # application image -image: onap/champ:1.3.0 +image: onap/champ:1.4-STAGING-latest flavor: small diff --git a/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/sg_config.yml b/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/sg_config.yml index 3fefe1690d..9172b71e8d 100644 --- a/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/sg_config.yml +++ b/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/sg_config.yml @@ -37,19 +37,19 @@ # HTTP # basic (challenging) # proxy (not challenging, needs xff) -# kerberos (challenging) NOT FREE FOR COMMERCIAL +# kerberos (challenging) # clientcert (not challenging, needs https) -# jwt (not challenging) NOT FREE FOR COMMERCIAL +# jwt (not challenging) # host (not challenging) #DEPRECATED, will be removed in a future version. # host based authentication is configurable in sg_roles_mapping # Authc # internal # noop -# ldap NOT FREE FOR COMMERCIAL USE +# ldap # Authz -# ldap NOT FREE FOR COMMERCIAL USE +# ldap # noop searchguard: @@ -59,7 +59,7 @@ searchguard: # Set filtered_alias_mode to 'nowarn' to allow more than 2 filtered aliases per index silently #filtered_alias_mode: warn #kibana: - # Kibana multitenancy - NOT FREE FOR COMMERCIAL USE + # Kibana multitenancy # see https://github.com/floragunncom/search-guard-docs/blob/master/multitenancy.md # To make this work you need to install https://github.com/floragunncom/search-guard-module-kibana-multitenancy/wiki #multitenancy_enabled: true @@ -85,7 +85,7 @@ searchguard: transport_enabled: false order: 6 http_authenticator: - type: kerberos # NOT FREE FOR COMMERCIAL USE + type: kerberos challenge: true config: # If true a lot of kerberos/security related debugging output will be logged to standard out @@ -150,7 +150,7 @@ searchguard: challenge: false authentication_backend: # LDAP authentication backend (authenticate users against a LDAP or Active Directory) - type: ldap # NOT FREE FOR COMMERCIAL USE + type: ldap config: # enable ldaps enable_ssl: false @@ -176,7 +176,7 @@ searchguard: transport_enabled: false authorization_backend: # LDAP authorization backend (gather roles from a LDAP or Active Directory, you have to configure the above LDAP authentication backend settings too) - type: ldap # NOT FREE FOR COMMERCIAL USE + type: ldap config: # enable ldaps enable_ssl: false @@ -217,5 +217,5 @@ searchguard: roles_from_another_ldap: enabled: false authorization_backend: - type: ldap # NOT FREE FOR COMMERCIAL USE + type: ldap #config goes here ... diff --git a/kubernetes/aai/charts/aai-resources/resources/config/aaf/org.onap.aai.keyfile b/kubernetes/aai/charts/aai-resources/resources/config/aaf/org.onap.aai.keyfile index 3416d4a737..87219388f7 100644 --- a/kubernetes/aai/charts/aai-resources/resources/config/aaf/org.onap.aai.keyfile +++ b/kubernetes/aai/charts/aai-resources/resources/config/aaf/org.onap.aai.keyfile @@ -1,27 +1,27 @@ -2otP92kNFHdexroZxvgYY7ffslFiwCD3CiVYMIfUF2edqZK7972NwkvE_mbaBo6jh8lByLIqrWAf -jyzoiVsvQ_kCa0cS1xaRLpcxv3bx1b7o3hGPBqpd6vmSG4y2JLzNlCBZWuTJz827wr8p_fWrYuUm -4L1WoaEe8W5PRnXjl4hDqbJBAlEoRIBXugUDt_7O5wgx2Rl3HVoOczZtf0RzONZ1F0BmKf3QlAUe -moSbARitYRgIPt5sLbT7qPyoEpGDhQ1XBowR744-wsjBc-14yO62Ajp5xWKTp15uWn3_HHuw1SAf -GWSBRGlSlEVkXQqi9Hw5jDttKVzHX1ckwR0SQOirbtHPHplxPX3WKjKhSdSeMzw6LOAHIQYRMKBT -74oGnULAfPtV7TaGwOKriT3P49CoPdt9On89-LGyCZSxDWKH0K-rgB6I2_hPT2Uzr3jmXiMa-sfh -iMvyQ7ABBVx0OFsUuNb5mcU2O6dWiQreL5RerrloV_X3ZtnNjxENXKjQ5KBR1A5ISPjFFK-kf4Rb -p6FSII8LcsiqgdWuZ4GX_C6x8HX4A-vD0x3Uc9CfoXY-k23cNIy-R-W-oB-P2OgdWDNgZ7VaOLNt -3L-NwWpNblfYvs93cNmkbVAwCZ3r0OP7RFeuON84TRaynK_Fh2S3rypRyJcUmM1pvpZqJ5_-umSW -hUs1OqkdLv3xjlVzzK-3nMr0q3Zcyp4XdyLYtcX5I3Xqk9ZcsyAT7ghmHhV8KjUjue7OcfAWg0m7 -RJLGq6VC8HeK4HEMa4lF677Qh7DRufghIDEmQSIDfGA790WGSA8HqcOvAL4hURCHyCWiPa5i8ksX -xX4HyqF8PCVCLJ_ZhzcuIlc0jStAexWbJU_vcyX7XgUaHCkF-M-zv1FP6Z3DHBMD2QqSWjmyNCCk -8sIuwzs62P_j2o9jG33kssedCrUWOwZancU107-5H0Zw-UWvtCqUfmRZ7TsEbWY7lk_SKfLfAN5q -ncOQgU_VxDXUFDST4LN_WVECRafK3UtwWomxWSji25Lbf6NVni3ok-yLMDZR-wrE-54jLPES9j0i -5N0xrk9CfsvGUpUZ1_XQcgaxI6m27DtCCJXb5ywenPBiUIJCMCTq88CqNZxGpju2i4BJcUH2hUHe -GKhO8pgslwhtEVot9EDwdzSrJkWFCfb6ud4zMxrqdi7-mLWMOydg6lhpEFEX5wu2BLIujGsZlEGE -_K9jGfBypjXuJCKDZIuPfEnf_7idjKis_JcFB7x4Hx2HHDcBjlWWFZN_VIEnPkQSyZEC26RTFP3k -zkY3GwUfA36a4XW2pu3gE9wz-W6fkONfzOZ6YiyCm_dRFUVuGSdJG02Hh5iXYlMOGJltPzWH2jVf -S-QTOmXQTKSOheXoJO6O-9uQbsRf-kq-6w1pvIOp4ms35w4_0Xj0Xr2a9y-L9PdBZvrUsa-jxsZU -LyA-YY4Ej6QwDBDTD2MGjF1E5_ekYgjoNlltM9rJjofruM4ym0n7LPHC7YXXQSEFOZYeTKi6wUDw -hQ1DoWHgu4PQ2lexada8sxQdConbPe2iW16h-PrO5D12E4XbT00fqaMlBmjQwzdNRdCC2NRPIQ5W -nwaO8dZ9yjxsjT7ZVHb9-DRblb3XDocponzxVXqUGtJAie4WXQnerX0ApTWGaHEr5y56JJVS_3LP -bKrbXBXcs4jTUX4ECXRrOs8JQDQNysXhvTPCu0XUxNZpjx6KLxDs93k2OcESHjl5J6n6OKKJqqoN -JEyFO5LGXpnmUJbn0-CaHHPRI1mHwEu4brY8wDZd9A0PD1KGXDoCHMfEk1lGblQdyOcVrXZ6uSBk -Z6zHDnwSCHO1mPYqtelJQehZoFuPSv9PIgKLxs_qJOtZFnXII5YO1mGXgiIBWBjUFDR5HG4ENS6y -J4MCF-JLMp-PVMAkOaCIQRRDpRnMm_fT1sc_P562Diu_pcdt-r55pMFQYGoGfjRmxQBKk0-SsdnP -mlZIiis9DfQEN0q3QQdNRYBJD7tmhUwhAPZdLgXqJA8sZf8UyFQhhpsky79NT343YL9smUlF
\ No newline at end of file +yf1wUdfxbhVQQq5UF8hzWB_01VVrRIkC8BaLT7NMTrmv30RsMj3lvlaX3_CnVC1emYgmiUfWnT7k +brk0m-URJAKM8Pm6PrnOyKlx3U7NS8HVcFdKpVm_bx0CFsA3eY2NGe-D0gd35V1MohCbABZ8G2a6 +AgE7QmToHCwclXW_goK5P7lmJX1HaMVAIydMreP1m9sSR4UboRlvkH6VsMM1H1Y9ZhhXF--RkWAM +EcIspNTQE4ef3ZvYtSzuWssGZP8Hjo4XJlXz1uCSkyczw0IR19n-lspF9S0cIMro6QqvJsyjyjRo +UdYgxdwmQ_st4P43TZ8YEBQyE8r7VUoh_EqUx9ldilxGA0kBOQcTdtd805Kf98grXiQXeT-8UD1L +02aLzbz8Md7f8foGS1oGLfoImdjYCzOOZs3qHmKSb6YoHY8VcBCxIEfCznYl8wLYLRsSZ0tV4SAM +qCM_KHOM0HOZrNfSSAW5ZVZb67U9NI9SLFRV8gkmqxMspfjSLJCyHhq0D6RMECSpeAeVgoh6SWDw +mBSXunY5ZWVzdUyEezjCcl3NqTahrlfMSV5xkfUmSNFe_WW9rIXF0vD6MHAEW62yA1OA8WoMUqp2 +VKkUzWGVGAdMvbU52D6hqmGXER44kxAHVgEwPdhQhqgk4BpjR2v9ozQ6E_xNGkSRnriNB-H6BSN0 +vZa0pNJfvmBCjwGeoyRbCJrN1grLoDHQ3_6g-IwsD3NugKp6SHxUgfiPAUMGz-J2ZdbAlU0SNQgM +8gn6_cOaXvhqHBwh9SfT4jXyuCJru0zw3pyOjuw6fLMezvJDPvFfIgWllzc2IQ7_bufMZgCr2yAe +O-nBzsXK8aqItzCti53sZLSM1YC6OuRaiIt2i0yTVa7koFYSFhyELqEco5cFKMs0c6SrgIxnRrBT +x0RPXIyLdiRr76uP2wxL8KDfJ1vbCKi1xkZRchvQfm3ssgpzXVz8lnZ-HxacEhhAfGdDV56ZgRhu +5UVQd2RdP9JVpnXRJPhVwlQeQlrIXWHp01efBPRMTZQd2lpaNqn5v5chzpi9bbM3P3-BLxnN2NID +dv1E9Ox7MH-m3IQT9yFUi-UrDxAId4dnpgeCvyxhfnc1HJ9B71x9wmryC9PJWiKs3K-T_eC9pR4o +eN5PUZZ7arwdMUmzqKPNAtyMqaJCWfD3GZ1KsC8OV5Ze0DRQZPeT3IHg2BUC1NGj2SdjcwaGP_zl +uytFZWN7kQjnI4brorkO_jzjf7SEPCO7Vy2Z2vikIv7O8bSWZWDGYCcxUoYigFYcjZFirRYr3Yvl +YZU-F_qh6ZvrVxStSpz6iYDAzPW9v4ZyLSHyWe5H2AN89uRdnvag1769KpjsmGVYbn5jabgCJFs8 +EL7rxymrXri5cKsGH8XC1E0a-kP6vvhdHJhx5eFsFmKJaWh3RCJ8_I5CSzSRsK8JvE1Z6nGFn_SI +dpeNjf66lbm4y68loUh5Q4BDce3YaCT1gHmluBzXnv1vFzuvJ2jcVyq-nUDjdTqvM9okW8Prmt7l +ttQ3MVZI4rd-tXJfV4lxaI6wF4LIwiMJmY2tiCHoJ5nbLfHvMG7G5K1NAbizPltQxURPiMPZeCDZ +15SXI9vdCR-FyQikzp1hUUMMqz231-6BDDTKMOXpicQRQ0CHpEfxY4Rq3mu0QmRi-EIs6JAzfuLi +ba7fbfHnkhl3GWkj0CVZD8uDbzJceSTHICqVt-3qECUSG3ZfsuebWAEWED_xQoXyAL7kK8fMOPwl +m6qEk4z7boiJSrcQ2ZIdyPs2bZNvlv4wYg0F3BhFf2HeCYwR3BKXQGlDXGOAD5GuRpHHBch9JfVa +iUbvCEF23mee633C_K4zCaaVR9UqXMefzqFxSsobMp3heo3eIcQzLhe2SL2xpI9TbsvN2N4c9UMk +_TnQBHiYBgPxtB_j8bnVu7C__lTTpPKYLpUPxgWEIzljZzbkF37QQ1XtAc2EzcOi2FT4qsjlNgPw +PbL6ZihWEYZrZUilTSLzzjcQDLzoaF6BL2LOOS-Uju-B7COhcSMc0JLYOob6RDBE9T6HUMuZ diff --git a/kubernetes/aai/charts/aai-resources/resources/config/aaf/org.onap.aai.p12 b/kubernetes/aai/charts/aai-resources/resources/config/aaf/org.onap.aai.p12 Binary files differindex 023e2eaac6..5737e48796 100644 --- a/kubernetes/aai/charts/aai-resources/resources/config/aaf/org.onap.aai.p12 +++ b/kubernetes/aai/charts/aai-resources/resources/config/aaf/org.onap.aai.p12 diff --git a/kubernetes/aai/charts/aai-resources/resources/config/aaf/org.onap.aai.props b/kubernetes/aai/charts/aai-resources/resources/config/aaf/org.onap.aai.props index 78e4e71dc6..59593a501a 100644 --- a/kubernetes/aai/charts/aai-resources/resources/config/aaf/org.onap.aai.props +++ b/kubernetes/aai/charts/aai-resources/resources/config/aaf/org.onap.aai.props @@ -2,13 +2,13 @@ # Properties Generated by AT&T Certificate Manager # @copyright 2016, AT&T ############################################################ -cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US +cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US cadi_keyfile=/opt/app/aai-resources/resources/aaf/org.onap.aai.keyfile cadi_keystore=/opt/app/aai-resources/resources/aaf/org.onap.aai.p12 -cadi_keystore_password=enc:383RDJRFA6yQz9AOxUxC1iIg3xTJXityw05MswnpnEtelRQy2D4r5INQjrea7GTV -#cadi_key_password=enc:<KEY PASSWORD (optional if the same as KEYSTORE PASSWORD)> +cadi_keystore_password=enc:nF3D1h00vVoLZkCnFtTCJAiH6maEiA3933rI3ctap9Ggjlm2SMg_dxk6ui9iiDwr +#cadi_key_password=enc:9xs_lJ9QQRDoMcHqLbGg40-gefGrw-sLMjWL40ejbyqdC7Jt_pQfY6ajBLGcbLuL cadi_alias=aai@aai.onap.org cadi_truststore=/opt/app/aai-resources/resources/aaf/truststoreONAPall.jks -cadi_truststore_password=enc:s77wlnZFoQ08NhnU3OSeWO6uKgRwC6sAK-wTvVubNz2 +cadi_truststore_password=enc:8BxmWFFRI9wcf2jVixnfdK2GPI4veaXofZ65fcYThHv cadi_loglevel=INFO cadi_bath_convert=/opt/app/aai-resources/resources/aaf/bath_config.csv diff --git a/kubernetes/aai/charts/aai-resources/templates/deployment.yaml b/kubernetes/aai/charts/aai-resources/templates/deployment.yaml index 0a46c48717..9fe4c17cc9 100644 --- a/kubernetes/aai/charts/aai-resources/templates/deployment.yaml +++ b/kubernetes/aai/charts/aai-resources/templates/deployment.yaml @@ -82,6 +82,28 @@ spec: "path": "/aai/v14/cloud-infrastructure" }, { + "serviceName": "_aai-cloudInfrastructure", + "version": "v15", + "url": "/aai/v15/cloud-infrastructure", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v15/cloud-infrastructure" + }, + { + "serviceName": "_aai-cloudInfrastructure", + "version": "v16", + "url": "/aai/v16/cloud-infrastructure", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v16/cloud-infrastructure" + }, + { "serviceName": "_aai-business", "version": "v11", "url": "/aai/v11/business", @@ -126,6 +148,28 @@ spec: "path": "/aai/v14/business" }, { + "serviceName": "_aai-business", + "version": "v15", + "url": "/aai/v15/business", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v15/business" + }, + { + "serviceName": "_aai-business", + "version": "v16", + "url": "/aai/v16/business", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v16/business" + }, + { "serviceName": "_aai-actions", "version": "v11", "url": "/aai/v11/actions", @@ -170,6 +214,28 @@ spec: "path": "/aai/v14/actions" }, { + "serviceName": "_aai-actions", + "version": "v15", + "url": "/aai/v15/actions", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v15/actions" + }, + { + "serviceName": "_aai-actions", + "version": "v16", + "url": "/aai/v16/actions", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v16/actions" + }, + { "serviceName": "_aai-service-design-and-creation", "version": "v11", "url": "/aai/v11/service-design-and-creation", @@ -213,6 +279,28 @@ spec: "visualRange": "1", "path": "/aai/v14/service-design-and-creation" }, + { + "serviceName": "_aai-service-design-and-creation", + "version": "v15", + "url": "/aai/v15/service-design-and-creation", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v15/service-design-and-creation" + }, + { + "serviceName": "_aai-service-design-and-creation", + "version": "v16", + "url": "/aai/v16/service-design-and-creation", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v16/service-design-and-creation" + }, { "serviceName": "_aai-network", "version": "v11", @@ -258,6 +346,28 @@ spec: "path": "/aai/v14/network" }, { + "serviceName": "_aai-network", + "version": "v15", + "url": "/aai/v15/network", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v15/network" + }, + { + "serviceName": "_aai-network", + "version": "v16", + "url": "/aai/v16/network", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v16/network" + }, + { "serviceName": "_aai-externalSystem", "version": "v11", "url": "/aai/v11/external-system", @@ -302,6 +412,28 @@ spec: "path": "/aai/v14/external-system" }, { + "serviceName": "_aai-externalSystem", + "version": "v15", + "url": "/aai/v15/external-system", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v15/external-system" + }, + { + "serviceName": "_aai-externalSystem", + "version": "v16", + "url": "/aai/v16/external-system", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v16/external-system" + }, + { "serviceName": "aai-cloudInfrastructure", "version": "v11", "url": "/aai/v11/cloud-infrastructure", @@ -342,6 +474,26 @@ spec: "visualRange": "1" }, { + "serviceName": "aai-cloudInfrastructure", + "version": "v15", + "url": "/aai/v15/cloud-infrastructure", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, + { + "serviceName": "aai-cloudInfrastructure", + "version": "v16", + "url": "/aai/v16/cloud-infrastructure", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, + { "serviceName": "aai-business", "version": "v11", "url": "/aai/v11/business", @@ -382,6 +534,26 @@ spec: "visualRange": "1" }, { + "serviceName": "aai-business", + "version": "v15", + "url": "/aai/v15/business", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, + { + "serviceName": "aai-business", + "version": "v16", + "url": "/aai/v16/business", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, + { "serviceName": "aai-actions", "version": "v11", "url": "/aai/v11/actions", @@ -422,6 +594,26 @@ spec: "visualRange": "1" }, { + "serviceName": "aai-actions", + "version": "v15", + "url": "/aai/v15/actions", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, + { + "serviceName": "aai-actions", + "version": "v16", + "url": "/aai/v16/actions", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, + { "serviceName": "aai-service-design-and-creation", "version": "v11", "url": "/aai/v11/service-design-and-creation", @@ -462,6 +654,26 @@ spec: "visualRange": "1" }, { + "serviceName": "aai-service-design-and-creation", + "version": "v15", + "url": "/aai/v15/service-design-and-creation", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, + { + "serviceName": "aai-service-design-and-creation", + "version": "v16", + "url": "/aai/v16/service-design-and-creation", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, + { "serviceName": "aai-network", "version": "v11", "url": "/aai/v11/network", @@ -502,6 +714,26 @@ spec: "visualRange": "1" }, { + "serviceName": "aai-network", + "version": "v15", + "url": "/aai/v15/network", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, + { + "serviceName": "aai-network", + "version": "v16", + "url": "/aai/v16/network", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, + { "serviceName": "aai-externalSystem", "version": "v11", "url": "/aai/v11/external-system", @@ -540,6 +772,26 @@ spec: "enable_ssl": true, "lb_policy":"ip_hash", "visualRange": "1" + }, + { + "serviceName": "aai-externalSystem", + "version": "v15", + "url": "/aai/v15/external-system", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, + { + "serviceName": "aai-externalSystem", + "version": "v16", + "url": "/aai/v16/external-system", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" } ]' spec: diff --git a/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.keyfile b/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.keyfile index 3416d4a737..87219388f7 100644 --- a/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.keyfile +++ b/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.keyfile @@ -1,27 +1,27 @@ -2otP92kNFHdexroZxvgYY7ffslFiwCD3CiVYMIfUF2edqZK7972NwkvE_mbaBo6jh8lByLIqrWAf -jyzoiVsvQ_kCa0cS1xaRLpcxv3bx1b7o3hGPBqpd6vmSG4y2JLzNlCBZWuTJz827wr8p_fWrYuUm -4L1WoaEe8W5PRnXjl4hDqbJBAlEoRIBXugUDt_7O5wgx2Rl3HVoOczZtf0RzONZ1F0BmKf3QlAUe -moSbARitYRgIPt5sLbT7qPyoEpGDhQ1XBowR744-wsjBc-14yO62Ajp5xWKTp15uWn3_HHuw1SAf -GWSBRGlSlEVkXQqi9Hw5jDttKVzHX1ckwR0SQOirbtHPHplxPX3WKjKhSdSeMzw6LOAHIQYRMKBT -74oGnULAfPtV7TaGwOKriT3P49CoPdt9On89-LGyCZSxDWKH0K-rgB6I2_hPT2Uzr3jmXiMa-sfh -iMvyQ7ABBVx0OFsUuNb5mcU2O6dWiQreL5RerrloV_X3ZtnNjxENXKjQ5KBR1A5ISPjFFK-kf4Rb -p6FSII8LcsiqgdWuZ4GX_C6x8HX4A-vD0x3Uc9CfoXY-k23cNIy-R-W-oB-P2OgdWDNgZ7VaOLNt -3L-NwWpNblfYvs93cNmkbVAwCZ3r0OP7RFeuON84TRaynK_Fh2S3rypRyJcUmM1pvpZqJ5_-umSW -hUs1OqkdLv3xjlVzzK-3nMr0q3Zcyp4XdyLYtcX5I3Xqk9ZcsyAT7ghmHhV8KjUjue7OcfAWg0m7 -RJLGq6VC8HeK4HEMa4lF677Qh7DRufghIDEmQSIDfGA790WGSA8HqcOvAL4hURCHyCWiPa5i8ksX -xX4HyqF8PCVCLJ_ZhzcuIlc0jStAexWbJU_vcyX7XgUaHCkF-M-zv1FP6Z3DHBMD2QqSWjmyNCCk -8sIuwzs62P_j2o9jG33kssedCrUWOwZancU107-5H0Zw-UWvtCqUfmRZ7TsEbWY7lk_SKfLfAN5q -ncOQgU_VxDXUFDST4LN_WVECRafK3UtwWomxWSji25Lbf6NVni3ok-yLMDZR-wrE-54jLPES9j0i -5N0xrk9CfsvGUpUZ1_XQcgaxI6m27DtCCJXb5ywenPBiUIJCMCTq88CqNZxGpju2i4BJcUH2hUHe -GKhO8pgslwhtEVot9EDwdzSrJkWFCfb6ud4zMxrqdi7-mLWMOydg6lhpEFEX5wu2BLIujGsZlEGE -_K9jGfBypjXuJCKDZIuPfEnf_7idjKis_JcFB7x4Hx2HHDcBjlWWFZN_VIEnPkQSyZEC26RTFP3k -zkY3GwUfA36a4XW2pu3gE9wz-W6fkONfzOZ6YiyCm_dRFUVuGSdJG02Hh5iXYlMOGJltPzWH2jVf -S-QTOmXQTKSOheXoJO6O-9uQbsRf-kq-6w1pvIOp4ms35w4_0Xj0Xr2a9y-L9PdBZvrUsa-jxsZU -LyA-YY4Ej6QwDBDTD2MGjF1E5_ekYgjoNlltM9rJjofruM4ym0n7LPHC7YXXQSEFOZYeTKi6wUDw -hQ1DoWHgu4PQ2lexada8sxQdConbPe2iW16h-PrO5D12E4XbT00fqaMlBmjQwzdNRdCC2NRPIQ5W -nwaO8dZ9yjxsjT7ZVHb9-DRblb3XDocponzxVXqUGtJAie4WXQnerX0ApTWGaHEr5y56JJVS_3LP -bKrbXBXcs4jTUX4ECXRrOs8JQDQNysXhvTPCu0XUxNZpjx6KLxDs93k2OcESHjl5J6n6OKKJqqoN -JEyFO5LGXpnmUJbn0-CaHHPRI1mHwEu4brY8wDZd9A0PD1KGXDoCHMfEk1lGblQdyOcVrXZ6uSBk -Z6zHDnwSCHO1mPYqtelJQehZoFuPSv9PIgKLxs_qJOtZFnXII5YO1mGXgiIBWBjUFDR5HG4ENS6y -J4MCF-JLMp-PVMAkOaCIQRRDpRnMm_fT1sc_P562Diu_pcdt-r55pMFQYGoGfjRmxQBKk0-SsdnP -mlZIiis9DfQEN0q3QQdNRYBJD7tmhUwhAPZdLgXqJA8sZf8UyFQhhpsky79NT343YL9smUlF
\ No newline at end of file +yf1wUdfxbhVQQq5UF8hzWB_01VVrRIkC8BaLT7NMTrmv30RsMj3lvlaX3_CnVC1emYgmiUfWnT7k +brk0m-URJAKM8Pm6PrnOyKlx3U7NS8HVcFdKpVm_bx0CFsA3eY2NGe-D0gd35V1MohCbABZ8G2a6 +AgE7QmToHCwclXW_goK5P7lmJX1HaMVAIydMreP1m9sSR4UboRlvkH6VsMM1H1Y9ZhhXF--RkWAM +EcIspNTQE4ef3ZvYtSzuWssGZP8Hjo4XJlXz1uCSkyczw0IR19n-lspF9S0cIMro6QqvJsyjyjRo +UdYgxdwmQ_st4P43TZ8YEBQyE8r7VUoh_EqUx9ldilxGA0kBOQcTdtd805Kf98grXiQXeT-8UD1L +02aLzbz8Md7f8foGS1oGLfoImdjYCzOOZs3qHmKSb6YoHY8VcBCxIEfCznYl8wLYLRsSZ0tV4SAM +qCM_KHOM0HOZrNfSSAW5ZVZb67U9NI9SLFRV8gkmqxMspfjSLJCyHhq0D6RMECSpeAeVgoh6SWDw +mBSXunY5ZWVzdUyEezjCcl3NqTahrlfMSV5xkfUmSNFe_WW9rIXF0vD6MHAEW62yA1OA8WoMUqp2 +VKkUzWGVGAdMvbU52D6hqmGXER44kxAHVgEwPdhQhqgk4BpjR2v9ozQ6E_xNGkSRnriNB-H6BSN0 +vZa0pNJfvmBCjwGeoyRbCJrN1grLoDHQ3_6g-IwsD3NugKp6SHxUgfiPAUMGz-J2ZdbAlU0SNQgM +8gn6_cOaXvhqHBwh9SfT4jXyuCJru0zw3pyOjuw6fLMezvJDPvFfIgWllzc2IQ7_bufMZgCr2yAe +O-nBzsXK8aqItzCti53sZLSM1YC6OuRaiIt2i0yTVa7koFYSFhyELqEco5cFKMs0c6SrgIxnRrBT +x0RPXIyLdiRr76uP2wxL8KDfJ1vbCKi1xkZRchvQfm3ssgpzXVz8lnZ-HxacEhhAfGdDV56ZgRhu +5UVQd2RdP9JVpnXRJPhVwlQeQlrIXWHp01efBPRMTZQd2lpaNqn5v5chzpi9bbM3P3-BLxnN2NID +dv1E9Ox7MH-m3IQT9yFUi-UrDxAId4dnpgeCvyxhfnc1HJ9B71x9wmryC9PJWiKs3K-T_eC9pR4o +eN5PUZZ7arwdMUmzqKPNAtyMqaJCWfD3GZ1KsC8OV5Ze0DRQZPeT3IHg2BUC1NGj2SdjcwaGP_zl +uytFZWN7kQjnI4brorkO_jzjf7SEPCO7Vy2Z2vikIv7O8bSWZWDGYCcxUoYigFYcjZFirRYr3Yvl +YZU-F_qh6ZvrVxStSpz6iYDAzPW9v4ZyLSHyWe5H2AN89uRdnvag1769KpjsmGVYbn5jabgCJFs8 +EL7rxymrXri5cKsGH8XC1E0a-kP6vvhdHJhx5eFsFmKJaWh3RCJ8_I5CSzSRsK8JvE1Z6nGFn_SI +dpeNjf66lbm4y68loUh5Q4BDce3YaCT1gHmluBzXnv1vFzuvJ2jcVyq-nUDjdTqvM9okW8Prmt7l +ttQ3MVZI4rd-tXJfV4lxaI6wF4LIwiMJmY2tiCHoJ5nbLfHvMG7G5K1NAbizPltQxURPiMPZeCDZ +15SXI9vdCR-FyQikzp1hUUMMqz231-6BDDTKMOXpicQRQ0CHpEfxY4Rq3mu0QmRi-EIs6JAzfuLi +ba7fbfHnkhl3GWkj0CVZD8uDbzJceSTHICqVt-3qECUSG3ZfsuebWAEWED_xQoXyAL7kK8fMOPwl +m6qEk4z7boiJSrcQ2ZIdyPs2bZNvlv4wYg0F3BhFf2HeCYwR3BKXQGlDXGOAD5GuRpHHBch9JfVa +iUbvCEF23mee633C_K4zCaaVR9UqXMefzqFxSsobMp3heo3eIcQzLhe2SL2xpI9TbsvN2N4c9UMk +_TnQBHiYBgPxtB_j8bnVu7C__lTTpPKYLpUPxgWEIzljZzbkF37QQ1XtAc2EzcOi2FT4qsjlNgPw +PbL6ZihWEYZrZUilTSLzzjcQDLzoaF6BL2LOOS-Uju-B7COhcSMc0JLYOob6RDBE9T6HUMuZ diff --git a/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.p12 b/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.p12 Binary files differindex 023e2eaac6..5737e48796 100644 --- a/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.p12 +++ b/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.p12 diff --git a/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.props b/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.props index 7cb0d492ce..0f27dbdd76 100644 --- a/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.props +++ b/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.props @@ -2,13 +2,13 @@ # Properties Generated by AT&T Certificate Manager # @copyright 2016, AT&T ############################################################ -cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US +cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US cadi_keyfile=/opt/app/aai-traversal/resources/aaf/org.onap.aai.keyfile cadi_keystore=/opt/app/aai-traversal/resources/aaf/org.onap.aai.p12 -cadi_keystore_password=enc:383RDJRFA6yQz9AOxUxC1iIg3xTJXityw05MswnpnEtelRQy2D4r5INQjrea7GTV -#cadi_key_password=enc:<KEY PASSWORD (optional if the same as KEYSTORE PASSWORD)> +cadi_keystore_password=enc:nF3D1h00vVoLZkCnFtTCJAiH6maEiA3933rI3ctap9Ggjlm2SMg_dxk6ui9iiDwr +#cadi_key_password=enc:9xs_lJ9QQRDoMcHqLbGg40-gefGrw-sLMjWL40ejbyqdC7Jt_pQfY6ajBLGcbLuL cadi_alias=aai@aai.onap.org cadi_truststore=/opt/app/aai-traversal/resources/aaf/truststoreONAPall.jks -cadi_truststore_password=enc:s77wlnZFoQ08NhnU3OSeWO6uKgRwC6sAK-wTvVubNz2 +cadi_truststore_password=enc:8BxmWFFRI9wcf2jVixnfdK2GPI4veaXofZ65fcYThHv cadi_loglevel=INFO cadi_bath_convert=/opt/app/aai-traversal/resources/aaf/bath_config.csv diff --git a/kubernetes/aai/charts/aai-traversal/templates/deployment.yaml b/kubernetes/aai/charts/aai-traversal/templates/deployment.yaml index 4f97f4a2c3..be4b863195 100644 --- a/kubernetes/aai/charts/aai-traversal/templates/deployment.yaml +++ b/kubernetes/aai/charts/aai-traversal/templates/deployment.yaml @@ -82,6 +82,28 @@ spec: "path": "/aai/v14/search/generic-query" }, { + "serviceName": "_aai-generic-query", + "version": "v15", + "url": "/aai/v15/search/generic-query", + "protocol": "REST", + "port": "8446", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v15/search/generic-query" + }, + { + "serviceName": "_aai-generic-query", + "version": "v16", + "url": "/aai/v16/search/generic-query", + "protocol": "REST", + "port": "8446", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v16/search/generic-query" + }, + { "serviceName": "_aai-nodes-query", "version": "v11", "url": "/aai/v11/search/nodes-query", @@ -126,6 +148,28 @@ spec: "path": "/aai/v14/search/nodes-query" }, { + "serviceName": "_aai-nodes-query", + "version": "v15", + "url": "/aai/v15/search/nodes-query", + "protocol": "REST", + "port": "8446", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v15/search/nodes-query" + }, + { + "serviceName": "_aai-nodes-query", + "version": "v16", + "url": "/aai/v16/search/nodes-query", + "protocol": "REST", + "port": "8446", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v16/search/nodes-query" + }, + { "serviceName": "_aai-query", "version": "v11", "url": "/aai/v11/query", @@ -170,6 +214,28 @@ spec: "path": "/aai/v14/query" }, { + "serviceName": "_aai-query", + "version": "v15", + "url": "/aai/v15/query", + "protocol": "REST", + "port": "8446", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v15/query" + }, + { + "serviceName": "_aai-query", + "version": "v16", + "url": "/aai/v16/query", + "protocol": "REST", + "port": "8446", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v16/query" + }, + { "serviceName": "_aai-named-query", "url": "/aai/search", "protocol": "REST", @@ -220,6 +286,26 @@ spec: "visualRange": "1" }, { + "serviceName": "aai-generic-query", + "version": "v15", + "url": "/aai/v15/search/generic-query", + "protocol": "REST", + "port": "8446", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, + { + "serviceName": "aai-generic-query", + "version": "v16", + "url": "/aai/v16/search/generic-query", + "protocol": "REST", + "port": "8446", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, + { "serviceName": "aai-nodes-query", "version": "v11", "url": "/aai/v11/search/nodes-query", @@ -260,6 +346,26 @@ spec: "visualRange": "1" }, { + "serviceName": "aai-nodes-query", + "version": "v15", + "url": "/aai/v15/search/nodes-query", + "protocol": "REST", + "port": "8446", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, + { + "serviceName": "aai-nodes-query", + "version": "v16", + "url": "/aai/v16/search/nodes-query", + "protocol": "REST", + "port": "8446", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, + { "serviceName": "aai-query", "version": "v11", "url": "/aai/v11/query", @@ -300,6 +406,26 @@ spec: "visualRange": "1" }, { + "serviceName": "aai-query", + "version": "v15", + "url": "/aai/v15/query", + "protocol": "REST", + "port": "8446", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, + { + "serviceName": "aai-query", + "version": "v16", + "url": "/aai/v16/query", + "protocol": "REST", + "port": "8446", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, + { "serviceName": "aai-named-query", "url": "/aai/search", "protocol": "REST", diff --git a/kubernetes/aai/resources/config/aai/aai_keystore b/kubernetes/aai/resources/config/aai/aai_keystore Binary files differindex 83cae95273..d50b33ed93 100644 --- a/kubernetes/aai/resources/config/aai/aai_keystore +++ b/kubernetes/aai/resources/config/aai/aai_keystore diff --git a/kubernetes/aai/resources/config/haproxy/aai.pem b/kubernetes/aai/resources/config/haproxy/aai.pem new file mode 100644 index 0000000000..e6dfd6a63d --- /dev/null +++ b/kubernetes/aai/resources/config/haproxy/aai.pem @@ -0,0 +1,82 @@ +-----BEGIN CERTIFICATE----- +MIIFATCCA+mgAwIBAgIIWY+5kgf/UH8wDQYJKoZIhvcNAQELBQAwRzELMAkGA1UE +BhMCVVMxDTALBgNVBAoMBE9OQVAxDjAMBgNVBAsMBU9TQUFGMRkwFwYDVQQDDBBp +bnRlcm1lZGlhdGVDQV85MB4XDTE5MDMyNjAzMjc1MloXDTIwMDMyNjAzMjc1Mlow +azERMA8GA1UEAwwIYWFpLm9uYXAxDzANBgkqhkiG9w0BCQEWADEZMBcGA1UECwwQ +YWFpQGFhaS5vbmFwLm9yZzEOMAwGA1UECwwFT1NBQUYxDTALBgNVBAoMBE9OQVAx +CzAJBgNVBAYTAlVTMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyZj +PvQrgB2bhyE3kpSH6OjXigs/+MfmV4eOrEwmMzQ1lWjItu2z5WY9xNGCky85G3Pr +qmCfT/qNPXd0W5kEujYlL0QnvrCa77WP3kSSu0kMKdUJV3S90Rp1SOhGFU/WroAQ +XvlzyBCunqQ9/F/L6mS8dLotUbkGIQlojAYOukWOT/+ogMMxzpxtb91QR+Wl4YeY +yzX//0rls/6nEKzCh2STHJuTkXqL0kod+KY08unpvMX2J/SEeHdWLS8Gsuus6oqM +r4bFyquua/U1ApxEMn0/agY58V75dF5CRPJRYrqqf9I6DBr0SntHv6pzMhokjewl +ukkrEsvIOkqEvIcE+QIDAQABo4IByzCCAccwCQYDVR0TBAIwADAOBgNVHQ8BAf8E +BAMCBeAwIAYDVR0lAQH/BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMFQGA1UdIwRN +MEuAFIH3mVsQuciM3vNSXupOaaBDPqzdoTCkLjAsMQ4wDAYDVQQLDAVPU0FBRjEN +MAsGA1UECgwET05BUDELMAkGA1UEBhMCVVOCAQcwHQYDVR0OBBYEFFziBN1nFOnS +Sp7XkxOuzVNR1GFLMIIBEQYDVR0RBIIBCDCCAQSCCGFhaS5vbmFwghJhYWktc3Bh +cmt5LWJlLm9uYXCCG2FhaS5hcGkuc2ltcGxlZGVtby5vbmFwLm9yZ4IlYWFpLmVs +YXN0aWNzZWFyY2guc2ltcGxlZGVtby5vbmFwLm9yZ4IlYWFpLmdyZW1saW5zZXJ2 +ZXIuc2ltcGxlZGVtby5vbmFwLm9yZ4IdYWFpLmhiYXNlLnNpbXBsZWRlbW8ub25h +cC5vcmeCJWFhaS5zZWFyY2hzZXJ2aWNlLnNpbXBsZWRlbW8ub25hcC5vcmeCF2Fh +aS5zaW1wbGVkZW1vLm9uYXAub3JnghphYWkudWkuc2ltcGxlZGVtby5vbmFwLm9y +ZzANBgkqhkiG9w0BAQsFAAOCAQEAlqwzbZv/0uxVPmFJMB2t5B2nw3GNojLwxnHh +UVKzrLbDDpM36CkY8uX9kYAaf/Eg8eA5Jp0T9lGCheg0TNHM9OBqyyvDPjewZ5jO +N0xooRs7gh4bYtQaWIjCOg6bXg+mHkW4VVbpewMJYivGpJZQ76LauuHtg1OA688s +fy4SGrbC902OoPZ8zJlINOyljqSa+uNwvv6bg9Iqnuq/jUaFpKOYVUkMzw/ImVzy +3kXH/hY+nz4FNvMPlULgwxskOBRp90a5VWBC48cNzg4aNtanVz6lPAr/AVD1R6jt +ZDEd3Ww8nTlRKjUryxgoorqo8ThctZscWBpHMRW4B/LgGEYtRA== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEdTCCAl2gAwIBAgIBBzANBgkqhkiG9w0BAQsFADAsMQ4wDAYDVQQLDAVPU0FB +RjENMAsGA1UECgwET05BUDELMAkGA1UEBhMCVVMwHhcNMTgwODE3MTg1MTM3WhcN +MjMwODE3MTg1MTM3WjBHMQswCQYDVQQGEwJVUzENMAsGA1UECgwET05BUDEOMAwG +A1UECwwFT1NBQUYxGTAXBgNVBAMMEGludGVybWVkaWF0ZUNBXzkwggEiMA0GCSqG +SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv0HHUkba3uNtNI3jPKimUcd6RNwmhSCJL +neMWpnjqp5/A+HCKyNsEaT4y177hNLmCm/aMm1u2JIfikc+8wEqLCSBBPz+P0h+d +o+sZ7U+4oeQizdYYpEdzHJ2SieHHa8vtu80rU3nO2NEIkuYC20HcKSEtl8fFKsk3 +nqlhY+tGfYJPTXcDOQAO40BTcgat3C3uIJHkWJJ4RivunE4LEuRv9QyKgAw7rkJV +v+f7guqpZlXy6dzAkuU7XULWcgo55MkZlssoiErMvEZJad5aWKvRY3g7qUjaQ6wO +15wOAUoRBW96eeZZbytgn8kybcBy++Ue49gPtgm1MF/KlAsp0MD5AgMBAAGjgYYw +gYMwHQYDVR0OBBYEFIH3mVsQuciM3vNSXupOaaBDPqzdMB8GA1UdIwQYMBaAFFNV +M/JL69BRscF4msEoMXvv6u1JMBIGA1UdEwEB/wQIMAYBAf8CAQEwDgYDVR0PAQH/ +BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjANBgkqhkiG9w0B +AQsFAAOCAgEADxNymiCNr2e37iLReoaxKmZvwox0cTiNAaj7iafRzmwIoY3VXO8Q +ix5IYcp4FaQ7fV1jyp/AmaSnyHf6Osl0sx8PxsQkO7ALttxKUrjfbvNSVUA2C/vl +u5m7UVJLIUtFDZBWanzUSmkTsYLHpiANFQKd2c/cU1qXcyzgJVFEFVyyHNkF7Is+ ++pjG9M1hwQHOoTnEuU013P7X1mHek+RXEfhJWwe7UsZnBKZaZKbQZu7hEtqKWYp/ +QsHgnjoLYXsh0WD5rz/mBxdTdDLGpFqWDzDqb8rsYnqBzoowvsasV8X8OSkov0Ht +8Yka0ckFH9yf8j1Cwmbl6ttuonOhky3N/gwLEozuhy7TPcZGVyzevF70kXy7g1CX +kpFGJyEHXoprlNi8FR4I+NFzbDe6a2cFow1JN19AJ9Z5Rk5m7M0mQPaQ4RcikjB3 +aoLsASCJTm1OpOFHfxEKiBW4Lsp3Uc5/Rb9ZNbfLrwqWZRM7buW1e3ekLqntgbky +uKKISHqVJuw/vXHl1jNibEo9+JuQ88VNuAcm7WpGUogeCa2iAlPTckPZei+MwZ8w +tpvxTyYlZEC8DWzY1VC29+W2N5cvh01e2E3Ql08W1zL63dqrgdEZ3VWjzooYi4ep +BmMXTvouW+Flyvcw/0oTcfN0biDIt0mCkZ5CQVjfGL9DTOYteR5hw+k= +-----END CERTIFICATE----- +-----BEGIN RSA PRIVATE KEY----- +MIIEogIBAAKCAQEAuyZjPvQrgB2bhyE3kpSH6OjXigs/+MfmV4eOrEwmMzQ1lWjI +tu2z5WY9xNGCky85G3PrqmCfT/qNPXd0W5kEujYlL0QnvrCa77WP3kSSu0kMKdUJ +V3S90Rp1SOhGFU/WroAQXvlzyBCunqQ9/F/L6mS8dLotUbkGIQlojAYOukWOT/+o +gMMxzpxtb91QR+Wl4YeYyzX//0rls/6nEKzCh2STHJuTkXqL0kod+KY08unpvMX2 +J/SEeHdWLS8Gsuus6oqMr4bFyquua/U1ApxEMn0/agY58V75dF5CRPJRYrqqf9I6 +DBr0SntHv6pzMhokjewlukkrEsvIOkqEvIcE+QIDAQABAoIBAEe1OrvJZM2PCqOp +N5jjbnvwk32iN93EAl8xYppkBxMBgzJ/VsC4rYBNP4elWym4I2KAdSDwKrrDXtDZ +b20VYXlT+8VzkOMA2izU3Y4lqi82mwGATjcDVSPExoGr9gZ+c9yi1yL8478ZnT7N +4a5Mql5iQM9c8rZodY+9AiD8xTHbgXbaGmBsDhTxT/HPDsoacR/SHMh3XowbhAcs +eXAe+NdDtLcG6WOEqi/EhkagkWvsecIBoy888Ffbxa5h/DLEaCCoC3Dw1tWFX8KM +86sC9sQKDVRVKpKs2/9MGl9LoPi9jNDrOP6/Zx3T4k479ozGp/0G70LzmUcih72j +MUbr4f0CgYEA/AV0yOLZh0i2K53jpv3e8RDJkOBFuLb0ZZVdGkVYHncw9/WY070E +TJi0B51RAJtdSksAWa6o+1+VaJKQHtMZpABwMWDMRQUqdC+o+knONRpdCHwxXnSl +gvujFyYJhURKDr42z0xjbQrHaEZRuVJ6tzJQhFtE66G01ngREhDPbUsCgYEAvhrB +A/IOQpPaHcfU2ik80VE0KU9N4Ez50ZlheEbBDVTrMWzuFy8p9niNSfDKC7s5aqlP +DgDvTD80D8Zw6+yT/aDU5iEf5vMdKc1pnlr8jJoCNSvuyJZ40kDSehsBOKC+YN3g +b6xaYWIcH3mwwoLZO9XFsN5KAg/dSMJED8AGAEsCgYAduMMCIgbHdqLNWAyOGCif +w3wSEvEGDMWb6VaWj5EJ3sKuq48/gW4tXmD0+O+ho7EH3vqGmRuisa4cLBTFHd5L +QiX5HNJaXXaZRzmlcujXyGkqZAMqgZU3clfUlg7PYbNeM76hCgA7zuaffJOMyJZi +XpOyWFUzeNmr5XMV71eXKwKBgEtgzFvGJMVdXsUkMU/3vfe5XRdsLJLdssjbKnzI +gU/J9h/480caGmdyUYOaCGMyb4fNbl09HaV8AianJqtFeUC9/uzpAX9PsqaanmB9 +71nIz0tKCjpa/7lOnqZwAsHzasl58L4W9xdaEZChbecSfxRspSCGY44BwFpTPS2J +lFeVAoGAFOetqKStyEy+qruEOMk+lWwaKLGZ4hLk7qmFochxwrXgx7hcZ4Zrqkv9 +7qyQtbAalFiCHGmLBdSb+GLfD/1pPUA3wJoLo/I3f4g9c7cw7m7r8MdWPDXSL2Vk +vM97Syv92KQUBl8te7S3+bDBNklgb+KwRqSk3QRAl8ARWEjg8Kk= +-----END RSA PRIVATE KEY----- diff --git a/kubernetes/aai/templates/deployment.yaml b/kubernetes/aai/templates/deployment.yaml index 17680a0b96..8c107303ac 100644 --- a/kubernetes/aai/templates/deployment.yaml +++ b/kubernetes/aai/templates/deployment.yaml @@ -70,6 +70,9 @@ spec: subPath: haproxy.cfg {{ end }} name: haproxy-cfg + - mountPath: /etc/ssl/private/aai.pem + name: aai-pem + subPath: aai.pem ports: - containerPort: {{ .Values.service.internalPort }} - containerPort: {{ .Values.service.internalPort2 }} @@ -121,5 +124,8 @@ spec: - name: haproxy-cfg configMap: name: aai-deployment-configmap + - name: aai-pem + secret: + secretName: aai-haproxy-secret imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/cds/charts/blueprints-processor/requirements.yaml b/kubernetes/cds/charts/blueprints-processor/requirements.yaml index 1d06a389a8..9f92507a99 100755 --- a/kubernetes/cds/charts/blueprints-processor/requirements.yaml +++ b/kubernetes/cds/charts/blueprints-processor/requirements.yaml @@ -13,9 +13,6 @@ # limitations under the License. dependencies: - - name: mariadb-galera - version: ~4.x-0 - repository: file://../mariadb-galera/ - name: common version: ~4.x-0 repository: '@local'
\ No newline at end of file diff --git a/kubernetes/cds/charts/blueprints-processor/resources/config/application.properties b/kubernetes/cds/charts/blueprints-processor/resources/config/application.properties index 9d1c957b8f..c25176f971 100755 --- a/kubernetes/cds/charts/blueprints-processor/resources/config/application.properties +++ b/kubernetes/cds/charts/blueprints-processor/resources/config/application.properties @@ -11,18 +11,23 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-#logging.level.web=DEBUG
-appName={{.Values.config.applicationName}}
-ms_name={{.Values.config.msName}}
-appVersion={{.Values.config.bundleVersion}}
-blueprintsprocessor.grpcEnable={{.Values.config.grpcEnabled}}
-blueprintsprocessor.httpPort={{.Values.service.http.internalPort}}
-blueprintsprocessor.grpcPort={{.Values.service.grpc.internalPort}}
-#Blueprint Processor File Execution and Handling Properties
+
+# Functionality config
+blueprintsprocessor.grpcEnable=true
+blueprintsprocessor.restconfEnabled=true
+blueprintsprocessor.httpPort=8080
+blueprintsprocessor.grpcPort=9111
+
+# Basic Authentication
+security.user.password: {bcrypt}$2a$10$duaUzVUVW0YPQCSIbGEkQOXwafZGwQ/b32/Ys4R1iwSSawFgz7QNu
+security.user.name: ccsdkapps
+
+# Blueprint Processor File Execution and Handling Properties
blueprintsprocessor.blueprintDeployPath=/opt/app/onap/blueprints/deploy
blueprintsprocessor.blueprintArchivePath=/opt/app/onap/blueprints/archive
-#Primary Database Configuration
-blueprintsprocessor.db.primary.url=jdbc:mysql://blueprints-processor-db:3306/sdnctl
+
+# Primary Database Configuration
+blueprintsprocessor.db.primary.url=jdbc:mysql://cds-db:3306/sdnctl
blueprintsprocessor.db.primary.username=sdnctl
blueprintsprocessor.db.primary.password=sdnctl
blueprintsprocessor.db.primary.driverClassName=org.mariadb.jdbc.Driver
@@ -30,5 +35,13 @@ blueprintsprocessor.db.primary.hibernateHbm2ddlAuto=update blueprintsprocessor.db.primary.hibernateDDLAuto=update
blueprintsprocessor.db.primary.hibernateNamingStrategy=org.hibernate.cfg.ImprovedNamingStrategy
blueprintsprocessor.db.primary.hibernateDialect=org.hibernate.dialect.MySQL5InnoDBDialect
-# Web server config
-server.port=8080
\ No newline at end of file +
+# Python executor
+blueprints.processor.functions.python.executor.executionPath=/opt/app/onap/scripts/jython/ccsdk_blueprints
+blueprints.processor.functions.python.executor.modulePaths=/opt/app/onap/scripts/jython/ccsdk_blueprints,/opt/app/onap/scripts/jython/ccsdk_netconf
+
+# SDN-C's ODL Restconf Connection Details
+blueprintsprocessor.restclient.sdncodl.type=basic-auth
+blueprintsprocessor.restclient.sdncodl.url=http://sdnc:8282/
+blueprintsprocessor.restclient.sdncodl.username=admin
+blueprintsprocessor.restclient.sdncodl.password=Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
\ No newline at end of file diff --git a/kubernetes/cds/charts/blueprints-processor/templates/deployment.yaml b/kubernetes/cds/charts/blueprints-processor/templates/deployment.yaml index 5629913826..876f24937d 100755 --- a/kubernetes/cds/charts/blueprints-processor/templates/deployment.yaml +++ b/kubernetes/cds/charts/blueprints-processor/templates/deployment.yaml @@ -35,7 +35,7 @@ spec: - /root/ready.py args: - --container-name - - {{ index .Values "mariadb-galera" "nameOverride" }} + - cds-db env: - name: NAMESPACE valueFrom: @@ -64,6 +64,9 @@ spec: httpGet: path: /api/v1/execution-service/ping port: {{ .Values.service.http.internalPort }} + httpHeaders: + - name: Authorization + value: Basic Y2NzZGthcHBzOmNjc2RrYXBwcw== initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} {{ end }} @@ -71,6 +74,9 @@ spec: httpGet: path: /api/v1/execution-service/ping port: {{ .Values.service.http.internalPort }} + httpHeaders: + - name: Authorization + value: Basic Y2NzZGthcHBzOmNjc2RrYXBwcw== initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} volumeMounts: diff --git a/kubernetes/cds/charts/blueprints-processor/templates/service.yaml b/kubernetes/cds/charts/blueprints-processor/templates/service.yaml index 4c1c32c1ed..5c8bc8cc0d 100755 --- a/kubernetes/cds/charts/blueprints-processor/templates/service.yaml +++ b/kubernetes/cds/charts/blueprints-processor/templates/service.yaml @@ -31,15 +31,13 @@ spec: {{- if eq .Values.service.type "NodePort"}} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} {{- end}} - name: {{ .Values.service.portName | default "http" }} - {{- if .Values.config.grpcEnabled}} + name: {{ .Values.service.http.portName | default "http" }} - port: {{ .Values.service.grpc.externalPort }} targetPort: {{ .Values.service.grpc.internalPort }} {{- if eq .Values.service.type "NodePort"}} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} {{- end}} - name: {{ .Values.service.portName | default "http" }} - {{- end}} + name: {{ .Values.service.grpc.portName | default "grpc" }} selector: app: {{ include "common.name" . }} release: {{ .Release.Name }}
\ No newline at end of file diff --git a/kubernetes/cds/charts/blueprints-processor/values.yaml b/kubernetes/cds/charts/blueprints-processor/values.yaml index 2edcc8a4ec..10169d5dc7 100755 --- a/kubernetes/cds/charts/blueprints-processor/values.yaml +++ b/kubernetes/cds/charts/blueprints-processor/values.yaml @@ -40,7 +40,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/ccsdk-blueprintsprocessor:0.4.1 +image: onap/ccsdk-blueprintsprocessor:0.4-STAGING-latest pullPolicy: Always # flag to enable debugging - application support required @@ -48,28 +48,7 @@ debugEnabled: false # application configuration config: - applicationName: BlueprintsProcessor - msName: "org.onap.ccsdk.apps.blueprintsprocessor" - bundleVersion: "1.0.0" appConfigDir: /opt/app/onap/config - grpcEnabled: false - stickySelectorKey: - envContext: DEV - -mariadb-galera: - config: - userName: sdnctl - userPassword: sdnctl - mariadbRootPassword: sdnctl - mysqlDatabase: sdnctl - nameOverride: blueprints-processor-db - service: - name: blueprints-processor-db - portName: bp-db - replicaCount: 1 - persistence: - enabled: true - mountSubPath: blueprints-processor/data # default number of instances replicaCount: 1 @@ -92,11 +71,12 @@ readiness: service: type: ClusterIP - portName: blueprints-processor http: + portName: blueprints-processor-http internalPort: 8080 externalPort: 8080 grpc: + portName: blueprints-processor-grpc internalPort: 9111 externalPort: 9111 diff --git a/kubernetes/cds/charts/controller-blueprints/requirements.yaml b/kubernetes/cds/charts/controller-blueprints/requirements.yaml index cefe3d3bdf..857a963ada 100644 --- a/kubernetes/cds/charts/controller-blueprints/requirements.yaml +++ b/kubernetes/cds/charts/controller-blueprints/requirements.yaml @@ -13,9 +13,6 @@ # limitations under the License. dependencies: - - name: mariadb-galera - version: ~4.x-0 - repository: file://../mariadb-galera/ - name: common version: ~4.x-0 repository: '@local'
\ No newline at end of file diff --git a/kubernetes/cds/charts/controller-blueprints/resources/config/application.properties b/kubernetes/cds/charts/controller-blueprints/resources/config/application.properties index 7eec7f9115..80fdaf542e 100755 --- a/kubernetes/cds/charts/controller-blueprints/resources/config/application.properties +++ b/kubernetes/cds/charts/controller-blueprints/resources/config/application.properties @@ -13,10 +13,6 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. -# -appName=ControllerBluePrints -ms_name=org.onap.ccsdk.apps.controllerblueprints -appVersion=1.0.0 # Basic Authentication basic-auth.user-name=ccsdkapps @@ -26,20 +22,19 @@ logging.level.org.springframework.web=INFO logging.level.org.hibernate.SQL=warn logging.level.org.hibernate.type.descriptor.sql=debug -#To Remove Null in JSON API Response +# To Remove Null in JSON API Response spring.jackson.default-property-inclusion=non_null -#Swagger Configuration +# Swagger Configuration swagger.contact.name=CCSDK team swagger.contact.url=www.onap.org swagger.contact.email=onap-discuss@lists.onap.org +# DB information spring.jpa.properties.hibernate.show_sql=true spring.jpa.properties.hibernate.use_sql_comments=true spring.jpa.properties.hibernate.format_sql=true - -# spring.datasource.url, spring.datasource.username,spring.datasource.password may be overridden by ENV variables -spring.datasource.url=jdbc:mysql://controller-blueprints-db:3306/sdnctl +spring.datasource.url=jdbc:mysql://cds-db:3306/sdnctl spring.datasource.username=sdnctl spring.datasource.password=sdnctl spring.datasource.driver-class-name=org.mariadb.jdbc.Driver diff --git a/kubernetes/cds/charts/controller-blueprints/templates/deployment.yaml b/kubernetes/cds/charts/controller-blueprints/templates/deployment.yaml index ef8b38fc10..4cd2e18090 100755 --- a/kubernetes/cds/charts/controller-blueprints/templates/deployment.yaml +++ b/kubernetes/cds/charts/controller-blueprints/templates/deployment.yaml @@ -37,7 +37,7 @@ spec: - /root/ready.py args: - --container-name - - {{ index .Values "mariadb-galera" "nameOverride" }} + - cds-db env: - name: NAMESPACE valueFrom: diff --git a/kubernetes/cds/charts/controller-blueprints/values.yaml b/kubernetes/cds/charts/controller-blueprints/values.yaml index 02b5685fa4..246aae482b 100755 --- a/kubernetes/cds/charts/controller-blueprints/values.yaml +++ b/kubernetes/cds/charts/controller-blueprints/values.yaml @@ -48,23 +48,6 @@ debugEnabled: false config: appConfigDir: /opt/app/onap/config initDataLoad: true - restUser: ccsdkapps - restPassword: ccsdkapps - -mariadb-galera: - config: - userName: sdnctl - userPassword: sdnctl - mariadbRootPassword: sdnctl - mysqlDatabase: sdnctl - nameOverride: controller-blueprints-db - service: - name: controller-blueprints-db - portName: cb-db - replicaCount: 1 - persistence: - enabled: true - mountSubPath: controller-blueprints/data # default number of instances replicaCount: 1 diff --git a/kubernetes/cds/requirements.yaml b/kubernetes/cds/requirements.yaml index d7b38dc0b1..51a4e3f9a1 100644 --- a/kubernetes/cds/requirements.yaml +++ b/kubernetes/cds/requirements.yaml @@ -17,3 +17,6 @@ dependencies: - name: common version: ~4.x-0 repository: '@local' + - name: mariadb-galera + version: ~4.x-0 + repository: '@local'
\ No newline at end of file diff --git a/kubernetes/cds/values.yaml b/kubernetes/cds/values.yaml index 3815d9af21..06b7cd1211 100644 --- a/kubernetes/cds/values.yaml +++ b/kubernetes/cds/values.yaml @@ -34,6 +34,20 @@ pullPolicy: Always # application configuration config: +mariadb-galera: + config: + userName: sdnctl + userPassword: sdnctl + mariadbRootPassword: sdnctl + mysqlDatabase: sdnctl + nameOverride: cds-db + service: + name: cds-db + portName: cds-db + replicaCount: 1 + persistence: + enabled: true + mountSubPath: cds/data # default number of instances replicaCount: 1 diff --git a/kubernetes/clamp/charts/clamp-dash-es/values.yaml b/kubernetes/clamp/charts/clamp-dash-es/values.yaml index 43920b3d65..f25e40bf2a 100644 --- a/kubernetes/clamp/charts/clamp-dash-es/values.yaml +++ b/kubernetes/clamp/charts/clamp-dash-es/values.yaml @@ -32,7 +32,7 @@ busyboxImage: library/busybox:latest # application image loggingRepository: docker.elastic.co -image: elasticsearch/elasticsearch-oss:6.1.3 +image: elasticsearch/elasticsearch-oss:6.6.2 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/clamp/charts/clamp-dash-logstash/resources/config/pipeline.conf b/kubernetes/clamp/charts/clamp-dash-logstash/resources/config/pipeline.conf index 317b428c77..b4b5071ba5 100644 --- a/kubernetes/clamp/charts/clamp-dash-logstash/resources/config/pipeline.conf +++ b/kubernetes/clamp/charts/clamp-dash-logstash/resources/config/pipeline.conf @@ -57,13 +57,13 @@ filter { drop { } } - if [http_request_failure] or [@metadata][code] != "200" { + if [http_request_failure] or [@metadata][code] != 200 { mutate { add_tag => [ "error" ] } } - if "dmaap_source" in [tags] { + if "dmaap_source" in [@metadata][request][tags] { # # Dmaap provides a json list, whose items are Strings containing the event # provided to Dmaap, which itself is an escaped json. @@ -76,14 +76,7 @@ filter { source => "[message]" target => "message" } - ruby { - code => " - for ev in event.get('message', []) - ev.set('@metadata', event.get('@metadata')) - end - " - } - + split { field => "message" } @@ -194,7 +187,7 @@ filter { } - if "error" not in [tags] { + if "error" not in [@metadata][request][tags]{ # # Creating data for a secondary index # @@ -203,7 +196,7 @@ filter { add_tag => [ "event-cl-aggs" ] } - if "event-cl-aggs" in [tags] { + if "event-cl-aggs" in [@metadata][request][tags]{ # # we only need a few fields for aggregations; remove all fields from clone except : # vmName,vnfName,vnfType,requestID,closedLoopAlarmStart, closedLoopControlName,closedLoopAlarmEnd,abated,nbrDmaapevents,finalFailure diff --git a/kubernetes/clamp/resources/config/log/filebeat/filebeat.yml b/kubernetes/clamp/resources/config/log/filebeat/filebeat.yml index 0c1f3bccb2..dab2e44f5e 100644 --- a/kubernetes/clamp/resources/config/log/filebeat/filebeat.yml +++ b/kubernetes/clamp/resources/config/log/filebeat/filebeat.yml @@ -16,15 +16,14 @@ filebeat.prospectors: - input_type: log #This is the canolical path as mentioned in logback.xml, *.* means it will monitor all files in the directory. paths: - - /var/log/ONAP/*/*/*/*.log - - /var/log/ONAP/*/*/*.log - - /var/log/ONAP/*/*.log + - /var/log/onap/*/*/*/*.log + - /var/log/onap/*/*/*.log + - /var/log/onap/*/*.log #Files older than this should be ignored.In our case it will be 48 hours i.e. 2 days. It is a helping flag for clean_inactive ignore_older: 48h # Remove the registry entry for a file that is more than the specified time. In our case it will be 96 hours, i.e. 4 days. It will help to keep registry records with in limit clean_inactive: 96h - # Name of the registry file. If a relative path is used, it is considered relative to the # data path. Else full qualified file name. #filebeat.registry_file: ${path.data}/registry diff --git a/kubernetes/common/cassandra/templates/statefulset.yaml b/kubernetes/common/cassandra/templates/statefulset.yaml index 86cf46751e..a0b6b5f738 100644 --- a/kubernetes/common/cassandra/templates/statefulset.yaml +++ b/kubernetes/common/cassandra/templates/statefulset.yaml @@ -109,7 +109,7 @@ spec: - name: CASSANDRA_START_RPC value: {{ default "true" .Values.config.start_rpc | quote }} - name: CASSANDRA_ENDPOINT_SNITCH - value: {{ default "SimpleSnitch" .Values.config.endpoint_snitch | quote }} + value: {{ default "GossipingPropertyFileSnitch" .Values.config.endpoint_snitch | quote }} - name: POD_IP valueFrom: fieldRef: diff --git a/kubernetes/consul/resources/config/consul-agent-config/multicloud-health-check.json b/kubernetes/consul/resources/config/consul-agent-config/multicloud-health-check.json index 51f2acc8f5..7bc9ff090f 100644 --- a/kubernetes/consul/resources/config/consul-agent-config/multicloud-health-check.json +++ b/kubernetes/consul/resources/config/consul-agent-config/multicloud-health-check.json @@ -45,6 +45,20 @@ "timeout": "1s" }, { + "id": "multicloud-starlingx", + "name": "Multicloud Starlingx Health Check", + "http": "http://multicloud-starlingx:9009/api/multicloud-starlingx/v0/swagger.json", + "method": "HEAD", + "header": { + "Cache-Control": ["no-cache"], + "Content-Type": ["application/json"], + "Accept": ["application/json"] + }, + "tls_skip_verify": true, + "interval": "15s", + "timeout": "1s" + }, + { "id": "multicloud-vio", "name": "Multicloud Vio Health Check", "http": "http://multicloud-vio:9004/api/multicloud-vio/v0/swagger.json", diff --git a/kubernetes/contrib/tools/rke/rke_setup.sh b/kubernetes/contrib/tools/rke/rke_setup.sh new file mode 100755 index 0000000000..cc71522f12 --- /dev/null +++ b/kubernetes/contrib/tools/rke/rke_setup.sh @@ -0,0 +1,355 @@ +#!/bin/bash +############################################################################# +# Copyright © 2019 Bell. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +############################################################################# +# +# This installation is for an RKE install of kubernetes +# after this run the standard oom install +# this installation can be run on amy ubuntu 16.04 VM, RHEL 7.6 (root only), physical or cloud azure/aws host +# https://wiki.onap.org/display/DW/OOM+RKE+Kubernetes+Deployment +# source from https://jira.onap.org/browse/OOM-1598 +# +# master/dublin +# RKE 0.1.16 Kubernetes 1.11.6, kubectl 1.11.6, Helm 2.9.1, Docker 18.06 +# single node install, HA pending + +usage() { +cat <<EOF +Usage: $0 [PARAMs] +example +sudo ./rke_setup.sh -b dublin -s rke.onap.cloud -e onap -l amdocs -v true +-u : Display usage +-b [branch] : branch = master or dublin (required) +-s [server] : server = IP or DNS name (required) +-e [environment] : use the default (onap) +-k [key] : ssh key name +-l [username] : login username account (use ubuntu for example) +EOF +} + +install_onap() { + #constants + PORT=8880 + if [ "$BRANCH" == "casablanca" ]; then + KUBERNETES_VERSION= + RKE_VERSION=0.1.15 + KUBECTL_VERSION=1.11.3 + HELM_VERSION=2.9.1 + DOCKER_VERSION=17.03 + else + KUBERNETES_VERSION= + RKE_VERSION=0.1.16 + KUBECTL_VERSION=1.11.6 + HELM_VERSION=2.9.1 + DOCKER_VERSION=18.06 + fi + + # copy your private ssh key and cluster.yml file to the vm + # on your dev machine + #sudo cp ~/.ssh/onap_rsa . + #sudo chmod 777 onap_rsa + #scp onap_rsa ubuntu@192.168.241.132:~/ + # on this vm + #sudo chmod 400 onap_rsa + #sudo cp onap_rsa ~/.ssh + # make sure public key is insetup correctly in + # sudo vi ~/.ssh/authorized_keys + + echo "please supply your ssh key as provided by the -k keyname - it must be be chmod 400 and chown user:user in ~/.ssh/" + echo "The RKE version specific cluster.yaml is already integrated in this script for 0.1.15/0.1.16 no need for below generation..." + echo "rke config --name cluster.yml" + echo "specifically" + echo "address: $SERVER" + echo "user: $USERNAME" + echo "ssh_key_path: $SSHPATH_PREFIX/$SSHKEY" + + RKETOOLS= + HYPERCUBE= + POD_INFRA_CONTAINER= + if [ "$RKE_VERSION" == "0.1.16" ]; then + RKETOOLS=0.1.15 + HYPERCUBE=1.11.6-rancher1 + POD_INFRA_CONTAINER=rancher/pause-amd64:3.1 + else + # 0.1.15 + RKETOOLS=0.1.14 + HYPERCUBE=1.11.3-rancher1 + POD_INFRA_CONTAINER=gcr.io.google_containers/pause-amd64:3.1 + fi + + cat > cluster.yml <<EOF +# generated from rke_setup.sh +nodes: +- address: $SERVER + port: "22" + internal_address: "" + role: + - controlplane + - worker + - etcd + hostname_override: "" + user: $USERNAME + docker_socket: /var/run/docker.sock + ssh_key: "" + ssh_key_path: $SSHPATH_PREFIX/$SSHKEY + labels: {} +services: + etcd: + image: "" + extra_args: {} + extra_binds: [] + extra_env: [] + external_urls: [] + ca_cert: "" + cert: "" + key: "" + path: "" + snapshot: null + retention: "" + creation: "" + kube-api: + image: "" + extra_args: {} + extra_binds: [] + extra_env: [] + service_cluster_ip_range: 10.43.0.0/16 + service_node_port_range: "" + pod_security_policy: false + kube-controller: + image: "" + extra_args: {} + extra_binds: [] + extra_env: [] + cluster_cidr: 10.42.0.0/16 + service_cluster_ip_range: 10.43.0.0/16 + scheduler: + image: "" + extra_args: {} + extra_binds: [] + extra_env: [] + kubelet: + image: "" + extra_args: + max-pods: 900 + extra_binds: [] + extra_env: [] + cluster_domain: cluster.local + infra_container_image: "" + cluster_dns_server: 10.43.0.10 + fail_swap_on: false + kubeproxy: + image: "" + extra_args: {} + extra_binds: [] + extra_env: [] +network: + plugin: canal + options: {} +authentication: + strategy: x509 + options: {} + sans: [] +system_images: + etcd: rancher/coreos-etcd:v3.2.18 + alpine: rancher/rke-tools:v$RKETOOLS + nginx_proxy: rancher/rke-tools:v$RKETOOLS + cert_downloader: rancher/rke-tools:v$RKETOOLS + kubernetes_services_sidecar: rancher/rke-tools:v$RKETOOLS + kubedns: rancher/k8s-dns-kube-dns-amd64:1.14.10 + dnsmasq: rancher/k8s-dns-dnsmasq-nanny-amd64:1.14.10 + kubedns_sidecar: rancher/k8s-dns-sidecar-amd64:1.14.10 + kubedns_autoscaler: rancher/cluster-proportional-autoscaler-amd64:1.0.0 + kubernetes: rancher/hyperkube:v$HYPERCUBE + flannel: rancher/coreos-flannel:v0.10.0 + flannel_cni: rancher/coreos-flannel-cni:v0.3.0 + calico_node: rancher/calico-node:v3.1.3 + calico_cni: rancher/calico-cni:v3.1.3 + calico_controllers: "" + calico_ctl: rancher/calico-ctl:v2.0.0 + canal_node: rancher/calico-node:v3.1.3 + canal_cni: rancher/calico-cni:v3.1.3 + canal_flannel: rancher/coreos-flannel:v0.10.0 + wave_node: weaveworks/weave-kube:2.1.2 + weave_cni: weaveworks/weave-npc:2.1.2 + pod_infra_container: $POD_INFRA_CONTAINER + ingress: rancher/nginx-ingress-controller:0.16.2-rancher1 + ingress_backend: rancher/nginx-ingress-controller-defaultbackend:1.4 + metrics_server: rancher/metrics-server-amd64:v0.2.1 +ssh_key_path: $SSHPATH +ssh_agent_auth: false +authorization: + mode: rbac + options: {} +ignore_docker_version: false +kubernetes_version: "$KUBERNETES_VERSION" +private_registries: [] +ingress: + provider: "" + options: {} + node_selector: {} + extra_args: {} +cluster_name: "" +cloud_provider: + name: "" +prefix_path: "" +addon_job_timeout: 0 +bastion_host: + address: "" + port: "" + user: "" + ssh_key: "" + ssh_key_path: "" +monitoring: + provider: "" + options: {} +EOF + + + + echo "Installing on ${SERVER} for ${BRANCH}: RKE: ${RKE_VERSION} Kubectl: ${KUBECTL_VERSION} Helm: ${HELM_VERSION} Docker: ${DOCKER_VERSION} username: ${USERNAME}" + sudo echo "127.0.0.1 ${SERVER}" >> /etc/hosts + echo "Install docker - If you must install as non-root - comment out the docker install below - run it separately, run the user mod, logout/login and continue this script" + curl https://releases.rancher.com/install-docker/$DOCKER_VERSION.sh | sh + sudo usermod -aG docker $USERNAME + + echo "Install RKE" + sudo wget https://github.com/rancher/rke/releases/download/v$RKE_VERSION/rke_linux-amd64 + mv rke_linux-amd64 rke + sudo chmod +x rke + sudo mv ./rke /usr/local/bin/rke + + echo "Install make - required for beijing+ - installed via yum groupinstall Development Tools in RHEL" + # ubuntu specific + sudo apt-get install make -y + + sudo curl -LO https://storage.googleapis.com/kubernetes-release/release/v$KUBECTL_VERSION/bin/linux/amd64/kubectl + sudo chmod +x ./kubectl + sudo mv ./kubectl /usr/local/bin/kubectl + sudo mkdir ~/.kube + wget http://storage.googleapis.com/kubernetes-helm/helm-v${HELM_VERSION}-linux-amd64.tar.gz + sudo tar -zxvf helm-v${HELM_VERSION}-linux-amd64.tar.gz + sudo mv linux-amd64/helm /usr/local/bin/helm + + echo "Bringing RKE up - using supplied cluster.yml" + sudo rke up + echo "wait 2 extra min for the cluster" + sleep 60 + echo "1 more min" + sleep 60 + echo "copy kube_config_cluter.yaml generated - to ~/.kube/config" + sudo cp kube_config_cluster.yml ~/.kube/config + # avoid using sudo for kubectl + sudo chmod 777 ~/.kube/config + echo "Verify all pods up on the kubernetes system - will return localhost:8080 until a host is added" + echo "kubectl get pods --all-namespaces" + kubectl get pods --all-namespaces + echo "install tiller/helm" + kubectl -n kube-system create serviceaccount tiller + kubectl create clusterrolebinding tiller --clusterrole=cluster-admin --serviceaccount=kube-system:tiller + helm init --service-account tiller + kubectl -n kube-system rollout status deploy/tiller-deploy + echo "upgrade server side of helm in kubernetes" + if [ "$USERNAME" == "root" ]; then + helm version + else + sudo helm version + fi + echo "sleep 30" + sleep 30 + if [ "$USERNAME" == "root" ]; then + helm init --upgrade + else + sudo helm init --upgrade + fi + echo "sleep 30" + sleep 30 + echo "verify both versions are the same below" + if [ "$USERNAME" == "root" ]; then + helm version + else + sudo helm version + fi + echo "start helm server" + if [ "$USERNAME" == "root" ]; then + helm serve & + else + sudo helm serve & + fi + echo "sleep 30" + sleep 30 + echo "add local helm repo" + if [ "$USERNAME" == "root" ]; then + helm repo add local http://127.0.0.1:8879 + helm repo list + else + sudo helm repo add local http://127.0.0.1:8879 + sudo helm repo list + fi + echo "To enable grafana dashboard - do this after running cd.sh which brings up onap - or you may get a 302xx port conflict" + echo "kubectl expose -n kube-system deployment monitoring-grafana --type=LoadBalancer --name monitoring-grafana-client" + echo "to get the nodeport for a specific VM running grafana" + echo "kubectl get services --all-namespaces | grep graf" + sudo docker version + helm version + kubectl version + kubectl get services --all-namespaces + kubectl get pods --all-namespaces + echo "finished!" +} + +BRANCH= +SERVER= +ENVIRON= +VALIDATE=false +USERNAME=ubuntu +SSHPATH_PREFIX=~/.ssh + +while getopts ":b:s:e:u:l:k:v" PARAM; do + case $PARAM in + u) + usage + exit 1 + ;; + b) + BRANCH=${OPTARG} + ;; + e) + ENVIRON=${OPTARG} + ;; + s) + SERVER=${OPTARG} + ;; + l) + USERNAME=${OPTARG} + ;; + k) + SSHKEY=${OPTARG} + ;; + v) + VALIDATE=${OPTARG} + ;; + ?) + usage + exit + ;; + esac +done + +if [[ -z $BRANCH ]]; then + usage + exit 1 +fi + +install_onap $BRANCH $SERVER $ENVIRON $USERNAME $SSHPATH_PREFIX $SSHKEY $VALIDATE diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/config/k8s-plugin.json b/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/config/k8s-plugin.json index 3f2168b6af..51d31a355b 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/config/k8s-plugin.json +++ b/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/config/k8s-plugin.json @@ -19,6 +19,7 @@ { "namespace" : "{{ if .Values.dcae_ns }}{{ .Values.dcae_ns}}{{ else }}{{include "common.namespace" . }}{{ end}}", "consul_dns_name" : "{{ .Values.config.address.consul.host }}.{{ include "common.namespace" . }}", + "default_k8s_location" : "{{ .Values.default_k8s_location }}", "image_pull_secrets" : ["{{ include "common.namespace" . }}-docker-registry-key"], "filebeat": { diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml b/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml index 347e4a9620..8d525cb051 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml +++ b/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml @@ -81,7 +81,8 @@ postgres: # application image repository: nexus3.onap.org:10001 -image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:1.4.9 +image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:1.4.10-STAGING-latest +default_k8s_location: central # DCAE component images to be deployed via Cloudify Manager # Use to override default setting in blueprints diff --git a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/values.yaml b/kubernetes/dcaegen2/charts/dcae-cloudify-manager/values.yaml index 5b541fb19d..3995bc6cba 100644 --- a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/values.yaml +++ b/kubernetes/dcaegen2/charts/dcae-cloudify-manager/values.yaml @@ -44,7 +44,7 @@ config: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/org.onap.dcaegen2.deployments.cm-container:1.5.1 +image: onap/org.onap.dcaegen2.deployments.cm-container:1.5.2-STAGING-latest pullPolicy: Always # probe configuration parameters diff --git a/kubernetes/dcaegen2/charts/dcae-config-binding-service/templates/service.yaml b/kubernetes/dcaegen2/charts/dcae-config-binding-service/templates/service.yaml index 088d381d50..794b896eef 100644 --- a/kubernetes/dcaegen2/charts/dcae-config-binding-service/templates/service.yaml +++ b/kubernetes/dcaegen2/charts/dcae-config-binding-service/templates/service.yaml @@ -30,7 +30,7 @@ spec: ports: {{if eq .Values.service.type "NodePort" -}} - port: {{ .Values.service.externalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + nodePort: {{ .Values.global.nodePortPrefixExt| default .Values.nodePortPrefixExt }}{{ .Values.service.nodePort }} name: {{ .Values.service.name }} {{- else -}} - port: {{ .Values.service.externalPort }} diff --git a/kubernetes/dcaegen2/charts/dcae-config-binding-service/values.yaml b/kubernetes/dcaegen2/charts/dcae-config-binding-service/values.yaml index f6da1ef06c..31d6a8b2fb 100644 --- a/kubernetes/dcaegen2/charts/dcae-config-binding-service/values.yaml +++ b/kubernetes/dcaegen2/charts/dcae-config-binding-service/values.yaml @@ -20,6 +20,7 @@ ################################################################# global: nodePortPrefix: 302 + nodePortPrefixExt: 304 readinessRepository: oomk8s readinessImage: readiness-check:2.0.0 loggingRepository: docker.elastic.co @@ -60,10 +61,11 @@ readiness: path: /healthcheck service: - type: ClusterIP + type: NodePort name: config-binding-service externalPort: 10000 internalPort: 10000 + nodePort: 15 # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/dcaegen2/charts/dcae-deployment-handler/values.yaml b/kubernetes/dcaegen2/charts/dcae-deployment-handler/values.yaml index fbd3d9973e..6a00d36f2c 100644 --- a/kubernetes/dcaegen2/charts/dcae-deployment-handler/values.yaml +++ b/kubernetes/dcaegen2/charts/dcae-deployment-handler/values.yaml @@ -27,7 +27,7 @@ global: tlsRepository: nexus3.onap.org:10001 tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:1.0.1-STAGING-latest consulLoaderRepository: nexus3.onap.org:10001 - consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0 + consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0-STAGING-latest repositoryCred: user: docker password: docker diff --git a/kubernetes/dcaegen2/charts/dcae-healthcheck/values.yaml b/kubernetes/dcaegen2/charts/dcae-healthcheck/values.yaml index 913cb714d6..97cd7d2482 100644 --- a/kubernetes/dcaegen2/charts/dcae-healthcheck/values.yaml +++ b/kubernetes/dcaegen2/charts/dcae-healthcheck/values.yaml @@ -45,7 +45,7 @@ readiness: periodSeconds: 10 # application image repository: nexus3.onap.org:10001 -image: onap/org.onap.dcaegen2.deployments.healthcheck-container:1.2.4 +image: onap/org.onap.dcaegen2.deployments.healthcheck-container:1.2.4-STAGING-latest # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/dcaegen2/charts/dcae-policy-handler/values.yaml b/kubernetes/dcaegen2/charts/dcae-policy-handler/values.yaml index 604f4ea6fa..c14614278c 100644 --- a/kubernetes/dcaegen2/charts/dcae-policy-handler/values.yaml +++ b/kubernetes/dcaegen2/charts/dcae-policy-handler/values.yaml @@ -27,7 +27,7 @@ global: tlsRepository: nexus3.onap.org:10001 tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:1.0.1-STAGING-latest consulLoaderRepository: nexus3.onap.org:10001 - consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0 + consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0-STAGING-latest repositoryCred: user: docker password: docker @@ -46,7 +46,7 @@ config: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/org.onap.dcaegen2.platform.policy-handler:4.6.0 +image: onap/org.onap.dcaegen2.platform.policy-handler:4.6.0-STAGING-latest pullPolicy: Always # probe configuration parameters diff --git a/kubernetes/dmaap/Chart.yaml b/kubernetes/dmaap/Chart.yaml index e3d629bb9a..810e863128 100644 --- a/kubernetes/dmaap/Chart.yaml +++ b/kubernetes/dmaap/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP DMaaP components name: dmaap -version: 4.0.0 +version: 4.0.1 diff --git a/kubernetes/dmaap/Makefile b/kubernetes/dmaap/Makefile index 847366d52c..3a1931121a 100644 --- a/kubernetes/dmaap/Makefile +++ b/kubernetes/dmaap/Makefile @@ -12,10 +12,10 @@ # See the License for the specific language governing permissions and # limitations under the License. -make-dmaap: make-bus-controller make-message-router make-dmaap-dr-node make-dmaap-dr-prov +make-dmaap: make-dmaap-bc make-message-router make-dmaap-dr-node make-dmaap-dr-prov -make-bus-controller: - cd components && helm dep up dmaap-bus-controller && helm lint dmaap-bus-controller +make-dmaap-bc: + cd components && helm dep up dmaap-bc && helm lint dmaap-bc make-message-router: cd components && helm dep up message-router && helm lint message-router @@ -28,3 +28,4 @@ make-dmaap-dr-prov: clean: @find . -type f -name '*.tgz' -delete + @find . -type f -name '*.lock' -delete diff --git a/kubernetes/dmaap/components/dmaap-bus-controller/.helmignore b/kubernetes/dmaap/components/dmaap-bc/.helmignore index f0c1319444..f0c1319444 100644 --- a/kubernetes/dmaap/components/dmaap-bus-controller/.helmignore +++ b/kubernetes/dmaap/components/dmaap-bc/.helmignore diff --git a/kubernetes/dmaap/components/dmaap-bus-controller/Chart.yaml b/kubernetes/dmaap/components/dmaap-bc/Chart.yaml index fc2ba21e29..37862dcc67 100644 --- a/kubernetes/dmaap/components/dmaap-bus-controller/Chart.yaml +++ b/kubernetes/dmaap/components/dmaap-bc/Chart.yaml @@ -14,6 +14,6 @@ # limitations under the License. apiVersion: v1 -description: a Helm chart to deploy ONAP DMaaP Bus Controller (aka dmaap-prov) in Kubernetes -name: dmaap-bus-controller +description: a Helm chart to deploy ONAP DMaaP Bus Controller (aka dmaap-bc) in Kubernetes +name: dmaap-bc version: 4.0.0 diff --git a/kubernetes/dmaap/components/dmaap-bus-controller/README.md b/kubernetes/dmaap/components/dmaap-bc/README.md index a799fd44dd..a799fd44dd 100644 --- a/kubernetes/dmaap/components/dmaap-bus-controller/README.md +++ b/kubernetes/dmaap/components/dmaap-bc/README.md diff --git a/kubernetes/dmaap/components/dmaap-bus-controller/requirements.yaml b/kubernetes/dmaap/components/dmaap-bc/requirements.yaml index 61c265fe64..61c265fe64 100644 --- a/kubernetes/dmaap/components/dmaap-bus-controller/requirements.yaml +++ b/kubernetes/dmaap/components/dmaap-bc/requirements.yaml diff --git a/kubernetes/dmaap/components/dmaap-bus-controller/resources/config/buscontroller.env b/kubernetes/dmaap/components/dmaap-bc/resources/config/buscontroller.env index cde43f95b7..cde43f95b7 100644 --- a/kubernetes/dmaap/components/dmaap-bus-controller/resources/config/buscontroller.env +++ b/kubernetes/dmaap/components/dmaap-bc/resources/config/buscontroller.env diff --git a/kubernetes/dmaap/components/dmaap-bus-controller/resources/config/dmaapbc.properties b/kubernetes/dmaap/components/dmaap-bc/resources/config/dmaapbc.properties index faa19c6f4d..f15b9a12d1 100644 --- a/kubernetes/dmaap/components/dmaap-bus-controller/resources/config/dmaapbc.properties +++ b/kubernetes/dmaap/components/dmaap-bc/resources/config/dmaapbc.properties @@ -25,7 +25,7 @@ # ##################################################### # Indicator for whether to use AAF -UseAAF: false +UseAAF: true # csit: stubs out some southbound APIs for csit csit: No @@ -198,10 +198,9 @@ KeyStoreType: jks KeyStoreFile: etc/keystore # password for the https keystore -KeyStorePassword: *j&Z*Ma;.4My4M]W0eB*fal$ - +KeyStorePassword: Y@Y5f&gm?PAz,CVQL,lk[VAF # password for the private key in the https keystore -KeyPassword: *j&Z*Ma;.4My4M]W0eB*fal$ +KeyPassword: Y@Y5f&gm?PAz,CVQL,lk[VAF # type of truststore for https TrustStoreType: jks @@ -210,8 +209,9 @@ TrustStoreType: jks TrustStoreFile: etc/org.onap.dmaap-bc.trust.jks # password for the https truststore -TrustStorePassword: pi8HuuSbN03MtQQ7(5TcyQ6; +TrustStorePassword: 8b&R5%l$l:@jSWz@FCs;rhY* # path to the file used to trigger an orderly shutdown QuiesceFile: etc/SHUTDOWN +inHttpsPort: 0 diff --git a/kubernetes/dmaap/components/dmaap-bus-controller/resources/dcaeLocations/san-francisco.json b/kubernetes/dmaap/components/dmaap-bc/resources/dcaeLocations/san-francisco.json index ca1e740dd8..ca1e740dd8 100644 --- a/kubernetes/dmaap/components/dmaap-bus-controller/resources/dcaeLocations/san-francisco.json +++ b/kubernetes/dmaap/components/dmaap-bc/resources/dcaeLocations/san-francisco.json diff --git a/kubernetes/dmaap/components/dmaap-bus-controller/resources/dmaap/onap.json b/kubernetes/dmaap/components/dmaap-bc/resources/dmaap/onap.json index 9099e046ed..9099e046ed 100644 --- a/kubernetes/dmaap/components/dmaap-bus-controller/resources/dmaap/onap.json +++ b/kubernetes/dmaap/components/dmaap-bc/resources/dmaap/onap.json diff --git a/kubernetes/dmaap/components/dmaap-bus-controller/resources/mr_clusters/san-francisco.json b/kubernetes/dmaap/components/dmaap-bc/resources/mr_clusters/san-francisco.json index 9e732d2af8..9e732d2af8 100644 --- a/kubernetes/dmaap/components/dmaap-bus-controller/resources/mr_clusters/san-francisco.json +++ b/kubernetes/dmaap/components/dmaap-bc/resources/mr_clusters/san-francisco.json diff --git a/kubernetes/dmaap/components/dmaap-bus-controller/templates/NOTES.txt b/kubernetes/dmaap/components/dmaap-bc/templates/NOTES.txt index 050853cfa2..050853cfa2 100644 --- a/kubernetes/dmaap/components/dmaap-bus-controller/templates/NOTES.txt +++ b/kubernetes/dmaap/components/dmaap-bc/templates/NOTES.txt diff --git a/kubernetes/dmaap/components/dmaap-bus-controller/templates/configmap.yaml b/kubernetes/dmaap/components/dmaap-bc/templates/configmap.yaml index ead7562a59..1066c946af 100644 --- a/kubernetes/dmaap/components/dmaap-bus-controller/templates/configmap.yaml +++ b/kubernetes/dmaap/components/dmaap-bc/templates/configmap.yaml @@ -29,7 +29,7 @@ data: apiVersion: v1 kind: ConfigMap metadata: - name: {{ include "common.fullname" . }}-dmaap + name: {{ include "common.fullname" . }}-dbc-dmaap namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} @@ -42,7 +42,7 @@ data: apiVersion: v1 kind: ConfigMap metadata: - name: {{ include "common.fullname" . }}-dcaelocations + name: {{ include "common.fullname" . }}-dbc-dcaelocations namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} @@ -51,42 +51,3 @@ metadata: heritage: {{ .Release.Service }} data: {{ tpl (.Files.Glob "resources/dcaeLocations/*.json").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-mrclusters - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/mr_clusters/*.json").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-topics - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/topics/*.json").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-feeds - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/feeds/*.json").AsConfig . | indent 2 }} diff --git a/kubernetes/dmaap/components/dmaap-bus-controller/templates/deployment.yaml b/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml index 4d009e9698..0ecdc1c0e8 100644 --- a/kubernetes/dmaap/components/dmaap-bus-controller/templates/deployment.yaml +++ b/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml @@ -82,17 +82,6 @@ spec: - name: {{ include "common.name" . }}-config mountPath: /opt/app/config/conf/ -# NOTE: the basename of the subdirectory is important - it matches the DBCL API URI - - name: {{ include "common.name" . }}-dmaap - mountPath: /opt/app/config/dmaap/ - - name: {{ include "common.name" . }}-dcaelocations - mountPath: /opt/app/config/dcaeLocations/ - - name: {{ include "common.name" . }}-mrclusters - mountPath: /opt/app/config/mr_clusters/ - - name: {{ include "common.name" . }}-topics - mountPath: /opt/app/config/topics/ - - name: {{ include "common.name" . }}-feeds - mountPath: /opt/app/config/feeds/ resources: {{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} @@ -110,20 +99,5 @@ spec: - name: {{ include "common.name" . }}-config configMap: name: {{ include "common.fullname" . }}-config - - name: {{ include "common.name" . }}-dmaap - configMap: - name: {{ include "common.fullname" . }}-dmaap - - name: {{ include "common.name" . }}-dcaelocations - configMap: - name: {{ include "common.fullname" . }}-dcaelocations - - name: {{ include "common.name" . }}-mrclusters - configMap: - name: {{ include "common.fullname" . }}-mrclusters - - name: {{ include "common.name" . }}-topics - configMap: - name: {{ include "common.fullname" . }}-topics - - name: {{ include "common.name" . }}-feeds - configMap: - name: {{ include "common.fullname" . }}-feeds imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/dmaap/components/dmaap-bc/templates/post-install-job.yaml b/kubernetes/dmaap/components/dmaap-bc/templates/post-install-job.yaml new file mode 100644 index 0000000000..ee24cfb548 --- /dev/null +++ b/kubernetes/dmaap/components/dmaap-bc/templates/post-install-job.yaml @@ -0,0 +1,72 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ include "common.fullname" . }}-post-install + labels: + app.kubernetes.io/managed-by: {{.Release.Service | quote }} + app.kubernetes.io/instance: {{.Release.Name | quote }} + helm.sh/chart: "{{.Chart.Name}}-{{.Chart.Version}}" + annotations: + # This is what defines this resource as a hook. Without this line, the + # job is considered part of the release. + "helm.sh/hook": post-install + "helm.sh/hook-weight": "-5" + "helm.sh/hook-delete-policy": hook-succeeded +spec: + template: + metadata: + name: {{ include "common.fullname" . }} + labels: + app.kubernetes.io/managed-by: {{.Release.Service | quote }} + app.kubernetes.io/instance: {{.Release.Name | quote }} + helm.sh/chart: "{{.Chart.Name}}-{{.Chart.Version}}" + spec: + restartPolicy: Never + + containers: + - name: post-install-job + image: "{{ include "common.repository" . }}/{{ .Values.global.clientImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + env: + - name: DELAY + value: "0" + - name: PROTO + value: "http" + - name: PORT + value: "8080" + - name: REQUESTID + value: "{{.Chart.Name}}-post-install" + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + +# NOTE: on the following several configMaps, careful to include / at end +# since there may be more than one file in each mountPath +# NOTE: the basename of the subdirectory of mountPath is important - it matches the DBCL API URI + - name: {{ include "common.fullname" . }}-dbc-dmaap + mountPath: /opt/app/config/dmaap/ + - name: {{ include "common.fullname" . }}-dbc-dcaelocations + mountPath: /opt/app/config/dcaeLocations/ + resources: +{{ include "common.resources" . | indent 10 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 8 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 8 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: {{ include "common.fullname" . }}-dbc-dmaap + configMap: + name: {{ include "common.fullname" . }}-dbc-dmaap + - name: {{ include "common.fullname" . }}-dbc-dcaelocations + configMap: + name: {{ include "common.fullname" . }}-dbc-dcaelocations + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/dmaap/components/dmaap-bus-controller/templates/service.yaml b/kubernetes/dmaap/components/dmaap-bc/templates/service.yaml index 4b51d44fa2..4b51d44fa2 100644 --- a/kubernetes/dmaap/components/dmaap-bus-controller/templates/service.yaml +++ b/kubernetes/dmaap/components/dmaap-bc/templates/service.yaml diff --git a/kubernetes/dmaap/components/dmaap-bus-controller/values.yaml b/kubernetes/dmaap/components/dmaap-bc/values.yaml index aab6c237f3..a7fc3d88db 100644 --- a/kubernetes/dmaap/components/dmaap-bus-controller/values.yaml +++ b/kubernetes/dmaap/components/dmaap-bc/values.yaml @@ -30,13 +30,16 @@ pullPolicy: Always # application images repository: nexus3.onap.org:10001 - -image: onap/dmaap/buscontroller:1.0.23 +image: onap/dmaap/dmaap-bc:1.1.2 # application configuration dmaapMessageRouterService: message-router -aafURL: https://aaf-onap-test.osaaf.org:8095/proxy/ +# change the following value to point to Windriver instance maintained +# but AAF team. +# e.g. +#aafURL: https://aaf-onap-test.osaaf.org:8095/proxy/ +aafURL: https://aaf-service:8100/ topicMgrUser: dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org topicMgrPwd: demo123456! adminUser: aaf_admin@people.osaaf.org diff --git a/kubernetes/dmaap/components/dmaap-bus-controller/resources/feeds/DefaultPM.json b/kubernetes/dmaap/components/dmaap-bus-controller/resources/feeds/DefaultPM.json deleted file mode 100644 index 411d7f41e1..0000000000 --- a/kubernetes/dmaap/components/dmaap-bus-controller/resources/feeds/DefaultPM.json +++ /dev/null @@ -1,16 +0,0 @@ -{ - "feedName": "Default PM Feed", - "feedVersion": "m1.1", - "feedDescription": "Default feed provisioned for PM File collector", - "asprClassification" : "unclassified", - "owner": "onap", - "pubs": [ - { - "dcaeLocationName" : "san-francisco", - "username": "dradmin", - "userpwd": "dradmin" - } - - ] -} - diff --git a/kubernetes/dmaap/components/dmaap-dr-node/resources/config/log/filebeat/filebeat.yml b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/log/filebeat/filebeat.yml new file mode 100644 index 0000000000..f1cf7394b6 --- /dev/null +++ b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/log/filebeat/filebeat.yml @@ -0,0 +1,60 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2019 The Nordix Foundation. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +filebeat.prospectors: +#it is mandatory, in our case it's log +- input_type: log + #This is the canolical path as mentioned in logback.xml, *.* means it will monitor all files in the directory. + paths: + - /var/log/onap/*/*/*/*.log + - /var/log/onap/*/*/*.log + - /var/log/onap/*/*.log + - /opt/app/datartr/logs/*.log + #Files older than this should be ignored.In our case it will be 48 hours i.e. 2 days. It is a helping flag for clean_inactive + ignore_older: 48h + # Remove the registry entry for a file that is more than the specified time. In our case it will be 96 hours, i.e. 4 days. It will help to keep registry records with in limit + clean_inactive: 96h + + +# Name of the registry file. If a relative path is used, it is considered relative to the +# data path. Else full qualified file name. +#filebeat.registry_file: ${path.data}/registry + + +output.logstash: + #List of logstash server ip addresses with port number. + #But, in our case, this will be the loadbalancer IP address. + #For the below property to work the loadbalancer or logstash should expose 5044 port to listen the filebeat events or port in the property should be changed appropriately. + hosts: ["{{.Values.config.logstashServiceName}}.{{.Release.Namespace}}:{{.Values.config.logstashPort}}"] + #If enable will do load balancing among available Logstash, automatically. + loadbalance: true + + #The list of root certificates for server verifications. + #If certificate_authorities is empty or not set, the trusted + #certificate authorities of the host system are used. + #ssl.certificate_authorities: $ssl.certificate_authorities + + #The path to the certificate for SSL client authentication. If the certificate is not specified, + #client authentication is not available. + #ssl.certificate: $ssl.certificate + + #The client certificate key used for client authentication. + #ssl.key: $ssl.key + + #The passphrase used to decrypt an encrypted key stored in the configured key file + #ssl.key_passphrase: $ssl.key_passphrase
\ No newline at end of file diff --git a/kubernetes/dmaap/components/dmaap-dr-node/resources/dr_nodes/central.yaml b/kubernetes/dmaap/components/dmaap-dr-node/resources/dr_nodes/central.yaml new file mode 100644 index 0000000000..7ef2dcdb8f --- /dev/null +++ b/kubernetes/dmaap/components/dmaap-dr-node/resources/dr_nodes/central.yaml @@ -0,0 +1,6 @@ +{ + "dcaeLocationName" : "san-francisco", + "fqdn" : "dmaap-dr-node.san-francisco", + "hostName" : "dmaap-dr-node.pod", + "version" : "1.0.1" +} diff --git a/kubernetes/dmaap/components/dmaap-dr-node/resources/dr_nodes/edge.yaml b/kubernetes/dmaap/components/dmaap-dr-node/resources/dr_nodes/edge.yaml new file mode 100644 index 0000000000..272cd75e52 --- /dev/null +++ b/kubernetes/dmaap/components/dmaap-dr-node/resources/dr_nodes/edge.yaml @@ -0,0 +1,6 @@ +{ + "dcaeLocationName" : "edge1", + "fqdn" : "dmaap-dr-node.edge1", + "hostName" : "dmaap-dr-node.pod.edge1", + "version" : "1.0.1" +} diff --git a/kubernetes/dmaap/components/dmaap-dr-node/templates/configmap.yaml b/kubernetes/dmaap/components/dmaap-dr-node/templates/configmap.yaml index 67392671f8..cae0d71672 100644 --- a/kubernetes/dmaap/components/dmaap-dr-node/templates/configmap.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-node/templates/configmap.yaml @@ -45,3 +45,24 @@ metadata: namespace: {{ include "common.namespace" . }} data: {{ tpl (.Files.Glob "resources/config/logback.xml").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-dbc-drnodes + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/dr_nodes/*.json").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-dmaap-filebeat-configmap + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/log/filebeat/filebeat.yml").AsConfig . | indent 2 }} diff --git a/kubernetes/dmaap/components/dmaap-dr-node/templates/post-install-job.yaml b/kubernetes/dmaap/components/dmaap-dr-node/templates/post-install-job.yaml new file mode 100644 index 0000000000..096b51c094 --- /dev/null +++ b/kubernetes/dmaap/components/dmaap-dr-node/templates/post-install-job.yaml @@ -0,0 +1,67 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ include "common.fullname" . }}-post-install + labels: + app.kubernetes.io/managed-by: {{.Release.Service | quote }} + app.kubernetes.io/instance: {{.Release.Name | quote }} + helm.sh/chart: "{{.Chart.Name}}-{{.Chart.Version}}" + annotations: + # This is what defines this resource as a hook. Without this line, the + # job is considered part of the release. + "helm.sh/hook": post-install + "helm.sh/hook-weight": "-2" + "helm.sh/hook-delete-policy": hook-succeeded +spec: + template: + metadata: + name: {{ include "common.fullname" . }} + labels: + app.kubernetes.io/managed-by: {{.Release.Service | quote }} + app.kubernetes.io/instance: {{.Release.Name | quote }} + helm.sh/chart: "{{.Chart.Name}}-{{.Chart.Version}}" + spec: + restartPolicy: Never + containers: + - name: post-install-job + image: "{{ include "common.repository" . }}/{{ .Values.global.clientImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + env: + - name: DELAY + value: "60" + - name: PROTO + value: "http" + - name: PORT + value: "8080" + - name: REQUESTID + value: "{{.Chart.Name}}-post-install" + + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + +# NOTE: on the following several configMaps, careful to include / at end +# since there may be more than one file in each mountPath +# NOTE: the basename of the subdirectory is important - it matches the DBCL API URI + - name: {{ include "common.fullname" . }}-dbc-drnodes + mountPath: /opt/app/config/dr_nodes/ + resources: +{{ include "common.resources" . | indent 10 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 8 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 8 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: {{ include "common.fullname" . }}-dbc-drnodes + configMap: + name: {{ include "common.fullname" . }}-dbc-drnodes + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml b/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml index 2c4b0de63b..3e0e69ecc2 100644 --- a/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml @@ -97,7 +97,7 @@ spec: {{ toYaml .Values.affinity | indent 10 }} {{- end }} # Filebeat sidecar container - - name: {{ include "common.name" . }}-filebeat-onap + - name: {{ include "common.fullname" . }}-filebeat-onap image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: @@ -126,7 +126,7 @@ spec: name: {{ include "common.fullname" . }}-log - name: {{ include "common.fullname" . }}-filebeat-conf configMap: - name: {{ .Release.Name }}-dmaap-filebeat-configmap + name: {{ include "common.fullname" . }}-dmaap-filebeat-configmap - name: {{ include "common.fullname" . }}-data-filebeat emptyDir: {} - name: {{ include "common.fullname" . }}-event-logs-pvc diff --git a/kubernetes/dmaap/components/dmaap-dr-node/values.yaml b/kubernetes/dmaap/components/dmaap-dr-node/values.yaml index f223026357..c6087e8852 100644 --- a/kubernetes/dmaap/components/dmaap-dr-node/values.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-node/values.yaml @@ -27,7 +27,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/dmaap/datarouter-node:2.0.1 +image: onap/dmaap/datarouter-node:2.0.2 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/log/filebeat/filebeat.yml b/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/log/filebeat/filebeat.yml new file mode 100644 index 0000000000..f1cf7394b6 --- /dev/null +++ b/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/log/filebeat/filebeat.yml @@ -0,0 +1,60 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2019 The Nordix Foundation. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +filebeat.prospectors: +#it is mandatory, in our case it's log +- input_type: log + #This is the canolical path as mentioned in logback.xml, *.* means it will monitor all files in the directory. + paths: + - /var/log/onap/*/*/*/*.log + - /var/log/onap/*/*/*.log + - /var/log/onap/*/*.log + - /opt/app/datartr/logs/*.log + #Files older than this should be ignored.In our case it will be 48 hours i.e. 2 days. It is a helping flag for clean_inactive + ignore_older: 48h + # Remove the registry entry for a file that is more than the specified time. In our case it will be 96 hours, i.e. 4 days. It will help to keep registry records with in limit + clean_inactive: 96h + + +# Name of the registry file. If a relative path is used, it is considered relative to the +# data path. Else full qualified file name. +#filebeat.registry_file: ${path.data}/registry + + +output.logstash: + #List of logstash server ip addresses with port number. + #But, in our case, this will be the loadbalancer IP address. + #For the below property to work the loadbalancer or logstash should expose 5044 port to listen the filebeat events or port in the property should be changed appropriately. + hosts: ["{{.Values.config.logstashServiceName}}.{{.Release.Namespace}}:{{.Values.config.logstashPort}}"] + #If enable will do load balancing among available Logstash, automatically. + loadbalance: true + + #The list of root certificates for server verifications. + #If certificate_authorities is empty or not set, the trusted + #certificate authorities of the host system are used. + #ssl.certificate_authorities: $ssl.certificate_authorities + + #The path to the certificate for SSL client authentication. If the certificate is not specified, + #client authentication is not available. + #ssl.certificate: $ssl.certificate + + #The client certificate key used for client authentication. + #ssl.key: $ssl.key + + #The passphrase used to decrypt an encrypted key stored in the configured key file + #ssl.key_passphrase: $ssl.key_passphrase
\ No newline at end of file diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/resources/feeds/DefaultPM.json b/kubernetes/dmaap/components/dmaap-dr-prov/resources/feeds/DefaultPM.json new file mode 100644 index 0000000000..994f9c9845 --- /dev/null +++ b/kubernetes/dmaap/components/dmaap-dr-prov/resources/feeds/DefaultPM.json @@ -0,0 +1,31 @@ +{ + "feedName": "bulk_pm_feed", + "feedVersion": "m1.1", + "feedDescription": "Default feed provisioned for PM File collector", + "asprClassification" : "unclassified", + "owner": "onap", + "pubs": [ + { + "dcaeLocationName" : "san-francisco", + "username": "dradmin", + "userpwd": "dradmin" + } + + ], + "subs": [ + { + "dcaeLocationName": "san-francisco", + "deliveryURL": "https://dcae-pm-mapper:8443/delivery", + "feedId": "1", + "owner": "dcae-pm-mapper", + "status": "VALID", + "subId": "1", + "suspended": false, + "use100": true, + "username": "pmmapper", + "userpwd": "pmmapper", + "decompressData": true, + "privilegedSubscriber": true + } + ] +}
\ No newline at end of file diff --git a/kubernetes/dmaap/components/dmaap-bus-controller/resources/feeds/README b/kubernetes/dmaap/components/dmaap-dr-prov/resources/feeds/README index 4f5eac5ba1..4f5eac5ba1 100644 --- a/kubernetes/dmaap/components/dmaap-bus-controller/resources/feeds/README +++ b/kubernetes/dmaap/components/dmaap-dr-prov/resources/feeds/README diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/templates/configmap.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/templates/configmap.yaml index f9884d7827..bd5886ba9c 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/templates/configmap.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/templates/configmap.yaml @@ -32,3 +32,50 @@ metadata: namespace: {{ include "common.namespace" . }} data: {{ tpl (.Files.Glob "resources/config/logback.xml").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-dmaap-filebeat-configmap + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/log/filebeat/filebeat.yml").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-dbc-feeds + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/feeds/*.json").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-dbc-drpubs + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/dr_pubs/*.json").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-dbc-drsubs + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/dr_subs/*.json").AsConfig . | indent 2 }} diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml index d2c653eb6f..573e90c35a 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml @@ -84,7 +84,7 @@ spec: {{ toYaml .Values.affinity | indent 10 }} {{- end }} # Filebeat sidecar container - - name: {{ include "common.name" . }}-filebeat-onap + - name: {{ include "common.fullname" . }}-filebeat-onap image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: @@ -107,7 +107,7 @@ spec: name: {{ include "common.fullname" . }}-log - name: {{ include "common.fullname" . }}-filebeat-conf configMap: - name: {{ .Release.Name }}-dmaap-filebeat-configmap + name: {{ include "common.fullname" . }}-dmaap-filebeat-configmap - name: {{ include "common.fullname" . }}-data-filebeat emptyDir: {} - name: {{ include "common.fullname" . }}-logs diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/templates/post-install-job.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/templates/post-install-job.yaml new file mode 100644 index 0000000000..8a2cf692b8 --- /dev/null +++ b/kubernetes/dmaap/components/dmaap-dr-prov/templates/post-install-job.yaml @@ -0,0 +1,77 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ include "common.fullname" . }}-post-install + labels: + app.kubernetes.io/managed-by: {{.Release.Service | quote }} + app.kubernetes.io/instance: {{.Release.Name | quote }} + helm.sh/chart: "{{.Chart.Name}}-{{.Chart.Version}}" + annotations: + # This is what defines this resource as a hook. Without this line, the + # job is considered part of the release. + "helm.sh/hook": post-install + "helm.sh/hook-weight": "-3" + "helm.sh/hook-delete-policy": hook-succeeded +spec: + template: + metadata: + name: {{ include "common.fullname" . }} + labels: + app.kubernetes.io/managed-by: {{.Release.Service | quote }} + app.kubernetes.io/instance: {{.Release.Name | quote }} + helm.sh/chart: "{{.Chart.Name}}-{{.Chart.Version}}" + spec: + restartPolicy: Never + containers: + - name: post-install-job + image: "{{ include "common.repository" . }}/{{ .Values.global.clientImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + env: + - name: DELAY + value: "30" + - name: PROTO + value: "http" + - name: PORT + value: "8080" + - name: REQUESTID + value: "{{.Chart.Name}}-post-install" + + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + +# NOTE: on the following several configMaps, careful to include / at end +# since there may be more than one file in each mountPath +# NOTE: the basename of the subdirectory is important - it matches the DBCL API URI + - name: {{ include "common.fullname" . }}-dbc-feeds + mountPath: /opt/app/config/feeds/ + - name: {{ include "common.fullname" . }}-dbc-drpubs + mountPath: /opt/app/config/dr_pubs/ + - name: {{ include "common.fullname" . }}-dbc-drsubs + mountPath: /opt/app/config/dr_subs/ + resources: +{{ include "common.resources" . | indent 10 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 8 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 8 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: {{ include "common.fullname" . }}-dbc-feeds + configMap: + name: {{ include "common.fullname" . }}-dbc-feeds + - name: {{ include "common.fullname" . }}-dbc-drpubs + configMap: + name: {{ include "common.fullname" . }}-dbc-drpubs + - name: {{ include "common.fullname" . }}-dbc-drsubs + configMap: + name: {{ include "common.fullname" . }}-dbc-drsubs + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml index 9f08ad2958..3d65e911cf 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml @@ -28,7 +28,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/dmaap/datarouter-prov:2.0.1 +image: onap/dmaap/datarouter-prov:2.0.2 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/cds/charts/blueprints-processor/templates/secrets.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/service-hs.yaml index f21363d087..0dabe55e10 100755..100644 --- a/kubernetes/cds/charts/blueprints-processor/templates/secrets.yaml +++ b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/service-hs.yaml @@ -1,4 +1,5 @@ -# Copyright (c) 2019 IBM, Bell Canada +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,15 +14,21 @@ # limitations under the License. apiVersion: v1 -kind: Secret +kind: Service metadata: - name: {{ include "common.fullname" . }} + name: {{ .Values.service.name }} namespace: {{ include "common.namespace" . }} labels: - app: {{ include "common.fullname" . }} + app: {{ include "common.name" . }} chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} -type: Opaque -data: - db-root-password: {{ index .Values "mariadb-galera" "config" "mariadbRootPassword" | b64enc | quote }} +spec: + ports: + - port: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + clusterIP: None + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/service.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/service.yaml index 88de96b2d5..8200eda6b1 100644 --- a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/service.yaml +++ b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/service.yaml @@ -1,5 +1,4 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T +# Copyright © 2019 AT&T # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,24 +12,28 @@ # See the License for the specific language governing permissions and # limitations under the License. +{{- $root := . -}} +{{ range $i, $e := until (atoi (quote $root.Values.replicaCount) | default 3) }} +--- apiVersion: v1 kind: Service metadata: - name: {{ .Values.service.name }} - namespace: {{ include "common.namespace" . }} + name: {{ $root.Values.service.name }}-{{ $i }} + namespace: {{ $root.Release.Namespace }} labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} + app: {{ $root.Values.service.name }} + chart: {{ $root.Chart.Name }}-{{ $root.Chart.Version | replace "+" "_" }} + release: {{ $root.Release.Name }} + heritage: {{ $root.Release.Service }} + spec: - type: {{ .Values.service.type }} - ports: - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - clusterIP: None + type: {{ $root.Values.service.type }} + externalTrafficPolicy: Local selector: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} - + statefulset.kubernetes.io/pod-name: {{ $root.Release.Name }}-{{ $root.Values.service.name }}-{{ $i }} + ports: + - port: {{ $root.Values.service.externalPort }} + targetPort: {{ $root.Values.service.externalPort }} + nodePort: {{ $root.Values.service.baseNodePort | add $i }} + name: {{ $root.Values.service.name }}-{{ $i }} +{{ end }} diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml index 225181cecf..cc8fd5a93c 100644 --- a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml +++ b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml @@ -34,7 +34,11 @@ spec: release: {{ .Release.Name }} spec: podAntiAffinity: + {{if eq .Values.podAntiAffinityType "hard" -}} + requiredDuringSchedulingIgnoredDuringExecution: + {{- else -}} preferredDuringSchedulingIgnoredDuringExecution: + {{- end}} - weight: 1 podAffinityTerm: labelSelector: @@ -44,6 +48,10 @@ spec: values: - {{ include "common.name" . }} topologyKey: "kubernetes.io/hostname" + {{- if .Values.nodeAffinity }} + nodeAffinity: + {{ toYaml .Values.nodeAffinity | indent 10 }} + {{- end }} initContainers: - name: {{ include "common.name" . }}-initcontainer image: "{{ .Values.global.ubuntuInitRepository }}/{{ .Values.ubuntuInitImage }}" @@ -66,10 +74,19 @@ spec: - name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - sh + - -exc + - | + export KAFKA_BROKER_ID=${HOSTNAME##*-} && \ + export ENDPOINT_PORT=$(( $KAFKA_BROKER_ID + {{ .Values.service.baseNodePort }} )) && \ + export KAFKA_ADVERTISED_LISTENERS=EXTERNAL_SASL_PLAINTEXT://$(HOST_IP):$(( $KAFKA_BROKER_ID + {{ .Values.service.baseNodePort }} )),INTERNAL_SASL_PLAINTEXT://:{{ .Values.service.internalPort }} && \ + exec start-kafka.sh resources: {{ include "common.resources" . | indent 12 }} ports: - containerPort: {{ .Values.service.internalPort }} + - containerPort: {{ .Values.service.externalPort }} {{ if eq .Values.liveness.enabled true }} livenessProbe: tcpSocket: @@ -83,30 +100,31 @@ spec: initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} env: - - name: HOST_NAME + - name: HOST_IP valueFrom: fieldRef: apiVersion: v1 - fieldPath: metadata.name - - name: HOST_NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace + fieldPath: status.hostIP - name: KAFKA_ZOOKEEPER_CONNECT value: "{{.Values.zookeeper.name}}:{{.Values.zookeeper.port}}" - name: KAFKA_LISTENER_SECURITY_PROTOCOL_MAP - value: "INTERNAL_PLAINTEXT:PLAINTEXT,EXTERNAL_PLAINTEXT:PLAINTEXT" - - name: KAFKA_ADVERTISED_LISTENERS - value: "INTERNAL_PLAINTEXT://$(HOST_NAME).{{ .Values.service.name }}.$(HOST_NAMESPACE).svc.cluster.local:{{ .Values.service.internalPort}}" + value: "INTERNAL_SASL_PLAINTEXT:SASL_PLAINTEXT,EXTERNAL_SASL_PLAINTEXT:SASL_PLAINTEXT" - name: KAFKA_LISTENERS - value: "INTERNAL_PLAINTEXT://0.0.0.0:{{.Values.service.internalPort}}" + value: "EXTERNAL_SASL_PLAINTEXT://0.0.0.0:{{ .Values.service.externalPort }},INTERNAL_SASL_PLAINTEXT://0.0.0.0:{{ .Values.service.internalPort }}" - name: KAFKA_INTER_BROKER_LISTENER_NAME - value: "INTERNAL_PLAINTEXT" + value: "INTERNAL_SASL_PLAINTEXT" + - name: KAFKA_SASL_ENABLED_MECHANISMS + value: "PLAIN" + - name: KAFKA_SASL_MECHANISM_INTER_BROKER_PROTOCOL + value: "PLAIN" + - name: KAFKA_AUTHORIZER_CLASS_NAME + value: "{{ .Values.kafkaCustomAuthorizer }}" + - name: KAFKA_DELETE_TOPIC_ENABLE + value: "{{ .Values.deleteTopicEnable }}" + - name: aaf_locate_url + value: "https://aaf-locate:8095" - name: KAFKA_LOG_DIRS value: "kafka/logs" - - name: BROKER_ID_COMMAND - value: "hostname | awk -F '-' '{print $NF}'" - name: KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR value: "{{ .Values.replicaCount }}" - name: KAFKA_DEFAULT_REPLICATION_FACTOR diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/values.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/values.yaml index b6567bbf0f..5b83bb0a55 100644 --- a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/values.yaml +++ b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/values.yaml @@ -30,7 +30,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/dmaap/kafka01101:0.0.1 +image: onap/dmaap/kafka111:0.0.5 pullPolicy: Always ubuntuInitImage: oomk8s/ubuntu-init:2.0.0 @@ -44,16 +44,26 @@ debugEnabled: false # default number of instances replicaCount: 3 +#Kafka custom authorizer class name +kafkaCustomAuthorizer: org.onap.dmaap.kafkaAuthorize.KafkaCustomAuthorizer +deleteTopicEnable: true + +# To access Kafka outside cluster, this value must be set to hard and the number of nodes in K8S cluster must be equal or greater then replica count +podAntiAffinityType: soft + # defult partitions defaultpartitions: 3 - nodeSelector: {} +nodeAffinity: {} + affinity: {} tolerations: {} + + # probe configuration parameters liveness: initialDelaySeconds: 60 @@ -90,11 +100,14 @@ persistence: mountSubPath: message-router/data-kafka service: - type: ClusterIP + type: NodePort name: message-router-kafka portName: message-router-kafka internalPort: 9092 - externalPort: 9092 + externalPort: 9093 + baseNodePort: 30490 + + ingress: enabled: false diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/Chart.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/Chart.yaml new file mode 100644 index 0000000000..1d0b7bea22 --- /dev/null +++ b/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/Chart.yaml @@ -0,0 +1,20 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: ONAP Message Router Kafka Service +name: message-router-mirrormaker +version: 4.0.0 + diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/templates/NOTES.txt b/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/templates/NOTES.txt new file mode 100644 index 0000000000..a44d0f76ee --- /dev/null +++ b/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/templates/NOTES.txt @@ -0,0 +1,34 @@ +# Copyright © 2018 AT&T Intellectual Property. All rights reserved. +# Modifications Copyright © 2018 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} +{{- end }} diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/templates/deployment.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/templates/deployment.yaml new file mode 100644 index 0000000000..51c4149094 --- /dev/null +++ b/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/templates/deployment.yaml @@ -0,0 +1,103 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: apps/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + serviceName: {{ .Values.service.name }} + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - name: {{ include "common.name" . }}-initcontainer + image: "{{ .Values.global.ubuntuInitRepository }}/{{ .Values.ubuntuInitImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + - command: + - /root/ready.py + args: + - --container-name + - {{ .Values.messagerouter.container }} + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - sh + - -exc + - | + exec start-mirrormaker.sh + resources: +{{ include "common.resources" . | indent 12 }} + ports: + - containerPort: {{ .Values.service.internalPort }} + {{ if eq .Values.liveness.enabled true }} + livenessProbe: + exec: + command: + - sh + - -c + - "touch /tmp/lprobe.txt" + - "rm /tmp/lprobe.txt" + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end }} + readinessProbe: + exec: + command: + - sh + - -c + - "touch /tmp/rprobe.txt" + - "rm /tmp/rprobe.txt" + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + env: + - name: KAFKA_HEAP_OPTS + value: "{{ .Values.kafkaHeapOptions }}" + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /var/run/docker.sock + name: docker-socket + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: docker-socket + hostPath: + path: /var/run/docker.sock + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/values.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/values.yaml new file mode 100644 index 0000000000..2fbd884ab8 --- /dev/null +++ b/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/values.yaml @@ -0,0 +1,98 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + loggingRepository: docker.elastic.co + loggingImage: beats/filebeat:5.5.0 + persistence: {} + ubuntuInitRepository: registry.hub.docker.com + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/dmaap/kafka111:0.0.5 +pullPolicy: Always +ubuntuInitImage: oomk8s/ubuntu-init:2.0.0 + +zookeeper: + name: message-router-zookeeper + port: 2181 + +messagerouter: + container: message-router + +# flag to enable debugging - application support required +debugEnabled: false + +# default number of instances +replicaCount: 1 +kafkaHeapOptions: -Xmx4G -Xms2G + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 60 + periodSeconds: 20 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 60 + periodSeconds: 20 + + +service: + type: NodePort + name: message-router-mirrormaker + portName: message-router-mirrormaker + internalPort: 9092 + + + +ingress: + enabled: false + +# Resource Limit flavor -By Default using small +flavor: large +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 2000m + memory: 4Gi + requests: + cpu: 500m + memory: 1Gi + large: + limits: + cpu: 4000m + memory: 8Gi + requests: + cpu: 1000m + memory: 2Gi + unlimited: {} + diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/statefulset.yaml index 7cafc149b2..b2f9f13e67 100644 --- a/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/statefulset.yaml +++ b/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/statefulset.yaml @@ -48,6 +48,10 @@ spec: values: - {{ include "common.name" . }} topologyKey: "kubernetes.io/hostname" + {{- if .Values.nodeAffinity }} + nodeAffinity: + {{ toYaml .Values.nodeAffinity | indent 10 }} + {{- end }} initContainers: - name: {{ include "common.name" . }}-seed-topics-apikeys command: diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/values.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/values.yaml index be74831f6d..37a1babe17 100644 --- a/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/values.yaml +++ b/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/values.yaml @@ -30,7 +30,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/dmaap/zookeeper:2.0.0 +image: onap/dmaap/zookeeper:3.0.0 pullPolicy: Always ubuntuInitImage: oomk8s/ubuntu-init:2.0.0 @@ -49,6 +49,8 @@ replicaCount: 3 nodeSelector: {} +nodeAffinity: {} + affinity: {} tolerations: {} @@ -128,4 +130,4 @@ resources: requests: cpu: 1000m memory: 2Gi - unlimited: {}
\ No newline at end of file + unlimited: {} diff --git a/kubernetes/dmaap/components/message-router/resources/config/dmaap/MsgRtrApi.properties b/kubernetes/dmaap/components/message-router/resources/config/dmaap/MsgRtrApi.properties index d40d2a1468..8e446610d4 100755 --- a/kubernetes/dmaap/components/message-router/resources/config/dmaap/MsgRtrApi.properties +++ b/kubernetes/dmaap/components/message-router/resources/config/dmaap/MsgRtrApi.properties @@ -149,17 +149,18 @@ maxcontentlength=10000 #AAF Properties msgRtr.namespace.aaf=org.onap.dmaap.mr.topic msgRtr.topicfactory.aaf=org.onap.dmaap.mr.topicFactory|:org.onap.dmaap.mr.topic: -enforced.topic.name.AAF=org.onap +enforced.topic.name.AAF=org.onap.dmaap.mr forceAAF=false transidUEBtopicreqd=false defaultNSforUEB=org.onap.dmaap.mr ############################################################################## #Mirror Maker Agent -msgRtr.mirrormakeradmin.aaf=com.onap.dmaap.mr.dev.mirrormaker|*|admin -msgRtr.mirrormakeruser.aaf=com.onap.dmaap.mr.dev.mirrormaker|*|user -msgRtr.mirrormakeruser.aaf.create=com.onap.dmaap.mr.dev.topicFactory|:com.onap.dmaap.mr.dev.topic: + +msgRtr.mirrormakeradmin.aaf=org.onap.dmaap.mr.mirrormaker|*|admin +msgRtr.mirrormakeruser.aaf=org.onap.dmaap.mr.mirrormaker|*|user +msgRtr.mirrormakeruser.aaf.create=org.onap.dmaap.mr.topicFactory|:org.onap.dmaap.mr.topic: msgRtr.mirrormaker.timeout=15000 -msgRtr.mirrormaker.topic=com.onap.dmaap.mr.prod.mm.agent +msgRtr.mirrormaker.topic=org.onap.dmaap.mr.mirrormakeragent msgRtr.mirrormaker.consumergroup=mmagentserver msgRtr.mirrormaker.consumerid=1 diff --git a/kubernetes/dmaap/components/message-router/resources/config/dmaap/cadi.properties b/kubernetes/dmaap/components/message-router/resources/config/dmaap/cadi.properties index a79bb8d40a..948577aaa7 100755 --- a/kubernetes/dmaap/components/message-router/resources/config/dmaap/cadi.properties +++ b/kubernetes/dmaap/components/message-router/resources/config/dmaap/cadi.properties @@ -1,4 +1,4 @@ -aaf_locate_url=https://aaf-onap-test.osaaf.org:8095 +aaf_locate_url=https://aaf-locate:8095 aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.1 aaf_env=DEV aaf_lur=org.onap.aaf.cadi.aaf.v2_0.AAFLurPerm @@ -17,4 +17,4 @@ cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US cadi_loglevel=INFO cadi_protocols=TLSv1.1,TLSv1.2 cadi_latitude=37.78187 -cadi_longitude=-122.26147
\ No newline at end of file +cadi_longitude=-122.26147 diff --git a/kubernetes/dmaap/components/message-router/resources/mr_clusters/san-francisco.json b/kubernetes/dmaap/components/message-router/resources/mr_clusters/san-francisco.json new file mode 100644 index 0000000000..9e732d2af8 --- /dev/null +++ b/kubernetes/dmaap/components/message-router/resources/mr_clusters/san-francisco.json @@ -0,0 +1,6 @@ +{ + "dcaeLocationName": "san-francisco", + "fqdn": "message-router", + "topicProtocol": "http", + "topicPort": "3904" +} diff --git a/kubernetes/dmaap/components/message-router/resources/topics/PM_MAPPER.json b/kubernetes/dmaap/components/message-router/resources/topics/PM_MAPPER.json new file mode 100644 index 0000000000..d2910b8398 --- /dev/null +++ b/kubernetes/dmaap/components/message-router/resources/topics/PM_MAPPER.json @@ -0,0 +1,14 @@ +{ + "topicName": "PM_MAPPER", + "topicDescription": "The PM Mapper will be publishing perf3gpp VES events to this topic", + "owner": "pm-mapper", + "txenabled": false, + "clients": [{ + "dcaeLocationName": "san-francisco", + "clientIdentity": "dcae@dcae.onap.org", + "action": [ + "pub", + "view" + ] + }] +} diff --git a/kubernetes/dmaap/components/dmaap-bus-controller/resources/topics/PNF_READY.json b/kubernetes/dmaap/components/message-router/resources/topics/PNF_READY.json index 8f4cf8bd64..8f4cf8bd64 100644 --- a/kubernetes/dmaap/components/dmaap-bus-controller/resources/topics/PNF_READY.json +++ b/kubernetes/dmaap/components/message-router/resources/topics/PNF_READY.json diff --git a/kubernetes/dmaap/components/dmaap-bus-controller/resources/topics/PNF_REGISTRATION.json b/kubernetes/dmaap/components/message-router/resources/topics/PNF_REGISTRATION.json index f0dd2c7829..f0dd2c7829 100644 --- a/kubernetes/dmaap/components/dmaap-bus-controller/resources/topics/PNF_REGISTRATION.json +++ b/kubernetes/dmaap/components/message-router/resources/topics/PNF_REGISTRATION.json diff --git a/kubernetes/dmaap/components/dmaap-bus-controller/resources/topics/README b/kubernetes/dmaap/components/message-router/resources/topics/README index fbb88b97e6..fbb88b97e6 100644 --- a/kubernetes/dmaap/components/dmaap-bus-controller/resources/topics/README +++ b/kubernetes/dmaap/components/message-router/resources/topics/README diff --git a/kubernetes/dmaap/components/message-router/resources/topics/mirrormakeragent.json b/kubernetes/dmaap/components/message-router/resources/topics/mirrormakeragent.json new file mode 100644 index 0000000000..7ae77cd8a8 --- /dev/null +++ b/kubernetes/dmaap/components/message-router/resources/topics/mirrormakeragent.json @@ -0,0 +1,42 @@ +{ + "topicName": "mirrormakeragent", + "topicDescription": "the topic used to provision the MM agent whitelist", + "replicationCase": "REPLICATION_NONE", + "owner": "dmaap", + "txenabled": false, + "partitionCount": "1", + "clients": [ + { + "dcaeLocationName": "san-francisco", + "clientIdentity": "dmaap-bc-mm-prov@dmaap-bc-mm-prov.onap.org", + "action": [ + "pub", + "sub", + "view" + ] + + }, + { + "dcaeLocationName": "san-francisco", + "clientIdentity": "dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org", + "action": [ + "pub", + "sub", + "view" + ] + + }, + { + "dcaeLocationName": "san-francisco", + "clientIdentity": "demo@people.osaaf.org", + "action": [ + "pub", + "sub", + "view" + ] + + } + + ] +} + diff --git a/kubernetes/dmaap/components/message-router/templates/configmap.yaml b/kubernetes/dmaap/components/message-router/templates/configmap.yaml index 1ed788893f..e2e0da51fd 100644 --- a/kubernetes/dmaap/components/message-router/templates/configmap.yaml +++ b/kubernetes/dmaap/components/message-router/templates/configmap.yaml @@ -38,3 +38,30 @@ metadata: heritage: {{ .Release.Service }} data: {{ tpl (.Files.Glob "resources/config/dmaap/cadi.properties").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-dbc-mrclusters + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/mr_clusters/*.json").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-dbc-topics + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/topics/*.json").AsConfig . | indent 2 }} + diff --git a/kubernetes/dmaap/components/message-router/templates/post-install-job.yaml b/kubernetes/dmaap/components/message-router/templates/post-install-job.yaml new file mode 100644 index 0000000000..6d246de87f --- /dev/null +++ b/kubernetes/dmaap/components/message-router/templates/post-install-job.yaml @@ -0,0 +1,71 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ include "common.fullname" . }}-post-install + labels: + app.kubernetes.io/managed-by: {{.Release.Service | quote }} + app.kubernetes.io/instance: {{.Release.Name | quote }} + helm.sh/chart: "{{.Chart.Name}}-{{.Chart.Version}}" + annotations: + # This is what defines this resource as a hook. Without this line, the + # job is considered part of the release. + "helm.sh/hook": post-install + "helm.sh/hook-weight": "-4" + "helm.sh/hook-delete-policy": hook-succeeded +spec: + template: + metadata: + name: {{ include "common.fullname" . }} + labels: + app.kubernetes.io/managed-by: {{.Release.Service | quote }} + app.kubernetes.io/instance: {{.Release.Name | quote }} + helm.sh/chart: "{{.Chart.Name}}-{{.Chart.Version}}" + spec: + restartPolicy: Never + containers: + - name: post-install-job + image: "{{ include "common.repository" . }}/{{ .Values.global.clientImage }}" + imagePullPolicy: "Always" + env: + - name: DELAY + value: "30" + - name: PROTO + value: "http" + - name: PORT + value: "8080" + - name: REQUESTID + value: "{{.Chart.Name}}-post-install" + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + +# NOTE: on the following several configMaps, careful to include / at end +# since there may be more than one file in each mountPath +# NOTE: the basename of the subdirectory of mountPath is important - it matches the DBCL API URI + - name: {{ include "common.fullname" . }}-dbc-mrclusters + mountPath: /opt/app/config/mr_clusters/ + - name: {{ include "common.fullname" . }}-dbc-topics + mountPath: /opt/app/config/topics/ + resources: +{{ include "common.resources" . | indent 10 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 8 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 8 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: {{ include "common.fullname" . }}-dbc-mrclusters + configMap: + name: {{ include "common.fullname" . }}-dbc-mrclusters + - name: {{ include "common.fullname" . }}-dbc-topics + configMap: + name: {{ include "common.fullname" . }}-dbc-topics + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/dmaap/components/message-router/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/templates/statefulset.yaml index bdd134ac64..7bf88f5f8e 100644 --- a/kubernetes/dmaap/components/message-router/templates/statefulset.yaml +++ b/kubernetes/dmaap/components/message-router/templates/statefulset.yaml @@ -68,7 +68,7 @@ spec: periodSeconds: {{ .Values.readiness.periodSeconds }} env: - name: enableCadi - value: "false" + value: "true" volumeMounts: - mountPath: /etc/localtime name: localtime diff --git a/kubernetes/dmaap/components/message-router/values.yaml b/kubernetes/dmaap/components/message-router/values.yaml index 5d01e55077..10ce59c0ac 100644 --- a/kubernetes/dmaap/components/message-router/values.yaml +++ b/kubernetes/dmaap/components/message-router/values.yaml @@ -28,7 +28,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/dmaap/dmaap-mr:1.1.9 +image: onap/dmaap/dmaap-mr:1.1.11 pullPolicy: Always kafka: diff --git a/kubernetes/dmaap/requirements.yaml b/kubernetes/dmaap/requirements.yaml index b5b9902276..cda78cf04f 100644 --- a/kubernetes/dmaap/requirements.yaml +++ b/kubernetes/dmaap/requirements.yaml @@ -21,9 +21,9 @@ dependencies: version: ~4.x-0 repository: 'file://components/message-router' condition: message-router.enabled - - name: dmaap-bus-controller + - name: dmaap-bc version: ~4.x-0 - repository: 'file://components/dmaap-bus-controller' + repository: 'file://components/dmaap-bc' condition: dmaap-bus-controller.enabled - name: dmaap-dr-node version: ~4.x-0 diff --git a/kubernetes/dmaap/templates/configmap.yaml b/kubernetes/dmaap/templates/configmap.yaml index 6d801024f4..bdd3b0a31e 100644 --- a/kubernetes/dmaap/templates/configmap.yaml +++ b/kubernetes/dmaap/templates/configmap.yaml @@ -23,4 +23,4 @@ metadata: name: {{ .Release.Name }}-dmaap-filebeat-configmap namespace: {{ include "common.namespace" . }} data: -{{ tpl (.Files.Glob "resources/config/log/filebeat/filebeat.yml").AsConfig . | indent 2 }}
\ No newline at end of file +{{ tpl (.Files.Glob "resources/config/log/filebeat/filebeat.yml").AsConfig . | indent 2 }} diff --git a/kubernetes/dmaap/values.yaml b/kubernetes/dmaap/values.yaml index af39ede9d3..e7b39af1ad 100644 --- a/kubernetes/dmaap/values.yaml +++ b/kubernetes/dmaap/values.yaml @@ -22,6 +22,7 @@ global: readinessImage: readiness-check:2.0.0 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 + clientImage: onap/dmaap/dbc-client:1.0.5 # application configuration config: logstashServiceName: log-ls @@ -29,9 +30,9 @@ config: message-router: enabled: true -dmaap-bus-controller: +dmaap-bc: enabled: true dmaap-dr-node: enabled: true dmaap-dr-prov: - enabled: true
\ No newline at end of file + enabled: true diff --git a/kubernetes/msb/charts/msb-consul/values.yaml b/kubernetes/msb/charts/msb-consul/values.yaml index 79a26404c6..3cb5c74c14 100644 --- a/kubernetes/msb/charts/msb-consul/values.yaml +++ b/kubernetes/msb/charts/msb-consul/values.yaml @@ -22,7 +22,7 @@ global: ################################################################# # application image dockerHubRepository: registry.hub.docker.com -image: library/consul:0.9.3 +image: library/consul:1.4.3 pullPolicy: Always istioSidecar: true @@ -76,4 +76,4 @@ resources: requests: cpu: 20m memory: 100Mi - unlimited: {}
\ No newline at end of file + unlimited: {} diff --git a/kubernetes/msb/charts/msb-discovery/values.yaml b/kubernetes/msb/charts/msb-discovery/values.yaml index 42bf084324..d0e9d96ce7 100644 --- a/kubernetes/msb/charts/msb-discovery/values.yaml +++ b/kubernetes/msb/charts/msb-discovery/values.yaml @@ -24,7 +24,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/msb/msb_discovery:1.2.1 +image: onap/msb/msb_discovery:1.2.3-STAGING-latest pullPolicy: Always istioSidecar: true @@ -78,4 +78,4 @@ resources: requests: cpu: 400m memory: 400Mi - unlimited: {}
\ No newline at end of file + unlimited: {} diff --git a/kubernetes/msb/charts/msb-eag/values.yaml b/kubernetes/msb/charts/msb-eag/values.yaml index fabbed28a1..e58e51bacb 100644 --- a/kubernetes/msb/charts/msb-eag/values.yaml +++ b/kubernetes/msb/charts/msb-eag/values.yaml @@ -24,7 +24,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/msb/msb_apigateway:1.2.1 +image: onap/msb/msb_apigateway:1.2.4-STAGING-latest pullPolicy: Always istioSidecar: true @@ -82,4 +82,4 @@ resources: requests: cpu: 200m memory: 400Mi - unlimited: {}
\ No newline at end of file + unlimited: {} diff --git a/kubernetes/msb/charts/msb-iag/values.yaml b/kubernetes/msb/charts/msb-iag/values.yaml index 07eb045c14..d091a84164 100644 --- a/kubernetes/msb/charts/msb-iag/values.yaml +++ b/kubernetes/msb/charts/msb-iag/values.yaml @@ -24,7 +24,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/msb/msb_apigateway:1.2.1 +image: onap/msb/msb_apigateway:1.2.4-STAGING-latest pullPolicy: Always istioSidecar: true @@ -82,4 +82,4 @@ resources: requests: cpu: 100m memory: 400Mi - unlimited: {}
\ No newline at end of file + unlimited: {} diff --git a/kubernetes/multicloud/charts/multicloud-starlingx/.helmignore b/kubernetes/multicloud/charts/multicloud-starlingx/.helmignore new file mode 100644 index 0000000000..f0c1319444 --- /dev/null +++ b/kubernetes/multicloud/charts/multicloud-starlingx/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/kubernetes/multicloud/charts/multicloud-starlingx/Chart.yaml b/kubernetes/multicloud/charts/multicloud-starlingx/Chart.yaml new file mode 100644 index 0000000000..1305d419bb --- /dev/null +++ b/kubernetes/multicloud/charts/multicloud-starlingx/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright (c) 2019 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: ONAP multicloud OpenStack Starlingx Plugin +name: multicloud-starlingx +version: 3.0.0 diff --git a/kubernetes/multicloud/charts/multicloud-starlingx/resources/config/log/log.yml b/kubernetes/multicloud/charts/multicloud-starlingx/resources/config/log/log.yml new file mode 100644 index 0000000000..30445572d9 --- /dev/null +++ b/kubernetes/multicloud/charts/multicloud-starlingx/resources/config/log/log.yml @@ -0,0 +1,47 @@ +# Copyright (c) 2019 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +version: 1 +disable_existing_loggers: False + +loggers: + starlingx: + handlers: [starlingx_handler] + level: "DEBUG" + propagate: False + newton_base: + handlers: [starlingx_handler] + level: "DEBUG" + propagate: False + common: + handlers: [starlingx_handler] + level: "DEBUG" + propagate: False + +handlers: + starlingx_handler: + level: "DEBUG" + class: "logging.handlers.RotatingFileHandler" + filename: "/var/log/onap/multicloud/openstack/starlingx/starlingx.log" + formatter: "mdcFormat" + maxBytes: 1024*1024*50 + backupCount: 10 + +formatters: + standard: + format: "%(asctime)s|||||%(name)s||%(thread)||%(funcName)s||%(levelname)s||%(message)s" + mdcFormat: + format: "%(asctime)s|||||%(name)s||%(thread)s||%(funcName)s||%(levelname)s||%(message)s||||%(mdc)s \t" + mdcfmt: "{requestID} {invocationID} {serviceName} {serviceIP}" + datefmt: "%Y-%m-%d %H:%M:%S" + (): onaplogging.mdcformatter.MDCFormatter diff --git a/kubernetes/multicloud/charts/multicloud-starlingx/templates/NOTES.txt b/kubernetes/multicloud/charts/multicloud-starlingx/templates/NOTES.txt new file mode 100644 index 0000000000..746215b541 --- /dev/null +++ b/kubernetes/multicloud/charts/multicloud-starlingx/templates/NOTES.txt @@ -0,0 +1,34 @@ +# Copyright (c) 2019 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} +{{- end }} diff --git a/kubernetes/multicloud/charts/multicloud-starlingx/templates/configmap.yaml b/kubernetes/multicloud/charts/multicloud-starlingx/templates/configmap.yaml new file mode 100644 index 0000000000..3e8a3fcae1 --- /dev/null +++ b/kubernetes/multicloud/charts/multicloud-starlingx/templates/configmap.yaml @@ -0,0 +1,28 @@ +{{/* +# Copyright (c) 2019 Intel Corporation. +# # +# # Licensed under the Apache License, Version 2.0 (the "License"); +# # you may not use this file except in compliance with the License. +# # You may obtain a copy of the License at +# # +# # http://www.apache.org/licenses/LICENSE-2.0 +# # +# # Unless required by applicable law or agreed to in writing, software +# # distributed under the License is distributed on an "AS IS" BASIS, +# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# # See the License for the specific language governing permissions and +# # limitations under the License. +*/}} + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-log-configmap + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/log/*").AsConfig . | indent 2 }} diff --git a/kubernetes/multicloud/charts/multicloud-starlingx/templates/deployment.yaml b/kubernetes/multicloud/charts/multicloud-starlingx/templates/deployment.yaml new file mode 100644 index 0000000000..0ccc3f9f95 --- /dev/null +++ b/kubernetes/multicloud/charts/multicloud-starlingx/templates/deployment.yaml @@ -0,0 +1,110 @@ +{{/* +# Copyright (c) 2019 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + selector: + matchLabels: + app: {{ include "common.name" . }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + name: {{ include "common.name" . }} + annotations: + sidecar.istio.io/inject: "{{.Values.istioSidecar}}" + spec: + containers: + - env: + - name: MSB_ADDR + value: "{{ .Values.config.msbgateway }}.{{ include "common.namespace" . }}" + - name: MSB_PORT + value: "{{ .Values.config.msbPort }}" + - name: AAI_ADDR + value: aai.{{ include "common.namespace" . }} + - name: AAI_PORT + value: "{{ .Values.config.aai.port }}" + - name: AAI_SCHEMA_VERSION + value: "{{ .Values.config.aai.schemaVersion }}" + - name: AAI_USERNAME + value: "{{ .Values.config.aai.username }}" + - name: AAI_PASSWORD + value: "{{ .Values.config.aai.password }}" + name: {{ include "common.name" . }} + volumeMounts: + - mountPath: /var/log/onap + name: starlingx-log + - mountPath: /opt/starlingx/starlingx/pub/config/log.yml + name: starlingx-logconfig + subPath: log.yml + resources: +{{ include "common.resources" . | indent 12 }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.internalPort }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{ if .Values.liveness.enabled }} + livenessProbe: + httpGet: + path: /api/multicloud-starlingx/v0/swagger.json + port: {{ .Values.service.internalPort }} + scheme: HTTP + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} + successThreshold: {{ .Values.liveness.successThreshold }} + failureThreshold: {{ .Values.liveness.failureThreshold }} + {{ end }} + # side car containers + - image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: filebeat-onap + volumeMounts: + - mountPath: /usr/share/filebeat/filebeat.yml + name: filebeat-conf + subPath: filebeat.yml + - mountPath: /var/log/onap + name: starlingx-log + - mountPath: /usr/share/filebeat/data + name: starlingx-data-filebeat + + volumes: + - name: starlingx-log + emptyDir: {} + - name: starlingx-data-filebeat + emptyDir: {} + - name: filebeat-conf + configMap: + name: multicloud-filebeat-configmap + - name: starlingx-logconfig + configMap: + name: {{ include "common.fullname" . }}-log-configmap + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" + restartPolicy: Always diff --git a/kubernetes/multicloud/charts/multicloud-starlingx/templates/service.yaml b/kubernetes/multicloud/charts/multicloud-starlingx/templates/service.yaml new file mode 100644 index 0000000000..f6925d9961 --- /dev/null +++ b/kubernetes/multicloud/charts/multicloud-starlingx/templates/service.yaml @@ -0,0 +1,60 @@ +{{/* +# Copyright (c) 2019 Intel Corporation. +# # +# # Licensed under the Apache License, Version 2.0 (the "License"); +# # you may not use this file except in compliance with the License. +# # You may obtain a copy of the License at +# # +# # http://www.apache.org/licenses/LICENSE-2.0 +# # +# # Unless required by applicable law or agreed to in writing, software +# # distributed under the License is distributed on an "AS IS" BASIS, +# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# # See the License for the specific language governing permissions and +# # limitations under the License. +*/}} + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + annotations: + msb.onap.org/service-info: '[ + { + "serviceName": "multicloud-starlingx", + "version": "v0", + "url": "/api/multicloud-starlingx/v0", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange": "1" + }, + { + "serviceName": "multicloud-starlingx", + "version": "v1", + "url": "/api/multicloud-starlingx/v1", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange": "1" + } + ]' +spec: + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort }} + nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + type: {{ .Values.service.type }} diff --git a/kubernetes/multicloud/charts/multicloud-starlingx/values.yaml b/kubernetes/multicloud/charts/multicloud-starlingx/values.yaml new file mode 100644 index 0000000000..2ca696c704 --- /dev/null +++ b/kubernetes/multicloud/charts/multicloud-starlingx/values.yaml @@ -0,0 +1,87 @@ +# Copyright (c) 2019 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefixExt: 304 + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/multicloud/openstack-starlingx:1.3.0-SNAPSHOT +pullPolicy: Always + +#Istio sidecar injection policy +istioSidecar: false + +# application configuration +config: + msbgateway: msb-iag + msbPort: 80 + aai: + port: 8443 + schemaVersion: v13 + username: AAI + password: AAI + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 30 + periodSeconds: 10 + timeoutSeconds: 10 + successThreshold: 1 + failureThreshold: 5 + enabled: true + +service: + type: NodePort + name: multicloud-starlingx + portName: multicloud-starlingx + externalPort: 9009 + internalPort: 9009 + nodePort: 85 + +ingress: + enabled: false + +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 1 + memory: 4Gi + requests: + cpu: 10m + memory: 1Gi + large: + limits: + cpu: 2 + memory: 8Gi + requests: + cpu: 20m + memory: 2Gi + unlimited: {} diff --git a/kubernetes/multicloud/resources/config/provider-plugin.json b/kubernetes/multicloud/resources/config/provider-plugin.json index 2bc98943a5..65ed86c110 100644 --- a/kubernetes/multicloud/resources/config/provider-plugin.json +++ b/kubernetes/multicloud/resources/config/provider-plugin.json @@ -12,6 +12,11 @@ "extra_info_hint": "", "provider_plugin": "multicloud-pike" }, + "starlingx": { + "version": "starlingx", + "extra_info_hint": "", + "provider_plugin": "multicloud-starlingx" + }, "ocata": { "version": "ocata", "extra_info_hint": "", diff --git a/kubernetes/nbi/values.yaml b/kubernetes/nbi/values.yaml index ac5d3266d5..9f50620ab6 100644 --- a/kubernetes/nbi/values.yaml +++ b/kubernetes/nbi/values.yaml @@ -28,7 +28,7 @@ subChartsOnly: # application image repository: nexus3.onap.org:10001 -image: onap/externalapi/nbi:3.0.1 +image: onap/externalapi/nbi:3.0.2 pullPolicy: Always sdc_authorization: Basic YWFpOktwOGJKNFNYc3pNMFdYbGhhazNlSGxjc2UyZ0F3ODR2YW9HR21KdlV5MlU= aai_authorization: Basic QUFJOkFBSQ== @@ -85,7 +85,7 @@ affinity: {} # probe configuration parameters liveness: httpGet: - path: /nbi/api/v3/status + path: /nbi/api/v4/status port: 8080 initialDelaySeconds: 180 periodSeconds: 30 @@ -95,7 +95,7 @@ liveness: readiness: httpGet: - path: /nbi/api/v3/status + path: /nbi/api/v4/status port: 8080 initialDelaySeconds: 185 periodSeconds: 30 diff --git a/kubernetes/onap/resources/environments/dev.yaml b/kubernetes/onap/resources/environments/dev.yaml index fa263282ef..fa8619ed93 100644 --- a/kubernetes/onap/resources/environments/dev.yaml +++ b/kubernetes/onap/resources/environments/dev.yaml @@ -59,6 +59,9 @@ aai: replicaCount: 1 appc: enabled: false +cassandra: + enabled: false + replicaCount: 1 clamp: enabled: false cli: diff --git a/kubernetes/onap/resources/environments/minimal-onap.yaml b/kubernetes/onap/resources/environments/minimal-onap.yaml index b772f1f94b..989174c1c4 100644 --- a/kubernetes/onap/resources/environments/minimal-onap.yaml +++ b/kubernetes/onap/resources/environments/minimal-onap.yaml @@ -51,6 +51,9 @@ aaf: enabled: false appc: enabled: false +cassandra: + enabled: false + replicaCount: 1 clamp: enabled: false cli: diff --git a/kubernetes/onap/resources/environments/public-cloud.yaml b/kubernetes/onap/resources/environments/public-cloud.yaml index a667e174ec..d751534bd9 100644 --- a/kubernetes/onap/resources/environments/public-cloud.yaml +++ b/kubernetes/onap/resources/environments/public-cloud.yaml @@ -50,6 +50,11 @@ aai: initialDelaySeconds: 120 readiness: initialDelaySeconds: 120 +cassandra: + liveness: + initialDelaySeconds: 120 + readiness: + initialDelaySeconds: 120 clamp: liveness: initialDelaySeconds: 60 diff --git a/kubernetes/pnda/charts/dcae-pnda-bootstrap/values.yaml b/kubernetes/pnda/charts/dcae-pnda-bootstrap/values.yaml index e22b8d26e7..d01c1548c2 100644 --- a/kubernetes/pnda/charts/dcae-pnda-bootstrap/values.yaml +++ b/kubernetes/pnda/charts/dcae-pnda-bootstrap/values.yaml @@ -38,7 +38,6 @@ pnda: osUser: centos nameserver: 8.8.8.8 ntp: pool.ntp.org - mirrorNodePort: 88 apps: fsType: local networkCidr: 10.0.0.0/16 diff --git a/kubernetes/policy/charts/drools/resources/config/drools/settings.xml b/kubernetes/policy/charts/drools/resources/config/drools/settings.xml deleted file mode 100755 index 2057e94f24..0000000000 --- a/kubernetes/policy/charts/drools/resources/config/drools/settings.xml +++ /dev/null @@ -1,95 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!-- -# Copyright © 2017 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. ---> - -<settings xmlns="http://maven.apache.org/SETTINGS/1.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 http://maven.apache.org/xsd/settings-1.0.0.xsd"> - -<!-- - <proxies> - <proxy> - <id>http-proxy</id> - <active>true</active> - <protocol>http</protocol> - <host>your-proxy-host-or-ip</host> - <port>your-proxy-port</port> - <nonProxyHosts>localhost|127.0.0.1|*.svc.cluster.local|nexus</nonProxyHosts> - </proxy> - <proxy> - <id>https-proxy</id> - <active>true</active> - <protocol>https</protocol> - <host>your-proxy-host-or-ip</host> - <port>your-proxy-port</port> - <nonProxyHosts>localhost|127.0.0.1|*.svc.cluster.local|nexus</nonProxyHosts> - </proxy> - </proxies> ---> - <profiles> - <profile> - <id>policy-profile</id> - <activation> - <activeByDefault>true</activeByDefault> - </activation> - - <repositories> - <repository> - <id>policy-nexus-snapshots</id> - <url>http://{{.Values.global.nexus.nameOverride}}:{{.Values.config.nexusPort}}/nexus/content/repositories/snapshots/</url> - <releases> - <enabled>false</enabled> - <updatePolicy>always</updatePolicy> - </releases> - <snapshots> - <enabled>true</enabled> - <updatePolicy>always</updatePolicy> - </snapshots> - </repository> - - <repository> - <id>policy-nexus-releases</id> - <url>http://{{.Values.global.nexus.nameOverride}}:{{.Values.config.nexusPort}}/nexus/content/repositories/releases/</url> - <releases> - <enabled>true</enabled> - <updatePolicy>always</updatePolicy> - </releases> - <snapshots> - <enabled>false</enabled> - <updatePolicy>always</updatePolicy> - </snapshots> - </repository> - </repositories> - - </profile> - </profiles> - - <activeProfiles> - <activeProfile>policy-profile</activeProfile> - </activeProfiles> - - <servers> - <server> - <id>policy-nexus-snapshots</id> - <username>admin</username> - <password>admin123</password> - </server> - <server> - <id>policy-nexus-releases</id> - <username>admin</username> - <password>admin123</password> - </server> - </servers> - -</settings> diff --git a/kubernetes/policy/charts/drools/resources/config/log/drools/logback.xml b/kubernetes/policy/charts/drools/resources/config/log/drools/logback.xml deleted file mode 100644 index 4b058f1e4b..0000000000 --- a/kubernetes/policy/charts/drools/resources/config/log/drools/logback.xml +++ /dev/null @@ -1,103 +0,0 @@ -<!-- -# Copyright © 2017 Amdocs, Bell Canada,AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. ---> - -<configuration scan="true" scanPeriod="30 seconds" debug="false"> - - <property name="logDir" value="/var/log/onap" /> - - <property name="errorLog" value="error" /> - <property name="debugLog" value="debug" /> - <property name="networkLog" value="network" /> - - <property name="debugPattern" value="[%date|%level|%logger{0}|%thread] %msg%n" /> - <property name="errorPattern" value="${debugPattern}" /> - <property name="networkPattern" value="[%d|%t]%m%n" /> - - <appender name="ErrorOut" class="ch.qos.logback.core.rolling.RollingFileAppender"> - <file>${logDir}/${errorLog}.log</file> - <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> - <fileNamePattern>${logDir}/${errorLog}.%i.log.zip</fileNamePattern> - <minIndex>1</minIndex> - <maxIndex>5</maxIndex> - </rollingPolicy> - <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> - <level>WARN</level> - </filter> - <triggeringPolicy - class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> - <maxFileSize>15MB</maxFileSize> - </triggeringPolicy> - <encoder> - <pattern>${errorPattern}</pattern> - </encoder> - </appender> - - <appender name="AsyncErrorOut" class="ch.qos.logback.classic.AsyncAppender"> - <appender-ref ref="ErrorOut" /> - </appender> - - <appender name="DebugOut" class="ch.qos.logback.core.rolling.RollingFileAppender"> - <file>${logDir}/${debugLog}.log</file> - <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> - <fileNamePattern>${logDir}/${debugLog}.%i.log.zip</fileNamePattern> - <minIndex>1</minIndex> - <maxIndex>9</maxIndex> - </rollingPolicy> - <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> - <maxFileSize>20MB</maxFileSize> - </triggeringPolicy> - <encoder> - <pattern>${debugPattern}</pattern> - </encoder> - </appender> - - <appender name="AsyncDebugOut" class="ch.qos.logback.classic.AsyncAppender"> - <appender-ref ref="DebugOut" /> - </appender> - - <appender name="NetworkOut" class="ch.qos.logback.core.rolling.RollingFileAppender"> - <file>${logDir}/${networkLog}.log</file> - <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> - <fileNamePattern>${logDir}/${networkLog}.%i.log.zip</fileNamePattern> - <minIndex>1</minIndex> - <maxIndex>9</maxIndex> - </rollingPolicy> - <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> - <maxFileSize>15MB</maxFileSize> - </triggeringPolicy> - <encoder> - <pattern>${networkPattern}</pattern> - </encoder> - </appender> - - <appender name="AsyncNetworkOut" class="ch.qos.logback.classic.AsyncAppender"> - <appender-ref ref="NetworkOut" /> - </appender> - - <logger name="network" level="INFO" additivity="false"> - <appender-ref ref="AsyncNetworkOut" /> - </logger> - - <logger name="org.eclipse.jetty.server.RequestLog" level="info" additivity="false"> - <appender-ref ref="AsyncNetworkOut" /> - </logger> - - <root level="INFO"> - <appender-ref ref="AsyncDebugOut" /> - <appender-ref ref="AsyncErrorOut" /> - </root> - -</configuration> diff --git a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/apps-install.sh b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/apps-install.sh deleted file mode 100644 index 9fa52123e9..0000000000 --- a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/apps-install.sh +++ /dev/null @@ -1,125 +0,0 @@ -#!/bin/bash -# -# ============LICENSE_START======================================================= -# ONAP -# ================================================================================ -# Copyright (C) 2018 AT&T Intellectual Property. All rights reserved. -# Modifications Copyright © 2018 Amdocs, Bell Canada -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= -# - -# ################################# -# Usage -# ################################# - -function usage { - echo - echo "Usage: $(basename $0) <application-name> <zipped-application-version> <download-directory>" - echo "Example: $(basename $0) controlloop 1.2.0 /opt/policy/config/drools" - echo -} - -# ################################# -# snapshot url computation -# ################################# - -function url_snapshot { - if [[ $DEBUG == y ]]; then - echo "-- ${FUNCNAME[0]} --" - set -x - fi - - APP_URL="${APP_URL}/snapshots/org/onap/policy/drools-applications/${APP_NAME}/packages/apps-${APP_NAME}/${APP_VERSION}" - - local APP_METADATA_URL="${APP_URL}/maven-metadata.xml" - local APP_SNAPSHOT_VERSION=$(curl --silent "${APP_METADATA_URL}" | grep -Po "(?<=<value>).*(?=</value>)" | sort -V | tail -1) - - if [[ -z ${APP_SNAPSHOT_VERSION} ]]; then - echo "ERROR: cannot compute SNAPSHOT version" - usage - exit 1 - fi - - APP_URL="${APP_URL}/apps-${APP_NAME}-${APP_SNAPSHOT_VERSION}.zip" -} - -# ################################# -# release url computation -# ################################# - -function url_release { - if [[ $DEBUG == y ]]; then - echo "-- ${FUNCNAME[0]} --" - set -x - fi - - APP_URL="${APP_URL}/releases/org/onap/policy/drools-applications/${APP_NAME}/packages/apps-${APP_NAME}/${APP_VERSION}/apps-${APP_NAME}-${APP_VERSION}.zip" -} - -# ################################# -# Main -# ################################# - -if [[ $DEBUG == y ]]; then - set -x -fi - -APP_NAME=$1 -if [[ -z ${APP_NAME} ]]; then - echo "ERROR: no APPLICATION NAME provided (ie. controlloop)" - usage - exit 1 -fi - -APP_VERSION=$2 -if [[ -z ${APP_VERSION} ]]; then - echo "ERROR: no APPLICATION VERSION provided" - usage - exit 1 -fi - -DOWNLOAD_DIR=$3 -if [[ -z ${DOWNLOAD_DIR} ]]; then - echo "ERROR: no DOWNLOAD DIRECTORY provided" - usage - exit 1 -fi - -if [[ ! -d ${DOWNLOAD_DIR} ]]; then - echo "ERROR: ${DOWNLOAD_DIR} is not a directory" - usage - exit 1 -fi - -APP_GROUP_ID="org.onap.policy.drools-applications.${APP_NAME}.packages" -APP_ARTIFACT_ID="apps-${APP_NAME}" -APP_BASE_URL="https://nexus.onap.org/content/repositories" - -APP_URL="${APP_BASE_URL}" - -if [[ ${APP_VERSION} =~ \-SNAPSHOT$ ]]; then - url_snapshot -else - url_release -fi - -wget "${APP_URL}" -O "${DOWNLOAD_DIR}"/apps-"${APP_NAME}".zip -if [[ $? != 0 ]]; then - echo "ERROR: cannot download ${DOWNLOAD_DIR}/apps-${APP_NAME}.zip" - exit 1 -fi - -echo "APP ${APP_NAME} stored at ${DOWNLOAD_DIR}/apps-${APP_NAME}.zip" -ls -l "${DOWNLOAD_DIR}"/apps-"${APP_NAME}".zip diff --git a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/drools-preinstall.sh b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/drools-preinstall.sh deleted file mode 100644 index a8de4fc2c1..0000000000 --- a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/drools-preinstall.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# -# ============LICENSE_START======================================================= -# ONAP -# ================================================================================ -# Copyright (C) 2018 AT&T Intellectual Property. All rights reserved. -# Modifications Copyright © 2018 Amdocs, Bell Canada -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= -# - -# ################################# -# Usage -# ################################# - -function usage { - echo - echo "Usage: $(basename $0)" - echo -} - -if [[ ${DEBUG} == y ]]; then - set -x -fi - -if [[ -z ${BUILD_VERSION} ]]; then - echo "no BUILD_VERSION available as environment variable"" - usage - exit 1 -fi - -if [[ -z ${POLICY_INSTALL} ]]; then - echo "no POLICY_INSTALL available as environment variable"" - usage - exit 2 -fi - -CONFIG_DIR=$(dirname "$0") -echo "invoking ${CONFIG_DIR}/apps-install.sh for controlloop ${BUILD_VERSION} at ${POLICY_INSTALL}" -export DEBUG=y -bash ${CONFIG_DIR}/apps-install.sh controlloop ${BUILD_VERSION} ${POLICY_INSTALL} -unzip -o ${POLICY_INSTALL}/app*.zip -d ${POLICY_INSTALL} diff --git a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/drools-tweaks.sh b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/drools-tweaks.sh deleted file mode 100644 index 5f504e2c65..0000000000 --- a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/drools-tweaks.sh +++ /dev/null @@ -1,71 +0,0 @@ -#! /bin/bash -xv - -# Copyright © 2017-2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - - -"${POLICY_HOME}"/bin/features enable healthcheck -"${POLICY_HOME}"/bin/features enable distributed-locking - -"${POLICY_HOME}"/bin/db-migrator -s pooling -o upgrade - -# make sure the PDPD-CONFIGURATION anonymous topic is created -# so not to lose any configuration updates - -echo -echo "testing publish to PDPD-CONFIGURATION topic" -echo - -curl --silent --connect-timeout 15 -X POST --header "Content-Type: application/json" -d "{}" http://message-router:3904/events/PDPD-CONFIGURATION - -echo -echo "testing subscribe to PDPD-CONFIGURATION topic " -echo - -curl --silent --connect-timeout 15 -X GET http://message-router:3904/events/PDPD-CONFIGURATION/1/1?timeout=5000 - -# for resiliency/scalability scenarios, check to see -# if there's an amsterdam artifact already deployed -# by brmsgw. If so, update the amsterdam controller -# coordinates. In the future, a more sophisticated -# solution will be put in place, that will required -# coordination among policy components. - -echo -echo "checking if there are amsterdam policies already deployed .." -echo - -AMSTERDAM_VERSION=$(curl --silent --connect-timeout 20 -X GET "http://nexus:8081/nexus/service/local/artifact/maven/resolve?r=releases&g=org.onap.policy-engine.drools.amsterdam&a=policy-amsterdam-rules&v=RELEASE" | grep -Po "(?<=<version>).*(?=</version>)") - -if [[ -z ${AMSTERDAM_VERSION} ]]; then - echo "no amsterdam policies have been found .." - exit 0 -fi - -echo -echo "The latest deployed amsterdam artifact in nexus has version ${AMSTERDAM_VERSION}" -echo - -sed -i.INSTALL -e "s/^rules.artifactId=.*/rules.artifactId=policy-amsterdam-rules/g" \ - -e "s/^rules.groupId=.*/rules.groupId=org.onap.policy-engine.drools.amsterdam/g" \ - -e "s/^rules.version=.*/rules.version=${AMSTERDAM_VERSION}/g" "${POLICY_HOME}"/config/amsterdam-controller.properties - -echo -echo "amsterdam controller will be started brained with maven coordinates:" -echo - -grep "^rules" "${POLICY_HOME}"/config/amsterdam-controller.properties - -echo -echo diff --git a/kubernetes/policy/charts/drools/templates/configmap.yaml b/kubernetes/policy/charts/drools/templates/configmap.yaml index 16053d39e7..1f9503130c 100644 --- a/kubernetes/policy/charts/drools/templates/configmap.yaml +++ b/kubernetes/policy/charts/drools/templates/configmap.yaml @@ -1,5 +1,5 @@ # Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T +# Modifications Copyright © 2018-2019 AT&T # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -16,24 +16,7 @@ apiVersion: v1 kind: ConfigMap metadata: - name: {{ include "common.fullname" . }}-settings-configmap - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/config/drools/settings.xml").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: name: {{ include "common.fullname" . }}-configmap namespace: {{ include "common.namespace" . }} data: {{ tpl (.Files.Glob "resources/config/opt/policy/config/drools/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-log-configmap - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/config/log/drools/logback.xml").AsConfig . | indent 2 }} - diff --git a/kubernetes/policy/charts/drools/templates/statefulset.yaml b/kubernetes/policy/charts/drools/templates/statefulset.yaml index 4a7f8e2b1d..beacbabd06 100644 --- a/kubernetes/policy/charts/drools/templates/statefulset.yaml +++ b/kubernetes/policy/charts/drools/templates/statefulset.yaml @@ -1,5 +1,5 @@ # Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T +# Modifications Copyright © 2018-2019 AT&T # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -59,10 +59,6 @@ spec: ports: - containerPort: {{ .Values.service.externalPort }} - containerPort: {{ .Values.service.externalPort2 }} - command: - - /bin/bash - - -c - - ./do-start.sh {{- if eq .Values.liveness.enabled true }} livenessProbe: tcpSocket: @@ -91,30 +87,8 @@ spec: - mountPath: /tmp/policy-install/config/base.conf name: drools-config subPath: base.conf - - mountPath: /tmp/policy-install/config/policy-management.conf - name: drools-config - subPath: policy-management.conf - - mountPath: /tmp/policy-install/config/drools-tweaks.sh - name: drools-config - subPath: drools-tweaks.sh - - mountPath: /tmp/policy-install/config/apps-install.sh - name: drools-config - subPath: apps-install.sh - - mountPath: /tmp/policy-install/config/drools-preinstall.sh - name: drools-config - subPath: drools-preinstall.sh - - mountPath: /usr/share/maven/conf/settings.xml - name: drools-settingsxml - subPath: settings.xml - mountPath: /var/log/onap name: policy-logs - - mountPath: /tmp/logback.xml - name: policy-logback - subPath: logback.xml - lifecycle: - postStart: - exec: - command: ["/bin/sh", "-c", "export LOG=wait_logback.log; touch $LOG; export SRC=/tmp/logback.xml; export DST=/opt/app/policy/config/; while [ ! -e $DST ]; do echo 'Waiting for $DST...' >> $LOG; sleep 5; done; sleep 2; /bin/cp -f $SRC $DST; echo 'Done' >> $LOG"] resources: {{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} @@ -147,12 +121,6 @@ spec: emptyDir: {} - name: policy-data-filebeat emptyDir: {} - - name: policy-logback - configMap: - name: {{ include "common.fullname" . }}-log-configmap - - name: drools-settingsxml - configMap: - name: {{ include "common.fullname" . }}-settings-configmap - name: drools-config configMap: name: {{ include "common.fullname" . }}-configmap @@ -163,18 +131,6 @@ spec: - key: feature-pooling-dmaap.conf path: feature-pooling-dmaap.conf mode: 0755 - - key: policy-management.conf - path: policy-management.conf - mode: 0755 - - key: drools-tweaks.sh - path: drools-tweaks.sh - mode: 0755 - - key: apps-install.sh - path: apps-install.sh - mode: 0755 - - key: drools-preinstall.sh - path: drools-preinstall.sh - mode: 0755 - name: drools-secret secret: secretName: {{ include "common.fullname" . }}-secret diff --git a/kubernetes/policy/charts/drools/values.yaml b/kubernetes/policy/charts/drools/values.yaml index 1400e6c97e..fdb73e1485 100644 --- a/kubernetes/policy/charts/drools/values.yaml +++ b/kubernetes/policy/charts/drools/values.yaml @@ -1,5 +1,5 @@ # Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T +# Modifications Copyright © 2018-2019 AT&T # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -28,7 +28,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/policy-drools:1.4-SNAPSHOT-latest +image: onap/policy-pdpd-cl:1.4-SNAPSHOT-latest pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/charts/policy-xacml-pdp/Chart.yaml b/kubernetes/policy/charts/policy-xacml-pdp/Chart.yaml new file mode 100644 index 0000000000..be4325e6b2 --- /dev/null +++ b/kubernetes/policy/charts/policy-xacml-pdp/Chart.yaml @@ -0,0 +1,22 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +apiVersion: v1 +description: ONAP Policy XACML PDP +name: policy-xacml-pdp +version: 4.0.0 diff --git a/kubernetes/policy/charts/policy-xacml-pdp/requirements.yaml b/kubernetes/policy/charts/policy-xacml-pdp/requirements.yaml new file mode 100644 index 0000000000..768bdb372d --- /dev/null +++ b/kubernetes/policy/charts/policy-xacml-pdp/requirements.yaml @@ -0,0 +1,22 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +dependencies: + - name: common + version: ~4.x-0 + repository: '@local' diff --git a/kubernetes/policy/charts/policy-xacml-pdp/resources/config/config.json b/kubernetes/policy/charts/policy-xacml-pdp/resources/config/config.json new file mode 100644 index 0000000000..7fb864bb31 --- /dev/null +++ b/kubernetes/policy/charts/policy-xacml-pdp/resources/config/config.json @@ -0,0 +1,26 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +{ + "name":"XacmlPdpGroup", + "restServerParameters":{ + "host":"0.0.0.0", + "port":6969, + "userName":"healthcheck", + "password":"zb!XztG34" + } +} diff --git a/kubernetes/policy/charts/policy-xacml-pdp/templates/configmap.yaml b/kubernetes/policy/charts/policy-xacml-pdp/templates/configmap.yaml new file mode 100644 index 0000000000..d90b0c93dc --- /dev/null +++ b/kubernetes/policy/charts/policy-xacml-pdp/templates/configmap.yaml @@ -0,0 +1,25 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-configmap + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/config.json").AsConfig . | indent 2 }} diff --git a/kubernetes/policy/charts/policy-xacml-pdp/templates/deployment.yaml b/kubernetes/policy/charts/policy-xacml-pdp/templates/deployment.yaml new file mode 100644 index 0000000000..20b2afbf50 --- /dev/null +++ b/kubernetes/policy/charts/policy-xacml-pdp/templates/deployment.yaml @@ -0,0 +1,66 @@ +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: ["/opt/app/policy/pdpx/bin/policy-pdpx.sh"] + args: ["/opt/app/policy/pdpx/etc/mounted/config.json"] + ports: + - containerPort: {{ .Values.service.internalPort }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /opt/app/policy/pdpx/etc/mounted + name: pdpxconfig + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: pdpxconfig + configMap: + name: {{ include "common.fullname" . }}-configmap + defaultMode: 0755 + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/policy/charts/policy-xacml-pdp/templates/service.yaml b/kubernetes/policy/charts/policy-xacml-pdp/templates/service.yaml new file mode 100644 index 0000000000..c02dbfd0af --- /dev/null +++ b/kubernetes/policy/charts/policy-xacml-pdp/templates/service.yaml @@ -0,0 +1,37 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} diff --git a/kubernetes/policy/charts/policy-xacml-pdp/values.yaml b/kubernetes/policy/charts/policy-xacml-pdp/values.yaml new file mode 100644 index 0000000000..fcfbab2471 --- /dev/null +++ b/kubernetes/policy/charts/policy-xacml-pdp/values.yaml @@ -0,0 +1,67 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +################################################################# +# Global configuration defaults. +################################################################# +global: + persistence: {} + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/policy-xacml-pdp:2.0.0-SNAPSHOT-latest +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 20 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 20 + periodSeconds: 10 + +service: + type: ClusterIP + name: policy-xacml-pdp + portName: policy-xacml-pdp + externalPort: 6969 + internalPort: 6969 + +ingress: + enabled: false + +resources: {} diff --git a/kubernetes/pomba/charts/pomba-contextaggregator/resources/bin/pre_start.sh b/kubernetes/pomba/charts/pomba-contextaggregator/resources/bin/pre_start.sh deleted file mode 100644 index 8a76cdd929..0000000000 --- a/kubernetes/pomba/charts/pomba-contextaggregator/resources/bin/pre_start.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/sh - -# Get the list of topic from curl ressult -dmaap_mr_host=message-router -dmaap_mr_port=3904 -temp_output_file=".tmpoutput" -curl -X GET http://$dmaap_mr_host:$dmaap_mr_port/topics > $temp_output_file - -# Test topic POA-AUDIT-INIT, POA-AUDIT-RESULT, POA-RULE-VALIDATION -TOPICS="POA-AUDIT-INIT POA-RULE-VALIDATION POA-AUDIT-RESULT" -for i_topic in $TOPICS -do - echo "Looping ... topic: $i_topic" - if grep -iFq "$i_topic" $temp_output_file - then - # code if found - echo "$i_topic found." - else - # code if not found - echo "$i_topic NOT found." - curl -X POST -H "content-type: application/json" --data '{"event":"create topic"}' http://$dmaap_mr_host:$dmaap_mr_port/events/$i_topic - fi -done - -# remove the temp file -rm -f $temp_output_file diff --git a/kubernetes/pomba/charts/pomba-contextaggregator/resources/config/builders/sdc.properties b/kubernetes/pomba/charts/pomba-contextaggregator/resources/config/builders/sdc.properties index 9a27a6c8c8..77789f49bd 100755 --- a/kubernetes/pomba/charts/pomba-contextaggregator/resources/config/builders/sdc.properties +++ b/kubernetes/pomba/charts/pomba-contextaggregator/resources/config/builders/sdc.properties @@ -24,4 +24,4 @@ key.manager.factory.algorithm=SunX509 security.protocol=TLS connection.timeout.ms=60000 read.timeout.ms=60000 -base.uri=/sdccontextbuilder/service/context +base.uri=/sdccontextbuilder/v2/service/context diff --git a/kubernetes/pomba/charts/pomba-contextaggregator/templates/configmap.yaml b/kubernetes/pomba/charts/pomba-contextaggregator/templates/configmap.yaml index b984c52b15..6225338c76 100755 --- a/kubernetes/pomba/charts/pomba-contextaggregator/templates/configmap.yaml +++ b/kubernetes/pomba/charts/pomba-contextaggregator/templates/configmap.yaml @@ -31,15 +31,7 @@ data: apiVersion: v1 kind: ConfigMap metadata: - name: {{ include "common.fullname" . }}-pre-start-configmap - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/bin/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: name: {{ include "common.fullname" . }}-log namespace: {{ include "common.namespace" . }} data: -{{ tpl (.Files.Glob "resources/config/logback.xml").AsConfig . | indent 2 }}
\ No newline at end of file +{{ tpl (.Files.Glob "resources/config/logback.xml").AsConfig . | indent 2 }} diff --git a/kubernetes/pomba/charts/pomba-contextaggregator/templates/deployment.yaml b/kubernetes/pomba/charts/pomba-contextaggregator/templates/deployment.yaml index cbbe93d63c..589b2f2275 100755 --- a/kubernetes/pomba/charts/pomba-contextaggregator/templates/deployment.yaml +++ b/kubernetes/pomba/charts/pomba-contextaggregator/templates/deployment.yaml @@ -78,10 +78,6 @@ spec: - mountPath: /opt/app/config/builders name: {{ include "common.fullname" . }}-config-builders readOnly: true - - mountPath: /opt/app/bin/pre_start.sh - name: {{ include "common.fullname" . }}-pre-start - subPath: pre_start.sh - readOnly: false - name: {{ include "common.fullname" . }}-logs mountPath: /opt/app/logs readOnly: false @@ -126,10 +122,6 @@ spec: - name: {{ include "common.fullname" . }}-config-builders configMap: name: {{ include "common.fullname" . }}-configmap-builders - - name: {{ include "common.fullname" . }}-pre-start - configMap: - name: {{ include "common.fullname" . }}-pre-start-configmap - defaultMode: 0777 - name: {{ include "common.fullname" . }}-filebeat-conf configMap: name: {{ .Release.Name }}-pomba-filebeat-configmap diff --git a/kubernetes/pomba/charts/pomba-contextaggregator/templates/service.yaml b/kubernetes/pomba/charts/pomba-contextaggregator/templates/service.yaml new file mode 100644 index 0000000000..defd063d2f --- /dev/null +++ b/kubernetes/pomba/charts/pomba-contextaggregator/templates/service.yaml @@ -0,0 +1,41 @@ +# Copyright © 2018 Amdocs +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort }} + #Example internal target port if required + #targetPort: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName | default "http" }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName | default "http" }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} diff --git a/kubernetes/pomba/charts/pomba-contextaggregator/values.yaml b/kubernetes/pomba/charts/pomba-contextaggregator/values.yaml index 32544219f3..40d40b3611 100755 --- a/kubernetes/pomba/charts/pomba-contextaggregator/values.yaml +++ b/kubernetes/pomba/charts/pomba-contextaggregator/values.yaml @@ -75,8 +75,8 @@ service: #Services may use any combination of ports depending on the 'type' of #service being defined. - #type: ClusterIP - #externalPort: 9529 + type: ClusterIP + externalPort: 9529 internalPort: 9529 #nodePort: <replace with unused node port suffix eg. 23> # optional port name override - default can be defined in service.yaml diff --git a/kubernetes/pomba/charts/pomba-elasticsearch/values.yaml b/kubernetes/pomba/charts/pomba-elasticsearch/values.yaml index f3d2aaa311..00eb921779 100644 --- a/kubernetes/pomba/charts/pomba-elasticsearch/values.yaml +++ b/kubernetes/pomba/charts/pomba-elasticsearch/values.yaml @@ -29,7 +29,7 @@ busyboxImage: library/busybox:latest # application image loggingRepository: docker.elastic.co -image: elasticsearch/elasticsearch:6.3.1 +image: elasticsearch/elasticsearch:6.6.2 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/pomba/charts/pomba-kibana/resources/config/validationsDump.json b/kubernetes/pomba/charts/pomba-kibana/resources/config/validationsDump.json deleted file mode 100644 index ae01e9679f..0000000000 --- a/kubernetes/pomba/charts/pomba-kibana/resources/config/validationsDump.json +++ /dev/null @@ -1,192 +0,0 @@ -{ - "service-validations": { - "mappings": { - "default": { - "properties": { - "modelInvariantId": { - "type": "text" - }, - "modelName": { - "type": "text" - }, - "modelVersionId": { - "type": "text" - }, - "result": { - "type": "text" - }, - "serviceInstanceId": { - "type": "text" - }, - "validationId": { - "type": "text" - }, - "validationTimestamp": { - "type": "date", - "format": "MMM d y HH:m:s||dd-MM-yyyy HH:mm:ss||yyyy-MM-dd'T'HH:mm:ss.SSSZZ||MM/dd/yyyy||yyyyMMdd'T'HHmmssZ" - }, - "violations": { - "type": "nested", - "properties": { - "category": { - "type": "text" - }, - "errorMessage": { - "type": "text" - }, - "modelName": { - "type": "text" - }, - "severity": { - "type": "text" - }, - "validationRule": { - "type": "text" - }, - "violationDetails": { - "properties": { - "context-list-aai-vf-list[*]": { - "properties": { - "invariant-id": { - "type": "text" - }, - "name": { - "type": "text" - }, - "nf-naming-code": { - "type": "text" - }, - "type": { - "type": "text" - }, - "uuid": { - "type": "text" - }, - "vf-module-list": { - "properties": { - "invariant-id": { - "type": "text" - }, - "max-instances": { - "type": "long" - }, - "min-instances": { - "type": "long" - }, - "uuid": { - "type": "text" - } - } - }, - "vnfc-list": { - "properties": { - "name": { - "type": "text" - }, - "nfc-naming-code": { - "type": "text" - } - } - } - } - }, - "context-list-aai-vf-list[*]-name": { - "type": "text" - }, - "context-list-aai-vf-list[*]-type": { - "type": "text" - }, - "context-list-aai-vf[*]-name": { - "type": "text" - }, - "context-list-aai-vf[*]-type": { - "type": "text" - }, - "context-list-sdc-service-name": { - "type": "text" - }, - "context-list-sdc-vf-list[*]": { - "properties": { - "invariant-id": { - "type": "text" - }, - "name": { - "type": "text" - }, - "type": { - "type": "text" - }, - "uuid": { - "type": "text" - }, - "vf-module-list": { - "properties": { - "invariant-id": { - "type": "text" - }, - "max-instances": { - "type": "long" - }, - "min-instances": { - "type": "long" - }, - "uuid": { - "type": "text" - } - } - }, - "vnfc-list": { - "properties": { - "invariant-id": { - "type": "text" - }, - "name": { - "type": "text" - }, - "nfc-naming-code": { - "type": "text" - }, - "uuid": { - "type": "text" - } - } - } - } - }, - "context-list-sdnc-vf-list[*]-name": { - "type": "text" - }, - "context-list-sdnc-vf-list[*]-type": { - "type": "text" - }, - "context-list-sdnc-vf[*]-name": { - "type": "text" - }, - "context-list-sdnc-vf[*]-type": { - "type": "text" - } - } - }, - "violationId": { - "type": "text" - }, - "violationTimestamp": { - "type": "date", - "format": "MMM d y HH:m:s||dd-MM-yyyy HH:mm:ss||yyyy-MM-dd'T'HH:mm:ss.SSSZZ||MM/dd/yyyy||yyyyMMdd'T'HHmmssZ" - }, - "violationType": { - "type": "text" - } - } - }, - "client": { - "type": "text" - }, - "requestId": { - "type": "text" - } - } - } - } - } -} diff --git a/kubernetes/pomba/charts/pomba-kibana/resources/config/violationsDump.json b/kubernetes/pomba/charts/pomba-kibana/resources/config/violationsDump.json deleted file mode 100644 index 790f8c7f7d..0000000000 --- a/kubernetes/pomba/charts/pomba-kibana/resources/config/violationsDump.json +++ /dev/null @@ -1,48 +0,0 @@ -{ - "service-violations": { - "mappings": { - "default": { - "properties": { - "category": { - "type": "text" - }, - "message": { - "type": "text" - }, - "modelInvariantId": { - "type": "text" - }, - "modelVersionId": { - "type": "text" - }, - "serviceInstanceId": { - "type": "text" - }, - "severity": { - "type": "text" - }, - "validationId": { - "type": "text" - }, - "validationRule": { - "type": "text" - }, - "validationTimestamp": { - "type": "date", - "format": "MMM d y HH:m:s||dd-MM-yyyy HH:mm:ss||yyyy-MM-dd'T'HH:mm:ss.SSSZZ||MM/dd/yyyy||yyyyMMdd'T'HHmmssZ" - }, - "violationId": { - "type": "text" - }, - "violationTimestamp": { - "type": "date", - "format": "MMM d y HH:m:s||dd-MM-yyyy HH:mm:ss||yyyy-MM-dd'T'HH:mm:ss.SSSZZ||MM/dd/yyyy||yyyyMMdd'T'HHmmssZ" - }, - "violationType": { - "type": "text" - } - } - } - } - } -}
\ No newline at end of file diff --git a/kubernetes/pomba/charts/pomba-kibana/templates/deployment.yaml b/kubernetes/pomba/charts/pomba-kibana/templates/deployment.yaml index 2bc9e796c9..58a0a90acf 100644 --- a/kubernetes/pomba/charts/pomba-kibana/templates/deployment.yaml +++ b/kubernetes/pomba/charts/pomba-kibana/templates/deployment.yaml @@ -79,40 +79,6 @@ spec: - mountPath: /config/default.json name: {{ include "common.fullname" . }} subPath: default.json - - args: - - --output=http://{{.Values.config.elasticsearchServiceName}}.{{ include "common.namespace" . }}:{{.Values.config.elasticsearchPort}}/service-validations - - --input=/config/validationsDump.json - - --type=mapping - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ .Values.configRepository }}/{{ .Values.configImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-config-validation - volumeMounts: - - mountPath: /config/validationsDump.json - name: {{ include "common.fullname" . }} - subPath: validationsDump.json - - args: - - --output=http://{{.Values.config.elasticsearchServiceName}}.{{ include "common.namespace" . }}:{{.Values.config.elasticsearchPort}}/service-violations - - --input=/config/violationsDump.json - - --type=mapping - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ .Values.configRepository }}/{{ .Values.configImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-config-violation - volumeMounts: - - mountPath: /config/violationsDump.json - name: {{ include "common.fullname" . }} - subPath: violationsDump.json containers: - name: {{ include "common.name" . }} image: "{{ .Values.global.loggingRepository | default .Values.loggingRepository }}/{{ .Values.image }}" @@ -175,10 +141,6 @@ spec: path: kibana.yml - key: default.json path: default.json - - key: validationsDump.json - path: validationsDump.json - - key: violationsDump.json - path: violationsDump.json - key: default-mapping.json path: default-mapping.json - name: {{ include "common.fullname" . }}-auth diff --git a/kubernetes/pomba/charts/pomba-kibana/values.yaml b/kubernetes/pomba/charts/pomba-kibana/values.yaml index fe50e47fda..53725b7798 100644 --- a/kubernetes/pomba/charts/pomba-kibana/values.yaml +++ b/kubernetes/pomba/charts/pomba-kibana/values.yaml @@ -34,7 +34,7 @@ busyboxImage: library/busybox:latest # application image loggingRepository: docker.elastic.co -image: kibana/kibana:6.3.1 +image: kibana/kibana:6.6.2 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/pomba/charts/pomba-sdncctxbuilder/resources/config/application.properties b/kubernetes/pomba/charts/pomba-sdncctxbuilder/resources/config/application.properties index 455198223c..24b443c57f 100644 --- a/kubernetes/pomba/charts/pomba-sdncctxbuilder/resources/config/application.properties +++ b/kubernetes/pomba/charts/pomba-sdncctxbuilder/resources/config/application.properties @@ -17,7 +17,7 @@ spring.mvc.urls=swagger,docs,prometheus,auditevents,info,heapdump,autoconfig,bea camel.springboot.xmlRoutes = file:config/dynamic/routes/*.route service.xml.beans = config/dynamic/conf/*.xml -server.contextPath=/sdnccontextbuilder/v1 +server.contextPath=/sdnccontextbuilder spring.autoconfigure.exclude=org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration,org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration #This property is used to set the Tomcat connector attributes.developers can define multiple attributes separated by comma diff --git a/kubernetes/pomba/charts/pomba-search-data/resources/config/es-payload-translation.json b/kubernetes/pomba/charts/pomba-search-data/resources/config/es-payload-translation.json index de8bacf4cb..58ed8f6428 100644 --- a/kubernetes/pomba/charts/pomba-search-data/resources/config/es-payload-translation.json +++ b/kubernetes/pomba/charts/pomba-search-data/resources/config/es-payload-translation.json @@ -1,19 +1,16 @@ { - "attr-translations": [{ - "from": "\"type\":\"string\",\"index\":\"analyzed\"", - "to": "\"type\":\"text\",\"index\":\"true\"" - }, + "attr-translations": [ { - "from": "\"type\":\"string\",\"index\":\"not_analyzed\"", - "to": "\"type\":\"keyword\",\"index\":\"true\"" + "query": "$..[?(@.type=='string' && @.index=='analyzed')]", + "update": {"type": "text", "index": true, "fielddata": true} }, { - "from": "\"type\":\"string\"", - "to": "\"type\":\"text\"" + "query": "$..[?(@.type=='string' && @.index=='not_analyzed')]", + "update": {"type": "keyword", "index": true} }, { - "from": "searchable", - "to": "index" + "query": "$..[?(@.type=='string' && !@.index)]", + "update": {"type": "text", "fielddata": true} } ] }
\ No newline at end of file diff --git a/kubernetes/pomba/charts/pomba-servicedecomposition/values.yaml b/kubernetes/pomba/charts/pomba-servicedecomposition/values.yaml index 4d8d496223..b1065c14a8 100644 --- a/kubernetes/pomba/charts/pomba-servicedecomposition/values.yaml +++ b/kubernetes/pomba/charts/pomba-servicedecomposition/values.yaml @@ -1,4 +1,4 @@ -# Copyright © 2018 Amdocs +# Copyright © 2018 Amdocs # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.jks b/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.jks Binary files differdeleted file mode 100644 index 4b7e115d8c..0000000000 --- a/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.jks +++ /dev/null diff --git a/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.p12 b/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.p12 Binary files differindex df2f4f6cd3..c53a7ae9b3 100644 --- a/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.p12 +++ b/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.p12 diff --git a/kubernetes/robot/resources/config/eteshare/config/integration_robot_properties.py b/kubernetes/robot/resources/config/eteshare/config/integration_robot_properties.py index 8c23ef9e49..5e6288e5e7 100644 --- a/kubernetes/robot/resources/config/eteshare/config/integration_robot_properties.py +++ b/kubernetes/robot/resources/config/eteshare/config/integration_robot_properties.py @@ -65,10 +65,19 @@ GLOBAL_LOG_ELASTICSEARCH_PORT = "9200" GLOBAL_LOG_LOGSTASH_PORT = "9600" GLOBAL_LOG_KIBANA_PORT = "5601" # pomba info - NOTE: no pomba is run in HEAT; only on OOM -GLOBAL_POMBA_SERVER_PROTOCOL = "http" +GLOBAL_POMBA_SERVER_PROTOCOL_HTTP = "http" +GLOBAL_POMBA_SERVER_PROTOCOL_HTTPS = "https" GLOBAL_POMBA_AAICONTEXTBUILDER_PORT = "9530" GLOBAL_POMBA_SDCCONTEXTBUILDER_PORT = "9530" GLOBAL_POMBA_NETWORKDISCCONTEXTBUILDER_PORT = "9530" +GLOBAL_POMBA_SERVICEDECOMPOSITION_PORT = "9532" +GLOBAL_POMBA_SDNCCXTBUILDER_PORT = "9530" +GLOBAL_POMBA_NETWORKDISCOVERY_MICROSERVICE_PORT = "9531" +GLOBAL_POMBA_VALIDATIONSERVICE_PORT = "9529" +GLOBAL_POMBA_KIBANA_PORT = "5601" +GLOBAL_POMBA_ELASTICSEARCH_PORT = "9200" +GLOBAL_POMBA_CONTEXTAGGREGATOR_PORT = "9529" + # microservice bus info - everything is from the private oam network (also called onap private network) GLOBAL_MSB_SERVER_PROTOCOL = "http" GLOBAL_MSB_SERVER_PORT = "80" @@ -87,7 +96,7 @@ GLOBAL_MSO_OPENSTACK_SERVER_PORT = "8087" GLOBAL_MSO_REQDB_SERVER_PORT = "8083" GLOBAL_MSO_SDNC_SERVER_PORT = "8086" GLOBAL_MSO_VFC_SERVER_PORT = "8084" - +GLOBAL_MSO_VNFM_SERVER_PORT = "9092" GLOBAL_MSO_USERNAME = "{{ .Values.soUsername }}" GLOBAL_MSO_CATDB_USERNAME = "{{ .Values.soCatdbUsername }}" GLOBAL_MSO_PASSWORD = "{{ .Values.soPassword }}" diff --git a/kubernetes/robot/resources/config/eteshare/config/vm_properties.py b/kubernetes/robot/resources/config/eteshare/config/vm_properties.py index faa890d642..6684bcab05 100644 --- a/kubernetes/robot/resources/config/eteshare/config/vm_properties.py +++ b/kubernetes/robot/resources/config/eteshare/config/vm_properties.py @@ -35,6 +35,13 @@ GLOBAL_INJECTED_LOG_LOGSTASH_IP_ADDR = "log-ls-http.{{include "common.namespace" GLOBAL_INJECTED_POMBA_AAI_CONTEXT_BUILDER_IP_ADDR = "pomba-aaictxbuilder.{{include "common.namespace" .}}" GLOBAL_INJECTED_POMBA_SDC_CONTEXT_BUILDER_IP_ADDR = "pomba-sdcctxbuilder.{{include "common.namespace" .}}" GLOBAL_INJECTED_POMBA_NETWORK_DISC_CONTEXT_BUILDER_IP_ADDR = "pomba-networkdiscoveryctxbuilder.{{include "common.namespace" .}}" +GLOBAL_INJECTED_POMBA_SERVICE_DECOMPOSITION_IP_ADDR = "pomba-servicedecomposition.{{include "common.namespace" .}}" +GLOBAL_INJECTED_POMBA_SDNC_CTX_BUILDER_IP_ADDR = "pomba-sdncctxbuilder.{{include "common.namespace" .}}" +GLOBAL_INJECTED_POMBA_NETWORKDISCOVERY_MICROSERVICE_IP_ADDR = "pomba-networkdiscovery.{{include "common.namespace" .}}" +GLOBAL_INJECTED_POMBA_VALIDATION_SERVICE_IP_ADDR = "pomba-validation-service.{{include "common.namespace" .}}" +GLOBAL_INJECTED_POMBA_KIBANA_IP_ADDR = "pomba-kibana.{{include "common.namespace" .}}" +GLOBAL_INJECTED_POMBA_ELASTIC_SEARCH_IP_ADDR = "pomba-es.{{include "common.namespace" .}}" +GLOBAL_INJECTED_POMBA_CONTEX_TAGGREGATOR_IP_ADDR = "pomba-contextaggregator.{{include "common.namespace" .}}" GLOBAL_INJECTED_KEYSTONE = "{{ .Values.openStackKeyStoneUrl }}" GLOBAL_INJECTED_MR_IP_ADDR = "message-router.{{include "common.namespace" .}}" GLOBAL_INJECTED_MUSIC_IP_ADDR = "music.{{include "common.namespace" .}}" @@ -77,6 +84,7 @@ GLOBAL_INJECTED_SO_OPENSTACK_IP_ADDR = "so-openstack-adapter.{{include "common.n GLOBAL_INJECTED_SO_REQDB_IP_ADDR = "so-request-db-adapter.{{include "common.namespace" .}}" GLOBAL_INJECTED_SO_SDNC_IP_ADDR = "so-sdnc-adapter.{{include "common.namespace" .}}" GLOBAL_INJECTED_SO_VFC_IP_ADDR = "so-vfc-adapter.{{include "common.namespace" .}}" +GLOBAL_INJECTED_SO_VNFM_IP_ADDR = "so-vnfm-adapter.{{include "common.namespace" .}}" GLOBAL_INJECTED_UBUNTU_1404_IMAGE = "{{ .Values.ubuntu14Image }}" GLOBAL_INJECTED_UBUNTU_1604_IMAGE = "{{ .Values.ubuntu16Image }}" GLOBAL_INJECTED_VM_IMAGE_NAME = "{{ .Values.ubuntu14Image }}" @@ -108,6 +116,9 @@ GLOBAL_INJECTED_PROPERTIES = { "GLOBAL_INJECTED_POMBA_AAI_CONTEXT_BUILDER_IP_ADDR" : "pomba-aaictxbuilder.{{include "common.namespace" .}}", "GLOBAL_INJECTED_POMBA_SDC_CONTEXT_BUILDER_IP_ADDR" : "pomba-sdcctxbuilder.{{include "common.namespace" .}}", "GLOBAL_INJECTED_POMBA_NETWORK_DISC_CONTEXT_BUILDER_IP_ADDR" : "pomba-networkdiscovery.{{include "common.namespace" .}}", + "GLOBAL_INJECTED_POMBA_SERVICE_DECOMPOSITION_IP_ADDR" : "pomba-servicedecomposition.{{include "common.namespace" .}}", + "GLOBAL_INJECTED_POMBA_SDNC_CTX_BUILDER_IP_ADDR" : "pomba-sdncctxbuilder.{{include "common.namespace" .}}", + "GLOBAL_INJECTED_POMBA_CONTEX_TAGGREGATOR_IP_ADDR" : "pomba-contextaggregator.{{include "common.namespace" .}}", "GLOBAL_INJECTED_MUSIC_IP_ADDR" : "music.{{include "common.namespace" .}}", "GLOBAL_INJECTED_NBI_IP_ADDR" : "nbi.{{include "common.namespace" .}}", "GLOBAL_INJECTED_NETWORK" : "{{ .Values.openStackPrivateNetId }}", @@ -148,6 +159,7 @@ GLOBAL_INJECTED_PROPERTIES = { "GLOBAL_INJECTED_SO_REQDB_IP_ADDR" : "so-request-db-adapter.{{include "common.namespace" .}}", "GLOBAL_INJECTED_SO_SDNC_IP_ADDR" : "so-sdnc-adapter.{{include "common.namespace" .}}", "GLOBAL_INJECTED_SO_VFC_IP_ADDR" : "so-vfc-adapter.{{include "common.namespace" .}}", + "GLOBAL_INJECTED_SO_VNFM_IP_ADDR" : "so-vnfm-adapter.{{include "common.namespace" .}}", "GLOBAL_INJECTED_UBUNTU_1404_IMAGE" : "{{.Values.ubuntu14Image}}", "GLOBAL_INJECTED_UBUNTU_1604_IMAGE" : "{{.Values.ubuntu16Image}}", "GLOBAL_INJECTED_VM_IMAGE_NAME" : "{{ .Values.ubuntu14Image }}", diff --git a/kubernetes/sdc/charts/sdc-wfd-be/templates/_helper.tpl b/kubernetes/sdc/charts/sdc-wfd-be/templates/_helper.tpl new file mode 100644 index 0000000000..c69fb7c81c --- /dev/null +++ b/kubernetes/sdc/charts/sdc-wfd-be/templates/_helper.tpl @@ -0,0 +1,29 @@ +{{- define "sdc-wfd-be.volumes" }} + {{ if .Values.config.cassandraSSLEnabled }} + - name: {{ include "common.fullname" . }}-cassandra-client-truststore + hostPath: + path: /etc/cassandra-client-truststore/truststore + type: File + {{- end }} + {{ if .Values.config.serverSSLEnabled }} + - name: {{ include "common.fullname" . }}-server-https-keystore + hostPath: + path: /config/server-https-keystore/keystore + type: File + {{- end }} +{{- end }} + +{{- define "sdc-wfd-be.volumeMounts" }} + {{ if .Values.config.cassandraSSLEnabled }} + - name: {{ include "common.fullname" . }}-cassandra-client-truststore + mountPath: /etc/cassandra-client-truststore/truststore + subPath: truststore + readOnly: true + {{- end }} + {{ if .Values.config.serverSSLEnabled }} + - name: {{ include "common.fullname" . }}-server-https-keystore + mountPath: /etc/server-https-keystore/keystore + subPath: keystore + readOnly: true + {{- end }} +{{- end }}
\ No newline at end of file diff --git a/kubernetes/sdc/charts/sdc-wfd-be/templates/deployment.yaml b/kubernetes/sdc/charts/sdc-wfd-be/templates/deployment.yaml index 84285c4a29..bb96d342f7 100644 --- a/kubernetes/sdc/charts/sdc-wfd-be/templates/deployment.yaml +++ b/kubernetes/sdc/charts/sdc-wfd-be/templates/deployment.yaml @@ -54,6 +54,7 @@ spec: imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} ports: - containerPort: {{ .Values.service.internalPort }} + - containerPort: {{ .Values.service.internalPort2 }} # disable liveness probe when breakpoints set in debugger # so K8s doesn't restart unresponsive container {{ if .Values.liveness.enabled }} @@ -75,12 +76,20 @@ spec: value: "{{ .Values.config.cassandraHosts }}" - name: CS_PORT value: "{{ .Values.config.cassandraClientPort }}" + - name: CS_AUTHENTICATE + value: "{{ .Values.config.cassandraAuthenticationEnabled }}" - name: CS_USER valueFrom: secretKeyRef: {name: {{ .Release.Name }}-sdc-cs-secrets, key: sdc_user} - name: CS_PASSWORD valueFrom: secretKeyRef: {name: {{ .Release.Name }}-sdc-cs-secrets, key: sdc_password} + - name: CS_SSL_ENABLED + value: "{{ .Values.config.cassandraSSLEnabled }}" + - name: CS_TRUST_STORE_PATH + value: "{{ .Values.config.cassandraTrustStorePath }}" + - name: CS_TRUST_STORE_PASSWORD + value: "{{ .Values.config.cassandraTrustStorePassword }}" - name: SDC_PROTOCOL value: "{{ .Values.config.sdcProtocol }}" - name: SDC_ENDPOINT @@ -89,5 +98,17 @@ spec: value: "{{ .Values.config.sdcExternalUser }}" - name: SDC_PASSWORD value: "{{ .Values.config.sdcExternalUserPassword }}" + - name: SERVER_SSL_ENABLED + value: "{{ .Values.config.serverSSLEnabled }}" + - name: SERVER_SSL_KEYSTORE_TYPE + value: "{{ .Values.config.serverSSLKeyStoreType }}" + - name: SERVER_SSL_KEYSTORE_PATH + value: "{{ .Values.config.serverSSLKeyStorePath }}" + - name: SERVER_SSL_KEY_PASSWORD + value: "{{ .Values.config.serverSSLKeyPassword }}" + volumeMounts: + {{- template "sdc-wfd-be.volumeMounts" . }} + volumes: + {{- template "sdc-wfd-be.volumes" . }} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/sdc/charts/sdc-wfd-be/templates/job.yaml b/kubernetes/sdc/charts/sdc-wfd-be/templates/job.yaml index 2cfdacbe87..38f526d215 100644 --- a/kubernetes/sdc/charts/sdc-wfd-be/templates/job.yaml +++ b/kubernetes/sdc/charts/sdc-wfd-be/templates/job.yaml @@ -58,7 +58,7 @@ spec: - name: CS_PORT value: "{{ .Values.config.cassandraThriftClientPort }}" - name: CS_AUTHENTICATE - value: "{{ .Values.config.cassandaAuthenticationEnabled }}" + value: "{{ .Values.config.cassandraAuthenticationEnabled }}" - name: CS_USER valueFrom: secretKeyRef: {name: {{ .Release.Name }}-sdc-cs-secrets, key: sdc_user} diff --git a/kubernetes/sdc/charts/sdc-wfd-be/values.yaml b/kubernetes/sdc/charts/sdc-wfd-be/values.yaml index 8f41fbd669..63554369ed 100644 --- a/kubernetes/sdc/charts/sdc-wfd-be/values.yaml +++ b/kubernetes/sdc/charts/sdc-wfd-be/values.yaml @@ -40,7 +40,7 @@ initJob: config: javaOptions: "-Xdebug -agentlib:jdwp=transport=dt_socket,address=7001,server=y,suspend=n -Xmx1536m -Xms1536m" - cassandaAuthenticationEnabled: true + cassandraAuthenticationEnabled: true cassandraHosts: sdc-cs cassandraThriftClientPort: 9160 cassandraClientPort: 9042 @@ -48,6 +48,13 @@ config: sdcEndpoint: sdc-be:8080 sdcExternalUser: workflow sdcExternalUserPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U + serverSSLEnabled: false + serverSSLKeyStoreType: jks + serverSSLKeyStorePath: /etc/server-https-keystore/keystore + serverSSLKeyPassword: password + cassandraSSLEnabled: false + cassandraTrustStorePath: /etc/cassandra-client-truststore/truststore + cassandraTrustStorePassword: password # default number of instances replicaCount: 1 @@ -72,6 +79,8 @@ service: type: NodePort internalPort: 8080 externalPort: 8080 + internalPort2: 8443 + externalPort2: 8443 portName: sdc-wfd-be nodePort: "57" diff --git a/kubernetes/sdc/resources/config/environments/AUTO.json b/kubernetes/sdc/resources/config/environments/AUTO.json index bb5df2bf90..be9db4cd52 100755 --- a/kubernetes/sdc/resources/config/environments/AUTO.json +++ b/kubernetes/sdc/resources/config/environments/AUTO.json @@ -80,6 +80,7 @@ }, "cassandra": { + "cassandra_port": 9042, "concurrent_reads": "32", "num_tokens": "256", "data_dir": "/var/lib/cassandra/data", diff --git a/kubernetes/sdnc/resources/config/bin/startODL.sh b/kubernetes/sdnc/resources/config/bin/startODL.sh index d1b0c995d5..2513fc9dd4 100755 --- a/kubernetes/sdnc/resources/config/bin/startODL.sh +++ b/kubernetes/sdnc/resources/config/bin/startODL.sh @@ -20,17 +20,52 @@ # ============LICENSE_END========================================================= ### +# Append features to karaf boot feature configuration +# $1 additional feature to be added +# $2 repositories to be added (optional) +function addToFeatureBoot() { + CFG=$ODL_HOME/etc/org.apache.karaf.features.cfg + ORIG=$CFG.orig + if [ -n "$2" ] ; then + echo "Add repository: $2" + mv $CFG $ORIG + cat $ORIG | sed -e "\|featuresRepositories|s|$|,$2|" > $CFG + fi + echo "Add boot feature: $1" + mv $CFG $ORIG + cat $ORIG | sed -e "\|featuresBoot *=|s|$|,$1|" > $CFG +} + +# Append features to karaf boot feature configuration +# $1 search pattern +# $2 replacement +function replaceFeatureBoot() { + CFG=$ODL_HOME/etc/org.apache.karaf.features.cfg + ORIG=$CFG.orig + echo "Replace boot feature $1 with: $2" + sed -i "/featuresBoot/ s/$1/$2/g" $CFG +} + +function install_sdnrwt_features() { + addToFeatureBoot "$SDNRWT_BOOTFEATURES" $SDNRWT_REPOSITORY +} + function enable_odl_cluster(){ if [ -z $SDNC_REPLICAS ]; then echo "SDNC_REPLICAS is not configured in Env field" exit fi + #Be sure to remove feature odl-netconf-connector-all from list + replaceFeatureBoot "odl-netconf-connector-all," + echo "Installing Opendaylight cluster features" - mv $ODL_HOME/etc/org.apache.karaf.features.cfg $ODL_HOME/etc/org.apache.karaf.features.cfg.orig - cat $ODL_HOME/etc/org.apache.karaf.features.cfg.orig | sed -e "\|featuresBoot=config|s|$|,odl-mdsal-clustering,odl-jolokia|" > $ODL_HOME/etc/org.apache.karaf.features.cfg + replaceFeatureBoot odl-netconf-topology odl-netconf-clustered-topology + replaceFeatureBoot odl-mdsal-all odl-mdsal-all,odl-mdsal-clustering + addToFeatureBoot odl-jolokia #${ODL_HOME}/bin/client feature:install odl-mdsal-clustering #${ODL_HOME}/bin/client feature:install odl-jolokia + echo "Update cluster information statically" hm=$(hostname) @@ -80,6 +115,7 @@ function enable_odl_cluster(){ ODL_HOME=${ODL_HOME:-/opt/opendaylight/current} ODL_ADMIN_PASSWORD=${ODL_ADMIN_PASSWORD:-Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U} SDNC_HOME=${SDNC_HOME:-/opt/onap/sdnc} +SDNC_BIN=${SDNC_BIN:-/opt/onap/sdnc/bin} CCSDK_HOME=${CCSDK_HOME:-/opt/onap/ccsdk} SLEEP_TIME=${SLEEP_TIME:-120} MYSQL_PASSWD=${MYSQL_PASSWD:-{{.Values.config.dbRootPassword}}} @@ -87,6 +123,13 @@ MYSQL_HOST=${MYSQL_HOST:-{{.Release.Name}}-{{.Values.mysql.nameOverride}}-0.{{.V ENABLE_ODL_CLUSTER=${ENABLE_ODL_CLUSTER:-false} GEO_ENABLED=${GEO_ENABLED:-false} DBINIT_DIR=${DBINIT_DIR:-/opt/opendaylight/current/daexim} +SDNRWT=${SDNRWT:-false} +SDNRWT_BOOTFEATURES=${SDNRWT_BOOTFEATURES:-sdnr-wt-feature-aggregator} + +echo "Settings:" +echo " ENABLE_ODL_CLUSTER=$ENABLE_ODL_CLUSTER" +echo " SDNC_REPLICAS=$SDNC_REPLICAS" +echo " SDNRWT=$SDNRWT" # # Wait for database to init properly @@ -128,8 +171,15 @@ then if $ENABLE_ODL_CLUSTER ; then enable_odl_cluster ; fi + if $SDNRWT ; then install_sdnrwt_features ; fi + echo "Installed at `date`" > ${SDNC_HOME}/.installed fi +cp /opt/opendaylight/current/certs/* /tmp + +nohup python ${SDNC_BIN}/installCerts.py & + + exec ${ODL_HOME}/bin/karaf server diff --git a/kubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml index 807bfaba0a..92c5c78b5f 100755 --- a/kubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml +++ b/kubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml @@ -345,3 +345,8 @@ spring: username: mso_admin password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke' role: ACTUATOR +so: + vnfm: + adapter: + url: http://so-vnfm-adapter.{{ include "common.namespace" . }}:9092/so/vnfm-adapter/v1/ + auth: Basic dm5mbTpwYXNzd29yZDEk diff --git a/kubernetes/so/charts/so-openstack-adapter/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-openstack-adapter/resources/config/overrides/override.yaml index 592c390084..4b06a87695 100755 --- a/kubernetes/so/charts/so-openstack-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/charts/so-openstack-adapter/resources/config/overrides/override.yaml @@ -11,6 +11,8 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +aai: + auth: 2A11B07DB6214A839394AA1EC5844695F5114FC407FF5422625FB00175A3DCB8A1FF745F22867EFA72D5369D599BBD88DA8BED4233CF5586 server: port: {{ index .Values.containerPort }} spring: @@ -87,6 +89,8 @@ ecomp: mso: auth: D1A67FA93B6A6419132D0F83CC771AF774FD3C60853C50C22C8C6FC5088CC79E9E81EDE9EA39F22B2F66A0068E logPath: ./logs/openstack + msb-ip: msb-iag.{{ include "common.namespace" . }} + msb-port: 80 workflow: endpoint: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/sobpmnengine msoKey: 07a7159d3bf51a0e53be7a8f89699be7 @@ -97,6 +101,8 @@ mso: db: spring: endpoint: http://so-catalog-db-adapter.{{ include "common.namespace" . }}:8082 + aai: + endpoint: https://aai.{{ include "common.namespace" . }}:8443 db: auth: Basic YnBlbDpwYXNzd29yZDEk site-name: localDevEnv diff --git a/kubernetes/so/charts/so-vnfm-adapter/Chart.yaml b/kubernetes/so/charts/so-vnfm-adapter/Chart.yaml new file mode 100755 index 0000000000..80eda87e9a --- /dev/null +++ b/kubernetes/so/charts/so-vnfm-adapter/Chart.yaml @@ -0,0 +1,17 @@ +# Copyright © 2019 Nordix Foundation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: v1 +description: ONAP SO VNFM Adapter +name: so-vnfm-adapter +version: 4.0.0 diff --git a/kubernetes/so/charts/so-vnfm-adapter/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-vnfm-adapter/resources/config/overrides/override.yaml new file mode 100755 index 0000000000..0b52949103 --- /dev/null +++ b/kubernetes/so/charts/so-vnfm-adapter/resources/config/overrides/override.yaml @@ -0,0 +1,34 @@ +# Copyright © 2019 Nordix Foundation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +aai: + auth: 2A11B07DB6214A839394AA1EC5844695F5114FC407FF5422625FB00175A3DCB8A1FF745F22867EFA72D5369D599BBD88DA8BED4233CF5586 + version: v15 + endpoint: https://aai.{{ include "common.namespace" . }}:8443 +spring: + security: + usercredentials: + - username: vnfm + password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke' + role: BPEL-Client + - username: mso_admin + password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke' + role: ACTUATOR +server: + port: {{ index .Values.containerPort }} +mso: + key: 07a7159d3bf51a0e53be7a8f89699be7 + site-name: localSite + logPath: ./logs/vnfm-adapter + msb-ip: msb-iag.{{ include "common.namespace" . }} + msb-port: 80 diff --git a/kubernetes/cds/charts/controller-blueprints/templates/secrets.yaml b/kubernetes/so/charts/so-vnfm-adapter/templates/configmap.yaml index b4ab161809..fb26dcef09 100644..100755 --- a/kubernetes/cds/charts/controller-blueprints/templates/secrets.yaml +++ b/kubernetes/so/charts/so-vnfm-adapter/templates/configmap.yaml @@ -1,4 +1,4 @@ -# Copyright (c) 2018 Amdocs, Bell Canada +# Copyright © 2019 Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -11,19 +11,29 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - apiVersion: v1 -kind: Secret +data: + LOG_PATH: {{ index .Values.logPath }} + APP: {{ index .Values.app }} +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-configmap + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +--- +apiVersion: v1 +kind: ConfigMap metadata: - name: {{ include "common.fullname" . }} + name: {{ include "common.fullname" . }}-app-configmap namespace: {{ include "common.namespace" . }} labels: - app: {{ include "common.fullname" . }} + app: {{ include "common.name" . }} chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} -type: Opaque data: - db-root-password: {{ index .Values "mariadb-galera" "config" "mariadbRootPassword" | b64enc | quote }} - restUser: {{ .Values.config.restUser | b64enc | quote }} - restPassword: {{ .Values.config.restPassword | b64enc | quote }} +{{ tpl (.Files.Glob "resources/config/overrides/*").AsConfig . | indent 2 }} diff --git a/kubernetes/so/charts/so-vnfm-adapter/templates/deployment.yaml b/kubernetes/so/charts/so-vnfm-adapter/templates/deployment.yaml new file mode 100755 index 0000000000..b337cad687 --- /dev/null +++ b/kubernetes/so/charts/so-vnfm-adapter/templates/deployment.yaml @@ -0,0 +1,70 @@ +# Copyright © 2019 Nordix Foundation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.fullname" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} +spec: + replicas: {{ index .Values.replicaCount }} + minReadySeconds: {{ index .Values.minReadySeconds }} + strategy: + type: {{ index .Values.updateStrategy.type }} + rollingUpdate: + maxUnavailable: {{ index .Values.updateStrategy.maxUnavailable }} + maxSurge: {{ index .Values.updateStrategy.maxSurge }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + containers: + - name: {{ include "common.name" . }} + image: {{ include "common.repository" . }}/{{ .Values.image }} + resources: +{{ include "common.resources" . | indent 12 }} + envFrom: + - configMapRef: + name: {{ include "common.fullname" . }}-configmap + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - name: logs + mountPath: /app/logs + - name: config + mountPath: /app/config + readOnly: true + livenessProbe: + tcpSocket: + port: {{ index .Values.livenessProbe.port }} + initialDelaySeconds: {{ index .Values.livenessProbe.initialDelaySeconds}} + periodSeconds: {{ index .Values.livenessProbe.periodSeconds}} + successThreshold: {{ index .Values.livenessProbe.successThreshold}} + failureThreshold: {{ index .Values.livenessProbe.failureThreshold}} + ports: + - containerPort: {{ index .Values.containerPort }} + name: {{ .Values.service.portName }} + protocol: TCP + volumes: + - name: logs + emptyDir: {} + - name: config + configMap: + name: {{ include "common.fullname" . }}-app-configmap + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/so/charts/so-vnfm-adapter/templates/service.yaml b/kubernetes/so/charts/so-vnfm-adapter/templates/service.yaml new file mode 100755 index 0000000000..7a8241223f --- /dev/null +++ b/kubernetes/so/charts/so-vnfm-adapter/templates/service.yaml @@ -0,0 +1,49 @@ +# Copyright © 2019 Nordix Foundation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + annotations: + msb.onap.org/service-info: '[ + { + "serviceName": "{{ include "common.servicename" . }}", + "version": "v1", + "url": "/so/vnfm-adapter/v1", + "protocol": "REST", + "port": "{{.Values.service.externalPort}}", + "visualRange":"1" + } + ]' +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} diff --git a/kubernetes/so/charts/so-vnfm-adapter/values.yaml b/kubernetes/so/charts/so-vnfm-adapter/values.yaml new file mode 100755 index 0000000000..cc0450186c --- /dev/null +++ b/kubernetes/so/charts/so-vnfm-adapter/values.yaml @@ -0,0 +1,77 @@ +# Copyright © 2019 Nordix Foundation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefixExt: 304 + repository: nexus3.onap.org:10001 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + persistence: + mountPath: /dockerdata-nfs + +################################################################# +# Application configuration defaults. +################################################################# +repository: nexus3.onap.org:10001 +image: onap/so/vnfm-adapter:1.4.0 +pullPolicy: Always + +replicaCount: 1 +minReadySeconds: 10 +containerPort: 9092 +logPath: ./logs/vnfm-adapter/ +app: vnfm-adapter +service: + type: NodePort + internalPort: 9092 + externalPort: 9092 + nodePort: "06" + portName: so-vnfm-port +updateStrategy: + type: RollingUpdate + maxUnavailable: 1 + maxSurge: 1 +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + memory: 4Gi + cpu: 2000m + requests: + memory: 1Gi + cpu: 500m + large: + limits: + memory: 8Gi + cpu: 4000m + requests: + memory: 2Gi + cpu: 1000m + unlimited: {} +livenessProbe: + port: 9092 + initialDelaySeconds: 600 + periodSeconds: 60 + timeoutSeconds: 10 + successThreshold: 1 + failureThreshold: 3 +ingress: + enabled: false +nodeSelector: {} +tolerations: [] +affinity: {} diff --git a/kubernetes/so/resources/config/overrides/override.yaml b/kubernetes/so/resources/config/overrides/override.yaml index 44efb4de48..b5b4f355b7 100755 --- a/kubernetes/so/resources/config/overrides/override.yaml +++ b/kubernetes/so/resources/config/overrides/override.yaml @@ -49,6 +49,8 @@ mso: aai: endpoint: https://aai.{{ include "common.namespace" . }}:8443 auth: 6E081E10B1CA43A843E303733A74D9B23B601A6E22A21C7EF2C7F15A42F81A1A4E85E65268C2661F71321052C7F3E55B96A8E1E951F8BF6F + extApi: + endpoint: http://nbi.onap:8080/nbi/api/v3 so: operational-environment: dmaap: |